_confdir = 'auth'
_authPort = 5300
+ _backend = os.getenv("AUTH_BACKEND", "bind")
+
+ _backend_configs = dict(
+ bind="""
+bind-config={confdir}/named.conf
+bind-dnssec-db={bind_dnssec_db}
+""", lmdb="",
+ gsqlite3="")
+
_config_params = []
_config_template_default = """
module-dir={PDNS_MODULE_DIR}
daemon=no
-bind-config={confdir}/named.conf
-bind-dnssec-db={bind_dnssec_db}
socket-dir={confdir}
cache-ttl=0
negquery-cache-ttl=0
params = tuple([getattr(cls, param) for param in cls._config_params])
with open(os.path.join(confdir, 'pdns.conf'), 'w') as pdnsconf:
- pdnsconf.write(cls._config_template_default.format(
- confdir=confdir, prefix=cls._PREFIX,
- bind_dnssec_db=bind_dnssec_db,
- PDNS_MODULE_DIR=cls._PDNS_MODULE_DIR,
- ))
- pdnsconf.write(cls._config_template % params)
+ args = dict(backend=cls._backend,
+ confdir=confdir,
+ prefix=cls._PREFIX,
+ bind_dnssec_db=bind_dnssec_db,
+ PDNS_MODULE_DIR=cls._PDNS_MODULE_DIR
+ )
- os.system("sqlite3 ./configs/auth/powerdns.sqlite < ../modules/gsqlite3backend/schema.sqlite3.sql")
+ pdnsconf.write((cls._config_template_default + cls._backend_configs[cls._backend]).format(**args))
+ pdnsconf.write(cls._config_template.format(**args) % params)
- pdnsutilCmd = [os.environ['PDNSUTIL'],
- '--config-dir=%s' % confdir,
- 'create-bind-db',
- bind_dnssec_db]
+ if cls._backend == 'gsqlite3':
+ os.system("sqlite3 ./configs/auth/powerdns.sqlite < ../modules/gsqlite3backend/schema.sqlite3.sql")
- print(' '.join(pdnsutilCmd))
- try:
- subprocess.check_output(pdnsutilCmd, stderr=subprocess.STDOUT)
- except subprocess.CalledProcessError as e:
- raise AssertionError('%s failed (%d): %s' % (pdnsutilCmd, e.returncode, e.output))
+ if cls._backend == 'lmdb':
+ os.system("rm -f pdns.lmdb*")
+
+ if cls._backend == 'bind':
+ pdnsutilCmd = [os.environ['PDNSUTIL'],
+ '--config-dir=%s' % confdir,
+ 'create-bind-db',
+ bind_dnssec_db]
+
+ print(' '.join(pdnsutilCmd))
+ try:
+ subprocess.check_output(pdnsutilCmd, stderr=subprocess.STDOUT)
+ except subprocess.CalledProcessError as e:
+ raise AssertionError('%s failed (%d): %s' % (pdnsutilCmd, e.returncode, e.output))
@classmethod
def secureZone(cls, confdir, zonename, key=None):
@classmethod
def generateAllAuthConfig(cls, confdir):
cls.generateAuthConfig(confdir)
- cls.generateAuthNamedConf(confdir, cls._zones.keys())
-
- for zonename, zonecontent in cls._zones.items():
- cls.generateAuthZone(confdir,
- zonename,
- zonecontent)
- if cls._zone_keys.get(zonename, None):
- cls.secureZone(confdir, zonename, cls._zone_keys.get(zonename))
+
+ if cls._backend == 'bind':
+ cls.generateAuthNamedConf(confdir, cls._zones.keys())
+
+ for zonename, zonecontent in cls._zones.items():
+ cls.generateAuthZone(confdir,
+ zonename,
+ zonecontent)
+ if cls._zone_keys.get(zonename, None):
+ cls.secureZone(confdir, zonename, cls._zone_keys.get(zonename))
+ elif cls._backend == 'lmdb':
+ for zonename, zonecontent in cls._zones.items():
+ cls.generateAuthZone(confdir,
+ zonename,
+ zonecontent)
+ pdnsutilCmd = [os.environ['PDNSUTIL'],
+ '--config-dir=%s' % confdir,
+ 'load-zone',
+ zonename,
+ os.path.join(confdir, '%s.zone' % zonename)]
+
+ print(' '.join(pdnsutilCmd))
+ try:
+ subprocess.check_output(pdnsutilCmd, stderr=subprocess.STDOUT)
+ except subprocess.CalledProcessError as e:
+ raise AssertionError('%s failed (%d): %s' % (pdnsutilCmd, e.returncode, e.output))
+ if cls._zone_keys.get(zonename, None):
+ cls.secureZone(confdir, zonename, cls._zone_keys.get(zonename))
+ elif cls._backend == 'gsqlite3':
+ # this is not a supported config from the user, but some of the test_*.py files use gsqlite3
+ return
+ else:
+ raise RuntimeError("unknown backend " + cls._backend + " specified")
+
@classmethod
def waitForTCPSocket(cls, ipaddress, port):
expand-alias=yes
resolver=%s.1:5301
any-to-tcp=no
-launch=bind
+launch={backend}
edns-subnet-processing=yes
"""
class TestBindAny(AuthTest):
_config_template = """
-launch=bind
+launch={backend}
"""
_zones = {
_carbonQueue2 = Queue()
_carbonCounters = {}
_config_template = """
- launch=bind
+ launch={backend}
carbon-namespace=%s
carbon-instance=%s
carbon-interval=%s
class TestEdnsCookies(AuthTest):
_config_template = """
-launch=bind
+launch={backend}
edns-cookie-secret=aabbccddeeff11223344556677889900
"""
class TestDirectDNSKEYSignature(AuthTest):
_config_template = """
- launch=bind
+ launch={backend}
direct-dnskey=yes
direct-dnskey-signature=yes
"""
class GSSTSIGBase(AuthTest):
+ _backend = 'gsqlite3'
+
_config_template_default = """
module-dir={PDNS_MODULE_DIR}
daemon=no
xfrServer = AXFRServer(xfrServerPort, zones)
class TestIXFR(AuthTest):
+ _backend = 'gsqlite3'
+
_config_template = """
-launch=gsqlite3 bind
+launch=gsqlite3
gsqlite3-database=configs/auth/powerdns.sqlite
gsqlite3-dnssec
secondary
_config_template = """
geoip-database-files=../modules/geoipbackend/regression-tests/GeoLiteCity.mmdb
edns-subnet-processing=yes
-launch=bind geoip
+launch={backend} geoip
any-to-tcp=no
enable-lua-records
lua-records-insert-whitespace=yes
_config_template = """
geoip-database-files=../modules/geoipbackend/regression-tests/GeoLiteCity.mmdb
edns-subnet-processing=yes
-launch=bind geoip
+launch={backend} geoip
any-to-tcp=no
enable-lua-records=shared
lua-records-insert-whitespace=yes
_config_template = """
geoip-database-files=../modules/geoipbackend/regression-tests/GeoLiteCity.mmdb
edns-subnet-processing=yes
-launch=bind geoip
+launch={backend} geoip
any-to-tcp=no
enable-lua-records
lua-records-insert-whitespace=no
_config_template = """
geoip-database-files=../modules/geoipbackend/regression-tests/GeoLiteCity.mmdb
edns-subnet-processing=yes
-launch=bind geoip
+launch={backend} geoip
any-to-tcp=no
enable-lua-records
lua-records-insert-whitespace=yes
_config_template = """
geoip-database-files=../modules/geoipbackend/regression-tests/GeoLiteCity.mmdb
edns-subnet-processing=yes
-launch=bind geoip
+launch={backend} geoip
any-to-tcp=no
enable-lua-records
lua-records-insert-whitespace=yes
from authtests import AuthTest
class TestLuaRecordsLMDB(AuthTest):
- # Copied from AuthTest, without the bind-config and bind-dnssec fields,
- # since these tests target LMDB an a backend.
- _config_template_default = """
-daemon=no
-socket-dir={confdir}
-cache-ttl=0
-negquery-cache-ttl=0
-query-cache-ttl=0
-log-dns-queries=yes
-log-dns-details=yes
-loglevel=9
-distributor-threads=1"""
+ _backend = 'lmdb'
_config_template = """
launch=lmdb
"""
}
- @classmethod
- def generateAllAuthConfig(cls, confdir):
- # This is very similar to AuthTest.generateAllAuthConfig,
- # but for lmdb backend, we ignore auth keys but need to load-zone
- # into lmdb storage.
