* \param ne A NegCacheEntry that is filled when there is a cache entry
* \return true if ne was filled out, false otherwise
*/
-bool NegCache::getRootNXTrust(const DNSName& qname, const struct timeval& now, const NegCacheEntry** ne) {
+bool NegCache::getRootNXTrust(const DNSName& qname, const struct timeval& now, const NegCacheEntry** ne)
+{
// Never deny the root.
if (qname.isRoot())
return false;
DNSName lastLabel = qname.getLastLabel();
negcache_t::const_iterator ni = d_negcache.find(tie(lastLabel, qtnull));
- while (ni != d_negcache.end() &&
- ni->d_name == lastLabel &&
- ni->d_auth.isRoot() &&
- ni->d_qtype == qtnull) {
+ while (ni != d_negcache.end() && ni->d_name == lastLabel && ni->d_auth.isRoot() && ni->d_qtype == qtnull) {
// We have something
if ((uint32_t)now.tv_sec < ni->d_ttd) {
*ne = &(*ni);
* \param ne A NegCacheEntry that is filled when there is a cache entry
* \return true if ne was filled out, false otherwise
*/
-bool NegCache::get(const DNSName& qname, const QType& qtype, const struct timeval& now, const NegCacheEntry** ne, bool typeMustMatch) {
+bool NegCache::get(const DNSName& qname, const QType& qtype, const struct timeval& now, const NegCacheEntry** ne, bool typeMustMatch)
+{
const auto& idx = d_negcache.get<2>();
auto range = idx.equal_range(qname);
auto ni = range.first;
// We match the QType or the whole name is denied
auto firstIndexIterator = d_negcache.project<0>(ni);
- if((uint32_t) now.tv_sec < ni->d_ttd) {
+ if ((uint32_t)now.tv_sec < ni->d_ttd) {
// Not expired
*ne = &(*ni);
moveCacheItemToBack(d_negcache, firstIndexIterator);
*
* \param ne The NegCacheEntry to add to the cache
*/
-void NegCache::add(const NegCacheEntry& ne) {
+void NegCache::add(const NegCacheEntry& ne)
+{
lruReplacingInsert(d_negcache, ne);
}
* \param qtype The type of the entry to replace
* \param newState The new validation state
*/
-void NegCache::updateValidationStatus(const DNSName& qname, const QType& qtype, const vState newState, boost::optional<uint32_t> capTTD) {
+void NegCache::updateValidationStatus(const DNSName& qname, const QType& qtype, const vState newState, boost::optional<uint32_t> capTTD)
+{
auto range = d_negcache.equal_range(tie(qname, qtype));
if (range.first != range.second) {
*
* \param qname The name of the entries to be counted
*/
-uint64_t NegCache::count(const DNSName& qname) const {
+uint64_t NegCache::count(const DNSName& qname) const
+{
return d_negcache.count(tie(qname));
}
* \param qname The name of the entries to be counted
* \param qtype The type of the entries to be counted
*/
-uint64_t NegCache::count(const DNSName& qname, const QType qtype) const {
+uint64_t NegCache::count(const DNSName& qname, const QType qtype) const
+{
return d_negcache.count(tie(qname, qtype));
}
* \param name The DNSName of the entries to wipe
* \param subtree Should all entries under name be removed?
*/
-uint64_t NegCache::wipe(const DNSName& name, bool subtree) {
+uint64_t NegCache::wipe(const DNSName& name, bool subtree)
+{
uint64_t ret(0);
if (subtree) {
for (auto i = d_negcache.lower_bound(tie(name)); i != d_negcache.end();) {
- if(!i->d_name.isPartOf(name))
+ if (!i->d_name.isPartOf(name))
break;
i = d_negcache.erase(i);
ret++;
/*!
* Clear the negative cache
*/
-void NegCache::clear() {
+void NegCache::clear()
+{
d_negcache.clear();
}
*
* \param maxEntries The maximum number of entries that may exist in the cache.
*/
-void NegCache::prune(unsigned int maxEntries) {
+void NegCache::prune(unsigned int maxEntries)
+{
pruneCollection(*this, d_negcache, maxEntries, 200);
}
*
* \param fp A pointer to an open FILE object
*/
-uint64_t NegCache::dumpToFile(FILE* fp) {
+uint64_t NegCache::dumpToFile(FILE* fp)
+{
uint64_t ret(0);
struct timeval now;
Utility::gettimeofday(&now, nullptr);
negcache_sequence_t& sidx = d_negcache.get<1>();
- for(const NegCacheEntry& ne : sidx) {
+ for (const NegCacheEntry& ne : sidx) {
ret++;
fprintf(fp, "%s %" PRId64 " IN %s VIA %s ; (%s)\n", ne.d_name.toString().c_str(), static_cast<int64_t>(ne.d_ttd - now.tv_sec), ne.d_qtype.getName().c_str(), ne.d_auth.toString().c_str(), vStates[ne.d_validationState]);
for (const auto& rec : ne.DNSSECRecords.records) {
*
* typedef vector<recsig_t> recordsAndSignatures;
*/
-typedef struct {
+typedef struct
+{
vector<DNSRecord> records;
vector<DNSRecord> signatures;
} recordsAndSignatures;
-class NegCache : public boost::noncopyable {
- public:
- struct NegCacheEntry {
- DNSName d_name; // The denied name
- QType d_qtype; // The denied type
- DNSName d_auth; // The denying name (aka auth)
- mutable uint32_t d_ttd; // Timestamp when this entry should die
- recordsAndSignatures authoritySOA; // The upstream SOA record and RRSIGs
- recordsAndSignatures DNSSECRecords; // The upstream NSEC(3) and RRSIGs
- mutable vState d_validationState{Indeterminate};
- uint32_t getTTD() const {
- return d_ttd;
- };
+class NegCache : public boost::noncopyable
+{
+public:
+ struct NegCacheEntry
+ {
+ DNSName d_name; // The denied name
+ QType d_qtype; // The denied type
+ DNSName d_auth; // The denying name (aka auth)
+ mutable uint32_t d_ttd; // Timestamp when this entry should die
+ recordsAndSignatures authoritySOA; // The upstream SOA record and RRSIGs
+ recordsAndSignatures DNSSECRecords; // The upstream NSEC(3) and RRSIGs
+ mutable vState d_validationState{Indeterminate};
+ uint32_t getTTD() const
+ {
+ return d_ttd;
};
+ };
- void add(const NegCacheEntry& ne);
- void updateValidationStatus(const DNSName& qname, const QType& qtype, const vState newState, boost::optional<uint32_t> capTTD);
- bool get(const DNSName& qname, const QType& qtype, const struct timeval& now, const NegCacheEntry** ne, bool typeMustMatch=false);
- bool getRootNXTrust(const DNSName& qname, const struct timeval& now, const NegCacheEntry** ne);
- uint64_t count(const DNSName& qname) const;
- uint64_t count(const DNSName& qname, const QType qtype) const;
- void prune(unsigned int maxEntries);
- void clear();
- uint64_t dumpToFile(FILE* fd);
- uint64_t wipe(const DNSName& name, bool subtree = false);
+ void add(const NegCacheEntry& ne);
+ void updateValidationStatus(const DNSName& qname, const QType& qtype, const vState newState, boost::optional<uint32_t> capTTD);
+ bool get(const DNSName& qname, const QType& qtype, const struct timeval& now, const NegCacheEntry** ne, bool typeMustMatch = false);
+ bool getRootNXTrust(const DNSName& qname, const struct timeval& now, const NegCacheEntry** ne);
+ uint64_t count(const DNSName& qname) const;
+ uint64_t count(const DNSName& qname, const QType qtype) const;
+ void prune(unsigned int maxEntries);
+ void clear();
+ uint64_t dumpToFile(FILE* fd);
+ uint64_t wipe(const DNSName& name, bool subtree = false);
- uint64_t size() {
- return d_negcache.size();
- };
+ uint64_t size()
+ {
+ return d_negcache.size();
+ };
- void preRemoval(const NegCacheEntry& entry)
- {
- }
+ void preRemoval(const NegCacheEntry& entry)
+ {
+ }
- private:
- typedef boost::multi_index_container <
- NegCacheEntry,
- indexed_by <
- ordered_unique <
- composite_key <
- NegCacheEntry,
- member<NegCacheEntry, DNSName, &NegCacheEntry::d_name>,
- member<NegCacheEntry, QType, &NegCacheEntry::d_qtype>
- >,
- composite_key_compare <
- CanonDNSNameCompare, std::less<QType>
- >
- >,
- sequenced<>,
- hashed_non_unique <
- member<NegCacheEntry, DNSName, &NegCacheEntry::d_name>
- >
- >
- > negcache_t;
+private:
+ typedef boost::multi_index_container<
+ NegCacheEntry,
+ indexed_by<
+ ordered_unique<
+ composite_key<
+ NegCacheEntry,
+ member<NegCacheEntry, DNSName, &NegCacheEntry::d_name>,
+ member<NegCacheEntry, QType, &NegCacheEntry::d_qtype>>,
+ composite_key_compare<
+ CanonDNSNameCompare, std::less<QType>>>,
+ sequenced<>,
+ hashed_non_unique<
+ member<NegCacheEntry, DNSName, &NegCacheEntry::d_name>>>>
+ negcache_t;
- // Required for the cachecleaner
- typedef negcache_t::nth_index<1>::type negcache_sequence_t;
+ // Required for the cachecleaner
+ typedef negcache_t::nth_index<1>::type negcache_sequence_t;
- // Stores the negative cache entries
- negcache_t d_negcache;
+ // Stores the negative cache entries
+ negcache_t d_negcache;
};
void initPublicSuffixList(const std::string& file)
{
std::vector<std::vector<std::string>> pbList;
-
+
bool loaded = false;
if (!file.empty()) {
try {
}
pbList.push_back(name.labelReverse().getRawLabels());
}
- catch(...) {
+ catch (...) {
/* not a DNS name, ignoring */
}
}
- g_log<<Logger::Info<<"Loaded the Public Suffix List from '"<<file<<"'"<<endl;
+ g_log << Logger::Info << "Loaded the Public Suffix List from '" << file << "'" << endl;
loaded = true;
}
catch (const std::exception& e) {
- g_log<<Logger::Warning<<"Error while loading the Public Suffix List from '"<<file<<"', falling back to the built-in list: "<<e.what()<<endl;
+ g_log << Logger::Warning << "Error while loading the Public Suffix List from '" << file << "', falling back to the built-in list: " << e.what() << endl;
}
}
if (!loaded) {
pbList.clear();
- for(const char** p = g_pubsuffix; *p; ++p) {
- string low=toLower(*p);
+ for (const char** p = g_pubsuffix; *p; ++p) {
+ string low = toLower(*p);
vector<string> parts;
stringtok(parts, low, ".");
#include <atomic>
// Metric types for Prometheus
-enum class PrometheusMetricType: int {
- counter = 1,
- gauge = 2
+enum class PrometheusMetricType : int
+{
+ counter = 1,
+ gauge = 2
};
// Keeps additional information about metrics
-struct MetricDefinition {
- MetricDefinition(const PrometheusMetricType& prometheusType_, const std::string& description_) {
- prometheusType = prometheusType_;
- description = description_;
- }
+struct MetricDefinition
+{
+ MetricDefinition(const PrometheusMetricType& prometheusType_, const std::string& description_)
+ {
+ prometheusType = prometheusType_;
+ description = description_;
+ }
- MetricDefinition() = default;
+ MetricDefinition() = default;
- // Metric description
- std::string description;
- // Metric type for Prometheus
- PrometheusMetricType prometheusType;
+ // Metric description
+ std::string description;
+ // Metric type for Prometheus
+ PrometheusMetricType prometheusType;
};
-class MetricDefinitionStorage {
+class MetricDefinitionStorage
+{
public:
- // Return metric definition by name
- bool getMetricDetails(const std::string& metricName, MetricDefinition& metric) {
- auto metricDetailsIter = metrics.find(metricName);
-
- if (metricDetailsIter == metrics.end()) {
- return false;
- }
-
- metric = metricDetailsIter->second;
- return true;
- };
-
- // Return string representation of Prometheus metric type
- std::string getPrometheusStringMetricType(const PrometheusMetricType& metricType) {
- switch (metricType) {
- case PrometheusMetricType::counter:
- return "counter";
- break;
- case PrometheusMetricType::gauge:
- return "gauge";
- break;
- default:
- return "";
- break;
- }
- };
+ // Return metric definition by name
+ bool getMetricDetails(const std::string& metricName, MetricDefinition& metric)
+ {
+ auto metricDetailsIter = metrics.find(metricName);
+
+ if (metricDetailsIter == metrics.end()) {
+ return false;
+ }
+
+ metric = metricDetailsIter->second;
+ return true;
+ };
+
+ // Return string representation of Prometheus metric type
+ std::string getPrometheusStringMetricType(const PrometheusMetricType& metricType)
+ {
+ switch (metricType) {
+ case PrometheusMetricType::counter:
+ return "counter";
+ break;
+ case PrometheusMetricType::gauge:
+ return "gauge";
+ break;
+ default:
+ return "";
+ break;
+ }
+ };
private:
- // Description and types for prometheus output of stats
- std::map<std::string, MetricDefinition> metrics = {
- { "all-outqueries", MetricDefinition(PrometheusMetricType::counter, "Number of outgoing UDP queries since starting") },
-
- { "answers-slow", MetricDefinition(PrometheusMetricType::counter, "Number of queries answered after 1 second") },
- { "answers0-1", MetricDefinition(PrometheusMetricType::counter, "Number of queries answered within 1 millisecond") },
- { "answers1-10", MetricDefinition(PrometheusMetricType::counter, "Number of queries answered within 10 milliseconds") },
- { "answers10-100", MetricDefinition(PrometheusMetricType::counter, "Number of queries answered within 100 milliseconds") },
- { "answers100-1000", MetricDefinition(PrometheusMetricType::counter, "Number of queries answered within 1 second") },
-
- { "auth4-answers-slow", MetricDefinition(PrometheusMetricType::counter, "Number of queries answered by authoritatives over IPv4 after 1 second") },
- { "auth4-answers0-1", MetricDefinition(PrometheusMetricType::counter, "Number of queries answered by authoritatives over IPv4within 1 millisecond") },
- { "auth4-answers1-10", MetricDefinition(PrometheusMetricType::counter, "Number of queries answered by authoritatives over IPv4 within 10 milliseconds") },
- { "auth4-answers10-100", MetricDefinition(PrometheusMetricType::counter, "Number of queries answered by authoritatives over IPv4 within 100 milliseconds") },
- { "auth4-answers100-1000", MetricDefinition(PrometheusMetricType::counter, "Number of queries answered by authoritatives over IPv4 within 1 second") },
-
- { "auth6-answers-slow", MetricDefinition(PrometheusMetricType::counter, "Number of queries answered by authoritatives over IPv6 after 1 second") },
- { "auth6-answers0-1", MetricDefinition(PrometheusMetricType::counter, "Number of queries answered by authoritatives over IPv6 within 1 millisecond") },
- { "auth6-answers1-10", MetricDefinition(PrometheusMetricType::counter, "Number of queries answered by authoritatives over IPv6 within 10 milliseconds") },
- { "auth6-answers10-100", MetricDefinition(PrometheusMetricType::counter, "Number of queries answered by authoritatives over IPv6 within 100 milliseconds") },
- { "auth6-answers100-1000", MetricDefinition(PrometheusMetricType::counter, "Number of queries answered by authoritatives over IPv6 within 1 second") },
-
-
-
- { "auth-zone-queries", MetricDefinition(PrometheusMetricType::counter, "Number of queries to locally hosted authoritative zones (`setting-auth-zones`) since starting") },
- { "cache-bytes", MetricDefinition(PrometheusMetricType::gauge, "Size of the cache in bytes") },
- { "cache-entries", MetricDefinition(PrometheusMetricType::gauge, "Number of entries in the cache") },
- { "cache-hits", MetricDefinition(PrometheusMetricType::counter, "Number of of cache hits since starting, this does **not** include hits that got answered from the packet-cache") },
- { "cache-misses", MetricDefinition(PrometheusMetricType::counter, "Number of cache misses since starting") },
- { "case-mismatches", MetricDefinition(PrometheusMetricType::counter, "Number of mismatches in character case since starting") },
- { "chain-resends", MetricDefinition(PrometheusMetricType::counter, "Number of queries chained to existing outstanding") },
- { "client-parse-errors", MetricDefinition(PrometheusMetricType::counter, "Number of client packets that could not be parsed") },
- { "concurrent-queries", MetricDefinition(PrometheusMetricType::gauge, "Number of MThreads currently running") },
- { "cpu-msec-thread-0", MetricDefinition(PrometheusMetricType::counter, "Number of milliseconds spent in thread n") },
- { "dlg-only-drops", MetricDefinition(PrometheusMetricType::counter, "Number of records dropped because of `setting-delegation-only` setting") },
-
- { "dnssec-authentic-data-queries", MetricDefinition(PrometheusMetricType::counter, "Number of queries received with the AD bit set") },
- { "dnssec-check-disabled-queries", MetricDefinition(PrometheusMetricType::counter, "Number of queries received with the CD bit set") },
- { "dnssec-queries", MetricDefinition(PrometheusMetricType::counter, "Number of queries received with the DO bit set") },
- { "dnssec-result-bogus", MetricDefinition(PrometheusMetricType::counter, "Number of DNSSEC validations that had the Bogus state") },
- { "dnssec-result-indeterminate", MetricDefinition(PrometheusMetricType::counter, "Number of DNSSEC validations that had the Indeterminate state") },
- { "dnssec-result-insecure", MetricDefinition(PrometheusMetricType::counter, "Number of DNSSEC validations that had the Insecure state") },
- { "dnssec-result-nta", MetricDefinition(PrometheusMetricType::counter, "Number of DNSSEC validations that had the (negative trust anchor) state") },
- { "dnssec-result-secure", MetricDefinition(PrometheusMetricType::counter, "Number of DNSSEC validations that had the Secure state") },
-
- { "dnssec-validations", MetricDefinition(PrometheusMetricType::counter, "Number of DNSSEC validations performed") },
- { "dont-outqueries", MetricDefinition(PrometheusMetricType::counter, "Number of outgoing queries dropped because of `setting-dont-query` setting") },
- { "qname-min-fallback-success", MetricDefinition(PrometheusMetricType::counter, "Number of successful queries due to fallback mechanism within 'qname-minimization' setting") },
- { "ecs-queries", MetricDefinition(PrometheusMetricType::counter, "Number of outgoing queries adorned with an EDNS Client Subnet option") },
- { "ecs-responses", MetricDefinition(PrometheusMetricType::counter, "Number of responses received from authoritative servers with an EDNS Client Subnet option we used") },
- { "edns-ping-matches", MetricDefinition(PrometheusMetricType::counter, "Number of servers that sent a valid EDNS PING response") },
- { "edns-ping-mismatches", MetricDefinition(PrometheusMetricType::counter, "Number of servers that sent an invalid EDN PING response") },
- { "failed-host-entries", MetricDefinition(PrometheusMetricType::counter, "Number of servers that failed to resolve") },
- { "ignored-packets", MetricDefinition(PrometheusMetricType::counter, "Number of non-query packets received on server sockets that should only get query packets") },
- { "ipv6-outqueries", MetricDefinition(PrometheusMetricType::counter, "Number of outgoing queries over IPv6") },
- { "ipv6-questions", MetricDefinition(PrometheusMetricType::counter, "Number of end-user initiated queries with the RD bit set, received over IPv6 UDP") },
- { "malloc-bytes", MetricDefinition(PrometheusMetricType::counter, "Number of bytes allocated by the process (broken, always returns 0)") },
- { "max-cache-entries", MetricDefinition(PrometheusMetricType::gauge, "Currently configured maximum number of cache entries") },
- { "max-packetcache-entries", MetricDefinition(PrometheusMetricType::gauge, "Currently configured maximum number of packet cache entries") },
- { "max-mthread-stack", MetricDefinition(PrometheusMetricType::gauge, "Maximum amount of thread stack ever used") },
-
-
- { "negcache-entries", MetricDefinition(PrometheusMetricType::gauge, "Number of entries in the negative answer cache") },
- { "no-packet-error", MetricDefinition(PrometheusMetricType::counter, "Number of erroneous received packets") },
- { "noedns-outqueries", MetricDefinition(PrometheusMetricType::counter, "Number of queries sent out without EDNS") },
- { "noerror-answers", MetricDefinition(PrometheusMetricType::counter, "Number of NOERROR answers since starting") },
- { "noping-outqueries", MetricDefinition(PrometheusMetricType::counter, "Number of queries sent out without ENDS PING") },
- { "nsset-invalidations", MetricDefinition(PrometheusMetricType::counter, "Number of times an nsset was dropped because it no longer worked") },
- { "nsspeeds-entries", MetricDefinition(PrometheusMetricType::gauge, "Number of entries in the NS speeds map") },
- { "nxdomain-answers", MetricDefinition(PrometheusMetricType::counter, "Number of NXDOMAIN answers since starting") },
- { "outgoing-timeouts", MetricDefinition(PrometheusMetricType::counter, "Number of timeouts on outgoing UDP queries since starting") },
- { "outgoing4-timeouts", MetricDefinition(PrometheusMetricType::counter, "Number of timeouts on outgoing UDP IPv4 queries since starting") },
- { "outgoing6-timeouts", MetricDefinition(PrometheusMetricType::counter, "Number of timeouts on outgoing UDP IPv6 queries since starting") },
- { "over-capacity-drops", MetricDefinition(PrometheusMetricType::counter, "Number of questions dropped because over maximum concurrent query limit") },
- { "packetcache-bytes", MetricDefinition(PrometheusMetricType::gauge, "Size of the packet cache in bytes") },
- { "packetcache-entries", MetricDefinition(PrometheusMetricType::gauge, "Number of packet cache entries") },
- { "packetcache-hits", MetricDefinition(PrometheusMetricType::counter, "Number of packet cache hits") },
- { "packetcache-misses", MetricDefinition(PrometheusMetricType::counter, "Number of packet cache misses") },
-
- { "policy-drops", MetricDefinition(PrometheusMetricType::counter, "Number of packets dropped because of (Lua) policy decision") },
- { "policy-result-noaction", MetricDefinition(PrometheusMetricType::counter, "Number of packets that were not actioned upon by the RPZ/filter engine") },
- { "policy-result-drop", MetricDefinition(PrometheusMetricType::counter, "Number of packets that were dropped by the RPZ/filter engine") },
- { "policy-result-nxdomain", MetricDefinition(PrometheusMetricType::counter, "Number of packets that were replied to with NXDOMAIN by the RPZ/filter engine") },
- { "policy-result-nodata", MetricDefinition(PrometheusMetricType::counter, "Number of packets that were replied to with no data by the RPZ/filter engine") },
- { "policy-result-truncate", MetricDefinition(PrometheusMetricType::counter, "Number of packets that were were forced to TCP by the RPZ/filter engine") },
- { "policy-result-custom", MetricDefinition(PrometheusMetricType::counter, "Number of packets that were sent a custom answer by the RPZ/filter engine") },
-
- { "qa-latency", MetricDefinition(PrometheusMetricType::gauge, "Shows the current latency average, in microseconds, exponentially weighted over past 'latency-statistic-size' packets") },
- { "query-pipe-full-drops", MetricDefinition(PrometheusMetricType::counter, "Number of questions dropped because the query distribution pipe was full") },
- { "questions", MetricDefinition(PrometheusMetricType::counter, "Counts all end-user initiated queries with the RD bit set") },
- { "rebalanced-queries", MetricDefinition(PrometheusMetricType::counter, "Number of queries balanced to a different worker thread because the first selected one was above the target load configured with 'distribution-load-factor'") },
- { "resource-limits", MetricDefinition(PrometheusMetricType::counter, "Number of queries that could not be performed because of resource limits") },
- { "security-status", MetricDefinition(PrometheusMetricType::gauge, "security status based on `securitypolling`") },
- { "server-parse-errors", MetricDefinition(PrometheusMetricType::counter, "Number of server replied packets that could not be parsed") },
- { "servfail-answers", MetricDefinition(PrometheusMetricType::counter, "Number of SERVFAIL answers since starting") },
- { "spoof-prevents", MetricDefinition(PrometheusMetricType::counter, "Number of times PowerDNS considered itself spoofed, and dropped the data") },
- { "sys-msec", MetricDefinition(PrometheusMetricType::counter, "Number of CPU milliseconds spent in 'system' mode") },
- { "tcp-client-overflow", MetricDefinition(PrometheusMetricType::counter, "Number of times an IP address was denied TCP access because it already had too many connections") },
- { "tcp-clients", MetricDefinition(PrometheusMetricType::gauge, "Number of currently active TCP/IP clients") },
- { "tcp-outqueries", MetricDefinition(PrometheusMetricType::counter, "Number of outgoing TCP queries since starting") },
- { "tcp-questions", MetricDefinition(PrometheusMetricType::counter, "Number of all incoming TCP queries since starting") },
- { "throttle-entries", MetricDefinition(PrometheusMetricType::gauge, "Number of of entries in the throttle map") },
- { "throttled-out", MetricDefinition(PrometheusMetricType::counter, "Number of throttled outgoing UDP queries since starting") },
- { "throttled-outqueries", MetricDefinition(PrometheusMetricType::counter, "Number of throttled outgoing UDP queries since starting") },
- { "too-old-drops", MetricDefinition(PrometheusMetricType::counter, "Number of questions dropped that were too old") },
- { "truncated-drops", MetricDefinition(PrometheusMetricType::counter, "Number of questions dropped because they were larger than 512 bytes") },
- { "empty-queries", MetricDefinition(PrometheusMetricType::counter, "Questions dropped because they had a QD count of 0") },
- { "unauthorized-tcp", MetricDefinition(PrometheusMetricType::counter, "Number of TCP questions denied because of allow-from restrictions") },
- { "unauthorized-udp", MetricDefinition(PrometheusMetricType::counter, "Number of UDP questions denied because of allow-from restrictions") },
- { "unexpected-packets", MetricDefinition(PrometheusMetricType::counter, "Number of answers from remote servers that were unexpected (might point to spoofing)") },
- { "unreachables", MetricDefinition(PrometheusMetricType::counter, "Number of times nameservers were unreachable since starting") },
- { "uptime", MetricDefinition(PrometheusMetricType::counter, "Number of seconds process has been running") },
- { "user-msec", MetricDefinition(PrometheusMetricType::counter, "Number of CPU milliseconds spent in 'user' mode") },
- { "variable-responses", MetricDefinition(PrometheusMetricType::counter, "Number of responses that were marked as 'variable'") },
-
- { "x-our-latency", MetricDefinition(PrometheusMetricType::counter, "How much time was spent within PowerDNS in microseconds") },
- { "x-ourtime0-1", MetricDefinition(PrometheusMetricType::counter, "Counts responses where between 0 and 1 milliseconds was spent within the Recursor") },
- { "x-ourtime1-2", MetricDefinition(PrometheusMetricType::counter, "Counts responses where between 1 and 2 milliseconds was spent within the Recursor") },
- { "x-ourtime2-4", MetricDefinition(PrometheusMetricType::counter, "Counts responses where between 2 and 4 milliseconds was spent within the Recursor") },
- { "x-ourtime4-8", MetricDefinition(PrometheusMetricType::counter, "Counts responses where between 4 and 8 milliseconds was spent within the Recursor") },
- { "x-ourtime8-16", MetricDefinition(PrometheusMetricType::counter, "Counts responses where between 8 and 16 milliseconds was spent within the Recursor") },
- { "x-ourtime16-32", MetricDefinition(PrometheusMetricType::counter, "Counts responses where between 16 and 32 milliseconds was spent within the Recursor") },
- { "x-ourtime-slow", MetricDefinition(PrometheusMetricType::counter, "Counts responses where more than 32 milliseconds was spent within the Recursor") },
-
- { "fd-usage", MetricDefinition(PrometheusMetricType::gauge, "Number of open file descriptors") },
- { "real-memory-usage", MetricDefinition(PrometheusMetricType::gauge, "Number of bytes real process memory usage") },
- { "udp-in-errors", MetricDefinition(PrometheusMetricType::counter, "From /proc/net/snmp InErrors") },
- { "udp-noport-errors", MetricDefinition(PrometheusMetricType::counter, "From /proc/net/snmp NoPorts") },
- { "udp-recvbuf-errors", MetricDefinition(PrometheusMetricType::counter, "From /proc/net/snmp RcvbufErrors") },
- { "udp-sndbuf-errors", MetricDefinition(PrometheusMetricType::counter, "From /proc/net/snmp SndbufErrors") },
- };
+ // Description and types for prometheus output of stats
+ std::map<std::string, MetricDefinition> metrics = {
+ {"all-outqueries",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Number of outgoing UDP queries since starting")},
+
+ {"answers-slow",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Number of queries answered after 1 second")},
+ {"answers0-1",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Number of queries answered within 1 millisecond")},
+ {"answers1-10",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Number of queries answered within 10 milliseconds")},
+ {"answers10-100",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Number of queries answered within 100 milliseconds")},
+ {"answers100-1000",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Number of queries answered within 1 second")},
+
+ {"auth4-answers-slow",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Number of queries answered by authoritatives over IPv4 after 1 second")},
+ {"auth4-answers0-1",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Number of queries answered by authoritatives over IPv4within 1 millisecond")},
+ {"auth4-answers1-10",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Number of queries answered by authoritatives over IPv4 within 10 milliseconds")},
+ {"auth4-answers10-100",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Number of queries answered by authoritatives over IPv4 within 100 milliseconds")},
+ {"auth4-answers100-1000",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Number of queries answered by authoritatives over IPv4 within 1 second")},
+
+ {"auth6-answers-slow",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Number of queries answered by authoritatives over IPv6 after 1 second")},
+ {"auth6-answers0-1",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Number of queries answered by authoritatives over IPv6 within 1 millisecond")},
+ {"auth6-answers1-10",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Number of queries answered by authoritatives over IPv6 within 10 milliseconds")},
+ {"auth6-answers10-100",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Number of queries answered by authoritatives over IPv6 within 100 milliseconds")},
+ {"auth6-answers100-1000",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Number of queries answered by authoritatives over IPv6 within 1 second")},
+
+ {"auth-zone-queries",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Number of queries to locally hosted authoritative zones (`setting-auth-zones`) since starting")},
+ {"cache-bytes",
+ MetricDefinition(PrometheusMetricType::gauge,
+ "Size of the cache in bytes")},
+ {"cache-entries",
+ MetricDefinition(PrometheusMetricType::gauge,
+ "Number of entries in the cache")},
+ {"cache-hits",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Number of of cache hits since starting, this does **not** include hits that got answered from the packet-cache")},
+ {"cache-misses",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Number of cache misses since starting")},
+ {"case-mismatches",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Number of mismatches in character case since starting")},
+ {"chain-resends",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Number of queries chained to existing outstanding")},
+ {"client-parse-errors",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Number of client packets that could not be parsed")},
+ {"concurrent-queries",
+ MetricDefinition(PrometheusMetricType::gauge,
+ "Number of MThreads currently running")},
+ {"cpu-msec-thread-0",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Number of milliseconds spent in thread n")},
+ {"dlg-only-drops",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Number of records dropped because of `setting-delegation-only` setting")},
+
+ {"dnssec-authentic-data-queries",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Number of queries received with the AD bit set")},
+ {"dnssec-check-disabled-queries",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Number of queries received with the CD bit set")},
+ {"dnssec-queries",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Number of queries received with the DO bit set")},
+ {"dnssec-result-bogus",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Number of DNSSEC validations that had the Bogus state")},
+ {"dnssec-result-indeterminate",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Number of DNSSEC validations that had the Indeterminate state")},
+ {"dnssec-result-insecure",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Number of DNSSEC validations that had the Insecure state")},
+ {"dnssec-result-nta",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Number of DNSSEC validations that had the (negative trust anchor) state")},
+ {"dnssec-result-secure",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Number of DNSSEC validations that had the Secure state")},
+
+ {"dnssec-validations",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Number of DNSSEC validations performed")},
+ {"dont-outqueries",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Number of outgoing queries dropped because of `setting-dont-query` setting")},
+ {"qname-min-fallback-success",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Number of successful queries due to fallback mechanism within 'qname-minimization' setting")},
+ {"ecs-queries",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Number of outgoing queries adorned with an EDNS Client Subnet option")},
+ {"ecs-responses",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Number of responses received from authoritative servers with an EDNS Client Subnet option we used")},
+ {"edns-ping-matches",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Number of servers that sent a valid EDNS PING response")},
+ {"edns-ping-mismatches",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Number of servers that sent an invalid EDN PING response")},
+ {"failed-host-entries",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Number of servers that failed to resolve")},
+ {"ignored-packets",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Number of non-query packets received on server sockets that should only get query packets")},
+ {"ipv6-outqueries",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Number of outgoing queries over IPv6")},
+ {"ipv6-questions",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Number of end-user initiated queries with the RD bit set, received over IPv6 UDP")},
+ {"malloc-bytes",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Number of bytes allocated by the process (broken, always returns 0)")},
+ {"max-cache-entries",
+ MetricDefinition(PrometheusMetricType::gauge,
+ "Currently configured maximum number of cache entries")},
+ {"max-packetcache-entries",
+ MetricDefinition(PrometheusMetricType::gauge,
+ "Currently configured maximum number of packet cache entries")},
+ {"max-mthread-stack",
+ MetricDefinition(PrometheusMetricType::gauge,
+ "Maximum amount of thread stack ever used")},
+
+ {"negcache-entries",
+ MetricDefinition(PrometheusMetricType::gauge,
+ "Number of entries in the negative answer cache")},
+ {"no-packet-error",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Number of erroneous received packets")},
+ {"noedns-outqueries",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Number of queries sent out without EDNS")},
+ {"noerror-answers",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Number of NOERROR answers since starting")},
+ {"noping-outqueries",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Number of queries sent out without ENDS PING")},
+ {"nsset-invalidations",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Number of times an nsset was dropped because it no longer worked")},
+ {"nsspeeds-entries",
+ MetricDefinition(PrometheusMetricType::gauge,
+ "Number of entries in the NS speeds map")},
+ {"nxdomain-answers",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Number of NXDOMAIN answers since starting")},
+ {"outgoing-timeouts",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Number of timeouts on outgoing UDP queries since starting")},
+ {"outgoing4-timeouts",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Number of timeouts on outgoing UDP IPv4 queries since starting")},
+ {"outgoing6-timeouts",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Number of timeouts on outgoing UDP IPv6 queries since starting")},
+ {"over-capacity-drops",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Number of questions dropped because over maximum concurrent query limit")},
+ {"packetcache-bytes",
+ MetricDefinition(PrometheusMetricType::gauge,
+ "Size of the packet cache in bytes")},
+ {"packetcache-entries",
+ MetricDefinition(PrometheusMetricType::gauge,
+ "Number of packet cache entries")},
+ {"packetcache-hits",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Number of packet cache hits")},
+ {"packetcache-misses",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Number of packet cache misses")},
+
+ {"policy-drops",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Number of packets dropped because of (Lua) policy decision")},
+ {"policy-result-noaction",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Number of packets that were not actioned upon by the RPZ/filter engine")},
+ {"policy-result-drop",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Number of packets that were dropped by the RPZ/filter engine")},
+ {"policy-result-nxdomain",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Number of packets that were replied to with NXDOMAIN by the RPZ/filter engine")},
+ {"policy-result-nodata",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Number of packets that were replied to with no data by the RPZ/filter engine")},
+ {"policy-result-truncate",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Number of packets that were were forced to TCP by the RPZ/filter engine")},
+ {"policy-result-custom",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Number of packets that were sent a custom answer by the RPZ/filter engine")},
+
+ {"qa-latency",
+ MetricDefinition(PrometheusMetricType::gauge,
+ "Shows the current latency average, in microseconds, exponentially weighted over past 'latency-statistic-size' packets")},
+ {"query-pipe-full-drops",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Number of questions dropped because the query distribution pipe was full")},
+ {"questions",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Counts all end-user initiated queries with the RD bit set")},
+ {"rebalanced-queries",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Number of queries balanced to a different worker thread because the first selected one was above the target load configured with 'distribution-load-factor'")},
+ {"resource-limits",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Number of queries that could not be performed because of resource limits")},
+ {"security-status",
+ MetricDefinition(PrometheusMetricType::gauge,
+ "security status based on `securitypolling`")},
+ {"server-parse-errors",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Number of server replied packets that could not be parsed")},
+ {"servfail-answers",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Number of SERVFAIL answers since starting")},
+ {"spoof-prevents",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Number of times PowerDNS considered itself spoofed, and dropped the data")},
+ {"sys-msec",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Number of CPU milliseconds spent in 'system' mode")},
+ {"tcp-client-overflow",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Number of times an IP address was denied TCP access because it already had too many connections")},
+ {"tcp-clients",
+ MetricDefinition(PrometheusMetricType::gauge,
+ "Number of currently active TCP/IP clients")},
+ {"tcp-outqueries",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Number of outgoing TCP queries since starting")},
+ {"tcp-questions",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Number of all incoming TCP queries since starting")},
+ {"throttle-entries",
+ MetricDefinition(PrometheusMetricType::gauge,
+ "Number of of entries in the throttle map")},
+ {"throttled-out",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Number of throttled outgoing UDP queries since starting")},
+ {"throttled-outqueries",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Number of throttled outgoing UDP queries since starting")},
+ {"too-old-drops",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Number of questions dropped that were too old")},
+ {"truncated-drops",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Number of questions dropped because they were larger than 512 bytes")},
+ {"empty-queries",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Questions dropped because they had a QD count of 0")},
+ {"unauthorized-tcp",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Number of TCP questions denied because of allow-from restrictions")},
+ {"unauthorized-udp",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Number of UDP questions denied because of allow-from restrictions")},
+ {"unexpected-packets",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Number of answers from remote servers that were unexpected (might point to spoofing)")},
+ {"unreachables",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Number of times nameservers were unreachable since starting")},
+ {"uptime",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Number of seconds process has been running")},
+ {"user-msec",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Number of CPU milliseconds spent in 'user' mode")},
+ {"variable-responses",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Number of responses that were marked as 'variable'")},
+
+ {"x-our-latency",
+ MetricDefinition(PrometheusMetricType::counter,
+ "How much time was spent within PowerDNS in microseconds")},
+ {"x-ourtime0-1",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Counts responses where between 0 and 1 milliseconds was spent within the Recursor")},
+ {"x-ourtime1-2",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Counts responses where between 1 and 2 milliseconds was spent within the Recursor")},
+ {"x-ourtime2-4",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Counts responses where between 2 and 4 milliseconds was spent within the Recursor")},
+ {"x-ourtime4-8",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Counts responses where between 4 and 8 milliseconds was spent within the Recursor")},
+ {"x-ourtime8-16",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Counts responses where between 8 and 16 milliseconds was spent within the Recursor")},
+ {"x-ourtime16-32",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Counts responses where between 16 and 32 milliseconds was spent within the Recursor")},
+ {"x-ourtime-slow",
+ MetricDefinition(PrometheusMetricType::counter,
+ "Counts responses where more than 32 milliseconds was spent within the Recursor")},
+
+ {"fd-usage",
+ MetricDefinition(PrometheusMetricType::gauge,
+ "Number of open file descriptors")},
+ {"real-memory-usage",
+ MetricDefinition(PrometheusMetricType::gauge,
+ "Number of bytes real process memory usage")},
+ {"udp-in-errors",
+ MetricDefinition(PrometheusMetricType::counter,
+ "From /proc/net/snmp InErrors")},
+ {"udp-noport-errors",
+ MetricDefinition(PrometheusMetricType::counter,
+ "From /proc/net/snmp NoPorts")},
+ {"udp-recvbuf-errors",
+ MetricDefinition(PrometheusMetricType::counter,
+ "From /proc/net/snmp RcvbufErrors")},
+ {"udp-sndbuf-errors",
+ MetricDefinition(PrometheusMetricType::counter,
+ "From /proc/net/snmp SndbufErrors")},
+ };
};
extern MetricDefinitionStorage g_metricDefinitions;
namespace bf
{
- // Based on http://webdocs.cs.ualberta.ca/~drafiei/papers/DupDetExt.pdf
- // Max is always 1 in this implementation, which is best for streaming data
- // This also means we can use a bitset for storing values which is very
- // efficient
- class stableBF {
- public:
- stableBF(float fp_rate, uint32_t num_cells, uint8_t p): d_k(optimalK(fp_rate)), d_num_cells(num_cells), d_p(p), d_cells(num_cells), d_gen(std::random_device()()), d_dis(0, num_cells) {}
- stableBF(uint8_t k, uint32_t num_cells, uint8_t p, const std::string& bitstr): d_k(k), d_num_cells(num_cells), d_p(p), d_cells(bitstr), d_gen(std::random_device()()), d_dis(0, num_cells) {}
- void add(const std::string& data) {
- decrement();
- auto hashes = hash(data);
- for (auto& i : hashes) {
- d_cells.set(i % d_num_cells);
- }
- }
- bool test(const std::string& data) {
- auto hashes = hash(data);
- for (auto& i : hashes) {
- if (d_cells.test(i % d_num_cells) == false)
- return false;
- }
- return true;
+// Based on http://webdocs.cs.ualberta.ca/~drafiei/papers/DupDetExt.pdf
+// Max is always 1 in this implementation, which is best for streaming data
+// This also means we can use a bitset for storing values which is very
+// efficient
+class stableBF
+{
+public:
+ stableBF(float fp_rate, uint32_t num_cells, uint8_t p) :
+ d_k(optimalK(fp_rate)),
+ d_num_cells(num_cells),
+ d_p(p),
+ d_cells(num_cells),
+ d_gen(std::random_device()()),
+ d_dis(0, num_cells) {}
+ stableBF(uint8_t k, uint32_t num_cells, uint8_t p, const std::string& bitstr) :
+ d_k(k),
+ d_num_cells(num_cells),
+ d_p(p),
+ d_cells(bitstr),
+ d_gen(std::random_device()()),
+ d_dis(0, num_cells) {}
+ void add(const std::string& data)
+ {
+ decrement();
+ auto hashes = hash(data);
+ for (auto& i : hashes) {
+ d_cells.set(i % d_num_cells);
}
- bool testAndAdd(const std::string& data) {
- auto hashes = hash(data);
- bool retval = true;
- for (auto& i : hashes) {
- if (d_cells.test(i % d_num_cells) == false) {
- retval = false;
- break;
- }
- }
- decrement();
- for (auto& i : hashes) {
- d_cells.set(i % d_num_cells);
- }
- return retval;
+ }
+ bool test(const std::string& data)
+ {
+ auto hashes = hash(data);
+ for (auto& i : hashes) {
+ if (d_cells.test(i % d_num_cells) == false)
+ return false;
}
- void dump(std::ostream& os) {
- os.write((char*)&d_k, sizeof(d_k));
- uint32_t nint = htonl(d_num_cells);
- os.write((char*)&nint, sizeof(nint));
- os.write((char*)&d_p, sizeof(d_p));
- std::string temp_str;
- boost::to_string(d_cells, temp_str);
- uint32_t bitstr_length = htonl((uint32_t)temp_str.length());
- os.write((char*)&bitstr_length, sizeof(bitstr_length));
- os.write((char*)temp_str.c_str(), temp_str.length());
- if (os.fail()) {
- throw std::runtime_error("SBF: Failed to dump");
+ return true;
+ }
+ bool testAndAdd(const std::string& data)
+ {
+ auto hashes = hash(data);
+ bool retval = true;
+ for (auto& i : hashes) {
+ if (d_cells.test(i % d_num_cells) == false) {
+ retval = false;
+ break;
}
}
- void restore(std::istream& is) {
- uint8_t k, p;
- uint32_t num_cells, bitstr_len;
- is.read((char*)&k, sizeof(k));
- is.read((char*)&num_cells, sizeof(num_cells));
- num_cells = ntohl(num_cells);
- is.read((char*)&p, sizeof(p));
- is.read((char*)&bitstr_len, sizeof(bitstr_len));
- bitstr_len = ntohl(bitstr_len);
- char* bitcstr = new char[bitstr_len];
- is.read((char*)bitcstr, bitstr_len);
- std::string bitstr(bitcstr, bitstr_len);
- delete[] bitcstr;
- stableBF tempbf(k, num_cells, p, bitstr);
- swap(tempbf);
- }
- private:
- unsigned int optimalK(float fp_rate) {
- return std::ceil(std::log2(1/fp_rate));
+ decrement();
+ for (auto& i : hashes) {
+ d_cells.set(i % d_num_cells);
}
- void decrement() {
- // Choose a random cell then decrement the next p-1
- // The stable bloom algorithm described in the paper says
- // to choose p independent positions, but that is much slower
- // and this shouldn't change the properties of the SBF
- size_t r = d_dis(d_gen);
- for (uint64_t i=0; i<d_p; ++i) {
- d_cells.reset((r+i) % d_num_cells);
- }
+ return retval;
+ }
+ void dump(std::ostream& os)
+ {
+ os.write((char*)&d_k, sizeof(d_k));
+ uint32_t nint = htonl(d_num_cells);
+ os.write((char*)&nint, sizeof(nint));
+ os.write((char*)&d_p, sizeof(d_p));
+ std::string temp_str;
+ boost::to_string(d_cells, temp_str);
+ uint32_t bitstr_length = htonl((uint32_t)temp_str.length());
+ os.write((char*)&bitstr_length, sizeof(bitstr_length));
+ os.write((char*)temp_str.c_str(), temp_str.length());
+ if (os.fail()) {
+ throw std::runtime_error("SBF: Failed to dump");
}
- void swap(stableBF& rhs) {
- std::swap(d_k, rhs.d_k);
- std::swap(d_num_cells, rhs.d_num_cells);
- std::swap(d_p, rhs.d_p);
- d_cells.swap(rhs.d_cells);
+ }
+ void restore(std::istream& is)
+ {
+ uint8_t k, p;
+ uint32_t num_cells, bitstr_len;
+ is.read((char*)&k, sizeof(k));
+ is.read((char*)&num_cells, sizeof(num_cells));
+ num_cells = ntohl(num_cells);
+ is.read((char*)&p, sizeof(p));
+ is.read((char*)&bitstr_len, sizeof(bitstr_len));
+ bitstr_len = ntohl(bitstr_len);
+ char* bitcstr = new char[bitstr_len];
+ is.read((char*)bitcstr, bitstr_len);
+ std::string bitstr(bitcstr, bitstr_len);
+ delete[] bitcstr;
+ stableBF tempbf(k, num_cells, p, bitstr);
+ swap(tempbf);
+ }
+
+private:
+ unsigned int optimalK(float fp_rate)
+ {
+ return std::ceil(std::log2(1 / fp_rate));
+ }
+ void decrement()
+ {
+ // Choose a random cell then decrement the next p-1
+ // The stable bloom algorithm described in the paper says
+ // to choose p independent positions, but that is much slower
+ // and this shouldn't change the properties of the SBF
+ size_t r = d_dis(d_gen);
+ for (uint64_t i = 0; i < d_p; ++i) {
+ d_cells.reset((r + i) % d_num_cells);
}
- // This is a double hash implementation returning an array of
- // k hashes
- std::vector<uint32_t> hash(const std::string& data) {
- uint32_t h1, h2;
- MurmurHash3_x86_32(data.c_str(), data.length(), 1, (void*)&h1);
- MurmurHash3_x86_32(data.c_str(), data.length(), 2, (void*)&h2);
- std::vector<uint32_t> ret_hashes(d_k);
- for (size_t i=0; i < d_k; ++i) {
- ret_hashes[i] = h1 + i * h2;
- }
- return ret_hashes;
+ }
+ void swap(stableBF& rhs)
+ {
+ std::swap(d_k, rhs.d_k);
+ std::swap(d_num_cells, rhs.d_num_cells);
+ std::swap(d_p, rhs.d_p);
+ d_cells.swap(rhs.d_cells);
+ }
+ // This is a double hash implementation returning an array of
+ // k hashes
+ std::vector<uint32_t> hash(const std::string& data)
+ {
+ uint32_t h1, h2;
+ MurmurHash3_x86_32(data.c_str(), data.length(), 1, (void*)&h1);
+ MurmurHash3_x86_32(data.c_str(), data.length(), 2, (void*)&h2);
+ std::vector<uint32_t> ret_hashes(d_k);
+ for (size_t i = 0; i < d_k; ++i) {
+ ret_hashes[i] = h1 + i * h2;
}
- uint8_t d_k;
- uint32_t d_num_cells;
- uint8_t d_p;
- boost::dynamic_bitset<> d_cells;
- std::mt19937 d_gen;
- std::uniform_int_distribution<> d_dis;
- };
+ return ret_hashes;
+ }
+ uint8_t d_k;
+ uint32_t d_num_cells;
+ uint8_t d_p;
+ boost::dynamic_bitset<> d_cells;
+ std::mt19937 d_gen;
+ std::uniform_int_distribution<> d_dis;
+};
}
pw.commit();
}
-BOOST_AUTO_TEST_CASE(test_getEDNSOption) {
+BOOST_AUTO_TEST_CASE(test_getEDNSOption)
+{
DNSName name("www.powerdns.com.");
Netmask ecs("127.0.0.1/32");
vector<uint8_t> query;
BOOST_REQUIRE(questionLen > pos + 11);
/* OPT root label (1) followed by type (2) */
BOOST_REQUIRE_EQUAL(query.at(pos), 0);
- BOOST_REQUIRE(query.at(pos+2) == QType::OPT);
+ BOOST_REQUIRE(query.at(pos + 2) == QType::OPT);
char* ecsStart = nullptr;
size_t ecsLen = 0;
- int res = getEDNSOption(reinterpret_cast<char*>(query.data())+pos+9, questionLen - pos - 9, EDNSOptionCode::ECS, &ecsStart, &ecsLen);
+ int res = getEDNSOption(reinterpret_cast<char*>(query.data()) + pos + 9, questionLen - pos - 9, EDNSOptionCode::ECS, &ecsStart, &ecsLen);
BOOST_CHECK_EQUAL(res, 0);
EDNSSubnetOpts eso;
BOOST_CHECK(eso.source == ecs);
}
-BOOST_AUTO_TEST_CASE(test_getEDNSOptions) {
+BOOST_AUTO_TEST_CASE(test_getEDNSOptions)
+{
DNSName name("www.powerdns.com.");
Netmask ecs("127.0.0.1/32");
vector<uint8_t> query;
BOOST_REQUIRE(questionLen > pos + 11);
/* OPT root label (1) followed by type (2) */
BOOST_REQUIRE_EQUAL(query.at(pos), 0);
- BOOST_REQUIRE(query.at(pos+2) == QType::OPT);
+ BOOST_REQUIRE(query.at(pos + 2) == QType::OPT);
EDNSOptionViewMap options;
- int res = getEDNSOptions(reinterpret_cast<char*>(query.data())+pos+9, questionLen - pos - 9, options);
+ int res = getEDNSOptions(reinterpret_cast<char*>(query.data()) + pos + 9, questionLen - pos - 9, options);
BOOST_REQUIRE_EQUAL(res, 0);
/* 3 EDNS options but two of them are EDNS Cookie, so we only have two entries in the map */
BOOST_REQUIRE_EQUAL(ecsOpts.scope.getBits(), parsed.scope.getBits());
}
-BOOST_AUTO_TEST_CASE(test_makeEDNSSubnetOptsString) {
+BOOST_AUTO_TEST_CASE(test_makeEDNSSubnetOptsString)
+{
checkECSOptionValidity("192.0.2.255", 0, 0);
checkECSOptionValidity("192.0.2.255", 8, 0);
#include "dnsrecords.hh"
#include "filterpo.hh"
-BOOST_AUTO_TEST_CASE(test_filter_policies_basic) {
+BOOST_AUTO_TEST_CASE(test_filter_policies_basic)
+{
DNSFilterEngine dfe;
std::string zoneName("Unit test policy 0");
{
/* blocked NS name */
- auto matchingPolicy = dfe.getProcessingPolicy(nsName, std::unordered_map<std::string,bool>());
+ auto matchingPolicy = dfe.getProcessingPolicy(nsName, std::unordered_map<std::string, bool>());
BOOST_CHECK(matchingPolicy.d_type == DNSFilterEngine::PolicyType::NSDName);
BOOST_CHECK(matchingPolicy.d_kind == DNSFilterEngine::PolicyKind::Drop);
BOOST_CHECK(zonePolicy == matchingPolicy);
/* but a subdomain should not be blocked (not a wildcard, and this is not suffix domain matching */
- matchingPolicy = dfe.getProcessingPolicy(DNSName("sub") + nsName, std::unordered_map<std::string,bool>());
+ matchingPolicy = dfe.getProcessingPolicy(DNSName("sub") + nsName, std::unordered_map<std::string, bool>());
BOOST_CHECK(matchingPolicy.d_type == DNSFilterEngine::PolicyType::None);
BOOST_CHECK(zone->findExactNSPolicy(DNSName("sub") + nsName, zonePolicy) == false);
}
{
/* blocked NS name via wildcard */
- const auto matchingPolicy = dfe.getProcessingPolicy(DNSName("sub.sub.wildcard.wolf."), std::unordered_map<std::string,bool>());
+ const auto matchingPolicy = dfe.getProcessingPolicy(DNSName("sub.sub.wildcard.wolf."), std::unordered_map<std::string, bool>());
BOOST_CHECK(matchingPolicy.d_type == DNSFilterEngine::PolicyType::NSDName);
BOOST_CHECK(matchingPolicy.d_kind == DNSFilterEngine::PolicyKind::Drop);
/* looking for wildcard.wolf. should not match *.wildcard-blocked. */
- const auto notMatchingPolicy = dfe.getProcessingPolicy(DNSName("wildcard.wolf."), std::unordered_map<std::string,bool>());
+ const auto notMatchingPolicy = dfe.getProcessingPolicy(DNSName("wildcard.wolf."), std::unordered_map<std::string, bool>());
BOOST_CHECK(notMatchingPolicy.d_type == DNSFilterEngine::PolicyType::None);
/* a direct lookup would not match */
{
/* allowed NS name */
- const auto matchingPolicy = dfe.getProcessingPolicy(DNSName("ns.bad.rabbit."), std::unordered_map<std::string,bool>());
+ const auto matchingPolicy = dfe.getProcessingPolicy(DNSName("ns.bad.rabbit."), std::unordered_map<std::string, bool>());
BOOST_CHECK(matchingPolicy.d_type == DNSFilterEngine::PolicyType::None);
DNSFilterEngine::Policy zonePolicy;
BOOST_CHECK(zone->findExactNSPolicy(DNSName("ns.bad.rabbit."), zonePolicy) == false);
{
/* blocked NS IP */
- const auto matchingPolicy = dfe.getProcessingPolicy(nsIP, std::unordered_map<std::string,bool>());
+ const auto matchingPolicy = dfe.getProcessingPolicy(nsIP, std::unordered_map<std::string, bool>());
BOOST_CHECK(matchingPolicy.d_type == DNSFilterEngine::PolicyType::NSIP);
BOOST_CHECK(matchingPolicy.d_kind == DNSFilterEngine::PolicyKind::Drop);
DNSFilterEngine::Policy zonePolicy;
{
/* allowed NS IP */
- const auto matchingPolicy = dfe.getProcessingPolicy(ComboAddress("192.0.2.142"), std::unordered_map<std::string,bool>());
+ const auto matchingPolicy = dfe.getProcessingPolicy(ComboAddress("192.0.2.142"), std::unordered_map<std::string, bool>());
BOOST_CHECK(matchingPolicy.d_type == DNSFilterEngine::PolicyType::None);
DNSFilterEngine::Policy zonePolicy;
BOOST_CHECK(zone->findNSIPPolicy(ComboAddress("192.0.2.142"), zonePolicy) == false);
{
/* blocked qname */
- auto matchingPolicy = dfe.getQueryPolicy(blockedName, ComboAddress("192.0.2.142"), std::unordered_map<std::string,bool>());
+ auto matchingPolicy = dfe.getQueryPolicy(blockedName, ComboAddress("192.0.2.142"), std::unordered_map<std::string, bool>());
BOOST_CHECK(matchingPolicy.d_type == DNSFilterEngine::PolicyType::QName);
BOOST_CHECK(matchingPolicy.d_kind == DNSFilterEngine::PolicyKind::Drop);
DNSFilterEngine::Policy zonePolicy;
BOOST_CHECK(zonePolicy == matchingPolicy);
/* but a subdomain should not be blocked (not a wildcard, and this is not suffix domain matching */
- matchingPolicy = dfe.getQueryPolicy(DNSName("sub") + blockedName, ComboAddress("192.0.2.142"), std::unordered_map<std::string,bool>());
+ matchingPolicy = dfe.getQueryPolicy(DNSName("sub") + blockedName, ComboAddress("192.0.2.142"), std::unordered_map<std::string, bool>());
BOOST_CHECK(matchingPolicy.d_type == DNSFilterEngine::PolicyType::None);
BOOST_CHECK(zone->findExactQNamePolicy(DNSName("sub") + blockedName, zonePolicy) == false);
}
{
/* blocked NS name via wildcard */
- const auto matchingPolicy = dfe.getQueryPolicy(DNSName("sub.sub.wildcard-blocked."), ComboAddress("192.0.2.142"), std::unordered_map<std::string,bool>());
+ const auto matchingPolicy = dfe.getQueryPolicy(DNSName("sub.sub.wildcard-blocked."), ComboAddress("192.0.2.142"), std::unordered_map<std::string, bool>());
BOOST_CHECK(matchingPolicy.d_type == DNSFilterEngine::PolicyType::QName);
BOOST_CHECK(matchingPolicy.d_kind == DNSFilterEngine::PolicyKind::Drop);
/* looking for wildcard-blocked. should not match *.wildcard-blocked. */
- const auto notMatchingPolicy = dfe.getQueryPolicy(DNSName("wildcard-blocked."), ComboAddress("192.0.2.142"), std::unordered_map<std::string,bool>());
+ const auto notMatchingPolicy = dfe.getQueryPolicy(DNSName("wildcard-blocked."), ComboAddress("192.0.2.142"), std::unordered_map<std::string, bool>());
BOOST_CHECK(notMatchingPolicy.d_type == DNSFilterEngine::PolicyType::None);
/* a direct lookup would not match */
{
/* blocked client IP */
- const auto matchingPolicy = dfe.getQueryPolicy(DNSName("totally.legit."), clientIP, std::unordered_map<std::string,bool>());
+ const auto matchingPolicy = dfe.getQueryPolicy(DNSName("totally.legit."), clientIP, std::unordered_map<std::string, bool>());
BOOST_CHECK(matchingPolicy.d_type == DNSFilterEngine::PolicyType::ClientIP);
BOOST_CHECK(matchingPolicy.d_kind == DNSFilterEngine::PolicyKind::Drop);
DNSFilterEngine::Policy zonePolicy;
{
/* not blocked */
- const auto matchingPolicy = dfe.getQueryPolicy(DNSName("totally.legit."), ComboAddress("192.0.2.142"), std::unordered_map<std::string,bool>());
+ const auto matchingPolicy = dfe.getQueryPolicy(DNSName("totally.legit."), ComboAddress("192.0.2.142"), std::unordered_map<std::string, bool>());
BOOST_CHECK(matchingPolicy.d_type == DNSFilterEngine::PolicyType::None);
DNSFilterEngine::Policy zonePolicy;
BOOST_CHECK(zone->findClientPolicy(ComboAddress("192.0.2.142"), zonePolicy) == false);
DNSRecord dr;
dr.d_type = QType::A;
dr.d_content = DNSRecordContent::mastermake(QType::A, QClass::IN, responseIP.toString());
- const auto matchingPolicy = dfe.getPostPolicy({ dr }, std::unordered_map<std::string,bool>());
+ const auto matchingPolicy = dfe.getPostPolicy({dr}, std::unordered_map<std::string, bool>());
BOOST_CHECK(matchingPolicy.d_type == DNSFilterEngine::PolicyType::ResponseIP);
BOOST_CHECK(matchingPolicy.d_kind == DNSFilterEngine::PolicyKind::Drop);
DNSFilterEngine::Policy zonePolicy;
DNSRecord dr;
dr.d_type = QType::A;
dr.d_content = DNSRecordContent::mastermake(QType::A, QClass::IN, "192.0.2.142");
- const auto matchingPolicy = dfe.getPostPolicy({ dr }, std::unordered_map<std::string,bool>());
+ const auto matchingPolicy = dfe.getPostPolicy({dr}, std::unordered_map<std::string, bool>());
BOOST_CHECK(matchingPolicy.d_type == DNSFilterEngine::PolicyType::None);
DNSFilterEngine::Policy zonePolicy;
BOOST_CHECK(zone->findResponsePolicy(ComboAddress("192.0.2.142"), zonePolicy) == false);
BOOST_CHECK(dfe.getZone(zoneIdx) == zone);
}
-BOOST_AUTO_TEST_CASE(test_filter_policies_wildcard_with_enc) {
+BOOST_AUTO_TEST_CASE(test_filter_policies_wildcard_with_enc)
+{
DNSFilterEngine dfe;
-
+
std::string zoneName("Unit test policy wc");
auto zone = std::make_shared<DNSFilterEngine::Zone>();
zone->setName(zoneName);
zone->setRefresh(99);
zone->addQNameTrigger(DNSName("bcbsks.com.102.112.2o7.net."),
- DNSFilterEngine::Policy(DNSFilterEngine::PolicyKind::NoAction,
- DNSFilterEngine::PolicyType::QName));
+ DNSFilterEngine::Policy(DNSFilterEngine::PolicyKind::NoAction,
+ DNSFilterEngine::PolicyType::QName));
zone->addQNameTrigger(DNSName("2o7.net."),
- DNSFilterEngine::Policy(DNSFilterEngine::PolicyKind::Drop,
- DNSFilterEngine::PolicyType::QName));
+ DNSFilterEngine::Policy(DNSFilterEngine::PolicyKind::Drop,
+ DNSFilterEngine::PolicyType::QName));
zone->addQNameTrigger(DNSName("*.2o7.net."),
- DNSFilterEngine::Policy(DNSFilterEngine::PolicyKind::Drop,
- DNSFilterEngine::PolicyType::QName));
+ DNSFilterEngine::Policy(DNSFilterEngine::PolicyKind::Drop,
+ DNSFilterEngine::PolicyType::QName));
dfe.addZone(zone);
ComboAddress address("192.0.2.142");
-
+
{
const DNSName tstName("bcbsks.com.102.112.2o7.net.");
- auto matchingPolicy = dfe.getQueryPolicy(tstName, address, std::unordered_map<std::string,bool>());
+ auto matchingPolicy = dfe.getQueryPolicy(tstName, address, std::unordered_map<std::string, bool>());
BOOST_CHECK(matchingPolicy.d_type == DNSFilterEngine::PolicyType::QName);
BOOST_CHECK(matchingPolicy.d_kind == DNSFilterEngine::PolicyKind::NoAction);
}
{
const DNSName tstName("2o7.net.");
- auto matchingPolicy = dfe.getQueryPolicy(tstName, address, std::unordered_map<std::string,bool>());
+ auto matchingPolicy = dfe.getQueryPolicy(tstName, address, std::unordered_map<std::string, bool>());
BOOST_CHECK(matchingPolicy.d_type == DNSFilterEngine::PolicyType::QName);
BOOST_CHECK(matchingPolicy.d_kind == DNSFilterEngine::PolicyKind::Drop);
}
// Once fixed the BOOST_WARN should becomes BOOST_CHECK
const string m("Please fix issue #8321");
-
+
{
const DNSName tstName("112.2o7.net.");
- auto matchingPolicy = dfe.getQueryPolicy(tstName, address, std::unordered_map<std::string,bool>());
+ auto matchingPolicy = dfe.getQueryPolicy(tstName, address, std::unordered_map<std::string, bool>());
BOOST_WARN_MESSAGE(matchingPolicy.d_type == DNSFilterEngine::PolicyType::None, m);
BOOST_WARN_MESSAGE(matchingPolicy.d_kind == DNSFilterEngine::PolicyKind::NoAction, m);
}
-
+
{
const DNSName tstName("102.112.2o7.net.");
- auto matchingPolicy = dfe.getQueryPolicy(tstName, address, std::unordered_map<std::string,bool>());
+ auto matchingPolicy = dfe.getQueryPolicy(tstName, address, std::unordered_map<std::string, bool>());
BOOST_WARN_MESSAGE(matchingPolicy.d_type == DNSFilterEngine::PolicyType::None, m);
BOOST_WARN_MESSAGE(matchingPolicy.d_kind == DNSFilterEngine::PolicyKind::NoAction, m);
}
{
const DNSName tstName("com.112.2o7.net.");
- auto matchingPolicy = dfe.getQueryPolicy(tstName, address, std::unordered_map<std::string,bool>());
+ auto matchingPolicy = dfe.getQueryPolicy(tstName, address, std::unordered_map<std::string, bool>());
BOOST_WARN_MESSAGE(matchingPolicy.d_type == DNSFilterEngine::PolicyType::None, m);
BOOST_WARN_MESSAGE(matchingPolicy.d_kind == DNSFilterEngine::PolicyKind::NoAction, m);
}
-
+
{
const DNSName tstName("wcmatch.2o7.net.");
- auto matchingPolicy = dfe.getQueryPolicy(tstName, address, std::unordered_map<std::string,bool>());
+ auto matchingPolicy = dfe.getQueryPolicy(tstName, address, std::unordered_map<std::string, bool>());
BOOST_CHECK(matchingPolicy.d_type == DNSFilterEngine::PolicyType::QName);
BOOST_CHECK(matchingPolicy.d_kind == DNSFilterEngine::PolicyKind::Drop);
}
-
}
-BOOST_AUTO_TEST_CASE(test_filter_policies_local_data) {
+BOOST_AUTO_TEST_CASE(test_filter_policies_local_data)
+{
DNSFilterEngine dfe;
std::string zoneName("Unit test policy local data");
const DNSName bad1("bad1.example.com.");
const DNSName bad2("bad2.example.com.");
- zone->addQNameTrigger(bad1, DNSFilterEngine::Policy(DNSFilterEngine::PolicyKind::Custom, DNSFilterEngine::PolicyType::QName, 0, nullptr, { DNSRecordContent::mastermake(QType::CNAME, QClass::IN, "garden.example.net.") } ));
+ zone->addQNameTrigger(bad1, DNSFilterEngine::Policy(DNSFilterEngine::PolicyKind::Custom, DNSFilterEngine::PolicyType::QName, 0, nullptr, {DNSRecordContent::mastermake(QType::CNAME, QClass::IN, "garden.example.net.")}));
BOOST_CHECK_EQUAL(zone->size(), 1U);
- zone->addQNameTrigger(bad2, DNSFilterEngine::Policy(DNSFilterEngine::PolicyKind::Custom, DNSFilterEngine::PolicyType::QName, 0, nullptr, { DNSRecordContent::mastermake(QType::A, QClass::IN, "192.0.2.1") } ));
+ zone->addQNameTrigger(bad2, DNSFilterEngine::Policy(DNSFilterEngine::PolicyKind::Custom, DNSFilterEngine::PolicyType::QName, 0, nullptr, {DNSRecordContent::mastermake(QType::A, QClass::IN, "192.0.2.1")}));
BOOST_CHECK_EQUAL(zone->size(), 2U);
- zone->addQNameTrigger(bad2, DNSFilterEngine::Policy(DNSFilterEngine::PolicyKind::Custom, DNSFilterEngine::PolicyType::QName, 0, nullptr, { DNSRecordContent::mastermake(QType::A, QClass::IN, "192.0.2.2") } ));
+ zone->addQNameTrigger(bad2, DNSFilterEngine::Policy(DNSFilterEngine::PolicyKind::Custom, DNSFilterEngine::PolicyType::QName, 0, nullptr, {DNSRecordContent::mastermake(QType::A, QClass::IN, "192.0.2.2")}));
BOOST_CHECK_EQUAL(zone->size(), 2U);
- zone->addQNameTrigger(bad2, DNSFilterEngine::Policy(DNSFilterEngine::PolicyKind::Custom, DNSFilterEngine::PolicyType::QName, 0, nullptr, { DNSRecordContent::mastermake(QType::MX, QClass::IN, "10 garden-mail.example.net.") } ));
+ zone->addQNameTrigger(bad2, DNSFilterEngine::Policy(DNSFilterEngine::PolicyKind::Custom, DNSFilterEngine::PolicyType::QName, 0, nullptr, {DNSRecordContent::mastermake(QType::MX, QClass::IN, "10 garden-mail.example.net.")}));
BOOST_CHECK_EQUAL(zone->size(), 2U);
dfe.addZone(zone);
{
/* exact type does not exist, but we have a CNAME */
- const auto matchingPolicy = dfe.getQueryPolicy(bad1, ComboAddress("192.0.2.142"), std::unordered_map<std::string,bool>());
+ const auto matchingPolicy = dfe.getQueryPolicy(bad1, ComboAddress("192.0.2.142"), std::unordered_map<std::string, bool>());
BOOST_CHECK(matchingPolicy.d_type == DNSFilterEngine::PolicyType::QName);
BOOST_CHECK(matchingPolicy.d_kind == DNSFilterEngine::PolicyKind::Custom);
auto records = matchingPolicy.getCustomRecords(bad1, QType::A);
{
/* exact type exists */
- const auto matchingPolicy = dfe.getQueryPolicy(bad2, ComboAddress("192.0.2.142"), std::unordered_map<std::string,bool>());
+ const auto matchingPolicy = dfe.getQueryPolicy(bad2, ComboAddress("192.0.2.142"), std::unordered_map<std::string, bool>());
BOOST_CHECK(matchingPolicy.d_type == DNSFilterEngine::PolicyType::QName);
BOOST_CHECK(matchingPolicy.d_kind == DNSFilterEngine::PolicyKind::Custom);
}
/* remove only one entry, one of the A local records */
- zone->rmQNameTrigger(bad2, DNSFilterEngine::Policy(DNSFilterEngine::PolicyKind::Custom, DNSFilterEngine::PolicyType::QName, 0, nullptr, { DNSRecordContent::mastermake(QType::A, QClass::IN, "192.0.2.1") } ));
+ zone->rmQNameTrigger(bad2, DNSFilterEngine::Policy(DNSFilterEngine::PolicyKind::Custom, DNSFilterEngine::PolicyType::QName, 0, nullptr, {DNSRecordContent::mastermake(QType::A, QClass::IN, "192.0.2.1")}));
BOOST_CHECK_EQUAL(zone->size(), 2U);
{
/* exact type exists */
- const auto matchingPolicy = dfe.getQueryPolicy(bad2, ComboAddress("192.0.2.142"), std::unordered_map<std::string,bool>());
+ const auto matchingPolicy = dfe.getQueryPolicy(bad2, ComboAddress("192.0.2.142"), std::unordered_map<std::string, bool>());
BOOST_CHECK(matchingPolicy.d_type == DNSFilterEngine::PolicyType::QName);
BOOST_CHECK(matchingPolicy.d_kind == DNSFilterEngine::PolicyKind::Custom);
}
}
-BOOST_AUTO_TEST_CASE(test_multiple_filter_policies) {
+BOOST_AUTO_TEST_CASE(test_multiple_filter_policies)
+{
DNSFilterEngine dfe;
auto zone1 = std::make_shared<DNSFilterEngine::Zone>();
const DNSName bad("bad.example.com.");
- zone1->addQNameTrigger(bad, DNSFilterEngine::Policy(DNSFilterEngine::PolicyKind::Custom, DNSFilterEngine::PolicyType::QName, 0, nullptr, { DNSRecordContent::mastermake(QType::CNAME, QClass::IN, "garden1.example.net.") } ));
- zone2->addQNameTrigger(bad, DNSFilterEngine::Policy(DNSFilterEngine::PolicyKind::Custom, DNSFilterEngine::PolicyType::QName, 0, nullptr, { DNSRecordContent::mastermake(QType::CNAME, QClass::IN, "garden2.example.net.") } ));
+ zone1->addQNameTrigger(bad, DNSFilterEngine::Policy(DNSFilterEngine::PolicyKind::Custom, DNSFilterEngine::PolicyType::QName, 0, nullptr, {DNSRecordContent::mastermake(QType::CNAME, QClass::IN, "garden1.example.net.")}));
+ zone2->addQNameTrigger(bad, DNSFilterEngine::Policy(DNSFilterEngine::PolicyKind::Custom, DNSFilterEngine::PolicyType::QName, 0, nullptr, {DNSRecordContent::mastermake(QType::CNAME, QClass::IN, "garden2.example.net.")}));
dfe.addZone(zone1);
dfe.addZone(zone2);
{
/* zone 1 should match first */
- const auto matchingPolicy = dfe.getQueryPolicy(bad, ComboAddress("192.0.2.142"), std::unordered_map<std::string,bool>());
+ const auto matchingPolicy = dfe.getQueryPolicy(bad, ComboAddress("192.0.2.142"), std::unordered_map<std::string, bool>());
BOOST_CHECK(matchingPolicy.d_type == DNSFilterEngine::PolicyType::QName);
BOOST_CHECK(matchingPolicy.d_kind == DNSFilterEngine::PolicyKind::Custom);
auto records = matchingPolicy.getCustomRecords(bad, QType::A);
{
/* zone 1 should still match if zone 2 has been disabled */
- const auto matchingPolicy = dfe.getQueryPolicy(bad, ComboAddress("192.0.2.142"), { { *(zone2->getName()), true } });
+ const auto matchingPolicy = dfe.getQueryPolicy(bad, ComboAddress("192.0.2.142"), {{*(zone2->getName()), true}});
BOOST_CHECK(matchingPolicy.d_type == DNSFilterEngine::PolicyType::QName);
BOOST_CHECK(matchingPolicy.d_kind == DNSFilterEngine::PolicyKind::Custom);
auto records = matchingPolicy.getCustomRecords(bad, QType::A);
{
/* if zone 1 is disabled, zone 2 should match */
- const auto matchingPolicy = dfe.getQueryPolicy(bad, ComboAddress("192.0.2.142"), { { *(zone1->getName()), true } });
+ const auto matchingPolicy = dfe.getQueryPolicy(bad, ComboAddress("192.0.2.142"), {{*(zone1->getName()), true}});
BOOST_CHECK(matchingPolicy.d_type == DNSFilterEngine::PolicyType::QName);
BOOST_CHECK(matchingPolicy.d_kind == DNSFilterEngine::PolicyKind::Custom);
auto records = matchingPolicy.getCustomRecords(bad, QType::A);
{
/* if both zones are disabled, we should not match */
- const auto matchingPolicy = dfe.getQueryPolicy(bad, ComboAddress("192.0.2.142"), { { *(zone1->getName()), true }, { *(zone2->getName()), true } });
+ const auto matchingPolicy = dfe.getQueryPolicy(bad, ComboAddress("192.0.2.142"), {{*(zone1->getName()), true}, {*(zone2->getName()), true}});
BOOST_CHECK(matchingPolicy.d_type == DNSFilterEngine::PolicyType::None);
}
-
}
static void doSomething(void* p)
{
MTasker<>* mt = reinterpret_cast<MTasker<>*>(p);
- int i=12, o;
+ int i = 12, o;
if (mt->waitEvent(i, &o) == 1)
g_result = o;
}
-BOOST_AUTO_TEST_CASE(test_Simple) {
+BOOST_AUTO_TEST_CASE(test_Simple)
+{
MTasker<> mt;
mt.makeThread(doSomething, &mt);
struct timeval now;
gettimeofday(&now, 0);
- bool first=true;
- int o=24;
- for(;;) {
- while(mt.schedule(&now));
- if(first) {
+ bool first = true;
+ int o = 24;
+ for (;;) {
+ while (mt.schedule(&now))
+ ;
+ if (first) {
mt.sendEvent(12, &o);
- first=false;
+ first = false;
}
- if(mt.noProcesses())
+ if (mt.noProcesses())
break;
}
BOOST_CHECK_EQUAL(g_result, o);
throw std::runtime_error("Help!");
}
+BOOST_AUTO_TEST_CASE(test_MtaskerException)
+{
+ BOOST_CHECK_THROW({
+ MTasker<> mt;
+ mt.makeThread(willThrow, 0);
+ struct timeval now;
-BOOST_AUTO_TEST_CASE(test_MtaskerException) {
- BOOST_CHECK_THROW( {
- MTasker<> mt;
- mt.makeThread(willThrow, 0);
- struct timeval now;
-
- for(;;) {
- mt.schedule(&now);
- }
- }, std::exception);
+ for (;;) {
+ mt.schedule(&now);
+ }
+ },
+ std::exception);
}
BOOST_AUTO_TEST_SUITE_END()
#include "dnsrecords.hh"
#include "utility.hh"
-static recordsAndSignatures genRecsAndSigs(const DNSName& name, const uint16_t qtype, const string& content, bool sigs) {
+static recordsAndSignatures genRecsAndSigs(const DNSName& name, const uint16_t qtype, const string& content, bool sigs)
+{
recordsAndSignatures ret;
DNSRecord rec;
return ret;
}
-static NegCache::NegCacheEntry genNegCacheEntry(const DNSName& name, const DNSName& auth, const struct timeval& now, const uint16_t qtype=0) {
+static NegCache::NegCacheEntry genNegCacheEntry(const DNSName& name, const DNSName& auth, const struct timeval& now, const uint16_t qtype = 0)
+{
NegCache::NegCacheEntry ret;
ret.d_name = name;
BOOST_AUTO_TEST_SUITE(negcache_cc)
-BOOST_AUTO_TEST_CASE(test_get_entry) {
+BOOST_AUTO_TEST_CASE(test_get_entry)
+{
/* Add a full name negative entry to the cache and attempt to get an entry for
* the A record. Should yield the full name does not exist entry
*/
BOOST_CHECK_EQUAL(ne->d_auth, auth);
}
-BOOST_AUTO_TEST_CASE(test_get_entry_exact_type) {
+BOOST_AUTO_TEST_CASE(test_get_entry_exact_type)
+{
/* Add a full name negative entry to the cache and attempt to get an entry for
* the A record, asking only for an exact match.
