From: Otto Moerbeek Date: Wed, 27 Nov 2019 09:09:00 +0000 (+0100) Subject: Reformat X-Git-Tag: auth-4.3.0-alpha1~24^2~1 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=42dcf5165cbf869857b472dd1a257feb0a7893d6;p=thirdparty%2Fpdns.git Reformat --- diff --git a/pdns/recursordist/negcache.cc b/pdns/recursordist/negcache.cc index f7f5646f45..54399b75c1 100644 --- a/pdns/recursordist/negcache.cc +++ b/pdns/recursordist/negcache.cc @@ -35,7 +35,8 @@ * \param ne A NegCacheEntry that is filled when there is a cache entry * \return true if ne was filled out, false otherwise */ -bool NegCache::getRootNXTrust(const DNSName& qname, const struct timeval& now, const NegCacheEntry** ne) { +bool NegCache::getRootNXTrust(const DNSName& qname, const struct timeval& now, const NegCacheEntry** ne) +{ // Never deny the root. if (qname.isRoot()) return false; @@ -45,10 +46,7 @@ bool NegCache::getRootNXTrust(const DNSName& qname, const struct timeval& now, c DNSName lastLabel = qname.getLastLabel(); negcache_t::const_iterator ni = d_negcache.find(tie(lastLabel, qtnull)); - while (ni != d_negcache.end() && - ni->d_name == lastLabel && - ni->d_auth.isRoot() && - ni->d_qtype == qtnull) { + while (ni != d_negcache.end() && ni->d_name == lastLabel && ni->d_auth.isRoot() && ni->d_qtype == qtnull) { // We have something if ((uint32_t)now.tv_sec < ni->d_ttd) { *ne = &(*ni); @@ -70,7 +68,8 @@ bool NegCache::getRootNXTrust(const DNSName& qname, const struct timeval& now, c * \param ne A NegCacheEntry that is filled when there is a cache entry * \return true if ne was filled out, false otherwise */ -bool NegCache::get(const DNSName& qname, const QType& qtype, const struct timeval& now, const NegCacheEntry** ne, bool typeMustMatch) { +bool NegCache::get(const DNSName& qname, const QType& qtype, const struct timeval& now, const NegCacheEntry** ne, bool typeMustMatch) +{ const auto& idx = d_negcache.get<2>(); auto range = idx.equal_range(qname); auto ni = range.first; @@ -81,7 +80,7 @@ bool NegCache::get(const DNSName& qname, const QType& qtype, const struct timeva // We match the QType or the whole name is denied auto firstIndexIterator = d_negcache.project<0>(ni); - if((uint32_t) now.tv_sec < ni->d_ttd) { + if ((uint32_t)now.tv_sec < ni->d_ttd) { // Not expired *ne = &(*ni); moveCacheItemToBack(d_negcache, firstIndexIterator); @@ -100,7 +99,8 @@ bool NegCache::get(const DNSName& qname, const QType& qtype, const struct timeva * * \param ne The NegCacheEntry to add to the cache */ -void NegCache::add(const NegCacheEntry& ne) { +void NegCache::add(const NegCacheEntry& ne) +{ lruReplacingInsert(d_negcache, ne); } @@ -111,7 +111,8 @@ void NegCache::add(const NegCacheEntry& ne) { * \param qtype The type of the entry to replace * \param newState The new validation state */ -void NegCache::updateValidationStatus(const DNSName& qname, const QType& qtype, const vState newState, boost::optional capTTD) { +void NegCache::updateValidationStatus(const DNSName& qname, const QType& qtype, const vState newState, boost::optional capTTD) +{ auto range = d_negcache.equal_range(tie(qname, qtype)); if (range.first != range.second) { @@ -127,7 +128,8 @@ void NegCache::updateValidationStatus(const DNSName& qname, const QType& qtype, * * \param qname The name of the entries to be counted */ -uint64_t NegCache::count(const DNSName& qname) const { +uint64_t NegCache::count(const DNSName& qname) const +{ return d_negcache.count(tie(qname)); } @@ -137,7 +139,8 @@ uint64_t NegCache::count(const DNSName& qname) const { * \param qname The name of the entries to be counted * \param qtype The type of the entries to be counted */ -uint64_t NegCache::count(const DNSName& qname, const QType qtype) const { +uint64_t NegCache::count(const DNSName& qname, const QType qtype) const +{ return d_negcache.count(tie(qname, qtype)); } @@ -148,11 +151,12 @@ uint64_t NegCache::count(const DNSName& qname, const QType qtype) const { * \param name The DNSName of the entries to wipe * \param subtree Should all entries under name be removed? */ -uint64_t NegCache::wipe(const DNSName& name, bool subtree) { +uint64_t NegCache::wipe(const DNSName& name, bool subtree) +{ uint64_t ret(0); if (subtree) { for (auto i = d_negcache.lower_bound(tie(name)); i != d_negcache.end();) { - if(!i->d_name.isPartOf(name)) + if (!i->d_name.isPartOf(name)) break; i = d_negcache.erase(i); ret++; @@ -169,7 +173,8 @@ uint64_t NegCache::wipe(const DNSName& name, bool subtree) { /*! * Clear the negative cache */ -void NegCache::clear() { +void NegCache::clear() +{ d_negcache.clear(); } @@ -178,7 +183,8 @@ void NegCache::clear() { * * \param maxEntries The maximum number of entries that may exist in the cache. */ -void NegCache::prune(unsigned int maxEntries) { +void NegCache::prune(unsigned int maxEntries) +{ pruneCollection(*this, d_negcache, maxEntries, 200); } @@ -187,13 +193,14 @@ void NegCache::prune(unsigned int maxEntries) { * * \param fp A pointer to an open FILE object */ -uint64_t NegCache::dumpToFile(FILE* fp) { +uint64_t NegCache::dumpToFile(FILE* fp) +{ uint64_t ret(0); struct timeval now; Utility::gettimeofday(&now, nullptr); negcache_sequence_t& sidx = d_negcache.get<1>(); - for(const NegCacheEntry& ne : sidx) { + for (const NegCacheEntry& ne : sidx) { ret++; fprintf(fp, "%s %" PRId64 " IN %s VIA %s ; (%s)\n", ne.d_name.toString().c_str(), static_cast(ne.d_ttd - now.tv_sec), ne.d_qtype.getName().c_str(), ne.d_auth.toString().c_str(), vStates[ne.d_validationState]); for (const auto& rec : ne.DNSSECRecords.records) { diff --git a/pdns/recursordist/negcache.hh b/pdns/recursordist/negcache.hh index 63eae63054..e8d2b49cba 100644 --- a/pdns/recursordist/negcache.hh +++ b/pdns/recursordist/negcache.hh @@ -38,69 +38,69 @@ using namespace ::boost::multi_index; * * typedef vector recordsAndSignatures; */ -typedef struct { +typedef struct +{ vector records; vector signatures; } recordsAndSignatures; -class NegCache : public boost::noncopyable { - public: - struct NegCacheEntry { - DNSName d_name; // The denied name - QType d_qtype; // The denied type - DNSName d_auth; // The denying name (aka auth) - mutable uint32_t d_ttd; // Timestamp when this entry should die - recordsAndSignatures authoritySOA; // The upstream SOA record and RRSIGs - recordsAndSignatures DNSSECRecords; // The upstream NSEC(3) and RRSIGs - mutable vState d_validationState{Indeterminate}; - uint32_t getTTD() const { - return d_ttd; - }; +class NegCache : public boost::noncopyable +{ +public: + struct NegCacheEntry + { + DNSName d_name; // The denied name + QType d_qtype; // The denied type + DNSName d_auth; // The denying name (aka auth) + mutable uint32_t d_ttd; // Timestamp when this entry should die + recordsAndSignatures authoritySOA; // The upstream SOA record and RRSIGs + recordsAndSignatures DNSSECRecords; // The upstream NSEC(3) and RRSIGs + mutable vState d_validationState{Indeterminate}; + uint32_t getTTD() const + { + return d_ttd; }; + }; - void add(const NegCacheEntry& ne); - void updateValidationStatus(const DNSName& qname, const QType& qtype, const vState newState, boost::optional capTTD); - bool get(const DNSName& qname, const QType& qtype, const struct timeval& now, const NegCacheEntry** ne, bool typeMustMatch=false); - bool getRootNXTrust(const DNSName& qname, const struct timeval& now, const NegCacheEntry** ne); - uint64_t count(const DNSName& qname) const; - uint64_t count(const DNSName& qname, const QType qtype) const; - void prune(unsigned int maxEntries); - void clear(); - uint64_t dumpToFile(FILE* fd); - uint64_t wipe(const DNSName& name, bool subtree = false); + void add(const NegCacheEntry& ne); + void updateValidationStatus(const DNSName& qname, const QType& qtype, const vState newState, boost::optional capTTD); + bool get(const DNSName& qname, const QType& qtype, const struct timeval& now, const NegCacheEntry** ne, bool typeMustMatch = false); + bool getRootNXTrust(const DNSName& qname, const struct timeval& now, const NegCacheEntry** ne); + uint64_t count(const DNSName& qname) const; + uint64_t count(const DNSName& qname, const QType qtype) const; + void prune(unsigned int maxEntries); + void clear(); + uint64_t dumpToFile(FILE* fd); + uint64_t wipe(const DNSName& name, bool subtree = false); - uint64_t size() { - return d_negcache.size(); - }; + uint64_t size() + { + return d_negcache.size(); + }; - void preRemoval(const NegCacheEntry& entry) - { - } + void preRemoval(const NegCacheEntry& entry) + { + } - private: - typedef boost::multi_index_container < - NegCacheEntry, - indexed_by < - ordered_unique < - composite_key < - NegCacheEntry, - member, - member - >, - composite_key_compare < - CanonDNSNameCompare, std::less - > - >, - sequenced<>, - hashed_non_unique < - member - > - > - > negcache_t; +private: + typedef boost::multi_index_container< + NegCacheEntry, + indexed_by< + ordered_unique< + composite_key< + NegCacheEntry, + member, + member>, + composite_key_compare< + CanonDNSNameCompare, std::less>>, + sequenced<>, + hashed_non_unique< + member>>> + negcache_t; - // Required for the cachecleaner - typedef negcache_t::nth_index<1>::type negcache_sequence_t; + // Required for the cachecleaner + typedef negcache_t::nth_index<1>::type negcache_sequence_t; - // Stores the negative cache entries - negcache_t d_negcache; + // Stores the negative cache entries + negcache_t d_negcache; }; diff --git a/pdns/recursordist/pubsuffixloader.cc b/pdns/recursordist/pubsuffixloader.cc index 4f46555233..e9a25bfc16 100644 --- a/pdns/recursordist/pubsuffixloader.cc +++ b/pdns/recursordist/pubsuffixloader.cc @@ -34,7 +34,7 @@ std::vector> g_pubs; void initPublicSuffixList(const std::string& file) { std::vector> pbList; - + bool loaded = false; if (!file.empty()) { try { @@ -61,24 +61,24 @@ void initPublicSuffixList(const std::string& file) } pbList.push_back(name.labelReverse().getRawLabels()); } - catch(...) { + catch (...) { /* not a DNS name, ignoring */ } } - g_log< parts; stringtok(parts, low, "."); diff --git a/pdns/recursordist/rec_metrics.hh b/pdns/recursordist/rec_metrics.hh index cffdbc7f44..5ad436aa31 100644 --- a/pdns/recursordist/rec_metrics.hh +++ b/pdns/recursordist/rec_metrics.hh @@ -30,187 +30,418 @@ #include // Metric types for Prometheus -enum class PrometheusMetricType: int { - counter = 1, - gauge = 2 +enum class PrometheusMetricType : int +{ + counter = 1, + gauge = 2 }; // Keeps additional information about metrics -struct MetricDefinition { - MetricDefinition(const PrometheusMetricType& prometheusType_, const std::string& description_) { - prometheusType = prometheusType_; - description = description_; - } +struct MetricDefinition +{ + MetricDefinition(const PrometheusMetricType& prometheusType_, const std::string& description_) + { + prometheusType = prometheusType_; + description = description_; + } - MetricDefinition() = default; + MetricDefinition() = default; - // Metric description - std::string description; - // Metric type for Prometheus - PrometheusMetricType prometheusType; + // Metric description + std::string description; + // Metric type for Prometheus + PrometheusMetricType prometheusType; }; -class MetricDefinitionStorage { +class MetricDefinitionStorage +{ public: - // Return metric definition by name - bool getMetricDetails(const std::string& metricName, MetricDefinition& metric) { - auto metricDetailsIter = metrics.find(metricName); - - if (metricDetailsIter == metrics.end()) { - return false; - } - - metric = metricDetailsIter->second; - return true; - }; - - // Return string representation of Prometheus metric type - std::string getPrometheusStringMetricType(const PrometheusMetricType& metricType) { - switch (metricType) { - case PrometheusMetricType::counter: - return "counter"; - break; - case PrometheusMetricType::gauge: - return "gauge"; - break; - default: - return ""; - break; - } - }; + // Return metric definition by name + bool getMetricDetails(const