regression-tests.recursor-dnssec/test_Additionals.py

   1 import dns
   2 import os
   3 from recursortests import RecursorTest
   4
   5 class testAdditionalsDefault(RecursorTest):
   6     _confdir = 'AdditionalsDefault'
   7
   8     _config_template = """
   9     dnssec=validate
  10     disable-packetcache
  11     """
  12     _lua_config_file = """
  13     addAllowedAdditionalQType(pdns.MX, {pdns.A, pdns.AAAA})
  14     """
  15
  16     def testMX(self):
  17         expected = dns.rrset.from_text('secure.example.', 0, dns.rdataclass.IN, 'MX', '10 mx1.secure.example.', '20 mx2.secure.example.')
  18         adds1 = dns.rrset.from_text('mx1.secure.example.', 0, dns.rdataclass.IN, 'A', '192.0.2.18')
  19         adds2 = dns.rrset.from_text('mx2.secure.example.', 0, dns.rdataclass.IN, 'AAAA', '1::2')
  20         query1 = dns.message.make_query('secure.example', 'MX', want_dnssec=True)
  21         query1.flags |= dns.flags.AD
  22         query2 = dns.message.make_query('mx1.secure.example', 'A', want_dnssec=True)
  23         query2.flags |= dns.flags.AD
  24         query3 = dns.message.make_query('mx2.secure.example', 'AAAA', want_dnssec=True)
  25         query3.flags |= dns.flags.AD
  26
  27         res = self.sendUDPQuery(query1)
  28         self.assertMessageIsAuthenticated(res)
  29         self.assertRRsetInAnswer(res, expected)
  30         self.assertMatchingRRSIGInAnswer(res, expected)
  31         self.assertAdditionalEmpty(res)
  32         # fill the cache
  33         res = self.sendUDPQuery(query2)
  34         res = self.sendUDPQuery(query3)
  35         # query 1 again
  36         res = self.sendUDPQuery(query1)
  37         self.assertMessageIsAuthenticated(res)
  38         self.assertRRsetInAnswer(res, expected)
  39         self.assertMatchingRRSIGInAnswer(res, expected)
  40         self.assertRRsetInAdditional(res, adds1)
  41         self.assertRRsetInAdditional(res, adds2)
  42
  43 class testAdditionalsResolveImmediately(RecursorTest):
  44     _confdir = 'AdditionalsResolveImmediately'
  45     _config_template = """
  46     dnssec=validate
  47     disable-packetcache
  48     """
  49     _lua_config_file = """
  50     addAllowedAdditionalQType(pdns.MX, {pdns.A, pdns.AAAA}, { mode = pdns.AdditionalMode.ResolveImmediately})
  51     addAllowedAdditionalQType(pdns.NAPTR, {pdns.A, pdns.AAAA, pdns.SRV}, { mode = pdns.AdditionalMode.ResolveImmediately})
  52     addAllowedAdditionalQType(pdns.SRV, {pdns.A, pdns.AAAA}, { mode = pdns.AdditionalMode.ResolveImmediately})
  53     """
  54
  55     def testMX(self):
  56         expected = dns.rrset.from_text('secure.example.', 0, dns.rdataclass.IN, 'MX', '10 mx1.secure.example.', '20 mx2.secure.example.')
  57         adds1 = dns.rrset.from_text('mx1.secure.example.', 0, dns.rdataclass.IN, 'A', '192.0.2.18')
  58         adds2 = dns.rrset.from_text('mx2.secure.example.', 0, dns.rdataclass.IN, 'AAAA', '1::2')
  59         query1 = dns.message.make_query('secure.example', 'MX', want_dnssec=True)
  60         query1.flags |= dns.flags.AD
  61
  62         res = self.sendUDPQuery(query1)
  63         self.assertMessageIsAuthenticated(res)
  64         self.assertRRsetInAnswer(res, expected)
  65         self.assertMatchingRRSIGInAnswer(res, expected)
  66         self.assertRRsetInAdditional(res, adds1)
  67         self.assertRRsetInAdditional(res, adds2)
  68         self.assertMatchingRRSIGInAdditional(res, adds1)
  69         self.assertMatchingRRSIGInAdditional(res, adds2)
  70
  71     def testNAPTR(self):
  72         exp = dns.rrset.from_text('naptr.secure.example.', 0, dns.rdataclass.IN, 'NAPTR',
  73                                    '10 10 "s" "Z" "C" service2.secure.example.',
  74                                    '10 10 "s" "Y" "B" service1.secure.example.',
  75                                    '10 10 "a" "X" "A" s1.secure.example.');
  76         adds1 = dns.rrset.from_text('s1.secure.example.', 0, dns.rdataclass.IN, 'A', '192.0.2.19')
  77         adds2 = dns.rrset.from_text('service1.secure.example.', 0, dns.rdataclass.IN, 'SRV', '20 100 8080 a.secure.example.')