*/
BOOST_CHECK(ne == nullptr);
}
-BOOST_AUTO_TEST_CASE(test_get_NODATA_entry) {
+BOOST_AUTO_TEST_CASE(test_get_NODATA_entry)
+{
DNSName qname("www2.powerdns.com");
DNSName auth("powerdns.com");
BOOST_CHECK(ne2 == nullptr);
}
-BOOST_AUTO_TEST_CASE(test_getRootNXTrust_entry) {
+BOOST_AUTO_TEST_CASE(test_getRootNXTrust_entry)
+{
DNSName qname("com");
DNSName auth(".");
BOOST_CHECK_EQUAL(ne->d_auth, auth);
}
-BOOST_AUTO_TEST_CASE(test_add_and_get_expired_entry) {
+BOOST_AUTO_TEST_CASE(test_add_and_get_expired_entry)
+{
DNSName qname("www2.powerdns.com");
DNSName auth("powerdns.com");
BOOST_CHECK(ne == nullptr);
}
-BOOST_AUTO_TEST_CASE(test_getRootNXTrust_expired_entry) {
+BOOST_AUTO_TEST_CASE(test_getRootNXTrust_expired_entry)
+{
DNSName qname("com");
DNSName auth(".");
BOOST_CHECK(ne == nullptr);
}
-BOOST_AUTO_TEST_CASE(test_add_updated_entry) {
+BOOST_AUTO_TEST_CASE(test_add_updated_entry)
+{
DNSName qname("www2.powerdns.com");
DNSName auth("powerdns.com");
DNSName auth2("com");
BOOST_CHECK_EQUAL(ne->d_auth, auth2);
}
-BOOST_AUTO_TEST_CASE(test_getRootNXTrust) {
+BOOST_AUTO_TEST_CASE(test_getRootNXTrust)
+{
DNSName qname("www2.powerdns.com");
DNSName auth("powerdns.com");
DNSName qname2("com");
BOOST_CHECK_EQUAL(ne->d_auth, auth2);
}
-BOOST_AUTO_TEST_CASE(test_getRootNXTrust_full_domain_only) {
+BOOST_AUTO_TEST_CASE(test_getRootNXTrust_full_domain_only)
+{
DNSName qname("www2.powerdns.com");
DNSName auth("powerdns.com");
DNSName qname2("com");
BOOST_CHECK(ne == nullptr);
}
-BOOST_AUTO_TEST_CASE(test_prune) {
+BOOST_AUTO_TEST_CASE(test_prune)
+{
string qname(".powerdns.com");
DNSName auth("powerdns.com");
NegCache cache;
NegCache::NegCacheEntry ne;
- for(int i = 0; i < 400; i++) {
+ for (int i = 0; i < 400; i++) {
ne = genNegCacheEntry(DNSName(std::to_string(i) + qname), auth, now);
cache.add(ne);
}
BOOST_CHECK_EQUAL(cache.size(), 100U);
}
-BOOST_AUTO_TEST_CASE(test_prune_valid_entries) {
+BOOST_AUTO_TEST_CASE(test_prune_valid_entries)
+{
DNSName power1("powerdns.com.");
DNSName power2("powerdns-1.com.");
DNSName auth("com.");
BOOST_CHECK_EQUAL(got->d_auth, auth);
}
-BOOST_AUTO_TEST_CASE(test_wipe_single) {
+BOOST_AUTO_TEST_CASE(test_wipe_single)
+{
string qname(".powerdns.com");
DNSName auth("powerdns.com");
ne = genNegCacheEntry(auth, auth, now);
cache.add(ne);
- for(int i = 0; i < 400; i++) {
+ for (int i = 0; i < 400; i++) {
ne = genNegCacheEntry(DNSName(std::to_string(i) + qname), auth, now);
cache.add(ne);
}
BOOST_CHECK(ne3 == nullptr);
}
-BOOST_AUTO_TEST_CASE(test_wipe_subtree) {
+BOOST_AUTO_TEST_CASE(test_wipe_subtree)
+{
string qname(".powerdns.com");
string qname2("powerdns.org");
DNSName auth("powerdns.com");
ne = genNegCacheEntry(auth, auth, now);
cache.add(ne);
- for(int i = 0; i < 400; i++) {
+ for (int i = 0; i < 400; i++) {
ne = genNegCacheEntry(DNSName(std::to_string(i) + qname), auth, now);
cache.add(ne);
ne = genNegCacheEntry(DNSName(std::to_string(i) + qname2), auth, now);
BOOST_CHECK_EQUAL(cache.size(), 400U);
}
-BOOST_AUTO_TEST_CASE(test_clear) {
+BOOST_AUTO_TEST_CASE(test_clear)
+{
string qname(".powerdns.com");
DNSName auth("powerdns.com");
NegCache cache;
NegCache::NegCacheEntry ne;
- for(int i = 0; i < 400; i++) {
+ for (int i = 0; i < 400; i++) {
ne = genNegCacheEntry(DNSName(std::to_string(i) + qname), auth, now);
cache.add(ne);
}
BOOST_CHECK_EQUAL(cache.size(), 0U);
}
-BOOST_AUTO_TEST_CASE(test_dumpToFile) {
+BOOST_AUTO_TEST_CASE(test_dumpToFile)
+{
NegCache cache;
vector<string> expected;
expected.push_back("www1.powerdns.com. 600 IN TYPE0 VIA powerdns.com. ; (Indeterminate)\n");
cache.dumpToFile(fp);
rewind(fp);
- char *line = nullptr;
+ char* line = nullptr;
size_t len = 0;
ssize_t read;
fclose(fp);
}
-BOOST_AUTO_TEST_CASE(test_count) {
+BOOST_AUTO_TEST_CASE(test_count)
+{
string qname(".powerdns.com");
string qname2("powerdns.org");
DNSName auth("powerdns.com");
ne = genNegCacheEntry(auth, auth, now);
cache.add(ne);
- for(int i = 0; i < 400; i++) {
+ for (int i = 0; i < 400; i++) {
ne = genNegCacheEntry(DNSName(std::to_string(i) + qname), auth, now);
cache.add(ne);
ne = genNegCacheEntry(DNSName(std::to_string(i) + qname2), auth, now);
BOOST_AUTO_TEST_SUITE(nod_cc)
-bool pdns_exception( PDNSException const& ex ) { return true; }
+bool pdns_exception(PDNSException const& ex) { return true; }
-BOOST_AUTO_TEST_CASE(test_basic) {
+BOOST_AUTO_TEST_CASE(test_basic)
+{
DNSName new_domain1("abc.com."), new_domain2("xyz.com.");
{
NODDB noddb;
- BOOST_CHECK_EXCEPTION( noddb.setCacheDir("/xyz/abc"), PDNSException, pdns_exception);
+ BOOST_CHECK_EXCEPTION(noddb.setCacheDir("/xyz/abc"), PDNSException, pdns_exception);
noddb.setCacheDir("/tmp");
-
+
BOOST_CHECK_EQUAL(noddb.init(), true);
BOOST_CHECK_EQUAL(noddb.isNewDomain(new_domain1), true);
BOOST_CHECK_EQUAL(noddb.isNewDomain(new_domain2), true);
BOOST_CHECK_EQUAL(noddb.isNewDomain(new_domain1), false);
- for (int i=0; i<1000000; ++i) {
+ for (int i = 0; i < 1000000; ++i) {
noddb.isNewDomain("foo.com.");
- }
+ }
noddb.addDomain("abc.com.");
DNSName new_subdomain("foo.abc.com.");
BOOST_AUTO_TEST_SUITE(recursorcache_cc)
-BOOST_AUTO_TEST_CASE(test_RecursorCacheSimple) {
+BOOST_AUTO_TEST_CASE(test_RecursorCacheSimple)
+{
MemRecursorCache MRC;
std::vector<DNSRecord> records;
uint64_t counter = 0;
try {
- for(counter = 0; counter < 100000; ++counter) {
- DNSName a = DNSName("hello ")+DNSName(std::to_string(counter));
+ for (counter = 0; counter < 100000; ++counter) {
+ DNSName a = DNSName("hello ") + DNSName(std::to_string(counter));
BOOST_CHECK_EQUAL(DNSName(a.toString()), a);
MRC.replace(now, a, QType(QType::A), records, signatures, authRecords, true, boost::none);
- if(!MRC.doWipeCache(a, false))
- BOOST_FAIL("Could not remove entry we just added to the cache!");
+ if (!MRC.doWipeCache(a, false))
+ BOOST_FAIL("Could not remove entry we just added to the cache!");
MRC.replace(now, a, QType(QType::A), records, signatures, authRecords, true, boost::none);
}
BOOST_CHECK_EQUAL(MRC.size(), counter);
uint64_t delcounter = 0;
- for(delcounter=0; delcounter < counter/100; ++delcounter) {
- DNSName a = DNSName("hello ")+DNSName(std::to_string(delcounter));
+ for (delcounter = 0; delcounter < counter / 100; ++delcounter) {
+ DNSName a = DNSName("hello ") + DNSName(std::to_string(delcounter));
BOOST_CHECK_EQUAL(MRC.doWipeCache(a, false, QType::A), 1);
}
- BOOST_CHECK_EQUAL(MRC.size(), counter-delcounter);
+ BOOST_CHECK_EQUAL(MRC.size(), counter - delcounter);
std::vector<DNSRecord> retrieved;
ComboAddress who("192.0.2.1");
int64_t matches = 0;
- int64_t expected = counter-delcounter;
+ int64_t expected = counter - delcounter;
- for(; delcounter < counter; ++delcounter) {
- if(MRC.get(now, DNSName("hello ")+DNSName(std::to_string(delcounter)), QType(QType::A), false, &retrieved, who, nullptr)) {
- matches++;
+ for (; delcounter < counter; ++delcounter) {
+ if (MRC.get(now, DNSName("hello ") + DNSName(std::to_string(delcounter)), QType(QType::A), false, &retrieved, who, nullptr)) {
+ matches++;
}
}
BOOST_CHECK_EQUAL(matches, expected);
retrieved.clear();
// subnet specific should be returned for a matching subnet
- BOOST_CHECK_EQUAL(MRC.get(now, power, QType(QType::AAAA), false, &retrieved, ComboAddress("192.0.2.2"), nullptr), (ttd-now));
+ BOOST_CHECK_EQUAL(MRC.get(now, power, QType(QType::AAAA), false, &retrieved, ComboAddress("192.0.2.2"), nullptr), (ttd - now));
BOOST_REQUIRE_EQUAL(retrieved.size(), 1U);
BOOST_CHECK_EQUAL(getRR<AAAARecordContent>(retrieved.at(0))->getCA().toString(), dr1Content.toString());
BOOST_CHECK_EQUAL(MRC.size(), 1U);
// NON-subnet specific should always be returned
- BOOST_CHECK_EQUAL(MRC.get(now, power, QType(QType::A), false, &retrieved, ComboAddress("127.0.0.1"), nullptr), (ttd-now));
+ BOOST_CHECK_EQUAL(MRC.get(now, power, QType(QType::A), false, &retrieved, ComboAddress("127.0.0.1"), nullptr), (ttd - now));
BOOST_REQUIRE_EQUAL(retrieved.size(), 1U);
BOOST_CHECK_EQUAL(getRR<ARecordContent>(retrieved.at(0))->getCA().toString(), dr2Content.toString());
retrieved.clear();
BOOST_CHECK_EQUAL(MRC.size(), 3U);
// we should still get the NON-subnet specific entry
- BOOST_CHECK_EQUAL(MRC.get(now, power, QType(QType::A), false, &retrieved, ComboAddress("127.0.0.1"), nullptr), (ttd-now));
+ BOOST_CHECK_EQUAL(MRC.get(now, power, QType(QType::A), false, &retrieved, ComboAddress("127.0.0.1"), nullptr), (ttd - now));
BOOST_REQUIRE_EQUAL(retrieved.size(), 1U);
BOOST_CHECK_EQUAL(getRR<ARecordContent>(retrieved.at(0))->getCA().toString(), dr2Content.toString());
retrieved.clear();
// we should get the subnet specific entry if we are from the right subnet
- BOOST_CHECK_EQUAL(MRC.get(now, power, QType(QType::AAAA), false, &retrieved, ComboAddress("192.0.2.3"), nullptr), (ttd-now));
+ BOOST_CHECK_EQUAL(MRC.get(now, power, QType(QType::AAAA), false, &retrieved, ComboAddress("192.0.2.3"), nullptr), (ttd - now));
BOOST_REQUIRE_EQUAL(retrieved.size(), 1U);
BOOST_CHECK_EQUAL(getRR<AAAARecordContent>(retrieved.at(0))->getCA().toString(), dr1Content.toString());
retrieved.clear();
retrieved.clear();
// QType::ANY should return any qtype, so from the right subnet we should get all of them
- BOOST_CHECK_EQUAL(MRC.get(now, power, QType(QType::ANY), false, &retrieved, ComboAddress("192.0.2.3"), nullptr), (ttd-now));
+ BOOST_CHECK_EQUAL(MRC.get(now, power, QType(QType::ANY), false, &retrieved, ComboAddress("192.0.2.3"), nullptr), (ttd - now));
BOOST_CHECK_EQUAL(retrieved.size(), 3U);
for (const auto& rec : retrieved) {
BOOST_CHECK(rec.d_type == QType::A || rec.d_type == QType::AAAA || rec.d_type == QType::TXT);
retrieved.clear();
// but only the non-subnet specific from the another subnet
- BOOST_CHECK_EQUAL(MRC.get(now, power, QType(QType::ANY), false, &retrieved, ComboAddress("127.0.0.1"), nullptr), (ttd-now));
+ BOOST_CHECK_EQUAL(MRC.get(now, power, QType(QType::ANY), false, &retrieved, ComboAddress("127.0.0.1"), nullptr), (ttd - now));
BOOST_CHECK_EQUAL(retrieved.size(), 2U);
for (const auto& rec : retrieved) {
BOOST_CHECK(rec.d_type == QType::A || rec.d_type == QType::TXT);
retrieved.clear();
// QType::ADDR should return both A and AAAA but no TXT, so two entries from the right subnet
- BOOST_CHECK_EQUAL(MRC.get(now, power, QType(QType::ADDR), false, &retrieved, ComboAddress("192.0.2.3"), nullptr), (ttd-now));
+ BOOST_CHECK_EQUAL(MRC.get(now, power, QType(QType::ADDR), false, &retrieved, ComboAddress("192.0.2.3"), nullptr), (ttd - now));
BOOST_CHECK_EQUAL(retrieved.size(), 2U);
bool gotA = false;
bool gotAAAA = false;
retrieved.clear();
// but only the non-subnet specific one from the another subnet
- BOOST_CHECK_EQUAL(MRC.get(now, power, QType(QType::ADDR), false, &retrieved, ComboAddress("127.0.0.1"), nullptr), (ttd-now));
+ BOOST_CHECK_EQUAL(MRC.get(now, power, QType(QType::ADDR), false, &retrieved, ComboAddress("127.0.0.1"), nullptr), (ttd - now));
BOOST_REQUIRE_EQUAL(retrieved.size(), 1U);
BOOST_CHECK(retrieved.at(0).d_type == QType::A);
retrieved.clear();
records.push_back(dr2);
MRC.replace(now, power, QType(QType::A), records, signatures, authRecords, true, boost::none);
BOOST_CHECK_EQUAL(MRC.size(), 1U);
- BOOST_CHECK_EQUAL(MRC.get(now, power, QType(QType::A), false, &retrieved, ComboAddress("127.0.0.1"), nullptr), (ttd-now));
+ BOOST_CHECK_EQUAL(MRC.get(now, power, QType(QType::A), false, &retrieved, ComboAddress("127.0.0.1"), nullptr), (ttd - now));
BOOST_CHECK_EQUAL(retrieved.size(), 1U);
DNSRecord dr3;
// non-auth should not replace valid auth
MRC.replace(now, power, QType(QType::A), records, signatures, authRecords, false, boost::none);
BOOST_CHECK_EQUAL(MRC.size(), 1U);
- BOOST_CHECK_EQUAL(MRC.get(now, power, QType(QType::A), false, &retrieved, ComboAddress("127.0.0.1"), nullptr), (ttd-now));
+ BOOST_CHECK_EQUAL(MRC.get(now, power, QType(QType::A), false, &retrieved, ComboAddress("127.0.0.1"), nullptr), (ttd - now));
BOOST_REQUIRE_EQUAL(retrieved.size(), 1U);
BOOST_CHECK_EQUAL(getRR<ARecordContent>(retrieved.at(0))->getCA().toString(), dr2Content.toString());
BOOST_CHECK_EQUAL(MRC.size(), 1U);
// let's first check that non-auth is not returned when we need authoritative data
BOOST_CHECK_EQUAL(MRC.get(now, power, QType(QType::A), true, &retrieved, ComboAddress("127.0.0.1"), nullptr), -now);
- BOOST_CHECK_EQUAL(MRC.get(now, power, QType(QType::A), false, &retrieved, ComboAddress("127.0.0.1"), nullptr), (ttd-now));
+ BOOST_CHECK_EQUAL(MRC.get(now, power, QType(QType::A), false, &retrieved, ComboAddress("127.0.0.1"), nullptr), (ttd - now));
BOOST_REQUIRE_EQUAL(retrieved.size(), 1U);
BOOST_CHECK_EQUAL(getRR<ARecordContent>(retrieved.at(0))->getCA().toString(), dr2Content.toString());
BOOST_CHECK_EQUAL(MRC.size(), 3U);
// we should get the most specific entry for 192.168.0.1, so the second one
- BOOST_CHECK_EQUAL(MRC.get(now, power, QType(QType::A), false, &retrieved, ComboAddress("192.168.0.1"), nullptr), (ttd-now));
+ BOOST_CHECK_EQUAL(MRC.get(now, power, QType(QType::A), false, &retrieved, ComboAddress("192.168.0.1"), nullptr), (ttd - now));
BOOST_REQUIRE_EQUAL(retrieved.size(), 1U);
BOOST_CHECK_EQUAL(getRR<ARecordContent>(retrieved.at(0))->getCA().toString(), dr4Content.toString());
retrieved.clear();
retrieved.clear();
// but we should when we are OK with non-auth
- BOOST_CHECK_EQUAL(MRC.get(now, power, QType(QType::A), false, &retrieved, ComboAddress("192.168.0.1"), nullptr), (ttd-now));
+ BOOST_CHECK_EQUAL(MRC.get(now, power, QType(QType::A), false, &retrieved, ComboAddress("192.168.0.1"), nullptr), (ttd - now));
BOOST_REQUIRE_EQUAL(retrieved.size(), 1U);
BOOST_CHECK_EQUAL(getRR<ARecordContent>(retrieved.at(0))->getCA().toString(), dr2Content.toString());
retrieved.clear();
}
- catch(const PDNSException& e) {
- cerr<<"Had error: "<<e.reason<<endl;
+ catch (const PDNSException& e) {
+ cerr << "Had error: " << e.reason << endl;
throw;
}
}
-BOOST_AUTO_TEST_CASE(test_RecursorCacheGhost) {
+BOOST_AUTO_TEST_CASE(test_RecursorCacheGhost)
+{
MemRecursorCache MRC;
std::vector<DNSRecord> records;
/* the TTL should not have been raisd */
std::vector<DNSRecord> retrieved;
- BOOST_CHECK_EQUAL(MRC.get(now, ghost, QType(QType::NS), false, &retrieved, ComboAddress("192.0.2.2"), nullptr), (ttd-now));
+ BOOST_CHECK_EQUAL(MRC.get(now, ghost, QType(QType::NS), false, &retrieved, ComboAddress("192.0.2.2"), nullptr), (ttd - now));
BOOST_REQUIRE_EQUAL(retrieved.size(), 1U);
BOOST_CHECK_EQUAL(retrieved.at(0).d_ttl, static_cast<uint32_t>(ttd));
}
-BOOST_AUTO_TEST_CASE(test_RecursorCache_ExpungingExpiredEntries) {
+BOOST_AUTO_TEST_CASE(test_RecursorCache_ExpungingExpiredEntries)
+{
MemRecursorCache MRC;
std::vector<DNSRecord> records;
BOOST_CHECK_EQUAL(MRC.get(ttd - 1, power2, QType(dr2.d_type), false, &retrieved, who, nullptr), -1);
}
-BOOST_AUTO_TEST_CASE(test_RecursorCache_ExpungingValidEntries) {
+BOOST_AUTO_TEST_CASE(test_RecursorCache_ExpungingValidEntries)
+{
MemRecursorCache MRC;
std::vector<DNSRecord> records;
BOOST_CHECK_EQUAL(MRC.size(), 1U);
/* the remaining entry should be power2 */
- BOOST_CHECK_EQUAL(MRC.get(now, power2, QType(dr2.d_type), false, &retrieved, who, nullptr), ttd-now);
+ BOOST_CHECK_EQUAL(MRC.get(now, power2, QType(dr2.d_type), false, &retrieved, who, nullptr), ttd - now);
BOOST_REQUIRE_EQUAL(retrieved.size(), 1U);
BOOST_CHECK_EQUAL(getRR<AAAARecordContent>(retrieved.at(0))->getCA().toString(), dr2Content.toString());
/* check that power1 is gone */
BOOST_CHECK_EQUAL(MRC.size(), 1U);
/* the remaining entry should be power1 */
- BOOST_CHECK_EQUAL(MRC.get(now, power1, QType(dr1.d_type), false, &retrieved, who, nullptr), ttd-now);
+ BOOST_CHECK_EQUAL(MRC.get(now, power1, QType(dr1.d_type), false, &retrieved, who, nullptr), ttd - now);
BOOST_REQUIRE_EQUAL(retrieved.size(), 1U);
BOOST_CHECK_EQUAL(getRR<AAAARecordContent>(retrieved.at(0))->getCA().toString(), dr1Content.toString());
/* check that power2 is gone */
BOOST_CHECK_EQUAL(MRC.size(), 2U);
/* get a hit for power1 */
- BOOST_CHECK_EQUAL(MRC.get(now, power1, QType(dr1.d_type), false, &retrieved, who, nullptr), ttd-now);
+ BOOST_CHECK_EQUAL(MRC.get(now, power1, QType(dr1.d_type), false, &retrieved, who, nullptr), ttd - now);
BOOST_REQUIRE_EQUAL(retrieved.size(), 1U);
BOOST_CHECK_EQUAL(getRR<AAAARecordContent>(retrieved.at(0))->getCA().toString(), dr1Content.toString());
BOOST_CHECK_EQUAL(MRC.size(), 1U);
/* the remaining entry should be power1 */
- BOOST_CHECK_EQUAL(MRC.get(now, power1, QType(dr1.d_type), false, &retrieved, who, nullptr), ttd-now);
+ BOOST_CHECK_EQUAL(MRC.get(now, power1, QType(dr1.d_type), false, &retrieved, who, nullptr), ttd - now);
BOOST_REQUIRE_EQUAL(retrieved.size(), 1U);
BOOST_CHECK_EQUAL(getRR<AAAARecordContent>(retrieved.at(0))->getCA().toString(), dr1Content.toString());
/* check that power2 is gone */
BOOST_CHECK_EQUAL(MRC.ecsIndexSize(), 0U);
}
-BOOST_AUTO_TEST_CASE(test_RecursorCacheECSIndex) {
+BOOST_AUTO_TEST_CASE(test_RecursorCacheECSIndex)
+{
MemRecursorCache MRC;
const DNSName power("powerdns.com.");
but it has expired.
The second ECS is a match too, and is valid. */
retrieved.clear();
- BOOST_CHECK_EQUAL(MRC.get(now + 5 + 1, power, QType(QType::A), false, &retrieved, ComboAddress("192.0.2.1")), (ttd - (now +5 + 1)));
+ BOOST_CHECK_EQUAL(MRC.get(now + 5 + 1, power, QType(QType::A), false, &retrieved, ComboAddress("192.0.2.1")), (ttd - (now + 5 + 1)));
BOOST_REQUIRE_EQUAL(retrieved.size(), 1U);
BOOST_CHECK_EQUAL(getRR<ARecordContent>(retrieved.at(0))->getCA().toString(), dr1Content.toString());
BOOST_CHECK_EQUAL(MRC.ecsIndexSize(), 0U);
}
-BOOST_AUTO_TEST_CASE(test_RecursorCache_Wipe) {
+BOOST_AUTO_TEST_CASE(test_RecursorCache_Wipe)
+{
MemRecursorCache MRC;
const DNSName power("powerdns.com.");
// Provide stubs for some symbols
bool g_logRPZChanges{false};
-ComboAddress getQueryLocalAddress(int family, uint16_t port) {
+ComboAddress getQueryLocalAddress(int family, uint16_t port)
+{
cerr << "getQueryLocalAddress() STUBBED IN TEST!" << endl;
BOOST_ASSERT(false);
return ComboAddress();
BOOST_AUTO_TEST_SUITE(rpzloader_cc)
-BOOST_AUTO_TEST_CASE(test_rpz_loader) {
+BOOST_AUTO_TEST_CASE(test_rpz_loader)
+{
string tests[][2] = {
- {"32.3.2.168.192", "192.168.2.3/32"},
- {"27.73.2.168.192", "192.168.2.73/27"},
- {"24.0.2.168.192", "192.168.2.0/24"},
- {"128.57.zz.1.0.db8.2001", "2001:db8:0:1::57/128"},
- {"48.zz.1.0.db8.2001", "2001:db8:0:1::/48"},
- {"128.5.C0A8.FFFF.0.1.0.db8.2001", "2001:db8:0:1:0:ffff:c0a8:5/128"},
-
- {"21.0.248.44.5", "5.44.248.0/21"},
- {"64.0.0.0.0.0.1.0.0.", "0:0:1::/64"},
- {"64.zz.2.0.0", "0:0:2::/64"},
- {"80.0.0.0.1.0.0.0.0", "::1:0:0:0/80"},
- {"80.0.0.0.1.zz", "::1:0:0:0/80"}};
-
- for (auto &test : tests) {
+ {"32.3.2.168.192", "192.168.2.3/32"},
+ {"27.73.2.168.192", "192.168.2.73/27"},
+ {"24.0.2.168.192", "192.168.2.0/24"},
+ {"128.57.zz.1.0.db8.2001", "2001:db8:0:1::57/128"},
+ {"48.zz.1.0.db8.2001", "2001:db8:0:1::/48"},
+ {"128.5.C0A8.FFFF.0.1.0.db8.2001", "2001:db8:0:1:0:ffff:c0a8:5/128"},
+
+ {"21.0.248.44.5", "5.44.248.0/21"},
+ {"64.0.0.0.0.0.1.0.0.", "0:0:1::/64"},
+ {"64.zz.2.0.0", "0:0:2::/64"},
+ {"80.0.0.0.1.0.0.0.0", "::1:0:0:0/80"},
+ {"80.0.0.0.1.zz", "::1:0:0:0/80"}};
+
+ for (auto& test : tests) {
Netmask n = makeNetmaskFromRPZ(DNSName(test[0]));
BOOST_CHECK_EQUAL(n.toString(), test[1]);
}
BOOST_AUTO_TEST_SUITE(test_secpoll_cc)
-bool checkBasicMessage1(const PDNSException &ex) {
+bool checkBasicMessage1(const PDNSException& ex)
+{
BOOST_CHECK_EQUAL(ex.reason, "Had empty answer on NOERROR RCODE");
return true;
}
-bool checkBasicMessage2(const PDNSException &ex) {
+bool checkBasicMessage2(const PDNSException& ex)
+{
BOOST_CHECK_EQUAL(ex.reason, "RCODE was not NOERROR but " + RCode::to_s(1));
return true;
}
-bool checkBasicMessage3(const PDNSException &ex) {
+bool checkBasicMessage3(const PDNSException& ex)
+{
BOOST_CHECK_EQUAL(ex.reason, "No TXT record found in response");
return true;
}
-bool checkBasicMessage4(const PDNSException &ex) {
+bool checkBasicMessage4(const PDNSException& ex)
+{
BOOST_CHECK(ex.reason.find("Could not parse status number: stoi") == 0);
return true;
}
-bool checkBasicMessage5(const PDNSException &ex) {
+bool checkBasicMessage5(const PDNSException& ex)
+{
BOOST_CHECK(ex.reason.find("Could not parse status number: stoi") == 0);
return true;
}
-BOOST_AUTO_TEST_CASE(test_secpoll_basic) {
+BOOST_AUTO_TEST_CASE(test_secpoll_basic)
+{
BOOST_CHECK(!isReleaseVersion(""));
BOOST_CHECK(isReleaseVersion(".."));
BOOST_CHECK(!isReleaseVersion("..."));
-
int status = 0;
std::string message;
v.clear();
addRecordToList(v, DNSName("aname"), QType::TXT, "\"X OK\"");
BOOST_CHECK_EXCEPTION(processSecPoll(0, v, status, message), PDNSException, checkBasicMessage5);
-
}
BOOST_AUTO_TEST_SUITE_END();
/* Fake some required functions we didn't want the trouble to
link with */
-ArgvMap &arg()
+ArgvMap& arg()
{
static ArgvMap theArg;
return theArg;
return false;
}
-int asyncresolve(const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, const std::shared_ptr<std::vector<std::unique_ptr<RemoteLogger>>>& outgoingLoggers, const std::shared_ptr<std::vector<std::unique_ptr<FrameStreamLogger>>>& fstrmLoggers,const std::set<uint16_t>& exportTypes, LWResult* res, bool* chained)
+int asyncresolve(const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, const std::shared_ptr<std::vector<std::unique_ptr<RemoteLogger>>>& outgoingLoggers, const std::shared_ptr<std::vector<std::unique_ptr<FrameStreamLogger>>>& fstrmLoggers, const std::set<uint16_t>& exportTypes, LWResult* res, bool* chained)
{
return 0;
}
void primeHints(void)
{
vector<DNSRecord> nsset;
- if(!t_RC)
+ if (!t_RC)
t_RC = std::unique_ptr<MemRecursorCache>(new MemRecursorCache());
DNSRecord arr, aaaarr, nsrr;
- nsrr.d_name=g_rootdnsname;
- arr.d_type=QType::A;
- aaaarr.d_type=QType::AAAA;
- nsrr.d_type=QType::NS;
- arr.d_ttl=aaaarr.d_ttl=nsrr.d_ttl=time(nullptr)+3600000;
+ nsrr.d_name = g_rootdnsname;
+ arr.d_type = QType::A;
+ aaaarr.d_type = QType::AAAA;
+ nsrr.d_type = QType::NS;
+ arr.d_ttl = aaaarr.d_ttl = nsrr.d_ttl = time(nullptr) + 3600000;
- for(char c='a';c<='m';++c) {
+ for (char c = 'a'; c <= 'm'; ++c) {
char templ[40];
- strncpy(templ,"a.root-servers.net.", sizeof(templ) - 1);
- templ[sizeof(templ)-1] = '\0';
- *templ=c;
- aaaarr.d_name=arr.d_name=DNSName(templ);
- nsrr.d_content=std::make_shared<NSRecordContent>(DNSName(templ));
- arr.d_content=std::make_shared<ARecordContent>(ComboAddress(rootIps4[c-'a']));
+ strncpy(templ, "a.root-servers.net.", sizeof(templ) - 1);
+ templ[sizeof(templ) - 1] = '\0';
+ *templ = c;
+ aaaarr.d_name = arr.d_name = DNSName(templ);
+ nsrr.d_content = std::make_shared<NSRecordContent>(DNSName(templ));
+ arr.d_content = std::make_shared<ARecordContent>(ComboAddress(rootIps4[c - 'a']));
vector<DNSRecord> aset;
aset.push_back(arr);
t_RC->replace(time(nullptr), DNSName(templ), QType(QType::A), aset, vector<std::shared_ptr<RRSIGRecordContent>>(), vector<std::shared_ptr<DNSRecord>>(), true); // auth, nuke it all
- if (rootIps6[c-'a'] != NULL) {
- aaaarr.d_content=std::make_shared<AAAARecordContent>(ComboAddress(rootIps6[c-'a']));
+ if (rootIps6[c - 'a'] != NULL) {
+ aaaarr.d_content = std::make_shared<AAAARecordContent>(ComboAddress(rootIps6[c - 'a']));
vector<DNSRecord> aaaaset;
aaaaset.push_back(aaaarr);
LuaConfigItems::LuaConfigItems()
{
- for (const auto &dsRecord : rootDSs) {
- auto ds=std::dynamic_pointer_cast<DSRecordContent>(DSRecordContent::make(dsRecord));
+ for (const auto& dsRecord : rootDSs) {
+ auto ds = std::dynamic_pointer_cast<DSRecordContent>(DSRecordContent::make(dsRecord));
dsAnchors[g_rootdnsname].insert(*ds);
}
}
t_RC = std::unique_ptr<MemRecursorCache>(new MemRecursorCache());
SyncRes::s_maxqperq = 50;
- SyncRes::s_maxtotusec = 1000*7000;
+ SyncRes::s_maxtotusec = 1000 * 7000;
SyncRes::s_maxdepth = 40;
SyncRes::s_maxnegttl = 3600;
SyncRes::s_maxbogusttl = 3600;
auto luaconfsCopy = g_luaconfs.getCopy();
luaconfsCopy.dfe.clear();
luaconfsCopy.dsAnchors.clear();
- for (const auto &dsRecord : rootDSs) {
- auto ds=std::dynamic_pointer_cast<DSRecordContent>(DSRecordContent::make(dsRecord));
+ for (const auto& dsRecord : rootDSs) {
+ auto ds = std::dynamic_pointer_cast<DSRecordContent>(DSRecordContent::make(dsRecord));
luaconfsCopy.dsAnchors[g_rootdnsname].insert(*ds);
}
luaconfsCopy.negAnchors.clear();
g_dnssecLOG = debug;
g_maxNSEC3Iterations = 2500;
- ::arg().set("version-string", "string reported on version.pdns or version.bind")="PowerDNS Unit Tests";
- ::arg().set("rng")="auto";
- ::arg().set("entropy-source")="/dev/urandom";
+ ::arg().set("version-string", "string reported on version.pdns or version.bind") = "PowerDNS Unit Tests";
+ ::arg().set("rng") = "auto";
+ ::arg().set("entropy-source") = "/dev/urandom";
::arg().setSwitch("qname-minimization", "Use Query Name Minimization") = "yes";
}
return false;
}
-void computeRRSIG(const DNSSECPrivateKey& dpk, const DNSName& signer, const DNSName& signQName, uint16_t signQType, uint32_t signTTL, uint32_t sigValidity, RRSIGRecordContent& rrc, vector<shared_ptr<DNSRecordContent> >& toSign, boost::optional<uint8_t> algo, boost::optional<uint32_t> inception, boost::optional<time_t> now)
+void computeRRSIG(const DNSSECPrivateKey& dpk, const DNSName& signer, const DNSName& signQName, uint16_t signQType, uint32_t signTTL, uint32_t sigValidity, RRSIGRecordContent& rrc, vector<shared_ptr<DNSRecordContent>>& toSign, boost::optional<uint8_t> algo, boost::optional<uint32_t> inception, boost::optional<time_t> now)
{
if (!now) {
now = time(nullptr);
rrc.d_signature = rc->sign(msg);
}
-typedef std::unordered_map<DNSName, std::pair<DNSSECPrivateKey, DSRecordContent> > testkeysset_t;
+typedef std::unordered_map<DNSName, std::pair<DNSSECPrivateKey, DSRecordContent>> testkeysset_t;
bool addRRSIG(const testkeysset_t& keys, std::vector<DNSRecord>& records, const DNSName& signer, uint32_t sigValidity, bool broken, boost::optional<uint8_t> algo, boost::optional<DNSName> wildcard, boost::optional<time_t> now)
{
}
size_t recordsCount = records.size();
- const DNSName& name = records[recordsCount-1].d_name;
- const uint16_t type = records[recordsCount-1].d_type;
+ const DNSName& name = records[recordsCount - 1].d_name;
+ const uint16_t type = records[recordsCount - 1].d_type;
- std::vector<std::shared_ptr<DNSRecordContent> > recordcontents;
+ std::vector<std::shared_ptr<DNSRecordContent>> recordcontents;
for (const auto record : records) {
if (record.d_name == name && record.d_type == type) {
recordcontents.push_back(record.d_content);
}
RRSIGRecordContent rrc;
- computeRRSIG(it->second.first, signer, wildcard ? *wildcard : records[recordsCount-1].d_name, records[recordsCount-1].d_type, records[recordsCount-1].d_ttl, sigValidity, rrc, recordcontents, algo, boost::none, now);
+ computeRRSIG(it->second.first, signer, wildcard ? *wildcard : records[recordsCount - 1].d_name, records[recordsCount - 1].d_type, records[recordsCount - 1].d_ttl, sigValidity, rrc, recordcontents, algo, boost::none, now);
if (broken) {
rrc.d_signature[0] ^= 42;
}
DNSRecord rec;
rec.d_type = QType::RRSIG;
- rec.d_place = records[recordsCount-1].d_place;
- rec.d_name = records[recordsCount-1].d_name;
- rec.d_ttl = records[recordsCount-1].d_ttl;
+ rec.d_place = records[recordsCount - 1].d_place;
+ rec.d_name = records[recordsCount - 1].d_name;
+ rec.d_ttl = records[recordsCount - 1].d_ttl;
rec.d_content = std::make_shared<RRSIGRecordContent>(rrc);
records.push_back(rec);
return true;
}
-void addNSECRecordToLW(const DNSName& domain, const DNSName& next, const std::set<uint16_t>& types, uint32_t ttl, std::vector<DNSRecord>& records)
+void addNSECRecordToLW(const DNSName& domain, const DNSName& next, const std::set<uint16_t>& types, uint32_t ttl, std::vector<DNSRecord>& records)
{
NSECRecordContent nrc;
nrc.d_next = next;
records.push_back(rec);
}
-void addNSEC3RecordToLW(const DNSName& hashedName, const std::string& hashedNext, const std::string& salt, unsigned int iterations, const std::set<uint16_t>& types, uint32_t ttl, std::vector<DNSRecord>& records)
+void addNSEC3RecordToLW(const DNSName& hashedName, const std::string& hashedNext, const std::string& salt, unsigned int iterations, const std::set<uint16_t>& types, uint32_t ttl, std::vector<DNSRecord>& records)
{
NSEC3RecordContent nrc;
nrc.d_algorithm = 1;
records.push_back(rec);
}
-void addNSEC3UnhashedRecordToLW(const DNSName& domain, const DNSName& zone, const std::string& next, const std::set<uint16_t>& types, uint32_t ttl, std::vector<DNSRecord>& records, unsigned int iterations)
+void addNSEC3UnhashedRecordToLW(const DNSName& domain, const DNSName& zone, const std::string& next, const std::set<uint16_t>& types, uint32_t ttl, std::vector<DNSRecord>& records, unsigned int iterations)
{
static const std::string salt = "deadbeef";
std::string hashed = hashQNameWithSalt(salt, iterations, domain);
addNSEC3RecordToLW(DNSName(toBase32Hex(hashed)) + zone, next, salt, iterations, types, ttl, records);
}
-void addNSEC3NarrowRecordToLW(const DNSName& domain, const DNSName& zone, const std::set<uint16_t>& types, uint32_t ttl, std::vector<DNSRecord>& records, unsigned int iterations)
+void addNSEC3NarrowRecordToLW(const DNSName& domain, const DNSName& zone, const std::set<uint16_t>& types, uint32_t ttl, std::vector<DNSRecord>& records, unsigned int iterations)
{
static const std::string salt = "deadbeef";
std::string hashed = hashQNameWithSalt(salt, iterations, domain);
dpk.d_flags = 256;
dpk.setKey(dcke);
DSRecordContent ds = makeDSFromDNSKey(name, dpk.getDNSKEY(), digest);
- keys[name] = std::pair<DNSSECPrivateKey,DSRecordContent>(dpk,ds);
+ keys[name] = std::pair<DNSSECPrivateKey, DSRecordContent>(dpk, ds);
}
-void generateKeyMaterial(const DNSName& name, unsigned int algo, uint8_t digest, testkeysset_t& keys, map<DNSName,dsmap_t>& dsAnchors)
+void generateKeyMaterial(const DNSName& name, unsigned int algo, uint8_t digest, testkeysset_t& keys, map<DNSName, dsmap_t>& dsAnchors)
{
generateKeyMaterial(name, algo, digest, keys);
dsAnchors[name].insert(keys[name].second);
/* sign the SOA */
addRRSIG(keys, res->d_records, auth, 300, false, boost::none, boost::none, now);
/* add a NSEC denying the DS */
- std::set<uint16_t> types = { QType::NSEC };
+ std::set<uint16_t> types = {QType::NSEC};
if (proveCut) {
types.insert(QType::NS);
}
return 0;
}
-int basicRecordsForQnameMinimization(LWResult* res, const DNSName& domain, int type) {
+int basicRecordsForQnameMinimization(LWResult* res, const DNSName& domain, int type)
+{
if (domain == DNSName(".") && type == QType::A) {
setLWResult(res, 0, true);
addRecordToLW(res, DNSName("."), QType::SOA, "a.root-servers.net. nstld.verisign-grs.com. 2019042400 1800 900 604800 86400", DNSResourceRecord::AUTHORITY);
extern GlobalStateHolder<LuaConfigItems> g_luaconfs;
-ArgvMap &arg();
+ArgvMap& arg();
int getMTaskerTID();
void primeHints(void);
-void initSR(bool debug=false);
-void initSR(std::unique_ptr<SyncRes>& sr, bool dnssec=false, bool debug=false, time_t fakeNow=0);
+void initSR(bool debug = false);
+void initSR(std::unique_ptr<SyncRes>& sr, bool dnssec = false, bool debug = false, time_t fakeNow = 0);
void setDNSSECValidation(std::unique_ptr<SyncRes>& sr, const DNSSECMode& mode);
-void setLWResult(LWResult* res, int rcode, bool aa=false, bool tc=false, bool edns=false, bool validpacket=true);
+void setLWResult(LWResult* res, int rcode, bool aa = false, bool tc = false, bool edns = false, bool validpacket = true);
-void addRecordToLW(LWResult* res, const DNSName& name, uint16_t type, const std::string& content, DNSResourceRecord::Place place=DNSResourceRecord::ANSWER, uint32_t ttl=60);
+void addRecordToLW(LWResult* res, const DNSName& name, uint16_t type, const std::string& content, DNSResourceRecord::Place place = DNSResourceRecord::ANSWER, uint32_t ttl = 60);
-void addRecordToLW(LWResult* res, const std::string& name, uint16_t type, const std::string& content, DNSResourceRecord::Place place=DNSResourceRecord::ANSWER, uint32_t ttl=60);
+void addRecordToLW(LWResult* res, const std::string& name, uint16_t type, const std::string& content, DNSResourceRecord::Place place = DNSResourceRecord::ANSWER, uint32_t ttl = 60);
bool isRootServer(const ComboAddress& ip);
+void computeRRSIG(const DNSSECPrivateKey& dpk, const DNSName& signer, const DNSName& signQName, uint16_t signQType, uint32_t signTTL, uint32_t sigValidity, RRSIGRecordContent& rrc, vector<shared_ptr<DNSRecordContent>>& toSign, boost::optional<uint8_t> algo = boost::none, boost::optional<uint32_t> inception = boost::none, boost::optional<time_t> now = boost::none);
-void computeRRSIG(const DNSSECPrivateKey& dpk, const DNSName& signer, const DNSName& signQName, uint16_t signQType, uint32_t signTTL, uint32_t sigValidity, RRSIGRecordContent& rrc, vector<shared_ptr<DNSRecordContent> >& toSign, boost::optional<uint8_t> algo=boost::none, boost::optional<uint32_t> inception=boost::none, boost::optional<time_t> now=boost::none);
-
-typedef std::unordered_map<DNSName, std::pair<DNSSECPrivateKey, DSRecordContent> > testkeysset_t;
-
-bool addRRSIG(const testkeysset_t& keys, std::vector<DNSRecord>& records, const DNSName& signer, uint32_t sigValidity, bool broken=false, boost::optional<uint8_t> algo=boost::none, boost::optional<DNSName> wildcard=boost::none, boost::optional<time_t> now=boost::none);
+typedef std::unordered_map<DNSName, std::pair<DNSSECPrivateKey, DSRecordContent>> testkeysset_t;
+bool addRRSIG(const testkeysset_t& keys, std::vector<DNSRecord>& records, const DNSName& signer, uint32_t sigValidity, bool broken = false, boost::optional<uint8_t> algo = boost::none, boost::optional<DNSName> wildcard = boost::none, boost::optional<time_t> now = boost::none);
void addDNSKEY(const testkeysset_t& keys, const DNSName& signer, uint32_t ttl, std::vector<DNSRecord>& records);
-bool addDS(const DNSName& domain, uint32_t ttl, std::vector<DNSRecord>& records, const testkeysset_t& keys, DNSResourceRecord::Place place=DNSResourceRecord::AUTHORITY);
+bool addDS(const DNSName& domain, uint32_t ttl, std::vector<DNSRecord>& records, const testkeysset_t& keys, DNSResourceRecord::Place place = DNSResourceRecord::AUTHORITY);
-void addNSECRecordToLW(const DNSName& domain, const DNSName& next, const std::set<uint16_t>& types, uint32_t ttl, std::vector<DNSRecord>& records);
+void addNSECRecordToLW(const DNSName& domain, const DNSName& next, const std::set<uint16_t>& types, uint32_t ttl, std::vector<DNSRecord>& records);
-void addNSEC3RecordToLW(const DNSName& hashedName, const std::string& hashedNext, const std::string& salt, unsigned int iterations, const std::set<uint16_t>& types, uint32_t ttl, std::vector<DNSRecord>& records);
+void addNSEC3RecordToLW(const DNSName& hashedName, const std::string& hashedNext, const std::string& salt, unsigned int iterations, const std::set<uint16_t>& types, uint32_t ttl, std::vector<DNSRecord>& records);
-void addNSEC3UnhashedRecordToLW(const DNSName& domain, const DNSName& zone, const std::string& next, const std::set<uint16_t>& types, uint32_t ttl, std::vector<DNSRecord>& records, unsigned int iterations=10);
+void addNSEC3UnhashedRecordToLW(const DNSName& domain, const DNSName& zone, const std::string& next, const std::set<uint16_t>& types, uint32_t ttl, std::vector<DNSRecord>& records, unsigned int iterations = 10);
-void addNSEC3NarrowRecordToLW(const DNSName& domain, const DNSName& zone, const std::set<uint16_t>& types, uint32_t ttl, std::vector<DNSRecord>& records, unsigned int iterations=10);
+void addNSEC3NarrowRecordToLW(const DNSName& domain, const DNSName& zone, const std::set<uint16_t>& types, uint32_t ttl, std::vector<DNSRecord>& records, unsigned int iterations = 10);
void generateKeyMaterial(const DNSName& name, unsigned int algo, uint8_t digest, testkeysset_t& keys);
-void generateKeyMaterial(const DNSName& name, unsigned int algo, uint8_t digest, testkeysset_t& keys, map<DNSName,dsmap_t>& dsAnchors);
+void generateKeyMaterial(const DNSName& name, unsigned int algo, uint8_t digest, testkeysset_t& keys, map<DNSName, dsmap_t>& dsAnchors);
-int genericDSAndDNSKEYHandler(LWResult* res, const DNSName& domain, DNSName auth, int type, const testkeysset_t& keys, bool proveCut=true, boost::optional<time_t> now=boost::none);
+int genericDSAndDNSKEYHandler(LWResult* res, const DNSName& domain, DNSName auth, int type, const testkeysset_t& keys, bool proveCut = true, boost::optional<time_t> now = boost::none);
int basicRecordsForQnameMinimization(LWResult* res, const DNSName& domain, int type);
-
BOOST_AUTO_TEST_SUITE(syncres_cc1)
-BOOST_AUTO_TEST_CASE(test_root_primed) {
+BOOST_AUTO_TEST_CASE(test_root_primed)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr);
BOOST_CHECK_EQUAL(ret[0].d_name, target);
}
-BOOST_AUTO_TEST_CASE(test_root_primed_ns) {
+BOOST_AUTO_TEST_CASE(test_root_primed_ns)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr);
size_t queriesCount = 0;
- sr->setAsyncCallback([target,&queriesCount](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
- queriesCount++;
+ sr->setAsyncCallback([target, &queriesCount](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queriesCount++;
- if (domain == target && type == QType::NS) {
+ if (domain == target && type == QType::NS) {
- setLWResult(res, 0, true, false, true);
- char addr[] = "a.root-servers.net.";
- for (char idx = 'a'; idx <= 'm'; idx++) {
- addr[0] = idx;
- addRecordToLW(res, g_rootdnsname, QType::NS, std::string(addr), DNSResourceRecord::ANSWER, 3600);
- }
+ setLWResult(res, 0, true, false, true);
+ char addr[] = "a.root-servers.net.";
+ for (char idx = 'a'; idx <= 'm'; idx++) {
+ addr[0] = idx;
+ addRecordToLW(res, g_rootdnsname, QType::NS, std::string(addr), DNSResourceRecord::ANSWER, 3600);
+ }
- addRecordToLW(res, "a.root-servers.net.", QType::A, "198.41.0.4", DNSResourceRecord::ADDITIONAL, 3600);
- addRecordToLW(res, "a.root-servers.net.", QType::AAAA, "2001:503:ba3e::2:30", DNSResourceRecord::ADDITIONAL, 3600);
+ addRecordToLW(res, "a.root-servers.net.", QType::A, "198.41.0.4", DNSResourceRecord::ADDITIONAL, 3600);
+ addRecordToLW(res, "a.root-servers.net.", QType::AAAA, "2001:503:ba3e::2:30", DNSResourceRecord::ADDITIONAL, 3600);
- return 1;
- }
+ return 1;
+ }
- return 0;
- });
+ return 0;
+ });
vector<DNSRecord> ret;
int res = sr->beginResolve(target, QType(QType::NS), QClass::IN, ret);
BOOST_CHECK_EQUAL(queriesCount, 1U);
}
-BOOST_AUTO_TEST_CASE(test_root_not_primed) {
+BOOST_AUTO_TEST_CASE(test_root_not_primed)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr);
size_t queriesCount = 0;
sr->setAsyncCallback([&queriesCount](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
- queriesCount++;
+ queriesCount++;
- if (domain == g_rootdnsname && type == QType::NS) {
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, g_rootdnsname, QType::NS, "a.root-servers.net.", DNSResourceRecord::ANSWER, 3600);
- addRecordToLW(res, "a.root-servers.net.", QType::A, "198.41.0.4", DNSResourceRecord::ADDITIONAL, 3600);
- addRecordToLW(res, "a.root-servers.net.", QType::AAAA, "2001:503:ba3e::2:30", DNSResourceRecord::ADDITIONAL, 3600);
+ if (domain == g_rootdnsname && type == QType::NS) {
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, g_rootdnsname, QType::NS, "a.root-servers.net.", DNSResourceRecord::ANSWER, 3600);
+ addRecordToLW(res, "a.root-servers.net.", QType::A, "198.41.0.4", DNSResourceRecord::ADDITIONAL, 3600);
+ addRecordToLW(res, "a.root-servers.net.", QType::AAAA, "2001:503:ba3e::2:30", DNSResourceRecord::ADDITIONAL, 3600);
- return 1;
- }
+ return 1;
+ }
- return 0;
- });
+ return 0;
+ });
/* we are not primed yet, so SyncRes will have to call primeHints()
then call getRootNS(), for which at least one of the root servers needs to answer */
BOOST_CHECK_EQUAL(queriesCount, 2U);
}
-BOOST_AUTO_TEST_CASE(test_root_not_primed_and_no_response) {
+BOOST_AUTO_TEST_CASE(test_root_not_primed_and_no_response)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr);
std::set<ComboAddress> downServers;
None will, so it should ServFail.
