]>
Commit | Line | Data |
---|---|---|
faa3b298 PL |
1 | import dns |
2 | from recursortests import RecursorTest | |
3 | ||
4 | class testSimple(RecursorTest): | |
5 | _confdir = 'NTA' | |
6 | ||
7 | _config_template = """dnssec=validate""" | |
8 | _lua_config_file = """addNTA("bogus.example")""" | |
9 | ||
10 | def testDirectNTA(self): | |
11 | """Ensure a direct query to a bogus name with an NTA is Insecure""" | |
12 | ||
13 | msg = dns.message.make_query("ted.bogus.example.", dns.rdatatype.A) | |
14 | msg.flags = dns.flags.from_text('AD RD') | |
15 | msg.use_edns(edns=0, ednsflags=dns.flags.edns_from_text('DO')) | |
16 | ||
17 | res = self.sendUDPQuery(msg) | |
18 | ||
19 | self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'], ['DO']) | |
20 | self.assertRcodeEqual(res, dns.rcode.NOERROR) | |
21 | ||
22 | def testCNAMENTA(self): | |
23 | """Ensure a CNAME from a secure zone to a bogus one with an NTA is Insecure""" | |
24 | msg = dns.message.make_query("cname-to-bogus.secure.example.", dns.rdatatype.A) | |
25 | msg.flags = dns.flags.from_text('AD RD') | |
26 | msg.use_edns(edns=0, ednsflags=dns.flags.edns_from_text('DO')) | |
27 | ||
28 | res = self.sendUDPQuery(msg) | |
29 | ||
30 | self.assertMessageHasFlags(res, ['QR', 'RA', 'RD'], ['DO']) | |
31 | self.assertRcodeEqual(res, dns.rcode.NOERROR) |