[thirdparty/systemd.git] / src / resolve / test-dnssec-complex.c

/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/

/***
  This file is part of systemd.

  Copyright 2016 Lennart Poettering

  systemd is free software; you can redistribute it and/or modify it
  under the terms of the GNU Lesser General Public License as published by
  the Free Software Foundation; either version 2.1 of the License, or
  (at your option) any later version.

  systemd is distributed in the hope that it will be useful, but
  WITHOUT ANY WARRANTY; without even the implied warranty of
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  Lesser General Public License for more details.

  You should have received a copy of the GNU Lesser General Public License
  along with systemd; If not, see <http://www.gnu.org/licenses/>.
***/

#include <netinet/ip.h>

#include "sd-bus.h"

#include "af-list.h"
#include "alloc-util.h"
#include "bus-common-errors.h"
#include "dns-type.h"
#include "random-util.h"
#include "string-util.h"
#include "time-util.h"

#define DNS_CALL_TIMEOUT_USEC (45*USEC_PER_SEC)

static void prefix_random(const char *name, char **ret) {
        uint64_t i, u;
        char *m = NULL;

        u = 1 + (random_u64() & 3);

        for (i = 0; i < u; i++) {
                _cleanup_free_ char *b = NULL;
                char *x;

                assert_se(asprintf(&b, "x%" PRIu64 "x", random_u64()));
                x = strjoin(b, ".", name, NULL);
                assert_se(x);

                free(m);
                m = x;
        }

        *ret = m;
 }

static void test_rr_lookup(sd_bus *bus, const char *name, uint16_t type, const char *result) {
        _cleanup_(sd_bus_message_unrefp) sd_bus_message *req = NULL, *reply = NULL;
        _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
        _cleanup_free_ char *m = NULL;
        int r;

        /* If the name starts with a dot, we prefix one to three random labels */
        if (startswith(name, ".")) {
                prefix_random(name + 1, &m);
                name = m;
        }

        assert_se(sd_bus_message_new_method_call(
                                  bus,
                                  &req,
                                  "org.freedesktop.resolve1",
                                  "/org/freedesktop/resolve1",
                                  "org.freedesktop.resolve1.Manager",
                                  "ResolveRecord") >= 0);

        assert_se(sd_bus_message_append(req, "isqqt", 0, name, DNS_CLASS_IN, type, UINT64_C(0)) >= 0);

        r = sd_bus_call(bus, req, DNS_CALL_TIMEOUT_USEC, &error, &reply);

        if (r < 0) {
                assert_se(result);
                assert_se(sd_bus_error_has_name(&error, result));
                log_info("[OK] %s/%s resulted in <%s>.", name, dns_type_to_string(type), error.name);
        } else {
                assert_se(!result);
                log_info("[OK] %s/%s succeeded.", name, dns_type_to_string(type));
        }
}

static void test_hostname_lookup(sd_bus *bus, const char *name, int family, const char *result) {
        _cleanup_(sd_bus_message_unrefp) sd_bus_message *req = NULL, *reply = NULL;
        _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
        _cleanup_free_ char *m = NULL;
        const char *af;
        int r;

        af = family == AF_UNSPEC ? "AF_UNSPEC" : af_to_name(family);

        /* If the name starts with a dot, we prefix one to three random labels */
        if (startswith(name, ".")) {
                prefix_random(name + 1, &m);
                name = m;
        }

        assert_se(sd_bus_message_new_method_call(
                                  bus,
                                  &req,
                                  "org.freedesktop.resolve1",
                                  "/org/freedesktop/resolve1",
                                  "org.freedesktop.resolve1.Manager",
                                  "ResolveHostname") >= 0);

        assert_se(sd_bus_message_append(req, "isit", 0, name, family, UINT64_C(0)) >= 0);

        r = sd_bus_call(bus, req, DNS_CALL_TIMEOUT_USEC, &error, &reply);

        if (r < 0) {
                assert_se(result);
                assert_se(sd_bus_error_has_name(&error, result));
                log_info("[OK] %s/%s resulted in <%s>.", name, af, error.name);
        } else {
                assert_se(!result);
                log_info("[OK] %s/%s succeeded.", name, af);
        }