*/
sr->setAsyncCallback([&downServers](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
-
- downServers.insert(ip);
- return 0;
- });
+ downServers.insert(ip);
+ return 0;
+ });
vector<DNSRecord> ret;
int res = sr->beginResolve(DNSName("."), QType(QType::NS), QClass::IN, ret);
}
}
-static void test_edns_formerr_fallback_f(bool sample) {
+static void test_edns_formerr_fallback_f(bool sample)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr);
if (sample) {
size_t queriesWithoutEDNS = 0;
sr->setAsyncCallback([&queriesWithEDNS, &queriesWithoutEDNS, &noEDNSServer, sample](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
- if (EDNS0Level != 0) {
- queriesWithEDNS++;
- noEDNSServer = ip;
+ if (EDNS0Level != 0) {
+ queriesWithEDNS++;
+ noEDNSServer = ip;
- setLWResult(res, RCode::FormErr);
- return 1;
- }
+ setLWResult(res, RCode::FormErr);
+ return 1;
+ }
- queriesWithoutEDNS++;
+ queriesWithoutEDNS++;
- if (domain == DNSName("powerdns.com") && type == QType::A && !doTCP) {
- setLWResult(res, 0, true, false, false);
- addRecordToLW(res, domain, QType::A, "192.0.2.1");
- return 1;
- }
+ if (domain == DNSName("powerdns.com") && type == QType::A && !doTCP) {
+ setLWResult(res, 0, true, false, false);
+ addRecordToLW(res, domain, QType::A, "192.0.2.1");
+ return 1;
+ }
- return sample ? basicRecordsForQnameMinimization(res, domain, type) : 0;
- });
+ return sample ? basicRecordsForQnameMinimization(res, domain, type) : 0;
+ });
primeHints();
BOOST_CHECK_EQUAL(SyncRes::getEDNSStatus(noEDNSServer), SyncRes::EDNSStatus::NOEDNS);
}
-BOOST_AUTO_TEST_CASE(test_edns_formerr_fallback) {
+BOOST_AUTO_TEST_CASE(test_edns_formerr_fallback)
+{
test_edns_formerr_fallback_f(false);
}
-BOOST_AUTO_TEST_CASE(test_edns_formerr_fallback_qmin) {
+BOOST_AUTO_TEST_CASE(test_edns_formerr_fallback_qmin)
+{
// DISABLED UNTIL QNAME MINIMIZATON IS THERE
return;
test_edns_formerr_fallback_f(true);
}
-BOOST_AUTO_TEST_CASE(test_edns_formerr_but_edns_enabled) {
+BOOST_AUTO_TEST_CASE(test_edns_formerr_but_edns_enabled)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr);
std::set<ComboAddress> usedServers;
sr->setAsyncCallback([&queriesWithEDNS, &queriesWithoutEDNS, &usedServers](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ if (EDNS0Level > 0) {
+ queriesWithEDNS++;
+ }
+ else {
+ queriesWithoutEDNS++;
+ }
+ usedServers.insert(ip);
+ if (type == QType::DNAME) {
+ setLWResult(res, RCode::FormErr);
if (EDNS0Level > 0) {
- queriesWithEDNS++;
- }
- else {
- queriesWithoutEDNS++;
- }
- usedServers.insert(ip);
-
- if (type == QType::DNAME) {
- setLWResult(res, RCode::FormErr);
- if (EDNS0Level > 0) {
- res->d_haveEDNS = true;
- }
- return 1;
+ res->d_haveEDNS = true;
}
+ return 1;
+ }
- return 0;
- });
+ return 0;
+ });
primeHints();
}
}
-BOOST_AUTO_TEST_CASE(test_meta_types) {
+BOOST_AUTO_TEST_CASE(test_meta_types)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr);
- static const std::set<uint16_t> invalidTypes = { 128, QType::AXFR, QType::IXFR, QType::RRSIG, QType::NSEC3, QType::OPT, QType::TSIG, QType::TKEY, QType::MAILA, QType::MAILB, 65535 };
+ static const std::set<uint16_t> invalidTypes = {128, QType::AXFR, QType::IXFR, QType::RRSIG, QType::NSEC3, QType::OPT, QType::TSIG, QType::TKEY, QType::MAILA, QType::MAILB, 65535};
for (const auto qtype : invalidTypes) {
size_t queriesCount = 0;
sr->setAsyncCallback([&queriesCount](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
-
queriesCount++;
return 0;
});
}
}
-BOOST_AUTO_TEST_CASE(test_tc_fallback_to_tcp) {
+BOOST_AUTO_TEST_CASE(test_tc_fallback_to_tcp)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr);
sr->setAsyncCallback([](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
- if (!doTCP) {
- setLWResult(res, 0, false, true, false);
- return 1;
- }
- if (domain == DNSName("powerdns.com") && type == QType::A && doTCP) {
- setLWResult(res, 0, true, false, false);
- addRecordToLW(res, domain, QType::A, "192.0.2.1");
- return 1;
- }
+ if (!doTCP) {
+ setLWResult(res, 0, false, true, false);
+ return 1;
+ }
+ if (domain == DNSName("powerdns.com") && type == QType::A && doTCP) {
+ setLWResult(res, 0, true, false, false);
+ addRecordToLW(res, domain, QType::A, "192.0.2.1");
+ return 1;
+ }
- return 0;
- });
+ return 0;
+ });
primeHints();
BOOST_CHECK_EQUAL(res, RCode::NoError);
}
-BOOST_AUTO_TEST_CASE(test_tc_over_tcp) {
+BOOST_AUTO_TEST_CASE(test_tc_over_tcp)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr);
size_t tcpQueriesCount = 0;
sr->setAsyncCallback([&tcpQueriesCount](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
- if (!doTCP) {
- setLWResult(res, 0, true, true, false);
- return 1;
- }
+ if (!doTCP) {
+ setLWResult(res, 0, true, true, false);
+ return 1;
+ }
- /* first TCP query is answered with a TC response */
- tcpQueriesCount++;
- if (tcpQueriesCount == 1) {
- setLWResult(res, 0, true, true, false);
- }
- else {
- setLWResult(res, 0, true, false, false);
- }
+ /* first TCP query is answered with a TC response */
+ tcpQueriesCount++;
+ if (tcpQueriesCount == 1) {
+ setLWResult(res, 0, true, true, false);
+ }
+ else {
+ setLWResult(res, 0, true, false, false);
+ }
- addRecordToLW(res, domain, QType::A, "192.0.2.1");
- return 1;
- });
+ addRecordToLW(res, domain, QType::A, "192.0.2.1");
+ return 1;
+ });
primeHints();
BOOST_CHECK_EQUAL(tcpQueriesCount, 2U);
}
-BOOST_AUTO_TEST_CASE(test_all_nss_down) {
+BOOST_AUTO_TEST_CASE(test_all_nss_down)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr);
std::set<ComboAddress> downServers;
primeHints();
sr->setAsyncCallback([&downServers](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
-
- if (isRootServer(ip)) {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800);
- addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- addRecordToLW(res, "a.gtld-servers.net.", QType::AAAA, "2001:DB8::1", DNSResourceRecord::ADDITIONAL, 3600);
- return 1;
- }
- else if (ip == ComboAddress("192.0.2.1:53") || ip == ComboAddress("[2001:DB8::1]:53")) {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, "powerdns.com.", QType::NS, "pdns-public-ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800);
- addRecordToLW(res, "powerdns.com.", QType::NS, "pdns-public-ns2.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800);
- addRecordToLW(res, "pdns-public-ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 172800);
- addRecordToLW(res, "pdns-public-ns1.powerdns.com.", QType::AAAA, "2001:DB8::2", DNSResourceRecord::ADDITIONAL, 172800);
- addRecordToLW(res, "pdns-public-ns2.powerdns.com.", QType::A, "192.0.2.3", DNSResourceRecord::ADDITIONAL, 172800);
- addRecordToLW(res, "pdns-public-ns2.powerdns.com.", QType::AAAA, "2001:DB8::3", DNSResourceRecord::ADDITIONAL, 172800);
- return 1;
- }
- else {
- downServers.insert(ip);
- return 0;
- }
- });
+ if (isRootServer(ip)) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800);
+ addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
+ addRecordToLW(res, "a.gtld-servers.net.", QType::AAAA, "2001:DB8::1", DNSResourceRecord::ADDITIONAL, 3600);
+ return 1;
+ }
+ else if (ip == ComboAddress("192.0.2.1:53") || ip == ComboAddress("[2001:DB8::1]:53")) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, "powerdns.com.", QType::NS, "pdns-public-ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800);
+ addRecordToLW(res, "powerdns.com.", QType::NS, "pdns-public-ns2.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800);
+ addRecordToLW(res, "pdns-public-ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 172800);
+ addRecordToLW(res, "pdns-public-ns1.powerdns.com.", QType::AAAA, "2001:DB8::2", DNSResourceRecord::ADDITIONAL, 172800);
+ addRecordToLW(res, "pdns-public-ns2.powerdns.com.", QType::A, "192.0.2.3", DNSResourceRecord::ADDITIONAL, 172800);
+ addRecordToLW(res, "pdns-public-ns2.powerdns.com.", QType::AAAA, "2001:DB8::3", DNSResourceRecord::ADDITIONAL, 172800);
+ return 1;
+ }
+ else {
+ downServers.insert(ip);
+ return 0;
+ }
+ });
DNSName target("powerdns.com.");
}
}
-BOOST_AUTO_TEST_CASE(test_all_nss_network_error) {
+BOOST_AUTO_TEST_CASE(test_all_nss_network_error)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr);
std::set<ComboAddress> downServers;
primeHints();
sr->setAsyncCallback([&downServers](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
-
- if (isRootServer(ip)) {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800);
- addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- addRecordToLW(res, "a.gtld-servers.net.", QType::AAAA, "2001:DB8::1", DNSResourceRecord::ADDITIONAL, 3600);
- return 1;
- }
- else if (ip == ComboAddress("192.0.2.1:53") || ip == ComboAddress("[2001:DB8::1]:53")) {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, "powerdns.com.", QType::NS, "pdns-public-ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800);
- addRecordToLW(res, "powerdns.com.", QType::NS, "pdns-public-ns2.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800);
- addRecordToLW(res, "pdns-public-ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 172800);
- addRecordToLW(res, "pdns-public-ns1.powerdns.com.", QType::AAAA, "2001:DB8::2", DNSResourceRecord::ADDITIONAL, 172800);
- addRecordToLW(res, "pdns-public-ns2.powerdns.com.", QType::A, "192.0.2.3", DNSResourceRecord::ADDITIONAL, 172800);
- addRecordToLW(res, "pdns-public-ns2.powerdns.com.", QType::AAAA, "2001:DB8::3", DNSResourceRecord::ADDITIONAL, 172800);
- return 1;
- }
- else {
- downServers.insert(ip);
- return 0;
- }
- });
+ if (isRootServer(ip)) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800);
+ addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
+ addRecordToLW(res, "a.gtld-servers.net.", QType::AAAA, "2001:DB8::1", DNSResourceRecord::ADDITIONAL, 3600);
+ return 1;
+ }
+ else if (ip == ComboAddress("192.0.2.1:53") || ip == ComboAddress("[2001:DB8::1]:53")) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, "powerdns.com.", QType::NS, "pdns-public-ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800);
+ addRecordToLW(res, "powerdns.com.", QType::NS, "pdns-public-ns2.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800);
+ addRecordToLW(res, "pdns-public-ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 172800);
+ addRecordToLW(res, "pdns-public-ns1.powerdns.com.", QType::AAAA, "2001:DB8::2", DNSResourceRecord::ADDITIONAL, 172800);
+ addRecordToLW(res, "pdns-public-ns2.powerdns.com.", QType::A, "192.0.2.3", DNSResourceRecord::ADDITIONAL, 172800);
+ addRecordToLW(res, "pdns-public-ns2.powerdns.com.", QType::AAAA, "2001:DB8::3", DNSResourceRecord::ADDITIONAL, 172800);
+ return 1;
+ }
+ else {
+ downServers.insert(ip);
+ return 0;
+ }
+ });
/* exact same test than the previous one, except instead of a time out we fake a network error */
DNSName target("powerdns.com.");
}
}
-BOOST_AUTO_TEST_CASE(test_only_one_ns_up_resolving_itself_with_glue) {
+BOOST_AUTO_TEST_CASE(test_only_one_ns_up_resolving_itself_with_glue)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr);
DNSName target("www.powerdns.com.");
sr->setAsyncCallback([target](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
-
- if (isRootServer(ip)) {
- setLWResult(res, 0, false, false, true);
- if (domain == target) {
- addRecordToLW(res, "powerdns.com.", QType::NS, "pdns-public-ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800);
- addRecordToLW(res, "powerdns.com.", QType::NS, "pdns-public-ns2.powerdns.net.", DNSResourceRecord::AUTHORITY, 172800);
- addRecordToLW(res, "pdns-public-ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 172800);
- addRecordToLW(res, "pdns-public-ns1.powerdns.com.", QType::AAAA, "2001:DB8::2", DNSResourceRecord::ADDITIONAL, 172800);
+ if (isRootServer(ip)) {
+ setLWResult(res, 0, false, false, true);
+ if (domain == target) {
+ addRecordToLW(res, "powerdns.com.", QType::NS, "pdns-public-ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800);
+ addRecordToLW(res, "powerdns.com.", QType::NS, "pdns-public-ns2.powerdns.net.", DNSResourceRecord::AUTHORITY, 172800);
+ addRecordToLW(res, "pdns-public-ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 172800);
+ addRecordToLW(res, "pdns-public-ns1.powerdns.com.", QType::AAAA, "2001:DB8::2", DNSResourceRecord::ADDITIONAL, 172800);
+ }
+ else if (domain == DNSName("pdns-public-ns2.powerdns.net.")) {
+ addRecordToLW(res, "powerdns.net.", QType::NS, "pdns-public-ns2.powerdns.net.", DNSResourceRecord::AUTHORITY, 172800);
+ addRecordToLW(res, "powerdns.net.", QType::NS, "pdns-public-ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800);
+ addRecordToLW(res, "pdns-public-ns2.powerdns.net.", QType::A, "192.0.2.3", DNSResourceRecord::ADDITIONAL, 172800);
+ addRecordToLW(res, "pdns-public-ns2.powerdns.net.", QType::AAAA, "2001:DB8::3", DNSResourceRecord::ADDITIONAL, 172800);
+ }
+ return 1;
+ }
+ else if (ip == ComboAddress("192.0.2.3:53")) {
+ setLWResult(res, 0, true, false, true);
+ if (domain == DNSName("pdns-public-ns2.powerdns.net.")) {
+ if (type == QType::A) {
+ addRecordToLW(res, "pdns-public-ns2.powerdns.net.", QType::A, "192.0.2.3");
}
- else if (domain == DNSName("pdns-public-ns2.powerdns.net.")) {
- addRecordToLW(res, "powerdns.net.", QType::NS, "pdns-public-ns2.powerdns.net.", DNSResourceRecord::AUTHORITY, 172800);
- addRecordToLW(res, "powerdns.net.", QType::NS, "pdns-public-ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800);
- addRecordToLW(res, "pdns-public-ns2.powerdns.net.", QType::A, "192.0.2.3", DNSResourceRecord::ADDITIONAL, 172800);
- addRecordToLW(res, "pdns-public-ns2.powerdns.net.", QType::AAAA, "2001:DB8::3", DNSResourceRecord::ADDITIONAL, 172800);
+ else if (type == QType::AAAA) {
+ addRecordToLW(res, "pdns-public-ns2.powerdns.net.", QType::AAAA, "2001:DB8::3");
}
- return 1;
}
- else if (ip == ComboAddress("192.0.2.3:53")) {
- setLWResult(res, 0, true, false, true);
- if (domain == DNSName("pdns-public-ns2.powerdns.net.")) {
- if (type == QType::A) {
- addRecordToLW(res, "pdns-public-ns2.powerdns.net.", QType::A, "192.0.2.3");
- }
- else if (type == QType::AAAA) {
- addRecordToLW(res, "pdns-public-ns2.powerdns.net.", QType::AAAA, "2001:DB8::3");
- }
+ else if (domain == target) {
+ if (type == QType::A) {
+ addRecordToLW(res, domain, QType::A, "192.0.2.1");
}
- else if (domain == target) {
- if (type == QType::A) {
- addRecordToLW(res, domain, QType::A, "192.0.2.1");
- }
- else if (type == QType::AAAA) {
- addRecordToLW(res, domain, QType::AAAA, "2001:DB8::1");
- }
+ else if (type == QType::AAAA) {
+ addRecordToLW(res, domain, QType::AAAA, "2001:DB8::1");
}
- return 1;
}
- return 0;
- });
+ return 1;
+ }
+ return 0;
+ });
vector<DNSRecord> ret;
int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret);
BOOST_CHECK_EQUAL(ret.size(), 1U);
}
-BOOST_AUTO_TEST_CASE(test_os_limit_errors) {
+BOOST_AUTO_TEST_CASE(test_os_limit_errors)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr);
std::set<ComboAddress> downServers;
primeHints();
sr->setAsyncCallback([&downServers](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
-
- if (isRootServer(ip)) {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800);
- addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- addRecordToLW(res, "a.gtld-servers.net.", QType::AAAA, "2001:DB8::1", DNSResourceRecord::ADDITIONAL, 3600);
- return 1;
- }
- else if (ip == ComboAddress("192.0.2.1:53") || ip == ComboAddress("[2001:DB8::1]:53")) {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, "powerdns.com.", QType::NS, "pdns-public-ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800);
- addRecordToLW(res, "powerdns.com.", QType::NS, "pdns-public-ns2.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800);
- addRecordToLW(res, "pdns-public-ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 172800);
- addRecordToLW(res, "pdns-public-ns1.powerdns.com.", QType::AAAA, "2001:DB8::2", DNSResourceRecord::ADDITIONAL, 172800);
- addRecordToLW(res, "pdns-public-ns2.powerdns.com.", QType::A, "192.0.2.3", DNSResourceRecord::ADDITIONAL, 172800);
- addRecordToLW(res, "pdns-public-ns2.powerdns.com.", QType::AAAA, "2001:DB8::3", DNSResourceRecord::ADDITIONAL, 172800);
- return 1;
+ if (isRootServer(ip)) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800);
+ addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
+ addRecordToLW(res, "a.gtld-servers.net.", QType::AAAA, "2001:DB8::1", DNSResourceRecord::ADDITIONAL, 3600);
+ return 1;
+ }
+ else if (ip == ComboAddress("192.0.2.1:53") || ip == ComboAddress("[2001:DB8::1]:53")) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, "powerdns.com.", QType::NS, "pdns-public-ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800);
+ addRecordToLW(res, "powerdns.com.", QType::NS, "pdns-public-ns2.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800);
+ addRecordToLW(res, "pdns-public-ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 172800);
+ addRecordToLW(res, "pdns-public-ns1.powerdns.com.", QType::AAAA, "2001:DB8::2", DNSResourceRecord::ADDITIONAL, 172800);
+ addRecordToLW(res, "pdns-public-ns2.powerdns.com.", QType::A, "192.0.2.3", DNSResourceRecord::ADDITIONAL, 172800);
+ addRecordToLW(res, "pdns-public-ns2.powerdns.com.", QType::AAAA, "2001:DB8::3", DNSResourceRecord::ADDITIONAL, 172800);
+ return 1;
+ }
+ else {
+ if (downServers.size() < 3) {
+ /* only the last one will answer */
+ downServers.insert(ip);
+ return -2;
}
else {
- if (downServers.size() < 3) {
- /* only the last one will answer */
- downServers.insert(ip);
- return -2;
- }
- else {
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, "powerdns.com.", QType::A, "192.0.2.42");
- return 1;
- }
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, "powerdns.com.", QType::A, "192.0.2.42");
+ return 1;
}
- });
+ }
+ });
DNSName target("powerdns.com.");
}
}
-BOOST_AUTO_TEST_CASE(test_glued_referral) {
+BOOST_AUTO_TEST_CASE(test_glued_referral)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr);
const DNSName target("powerdns.com.");
sr->setAsyncCallback([target](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
- /* this will cause issue with qname minimization if we ever implement it */
- if (domain != target) {
- return 0;
- }
+ /* this will cause issue with qname minimization if we ever implement it */
+ if (domain != target) {
+ return 0;
+ }
- if (isRootServer(ip)) {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800);
- addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- addRecordToLW(res, "a.gtld-servers.net.", QType::AAAA, "2001:DB8::1", DNSResourceRecord::ADDITIONAL, 3600);
- return 1;
- }
- else if (ip == ComboAddress("192.0.2.1:53") || ip == ComboAddress("[2001:DB8::1]:53")) {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, "powerdns.com.", QType::NS, "pdns-public-ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800);
- addRecordToLW(res, "powerdns.com.", QType::NS, "pdns-public-ns2.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800);
- addRecordToLW(res, "pdns-public-ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 172800);
- addRecordToLW(res, "pdns-public-ns1.powerdns.com.", QType::AAAA, "2001:DB8::2", DNSResourceRecord::ADDITIONAL, 172800);
- addRecordToLW(res, "pdns-public-ns2.powerdns.com.", QType::A, "192.0.2.3", DNSResourceRecord::ADDITIONAL, 172800);
- addRecordToLW(res, "pdns-public-ns2.powerdns.com.", QType::AAAA, "2001:DB8::3", DNSResourceRecord::ADDITIONAL, 172800);
- return 1;
- }
- else if (ip == ComboAddress("192.0.2.2:53") || ip == ComboAddress("192.0.2.3:53") || ip == ComboAddress("[2001:DB8::2]:53") || ip == ComboAddress("[2001:DB8::3]:53")) {
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, target, QType::A, "192.0.2.4");
- return 1;
- }
- else {
- return 0;
- }
- });
+ if (isRootServer(ip)) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800);
+ addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
+ addRecordToLW(res, "a.gtld-servers.net.", QType::AAAA, "2001:DB8::1", DNSResourceRecord::ADDITIONAL, 3600);
+ return 1;
+ }
+ else if (ip == ComboAddress("192.0.2.1:53") || ip == ComboAddress("[2001:DB8::1]:53")) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, "powerdns.com.", QType::NS, "pdns-public-ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800);
+ addRecordToLW(res, "powerdns.com.", QType::NS, "pdns-public-ns2.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800);
+ addRecordToLW(res, "pdns-public-ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 172800);
+ addRecordToLW(res, "pdns-public-ns1.powerdns.com.", QType::AAAA, "2001:DB8::2", DNSResourceRecord::ADDITIONAL, 172800);
+ addRecordToLW(res, "pdns-public-ns2.powerdns.com.", QType::A, "192.0.2.3", DNSResourceRecord::ADDITIONAL, 172800);
+ addRecordToLW(res, "pdns-public-ns2.powerdns.com.", QType::AAAA, "2001:DB8::3", DNSResourceRecord::ADDITIONAL, 172800);
+ return 1;
+ }
+ else if (ip == ComboAddress("192.0.2.2:53") || ip == ComboAddress("192.0.2.3:53") || ip == ComboAddress("[2001:DB8::2]:53") || ip == ComboAddress("[2001:DB8::3]:53")) {
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, target, QType::A, "192.0.2.4");
+ return 1;
+ }
+ else {
+ return 0;
+ }
+ });
vector<DNSRecord> ret;
int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret);
BOOST_CHECK_EQUAL(ret[0].d_name, target);
}
-BOOST_AUTO_TEST_CASE(test_glueless_referral) {
+BOOST_AUTO_TEST_CASE(test_glueless_referral)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr);
const DNSName target("powerdns.com.");
sr->setAsyncCallback([target](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ if (isRootServer(ip)) {
+ setLWResult(res, 0, false, false, true);
- if (isRootServer(ip)) {
- setLWResult(res, 0, false, false, true);
-
- if (domain.isPartOf(DNSName("com."))) {
- addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800);
- } else if (domain.isPartOf(DNSName("org."))) {
- addRecordToLW(res, "org.", QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800);
- }
- else {
- setLWResult(res, RCode::NXDomain, false, false, true);
- return 1;
- }
-
- addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- addRecordToLW(res, "a.gtld-servers.net.", QType::AAAA, "2001:DB8::1", DNSResourceRecord::ADDITIONAL, 3600);
+ if (domain.isPartOf(DNSName("com."))) {
+ addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800);
+ }
+ else if (domain.isPartOf(DNSName("org."))) {
+ addRecordToLW(res, "org.", QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800);
+ }
+ else {
+ setLWResult(res, RCode::NXDomain, false, false, true);
return 1;
}
- else if (ip == ComboAddress("192.0.2.1:53") || ip == ComboAddress("[2001:DB8::1]:53")) {
- if (domain == target) {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, "powerdns.com.", QType::NS, "pdns-public-ns1.powerdns.org.", DNSResourceRecord::AUTHORITY, 172800);
- addRecordToLW(res, "powerdns.com.", QType::NS, "pdns-public-ns2.powerdns.org.", DNSResourceRecord::AUTHORITY, 172800);
- return 1;
- }
- else if (domain == DNSName("pdns-public-ns1.powerdns.org.")) {
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, "pdns-public-ns1.powerdns.org.", QType::A, "192.0.2.2");
- addRecordToLW(res, "pdns-public-ns1.powerdns.org.", QType::AAAA, "2001:DB8::2");
- return 1;
- }
- else if (domain == DNSName("pdns-public-ns2.powerdns.org.")) {
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, "pdns-public-ns2.powerdns.org.", QType::A, "192.0.2.3");
- addRecordToLW(res, "pdns-public-ns2.powerdns.org.", QType::AAAA, "2001:DB8::3");
- return 1;
- }
- setLWResult(res, RCode::NXDomain, false, false, true);
+ addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
+ addRecordToLW(res, "a.gtld-servers.net.", QType::AAAA, "2001:DB8::1", DNSResourceRecord::ADDITIONAL, 3600);
+ return 1;
+ }
+ else if (ip == ComboAddress("192.0.2.1:53") || ip == ComboAddress("[2001:DB8::1]:53")) {
+ if (domain == target) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, "powerdns.com.", QType::NS, "pdns-public-ns1.powerdns.org.", DNSResourceRecord::AUTHORITY, 172800);
+ addRecordToLW(res, "powerdns.com.", QType::NS, "pdns-public-ns2.powerdns.org.", DNSResourceRecord::AUTHORITY, 172800);
return 1;
}
- else if (ip == ComboAddress("192.0.2.2:53") || ip == ComboAddress("192.0.2.3:53") || ip == ComboAddress("[2001:DB8::2]:53") || ip == ComboAddress("[2001:DB8::3]:53")) {
+ else if (domain == DNSName("pdns-public-ns1.powerdns.org.")) {
setLWResult(res, 0, true, false, true);
- addRecordToLW(res, target, QType::A, "192.0.2.4");
+ addRecordToLW(res, "pdns-public-ns1.powerdns.org.", QType::A, "192.0.2.2");
+ addRecordToLW(res, "pdns-public-ns1.powerdns.org.", QType::AAAA, "2001:DB8::2");
return 1;
}
- else {
- return 0;
+ else if (domain == DNSName("pdns-public-ns2.powerdns.org.")) {
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, "pdns-public-ns2.powerdns.org.", QType::A, "192.0.2.3");
+ addRecordToLW(res, "pdns-public-ns2.powerdns.org.", QType::AAAA, "2001:DB8::3");
+ return 1;
}
- });
+
+ setLWResult(res, RCode::NXDomain, false, false, true);
+ return 1;
+ }
+ else if (ip == ComboAddress("192.0.2.2:53") || ip == ComboAddress("192.0.2.3:53") || ip == ComboAddress("[2001:DB8::2]:53") || ip == ComboAddress("[2001:DB8::3]:53")) {
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, target, QType::A, "192.0.2.4");
+ return 1;
+ }
+ else {
+ return 0;
+ }
+ });
vector<DNSRecord> ret;
int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret);
BOOST_CHECK_EQUAL(ret[0].d_name, target);
}
-BOOST_AUTO_TEST_CASE(test_edns_subnet_by_domain) {
+BOOST_AUTO_TEST_CASE(test_edns_subnet_by_domain)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr);
sr->setQuerySource(ComboAddress(), boost::optional<const EDNSSubnetOpts&>(incomingECS));
sr->setAsyncCallback([target](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ BOOST_REQUIRE(srcmask);
+ BOOST_CHECK_EQUAL(srcmask->toString(), "192.0.2.0/24");
- BOOST_REQUIRE(srcmask);
- BOOST_CHECK_EQUAL(srcmask->toString(), "192.0.2.0/24");
-
- if (isRootServer(ip)) {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, domain, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800);
- addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
+ if (isRootServer(ip)) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, domain, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800);
+ addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- /* this one did not use the ECS info */
- srcmask = boost::none;
+ /* this one did not use the ECS info */
+ srcmask = boost::none;
- return 1;
- } else if (ip == ComboAddress("192.0.2.1:53")) {
+ return 1;
+ }
+ else if (ip == ComboAddress("192.0.2.1:53")) {
- setLWResult(res, 0, true, false, false);
- addRecordToLW(res, domain, QType::A, "192.0.2.2");
+ setLWResult(res, 0, true, false, false);
+ addRecordToLW(res, domain, QType::A, "192.0.2.2");
- /* this one did, but only up to a precision of /16, not the full /24 */
- srcmask = Netmask("192.0.0.0/16");
+ /* this one did, but only up to a precision of /16, not the full /24 */
+ srcmask = Netmask("192.0.0.0/16");
- return 1;
- }
+ return 1;
+ }
- return 0;
- });
+ return 0;
+ });
SyncRes::s_ecsqueries = 0;
SyncRes::s_ecsresponses = 0;
}
}
-BOOST_AUTO_TEST_CASE(test_edns_subnet_by_addr) {
+BOOST_AUTO_TEST_CASE(test_edns_subnet_by_addr)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr);
sr->setQuerySource(ComboAddress(), boost::optional<const EDNSSubnetOpts&>(incomingECS));
sr->setAsyncCallback([target](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ if (isRootServer(ip)) {
+ BOOST_REQUIRE(!srcmask);
- if (isRootServer(ip)) {
- BOOST_REQUIRE(!srcmask);
-
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, domain, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800);
- addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- return 1;
- } else if (ip == ComboAddress("192.0.2.1:53")) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, domain, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800);
+ addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
+ return 1;
+ }
+ else if (ip == ComboAddress("192.0.2.1:53")) {
- BOOST_REQUIRE(srcmask);
- BOOST_CHECK_EQUAL(srcmask->toString(), "2001:db8::/56");
+ BOOST_REQUIRE(srcmask);
+ BOOST_CHECK_EQUAL(srcmask->toString(), "2001:db8::/56");
- setLWResult(res, 0, true, false, false);
- addRecordToLW(res, domain, QType::A, "192.0.2.2");
- return 1;
- }
+ setLWResult(res, 0, true, false, false);
+ addRecordToLW(res, domain, QType::A, "192.0.2.2");
+ return 1;
+ }
- return 0;
- });
+ return 0;
+ });
SyncRes::s_ecsqueries = 0;
SyncRes::s_ecsresponses = 0;
}
}
-BOOST_AUTO_TEST_CASE(test_ecs_use_requestor) {
+BOOST_AUTO_TEST_CASE(test_ecs_use_requestor)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr);
sr->setQuerySource(ComboAddress("192.0.2.127"), boost::none);
sr->setAsyncCallback([target](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ if (isRootServer(ip)) {
+ BOOST_REQUIRE(!srcmask);
- if (isRootServer(ip)) {
- BOOST_REQUIRE(!srcmask);
-
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, domain, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800);
- addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- return 1;
- } else if (ip == ComboAddress("192.0.2.1:53")) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, domain, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800);
+ addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
+ return 1;
+ }
+ else if (ip == ComboAddress("192.0.2.1:53")) {
- BOOST_REQUIRE(srcmask);
- BOOST_CHECK_EQUAL(srcmask->toString(), "192.0.2.0/24");
+ BOOST_REQUIRE(srcmask);
+ BOOST_CHECK_EQUAL(srcmask->toString(), "192.0.2.0/24");
- setLWResult(res, 0, true, false, false);
- addRecordToLW(res, domain, QType::A, "192.0.2.2");
- return 1;
- }
+ setLWResult(res, 0, true, false, false);
+ addRecordToLW(res, domain, QType::A, "192.0.2.2");
+ return 1;
+ }
- return 0;
- });
+ return 0;
+ });
vector<DNSRecord> ret;
int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret);
BOOST_CHECK_EQUAL(ret[0].d_name, target);
}
-BOOST_AUTO_TEST_CASE(test_ecs_use_scope_zero) {
+BOOST_AUTO_TEST_CASE(test_ecs_use_scope_zero)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr);
sr->setQuerySource(ComboAddress("192.0.2.127"), boost::none);
sr->setAsyncCallback([target](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ if (isRootServer(ip)) {
+ BOOST_REQUIRE(!srcmask);
- if (isRootServer(ip)) {
- BOOST_REQUIRE(!srcmask);
-
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, domain, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800);
- addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- return 1;
- } else if (ip == ComboAddress("192.0.2.1:53")) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, domain, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800);
+ addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
+ return 1;
+ }
+ else if (ip == ComboAddress("192.0.2.1:53")) {
- BOOST_REQUIRE(srcmask);
- BOOST_CHECK_EQUAL(srcmask->toString(), "127.0.0.1/32");
+ BOOST_REQUIRE(srcmask);
+ BOOST_CHECK_EQUAL(srcmask->toString(), "127.0.0.1/32");
- setLWResult(res, 0, true, false, false);
- addRecordToLW(res, domain, QType::A, "192.0.2.2");
- return 1;
- }
+ setLWResult(res, 0, true, false, false);
+ addRecordToLW(res, domain, QType::A, "192.0.2.2");
+ return 1;
+ }
- return 0;
- });
+ return 0;
+ });
vector<DNSRecord> ret;
int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret);
BOOST_CHECK_EQUAL(ret[0].d_name, target);
}
-BOOST_AUTO_TEST_CASE(test_ecs_honor_incoming_mask) {
+BOOST_AUTO_TEST_CASE(test_ecs_honor_incoming_mask)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr);
sr->setQuerySource(ComboAddress("192.0.2.127"), boost::optional<const EDNSSubnetOpts&>(incomingECS));
sr->setAsyncCallback([target](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ if (isRootServer(ip)) {
+ BOOST_REQUIRE(!srcmask);
- if (isRootServer(ip)) {
- BOOST_REQUIRE(!srcmask);
-
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, domain, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800);
- addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- return 1;
- } else if (ip == ComboAddress("192.0.2.1:53")) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, domain, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800);
+ addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
+ return 1;
+ }
+ else if (ip == ComboAddress("192.0.2.1:53")) {
- BOOST_REQUIRE(srcmask);
- BOOST_CHECK_EQUAL(srcmask->toString(), "192.0.0.0/16");
+ BOOST_REQUIRE(srcmask);
+ BOOST_CHECK_EQUAL(srcmask->toString(), "192.0.0.0/16");
- setLWResult(res, 0, true, false, false);
- addRecordToLW(res, domain, QType::A, "192.0.2.2");
- return 1;
- }
+ setLWResult(res, 0, true, false, false);
+ addRecordToLW(res, domain, QType::A, "192.0.2.2");
+ return 1;
+ }
- return 0;
- });
+ return 0;
+ });
vector<DNSRecord> ret;
int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret);
BOOST_CHECK_EQUAL(ret[0].d_name, target);
}
-BOOST_AUTO_TEST_CASE(test_ecs_honor_incoming_mask_zero) {
+BOOST_AUTO_TEST_CASE(test_ecs_honor_incoming_mask_zero)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr);
sr->setQuerySource(ComboAddress("192.0.2.127"), boost::optional<const EDNSSubnetOpts&>(incomingECS));
sr->setAsyncCallback([target](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ if (isRootServer(ip)) {
+ BOOST_REQUIRE(!srcmask);
- if (isRootServer(ip)) {
- BOOST_REQUIRE(!srcmask);
-
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, domain, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800);
- addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- return 1;
- } else if (ip == ComboAddress("192.0.2.1:53")) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, domain, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800);
+ addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
+ return 1;
+ }
+ else if (ip == ComboAddress("192.0.2.1:53")) {
- BOOST_REQUIRE(srcmask);
- BOOST_CHECK_EQUAL(srcmask->toString(), "127.0.0.1/32");
+ BOOST_REQUIRE(srcmask);
+ BOOST_CHECK_EQUAL(srcmask->toString(), "127.0.0.1/32");
- setLWResult(res, 0, true, false, false);
- addRecordToLW(res, domain, QType::A, "192.0.2.2");
- return 1;
- }
+ setLWResult(res, 0, true, false, false);
+ addRecordToLW(res, domain, QType::A, "192.0.2.2");
+ return 1;
+ }
- return 0;
- });
+ return 0;
+ });
vector<DNSRecord> ret;
int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret);
BOOST_CHECK_EQUAL(ret[0].d_name, target);
}
-BOOST_AUTO_TEST_CASE(test_following_cname) {
+BOOST_AUTO_TEST_CASE(test_following_cname)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr);
const DNSName cnameTarget("cname-target.powerdns.com");
sr->setAsyncCallback([target, cnameTarget](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ if (isRootServer(ip)) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, domain, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800);
+ addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
+ return 1;
+ }
+ else if (ip == ComboAddress("192.0.2.1:53")) {
- if (isRootServer(ip)) {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, domain, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800);
- addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- return 1;
- } else if (ip == ComboAddress("192.0.2.1:53")) {
-
- if (domain == target) {
- setLWResult(res, 0, true, false, false);
- addRecordToLW(res, domain, QType::CNAME, cnameTarget.toString());
- return 1;
- }
- else if (domain == cnameTarget) {
- setLWResult(res, 0, true, false, false);
- addRecordToLW(res, domain, QType::A, "192.0.2.2");
- }
-
+ if (domain == target) {
+ setLWResult(res, 0, true, false, false);
+ addRecordToLW(res, domain, QType::CNAME, cnameTarget.toString());
return 1;
}
+ else if (domain == cnameTarget) {
+ setLWResult(res, 0, true, false, false);
+ addRecordToLW(res, domain, QType::A, "192.0.2.2");
+ }
- return 0;
- });
+ return 1;
+ }
+
+ return 0;
+ });
vector<DNSRecord> ret;
int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret);
BOOST_CHECK_EQUAL(ret[1].d_name, cnameTarget);
}
-BOOST_AUTO_TEST_CASE(test_cname_nxdomain) {
+BOOST_AUTO_TEST_CASE(test_cname_nxdomain)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr);
const DNSName cnameTarget("cname-target.powerdns.com");
sr->setAsyncCallback([target, cnameTarget](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ if (isRootServer(ip)) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, "powerdns.com.", QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800);
+ addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
+ return 1;
+ }
+ else if (ip == ComboAddress("192.0.2.1:53")) {
- if (isRootServer(ip)) {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, "powerdns.com.", QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800);
- addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- return 1;
- } else if (ip == ComboAddress("192.0.2.1:53")) {
-
- if (domain == target) {
- setLWResult(res, RCode::NXDomain, true, false, false);
- addRecordToLW(res, domain, QType::CNAME, cnameTarget.toString());
- addRecordToLW(res, "powerdns.com.", QType::SOA, "a.powerdns.com. nstld.verisign-grs.com. 2017032800 1800 900 604800 86400", DNSResourceRecord::AUTHORITY, 86400);
- } else if (domain == cnameTarget) {
- setLWResult(res, RCode::NXDomain, true, false, false);
- addRecordToLW(res, "powerdns.com.", QType::SOA, "a.powerdns.com. nstld.verisign-grs.com. 2017032800 1800 900 604800 86400", DNSResourceRecord::AUTHORITY, 86400);
- return 1;
- }
-
+ if (domain == target) {
+ setLWResult(res, RCode::NXDomain, true, false, false);
+ addRecordToLW(res, domain, QType::CNAME, cnameTarget.toString());
+ addRecordToLW(res, "powerdns.com.", QType::SOA, "a.powerdns.com. nstld.verisign-grs.com. 2017032800 1800 900 604800 86400", DNSResourceRecord::AUTHORITY, 86400);
+ }
+ else if (domain == cnameTarget) {
+ setLWResult(res, RCode::NXDomain, true, false, false);
+ addRecordToLW(res, "powerdns.com.", QType::SOA, "a.powerdns.com. nstld.verisign-grs.com. 2017032800 1800 900 604800 86400", DNSResourceRecord::AUTHORITY, 86400);
return 1;
}
- return 0;
- });
+ return 1;
+ }
+
+ return 0;
+ });
vector<DNSRecord> ret;
int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret);
BOOST_CHECK(ret[1].d_type == QType::SOA);
}
-BOOST_AUTO_TEST_CASE(test_included_poisonous_cname) {
+BOOST_AUTO_TEST_CASE(test_included_poisonous_cname)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr);
const DNSName cnameTarget("cname-target.powerdns.com");
sr->setAsyncCallback([target, cnameTarget](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ if (isRootServer(ip)) {
- if (isRootServer(ip)) {
+ setLWResult(res, 0, false, false, true);
- setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, domain, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800);
+ addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
+ return 1;
+ }
+ else if (ip == ComboAddress("192.0.2.1:53")) {
- addRecordToLW(res, domain, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800);
- addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
+ if (domain == target) {
+ setLWResult(res, 0, true, false, false);
+ addRecordToLW(res, domain, QType::CNAME, cnameTarget.toString());
+ addRecordToLW(res, cnameTarget, QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL);
return 1;
- } else if (ip == ComboAddress("192.0.2.1:53")) {
-
- if (domain == target) {
- setLWResult(res, 0, true, false, false);
- addRecordToLW(res, domain, QType::CNAME, cnameTarget.toString());
- addRecordToLW(res, cnameTarget, QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL);
- return 1;
- } else if (domain == cnameTarget) {
- setLWResult(res, 0, true, false, false);
- addRecordToLW(res, cnameTarget, QType::A, "192.0.2.3");
- return 1;
- }
-
+ }
+ else if (domain == cnameTarget) {
+ setLWResult(res, 0, true, false, false);
+ addRecordToLW(res, cnameTarget, QType::A, "192.0.2.3");
return 1;
}
- return 0;
- });
+ return 1;
+ }
+
+ return 0;
+ });
vector<DNSRecord> ret;
int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret);
BOOST_CHECK(getRR<ARecordContent>(ret[1])->getCA() == ComboAddress("192.0.2.3"));
}
-BOOST_AUTO_TEST_CASE(test_cname_loop) {
+BOOST_AUTO_TEST_CASE(test_cname_loop)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr);
size_t count = 0;
const DNSName target("cname.powerdns.com.");
- sr->setAsyncCallback([target,&count](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
-
- count++;
+ sr->setAsyncCallback([target, &count](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ count++;
- if (isRootServer(ip)) {
-
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, domain, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800);
- addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- return 1;
- } else if (ip == ComboAddress("192.0.2.1:53")) {
+ if (isRootServer(ip)) {
- if (domain == target) {
- setLWResult(res, 0, true, false, false);
- addRecordToLW(res, domain, QType::CNAME, domain.toString());
- return 1;
- }
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, domain, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800);
+ addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
+ return 1;
+ }
+ else if (ip == ComboAddress("192.0.2.1:53")) {
+ if (domain == target) {
+ setLWResult(res, 0, true, false, false);
+ addRecordToLW(res, domain, QType::CNAME, domain.toString());
return 1;
}
- return 0;
- });
+ return 1;
+ }
+
+ return 0;
+ });
vector<DNSRecord> ret;
int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret);
BOOST_CHECK_EQUAL(count, 2U);
}
-BOOST_AUTO_TEST_CASE(test_cname_depth) {
+BOOST_AUTO_TEST_CASE(test_cname_depth)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr);
size_t depth = 0;
const DNSName target("cname.powerdns.com.");
- sr->setAsyncCallback([target,&depth](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
-
- if (isRootServer(ip)) {
+ sr->setAsyncCallback([target, &depth](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ if (isRootServer(ip)) {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, domain, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800);
- addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- return 1;
- } else if (ip == ComboAddress("192.0.2.1:53")) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, domain, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800);
+ addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
+ return 1;
+ }
+ else if (ip == ComboAddress("192.0.2.1:53")) {
- setLWResult(res, 0, true, false, false);
- addRecordToLW(res, domain, QType::CNAME, std::to_string(depth) + "-cname.powerdns.com");
- depth++;
- return 1;
- }
+ setLWResult(res, 0, true, false, false);
+ addRecordToLW(res, domain, QType::CNAME, std::to_string(depth) + "-cname.powerdns.com");
+ depth++;
+ return 1;
+ }
- return 0;
- });
+ return 0;
+ });
vector<DNSRecord> ret;
int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret);
BOOST_CHECK_EQUAL(depth, 10U + 2U);
}
-BOOST_AUTO_TEST_CASE(test_time_limit) {
+BOOST_AUTO_TEST_CASE(test_time_limit)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr);
size_t queries = 0;
const DNSName target("cname.powerdns.com.");
- sr->setAsyncCallback([target,&queries](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
-
- queries++;
+ sr->setAsyncCallback([target, &queries](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queries++;
- if (isRootServer(ip)) {
- setLWResult(res, 0, false, false, true);
- /* Pretend that this query took 2000 ms */
- res->d_usec = 2000;
+ if (isRootServer(ip)) {
+ setLWResult(res, 0, false, false, true);
+ /* Pretend that this query took 2000 ms */
+ res->d_usec = 2000;
- addRecordToLW(res, domain, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800);
- addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- return 1;
- } else if (ip == ComboAddress("192.0.2.1:53")) {
+ addRecordToLW(res, domain, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800);
+ addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
+ return 1;
+ }
+ else if (ip == ComboAddress("192.0.2.1:53")) {
- setLWResult(res, 0, true, false, false);
- addRecordToLW(res, domain, QType::A, "192.0.2.2");
- return 1;
- }
+ setLWResult(res, 0, true, false, false);
+ addRecordToLW(res, domain, QType::A, "192.0.2.2");
+ return 1;
+ }
- return 0;
- });
+ return 0;
+ });
/* Set the maximum time to 1 ms */
SyncRes::s_maxtotusec = 1000;
sr->beginResolve(target, QType(QType::A), QClass::IN, ret);
BOOST_CHECK(false);
}
- catch(const ImmediateServFailException& e) {
+ catch (const ImmediateServFailException& e) {
}
BOOST_CHECK_EQUAL(queries, 1U);
}
-BOOST_AUTO_TEST_CASE(test_dname_processing) {
+BOOST_AUTO_TEST_CASE(test_dname_processing)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr);
size_t queries = 0;
sr->setAsyncCallback([dnameOwner, dnameTarget, target, cnameTarget, uncachedTarget, uncachedCNAMETarget, &queries](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
- queries++;
-
- if (isRootServer(ip)) {
- if (domain.isPartOf(dnameOwner)) {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, dnameOwner, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800);
- addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- return 1;
- }
- if (domain.isPartOf(dnameTarget)) {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, dnameTarget, QType::NS, "b.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800);
- addRecordToLW(res, "b.gtld-servers.net.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
- return 1;
- }
- } else if (ip == ComboAddress("192.0.2.1:53")) {
- if (domain == target) {
- setLWResult(res, 0, true, false, false);
- addRecordToLW(res, dnameOwner, QType::DNAME, dnameTarget.toString());
- addRecordToLW(res, domain, QType::CNAME, cnameTarget.toString());
- return 1;
- }
- } else if (ip == ComboAddress("192.0.2.2:53")) {
- if (domain == cnameTarget) {
- setLWResult(res, 0, true, false, false);
- addRecordToLW(res, domain, QType::A, "192.0.2.2");
- }
- if (domain == uncachedCNAMETarget) {
- setLWResult(res, 0, true, false, false);
- addRecordToLW(res, domain, QType::A, "192.0.2.3");
- }
+ queries++;
+
+ if (isRootServer(ip)) {
+ if (domain.isPartOf(dnameOwner)) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, dnameOwner, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800);
+ addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
return 1;
}
- return 0;
- });
+ if (domain.isPartOf(dnameTarget)) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, dnameTarget, QType::NS, "b.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800);
+ addRecordToLW(res, "b.gtld-servers.net.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
+ return 1;
+ }
+ }
+ else if (ip == ComboAddress("192.0.2.1:53")) {
+ if (domain == target) {
+ setLWResult(res, 0, true, false, false);
+ addRecordToLW(res, dnameOwner, QType::DNAME, dnameTarget.toString());
+ addRecordToLW(res, domain, QType::CNAME, cnameTarget.toString());
+ return 1;
+ }
+ }
+ else if (ip == ComboAddress("192.0.2.2:53")) {
+ if (domain == cnameTarget) {
+ setLWResult(res, 0, true, false, false);
+ addRecordToLW(res, domain, QType::A, "192.0.2.2");
+ }
+ if (domain == uncachedCNAMETarget) {
+ setLWResult(res, 0, true, false, false);
+ addRecordToLW(res, domain, QType::A, "192.0.2.3");
+ }
+ return 1;
+ }
+ return 0;
+ });
vector<DNSRecord> ret;
int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret);
BOOST_CHECK_EQUAL(getRR<CNAMERecordContent>(ret[1])->getTarget(), synthCNAMETarget);
}
-BOOST_AUTO_TEST_CASE(test_dname_dnssec_secure) {
+BOOST_AUTO_TEST_CASE(test_dname_dnssec_secure)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr, true);
setDNSSECValidation(sr, DNSSECMode::ValidateAll);
size_t queries = 0;
sr->setAsyncCallback([dnameOwner, dnameTarget, target, cnameTarget, keys, &queries](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
- queries++;
- /* We don't use the genericDSAndDNSKEYHandler here, as it would deny names existing at the wrong level of the tree, due to the way computeZoneCuts works
+ queries++;
+ /* We don't use the genericDSAndDNSKEYHandler here, as it would deny names existing at the wrong level of the tree, due to the way computeZoneCuts works
* As such, we need to do some more work to make the answers correct.
*/
- if (isRootServer(ip)) {
- if (domain.countLabels() == 0 && type == QType::DNSKEY) { // .|DNSKEY
- setLWResult(res, 0, true, false, true);
- addDNSKEY(keys, domain, 300, res->d_records);
- addRRSIG(keys, res->d_records, DNSName("."), 300);
- return 1;
- }
- if (domain.countLabels() == 1 && type == QType::DS) { // powerdns|DS or example|DS
- setLWResult(res, 0, true, false, true);
- addDS(domain, 300, res->d_records, keys, DNSResourceRecord::ANSWER);
- addRRSIG(keys, res->d_records, DNSName("."), 300);
- return 1;
- }
- // For the rest, delegate!
- if (domain.isPartOf(dnameOwner)) {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, dnameOwner, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800);
- addDS(dnameOwner, 300, res->d_records, keys);
- addRRSIG(keys, res->d_records, DNSName("."), 300);
- addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- return 1;
- }
- if (domain.isPartOf(dnameTarget)) {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, dnameTarget, QType::NS, "b.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800);
- addDS(dnameTarget, 300, res->d_records, keys);
- addRRSIG(keys, res->d_records, DNSName("."), 300);
- addRecordToLW(res, "b.gtld-servers.net.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
- return 1;
- }
- } else if (ip == ComboAddress("192.0.2.1:53")) {
- if (domain.countLabels() == 1 && type == QType::DNSKEY) { // powerdns|DNSKEY
- setLWResult(res, 0, true, false, true);
- addDNSKEY(keys, domain, 300, res->d_records);
- addRRSIG(keys, res->d_records, domain, 300);
- return 1;
- }
- if (domain == target && type == QType::DS) { // dname.powerdns|DS
- return genericDSAndDNSKEYHandler(res, domain, domain, type, keys, false);
- }
- if (domain == target) {
- setLWResult(res, 0, true, false, false);
- addRecordToLW(res, dnameOwner, QType::DNAME, dnameTarget.toString());
- addRRSIG(keys, res->d_records, dnameOwner, 300);
- addRecordToLW(res, domain, QType::CNAME, cnameTarget.toString()); // CNAME from a DNAME is not signed
- return 1;
- }
- } else if (ip == ComboAddress("192.0.2.2:53")) {
- if (domain.countLabels() == 1 && type == QType::DNSKEY) { // example|DNSKEY
- setLWResult(res, 0, true, false, true);
- addDNSKEY(keys, domain, 300, res->d_records);
- addRRSIG(keys, res->d_records, domain, 300);
- return 1;
- }
- if (domain == cnameTarget && type == QType::DS) { // dname.example|DS
- return genericDSAndDNSKEYHandler(res, domain, domain, type, keys, false);
- }
- if (domain == cnameTarget) {
- setLWResult(res, 0, true, false, false);
- addRecordToLW(res, domain, QType::A, "192.0.2.2");
- addRRSIG(keys, res->d_records, dnameTarget, 300);
- }
+ if (isRootServer(ip)) {
+ if (domain.countLabels() == 0 && type == QType::DNSKEY) { // .|DNSKEY
+ setLWResult(res, 0, true, false, true);
+ addDNSKEY(keys, domain, 300, res->d_records);
+ addRRSIG(keys, res->d_records, DNSName("."), 300);
return 1;
}
- return 0;
- });
+ if (domain.countLabels() == 1 && type == QType::DS) { // powerdns|DS or example|DS
+ setLWResult(res, 0, true, false, true);
+ addDS(domain, 300, res->d_records, keys, DNSResourceRecord::ANSWER);
+ addRRSIG(keys, res->d_records, DNSName("."), 300);
+ return 1;
+ }
+ // For the rest, delegate!
+ if (domain.isPartOf(dnameOwner)) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, dnameOwner, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800);
+ addDS(dnameOwner, 300, res->d_records, keys);
+ addRRSIG(keys, res->d_records, DNSName("."), 300);
+ addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
+ return 1;
+ }
+ if (domain.isPartOf(dnameTarget)) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, dnameTarget, QType::NS, "b.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800);
+ addDS(dnameTarget, 300, res->d_records, keys);
+ addRRSIG(keys, res->d_records, DNSName("."), 300);
+ addRecordToLW(res, "b.gtld-servers.net.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
+ return 1;
+ }
+ }
+ else if (ip == ComboAddress("192.0.2.1:53")) {
+ if (domain.countLabels() == 1 && type == QType::DNSKEY) { // powerdns|DNSKEY
+ setLWResult(res, 0, true, false, true);
+ addDNSKEY(keys, domain, 300, res->d_records);
+ addRRSIG(keys, res->d_records, domain, 300);
+ return 1;
+ }
+ if (domain == target && type == QType::DS) { // dname.powerdns|DS
+ return genericDSAndDNSKEYHandler(res, domain, domain, type, keys, false);
+ }
+ if (domain == target) {
+ setLWResult(res, 0, true, false, false);
+ addRecordToLW(res, dnameOwner, QType::DNAME, dnameTarget.toString());
+ addRRSIG(keys, res->d_records, dnameOwner, 300);
+ addRecordToLW(res, domain, QType::CNAME, cnameTarget.toString()); // CNAME from a DNAME is not signed
+ return 1;
+ }
+ }
+ else if (ip == ComboAddress("192.0.2.2:53")) {
+ if (domain.countLabels() == 1 && type == QType::DNSKEY) { // example|DNSKEY
+ setLWResult(res, 0, true, false, true);
+ addDNSKEY(keys, domain, 300, res->d_records);
+ addRRSIG(keys, res->d_records, domain, 300);
+ return 1;
+ }
+ if (domain == cnameTarget && type == QType::DS) { // dname.example|DS
+ return genericDSAndDNSKEYHandler(res, domain, domain, type, keys, false);
+ }
+ if (domain == cnameTarget) {
+ setLWResult(res, 0, true, false, false);
+ addRecordToLW(res, domain, QType::A, "192.0.2.2");
+ addRRSIG(keys, res->d_records, dnameTarget, 300);
+ }
+ return 1;
+ }
+ return 0;
+ });
vector<DNSRecord> ret;
int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret);
BOOST_CHECK(ret[4].d_type == QType::RRSIG);
BOOST_CHECK_EQUAL(ret[4].d_name, cnameTarget);
-
}
-BOOST_AUTO_TEST_CASE(test_dname_dnssec_insecure) {
+BOOST_AUTO_TEST_CASE(test_dname_dnssec_insecure)
+{
/*
* The DNAME itself is signed, but the final A record is not
*/
size_t queries = 0;
sr->setAsyncCallback([dnameOwner, dnameTarget, target, cnameTarget, keys, &queries](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
- queries++;
-
- if (isRootServer(ip)) {
- if (domain.countLabels() == 0 && type == QType::DNSKEY) { // .|DNSKEY
- setLWResult(res, 0, true, false, true);
- addDNSKEY(keys, domain, 300, res->d_records);
- addRRSIG(keys, res->d_records, DNSName("."), 300);
- return 1;
- }
- if (domain == dnameOwner && type == QType::DS) { // powerdns|DS
- setLWResult(res, 0, true, false, true);
- addDS(domain, 300, res->d_records, keys, DNSResourceRecord::ANSWER);
- addRRSIG(keys, res->d_records, DNSName("."), 300);
- return 1;
- }
- if (domain == dnameTarget && type == QType::DS) { // example|DS
- return genericDSAndDNSKEYHandler(res, domain, DNSName("."), type, keys);
- }
- // For the rest, delegate!
- if (domain.isPartOf(dnameOwner)) {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, dnameOwner, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800);
- addDS(dnameOwner, 300, res->d_records, keys);
- addRRSIG(keys, res->d_records, DNSName("."), 300);
- addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- return 1;
- }
- if (domain.isPartOf(dnameTarget)) {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, dnameTarget, QType::NS, "b.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800);
- addDS(dnameTarget, 300, res->d_records, keys);
- addRRSIG(keys, res->d_records, DNSName("."), 300);
- addRecordToLW(res, "b.gtld-servers.net.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
- return 1;
- }
- } else if (ip == ComboAddress("192.0.2.1:53")) {
- if (domain.countLabels() == 1 && type == QType::DNSKEY) { // powerdns|DNSKEY
- setLWResult(res, 0, true, false, true);
- addDNSKEY(keys, domain, 300, res->d_records);
- addRRSIG(keys, res->d_records, domain, 300);
- return 1;
- }
- if (domain == target && type == QType::DS) { // dname.powerdns|DS
- return genericDSAndDNSKEYHandler(res, domain, dnameOwner, type, keys, false);
- }
- if (domain == target) {
- setLWResult(res, 0, true, false, false);
- addRecordToLW(res, dnameOwner, QType::DNAME, dnameTarget.toString());
- addRRSIG(keys, res->d_records, dnameOwner, 300);
- addRecordToLW(res, domain, QType::CNAME, cnameTarget.toString()); // CNAME from a DNAME is not signed
- return 1;
- }
- } else if (ip == ComboAddress("192.0.2.2:53")) {
- if (domain == target && type == QType::DS) { // dname.example|DS
- return genericDSAndDNSKEYHandler(res, domain, dnameTarget, type, keys, false);
- }
- if (domain == cnameTarget) {
- setLWResult(res, 0, true, false, false);
- addRecordToLW(res, domain, QType::A, "192.0.2.2");
- }
+ queries++;
+
+ if (isRootServer(ip)) {
+ if (domain.countLabels() == 0 && type == QType::DNSKEY) { // .|DNSKEY
+ setLWResult(res, 0, true, false, true);
+ addDNSKEY(keys, domain, 300, res->d_records);
+ addRRSIG(keys, res->d_records, DNSName("."), 300);
return 1;
}
- return 0;
- });
+ if (domain == dnameOwner && type == QType::DS) { // powerdns|DS
+ setLWResult(res, 0, true, false, true);
+ addDS(domain, 300, res->d_records, keys, DNSResourceRecord::ANSWER);
+ addRRSIG(keys, res->d_records, DNSName("."), 300);
+ return 1;
+ }
+ if (domain == dnameTarget && type == QType::DS) { // example|DS
+ return genericDSAndDNSKEYHandler(res, domain, DNSName("."), type, keys);
+ }
+ // For the rest, delegate!