std::string& metricName, MetricDefinition& metric) + { + auto metricDetailsIter = metrics.find(metricName); + + if (metricDetailsIter == metrics.end()) { + return false; + } + + metric = metricDetailsIter->second; + return true; + }; + + // Return string representation of Prometheus metric type + std::string getPrometheusStringMetricType(const PrometheusMetricType& metricType) + { + switch (metricType) { + case PrometheusMetricType::counter: + return "counter"; + break; + case PrometheusMetricType::gauge: + return "gauge"; + break; + default: + return ""; + break; + } + }; private: - // Description and types for prometheus output of stats - std::map metrics = { - { "all-outqueries", MetricDefinition(PrometheusMetricType::counter, "Number of outgoing UDP queries since starting") }, - - { "answers-slow", MetricDefinition(PrometheusMetricType::counter, "Number of queries answered after 1 second") }, - { "answers0-1", MetricDefinition(PrometheusMetricType::counter, "Number of queries answered within 1 millisecond") }, - { "answers1-10", MetricDefinition(PrometheusMetricType::counter, "Number of queries answered within 10 milliseconds") }, - { "answers10-100", MetricDefinition(PrometheusMetricType::counter, "Number of queries answered within 100 milliseconds") }, - { "answers100-1000", MetricDefinition(PrometheusMetricType::counter, "Number of queries answered within 1 second") }, - - { "auth4-answers-slow", MetricDefinition(PrometheusMetricType::counter, "Number of queries answered by authoritatives over IPv4 after 1 second") }, - { "auth4-answers0-1", MetricDefinition(PrometheusMetricType::counter, "Number of queries answered by authoritatives over IPv4within 1 millisecond") }, - { "auth4-answers1-10", MetricDefinition(PrometheusMetricType::counter, "Number of queries answered by authoritatives over IPv4 within 10 milliseconds") }, - { "auth4-answers10-100", MetricDefinition(PrometheusMetricType::counter, "Number of queries answered by authoritatives over IPv4 within 100 milliseconds") }, - { "auth4-answers100-1000", MetricDefinition(PrometheusMetricType::counter, "Number of queries answered by authoritatives over IPv4 within 1 second") }, - - { "auth6-answers-slow", MetricDefinition(PrometheusMetricType::counter, "Number of queries answered by authoritatives over IPv6 after 1 second") }, - { "auth6-answers0-1", MetricDefinition(PrometheusMetricType::counter, "Number of queries answered by authoritatives over IPv6 within 1 millisecond") }, - { "auth6-answers1-10", MetricDefinition(PrometheusMetricType::counter, "Number of queries answered by authoritatives over IPv6 within 10 milliseconds") }, - { "auth6-answers10-100", MetricDefinition(PrometheusMetricType::counter, "Number of queries answered by authoritatives over IPv6 within 100 milliseconds") }, - { "auth6-answers100-1000", MetricDefinition(PrometheusMetricType::counter, "Number of queries answered by authoritatives over IPv6 within 1 second") }, - - - - { "auth-zone-queries", MetricDefinition(PrometheusMetricType::counter, "Number of queries to locally hosted authoritative zones (`setting-auth-zones`) since starting") }, - { "cache-bytes", MetricDefinition(PrometheusMetricType::gauge, "Size of the cache in bytes") }, - { "cache-entries", MetricDefinition(PrometheusMetricType::gauge, "Number of entries in the cache") }, - { "cache-hits", MetricDefinition(PrometheusMetricType::counter, "Number of of cache hits since starting, this does **not** include hits that got answered from the packet-cache") }, - { "cache-misses", MetricDefinition(PrometheusMetricType::counter, "Number of cache misses since starting") }, - { "case-mismatches", MetricDefinition(PrometheusMetricType::counter, "Number of mismatches in character case since starting") }, - { "chain-resends", MetricDefinition(PrometheusMetricType::counter, "Number of queries chained to existing outstanding") }, - { "client-parse-errors", MetricDefinition(PrometheusMetricType::counter, "Number of client packets that could not be parsed") }, - { "concurrent-queries", MetricDefinition(PrometheusMetricType::gauge, "Number of MThreads currently running") }, - { "cpu-msec-thread-0", MetricDefinition(PrometheusMetricType::counter, "Number of milliseconds spent in thread n") }, - { "dlg-only-drops", MetricDefinition(PrometheusMetricType::counter, "Number of records dropped because of `setting-delegation-only` setting") }, - - { "dnssec-authentic-data-queries", MetricDefinition(PrometheusMetricType::counter, "Number of queries received with the AD bit set") }, - { "dnssec-check-disabled-queries", MetricDefinition(PrometheusMetricType::counter, "Number of queries received with the CD bit set") }, - { "dnssec-queries", MetricDefinition(PrometheusMetricType::counter, "Number of queries received with the DO bit set") }, - { "dnssec-result-bogus", MetricDefinition(PrometheusMetricType::counter, "Number of DNSSEC validations that had the Bogus state") }, - { "dnssec-result-indeterminate", MetricDefinition(PrometheusMetricType::counter, "Number of DNSSEC validations that had the Indeterminate state") }, - { "dnssec-result-insecure", MetricDefinition(PrometheusMetricType::counter, "Number of DNSSEC validations that had the Insecure state") }, - { "dnssec-result-nta", MetricDefinition(PrometheusMetricType::counter, "Number of DNSSEC validations that had the (negative trust anchor) state") }, - { "dnssec-result-secure", MetricDefinition(PrometheusMetricType::counter, "Number of DNSSEC validations that had the Secure state") }, - - { "dnssec-validations", MetricDefinition(PrometheusMetricType::counter, "Number of DNSSEC validations performed") }, - { "dont-outqueries", MetricDefinition(PrometheusMetricType::counter, "Number of outgoing queries dropped because of `setting-dont-query` setting") }, - { "qname-min-fallback-success", MetricDefinition(PrometheusMetricType::counter, "Number of successful queries due to fallback mechanism within 'qname-minimization' setting") }, - { "ecs-queries", MetricDefinition(PrometheusMetricType::counter, "Number of outgoing queries adorned with an EDNS Client Subnet option") }, - { "ecs-responses", MetricDefinition(PrometheusMetricType::counter, "Number of responses received from authoritative servers with an EDNS Client Subnet option we used") }, - { "edns-ping-matches", MetricDefinition(PrometheusMetricType::counter, "Number of servers that sent a valid EDNS PING response") }, - { "edns-ping-mismatches", MetricDefinition(PrometheusMetricType::counter, "Number of servers that sent an invalid EDN PING response") }, - { "failed-host-entries", MetricDefinition(PrometheusMetricType::counter, "Number of servers that failed to resolve") }, - { "ignored-packets", MetricDefinition(PrometheusMetricType::counter, "Number of non-query packets received on server sockets that should only get query packets") }, - { "ipv6-outqueries", MetricDefinition(PrometheusMetricType::counter, "Number of outgoing queries over IPv6") }, - { "ipv6-questions", MetricDefinition(PrometheusMetricType::counter, "Number of end-user initiated queries with the RD bit set, received over IPv6 UDP") }, - { "malloc-bytes", MetricDefinition(PrometheusMetricType::counter, "Number of bytes allocated by the process (broken, always returns 0)") }, - { "max-cache-entries", MetricDefinition(PrometheusMetricType::gauge, "Currently configured maximum number of cache entries") }, - { "max-packetcache-entries", MetricDefinition(PrometheusMetricType::gauge, "Currently configured maximum number of packet cache entries") }, - { "max-mthread-stack", MetricDefinition(PrometheusMetricType::gauge, "Maximum amount of thread stack ever used") }, - - - { "negcache-entries", MetricDefinition(PrometheusMetricType::gauge, "Number of entries in the negative answer cache") }, - { "no-packet-error", MetricDefinition(PrometheusMetricType::counter, "Number of erroneous received packets") }, - { "noedns-outqueries", MetricDefinition(PrometheusMetricType::counter, "Number of queries sent out without EDNS") }, - { "noerror-answers", MetricDefinition(PrometheusMetricType::counter, "Number of NOERROR answers since starting") }, - { "noping-outqueries", MetricDefinition(PrometheusMetricType::counter, "Number of queries sent out without ENDS PING") }, - { "nsset-invalidations", MetricDefinition(PrometheusMetricType::counter, "Number of times an nsset was dropped because it no longer worked") }, - { "nsspeeds-entries", MetricDefinition(PrometheusMetricType::gauge, "Number of entries in the NS speeds map") }, - { "nxdomain-answers", MetricDefinition(PrometheusMetricType::counter, "Number of NXDOMAIN answers since starting") }, - { "outgoing-timeouts", MetricDefinition(PrometheusMetricType::counter, "Number of timeouts on outgoing UDP queries since starting") }, - { "outgoing4-timeouts", MetricDefinition(PrometheusMetricType::counter, "Number of timeouts on outgoing UDP IPv4 queries since starting") }, - { "outgoing6-timeouts", MetricDefinition(PrometheusMetricType::counter, "Number of timeouts on outgoing UDP IPv6 queries since starting") }, - { "over-capacity-drops", MetricDefinition(PrometheusMetricType::counter, "Number of questions dropped because over maximum concurrent query limit") }, - { "packetcache-bytes", MetricDefinition(PrometheusMetricType::gauge, "Size of the packet cache in bytes") }, - { "packetcache-entries", MetricDefinition(PrometheusMetricType::gauge, "Number of packet cache entries") }, - { "packetcache-hits", MetricDefinition(PrometheusMetricType::counter, "Number of packet cache hits") }, - { "packetcache-misses", MetricDefinition(PrometheusMetricType::counter, "Number of packet cache misses") }, - - { "policy-drops", MetricDefinition(PrometheusMetricType::counter, "Number of packets dropped because of (Lua) policy decision") }, - { "policy-result-noaction", MetricDefinition(PrometheusMetricType::counter, "Number of packets that were not actioned upon by the RPZ/filter engine") }, - { "policy-result-drop", MetricDefinition(PrometheusMetricType::counter, "Number of packets that were dropped by the RPZ/filter engine") }, - { "policy-result-nxdomain", MetricDefinition(PrometheusMetricType::counter, "Number of packets that were replied to with NXDOMAIN by the RPZ/filter engine") }, - { "policy-result-nodata", MetricDefinition(PrometheusMetricType::counter, "Number of packets that were replied to with no data by the RPZ/filter engine") }, - { "policy-result-truncate", MetricDefinition(PrometheusMetricType::counter, "Number of packets that were were forced to TCP by the RPZ/filter engine") }, - { "policy-result-custom", MetricDefinition(PrometheusMetricType::counter, "Number of packets that were sent a custom answer by the RPZ/filter engine") }, - - { "qa-latency", MetricDefinition(PrometheusMetricType::gauge, "Shows the current latency average, in microseconds, exponentially weighted over past 'latency-statistic-size' packets") }, - { "query-pipe-full-drops", MetricDefinition(PrometheusMetricType::counter, "Number of questions dropped because the query distribution pipe was full") }, - { "questions", MetricDefinition(PrometheusMetricType::counter, "Counts all end-user initiated queries with the RD bit set") }, - { "rebalanced-queries", MetricDefinition(PrometheusMetricType::counter, "Number of queries balanced to a different worker thread because the first selected one was above the target load configured with 'distribution-load-factor'") }, - { "resource-limits", MetricDefinition(PrometheusMetricType::counter, "Number of queries that could not be performed because of resource limits") }, - { "security-status", MetricDefinition(PrometheusMetricType::gauge, "security status based on `securitypolling`") }, - { "server-parse-errors", MetricDefinition(PrometheusMetricType::counter, "Number of server replied packets that could not be parsed") }, - { "servfail-answers", MetricDefinition(PrometheusMetricType::counter, "Number of SERVFAIL answers since