}

int main(int argc, char* argv[]) {
        _cleanup_(sd_bus_flush_close_unrefp) sd_bus *bus = NULL;

        /* Note that this is a manual test as it requires:
         *
         *    Full network access
         *    A DNSSEC capable DNS server
         *    That zones contacted are still set up as they were when I wrote this.
         */

        assert_se(sd_bus_open_system(&bus) >= 0);

        /* Normally signed */
        test_rr_lookup(bus, "www.eurid.eu", DNS_TYPE_A, NULL);
        test_hostname_lookup(bus, "www.eurid.eu", AF_UNSPEC, NULL);

        test_rr_lookup(bus, "sigok.verteiltesysteme.net", DNS_TYPE_A, NULL);
        test_hostname_lookup(bus, "sigok.verteiltesysteme.net", AF_UNSPEC, NULL);

        /* Normally signed, NODATA */
        test_rr_lookup(bus, "www.eurid.eu", DNS_TYPE_RP, BUS_ERROR_NO_SUCH_RR);
        test_rr_lookup(bus, "sigok.verteiltesysteme.net", DNS_TYPE_RP, BUS_ERROR_NO_SUCH_RR);

        /* Invalid signature */
        test_rr_lookup(bus, "sigfail.verteiltesysteme.net", DNS_TYPE_A, BUS_ERROR_DNSSEC_FAILED);
        test_hostname_lookup(bus, "sigfail.verteiltesysteme.net", AF_INET, BUS_ERROR_DNSSEC_FAILED);

        /* Invalid signature, RSA, wildcard */
        test_rr_lookup(bus, ".wilda.rhybar.0skar.cz", DNS_TYPE_A, BUS_ERROR_DNSSEC_FAILED);
        test_hostname_lookup(bus, ".wilda.rhybar.0skar.cz", AF_INET, BUS_ERROR_DNSSEC_FAILED);

        /* Invalid signature, ECDSA, wildcard */
        test_rr_lookup(bus, ".wilda.rhybar.ecdsa.0skar.cz", DNS_TYPE_A, BUS_ERROR_DNSSEC_FAILED);
        test_hostname_lookup(bus, ".wilda.rhybar.ecdsa.0skar.cz", AF_INET, BUS_ERROR_DNSSEC_FAILED);

        /* NXDOMAIN in NSEC domain */
        test_rr_lookup(bus, "hhh.nasa.gov", DNS_TYPE_A, _BUS_ERROR_DNS "NXDOMAIN");
        test_hostname_lookup(bus, "hhh.nasa.gov", AF_UNSPEC, _BUS_ERROR_DNS "NXDOMAIN");

        /* wildcard, NSEC zone */
        test_rr_lookup(bus, ".wilda.nsec.0skar.cz", DNS_TYPE_A, NULL);
        test_hostname_lookup(bus, ".wilda.nsec.0skar.cz", AF_INET, NULL);

        /* wildcard, NSEC zone, NODATA */
        test_rr_lookup(bus, ".wilda.nsec.0skar.cz", DNS_TYPE_RP, BUS_ERROR_NO_SUCH_RR);

        /* wildcard, NSEC3 zone */
        test_rr_lookup(bus, ".wilda.0skar.cz", DNS_TYPE_A, NULL);
        test_hostname_lookup(bus, ".wilda.0skar.cz", AF_INET, NULL);

        /* wildcard, NSEC3 zone, NODATA */
        test_rr_lookup(bus, ".wilda.0skar.cz", DNS_TYPE_RP, BUS_ERROR_NO_SUCH_RR);

        /* wildcard, NSEC zone, CNAME */
        test_rr_lookup(bus, ".wild.nsec.0skar.cz", DNS_TYPE_A, NULL);
        test_hostname_lookup(bus, ".wild.nsec.0skar.cz", AF_UNSPEC, NULL);
        test_hostname_lookup(bus, ".wild.nsec.0skar.cz", AF_INET, NULL);

