From: Remi Gacogne Date: Thu, 28 May 2020 16:54:20 +0000 (+0200) Subject: rec: Add a regression test for the RPZ updates with several deltas X-Git-Tag: dnsdist-1.5.0-rc3~33^2 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=ba5f46ae28b9502294424aaa90ff9dad729de757;p=thirdparty%2Fpdns.git rec: Add a regression test for the RPZ updates with several deltas --- diff --git a/regression-tests.recursor-dnssec/test_RPZ.py b/regression-tests.recursor-dnssec/test_RPZ.py index 8341a8cd5a..593db43768 100644 --- a/regression-tests.recursor-dnssec/test_RPZ.py +++ b/regression-tests.recursor-dnssec/test_RPZ.py @@ -28,7 +28,7 @@ class RPZServer(object): return False if newSerial != self._currentSerial + 1: - raise AssertionError("Asking the RPZ server to server serial %d, already serving %d" % (newSerial, self._currentSerial)) + raise AssertionError("Asking the RPZ server to serve serial %d, already serving %d" % (newSerial, self._currentSerial)) self._targetSerial = newSerial return True @@ -136,12 +136,27 @@ class RPZServer(object): dns.rrset.from_text('zone.rpz.', 60, dns.rdataclass.IN, dns.rdatatype.SOA, 'ns.zone.rpz. hostmaster.zone.rpz. %d 3600 3600 3600 1' % newSerial) ] elif newSerial == 10: - # full AXFR to make sure we are removing the duplicate, adding a record, to the that the update was correctly applied + # full AXFR to make sure we are removing the duplicate, adding a record, to check that the update was correctly applied records = [ dns.rrset.from_text('zone.rpz.', 60, dns.rdataclass.IN, dns.rdatatype.SOA, 'ns.zone.rpz. hostmaster.zone.rpz. %d 3600 3600 3600 1' % newSerial), dns.rrset.from_text('f.example.zone.rpz.', 60, dns.rdataclass.IN, dns.rdatatype.A, '192.0.2.1'), dns.rrset.from_text('zone.rpz.', 60, dns.rdataclass.IN, dns.rdatatype.SOA, 'ns.zone.rpz. hostmaster.zone.rpz. %d 3600 3600 3600 1' % newSerial) ] + elif newSerial == 11: + # IXFR with two deltas, the first one adding a 'g' and the second one removing 'f' + records = [ + dns.rrset.from_text('zone.rpz.', 60, dns.rdataclass.IN, dns.rdatatype.SOA, 'ns.zone.rpz. hostmaster.zone.rpz. %d 3600 3600 3600 1' % (newSerial + 1)), + dns.rrset.from_text('zone.rpz.', 60, dns.rdataclass.IN, dns.rdatatype.SOA, 'ns.zone.rpz. hostmaster.zone.rpz. %d 3600 3600 3600 1' % oldSerial), + dns.rrset.from_text('zone.rpz.', 60, dns.rdataclass.IN, dns.rdatatype.SOA, 'ns.zone.rpz. hostmaster.zone.rpz. %d 3600 3600 3600 1' % newSerial), + dns.rrset.from_text('g.example.zone.rpz.', 60, dns.rdataclass.IN, dns.rdatatype.A, '192.0.2.1'), + dns.rrset.from_text('zone.rpz.', 60, dns.rdataclass.IN, dns.rdatatype.SOA, 'ns.zone.rpz. hostmaster.zone.rpz. %d 3600 3600 3600 1' % newSerial), + dns.rrset.from_text('f.example.zone.rpz.', 60, dns.rdataclass.IN, dns.rdatatype.A, '192.0.2.1'), + dns.rrset.from_text('zone.rpz.', 60, dns.rdataclass.IN, dns.rdatatype.SOA, 'ns.zone.rpz. hostmaster.zone.rpz. %d 3600 3600 3600 1' % (newSerial + 1)), + dns.rrset.from_text('zone.rpz.', 60, dns.rdataclass.IN, dns.rdatatype.SOA, 'ns.zone.rpz. hostmaster.zone.rpz. %d 3600 3600 3600 1' % (newSerial + 1)) + ] + # this one has two updates in one + newSerial = newSerial + 1 + self._targetSerial = self._targetSerial + 1 response.answer = records return (newSerial, response) @@ -490,6 +505,21 @@ e 3600 IN A 192.0.2.42 self.checkNXD('tc.example.') self.checkNXD('drop.example.') + # the next update will update the zone twice + rpzServer.moveToSerial(11) + time.sleep(3) + self.waitUntilCorrectSerialIsLoaded(12) + self.checkRPZStats(12, 1, 4, self._xfrDone) + self.checkNotBlocked('a.example.') + self.checkNotBlocked('b.example.') + self.checkNotBlocked('c.example.') + self.checkNotBlocked('d.example.') + self.checkNotBlocked('e.example.') + self.checkNXD('f.example.') + self.checkBlocked('g.example.') + self.checkNXD('tc.example.') + self.checkNXD('drop.example.') + class RPZFileRecursorTest(RPZRecursorTest): """ This test makes sure that we correctly load RPZ zones from a file