+ if (domain.isPartOf(dnameOwner)) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, dnameOwner, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800);
+ addDS(dnameOwner, 300, res->d_records, keys);
+ addRRSIG(keys, res->d_records, DNSName("."), 300);
+ addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
+ return 1;
+ }
+ if (domain.isPartOf(dnameTarget)) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, dnameTarget, QType::NS, "b.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800);
+ addDS(dnameTarget, 300, res->d_records, keys);
+ addRRSIG(keys, res->d_records, DNSName("."), 300);
+ addRecordToLW(res, "b.gtld-servers.net.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
+ return 1;
+ }
+ }
+ else if (ip == ComboAddress("192.0.2.1:53")) {
+ if (domain.countLabels() == 1 && type == QType::DNSKEY) { // powerdns|DNSKEY
+ setLWResult(res, 0, true, false, true);
+ addDNSKEY(keys, domain, 300, res->d_records);
+ addRRSIG(keys, res->d_records, domain, 300);
+ return 1;
+ }
+ if (domain == target && type == QType::DS) { // dname.powerdns|DS
+ return genericDSAndDNSKEYHandler(res, domain, dnameOwner, type, keys, false);
+ }
+ if (domain == target) {
+ setLWResult(res, 0, true, false, false);
+ addRecordToLW(res, dnameOwner, QType::DNAME, dnameTarget.toString());
+ addRRSIG(keys, res->d_records, dnameOwner, 300);
+ addRecordToLW(res, domain, QType::CNAME, cnameTarget.toString()); // CNAME from a DNAME is not signed
+ return 1;
+ }
+ }
+ else if (ip == ComboAddress("192.0.2.2:53")) {
+ if (domain == target && type == QType::DS) { // dname.example|DS
+ return genericDSAndDNSKEYHandler(res, domain, dnameTarget, type, keys, false);
+ }
+ if (domain == cnameTarget) {
+ setLWResult(res, 0, true, false, false);
+ addRecordToLW(res, domain, QType::A, "192.0.2.2");
+ }
+ return 1;
+ }
+ return 0;
+ });
vector<DNSRecord> ret;
int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret);
BOOST_CHECK_EQUAL(ret[3].d_name, cnameTarget);
}
-BOOST_AUTO_TEST_CASE(test_dname_processing_no_CNAME) {
+BOOST_AUTO_TEST_CASE(test_dname_processing_no_CNAME)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr);
size_t queries = 0;
sr->setAsyncCallback([dnameOwner, dnameTarget, target, cnameTarget, &queries](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
- queries++;
-
- if (isRootServer(ip)) {
- if (domain.isPartOf(dnameOwner)) {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, dnameOwner, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800);
- addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- return 1;
- }
- if (domain.isPartOf(dnameTarget)) {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, dnameTarget, QType::NS, "b.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800);
- addRecordToLW(res, "b.gtld-servers.net.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
- return 1;
- }
- } else if (ip == ComboAddress("192.0.2.1:53")) {
- if (domain == target) {
- setLWResult(res, 0, true, false, false);
- addRecordToLW(res, dnameOwner, QType::DNAME, dnameTarget.toString());
- // No CNAME, recursor should synth
- return 1;
- }
- } else if (ip == ComboAddress("192.0.2.2:53")) {
- if (domain == cnameTarget) {
- setLWResult(res, 0, true, false, false);
- addRecordToLW(res, domain, QType::A, "192.0.2.2");
- }
+ queries++;
+
+ if (isRootServer(ip)) {
+ if (domain.isPartOf(dnameOwner)) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, dnameOwner, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800);
+ addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
return 1;
}
- return 0;
- });
+ if (domain.isPartOf(dnameTarget)) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, dnameTarget, QType::NS, "b.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800);
+ addRecordToLW(res, "b.gtld-servers.net.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
+ return 1;
+ }
+ }
+ else if (ip == ComboAddress("192.0.2.1:53")) {
+ if (domain == target) {
+ setLWResult(res, 0, true, false, false);
+ addRecordToLW(res, dnameOwner, QType::DNAME, dnameTarget.toString());
+ // No CNAME, recursor should synth
+ return 1;
+ }
+ }
+ else if (ip == ComboAddress("192.0.2.2:53")) {
+ if (domain == cnameTarget) {
+ setLWResult(res, 0, true, false, false);
+ addRecordToLW(res, domain, QType::A, "192.0.2.2");
+ }
+ return 1;
+ }
+ return 0;
+ });
vector<DNSRecord> ret;
int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret);
BOOST_AUTO_TEST_SUITE(syncres_cc2)
-BOOST_AUTO_TEST_CASE(test_referral_depth) {
+BOOST_AUTO_TEST_CASE(test_referral_depth)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr);
size_t queries = 0;
const DNSName target("www.powerdns.com.");
- sr->setAsyncCallback([target,&queries](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ sr->setAsyncCallback([target, &queries](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queries++;
- queries++;
+ if (isRootServer(ip)) {
+ setLWResult(res, 0, false, false, true);
- if (isRootServer(ip)) {
- setLWResult(res, 0, false, false, true);
-
- if (domain == DNSName("www.powerdns.com.")) {
- addRecordToLW(res, domain, QType::NS, "ns.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800);
- }
- else if (domain == DNSName("ns.powerdns.com.")) {
- addRecordToLW(res, domain, QType::NS, "ns1.powerdns.org.", DNSResourceRecord::AUTHORITY, 172800);
- }
- else if (domain == DNSName("ns1.powerdns.org.")) {
- addRecordToLW(res, domain, QType::NS, "ns2.powerdns.org.", DNSResourceRecord::AUTHORITY, 172800);
- }
- else if (domain == DNSName("ns2.powerdns.org.")) {
- addRecordToLW(res, domain, QType::NS, "ns3.powerdns.org.", DNSResourceRecord::AUTHORITY, 172800);
- }
- else if (domain == DNSName("ns3.powerdns.org.")) {
- addRecordToLW(res, domain, QType::NS, "ns4.powerdns.org.", DNSResourceRecord::AUTHORITY, 172800);
- }
- else if (domain == DNSName("ns4.powerdns.org.")) {
- addRecordToLW(res, domain, QType::NS, "ns5.powerdns.org.", DNSResourceRecord::AUTHORITY, 172800);
- addRecordToLW(res, domain, QType::A, "192.0.2.1", DNSResourceRecord::AUTHORITY, 172800);
- }
+ if (domain == DNSName("www.powerdns.com.")) {
+ addRecordToLW(res, domain, QType::NS, "ns.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800);
+ }
+ else if (domain == DNSName("ns.powerdns.com.")) {
+ addRecordToLW(res, domain, QType::NS, "ns1.powerdns.org.", DNSResourceRecord::AUTHORITY, 172800);
+ }
+ else if (domain == DNSName("ns1.powerdns.org.")) {
+ addRecordToLW(res, domain, QType::NS, "ns2.powerdns.org.", DNSResourceRecord::AUTHORITY, 172800);
+ }
+ else if (domain == DNSName("ns2.powerdns.org.")) {
+ addRecordToLW(res, domain, QType::NS, "ns3.powerdns.org.", DNSResourceRecord::AUTHORITY, 172800);
+ }
+ else if (domain == DNSName("ns3.powerdns.org.")) {
+ addRecordToLW(res, domain, QType::NS, "ns4.powerdns.org.", DNSResourceRecord::AUTHORITY, 172800);
+ }
+ else if (domain == DNSName("ns4.powerdns.org.")) {
+ addRecordToLW(res, domain, QType::NS, "ns5.powerdns.org.", DNSResourceRecord::AUTHORITY, 172800);
+ addRecordToLW(res, domain, QType::A, "192.0.2.1", DNSResourceRecord::AUTHORITY, 172800);
+ }
- return 1;
- } else if (ip == ComboAddress("192.0.2.1:53")) {
+ return 1;
+ }
+ else if (ip == ComboAddress("192.0.2.1:53")) {
- setLWResult(res, 0, true, false, false);
- addRecordToLW(res, domain, QType::A, "192.0.2.2");
- return 1;
- }
+ setLWResult(res, 0, true, false, false);
+ addRecordToLW(res, domain, QType::A, "192.0.2.2");
+ return 1;
+ }
- return 0;
- });
+ return 0;
+ });
/* Set the maximum depth low */
SyncRes::s_maxdepth = 10;
sr->beginResolve(target, QType(QType::A), QClass::IN, ret);
BOOST_CHECK(false);
}
- catch(const ImmediateServFailException& e) {
+ catch (const ImmediateServFailException& e) {
}
}
-BOOST_AUTO_TEST_CASE(test_cname_qperq) {
+BOOST_AUTO_TEST_CASE(test_cname_qperq)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr);
size_t queries = 0;
const DNSName target("cname.powerdns.com.");
- sr->setAsyncCallback([target,&queries](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ sr->setAsyncCallback([target, &queries](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queries++;
- queries++;
+ if (isRootServer(ip)) {
- if (isRootServer(ip)) {
-
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, domain, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800);
- addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- return 1;
- } else if (ip == ComboAddress("192.0.2.1:53")) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, domain, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800);
+ addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
+ return 1;
+ }
+ else if (ip == ComboAddress("192.0.2.1:53")) {
- setLWResult(res, 0, true, false, false);
- addRecordToLW(res, domain, QType::CNAME, std::to_string(queries) + "-cname.powerdns.com");
- return 1;
- }
+ setLWResult(res, 0, true, false, false);
+ addRecordToLW(res, domain, QType::CNAME, std::to_string(queries) + "-cname.powerdns.com");
+ return 1;
+ }
- return 0;
- });
+ return 0;
+ });
/* Set the maximum number of questions very low */
SyncRes::s_maxqperq = 5;
sr->beginResolve(target, QType(QType::A), QClass::IN, ret);
BOOST_CHECK(false);
}
- catch(const ImmediateServFailException& e) {
+ catch (const ImmediateServFailException& e) {
BOOST_CHECK_EQUAL(queries, SyncRes::s_maxqperq);
}
}
-BOOST_AUTO_TEST_CASE(test_throttled_server) {
+BOOST_AUTO_TEST_CASE(test_throttled_server)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr);
const ComboAddress ns("192.0.2.1:53");
size_t queriesToNS = 0;
- sr->setAsyncCallback([target,ns,&queriesToNS](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ sr->setAsyncCallback([target, ns, &queriesToNS](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ if (isRootServer(ip)) {
- if (isRootServer(ip)) {
-
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, domain, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800);
- addRecordToLW(res, "a.gtld-servers.net.", QType::A, ns.toString(), DNSResourceRecord::ADDITIONAL, 3600);
- return 1;
- } else if (ip == ns) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, domain, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800);
+ addRecordToLW(res, "a.gtld-servers.net.", QType::A, ns.toString(), DNSResourceRecord::ADDITIONAL, 3600);
+ return 1;
+ }
+ else if (ip == ns) {
- queriesToNS++;
+ queriesToNS++;
- setLWResult(res, 0, true, false, false);
- addRecordToLW(res, domain, QType::A, "192.0.2.2");
+ setLWResult(res, 0, true, false, false);
+ addRecordToLW(res, domain, QType::A, "192.0.2.2");
- return 1;
- }
+ return 1;
+ }
- return 0;
- });
+ return 0;
+ });
/* mark ns as down */
time_t now = sr->getNow().tv_sec;
BOOST_CHECK_EQUAL(queriesToNS, 0U);
}
-BOOST_AUTO_TEST_CASE(test_throttled_server_count) {
+BOOST_AUTO_TEST_CASE(test_throttled_server_count)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr);
BOOST_CHECK(!SyncRes::isThrottled(now, ns));
}
-BOOST_AUTO_TEST_CASE(test_throttled_server_time) {
+BOOST_AUTO_TEST_CASE(test_throttled_server_time)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr);
BOOST_CHECK(!SyncRes::isThrottled(now + 2, ns));
}
-BOOST_AUTO_TEST_CASE(test_dont_query_server) {
+BOOST_AUTO_TEST_CASE(test_dont_query_server)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr);
const ComboAddress ns("192.0.2.1:53");
size_t queriesToNS = 0;
- sr->setAsyncCallback([target,ns,&queriesToNS](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ sr->setAsyncCallback([target, ns, &queriesToNS](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ if (isRootServer(ip)) {
- if (isRootServer(ip)) {
-
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, domain, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800);
- addRecordToLW(res, "a.gtld-servers.net.", QType::A, ns.toString(), DNSResourceRecord::ADDITIONAL, 3600);
- return 1;
- } else if (ip == ns) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, domain, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800);
+ addRecordToLW(res, "a.gtld-servers.net.", QType::A, ns.toString(), DNSResourceRecord::ADDITIONAL, 3600);
+ return 1;
+ }
+ else if (ip == ns) {
- queriesToNS++;
+ queriesToNS++;
- setLWResult(res, 0, true, false, false);
- addRecordToLW(res, domain, QType::A, "192.0.2.2");
+ setLWResult(res, 0, true, false, false);
+ addRecordToLW(res, domain, QType::A, "192.0.2.2");
- return 1;
- }
+ return 1;
+ }
- return 0;
- });
+ return 0;
+ });
/* prevent querying this NS */
SyncRes::addDontQuery(Netmask(ns));
BOOST_CHECK_EQUAL(queriesToNS, 0U);
}
-BOOST_AUTO_TEST_CASE(test_root_nx_trust) {
+BOOST_AUTO_TEST_CASE(test_root_nx_trust)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr);
size_t queriesCount = 0;
sr->setAsyncCallback([target1, target2, ns, &queriesCount](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queriesCount++;
- queriesCount++;
+ if (isRootServer(ip)) {
- if (isRootServer(ip)) {
-
- if (domain == target1) {
- setLWResult(res, RCode::NXDomain, true, false, true);
- addRecordToLW(res, ".", QType::SOA, "a.root-servers.net. nstld.verisign-grs.com. 2017032800 1800 900 604800 86400", DNSResourceRecord::AUTHORITY, 86400);
- }
- else {
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, domain, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800);
- addRecordToLW(res, "a.gtld-servers.net.", QType::A, ns.toString(), DNSResourceRecord::ADDITIONAL, 3600);
- }
+ if (domain == target1) {
+ setLWResult(res, RCode::NXDomain, true, false, true);
+ addRecordToLW(res, ".", QType::SOA, "a.root-servers.net. nstld.verisign-grs.com. 2017032800 1800 900 604800 86400", DNSResourceRecord::AUTHORITY, 86400);
+ }
+ else {
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, domain, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800);
+ addRecordToLW(res, "a.gtld-servers.net.", QType::A, ns.toString(), DNSResourceRecord::ADDITIONAL, 3600);
+ }
- return 1;
- } else if (ip == ns) {
+ return 1;
+ }
+ else if (ip == ns) {
- setLWResult(res, 0, true, false, false);
- addRecordToLW(res, domain, QType::A, "192.0.2.2");
+ setLWResult(res, 0, true, false, false);
+ addRecordToLW(res, domain, QType::A, "192.0.2.2");
- return 1;
- }
+ return 1;
+ }
- return 0;
- });
+ return 0;
+ });
SyncRes::s_maxnegttl = 3600;
BOOST_CHECK_EQUAL(queriesCount, 1U);
}
-BOOST_AUTO_TEST_CASE(test_root_nx_trust_specific) {
+BOOST_AUTO_TEST_CASE(test_root_nx_trust_specific)
+{
std::unique_ptr<SyncRes> sr;
initSR();
initSR(sr, true, false);
We should add target1 to the negcache, but not "com.". */
sr->setAsyncCallback([target1, target2, ns, &queriesCount](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queriesCount++;
- queriesCount++;
-
- if (isRootServer(ip)) {
+ if (isRootServer(ip)) {
- if (domain == target1) {
- setLWResult(res, RCode::NXDomain, true, false, true);
- addRecordToLW(res, "com.", QType::SOA, "a.root-servers.net. nstld.verisign-grs.com. 2017032800 1800 900 604800 86400", DNSResourceRecord::AUTHORITY, 86400);
- }
- else {
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, domain, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800);
- addRecordToLW(res, "a.gtld-servers.net.", QType::A, ns.toString(), DNSResourceRecord::ADDITIONAL, 3600);
- }
+ if (domain == target1) {
+ setLWResult(res, RCode::NXDomain, true, false, true);
+ addRecordToLW(res, "com.", QType::SOA, "a.root-servers.net. nstld.verisign-grs.com. 2017032800 1800 900 604800 86400", DNSResourceRecord::AUTHORITY, 86400);
+ }
+ else {
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, domain, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800);
+ addRecordToLW(res, "a.gtld-servers.net.", QType::A, ns.toString(), DNSResourceRecord::ADDITIONAL, 3600);
+ }
- return 1;
- } else if (ip == ns) {
+ return 1;
+ }
+ else if (ip == ns) {
- setLWResult(res, 0, true, false, false);
- addRecordToLW(res, domain, QType::A, "192.0.2.2");
+ setLWResult(res, 0, true, false, false);
+ addRecordToLW(res, domain, QType::A, "192.0.2.2");
- return 1;
- }
+ return 1;
+ }
- return 0;
- });
+ return 0;
+ });
vector<DNSRecord> ret;
int res = sr->beginResolve(target1, QType(QType::A), QClass::IN, ret);
BOOST_CHECK_EQUAL(queriesCount, 3U);
}
-BOOST_AUTO_TEST_CASE(test_root_nx_dont_trust) {
+BOOST_AUTO_TEST_CASE(test_root_nx_dont_trust)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr);
size_t queriesCount = 0;
sr->setAsyncCallback([target1, target2, ns, &queriesCount](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queriesCount++;
- queriesCount++;
+ if (isRootServer(ip)) {
- if (isRootServer(ip)) {
-
- if (domain == target1) {
- setLWResult(res, RCode::NXDomain, true, false, true);
- addRecordToLW(res, ".", QType::SOA, "a.root-servers.net. nstld.verisign-grs.com. 2017032800 1800 900 604800 86400", DNSResourceRecord::AUTHORITY, 86400);
- }
- else {
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, domain, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800);
- addRecordToLW(res, "a.gtld-servers.net.", QType::A, ns.toString(), DNSResourceRecord::ADDITIONAL, 3600);
- }
+ if (domain == target1) {
+ setLWResult(res, RCode::NXDomain, true, false, true);
+ addRecordToLW(res, ".", QType::SOA, "a.root-servers.net. nstld.verisign-grs.com. 2017032800 1800 900 604800 86400", DNSResourceRecord::AUTHORITY, 86400);
+ }
+ else {
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, domain, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800);
+ addRecordToLW(res, "a.gtld-servers.net.", QType::A, ns.toString(), DNSResourceRecord::ADDITIONAL, 3600);
+ }
- return 1;
- } else if (ip == ns) {
+ return 1;
+ }
+ else if (ip == ns) {
- setLWResult(res, 0, true, false, false);
- addRecordToLW(res, domain, QType::A, "192.0.2.2");
+ setLWResult(res, 0, true, false, false);
+ addRecordToLW(res, domain, QType::A, "192.0.2.2");
- return 1;
- }
+ return 1;
+ }
- return 0;
- });
+ return 0;
+ });
SyncRes::s_rootNXTrust = false;
BOOST_CHECK_EQUAL(queriesCount, 3U);
}
-BOOST_AUTO_TEST_CASE(test_rfc8020_nothing_underneath) {
+BOOST_AUTO_TEST_CASE(test_rfc8020_nothing_underneath)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr);
SyncRes::s_hardenNXD = SyncRes::HardenNXD::Yes;
size_t queriesCount = 0;
sr->setAsyncCallback([ns, &queriesCount](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queriesCount++;
- queriesCount++;
-
- if (isRootServer(ip)) {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, "powerdns.com.", QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800);
- addRecordToLW(res, "ns1.powerdns.com.", QType::A, ns.toString(), DNSResourceRecord::ADDITIONAL, 3600);
- return 1;
- } else if (ip == ns) {
- setLWResult(res, RCode::NXDomain, true, false, false);
- addRecordToLW(res, "powerdns.com.", QType::SOA, "ns1.powerdns.com. hostmaster.powerdns.com. 2017032800 1800 900 604800 86400", DNSResourceRecord::AUTHORITY, 86400);
- return 1;
- }
- return 0;
- });
+ if (isRootServer(ip)) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, "powerdns.com.", QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800);
+ addRecordToLW(res, "ns1.powerdns.com.", QType::A, ns.toString(), DNSResourceRecord::ADDITIONAL, 3600);
+ return 1;
+ }
+ else if (ip == ns) {
+ setLWResult(res, RCode::NXDomain, true, false, false);
+ addRecordToLW(res, "powerdns.com.", QType::SOA, "ns1.powerdns.com. hostmaster.powerdns.com. 2017032800 1800 900 604800 86400", DNSResourceRecord::AUTHORITY, 86400);
+ return 1;
+ }
+ return 0;
+ });
vector<DNSRecord> ret;
int res = sr->beginResolve(target1, QType(QType::A), QClass::IN, ret);
// reset
SyncRes::s_hardenNXD = SyncRes::HardenNXD::DNSSEC;
}
-
-BOOST_AUTO_TEST_CASE(test_rfc8020_nothing_underneath_dnssec) {
+
+BOOST_AUTO_TEST_CASE(test_rfc8020_nothing_underneath_dnssec)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr, true);
setDNSSECValidation(sr, DNSSECMode::ValidateAll);
size_t queriesCount = 0;
- sr->setAsyncCallback([target1,target2,target3,target4,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ sr->setAsyncCallback([target1, target2, target3, target4, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
queriesCount++;
DNSName auth = domain;
setLWResult(res, RCode::NXDomain, true, false, true);
addRecordToLW(res, DNSName("powerdns.com."), QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
addRRSIG(keys, res->d_records, auth, 300);
- addNSECRecordToLW(DNSName("wwa.powerdns.com."), DNSName("wwz.powerdns.com."), { QType::RRSIG, QType::NSEC }, 600, res->d_records);
+ addNSECRecordToLW(DNSName("wwa.powerdns.com."), DNSName("wwz.powerdns.com."), {QType::RRSIG, QType::NSEC}, 600, res->d_records);
addRRSIG(keys, res->d_records, auth, 300);
return 1;
}
setLWResult(res, RCode::NXDomain, true, false, true);
addRecordToLW(res, DNSName("powerdns.com."), QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
addRRSIG(keys, res->d_records, auth, 300);
- addNSECRecordToLW(DNSName("wwa.powerdns.com."), DNSName("wwz.powerdns.com."), { QType::RRSIG, QType::NSEC }, 600, res->d_records);
+ addNSECRecordToLW(DNSName("wwa.powerdns.com."), DNSName("wwz.powerdns.com."), {QType::RRSIG, QType::NSEC}, 600, res->d_records);
addRRSIG(keys, res->d_records, auth, 300);
/* add wildcard denial */
- addNSECRecordToLW(DNSName("powerdns.com."), DNSName("a.powerdns.com."), { QType::RRSIG, QType::NSEC }, 600, res->d_records);
+ addNSECRecordToLW(DNSName("powerdns.com."), DNSName("a.powerdns.com."), {QType::RRSIG, QType::NSEC}, 600, res->d_records);
addRRSIG(keys, res->d_records, auth, 300);
}
return 1;
SyncRes::s_hardenNXD = SyncRes::HardenNXD::DNSSEC;
}
-BOOST_AUTO_TEST_CASE(test_rfc8020_nodata) {
+BOOST_AUTO_TEST_CASE(test_rfc8020_nodata)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr);
SyncRes::s_hardenNXD = SyncRes::HardenNXD::Yes;
size_t queriesCount = 0;
sr->setAsyncCallback([ns, target1, target2, target3, &queriesCount](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queriesCount++;
- queriesCount++;
-
- if (isRootServer(ip)) {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, "powerdns.com.", QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800);
- addRecordToLW(res, "ns1.powerdns.com.", QType::A, ns.toString(), DNSResourceRecord::ADDITIONAL, 3600);
- return 1;
- } else if (ip == ns) {
- if (domain == target1) { // NODATA for TXT, NOERROR for A
- if (type == QType::TXT) {
- setLWResult(res, RCode::NoError, true);
- addRecordToLW(res, "powerdns.com.", QType::SOA, "ns1.powerdns.com. hostmaster.powerdns.com. 2017032800 1800 900 604800 86400", DNSResourceRecord::AUTHORITY, 86400);
- return 1;
- }
- if (type == QType::A) {
- setLWResult(res, RCode::NoError, true);
- addRecordToLW(res, domain, QType::A, "192.0.2.1", DNSResourceRecord::ANSWER, 86400);
- return 1;
- }
- }
- if (domain == target2 || domain == target3) {
- setLWResult(res, RCode::NXDomain, true);
+ if (isRootServer(ip)) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, "powerdns.com.", QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800);
+ addRecordToLW(res, "ns1.powerdns.com.", QType::A, ns.toString(), DNSResourceRecord::ADDITIONAL, 3600);
+ return 1;
+ }
+ else if (ip == ns) {
+ if (domain == target1) { // NODATA for TXT, NOERROR for A
+ if (type == QType::TXT) {
+ setLWResult(res, RCode::NoError, true);
addRecordToLW(res, "powerdns.com.", QType::SOA, "ns1.powerdns.com. hostmaster.powerdns.com. 2017032800 1800 900 604800 86400", DNSResourceRecord::AUTHORITY, 86400);
return 1;
}
+ if (type == QType::A) {
+ setLWResult(res, RCode::NoError, true);
+ addRecordToLW(res, domain, QType::A, "192.0.2.1", DNSResourceRecord::ANSWER, 86400);
+ return 1;
+ }
}
- return 0;
- });
+ if (domain == target2 || domain == target3) {
+ setLWResult(res, RCode::NXDomain, true);
+ addRecordToLW(res, "powerdns.com.", QType::SOA, "ns1.powerdns.com. hostmaster.powerdns.com. 2017032800 1800 900 604800 86400", DNSResourceRecord::AUTHORITY, 86400);
+ return 1;
+ }
+ }
+ return 0;
+ });
vector<DNSRecord> ret;
int res = sr->beginResolve(target1, QType(QType::TXT), QClass::IN, ret);
BOOST_CHECK_EQUAL(SyncRes::getNegCacheSize(), 2U);
}
-BOOST_AUTO_TEST_CASE(test_rfc8020_nodata_bis) {
+BOOST_AUTO_TEST_CASE(test_rfc8020_nodata_bis)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr);
SyncRes::s_hardenNXD = SyncRes::HardenNXD::Yes;
size_t queriesCount = 0;
sr->setAsyncCallback([ns, target1, target2, target3, &queriesCount](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queriesCount++;
- queriesCount++;
-
- if (isRootServer(ip)) {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, "powerdns.com.", QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800);
- addRecordToLW(res, "ns1.powerdns.com.", QType::A, ns.toString(), DNSResourceRecord::ADDITIONAL, 3600);
- return 1;
- } else if (ip == ns) {
- if (domain == target1) { // NODATA for TXT, NOERROR for A
- if (type == QType::TXT) {
- setLWResult(res, RCode::NoError, true);
- addRecordToLW(res, "powerdns.com.", QType::SOA, "ns1.powerdns.com. hostmaster.powerdns.com. 2017032800 1800 900 604800 86400", DNSResourceRecord::AUTHORITY, 86400);
- return 1;
- }
- if (type == QType::A) {
- setLWResult(res, RCode::NoError, true);
- addRecordToLW(res, domain, QType::A, "192.0.2.1", DNSResourceRecord::ANSWER, 86400);
- return 1;
- }
- }
- if (domain == target2 || domain == target3) {
- setLWResult(res, RCode::NXDomain, true);
+ if (isRootServer(ip)) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, "powerdns.com.", QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800);
+ addRecordToLW(res, "ns1.powerdns.com.", QType::A, ns.toString(), DNSResourceRecord::ADDITIONAL, 3600);
+ return 1;
+ }
+ else if (ip == ns) {
+ if (domain == target1) { // NODATA for TXT, NOERROR for A
+ if (type == QType::TXT) {
+ setLWResult(res, RCode::NoError, true);
addRecordToLW(res, "powerdns.com.", QType::SOA, "ns1.powerdns.com. hostmaster.powerdns.com. 2017032800 1800 900 604800 86400", DNSResourceRecord::AUTHORITY, 86400);
return 1;
}
+ if (type == QType::A) {
+ setLWResult(res, RCode::NoError, true);
+ addRecordToLW(res, domain, QType::A, "192.0.2.1", DNSResourceRecord::ANSWER, 86400);
+ return 1;
+ }
}
- return 0;
- });
+ if (domain == target2 || domain == target3) {
+ setLWResult(res, RCode::NXDomain, true);
+ addRecordToLW(res, "powerdns.com.", QType::SOA, "ns1.powerdns.com. hostmaster.powerdns.com. 2017032800 1800 900 604800 86400", DNSResourceRecord::AUTHORITY, 86400);
+ return 1;
+ }
+ }
+ return 0;
+ });
vector<DNSRecord> ret;
int res = sr->beginResolve(target1, QType(QType::TXT), QClass::IN, ret);
BOOST_CHECK_EQUAL(SyncRes::getNegCacheSize(), 2U);
}
-BOOST_AUTO_TEST_CASE(test_skip_negcache_for_variable_response) {
+BOOST_AUTO_TEST_CASE(test_skip_negcache_for_variable_response)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr);
incomingECS.source = Netmask("192.0.2.128/32");
sr->setQuerySource(ComboAddress(), boost::optional<const EDNSSubnetOpts&>(incomingECS));
- sr->setAsyncCallback([target,cnameTarget](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ sr->setAsyncCallback([target, cnameTarget](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ BOOST_REQUIRE(srcmask);
+ BOOST_CHECK_EQUAL(srcmask->toString(), "192.0.2.0/24");
- BOOST_REQUIRE(srcmask);
- BOOST_CHECK_EQUAL(srcmask->toString(), "192.0.2.0/24");
-
- if (isRootServer(ip)) {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, "powerdns.com.", QType::NS, "pdns-public-ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800);
- addRecordToLW(res, "pdns-public-ns1.powerdns.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
+ if (isRootServer(ip)) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, "powerdns.com.", QType::NS, "pdns-public-ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800);
+ addRecordToLW(res, "pdns-public-ns1.powerdns.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- srcmask = boost::none;
+ srcmask = boost::none;
- return 1;
- } else if (ip == ComboAddress("192.0.2.1:53")) {
- if (domain == target) {
- /* Type 2 NXDOMAIN (rfc2308 section-2.1) */
- setLWResult(res, RCode::NXDomain, true, false, true);
- addRecordToLW(res, domain, QType::CNAME, cnameTarget.toString());
- addRecordToLW(res, "powerdns.com", QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
- }
- else if (domain == cnameTarget) {
- /* we shouldn't get there since the Type NXDOMAIN should have been enough,
+ return 1;
+ }
+ else if (ip == ComboAddress("192.0.2.1:53")) {
+ if (domain == target) {
+ /* Type 2 NXDOMAIN (rfc2308 section-2.1) */
+ setLWResult(res, RCode::NXDomain, true, false, true);
+ addRecordToLW(res, domain, QType::CNAME, cnameTarget.toString());
+ addRecordToLW(res, "powerdns.com", QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
+ }
+ else if (domain == cnameTarget) {
+ /* we shouldn't get there since the Type NXDOMAIN should have been enough,
but we might if we still chase the CNAME. */
- setLWResult(res, RCode::NXDomain, true, false, true);
- addRecordToLW(res, "powerdns.com", QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
- }
-
- return 1;
+ setLWResult(res, RCode::NXDomain, true, false, true);
+ addRecordToLW(res, "powerdns.com", QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
}
- return 0;
- });
+ return 1;
+ }
+
+ return 0;
+ });
vector<DNSRecord> ret;
int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret);
BOOST_CHECK_EQUAL(SyncRes::getNegCacheSize(), 0U);
}
-BOOST_AUTO_TEST_CASE(test_ecs_cache_limit_allowed) {
+BOOST_AUTO_TEST_CASE(test_ecs_cache_limit_allowed)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr);
SyncRes::s_ecsipv4cachelimit = 24;
sr->setAsyncCallback([target](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ BOOST_REQUIRE(srcmask);
+ BOOST_CHECK_EQUAL(srcmask->toString(), "192.0.2.0/24");
- BOOST_REQUIRE(srcmask);
- BOOST_CHECK_EQUAL(srcmask->toString(), "192.0.2.0/24");
-
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, target, QType::A, "192.0.2.1");
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, target, QType::A, "192.0.2.1");
- return 1;
- });
+ return 1;
+ });
const time_t now = sr->getNow().tv_sec;
vector<DNSRecord> ret;
BOOST_REQUIRE_EQUAL(cached.size(), 1U);
}
-BOOST_AUTO_TEST_CASE(test_ecs_cache_limit_no_ttl_limit_allowed) {
+BOOST_AUTO_TEST_CASE(test_ecs_cache_limit_no_ttl_limit_allowed)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr);
SyncRes::s_ecsipv4cachelimit = 16;
sr->setAsyncCallback([target](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ BOOST_REQUIRE(srcmask);
+ BOOST_CHECK_EQUAL(srcmask->toString(), "192.0.2.0/24");
- BOOST_REQUIRE(srcmask);
- BOOST_CHECK_EQUAL(srcmask->toString(), "192.0.2.0/24");
-
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, target, QType::A, "192.0.2.1");
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, target, QType::A, "192.0.2.1");
- return 1;
- });
+ return 1;
+ });
const time_t now = sr->getNow().tv_sec;
vector<DNSRecord> ret;
BOOST_REQUIRE_EQUAL(cached.size(), 1U);
}
-BOOST_AUTO_TEST_CASE(test_ecs_cache_ttllimit_allowed) {
- std::unique_ptr<SyncRes> sr;
- initSR(sr);
+BOOST_AUTO_TEST_CASE(test_ecs_cache_ttllimit_allowed)
+{
+ std::unique_ptr<SyncRes> sr;
+ initSR(sr);
- primeHints();
+ primeHints();
- const DNSName target("www.powerdns.com.");
+ const DNSName target("www.powerdns.com.");
- SyncRes::addEDNSDomain(DNSName("powerdns.com."));
+ SyncRes::addEDNSDomain(DNSName("powerdns.com."));
- EDNSSubnetOpts incomingECS;
- incomingECS.source = Netmask("192.0.2.128/32");
- sr->setQuerySource(ComboAddress(), boost::optional<const EDNSSubnetOpts&>(incomingECS));
- SyncRes::s_ecscachelimitttl = 30;
+ EDNSSubnetOpts incomingECS;
+ incomingECS.source = Netmask("192.0.2.128/32");
+ sr->setQuerySource(ComboAddress(), boost::optional<const EDNSSubnetOpts&>(incomingECS));
+ SyncRes::s_ecscachelimitttl = 30;
- sr->setAsyncCallback([target](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ sr->setAsyncCallback([target](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ BOOST_REQUIRE(srcmask);
+ BOOST_CHECK_EQUAL(srcmask->toString(), "192.0.2.0/24");
- BOOST_REQUIRE(srcmask);
- BOOST_CHECK_EQUAL(srcmask->toString(), "192.0.2.0/24");
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, target, QType::A, "192.0.2.1");
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, target, QType::A, "192.0.2.1");
+ return 1;
+ });
- return 1;
- });
+ const time_t now = sr->getNow().tv_sec;
+ vector<DNSRecord> ret;
+ int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret);
+ BOOST_CHECK_EQUAL(res, RCode::NoError);
+ BOOST_CHECK_EQUAL(ret.size(), 1U);
- const time_t now = sr->getNow().tv_sec;
- vector<DNSRecord> ret;
- int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret);
- BOOST_CHECK_EQUAL(res, RCode::NoError);
- BOOST_CHECK_EQUAL(ret.size(), 1U);
-
- /* should have been cached */
- const ComboAddress who("192.0.2.128");
- vector<DNSRecord> cached;
- BOOST_REQUIRE_GT(t_RC->get(now, target, QType(QType::A), true, &cached, who), 0);
- BOOST_REQUIRE_EQUAL(cached.size(), 1U);
+ /* should have been cached */
+ const ComboAddress who("192.0.2.128");
+ vector<DNSRecord> cached;
+ BOOST_REQUIRE_GT(t_RC->get(now, target, QType(QType::A), true, &cached, who), 0);
+ BOOST_REQUIRE_EQUAL(cached.size(), 1U);
}
-BOOST_AUTO_TEST_CASE(test_ecs_cache_ttllimit_and_scope_allowed) {
- std::unique_ptr<SyncRes> sr;
- initSR(sr);
+BOOST_AUTO_TEST_CASE(test_ecs_cache_ttllimit_and_scope_allowed)
+{
+ std::unique_ptr<SyncRes> sr;
+ initSR(sr);
- primeHints();
+ primeHints();
- const DNSName target("www.powerdns.com.");
+ const DNSName target("www.powerdns.com.");
- SyncRes::addEDNSDomain(DNSName("powerdns.com."));
+ SyncRes::addEDNSDomain(DNSName("powerdns.com."));
- EDNSSubnetOpts incomingECS;
- incomingECS.source = Netmask("192.0.2.128/32");
- sr->setQuerySource(ComboAddress(), boost::optional<const EDNSSubnetOpts&>(incomingECS));
- SyncRes::s_ecscachelimitttl = 100;
- SyncRes::s_ecsipv4cachelimit = 24;
+ EDNSSubnetOpts incomingECS;
+ incomingECS.source = Netmask("192.0.2.128/32");
+ sr->setQuerySource(ComboAddress(), boost::optional<const EDNSSubnetOpts&>(incomingECS));
+ SyncRes::s_ecscachelimitttl = 100;
+ SyncRes::s_ecsipv4cachelimit = 24;
- sr->setAsyncCallback([target](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ sr->setAsyncCallback([target](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ BOOST_REQUIRE(srcmask);
+ BOOST_CHECK_EQUAL(srcmask->toString(), "192.0.2.0/24");
- BOOST_REQUIRE(srcmask);
- BOOST_CHECK_EQUAL(srcmask->toString(), "192.0.2.0/24");
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, target, QType::A, "192.0.2.1");
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, target, QType::A, "192.0.2.1");
+ return 1;
+ });
- return 1;
- });
+ const time_t now = sr->getNow().tv_sec;
+ vector<DNSRecord> ret;
+ int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret);
+ BOOST_CHECK_EQUAL(res, RCode::NoError);
+ BOOST_CHECK_EQUAL(ret.size(), 1U);
- const time_t now = sr->getNow().tv_sec;
- vector<DNSRecord> ret;
- int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret);
- BOOST_CHECK_EQUAL(res, RCode::NoError);
- BOOST_CHECK_EQUAL(ret.size(), 1U);
-
- /* should have been cached */
- const ComboAddress who("192.0.2.128");
- vector<DNSRecord> cached;
- BOOST_REQUIRE_GT(t_RC->get(now, target, QType(QType::A), true, &cached, who), 0);
- BOOST_REQUIRE_EQUAL(cached.size(), 1U);
+ /* should have been cached */
+ const ComboAddress who("192.0.2.128");
+ vector<DNSRecord> cached;
+ BOOST_REQUIRE_GT(t_RC->get(now, target, QType(QType::A), true, &cached, who), 0);
+ BOOST_REQUIRE_EQUAL(cached.size(), 1U);
}
-BOOST_AUTO_TEST_CASE(test_ecs_cache_ttllimit_notallowed) {
- std::unique_ptr<SyncRes> sr;
- initSR(sr);
+BOOST_AUTO_TEST_CASE(test_ecs_cache_ttllimit_notallowed)
+{
+ std::unique_ptr<SyncRes> sr;
+ initSR(sr);
- primeHints();
+ primeHints();
- const DNSName target("www.powerdns.com.");
+ const DNSName target("www.powerdns.com.");
- SyncRes::addEDNSDomain(DNSName("powerdns.com."));
+ SyncRes::addEDNSDomain(DNSName("powerdns.com."));
- EDNSSubnetOpts incomingECS;
- incomingECS.source = Netmask("192.0.2.128/32");
- sr->setQuerySource(ComboAddress(), boost::optional<const EDNSSubnetOpts&>(incomingECS));
- SyncRes::s_ecscachelimitttl = 100;
- SyncRes::s_ecsipv4cachelimit = 16;
+ EDNSSubnetOpts incomingECS;
+ incomingECS.source = Netmask("192.0.2.128/32");
+ sr->setQuerySource(ComboAddress(), boost::optional<const EDNSSubnetOpts&>(incomingECS));
+ SyncRes::s_ecscachelimitttl = 100;
+ SyncRes::s_ecsipv4cachelimit = 16;
- sr->setAsyncCallback([target](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ sr->setAsyncCallback([target](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ BOOST_REQUIRE(srcmask);
+ BOOST_CHECK_EQUAL(srcmask->toString(), "192.0.2.0/24");
- BOOST_REQUIRE(srcmask);
- BOOST_CHECK_EQUAL(srcmask->toString(), "192.0.2.0/24");
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, target, QType::A, "192.0.2.1");
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, target, QType::A, "192.0.2.1");
+ return 1;
+ });
- return 1;
- });
+ const time_t now = sr->getNow().tv_sec;
+ vector<DNSRecord> ret;
+ int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret);
+ BOOST_CHECK_EQUAL(res, RCode::NoError);
+ BOOST_CHECK_EQUAL(ret.size(), 1U);
- const time_t now = sr->getNow().tv_sec;
- vector<DNSRecord> ret;
- int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret);
- BOOST_CHECK_EQUAL(res, RCode::NoError);
- BOOST_CHECK_EQUAL(ret.size(), 1U);
-
- /* should have NOT been cached because TTL of 60 is too small and /24 is more specific than /16 */
- const ComboAddress who("192.0.2.128");
- vector<DNSRecord> cached;
- BOOST_REQUIRE_LT(t_RC->get(now, target, QType(QType::A), true, &cached, who), 0);
- BOOST_REQUIRE_EQUAL(cached.size(), 0U);
+ /* should have NOT been cached because TTL of 60 is too small and /24 is more specific than /16 */
+ const ComboAddress who("192.0.2.128");
+ vector<DNSRecord> cached;
+ BOOST_REQUIRE_LT(t_RC->get(now, target, QType(QType::A), true, &cached, who), 0);
+ BOOST_REQUIRE_EQUAL(cached.size(), 0U);
}
-
-BOOST_AUTO_TEST_CASE(test_ns_speed) {
+BOOST_AUTO_TEST_CASE(test_ns_speed)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr);
std::map<ComboAddress, uint64_t> nsCounts;
- sr->setAsyncCallback([target,&nsCounts](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
-
- if (isRootServer(ip)) {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, domain, QType::NS, "pdns-public-ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800);
- addRecordToLW(res, domain, QType::NS, "pdns-public-ns2.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800);
- addRecordToLW(res, domain, QType::NS, "pdns-public-ns3.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800);
-
- addRecordToLW(res, "pdns-public-ns1.powerdns.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- addRecordToLW(res, "pdns-public-ns1.powerdns.com.", QType::AAAA, "2001:DB8::1", DNSResourceRecord::ADDITIONAL, 3600);
- addRecordToLW(res, "pdns-public-ns2.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
- addRecordToLW(res, "pdns-public-ns2.powerdns.com.", QType::AAAA, "2001:DB8::2", DNSResourceRecord::ADDITIONAL, 3600);
- addRecordToLW(res, "pdns-public-ns3.powerdns.com.", QType::A, "192.0.2.3", DNSResourceRecord::ADDITIONAL, 3600);
- addRecordToLW(res, "pdns-public-ns3.powerdns.com.", QType::AAAA, "2001:DB8::3", DNSResourceRecord::ADDITIONAL, 3600);
-
- return 1;
- } else {
- nsCounts[ip]++;
+ sr->setAsyncCallback([target, &nsCounts](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ if (isRootServer(ip)) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, domain, QType::NS, "pdns-public-ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800);
+ addRecordToLW(res, domain, QType::NS, "pdns-public-ns2.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800);
+ addRecordToLW(res, domain, QType::NS, "pdns-public-ns3.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800);
- if (ip == ComboAddress("[2001:DB8::2]:53") || ip == ComboAddress("192.0.2.2:53")) {
- BOOST_CHECK_LT(nsCounts.size(), 3U);
+ addRecordToLW(res, "pdns-public-ns1.powerdns.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
+ addRecordToLW(res, "pdns-public-ns1.powerdns.com.", QType::AAAA, "2001:DB8::1", DNSResourceRecord::ADDITIONAL, 3600);
+ addRecordToLW(res, "pdns-public-ns2.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
+ addRecordToLW(res, "pdns-public-ns2.powerdns.com.", QType::AAAA, "2001:DB8::2", DNSResourceRecord::ADDITIONAL, 3600);
+ addRecordToLW(res, "pdns-public-ns3.powerdns.com.", QType::A, "192.0.2.3", DNSResourceRecord::ADDITIONAL, 3600);
+ addRecordToLW(res, "pdns-public-ns3.powerdns.com.", QType::AAAA, "2001:DB8::3", DNSResourceRecord::ADDITIONAL, 3600);
- /* let's time out on pdns-public-ns2.powerdns.com. */
- return 0;
- }
- else if (ip == ComboAddress("192.0.2.1:53")) {
- BOOST_CHECK_EQUAL(nsCounts.size(), 3U);
+ return 1;
+ }
+ else {
+ nsCounts[ip]++;
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, domain, QType::A, "192.0.2.254");
- return 1;
- }
+ if (ip == ComboAddress("[2001:DB8::2]:53") || ip == ComboAddress("192.0.2.2:53")) {
+ BOOST_CHECK_LT(nsCounts.size(), 3U);
+ /* let's time out on pdns-public-ns2.powerdns.com. */
return 0;
}
+ else if (ip == ComboAddress("192.0.2.1:53")) {
+ BOOST_CHECK_EQUAL(nsCounts.size(), 3U);
+
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, domain, QType::A, "192.0.2.254");
+ return 1;
+ }
return 0;
- });
+ }
+
+ return 0;
+ });
struct timeval now = sr->getNow();
BOOST_CHECK_EQUAL(nsCounts[ComboAddress("[2001:DB8::2]:53")], 1U);
}
-BOOST_AUTO_TEST_CASE(test_flawed_nsset) {
+BOOST_AUTO_TEST_CASE(test_flawed_nsset)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr);
const DNSName target("powerdns.com.");
sr->setAsyncCallback([target](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ if (isRootServer(ip)) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, domain, QType::NS, "pdns-public-ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800);
- if (isRootServer(ip)) {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, domain, QType::NS, "pdns-public-ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800);
-
- addRecordToLW(res, "pdns-public-ns1.powerdns.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
+ addRecordToLW(res, "pdns-public-ns1.powerdns.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- return 1;
- } else if (ip == ComboAddress("192.0.2.1:53")) {
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, domain, QType::A, "192.0.2.254");
- return 1;
- }
+ return 1;
+ }
+ else if (ip == ComboAddress("192.0.2.1:53")) {
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, domain, QType::A, "192.0.2.254");
+ return 1;
+ }
- return 0;
- });
+ return 0;
+ });
/* we populate the cache with a flawed NSset, i.e. there is a NS entry but no corresponding glue */
time_t now = sr->getNow().tv_sec;
std::vector<DNSRecord> records;
- std::vector<shared_ptr<RRSIGRecordContent> > sigs;
+ std::vector<shared_ptr<RRSIGRecordContent>> sigs;
addRecordToList(records, target, QType::NS, "pdns-public-ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, now + 3600);
t_RC->replace(now, target, QType(QType::NS), records, sigs, vector<std::shared_ptr<DNSRecord>>(), true, boost::optional<Netmask>());
BOOST_CHECK_EQUAL(ret.size(), 1U);
}
-BOOST_AUTO_TEST_CASE(test_completely_flawed_nsset) {
+BOOST_AUTO_TEST_CASE(test_completely_flawed_nsset)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr);
const DNSName target("powerdns.com.");
size_t queriesCount = 0;
- sr->setAsyncCallback([&queriesCount,target](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
-
- queriesCount++;
+ sr->setAsyncCallback([&queriesCount, target](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queriesCount++;
- if (isRootServer(ip) && domain == target) {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, domain, QType::NS, "pdns-public-ns2.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800);
- addRecordToLW(res, domain, QType::NS, "pdns-public-ns3.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800);
- return 1;
- } else if (domain == DNSName("pdns-public-ns2.powerdns.com.") || domain == DNSName("pdns-public-ns3.powerdns.com.")){
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, ".", QType::SOA, "a.root-servers.net. nstld.verisign-grs.com. 2017032800 1800 900 604800 86400", DNSResourceRecord::AUTHORITY, 86400);
- return 1;
- }
+ if (isRootServer(ip) && domain == target) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, domain, QType::NS, "pdns-public-ns2.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800);
+ addRecordToLW(res, domain, QType::NS, "pdns-public-ns3.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800);
+ return 1;
+ }
+ else if (domain == DNSName("pdns-public-ns2.powerdns.com.") || domain == DNSName("pdns-public-ns3.powerdns.com.")) {
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, ".", QType::SOA, "a.root-servers.net. nstld.verisign-grs.com. 2017032800 1800 900 604800 86400", DNSResourceRecord::AUTHORITY, 86400);
+ return 1;
+ }
- return 0;
- });
+ return 0;
+ });
vector<DNSRecord> ret;
int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret);
BOOST_CHECK_EQUAL(queriesCount, 5U);
}
-BOOST_AUTO_TEST_CASE(test_cache_hit) {
+BOOST_AUTO_TEST_CASE(test_cache_hit)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr);
const DNSName target("powerdns.com.");
sr->setAsyncCallback([target](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
-
- return 0;
- });
+ return 0;
+ });
/* we populate the cache with eveything we need */
time_t now = sr->getNow().tv_sec;
std::vector<DNSRecord> records;
- std::vector<shared_ptr<RRSIGRecordContent> > sigs;
+ std::vector<shared_ptr<RRSIGRecordContent>> sigs;
addRecordToList(records, target, QType::A, "192.0.2.1", DNSResourceRecord::ANSWER, now + 3600);
- t_RC->replace(now, target , QType(QType::A), records, sigs, vector<std::shared_ptr<DNSRecord>>(), true, boost::optional<Netmask>());
+ t_RC->replace(now, target, QType(QType::A), records, sigs, vector<std::shared_ptr<DNSRecord>>(), true, boost::optional<Netmask>());
vector<DNSRecord> ret;
int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret);
BOOST_CHECK_EQUAL(ret.size(), 1U);
}
-BOOST_AUTO_TEST_CASE(test_no_rd) {
+BOOST_AUTO_TEST_CASE(test_no_rd)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr);
sr->setCacheOnly();
- sr->setAsyncCallback([target,&queriesCount](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
-
- queriesCount++;
- return 0;
- });
+ sr->setAsyncCallback([target, &queriesCount](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queriesCount++;
+ return 0;
+ });
vector<DNSRecord> ret;
int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret);
BOOST_CHECK_EQUAL(queriesCount, 0U);
}
-BOOST_AUTO_TEST_CASE(test_cache_min_max_ttl) {
+BOOST_AUTO_TEST_CASE(test_cache_min_max_ttl)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr);
const DNSName target("cachettl.powerdns.com.");
const ComboAddress ns("192.0.2.1:53");
- sr->setAsyncCallback([target,ns](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ sr->setAsyncCallback([target, ns](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ if (isRootServer(ip)) {
- if (isRootServer(ip)) {
-
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, domain, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800);
- addRecordToLW(res, "a.gtld-servers.net.", QType::A, ns.toString(), DNSResourceRecord::ADDITIONAL, 7200);
- return 1;
- } else if (ip == ns) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, domain, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800);
+ addRecordToLW(res, "a.gtld-servers.net.", QType::A, ns.toString(), DNSResourceRecord::ADDITIONAL, 7200);
+ return 1;
+ }
+ else if (ip == ns) {
- setLWResult(res, 0, true, false, false);
- addRecordToLW(res, domain, QType::A, "192.0.2.2", DNSResourceRecord::ANSWER, 10);
+ setLWResult(res, 0, true, false, false);
+ addRecordToLW(res, domain, QType::A, "192.0.2.2", DNSResourceRecord::ANSWER, 10);
- return 1;
- }
+ return 1;
+ }
- return 0;
- });
+ return 0;
+ });
const time_t now = sr->getNow().tv_sec;
SyncRes::s_minimumTTL = 60;
BOOST_CHECK_LE((cached[0].d_ttl - now), SyncRes::s_maxcachettl);
}
-BOOST_AUTO_TEST_CASE(test_cache_min_max_ecs_ttl) {
+BOOST_AUTO_TEST_CASE(test_cache_min_max_ecs_ttl)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr);
sr->setQuerySource(ComboAddress(), boost::optional<const EDNSSubnetOpts&>(incomingECS));
SyncRes::addEDNSDomain(target);
- sr->setAsyncCallback([target,ns](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
-
- BOOST_REQUIRE(srcmask);
- BOOST_CHECK_EQUAL(srcmask->toString(), "192.0.2.0/24");
+ sr->setAsyncCallback([target, ns](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ BOOST_REQUIRE(srcmask);
+ BOOST_CHECK_EQUAL(srcmask->toString(), "192.0.2.0/24");
- if (isRootServer(ip)) {
+ if (isRootServer(ip)) {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, domain, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800);
- addRecordToLW(res, "a.gtld-servers.net.", QType::A, ns.toString(), DNSResourceRecord::ADDITIONAL, 20);
- srcmask = boost::none;
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, domain, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800);
+ addRecordToLW(res, "a.gtld-servers.net.", QType::A, ns.toString(), DNSResourceRecord::ADDITIONAL, 20);
+ srcmask = boost::none;
- return 1;
- } else if (ip == ns) {
+ return 1;
+ }
+ else if (ip == ns) {
- setLWResult(res, 0, true, false, false);
- addRecordToLW(res, domain, QType::A, "192.0.2.2", DNSResourceRecord::ANSWER, 10);
+ setLWResult(res, 0, true, false, false);
+ addRecordToLW(res, domain, QType::A, "192.0.2.2", DNSResourceRecord::ANSWER, 10);
- return 1;
- }
+ return 1;
+ }
- return 0;
- });
+ return 0;
+ });
const time_t now = sr->getNow().tv_sec;
SyncRes::s_minimumTTL = 60;
BOOST_CHECK_LE((cached[0].d_ttl - now), SyncRes::s_minimumTTL);
}
-BOOST_AUTO_TEST_CASE(test_cache_expired_ttl) {
+BOOST_AUTO_TEST_CASE(test_cache_expired_ttl)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr);
const DNSName target("powerdns.com.");
sr->setAsyncCallback([target](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ if (isRootServer(ip)) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, domain, QType::NS, "pdns-public-ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800);
- if (isRootServer(ip)) {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, domain, QType::NS, "pdns-public-ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800);
-
- addRecordToLW(res, "pdns-public-ns1.powerdns.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
+ addRecordToLW(res, "pdns-public-ns1.powerdns.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- return 1;
- } else if (ip == ComboAddress("192.0.2.1:53")) {
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, domain, QType::A, "192.0.2.2");
- return 1;
- }
+ return 1;
+ }
+ else if (ip == ComboAddress("192.0.2.1:53")) {
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, domain, QType::A, "192.0.2.2");
+ return 1;
+ }
- return 0;
- });
+ return 0;
+ });
/* we populate the cache with entries that expired 60s ago*/
const time_t now = sr->getNow().tv_sec;
std::vector<DNSRecord> records;
- std::vector<shared_ptr<RRSIGRecordContent> > sigs;
+ std::vector<shared_ptr<RRSIGRecordContent>> sigs;
addRecordToList(records, target, QType::A, "192.0.2.42", DNSResourceRecord::ANSWER, now - 60);
t_RC->replace(now - 3600, target, QType(QType::A), records, sigs, vector<std::shared_ptr<DNSRecord>>(), true, boost::optional<Netmask>());
BOOST_AUTO_TEST_SUITE(syncres_cc3)
-BOOST_AUTO_TEST_CASE(test_cache_auth) {
+BOOST_AUTO_TEST_CASE(test_cache_auth)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr);
const DNSName target("cache-auth.powerdns.com.");
sr->setAsyncCallback([target](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, domain, QType::A, "192.0.2.2", DNSResourceRecord::ANSWER, 10);
+ addRecordToLW(res, domain, QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 10);
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, domain, QType::A, "192.0.2.2", DNSResourceRecord::ANSWER, 10);
- addRecordToLW(res, domain, QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 10);
-
- return 1;
- });
+ return 1;
+ });
const time_t now = sr->getNow().tv_sec;
BOOST_CHECK_EQUAL(getRR<ARecordContent>(cached.at(0))->getCA().toString(), ComboAddress("192.0.2.2").toString());
}
-BOOST_AUTO_TEST_CASE(test_delegation_only) {
+BOOST_AUTO_TEST_CASE(test_delegation_only)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr);
const DNSName target("nx-powerdns.com.");
sr->setAsyncCallback([target](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ if (isRootServer(ip)) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800);
+ addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
+ return 1;
+ }
+ else if (ip == ComboAddress("192.0.2.1:53")) {
- if (isRootServer(ip)) {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800);
- addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- return 1;
- } else if (ip == ComboAddress("192.0.2.1:53")) {
-
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, domain, QType::A, "192.0.2.42");
- return 1;
- }
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, domain, QType::A, "192.0.2.42");
+ return 1;
+ }
- return 0;
- });
+ return 0;
+ });
vector<DNSRecord> ret;
int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret);
BOOST_CHECK_EQUAL(ret.size(), 0U);
}
-BOOST_AUTO_TEST_CASE(test_unauth_any) {
+BOOST_AUTO_TEST_CASE(test_unauth_any)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr);
const DNSName target("powerdns.com.");
sr->setAsyncCallback([target](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ if (isRootServer(ip)) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800);
+ addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
+ return 1;
+ }
+ else if (ip == ComboAddress("192.0.2.1:53")) {
- if (isRootServer(ip)) {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800);
- addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- return 1;
- } else if (ip == ComboAddress("192.0.2.1:53")) {
-
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, domain, QType::A, "192.0.2.42");
- return 1;
- }
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, domain, QType::A, "192.0.2.42");
+ return 1;
+ }
- return 0;
- });
+ return 0;
+ });
vector<DNSRecord> ret;
int res = sr->beginResolve(target, QType(QType::ANY), QClass::IN, ret);
BOOST_CHECK_EQUAL(ret.size(), 0U);
}
-static void test_no_data_f(bool qmin) {
+static void test_no_data_f(bool qmin)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr);
if (qmin)
const DNSName target("powerdns.com.");
sr->setAsyncCallback(
- [target](const ComboAddress &ip, const DNSName &domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level,
- struct timeval *now, boost::optional <Netmask> &srcmask, boost::optional<const ResolveContext &> context,
- LWResult *res, bool *chained) {
-
+ [target](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level,
+ struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context,
+ LWResult* res, bool* chained) {
setLWResult(res, 0, true, false, true);
return 1;
});
BOOST_CHECK_EQUAL(ret.size(), 0U);
}
-BOOST_AUTO_TEST_CASE(test_no_data) {
+BOOST_AUTO_TEST_CASE(test_no_data)
+{
test_no_data_f(false);
}
-BOOST_AUTO_TEST_CASE(test_no_data_qmin) {
+BOOST_AUTO_TEST_CASE(test_no_data_qmin)
+{
test_no_data_f(true);
}
-BOOST_AUTO_TEST_CASE(test_skip_opt_any) {
+BOOST_AUTO_TEST_CASE(test_skip_opt_any)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr);
const DNSName target("powerdns.com.");
sr->setAsyncCallback([target](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
-
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, domain, QType::A, "192.0.2.42");
- addRecordToLW(res, domain, QType::ANY, "0 0");
- addRecordToLW(res, domain, QType::OPT, "");
- return 1;
- });
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, domain, QType::A, "192.0.2.42");
+ addRecordToLW(res, domain, QType::ANY, "0 0");
+ addRecordToLW(res, domain, QType::OPT, "");
+ return 1;
+ });
vector<DNSRecord> ret;
int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret);
BOOST_CHECK_EQUAL(ret.size(), 1U);
}
-BOOST_AUTO_TEST_CASE(test_nodata_nsec_nodnssec) {
+BOOST_AUTO_TEST_CASE(test_nodata_nsec_nodnssec)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr);
const DNSName target("powerdns.com.");
sr->setAsyncCallback([target](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
-
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
- /* the NSEC and RRSIG contents are complete garbage, please ignore them */
- addRecordToLW(res, domain, QType::NSEC, "deadbeef", DNSResourceRecord::AUTHORITY);
- addRecordToLW(res, domain, QType::RRSIG, "NSEC 5 2 600 2100010100000000 2100010100000000 24567 dummy data", DNSResourceRecord::AUTHORITY);
- addRecordToLW(res, domain, QType::RRSIG, "SOA 5 3 600 2100010100000000 2100010100000000 24567 dummy data", DNSResourceRecord::AUTHORITY);
- return 1;
- });
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
+ /* the NSEC and RRSIG contents are complete garbage, please ignore them */
+ addRecordToLW(res, domain, QType::NSEC, "deadbeef", DNSResourceRecord::AUTHORITY);
+ addRecordToLW(res, domain, QType::RRSIG, "NSEC 5 2 600 2100010100000000 2100010100000000 24567 dummy data", DNSResourceRecord::AUTHORITY);
+ addRecordToLW(res, domain, QType::RRSIG, "SOA 5 3 600 2100010100000000 2100010100000000 24567 dummy data", DNSResourceRecord::AUTHORITY);
+ return 1;
+ });
vector<DNSRecord> ret;
int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret);
BOOST_CHECK_EQUAL(ret.size(), 1U);
}
-BOOST_AUTO_TEST_CASE(test_nodata_nsec_dnssec) {
+BOOST_AUTO_TEST_CASE(test_nodata_nsec_dnssec)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr, true);
const DNSName target("powerdns.com.");
sr->setAsyncCallback([target](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
-
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
- /* the NSEC and RRSIG contents are complete garbage, please ignore them */
- addRecordToLW(res, domain, QType::NSEC, "deadbeef", DNSResourceRecord::AUTHORITY);
- addRecordToLW(res, domain, QType::RRSIG, "NSEC 5 2 600 2100010100000000 2100010100000000 24567 dummy data", DNSResourceRecord::AUTHORITY);
- addRecordToLW(res, domain, QType::RRSIG, "SOA 5 3 600 2100010100000000 2100010100000000 24567 dummy data", DNSResourceRecord::AUTHORITY);
- return 1;
- });
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
+ /* the NSEC and RRSIG contents are complete garbage, please ignore them */
+ addRecordToLW(res, domain, QType::NSEC, "deadbeef", DNSResourceRecord::AUTHORITY);
+ addRecordToLW(res, domain, QType::RRSIG, "NSEC 5 2 600 2100010100000000 2100010100000000 24567 dummy data", DNSResourceRecord::AUTHORITY);
+ addRecordToLW(res, domain, QType::RRSIG, "SOA 5 3 600 2100010100000000 2100010100000000 24567 dummy data", DNSResourceRecord::AUTHORITY);
+ return 1;
+ });
vector<DNSRecord> ret;
int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret);
BOOST_CHECK_EQUAL(ret.size(), 4U);
}
-BOOST_AUTO_TEST_CASE(test_nx_nsec_nodnssec) {
+BOOST_AUTO_TEST_CASE(test_nx_nsec_nodnssec)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr);
const DNSName target("powerdns.com.");
sr->setAsyncCallback([target](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
-
- setLWResult(res, RCode::NXDomain, true, false, true);
- addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
- /* the NSEC and RRSIG contents are complete garbage, please ignore them */
- addRecordToLW(res, domain, QType::NSEC, "deadbeef", DNSResourceRecord::AUTHORITY);
- addRecordToLW(res, domain, QType::RRSIG, "NSEC 5 2 600 2100010100000000 2100010100000000 24567 dummy data", DNSResourceRecord::AUTHORITY);
- addRecordToLW(res, domain, QType::RRSIG, "SOA 5 3 600 2100010100000000 2100010100000000 24567 dummy data", DNSResourceRecord::AUTHORITY);
- return 1;
- });
+ setLWResult(res, RCode::NXDomain, true, false, true);
+ addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
+ /* the NSEC and RRSIG contents are complete garbage, please ignore them */
+ addRecordToLW(res, domain, QType::NSEC, "deadbeef", DNSResourceRecord::AUTHORITY);
+ addRecordToLW(res, domain, QType::RRSIG, "NSEC 5 2 600 2100010100000000 2100010100000000 24567 dummy data", DNSResourceRecord::AUTHORITY);
+ addRecordToLW(res, domain, QType::RRSIG, "SOA 5 3 600 2100010100000000 2100010100000000 24567 dummy data", DNSResourceRecord::AUTHORITY);
+ return 1;
+ });
vector<DNSRecord> ret;
int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret);
BOOST_CHECK_EQUAL(ret.size(), 1U);
}
-BOOST_AUTO_TEST_CASE(test_nx_nsec_dnssec) {
+BOOST_AUTO_TEST_CASE(test_nx_nsec_dnssec)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr, true);
const DNSName target("powerdns.com.");
sr->setAsyncCallback([target](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
-
- setLWResult(res, RCode::NXDomain, true, false, true);
- addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
- /* the NSEC and RRSIG contents are complete garbage, please ignore them */
- addRecordToLW(res, domain, QType::NSEC, "deadbeef", DNSResourceRecord::AUTHORITY);
- addRecordToLW(res, domain, QType::RRSIG, "NSEC 5 2 600 2100010100000000 2100010100000000 24567 dummy data", DNSResourceRecord::AUTHORITY);
- addRecordToLW(res, domain, QType::RRSIG, "SOA 5 3 600 2100010100000000 2100010100000000 24567 dummy data", DNSResourceRecord::AUTHORITY);
- return 1;
- });
+ setLWResult(res, RCode::NXDomain, true, false, true);
+ addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
+ /* the NSEC and RRSIG contents are complete garbage, please ignore them */
+ addRecordToLW(res, domain, QType::NSEC, "deadbeef", DNSResourceRecord::AUTHORITY);
+ addRecordToLW(res, domain, QType::RRSIG, "NSEC 5 2 600 2100010100000000 2100010100000000 24567 dummy data", DNSResourceRecord::AUTHORITY);
+ addRecordToLW(res, domain, QType::RRSIG, "SOA 5 3 600 2100010100000000 2100010100000000 24567 dummy data", DNSResourceRecord::AUTHORITY);
+ return 1;
+ });
vector<DNSRecord> ret;
int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret);
BOOST_CHECK_EQUAL(ret.size(), 4U);
}
-BOOST_AUTO_TEST_CASE(test_qclass_none) {
+BOOST_AUTO_TEST_CASE(test_qclass_none)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr);
size_t queriesCount = 0;
sr->setAsyncCallback([&queriesCount](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
-
- queriesCount++;
- return 0;
- });
+ queriesCount++;
+ return 0;
+ });
const DNSName target("powerdns.com.");
vector<DNSRecord> ret;
BOOST_CHECK_EQUAL(queriesCount, 0U);
}
-BOOST_AUTO_TEST_CASE(test_answer_no_aa) {
+BOOST_AUTO_TEST_CASE(test_answer_no_aa)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr, true);
const DNSName target("powerdns.com.");
sr->setAsyncCallback([target](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
-
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, domain, QType::A, "192.0.2.1");
- return 1;
- });
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, domain, QType::A, "192.0.2.1");
+ return 1;
+ });
const time_t now = sr->getNow().tv_sec;
BOOST_REQUIRE_EQUAL(t_RC->get(now, target, QType(QType::A), false, &cached, who, &signatures), -1);
}
-BOOST_AUTO_TEST_CASE(test_special_types) {
+BOOST_AUTO_TEST_CASE(test_special_types)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr);
size_t queriesCount = 0;
sr->setAsyncCallback([&queriesCount](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
-
- cerr<<"asyncresolve called to ask "<<ip.toStringWithPort()<<" about "<<domain.toString()<<" / "<<QType(type).getName()<<" over "<<(doTCP ? "TCP" : "UDP")<<" (rd: "<<sendRDQuery<<", EDNS0 level: "<<EDNS0Level<<")"<<endl;
- queriesCount++;
- return 0;
- });
+ cerr << "asyncresolve called to ask " << ip.toStringWithPort() << " about " << domain.toString() << " / " << QType(type).getName() << " over " << (doTCP ? "TCP" : "UDP") << " (rd: " << sendRDQuery << ", EDNS0 level: " << EDNS0Level << ")" << endl;
+ queriesCount++;
+ return 0;
+ });
const DNSName target("powerdns.com.");
vector<DNSRecord> ret;
BOOST_CHECK_EQUAL(queriesCount, 0U);
}
-BOOST_AUTO_TEST_CASE(test_special_names) {
+BOOST_AUTO_TEST_CASE(test_special_names)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr);
size_t queriesCount = 0;
sr->setAsyncCallback([&queriesCount](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
-
- queriesCount++;
- return 0;
- });
+ queriesCount++;
+ return 0;
+ });
vector<DNSRecord> ret;
int res = sr->beginResolve(DNSName("1.0.0.127.in-addr.arpa."), QType(QType::PTR), QClass::IN, ret);
BOOST_CHECK_EQUAL(queriesCount, 0U);
}
-BOOST_AUTO_TEST_CASE(test_nameserver_ipv4_rpz) {
+BOOST_AUTO_TEST_CASE(test_nameserver_ipv4_rpz)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr);
const DNSName target("rpz.powerdns.com.");
const ComboAddress ns("192.0.2.1:53");
- sr->setAsyncCallback([target,ns](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
-
- if (isRootServer(ip)) {
- setLWResult(res, false, true, false, true);
- addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800);
- addRecordToLW(res, "a.gtld-servers.net.", QType::A, ns.toString(), DNSResourceRecord::ADDITIONAL, 3600);
- return 1;
- } else if (ip == ns) {
+ sr->setAsyncCallback([target, ns](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ if (isRootServer(ip)) {
+ setLWResult(res, false, true, false, true);
+ addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800);
+ addRecordToLW(res, "a.gtld-servers.net.", QType::A, ns.toString(), DNSResourceRecord::ADDITIONAL, 3600);
+ return 1;
+ }
+ else if (ip == ns) {
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, domain, QType::A, "192.0.2.42");
- return 1;
- }
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, domain, QType::A, "192.0.2.42");
+ return 1;
+ }
- return 0;
+ return 0;
});
DNSFilterEngine::Policy pol;
BOOST_CHECK_EQUAL(ret.size(), 0U);
}
-BOOST_AUTO_TEST_CASE(test_nameserver_ipv6_rpz) {
+BOOST_AUTO_TEST_CASE(test_nameserver_ipv6_rpz)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr);
const DNSName target("rpz.powerdns.com.");
const ComboAddress ns("[2001:DB8::42]:53");
- sr->setAsyncCallback([target,ns](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
-
- if (isRootServer(ip)) {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800);
- addRecordToLW(res, "a.gtld-servers.net.", QType::AAAA, ns.toString(), DNSResourceRecord::ADDITIONAL, 3600);
- return 1;
- } else if (ip == ns) {
+ sr->setAsyncCallback([target, ns](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ if (isRootServer(ip)) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800);
+ addRecordToLW(res, "a.gtld-servers.net.", QType::AAAA, ns.toString(), DNSResourceRecord::ADDITIONAL, 3600);
+ return 1;
+ }
+ else if (ip == ns) {
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, domain, QType::A, "192.0.2.42");
- return 1;
- }
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, domain, QType::A, "192.0.2.42");
+ return 1;
+ }
- return 0;
+ return 0;
});
DNSFilterEngine::Policy pol;
BOOST_CHECK_EQUAL(ret.size(), 0U);
}
-BOOST_AUTO_TEST_CASE(test_nameserver_name_rpz) {
+BOOST_AUTO_TEST_CASE(test_nameserver_name_rpz)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr);
const ComboAddress ns("192.0.2.1:53");
const DNSName nsName("ns1.powerdns.com.");
- sr->setAsyncCallback([target,ns,nsName](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
-
- if (isRootServer(ip)) {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, domain, QType::NS, nsName.toString(), DNSResourceRecord::AUTHORITY, 172800);
- addRecordToLW(res, nsName, QType::A, ns.toString(), DNSResourceRecord::ADDITIONAL, 3600);
- return 1;
- } else if (ip == ns) {
+ sr->setAsyncCallback([target, ns, nsName](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ if (isRootServer(ip)) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, domain, QType::NS, nsName.toString(), DNSResourceRecord::AUTHORITY, 172800);
+ addRecordToLW(res, nsName, QType::A, ns.toString(), DNSResourceRecord::ADDITIONAL, 3600);
+ return 1;
+ }
+ else if (ip == ns) {
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, domain, QType::A, "192.0.2.42");
- return 1;
- }
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, domain, QType::A, "192.0.2.42");
+ return 1;
+ }
- return 0;
+ return 0;
});
DNSFilterEngine::Policy pol;
BOOST_CHECK_EQUAL(ret.size(), 0U);
}
-BOOST_AUTO_TEST_CASE(test_nameserver_name_rpz_disabled) {
+BOOST_AUTO_TEST_CASE(test_nameserver_name_rpz_disabled)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr);
const ComboAddress ns("192.0.2.1:53");
const DNSName nsName("ns1.powerdns.com.");
- sr->setAsyncCallback([target,ns,nsName](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
-
- if (isRootServer(ip)) {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, domain, QType::NS, nsName.toString(), DNSResourceRecord::AUTHORITY, 172800);
- addRecordToLW(res, nsName, QType::A, ns.toString(), DNSResourceRecord::ADDITIONAL, 3600);
- return 1;
- } else if (ip == ns) {
+ sr->setAsyncCallback([target, ns, nsName](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ if (isRootServer(ip)) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, domain, QType::NS, nsName.toString(), DNSResourceRecord::AUTHORITY, 172800);
+ addRecordToLW(res, nsName, QType::A, ns.toString(), DNSResourceRecord::ADDITIONAL, 3600);
+ return 1;
+ }
+ else if (ip == ns) {
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, domain, QType::A, "192.0.2.42");
- return 1;
- }
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, domain, QType::A, "192.0.2.42");
+ return 1;
+ }
- return 0;
+ return 0;
});
DNSFilterEngine::Policy pol;
BOOST_CHECK_EQUAL(ret.size(), 1U);
}
-BOOST_AUTO_TEST_CASE(test_forward_zone_nord) {
+BOOST_AUTO_TEST_CASE(test_forward_zone_nord)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr);
(*SyncRes::t_sstorage.domainmap)[target] = ad;
sr->setAsyncCallback([forwardedNS](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ if (ip == forwardedNS) {
+ BOOST_CHECK_EQUAL(sendRDQuery, false);
- if (ip == forwardedNS) {
- BOOST_CHECK_EQUAL(sendRDQuery, false);
-
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, domain, QType::A, "192.0.2.42");
- return 1;
- }
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, domain, QType::A, "192.0.2.42");
+ return 1;
+ }
- return 0;
+ return 0;
});
/* simulate a no-RD query */
BOOST_CHECK_EQUAL(ret.size(), 1U);
}
-BOOST_AUTO_TEST_CASE(test_forward_zone_rd) {
+BOOST_AUTO_TEST_CASE(test_forward_zone_rd)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr);
(*SyncRes::t_sstorage.domainmap)[target] = ad;
sr->setAsyncCallback([forwardedNS, &queriesCount](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queriesCount++;
- queriesCount++;
-
- if (ip == forwardedNS) {
- BOOST_CHECK_EQUAL(sendRDQuery, true);
+ if (ip == forwardedNS) {
+ BOOST_CHECK_EQUAL(sendRDQuery, true);
- /* set AA=0, we are a recursor */
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, domain, QType::A, "192.0.2.42");
- return 1;
- }
+ /* set AA=0, we are a recursor */
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, domain, QType::A, "192.0.2.42");
+ return 1;
+ }
- return 0;
+ return 0;
});
vector<DNSRecord> ret;
BOOST_CHECK_EQUAL(queriesCount, 1U);
}
-BOOST_AUTO_TEST_CASE(test_forward_zone_recurse_nord) {
+BOOST_AUTO_TEST_CASE(test_forward_zone_recurse_nord)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr);
(*SyncRes::t_sstorage.domainmap)[target] = ad;
sr->setAsyncCallback([forwardedNS](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ if (ip == forwardedNS) {
+ BOOST_CHECK_EQUAL(sendRDQuery, false);
- if (ip == forwardedNS) {
- BOOST_CHECK_EQUAL(sendRDQuery, false);
-
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, domain, QType::A, "192.0.2.42");
- return 1;
- }
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, domain, QType::A, "192.0.2.42");
+ return 1;
+ }
- return 0;
+ return 0;
});
/* simulate a no-RD query */
BOOST_CHECK_EQUAL(ret.size(), 1U);
}
-BOOST_AUTO_TEST_CASE(test_forward_zone_recurse_rd) {
+BOOST_AUTO_TEST_CASE(test_forward_zone_recurse_rd)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr);
(*SyncRes::t_sstorage.domainmap)[target] = ad;
sr->setAsyncCallback([forwardedNS](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ if (ip == forwardedNS) {
+ BOOST_CHECK_EQUAL(sendRDQuery, true);
- if (ip == forwardedNS) {
- BOOST_CHECK_EQUAL(sendRDQuery, true);
-
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, domain, QType::A, "192.0.2.42");
- return 1;
- }
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, domain, QType::A, "192.0.2.42");
+ return 1;
+ }
- return 0;
+ return 0;
});
vector<DNSRecord> ret;
BOOST_CHECK_EQUAL(ret.size(), 1U);
}
-BOOST_AUTO_TEST_CASE(test_forward_zone_recurse_rd_dnssec) {
+BOOST_AUTO_TEST_CASE(test_forward_zone_recurse_rd_dnssec)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr, true);
ad.d_servers.push_back(forwardedNS);
(*SyncRes::t_sstorage.domainmap)[g_rootdnsname] = ad;
- sr->setAsyncCallback([target,cnameTarget,keys,forwardedNS,&queriesCount](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
- queriesCount++;
+ sr->setAsyncCallback([target, cnameTarget, keys, forwardedNS, &queriesCount](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queriesCount++;
- BOOST_CHECK_EQUAL(sendRDQuery, true);
+ BOOST_CHECK_EQUAL(sendRDQuery, true);
- if (ip != forwardedNS) {
- return 0;
- }
+ if (ip != forwardedNS) {
+ return 0;
+ }
- if (type == QType::DS || type == QType::DNSKEY) {
- return genericDSAndDNSKEYHandler(res, domain, DNSName("."), type, keys);
- }
+ if (type == QType::DS || type == QType::DNSKEY) {
+ return genericDSAndDNSKEYHandler(res, domain, DNSName("."), type, keys);
+ }
- if (domain == target && type == QType::A) {
+ if (domain == target && type == QType::A) {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, target, QType::CNAME, cnameTarget.toString());
- addRRSIG(keys, res->d_records, domain, 300);
- addRecordToLW(res, cnameTarget, QType::A, "192.0.2.1");
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, target, QType::CNAME, cnameTarget.toString());
+ addRRSIG(keys, res->d_records, domain, 300);
+ addRecordToLW(res, cnameTarget, QType::A, "192.0.2.1");
- return 1;
- }
- return 0;
+ return 1;
+ }
+ return 0;
});
vector<DNSRecord> ret;
BOOST_CHECK_EQUAL(queriesCount, 5U);
}
-BOOST_AUTO_TEST_CASE(test_forward_zone_recurse_rd_dnssec_bogus) {
+BOOST_AUTO_TEST_CASE(test_forward_zone_recurse_rd_dnssec_bogus)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr, true);
ad.d_servers.push_back(forwardedNS);
(*SyncRes::t_sstorage.domainmap)[g_rootdnsname] = ad;
- sr->setAsyncCallback([target,cnameTarget,keys,forwardedNS,&queriesCount](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
- queriesCount++;
+ sr->setAsyncCallback([target, cnameTarget, keys, forwardedNS, &queriesCount](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queriesCount++;
- BOOST_CHECK_EQUAL(sendRDQuery, true);
+ BOOST_CHECK_EQUAL(sendRDQuery, true);
- if (ip != forwardedNS) {
- return 0;
- }
+ if (ip != forwardedNS) {
+ return 0;
+ }
- if (type == QType::DS || type == QType::DNSKEY) {
- return genericDSAndDNSKEYHandler(res, domain, DNSName("."), type, keys);
- }
+ if (type == QType::DS || type == QType::DNSKEY) {
+ return genericDSAndDNSKEYHandler(res, domain, DNSName("."), type, keys);
+ }
- if (domain == target && type == QType::A) {
+ if (domain == target && type == QType::A) {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, target, QType::CNAME, cnameTarget.toString());
- addRRSIG(keys, res->d_records, domain, 300);
- addRecordToLW(res, cnameTarget, QType::A, "192.0.2.1");
- /* no RRSIG in a signed zone, Bogus ! */
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, target, QType::CNAME, cnameTarget.toString());
+ addRRSIG(keys, res->d_records, domain, 300);
+ addRecordToLW(res, cnameTarget, QType::A, "192.0.2.1");
+ /* no RRSIG in a signed zone, Bogus ! */
- return 1;
- }
- return 0;
+ return 1;
+ }
+ return 0;
});
vector<DNSRecord> ret;
BOOST_CHECK_EQUAL(queriesCount, 5U);
}
-BOOST_AUTO_TEST_CASE(test_forward_zone_recurse_rd_dnssec_nodata_bogus) {
+BOOST_AUTO_TEST_CASE(test_forward_zone_recurse_rd_dnssec_nodata_bogus)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr, true);
size_t queriesCount = 0;
- sr->setAsyncCallback([target,forwardedNS,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
- queriesCount++;
+ sr->setAsyncCallback([target, forwardedNS, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queriesCount++;
- BOOST_CHECK_EQUAL(sendRDQuery, true);
+ BOOST_CHECK_EQUAL(sendRDQuery, true);
- if (ip != forwardedNS) {
- return 0;
- }
+ if (ip != forwardedNS) {
+ return 0;
+ }
- if (type == QType::DS || type == QType::DNSKEY) {
- return genericDSAndDNSKEYHandler(res, domain, domain, type, keys);
- }
- else {
+ if (type == QType::DS || type == QType::DNSKEY) {
+ return genericDSAndDNSKEYHandler(res, domain, domain, type, keys);
+ }
+ else {
- setLWResult(res, 0, false, false, true);
- return 1;
- }
+ setLWResult(res, 0, false, false, true);
+ return 1;
+ }
- return 0;
- });
+ return 0;
+ });
vector<DNSRecord> ret;
int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret);
BOOST_CHECK_EQUAL(queriesCount, 4U);
}
-BOOST_AUTO_TEST_CASE(test_auth_zone_oob) {
+BOOST_AUTO_TEST_CASE(test_auth_zone_oob)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr, true);
(*SyncRes::t_sstorage.domainmap)[authZone] = ad;
sr->setAsyncCallback([&queriesCount](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
- queriesCount++;
- return 0;
- });
+ queriesCount++;
+ return 0;
+ });
vector<DNSRecord> ret;
int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret);
BOOST_CHECK_EQUAL(sr->getValidationState(), Indeterminate);
}
-BOOST_AUTO_TEST_CASE(test_auth_zone_oob_cname) {
+BOOST_AUTO_TEST_CASE(test_auth_zone_oob_cname)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr, true);
(*SyncRes::t_sstorage.domainmap)[authZone] = ad;
sr->setAsyncCallback([&queriesCount](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
- queriesCount++;
- return 0;
- });
+ queriesCount++;
+ return 0;
+ });
vector<DNSRecord> ret;
int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret);
BOOST_CHECK_EQUAL(sr->getValidationState(), Indeterminate);
}
-BOOST_AUTO_TEST_CASE(test_auth_zone) {
+BOOST_AUTO_TEST_CASE(test_auth_zone)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr);
SyncRes::setDomainMap(map);
sr->setAsyncCallback([&queriesCount](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
-
- queriesCount++;
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, domain, QType::A, "192.0.2.42");
- return 1;
+ queriesCount++;
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, domain, QType::A, "192.0.2.42");
+ return 1;
});
vector<DNSRecord> ret;
BOOST_CHECK_EQUAL(queriesCount, 0U);
}
-BOOST_AUTO_TEST_CASE(test_auth_zone_cname_lead_to_oob) {
+BOOST_AUTO_TEST_CASE(test_auth_zone_cname_lead_to_oob)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr);
(*map)[authZone] = ad;
SyncRes::setDomainMap(map);
- sr->setAsyncCallback([&queriesCount,target,authZone](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ sr->setAsyncCallback([&queriesCount, target, authZone](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queriesCount++;
- queriesCount++;
-
- if (domain == target) {
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, target, QType::CNAME, authZone.toString(), DNSResourceRecord::ANSWER, 3600);
- return 1;
- }
+ if (domain == target) {
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, target, QType::CNAME, authZone.toString(), DNSResourceRecord::ANSWER, 3600);
+ return 1;
+ }
- return 0;
+ return 0;
});
vector<DNSRecord> ret;
BOOST_CHECK_EQUAL(queriesCount, 1U);
}
-BOOST_AUTO_TEST_CASE(test_auth_zone_oob_lead_to_outgoing_queryb) {
+BOOST_AUTO_TEST_CASE(test_auth_zone_oob_lead_to_outgoing_queryb)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr);
(*map)[target] = ad;
SyncRes::setDomainMap(map);
- sr->setAsyncCallback([&queriesCount,externalCNAME,addr](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ sr->setAsyncCallback([&queriesCount, externalCNAME, addr](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queriesCount++;
- queriesCount++;
-
- if (domain == externalCNAME) {
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, externalCNAME, QType::A, addr.toString(), DNSResourceRecord::ANSWER, 3600);
- return 1;
- }
+ if (domain == externalCNAME) {
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, externalCNAME, QType::A, addr.toString(), DNSResourceRecord::ANSWER, 3600);
+ return 1;
+ }
- return 0;
+ return 0;
});
vector<DNSRecord> ret;
BOOST_AUTO_TEST_SUITE(syncres_cc4)
-BOOST_AUTO_TEST_CASE(test_auth_zone_nodata) {
+BOOST_AUTO_TEST_CASE(test_auth_zone_nodata)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr);
SyncRes::setDomainMap(map);
sr->setAsyncCallback([&queriesCount](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queriesCount++;
- queriesCount++;
-
- return 0;
+ return 0;
});
vector<DNSRecord> ret;
BOOST_CHECK_EQUAL(queriesCount, 0U);
}
-BOOST_AUTO_TEST_CASE(test_auth_zone_nx) {
+BOOST_AUTO_TEST_CASE(test_auth_zone_nx)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr);
SyncRes::setDomainMap(map);
sr->setAsyncCallback([&queriesCount](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queriesCount++;
- queriesCount++;
-
- return 0;
+ return 0;
});
vector<DNSRecord> ret;
BOOST_CHECK_EQUAL(queriesCount, 0U);
}
-BOOST_AUTO_TEST_CASE(test_auth_zone_delegation) {
+BOOST_AUTO_TEST_CASE(test_auth_zone_delegation)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr, true, false);
takes too long. */
const time_t fixedNow = sr->getNow().tv_sec;
- sr->setAsyncCallback([&queriesCount,target,targetAddr,nsAddr,authZone,keys,fixedNow](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
-
- queriesCount++;
- if (type == QType::DS || type == QType::DNSKEY) {
- return genericDSAndDNSKEYHandler(res, domain, DNSName("."), type, keys, domain == authZone, fixedNow);
- }
+ sr->setAsyncCallback([&queriesCount, target, targetAddr, nsAddr, authZone, keys, fixedNow](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queriesCount++;
+ if (type == QType::DS || type == QType::DNSKEY) {
+ return genericDSAndDNSKEYHandler(res, domain, DNSName("."), type, keys, domain == authZone, fixedNow);
+ }
- if (ip == ComboAddress(nsAddr.toString(), 53) && domain == target) {
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, domain, QType::A, targetAddr.toString(), DNSResourceRecord::ANSWER, 3600);
- return 1;
- }
+ if (ip == ComboAddress(nsAddr.toString(), 53) && domain == target) {
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, domain, QType::A, targetAddr.toString(), DNSResourceRecord::ANSWER, 3600);
+ return 1;
+ }
- return 0;
+ return 0;
});
sr->setDNSSECValidationRequested(true);
BOOST_CHECK_EQUAL(sr->getValidationState(), Indeterminate);
}
-BOOST_AUTO_TEST_CASE(test_auth_zone_delegation_point) {
+BOOST_AUTO_TEST_CASE(test_auth_zone_delegation_point)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr);
(*map)[authZone] = ad;
SyncRes::setDomainMap(map);
- sr->setAsyncCallback([&queriesCount,nsAddr,target,targetAddr](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ sr->setAsyncCallback([&queriesCount, nsAddr, target, targetAddr](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queriesCount++;
- queriesCount++;
-
- if (ip == ComboAddress(nsAddr.toString(), 53) && domain == target) {
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, domain, QType::A, targetAddr.toString(), DNSResourceRecord::ANSWER, 3600);
- return 1;
- }
+ if (ip == ComboAddress(nsAddr.toString(), 53) && domain == target) {
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, domain, QType::A, targetAddr.toString(), DNSResourceRecord::ANSWER, 3600);
+ return 1;
+ }
- return 0;
+ return 0;
});
vector<DNSRecord> ret;
BOOST_CHECK_EQUAL(queriesCount, 1U);
}
-BOOST_AUTO_TEST_CASE(test_auth_zone_wildcard) {
+BOOST_AUTO_TEST_CASE(test_auth_zone_wildcard)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr);
SyncRes::setDomainMap(map);
sr->setAsyncCallback([&queriesCount](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queriesCount++;
- queriesCount++;
-
- return 0;
+ return 0;
});
vector<DNSRecord> ret;
BOOST_CHECK_EQUAL(queriesCount, 0U);
}
-BOOST_AUTO_TEST_CASE(test_auth_zone_wildcard_with_ent) {
+BOOST_AUTO_TEST_CASE(test_auth_zone_wildcard_with_ent)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr);
SyncRes::setDomainMap(map);
sr->setAsyncCallback([&queriesCount](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queriesCount++;
- queriesCount++;
-
- return 0;
+ return 0;
});
vector<DNSRecord> ret;
int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret);
BOOST_CHECK_EQUAL(res, RCode::NoError);
BOOST_REQUIRE_EQUAL(ret.size(), 1U);
-
+
// WARN below should be changed to CHECK once the issue is fixed.