        /* wildcard, NSEC zone, NODATA, CNAME */
        test_rr_lookup(bus, ".wild.nsec.0skar.cz", DNS_TYPE_RP, BUS_ERROR_NO_SUCH_RR);

        /* wildcard, NSEC3 zone, CNAME */
        test_rr_lookup(bus, ".wild.0skar.cz", DNS_TYPE_A, NULL);
        test_hostname_lookup(bus, ".wild.0skar.cz", AF_UNSPEC, NULL);
        test_hostname_lookup(bus, ".wild.0skar.cz", AF_INET, NULL);

        /* wildcard, NSEC3 zone, NODATA, CNAME */
        test_rr_lookup(bus, ".wild.0skar.cz", DNS_TYPE_RP, BUS_ERROR_NO_SUCH_RR);

        /* NODATA due to empty non-terminal in NSEC domain */
        test_rr_lookup(bus, "herndon.nasa.gov", DNS_TYPE_A, BUS_ERROR_NO_SUCH_RR);
        test_hostname_lookup(bus, "herndon.nasa.gov", AF_UNSPEC, BUS_ERROR_NO_SUCH_RR);
        test_hostname_lookup(bus, "herndon.nasa.gov", AF_INET, BUS_ERROR_NO_SUCH_RR);
        test_hostname_lookup(bus, "herndon.nasa.gov", AF_INET6, BUS_ERROR_NO_SUCH_RR);

        /* NXDOMAIN in NSEC root zone: */
        test_rr_lookup(bus, "jasdhjas.kjkfgjhfjg", DNS_TYPE_A, _BUS_ERROR_DNS "NXDOMAIN");
        test_hostname_lookup(bus, "jasdhjas.kjkfgjhfjg", AF_UNSPEC, _BUS_ERROR_DNS "NXDOMAIN");
        test_hostname_lookup(bus, "jasdhjas.kjkfgjhfjg", AF_INET, _BUS_ERROR_DNS "NXDOMAIN");
        test_hostname_lookup(bus, "jasdhjas.kjkfgjhfjg", AF_INET6, _BUS_ERROR_DNS "NXDOMAIN");

        /* NXDOMAIN in NSEC3 .com zone: */
        test_rr_lookup(bus, "kjkfgjhfjgsdfdsfd.com", DNS_TYPE_A, _BUS_ERROR_DNS "NXDOMAIN");
        test_hostname_lookup(bus, "kjkfgjhfjgsdfdsfd.com", AF_INET, _BUS_ERROR_DNS "NXDOMAIN");
        test_hostname_lookup(bus, "kjkfgjhfjgsdfdsfd.com", AF_INET6, _BUS_ERROR_DNS "NXDOMAIN");
        test_hostname_lookup(bus, "kjkfgjhfjgsdfdsfd.com", AF_UNSPEC, _BUS_ERROR_DNS "NXDOMAIN");

        /* Unsigned A */
        test_rr_lookup(bus, "poettering.de", DNS_TYPE_A, NULL);
        test_rr_lookup(bus, "poettering.de", DNS_TYPE_AAAA, NULL);
        test_hostname_lookup(bus, "poettering.de", AF_UNSPEC, NULL);
        test_hostname_lookup(bus, "poettering.de", AF_INET, NULL);
        test_hostname_lookup(bus, "poettering.de", AF_INET6, NULL);

#if HAVE_LIBIDN
        /* Unsigned A with IDNA conversion necessary */
        test_hostname_lookup(bus, "pöttering.de", AF_UNSPEC, NULL);
        test_hostname_lookup(bus, "pöttering.de", AF_INET, NULL);
        test_hostname_lookup(bus, "pöttering.de", AF_INET6, NULL);
#endif