starting") }, - { "spoof-prevents", MetricDefinition(PrometheusMetricType::counter, "Number of times PowerDNS considered itself spoofed, and dropped the data") }, - { "sys-msec", MetricDefinition(PrometheusMetricType::counter, "Number of CPU milliseconds spent in 'system' mode") }, - { "tcp-client-overflow", MetricDefinition(PrometheusMetricType::counter, "Number of times an IP address was denied TCP access because it already had too many connections") }, - { "tcp-clients", MetricDefinition(PrometheusMetricType::gauge, "Number of currently active TCP/IP clients") }, - { "tcp-outqueries", MetricDefinition(PrometheusMetricType::counter, "Number of outgoing TCP queries since starting") }, - { "tcp-questions", MetricDefinition(PrometheusMetricType::counter, "Number of all incoming TCP queries since starting") }, - { "throttle-entries", MetricDefinition(PrometheusMetricType::gauge, "Number of of entries in the throttle map") }, - { "throttled-out", MetricDefinition(PrometheusMetricType::counter, "Number of throttled outgoing UDP queries since starting") }, - { "throttled-outqueries", MetricDefinition(PrometheusMetricType::counter, "Number of throttled outgoing UDP queries since starting") }, - { "too-old-drops", MetricDefinition(PrometheusMetricType::counter, "Number of questions dropped that were too old") }, - { "truncated-drops", MetricDefinition(PrometheusMetricType::counter, "Number of questions dropped because they were larger than 512 bytes") }, - { "empty-queries", MetricDefinition(PrometheusMetricType::counter, "Questions dropped because they had a QD count of 0") }, - { "unauthorized-tcp", MetricDefinition(PrometheusMetricType::counter, "Number of TCP questions denied because of allow-from restrictions") }, - { "unauthorized-udp", MetricDefinition(PrometheusMetricType::counter, "Number of UDP questions denied because of allow-from restrictions") }, - { "unexpected-packets", MetricDefinition(PrometheusMetricType::counter, "Number of answers from remote servers that were unexpected (might point to spoofing)") }, - { "unreachables", MetricDefinition(PrometheusMetricType::counter, "Number of times nameservers were unreachable since starting") }, - { "uptime", MetricDefinition(PrometheusMetricType::counter, "Number of seconds process has been running") }, - { "user-msec", MetricDefinition(PrometheusMetricType::counter, "Number of CPU milliseconds spent in 'user' mode") }, - { "variable-responses", MetricDefinition(PrometheusMetricType::counter, "Number of responses that were marked as 'variable'") }, - - { "x-our-latency", MetricDefinition(PrometheusMetricType::counter, "How much time was spent within PowerDNS in microseconds") }, - { "x-ourtime0-1", MetricDefinition(PrometheusMetricType::counter, "Counts responses where between 0 and 1 milliseconds was spent within the Recursor") }, - { "x-ourtime1-2", MetricDefinition(PrometheusMetricType::counter, "Counts responses where between 1 and 2 milliseconds was spent within the Recursor") }, - { "x-ourtime2-4", MetricDefinition(PrometheusMetricType::counter, "Counts responses where between 2 and 4 milliseconds was spent within the Recursor") }, - { "x-ourtime4-8", MetricDefinition(PrometheusMetricType::counter, "Counts responses where between 4 and 8 milliseconds was spent within the Recursor") }, - { "x-ourtime8-16", MetricDefinition(PrometheusMetricType::counter, "Counts responses where between 8 and 16 milliseconds was spent within the Recursor") }, - { "x-ourtime16-32", MetricDefinition(PrometheusMetricType::counter, "Counts responses where between 16 and 32 milliseconds was spent within the Recursor") }, - { "x-ourtime-slow", MetricDefinition(PrometheusMetricType::counter, "Counts responses where more than 32 milliseconds was spent within the Recursor") }, - - { "fd-usage", MetricDefinition(PrometheusMetricType::gauge, "Number of open file descriptors") }, - { "real-memory-usage", MetricDefinition(PrometheusMetricType::gauge, "Number of bytes real process memory usage") }, - { "udp-in-errors", MetricDefinition(PrometheusMetricType::counter, "From /proc/net/snmp InErrors") }, - { "udp-noport-errors", MetricDefinition(PrometheusMetricType::counter, "From /proc/net/snmp NoPorts") }, - { "udp-recvbuf-errors", MetricDefinition(PrometheusMetricType::counter, "From /proc/net/snmp RcvbufErrors") }, - { "udp-sndbuf-errors", MetricDefinition(PrometheusMetricType::counter, "From /proc/net/snmp SndbufErrors") }, - }; + // Description and types for prometheus output of stats + std::map metrics = { + {"all-outqueries", + MetricDefinition(PrometheusMetricType::counter, + "Number of outgoing UDP queries since starting")}, + + {"answers-slow", + MetricDefinition(PrometheusMetricType::counter, + "Number of queries answered after 1 second")}, + {"answers0-1", + MetricDefinition(PrometheusMetricType::counter, + "Number of queries answered within 1 millisecond")}, + {"answers1-10", + MetricDefinition(PrometheusMetricType::counter, + "Number of queries answered within 10 milliseconds")}, + {"answers10-100", + MetricDefinition(PrometheusMetricType::counter, + "Number of queries answered within 100 milliseconds")}, + {"answers100-1000", + MetricDefinition(PrometheusMetricType::counter, + "Number of queries answered within 1 second")}, + + {"auth4-answers-slow", + MetricDefinition(PrometheusMetricType::counter, + "Number of queries answered by authoritatives over IPv4 after 1 second")}, + {"auth4-answers0-1", + MetricDefinition(PrometheusMetricType::counter, + "Number of queries answered by authoritatives over IPv4within 1 millisecond")}, + {"auth4-answers1-10", + MetricDefinition(PrometheusMetricType::counter, + "Number of queries answered by authoritatives over IPv4 within 10 milliseconds")}, + {"auth4-answers10-100", + MetricDefinition(PrometheusMetricType::counter, + "Number of queries answered by authoritatives over IPv4 within 100 milliseconds")}, + {"auth4-answers100-1000", + MetricDefinition(PrometheusMetricType::counter, + "Number of queries answered by authoritatives over IPv4 within 1 second")}, + + {"auth6-answers-slow", + MetricDefinition(PrometheusMetricType::counter, + "Number of queries answered by authoritatives over IPv6 after 1 second")}, + {"auth6-answers0-1", + MetricDefinition(PrometheusMetricType::counter, + "Number of queries answered by authoritatives over IPv6 within 1 millisecond")}, + {"auth6-answers1-10", + MetricDefinition(PrometheusMetricType::counter, + "Number of queries answered by authoritatives over IPv6 within 10 milliseconds")}, + {"auth6-answers10-100", + MetricDefinition(PrometheusMetricType::counter, + "Number of queries answered by authoritatives over IPv6 within 100 milliseconds")}, + {"auth6-answers100-1000", + MetricDefinition(PrometheusMetricType::counter, + "Number of queries answered by authoritatives over IPv6 within 1 second")}, + + {"auth-zone-queries", + MetricDefinition(PrometheusMetricType::counter, + "Number of queries to locally hosted authoritative zones (`setting-auth-zones`) since starting")}, + {"cache-bytes", + MetricDefinition(PrometheusMetricType::gauge, + "Size of the cache in bytes")}, + {"cache-entries", + MetricDefinition(PrometheusMetricType::gauge, + "Number of entries in the cache")}, + {"cache-hits", + MetricDefinition(PrometheusMetricType::counter, + "Number of of cache hits since starting, this does **not** include hits that got answered from the packet-cache")}, + {"cache-misses", + MetricDefinition(PrometheusMetricType::counter, + "Number of cache misses since starting")}, + {"case-mismatches", + MetricDefinition(PrometheusMetricType::counter, + "Number of mismatches in character case since starting")}, + {"chain-resends", + MetricDefinition(PrometheusMetricType::counter, + "Number of queries chained to existing outstanding")}, + {"client-parse-errors", + MetricDefinition(PrometheusMetricType::counter, + "Number of client packets that could not be parsed")}, + {"concurrent-queries", + MetricDefinition(PrometheusMetricType::gauge, + "Number of MThreads currently running")}, + {"cpu-msec-thread-0", + MetricDefinition(PrometheusMetricType::counter, + "Number of milliseconds spent in thread n")}, + {"dlg-only-drops", + MetricDefinition(PrometheusMetricType::counter, + "Number of records dropped because of `setting-delegation-only` setting")}, + + {"dnssec-authentic-data-queries", + MetricDefinition(PrometheusMetricType::counter, + "Number of queries received with the AD bit set")}, + {"dnssec-check-disabled-queries", + MetricDefinition(PrometheusMetricType::counter, + "Number of queries received with the CD bit set")}, + {"dnssec-queries", + MetricDefinition(PrometheusMetricType::counter, + "Number of queries received with the DO bit set")}, + {"dnssec-result-bogus", + MetricDefinition(PrometheusMetricType::counter, + "Number of DNSSEC validations that had the Bogus state")}, + {"dnssec-result-indeterminate", + MetricDefinition(PrometheusMetricType::counter, + "Number of DNSSEC validations that had the Indeterminate state")}, + {"dnssec-result-insecure", + MetricDefinition(PrometheusMetricType::counter, + "Number of DNSSEC validations that had the Insecure state")}, + {"dnssec-result-nta", + MetricDefinition(PrometheusMetricType::counter, + "Number of DNSSEC validations that had the (negative trust anchor) state")}, + {"dnssec-result-secure", + MetricDefinition(PrometheusMetricType::counter, + "Number of DNSSEC validations that had the Secure state")}, + + {"dnssec-validations", + MetricDefinition(PrometheusMetricType::counter, + "Number of DNSSEC validations performed")}, + {"dont-outqueries", + MetricDefinition(PrometheusMetricType::counter, + "Number of outgoing queries dropped because of `setting-dont-query` setting")}, + {"qname-min-fallback-success", + MetricDefinition(PrometheusMetricType::counter, + "Number of successful queries due to fallback mechanism within 'qname-minimization' setting")}, + {"ecs-queries", + MetricDefinition(PrometheusMetricType::counter, + "Number of outgoing queries adorned with an EDNS Client Subnet option")}, + {"ecs-responses", + MetricDefinition(PrometheusMetricType::counter, + "Number of responses received from authoritative servers with an EDNS Client Subnet option we used")}, + {"edns-ping-matches", + MetricDefinition(PrometheusMetricType::counter, + "Number of servers that sent a valid EDNS PING response")}, + {"edns-ping-mismatches", + MetricDefinition(PrometheusMetricType::counter, + "Number of servers that sent an invalid EDN PING response")}, + {"failed-host-entries", + MetricDefinition(PrometheusMetricType::counter, + "Number of servers that failed to resolve")}, + {"ignored-packets", + MetricDefinition(PrometheusMetricType::counter, + "Number of non-query packets received on server sockets that should only get query packets")}, + {"ipv6-outqueries", + MetricDefinition(PrometheusMetricType::counter, + "Number of outgoing queries over IPv6")}, + {"ipv6-questions", + MetricDefinition(PrometheusMetricType::counter, + "Number of end-user initiated queries with the RD bit set, received over IPv6 UDP")}, + {"malloc-bytes", + MetricDefinition(PrometheusMetricType::counter, + "Number of bytes allocated by the process (broken, always returns 0)")}, + {"max-cache-entries", + MetricDefinition(PrometheusMetricType::gauge, + "Currently configured maximum number of cache entries")}, + {"max-packetcache-entries", + MetricDefinition(PrometheusMetricType::gauge, + "Currently configured maximum number of packet cache entries")}, + {"max-mthread-stack", + MetricDefinition(PrometheusMetricType::gauge, + "Maximum amount of thread stack ever used")}, + + {"negcache-entries", + MetricDefinition(PrometheusMetricType::gauge, + "Number of entries in the negative answer cache")}, + {"no-packet-error", + MetricDefinition(PrometheusMetricType::counter, + "Number of erroneous received packets")}, + {"noedns-outqueries", + MetricDefinition(PrometheusMetricType::counter, + "Number of queries sent out