const string m("Please fix issue #8312");
BOOST_WARN_MESSAGE(ret[0].d_type == QType::SOA, m);
BOOST_CHECK_EQUAL(queriesCount, 0U);
}
-BOOST_AUTO_TEST_CASE(test_auth_zone_wildcard_nodata) {
+BOOST_AUTO_TEST_CASE(test_auth_zone_wildcard_nodata)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr);
SyncRes::setDomainMap(map);
sr->setAsyncCallback([&queriesCount](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queriesCount++;
- queriesCount++;
-
- return 0;
+ return 0;
});
vector<DNSRecord> ret;
BOOST_CHECK_EQUAL(queriesCount, 0U);
}
-BOOST_AUTO_TEST_CASE(test_auth_zone_cache_only) {
+BOOST_AUTO_TEST_CASE(test_auth_zone_cache_only)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr);
SyncRes::setDomainMap(map);
sr->setAsyncCallback([&queriesCount](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
-
- queriesCount++;
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, domain, QType::A, "192.0.2.42");
- return 1;
+ queriesCount++;
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, domain, QType::A, "192.0.2.42");
+ return 1;
});
/* simulate a no-RD query */
BOOST_CHECK_EQUAL(queriesCount, 0U);
}
-BOOST_AUTO_TEST_CASE(test_dnssec_rrsig) {
+BOOST_AUTO_TEST_CASE(test_dnssec_rrsig)
+{
initSR();
auto dcke = std::shared_ptr<DNSCryptoKeyEngine>(DNSCryptoKeyEngine::make(DNSSECKeeper::ECDSA256));
dpk.d_flags = 256;
dpk.setKey(dcke);
- std::vector<std::shared_ptr<DNSRecordContent> > recordcontents;
+ std::vector<std::shared_ptr<DNSRecordContent>> recordcontents;
recordcontents.push_back(getRecordContent(QType::A, "192.0.2.1"));
DNSName qname("powerdns.com.");
skeyset_t keyset;
keyset.insert(std::make_shared<DNSKEYRecordContent>(dpk.getDNSKEY()));
- std::vector<std::shared_ptr<RRSIGRecordContent> > sigs;
+ std::vector<std::shared_ptr<RRSIGRecordContent>> sigs;
sigs.push_back(std::make_shared<RRSIGRecordContent>(rrc));
BOOST_CHECK(validateWithKeySet(now, qname, recordcontents, sigs, keyset));
}
-BOOST_AUTO_TEST_CASE(test_dnssec_root_validation_csk) {
+BOOST_AUTO_TEST_CASE(test_dnssec_root_validation_csk)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr, true);
size_t queriesCount = 0;
- sr->setAsyncCallback([target,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
- queriesCount++;
+ sr->setAsyncCallback([target, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queriesCount++;
- if (domain == target && type == QType::NS) {
+ if (domain == target && type == QType::NS) {
- setLWResult(res, 0, true, false, true);
- char addr[] = "a.root-servers.net.";
- for (char idx = 'a'; idx <= 'm'; idx++) {
- addr[0] = idx;
- addRecordToLW(res, domain, QType::NS, std::string(addr), DNSResourceRecord::ANSWER, 3600);
- }
+ setLWResult(res, 0, true, false, true);
+ char addr[] = "a.root-servers.net.";
+ for (char idx = 'a'; idx <= 'm'; idx++) {
+ addr[0] = idx;
+ addRecordToLW(res, domain, QType::NS, std::string(addr), DNSResourceRecord::ANSWER, 3600);
+ }
- addRRSIG(keys, res->d_records, domain, 300);
+ addRRSIG(keys, res->d_records, domain, 300);
- addRecordToLW(res, "a.root-servers.net.", QType::A, "198.41.0.4", DNSResourceRecord::ADDITIONAL, 3600);
- addRecordToLW(res, "a.root-servers.net.", QType::AAAA, "2001:503:ba3e::2:30", DNSResourceRecord::ADDITIONAL, 3600);
+ addRecordToLW(res, "a.root-servers.net.", QType::A, "198.41.0.4", DNSResourceRecord::ADDITIONAL, 3600);
+ addRecordToLW(res, "a.root-servers.net.", QType::AAAA, "2001:503:ba3e::2:30", DNSResourceRecord::ADDITIONAL, 3600);
- return 1;
- } else if (domain == target && type == QType::DNSKEY) {
+ return 1;
+ }
+ else if (domain == target && type == QType::DNSKEY) {
- setLWResult(res, 0, true, false, true);
+ setLWResult(res, 0, true, false, true);
- addDNSKEY(keys, domain, 300, res->d_records);
- addRRSIG(keys, res->d_records, domain, 300);
+ addDNSKEY(keys, domain, 300, res->d_records);
+ addRRSIG(keys, res->d_records, domain, 300);
- return 1;
- }
+ return 1;
+ }
- return 0;
- });
+ return 0;
+ });
vector<DNSRecord> ret;
int res = sr->beginResolve(target, QType(QType::NS), QClass::IN, ret);
BOOST_CHECK_EQUAL(queriesCount, 2U);
}
-BOOST_AUTO_TEST_CASE(test_dnssec_root_validation_ksk_zsk) {
+BOOST_AUTO_TEST_CASE(test_dnssec_root_validation_ksk_zsk)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr, true);
zsk.setKey(dckeK);
DSRecordContent zskds = makeDSFromDNSKey(target, zsk.getDNSKEY(), DNSSECKeeper::DIGEST_SHA256);
- kskeys[target] = std::pair<DNSSECPrivateKey,DSRecordContent>(ksk, kskds);
- zskeys[target] = std::pair<DNSSECPrivateKey,DSRecordContent>(zsk, zskds);
+ kskeys[target] = std::pair<DNSSECPrivateKey, DSRecordContent>(ksk, kskds);
+ zskeys[target] = std::pair<DNSSECPrivateKey, DSRecordContent>(zsk, zskds);
/* Set the root DS */
auto luaconfsCopy = g_luaconfs.getCopy();
size_t queriesCount = 0;
- sr->setAsyncCallback([target,&queriesCount,zskeys,kskeys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
- queriesCount++;
+ sr->setAsyncCallback([target, &queriesCount, zskeys, kskeys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queriesCount++;
- if (domain == target && type == QType::NS) {
+ if (domain == target && type == QType::NS) {
- setLWResult(res, 0, true, false, true);
- char addr[] = "a.root-servers.net.";
- for (char idx = 'a'; idx <= 'm'; idx++) {
- addr[0] = idx;
- addRecordToLW(res, domain, QType::NS, std::string(addr), DNSResourceRecord::ANSWER, 3600);
- }
+ setLWResult(res, 0, true, false, true);
+ char addr[] = "a.root-servers.net.";
+ for (char idx = 'a'; idx <= 'm'; idx++) {
+ addr[0] = idx;
+ addRecordToLW(res, domain, QType::NS, std::string(addr), DNSResourceRecord::ANSWER, 3600);
+ }
- addRRSIG(zskeys, res->d_records, domain, 300);
+ addRRSIG(zskeys, res->d_records, domain, 300);
- addRecordToLW(res, "a.root-servers.net.", QType::A, "198.41.0.4", DNSResourceRecord::ADDITIONAL, 3600);
- addRecordToLW(res, "a.root-servers.net.", QType::AAAA, "2001:503:ba3e::2:30", DNSResourceRecord::ADDITIONAL, 3600);
+ addRecordToLW(res, "a.root-servers.net.", QType::A, "198.41.0.4", DNSResourceRecord::ADDITIONAL, 3600);
+ addRecordToLW(res, "a.root-servers.net.", QType::AAAA, "2001:503:ba3e::2:30", DNSResourceRecord::ADDITIONAL, 3600);
- return 1;
- } else if (domain == target && type == QType::DNSKEY) {
+ return 1;
+ }
+ else if (domain == target && type == QType::DNSKEY) {
- setLWResult(res, 0, true, false, true);
+ setLWResult(res, 0, true, false, true);
- addDNSKEY(kskeys, domain, 300, res->d_records);
- addDNSKEY(zskeys, domain, 300, res->d_records);
- addRRSIG(kskeys, res->d_records, domain, 300);
+ addDNSKEY(kskeys, domain, 300, res->d_records);
+ addDNSKEY(zskeys, domain, 300, res->d_records);
+ addRRSIG(kskeys, res->d_records, domain, 300);
- return 1;
- }
+ return 1;
+ }
- return 0;
- });
+ return 0;
+ });
vector<DNSRecord> ret;
int res = sr->beginResolve(target, QType(QType::NS), QClass::IN, ret);
BOOST_CHECK_EQUAL(queriesCount, 2U);
}
-BOOST_AUTO_TEST_CASE(test_dnssec_bogus_no_dnskey) {
+BOOST_AUTO_TEST_CASE(test_dnssec_bogus_no_dnskey)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr, true);
size_t queriesCount = 0;
- sr->setAsyncCallback([target,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
- queriesCount++;
+ sr->setAsyncCallback([target, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queriesCount++;
- if (domain == target && type == QType::NS) {
+ if (domain == target && type == QType::NS) {
- setLWResult(res, 0, true, false, true);
- char addr[] = "a.root-servers.net.";
- for (char idx = 'a'; idx <= 'm'; idx++) {
- addr[0] = idx;
- addRecordToLW(res, domain, QType::NS, std::string(addr), DNSResourceRecord::ANSWER, 3600);
- }
+ setLWResult(res, 0, true, false, true);
+ char addr[] = "a.root-servers.net.";
+ for (char idx = 'a'; idx <= 'm'; idx++) {
+ addr[0] = idx;
+ addRecordToLW(res, domain, QType::NS, std::string(addr), DNSResourceRecord::ANSWER, 3600);
+ }
- addRRSIG(keys, res->d_records, domain, 300);
+ addRRSIG(keys, res->d_records, domain, 300);
- addRecordToLW(res, "a.root-servers.net.", QType::A, "198.41.0.4", DNSResourceRecord::ADDITIONAL, 3600);
- addRecordToLW(res, "a.root-servers.net.", QType::AAAA, "2001:503:ba3e::2:30", DNSResourceRecord::ADDITIONAL, 3600);
+ addRecordToLW(res, "a.root-servers.net.", QType::A, "198.41.0.4", DNSResourceRecord::ADDITIONAL, 3600);
+ addRecordToLW(res, "a.root-servers.net.", QType::AAAA, "2001:503:ba3e::2:30", DNSResourceRecord::ADDITIONAL, 3600);
- return 1;
- } else if (domain == target && type == QType::DNSKEY) {
+ return 1;
+ }
+ else if (domain == target && type == QType::DNSKEY) {
- setLWResult(res, 0, true, false, true);
+ setLWResult(res, 0, true, false, true);
- /* No DNSKEY */
+ /* No DNSKEY */
- return 1;
- }
+ return 1;
+ }
- return 0;
- });
+ return 0;
+ });
vector<DNSRecord> ret;
int res = sr->beginResolve(target, QType(QType::NS), QClass::IN, ret);
BOOST_CHECK_EQUAL(queriesCount, 2U);
}
-BOOST_AUTO_TEST_CASE(test_dnssec_bogus_dnskey_doesnt_match_ds) {
+BOOST_AUTO_TEST_CASE(test_dnssec_bogus_dnskey_doesnt_match_ds)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr, true);
dpk.setKey(dcke);
DSRecordContent uselessdrc = makeDSFromDNSKey(target, dpk.getDNSKEY(), DNSSECKeeper::DIGEST_SHA256);
- dskeys[target] = std::pair<DNSSECPrivateKey,DSRecordContent>(dskey, drc);
- keys[target] = std::pair<DNSSECPrivateKey,DSRecordContent>(dpk, uselessdrc);
+ dskeys[target] = std::pair<DNSSECPrivateKey, DSRecordContent>(dskey, drc);
+ keys[target] = std::pair<DNSSECPrivateKey, DSRecordContent>(dpk, uselessdrc);
/* Set the root DS */
auto luaconfsCopy = g_luaconfs.getCopy();
size_t queriesCount = 0;
- sr->setAsyncCallback([target,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
- queriesCount++;
+ sr->setAsyncCallback([target, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queriesCount++;
- if (domain == target && type == QType::NS) {
+ if (domain == target && type == QType::NS) {
- setLWResult(res, 0, true, false, true);
- char addr[] = "a.root-servers.net.";
- for (char idx = 'a'; idx <= 'm'; idx++) {
- addr[0] = idx;
- addRecordToLW(res, domain, QType::NS, std::string(addr), DNSResourceRecord::ANSWER, 3600);
- }
+ setLWResult(res, 0, true, false, true);
+ char addr[] = "a.root-servers.net.";
+ for (char idx = 'a'; idx <= 'm'; idx++) {
+ addr[0] = idx;
+ addRecordToLW(res, domain, QType::NS, std::string(addr), DNSResourceRecord::ANSWER, 3600);
+ }
- addRRSIG(keys, res->d_records, domain, 300);
+ addRRSIG(keys, res->d_records, domain, 300);
- addRecordToLW(res, "a.root-servers.net.", QType::A, "198.41.0.4", DNSResourceRecord::ADDITIONAL, 3600);
- addRecordToLW(res, "a.root-servers.net.", QType::AAAA, "2001:503:ba3e::2:30", DNSResourceRecord::ADDITIONAL, 3600);
+ addRecordToLW(res, "a.root-servers.net.", QType::A, "198.41.0.4", DNSResourceRecord::ADDITIONAL, 3600);
+ addRecordToLW(res, "a.root-servers.net.", QType::AAAA, "2001:503:ba3e::2:30", DNSResourceRecord::ADDITIONAL, 3600);
- return 1;
- } else if (domain == target && type == QType::DNSKEY) {
+ return 1;
+ }
+ else if (domain == target && type == QType::DNSKEY) {
- setLWResult(res, 0, true, false, true);
+ setLWResult(res, 0, true, false, true);
- addDNSKEY(keys, domain, 300, res->d_records);
- addRRSIG(keys, res->d_records, domain, 300);
+ addDNSKEY(keys, domain, 300, res->d_records);
+ addRRSIG(keys, res->d_records, domain, 300);
- return 1;
- }
+ return 1;
+ }
- return 0;
- });
+ return 0;
+ });
vector<DNSRecord> ret;
int res = sr->beginResolve(target, QType(QType::NS), QClass::IN, ret);
BOOST_CHECK_EQUAL(queriesCount, 2U);
}
-BOOST_AUTO_TEST_CASE(test_dnssec_bogus_rrsig_signed_with_unknown_dnskey) {
+BOOST_AUTO_TEST_CASE(test_dnssec_bogus_rrsig_signed_with_unknown_dnskey)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr, true);
rrsigkey.setKey(dckeRRSIG);
DSRecordContent rrsigds = makeDSFromDNSKey(target, rrsigkey.getDNSKEY(), DNSSECKeeper::DIGEST_SHA256);
- rrsigkeys[target] = std::pair<DNSSECPrivateKey,DSRecordContent>(rrsigkey, rrsigds);
+ rrsigkeys[target] = std::pair<DNSSECPrivateKey, DSRecordContent>(rrsigkey, rrsigds);
size_t queriesCount = 0;
- sr->setAsyncCallback([target,&queriesCount,keys,rrsigkeys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
- queriesCount++;
+ sr->setAsyncCallback([target, &queriesCount, keys, rrsigkeys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queriesCount++;
- if (domain == target && type == QType::NS) {
+ if (domain == target && type == QType::NS) {
- setLWResult(res, 0, true, false, true);
- char addr[] = "a.root-servers.net.";
- for (char idx = 'a'; idx <= 'm'; idx++) {
- addr[0] = idx;
- addRecordToLW(res, domain, QType::NS, std::string(addr), DNSResourceRecord::ANSWER, 3600);
- }
+ setLWResult(res, 0, true, false, true);
+ char addr[] = "a.root-servers.net.";
+ for (char idx = 'a'; idx <= 'm'; idx++) {
+ addr[0] = idx;
+ addRecordToLW(res, domain, QType::NS, std::string(addr), DNSResourceRecord::ANSWER, 3600);
+ }
- addRRSIG(rrsigkeys, res->d_records, domain, 300);
+ addRRSIG(rrsigkeys, res->d_records, domain, 300);
- addRecordToLW(res, "a.root-servers.net.", QType::A, "198.41.0.4", DNSResourceRecord::ADDITIONAL, 3600);
- addRecordToLW(res, "a.root-servers.net.", QType::AAAA, "2001:503:ba3e::2:30", DNSResourceRecord::ADDITIONAL, 3600);
+ addRecordToLW(res, "a.root-servers.net.", QType::A, "198.41.0.4", DNSResourceRecord::ADDITIONAL, 3600);
+ addRecordToLW(res, "a.root-servers.net.", QType::AAAA, "2001:503:ba3e::2:30", DNSResourceRecord::ADDITIONAL, 3600);
- return 1;
- } else if (domain == target && type == QType::DNSKEY) {
+ return 1;
+ }
+ else if (domain == target && type == QType::DNSKEY) {
- setLWResult(res, 0, true, false, true);
+ setLWResult(res, 0, true, false, true);
- addDNSKEY(keys, domain, 300, res->d_records);
- addRRSIG(rrsigkeys, res->d_records, domain, 300);
+ addDNSKEY(keys, domain, 300, res->d_records);
+ addRRSIG(rrsigkeys, res->d_records, domain, 300);
- return 1;
- }
+ return 1;
+ }
- return 0;
- });
+ return 0;
+ });
vector<DNSRecord> ret;
int res = sr->beginResolve(target, QType(QType::NS), QClass::IN, ret);
BOOST_CHECK_EQUAL(queriesCount, 2U);
}
-BOOST_AUTO_TEST_CASE(test_dnssec_bogus_no_rrsig) {
+BOOST_AUTO_TEST_CASE(test_dnssec_bogus_no_rrsig)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr, true);
size_t queriesCount = 0;
- sr->setAsyncCallback([target,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
- queriesCount++;
+ sr->setAsyncCallback([target, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queriesCount++;
- if (domain == target && type == QType::NS) {
+ if (domain == target && type == QType::NS) {
- setLWResult(res, 0, true, false, true);
- char addr[] = "a.root-servers.net.";
- for (char idx = 'a'; idx <= 'm'; idx++) {
- addr[0] = idx;
- addRecordToLW(res, domain, QType::NS, std::string(addr), DNSResourceRecord::ANSWER, 86400);
- }
+ setLWResult(res, 0, true, false, true);
+ char addr[] = "a.root-servers.net.";
+ for (char idx = 'a'; idx <= 'm'; idx++) {
+ addr[0] = idx;
+ addRecordToLW(res, domain, QType::NS, std::string(addr), DNSResourceRecord::ANSWER, 86400);
+ }
- /* No RRSIG */
+ /* No RRSIG */
- addRecordToLW(res, "a.root-servers.net.", QType::A, "198.41.0.4", DNSResourceRecord::ADDITIONAL, 3600);
- addRecordToLW(res, "a.root-servers.net.", QType::AAAA, "2001:503:ba3e::2:30", DNSResourceRecord::ADDITIONAL, 3600);
+ addRecordToLW(res, "a.root-servers.net.", QType::A, "198.41.0.4", DNSResourceRecord::ADDITIONAL, 3600);
+ addRecordToLW(res, "a.root-servers.net.", QType::AAAA, "2001:503:ba3e::2:30", DNSResourceRecord::ADDITIONAL, 3600);
- return 1;
- } else if (domain == target && type == QType::DNSKEY) {
+ return 1;
+ }
+ else if (domain == target && type == QType::DNSKEY) {
- setLWResult(res, 0, true, false, true);
+ setLWResult(res, 0, true, false, true);
- addDNSKEY(keys, domain, 300, res->d_records);
- addRRSIG(keys, res->d_records, domain, 300);
+ addDNSKEY(keys, domain, 300, res->d_records);
+ addRRSIG(keys, res->d_records, domain, 300);
- return 1;
- }
+ return 1;
+ }
- return 0;
- });
+ return 0;
+ });
SyncRes::s_maxcachettl = 86400;
SyncRes::s_maxbogusttl = 3600;
BOOST_CHECK_EQUAL(queriesCount, 1U);
}
-BOOST_AUTO_TEST_CASE(test_dnssec_insecure_unknown_ds_algorithm) {
+BOOST_AUTO_TEST_CASE(test_dnssec_insecure_unknown_ds_algorithm)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr, true);
dpk.d_algorithm = 253;
DSRecordContent drc = makeDSFromDNSKey(target, dpk.getDNSKEY(), DNSSECKeeper::DIGEST_SHA256);
- keys[target] = std::pair<DNSSECPrivateKey,DSRecordContent>(dpk, drc);
+ keys[target] = std::pair<DNSSECPrivateKey, DSRecordContent>(dpk, drc);
/* Fake algorithm number (private) */
drc.d_algorithm = 253;
size_t queriesCount = 0;
- sr->setAsyncCallback([target,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
- queriesCount++;
+ sr->setAsyncCallback([target, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queriesCount++;
- if (domain == target && type == QType::NS) {
+ if (domain == target && type == QType::NS) {
- setLWResult(res, 0, true, false, true);
- char addr[] = "a.root-servers.net.";
- for (char idx = 'a'; idx <= 'm'; idx++) {
- addr[0] = idx;
- addRecordToLW(res, domain, QType::NS, std::string(addr), DNSResourceRecord::ANSWER, 3600);
- }
+ setLWResult(res, 0, true, false, true);
+ char addr[] = "a.root-servers.net.";
+ for (char idx = 'a'; idx <= 'm'; idx++) {
+ addr[0] = idx;
+ addRecordToLW(res, domain, QType::NS, std::string(addr), DNSResourceRecord::ANSWER, 3600);
+ }
- addRRSIG(keys, res->d_records, domain, 300);
+ addRRSIG(keys, res->d_records, domain, 300);
- addRecordToLW(res, "a.root-servers.net.", QType::A, "198.41.0.4", DNSResourceRecord::ADDITIONAL, 3600);
- addRecordToLW(res, "a.root-servers.net.", QType::AAAA, "2001:503:ba3e::2:30", DNSResourceRecord::ADDITIONAL, 3600);
+ addRecordToLW(res, "a.root-servers.net.", QType::A, "198.41.0.4", DNSResourceRecord::ADDITIONAL, 3600);
+ addRecordToLW(res, "a.root-servers.net.", QType::AAAA, "2001:503:ba3e::2:30", DNSResourceRecord::ADDITIONAL, 3600);
- return 1;
- } else if (domain == target && type == QType::DNSKEY) {
+ return 1;
+ }
+ else if (domain == target && type == QType::DNSKEY) {
- setLWResult(res, 0, true, false, true);
+ setLWResult(res, 0, true, false, true);
- addDNSKEY(keys, domain, 300, res->d_records);
- addRRSIG(keys, res->d_records, domain, 300);
+ addDNSKEY(keys, domain, 300, res->d_records);
+ addRRSIG(keys, res->d_records, domain, 300);
- return 1;
- }
+ return 1;
+ }
- return 0;
- });
+ return 0;
+ });
vector<DNSRecord> ret;
int res = sr->beginResolve(target, QType(QType::NS), QClass::IN, ret);
BOOST_CHECK_EQUAL(queriesCount, 1U);
}
-BOOST_AUTO_TEST_CASE(test_dnssec_insecure_unknown_ds_digest) {
+BOOST_AUTO_TEST_CASE(test_dnssec_insecure_unknown_ds_digest)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr, true);
size_t queriesCount = 0;
- sr->setAsyncCallback([target,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
- queriesCount++;
+ sr->setAsyncCallback([target, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queriesCount++;
- if (domain == target && type == QType::NS) {
+ if (domain == target && type == QType::NS) {
- setLWResult(res, 0, true, false, true);
- char addr[] = "a.root-servers.net.";
- for (char idx = 'a'; idx <= 'm'; idx++) {
- addr[0] = idx;
- addRecordToLW(res, domain, QType::NS, std::string(addr), DNSResourceRecord::ANSWER, 3600);
- }
+ setLWResult(res, 0, true, false, true);
+ char addr[] = "a.root-servers.net.";
+ for (char idx = 'a'; idx <= 'm'; idx++) {
+ addr[0] = idx;
+ addRecordToLW(res, domain, QType::NS, std::string(addr), DNSResourceRecord::ANSWER, 3600);
+ }
- addRRSIG(keys, res->d_records, domain, 300);
+ addRRSIG(keys, res->d_records, domain, 300);
- addRecordToLW(res, "a.root-servers.net.", QType::A, "198.41.0.4", DNSResourceRecord::ADDITIONAL, 3600);
- addRecordToLW(res, "a.root-servers.net.", QType::AAAA, "2001:503:ba3e::2:30", DNSResourceRecord::ADDITIONAL, 3600);
+ addRecordToLW(res, "a.root-servers.net.", QType::A, "198.41.0.4", DNSResourceRecord::ADDITIONAL, 3600);
+ addRecordToLW(res, "a.root-servers.net.", QType::AAAA, "2001:503:ba3e::2:30", DNSResourceRecord::ADDITIONAL, 3600);
- return 1;
- } else if (domain == target && type == QType::DNSKEY) {
+ return 1;
+ }
+ else if (domain == target && type == QType::DNSKEY) {
- setLWResult(res, 0, true, false, true);
+ setLWResult(res, 0, true, false, true);
- addDNSKEY(keys, domain, 300, res->d_records);
- addRRSIG(keys, res->d_records, domain, 300);
+ addDNSKEY(keys, domain, 300, res->d_records);
+ addRRSIG(keys, res->d_records, domain, 300);
- return 1;
- }
+ return 1;
+ }
- return 0;
- });
+ return 0;
+ });
vector<DNSRecord> ret;
int res = sr->beginResolve(target, QType(QType::NS), QClass::IN, ret);
BOOST_CHECK_EQUAL(queriesCount, 1U);
}
-BOOST_AUTO_TEST_CASE(test_dnssec_bogus_bad_sig) {
+BOOST_AUTO_TEST_CASE(test_dnssec_bogus_bad_sig)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr, true);
size_t queriesCount = 0;
- sr->setAsyncCallback([target,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
- queriesCount++;
+ sr->setAsyncCallback([target, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queriesCount++;
- if (domain == target && type == QType::NS) {
+ if (domain == target && type == QType::NS) {
- setLWResult(res, 0, true, false, true);
- char addr[] = "a.root-servers.net.";
- for (char idx = 'a'; idx <= 'm'; idx++) {
- addr[0] = idx;
- addRecordToLW(res, domain, QType::NS, std::string(addr), DNSResourceRecord::ANSWER, 3600);
- }
+ setLWResult(res, 0, true, false, true);
+ char addr[] = "a.root-servers.net.";
+ for (char idx = 'a'; idx <= 'm'; idx++) {
+ addr[0] = idx;
+ addRecordToLW(res, domain, QType::NS, std::string(addr), DNSResourceRecord::ANSWER, 3600);
+ }
- addRRSIG(keys, res->d_records, domain, 300, true);
+ addRRSIG(keys, res->d_records, domain, 300, true);
- addRecordToLW(res, "a.root-servers.net.", QType::A, "198.41.0.4", DNSResourceRecord::ADDITIONAL, 3600);
- addRecordToLW(res, "a.root-servers.net.", QType::AAAA, "2001:503:ba3e::2:30", DNSResourceRecord::ADDITIONAL, 3600);
+ addRecordToLW(res, "a.root-servers.net.", QType::A, "198.41.0.4", DNSResourceRecord::ADDITIONAL, 3600);
+ addRecordToLW(res, "a.root-servers.net.", QType::AAAA, "2001:503:ba3e::2:30", DNSResourceRecord::ADDITIONAL, 3600);
- return 1;
- } else if (domain == target && type == QType::DNSKEY) {
+ return 1;
+ }
+ else if (domain == target && type == QType::DNSKEY) {
- setLWResult(res, 0, true, false, true);
+ setLWResult(res, 0, true, false, true);
- addDNSKEY(keys, domain, 300, res->d_records);
- addRRSIG(keys, res->d_records, domain, 300);
+ addDNSKEY(keys, domain, 300, res->d_records);
+ addRRSIG(keys, res->d_records, domain, 300);
- return 1;
- }
+ return 1;
+ }
- return 0;
- });
+ return 0;
+ });
vector<DNSRecord> ret;
int res = sr->beginResolve(target, QType(QType::NS), QClass::IN, ret);
BOOST_CHECK_EQUAL(queriesCount, 2U);
}
-BOOST_AUTO_TEST_CASE(test_dnssec_bogus_bad_algo) {
+BOOST_AUTO_TEST_CASE(test_dnssec_bogus_bad_algo)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr, true);
size_t queriesCount = 0;
- sr->setAsyncCallback([target,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
- queriesCount++;
+ sr->setAsyncCallback([target, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queriesCount++;
- if (domain == target && type == QType::NS) {
+ if (domain == target && type == QType::NS) {
- setLWResult(res, 0, true, false, true);
- char addr[] = "a.root-servers.net.";
- for (char idx = 'a'; idx <= 'm'; idx++) {
- addr[0] = idx;
- addRecordToLW(res, domain, QType::NS, std::string(addr), DNSResourceRecord::ANSWER, 3600);
- }
+ setLWResult(res, 0, true, false, true);
+ char addr[] = "a.root-servers.net.";
+ for (char idx = 'a'; idx <= 'm'; idx++) {
+ addr[0] = idx;
+ addRecordToLW(res, domain, QType::NS, std::string(addr), DNSResourceRecord::ANSWER, 3600);
+ }
- /* FORCE WRONG ALGO */
- addRRSIG(keys, res->d_records, domain, 300, false, DNSSECKeeper::RSASHA256);
+ /* FORCE WRONG ALGO */
+ addRRSIG(keys, res->d_records, domain, 300, false, DNSSECKeeper::RSASHA256);
- addRecordToLW(res, "a.root-servers.net.", QType::A, "198.41.0.4", DNSResourceRecord::ADDITIONAL, 3600);
- addRecordToLW(res, "a.root-servers.net.", QType::AAAA, "2001:503:ba3e::2:30", DNSResourceRecord::ADDITIONAL, 3600);
+ addRecordToLW(res, "a.root-servers.net.", QType::A, "198.41.0.4", DNSResourceRecord::ADDITIONAL, 3600);
+ addRecordToLW(res, "a.root-servers.net.", QType::AAAA, "2001:503:ba3e::2:30", DNSResourceRecord::ADDITIONAL, 3600);
- return 1;
- } else if (domain == target && type == QType::DNSKEY) {
+ return 1;
+ }
+ else if (domain == target && type == QType::DNSKEY) {
- setLWResult(res, 0, true, false, true);
+ setLWResult(res, 0, true, false, true);
- addDNSKEY(keys, domain, 300, res->d_records);
- addRRSIG(keys, res->d_records, domain, 300);
+ addDNSKEY(keys, domain, 300, res->d_records);
+ addRRSIG(keys, res->d_records, domain, 300);
- return 1;
- }
+ return 1;
+ }
- return 0;
- });
+ return 0;
+ });
vector<DNSRecord> ret;
int res = sr->beginResolve(target, QType(QType::NS), QClass::IN, ret);
BOOST_CHECK_EQUAL(queriesCount, 2U);
}
-BOOST_AUTO_TEST_CASE(test_dnssec_bogus_unsigned_ds) {
+BOOST_AUTO_TEST_CASE(test_dnssec_bogus_unsigned_ds)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr, true);
size_t queriesCount = 0;
- sr->setAsyncCallback([target,targetAddr,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
- queriesCount++;
-
- DNSName auth = domain;
-
- if (type == QType::DS || type == QType::DNSKEY) {
- if (genericDSAndDNSKEYHandler(res, domain, auth, type, keys) == 0) {
- return 0;
- }
+ sr->setAsyncCallback([target, targetAddr, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queriesCount++;
- if (type == QType::DS && domain == target) {
- /* remove the last record, which is the DS's RRSIG */
- res->d_records.pop_back();
- }
+ DNSName auth = domain;
- return 1;
+ if (type == QType::DS || type == QType::DNSKEY) {
+ if (genericDSAndDNSKEYHandler(res, domain, auth, type, keys) == 0) {
+ return 0;
}
- if (isRootServer(ip)) {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600);
- /* Include the DS but omit the RRSIG*/
- addDS(DNSName("com."), 300, res->d_records, keys);
- addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- return 1;
+ if (type == QType::DS && domain == target) {
+ /* remove the last record, which is the DS's RRSIG */
+ res->d_records.pop_back();
}
- if (ip == ComboAddress("192.0.2.1:53")) {
- setLWResult(res, RCode::NoError, true, false, true);
- addRecordToLW(res, domain, QType::A, targetAddr.toString(), DNSResourceRecord::ANSWER, 3600);
- addRRSIG(keys, res->d_records, auth, 300);
- return 1;
- }
+ return 1;
+ }
+
+ if (isRootServer(ip)) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600);
+ /* Include the DS but omit the RRSIG*/
+ addDS(DNSName("com."), 300, res->d_records, keys);
+ addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
+ return 1;
+ }
- return 0;
- });
+ if (ip == ComboAddress("192.0.2.1:53")) {
+ setLWResult(res, RCode::NoError, true, false, true);
+ addRecordToLW(res, domain, QType::A, targetAddr.toString(), DNSResourceRecord::ANSWER, 3600);
+ addRRSIG(keys, res->d_records, auth, 300);
+ return 1;
+ }
+
+ return 0;
+ });
vector<DNSRecord> ret;
int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret);
BOOST_CHECK_EQUAL(queriesCount, 3U);
}
-BOOST_AUTO_TEST_CASE(test_dnssec_bogus_unsigned_ds_direct) {
+BOOST_AUTO_TEST_CASE(test_dnssec_bogus_unsigned_ds_direct)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr, true);
size_t queriesCount = 0;
- sr->setAsyncCallback([target,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
- queriesCount++;
+ sr->setAsyncCallback([target, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queriesCount++;
- DNSName auth = domain;
+ DNSName auth = domain;
- if (type == QType::DS || type == QType::DNSKEY) {
- if (genericDSAndDNSKEYHandler(res, domain, auth, type, keys) == 0) {
- return 0;
- }
-
- if (type == QType::DS && domain == target) {
- /* remove the last record, which is the DS's RRSIG */
- res->d_records.pop_back();
- }
-
- return 1;
+ if (type == QType::DS || type == QType::DNSKEY) {
+ if (genericDSAndDNSKEYHandler(res, domain, auth, type, keys) == 0) {
+ return 0;
}
- if (isRootServer(ip)) {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600);
- /* Include the DS but omit the RRSIG*/
- addDS(DNSName("com."), 300, res->d_records, keys);
- addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- return 1;
+ if (type == QType::DS && domain == target) {
+ /* remove the last record, which is the DS's RRSIG */
+ res->d_records.pop_back();
}
- return 0;
- });
+ return 1;
+ }
+
+ if (isRootServer(ip)) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600);
+ /* Include the DS but omit the RRSIG*/
+ addDS(DNSName("com."), 300, res->d_records, keys);
+ addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
+ return 1;
+ }
+
+ return 0;
+ });
vector<DNSRecord> ret;
int res = sr->beginResolve(DNSName("com."), QType(QType::DS), QClass::IN, ret);
BOOST_AUTO_TEST_SUITE(syncres_cc5)
-BOOST_AUTO_TEST_CASE(test_dnssec_secure_various_algos) {
+BOOST_AUTO_TEST_CASE(test_dnssec_secure_various_algos)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr, true);
const time_t fixedNow = sr->getNow().tv_sec;
- sr->setAsyncCallback([target,targetAddr,&queriesCount,keys,fixedNow](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
- queriesCount++;
+ sr->setAsyncCallback([target, targetAddr, &queriesCount, keys, fixedNow](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queriesCount++;
- DNSName auth = domain;
- if (domain == target) {
- auth = DNSName("powerdns.com.");
- }
+ DNSName auth = domain;
+ if (domain == target) {
+ auth = DNSName("powerdns.com.");
+ }
- if (type == QType::DS || type == QType::DNSKEY) {
- return genericDSAndDNSKEYHandler(res, domain, auth, type, keys, true, fixedNow);
- }
+ if (type == QType::DS || type == QType::DNSKEY) {
+ return genericDSAndDNSKEYHandler(res, domain, auth, type, keys, true, fixedNow);
+ }
- if (isRootServer(ip)) {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600);
- addDS(DNSName("com."), 300, res->d_records, keys);
- addRRSIG(keys, res->d_records, DNSName("."), 300, false, boost::none, boost::none, fixedNow);
+ if (isRootServer(ip)) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600);
+ addDS(DNSName("com."), 300, res->d_records, keys);
+ addRRSIG(keys, res->d_records, DNSName("."), 300, false, boost::none, boost::none, fixedNow);
+ addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
+ return 1;
+ }
+
+ if (ip == ComboAddress("192.0.2.1:53")) {
+ if (domain == DNSName("com.")) {
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com.");
+ addRRSIG(keys, res->d_records, domain, 300, false, boost::none, boost::none, fixedNow);
addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- return 1;
+ addRRSIG(keys, res->d_records, domain, 300);
}
-
- if (ip == ComboAddress("192.0.2.1:53")) {
- if (domain == DNSName("com.")) {
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com.");
- addRRSIG(keys, res->d_records, domain, 300, false, boost::none, boost::none, fixedNow);
- addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- addRRSIG(keys, res->d_records, domain, 300);
- }
- else {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, auth, QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600);
- addDS(auth, 300, res->d_records, keys);
- addRRSIG(keys, res->d_records, DNSName("com."), 300, false, boost::none, boost::none, fixedNow);
- addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
- }
- return 1;
+ else {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, auth, QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600);
+ addDS(auth, 300, res->d_records, keys);
+ addRRSIG(keys, res->d_records, DNSName("com."), 300, false, boost::none, boost::none, fixedNow);
+ addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
}
+ return 1;
+ }
- if (ip == ComboAddress("192.0.2.2:53")) {
- if (type == QType::NS) {
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.");
- addRRSIG(keys, res->d_records, auth, 300, false, boost::none, boost::none, fixedNow);
- addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
- addRRSIG(keys, res->d_records, auth, 300);
- }
- else {
- setLWResult(res, RCode::NoError, true, false, true);
- addRecordToLW(res, domain, QType::A, targetAddr.toString(), DNSResourceRecord::ANSWER, 3600);
- addRRSIG(keys, res->d_records, auth, 300, false, boost::none, boost::none, fixedNow);
- }
- return 1;
+ if (ip == ComboAddress("192.0.2.2:53")) {
+ if (type == QType::NS) {
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.");
+ addRRSIG(keys, res->d_records, auth, 300, false, boost::none, boost::none, fixedNow);
+ addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
+ addRRSIG(keys, res->d_records, auth, 300);
}
+ else {
+ setLWResult(res, RCode::NoError, true, false, true);
+ addRecordToLW(res, domain, QType::A, targetAddr.toString(), DNSResourceRecord::ANSWER, 3600);
+ addRRSIG(keys, res->d_records, auth, 300, false, boost::none, boost::none, fixedNow);
+ }
+ return 1;
+ }
- return 0;
- });
+ return 0;
+ });
vector<DNSRecord> ret;
int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret);
BOOST_CHECK_EQUAL(queriesCount, 8U);
}
-BOOST_AUTO_TEST_CASE(test_dnssec_secure_a_then_ns) {
+BOOST_AUTO_TEST_CASE(test_dnssec_secure_a_then_ns)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr, true);
size_t queriesCount = 0;
- sr->setAsyncCallback([target,targetAddr,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
- queriesCount++;
+ sr->setAsyncCallback([target, targetAddr, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queriesCount++;
- DNSName auth = domain;
- if (domain == target) {
- auth = DNSName("powerdns.com.");
- }
+ DNSName auth = domain;
+ if (domain == target) {
+ auth = DNSName("powerdns.com.");
+ }
- if (type == QType::DS || type == QType::DNSKEY) {
- return genericDSAndDNSKEYHandler(res, domain, auth, type, keys);
- }
+ if (type == QType::DS || type == QType::DNSKEY) {
+ return genericDSAndDNSKEYHandler(res, domain, auth, type, keys);
+ }
- if (isRootServer(ip)) {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600);
- addDS(DNSName("com."), 300, res->d_records, keys);
- addRRSIG(keys, res->d_records, DNSName("."), 300);
+ if (isRootServer(ip)) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600);
+ addDS(DNSName("com."), 300, res->d_records, keys);
+ addRRSIG(keys, res->d_records, DNSName("."), 300);
+ addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
+ return 1;
+ }
+
+ if (ip == ComboAddress("192.0.2.1:53")) {
+ if (domain == DNSName("com.")) {
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com.");
+ addRRSIG(keys, res->d_records, domain, 300);
addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- return 1;
+ addRRSIG(keys, res->d_records, domain, 300);
}
-
- if (ip == ComboAddress("192.0.2.1:53")) {
- if (domain == DNSName("com.")) {
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com.");
- addRRSIG(keys, res->d_records, domain, 300);
- addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- addRRSIG(keys, res->d_records, domain, 300);
- }
- else {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, auth, QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600);
- addDS(auth, 300, res->d_records, keys);
- addRRSIG(keys, res->d_records, DNSName("com."), 300);
- addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
- }
- return 1;
+ else {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, auth, QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600);
+ addDS(auth, 300, res->d_records, keys);
+ addRRSIG(keys, res->d_records, DNSName("com."), 300);
+ addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
}
+ return 1;
+ }
- if (ip == ComboAddress("192.0.2.2:53")) {
- if (type == QType::NS) {
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.");
- addRRSIG(keys, res->d_records, auth, 300);
- addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
- addRRSIG(keys, res->d_records, auth, 300);
- }
- else {
- setLWResult(res, RCode::NoError, true, false, true);
- addRecordToLW(res, domain, QType::A, targetAddr.toString(), DNSResourceRecord::ANSWER, 3600);
- addRRSIG(keys, res->d_records, auth, 300);
- }
- return 1;
+ if (ip == ComboAddress("192.0.2.2:53")) {
+ if (type == QType::NS) {
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.");
+ addRRSIG(keys, res->d_records, auth, 300);
+ addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
+ addRRSIG(keys, res->d_records, auth, 300);
+ }
+ else {
+ setLWResult(res, RCode::NoError, true, false, true);
+ addRecordToLW(res, domain, QType::A, targetAddr.toString(), DNSResourceRecord::ANSWER, 3600);
+ addRRSIG(keys, res->d_records, auth, 300);
}
+ return 1;
+ }
- return 0;
- });
+ return 0;
+ });
vector<DNSRecord> ret;
int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret);
BOOST_CHECK_EQUAL(sr->getValidationState(), Secure);
BOOST_REQUIRE_EQUAL(ret.size(), 2U);
BOOST_CHECK_EQUAL(queriesCount, 9U);
-
}
-BOOST_AUTO_TEST_CASE(test_dnssec_insecure_a_then_ns) {
+BOOST_AUTO_TEST_CASE(test_dnssec_insecure_a_then_ns)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr, true);
size_t queriesCount = 0;
- sr->setAsyncCallback([target,targetAddr,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
- queriesCount++;
+ sr->setAsyncCallback([target, targetAddr, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queriesCount++;
- DNSName auth = domain;
- if (domain == target) {
- auth = DNSName("powerdns.com.");
- }
+ DNSName auth = domain;
+ if (domain == target) {
+ auth = DNSName("powerdns.com.");
+ }
- if (type == QType::DS || type == QType::DNSKEY) {
- return genericDSAndDNSKEYHandler(res, domain, auth, type, keys);
- }
+ if (type == QType::DS || type == QType::DNSKEY) {
+ return genericDSAndDNSKEYHandler(res, domain, auth, type, keys);
+ }
- if (isRootServer(ip)) {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600);
- addDS(DNSName("com."), 300, res->d_records, keys);
- addRRSIG(keys, res->d_records, DNSName("."), 300);
+ if (isRootServer(ip)) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600);
+ addDS(DNSName("com."), 300, res->d_records, keys);
+ addRRSIG(keys, res->d_records, DNSName("."), 300);
+ addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
+ return 1;
+ }
+
+ if (ip == ComboAddress("192.0.2.1:53")) {
+ if (domain == DNSName("com.")) {
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com.");
+ addRRSIG(keys, res->d_records, domain, 300);
addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- return 1;
+ addRRSIG(keys, res->d_records, domain, 300);
}
-
- if (ip == ComboAddress("192.0.2.1:53")) {
- if (domain == DNSName("com.")) {
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com.");
- addRRSIG(keys, res->d_records, domain, 300);
- addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- addRRSIG(keys, res->d_records, domain, 300);
- }
- else {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, auth, QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600);
- /* no DS */
- addNSECRecordToLW(domain, DNSName("z.powerdns.com."), { QType::NS }, 600, res->d_records);
- addRRSIG(keys, res->d_records, DNSName("com."), 300);
- addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
- }
- return 1;
+ else {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, auth, QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600);
+ /* no DS */
+ addNSECRecordToLW(domain, DNSName("z.powerdns.com."), {QType::NS}, 600, res->d_records);
+ addRRSIG(keys, res->d_records, DNSName("com."), 300);
+ addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
}
+ return 1;
+ }
- if (ip == ComboAddress("192.0.2.2:53")) {
- if (type == QType::NS) {
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.");
- addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
- }
- else {
- setLWResult(res, RCode::NoError, true, false, true);
- addRecordToLW(res, domain, QType::A, targetAddr.toString(), DNSResourceRecord::ANSWER, 3600);
- }
- return 1;
+ if (ip == ComboAddress("192.0.2.2:53")) {
+ if (type == QType::NS) {
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.");
+ addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
+ }
+ else {
+ setLWResult(res, RCode::NoError, true, false, true);
+ addRecordToLW(res, domain, QType::A, targetAddr.toString(), DNSResourceRecord::ANSWER, 3600);
}
+ return 1;
+ }
- return 0;
- });
+ return 0;
+ });
vector<DNSRecord> ret;
int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret);
BOOST_CHECK_EQUAL(queriesCount, 8U);
}
-BOOST_AUTO_TEST_CASE(test_dnssec_secure_with_nta) {
+BOOST_AUTO_TEST_CASE(test_dnssec_secure_with_nta)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr, true);
size_t queriesCount = 0;
- sr->setAsyncCallback([target,targetAddr,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
- queriesCount++;
+ sr->setAsyncCallback([target, targetAddr, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queriesCount++;
- DNSName auth = domain;
- if (domain == target) {
- auth = DNSName("powerdns.com.");
- }
+ DNSName auth = domain;
+ if (domain == target) {
+ auth = DNSName("powerdns.com.");
+ }
- if (type == QType::DS || type == QType::DNSKEY) {
- return genericDSAndDNSKEYHandler(res, domain, auth, type, keys);
- }
+ if (type == QType::DS || type == QType::DNSKEY) {
+ return genericDSAndDNSKEYHandler(res, domain, auth, type, keys);
+ }
- if (isRootServer(ip)) {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600);
- addDS(DNSName("com."), 300, res->d_records, keys);
- addRRSIG(keys, res->d_records, DNSName("."), 300);
+ if (isRootServer(ip)) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600);
+ addDS(DNSName("com."), 300, res->d_records, keys);
+ addRRSIG(keys, res->d_records, DNSName("."), 300);
+ addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
+ return 1;
+ }
+
+ if (ip == ComboAddress("192.0.2.1:53")) {
+ if (domain == DNSName("com.")) {
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com.");
+ addRRSIG(keys, res->d_records, domain, 300);
addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- return 1;
+ addRRSIG(keys, res->d_records, domain, 300);
}
-
- if (ip == ComboAddress("192.0.2.1:53")) {
- if (domain == DNSName("com.")) {
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com.");
- addRRSIG(keys, res->d_records, domain, 300);
- addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- addRRSIG(keys, res->d_records, domain, 300);
- }
- else {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, auth, QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600);
- addDS(auth, 300, res->d_records, keys);
- addRRSIG(keys, res->d_records, DNSName("com."), 300);
- addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
- }
- return 1;
+ else {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, auth, QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600);
+ addDS(auth, 300, res->d_records, keys);
+ addRRSIG(keys, res->d_records, DNSName("com."), 300);
+ addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
}
+ return 1;
+ }
- if (ip == ComboAddress("192.0.2.2:53")) {
- if (type == QType::NS) {
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.");
- addRRSIG(keys, res->d_records, auth, 300);
- addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
- addRRSIG(keys, res->d_records, auth, 300);
- }
- else {
- setLWResult(res, RCode::NoError, true, false, true);
- addRecordToLW(res, domain, QType::A, targetAddr.toString(), DNSResourceRecord::ANSWER, 3600);
- addRRSIG(keys, res->d_records, auth, 300);
- }
- return 1;
+ if (ip == ComboAddress("192.0.2.2:53")) {
+ if (type == QType::NS) {
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.");
+ addRRSIG(keys, res->d_records, auth, 300);
+ addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
+ addRRSIG(keys, res->d_records, auth, 300);
+ }
+ else {
+ setLWResult(res, RCode::NoError, true, false, true);
+ addRecordToLW(res, domain, QType::A, targetAddr.toString(), DNSResourceRecord::ANSWER, 3600);
+ addRRSIG(keys, res->d_records, auth, 300);
}
+ return 1;
+ }
- return 0;
- });
+ return 0;
+ });
vector<DNSRecord> ret;
int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret);
BOOST_CHECK_EQUAL(queriesCount, 5U);
}
-BOOST_AUTO_TEST_CASE(test_dnssec_bogus_with_nta) {
+BOOST_AUTO_TEST_CASE(test_dnssec_bogus_with_nta)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr, true);
size_t queriesCount = 0;
- sr->setAsyncCallback([target,targetAddr,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
- queriesCount++;
+ sr->setAsyncCallback([target, targetAddr, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queriesCount++;
- if (type == QType::DS || type == QType::DNSKEY) {
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
+ if (type == QType::DS || type == QType::DNSKEY) {
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
+ return 1;
+ }
+ else {
+ if (isRootServer(ip)) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600);
+ addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
return 1;
}
- else {
- if (isRootServer(ip)) {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600);
+ else if (ip == ComboAddress("192.0.2.1:53")) {
+ if (domain == DNSName("com.")) {
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com.");
addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- return 1;
}
- else if (ip == ComboAddress("192.0.2.1:53")) {
- if (domain == DNSName("com.")) {
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com.");
- addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- }
- else {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600);
- addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
- }
- return 1;
+ else {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600);
+ addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
}
- else if (ip == ComboAddress("192.0.2.2:53")) {
- if (type == QType::NS) {
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.");
- addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
- }
- else {
- setLWResult(res, RCode::NoError, true, false, true);
- addRecordToLW(res, domain, QType::A, targetAddr.toString(), DNSResourceRecord::ANSWER, 3600);
- }
- return 1;
+ return 1;
+ }
+ else if (ip == ComboAddress("192.0.2.2:53")) {
+ if (type == QType::NS) {
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.");
+ addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
}
+ else {
+ setLWResult(res, RCode::NoError, true, false, true);
+ addRecordToLW(res, domain, QType::A, targetAddr.toString(), DNSResourceRecord::ANSWER, 3600);
+ }
+ return 1;
}
+ }
- return 0;
- });
+ return 0;
+ });
/* There is TA for root but no DS/DNSKEY/RRSIG, should be Bogus, but.. */
vector<DNSRecord> ret;
BOOST_CHECK_EQUAL(queriesCount, 4U);
}
-BOOST_AUTO_TEST_CASE(test_dnssec_validation_nsec) {
+BOOST_AUTO_TEST_CASE(test_dnssec_validation_nsec)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr, true);
size_t queriesCount = 0;
- sr->setAsyncCallback([target,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
- queriesCount++;
+ sr->setAsyncCallback([target, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queriesCount++;
- if (type == QType::DS || type == QType::DNSKEY) {
- return genericDSAndDNSKEYHandler(res, domain, domain, type, keys);
+ if (type == QType::DS || type == QType::DNSKEY) {
+ return genericDSAndDNSKEYHandler(res, domain, domain, type, keys);
+ }
+ else {
+ if (isRootServer(ip)) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600);
+ addDS(DNSName("com."), 300, res->d_records, keys);
+ addRRSIG(keys, res->d_records, DNSName("."), 300);
+ addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
+ return 1;
}
- else {
- if (isRootServer(ip)) {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600);
- addDS(DNSName("com."), 300, res->d_records, keys);
- addRRSIG(keys, res->d_records, DNSName("."), 300);
+ else if (ip == ComboAddress("192.0.2.1:53")) {
+ if (domain == DNSName("com.")) {
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com.");
+ addRRSIG(keys, res->d_records, domain, 300);
addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- return 1;
+ addRRSIG(keys, res->d_records, domain, 300);
}
- else if (ip == ComboAddress("192.0.2.1:53")) {
- if (domain == DNSName("com.")) {
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com.");
- addRRSIG(keys, res->d_records, domain, 300);
- addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- addRRSIG(keys, res->d_records, domain, 300);
- }
- else {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600);
- addDS(domain, 300, res->d_records, keys);
- addRRSIG(keys, res->d_records, DNSName("com."), 300);
- addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
- }
- return 1;
+ else {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600);
+ addDS(domain, 300, res->d_records, keys);
+ addRRSIG(keys, res->d_records, DNSName("com."), 300);
+ addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
}
- else if (ip == ComboAddress("192.0.2.2:53")) {
- if (type == QType::NS) {
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.");
- addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300);
- addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
- addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300);
- }
- else {
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
- addRRSIG(keys, res->d_records, domain, 300);
- addNSECRecordToLW(domain, DNSName("z.powerdns.com."), { QType::NS, QType::DNSKEY }, 600, res->d_records);
- addRRSIG(keys, res->d_records, domain, 300);
- }
- return 1;
+ return 1;
+ }
+ else if (ip == ComboAddress("192.0.2.2:53")) {
+ if (type == QType::NS) {
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.");
+ addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300);
+ addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
+ addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300);
}
+ else {
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
+ addRRSIG(keys, res->d_records, domain, 300);
+ addNSECRecordToLW(domain, DNSName("z.powerdns.com."), {QType::NS, QType::DNSKEY}, 600, res->d_records);
+ addRRSIG(keys, res->d_records, domain, 300);
+ }
+ return 1;
}
+ }
- return 0;
- });
+ return 0;
+ });
vector<DNSRecord> ret;
int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret);
BOOST_CHECK_EQUAL(queriesCount, 8U);
}
-BOOST_AUTO_TEST_CASE(test_dnssec_validation_nxdomain_nsec) {
+BOOST_AUTO_TEST_CASE(test_dnssec_validation_nxdomain_nsec)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr, true);
size_t queriesCount = 0;
- sr->setAsyncCallback([target,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
- queriesCount++;
+ sr->setAsyncCallback([target, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queriesCount++;
- DNSName auth = domain;
- if (domain == target) {
- auth = DNSName("powerdns.com.");
+ DNSName auth = domain;
+ if (domain == target) {
+ auth = DNSName("powerdns.com.");
+ }
+ if (type == QType::DS || type == QType::DNSKEY) {
+ if (type == QType::DS && domain == target) {
+ setLWResult(res, RCode::NXDomain, true, false, true);
+ addRecordToLW(res, DNSName("powerdns.com."), QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
+ addRRSIG(keys, res->d_records, auth, 300);
+ addNSECRecordToLW(DNSName("nw.powerdns.com."), DNSName("ny.powerdns.com."), {QType::RRSIG, QType::NSEC}, 600, res->d_records);
+ addRRSIG(keys, res->d_records, auth, 300);
+ return 1;
}
- if (type == QType::DS || type == QType::DNSKEY) {
- if (type == QType::DS && domain == target) {
- setLWResult(res, RCode::NXDomain, true, false, true);
- addRecordToLW(res, DNSName("powerdns.com."), QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
- addRRSIG(keys, res->d_records, auth, 300);
- addNSECRecordToLW(DNSName("nw.powerdns.com."), DNSName("ny.powerdns.com."), { QType::RRSIG, QType::NSEC }, 600, res->d_records);
- addRRSIG(keys, res->d_records, auth, 300);
- return 1;
+ else {
+ return genericDSAndDNSKEYHandler(res, domain, auth, type, keys);
+ }
+ }
+ else {
+ if (isRootServer(ip)) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600);
+ addDS(DNSName("com."), 300, res->d_records, keys);
+ addRRSIG(keys, res->d_records, DNSName("."), 300);
+ addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
+ return 1;
+ }
+ else if (ip == ComboAddress("192.0.2.1:53")) {
+ if (domain == DNSName("com.")) {
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com.");
+ addRRSIG(keys, res->d_records, domain, 300);
+ addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
+ addRRSIG(keys, res->d_records, domain, 300);
}
else {
- return genericDSAndDNSKEYHandler(res, domain, auth, type, keys);
- }
- }
- else {
- if (isRootServer(ip)) {
setLWResult(res, 0, false, false, true);
- addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600);
- addDS(DNSName("com."), 300, res->d_records, keys);
- addRRSIG(keys, res->d_records, DNSName("."), 300);
- addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- return 1;
+ addRecordToLW(res, auth, QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600);
+ addDS(auth, 300, res->d_records, keys);
+ addRRSIG(keys, res->d_records, DNSName("com."), 300);
+ addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
}
- else if (ip == ComboAddress("192.0.2.1:53")) {
- if (domain == DNSName("com.")) {
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com.");
- addRRSIG(keys, res->d_records, domain, 300);
- addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- addRRSIG(keys, res->d_records, domain, 300);
- }
- else {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, auth, QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600);
- addDS(auth, 300, res->d_records, keys);
- addRRSIG(keys, res->d_records, DNSName("com."), 300);
+ return 1;
+ }
+ else if (ip == ComboAddress("192.0.2.2:53")) {
+ if (type == QType::NS) {
+ setLWResult(res, 0, true, false, true);
+ if (domain == DNSName("powerdns.com.")) {
+ addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.");
+ addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300);
addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
- }
- return 1;
- }
- else if (ip == ComboAddress("192.0.2.2:53")) {
- if (type == QType::NS) {
- setLWResult(res, 0, true, false, true);
- if (domain == DNSName("powerdns.com.")) {
- addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.");
- addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300);
- addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
- addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300);
- }
- else {
- addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
- addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300);
- addNSECRecordToLW(DNSName("nx.powerdns.com."), DNSName("nz.powerdns.com."), { QType::A, QType::NSEC, QType::RRSIG }, 600, res->d_records);
- addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300);
- }
+ addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300);
}
else {
- setLWResult(res, RCode::NXDomain, true, false, true);
- addRecordToLW(res, DNSName("powerdns.com."), QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
- addRRSIG(keys, res->d_records, auth, 300);
- addNSECRecordToLW(DNSName("nw.powerdns.com."), DNSName("ny.powerdns.com."), { QType::RRSIG, QType::NSEC }, 600, res->d_records);
- addRRSIG(keys, res->d_records, auth, 300);
- /* add wildcard denial */
- addNSECRecordToLW(DNSName("powerdns.com."), DNSName("a.powerdns.com."), { QType::RRSIG, QType::NSEC }, 600, res->d_records);
- addRRSIG(keys, res->d_records, auth, 300);
+ addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
+ addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300);
+ addNSECRecordToLW(DNSName("nx.powerdns.com."), DNSName("nz.powerdns.com."), {QType::A, QType::NSEC, QType::RRSIG}, 600, res->d_records);
+ addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300);
}
- return 1;
}
+ else {
+ setLWResult(res, RCode::NXDomain, true, false, true);
+ addRecordToLW(res, DNSName("powerdns.com."), QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
+ addRRSIG(keys, res->d_records, auth, 300);
+ addNSECRecordToLW(DNSName("nw.powerdns.com."), DNSName("ny.powerdns.com."), {QType::RRSIG, QType::NSEC}, 600, res->d_records);
+ addRRSIG(keys, res->d_records, auth, 300);
+ /* add wildcard denial */
+ addNSECRecordToLW(DNSName("powerdns.com."), DNSName("a.powerdns.com."), {QType::RRSIG, QType::NSEC}, 600, res->d_records);
+ addRRSIG(keys, res->d_records, auth, 300);
+ }
+ return 1;
}
+ }
- return 0;
- });
+ return 0;
+ });
vector<DNSRecord> ret;
int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret);
BOOST_CHECK_EQUAL(queriesCount, 9U);
}
-BOOST_AUTO_TEST_CASE(test_dnssec_validation_nsec_wildcard) {
+BOOST_AUTO_TEST_CASE(test_dnssec_validation_nsec_wildcard)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr, true);
size_t queriesCount = 0;
- sr->setAsyncCallback([target,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
- queriesCount++;
+ sr->setAsyncCallback([target, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queriesCount++;
- if (type == QType::DS || type == QType::DNSKEY) {
- if (type == QType::DS && domain == target) {
- setLWResult(res, RCode::NoError, true, false, true);
- addRecordToLW(res, DNSName("powerdns.com."), QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
- addRRSIG(keys, res->d_records, DNSName("powerdns.com."), 300);
- addNSECRecordToLW(DNSName("www.powerdns.com."), DNSName("wwz.powerdns.com."), { QType::A, QType::NSEC, QType::RRSIG }, 600, res->d_records);
- addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300);
- return 1;
- }
- else {
- return genericDSAndDNSKEYHandler(res, domain, domain, type, keys);
- }
+ if (type == QType::DS || type == QType::DNSKEY) {
+ if (type == QType::DS && domain == target) {
+ setLWResult(res, RCode::NoError, true, false, true);
+ addRecordToLW(res, DNSName("powerdns.com."), QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
+ addRRSIG(keys, res->d_records, DNSName("powerdns.com."), 300);
+ addNSECRecordToLW(DNSName("www.powerdns.com."), DNSName("wwz.powerdns.com."), {QType::A, QType::NSEC, QType::RRSIG}, 600, res->d_records);
+ addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300);
+ return 1;
}
else {
- if (isRootServer(ip)) {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600);
- addDS(DNSName("com."), 300, res->d_records, keys);
- addRRSIG(keys, res->d_records, DNSName("."), 300);
+ return genericDSAndDNSKEYHandler(res, domain, domain, type, keys);
+ }
+ }
+ else {
+ if (isRootServer(ip)) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600);
+ addDS(DNSName("com."), 300, res->d_records, keys);
+ addRRSIG(keys, res->d_records, DNSName("."), 300);
+ addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
+ return 1;
+ }
+ else if (ip == ComboAddress("192.0.2.1:53")) {
+ if (domain == DNSName("com.")) {
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com.");
+ addRRSIG(keys, res->d_records, domain, 300);
addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- return 1;
+ addRRSIG(keys, res->d_records, domain, 300);
}
- else if (ip == ComboAddress("192.0.2.1:53")) {
- if (domain == DNSName("com.")) {
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com.");
- addRRSIG(keys, res->d_records, domain, 300);
- addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- addRRSIG(keys, res->d_records, domain, 300);
- }
- else {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, "powerdns.com.", QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600);
- addDS(DNSName("powerdns.com."), 300, res->d_records, keys);
- addRRSIG(keys, res->d_records, DNSName("com."), 300);
- addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
- }
- return 1;
+ else {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, "powerdns.com.", QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600);
+ addDS(DNSName("powerdns.com."), 300, res->d_records, keys);
+ addRRSIG(keys, res->d_records, DNSName("com."), 300);
+ addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
}
- else if (ip == ComboAddress("192.0.2.2:53")) {
- setLWResult(res, 0, true, false, true);
- if (type == QType::NS) {
- if (domain == DNSName("powerdns.com.")) {
- addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.");
- addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300);
- addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
- addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300);
- }
- else {
- addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
- addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300);
- addNSECRecordToLW(DNSName("www.powerdns.com."), DNSName("wwz.powerdns.com."), { QType::A, QType::NSEC, QType::RRSIG }, 600, res->d_records);
- addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300);
- }
+ return 1;
+ }
+ else if (ip == ComboAddress("192.0.2.2:53")) {
+ setLWResult(res, 0, true, false, true);
+ if (type == QType::NS) {
+ if (domain == DNSName("powerdns.com.")) {
+ addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.");
+ addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300);
+ addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
+ addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300);
}
else {
- addRecordToLW(res, domain, QType::A, "192.0.2.42");
- addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300, false, boost::none, DNSName("*.powerdns.com"));
- /* we need to add the proof that this name does not exist, so the wildcard may apply */
- addNSECRecordToLW(DNSName("a.powerdns.com."), DNSName("wwz.powerdns.com."), { QType::A, QType::NSEC, QType::RRSIG }, 600, res->d_records);
+ addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
+ addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300);
+ addNSECRecordToLW(DNSName("www.powerdns.com."), DNSName("wwz.powerdns.com."), {QType::A, QType::NSEC, QType::RRSIG}, 600, res->d_records);
addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300);
}
- return 1;
}
+ else {
+ addRecordToLW(res, domain, QType::A, "192.0.2.42");
+ addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300, false, boost::none, DNSName("*.powerdns.com"));
+ /* we need to add the proof that this name does not exist, so the wildcard may apply */
+ addNSECRecordToLW(DNSName("a.powerdns.com."), DNSName("wwz.powerdns.com."), {QType::A, QType::NSEC, QType::RRSIG}, 600, res->d_records);
+ addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300);
+ }
+ return 1;
}
+ }
- return 0;
- });
+ return 0;
+ });
vector<DNSRecord> ret;
int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret);
BOOST_CHECK_EQUAL(queriesCount, 9U);
}
-BOOST_AUTO_TEST_CASE(test_dnssec_validation_nsec_nodata_nowildcard) {
+BOOST_AUTO_TEST_CASE(test_dnssec_validation_nsec_nodata_nowildcard)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr, true);
size_t queriesCount = 0;
- sr->setAsyncCallback([target,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
- queriesCount++;
+ sr->setAsyncCallback([target, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queriesCount++;
- if (type == QType::DS || type == QType::DNSKEY) {
- if (type == QType::DS && domain == target) {
- DNSName auth("com.");
- setLWResult(res, 0, true, false, true);
+ if (type == QType::DS || type == QType::DNSKEY) {
+ if (type == QType::DS && domain == target) {
+ DNSName auth("com.");
+ setLWResult(res, 0, true, false, true);
- addRecordToLW(res, auth, QType::SOA, "foo. bar. 2017032800 1800 900 604800 86400", DNSResourceRecord::AUTHORITY, 86400);
- addRRSIG(keys, res->d_records, auth, 300);
- /* add a NSEC denying the DS AND the existence of a cut (no NS) */
- addNSECRecordToLW(domain, DNSName("z") + domain, { QType::NSEC }, 600, res->d_records);
- addRRSIG(keys, res->d_records, auth, 300);
- return 1;
- }
- return genericDSAndDNSKEYHandler(res, domain, domain, type, keys);
+ addRecordToLW(res, auth, QType::SOA, "foo. bar. 2017032800 1800 900 604800 86400", DNSResourceRecord::AUTHORITY, 86400);
+ addRRSIG(keys, res->d_records, auth, 300);
+ /* add a NSEC denying the DS AND the existence of a cut (no NS) */
+ addNSECRecordToLW(domain, DNSName("z") + domain, {QType::NSEC}, 600, res->d_records);
+ addRRSIG(keys, res->d_records, auth, 300);
+ return 1;
}
- else {
- if (isRootServer(ip)) {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600);
- addDS(DNSName("com."), 300, res->d_records, keys);
- addRRSIG(keys, res->d_records, DNSName("."), 300);
- addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- return 1;
- }
- else if (ip == ComboAddress("192.0.2.1:53")) {
- setLWResult(res, 0, true, false, true);
- /* no data */
- addRecordToLW(res, DNSName("com."), QType::SOA, "com. com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
- addRRSIG(keys, res->d_records, DNSName("com."), 300);
- /* no record for this name */
- addNSECRecordToLW(DNSName("wwv.com."), DNSName("wwx.com."), { QType::NSEC, QType::RRSIG }, 600, res->d_records);
- addRRSIG(keys, res->d_records, DNSName("com."), 300);
- /* a wildcard matches but has no record for this type */
- addNSECRecordToLW(DNSName("*.com."), DNSName("com."), { QType::AAAA, QType::NSEC, QType::RRSIG }, 600, res->d_records);
- addRRSIG(keys, res->d_records, DNSName("com"), 300, false, boost::none, DNSName("*.com"));
- return 1;
- }
+ return genericDSAndDNSKEYHandler(res, domain, domain, type, keys);
+ }
+ else {
+ if (isRootServer(ip)) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600);
+ addDS(DNSName("com."), 300, res->d_records, keys);
+ addRRSIG(keys, res->d_records, DNSName("."), 300);
+ addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
+ return 1;
+ }
+ else if (ip == ComboAddress("192.0.2.1:53")) {
+ setLWResult(res, 0, true, false, true);
+ /* no data */