        /* DNAME, pointing to NXDOMAIN */
        test_rr_lookup(bus, ".ireallyhpoethisdoesnexist.xn--kprw13d.", DNS_TYPE_A, _BUS_ERROR_DNS "NXDOMAIN");
        test_rr_lookup(bus, ".ireallyhpoethisdoesnexist.xn--kprw13d.", DNS_TYPE_RP, _BUS_ERROR_DNS "NXDOMAIN");
        test_hostname_lookup(bus, ".ireallyhpoethisdoesntexist.xn--kprw13d.", AF_UNSPEC, _BUS_ERROR_DNS "NXDOMAIN");
        test_hostname_lookup(bus, ".ireallyhpoethisdoesntexist.xn--kprw13d.", AF_INET, _BUS_ERROR_DNS "NXDOMAIN");
        test_hostname_lookup(bus, ".ireallyhpoethisdoesntexist.xn--kprw13d.", AF_INET6, _BUS_ERROR_DNS "NXDOMAIN");

        return 0;
}
Commit	Line	Data
412577e3 LP	1	/-- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil --/
	2
	3	/***
	4	This file is part of systemd.
	5
	6	Copyright 2016 Lennart Poettering
	7
	8	systemd is free software; you can redistribute it and/or modify it
	9	under the terms of the GNU Lesser General Public License as published by
	10	the Free Software Foundation; either version 2.1 of the License, or
	11	(at your option) any later version.
	12
	13	systemd is distributed in the hope that it will be useful, but
	14	WITHOUT ANY WARRANTY; without even the implied warranty of
	15	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
	16	Lesser General Public License for more details.
	17
	18	You should have received a copy of the GNU Lesser General Public License
	19	along with systemd; If not, see <http://www.gnu.org/licenses/>.
	20	***/
	21
12634bb4 LP	22	#include <netinet/ip.h>
12634bb4 LP	23
412577e3 LP	24	#include "sd-bus.h"
412577e3 LP	25
12634bb4	26	#include "af-list.h"
412577e3 LP	27	#include "alloc-util.h"
	28	#include "bus-common-errors.h"
	29	#include "dns-type.h"
	30	#include "random-util.h"
	31	#include "string-util.h"
	32	#include "time-util.h"
	33
	34	#define DNS_CALL_TIMEOUT_USEC (45*USEC_PER_SEC)
	35
12634bb4 LP	36	static void prefix_random(const char name, char *ret) {
	37	uint64_t i, u;
	38	char *m = NULL;
	39
	40	u = 1 + (random_u64() & 3);
	41
	42	for (i = 0; i < u; i++) {
	43	_cleanup_free_ char *b = NULL;
	44	char *x;
	45
	46	assert_se(asprintf(&b, "x%" PRIu64 "x", random_u64()));
	47	x = strjoin(b, ".", name, NULL);
	48	assert_se(x);
	49
	50	free(m);
	51	m = x;
	52	}
	53
	54	*ret = m;
	55	}
	56
	57	static void test_rr_lookup(sd_bus bus, const char name, uint16_t type, const char *result) {
412577e3 LP	58	_cleanup_(sd_bus_message_unrefp) sd_bus_message req = NULL, reply = NULL;
	59	_cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
	60	_cleanup_free_ char *m = NULL;
	61	int r;
	62
	63	/* If the name starts with a dot, we prefix one to three random labels */
	64	if (startswith(name, ".")) {
12634bb4 LP	65	prefix_random(name + 1, &m);
12634bb4 LP	66	name = m;
