]>
Commit | Line | Data |
---|---|---|
1a37f439 OM |
1 | import dns |
2 | import os | |
3 | from recursortests import RecursorTest | |
4 | ||
5 | class testRDNotAllowed(RecursorTest): | |
6 | _confdir = 'RDFlagNotAllowed' | |
7 | ||
8 | _config_template = """ | |
9 | """ | |
10 | def testRD0(self): | |
11 | query = dns.message.make_query('ns.secure.example', 'A', want_dnssec=True) | |
12 | query.flags |= dns.flags.AD | |
13 | query.flags &= ~dns.flags.RD | |
14 | ||
15 | res = self.sendUDPQuery(query) | |
16 | ||
17 | self.assertRcodeEqual(res, dns.rcode.REFUSED) | |
18 | self.assertAnswerEmpty(res) | |
19 | ||
20 | class testRDAllowed(RecursorTest): | |
21 | _confdir = 'RDFlagAllowed' | |
22 | ||
23 | _config_template = """ | |
24 | disable-packetcache=yes | |
25 | allow-no-rd=yes | |
26 | """ | |
27 | def testRD0(self): | |
28 | expected = dns.rrset.from_text('ns.secure.example.', 0, dns.rdataclass.IN, 'A', '{prefix}.9'.format(prefix=self._PREFIX)) | |
29 | query = dns.message.make_query('ns.secure.example', 'A', want_dnssec=True) | |
30 | query.flags |= dns.flags.AD | |
31 | query.flags &= ~dns.flags.RD | |
32 | ||
33 | # First time empty answer | |
34 | res = self.sendUDPQuery(query) | |
35 | self.assertRcodeEqual(res, dns.rcode.NOERROR) | |
36 | self.assertAnswerEmpty(res) | |
37 | ||
38 | # Second time with RD=1 fills the record cache | |
39 | query.flags |= dns.flags.RD | |
40 | ||
41 | res = self.sendUDPQuery(query) | |
42 | self.assertRcodeEqual(res, dns.rcode.NOERROR) | |
43 | self.assertMessageIsAuthenticated(res) | |
44 | self.assertRRsetInAnswer(res, expected) | |
45 | self.assertMatchingRRSIGInAnswer(res, expected) | |
46 | ||
47 | # Third time with RD=0 retrieves record cache content | |
48 | query.flags &= ~dns.flags.RD | |
49 | ||
50 | res = self.sendUDPQuery(query) | |
51 | self.assertMessageIsAuthenticated(res) | |
52 | self.assertRRsetInAnswer(res, expected) | |
53 | self.assertMatchingRRSIGInAnswer(res, expected) |