+ addRecordToLW(res, DNSName("com."), QType::SOA, "com. com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
+ addRRSIG(keys, res->d_records, DNSName("com."), 300);
+ /* no record for this name */
+ addNSECRecordToLW(DNSName("wwv.com."), DNSName("wwx.com."), {QType::NSEC, QType::RRSIG}, 600, res->d_records);
+ addRRSIG(keys, res->d_records, DNSName("com."), 300);
+ /* a wildcard matches but has no record for this type */
+ addNSECRecordToLW(DNSName("*.com."), DNSName("com."), {QType::AAAA, QType::NSEC, QType::RRSIG}, 600, res->d_records);
+ addRRSIG(keys, res->d_records, DNSName("com"), 300, false, boost::none, DNSName("*.com"));
+ return 1;
}
+ }
- return 0;
- });
+ return 0;
+ });
vector<DNSRecord> ret;
int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret);
BOOST_CHECK_EQUAL(queriesCount, 6U);
}
-BOOST_AUTO_TEST_CASE(test_dnssec_validation_nsec3_nodata_nowildcard) {
+BOOST_AUTO_TEST_CASE(test_dnssec_validation_nsec3_nodata_nowildcard)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr, true);
size_t queriesCount = 0;
- sr->setAsyncCallback([target,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
- queriesCount++;
+ sr->setAsyncCallback([target, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queriesCount++;
- if (type == QType::DS || type == QType::DNSKEY) {
- if (type == QType::DS && domain == target) {
- DNSName auth("com.");
- setLWResult(res, 0, true, false, true);
+ if (type == QType::DS || type == QType::DNSKEY) {
+ if (type == QType::DS && domain == target) {
+ DNSName auth("com.");
+ setLWResult(res, 0, true, false, true);
- addRecordToLW(res, auth, QType::SOA, "foo. bar. 2017032800 1800 900 604800 86400", DNSResourceRecord::AUTHORITY, 86400);
- addRRSIG(keys, res->d_records, auth, 300);
- /* add a NSEC3 denying the DS AND the existence of a cut (no NS) */
- /* first the closest encloser */
- addNSEC3UnhashedRecordToLW(DNSName("com."), auth, "whatever", { QType::A, QType::TXT, QType::RRSIG, QType::NSEC }, 600, res->d_records);
- addRRSIG(keys, res->d_records, auth, 300);
- /* then the next closer */
- addNSEC3NarrowRecordToLW(domain, DNSName("com."), { QType::RRSIG, QType::NSEC }, 600, res->d_records);
- addRRSIG(keys, res->d_records, auth, 300);
- /* a wildcard matches but has no record for this type */
- addNSEC3UnhashedRecordToLW(DNSName("*.com."), DNSName("com."), "whatever", { QType::AAAA, QType::NSEC, QType::RRSIG }, 600, res->d_records);
- addRRSIG(keys, res->d_records, DNSName("com"), 300, false, boost::none, DNSName("*.com"));
- return 1;
- }
- return genericDSAndDNSKEYHandler(res, domain, domain, type, keys);
+ addRecordToLW(res, auth, QType::SOA, "foo. bar. 2017032800 1800 900 604800 86400", DNSResourceRecord::AUTHORITY, 86400);
+ addRRSIG(keys, res->d_records, auth, 300);
+ /* add a NSEC3 denying the DS AND the existence of a cut (no NS) */
+ /* first the closest encloser */
+ addNSEC3UnhashedRecordToLW(DNSName("com."), auth, "whatever", {QType::A, QType::TXT, QType::RRSIG, QType::NSEC}, 600, res->d_records);
+ addRRSIG(keys, res->d_records, auth, 300);
+ /* then the next closer */
+ addNSEC3NarrowRecordToLW(domain, DNSName("com."), {QType::RRSIG, QType::NSEC}, 600, res->d_records);
+ addRRSIG(keys, res->d_records, auth, 300);
+ /* a wildcard matches but has no record for this type */
+ addNSEC3UnhashedRecordToLW(DNSName("*.com."), DNSName("com."), "whatever", {QType::AAAA, QType::NSEC, QType::RRSIG}, 600, res->d_records);
+ addRRSIG(keys, res->d_records, DNSName("com"), 300, false, boost::none, DNSName("*.com"));
+ return 1;
}
- else {
- if (isRootServer(ip)) {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600);
- addDS(DNSName("com."), 300, res->d_records, keys);
- addRRSIG(keys, res->d_records, DNSName("."), 300);
- addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- return 1;
- }
- else if (ip == ComboAddress("192.0.2.1:53")) {
- setLWResult(res, 0, true, false, true);
- /* no data */
- addRecordToLW(res, DNSName("com."), QType::SOA, "com. com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
- addRRSIG(keys, res->d_records, DNSName("com."), 300);
- /* no record for this name */
- /* first the closest encloser */
- addNSEC3UnhashedRecordToLW(DNSName("com."), DNSName("com."), "whatever", { QType::A, QType::TXT, QType::RRSIG, QType::NSEC }, 600, res->d_records);
- addRRSIG(keys, res->d_records, DNSName("com."), 300);
- /* then the next closer */
- addNSEC3NarrowRecordToLW(domain, DNSName("com."), { QType::RRSIG, QType::NSEC }, 600, res->d_records);
- addRRSIG(keys, res->d_records, DNSName("com."), 300);
- /* a wildcard matches but has no record for this type */
- addNSEC3UnhashedRecordToLW(DNSName("*.com."), DNSName("com."), "whatever", { QType::AAAA, QType::NSEC, QType::RRSIG }, 600, res->d_records);
- addRRSIG(keys, res->d_records, DNSName("com"), 300, false, boost::none, DNSName("*.com"));
- return 1;
- }
+ return genericDSAndDNSKEYHandler(res, domain, domain, type, keys);
+ }
+ else {
+ if (isRootServer(ip)) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600);
+ addDS(DNSName("com."), 300, res->d_records, keys);
+ addRRSIG(keys, res->d_records, DNSName("."), 300);
+ addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
+ return 1;
}
+ else if (ip == ComboAddress("192.0.2.1:53")) {
+ setLWResult(res, 0, true, false, true);
+ /* no data */
+ addRecordToLW(res, DNSName("com."), QType::SOA, "com. com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
+ addRRSIG(keys, res->d_records, DNSName("com."), 300);
+ /* no record for this name */
+ /* first the closest encloser */
+ addNSEC3UnhashedRecordToLW(DNSName("com."), DNSName("com."), "whatever", {QType::A, QType::TXT, QType::RRSIG, QType::NSEC}, 600, res->d_records);
+ addRRSIG(keys, res->d_records, DNSName("com."), 300);
+ /* then the next closer */
+ addNSEC3NarrowRecordToLW(domain, DNSName("com."), {QType::RRSIG, QType::NSEC}, 600, res->d_records);
+ addRRSIG(keys, res->d_records, DNSName("com."), 300);
+ /* a wildcard matches but has no record for this type */
+ addNSEC3UnhashedRecordToLW(DNSName("*.com."), DNSName("com."), "whatever", {QType::AAAA, QType::NSEC, QType::RRSIG}, 600, res->d_records);
+ addRRSIG(keys, res->d_records, DNSName("com"), 300, false, boost::none, DNSName("*.com"));
+ return 1;
+ }
+ }
- return 0;
- });
+ return 0;
+ });
vector<DNSRecord> ret;
int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret);
BOOST_CHECK_EQUAL(queriesCount, 6U);
}
-BOOST_AUTO_TEST_CASE(test_dnssec_validation_nsec3_nodata_nowildcard_too_many_iterations) {
+BOOST_AUTO_TEST_CASE(test_dnssec_validation_nsec3_nodata_nowildcard_too_many_iterations)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr, true);
size_t queriesCount = 0;
- sr->setAsyncCallback([target,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
- queriesCount++;
+ sr->setAsyncCallback([target, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queriesCount++;
- if (type == QType::DS || type == QType::DNSKEY) {
- if (type == QType::DS && domain == target) {
- DNSName auth("com.");
- setLWResult(res, 0, true, false, true);
+ if (type == QType::DS || type == QType::DNSKEY) {
+ if (type == QType::DS && domain == target) {
+ DNSName auth("com.");
+ setLWResult(res, 0, true, false, true);
- addRecordToLW(res, auth, QType::SOA, "foo. bar. 2017032800 1800 900 604800 86400", DNSResourceRecord::AUTHORITY, 86400);
- addRRSIG(keys, res->d_records, auth, 300);
- /* add a NSEC3 denying the DS AND the existence of a cut (no NS) */
- /* first the closest encloser */
- addNSEC3UnhashedRecordToLW(DNSName("com."), auth, "whatever", { QType::A, QType::TXT, QType::RRSIG, QType::NSEC }, 600, res->d_records, g_maxNSEC3Iterations + 100);
- addRRSIG(keys, res->d_records, auth, 300);
- /* then the next closer */
- addNSEC3NarrowRecordToLW(domain, DNSName("com."), { QType::RRSIG, QType::NSEC }, 600, res->d_records, g_maxNSEC3Iterations + 100);
- addRRSIG(keys, res->d_records, auth, 300);
- /* a wildcard matches but has no record for this type */
- addNSEC3UnhashedRecordToLW(DNSName("*.com."), DNSName("com."), "whatever", { QType::AAAA, QType::NSEC, QType::RRSIG }, 600, res->d_records, g_maxNSEC3Iterations + 100);
- addRRSIG(keys, res->d_records, DNSName("com"), 300, false, boost::none, DNSName("*.com"));
- return 1;
- }
- return genericDSAndDNSKEYHandler(res, domain, domain, type, keys);
+ addRecordToLW(res, auth, QType::SOA, "foo. bar. 2017032800 1800 900 604800 86400", DNSResourceRecord::AUTHORITY, 86400);
+ addRRSIG(keys, res->d_records, auth, 300);
+ /* add a NSEC3 denying the DS AND the existence of a cut (no NS) */
+ /* first the closest encloser */
+ addNSEC3UnhashedRecordToLW(DNSName("com."), auth, "whatever", {QType::A, QType::TXT, QType::RRSIG, QType::NSEC}, 600, res->d_records, g_maxNSEC3Iterations + 100);
+ addRRSIG(keys, res->d_records, auth, 300);
+ /* then the next closer */
+ addNSEC3NarrowRecordToLW(domain, DNSName("com."), {QType::RRSIG, QType::NSEC}, 600, res->d_records, g_maxNSEC3Iterations + 100);
+ addRRSIG(keys, res->d_records, auth, 300);
+ /* a wildcard matches but has no record for this type */
+ addNSEC3UnhashedRecordToLW(DNSName("*.com."), DNSName("com."), "whatever", {QType::AAAA, QType::NSEC, QType::RRSIG}, 600, res->d_records, g_maxNSEC3Iterations + 100);
+ addRRSIG(keys, res->d_records, DNSName("com"), 300, false, boost::none, DNSName("*.com"));
+ return 1;
}
- else {
- if (isRootServer(ip)) {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600);
- addDS(DNSName("com."), 300, res->d_records, keys);
- addRRSIG(keys, res->d_records, DNSName("."), 300);
- addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- return 1;
- }
- else if (ip == ComboAddress("192.0.2.1:53")) {
- setLWResult(res, 0, true, false, true);
- /* no data */
- addRecordToLW(res, DNSName("com."), QType::SOA, "com. com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
- addRRSIG(keys, res->d_records, DNSName("com."), 300);
- /* no record for this name */
- /* first the closest encloser */
- addNSEC3UnhashedRecordToLW(DNSName("com."), DNSName("com."), "whatever", { QType::A, QType::TXT, QType::RRSIG, QType::NSEC }, 600, res->d_records, g_maxNSEC3Iterations + 100);
- addRRSIG(keys, res->d_records, DNSName("com."), 300);
- /* then the next closer */
- addNSEC3NarrowRecordToLW(domain, DNSName("com."), { QType::RRSIG, QType::NSEC }, 600, res->d_records, g_maxNSEC3Iterations + 100);
- addRRSIG(keys, res->d_records, DNSName("com."), 300);
- /* a wildcard matches but has no record for this type */
- addNSEC3UnhashedRecordToLW(DNSName("*.com."), DNSName("com."), "whatever", { QType::AAAA, QType::NSEC, QType::RRSIG }, 600, res->d_records, g_maxNSEC3Iterations + 100);
- addRRSIG(keys, res->d_records, DNSName("com"), 300, false, boost::none, DNSName("*.com"));
- return 1;
- }
+ return genericDSAndDNSKEYHandler(res, domain, domain, type, keys);
+ }
+ else {
+ if (isRootServer(ip)) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600);
+ addDS(DNSName("com."), 300, res->d_records, keys);
+ addRRSIG(keys, res->d_records, DNSName("."), 300);
+ addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
+ return 1;
+ }
+ else if (ip == ComboAddress("192.0.2.1:53")) {
+ setLWResult(res, 0, true, false, true);
+ /* no data */
+ addRecordToLW(res, DNSName("com."), QType::SOA, "com. com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
+ addRRSIG(keys, res->d_records, DNSName("com."), 300);
+ /* no record for this name */
+ /* first the closest encloser */
+ addNSEC3UnhashedRecordToLW(DNSName("com."), DNSName("com."), "whatever", {QType::A, QType::TXT, QType::RRSIG, QType::NSEC}, 600, res->d_records, g_maxNSEC3Iterations + 100);
+ addRRSIG(keys, res->d_records, DNSName("com."), 300);
+ /* then the next closer */
+ addNSEC3NarrowRecordToLW(domain, DNSName("com."), {QType::RRSIG, QType::NSEC}, 600, res->d_records, g_maxNSEC3Iterations + 100);
+ addRRSIG(keys, res->d_records, DNSName("com."), 300);
+ /* a wildcard matches but has no record for this type */
+ addNSEC3UnhashedRecordToLW(DNSName("*.com."), DNSName("com."), "whatever", {QType::AAAA, QType::NSEC, QType::RRSIG}, 600, res->d_records, g_maxNSEC3Iterations + 100);
+ addRRSIG(keys, res->d_records, DNSName("com"), 300, false, boost::none, DNSName("*.com"));
+ return 1;
}
+ }
- return 0;
- });
+ return 0;
+ });
/* we are generating NSEC3 with more iterations than we allow, so we should go Insecure */
vector<DNSRecord> ret;
BOOST_CHECK_EQUAL(queriesCount, 6U);
}
-BOOST_AUTO_TEST_CASE(test_dnssec_validation_nsec3_wildcard) {
+BOOST_AUTO_TEST_CASE(test_dnssec_validation_nsec3_wildcard)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr, true);
size_t queriesCount = 0;
- sr->setAsyncCallback([target,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
- queriesCount++;
+ sr->setAsyncCallback([target, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queriesCount++;
- if (type == QType::DS || type == QType::DNSKEY) {
- if (type == QType::DS && domain.isPartOf(DNSName("sub.powerdns.com"))) {
- setLWResult(res, RCode::NoError, true, false, true);
- addRecordToLW(res, DNSName("powerdns.com."), QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
- addRRSIG(keys, res->d_records, DNSName("powerdns.com."), 300);
- if (domain == DNSName("sub.powerdns.com")) {
- addNSECRecordToLW(DNSName("sub.powerdns.com."), DNSName("sud.powerdns.com."), { QType::A, QType::NSEC, QType::RRSIG }, 600, res->d_records);
- }
- else if (domain == target) {
- addNSECRecordToLW(DNSName("www.sub.powerdns.com."), DNSName("wwz.sub.powerdns.com."), { QType::A, QType::NSEC, QType::RRSIG }, 600, res->d_records);
- }
- addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300);
- return 1;
+ if (type == QType::DS || type == QType::DNSKEY) {
+ if (type == QType::DS && domain.isPartOf(DNSName("sub.powerdns.com"))) {
+ setLWResult(res, RCode::NoError, true, false, true);
+ addRecordToLW(res, DNSName("powerdns.com."), QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
+ addRRSIG(keys, res->d_records, DNSName("powerdns.com."), 300);
+ if (domain == DNSName("sub.powerdns.com")) {
+ addNSECRecordToLW(DNSName("sub.powerdns.com."), DNSName("sud.powerdns.com."), {QType::A, QType::NSEC, QType::RRSIG}, 600, res->d_records);
}
- else {
- return genericDSAndDNSKEYHandler(res, domain, domain, type, keys);
+ else if (domain == target) {
+ addNSECRecordToLW(DNSName("www.sub.powerdns.com."), DNSName("wwz.sub.powerdns.com."), {QType::A, QType::NSEC, QType::RRSIG}, 600, res->d_records);
}
+ addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300);
+ return 1;
}
else {
- if (isRootServer(ip)) {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600);
- addDS(DNSName("com."), 300, res->d_records, keys);
- addRRSIG(keys, res->d_records, DNSName("."), 300);
+ return genericDSAndDNSKEYHandler(res, domain, domain, type, keys);
+ }
+ }
+ else {
+ if (isRootServer(ip)) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600);
+ addDS(DNSName("com."), 300, res->d_records, keys);
+ addRRSIG(keys, res->d_records, DNSName("."), 300);
+ addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
+ return 1;
+ }
+ else if (ip == ComboAddress("192.0.2.1:53")) {
+ if (domain == DNSName("com.")) {
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com.");
+ addRRSIG(keys, res->d_records, domain, 300);
addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- return 1;
+ addRRSIG(keys, res->d_records, domain, 300);
}
- else if (ip == ComboAddress("192.0.2.1:53")) {
- if (domain == DNSName("com.")) {
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com.");
- addRRSIG(keys, res->d_records, domain, 300);
- addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- addRRSIG(keys, res->d_records, domain, 300);
- }
- else {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, "powerdns.com.", QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600);
- addDS(DNSName("powerdns.com."), 300, res->d_records, keys);
- addRRSIG(keys, res->d_records, DNSName("com."), 300);
- addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
- }
- return 1;
+ else {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, "powerdns.com.", QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600);
+ addDS(DNSName("powerdns.com."), 300, res->d_records, keys);
+ addRRSIG(keys, res->d_records, DNSName("com."), 300);
+ addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
}
- else if (ip == ComboAddress("192.0.2.2:53")) {
- setLWResult(res, 0, true, false, true);
- if (type == QType::NS) {
- if (domain == DNSName("powerdns.com.")) {
- addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.");
- addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300);
- addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
- addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300);
- }
- else {
- addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
- addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300);
- addNSECRecordToLW(DNSName("www.powerdns.com."), DNSName("wwz.powerdns.com."), { QType::A, QType::NSEC, QType::RRSIG }, 600, res->d_records);
- addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300);
- }
+ return 1;
+ }
+ else if (ip == ComboAddress("192.0.2.2:53")) {
+ setLWResult(res, 0, true, false, true);
+ if (type == QType::NS) {
+ if (domain == DNSName("powerdns.com.")) {
+ addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.");
+ addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300);
+ addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
+ addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300);
}
else {
- addRecordToLW(res, domain, QType::A, "192.0.2.42");
- addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300, false, boost::none, DNSName("*.powerdns.com"));
- /* we need to add the proof that this name does not exist, so the wildcard may apply */
- /* first the closest encloser */
- addNSEC3UnhashedRecordToLW(DNSName("powerdns.com."), DNSName("powerdns.com."), "whatever", { QType::A, QType::TXT, QType::RRSIG, QType::NSEC }, 600, res->d_records);
- addRRSIG(keys, res->d_records, DNSName("powerdns.com."), 300);
- /* then the next closer */
- addNSEC3NarrowRecordToLW(DNSName("sub.powerdns.com."), DNSName("powerdns.com."), { QType::A, QType::TXT, QType::RRSIG, QType::NSEC }, 600, res->d_records);
- addRRSIG(keys, res->d_records, DNSName("powerdns.com."), 300);
+ addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
+ addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300);
+ addNSECRecordToLW(DNSName("www.powerdns.com."), DNSName("wwz.powerdns.com."), {QType::A, QType::NSEC, QType::RRSIG}, 600, res->d_records);
+ addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300);
}
- return 1;
}
+ else {
+ addRecordToLW(res, domain, QType::A, "192.0.2.42");
+ addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300, false, boost::none, DNSName("*.powerdns.com"));
+ /* we need to add the proof that this name does not exist, so the wildcard may apply */
+ /* first the closest encloser */
+ addNSEC3UnhashedRecordToLW(DNSName("powerdns.com."), DNSName("powerdns.com."), "whatever", {QType::A, QType::TXT, QType::RRSIG, QType::NSEC}, 600, res->d_records);
+ addRRSIG(keys, res->d_records, DNSName("powerdns.com."), 300);
+ /* then the next closer */
+ addNSEC3NarrowRecordToLW(DNSName("sub.powerdns.com."), DNSName("powerdns.com."), {QType::A, QType::TXT, QType::RRSIG, QType::NSEC}, 600, res->d_records);
+ addRRSIG(keys, res->d_records, DNSName("powerdns.com."), 300);
+ }
+ return 1;
}
+ }
- return 0;
- });
+ return 0;
+ });
vector<DNSRecord> ret;
int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret);
BOOST_CHECK_EQUAL(queriesCount, 10U);
}
-BOOST_AUTO_TEST_CASE(test_dnssec_validation_nsec3_wildcard_too_many_iterations) {
+BOOST_AUTO_TEST_CASE(test_dnssec_validation_nsec3_wildcard_too_many_iterations)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr, true);
size_t queriesCount = 0;
- sr->setAsyncCallback([target,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
- queriesCount++;
+ sr->setAsyncCallback([target, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queriesCount++;
- if (type == QType::DS || type == QType::DNSKEY) {
- if (type == QType::DS && domain == target) {
- setLWResult(res, RCode::NoError, true, false, true);
- addRecordToLW(res, DNSName("powerdns.com."), QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
- addRRSIG(keys, res->d_records, DNSName("powerdns.com."), 300);
- addNSECRecordToLW(DNSName("www.powerdns.com."), DNSName("wwz.powerdns.com."), { QType::A, QType::NSEC, QType::RRSIG }, 600, res->d_records);
- addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300);
- return 1;
- }
- else {
- return genericDSAndDNSKEYHandler(res, domain, domain, type, keys);
- }
+ if (type == QType::DS || type == QType::DNSKEY) {
+ if (type == QType::DS && domain == target) {
+ setLWResult(res, RCode::NoError, true, false, true);
+ addRecordToLW(res, DNSName("powerdns.com."), QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
+ addRRSIG(keys, res->d_records, DNSName("powerdns.com."), 300);
+ addNSECRecordToLW(DNSName("www.powerdns.com."), DNSName("wwz.powerdns.com."), {QType::A, QType::NSEC, QType::RRSIG}, 600, res->d_records);
+ addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300);
+ return 1;
}
else {
- if (isRootServer(ip)) {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600);
- addDS(DNSName("com."), 300, res->d_records, keys);
- addRRSIG(keys, res->d_records, DNSName("."), 300);
+ return genericDSAndDNSKEYHandler(res, domain, domain, type, keys);
+ }
+ }
+ else {
+ if (isRootServer(ip)) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600);
+ addDS(DNSName("com."), 300, res->d_records, keys);
+ addRRSIG(keys, res->d_records, DNSName("."), 300);
+ addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
+ return 1;
+ }
+ else if (ip == ComboAddress("192.0.2.1:53")) {
+ if (domain == DNSName("com.")) {
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com.");
+ addRRSIG(keys, res->d_records, domain, 300);
addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- return 1;
+ addRRSIG(keys, res->d_records, domain, 300);
}
- else if (ip == ComboAddress("192.0.2.1:53")) {
- if (domain == DNSName("com.")) {
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com.");
- addRRSIG(keys, res->d_records, domain, 300);
- addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- addRRSIG(keys, res->d_records, domain, 300);
- }
- else {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, "powerdns.com.", QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600);
- addDS(DNSName("powerdns.com."), 300, res->d_records, keys);
- addRRSIG(keys, res->d_records, DNSName("com."), 300);
- addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
- }
- return 1;
+ else {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, "powerdns.com.", QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600);
+ addDS(DNSName("powerdns.com."), 300, res->d_records, keys);
+ addRRSIG(keys, res->d_records, DNSName("com."), 300);
+ addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
}
- else if (ip == ComboAddress("192.0.2.2:53")) {
- setLWResult(res, 0, true, false, true);
- if (type == QType::NS) {
- if (domain == DNSName("powerdns.com.")) {
- addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.");
- addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300);
- addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
- addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300);
- }
- else {
- addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
- addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300);
- addNSECRecordToLW(DNSName("www.powerdns.com."), DNSName("wwz.powerdns.com."), { QType::A, QType::NSEC, QType::RRSIG }, 600, res->d_records);
- addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300);
- }
+ return 1;
+ }
+ else if (ip == ComboAddress("192.0.2.2:53")) {
+ setLWResult(res, 0, true, false, true);
+ if (type == QType::NS) {
+ if (domain == DNSName("powerdns.com.")) {
+ addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.");
+ addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300);
+ addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
+ addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300);
}
else {
- addRecordToLW(res, domain, QType::A, "192.0.2.42");
- addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300, false, boost::none, DNSName("*.powerdns.com"));
- /* we need to add the proof that this name does not exist, so the wildcard may apply */
- /* first the closest encloser */
- addNSEC3UnhashedRecordToLW(DNSName("powerdns.com."), DNSName("powerdns.com."), "whatever", { QType::A, QType::TXT, QType::RRSIG, QType::NSEC }, 600, res->d_records);
- addRRSIG(keys, res->d_records, DNSName("powerdns.com."), 300);
- /* then the next closer */
- addNSEC3NarrowRecordToLW(DNSName("www.powerdns.com."), DNSName("powerdns.com."), { QType::A, QType::TXT, QType::RRSIG, QType::NSEC }, 600, res->d_records, g_maxNSEC3Iterations + 100);
- addRRSIG(keys, res->d_records, DNSName("powerdns.com."), 300);
+ addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
+ addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300);
+ addNSECRecordToLW(DNSName("www.powerdns.com."), DNSName("wwz.powerdns.com."), {QType::A, QType::NSEC, QType::RRSIG}, 600, res->d_records);
+ addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300);
}
- return 1;
}
+ else {
+ addRecordToLW(res, domain, QType::A, "192.0.2.42");
+ addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300, false, boost::none, DNSName("*.powerdns.com"));
+ /* we need to add the proof that this name does not exist, so the wildcard may apply */
+ /* first the closest encloser */
+ addNSEC3UnhashedRecordToLW(DNSName("powerdns.com."), DNSName("powerdns.com."), "whatever", {QType::A, QType::TXT, QType::RRSIG, QType::NSEC}, 600, res->d_records);
+ addRRSIG(keys, res->d_records, DNSName("powerdns.com."), 300);
+ /* then the next closer */
+ addNSEC3NarrowRecordToLW(DNSName("www.powerdns.com."), DNSName("powerdns.com."), {QType::A, QType::TXT, QType::RRSIG, QType::NSEC}, 600, res->d_records, g_maxNSEC3Iterations + 100);
+ addRRSIG(keys, res->d_records, DNSName("powerdns.com."), 300);
+ }
+ return 1;
}
+ }
- return 0;
- });
+ return 0;
+ });
/* the NSEC3 providing the denial of existence proof for the next closer has too many iterations,
we should end up Insecure */
BOOST_CHECK_EQUAL(queriesCount, 9U);
}
-BOOST_AUTO_TEST_CASE(test_dnssec_validation_nsec_wildcard_missing) {
+BOOST_AUTO_TEST_CASE(test_dnssec_validation_nsec_wildcard_missing)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr, true);
size_t queriesCount = 0;
- sr->setAsyncCallback([target,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
- queriesCount++;
+ sr->setAsyncCallback([target, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queriesCount++;
- if (type == QType::DS || type == QType::DNSKEY) {
- if (type == QType::DS && domain == target) {
- setLWResult(res, RCode::NoError, true, false, true);
- addRecordToLW(res, DNSName("powerdns.com."), QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
- addRRSIG(keys, res->d_records, DNSName("powerdns.com."), 300);
- addNSECRecordToLW(DNSName("www.powerdns.com."), DNSName("wwz.powerdns.com."), { QType::A, QType::NSEC, QType::RRSIG }, 600, res->d_records);
- addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300);
- return 1;
- }
- else {
- return genericDSAndDNSKEYHandler(res, domain, domain, type, keys);
- }
+ if (type == QType::DS || type == QType::DNSKEY) {
+ if (type == QType::DS && domain == target) {
+ setLWResult(res, RCode::NoError, true, false, true);
+ addRecordToLW(res, DNSName("powerdns.com."), QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
+ addRRSIG(keys, res->d_records, DNSName("powerdns.com."), 300);
+ addNSECRecordToLW(DNSName("www.powerdns.com."), DNSName("wwz.powerdns.com."), {QType::A, QType::NSEC, QType::RRSIG}, 600, res->d_records);
+ addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300);
+ return 1;
}
else {
- if (isRootServer(ip)) {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600);
- addDS(DNSName("com."), 300, res->d_records, keys);
- addRRSIG(keys, res->d_records, DNSName("."), 300);
+ return genericDSAndDNSKEYHandler(res, domain, domain, type, keys);
+ }
+ }
+ else {
+ if (isRootServer(ip)) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600);
+ addDS(DNSName("com."), 300, res->d_records, keys);
+ addRRSIG(keys, res->d_records, DNSName("."), 300);
+ addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
+ return 1;
+ }
+ else if (ip == ComboAddress("192.0.2.1:53")) {
+ if (domain == DNSName("com.")) {
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com.");
+ addRRSIG(keys, res->d_records, domain, 300);
addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- return 1;
+ addRRSIG(keys, res->d_records, domain, 300);
}
- else if (ip == ComboAddress("192.0.2.1:53")) {
- if (domain == DNSName("com.")) {
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com.");
- addRRSIG(keys, res->d_records, domain, 300);
- addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- addRRSIG(keys, res->d_records, domain, 300);
- }
- else {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, "powerdns.com.", QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600);
- addDS(DNSName("powerdns.com."), 300, res->d_records, keys);
- addRRSIG(keys, res->d_records, DNSName("com."), 300);
- addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
- }
- return 1;
+ else {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, "powerdns.com.", QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600);
+ addDS(DNSName("powerdns.com."), 300, res->d_records, keys);
+ addRRSIG(keys, res->d_records, DNSName("com."), 300);
+ addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
}
- else if (ip == ComboAddress("192.0.2.2:53")) {
- setLWResult(res, 0, true, false, true);
- if (type == QType::NS) {
- if (domain == DNSName("powerdns.com.")) {
- addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.");
- addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300);
- addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
- addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300);
- }
- else {
- addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
- addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300);
- addNSECRecordToLW(DNSName("www.powerdns.com."), DNSName("wwz.powerdns.com."), { QType::A, QType::NSEC, QType::RRSIG }, 600, res->d_records);
- addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300);
- }
+ return 1;
+ }
+ else if (ip == ComboAddress("192.0.2.2:53")) {
+ setLWResult(res, 0, true, false, true);
+ if (type == QType::NS) {
+ if (domain == DNSName("powerdns.com.")) {
+ addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.");
+ addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300);
+ addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
+ addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300);
}
else {
- addRecordToLW(res, domain, QType::A, "192.0.2.42");
- addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300, false, boost::none, DNSName("*.powerdns.com"));
+ addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
+ addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300);
+ addNSECRecordToLW(DNSName("www.powerdns.com."), DNSName("wwz.powerdns.com."), {QType::A, QType::NSEC, QType::RRSIG}, 600, res->d_records);
+ addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300);
}
- return 1;
}
+ else {
+ addRecordToLW(res, domain, QType::A, "192.0.2.42");
+ addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300, false, boost::none, DNSName("*.powerdns.com"));
+ }
+ return 1;
}
+ }
- return 0;
- });
+ return 0;
+ });
vector<DNSRecord> ret;
int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret);
BOOST_CHECK_EQUAL(queriesCount, 9U);
}
-BOOST_AUTO_TEST_CASE(test_dnssec_validation_wildcard_expanded_onto_itself) {
+BOOST_AUTO_TEST_CASE(test_dnssec_validation_wildcard_expanded_onto_itself)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr, true);
g_luaconfs.setState(luaconfsCopy);
- sr->setAsyncCallback([target,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
-
+ sr->setAsyncCallback([target, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
if (type == QType::DS || type == QType::DNSKEY) {
if (domain == target) {
const auto auth = DNSName("powerdns.com.");
addRecordToLW(res, auth, QType::SOA, "foo. bar. 2017032800 1800 900 604800 86400", DNSResourceRecord::AUTHORITY, 86400);
addRRSIG(keys, res->d_records, auth, 300);
/* add a NSEC denying the DS */
- std::set<uint16_t> types = { QType::NSEC };
+ std::set<uint16_t> types = {QType::NSEC};
addNSECRecordToLW(domain, DNSName("z") + domain, types, 600, res->d_records);
addRRSIG(keys, res->d_records, auth, 300);
return 1;
addRRSIG(keys, res->d_records, DNSName("powerdns.com."), 300, false, boost::none, DNSName("*.powerdns.com"));
/* we don't _really_ need to add the proof that the exact name does not exist because it does,
it's the wildcard itself, but let's do it so other validators don't choke on it */
- addNSECRecordToLW(DNSName("*.powerdns.com."), DNSName("wwz.powerdns.com."), { QType::A, QType::NSEC, QType::RRSIG }, 600, res->d_records);
+ addNSECRecordToLW(DNSName("*.powerdns.com."), DNSName("wwz.powerdns.com."), {QType::A, QType::NSEC, QType::RRSIG}, 600, res->d_records);
addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300, false, boost::none, DNSName("*.powerdns.com"));
return 1;
}
BOOST_REQUIRE_EQUAL(ret.size(), 4U);
}
-BOOST_AUTO_TEST_CASE(test_dnssec_validation_wildcard_like_expanded_from_wildcard) {
+BOOST_AUTO_TEST_CASE(test_dnssec_validation_wildcard_like_expanded_from_wildcard)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr, true);
g_luaconfs.setState(luaconfsCopy);
- sr->setAsyncCallback([target,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
-
+ sr->setAsyncCallback([target, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
if (type == QType::DS || type == QType::DNSKEY) {
if (domain == target) {
const auto auth = DNSName("powerdns.com.");
setLWResult(res, 0, true, false, true);
addRecordToLW(res, auth, QType::SOA, "foo. bar. 2017032800 1800 900 604800 86400", DNSResourceRecord::AUTHORITY, 86400);
addRRSIG(keys, res->d_records, auth, 300);
- addNSECRecordToLW(DNSName("*.powerdns.com."), DNSName("wwz.powerdns.com."), { QType::A, QType::NSEC, QType::RRSIG }, 600, res->d_records);
+ addNSECRecordToLW(DNSName("*.powerdns.com."), DNSName("wwz.powerdns.com."), {QType::A, QType::NSEC, QType::RRSIG}, 600, res->d_records);
addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300, false, boost::none, DNSName("*.powerdns.com"));
return 1;
}
addRecordToLW(res, auth, QType::SOA, "foo. bar. 2017032800 1800 900 604800 86400", DNSResourceRecord::AUTHORITY, 86400);
addRRSIG(keys, res->d_records, auth, 300);
/* add a NSEC denying the DS */
- addNSECRecordToLW(DNSName("*.powerdns.com."), DNSName("wwz.powerdns.com."), { QType::A, QType::NSEC, QType::RRSIG }, 600, res->d_records);
+ addNSECRecordToLW(DNSName("*.powerdns.com."), DNSName("wwz.powerdns.com."), {QType::A, QType::NSEC, QType::RRSIG}, 600, res->d_records);
addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300, false, boost::none, DNSName("*.powerdns.com"));
return 1;
}
setLWResult(res, 0, true, false, true);
addRecordToLW(res, domain, QType::A, "192.0.2.42");
addRRSIG(keys, res->d_records, DNSName("powerdns.com."), 300, false, boost::none, DNSName("*.powerdns.com"));
- addNSECRecordToLW(DNSName("*.powerdns.com."), DNSName("wwz.powerdns.com."), { QType::A, QType::NSEC, QType::RRSIG }, 600, res->d_records);
+ addNSECRecordToLW(DNSName("*.powerdns.com."), DNSName("wwz.powerdns.com."), {QType::A, QType::NSEC, QType::RRSIG}, 600, res->d_records);
addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300, false, boost::none, DNSName("*.powerdns.com"));
return 1;
}
BOOST_AUTO_TEST_SUITE(syncres_cc6)
-BOOST_AUTO_TEST_CASE(test_dnssec_no_ds_on_referral_secure) {
+BOOST_AUTO_TEST_CASE(test_dnssec_no_ds_on_referral_secure)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr, true);
size_t queriesCount = 0;
size_t dsQueriesCount = 0;
- sr->setAsyncCallback([target,&queriesCount,&dsQueriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
- queriesCount++;
+ sr->setAsyncCallback([target, &queriesCount, &dsQueriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queriesCount++;
- if (type == QType::DS) {
- DNSName auth(domain);
- auth.chopOff();
- dsQueriesCount++;
+ if (type == QType::DS) {
+ DNSName auth(domain);
+ auth.chopOff();
+ dsQueriesCount++;
- if (domain == target) {
- if (genericDSAndDNSKEYHandler(res, domain, auth, type, keys, false) == 0) {
- return 0;
- }
- return 1;
+ if (domain == target) {
+ if (genericDSAndDNSKEYHandler(res, domain, auth, type, keys, false) == 0) {
+ return 0;
}
-
- setLWResult(res, 0, true, false, true);
- addDS(domain, 300, res->d_records, keys, DNSResourceRecord::ANSWER);
- addRRSIG(keys, res->d_records, auth, 300);
return 1;
}
- else if (type == QType::DNSKEY) {
- setLWResult(res, 0, true, false, true);
- addDNSKEY(keys, domain, 300, res->d_records);
- addRRSIG(keys, res->d_records, domain, 300);
+
+ setLWResult(res, 0, true, false, true);
+ addDS(domain, 300, res->d_records, keys, DNSResourceRecord::ANSWER);
+ addRRSIG(keys, res->d_records, auth, 300);
+ return 1;
+ }
+ else if (type == QType::DNSKEY) {
+ setLWResult(res, 0, true, false, true);
+ addDNSKEY(keys, domain, 300, res->d_records);
+ addRRSIG(keys, res->d_records, domain, 300);
+ return 1;
+ }
+ else {
+ if (isRootServer(ip)) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600);
+ addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
+ /* No DS on referral, and no denial of the DS either */
return 1;
}
- else {
- if (isRootServer(ip)) {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600);
+ else if (ip == ComboAddress("192.0.2.1:53")) {
+ if (domain == DNSName("com.")) {
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com.");
+ addRRSIG(keys, res->d_records, domain, 300);
addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
+ addRRSIG(keys, res->d_records, domain, 300);
+ }
+ else {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, "powerdns.com.", QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600);
+ addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
/* No DS on referral, and no denial of the DS either */
- return 1;
}
- else if (ip == ComboAddress("192.0.2.1:53")) {
- if (domain == DNSName("com.")) {
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com.");
- addRRSIG(keys, res->d_records, domain, 300);
- addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- addRRSIG(keys, res->d_records, domain, 300);
- }
- else {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, "powerdns.com.", QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600);
+ return 1;
+ }
+ else if (ip == ComboAddress("192.0.2.2:53")) {
+ setLWResult(res, 0, true, false, true);
+ if (type == QType::NS) {
+ if (domain == DNSName("powerdns.com.")) {
+ addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.");
+ addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300);
addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
- /* No DS on referral, and no denial of the DS either */
- }
- return 1;
- }
- else if (ip == ComboAddress("192.0.2.2:53")) {
- setLWResult(res, 0, true, false, true);
- if (type == QType::NS) {
- if (domain == DNSName("powerdns.com.")) {
- addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.");
- addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300);
- addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
- addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300);
- }
- else {
- addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
- addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300);
- addNSECRecordToLW(DNSName("www.powerdns.com."), DNSName("wwz.powerdns.com."), { QType::A, QType::NSEC, QType::RRSIG }, 600, res->d_records);
- addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300);
- }
+ addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300);
}
else {
- addRecordToLW(res, domain, QType::A, "192.0.2.42");
+ addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
+ addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300);
+ addNSECRecordToLW(DNSName("www.powerdns.com."), DNSName("wwz.powerdns.com."), {QType::A, QType::NSEC, QType::RRSIG}, 600, res->d_records);
addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300);
}
-
- return 1;
}
+ else {
+ addRecordToLW(res, domain, QType::A, "192.0.2.42");
+ addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300);
+ }
+
+ return 1;
}
+ }
- return 0;
- });
+ return 0;
+ });
vector<DNSRecord> ret;
int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret);
BOOST_CHECK_EQUAL(dsQueriesCount, 3U);
}
-BOOST_AUTO_TEST_CASE(test_dnssec_ds_sign_loop) {
+BOOST_AUTO_TEST_CASE(test_dnssec_ds_sign_loop)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr, true);
size_t queriesCount = 0;
- sr->setAsyncCallback([target,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
- queriesCount++;
+ sr->setAsyncCallback([target, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queriesCount++;
- if (type == QType::DS) {
- DNSName auth(domain);
- auth.chopOff();
+ if (type == QType::DS) {
+ DNSName auth(domain);
+ auth.chopOff();
- setLWResult(res, 0, true, false, true);
- if (domain == target) {
- addDS(domain, 300, res->d_records, keys, DNSResourceRecord::ANSWER);
+ setLWResult(res, 0, true, false, true);
+ if (domain == target) {
+ addDS(domain, 300, res->d_records, keys, DNSResourceRecord::ANSWER);
+ addRRSIG(keys, res->d_records, domain, 300);
+ }
+ else {
+ addDS(domain, 300, res->d_records, keys, DNSResourceRecord::ANSWER);
+ addRRSIG(keys, res->d_records, auth, 300);
+ }
+ return 1;
+ }
+ else if (type == QType::DNSKEY) {
+ setLWResult(res, 0, true, false, true);
+ addDNSKEY(keys, domain, 300, res->d_records);
+ addRRSIG(keys, res->d_records, domain, 300);
+ return 1;
+ }
+ else {
+ if (isRootServer(ip)) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600);
+ addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
+ addDS(DNSName("com."), 300, res->d_records, keys);
+ addRRSIG(keys, res->d_records, DNSName("."), 300);
+ return 1;
+ }
+ else if (ip == ComboAddress("192.0.2.1:53")) {
+ if (domain == DNSName("com.")) {
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com.");
+ addRRSIG(keys, res->d_records, domain, 300);
+ addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
addRRSIG(keys, res->d_records, domain, 300);
}
else {
- addDS(domain, 300, res->d_records, keys, DNSResourceRecord::ANSWER);
- addRRSIG(keys, res->d_records, auth, 300);
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, "powerdns.com.", QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600);
+ /* no DS */
+ addNSECRecordToLW(domain, DNSName("z.powerdns.com."), {QType::NS}, 600, res->d_records);
+ addRRSIG(keys, res->d_records, DNSName("com."), 300);
+ addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
}
return 1;
}
- else if (type == QType::DNSKEY) {
- setLWResult(res, 0, true, false, true);
- addDNSKEY(keys, domain, 300, res->d_records);
- addRRSIG(keys, res->d_records, domain, 300);
- return 1;
- }
- else {
- if (isRootServer(ip)) {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600);
- addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- addDS(DNSName("com."), 300, res->d_records, keys);
- addRRSIG(keys, res->d_records, DNSName("."), 300);
- return 1;
- }
- else if (ip == ComboAddress("192.0.2.1:53")) {
- if (domain == DNSName("com.")) {
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com.");
- addRRSIG(keys, res->d_records, domain, 300);
- addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- addRRSIG(keys, res->d_records, domain, 300);
- }
- else {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, "powerdns.com.", QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600);
- /* no DS */
- addNSECRecordToLW(domain, DNSName("z.powerdns.com."), { QType::NS }, 600, res->d_records);
- addRRSIG(keys, res->d_records, DNSName("com."), 300);
- addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
- }
- return 1;
- }
- else if (ip == ComboAddress("192.0.2.2:53")) {
- if (type == QType::NS) {
- if (domain == DNSName("powerdns.com.")) {
- setLWResult(res, RCode::Refused, false, false, true);
- }
- else {
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.");
- addRRSIG(keys, res->d_records, domain, 300);
- addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
- addRRSIG(keys, res->d_records, domain, 300);
- }
+ else if (ip == ComboAddress("192.0.2.2:53")) {
+ if (type == QType::NS) {
+ if (domain == DNSName("powerdns.com.")) {
+ setLWResult(res, RCode::Refused, false, false, true);
}
else {
setLWResult(res, 0, true, false, true);
- addRecordToLW(res, domain, QType::A, "192.0.2.42");
- addRRSIG(keys, res->d_records, DNSName("www.powerdns.com"), 300);
+ addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.");
+ addRRSIG(keys, res->d_records, domain, 300);
+ addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
+ addRRSIG(keys, res->d_records, domain, 300);
}
-
- return 1;
}
+ else {
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, domain, QType::A, "192.0.2.42");
+ addRRSIG(keys, res->d_records, DNSName("www.powerdns.com"), 300);
+ }
+
+ return 1;
}
+ }
- return 0;
- });
+ return 0;
+ });
vector<DNSRecord> ret;
int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret);
BOOST_CHECK_EQUAL(queriesCount, 8U);
}
-BOOST_AUTO_TEST_CASE(test_dnssec_dnskey_signed_child) {
+BOOST_AUTO_TEST_CASE(test_dnssec_dnskey_signed_child)
+{
/* check that we don't accept a signer below us */
std::unique_ptr<SyncRes> sr;
initSR(sr, true);
size_t queriesCount = 0;
- sr->setAsyncCallback([target,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
- queriesCount++;
-
- if (type == QType::DS) {
- DNSName auth(domain);
- auth.chopOff();
-
- setLWResult(res, 0, true, false, true);
- addDS(domain, 300, res->d_records, keys, DNSResourceRecord::ANSWER);
- addRRSIG(keys, res->d_records, auth, 300);
+ sr->setAsyncCallback([target, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queriesCount++;
+
+ if (type == QType::DS) {
+ DNSName auth(domain);
+ auth.chopOff();
+
+ setLWResult(res, 0, true, false, true);
+ addDS(domain, 300, res->d_records, keys, DNSResourceRecord::ANSWER);
+ addRRSIG(keys, res->d_records, auth, 300);
+ return 1;
+ }
+ else if (type == QType::DNSKEY) {
+ setLWResult(res, 0, true, false, true);
+ addDNSKEY(keys, domain, 300, res->d_records);
+ if (domain == DNSName("www.powerdns.com.")) {
+ addRRSIG(keys, res->d_records, DNSName("sub.www.powerdns.com."), 300);
+ }
+ else {
+ addRRSIG(keys, res->d_records, domain, 300);
+ }
+ return 1;
+ }
+ else {
+ if (isRootServer(ip)) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600);
+ addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
+ addDS(DNSName("com."), 300, res->d_records, keys);
+ addRRSIG(keys, res->d_records, DNSName("."), 300);
return 1;
}
- else if (type == QType::DNSKEY) {
- setLWResult(res, 0, true, false, true);
- addDNSKEY(keys, domain, 300, res->d_records);
- if (domain == DNSName("www.powerdns.com.")) {
- addRRSIG(keys, res->d_records, DNSName("sub.www.powerdns.com."), 300);
+ else if (ip == ComboAddress("192.0.2.1:53")) {
+ if (domain == DNSName("com.")) {
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com.");
+ addRRSIG(keys, res->d_records, domain, 300);
+ addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
+ addRRSIG(keys, res->d_records, domain, 300);
}
else {
- addRRSIG(keys, res->d_records, domain, 300);
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, "powerdns.com.", QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600);
+ addDS(DNSName("powerdns.com."), 300, res->d_records, keys);
+ addRRSIG(keys, res->d_records, DNSName("com."), 300);
+ addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
}
return 1;
}
- else {
- if (isRootServer(ip)) {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600);
- addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- addDS(DNSName("com."), 300, res->d_records, keys);
- addRRSIG(keys, res->d_records, DNSName("."), 300);
- return 1;
+ else if (ip == ComboAddress("192.0.2.2:53")) {
+ if (type == QType::NS) {
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.");
+ addRRSIG(keys, res->d_records, domain, 300);
+ addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
+ addRRSIG(keys, res->d_records, domain, 300);
}
- else if (ip == ComboAddress("192.0.2.1:53")) {
- if (domain == DNSName("com.")) {
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com.");
- addRRSIG(keys, res->d_records, domain, 300);
- addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- addRRSIG(keys, res->d_records, domain, 300);
- }
- else {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, "powerdns.com.", QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600);
- addDS(DNSName("powerdns.com."), 300, res->d_records, keys);
- addRRSIG(keys, res->d_records, DNSName("com."), 300);
- addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
- }
- return 1;
+ else {
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, domain, QType::A, "192.0.2.42");
+ addRRSIG(keys, res->d_records, domain, 300);
}
- else if (ip == ComboAddress("192.0.2.2:53")) {
- if (type == QType::NS) {
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.");
- addRRSIG(keys, res->d_records, domain, 300);
- addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
- addRRSIG(keys, res->d_records, domain, 300);
- }
- else {
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, domain, QType::A, "192.0.2.42");
- addRRSIG(keys, res->d_records, domain, 300);
- }
- return 1;
- }
+ return 1;
}
+ }
- return 0;
- });
+ return 0;
+ });
vector<DNSRecord> ret;
int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret);
BOOST_CHECK_EQUAL(queriesCount, 10U);
}
-BOOST_AUTO_TEST_CASE(test_dnssec_no_ds_on_referral_insecure) {
+BOOST_AUTO_TEST_CASE(test_dnssec_no_ds_on_referral_insecure)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr, true);
size_t queriesCount = 0;
size_t dsQueriesCount = 0;
- sr->setAsyncCallback([target,&queriesCount,&dsQueriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
- queriesCount++;
+ sr->setAsyncCallback([target, &queriesCount, &dsQueriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queriesCount++;
- if (type == QType::DS) {
- DNSName auth(domain);
- auth.chopOff();
- dsQueriesCount++;
+ if (type == QType::DS) {
+ DNSName auth(domain);
+ auth.chopOff();
+ dsQueriesCount++;
- setLWResult(res, 0, true, false, true);
+ setLWResult(res, 0, true, false, true);
+ if (domain == DNSName("com.")) {
+ addDS(domain, 300, res->d_records, keys, DNSResourceRecord::ANSWER);
+ }
+ else {
+ addRecordToLW(res, "com.", QType::SOA, "a.gtld-servers.com. hostmastercom. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
+ addRRSIG(keys, res->d_records, DNSName("com."), 300);
+ addNSECRecordToLW(domain, DNSName("powerdnt.com."), {QType::NS}, 600, res->d_records);
+ }
+ addRRSIG(keys, res->d_records, auth, 300);
+ return 1;
+ }
+ else if (type == QType::DNSKEY) {
+ setLWResult(res, 0, true, false, true);
+ addDNSKEY(keys, domain, 300, res->d_records);
+ addRRSIG(keys, res->d_records, domain, 300);
+ return 1;
+ }
+ else {
+ if (isRootServer(ip)) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600);
+ addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
+ /* No DS on referral, and no denial of the DS either */
+ return 1;
+ }
+ else if (ip == ComboAddress("192.0.2.1:53")) {
if (domain == DNSName("com.")) {
- addDS(domain, 300, res->d_records, keys, DNSResourceRecord::ANSWER);
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com.");
+ addRRSIG(keys, res->d_records, domain, 300);
+ addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
+ addRRSIG(keys, res->d_records, domain, 300);
}
else {
- addRecordToLW(res, "com.", QType::SOA, "a.gtld-servers.com. hostmastercom. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
- addRRSIG(keys, res->d_records, DNSName("com."), 300);
- addNSECRecordToLW(domain, DNSName("powerdnt.com."), { QType::NS }, 600, res->d_records);
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, "powerdns.com.", QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600);
+ addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
+ /* No DS on referral, and no denial of the DS either */
}
- addRRSIG(keys, res->d_records, auth, 300);
return 1;
}
- else if (type == QType::DNSKEY) {
+ else if (ip == ComboAddress("192.0.2.2:53")) {
setLWResult(res, 0, true, false, true);
- addDNSKEY(keys, domain, 300, res->d_records);
- addRRSIG(keys, res->d_records, domain, 300);
- return 1;
- }
- else {
- if (isRootServer(ip)) {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600);
- addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- /* No DS on referral, and no denial of the DS either */
- return 1;
- }
- else if (ip == ComboAddress("192.0.2.1:53")) {
- if (domain == DNSName("com.")) {
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com.");
- addRRSIG(keys, res->d_records, domain, 300);
- addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- addRRSIG(keys, res->d_records, domain, 300);
- }
- else {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, "powerdns.com.", QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600);
+ if (type == QType::NS) {
+ if (domain == DNSName("powerdns.com.")) {
+ addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.");
addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
- /* No DS on referral, and no denial of the DS either */
- }
- return 1;
- }
- else if (ip == ComboAddress("192.0.2.2:53")) {
- setLWResult(res, 0, true, false, true);
- if (type == QType::NS) {
- if (domain == DNSName("powerdns.com.")) {
- addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.");
- addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
- }
- else {
- addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
- }
}
else {
- addRecordToLW(res, domain, QType::A, "192.0.2.42");
+ addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
}
- return 1;
}
+ else {
+ addRecordToLW(res, domain, QType::A, "192.0.2.42");
+ }
+ return 1;
}
+ }
- return 0;
- });
+ return 0;
+ });
vector<DNSRecord> ret;
int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret);
BOOST_CHECK_EQUAL(dsQueriesCount, 2U);
}
-BOOST_AUTO_TEST_CASE(test_dnssec_validation_bogus_unsigned_nsec) {
+BOOST_AUTO_TEST_CASE(test_dnssec_validation_bogus_unsigned_nsec)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr, true);
size_t queriesCount = 0;
- sr->setAsyncCallback([target,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
- queriesCount++;
-
- if (type == QType::DS || type == QType::DNSKEY) {
- return genericDSAndDNSKEYHandler(res, domain, domain, type, keys);
+ sr->setAsyncCallback([target, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queriesCount++;
+
+ if (type == QType::DS || type == QType::DNSKEY) {
+ return genericDSAndDNSKEYHandler(res, domain, domain, type, keys);
+ }
+ else {
+ if (isRootServer(ip)) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600);
+ addDS(DNSName("com."), 300, res->d_records, keys);
+ addRRSIG(keys, res->d_records, DNSName("."), 300);
+ addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
+ return 1;
}
- else {
- if (isRootServer(ip)) {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600);
- addDS(DNSName("com."), 300, res->d_records, keys);
- addRRSIG(keys, res->d_records, DNSName("."), 300);
+ else if (ip == ComboAddress("192.0.2.1:53")) {
+ if (domain == DNSName("com.")) {
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, DNSName("com."), QType::NS, "a.gtld-servers.com.");
+ addRRSIG(keys, res->d_records, DNSName("com."), 300);
addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- return 1;
}
- else if (ip == ComboAddress("192.0.2.1:53")) {
- if (domain == DNSName("com.")) {
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, DNSName("com."), QType::NS, "a.gtld-servers.com.");
- addRRSIG(keys, res->d_records, DNSName("com."), 300);
- addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- }
- else {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600);
- addDS(domain, 300, res->d_records, keys);
- addRRSIG(keys, res->d_records, DNSName("com."), 300);
- addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
- }
- return 1;
+ else {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600);
+ addDS(domain, 300, res->d_records, keys);
+ addRRSIG(keys, res->d_records, DNSName("com."), 300);
+ addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
}
- else if (ip == ComboAddress("192.0.2.2:53")) {
- setLWResult(res, 0, true, false, true);
- if (type == QType::NS) {
- addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.");
- addRRSIG(keys, res->d_records, domain, 300);
- }
- else {
- addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
- addRRSIG(keys, res->d_records, domain, 300);
- addNSECRecordToLW(domain, DNSName("z.powerdns.com."), { QType::NS, QType::DNSKEY }, 600, res->d_records);
- /* NO RRSIG for the NSEC record! */
- }
- return 1;
+ return 1;
+ }
+ else if (ip == ComboAddress("192.0.2.2:53")) {
+ setLWResult(res, 0, true, false, true);
+ if (type == QType::NS) {
+ addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.");
+ addRRSIG(keys, res->d_records, domain, 300);
}
+ else {
+ addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
+ addRRSIG(keys, res->d_records, domain, 300);
+ addNSECRecordToLW(domain, DNSName("z.powerdns.com."), {QType::NS, QType::DNSKEY}, 600, res->d_records);
+ /* NO RRSIG for the NSEC record! */
+ }
+ return 1;
}
+ }
- return 0;
- });
+ return 0;
+ });
/* NSEC record without the corresponding RRSIG in a secure zone, should be Bogus! */
vector<DNSRecord> ret;
BOOST_CHECK_EQUAL(queriesCount, 8U);
}
-BOOST_AUTO_TEST_CASE(test_dnssec_validation_bogus_no_nsec) {
+BOOST_AUTO_TEST_CASE(test_dnssec_validation_bogus_no_nsec)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr, true);
size_t queriesCount = 0;
- sr->setAsyncCallback([target,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
- queriesCount++;
-
- if (type == QType::DS || type == QType::DNSKEY) {
- return genericDSAndDNSKEYHandler(res, domain, domain, type, keys);
+ sr->setAsyncCallback([target, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queriesCount++;
+
+ if (type == QType::DS || type == QType::DNSKEY) {
+ return genericDSAndDNSKEYHandler(res, domain, domain, type, keys);
+ }
+ else {
+ if (isRootServer(ip)) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600);
+ addDS(DNSName("com."), 300, res->d_records, keys);
+ addRRSIG(keys, res->d_records, DNSName("."), 300);
+ addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
+ return 1;
}
- else {
- if (isRootServer(ip)) {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600);
- addDS(DNSName("com."), 300, res->d_records, keys);
- addRRSIG(keys, res->d_records, DNSName("."), 300);
+ else if (ip == ComboAddress("192.0.2.1:53")) {
+ if (domain == DNSName("com.")) {
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, DNSName("com."), QType::NS, "a.gtld-servers.com.");
+ addRRSIG(keys, res->d_records, DNSName("com."), 300);
addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- return 1;
}
- else if (ip == ComboAddress("192.0.2.1:53")) {
- if (domain == DNSName("com.")) {
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, DNSName("com."), QType::NS, "a.gtld-servers.com.");
- addRRSIG(keys, res->d_records, DNSName("com."), 300);
- addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- }
- else {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600);
- addDS(domain, 300, res->d_records, keys);
- addRRSIG(keys, res->d_records, DNSName("com."), 300);
- addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
- }
- return 1;
+ else {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600);
+ addDS(domain, 300, res->d_records, keys);
+ addRRSIG(keys, res->d_records, DNSName("com."), 300);
+ addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
}
- else if (ip == ComboAddress("192.0.2.2:53")) {
- setLWResult(res, 0, true, false, true);
- if (type == QType::NS) {
- addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.");
- addRRSIG(keys, res->d_records, domain, 300);
- }
- else {
- addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
- addRRSIG(keys, res->d_records, domain, 300);
+ return 1;
+ }
+ else if (ip == ComboAddress("192.0.2.2:53")) {
+ setLWResult(res, 0, true, false, true);
+ if (type == QType::NS) {
+ addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.");
+ addRRSIG(keys, res->d_records, domain, 300);
+ }
+ else {
+ addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
+ addRRSIG(keys, res->d_records, domain, 300);
- /* NO NSEC record! */
- }
- return 1;
+ /* NO NSEC record! */
}
+ return 1;
}
+ }
- return 0;
- });
+ return 0;
+ });
/* no NSEC record in a secure zone, should be Bogus! */
vector<DNSRecord> ret;
BOOST_CHECK_EQUAL(queriesCount, 8U);
}
-BOOST_AUTO_TEST_CASE(test_dnssec_secure_to_insecure) {
+BOOST_AUTO_TEST_CASE(test_dnssec_secure_to_insecure)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr, true);
size_t queriesCount = 0;
- sr->setAsyncCallback([target,targetAddr,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
- queriesCount++;
+ sr->setAsyncCallback([target, targetAddr, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queriesCount++;
- if (type == QType::DS) {
- if (domain == target) {
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
- addRRSIG(keys, res->d_records, DNSName("com."), 300);
- addNSECRecordToLW(domain, DNSName("z.powerdns.com."), { QType::NS }, 600, res->d_records);
- addRRSIG(keys, res->d_records, DNSName("com."), 300);
- return 1;
- } else {
- return genericDSAndDNSKEYHandler(res, domain, domain, type, keys);
- }
+ if (type == QType::DS) {
+ if (domain == target) {
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
+ addRRSIG(keys, res->d_records, DNSName("com."), 300);
+ addNSECRecordToLW(domain, DNSName("z.powerdns.com."), {QType::NS}, 600, res->d_records);
+ addRRSIG(keys, res->d_records, DNSName("com."), 300);
+ return 1;
}
- else if (type == QType::DNSKEY) {
- if (domain == g_rootdnsname || domain == DNSName("com.")) {
+ else {
+ return genericDSAndDNSKEYHandler(res, domain, domain, type, keys);
+ }
+ }
+ else if (type == QType::DNSKEY) {
+ if (domain == g_rootdnsname || domain == DNSName("com.")) {
+ setLWResult(res, 0, true, false, true);
+ addDNSKEY(keys, domain, 300, res->d_records);
+ addRRSIG(keys, res->d_records, domain, 300);
+ return 1;
+ }
+ else {
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
+ return 1;
+ }
+ }
+ else {
+ if (isRootServer(ip)) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600);
+ addDS(DNSName("com."), 300, res->d_records, keys);
+ addRRSIG(keys, res->d_records, DNSName("."), 300);
+ addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
+ return 1;
+ }
+ else if (ip == ComboAddress("192.0.2.1:53")) {
+ if (domain == DNSName("com.")) {
setLWResult(res, 0, true, false, true);
- addDNSKEY(keys, domain, 300, res->d_records);
- addRRSIG(keys, res->d_records, domain, 300);
- return 1;
+ addRecordToLW(res, DNSName("com."), QType::NS, "a.gtld-servers.com.");
+ addRRSIG(keys, res->d_records, DNSName("com."), 300);
+ addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
}
else {
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
- return 1;
- }
- }
- else {
- if (isRootServer(ip)) {
setLWResult(res, 0, false, false, true);
- addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600);
- addDS(DNSName("com."), 300, res->d_records, keys);
- addRRSIG(keys, res->d_records, DNSName("."), 300);
- addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- return 1;
+ addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600);
+ /* no DS */
+ addNSECRecordToLW(domain, DNSName("z.powerdns.com."), {QType::NS}, 600, res->d_records);
+ addRRSIG(keys, res->d_records, DNSName("com."), 300);
+ addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
}
- else if (ip == ComboAddress("192.0.2.1:53")) {
- if (domain == DNSName("com.")) {
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, DNSName("com."), QType::NS, "a.gtld-servers.com.");
- addRRSIG(keys, res->d_records, DNSName("com."), 300);
- addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- }
- else {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600);
- /* no DS */
- addNSECRecordToLW(domain, DNSName("z.powerdns.com."), { QType::NS }, 600, res->d_records);
- addRRSIG(keys, res->d_records, DNSName("com."), 300);
- addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
- }
- return 1;
+ return 1;
+ }
+ else if (ip == ComboAddress("192.0.2.2:53")) {
+ setLWResult(res, 0, true, false, true);
+ if (type == QType::NS) {
+ addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.");
}
- else if (ip == ComboAddress("192.0.2.2:53")) {
- setLWResult(res, 0, true, false, true);
- if (type == QType::NS) {
- addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.");
- }
- else {
- addRecordToLW(res, domain, QType::A, targetAddr.toString());
- }
- return 1;
+ else {
+ addRecordToLW(res, domain, QType::A, targetAddr.toString());
}
+ return 1;
}
+ }
- return 0;
- });
+ return 0;
+ });
vector<DNSRecord> ret;
int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret);
BOOST_CHECK_EQUAL(queriesCount, 7U);
}
-
-BOOST_AUTO_TEST_CASE(test_dnssec_secure_direct_ds) {
+BOOST_AUTO_TEST_CASE(test_dnssec_secure_direct_ds)
+{
/*
Direct DS query:
- parent is secure, zone is secure: DS should be secure