412577e3 LP	67	}
	68
	69	assert_se(sd_bus_message_new_method_call(
	70	bus,
	71	&req,
	72	"org.freedesktop.resolve1",
	73	"/org/freedesktop/resolve1",
	74	"org.freedesktop.resolve1.Manager",
	75	"ResolveRecord") >= 0);
	76
	77	assert_se(sd_bus_message_append(req, "isqqt", 0, name, DNS_CLASS_IN, type, UINT64_C(0)) >= 0);
	78
	79	r = sd_bus_call(bus, req, DNS_CALL_TIMEOUT_USEC, &error, &reply);
	80
	81	if (r < 0) {
	82	assert_se(result);
	83	assert_se(sd_bus_error_has_name(&error, result));
	84	log_info("[OK] %s/%s resulted in <%s>.", name, dns_type_to_string(type), error.name);
	85	} else {
	86	assert_se(!result);
	87	log_info("[OK] %s/%s succeeded.", name, dns_type_to_string(type));
	88	}
	89	}
	90
12634bb4 LP	91	static void test_hostname_lookup(sd_bus bus, const char name, int family, const char *result) {
	92	_cleanup_(sd_bus_message_unrefp) sd_bus_message req = NULL, reply = NULL;
	93	_cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
	94	_cleanup_free_ char *m = NULL;
	95	const char *af;
	96	int r;
	97
	98	af = family == AF_UNSPEC ? "AF_UNSPEC" : af_to_name(family);
	99
	100	/* If the name starts with a dot, we prefix one to three random labels */
	101	if (startswith(name, ".")) {
	102	prefix_random(name + 1, &m);
	103	name = m;
	104	}
	105
	106	assert_se(sd_bus_message_new_method_call(
	107	bus,
	108	&req,
	109	"org.freedesktop.resolve1",
	110	"/org/freedesktop/resolve1",
	111	"org.freedesktop.resolve1.Manager",
	112	"ResolveHostname") >= 0);
	113
	114	assert_se(sd_bus_message_append(req, "isit", 0, name, family, UINT64_C(0)) >= 0);
	115
	116	r = sd_bus_call(bus, req, DNS_CALL_TIMEOUT_USEC, &error, &reply);
	117
	118	if (r < 0) {
	119	assert_se(result);
	120	assert_se(sd_bus_error_has_name(&error, result));
	121	log_info("[OK] %s/%s resulted in <%s>.", name, af, error.name);
	122	} else {
	123	assert_se(!result);
	124	log_info("[OK] %s/%s succeeded.", name, af);
	125	}
	126
	127	}
	128
412577e3 LP	129	int main(int argc, char* argv[]) {
	130	_cleanup_(sd_bus_flush_close_unrefp) sd_bus *bus = NULL;
	131
	132	/* Note that this is a manual test as it requires:
	133	*
	134	* Full network access
	135	* A DNSSEC capable DNS server
	136	* That zones contacted are still set up as they were when I wrote this.
	137	*/
	138
	139	assert_se(sd_bus_open_system(&bus) >= 0);
	140
	141	/* Normally signed */
12634bb4 LP	142	test_rr_lookup(bus, "www.eurid.eu", DNS_TYPE_A, NULL);
	143	test_hostname_lookup(bus, "www.eurid.eu", AF_UNSPEC, NULL);
	144
	145	test_rr_lookup(bus, "sigok.verteiltesysteme.net", DNS_TYPE_A, NULL);
	146	test_hostname_lookup(bus, "sigok.verteiltesysteme.net", AF_UNSPEC, NULL);
412577e3 LP	147
412577e3 LP	148	/* Normally signed, NODATA */
