From: Petr Špaček Date: Wed, 20 Nov 2019 11:38:38 +0000 (+0100) Subject: cache: integration test for explicit NS insertion X-Git-Tag: v4.3.0~9^2~1 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=18eb1185a5c5ea8ee28e4048e5bab94c672f7729;p=thirdparty%2Fknot-resolver.git cache: integration test for explicit NS insertion --- diff --git a/daemon/cache.test/insert_ns.test.integr/deckard.yaml b/daemon/cache.test/insert_ns.test.integr/deckard.yaml new file mode 100644 index 000000000..39f20ccd2 --- /dev/null +++ b/daemon/cache.test/insert_ns.test.integr/deckard.yaml @@ -0,0 +1,13 @@ +programs: +- name: kresd + binary: kresd + additional: + - -f + - "1" + templates: + - daemon/cache.test/insert_ns.test.integr/kresd_config.j2 + - tests/integration/hints_zone.j2 + configs: + - config + - hints +noclean: True diff --git a/daemon/cache.test/insert_ns.test.integr/kresd_config.j2 b/daemon/cache.test/insert_ns.test.integr/kresd_config.j2 new file mode 100644 index 000000000..089402a18 --- /dev/null +++ b/daemon/cache.test/insert_ns.test.integr/kresd_config.j2 @@ -0,0 +1,75 @@ +{% for TAF in TRUST_ANCHOR_FILES %} +trust_anchors.add_file('{{TAF}}') +{% endfor %} + +{% raw %} +-- insert NS record pointing to a non-delegated DNS server +cache.open(1*MB) +cache.clear() + +local ffi = require('ffi') +local c = kres.context().cache +ns_name = todname('ns.example.com') +local ns_addr = '\1\2\3\4' +local rr = kres.rrset(ns_name, kres.type.A, kres.class.IN, 3600999999) +assert(rr:add_rdata(ns_addr, #ns_addr)) +assert(c:insert(rr, nil, ffi.C.KR_RANK_SECURE)) + +rr_ns = kres.rrset(todname('example.com'), kres.type.NS, kres.class.IN, 3600) +assert(rr_ns:add_rdata(ns_name, #ns_name)) +assert(c:insert(rr_ns, nil, bit.bor(ffi.C.KR_RANK_AUTH, ffi.C.KR_RANK_INSECURE))) + +c:commit() +assert(cache.count() > 0) + +-- from now on queries for domain example.com should go directly to IP addr 1.2.3.4 + +-- Disable RFC5011 TA update +if ta_update then + modules.unload('ta_update') +end + +-- Disable RFC8145 signaling, scenario doesn't provide expected answers +if ta_signal_query then + modules.unload('ta_signal_query') +end + +-- Disable RFC8109 priming, scenario doesn't provide expected answers +if priming then + modules.unload('priming') +end + +-- Disable this module because it makes one priming query +if detect_time_skew then + modules.unload('detect_time_skew') +end + +_hint_root_file('hints') +verbose(true) +{% endraw %} + +net = { '{{SELF_ADDR}}' } + + +{% if QMIN == "false" %} +option('NO_MINIMIZE', true) +{% else %} +option('NO_MINIMIZE', false) +{% endif %} + + +-- Self-checks on globals +assert(help() ~= nil) +assert(worker.id ~= nil) +-- Self-checks on facilities +assert(cache.stats() ~= nil) +assert(cache.backends() ~= nil) +assert(worker.stats() ~= nil) +assert(net.interfaces() ~= nil) +-- Self-checks on loaded stuff +assert(net.list()[1].transport.ip == '{{SELF_ADDR}}') +assert(#modules.list() > 0) +-- Self-check timers +ev = event.recurrent(1 * sec, function (ev) return 1 end) +event.cancel(ev) +ev = event.after(0, function (ev) return 1 end) diff --git a/daemon/cache.test/insert_ns.test.integr/nondelegated_auth.rpl b/daemon/cache.test/insert_ns.test.integr/nondelegated_auth.rpl new file mode 100644 index 000000000..c36c9ccc2 --- /dev/null +++ b/daemon/cache.test/insert_ns.test.integr/nondelegated_auth.rpl @@ -0,0 +1,57 @@ +; config options +; target-fetch-policy: "0 0 0 0 0" +; name: "." + stub-addr: 193.0.14.129 # K.ROOT-SERVERS.NET. +CONFIG_END + +SCENARIO_BEGIN Delegation explicitly added into cache must be followed + +; ns.example.com. +RANGE_BEGIN 0 100 + ADDRESS 1.2.3.4 +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR NOERROR +SECTION QUESTION +example.com. IN NS +SECTION ANSWER +example.com. IN NS ns.example.com. +SECTION ADDITIONAL +ns.example.com. IN A 1.2.3.4 +ENTRY_END + +ENTRY_BEGIN +MATCH opcode qtype qname +ADJUST copy_id +REPLY QR NOERROR +SECTION QUESTION +www.example.com. IN A +SECTION ANSWER +www.example.com. IN A 10.20.30.40 +SECTION AUTHORITY +example.com. IN NS ns.example.com. +SECTION ADDITIONAL +ns.example.com. IN A 1.2.3.4 +ENTRY_END +RANGE_END + +STEP 1 QUERY +ENTRY_BEGIN +REPLY RD +SECTION QUESTION +www.example.com. IN A +ENTRY_END + +; recursion happens here. +STEP 10 CHECK_ANSWER +ENTRY_BEGIN +MATCH flags rcode question +REPLY QR RD RA NOERROR +SECTION QUESTION +www.example.com. IN A +SECTION ANSWER +www.example.com. IN A 10.20.30.40 +ENTRY_END + +SCENARIO_END diff --git a/daemon/meson.build b/daemon/meson.build index a7db4d361..a7efbb8d7 100644 --- a/daemon/meson.build +++ b/daemon/meson.build @@ -26,6 +26,9 @@ config_tests += [ ['cache.clear', files('cache.test/clear.test.lua')], ] +integr_tests += [ + ['cache_insert_ns', join_paths(meson.current_source_dir(), 'cache.test', 'insert_ns.test.integr')] +] kresd_deps = [ contrib_dep,