size_t queriesCount = 0;
- sr->setAsyncCallback([target,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
- queriesCount++;
-
- if (type == QType::DS || type == QType::DNSKEY) {
- return genericDSAndDNSKEYHandler(res, domain, domain, type, keys);
- }
- else {
- if (isRootServer(ip)) {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600);
- addDS(DNSName("com."), 300, res->d_records, keys);
- addRRSIG(keys, res->d_records, DNSName("."), 300);
- addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- return 1;
- }
+ sr->setAsyncCallback([target, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queriesCount++;
+
+ if (type == QType::DS || type == QType::DNSKEY) {
+ return genericDSAndDNSKEYHandler(res, domain, domain, type, keys);
+ }
+ else {
+ if (isRootServer(ip)) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600);
+ addDS(DNSName("com."), 300, res->d_records, keys);
+ addRRSIG(keys, res->d_records, DNSName("."), 300);
+ addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
+ return 1;
}
+ }
- return 0;
- });
+ return 0;
+ });
vector<DNSRecord> ret;
int res = sr->beginResolve(target, QType(QType::DS), QClass::IN, ret);
BOOST_CHECK_EQUAL(queriesCount, 4U);
}
-BOOST_AUTO_TEST_CASE(test_dnssec_insecure_direct_ds) {
+BOOST_AUTO_TEST_CASE(test_dnssec_insecure_direct_ds)
+{
/*
Direct DS query:
- parent is secure, zone is insecure: DS denial should be secure
size_t queriesCount = 0;
- sr->setAsyncCallback([target,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
- queriesCount++;
-
- if (type == QType::DS || type == QType::DNSKEY) {
- return genericDSAndDNSKEYHandler(res, domain, domain, type, keys);
- }
- else {
- if (isRootServer(ip)) {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600);
- addDS(DNSName("com."), 300, res->d_records, keys);
- addRRSIG(keys, res->d_records, DNSName("."), 300);
- addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- return 1;
- }
+ sr->setAsyncCallback([target, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queriesCount++;
+
+ if (type == QType::DS || type == QType::DNSKEY) {
+ return genericDSAndDNSKEYHandler(res, domain, domain, type, keys);
+ }
+ else {
+ if (isRootServer(ip)) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600);
+ addDS(DNSName("com."), 300, res->d_records, keys);
+ addRRSIG(keys, res->d_records, DNSName("."), 300);
+ addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
+ return 1;
}
+ }
- return 0;
- });
+ return 0;
+ });
vector<DNSRecord> ret;
int res = sr->beginResolve(target, QType(QType::DS), QClass::IN, ret);
BOOST_CHECK_EQUAL(queriesCount, 4U);
}
-BOOST_AUTO_TEST_CASE(test_dnssec_secure_to_insecure_skipped_cut) {
+BOOST_AUTO_TEST_CASE(test_dnssec_secure_to_insecure_skipped_cut)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr, true);
size_t queriesCount = 0;
- sr->setAsyncCallback([target,targetAddr,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
- queriesCount++;
+ sr->setAsyncCallback([target, targetAddr, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queriesCount++;
- if (type == QType::DS) {
- if (domain == DNSName("sub.powerdns.com.")) {
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
- addRRSIG(keys, res->d_records, DNSName("powerdns.com."), 300);
- addNSECRecordToLW(domain, DNSName("z.powerdns.com."), { QType::NS }, 600, res->d_records);
- addRRSIG(keys, res->d_records, DNSName("powerdns.com."), 300);
- return 1;
- }
- else if (domain == DNSName("www.sub.powerdns.com.")) {
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, DNSName("sub.powerdns.com."), QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
- return 1;
- }
- else {
- return genericDSAndDNSKEYHandler(res, domain, domain, type, keys);
- }
+ if (type == QType::DS) {
+ if (domain == DNSName("sub.powerdns.com.")) {
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
+ addRRSIG(keys, res->d_records, DNSName("powerdns.com."), 300);
+ addNSECRecordToLW(domain, DNSName("z.powerdns.com."), {QType::NS}, 600, res->d_records);
+ addRRSIG(keys, res->d_records, DNSName("powerdns.com."), 300);
+ return 1;
+ }
+ else if (domain == DNSName("www.sub.powerdns.com.")) {
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, DNSName("sub.powerdns.com."), QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
+ return 1;
+ }
+ else {
+ return genericDSAndDNSKEYHandler(res, domain, domain, type, keys);
+ }
+ }
+ else if (type == QType::DNSKEY) {
+ if (domain == g_rootdnsname || domain == DNSName("com.") || domain == DNSName("powerdns.com.")) {
+ setLWResult(res, 0, true, false, true);
+ addDNSKEY(keys, domain, 300, res->d_records);
+ addRRSIG(keys, res->d_records, domain, 300);
+ return 1;
+ }
+ else {
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
+ return 1;
}
- else if (type == QType::DNSKEY) {
- if (domain == g_rootdnsname || domain == DNSName("com.") || domain == DNSName("powerdns.com.")) {
+ }
+ else {
+ if (isRootServer(ip)) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600);
+ addDS(DNSName("com."), 300, res->d_records, keys);
+ addRRSIG(keys, res->d_records, DNSName("."), 300);
+ addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
+ return 1;
+ }
+ else if (ip == ComboAddress("192.0.2.1:53")) {
+ if (domain == DNSName("com.")) {
setLWResult(res, 0, true, false, true);
- addDNSKEY(keys, domain, 300, res->d_records);
- addRRSIG(keys, res->d_records, domain, 300);
- return 1;
+ addRecordToLW(res, DNSName("com."), QType::NS, "a.gtld-servers.com.");
+ addRRSIG(keys, res->d_records, DNSName("com."), 300);
+ addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
}
else {
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
- return 1;
- }
- }
- else {
- if (isRootServer(ip)) {
setLWResult(res, 0, false, false, true);
- addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600);
- addDS(DNSName("com."), 300, res->d_records, keys);
- addRRSIG(keys, res->d_records, DNSName("."), 300);
- addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- return 1;
+ addRecordToLW(res, DNSName("powerdns.com."), QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600);
+ addDS(DNSName("powerdns.com."), 300, res->d_records, keys);
+ addRRSIG(keys, res->d_records, DNSName("com."), 300);
+ addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
}
- else if (ip == ComboAddress("192.0.2.1:53")) {
- if (domain == DNSName("com.")) {
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, DNSName("com."), QType::NS, "a.gtld-servers.com.");
- addRRSIG(keys, res->d_records, DNSName("com."), 300);
- addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
+ return 1;
+ }
+ else if (ip == ComboAddress("192.0.2.2:53")) {
+ setLWResult(res, 0, true, false, true);
+ if (type == QType::NS) {
+ if (domain == DNSName("www.sub.powerdns.com.")) {
+ addRecordToLW(res, DNSName("sub.powerdns.com"), QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
}
- else {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, DNSName("powerdns.com."), QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600);
- addDS(DNSName("powerdns.com."), 300, res->d_records, keys);
- addRRSIG(keys, res->d_records, DNSName("com."), 300);
- addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
+ else if (domain == DNSName("sub.powerdns.com.")) {
+ addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.");
}
- return 1;
- }
- else if (ip == ComboAddress("192.0.2.2:53")) {
- setLWResult(res, 0, true, false, true);
- if (type == QType::NS) {
- if (domain == DNSName("www.sub.powerdns.com.")) {
- addRecordToLW(res, DNSName("sub.powerdns.com"), QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
- }
- else if (domain == DNSName("sub.powerdns.com.")) {
- addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.");
- }
- else if (domain == DNSName("powerdns.com.")) {
- addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.");
- addRRSIG(keys, res->d_records, DNSName("powerdns.com."), 300);
- }
- } else {
- addRecordToLW(res, domain, QType::A, targetAddr.toString(), DNSResourceRecord::ANSWER, 3600);
+ else if (domain == DNSName("powerdns.com.")) {
+ addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.");
+ addRRSIG(keys, res->d_records, DNSName("powerdns.com."), 300);
}
- return 1;
}
+ else {
+ addRecordToLW(res, domain, QType::A, targetAddr.toString(), DNSResourceRecord::ANSWER, 3600);
+ }
+ return 1;
}
+ }
- return 0;
- });
+ return 0;
+ });
vector<DNSRecord> ret;
int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret);
BOOST_AUTO_TEST_SUITE(syncres_cc7)
-BOOST_AUTO_TEST_CASE(test_dnssec_insecure_to_ta_skipped_cut) {
+BOOST_AUTO_TEST_CASE(test_dnssec_insecure_to_ta_skipped_cut)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr, true);
size_t queriesCount = 0;
- sr->setAsyncCallback([target,targetAddr,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
- queriesCount++;
+ sr->setAsyncCallback([target, targetAddr, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queriesCount++;
- if (type == QType::DS) {
- if (domain == DNSName("www.sub.powerdns.com")) {
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, DNSName("sub.powerdns.com"), QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
- addRRSIG(keys, res->d_records, DNSName("sub.powerdns.com"), 300);
- addNSECRecordToLW(DNSName("www.sub.powerdns.com"), DNSName("vww.sub.powerdns.com."), { QType::A }, 600, res->d_records);
- addRRSIG(keys, res->d_records, DNSName("sub.powerdns.com"), 300);
+ if (type == QType::DS) {
+ if (domain == DNSName("www.sub.powerdns.com")) {
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, DNSName("sub.powerdns.com"), QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
+ addRRSIG(keys, res->d_records, DNSName("sub.powerdns.com"), 300);
+ addNSECRecordToLW(DNSName("www.sub.powerdns.com"), DNSName("vww.sub.powerdns.com."), {QType::A}, 600, res->d_records);
+ addRRSIG(keys, res->d_records, DNSName("sub.powerdns.com"), 300);
+ }
+ else {
+ setLWResult(res, 0, true, false, true);
+
+ if (domain == DNSName("com.")) {
+ addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
+ addRRSIG(keys, res->d_records, DNSName("."), 300);
+ /* no DS */
+ addNSECRecordToLW(DNSName("com."), DNSName("dom."), {QType::NS}, 600, res->d_records);
+ addRRSIG(keys, res->d_records, DNSName("."), 300);
}
else {
setLWResult(res, 0, true, false, true);
-
- if (domain == DNSName("com.")) {
- addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
- addRRSIG(keys, res->d_records, DNSName("."), 300);
- /* no DS */
- addNSECRecordToLW(DNSName("com."), DNSName("dom."), { QType::NS }, 600, res->d_records);
- addRRSIG(keys, res->d_records, DNSName("."), 300);
- }
- else {
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
- }
+ addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
}
+ }
+ return 1;
+ }
+ else if (type == QType::DNSKEY) {
+ if (domain == g_rootdnsname || domain == DNSName("sub.powerdns.com.")) {
+ setLWResult(res, 0, true, false, true);
+ addDNSKEY(keys, domain, 300, res->d_records);
+ addRRSIG(keys, res->d_records, domain, 300);
return 1;
}
- else if (type == QType::DNSKEY) {
- if (domain == g_rootdnsname || domain == DNSName("sub.powerdns.com.")) {
- setLWResult(res, 0, true, false, true);
- addDNSKEY(keys, domain, 300, res->d_records);
- addRRSIG(keys, res->d_records, domain, 300);
- return 1;
- }
+ }
+ else {
+ if (isRootServer(ip)) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600);
+ /* no DS */
+ addNSECRecordToLW(DNSName("com."), DNSName("dom."), {QType::NS}, 600, res->d_records);
+ addRRSIG(keys, res->d_records, DNSName("."), 300);
+ addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
+ return 1;
}
- else {
- if (isRootServer(ip)) {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600);
- /* no DS */
- addNSECRecordToLW(DNSName("com."), DNSName("dom."), { QType::NS }, 600, res->d_records);
- addRRSIG(keys, res->d_records, DNSName("."), 300);
+ else if (ip == ComboAddress("192.0.2.1:53")) {
+ if (domain == DNSName("com.")) {
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, DNSName("com."), QType::NS, "a.gtld-servers.com.");
addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- return 1;
}
- else if (ip == ComboAddress("192.0.2.1:53")) {
- if (domain == DNSName("com.")) {
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, DNSName("com."), QType::NS, "a.gtld-servers.com.");
- addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- }
- else if (domain.isPartOf(DNSName("powerdns.com."))) {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, DNSName("powerdns.com."), QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600);
- addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
- }
- return 1;
+ else if (domain.isPartOf(DNSName("powerdns.com."))) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, DNSName("powerdns.com."), QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600);
+ addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
}
- else if (ip == ComboAddress("192.0.2.2:53")) {
- setLWResult(res, 0, true, false, true);
- if (type == QType::NS) {
- if (domain == DNSName("www.sub.powerdns.com.")) {
- addRecordToLW(res, DNSName("sub.powerdns.com"), QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
- addRRSIG(keys, res->d_records, DNSName("sub.powerdns.com"), 300);
- addNSECRecordToLW(DNSName("www.sub.powerdns.com"), DNSName("vww.sub.powerdns.com."), { QType::A }, 600, res->d_records);
- addRRSIG(keys, res->d_records, DNSName("sub.powerdns.com"), 300);
- }
- else if (domain == DNSName("sub.powerdns.com.")) {
- addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.");
- addRRSIG(keys, res->d_records, DNSName("sub.powerdns.com."), 300);
- }
- else if (domain == DNSName("powerdns.com.")) {
- addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.");
- }
+ return 1;
+ }
+ else if (ip == ComboAddress("192.0.2.2:53")) {
+ setLWResult(res, 0, true, false, true);
+ if (type == QType::NS) {
+ if (domain == DNSName("www.sub.powerdns.com.")) {
+ addRecordToLW(res, DNSName("sub.powerdns.com"), QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
+ addRRSIG(keys, res->d_records, DNSName("sub.powerdns.com"), 300);
+ addNSECRecordToLW(DNSName("www.sub.powerdns.com"), DNSName("vww.sub.powerdns.com."), {QType::A}, 600, res->d_records);
+ addRRSIG(keys, res->d_records, DNSName("sub.powerdns.com"), 300);
}
- else if (domain == DNSName("www.sub.powerdns.com.")) {
- addRecordToLW(res, domain, QType::A, targetAddr.toString(), DNSResourceRecord::ANSWER, 3600);
+ else if (domain == DNSName("sub.powerdns.com.")) {
+ addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.");
addRRSIG(keys, res->d_records, DNSName("sub.powerdns.com."), 300);
}
- return 1;
+ else if (domain == DNSName("powerdns.com.")) {
+ addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.");
+ }
+ }
+ else if (domain == DNSName("www.sub.powerdns.com.")) {
+ addRecordToLW(res, domain, QType::A, targetAddr.toString(), DNSResourceRecord::ANSWER, 3600);
+ addRRSIG(keys, res->d_records, DNSName("sub.powerdns.com."), 300);
}
+ return 1;
}
+ }
- return 0;
- });
+ return 0;
+ });
vector<DNSRecord> ret;
int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret);
BOOST_CHECK_EQUAL(queriesCount, 7U);
}
-BOOST_AUTO_TEST_CASE(test_dnssec_secure_to_insecure_nodata) {
+BOOST_AUTO_TEST_CASE(test_dnssec_secure_to_insecure_nodata)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr, true);
size_t queriesCount = 0;
- sr->setAsyncCallback([target,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
- queriesCount++;
+ sr->setAsyncCallback([target, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queriesCount++;
- if (type == QType::DS) {
- if (domain == target) {
+ if (type == QType::DS) {
+ if (domain == target) {
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
+ addRRSIG(keys, res->d_records, DNSName("com."), 300);
+ addNSECRecordToLW(domain, DNSName("z.powerdns.com."), {QType::NS}, 600, res->d_records);
+ addRRSIG(keys, res->d_records, DNSName("com."), 300);
+ return 1;
+ }
+ else {
+ return genericDSAndDNSKEYHandler(res, domain, domain, type, keys);
+ }
+ }
+ else if (type == QType::DNSKEY) {
+ if (domain == g_rootdnsname || domain == DNSName("com.")) {
+ setLWResult(res, 0, true, false, true);
+ addDNSKEY(keys, domain, 300, res->d_records);
+ addRRSIG(keys, res->d_records, domain, 300);
+ return 1;
+ }
+ else {
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
+ return 1;
+ }
+ }
+ else {
+ if (isRootServer(ip)) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600);
+ addDS(DNSName("com."), 300, res->d_records, keys);
+ addRRSIG(keys, res->d_records, DNSName("."), 300);
+ addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
+ return 1;
+ }
+ else if (ip == ComboAddress("192.0.2.1:53")) {
+ if (domain == DNSName("com.")) {
setLWResult(res, 0, true, false, true);
- addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
+ addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com.");
addRRSIG(keys, res->d_records, DNSName("com."), 300);
- addNSECRecordToLW(domain, DNSName("z.powerdns.com."), { QType::NS }, 600, res->d_records);
+ addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
addRRSIG(keys, res->d_records, DNSName("com."), 300);
- return 1;
}
else {
- return genericDSAndDNSKEYHandler(res, domain, domain, type, keys);
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600);
+ /* no DS */
+ addNSECRecordToLW(domain, DNSName("z.powerdns.com."), {QType::NS}, 600, res->d_records);
+ addRRSIG(keys, res->d_records, DNSName("com."), 300);
+ addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
}
+ return 1;
}
- else if (type == QType::DNSKEY) {
- if (domain == g_rootdnsname || domain == DNSName("com.")) {
- setLWResult(res, 0, true, false, true);
- addDNSKEY(keys, domain, 300, res->d_records);
- addRRSIG(keys, res->d_records, domain, 300);
- return 1;
+ else if (ip == ComboAddress("192.0.2.2:53")) {
+ if (type == QType::NS) {
+ addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.");
+ addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
}
else {
setLWResult(res, 0, true, false, true);
addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
- return 1;
- }
- }
- else {
- if (isRootServer(ip)) {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600);
- addDS(DNSName("com."), 300, res->d_records, keys);
- addRRSIG(keys, res->d_records, DNSName("."), 300);
- addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- return 1;
- }
- else if (ip == ComboAddress("192.0.2.1:53")) {
- if (domain == DNSName("com.")) {
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com.");
- addRRSIG(keys, res->d_records, DNSName("com."), 300);
- addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- addRRSIG(keys, res->d_records, DNSName("com."), 300);
- }
- else {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600);
- /* no DS */
- addNSECRecordToLW(domain, DNSName("z.powerdns.com."), { QType::NS }, 600, res->d_records);
- addRRSIG(keys, res->d_records, DNSName("com."), 300);
- addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
- }
- return 1;
- }
- else if (ip == ComboAddress("192.0.2.2:53")) {
- if (type == QType::NS) {
- addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.");
- addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
- }
- else {
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
- }
- return 1;
}
+ return 1;
}
+ }
- return 0;
- });
+ return 0;
+ });
vector<DNSRecord> ret;
int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret);
BOOST_CHECK_EQUAL(queriesCount, 7U);
}
-BOOST_AUTO_TEST_CASE(test_dnssec_secure_to_insecure_cname) {
+BOOST_AUTO_TEST_CASE(test_dnssec_secure_to_insecure_cname)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr, true);
size_t queriesCount = 0;
- sr->setAsyncCallback([target,targetCName,targetCNameAddr,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
- queriesCount++;
+ sr->setAsyncCallback([target, targetCName, targetCNameAddr, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queriesCount++;
- if (type == QType::DS) {
- if (domain == targetCName) {
+ if (type == QType::DS) {
+ if (domain == targetCName) {
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
+ addRRSIG(keys, res->d_records, DNSName("com."), 300);
+ addNSECRecordToLW(domain, DNSName("z.power-dns.com."), {QType::NS}, 600, res->d_records);
+ addRRSIG(keys, res->d_records, DNSName("com."), 300);
+ return 1;
+ }
+ else {
+ return genericDSAndDNSKEYHandler(res, domain, domain, type, keys);
+ }
+ }
+ else if (type == QType::DNSKEY) {
+ if (domain == g_rootdnsname || domain == DNSName("com.") || domain == DNSName("powerdns.com.")) {
+ setLWResult(res, 0, true, false, true);
+ addDNSKEY(keys, domain, 300, res->d_records);
+ addRRSIG(keys, res->d_records, domain, 300);
+ return 1;
+ }
+ else {
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
+ return 1;
+ }
+ }
+ else {
+ if (isRootServer(ip)) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600);
+ addDS(DNSName("com."), 300, res->d_records, keys);
+ addRRSIG(keys, res->d_records, DNSName("."), 300);
+ addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
+ return 1;
+ }
+ else if (ip == ComboAddress("192.0.2.1:53")) {
+ setLWResult(res, 0, false, false, true);
+ if (domain == DNSName("com.")) {
setLWResult(res, 0, true, false, true);
- addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
+ addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com.");
addRRSIG(keys, res->d_records, DNSName("com."), 300);
- addNSECRecordToLW(domain, DNSName("z.power-dns.com."), { QType::NS }, 600, res->d_records);
+ addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
addRRSIG(keys, res->d_records, DNSName("com."), 300);
- return 1;
- }
- else {
- return genericDSAndDNSKEYHandler(res, domain, domain, type, keys);
- }
- }
- else if (type == QType::DNSKEY) {
- if (domain == g_rootdnsname || domain == DNSName("com.") || domain == DNSName("powerdns.com.")) {
- setLWResult(res, 0, true, false, true);
- addDNSKEY(keys, domain, 300, res->d_records);
- addRRSIG(keys, res->d_records, domain, 300);
- return 1;
}
else {
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
- return 1;
+ addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600);
+ if (domain == DNSName("powerdns.com.")) {
+ addDS(DNSName("powerdns.com."), 300, res->d_records, keys);
+ }
+ else if (domain == targetCName) {
+ addNSECRecordToLW(domain, DNSName("z.power-dns.com."), {QType::NS}, 600, res->d_records);
+ }
+ addRRSIG(keys, res->d_records, DNSName("com."), 300);
+ addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
}
+
+ return 1;
}
- else {
- if (isRootServer(ip)) {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600);
- addDS(DNSName("com."), 300, res->d_records, keys);
- addRRSIG(keys, res->d_records, DNSName("."), 300);
- addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- return 1;
- }
- else if (ip == ComboAddress("192.0.2.1:53")) {
- setLWResult(res, 0, false, false, true);
- if (domain == DNSName("com.")) {
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com.");
- addRRSIG(keys, res->d_records, DNSName("com."), 300);
- addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- addRRSIG(keys, res->d_records, DNSName("com."), 300);
+ else if (ip == ComboAddress("192.0.2.2:53")) {
+ setLWResult(res, 0, true, false, true);
+
+ if (type == QType::NS) {
+ addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.");
+ if (domain == DNSName("powerdns.com.")) {
+ addRRSIG(keys, res->d_records, domain, 300);
}
- else {
- addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600);
- if (domain == DNSName("powerdns.com.")) {
- addDS(DNSName("powerdns.com."), 300, res->d_records, keys);
- }
- else if (domain == targetCName) {
- addNSECRecordToLW(domain, DNSName("z.power-dns.com."), { QType::NS }, 600, res->d_records);
- }
- addRRSIG(keys, res->d_records, DNSName("com."), 300);
- addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
+ addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
+ if (domain == DNSName("powerdns.com.")) {
+ addRRSIG(keys, res->d_records, domain, 300);
}
-
- return 1;
}
- else if (ip == ComboAddress("192.0.2.2:53")) {
- setLWResult(res, 0, true, false, true);
-
- if (type == QType::NS) {
- addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.");
- if (domain == DNSName("powerdns.com.")) {
- addRRSIG(keys, res->d_records, domain, 300);
- }
- addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
- if (domain == DNSName("powerdns.com.")) {
- addRRSIG(keys, res->d_records, domain, 300);
- }
+ else {
+ if (domain == DNSName("powerdns.com.")) {
+ addRecordToLW(res, domain, QType::CNAME, targetCName.toString());
+ addRRSIG(keys, res->d_records, domain, 300);
}
- else {
- if (domain == DNSName("powerdns.com.")) {
- addRecordToLW(res, domain, QType::CNAME, targetCName.toString());
- addRRSIG(keys, res->d_records, domain, 300);
- }
- else if (domain == targetCName) {
- addRecordToLW(res, domain, QType::A, targetCNameAddr.toString());
- }
+ else if (domain == targetCName) {
+ addRecordToLW(res, domain, QType::A, targetCNameAddr.toString());
}
-
- return 1;
}
+
+ return 1;
}
+ }
- return 0;
- });
+ return 0;
+ });
vector<DNSRecord> ret;
int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret);
BOOST_CHECK_EQUAL(queriesCount, 11U);
}
-BOOST_AUTO_TEST_CASE(test_dnssec_secure_to_insecure_cname_glue) {
+BOOST_AUTO_TEST_CASE(test_dnssec_secure_to_insecure_cname_glue)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr, true);
size_t queriesCount = 0;
- sr->setAsyncCallback([target,targetCName1,targetCName2,targetCName2Addr,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
- queriesCount++;
+ sr->setAsyncCallback([target, targetCName1, targetCName2, targetCName2Addr, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queriesCount++;
- if (type == QType::DS || type == QType::DNSKEY) {
- if (domain == DNSName("sub.powerdns.com")) {
+ if (type == QType::DS || type == QType::DNSKEY) {
+ if (domain == DNSName("sub.powerdns.com")) {
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
+ addRRSIG(keys, res->d_records, DNSName("com."), 300);
+ addNSECRecordToLW(domain, DNSName("z.power-dns.com."), {QType::NS}, 600, res->d_records);
+ addRRSIG(keys, res->d_records, DNSName("com."), 300);
+ return 1;
+ }
+ else {
+ return genericDSAndDNSKEYHandler(res, domain, domain, type, keys);
+ }
+ }
+ else {
+ if (isRootServer(ip)) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600);
+ addDS(DNSName("com."), 300, res->d_records, keys);
+ addRRSIG(keys, res->d_records, DNSName("."), 300);
+ addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
+ return 1;
+ }
+ else if (ip == ComboAddress("192.0.2.1:53")) {
+ setLWResult(res, 0, false, false, true);
+ if (domain == DNSName("com.")) {
setLWResult(res, 0, true, false, true);
- addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
+ addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com.");
addRRSIG(keys, res->d_records, DNSName("com."), 300);
- addNSECRecordToLW(domain, DNSName("z.power-dns.com."), { QType::NS }, 600, res->d_records);
+ addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
addRRSIG(keys, res->d_records, DNSName("com."), 300);
- return 1;
}
else {
- return genericDSAndDNSKEYHandler(res, domain, domain, type, keys);
+ addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600);
+ if (domain == DNSName("powerdns.com.")) {
+ addDS(DNSName("powerdns.com."), 300, res->d_records, keys);
+ }
+ else if (domain == DNSName("sub.powerdns.com")) {
+ addNSECRecordToLW(domain, DNSName("z.power-dns.com."), {QType::NS}, 600, res->d_records);
+ }
+ addRRSIG(keys, res->d_records, DNSName("com."), 300);
+ addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
}
+
+ return 1;
}
- else {
- if (isRootServer(ip)) {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600);
- addDS(DNSName("com."), 300, res->d_records, keys);
- addRRSIG(keys, res->d_records, DNSName("."), 300);
- addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- return 1;
- }
- else if (ip == ComboAddress("192.0.2.1:53")) {
- setLWResult(res, 0, false, false, true);
- if (domain == DNSName("com.")) {
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com.");
- addRRSIG(keys, res->d_records, DNSName("com."), 300);
- addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- addRRSIG(keys, res->d_records, DNSName("com."), 300);
+ else if (ip == ComboAddress("192.0.2.2:53")) {
+ setLWResult(res, 0, true, false, true);
+
+ if (type == QType::NS) {
+ addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.");
+ if (domain == DNSName("powerdns.com.")) {
+ addRRSIG(keys, res->d_records, domain, 300);
}
- else {
- addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600);
- if (domain == DNSName("powerdns.com.")) {
- addDS(DNSName("powerdns.com."), 300, res->d_records, keys);
- }
- else if (domain == DNSName("sub.powerdns.com")) {
- addNSECRecordToLW(domain, DNSName("z.power-dns.com."), { QType::NS }, 600, res->d_records);
- }
- addRRSIG(keys, res->d_records, DNSName("com."), 300);
- addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
+ addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
+ if (domain == DNSName("powerdns.com.")) {
+ addRRSIG(keys, res->d_records, domain, 300);
}
-
- return 1;
}
- else if (ip == ComboAddress("192.0.2.2:53")) {
- setLWResult(res, 0, true, false, true);
-
- if (type == QType::NS) {
- addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.");
- if (domain == DNSName("powerdns.com.")) {
- addRRSIG(keys, res->d_records, domain, 300);
- }
- addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
- if (domain == DNSName("powerdns.com.")) {
- addRRSIG(keys, res->d_records, domain, 300);
- }
+ else {
+ if (domain == DNSName("powerdns.com.")) {
+ addRecordToLW(res, domain, QType::CNAME, targetCName1.toString());
+ addRRSIG(keys, res->d_records, domain, 300);
+ /* add the CNAME target as a glue, with no RRSIG since the sub zone is insecure */
+ addRecordToLW(res, targetCName1, QType::CNAME, targetCName2.toString());
+ addRecordToLW(res, targetCName2, QType::A, targetCName2Addr.toString());
}
- else {
- if (domain == DNSName("powerdns.com.")) {
- addRecordToLW(res, domain, QType::CNAME, targetCName1.toString());
- addRRSIG(keys, res->d_records, domain, 300);
- /* add the CNAME target as a glue, with no RRSIG since the sub zone is insecure */
- addRecordToLW(res, targetCName1, QType::CNAME, targetCName2.toString());
- addRecordToLW(res, targetCName2, QType::A, targetCName2Addr.toString());
- }
- else if (domain == targetCName1) {
- addRecordToLW(res, domain, QType::CNAME, targetCName2.toString());
- }
- else if (domain == targetCName2) {
- addRecordToLW(res, domain, QType::A, targetCName2Addr.toString());
- }
+ else if (domain == targetCName1) {
+ addRecordToLW(res, domain, QType::CNAME, targetCName2.toString());
+ }
+ else if (domain == targetCName2) {
+ addRecordToLW(res, domain, QType::A, targetCName2Addr.toString());
}
-
- return 1;
}
+
+ return 1;
}
+ }
- return 0;
- });
+ return 0;
+ });
vector<DNSRecord> ret;
int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret);
BOOST_CHECK_EQUAL(queriesCount, 11U);
}
-BOOST_AUTO_TEST_CASE(test_dnssec_insecure_to_secure_cname) {
+BOOST_AUTO_TEST_CASE(test_dnssec_insecure_to_secure_cname)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr, true);
size_t queriesCount = 0;
- sr->setAsyncCallback([target,targetCName,targetCNameAddr,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
- queriesCount++;
+ sr->setAsyncCallback([target, targetCName, targetCNameAddr, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queriesCount++;
- if (type == QType::DS) {
- if (domain == DNSName("power-dns.com.")) {
+ if (type == QType::DS) {
+ if (domain == DNSName("power-dns.com.")) {
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
+ addRRSIG(keys, res->d_records, DNSName("com."), 300);
+ addNSECRecordToLW(domain, DNSName("z.power-dns.com."), {QType::NS}, 600, res->d_records);
+ addRRSIG(keys, res->d_records, DNSName("com."), 300);
+ return 1;
+ }
+ else {
+ return genericDSAndDNSKEYHandler(res, domain, domain, type, keys);
+ }
+ }
+ else if (type == QType::DNSKEY) {
+ if (domain == g_rootdnsname || domain == DNSName("com.") || domain == DNSName("powerdns.com.")) {
+ setLWResult(res, 0, true, false, true);
+ addDNSKEY(keys, domain, 300, res->d_records);
+ addRRSIG(keys, res->d_records, domain, 300);
+ return 1;
+ }
+ else {
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
+ return 1;
+ }
+ }
+ else {
+ if (isRootServer(ip)) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600);
+ addDS(DNSName("com."), 300, res->d_records, keys);
+ addRRSIG(keys, res->d_records, DNSName("."), 300);
+ addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
+ return 1;
+ }
+ else if (ip == ComboAddress("192.0.2.1:53")) {
+ if (domain == DNSName("com.")) {
setLWResult(res, 0, true, false, true);
- addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
+ addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com.");
addRRSIG(keys, res->d_records, DNSName("com."), 300);
- addNSECRecordToLW(domain, DNSName("z.power-dns.com."), { QType::NS }, 600, res->d_records);
+ addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
addRRSIG(keys, res->d_records, DNSName("com."), 300);
- return 1;
}
- else {
- return genericDSAndDNSKEYHandler(res, domain, domain, type, keys);
- }
- }
- else if (type == QType::DNSKEY) {
- if (domain == g_rootdnsname || domain == DNSName("com.") || domain == DNSName("powerdns.com.")) {
- setLWResult(res, 0, true, false, true);
- addDNSKEY(keys, domain, 300, res->d_records);
- addRRSIG(keys, res->d_records, domain, 300);
- return 1;
- }
- else {
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
- return 1;
- }
- }
- else {
- if (isRootServer(ip)) {
+ else if (domain == DNSName("powerdns.com.") || domain == DNSName("power-dns.com.")) {
setLWResult(res, 0, false, false, true);
- addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600);
- addDS(DNSName("com."), 300, res->d_records, keys);
- addRRSIG(keys, res->d_records, DNSName("."), 300);
- addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- return 1;
+ addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600);
+ if (domain == targetCName) {
+ addDS(DNSName("powerdns.com."), 300, res->d_records, keys);
+ }
+ else if (domain == target) {
+ addNSECRecordToLW(domain, DNSName("z.power-dns.com."), {QType::NS}, 600, res->d_records);
+ }
+ addRRSIG(keys, res->d_records, DNSName("com."), 300);
+ addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
}
- else if (ip == ComboAddress("192.0.2.1:53")) {
- if (domain == DNSName("com.")) {
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com.");
- addRRSIG(keys, res->d_records, DNSName("com."), 300);
- addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- addRRSIG(keys, res->d_records, DNSName("com."), 300);
+ return 1;
+ }
+ else if (ip == ComboAddress("192.0.2.2:53")) {
+ setLWResult(res, 0, true, false, true);
+ if (type == QType::NS) {
+ addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.");
+ if (domain == DNSName("powerdns.com.")) {
+ addRRSIG(keys, res->d_records, domain, 300);
}
- else if (domain == DNSName("powerdns.com.") || domain == DNSName("power-dns.com.")) {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600);
- if (domain == targetCName) {
- addDS(DNSName("powerdns.com."), 300, res->d_records, keys);
- }
- else if (domain == target) {
- addNSECRecordToLW(domain, DNSName("z.power-dns.com."), { QType::NS }, 600, res->d_records);
- }
- addRRSIG(keys, res->d_records, DNSName("com."), 300);
- addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
+ addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
+ if (domain == DNSName("powerdns.com.")) {
+ addRRSIG(keys, res->d_records, domain, 300);
}
- return 1;
}
- else if (ip == ComboAddress("192.0.2.2:53")) {
- setLWResult(res, 0, true, false, true);
- if (type == QType::NS) {
- addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.");
- if (domain == DNSName("powerdns.com.")) {
- addRRSIG(keys, res->d_records, domain, 300);
- }
- addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
- if (domain == DNSName("powerdns.com.")) {
- addRRSIG(keys, res->d_records, domain, 300);
- }
+ else {
+ if (domain == target) {
+ addRecordToLW(res, domain, QType::CNAME, targetCName.toString());
}
- else {
- if (domain == target) {
- addRecordToLW(res, domain, QType::CNAME, targetCName.toString());
- }
- else if (domain == targetCName) {
- addRecordToLW(res, domain, QType::A, targetCNameAddr.toString());
- addRRSIG(keys, res->d_records, domain, 300);
- }
+ else if (domain == targetCName) {
+ addRecordToLW(res, domain, QType::A, targetCNameAddr.toString());
+ addRRSIG(keys, res->d_records, domain, 300);
}
- return 1;
}
+ return 1;
}
+ }
- return 0;
- });
+ return 0;
+ });
vector<DNSRecord> ret;
int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret);
BOOST_CHECK_EQUAL(queriesCount, 11U);
}
-BOOST_AUTO_TEST_CASE(test_dnssec_bogus_to_secure_cname) {
+BOOST_AUTO_TEST_CASE(test_dnssec_bogus_to_secure_cname)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr, true);
size_t queriesCount = 0;
- sr->setAsyncCallback([target,targetCName,targetCNameAddr,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
- queriesCount++;
-
- if (type == QType::DS || type == QType::DNSKEY) {
- return genericDSAndDNSKEYHandler(res, domain, domain, type, keys);
+ sr->setAsyncCallback([target, targetCName, targetCNameAddr, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queriesCount++;
+
+ if (type == QType::DS || type == QType::DNSKEY) {
+ return genericDSAndDNSKEYHandler(res, domain, domain, type, keys);
+ }
+ else {
+ if (isRootServer(ip)) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600);
+ addDS(DNSName("com."), 300, res->d_records, keys);
+ addRRSIG(keys, res->d_records, DNSName("."), 300);
+ addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
+ return 1;
}
- else {
- if (isRootServer(ip)) {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600);
- addDS(DNSName("com."), 300, res->d_records, keys);
- addRRSIG(keys, res->d_records, DNSName("."), 300);
+ else if (ip == ComboAddress("192.0.2.1:53")) {
+ if (domain == DNSName("com.")) {
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com.");
+ addRRSIG(keys, res->d_records, DNSName("com."), 300);
addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- return 1;
+ addRRSIG(keys, res->d_records, DNSName("com."), 300);
}
- else if (ip == ComboAddress("192.0.2.1:53")) {
- if (domain == DNSName("com.")) {
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com.");
- addRRSIG(keys, res->d_records, DNSName("com."), 300);
- addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- addRRSIG(keys, res->d_records, DNSName("com."), 300);
- }
- else if (domain == DNSName("powerdns.com.") || domain == DNSName("power-dns.com.")) {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600);
- addDS(DNSName(domain), 300, res->d_records, keys);
- addRRSIG(keys, res->d_records, DNSName("com."), 300);
- addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
- }
- return 1;
+ else if (domain == DNSName("powerdns.com.") || domain == DNSName("power-dns.com.")) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600);
+ addDS(DNSName(domain), 300, res->d_records, keys);
+ addRRSIG(keys, res->d_records, DNSName("com."), 300);
+ addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
}
- else if (ip == ComboAddress("192.0.2.2:53")) {
- setLWResult(res, 0, true, false, true);
- if (type == QType::NS) {
- addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.");
- addRRSIG(keys, res->d_records, domain, 300);
- addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
- addRRSIG(keys, res->d_records, domain, 300);
+ return 1;
+ }
+ else if (ip == ComboAddress("192.0.2.2:53")) {
+ setLWResult(res, 0, true, false, true);
+ if (type == QType::NS) {
+ addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.");
+ addRRSIG(keys, res->d_records, domain, 300);
+ addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
+ addRRSIG(keys, res->d_records, domain, 300);
+ }
+ else {
+ if (domain == target) {
+ addRecordToLW(res, domain, QType::CNAME, targetCName.toString());
+ /* No RRSIG, leading to bogus */
}
- else {
- if (domain == target) {
- addRecordToLW(res, domain, QType::CNAME, targetCName.toString());
- /* No RRSIG, leading to bogus */
- }
- else if (domain == targetCName) {
- addRecordToLW(res, domain, QType::A, targetCNameAddr.toString());
- addRRSIG(keys, res->d_records, domain, 300);
- }
+ else if (domain == targetCName) {
+ addRecordToLW(res, domain, QType::A, targetCNameAddr.toString());
+ addRRSIG(keys, res->d_records, domain, 300);
}
- return 1;
}
+ return 1;
}
+ }
- return 0;
- });
+ return 0;
+ });
vector<DNSRecord> ret;
int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret);
BOOST_CHECK_EQUAL(queriesCount, 11U);
}
-BOOST_AUTO_TEST_CASE(test_dnssec_secure_to_bogus_cname) {
+BOOST_AUTO_TEST_CASE(test_dnssec_secure_to_bogus_cname)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr, true);
size_t queriesCount = 0;
- sr->setAsyncCallback([target,targetCName,targetCNameAddr,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
- queriesCount++;
-
- if (type == QType::DS || type == QType::DNSKEY) {
- return genericDSAndDNSKEYHandler(res, domain, domain, type, keys);
+ sr->setAsyncCallback([target, targetCName, targetCNameAddr, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queriesCount++;
+
+ if (type == QType::DS || type == QType::DNSKEY) {
+ return genericDSAndDNSKEYHandler(res, domain, domain, type, keys);
+ }
+ else {
+ if (isRootServer(ip)) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600);
+ addDS(DNSName("com."), 300, res->d_records, keys);
+ addRRSIG(keys, res->d_records, DNSName("."), 300);
+ addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
+ return 1;
}
- else {
- if (isRootServer(ip)) {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600);
- addDS(DNSName("com."), 300, res->d_records, keys);
- addRRSIG(keys, res->d_records, DNSName("."), 300);
+ else if (ip == ComboAddress("192.0.2.1:53")) {
+ if (domain == DNSName("com.")) {
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com.");
+ addRRSIG(keys, res->d_records, DNSName("com."), 300);
addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- return 1;
+ addRRSIG(keys, res->d_records, DNSName("com."), 300);
}
- else if (ip == ComboAddress("192.0.2.1:53")) {
- if (domain == DNSName("com.")) {
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com.");
- addRRSIG(keys, res->d_records, DNSName("com."), 300);
- addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- addRRSIG(keys, res->d_records, DNSName("com."), 300);
- }
- else if (domain == DNSName("powerdns.com.") || domain == DNSName("power-dns.com.")) {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600);
- addDS(DNSName(domain), 300, res->d_records, keys);
- addRRSIG(keys, res->d_records, DNSName("com."), 300);
- addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
- }
- return 1;
+ else if (domain == DNSName("powerdns.com.") || domain == DNSName("power-dns.com.")) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600);
+ addDS(DNSName(domain), 300, res->d_records, keys);
+ addRRSIG(keys, res->d_records, DNSName("com."), 300);
+ addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
}
- else if (ip == ComboAddress("192.0.2.2:53")) {
- setLWResult(res, 0, true, false, true);
- if (type == QType::NS) {
- addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.");
- addRRSIG(keys, res->d_records, domain, 300);
- addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
+ return 1;
+ }
+ else if (ip == ComboAddress("192.0.2.2:53")) {
+ setLWResult(res, 0, true, false, true);
+ if (type == QType::NS) {
+ addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.");
+ addRRSIG(keys, res->d_records, domain, 300);
+ addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
+ addRRSIG(keys, res->d_records, domain, 300);
+ }
+ else {
+ if (domain == target) {
+ addRecordToLW(res, domain, QType::CNAME, targetCName.toString());
addRRSIG(keys, res->d_records, domain, 300);
}
- else {
- if (domain == target) {
- addRecordToLW(res, domain, QType::CNAME, targetCName.toString());
- addRRSIG(keys, res->d_records, domain, 300);
- }
- else if (domain == targetCName) {
- addRecordToLW(res, domain, QType::A, targetCNameAddr.toString());
- /* No RRSIG, leading to bogus */
- }
+ else if (domain == targetCName) {
+ addRecordToLW(res, domain, QType::A, targetCNameAddr.toString());
+ /* No RRSIG, leading to bogus */
}
- return 1;
}
+ return 1;
}
+ }
- return 0;
- });
+ return 0;
+ });
vector<DNSRecord> ret;
int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret);
BOOST_CHECK_EQUAL(queriesCount, 11U);
}
-BOOST_AUTO_TEST_CASE(test_dnssec_secure_to_secure_cname) {
+BOOST_AUTO_TEST_CASE(test_dnssec_secure_to_secure_cname)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr, true);
size_t queriesCount = 0;
- sr->setAsyncCallback([target,targetCName,targetCNameAddr,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
- queriesCount++;
-
- if (type == QType::DS || type == QType::DNSKEY) {
- return genericDSAndDNSKEYHandler(res, domain, domain, type, keys);
+ sr->setAsyncCallback([target, targetCName, targetCNameAddr, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queriesCount++;
+
+ if (type == QType::DS || type == QType::DNSKEY) {
+ return genericDSAndDNSKEYHandler(res, domain, domain, type, keys);
+ }
+ else {
+ if (isRootServer(ip)) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600);
+ addDS(DNSName("com."), 300, res->d_records, keys);
+ addRRSIG(keys, res->d_records, DNSName("."), 300);
+ addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
+ return 1;
}
- else {
- if (isRootServer(ip)) {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600);
- addDS(DNSName("com."), 300, res->d_records, keys);
- addRRSIG(keys, res->d_records, DNSName("."), 300);
+ else if (ip == ComboAddress("192.0.2.1:53")) {
+ if (domain == DNSName("com.")) {
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com.");
+ addRRSIG(keys, res->d_records, DNSName("com."), 300);
addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- return 1;
+ addRRSIG(keys, res->d_records, DNSName("com."), 300);
}
- else if (ip == ComboAddress("192.0.2.1:53")) {
- if (domain == DNSName("com.")) {
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com.");
- addRRSIG(keys, res->d_records, DNSName("com."), 300);
- addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- addRRSIG(keys, res->d_records, DNSName("com."), 300);
- }
- else if (domain == DNSName("powerdns.com.") || domain == DNSName("power-dns.com.")) {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600);
- addDS(DNSName(domain), 300, res->d_records, keys);
- addRRSIG(keys, res->d_records, DNSName("com."), 300);
- addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
- }
- return 1;
+ else if (domain == DNSName("powerdns.com.") || domain == DNSName("power-dns.com.")) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600);
+ addDS(DNSName(domain), 300, res->d_records, keys);
+ addRRSIG(keys, res->d_records, DNSName("com."), 300);
+ addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
}
- else if (ip == ComboAddress("192.0.2.2:53")) {
- setLWResult(res, 0, true, false, true);
- if (type == QType::NS) {
- addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.");
- addRRSIG(keys, res->d_records, domain, 300);
- addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
+ return 1;
+ }
+ else if (ip == ComboAddress("192.0.2.2:53")) {
+ setLWResult(res, 0, true, false, true);
+ if (type == QType::NS) {
+ addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.");
+ addRRSIG(keys, res->d_records, domain, 300);
+ addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
+ addRRSIG(keys, res->d_records, domain, 300);
+ }
+ else {
+ if (domain == target) {
+ addRecordToLW(res, domain, QType::CNAME, targetCName.toString());
addRRSIG(keys, res->d_records, domain, 300);
}
- else {
- if (domain == target) {
- addRecordToLW(res, domain, QType::CNAME, targetCName.toString());
- addRRSIG(keys, res->d_records, domain, 300);
- }
- else if (domain == targetCName) {
- addRecordToLW(res, domain, QType::A, targetCNameAddr.toString());
- addRRSIG(keys, res->d_records, domain, 300);
- }
+ else if (domain == targetCName) {
+ addRecordToLW(res, domain, QType::A, targetCNameAddr.toString());
+ addRRSIG(keys, res->d_records, domain, 300);
}
- return 1;
}
+ return 1;
}
+ }
- return 0;
- });
+ return 0;
+ });
vector<DNSRecord> ret;
int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret);
BOOST_CHECK_EQUAL(queriesCount, 12U);
}
-BOOST_AUTO_TEST_CASE(test_dnssec_bogus_to_insecure_cname) {
+BOOST_AUTO_TEST_CASE(test_dnssec_bogus_to_insecure_cname)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr, true);
size_t queriesCount = 0;
- sr->setAsyncCallback([target,targetCName,targetCNameAddr,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
- queriesCount++;
+ sr->setAsyncCallback([target, targetCName, targetCNameAddr, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queriesCount++;
- if (type == QType::DS) {
- if (domain == DNSName("power-dns.com.")) {
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
- addRRSIG(keys, res->d_records, DNSName("com."), 300);
- addNSECRecordToLW(domain, DNSName("z.power-dns.com."), { QType::NS }, 600, res->d_records);
- addRRSIG(keys, res->d_records, DNSName("com."), 300);
- return 1;
- }
- else {
- return genericDSAndDNSKEYHandler(res, domain, domain, type, keys);
- }
+ if (type == QType::DS) {
+ if (domain == DNSName("power-dns.com.")) {
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
+ addRRSIG(keys, res->d_records, DNSName("com."), 300);
+ addNSECRecordToLW(domain, DNSName("z.power-dns.com."), {QType::NS}, 600, res->d_records);
+ addRRSIG(keys, res->d_records, DNSName("com."), 300);
+ return 1;
}
- else if (type == QType::DNSKEY) {
- if (domain == g_rootdnsname || domain == DNSName("com.") || domain == DNSName("powerdns.com.")) {
- setLWResult(res, 0, true, false, true);
- addDNSKEY(keys, domain, 300, res->d_records);
- addRRSIG(keys, res->d_records, domain, 300);
- return 1;
- }
- else {
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
- return 1;
- }
+ else {
+ return genericDSAndDNSKEYHandler(res, domain, domain, type, keys);
+ }
+ }
+ else if (type == QType::DNSKEY) {
+ if (domain == g_rootdnsname || domain == DNSName("com.") || domain == DNSName("powerdns.com.")) {
+ setLWResult(res, 0, true, false, true);
+ addDNSKEY(keys, domain, 300, res->d_records);
+ addRRSIG(keys, res->d_records, domain, 300);
+ return 1;
}
else {
- if (isRootServer(ip)) {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600);
- addDS(DNSName("com."), 300, res->d_records, keys);
- addRRSIG(keys, res->d_records, DNSName("."), 300);
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
+ return 1;
+ }
+ }
+ else {
+ if (isRootServer(ip)) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600);
+ addDS(DNSName("com."), 300, res->d_records, keys);
+ addRRSIG(keys, res->d_records, DNSName("."), 300);
+ addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
+ return 1;
+ }
+ else if (ip == ComboAddress("192.0.2.1:53")) {
+ if (domain == DNSName("com.")) {
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com.");
+ addRRSIG(keys, res->d_records, DNSName("com."), 300);
addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- return 1;
+ addRRSIG(keys, res->d_records, DNSName("com."), 300);
}
- else if (ip == ComboAddress("192.0.2.1:53")) {
- if (domain == DNSName("com.")) {
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com.");
- addRRSIG(keys, res->d_records, DNSName("com."), 300);
- addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- addRRSIG(keys, res->d_records, DNSName("com."), 300);
+ else if (domain == DNSName("powerdns.com.") || domain == DNSName("power-dns.com.")) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600);
+ if (domain == DNSName("powerdns.com.")) {
+ addDS(DNSName("powerdns.com."), 300, res->d_records, keys);
}
- else if (domain == DNSName("powerdns.com.") || domain == DNSName("power-dns.com.")) {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600);
- if (domain == DNSName("powerdns.com.")) {
- addDS(DNSName("powerdns.com."), 300, res->d_records, keys);
- }
- else if (domain == targetCName) {
- addNSECRecordToLW(domain, DNSName("z.power-dns.com."), { QType::NS }, 600, res->d_records);
- }
- addRRSIG(keys, res->d_records, DNSName("com."), 300);
- addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
+ else if (domain == targetCName) {
+ addNSECRecordToLW(domain, DNSName("z.power-dns.com."), {QType::NS}, 600, res->d_records);
}
- return 1;
+ addRRSIG(keys, res->d_records, DNSName("com."), 300);
+ addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
}
- else if (ip == ComboAddress("192.0.2.2:53")) {
- setLWResult(res, 0, true, false, true);
- if (type == QType::NS) {
- addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.");
- addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
+ return 1;
+ }
+ else if (ip == ComboAddress("192.0.2.2:53")) {
+ setLWResult(res, 0, true, false, true);
+ if (type == QType::NS) {
+ addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.");
+ addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
+ }
+ else {
+ if (domain == DNSName("powerdns.com.")) {
+ addRecordToLW(res, domain, QType::CNAME, targetCName.toString());
+ /* No RRSIG -> Bogus */
}
- else {
- if (domain == DNSName("powerdns.com.")) {
- addRecordToLW(res, domain, QType::CNAME, targetCName.toString());
- /* No RRSIG -> Bogus */
- }
- else if (domain == targetCName) {
- addRecordToLW(res, domain, QType::A, targetCNameAddr.toString());
- }
+ else if (domain == targetCName) {
+ addRecordToLW(res, domain, QType::A, targetCNameAddr.toString());
}
- return 1;
}
+ return 1;
}
+ }
- return 0;
- });
+ return 0;
+ });
vector<DNSRecord> ret;
int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret);
BOOST_CHECK_EQUAL(queriesCount, 10U);
}
-BOOST_AUTO_TEST_CASE(test_dnssec_insecure_ta) {
+BOOST_AUTO_TEST_CASE(test_dnssec_insecure_ta)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr, true);
size_t queriesCount = 0;
- sr->setAsyncCallback([target,targetAddr,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
- queriesCount++;
+ sr->setAsyncCallback([target, targetAddr, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queriesCount++;
- if (type == QType::DNSKEY) {
- if (domain == g_rootdnsname || domain == DNSName("powerdns.com.")) {
- setLWResult(res, 0, true, false, true);
- addDNSKEY(keys, domain, 300, res->d_records);
- addRRSIG(keys, res->d_records, domain, 300);
- return 1;
+ if (type == QType::DNSKEY) {
+ if (domain == g_rootdnsname || domain == DNSName("powerdns.com.")) {
+ setLWResult(res, 0, true, false, true);
+ addDNSKEY(keys, domain, 300, res->d_records);
+ addRRSIG(keys, res->d_records, domain, 300);
+ return 1;
+ }
+ else if (domain == DNSName("com.")) {
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, domain, QType::SOA, ". yop. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
+ return 1;
+ }
+ }
+ else {
+ if (isRootServer(ip)) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600);
+ addNSECRecordToLW(DNSName("com."), DNSName("com."), {QType::NS}, 600, res->d_records);
+ addRRSIG(keys, res->d_records, DNSName("."), 300);
+ addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
+ return 1;
+ }
+ else if (ip == ComboAddress("192.0.2.1:53")) {
+ if (target == domain) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600);
+ addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
}
else if (domain == DNSName("com.")) {
setLWResult(res, 0, true, false, true);
- addRecordToLW(res, domain, QType::SOA, ". yop. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
- return 1;
- }
- }
- else {
- if (isRootServer(ip)) {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600);
- addNSECRecordToLW(DNSName("com."), DNSName("com."), { QType::NS }, 600, res->d_records);
- addRRSIG(keys, res->d_records, DNSName("."), 300);
+ addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com.");
addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- return 1;
}
- else if (ip == ComboAddress("192.0.2.1:53")) {
- if (target == domain) {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600);
- addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
- }
- else if (domain == DNSName("com.")) {
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com.");
- addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- }
- return 1;
+ return 1;
+ }
+ else if (ip == ComboAddress("192.0.2.2:53")) {
+ setLWResult(res, 0, true, false, true);
+ if (type == QType::NS) {
+ addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.");
}
- else if (ip == ComboAddress("192.0.2.2:53")) {
- setLWResult(res, 0, true, false, true);
- if (type == QType::NS) {
- addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.");
- }
- else {
- addRecordToLW(res, domain, QType::A, targetAddr.toString(), DNSResourceRecord::ANSWER, 3600);
- }
- addRRSIG(keys, res->d_records, domain, 300);
- return 1;
+ else {
+ addRecordToLW(res, domain, QType::A, targetAddr.toString(), DNSResourceRecord::ANSWER, 3600);
}
+ addRRSIG(keys, res->d_records, domain, 300);
+ return 1;
}
+ }
- return 0;
- });
+ return 0;
+ });
vector<DNSRecord> ret;
int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret);
BOOST_CHECK_EQUAL(queriesCount, 5U);
}
-BOOST_AUTO_TEST_CASE(test_dnssec_insecure_ta_norrsig) {
+BOOST_AUTO_TEST_CASE(test_dnssec_insecure_ta_norrsig)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr, true);
size_t queriesCount = 0;
- sr->setAsyncCallback([target,targetAddr,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
- queriesCount++;
+ sr->setAsyncCallback([target, targetAddr, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queriesCount++;
- if (type == QType::DNSKEY) {
- if (domain == g_rootdnsname || domain == DNSName("powerdns.com.")) {
- setLWResult(res, 0, true, false, true);
- addDNSKEY(keys, domain, 300, res->d_records);
- addRRSIG(keys, res->d_records, domain, 300);
- return 1;
+ if (type == QType::DNSKEY) {
+ if (domain == g_rootdnsname || domain == DNSName("powerdns.com.")) {
+ setLWResult(res, 0, true, false, true);
+ addDNSKEY(keys, domain, 300, res->d_records);
+ addRRSIG(keys, res->d_records, domain, 300);
+ return 1;
+ }
+ else if (domain == DNSName("com.")) {
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, domain, QType::SOA, ". yop. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
+ return 1;
+ }
+ }
+ else {
+ if (target.isPartOf(domain) && isRootServer(ip)) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600);
+ addNSECRecordToLW(DNSName("com."), DNSName("com."), {QType::NS}, 600, res->d_records);
+ addRRSIG(keys, res->d_records, DNSName("."), 300);
+ addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
+ return 1;
+ }
+ else if (ip == ComboAddress("192.0.2.1:53")) {
+ if (target == domain) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600);
+ addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
}
else if (domain == DNSName("com.")) {
setLWResult(res, 0, true, false, true);
- addRecordToLW(res, domain, QType::SOA, ". yop. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
- return 1;
- }
- }
- else {
- if (target.isPartOf(domain) && isRootServer(ip)) {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600);
- addNSECRecordToLW(DNSName("com."), DNSName("com."), { QType::NS }, 600, res->d_records);
- addRRSIG(keys, res->d_records, DNSName("."), 300);
+ addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com.");
addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- return 1;
}
- else if (ip == ComboAddress("192.0.2.1:53")) {
- if (target == domain) {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600);
- addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
- }
- else if (domain == DNSName("com.")) {
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com.");
- addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- }
- return 1;
+ return 1;
+ }
+ else if (domain == target && ip == ComboAddress("192.0.2.2:53")) {
+ setLWResult(res, 0, true, false, true);
+ if (type == QType::NS) {
+ addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.");
}
- else if (domain == target && ip == ComboAddress("192.0.2.2:53")) {
- setLWResult(res, 0, true, false, true);
- if (type == QType::NS) {
- addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.");
- }
- else {
- addRecordToLW(res, domain, QType::A, targetAddr.toString(), DNSResourceRecord::ANSWER, 3600);
- }
- /* No RRSIG in a now (thanks to TA) Secure zone -> Bogus*/
- return 1;
+ else {
+ addRecordToLW(res, domain, QType::A, targetAddr.toString(), DNSResourceRecord::ANSWER, 3600);
}
+ /* No RRSIG in a now (thanks to TA) Secure zone -> Bogus*/
+ return 1;
}
+ }
- return 0;
- });
+ return 0;
+ });
vector<DNSRecord> ret;
int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret);
BOOST_CHECK_EQUAL(queriesCount, 4U);
}
-BOOST_AUTO_TEST_CASE(test_dnssec_nta) {
+BOOST_AUTO_TEST_CASE(test_dnssec_nta)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr, true);
size_t queriesCount = 0;
- sr->setAsyncCallback([target,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
- queriesCount++;
+ sr->setAsyncCallback([target, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queriesCount++;
- if (domain == target && type == QType::NS) {
+ if (domain == target && type == QType::NS) {
- setLWResult(res, 0, true, false, true);
- char addr[] = "a.root-servers.net.";
- for (char idx = 'a'; idx <= 'm'; idx++) {
- addr[0] = idx;
- addRecordToLW(res, domain, QType::NS, std::string(addr), DNSResourceRecord::ANSWER, 3600);
- }
+ setLWResult(res, 0, true, false, true);
+ char addr[] = "a.root-servers.net.";
+ for (char idx = 'a'; idx <= 'm'; idx++) {
+ addr[0] = idx;
+ addRecordToLW(res, domain, QType::NS, std::string(addr), DNSResourceRecord::ANSWER, 3600);
+ }
- addRRSIG(keys, res->d_records, domain, 300);
+ addRRSIG(keys, res->d_records, domain, 300);
- addRecordToLW(res, "a.root-servers.net.", QType::A, "198.41.0.4", DNSResourceRecord::ADDITIONAL, 3600);
- addRecordToLW(res, "a.root-servers.net.", QType::AAAA, "2001:503:ba3e::2:30", DNSResourceRecord::ADDITIONAL, 3600);
+ addRecordToLW(res, "a.root-servers.net.", QType::A, "198.41.0.4", DNSResourceRecord::ADDITIONAL, 3600);
+ addRecordToLW(res, "a.root-servers.net.", QType::AAAA, "2001:503:ba3e::2:30", DNSResourceRecord::ADDITIONAL, 3600);
- return 1;
- } else if (domain == target && type == QType::DNSKEY) {
+ return 1;
+ }
+ else if (domain == target && type == QType::DNSKEY) {
- setLWResult(res, 0, true, false, true);
+ setLWResult(res, 0, true, false, true);
- /* No DNSKEY */
+ /* No DNSKEY */
- return 1;
- }
+ return 1;
+ }
- return 0;
- });
+ return 0;
+ });
vector<DNSRecord> ret;
int res = sr->beginResolve(target, QType(QType::NS), QClass::IN, ret);
BOOST_CHECK_EQUAL(queriesCount, 1U);
}
-BOOST_AUTO_TEST_CASE(test_dnssec_no_ta) {
+BOOST_AUTO_TEST_CASE(test_dnssec_no_ta)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr, true);
size_t queriesCount = 0;
- sr->setAsyncCallback([target,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
- queriesCount++;
+ sr->setAsyncCallback([target, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queriesCount++;
- if (domain == target && type == QType::NS) {
+ if (domain == target && type == QType::NS) {
- setLWResult(res, 0, true, false, true);
- char addr[] = "a.root-servers.net.";
- for (char idx = 'a'; idx <= 'm'; idx++) {
- addr[0] = idx;
- addRecordToLW(res, domain, QType::NS, std::string(addr), DNSResourceRecord::ANSWER, 3600);
- }
+ setLWResult(res, 0, true, false, true);
+ char addr[] = "a.root-servers.net.";
+ for (char idx = 'a'; idx <= 'm'; idx++) {
+ addr[0] = idx;
+ addRecordToLW(res, domain, QType::NS, std::string(addr), DNSResourceRecord::ANSWER, 3600);
+ }
- addRecordToLW(res, "a.root-servers.net.", QType::A, "198.41.0.4", DNSResourceRecord::ADDITIONAL, 3600);
- addRecordToLW(res, "a.root-servers.net.", QType::AAAA, "2001:503:ba3e::2:30", DNSResourceRecord::ADDITIONAL, 3600);
+ addRecordToLW(res, "a.root-servers.net.", QType::A, "198.41.0.4", DNSResourceRecord::ADDITIONAL, 3600);
+ addRecordToLW(res, "a.root-servers.net.", QType::AAAA, "2001:503:ba3e::2:30", DNSResourceRecord::ADDITIONAL, 3600);
- return 1;
- }
+ return 1;
+ }
- return 0;
- });
+ return 0;
+ });
vector<DNSRecord> ret;
int res = sr->beginResolve(target, QType(QType::NS), QClass::IN, ret);
BOOST_CHECK_EQUAL(queriesCount, 1U);
}
-BOOST_AUTO_TEST_CASE(test_dnssec_bogus_nodata) {
+BOOST_AUTO_TEST_CASE(test_dnssec_bogus_nodata)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr, true);
size_t queriesCount = 0;
- sr->setAsyncCallback([target,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
- queriesCount++;
+ sr->setAsyncCallback([target, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queriesCount++;
- if (type == QType::DS || type == QType::DNSKEY) {
- return genericDSAndDNSKEYHandler(res, domain, domain, type, keys);
- }
- else {
+ if (type == QType::DS || type == QType::DNSKEY) {
+ return genericDSAndDNSKEYHandler(res, domain, domain, type, keys);
+ }
+ else {
- setLWResult(res, 0, true, false, true);
- return 1;
- }
+ setLWResult(res, 0, true, false, true);
+ return 1;
+ }
- return 0;
- });
+ return 0;
+ });
vector<DNSRecord> ret;
int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret);
BOOST_AUTO_TEST_SUITE(syncres_cc8)
-BOOST_AUTO_TEST_CASE(test_nsec_denial_nowrap) {
+BOOST_AUTO_TEST_CASE(test_nsec_denial_nowrap)
+{
initSR();
testkeysset_t keys;
No wrap test case:
a.example.org. -> d.example.org. denies the existence of b.example.org.