12634bb4 LP	149	test_rr_lookup(bus, "www.eurid.eu", DNS_TYPE_RP, BUS_ERROR_NO_SUCH_RR);
12634bb4 LP	150	test_rr_lookup(bus, "sigok.verteiltesysteme.net", DNS_TYPE_RP, BUS_ERROR_NO_SUCH_RR);
412577e3 LP	151
412577e3 LP	152	/* Invalid signature */
12634bb4 LP	153	test_rr_lookup(bus, "sigfail.verteiltesysteme.net", DNS_TYPE_A, BUS_ERROR_DNSSEC_FAILED);
12634bb4 LP	154	test_hostname_lookup(bus, "sigfail.verteiltesysteme.net", AF_INET, BUS_ERROR_DNSSEC_FAILED);
412577e3 LP	155
412577e3 LP	156	/* Invalid signature, RSA, wildcard */
12634bb4 LP	157	test_rr_lookup(bus, ".wilda.rhybar.0skar.cz", DNS_TYPE_A, BUS_ERROR_DNSSEC_FAILED);
12634bb4 LP	158	test_hostname_lookup(bus, ".wilda.rhybar.0skar.cz", AF_INET, BUS_ERROR_DNSSEC_FAILED);
412577e3 LP	159
412577e3 LP	160	/* Invalid signature, ECDSA, wildcard */
12634bb4 LP	161	test_rr_lookup(bus, ".wilda.rhybar.ecdsa.0skar.cz", DNS_TYPE_A, BUS_ERROR_DNSSEC_FAILED);
12634bb4 LP	162	test_hostname_lookup(bus, ".wilda.rhybar.ecdsa.0skar.cz", AF_INET, BUS_ERROR_DNSSEC_FAILED);
412577e3 LP	163
412577e3 LP	164	/* NXDOMAIN in NSEC domain */
12634bb4 LP	165	test_rr_lookup(bus, "hhh.nasa.gov", DNS_TYPE_A, _BUS_ERROR_DNS "NXDOMAIN");
12634bb4 LP	166	test_hostname_lookup(bus, "hhh.nasa.gov", AF_UNSPEC, _BUS_ERROR_DNS "NXDOMAIN");
412577e3 LP	167
412577e3 LP	168	/* wildcard, NSEC zone */
12634bb4 LP	169	test_rr_lookup(bus, ".wilda.nsec.0skar.cz", DNS_TYPE_A, NULL);
12634bb4 LP	170	test_hostname_lookup(bus, ".wilda.nsec.0skar.cz", AF_INET, NULL);
412577e3 LP	171
412577e3 LP	172	/* wildcard, NSEC zone, NODATA */
12634bb4	173	test_rr_lookup(bus, ".wilda.nsec.0skar.cz", DNS_TYPE_RP, BUS_ERROR_NO_SUCH_RR);
412577e3 LP	174
412577e3 LP	175	/* wildcard, NSEC3 zone */
12634bb4 LP	176	test_rr_lookup(bus, ".wilda.0skar.cz", DNS_TYPE_A, NULL);
12634bb4 LP	177	test_hostname_lookup(bus, ".wilda.0skar.cz", AF_INET, NULL);
412577e3 LP	178
412577e3 LP	179	/* wildcard, NSEC3 zone, NODATA */
12634bb4	180	test_rr_lookup(bus, ".wilda.0skar.cz", DNS_TYPE_RP, BUS_ERROR_NO_SUCH_RR);
412577e3 LP	181
412577e3 LP	182	/* wildcard, NSEC zone, CNAME */
12634bb4 LP	183	test_rr_lookup(bus, ".wild.nsec.0skar.cz", DNS_TYPE_A, NULL);
	184	test_hostname_lookup(bus, ".wild.nsec.0skar.cz", AF_UNSPEC, NULL);
	185	test_hostname_lookup(bus, ".wild.nsec.0skar.cz", AF_INET, NULL);
412577e3 LP	186
412577e3 LP	187	/* wildcard, NSEC zone, NODATA, CNAME */
12634bb4	188	test_rr_lookup(bus, ".wild.nsec.0skar.cz", DNS_TYPE_RP, BUS_ERROR_NO_SUCH_RR);
412577e3 LP	189
412577e3 LP	190	/* wildcard, NSEC3 zone, CNAME */
12634bb4 LP	191	test_rr_lookup(bus, ".wild.0skar.cz", DNS_TYPE_A, NULL);
	192	test_hostname_lookup(bus, ".wild.0skar.cz", AF_UNSPEC, NULL);
	193	test_hostname_lookup(bus, ".wild.0skar.cz", AF_INET, NULL);
412577e3 LP	194