without EDNS")}, + {"noerror-answers", + MetricDefinition(PrometheusMetricType::counter, + "Number of NOERROR answers since starting")}, + {"noping-outqueries", + MetricDefinition(PrometheusMetricType::counter, + "Number of queries sent out without ENDS PING")}, + {"nsset-invalidations", + MetricDefinition(PrometheusMetricType::counter, + "Number of times an nsset was dropped because it no longer worked")}, + {"nsspeeds-entries", + MetricDefinition(PrometheusMetricType::gauge, + "Number of entries in the NS speeds map")}, + {"nxdomain-answers", + MetricDefinition(PrometheusMetricType::counter, + "Number of NXDOMAIN answers since starting")}, + {"outgoing-timeouts", + MetricDefinition(PrometheusMetricType::counter, + "Number of timeouts on outgoing UDP queries since starting")}, + {"outgoing4-timeouts", + MetricDefinition(PrometheusMetricType::counter, + "Number of timeouts on outgoing UDP IPv4 queries since starting")}, + {"outgoing6-timeouts", + MetricDefinition(PrometheusMetricType::counter, + "Number of timeouts on outgoing UDP IPv6 queries since starting")}, + {"over-capacity-drops", + MetricDefinition(PrometheusMetricType::counter, + "Number of questions dropped because over maximum concurrent query limit")}, + {"packetcache-bytes", + MetricDefinition(PrometheusMetricType::gauge, + "Size of the packet cache in bytes")}, + {"packetcache-entries", + MetricDefinition(PrometheusMetricType::gauge, + "Number of packet cache entries")}, + {"packetcache-hits", + MetricDefinition(PrometheusMetricType::counter, + "Number of packet cache hits")}, + {"packetcache-misses", + MetricDefinition(PrometheusMetricType::counter, + "Number of packet cache misses")}, + + {"policy-drops", + MetricDefinition(PrometheusMetricType::counter, + "Number of packets dropped because of (Lua) policy decision")}, + {"policy-result-noaction", + MetricDefinition(PrometheusMetricType::counter, + "Number of packets that were not actioned upon by the RPZ/filter engine")}, + {"policy-result-drop", + MetricDefinition(PrometheusMetricType::counter, + "Number of packets that were dropped by the RPZ/filter engine")}, + {"policy-result-nxdomain", + MetricDefinition(PrometheusMetricType::counter, + "Number of packets that were replied to with NXDOMAIN by the RPZ/filter engine")}, + {"policy-result-nodata", + MetricDefinition(PrometheusMetricType::counter, + "Number of packets that were replied to with no data by the RPZ/filter engine")}, + {"policy-result-truncate", + MetricDefinition(PrometheusMetricType::counter, + "Number of packets that were were forced to TCP by the RPZ/filter engine")}, + {"policy-result-custom", + MetricDefinition(PrometheusMetricType::counter, + "Number of packets that were sent a custom answer by the RPZ/filter engine")}, + + {"qa-latency", + MetricDefinition(PrometheusMetricType::gauge, + "Shows the current latency average, in microseconds, exponentially weighted over past 'latency-statistic-size' packets")}, + {"query-pipe-full-drops", + MetricDefinition(PrometheusMetricType::counter, + "Number of questions dropped because the query distribution pipe was full")}, + {"questions", + MetricDefinition(PrometheusMetricType::counter, + "Counts all end-user initiated queries with the RD bit set")}, + {"rebalanced-queries", + MetricDefinition(PrometheusMetricType::counter, + "Number of queries balanced to a different worker thread because the first selected one was above the target load configured with 'distribution-load-factor'")}, + {"resource-limits", + MetricDefinition(PrometheusMetricType::counter, + "Number of queries that could not be performed because of resource limits")}, + {"security-status", + MetricDefinition(PrometheusMetricType::gauge, + "security status based on `securitypolling`")}, + {"server-parse-errors", + MetricDefinition(PrometheusMetricType::counter, + "Number of server replied packets that could not be parsed")}, + {"servfail-answers", + MetricDefinition(PrometheusMetricType::counter, + "Number of SERVFAIL answers since starting")}, + {"spoof-prevents", + MetricDefinition(PrometheusMetricType::counter, + "Number of times PowerDNS considered itself spoofed, and dropped the data")}, + {"sys-msec", + MetricDefinition(PrometheusMetricType::counter, + "Number of CPU milliseconds spent in 'system' mode")}, + {"tcp-client-overflow", + MetricDefinition(PrometheusMetricType::counter, + "Number of times an IP address was denied TCP access because it already had too many connections")}, + {"tcp-clients", + MetricDefinition(PrometheusMetricType::gauge, + "Number of currently active TCP/IP clients")}, + {"tcp-outqueries", + MetricDefinition(PrometheusMetricType::counter, + "Number of outgoing TCP queries since starting")}, + {"tcp-questions", + MetricDefinition(PrometheusMetricType::counter, + "Number of all incoming TCP queries since starting")}, + {"throttle-entries", + MetricDefinition(PrometheusMetricType::gauge, + "Number of of entries in the throttle map")}, + {"throttled-out", + MetricDefinition(PrometheusMetricType::counter, + "Number of throttled outgoing UDP queries since starting")}, + {"throttled-outqueries", + MetricDefinition(PrometheusMetricType::counter, + "Number of throttled outgoing UDP queries since starting")}, + {"too-old-drops", + MetricDefinition(PrometheusMetricType::counter, + "Number of questions dropped that were too old")}, + {"truncated-drops", + MetricDefinition(PrometheusMetricType::counter, + "Number of questions dropped because they were larger than 512 bytes")}, + {"empty-queries", + MetricDefinition(PrometheusMetricType::counter, + "Questions dropped because they had a QD count of 0")}, + {"unauthorized-tcp", + MetricDefinition(PrometheusMetricType::counter, + "Number of TCP questions denied because of allow-from restrictions")}, + {"unauthorized-udp", + MetricDefinition(PrometheusMetricType::counter, + "Number of UDP questions denied because of allow-from restrictions")}, + {"unexpected-packets", + MetricDefinition(PrometheusMetricType::counter, + "Number of answers from remote servers that were unexpected (might point to spoofing)")}, + {"unreachables", + MetricDefinition(PrometheusMetricType::counter, + "Number of times nameservers were unreachable since starting")}, + {"uptime", + MetricDefinition(PrometheusMetricType::counter, + "Number of seconds process has been running")}, + {"user-msec", + MetricDefinition(PrometheusMetricType::counter, + "Number of CPU milliseconds spent in 'user' mode")}, + {"variable-responses", + MetricDefinition(PrometheusMetricType::counter, + "Number of responses that were marked as 'variable'")}, + + {"x-our-latency", + MetricDefinition(PrometheusMetricType::counter, + "How much time was spent within PowerDNS in microseconds")}, + {"x-ourtime0-1", + MetricDefinition(PrometheusMetricType::counter, + "Counts responses where between 0 and 1 milliseconds was spent within the Recursor")}, + {"x-ourtime1-2", + MetricDefinition(PrometheusMetricType::counter, + "Counts responses where between 1 and 2 milliseconds was spent within the Recursor")}, + {"x-ourtime2-4", + MetricDefinition(PrometheusMetricType::counter, + "Counts responses where between 2 and 4 milliseconds was spent within the Recursor")}, + {"x-ourtime4-8", + MetricDefinition(PrometheusMetricType::counter, + "Counts responses where between 4 and 8 milliseconds was spent within the Recursor")}, + {"x-ourtime8-16", + MetricDefinition(PrometheusMetricType::counter, + "Counts responses where between 8 and 16 milliseconds was spent within the Recursor")}, + {"x-ourtime16-32", + MetricDefinition(PrometheusMetricType::counter, + "Counts responses where between 16 and 32 milliseconds was spent within the Recursor")}, + {"x-ourtime-slow", + MetricDefinition(PrometheusMetricType::counter, + "Counts responses where more than 32 milliseconds was spent within the Recursor")}, + + {"fd-usage", + MetricDefinition(PrometheusMetricType::gauge, + "Number of open file descriptors")}, + {"real-memory-usage", + MetricDefinition(PrometheusMetricType::gauge, + "Number of bytes real process memory usage")}, + {"udp-in-errors", + MetricDefinition(PrometheusMetricType::counter, + "From /proc/net/snmp InErrors")}, + {"udp-noport-errors", + MetricDefinition(PrometheusMetricType::counter, + "From /proc/net/snmp NoPorts")}, + {"udp-recvbuf-errors", + MetricDefinition(PrometheusMetricType::counter, + "From /proc/net/snmp RcvbufErrors")}, + {"udp-sndbuf-errors", + MetricDefinition(PrometheusMetricType::counter, + "From /proc/net/snmp SndbufErrors")}, + }; }; extern MetricDefinitionStorage g_metricDefinitions; diff --git a/pdns/recursordist/stable-bloom.hh b/pdns/recursordist/stable-bloom.hh index 835f689795..e15723589a 100644 --- a/pdns/recursordist/stable-bloom.hh +++ b/pdns/recursordist/stable-bloom.hh @@ -32,111 +32,134 @@ namespace bf { - // Based on http://webdocs.cs.ualberta.ca/~drafiei/papers/DupDetExt.pdf - // Max is always 1 in this implementation, which is best for streaming data - // This also means we can use a bitset for storing values which is very - // efficient - class stableBF { - public: - stableBF(float fp_rate, uint32_t num_cells, uint8_t p): d_k(optimalK(fp_rate)), d_num_cells(num_cells), d_p(p), d_cells(num_cells), d_gen(std::random_device()()), d_dis(0, num_cells) {} - stableBF(uint8_t k, uint32_t num_cells, uint8_t p, const std::string& bitstr): d_k(k), d_num_cells(num_cells), d_p(p), d_cells(bitstr), d_gen(std::random_device()()), d_dis(0, num_cells) {} - void add(const std::string& data) { - decrement(); - auto hashes = hash(data); - for (auto& i : hashes) { - d_cells.set(i % d_num_cells); - } - } - bool test(const std::string& data) { - auto hashes = hash(data); - for (auto& i : hashes) { - if (d_cells.test(i % d_num_cells) == false) - return false; - } - return true; +// Based on http://webdocs.cs.ualberta.ca/~drafiei/papers/DupDetExt.pdf +// Max is always 1 in this implementation, which is best for streaming data +// This also means we can use a bitset for storing values which is very +// efficient +class stableBF +{ +public: + stableBF(float fp_rate, uint32_t num_cells, uint8_t p) : + d_k(optimalK(fp_rate)), + d_num_cells(num_cells), + d_p(p), + d_cells(num_cells), + d_gen(std::random_device()()), + d_dis(0, num_cells) {} + stableBF(uint8_t k, uint32_t num_cells, uint8_t p, const std::string& bitstr) : + d_k(k), + d_num_cells(num_cells), + d_p(p), + d_cells(bitstr), + d_gen(std::random_device()()), + d_dis(0, num_cells) {} + void add(const std::string& data) + { + decrement(); + auto hashes = hash(data); + for (auto& i : hashes) { + d_cells.set(i % d_num_cells); } - bool testAndAdd(const std::string& data) { - auto hashes = hash(data); - bool retval = true; - for (auto& i : hashes) { - if (d_cells.test(i % d_num_cells) == false) { - retval = false; - break; - } - } - decrement(); - for (auto& i : hashes) { - d_cells.set(i % d_num_cells); - } - return retval; + } + bool test(const std::string& data) + { + auto hashes = hash(data); + for (auto& i : hashes) { + if (d_cells.test(i % d_num_cells) == false) + return false; } - void dump(std::ostream& os) { - os.write((char*)&d_k, sizeof(d_k)); - uint32_t nint = htonl(d_num_cells); - os.write((char*)&nint, sizeof(nint)); - os.write((char*)&d_p, sizeof(d_p)); - std::string temp_str; - boost::to_string(d_cells, temp_str); - uint32_t bitstr_length = htonl((uint32_t)temp_str.length()); - os.write((char*)&bitstr_length, sizeof(bitstr_length)); - os.write((char*)temp_str.c_str(), temp_str.length()); - if (os.fail()) { - throw std::runtime_error("SBF: Failed to dump"); + return true; + } + bool testAndAdd(const std::string& data) + { + auto hashes = hash(data); + bool retval = true; + for (auto& i : hashes) { + if (d_cells.test(i % d_num_cells) == false) { + retval = false; + break; } } - void restore(std::istream& is) { - uint8_t k, p; - uint32_t num_cells, bitstr_len; - is.read((char*)&k, sizeof(k)); - is.read((char*)&num_cells, sizeof(num_cells)); - num_cells = ntohl(num_cells); - is.read((char*)&p, sizeof(p)); - is.read((char*)&bitstr_len, sizeof(bitstr_len)); - bitstr_len = ntohl(bitstr_len); - char* bitcstr = new char[bitstr_len]; - is.read((char*)bitcstr, bitstr_len); - std::string bitstr(bitcstr, bitstr_len); - delete[] bitcstr; - stableBF tempbf(k, num_cells, p, bitstr); - swap(tempbf); - } - private: - unsigned int optimalK(float fp_rate) { - return std::ceil(std::log2(1/fp_rate)); + decrement(); + for (auto& i : hashes) { + d_cells.set(i % d_num_cells); } - void decrement() { - // Choose a random cell then decrement the next p-1 - // The stable bloom algorithm described in the paper says - // to choose p independent positions, but that is much slower - // and this shouldn't change the properties of the SBF - size_t r = d_dis(d_gen); - for (uint64_t i=0; i hash(const std::string& data) { - uint32_t h1, h2; - MurmurHash3_x86_32(data.c_str(), data.length(), 1, (void*)&h1); - MurmurHash3_x86_32(data.c_str(), data.length(), 2, (void*)&h2); - std::vector ret_hashes(d_k); - for (size_t i=0; i < d_k; ++i) { - ret_hashes[i] = h1 + i * h2; - } - return ret_hashes; + } + void swap(stableBF& rhs) + { + std::swap(d_k, rhs.d_k); + std::swap(d_num_cells, rhs.d_num_cells); + std::swap(d_p, rhs.d_p); + d_cells.swap(rhs.d_cells); + } + // This is a double hash implementation returning an array of + // k hashes + std::vector hash(const std::string& data) + { + uint32_t h1, h2; + MurmurHash3_x86_32(data.c_str(), data.length(), 1, (void*)&h1); + MurmurHash3_x86_32(data.c_str(), data.length(), 2, (void*)&h2); + std::vector ret_hashes(d_k); + for (size_t i = 0; i < d_k; ++i) { + ret_hashes[i] = h1 + i * h2; } - uint8_t d_k; - uint32_t d_num_cells; - uint8_t d_p; - boost::dynamic_bitset<> d_cells; - std::mt19937 d_gen; - std::uniform_int_distribution<> d_dis; - }; + return ret_hashes; + } + uint8_t d_k; + uint32_t d_num_cells; + uint8_t d_p; + boost::dynamic_bitset<> d_cells; + std::mt19937 d_gen; + std::uniform_int_distribution<> d_dis; +}; } diff --git a/pdns/recursordist/test-ednsoptions_cc.cc b/pdns/recursordist/test-ednsoptions_cc.cc index a0b446290a..d653526d7a 100644 --- a/pdns/recursordist/test-ednsoptions_cc.cc +++ b/pdns/recursordist/test-ednsoptions_cc.cc @@ -36,7 +36,8 @@ static void getRawQueryWithECSAndCookie(const DNSName& name, const Netmask& ecs, pw.commit(); } -BOOST_AUTO_TEST_CASE(test_getEDNSOption) { +BOOST_AUTO_TEST_CASE(test_getEDNSOption) +{ DNSName name("www.powerdns.com."); Netmask ecs("127.0.0.1/32"); vector query; @@ -54,11 +55,11 @@ BOOST_AUTO_TEST_CASE(test_getEDNSOption) { BOOST_REQUIRE(questionLen > pos + 11); /* OPT root label (1) followed by type (2) */ BOOST_REQUIRE_EQUAL(query.at(pos), 0); - BOOST_REQUIRE(query.at(pos+2) == QType::OPT); + BOOST_REQUIRE(query.at(pos + 2) == QType::OPT); char* ecsStart = nullptr; size_t ecsLen = 0; - int res = getEDNSOption(reinterpret_cast(query.data())+pos+9, questionLen - pos - 9, EDNSOptionCode::ECS, &ecsStart, &ecsLen); + int res = getEDNSOption(reinterpret_cast(query.data()) + pos + 9, questionLen - pos - 9, EDNSOptionCode::ECS, &ecsStart, &ecsLen); BOOST_CHECK_EQUAL(res, 0); EDNSSubnetOpts eso; @@ -67,7 +68,8 @@ BOOST_AUTO_TEST_CASE(test_getEDNSOption) { BOOST_CHECK(eso.source == ecs); } -BOOST_AUTO_TEST_CASE(test_getEDNSOptions) { +BOOST_AUTO_TEST_CASE(test_getEDNSOptions) +{ DNSName name("www.powerdns.com."); Netmask ecs("127.0.0.1/32"); vector query; @@ -85,10 +87,10 @@ BOOST_AUTO_TEST_CASE(test_getEDNSOptions) { BOOST_REQUIRE(questionLen > pos + 11); /* OPT root label (1) followed by type (2) */ BOOST_REQUIRE_EQUAL(query.at(pos), 0); - BOOST_REQUIRE(query.at(pos+2) == QType::OPT); + BOOST_REQUIRE(query.at(pos + 2) == QType::OPT); EDNSOptionViewMap options; - int res = getEDNSOptions(reinterpret_cast(query.data())+pos+9, questionLen - pos - 9, options); + int res = getEDNSOptions(reinterpret_cast(query.data()) + pos + 9, questionLen - pos - 9, options); BOOST_REQUIRE_EQUAL(res, 0); /* 3 EDNS options but two of them are EDNS Cookie, so we only have two entries in the map */ @@ -158,7 +160,8 @@ static void checkECSOptionValidity(const std::string& sourceStr, uint8_t sourceM BOOST_REQUIRE_EQUAL(ecsOpts.scope.getBits(), parsed.scope.getBits()); } -BOOST_AUTO_TEST_CASE(test_makeEDNSSubnetOptsString) { +BOOST_AUTO_TEST_CASE(test_makeEDNSSubnetOptsString) +{ checkECSOptionValidity("192.0.2.255", 0, 0); checkECSOptionValidity("192.0.2.255", 8, 0); diff --git a/pdns/recursordist/test-filterpo_cc.cc b/pdns/recursordist/test-filterpo_cc.cc index 218141a574..875b8ec429 100644 --- a/pdns/recursordist/test-filterpo_cc.cc +++ b/pdns/recursordist/test-filterpo_cc.cc @@ -10,7 +10,8 @@ #include "dnsrecords.hh" #include "filterpo.hh" -BOOST_AUTO_TEST_CASE(test_filter_policies_basic) { +BOOST_AUTO_TEST_CASE(test_filter_policies_basic) +{ DNSFilterEngine dfe; std::string zoneName("Unit test policy 0"); @@ -61,7 +62,7 @@ BOOST_AUTO_TEST_CASE(test_filter_policies_basic) { { /* blocked NS name */ - auto matchingPolicy = dfe.getProcessingPolicy(nsName, std::unordered_map()); + auto matchingPolicy = dfe.getProcessingPolicy(nsName, std::unordered_map()); BOOST_CHECK(matchingPolicy.d_type == DNSFilterEngine::PolicyType::NSDName); BOOST_CHECK(matchingPolicy.d_kind == DNSFilterEngine::PolicyKind::Drop); @@ -70,19 +71,19 @@ BOOST_AUTO_TEST_CASE(test_filter_policies_basic) { BOOST_CHECK(zonePolicy == matchingPolicy); /* but a subdomain should not be blocked (not a wildcard, and this is not suffix domain matching */ - matchingPolicy = dfe.getProcessingPolicy(DNSName("sub") + nsName, std::unordered_map()); + matchingPolicy = dfe.getProcessingPolicy(DNSName("sub") + nsName, std::unordered_map()); BOOST_CHECK(matchingPolicy.d_type == DNSFilterEngine::PolicyType::None); BOOST_CHECK(zone->findExactNSPolicy(DNSName("sub") + nsName, zonePolicy) == false); } { /* blocked NS name via wildcard */ - const auto matchingPolicy = dfe.getProcessingPolicy(DNSName("sub.sub.wildcard.wolf."), std::unordered_map()); + const auto matchingPolicy = dfe.getProcessingPolicy(DNSName("sub.sub.wildcard.wolf."), std::unordered_map()); BOOST_CHECK(matchingPolicy.d_type == DNSFilterEngine::PolicyType::NSDName); BOOST_CHECK(matchingPolicy.d_kind == DNSFilterEngine::PolicyKind::Drop); /* looking for wildcard.wolf. should not match *.wildcard-blocked. */ - const auto notMatchingPolicy = dfe.getProcessingPolicy(DNSName("wildcard.wolf."), std::unordered_map()); + const auto notMatchingPolicy = dfe.getProcessingPolicy(DNSName("wildcard.wolf."), std::unordered_map()); BOOST_CHECK(notMatchingPolicy.d_type == DNSFilterEngine::PolicyType::None); /* a direct lookup would not match */ @@ -95,7 +96,7 @@ BOOST_AUTO_TEST_CASE(test_filter_policies_basic) { { /* allowed NS name */ - const auto matchingPolicy = dfe.getProcessingPolicy(DNSName("ns.bad.rabbit."), std::unordered_map()); + const auto matchingPolicy = dfe.getProcessingPolicy(DNSName("ns.bad.rabbit."), std::unordered_map()); BOOST_CHECK(matchingPolicy.d_type == DNSFilterEngine::PolicyType::None); DNSFilterEngine::Policy zonePolicy; BOOST_CHECK(zone->findExactNSPolicy(DNSName("ns.bad.rabbit."), zonePolicy) == false); @@ -103,7 +104,7 @@ BOOST_AUTO_TEST_CASE(test_filter_policies_basic) { { /* blocked NS IP */ - const auto matchingPolicy = dfe.getProcessingPolicy(nsIP, std::unordered_map()); + const auto matchingPolicy = dfe.getProcessingPolicy(nsIP, std::unordered_map()); BOOST_CHECK(matchingPolicy.d_type == DNSFilterEngine::PolicyType::NSIP); BOOST_CHECK(matchingPolicy.d_kind == DNSFilterEngine::PolicyKind::Drop); DNSFilterEngine::Policy zonePolicy; @@ -113,7 +114,7 @@ BOOST_AUTO_TEST_CASE(test_filter_policies_basic) { { /* allowed NS IP */ - const auto matchingPolicy = dfe.getProcessingPolicy(ComboAddress("192.0.2.142"), std::unordered_map()); + const auto matchingPolicy = dfe.getProcessingPolicy(ComboAddress("192.0.2.142"), std::unordered_map()); BOOST_CHECK(matchingPolicy.d_type == DNSFilterEngine::PolicyType::None); DNSFilterEngine::Policy zonePolicy; BOOST_CHECK(zone->findNSIPPolicy(ComboAddress("192.0.2.142"), zonePolicy) == false); @@ -121,7 +122,7 @@ BOOST_AUTO_TEST_CASE(test_filter_policies_basic) { { /* blocked qname */ - auto matchingPolicy = dfe.getQueryPolicy(blockedName, ComboAddress("192.0.2.142"), std::unordered_map()); + auto matchingPolicy = dfe.getQueryPolicy(blockedName, ComboAddress("192.0.2.142"), std::unordered_map()); BOOST_CHECK(matchingPolicy.d_type == DNSFilterEngine::PolicyType::QName); BOOST_CHECK(matchingPolicy.d_kind == DNSFilterEngine::PolicyKind::Drop); DNSFilterEngine::Policy zonePolicy; @@ -129,19 +130,19 @@ BOOST_AUTO_TEST_CASE(test_filter_policies_basic) { BOOST_CHECK(zonePolicy == matchingPolicy); /* but a subdomain should not be blocked (not a wildcard, and this is not suffix domain matching */ - matchingPolicy = dfe.getQueryPolicy(DNSName("sub") + blockedName, ComboAddress("192.0.2.142"), std::unordered_map()); + matchingPolicy = dfe.getQueryPolicy(DNSName("sub") + blockedName, ComboAddress("192.0.2.142"), std::unordered_map()); BOOST_CHECK(matchingPolicy.d_type == DNSFilterEngine::PolicyType::None); BOOST_CHECK(zone->findExactQNamePolicy(DNSName("sub") + blockedName, zonePolicy) == false); } { /* blocked NS name via wildcard */ - const auto matchingPolicy = dfe.getQueryPolicy(DNSName("sub.sub.wildcard-blocked."), ComboAddress("192.0.2.142"), std::unordered_map()); + const auto matchingPolicy = dfe.getQueryPolicy(DNSName("sub.sub.wildcard-blocked."), ComboAddress("192.0.2.142"), std::unordered_map()); BOOST_CHECK(matchingPolicy.d_type == DNSFilterEngine::PolicyType::QName); BOOST_CHECK(matchingPolicy.d_kind == DNSFilterEngine::PolicyKind::Drop); /* looking for wildcard-blocked. should not match *.wildcard-blocked. */ - const auto notMatchingPolicy = dfe.getQueryPolicy(DNSName("wildcard-blocked."), ComboAddress("192.0.2.142"), std::unordered_map()); + const auto notMatchingPolicy = dfe.getQueryPolicy(DNSName("wildcard-blocked."), ComboAddress("192.0.2.142"), std::unordered_map()); BOOST_CHECK(notMatchingPolicy.d_type == DNSFilterEngine::PolicyType::None); /* a direct lookup would not match */ @@ -154,7 +155,7 @@ BOOST_AUTO_TEST_CASE(test_filter_policies_basic) { { /* blocked client IP */ - const auto matchingPolicy = dfe.getQueryPolicy(DNSName("totally.legit."), clientIP, std::unordered_map()); + const auto matchingPolicy = dfe.getQueryPolicy(DNSName("totally.legit."), clientIP, std::unordered_map()); BOOST_CHECK(matchingPolicy.d_type == DNSFilterEngine::PolicyType::ClientIP); BOOST_CHECK(matchingPolicy.d_kind == DNSFilterEngine::PolicyKind::Drop); DNSFilterEngine::Policy zonePolicy; @@ -164,7 +165,7 @@ BOOST_AUTO_TEST_CASE(test_filter_policies_basic) { { /* not blocked */ - const auto matchingPolicy = dfe.getQueryPolicy(DNSName("totally.legit."), ComboAddress("192.0.2.142"), std::unordered_map()); + const auto matchingPolicy = dfe.getQueryPolicy(DNSName("totally.legit."), ComboAddress("192.0.2.142"), std::unordered_map()); BOOST_CHECK(matchingPolicy.d_type == DNSFilterEngine::PolicyType::None); DNSFilterEngine::Policy zonePolicy; BOOST_CHECK(zone->findClientPolicy(ComboAddress("192.0.2.142"), zonePolicy) == false); @@ -176,7 +177,7 @@ BOOST_AUTO_TEST_CASE(test_filter_policies_basic) { DNSRecord dr; dr.d_type = QType::A; dr.d_content = DNSRecordContent::mastermake(QType::A, QClass::IN, responseIP.toString()); - const auto matchingPolicy = dfe.getPostPolicy({ dr }, std::unordered_map()); + const auto matchingPolicy = dfe.getPostPolicy({dr}, std::unordered_map()); BOOST_CHECK(matchingPolicy.d_type == DNSFilterEngine::PolicyType::ResponseIP); BOOST_CHECK(matchingPolicy.d_kind == DNSFilterEngine::PolicyKind::Drop); DNSFilterEngine::Policy zonePolicy; @@ -189,7 +190,7 @@ BOOST_AUTO_TEST_CASE(test_filter_policies_basic) { DNSRecord dr; dr.d_type = QType::A; dr.d_content = DNSRecordContent::mastermake(QType::A, QClass::IN, "192.0.2.142"); - const auto matchingPolicy = dfe.getPostPolicy({ dr }, std::unordered_map()); + const auto matchingPolicy = dfe.getPostPolicy({dr}, std::unordered_map()); BOOST_CHECK(matchingPolicy.d_type == DNSFilterEngine::PolicyType::None); DNSFilterEngine::Policy zonePolicy; BOOST_CHECK(zone->findResponsePolicy(ComboAddress("192.0.2.142"), zonePolicy) == false); @@ -218,9 +219,10 @@ BOOST_AUTO_TEST_CASE(test_filter_policies_basic) { BOOST_CHECK(dfe.getZone(zoneIdx) == zone); } -BOOST_AUTO_TEST_CASE(test_filter_policies_wildcard_with_enc) { +BOOST_AUTO_TEST_CASE(test_filter_policies_wildcard_with_enc) +{ DNSFilterEngine dfe; - + std::string zoneName("Unit test policy wc"); auto zone = std::make_shared(); zone->setName(zoneName); @@ -229,67 +231,67 @@ BOOST_AUTO_TEST_CASE(test_filter_policies_wildcard_with_enc) { zone->setRefresh(99); zone->addQNameTrigger(DNSName("bcbsks.com.102.112.2o7.net."), - DNSFilterEngine::Policy(DNSFilterEngine::PolicyKind::NoAction, - DNSFilterEngine::PolicyType::QName)); + DNSFilterEngine::Policy(DNSFilterEngine::PolicyKind::NoAction, + DNSFilterEngine::PolicyType::QName)); zone->addQNameTrigger(DNSName("2o7.net."), - DNSFilterEngine::Policy(DNSFilterEngine::PolicyKind::Drop, - DNSFilterEngine::PolicyType::QName)); + DNSFilterEngine::Policy(DNSFilterEngine::PolicyKind::Drop, + DNSFilterEngine::PolicyType::QName)); zone->addQNameTrigger(DNSName("*.2o7.net."), - DNSFilterEngine::Policy(DNSFilterEngine::PolicyKind::Drop, - DNSFilterEngine::PolicyType::QName)); + DNSFilterEngine::Policy(DNSFilterEngine::PolicyKind::Drop, + DNSFilterEngine::PolicyType::QName)); dfe.addZone(zone); ComboAddress address("192.0.2.142"); - + { const DNSName tstName("bcbsks.com.102.112.2o7.net."); - auto matchingPolicy = dfe.getQueryPolicy(tstName, address, std::unordered_map()); + auto matchingPolicy = dfe.getQueryPolicy(tstName, address, std::unordered_map()); BOOST_CHECK(matchingPolicy.d_type == DNSFilterEngine::PolicyType::QName); BOOST_CHECK(matchingPolicy.d_kind == DNSFilterEngine::PolicyKind::NoAction); } { const DNSName tstName("2o7.net."); - auto matchingPolicy = dfe.getQueryPolicy(tstName, address, std::unordered_map()); + auto matchingPolicy = dfe.getQueryPolicy(tstName, address, std::unordered_map()); BOOST_CHECK(matchingPolicy.d_type == DNSFilterEngine::PolicyType::QName); BOOST_CHECK(matchingPolicy.d_kind == DNSFilterEngine::PolicyKind::Drop); } // Once fixed the BOOST_WARN should becomes BOOST_CHECK const string m("Please fix issue #8321"); - + { const DNSName tstName("112.2o7.net."); - auto matchingPolicy = dfe.getQueryPolicy(tstName, address, std::unordered_map()); + auto matchingPolicy = dfe.getQueryPolicy(tstName, address, std::unordered_map()); BOOST_WARN_MESSAGE(matchingPolicy.d_type == DNSFilterEngine::PolicyType::None, m); BOOST_WARN_MESSAGE(matchingPolicy.d_kind == DNSFilterEngine::PolicyKind::NoAction, m); } - + { const DNSName tstName("102.112.2o7.net."); - auto matchingPolicy = dfe.getQueryPolicy(tstName, address, std::unordered_map()); + auto matchingPolicy = dfe.getQueryPolicy(tstName, address, std::unordered_map()); BOOST_WARN_MESSAGE(matchingPolicy.d_type == DNSFilterEngine::PolicyType::None, m); BOOST_WARN_MESSAGE(matchingPolicy.d_kind == DNSFilterEngine::PolicyKind::NoAction, m); } { const DNSName tstName("com.112.2o7.net."); - auto matchingPolicy = dfe.getQueryPolicy(tstName, address, std::unordered_map()); + auto matchingPolicy = dfe.getQueryPolicy(tstName, address, std::unordered_map()); BOOST_WARN_MESSAGE(matchingPolicy.d_type == DNSFilterEngine::PolicyType::None, m); BOOST_WARN_MESSAGE(matchingPolicy.d_kind == DNSFilterEngine::PolicyKind::NoAction, m); } - + { const DNSName tstName("wcmatch.2o7.net."); - auto matchingPolicy = dfe.getQueryPolicy(tstName, address, std::unordered_map()); + auto matchingPolicy = dfe.getQueryPolicy(tstName, address, std::unordered_map()); BOOST_CHECK(matchingPolicy.d_type == DNSFilterEngine::PolicyType::QName); BOOST_CHECK(matchingPolicy.d_kind == DNSFilterEngine::PolicyKind::Drop); } - } -BOOST_AUTO_TEST_CASE(test_filter_policies_local_data) { +BOOST_AUTO_TEST_CASE(test_filter_policies_local_data) +{ DNSFilterEngine dfe; std::string zoneName("Unit test policy local data"); @@ -299,23 +301,23 @@ BOOST_AUTO_TEST_CASE(test_filter_policies_local_data) { const DNSName bad1("bad1.example.com."); const DNSName bad2("bad2.example.com."); - zone->addQNameTrigger(bad1, DNSFilterEngine::Policy(DNSFilterEngine::PolicyKind::Custom, DNSFilterEngine::PolicyType::QName, 0, nullptr, { DNSRecordContent::mastermake(QType::CNAME, QClass::IN, "garden.example.net.") } )); + zone->addQNameTrigger(bad1, DNSFilterEngine::Policy(DNSFilterEngine::PolicyKind::Custom, DNSFilterEngine::PolicyType::QName, 0, nullptr, {DNSRecordContent::mastermake(QType::CNAME, QClass::IN, "garden.example.net.")})); BOOST_CHECK_EQUAL(zone->size(), 1U); - zone->addQNameTrigger(bad2, DNSFilterEngine::Policy(DNSFilterEngine::PolicyKind::Custom, DNSFilterEngine::PolicyType::QName, 0, nullptr, { DNSRecordContent::mastermake(QType::A, QClass::IN, "192.0.2.1") } )); + zone->addQNameTrigger(bad2, DNSFilterEngine::Policy(DNSFilterEngine::PolicyKind::Custom, DNSFilterEngine::PolicyType::QName, 0, nullptr, {DNSRecordContent::mastermake(QType::A, QClass::IN, "192.0.2.1")})); BOOST_CHECK_EQUAL(zone->size(), 2U); - zone->addQNameTrigger(bad2, DNSFilterEngine::Policy(DNSFilterEngine::PolicyKind::Custom, DNSFilterEngine::PolicyType::QName, 0, nullptr, { DNSRecordContent::mastermake(QType::A, QClass::IN, "192.0.2.2") } )); + zone->addQNameTrigger(bad2, DNSFilterEngine::Policy(DNSFilterEngine::PolicyKind::Custom, DNSFilterEngine::PolicyType::QName, 0, nullptr, {DNSRecordContent::mastermake(QType::A, QClass::IN, "192.0.2.2")})); BOOST_CHECK_EQUAL(zone->size(), 2U); - zone->addQNameTrigger(bad2, DNSFilterEngine::Policy(DNSFilterEngine::PolicyKind::Custom, DNSFilterEngine::PolicyType::QName, 0, nullptr, { DNSRecordContent::mastermake(QType::MX, QClass::IN, "10 garden-mail.example.net.") } )); + zone->addQNameTrigger(bad2, DNSFilterEngine::Policy(DNSFilterEngine::PolicyKind::Custom, DNSFilterEngine::PolicyType::QName, 0, nullptr, {DNSRecordContent::mastermake(QType::MX, QClass::IN, "10 garden-mail.example.net.")})); BOOST_CHECK_EQUAL(zone->size(), 2U); dfe.addZone(zone); { /* exact type does not exist, but we have a CNAME */ - const auto matchingPolicy = dfe.getQueryPolicy(bad1, ComboAddress("192.0.2.142"), std::unordered_map()); + const auto matchingPolicy = dfe.getQueryPolicy(bad1, ComboAddress("192.0.2.142"), std::unordered_map()); BOOST_CHECK(matchingPolicy.d_type == DNSFilterEngine::PolicyType::QName); BOOST_CHECK(matchingPolicy.d_kind == DNSFilterEngine::PolicyKind::Custom); auto records = matchingPolicy.getCustomRecords(bad1, QType::A); @@ -330,7 +332,7 @@ BOOST_AUTO_TEST_CASE(test_filter_policies_local_data) { { /* exact type exists */ - const auto matchingPolicy = dfe.getQueryPolicy(bad2, ComboAddress("192.0.2.142"), std::unordered_map()); + const auto matchingPolicy = dfe.getQueryPolicy(bad2, ComboAddress("192.0.2.142"), std::unordered_map()); BOOST_CHECK(matchingPolicy.d_type == DNSFilterEngine::PolicyType::QName); BOOST_CHECK(matchingPolicy.d_kind == DNSFilterEngine::PolicyKind::Custom); @@ -374,12 +376,12 @@ BOOST_AUTO_TEST_CASE(test_filter_policies_local_data) { } /* remove only one entry, one of the A local records */ - zone->rmQNameTrigger(bad2, DNSFilterEngine::Policy(DNSFilterEngine::PolicyKind::Custom, DNSFilterEngine::PolicyType::QName, 0, nullptr, { DNSRecordContent::mastermake(QType::A, QClass::IN, "192.0.2.1") } )); + zone->rmQNameTrigger(bad2, DNSFilterEngine::Policy(DNSFilterEngine::PolicyKind::Custom, DNSFilterEngine::PolicyType::QName, 0, nullptr, {DNSRecordContent::mastermake(QType::A, QClass::IN, "192.0.2.1")})); BOOST_CHECK_EQUAL(zone->size(), 2U); { /* exact type exists */ - const auto matchingPolicy = dfe.getQueryPolicy(bad2, ComboAddress("192.0.2.142"), std::unordered_map()); + const auto matchingPolicy = dfe.getQueryPolicy(bad2, ComboAddress("192.0.2.142"), std::unordered_map()); BOOST_CHECK(matchingPolicy.d_type == DNSFilterEngine::PolicyType::QName); BOOST_CHECK(matchingPolicy.d_kind == DNSFilterEngine::PolicyKind::Custom); @@ -415,7 +417,8 @@ BOOST_AUTO_TEST_CASE(test_filter_policies_local_data) { } } -BOOST_AUTO_TEST_CASE(test_multiple_filter_policies) { +BOOST_AUTO_TEST_CASE(test_multiple_filter_policies) +{ DNSFilterEngine dfe; auto zone1 = std::make_shared(); @@ -426,15 +429,15 @@ BOOST_AUTO_TEST_CASE(test_multiple_filter_policies) { const DNSName bad("bad.example.com."); - zone1->addQNameTrigger(bad, DNSFilterEngine::Policy(DNSFilterEngine::PolicyKind::Custom, DNSFilterEngine::PolicyType::QName, 0, nullptr, { DNSRecordContent::mastermake(QType::CNAME, QClass::IN, "garden1.example.net.") } )); - zone2->addQNameTrigger(bad, DNSFilterEngine::Policy(DNSFilterEngine::PolicyKind::Custom, DNSFilterEngine::PolicyType::QName, 0, nullptr, { DNSRecordContent::mastermake(QType::CNAME, QClass::IN, "garden2.example.net.") } )); + zone1->addQNameTrigger(bad, DNSFilterEngine::Policy(DNSFilterEngine::PolicyKind::Custom, DNSFilterEngine::PolicyType::QName, 0, nullptr, {DNSRecordContent::mastermake(QType::CNAME, QClass::IN, "garden1.example.net.")})); + zone2->addQNameTrigger(bad, DNSFilterEngine::Policy(DNSFilterEngine::PolicyKind::Custom, DNSFilterEngine::PolicyType::QName, 0, nullptr, {DNSRecordContent::mastermake(QType::CNAME, QClass::IN, "garden2.example.net.")})); dfe.addZone(zone1); dfe.addZone(zone2); { /* zone 1 should match first */ - const auto matchingPolicy = dfe.getQueryPolicy(bad, ComboAddress("192.0.2.142"), std::unordered_map()); + const auto matchingPolicy = dfe.getQueryPolicy(bad, ComboAddress("192.0.2.142"), std::unordered_map()); BOOST_CHECK(matchingPolicy.d_type == DNSFilterEngine::PolicyType::QName); BOOST_CHECK(matchingPolicy.d_kind == DNSFilterEngine::PolicyKind::Custom); auto records = matchingPolicy.getCustomRecords(bad, QType::A); @@ -449,7 +452,7 @@ BOOST_AUTO_TEST_CASE(test_multiple_filter_policies) { { /* zone 1 should still match if zone 2 has been disabled */ - const auto matchingPolicy = dfe.getQueryPolicy(bad, ComboAddress("192.0.2.142"), { { *(zone2->getName()), true } }); + const auto matchingPolicy = dfe.getQueryPolicy(bad, ComboAddress("192.0.2.142"), {{*(zone2->getName()), true}}); BOOST_CHECK(matchingPolicy.d_type == DNSFilterEngine::PolicyType::QName); BOOST_CHECK(matchingPolicy.d_kind == DNSFilterEngine::PolicyKind::Custom); auto records = matchingPolicy.getCustomRecords(bad, QType::A); @@ -464,7 +467,7 @@ BOOST_AUTO_TEST_CASE(test_multiple_filter_policies) { { /* if zone 1 is disabled, zone 2 should match */ - const auto matchingPolicy = dfe.getQueryPolicy(bad, ComboAddress("192.0.2.142"), { { *(zone1->getName()), true } }); + const auto matchingPolicy = dfe.getQueryPolicy(bad, ComboAddress("192.0.2.142"), {{*(zone1->getName()), true}}); BOOST_CHECK(matchingPolicy.d_type == DNSFilterEngine::PolicyType::QName); BOOST_CHECK(matchingPolicy.d_kind == DNSFilterEngine::PolicyKind::Custom); auto records = matchingPolicy.getCustomRecords(bad, QType::A); @@ -479,8 +482,7 @@ BOOST_AUTO_TEST_CASE(test_multiple_filter_policies) { { /* if both zones are disabled, we should not match */ - const auto matchingPolicy = dfe.getQueryPolicy(bad, ComboAddress("192.0.2.142"), { { *(zone1->getName()), true }, { *(zone2->getName()), true } }); + const auto matchingPolicy = dfe.getQueryPolicy(bad, ComboAddress("192.0.2.142"), {{*(zone1->getName()), true}, {*(zone2->getName()), true}}); BOOST_CHECK(matchingPolicy.d_type == DNSFilterEngine::PolicyType::None); } - } diff --git a/pdns/recursordist/test-mtasker.cc b/pdns/recursordist/test-mtasker.cc index 7e33160c19..372badc437 100644 --- a/pdns/recursordist/test-mtasker.cc +++ b/pdns/recursordist/test-mtasker.cc @@ -14,25 +14,27 @@ static int g_result; static void doSomething(void* p) { MTasker<>* mt = reinterpret_cast*>(p); - int i=12, o; + int i = 