*/
- addNSECRecordToLW(DNSName("a.example.org."), DNSName("d.example.org"), { QType::A, QType::TXT, QType::RRSIG, QType::NSEC }, 600, records);
+ addNSECRecordToLW(DNSName("a.example.org."), DNSName("d.example.org"), {QType::A, QType::TXT, QType::RRSIG, QType::NSEC}, 600, records);
recordContents.push_back(records.at(0).d_content);
addRRSIG(keys, records, DNSName("example.org."), 300);
signatureContents.push_back(getRR<RRSIGRecordContent>(records.at(1)));
/* add wildcard denial */
recordContents.clear();
signatureContents.clear();
- addNSECRecordToLW(DNSName("example.org."), DNSName("+.example.org"), { QType::A, QType::TXT, QType::RRSIG, QType::NSEC }, 600, records);
+ addNSECRecordToLW(DNSName("example.org."), DNSName("+.example.org"), {QType::A, QType::TXT, QType::RRSIG, QType::NSEC}, 600, records);
recordContents.push_back(records.at(0).d_content);
addRRSIG(keys, records, DNSName("example.org."), 300);
signatureContents.push_back(getRR<RRSIGRecordContent>(records.at(1)));
BOOST_CHECK_EQUAL(denialState, NODATA);
}
-BOOST_AUTO_TEST_CASE(test_nsec_denial_wrap_case_1) {
+BOOST_AUTO_TEST_CASE(test_nsec_denial_wrap_case_1)
+{
initSR();
testkeysset_t keys;
Wrap case 1 test case:
z.example.org. -> b.example.org. denies the existence of a.example.org.
*/
- addNSECRecordToLW(DNSName("z.example.org."), DNSName("b.example.org"), { QType::A, QType::TXT, QType::RRSIG, QType::NSEC }, 600, records);
+ addNSECRecordToLW(DNSName("z.example.org."), DNSName("b.example.org"), {QType::A, QType::TXT, QType::RRSIG, QType::NSEC}, 600, records);
recordContents.push_back(records.at(0).d_content);
addRRSIG(keys, records, DNSName("example.org."), 300);
signatureContents.push_back(getRR<RRSIGRecordContent>(records.at(1)));
BOOST_CHECK_EQUAL(denialState, NODATA);
}
-BOOST_AUTO_TEST_CASE(test_nsec_denial_wrap_case_2) {
+BOOST_AUTO_TEST_CASE(test_nsec_denial_wrap_case_2)
+{
initSR();
testkeysset_t keys;
Wrap case 2 test case:
y.example.org. -> a.example.org. denies the existence of z.example.org.
*/
- addNSECRecordToLW(DNSName("y.example.org."), DNSName("a.example.org"), { QType::A, QType::TXT, QType::RRSIG, QType::NSEC }, 600, records);
+ addNSECRecordToLW(DNSName("y.example.org."), DNSName("a.example.org"), {QType::A, QType::TXT, QType::RRSIG, QType::NSEC}, 600, records);
recordContents.push_back(records.at(0).d_content);
addRRSIG(keys, records, DNSName("example.org."), 300);
signatureContents.push_back(getRR<RRSIGRecordContent>(records.at(1)));
BOOST_CHECK_EQUAL(denialState, NODATA);
}
-BOOST_AUTO_TEST_CASE(test_nsec_denial_only_one_nsec) {
+BOOST_AUTO_TEST_CASE(test_nsec_denial_only_one_nsec)
+{
initSR();
testkeysset_t keys;
Only one NSEC in the whole zone test case:
a.example.org. -> a.example.org. denies the existence of b.example.org.
*/
- addNSECRecordToLW(DNSName("a.example.org."), DNSName("a.example.org"), { QType::A, QType::TXT, QType::RRSIG, QType::NSEC }, 600, records);
+ addNSECRecordToLW(DNSName("a.example.org."), DNSName("a.example.org"), {QType::A, QType::TXT, QType::RRSIG, QType::NSEC}, 600, records);
recordContents.push_back(records.at(0).d_content);
addRRSIG(keys, records, DNSName("example.org."), 300);
signatureContents.push_back(getRR<RRSIGRecordContent>(records.at(1)));
BOOST_CHECK_EQUAL(denialState, NODATA);
}
-BOOST_AUTO_TEST_CASE(test_nsec_root_nxd_denial) {
+BOOST_AUTO_TEST_CASE(test_nsec_root_nxd_denial)
+{
initSR();
testkeysset_t keys;
The RRSIG from "." denies the existence of anything between a. and c.,
including b.
*/
- addNSECRecordToLW(DNSName("a."), DNSName("c."), { QType::NS }, 600, records);
+ addNSECRecordToLW(DNSName("a."), DNSName("c."), {QType::NS}, 600, records);
recordContents.push_back(records.at(0).d_content);
addRRSIG(keys, records, DNSName("."), 300);
signatureContents.push_back(getRR<RRSIGRecordContent>(records.at(1)));
/* add wildcard denial */
recordContents.clear();
signatureContents.clear();
- addNSECRecordToLW(DNSName("."), DNSName("+"), { QType::A, QType::TXT, QType::RRSIG, QType::NSEC }, 600, records);
+ addNSECRecordToLW(DNSName("."), DNSName("+"), {QType::A, QType::TXT, QType::RRSIG, QType::NSEC}, 600, records);
recordContents.push_back(records.at(0).d_content);
addRRSIG(keys, records, DNSName("."), 300);
signatureContents.push_back(getRR<RRSIGRecordContent>(records.at(1)));
BOOST_CHECK_EQUAL(denialState, NXDOMAIN);
}
-BOOST_AUTO_TEST_CASE(test_nsec_ancestor_nxqtype_denial) {
+BOOST_AUTO_TEST_CASE(test_nsec_ancestor_nxqtype_denial)
+{
initSR();
testkeysset_t keys;
signer field that is shorter than the owner name of the NSEC RR) it can't
be used to deny anything except the whole name or a DS.
*/
- addNSECRecordToLW(DNSName("a."), DNSName("b."), { QType::NS }, 600, records);
+ addNSECRecordToLW(DNSName("a."), DNSName("b."), {QType::NS}, 600, records);
recordContents.push_back(records.at(0).d_content);
addRRSIG(keys, records, DNSName("."), 300);
signatureContents.push_back(getRR<RRSIGRecordContent>(records.at(1)));
BOOST_CHECK_EQUAL(denialState, NXQTYPE);
}
-BOOST_AUTO_TEST_CASE(test_nsec_insecure_delegation_denial) {
+BOOST_AUTO_TEST_CASE(test_nsec_insecure_delegation_denial)
+{
initSR();
testkeysset_t keys;
NS should be set if it was proving an insecure delegation, let's check that
we correctly detect that it's not.
*/
- addNSECRecordToLW(DNSName("a."), DNSName("b."), { }, 600, records);
+ addNSECRecordToLW(DNSName("a."), DNSName("b."), {}, 600, records);
recordContents.push_back(records.at(0).d_content);
addRRSIG(keys, records, DNSName("."), 300);
signatureContents.push_back(getRR<RRSIGRecordContent>(records.at(1)));
BOOST_CHECK_EQUAL(denialState, NODATA);
}
-BOOST_AUTO_TEST_CASE(test_nsec_nxqtype_cname) {
+BOOST_AUTO_TEST_CASE(test_nsec_nxqtype_cname)
+{
initSR();
testkeysset_t keys;
vector<shared_ptr<DNSRecordContent>> recordContents;
vector<shared_ptr<RRSIGRecordContent>> signatureContents;
- addNSECRecordToLW(DNSName("a.powerdns.com."), DNSName("a.c.powerdns.com."), { QType::CNAME }, 600, records);
+ addNSECRecordToLW(DNSName("a.powerdns.com."), DNSName("a.c.powerdns.com."), {QType::CNAME}, 600, records);
recordContents.push_back(records.at(0).d_content);
addRRSIG(keys, records, DNSName("powerdns.com."), 300);
signatureContents.push_back(getRR<RRSIGRecordContent>(records.at(1)));
BOOST_CHECK_EQUAL(denialState, NODATA);
}
-BOOST_AUTO_TEST_CASE(test_nsec3_nxqtype_cname) {
+BOOST_AUTO_TEST_CASE(test_nsec3_nxqtype_cname)
+{
initSR();
testkeysset_t keys;
vector<shared_ptr<DNSRecordContent>> recordContents;
vector<shared_ptr<RRSIGRecordContent>> signatureContents;
- addNSEC3UnhashedRecordToLW(DNSName("a.powerdns.com."), DNSName("powerdns.com."), "whatever", { QType::CNAME }, 600, records);
+ addNSEC3UnhashedRecordToLW(DNSName("a.powerdns.com."), DNSName("powerdns.com."), "whatever", {QType::CNAME}, 600, records);
recordContents.push_back(records.at(0).d_content);
addRRSIG(keys, records, DNSName("powerdns.com."), 300);
signatureContents.push_back(getRR<RRSIGRecordContent>(records.at(1)));
BOOST_CHECK_EQUAL(denialState, NODATA);
}
-BOOST_AUTO_TEST_CASE(test_nsec_nxdomain_denial_missing_wildcard) {
+BOOST_AUTO_TEST_CASE(test_nsec_nxdomain_denial_missing_wildcard)
+{
initSR();
testkeysset_t keys;
vector<shared_ptr<DNSRecordContent>> recordContents;
vector<shared_ptr<RRSIGRecordContent>> signatureContents;
- addNSECRecordToLW(DNSName("a.powerdns.com."), DNSName("d.powerdns.com"), { QType::A, QType::TXT, QType::RRSIG, QType::NSEC }, 600, records);
+ addNSECRecordToLW(DNSName("a.powerdns.com."), DNSName("d.powerdns.com"), {QType::A, QType::TXT, QType::RRSIG, QType::NSEC}, 600, records);
recordContents.push_back(records.at(0).d_content);
addRRSIG(keys, records, DNSName("powerdns.com."), 300);
signatureContents.push_back(getRR<RRSIGRecordContent>(records.at(1)));
BOOST_CHECK_EQUAL(denialState, NODATA);
}
-BOOST_AUTO_TEST_CASE(test_nsec3_nxdomain_denial_missing_wildcard) {
+BOOST_AUTO_TEST_CASE(test_nsec3_nxdomain_denial_missing_wildcard)
+{
initSR();
testkeysset_t keys;
vector<shared_ptr<DNSRecordContent>> recordContents;
vector<shared_ptr<RRSIGRecordContent>> signatureContents;
- addNSEC3NarrowRecordToLW(DNSName("a.powerdns.com."), DNSName("powerdns.com."), { QType::A, QType::TXT, QType::RRSIG, QType::NSEC }, 600, records);
+ addNSEC3NarrowRecordToLW(DNSName("a.powerdns.com."), DNSName("powerdns.com."), {QType::A, QType::TXT, QType::RRSIG, QType::NSEC}, 600, records);
recordContents.push_back(records.at(0).d_content);
addRRSIG(keys, records, DNSName("powerdns.com."), 300);
signatureContents.push_back(getRR<RRSIGRecordContent>(records.at(1)));
recordContents.clear();
signatureContents.clear();
records.clear();
- addNSEC3UnhashedRecordToLW(DNSName("powerdns.com."), DNSName("powerdns.com."), "whatever", { QType::A, QType::TXT, QType::RRSIG, QType::NSEC }, 600, records);
+ addNSEC3UnhashedRecordToLW(DNSName("powerdns.com."), DNSName("powerdns.com."), "whatever", {QType::A, QType::TXT, QType::RRSIG, QType::NSEC}, 600, records);
recordContents.push_back(records.at(0).d_content);
addRRSIG(keys, records, DNSName("powerdns.com."), 300);
signatureContents.push_back(getRR<RRSIGRecordContent>(records.at(1)));
BOOST_CHECK_EQUAL(denialState, NODATA);
}
-BOOST_AUTO_TEST_CASE(test_nsec_ent_denial) {
+BOOST_AUTO_TEST_CASE(test_nsec_ent_denial)
+{
initSR();
testkeysset_t keys;
vector<shared_ptr<DNSRecordContent>> recordContents;
vector<shared_ptr<RRSIGRecordContent>> signatureContents;
- addNSECRecordToLW(DNSName("a.powerdns.com."), DNSName("a.c.powerdns.com."), { QType::A }, 600, records);
+ addNSECRecordToLW(DNSName("a.powerdns.com."), DNSName("a.c.powerdns.com."), {QType::A}, 600, records);
recordContents.push_back(records.at(0).d_content);
addRRSIG(keys, records, DNSName("powerdns.com."), 300);
signatureContents.push_back(getRR<RRSIGRecordContent>(records.at(1)));
/* if we add the wildcard denial proof, we should get a NXDOMAIN proof for b.powerdns.com */
recordContents.clear();
signatureContents.clear();
- addNSECRecordToLW(DNSName(").powerdns.com."), DNSName("+.powerdns.com."), { }, 600, records);
+ addNSECRecordToLW(DNSName(").powerdns.com."), DNSName("+.powerdns.com."), {}, 600, records);
recordContents.push_back(records.at(0).d_content);
addRRSIG(keys, records, DNSName("powerdns.com."), 300);
signatureContents.push_back(getRR<RRSIGRecordContent>(records.at(1)));
BOOST_CHECK_EQUAL(denialState, NXDOMAIN);
}
-BOOST_AUTO_TEST_CASE(test_nsec3_ancestor_nxqtype_denial) {
+BOOST_AUTO_TEST_CASE(test_nsec3_ancestor_nxqtype_denial)
+{
initSR();
testkeysset_t keys;
signer field that is shorter than the owner name of the NSEC RR) it can't
be used to deny anything except the whole name or a DS.
*/
- addNSEC3UnhashedRecordToLW(DNSName("a."), DNSName("."), "whatever", { QType::NS }, 600, records);
+ addNSEC3UnhashedRecordToLW(DNSName("a."), DNSName("."), "whatever", {QType::NS}, 600, records);
recordContents.push_back(records.at(0).d_content);
addRRSIG(keys, records, DNSName("."), 300);
signatureContents.push_back(getRR<RRSIGRecordContent>(records.at(1)));
recordContents.clear();
signatureContents.clear();
records.clear();
- addNSEC3NarrowRecordToLW(DNSName("sub.a."), DNSName("."), { QType::A, QType::TXT, QType::RRSIG, QType::NSEC3 }, 600, records);
+ addNSEC3NarrowRecordToLW(DNSName("sub.a."), DNSName("."), {QType::A, QType::TXT, QType::RRSIG, QType::NSEC3}, 600, records);
recordContents.push_back(records.at(0).d_content);
addRRSIG(keys, records, DNSName("."), 300);
signatureContents.push_back(getRR<RRSIGRecordContent>(records.at(1)));
recordContents.clear();
signatureContents.clear();
records.clear();
- addNSEC3NarrowRecordToLW(DNSName("*.a."), DNSName("."), { QType::A, QType::TXT, QType::RRSIG, QType::NSEC3 }, 600, records);
+ addNSEC3NarrowRecordToLW(DNSName("*.a."), DNSName("."), {QType::A, QType::TXT, QType::RRSIG, QType::NSEC3}, 600, records);
recordContents.push_back(records.at(0).d_content);
addRRSIG(keys, records, DNSName("."), 300);
signatureContents.push_back(getRR<RRSIGRecordContent>(records.at(1)));
BOOST_CHECK_EQUAL(denialState, NODATA);
}
-BOOST_AUTO_TEST_CASE(test_nsec3_denial_too_many_iterations) {
+BOOST_AUTO_TEST_CASE(test_nsec3_denial_too_many_iterations)
+{
initSR();
testkeysset_t keys;
vector<shared_ptr<RRSIGRecordContent>> signatureContents;
/* adding a NSEC3 with more iterations that we support */
- addNSEC3UnhashedRecordToLW(DNSName("a."), DNSName("."), "whatever", { QType::AAAA }, 600, records, g_maxNSEC3Iterations + 100);
+ addNSEC3UnhashedRecordToLW(DNSName("a."), DNSName("."), "whatever", {QType::AAAA}, 600, records, g_maxNSEC3Iterations + 100);
recordContents.push_back(records.at(0).d_content);
addRRSIG(keys, records, DNSName("."), 300);
signatureContents.push_back(getRR<RRSIGRecordContent>(records.at(1)));
BOOST_CHECK_EQUAL(denialState, INSECURE);
}
-BOOST_AUTO_TEST_CASE(test_nsec3_insecure_delegation_denial) {
+BOOST_AUTO_TEST_CASE(test_nsec3_insecure_delegation_denial)
+{
initSR();
testkeysset_t keys;
NS should be set if it was proving an insecure delegation, let's check that
we correctly detect that it's not.
*/
- addNSEC3UnhashedRecordToLW(DNSName("a."), DNSName("."), "whatever", { }, 600, records);
+ addNSEC3UnhashedRecordToLW(DNSName("a."), DNSName("."), "whatever", {}, 600, records);
recordContents.push_back(records.at(0).d_content);
addRRSIG(keys, records, DNSName("."), 300);
signatureContents.push_back(getRR<RRSIGRecordContent>(records.at(1)));
BOOST_CHECK_EQUAL(denialState, NODATA);
}
-BOOST_AUTO_TEST_CASE(test_dnssec_rrsig_negcache_validity) {
+BOOST_AUTO_TEST_CASE(test_dnssec_rrsig_negcache_validity)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr, true);
size_t queriesCount = 0;
const time_t fixedNow = sr->getNow().tv_sec;
- sr->setAsyncCallback([target,&queriesCount,keys,fixedNow](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
- queriesCount++;
+ sr->setAsyncCallback([target, &queriesCount, keys, fixedNow](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queriesCount++;
- DNSName auth = domain;
- auth.chopOff();
+ DNSName auth = domain;
+ auth.chopOff();
- if (type == QType::DS || type == QType::DNSKEY) {
- return genericDSAndDNSKEYHandler(res, domain, auth, type, keys);
- }
- else {
- setLWResult(res, RCode::NoError, true, false, true);
- addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
- addRRSIG(keys, res->d_records, domain, 300);
- addNSECRecordToLW(domain, DNSName("z."), { QType::NSEC, QType::RRSIG }, 600, res->d_records);
- addRRSIG(keys, res->d_records, domain, 1, false, boost::none, boost::none, fixedNow);
- return 1;
- }
+ if (type == QType::DS || type == QType::DNSKEY) {
+ return genericDSAndDNSKEYHandler(res, domain, auth, type, keys);
+ }
+ else {
+ setLWResult(res, RCode::NoError, true, false, true);
+ addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
+ addRRSIG(keys, res->d_records, domain, 300);
+ addNSECRecordToLW(domain, DNSName("z."), {QType::NSEC, QType::RRSIG}, 600, res->d_records);
+ addRRSIG(keys, res->d_records, domain, 1, false, boost::none, boost::none, fixedNow);
+ return 1;
+ }
- return 0;
- });
+ return 0;
+ });
vector<DNSRecord> ret;
int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret);
BOOST_CHECK_EQUAL(queriesCount, 4U);
}
-BOOST_AUTO_TEST_CASE(test_dnssec_rrsig_negcache_bogus_validity) {
+BOOST_AUTO_TEST_CASE(test_dnssec_rrsig_negcache_bogus_validity)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr, true);
size_t queriesCount = 0;
const time_t fixedNow = sr->getNow().tv_sec;
- sr->setAsyncCallback([&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
- queriesCount++;
+ sr->setAsyncCallback([&queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queriesCount++;
- DNSName auth = domain;
- auth.chopOff();
+ DNSName auth = domain;
+ auth.chopOff();
- if (type == QType::DS || type == QType::DNSKEY) {
- return genericDSAndDNSKEYHandler(res, domain, auth, type, keys);
- }
- else {
- setLWResult(res, RCode::NoError, true, false, true);
- addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 86400);
- addRRSIG(keys, res->d_records, domain, 86400);
- addNSECRecordToLW(domain, DNSName("z."), { QType::NSEC, QType::RRSIG }, 86400, res->d_records);
- /* no RRSIG */
- return 1;
- }
+ if (type == QType::DS || type == QType::DNSKEY) {
+ return genericDSAndDNSKEYHandler(res, domain, auth, type, keys);
+ }
+ else {
+ setLWResult(res, RCode::NoError, true, false, true);
+ addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 86400);
+ addRRSIG(keys, res->d_records, domain, 86400);
+ addNSECRecordToLW(domain, DNSName("z."), {QType::NSEC, QType::RRSIG}, 86400, res->d_records);
+ /* no RRSIG */
+ return 1;
+ }
- return 0;
- });
+ return 0;
+ });
SyncRes::s_maxnegttl = 3600;
SyncRes::s_maxbogusttl = 360;
BOOST_CHECK_EQUAL(queriesCount, 4U);
}
-BOOST_AUTO_TEST_CASE(test_dnssec_rrsig_cache_validity) {
+BOOST_AUTO_TEST_CASE(test_dnssec_rrsig_cache_validity)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr, true);
size_t queriesCount = 0;
const time_t tnow = sr->getNow().tv_sec;
- sr->setAsyncCallback([target,targetAddr,&queriesCount,keys,tnow](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
- queriesCount++;
+ sr->setAsyncCallback([target, targetAddr, &queriesCount, keys, tnow](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queriesCount++;
- DNSName auth = domain;
- auth.chopOff();
+ DNSName auth = domain;
+ auth.chopOff();
- if (type == QType::DS || type == QType::DNSKEY) {
- return genericDSAndDNSKEYHandler(res, domain, auth, type, keys);
- }
- else {
- setLWResult(res, RCode::NoError, true, false, true);
- addRecordToLW(res, domain, QType::A, targetAddr.toString(), DNSResourceRecord::ANSWER, 3600);
- addRRSIG(keys, res->d_records, domain, 1, false, boost::none, boost::none, tnow);
- return 1;
- }
+ if (type == QType::DS || type == QType::DNSKEY) {
+ return genericDSAndDNSKEYHandler(res, domain, auth, type, keys);
+ }
+ else {
+ setLWResult(res, RCode::NoError, true, false, true);
+ addRecordToLW(res, domain, QType::A, targetAddr.toString(), DNSResourceRecord::ANSWER, 3600);
+ addRRSIG(keys, res->d_records, domain, 1, false, boost::none, boost::none, tnow);
+ return 1;
+ }
- return 0;
- });
+ return 0;
+ });
vector<DNSRecord> ret;
int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret);
BOOST_CHECK_EQUAL(queriesCount, 4U);
}
-BOOST_AUTO_TEST_CASE(test_dnssec_validation_from_cache_secure) {
+BOOST_AUTO_TEST_CASE(test_dnssec_validation_from_cache_secure)
+{
/*
Validation is optional, and the first query does not ask for it,
so the answer is cached as Indeterminate.
size_t queriesCount = 0;
- sr->setAsyncCallback([target,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
- queriesCount++;
-
- if (type == QType::DS || type == QType::DNSKEY) {
- return genericDSAndDNSKEYHandler(res, domain, domain, type, keys, false);
- }
- else {
- if (domain == target && type == QType::A) {
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, target, QType::A, "192.0.2.1");
- addRRSIG(keys, res->d_records, DNSName("."), 300);
- return 1;
- }
+ sr->setAsyncCallback([target, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queriesCount++;
+
+ if (type == QType::DS || type == QType::DNSKEY) {
+ return genericDSAndDNSKEYHandler(res, domain, domain, type, keys, false);
+ }
+ else {
+ if (domain == target && type == QType::A) {
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, target, QType::A, "192.0.2.1");
+ addRRSIG(keys, res->d_records, DNSName("."), 300);
+ return 1;
}
+ }
- return 0;
- });
+ return 0;
+ });
vector<DNSRecord> ret;
/* first query does not require validation */
}
BOOST_CHECK_EQUAL(queriesCount, 1U);
-
ret.clear();
/* second one _does_ require validation */
sr->setDNSSECValidationRequested(true);
BOOST_CHECK_EQUAL(queriesCount, 3U);
}
-BOOST_AUTO_TEST_CASE(test_dnssec_validation_from_cache_insecure) {
+BOOST_AUTO_TEST_CASE(test_dnssec_validation_from_cache_insecure)
+{
/*
Validation is optional, and the first query does not ask for it,
so the answer is cached as Indeterminate.
size_t queriesCount = 0;
- sr->setAsyncCallback([target,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
- queriesCount++;
+ sr->setAsyncCallback([target, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queriesCount++;
- if (type == QType::DS || type == QType::DNSKEY) {
- return genericDSAndDNSKEYHandler(res, domain, domain, type, keys, false);
- }
- else {
- if (domain == target && type == QType::A) {
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, target, QType::A, "192.0.2.1");
- return 1;
- }
+ if (type == QType::DS || type == QType::DNSKEY) {
+ return genericDSAndDNSKEYHandler(res, domain, domain, type, keys, false);
+ }
+ else {
+ if (domain == target && type == QType::A) {
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, target, QType::A, "192.0.2.1");
+ return 1;
}
+ }
- return 0;
- });
+ return 0;
+ });
vector<DNSRecord> ret;
/* first query does not require validation */
}
BOOST_CHECK_EQUAL(queriesCount, 1U);
-
ret.clear();
/* second one _does_ require validation */
sr->setDNSSECValidationRequested(true);
BOOST_CHECK_EQUAL(queriesCount, 1U);
}
-BOOST_AUTO_TEST_CASE(test_dnssec_validation_from_cache_bogus) {
+BOOST_AUTO_TEST_CASE(test_dnssec_validation_from_cache_bogus)
+{
/*
Validation is optional, and the first query does not ask for it,
so the answer is cached as Indeterminate.
size_t queriesCount = 0;
- sr->setAsyncCallback([target,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
- queriesCount++;
+ sr->setAsyncCallback([target, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queriesCount++;
- if (type == QType::DS || type == QType::DNSKEY) {
- return genericDSAndDNSKEYHandler(res, domain, domain, type, keys, false);
- }
- else {
- if (domain == target && type == QType::A) {
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, target, QType::A, "192.0.2.1", DNSResourceRecord::ANSWER, 86400);
- /* no RRSIG */
- return 1;
- }
+ if (type == QType::DS || type == QType::DNSKEY) {
+ return genericDSAndDNSKEYHandler(res, domain, domain, type, keys, false);
+ }
+ else {
+ if (domain == target && type == QType::A) {
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, target, QType::A, "192.0.2.1", DNSResourceRecord::ANSWER, 86400);
+ /* no RRSIG */
+ return 1;
}
+ }
- return 0;
- });
+ return 0;
+ });
SyncRes::s_maxbogusttl = 3600;
}
BOOST_CHECK_EQUAL(queriesCount, 1U);
-
ret.clear();
/* second one _does_ require validation */
sr->setDNSSECValidationRequested(true);
BOOST_AUTO_TEST_SUITE(syncres_cc9)
-BOOST_AUTO_TEST_CASE(test_dnssec_validation_from_cname_cache_secure) {
+BOOST_AUTO_TEST_CASE(test_dnssec_validation_from_cname_cache_secure)
+{
/*
Validation is optional, and the first query does not ask for it,
so the answer is cached as Indeterminate.
size_t queriesCount = 0;
- sr->setAsyncCallback([target,cnameTarget,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
- queriesCount++;
+ sr->setAsyncCallback([target, cnameTarget, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queriesCount++;
- if (type == QType::DS || type == QType::DNSKEY) {
- return genericDSAndDNSKEYHandler(res, domain, domain, type, keys, false);
+ if (type == QType::DS || type == QType::DNSKEY) {
+ return genericDSAndDNSKEYHandler(res, domain, domain, type, keys, false);
+ }
+ else {
+ if (domain == target && type == QType::A) {
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, target, QType::CNAME, cnameTarget.toString());
+ addRRSIG(keys, res->d_records, DNSName("."), 300);
+ addRecordToLW(res, cnameTarget, QType::A, "192.0.2.1");
+ addRRSIG(keys, res->d_records, DNSName("."), 300);
+ return 1;
}
- else {
- if (domain == target && type == QType::A) {
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, target, QType::CNAME, cnameTarget.toString());
- addRRSIG(keys, res->d_records, DNSName("."), 300);
- addRecordToLW(res, cnameTarget, QType::A, "192.0.2.1");
- addRRSIG(keys, res->d_records, DNSName("."), 300);
- return 1;
- } else if (domain == cnameTarget && type == QType::A) {
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, cnameTarget, QType::A, "192.0.2.1");
- addRRSIG(keys, res->d_records, DNSName("."), 300);
- return 1;
- }
+ else if (domain == cnameTarget && type == QType::A) {
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, cnameTarget, QType::A, "192.0.2.1");
+ addRRSIG(keys, res->d_records, DNSName("."), 300);
+ return 1;
}
+ }
- return 0;
- });
+ return 0;
+ });
vector<DNSRecord> ret;
/* first query does not require validation */
}
BOOST_CHECK_EQUAL(queriesCount, 2U);
-
ret.clear();
/* second one _does_ require validation */
sr->setDNSSECValidationRequested(true);
BOOST_CHECK_EQUAL(queriesCount, 5U);
}
-BOOST_AUTO_TEST_CASE(test_dnssec_validation_from_cname_cache_insecure) {
+BOOST_AUTO_TEST_CASE(test_dnssec_validation_from_cname_cache_insecure)
+{
/*
Validation is optional, and the first query does not ask for it,
so the answer is cached as Indeterminate.
size_t queriesCount = 0;
- sr->setAsyncCallback([target,cnameTarget,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
- queriesCount++;
+ sr->setAsyncCallback([target, cnameTarget, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queriesCount++;
- if (type == QType::DS || type == QType::DNSKEY) {
- return genericDSAndDNSKEYHandler(res, domain, domain, type, keys, false);
+ if (type == QType::DS || type == QType::DNSKEY) {
+ return genericDSAndDNSKEYHandler(res, domain, domain, type, keys, false);
+ }
+ else {
+ if (domain == target && type == QType::A) {
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, target, QType::CNAME, cnameTarget.toString());
+ addRecordToLW(res, cnameTarget, QType::A, "192.0.2.1");
+ return 1;
}
- else {
- if (domain == target && type == QType::A) {
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, target, QType::CNAME, cnameTarget.toString());
- addRecordToLW(res, cnameTarget, QType::A, "192.0.2.1");
- return 1;
- } else if (domain == cnameTarget && type == QType::A) {
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, cnameTarget, QType::A, "192.0.2.1");
- return 1;
- }
+ else if (domain == cnameTarget && type == QType::A) {
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, cnameTarget, QType::A, "192.0.2.1");
+ return 1;
}
+ }
- return 0;
- });
+ return 0;
+ });
vector<DNSRecord> ret;
/* first query does not require validation */
}
BOOST_CHECK_EQUAL(queriesCount, 2U);
-
ret.clear();
/* second one _does_ require validation */
sr->setDNSSECValidationRequested(true);
BOOST_CHECK_EQUAL(queriesCount, 2U);
}
-BOOST_AUTO_TEST_CASE(test_dnssec_validation_from_cname_cache_bogus) {
+BOOST_AUTO_TEST_CASE(test_dnssec_validation_from_cname_cache_bogus)
+{
/*
Validation is optional, and the first query does not ask for it,
so the answer is cached as Indeterminate.
size_t queriesCount = 0;
- sr->setAsyncCallback([target,cnameTarget,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
- queriesCount++;
+ sr->setAsyncCallback([target, cnameTarget, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queriesCount++;
- if (type == QType::DS || type == QType::DNSKEY) {
- return genericDSAndDNSKEYHandler(res, domain, domain, type, keys, false);
+ if (type == QType::DS || type == QType::DNSKEY) {
+ return genericDSAndDNSKEYHandler(res, domain, domain, type, keys, false);
+ }
+ else {
+ if (domain == target && type == QType::A) {
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, target, QType::CNAME, cnameTarget.toString(), DNSResourceRecord::ANSWER, 86400);
+ addRecordToLW(res, cnameTarget, QType::A, "192.0.2.1", DNSResourceRecord::ANSWER, 86400);
+ /* no RRSIG */
+ return 1;
}
- else {
- if (domain == target && type == QType::A) {
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, target, QType::CNAME, cnameTarget.toString(), DNSResourceRecord::ANSWER, 86400);
- addRecordToLW(res, cnameTarget, QType::A, "192.0.2.1", DNSResourceRecord::ANSWER, 86400);
- /* no RRSIG */
- return 1;
- } else if (domain == cnameTarget && type == QType::A) {
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, cnameTarget, QType::A, "192.0.2.1", DNSResourceRecord::ANSWER, 86400);
- /* no RRSIG */
- return 1;
- }
+ else if (domain == cnameTarget && type == QType::A) {
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, cnameTarget, QType::A, "192.0.2.1", DNSResourceRecord::ANSWER, 86400);
+ /* no RRSIG */
+ return 1;
}
+ }
- return 0;
- });
+ return 0;
+ });
SyncRes::s_maxbogusttl = 60;
SyncRes::s_maxnegttl = 3600;
}
BOOST_CHECK_EQUAL(queriesCount, 2U);
-
ret.clear();
/* second one _does_ require validation */
sr->setDNSSECValidationRequested(true);
BOOST_CHECK_EQUAL(queriesCount, 5U);
}
-BOOST_AUTO_TEST_CASE(test_dnssec_validation_additional_without_rrsig) {
+BOOST_AUTO_TEST_CASE(test_dnssec_validation_additional_without_rrsig)
+{
/*
We get a record from a secure zone in the additional section, without
the corresponding RRSIG. The record should not be marked as authoritative
size_t queriesCount = 0;
- sr->setAsyncCallback([target,addTarget,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
- queriesCount++;
+ sr->setAsyncCallback([target, addTarget, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queriesCount++;
- if (type == QType::DS || type == QType::DNSKEY) {
- if (domain == addTarget) {
- DNSName auth(domain);
- /* no DS for com, auth will be . */
- auth.chopOff();
- return genericDSAndDNSKEYHandler(res, domain, auth, type, keys, false);
- }
- return genericDSAndDNSKEYHandler(res, domain, domain, type, keys, false);
+ if (type == QType::DS || type == QType::DNSKEY) {
+ if (domain == addTarget) {
+ DNSName auth(domain);
+ /* no DS for com, auth will be . */
+ auth.chopOff();
+ return genericDSAndDNSKEYHandler(res, domain, auth, type, keys, false);
}
- else {
- if (domain == target && type == QType::A) {
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, target, QType::A, "192.0.2.1");
- addRRSIG(keys, res->d_records, DNSName("."), 300);
- addRecordToLW(res, addTarget, QType::A, "192.0.2.42", DNSResourceRecord::ADDITIONAL);
- /* no RRSIG for the additional record */
- return 1;
- } else if (domain == addTarget && type == QType::A) {
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, addTarget, QType::A, "192.0.2.42");
- addRRSIG(keys, res->d_records, DNSName("."), 300);
- return 1;
- }
+ return genericDSAndDNSKEYHandler(res, domain, domain, type, keys, false);
+ }
+ else {
+ if (domain == target && type == QType::A) {
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, target, QType::A, "192.0.2.1");
+ addRRSIG(keys, res->d_records, DNSName("."), 300);
+ addRecordToLW(res, addTarget, QType::A, "192.0.2.42", DNSResourceRecord::ADDITIONAL);
+ /* no RRSIG for the additional record */
+ return 1;
}
+ else if (domain == addTarget && type == QType::A) {
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, addTarget, QType::A, "192.0.2.42");
+ addRRSIG(keys, res->d_records, DNSName("."), 300);
+ return 1;
+ }
+ }
- return 0;
- });
+ return 0;
+ });
vector<DNSRecord> ret;
/* first query for target/A, will pick up the additional record as non-auth / unvalidated */
BOOST_CHECK_EQUAL(queriesCount, 5U);
}
-BOOST_AUTO_TEST_CASE(test_dnssec_validation_from_negcache_secure) {
+BOOST_AUTO_TEST_CASE(test_dnssec_validation_from_negcache_secure)
+{
/*
Validation is optional, and the first query does not ask for it,
so the answer is negatively cached as Indeterminate.
size_t queriesCount = 0;
const time_t fixedNow = sr->getNow().tv_sec;
- sr->setAsyncCallback([target,&queriesCount,keys,fixedNow](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
- queriesCount++;
+ sr->setAsyncCallback([target, &queriesCount, keys, fixedNow](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queriesCount++;
- DNSName auth = domain;
- auth.chopOff();
+ DNSName auth = domain;
+ auth.chopOff();
- if (type == QType::DS || type == QType::DNSKEY) {
- return genericDSAndDNSKEYHandler(res, domain, auth, type, keys);
- }
- else {
- setLWResult(res, RCode::NoError, true, false, true);
- addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
- addRRSIG(keys, res->d_records, domain, 300);
- addNSECRecordToLW(domain, DNSName("z."), { QType::NSEC, QType::RRSIG }, 600, res->d_records);
- addRRSIG(keys, res->d_records, domain, 1, false, boost::none, boost::none, fixedNow);
- return 1;
- }
+ if (type == QType::DS || type == QType::DNSKEY) {
+ return genericDSAndDNSKEYHandler(res, domain, auth, type, keys);
+ }
+ else {
+ setLWResult(res, RCode::NoError, true, false, true);
+ addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
+ addRRSIG(keys, res->d_records, domain, 300);
+ addNSECRecordToLW(domain, DNSName("z."), {QType::NSEC, QType::RRSIG}, 600, res->d_records);
+ addRRSIG(keys, res->d_records, domain, 1, false, boost::none, boost::none, fixedNow);
+ return 1;
+ }
- return 0;
- });
+ return 0;
+ });
vector<DNSRecord> ret;
/* first query does not require validation */
BOOST_CHECK_EQUAL(ne->DNSSECRecords.signatures.size(), 1U);
}
-BOOST_AUTO_TEST_CASE(test_dnssec_validation_from_negcache_secure_ds) {
+BOOST_AUTO_TEST_CASE(test_dnssec_validation_from_negcache_secure_ds)
+{
/*
Validation is optional, and the first query does not ask for it,
so the answer is negatively cached as Indeterminate.
size_t queriesCount = 0;
- sr->setAsyncCallback([target,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
- queriesCount++;
+ sr->setAsyncCallback([target, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queriesCount++;
- if (type == QType::DS || type == QType::DNSKEY) {
- if (domain == target) {
- /* there is no cut */
- return genericDSAndDNSKEYHandler(res, domain, domain, type, keys, false);
- }
- return genericDSAndDNSKEYHandler(res, domain, domain, type, keys);
+ if (type == QType::DS || type == QType::DNSKEY) {
+ if (domain == target) {
+ /* there is no cut */
+ return genericDSAndDNSKEYHandler(res, domain, domain, type, keys, false);
}
+ return genericDSAndDNSKEYHandler(res, domain, domain, type, keys);
+ }
- return 0;
- });
+ return 0;
+ });
vector<DNSRecord> ret;
/* first query does not require validation */
BOOST_CHECK_EQUAL(queriesCount, 4U);
}
-BOOST_AUTO_TEST_CASE(test_dnssec_validation_from_negcache_insecure) {
+BOOST_AUTO_TEST_CASE(test_dnssec_validation_from_negcache_insecure)
+{
/*
Validation is optional, and the first query does not ask for it,
so the answer is negatively cached as Indeterminate.
size_t queriesCount = 0;
- sr->setAsyncCallback([target,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
- queriesCount++;
+ sr->setAsyncCallback([target, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queriesCount++;
- DNSName auth = domain;
- auth.chopOff();
+ DNSName auth = domain;
+ auth.chopOff();
- if (type == QType::DS || type == QType::DNSKEY) {
- return genericDSAndDNSKEYHandler(res, domain, auth, type, keys);
- }
- else {
- setLWResult(res, RCode::NoError, true, false, true);
- addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
- return 1;
- }
+ if (type == QType::DS || type == QType::DNSKEY) {
+ return genericDSAndDNSKEYHandler(res, domain, auth, type, keys);
+ }
+ else {
+ setLWResult(res, RCode::NoError, true, false, true);
+ addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600);
+ return 1;
+ }
- return 0;
- });
+ return 0;
+ });
vector<DNSRecord> ret;
/* first query does not require validation */
BOOST_CHECK_EQUAL(ne->DNSSECRecords.signatures.size(), 0U);
}
-BOOST_AUTO_TEST_CASE(test_dnssec_validation_from_negcache_bogus) {
+BOOST_AUTO_TEST_CASE(test_dnssec_validation_from_negcache_bogus)
+{
/*
Validation is optional, and the first query does not ask for it,
so the answer is negatively cached as Indeterminate.
size_t queriesCount = 0;
- sr->setAsyncCallback([target,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
- queriesCount++;
+ sr->setAsyncCallback([target, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queriesCount++;
- DNSName auth = domain;
- auth.chopOff();
+ DNSName auth = domain;
+ auth.chopOff();
- if (type == QType::DS || type == QType::DNSKEY) {
- return genericDSAndDNSKEYHandler(res, domain, auth, type, keys);
- }
- else {
- setLWResult(res, RCode::NoError, true, false, true);
- addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 86400);
- addRRSIG(keys, res->d_records, domain, 86400);
- /* no denial */
- return 1;
- }
+ if (type == QType::DS || type == QType::DNSKEY) {
+ return genericDSAndDNSKEYHandler(res, domain, auth, type, keys);
+ }
+ else {
+ setLWResult(res, RCode::NoError, true, false, true);
+ addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 86400);
+ addRRSIG(keys, res->d_records, domain, 86400);
+ /* no denial */
+ return 1;
+ }
- return 0;
- });
+ return 0;
+ });
SyncRes::s_maxbogusttl = 60;
SyncRes::s_maxnegttl = 3600;
BOOST_CHECK_EQUAL(ne->DNSSECRecords.signatures.size(), 0U);
}
-BOOST_AUTO_TEST_CASE(test_lowercase_outgoing) {
+BOOST_AUTO_TEST_CASE(test_lowercase_outgoing)
+{
g_lowercaseOutgoing = true;
std::unique_ptr<SyncRes> sr;
initSR(sr);
const DNSName cname("WWW.PowerDNS.org");
sr->setAsyncCallback([target, cname, &sentOutQnames](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ sentOutQnames.push_back(domain);
- sentOutQnames.push_back(domain);
-
- if (isRootServer(ip)) {
- if (domain == target) {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, "powerdns.com.", QType::NS, "pdns-public-ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800);
- addRecordToLW(res, "pdns-public-ns1.powerdns.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- return 1;
- }
- if (domain == cname) {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, "powerdns.org.", QType::NS, "pdns-public-ns1.powerdns.org.", DNSResourceRecord::AUTHORITY, 172800);
- addRecordToLW(res, "pdns-public-ns1.powerdns.org.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
- return 1;
- }
- } else if (ip == ComboAddress("192.0.2.1:53")) {
- if (domain == target) {
- setLWResult(res, 0, true, false, false);
- addRecordToLW(res, domain, QType::CNAME, cname.toString());
- return 1;
- }
- } else if (ip == ComboAddress("192.0.2.2:53")) {
- if (domain == cname) {
- setLWResult(res, 0, true, false, false);
- addRecordToLW(res, domain, QType::A, "127.0.0.1");
- return 1;
- }
+ if (isRootServer(ip)) {
+ if (domain == target) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, "powerdns.com.", QType::NS, "pdns-public-ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800);
+ addRecordToLW(res, "pdns-public-ns1.powerdns.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
+ return 1;
}
- return 0;
+ if (domain == cname) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, "powerdns.org.", QType::NS, "pdns-public-ns1.powerdns.org.", DNSResourceRecord::AUTHORITY, 172800);
+ addRecordToLW(res, "pdns-public-ns1.powerdns.org.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600);
+ return 1;
+ }
+ }
+ else if (ip == ComboAddress("192.0.2.1:53")) {
+ if (domain == target) {
+ setLWResult(res, 0, true, false, false);
+ addRecordToLW(res, domain, QType::CNAME, cname.toString());
+ return 1;
+ }
+ }
+ else if (ip == ComboAddress("192.0.2.2:53")) {
+ if (domain == cname) {
+ setLWResult(res, 0, true, false, false);
+ addRecordToLW(res, domain, QType::A, "127.0.0.1");
+ return 1;
+ }
+ }
+ return 0;
});
vector<DNSRecord> ret;
g_lowercaseOutgoing = false;
}
-BOOST_AUTO_TEST_CASE(test_getDSRecords_multialgo) {
+BOOST_AUTO_TEST_CASE(test_getDSRecords_multialgo)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr, true);
keys2.insert(*rootkey);
sr->setAsyncCallback([target, keys, keys2](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
- DNSName auth = domain;
- auth.chopOff();
- if (type == QType::DS || type == QType::DNSKEY) {
- if (domain == target) {
- if (genericDSAndDNSKEYHandler(res, domain, auth, type, keys2) != 1) {
- return 0;
- }
+ DNSName auth = domain;
+ auth.chopOff();
+ if (type == QType::DS || type == QType::DNSKEY) {
+ if (domain == target) {
+ if (genericDSAndDNSKEYHandler(res, domain, auth, type, keys2) != 1) {
+ return 0;
}
- return genericDSAndDNSKEYHandler(res, domain, auth, type, keys);
}
- return 0;
- });
+ return genericDSAndDNSKEYHandler(res, domain, auth, type, keys);
+ }
+ return 0;
+ });
dsmap_t ds;
auto state = sr->getDSRecords(target, ds, false, 0, false);
}
}
-BOOST_AUTO_TEST_CASE(test_getDSRecords_multialgo_all_sha) {
+BOOST_AUTO_TEST_CASE(test_getDSRecords_multialgo_all_sha)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr, true);
keys3.insert(*rootkey);
sr->setAsyncCallback([target, keys, keys2, keys3](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
- DNSName auth = domain;
- auth.chopOff();
- if (type == QType::DS || type == QType::DNSKEY) {
- if (domain == target) {
- if (genericDSAndDNSKEYHandler(res, domain, auth, type, keys2) != 1) {
- return 0;
- }
- if (genericDSAndDNSKEYHandler(res, domain, auth, type, keys3) != 1) {
- return 0;
- }
+ DNSName auth = domain;
+ auth.chopOff();
+ if (type == QType::DS || type == QType::DNSKEY) {
+ if (domain == target) {
+ if (genericDSAndDNSKEYHandler(res, domain, auth, type, keys2) != 1) {
+ return 0;
+ }
+ if (genericDSAndDNSKEYHandler(res, domain, auth, type, keys3) != 1) {
+ return 0;
}
- return genericDSAndDNSKEYHandler(res, domain, auth, type, keys);
}
- return 0;
- });
+ return genericDSAndDNSKEYHandler(res, domain, auth, type, keys);
+ }
+ return 0;
+ });
dsmap_t ds;
auto state = sr->getDSRecords(target, ds, false, 0, false);
}
}
-BOOST_AUTO_TEST_CASE(test_getDSRecords_multialgo_two_highest) {
+BOOST_AUTO_TEST_CASE(test_getDSRecords_multialgo_two_highest)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr, true);
keys3.insert(*rootkey);
sr->setAsyncCallback([target, keys, keys2, keys3](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
- DNSName auth = domain;
- auth.chopOff();
- if (type == QType::DS || type == QType::DNSKEY) {
- if (domain == target) {
- if (genericDSAndDNSKEYHandler(res, domain, auth, type, keys2) != 1) {
- return 0;
- }
- if (genericDSAndDNSKEYHandler(res, domain, auth, type, keys3) != 1) {
- return 0;
- }
+ DNSName auth = domain;
+ auth.chopOff();
+ if (type == QType::DS || type == QType::DNSKEY) {
+ if (domain == target) {
+ if (genericDSAndDNSKEYHandler(res, domain, auth, type, keys2) != 1) {
+ return 0;
+ }
+ if (genericDSAndDNSKEYHandler(res, domain, auth, type, keys3) != 1) {
+ return 0;
}
- return genericDSAndDNSKEYHandler(res, domain, auth, type, keys);
}
- return 0;
- });
+ return genericDSAndDNSKEYHandler(res, domain, auth, type, keys);
+ }
+ return 0;
+ });
dsmap_t ds;
auto state = sr->getDSRecords(target, ds, false, 0, false);
}
}
-BOOST_AUTO_TEST_CASE(test_cname_plus_authority_ns_ttl) {
+BOOST_AUTO_TEST_CASE(test_cname_plus_authority_ns_ttl)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr);
size_t queriesCount = 0;
sr->setAsyncCallback([target, cnameTarget, &queriesCount](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queriesCount++;
- queriesCount++;
-
- if (isRootServer(ip)) {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, DNSName("powerdns.com"), QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 42);
- addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
+ if (isRootServer(ip)) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, DNSName("powerdns.com"), QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 42);
+ addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
+ return 1;
+ }
+ else if (ip == ComboAddress("192.0.2.1:53")) {
+ if (domain == target) {
+ setLWResult(res, 0, true, false, false);
+ addRecordToLW(res, domain, QType::CNAME, cnameTarget.toString());
+ addRecordToLW(res, cnameTarget, QType::A, "192.0.2.2");
+ addRecordToLW(res, DNSName("powerdns.com."), QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800);
+ addRecordToLW(res, DNSName("a.gtld-servers.net."), QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
return 1;
- } else if (ip == ComboAddress("192.0.2.1:53")) {
- if (domain == target) {
- setLWResult(res, 0, true, false, false);
- addRecordToLW(res, domain, QType::CNAME, cnameTarget.toString());
- addRecordToLW(res, cnameTarget, QType::A, "192.0.2.2");
- addRecordToLW(res, DNSName("powerdns.com."), QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800);
- addRecordToLW(res, DNSName("a.gtld-servers.net."), QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- return 1;
- }
- else if (domain == cnameTarget) {
- setLWResult(res, 0, true, false, false);
- addRecordToLW(res, domain, QType::A, "192.0.2.2");
- }
-
- return 1;
+ }
+ else if (domain == cnameTarget) {
+ setLWResult(res, 0, true, false, false);
+ addRecordToLW(res, domain, QType::A, "192.0.2.2");
}
- return 0;
- });
+ return 1;
+ }
+
+ return 0;
+ });
const time_t now = sr->getNow().tv_sec;
vector<DNSRecord> ret;
BOOST_CHECK_EQUAL(wasAuth, false);
}
-BOOST_AUTO_TEST_CASE(test_records_sanitization_general) {
+BOOST_AUTO_TEST_CASE(test_records_sanitization_general)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr);
const DNSName target("sanitization.powerdns.com.");
sr->setAsyncCallback([target](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
-
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, domain, QType::A, "192.0.2.1");
- /* should be scrubbed because it doesn't match the QType */
- addRecordToLW(res, domain, QType::AAAA, "2001:db8::1");
- /* should be scrubbed because the DNAME is not relevant to the qname */
- addRecordToLW(res, DNSName("not-sanitization.powerdns.com."), QType::DNAME, "not-sanitization.powerdns.net.");
- /* should be scrubbed because a MX has no reason to show up in AUTHORITY */
- addRecordToLW(res, domain, QType::MX, "10 mx.powerdns.com.", DNSResourceRecord::AUTHORITY);
- /* should be scrubbed because the SOA name is not relevant to the qname */
- addRecordToLW(res, DNSName("not-sanitization.powerdns.com."), QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY);
- /* should be scrubbed because types other than A or AAAA are not really supposed to show up in ADDITIONAL */
- addRecordToLW(res, domain, QType::TXT, "TXT", DNSResourceRecord::ADDITIONAL);
- /* should be scrubbed because it doesn't match any of the accepted names in this answer (mostly 'domain') */
- addRecordToLW(res, DNSName("powerdns.com."), QType::AAAA, "2001:db8::1", DNSResourceRecord::ADDITIONAL);
- return 1;
- });
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, domain, QType::A, "192.0.2.1");
+ /* should be scrubbed because it doesn't match the QType */
+ addRecordToLW(res, domain, QType::AAAA, "2001:db8::1");
+ /* should be scrubbed because the DNAME is not relevant to the qname */
+ addRecordToLW(res, DNSName("not-sanitization.powerdns.com."), QType::DNAME, "not-sanitization.powerdns.net.");
+ /* should be scrubbed because a MX has no reason to show up in AUTHORITY */
+ addRecordToLW(res, domain, QType::MX, "10 mx.powerdns.com.", DNSResourceRecord::AUTHORITY);
+ /* should be scrubbed because the SOA name is not relevant to the qname */
+ addRecordToLW(res, DNSName("not-sanitization.powerdns.com."), QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY);
+ /* should be scrubbed because types other than A or AAAA are not really supposed to show up in ADDITIONAL */
+ addRecordToLW(res, domain, QType::TXT, "TXT", DNSResourceRecord::ADDITIONAL);
+ /* should be scrubbed because it doesn't match any of the accepted names in this answer (mostly 'domain') */
+ addRecordToLW(res, DNSName("powerdns.com."), QType::AAAA, "2001:db8::1", DNSResourceRecord::ADDITIONAL);
+ return 1;
+ });
const time_t now = sr->getNow().tv_sec;
BOOST_CHECK_EQUAL(t_RC->get(now, DNSName("powerdns.com."), QType(QType::AAAA), false, &cached, who), -1);
}
-BOOST_AUTO_TEST_CASE(test_records_sanitization_keep_relevant_additional_aaaa) {
+BOOST_AUTO_TEST_CASE(test_records_sanitization_keep_relevant_additional_aaaa)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr);
const DNSName target("sanitization.powerdns.com.");
sr->setAsyncCallback([target](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
-
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, domain, QType::A, "192.0.2.1");
- addRecordToLW(res, domain, QType::AAAA, "2001:db8::1", DNSResourceRecord::ADDITIONAL);
- return 1;
- });
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, domain, QType::A, "192.0.2.1");
+ addRecordToLW(res, domain, QType::AAAA, "2001:db8::1", DNSResourceRecord::ADDITIONAL);
+ return 1;
+ });
const time_t now = sr->getNow().tv_sec;
BOOST_CHECK_GT(t_RC->get(now, target, QType(QType::AAAA), false, &cached, who), 0);
}
-BOOST_AUTO_TEST_CASE(test_records_sanitization_keep_glue) {
+BOOST_AUTO_TEST_CASE(test_records_sanitization_keep_glue)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr);
size_t queriesCount = 0;
- sr->setAsyncCallback([target,&queriesCount](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ sr->setAsyncCallback([target, &queriesCount](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
+ queriesCount++;
- queriesCount++;
-
- if (isRootServer(ip)) {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800);
- addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- addRecordToLW(res, "a.gtld-servers.net.", QType::AAAA, "2001:DB8::1", DNSResourceRecord::ADDITIONAL, 3600);
- return 1;
- }
- else if (ip == ComboAddress("192.0.2.1:53") || ip == ComboAddress("[2001:DB8::1]:53")) {
- setLWResult(res, 0, false, false, true);
- addRecordToLW(res, "powerdns.com.", QType::NS, "pdns-public-ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800);
- addRecordToLW(res, "powerdns.com.", QType::NS, "pdns-public-ns2.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800);
- addRecordToLW(res, "pdns-public-ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 172800);
- addRecordToLW(res, "pdns-public-ns1.powerdns.com.", QType::AAAA, "2001:DB8::2", DNSResourceRecord::ADDITIONAL, 172800);
- addRecordToLW(res, "pdns-public-ns2.powerdns.com.", QType::A, "192.0.2.3", DNSResourceRecord::ADDITIONAL, 172800);
- addRecordToLW(res, "pdns-public-ns2.powerdns.com.", QType::AAAA, "2001:DB8::3", DNSResourceRecord::ADDITIONAL, 172800);
- return 1;
- }
- else if (ip == ComboAddress("192.0.2.2:53") || ip == ComboAddress("192.0.2.3:53") || ip == ComboAddress("[2001:DB8::2]:53") || ip == ComboAddress("[2001:DB8::3]:53")) {
- setLWResult(res, 0, true, false, true);
- addRecordToLW(res, target, QType::A, "192.0.2.4");
- return 1;
- }
- else {
- return 0;
- }
- });
+ if (isRootServer(ip)) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800);
+ addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
+ addRecordToLW(res, "a.gtld-servers.net.", QType::AAAA, "2001:DB8::1", DNSResourceRecord::ADDITIONAL, 3600);
+ return 1;
+ }
+ else if (ip == ComboAddress("192.0.2.1:53") || ip == ComboAddress("[2001:DB8::1]:53")) {
+ setLWResult(res, 0, false, false, true);
+ addRecordToLW(res, "powerdns.com.", QType::NS, "pdns-public-ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800);
+ addRecordToLW(res, "powerdns.com.", QType::NS, "pdns-public-ns2.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800);
+ addRecordToLW(res, "pdns-public-ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 172800);
+ addRecordToLW(res, "pdns-public-ns1.powerdns.com.", QType::AAAA, "2001:DB8::2", DNSResourceRecord::ADDITIONAL, 172800);
+ addRecordToLW(res, "pdns-public-ns2.powerdns.com.", QType::A, "192.0.2.3", DNSResourceRecord::ADDITIONAL, 172800);
+ addRecordToLW(res, "pdns-public-ns2.powerdns.com.", QType::AAAA, "2001:DB8::3", DNSResourceRecord::ADDITIONAL, 172800);
+ return 1;
+ }
+ else if (ip == ComboAddress("192.0.2.2:53") || ip == ComboAddress("192.0.2.3:53") || ip == ComboAddress("[2001:DB8::2]:53") || ip == ComboAddress("[2001:DB8::3]:53")) {
+ setLWResult(res, 0, true, false, true);
+ addRecordToLW(res, target, QType::A, "192.0.2.4");
+ return 1;
+ }
+ else {
+ return 0;
+ }
+ });
const time_t now = sr->getNow().tv_sec;
BOOST_CHECK_GT(t_RC->get(now, DNSName("pdns-public-ns2.powerdns.com."), QType(QType::AAAA), false, &cached, who), 0);
}
-BOOST_AUTO_TEST_CASE(test_records_sanitization_scrubs_ns_nxd) {
+BOOST_AUTO_TEST_CASE(test_records_sanitization_scrubs_ns_nxd)
+{
std::unique_ptr<SyncRes> sr;
initSR(sr);
const DNSName target("sanitization-ns-nxd.powerdns.com.");
sr->setAsyncCallback([target](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional<Netmask>& srcmask, boost::optional<const ResolveContext&> context, LWResult* res, bool* chained) {
-
- setLWResult(res, RCode::NXDomain, true, false, true);
- addRecordToLW(res, "powerdns.com.", QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY);
- addRecordToLW(res, "powerdns.com.", QType::NS, "spoofed.ns.", DNSResourceRecord::AUTHORITY, 172800);
- addRecordToLW(res, "spoofed.ns.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
- addRecordToLW(res, "spoofed.ns.", QType::AAAA, "2001:DB8::1", DNSResourceRecord::ADDITIONAL, 3600);
- return 1;
- });
+ setLWResult(res, RCode::NXDomain, true, false, true);
+ addRecordToLW(res, "powerdns.com.", QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY);
+ addRecordToLW(res, "powerdns.com.", QType::NS, "spoofed.ns.", DNSResourceRecord::AUTHORITY, 172800);
+ addRecordToLW(res, "spoofed.ns.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600);
+ addRecordToLW(res, "spoofed.ns.", QType::AAAA, "2001:DB8::1", DNSResourceRecord::ADDITIONAL, 3600);
+ return 1;
+ });
const time_t now = sr->getNow().tv_sec;
BOOST_AUTO_TEST_SUITE(xpf_cc)
-BOOST_AUTO_TEST_CASE(test_generateXPFPayload) {
+BOOST_AUTO_TEST_CASE(test_generateXPFPayload)
+{
/* Mixing v4 with v6 should throw */
BOOST_CHECK_THROW(generateXPFPayload(false, ComboAddress("192.0.2.1"), ComboAddress("2001:db8::1")), std::runtime_error);
BOOST_CHECK_EQUAL(parsedSource.toStringWithPort(), source.toStringWithPort());
BOOST_CHECK_EQUAL(parsedDestination.toStringWithPort(), destination.toStringWithPort());
}
-
}
-BOOST_AUTO_TEST_CASE(test_parseXPFPayload) {
+BOOST_AUTO_TEST_CASE(test_parseXPFPayload)
+{
/* invalid sizes */
{
BOOST_CHECK_EQUAL(parseXPFPayload(nullptr, 39, source, &destination), false);
}
-
{
/* invalid protocol */
ComboAddress source("[2001:db8::1]:42");
ComboAddress source("192.0.2.1:53");
ComboAddress destination("192.0.2.2:65535");
-
auto payload = generateXPFPayload(true, source, destination);
/* set version to 6 */
payload.at(0) = 6;
ComboAddress source("[2001:db8::1]:42");
ComboAddress destination("[::1]:65535");
-
auto payload = generateXPFPayload(true, source, destination);
/* set version to 4 */
payload.at(0) = 4;
BOOST_CHECK(parseXPFPayload(payload.c_str(), payload.size(), parsedSource, nullptr));
BOOST_CHECK_EQUAL(parsedSource.toStringWithPort(), source.toStringWithPort());
}
-
}
-
BOOST_AUTO_TEST_SUITE_END()
#include <iostream>
#include <dnsrecords.hh>
-bool init_unit_test() {
+bool init_unit_test()
+{
reportAllTypes();
return true;
}
// entry point:
int main(int argc, char* argv[])
{
- return boost::unit_test::unit_test_main( &init_unit_test, argc, argv );
+ return boost::unit_test::unit_test_main(&init_unit_test, argc, argv);
}
projects / thirdparty / pdns.git / commitdiff