- cls.generateAuthConfig(confdir)
-
- for zonename, zonecontent in cls._zones.items():
- cls.generateAuthZone(confdir,
- zonename,
- zonecontent)
- pdnsutilCmd = [os.environ['PDNSUTIL'],
- '--config-dir=%s' % confdir,
- 'load-zone',
- zonename,
- os.path.join(confdir, '%s.zone' % zonename)]
-
- print(' '.join(pdnsutilCmd))
- try:
- subprocess.check_output(pdnsutilCmd, stderr=subprocess.STDOUT)
- except subprocess.CalledProcessError as e:
- raise AssertionError('%s failed (%d): %s' % (pdnsutilCmd, e.returncode, e.output))
-
def testPickRandomWithNestedLua(self):
"""
Basic pickrandom() test with a set of A records, with a bit of lua inclusion
import os
import socket
import struct
+import subprocess
import threading
import time
import unittest
class TestProxyProtocolLuaRecords(AuthTest):
_config_template = """
-launch=bind
+launch={backend}
any-to-tcp=no
proxy-protocol-from=127.0.0.1
enable-lua-records
class TestProxyProtocolNOTIFY(AuthTest):
_config_template = """
-launch=bind
+launch={backend}
any-to-tcp=no
proxy-protocol-from=127.0.0.1
secondary
"""
- _zones = { 'example.org': '192.0.2.1',
+ _secondary_zones = { 'example.org': '192.0.2.1',
'example.com': '192.0.2.2'
}
+ _zones = {}
+
@classmethod
def generateAuthZone(cls, confdir, zonename, zonecontent):
try:
except:
pass
+ @classmethod
+ def generateAuthConfig(cls, confdir):
+ super(TestProxyProtocolNOTIFY, cls).generateAuthConfig(confdir)
+ if cls._backend == 'lmdb':
+ for zonename in cls._secondary_zones:
+ pdnsutilCmd = [os.environ['PDNSUTIL'],
+ '--config-dir=%s' % confdir,
+ 'create-secondary-zone',
+ zonename,
+ cls._secondary_zones[zonename]]
+
+ print(' '.join(pdnsutilCmd))
+ try:
+ subprocess.check_output(pdnsutilCmd, stderr=subprocess.STDOUT)
+ except subprocess.CalledProcessError as e:
+ raise AssertionError('%s failed (%d): %s' % (pdnsutilCmd, e.returncode, e.output))
+
@classmethod
def generateAuthNamedConf(cls, confdir, zones):
with open(os.path.join(confdir, 'named.conf'), 'w') as namedconf:
options {
directory "%s";
};""" % confdir)
- for zonename in zones:
+ for zonename in cls._secondary_zones:
zone = '.' if zonename == 'ROOT' else zonename
namedconf.write("""
type secondary;
file "%s.zone";
masters { %s; };
- };""" % (zone, zonename, cls._zones[zone]))
+ };""" % (zone, zonename, cls._secondary_zones[zone]))
@classmethod
class TestProxyProtocolAXFRACL(AuthTest):
_config_template = """
-launch=bind
+launch={backend}
any-to-tcp=no
proxy-protocol-from=127.0.0.1
allow-axfr-ips=192.0.2.53
class CrossZoneResolveBase(AuthTest):
_config_template = """
any-to-tcp=no
-launch=bind
+launch={backend}
edns-subnet-processing=yes
"""
target_otherzone_ip = "192.0.2.2"
import subprocess
class SVCBRecordsBase(AuthTest):
- # Copied from AuthTest, without the bind-config and bind-dnssec fields.
- _config_template_default = """
-module-dir={PDNS_MODULE_DIR}
-daemon=no
-socket-dir={confdir}
-cache-ttl=0
-negquery-cache-ttl=0
-query-cache-ttl=0
-log-dns-queries=yes
-log-dns-details=yes
-loglevel=9
-distributor-threads=1"""
-
_config_template = """
svc-autohints
"""
self.assertEqual(len(res.additional), 2)
class TestSVCBRecordsBind(SVCBRecordsBase):
+ _backend = "bind"
+
_config_template_default = (
SVCBRecordsBase._config_template_default
+ """
_config_template = (
SVCBRecordsBase._config_template
+ """
-launch=bind
+launch={backend}
"""
)
self.impl_testAutoAAAA()
class TestSVCBRecordsLMDB(SVCBRecordsBase):
+ _backend='lmdb'
+
_config_template = (
SVCBRecordsBase._config_template
+ """
"""
global badxfrServerPort
+
+ _backend = 'gsqlite3'
+
_config_template = """
-launch=gsqlite3 bind
+launch=gsqlite3
gsqlite3-database=configs/auth/powerdns.sqlite
gsqlite3-dnssec
secondary
if backend == 'authpy':
c.sudo(f'sh -c \'echo "{auth_backend_ip_addr} kerberos-server" | tee -a /etc/hosts\'')
- with c.cd('regression-tests.auth-py'):
- c.run(f'{pdns_auth_env_vars} WITHKERBEROS=YES ./runtests')
+ for auth_backend in ('bind', 'lmdb'):
+ with c.cd('regression-tests.auth-py'):
+ c.run(f'{pdns_auth_env_vars} AUTH_BACKEND={auth_backend} WITHKERBEROS=YES ./runtests')
return
if backend == 'bind':
projects / thirdparty / pdns.git / commitdiff