412577e3 LP	195	/* wildcard, NSEC3 zone, NODATA, CNAME */
12634bb4	196	test_rr_lookup(bus, ".wild.0skar.cz", DNS_TYPE_RP, BUS_ERROR_NO_SUCH_RR);
412577e3 LP	197
412577e3 LP	198	/* NODATA due to empty non-terminal in NSEC domain */
12634bb4 LP	199	test_rr_lookup(bus, "herndon.nasa.gov", DNS_TYPE_A, BUS_ERROR_NO_SUCH_RR);
	200	test_hostname_lookup(bus, "herndon.nasa.gov", AF_UNSPEC, BUS_ERROR_NO_SUCH_RR);
	201	test_hostname_lookup(bus, "herndon.nasa.gov", AF_INET, BUS_ERROR_NO_SUCH_RR);
	202	test_hostname_lookup(bus, "herndon.nasa.gov", AF_INET6, BUS_ERROR_NO_SUCH_RR);
412577e3 LP	203
412577e3 LP	204	/* NXDOMAIN in NSEC root zone: */
12634bb4 LP	205	test_rr_lookup(bus, "jasdhjas.kjkfgjhfjg", DNS_TYPE_A, _BUS_ERROR_DNS "NXDOMAIN");
	206	test_hostname_lookup(bus, "jasdhjas.kjkfgjhfjg", AF_UNSPEC, _BUS_ERROR_DNS "NXDOMAIN");
	207	test_hostname_lookup(bus, "jasdhjas.kjkfgjhfjg", AF_INET, _BUS_ERROR_DNS "NXDOMAIN");
	208	test_hostname_lookup(bus, "jasdhjas.kjkfgjhfjg", AF_INET6, _BUS_ERROR_DNS "NXDOMAIN");
412577e3 LP	209
412577e3 LP	210	/* NXDOMAIN in NSEC3 .com zone: */
12634bb4 LP	211	test_rr_lookup(bus, "kjkfgjhfjgsdfdsfd.com", DNS_TYPE_A, _BUS_ERROR_DNS "NXDOMAIN");
	212	test_hostname_lookup(bus, "kjkfgjhfjgsdfdsfd.com", AF_INET, _BUS_ERROR_DNS "NXDOMAIN");
	213	test_hostname_lookup(bus, "kjkfgjhfjgsdfdsfd.com", AF_INET6, _BUS_ERROR_DNS "NXDOMAIN");
	214	test_hostname_lookup(bus, "kjkfgjhfjgsdfdsfd.com", AF_UNSPEC, _BUS_ERROR_DNS "NXDOMAIN");
	215
	216	/* Unsigned A */
	217	test_rr_lookup(bus, "poettering.de", DNS_TYPE_A, NULL);
	218	test_rr_lookup(bus, "poettering.de", DNS_TYPE_AAAA, NULL);
	219	test_hostname_lookup(bus, "poettering.de", AF_UNSPEC, NULL);
	220	test_hostname_lookup(bus, "poettering.de", AF_INET, NULL);
	221	test_hostname_lookup(bus, "poettering.de", AF_INET6, NULL);
	222
	223	#if HAVE_LIBIDN
	224	/* Unsigned A with IDNA conversion necessary */
	225	test_hostname_lookup(bus, "pöttering.de", AF_UNSPEC, NULL);
	226	test_hostname_lookup(bus, "pöttering.de", AF_INET, NULL);
	227	test_hostname_lookup(bus, "pöttering.de", AF_INET6, NULL);
	228	#endif
412577e3	229
8f4560c7 LP	230	/* DNAME, pointing to NXDOMAIN */
	231	test_rr_lookup(bus, ".ireallyhpoethisdoesnexist.xn--kprw13d.", DNS_TYPE_A, _BUS_ERROR_DNS "NXDOMAIN");
	232	test_rr_lookup(bus, ".ireallyhpoethisdoesnexist.xn--kprw13d.", DNS_TYPE_RP, _BUS_ERROR_DNS "NXDOMAIN");
	233	test_hostname_lookup(bus, ".ireallyhpoethisdoesntexist.xn--kprw13d.", AF_UNSPEC, _BUS_ERROR_DNS "NXDOMAIN");
	234	test_hostname_lookup(bus, ".ireallyhpoethisdoesntexist.xn--kprw13d.", AF_INET, _BUS_ERROR_DNS "NXDOMAIN");
	235	test_hostname_lookup(bus, ".ireallyhpoethisdoesntexist.xn--kprw13d.", AF_INET6, _BUS_ERROR_DNS "NXDOMAIN");
	236
412577e3 LP	237	return 0;
412577e3 LP	238	}