  78         adds3 = dns.rrset.from_text('service2.secure.example.', 0, dns.rdataclass.IN, 'SRV', '20 100 8080 b.secure.example.')
  79         adds4 = dns.rrset.from_text('a.secure.example.', 0, dns.rdataclass.IN, 'A', '192.0.2.20', '192.0.2.22')
  80         adds5 = dns.rrset.from_text('b.secure.example.', 0, dns.rdataclass.IN, 'A', '192.0.2.21')
  81         adds6 = dns.rrset.from_text('b.secure.example.', 0, dns.rdataclass.IN, 'AAAA', '1::3')
  82         adds7 = dns.rrset.from_text('s1.secure.example.', 0, dns.rdataclass.IN, 'A', '192.0.2.19')
  83
  84         query1 = dns.message.make_query('naptr.secure.example', 'NAPTR', want_dnssec=True)
  85         query1.flags |= dns.flags.AD
  86         res = self.sendUDPQuery(query1)
  87         self.assertMessageIsAuthenticated(res)
  88         self.assertRRsetInAnswer(res, exp)
  89         self.assertMatchingRRSIGInAnswer(res, exp)
  90         self.assertRRsetInAdditional(res, adds1)
  91         self.assertMatchingRRSIGInAdditional(res, adds1)
  92         self.assertRRsetInAdditional(res, adds2)
  93         self.assertMatchingRRSIGInAdditional(res, adds2)
  94         self.assertRRsetInAdditional(res, adds3)
  95         self.assertMatchingRRSIGInAdditional(res, adds3)
  96         self.assertRRsetInAdditional(res, adds4)
  97         self.assertMatchingRRSIGInAdditional(res, adds4)
  98         self.assertRRsetInAdditional(res, adds5)
  99         self.assertMatchingRRSIGInAdditional(res, adds5)
 100         self.assertRRsetInAdditional(res, adds6)
 101         self.assertMatchingRRSIGInAdditional(res, adds6)
 102         self.assertRRsetInAdditional(res, adds7)
 103         self.assertMatchingRRSIGInAdditional(res, adds7)
 104
 105 class testAdditionalsResolveCacheOnly(RecursorTest):
 106     _confdir = 'AdditionalsResolveCacheOnly'
 107     _config_template = """
 108     dnssec=validate
 109     disable-packetcache
 110     """
 111     _lua_config_file = """
 112     addAllowedAdditionalQType(pdns.MX, {pdns.A, pdns.AAAA}, { mode = pdns.AdditionalMode.ResolveImmediately})
 113     """
 114
 115     def testMX(self):
 116         expected = dns.rrset.from_text('secure.example.', 0, dns.rdataclass.IN, 'MX', '10 mx1.secure.example.', '20 mx2.secure.example.')
 117         adds1 = dns.rrset.from_text('mx1.secure.example.', 0, dns.rdataclass.IN, 'A', '192.0.2.18')
 118         adds2 = dns.rrset.from_text('mx2.secure.example.', 0, dns.rdataclass.IN, 'AAAA', '1::2')
 119         query1 = dns.message.make_query('secure.example', 'MX', want_dnssec=True)
 120         query1.flags |= dns.flags.AD
 121
 122         res = self.sendUDPQuery(query1)
 123         self.assertMessageIsAuthenticated(res)
 124         self.assertRRsetInAnswer(res, expected)
 125         self.assertMatchingRRSIGInAnswer(res, expected)
 126         self.assertRRsetInAdditional(res, adds1)
 127         self.assertRRsetInAdditional(res, adds2)
 128         self.assertMatchingRRSIGInAdditional(res, adds1)
 129         self.assertMatchingRRSIGInAdditional(res, adds2)
 130