12, o; if (mt->waitEvent(i, &o) == 1) g_result = o; } -BOOST_AUTO_TEST_CASE(test_Simple) { +BOOST_AUTO_TEST_CASE(test_Simple) +{ MTasker<> mt; mt.makeThread(doSomething, &mt); struct timeval now; gettimeofday(&now, 0); - bool first=true; - int o=24; - for(;;) { - while(mt.schedule(&now)); - if(first) { + bool first = true; + int o = 24; + for (;;) { + while (mt.schedule(&now)) + ; + if (first) { mt.sendEvent(12, &o); - first=false; + first = false; } - if(mt.noProcesses()) + if (mt.noProcesses()) break; } BOOST_CHECK_EQUAL(g_result, o); @@ -43,16 +45,17 @@ static void willThrow(void* p) throw std::runtime_error("Help!"); } +BOOST_AUTO_TEST_CASE(test_MtaskerException) +{ + BOOST_CHECK_THROW({ + MTasker<> mt; + mt.makeThread(willThrow, 0); + struct timeval now; -BOOST_AUTO_TEST_CASE(test_MtaskerException) { - BOOST_CHECK_THROW( { - MTasker<> mt; - mt.makeThread(willThrow, 0); - struct timeval now; - - for(;;) { - mt.schedule(&now); - } - }, std::exception); + for (;;) { + mt.schedule(&now); + } + }, + std::exception); } BOOST_AUTO_TEST_SUITE_END() diff --git a/pdns/recursordist/test-negcache_cc.cc b/pdns/recursordist/test-negcache_cc.cc index 0443c8d9c8..5a96f2fd0a 100644 --- a/pdns/recursordist/test-negcache_cc.cc +++ b/pdns/recursordist/test-negcache_cc.cc @@ -6,7 +6,8 @@ #include "dnsrecords.hh" #include "utility.hh" -static recordsAndSignatures genRecsAndSigs(const DNSName& name, const uint16_t qtype, const string& content, bool sigs) { +static recordsAndSignatures genRecsAndSigs(const DNSName& name, const uint16_t qtype, const string& content, bool sigs) +{ recordsAndSignatures ret; DNSRecord rec; @@ -27,7 +28,8 @@ static recordsAndSignatures genRecsAndSigs(const DNSName& name, const uint16_t q return ret; } -static NegCache::NegCacheEntry genNegCacheEntry(const DNSName& name, const DNSName& auth, const struct timeval& now, const uint16_t qtype=0) { +static NegCache::NegCacheEntry genNegCacheEntry(const DNSName& name, const DNSName& auth, const struct timeval& now, const uint16_t qtype = 0) +{ NegCache::NegCacheEntry ret; ret.d_name = name; @@ -42,7 +44,8 @@ static NegCache::NegCacheEntry genNegCacheEntry(const DNSName& name, const DNSNa BOOST_AUTO_TEST_SUITE(negcache_cc) -BOOST_AUTO_TEST_CASE(test_get_entry) { +BOOST_AUTO_TEST_CASE(test_get_entry) +{ /* Add a full name negative entry to the cache and attempt to get an entry for * the A record. Should yield the full name does not exist entry */ @@ -66,7 +69,8 @@ BOOST_AUTO_TEST_CASE(test_get_entry) { BOOST_CHECK_EQUAL(ne->d_auth, auth); } -BOOST_AUTO_TEST_CASE(test_get_entry_exact_type) { +BOOST_AUTO_TEST_CASE(test_get_entry_exact_type) +{ /* Add a full name negative entry to the cache and attempt to get an entry for * the A record, asking only for an exact match. */ @@ -88,7 +92,8 @@ BOOST_AUTO_TEST_CASE(test_get_entry_exact_type) { BOOST_CHECK(ne == nullptr); } -BOOST_AUTO_TEST_CASE(test_get_NODATA_entry) { +BOOST_AUTO_TEST_CASE(test_get_NODATA_entry) +{ DNSName qname("www2.powerdns.com"); DNSName auth("powerdns.com"); @@ -114,7 +119,8 @@ BOOST_AUTO_TEST_CASE(test_get_NODATA_entry) { BOOST_CHECK(ne2 == nullptr); } -BOOST_AUTO_TEST_CASE(test_getRootNXTrust_entry) { +BOOST_AUTO_TEST_CASE(test_getRootNXTrust_entry) +{ DNSName qname("com"); DNSName auth("."); @@ -135,7 +141,8 @@ BOOST_AUTO_TEST_CASE(test_getRootNXTrust_entry) { BOOST_CHECK_EQUAL(ne->d_auth, auth); } -BOOST_AUTO_TEST_CASE(test_add_and_get_expired_entry) { +BOOST_AUTO_TEST_CASE(test_add_and_get_expired_entry) +{ DNSName qname("www2.powerdns.com"); DNSName auth("powerdns.com"); @@ -157,7 +164,8 @@ BOOST_AUTO_TEST_CASE(test_add_and_get_expired_entry) { BOOST_CHECK(ne == nullptr); } -BOOST_AUTO_TEST_CASE(test_getRootNXTrust_expired_entry) { +BOOST_AUTO_TEST_CASE(test_getRootNXTrust_expired_entry) +{ DNSName qname("com"); DNSName auth("."); @@ -179,7 +187,8 @@ BOOST_AUTO_TEST_CASE(test_getRootNXTrust_expired_entry) { BOOST_CHECK(ne == nullptr); } -BOOST_AUTO_TEST_CASE(test_add_updated_entry) { +BOOST_AUTO_TEST_CASE(test_add_updated_entry) +{ DNSName qname("www2.powerdns.com"); DNSName auth("powerdns.com"); DNSName auth2("com"); @@ -202,7 +211,8 @@ BOOST_AUTO_TEST_CASE(test_add_updated_entry) { BOOST_CHECK_EQUAL(ne->d_auth, auth2); } -BOOST_AUTO_TEST_CASE(test_getRootNXTrust) { +BOOST_AUTO_TEST_CASE(test_getRootNXTrust) +{ DNSName qname("www2.powerdns.com"); DNSName auth("powerdns.com"); DNSName qname2("com"); @@ -223,7 +233,8 @@ BOOST_AUTO_TEST_CASE(test_getRootNXTrust) { BOOST_CHECK_EQUAL(ne->d_auth, auth2); } -BOOST_AUTO_TEST_CASE(test_getRootNXTrust_full_domain_only) { +BOOST_AUTO_TEST_CASE(test_getRootNXTrust_full_domain_only) +{ DNSName qname("www2.powerdns.com"); DNSName auth("powerdns.com"); DNSName qname2("com"); @@ -243,7 +254,8 @@ BOOST_AUTO_TEST_CASE(test_getRootNXTrust_full_domain_only) { BOOST_CHECK(ne == nullptr); } -BOOST_AUTO_TEST_CASE(test_prune) { +BOOST_AUTO_TEST_CASE(test_prune) +{ string qname(".powerdns.com"); DNSName auth("powerdns.com"); @@ -252,7 +264,7 @@ BOOST_AUTO_TEST_CASE(test_prune) { NegCache cache; NegCache::NegCacheEntry ne; - for(int i = 0; i < 400; i++) { + for (int i = 0; i < 400; i++) { ne = genNegCacheEntry(DNSName(std::to_string(i) + qname), auth, now); cache.add(ne); } @@ -264,7 +276,8 @@ BOOST_AUTO_TEST_CASE(test_prune) { BOOST_CHECK_EQUAL(cache.size(), 100U); } -BOOST_AUTO_TEST_CASE(test_prune_valid_entries) { +BOOST_AUTO_TEST_CASE(test_prune_valid_entries) +{ DNSName power1("powerdns.com."); DNSName power2("powerdns-1.com."); DNSName auth("com."); @@ -317,7 +330,8 @@ BOOST_AUTO_TEST_CASE(test_prune_valid_entries) { BOOST_CHECK_EQUAL(got->d_auth, auth); } -BOOST_AUTO_TEST_CASE(test_wipe_single) { +BOOST_AUTO_TEST_CASE(test_wipe_single) +{ string qname(".powerdns.com"); DNSName auth("powerdns.com"); @@ -329,7 +343,7 @@ BOOST_AUTO_TEST_CASE(test_wipe_single) { ne = genNegCacheEntry(auth, auth, now); cache.add(ne); - for(int i = 0; i < 400; i++) { + for (int i = 0; i < 400; i++) { ne = genNegCacheEntry(DNSName(std::to_string(i) + qname), auth, now); cache.add(ne); } @@ -356,7 +370,8 @@ BOOST_AUTO_TEST_CASE(test_wipe_single) { BOOST_CHECK(ne3 == nullptr); } -BOOST_AUTO_TEST_CASE(test_wipe_subtree) { +BOOST_AUTO_TEST_CASE(test_wipe_subtree) +{ string qname(".powerdns.com"); string qname2("powerdns.org"); DNSName auth("powerdns.com"); @@ -369,7 +384,7 @@ BOOST_AUTO_TEST_CASE(test_wipe_subtree) { ne = genNegCacheEntry(auth, auth, now); cache.add(ne); - for(int i = 0; i < 400; i++) { + for (int i = 0; i < 400; i++) { ne = genNegCacheEntry(DNSName(std::to_string(i) + qname), auth, now); cache.add(ne); ne = genNegCacheEntry(DNSName(std::to_string(i) + qname2), auth, now); @@ -383,7 +398,8 @@ BOOST_AUTO_TEST_CASE(test_wipe_subtree) { BOOST_CHECK_EQUAL(cache.size(), 400U); } -BOOST_AUTO_TEST_CASE(test_clear) { +BOOST_AUTO_TEST_CASE(test_clear) +{ string qname(".powerdns.com"); DNSName auth("powerdns.com"); @@ -393,7 +409,7 @@ BOOST_AUTO_TEST_CASE(test_clear) { NegCache cache; NegCache::NegCacheEntry ne; - for(int i = 0; i < 400; i++) { + for (int i = 0; i < 400; i++) { ne = genNegCacheEntry(DNSName(std::to_string(i) + qname), auth, now); cache.add(ne); } @@ -403,7 +419,8 @@ BOOST_AUTO_TEST_CASE(test_clear) { BOOST_CHECK_EQUAL(cache.size(), 0U); } -BOOST_AUTO_TEST_CASE(test_dumpToFile) { +BOOST_AUTO_TEST_CASE(test_dumpToFile) +{ NegCache cache; vector expected; expected.push_back("www1.powerdns.com. 600 IN TYPE0 VIA powerdns.com. ; (Indeterminate)\n"); @@ -426,7 +443,7 @@ BOOST_AUTO_TEST_CASE(test_dumpToFile) { cache.dumpToFile(fp); rewind(fp); - char *line = nullptr; + char* line = nullptr; size_t len = 0; ssize_t read; @@ -447,7 +464,8 @@ BOOST_AUTO_TEST_CASE(test_dumpToFile) { fclose(fp); } -BOOST_AUTO_TEST_CASE(test_count) { +BOOST_AUTO_TEST_CASE(test_count) +{ string qname(".powerdns.com"); string qname2("powerdns.org"); DNSName auth("powerdns.com"); @@ -460,7 +478,7 @@ BOOST_AUTO_TEST_CASE(test_count) { ne = genNegCacheEntry(auth, auth, now); cache.add(ne); - for(int i = 0; i < 400; i++) { + for (int i = 0; i < 400; i++) { ne = genNegCacheEntry(DNSName(std::to_string(i) + qname), auth, now); cache.add(ne); ne = genNegCacheEntry(DNSName(std::to_string(i) + qname2), auth, now); diff --git a/pdns/recursordist/test-nod_cc.cc b/pdns/recursordist/test-nod_cc.cc index ae1f61f192..2f307b4d2a 100644 --- a/pdns/recursordist/test-nod_cc.cc +++ b/pdns/recursordist/test-nod_cc.cc @@ -9,18 +9,19 @@ using namespace nod; BOOST_AUTO_TEST_SUITE(nod_cc) -bool pdns_exception( PDNSException const& ex ) { return true; } +bool pdns_exception(PDNSException const& ex) { return true; } -BOOST_AUTO_TEST_CASE(test_basic) { +BOOST_AUTO_TEST_CASE(test_basic) +{ DNSName new_domain1("abc.com."), new_domain2("xyz.com."); { NODDB noddb; - BOOST_CHECK_EXCEPTION( noddb.setCacheDir("/xyz/abc"), PDNSException, pdns_exception); + BOOST_CHECK_EXCEPTION(noddb.setCacheDir("/xyz/abc"), PDNSException, pdns_exception); noddb.setCacheDir("/tmp"); - + BOOST_CHECK_EQUAL(noddb.init(), true); BOOST_CHECK_EQUAL(noddb.isNewDomain(new_domain1), true); @@ -28,9 +29,9 @@ BOOST_AUTO_TEST_CASE(test_basic) { BOOST_CHECK_EQUAL(noddb.isNewDomain(new_domain2), true); BOOST_CHECK_EQUAL(noddb.isNewDomain(new_domain1), false); - for (int i=0; i<1000000; ++i) { + for (int i = 0; i < 1000000; ++i) { noddb.isNewDomain("foo.com."); - } + } noddb.addDomain("abc.com."); DNSName new_subdomain("foo.abc.com."); diff --git a/pdns/recursordist/test-recursorcache_cc.cc b/pdns/recursordist/test-recursorcache_cc.cc index 8accd90d64..1e44e5c11d 100644 --- a/pdns/recursordist/test-recursorcache_cc.cc +++ b/pdns/recursordist/test-recursorcache_cc.cc @@ -11,7 +11,8 @@ BOOST_AUTO_TEST_SUITE(recursorcache_cc) -BOOST_AUTO_TEST_CASE(test_RecursorCacheSimple) { +BOOST_AUTO_TEST_CASE(test_RecursorCacheSimple) +{ MemRecursorCache MRC; std::vector records; @@ -29,34 +30,34 @@ BOOST_AUTO_TEST_CASE(test_RecursorCacheSimple) { uint64_t counter = 0; try { - for(counter = 0; counter < 100000; ++counter) { - DNSName a = DNSName("hello ")+DNSName(std::to_string(counter)); + for (counter = 0; counter < 100000; ++counter) { + DNSName a = DNSName("hello ") + DNSName(std::to_string(counter)); BOOST_CHECK_EQUAL(DNSName(a.toString()), a); MRC.replace(now, a, QType(QType::A), records, signatures, authRecords, true, boost::none); - if(!MRC.doWipeCache(a, false)) - BOOST_FAIL("Could not remove entry we just added to the cache!"); + if (!MRC.doWipeCache(a, false)) + BOOST_FAIL("Could not remove entry we just added to the cache!"); MRC.replace(now, a, QType(QType::A), records, signatures, authRecords, true, boost::none); } BOOST_CHECK_EQUAL(MRC.size(), counter); uint64_t delcounter = 0; - for(delcounter=0; delcounter < counter/100; ++delcounter) { - DNSName a = DNSName("hello ")+DNSName(std::to_string(delcounter)); + for (delcounter = 0; delcounter < counter / 100; ++delcounter) { + DNSName a = DNSName("hello ") + DNSName(std::to_string(delcounter)); BOOST_CHECK_EQUAL(MRC.doWipeCache(a, false, QType::A), 1); } - BOOST_CHECK_EQUAL(MRC.size(), counter-delcounter); + BOOST_CHECK_EQUAL(MRC.size(), counter - delcounter); std::vector retrieved; ComboAddress who("192.0.2.1"); int64_t matches = 0; - int64_t expected = counter-delcounter; + int64_t expected = counter - delcounter; - for(; delcounter < counter; ++delcounter) { - if(MRC.get(now, DNSName("hello ")+DNSName(std::to_string(delcounter)), QType(QType::A), false, &retrieved, who, nullptr)) { - matches++; + for (; delcounter < counter; ++delcounter) { + if (MRC.get(now, DNSName("hello ") + DNSName(std::to_string(delcounter)), QType(QType::A), false, &retrieved, who, nullptr)) { + matches++; } } BOOST_CHECK_EQUAL(matches, expected); @@ -93,7 +94,7 @@ BOOST_AUTO_TEST_CASE(test_RecursorCacheSimple) { retrieved.clear(); // subnet specific should be returned for a matching subnet - BOOST_CHECK_EQUAL(MRC.get(now, power, QType(QType::AAAA), false, &retrieved, ComboAddress("192.0.2.2"), nullptr), (ttd-now)); + BOOST_CHECK_EQUAL(MRC.get(now, power, QType(QType::AAAA), false, &retrieved, ComboAddress("192.0.2.2"), nullptr), (ttd - now)); BOOST_REQUIRE_EQUAL(retrieved.size(), 1U); BOOST_CHECK_EQUAL(getRR(retrieved.at(0))->getCA().toString(), dr1Content.toString()); @@ -113,7 +114,7 @@ BOOST_AUTO_TEST_CASE(test_RecursorCacheSimple) { BOOST_CHECK_EQUAL(MRC.size(), 1U); // NON-subnet specific should always be returned - BOOST_CHECK_EQUAL(MRC.get(now, power, QType(QType::A), false, &retrieved, ComboAddress("127.0.0.1"), nullptr), (ttd-now)); + BOOST_CHECK_EQUAL(MRC.get(now, power, QType(QType::A), false, &retrieved, ComboAddress("127.0.0.1"), nullptr), (ttd - now)); BOOST_REQUIRE_EQUAL(retrieved.size(), 1U); BOOST_CHECK_EQUAL(getRR(retrieved.at(0))->getCA().toString(), dr2Content.toString()); retrieved.clear(); @@ -133,13 +134,13 @@ BOOST_AUTO_TEST_CASE(test_RecursorCacheSimple) { BOOST_CHECK_EQUAL(MRC.size(), 3U); // we should still get the NON-subnet specific entry - BOOST_CHECK_EQUAL(MRC.get(now, power, QType(QType::A), false, &retrieved, ComboAddress("127.0.0.1"), nullptr), (ttd-now)); + BOOST_CHECK_EQUAL(MRC.get(now, power, QType(QType::A), false, &retrieved, ComboAddress("127.0.0.1"), nullptr), (ttd - now)); BOOST_REQUIRE_EQUAL(retrieved.size(), 1U); BOOST_CHECK_EQUAL(getRR(retrieved.at(0))->getCA().toString(), dr2Content.toString()); retrieved.clear(); // we should get the subnet specific entry if we are from the right subnet - BOOST_CHECK_EQUAL(MRC.get(now, power, QType(QType::AAAA), false, &retrieved, ComboAddress("192.0.2.3"), nullptr), (ttd-now)); + BOOST_CHECK_EQUAL(MRC.get(now, power, QType(QType::AAAA), false, &retrieved, ComboAddress("192.0.2.3"), nullptr), (ttd - now)); BOOST_REQUIRE_EQUAL(retrieved.size(), 1U); BOOST_CHECK_EQUAL(getRR(retrieved.at(0))->getCA().toString(), dr1Content.toString()); retrieved.clear(); @@ -150,7 +151,7 @@ BOOST_AUTO_TEST_CASE(test_RecursorCacheSimple) { retrieved.clear(); // QType::ANY should return any qtype, so from the right subnet we should get all of them - BOOST_CHECK_EQUAL(MRC.get(now, power, QType(QType::ANY), false, &retrieved, ComboAddress("192.0.2.3"), nullptr), (ttd-now)); + BOOST_CHECK_EQUAL(MRC.get(now, power, QType(QType::ANY), false, &retrieved, ComboAddress("192.0.2.3"), nullptr), (ttd - now)); BOOST_CHECK_EQUAL(retrieved.size(), 3U); for (const auto& rec : retrieved) { BOOST_CHECK(rec.d_type == QType::A || rec.d_type == QType::AAAA || rec.d_type == QType::TXT); @@ -162,7 +163,7 @@ BOOST_AUTO_TEST_CASE(test_RecursorCacheSimple) { retrieved.clear(); // but only the non-subnet specific from the another subnet - BOOST_CHECK_EQUAL(MRC.get(now, power, QType(QType::ANY), false, &retrieved, ComboAddress("127.0.0.1"), nullptr), (ttd-now)); + BOOST_CHECK_EQUAL(MRC.get(now, power, QType(QType::ANY), false, &retrieved, ComboAddress("127.0.0.1"), nullptr), (ttd - now)); BOOST_CHECK_EQUAL(retrieved.size(), 2U); for (const auto& rec : retrieved) { BOOST_CHECK(rec.d_type == QType::A || rec.d_type == QType::TXT); @@ -170,7 +171,7 @@ BOOST_AUTO_TEST_CASE(test_RecursorCacheSimple) { retrieved.clear(); // QType::ADDR should return both A and AAAA but no TXT, so two entries from the right subnet - BOOST_CHECK_EQUAL(MRC.get(now, power, QType(QType::ADDR), false, &retrieved, ComboAddress("192.0.2.3"), nullptr), (ttd-now)); + BOOST_CHECK_EQUAL(MRC.get(now, power, QType(QType::ADDR), false, &retrieved, ComboAddress("192.0.2.3"), nullptr), (ttd - now)); BOOST_CHECK_EQUAL(retrieved.size(), 2U); bool gotA = false; bool gotAAAA = false; @@ -188,7 +189,7 @@ BOOST_AUTO_TEST_CASE(test_RecursorCacheSimple) { retrieved.clear(); // but only the non-subnet specific one from the another subnet - BOOST_CHECK_EQUAL(MRC.get(now, power, QType(QType::ADDR), false, &retrieved, ComboAddress("127.0.0.1"), nullptr), (ttd-now)); + BOOST_CHECK_EQUAL(MRC.get(now, power, QType(QType::ADDR), false, &retrieved, ComboAddress("127.0.0.1"), nullptr), (ttd - now)); BOOST_REQUIRE_EQUAL(retrieved.size(), 1U); BOOST_CHECK(retrieved.at(0).d_type == QType::A); retrieved.clear(); @@ -224,7 +225,7 @@ BOOST_AUTO_TEST_CASE(test_RecursorCacheSimple) { records.push_back(dr2); MRC.replace(now, power, QType(QType::A), records, signatures, authRecords, true, boost::none); BOOST_CHECK_EQUAL(MRC.size(), 1U); - BOOST_CHECK_EQUAL(MRC.get(now, power, QType(QType::A), false, &retrieved, ComboAddress("127.0.0.1"), nullptr), (ttd-now)); + BOOST_CHECK_EQUAL(MRC.get(now, power, QType(QType::A), false, &retrieved, ComboAddress("127.0.0.1"), nullptr), (ttd - now)); BOOST_CHECK_EQUAL(retrieved.size(), 1U); DNSRecord dr3; @@ -246,7 +247,7 @@ BOOST_AUTO_TEST_CASE(test_RecursorCacheSimple) { // non-auth should not replace valid auth MRC.replace(now, power, QType(QType::A), records, signatures, authRecords, false, boost::none); BOOST_CHECK_EQUAL(MRC.size(), 1U); - BOOST_CHECK_EQUAL(MRC.get(now, power, QType(QType::A), false, &retrieved, ComboAddress("127.0.0.1"), nullptr), (ttd-now)); + BOOST_CHECK_EQUAL(MRC.get(now, power, QType(QType::A), false, &retrieved, ComboAddress("127.0.0.1"), nullptr), (ttd - now)); BOOST_REQUIRE_EQUAL(retrieved.size(), 1U); BOOST_CHECK_EQUAL(getRR(retrieved.at(0))->getCA().toString(), dr2Content.toString()); @@ -264,7 +265,7 @@ BOOST_AUTO_TEST_CASE(test_RecursorCacheSimple) { BOOST_CHECK_EQUAL(MRC.size(), 1U); // let's first check that non-auth is not returned when we need authoritative data BOOST_CHECK_EQUAL(MRC.get(now, power, QType(QType::A), true, &retrieved, ComboAddress("127.0.0.1"), nullptr), -now); - BOOST_CHECK_EQUAL(MRC.get(now, power, QType(QType::A), false, &retrieved, ComboAddress("127.0.0.1"), nullptr), (ttd-now)); + BOOST_CHECK_EQUAL(MRC.get(now, power, QType(QType::A), false, &retrieved, ComboAddress("127.0.0.1"), nullptr), (ttd - now)); BOOST_REQUIRE_EQUAL(retrieved.size(), 1U); BOOST_CHECK_EQUAL(getRR(retrieved.at(0))->getCA().toString(), dr2Content.toString()); @@ -306,7 +307,7 @@ BOOST_AUTO_TEST_CASE(test_RecursorCacheSimple) { BOOST_CHECK_EQUAL(MRC.size(), 3U); // we should get the most specific entry for 192.168.0.1, so the second one - BOOST_CHECK_EQUAL(MRC.get(now, power, QType(QType::A), false, &retrieved, ComboAddress("192.168.0.1"), nullptr), (ttd-now)); + BOOST_CHECK_EQUAL(MRC.get(now, power, QType(QType::A), false, &retrieved, ComboAddress("192.168.0.1"), nullptr), (ttd - now)); BOOST_REQUIRE_EQUAL(retrieved.size(), 1U); BOOST_CHECK_EQUAL(getRR(retrieved.at(0))->getCA().toString(), dr4Content.toString()); retrieved.clear(); @@ -328,18 +329,19 @@ BOOST_AUTO_TEST_CASE(test_RecursorCacheSimple) { retrieved.clear(); // but we should when we are OK with non-auth - BOOST_CHECK_EQUAL(MRC.get(now, power, QType(QType::A), false, &retrieved, ComboAddress("192.168.0.1"), nullptr), (ttd-now)); + BOOST_CHECK_EQUAL(MRC.get(now, power, QType(QType::A), false, &retrieved, ComboAddress("192.168.0.1"), nullptr), (ttd - now)); BOOST_REQUIRE_EQUAL(retrieved.size(), 1U); BOOST_CHECK_EQUAL(getRR(retrieved.at(0))->getCA().toString(), dr2Content.toString()); retrieved.clear(); } - catch(const PDNSException& e) { - cerr<<"Had error: "< records; @@ -374,12 +376,13 @@ BOOST_AUTO_TEST_CASE(test_RecursorCacheGhost) { /* the TTL should not have been raisd */ std::vector retrieved; - BOOST_CHECK_EQUAL(MRC.get(now, ghost, QType(QType::NS), false, &retrieved, ComboAddress("192.0.2.2"), nullptr), (ttd-now)); + BOOST_CHECK_EQUAL(MRC.get(now, ghost, QType(QType::NS), false, &retrieved, ComboAddress("192.0.2.2"), nullptr), (ttd - now)); BOOST_REQUIRE_EQUAL(retrieved.size(), 1U); BOOST_CHECK_EQUAL(retrieved.at(0).d_ttl, static_cast(ttd)); } -BOOST_AUTO_TEST_CASE(test_RecursorCache_ExpungingExpiredEntries) { +BOOST_AUTO_TEST_CASE(test_RecursorCache_ExpungingExpiredEntries) +{ MemRecursorCache MRC; std::vector records; @@ -468,7 +471,8 @@ BOOST_AUTO_TEST_CASE(test_RecursorCache_ExpungingExpiredEntries) { BOOST_CHECK_EQUAL(MRC.get(ttd - 1, power2, QType(dr2.d_type), false, &retrieved, who, nullptr), -1); } -BOOST_AUTO_TEST_CASE(test_RecursorCache_ExpungingValidEntries) { +BOOST_AUTO_TEST_CASE(test_RecursorCache_ExpungingValidEntries) +{ MemRecursorCache MRC; std::vector records; @@ -518,7 +522,7 @@ BOOST_AUTO_TEST_CASE(test_RecursorCache_ExpungingValidEntries) { BOOST_CHECK_EQUAL(MRC.size(), 1U); /* the remaining entry should be power2 */ - BOOST_CHECK_EQUAL(MRC.get(now, power2, QType(dr2.d_type), false, &retrieved, who, nullptr), ttd-now); + BOOST_CHECK_EQUAL(MRC.get(now, power2, QType(dr2.d_type), false, &retrieved, who, nullptr), ttd - now); BOOST_REQUIRE_EQUAL(retrieved.size(), 1U); BOOST_CHECK_EQUAL(getRR(retrieved.at(0))->getCA().toString(), dr2Content.toString()); /* check that power1 is gone */ @@ -552,7 +556,7 @@ BOOST_AUTO_TEST_CASE(test_RecursorCache_ExpungingValidEntries) { BOOST_CHECK_EQUAL(MRC.size(), 1U); /* the remaining entry should be power1 */ - BOOST_CHECK_EQUAL(MRC.get(now, power1, QType(dr1.d_type), false, &retrieved, who, nullptr), ttd-now); + BOOST_CHECK_EQUAL(MRC.get(now, power1, QType(dr1.d_type), false, &retrieved, who, nullptr), ttd - now); BOOST_REQUIRE_EQUAL(retrieved.size(), 1U); BOOST_CHECK_EQUAL(getRR(retrieved.at(0))->getCA().toString(), dr1Content.toString()); /* check that power2 is gone */ @@ -573,7 +577,7 @@ BOOST_AUTO_TEST_CASE(test_RecursorCache_ExpungingValidEntries) { BOOST_CHECK_EQUAL(MRC.size(), 2U); /* get a hit for power1 */ - BOOST_CHECK_EQUAL(MRC.get(now, power1, QType(dr1.d_type), false, &retrieved, who, nullptr), ttd-now); + BOOST_CHECK_EQUAL(MRC.get(now, power1, QType(dr1.d_type), false, &retrieved, who, nullptr), ttd - now); BOOST_REQUIRE_EQUAL(retrieved.size(), 1U); BOOST_CHECK_EQUAL(getRR(retrieved.at(0))->getCA().toString(), dr1Content.toString()); @@ -584,7 +588,7 @@ BOOST_AUTO_TEST_CASE(test_RecursorCache_ExpungingValidEntries) { BOOST_CHECK_EQUAL(MRC.size(), 1U); /* the remaining entry should be power1 */ - BOOST_CHECK_EQUAL(MRC.get(now, power1, QType(dr1.d_type), false, &retrieved, who, nullptr), ttd-now); + BOOST_CHECK_EQUAL(MRC.get(now, power1, QType(dr1.d_type), false, &retrieved, who, nullptr), ttd - now); BOOST_REQUIRE_EQUAL(retrieved.size(), 1U); BOOST_CHECK_EQUAL(getRR(retrieved.at(0))->getCA().toString(), dr1Content.toString()); /* check that power2 is gone */ @@ -645,7 +649,8 @@ BOOST_AUTO_TEST_CASE(test_RecursorCache_ExpungingValidEntries) { BOOST_CHECK_EQUAL(MRC.ecsIndexSize(), 0U); } -BOOST_AUTO_TEST_CASE(test_RecursorCacheECSIndex) { +BOOST_AUTO_TEST_CASE(test_RecursorCacheECSIndex) +{ MemRecursorCache MRC; const DNSName power("powerdns.com."); @@ -767,7 +772,7 @@ BOOST_AUTO_TEST_CASE(test_RecursorCacheECSIndex) { but it has expired. The second ECS is a match too, and is valid. */ retrieved.clear(); - BOOST_CHECK_EQUAL(MRC.get(now + 5 + 1, power, QType(QType::A), false, &retrieved, ComboAddress("192.0.2.1")), (ttd - (now +5 + 1))); + BOOST_CHECK_EQUAL(MRC.get(now + 5 + 1, power, QType(QType::A), false, &retrieved, ComboAddress("192.0.2.1")), (ttd - (now + 5 + 1))); BOOST_REQUIRE_EQUAL(retrieved.size(), 1U); BOOST_CHECK_EQUAL(getRR(retrieved.at(0))->getCA().toString(), dr1Content.toString()); @@ -811,7 +816,8 @@ BOOST_AUTO_TEST_CASE(test_RecursorCacheECSIndex) { BOOST_CHECK_EQUAL(MRC.ecsIndexSize(), 0U); } -BOOST_AUTO_TEST_CASE(test_RecursorCache_Wipe) { +BOOST_AUTO_TEST_CASE(test_RecursorCache_Wipe) +{ MemRecursorCache MRC; const DNSName power("powerdns.com."); diff --git a/pdns/recursordist/test-rpzloader_cc.cc b/pdns/recursordist/test-rpzloader_cc.cc index 3b848fafda..2b46e9efab 100644 --- a/pdns/recursordist/test-rpzloader_cc.cc +++ b/pdns/recursordist/test-rpzloader_cc.cc @@ -9,7 +9,8 @@ // Provide stubs for some symbols bool g_logRPZChanges{false}; -ComboAddress getQueryLocalAddress(int family, uint16_t port) { +ComboAddress getQueryLocalAddress(int family, uint16_t port) +{ cerr << "getQueryLocalAddress() STUBBED IN TEST!" << endl; BOOST_ASSERT(false); return ComboAddress(); @@ -17,23 +18,24 @@ ComboAddress getQueryLocalAddress(int family, uint16_t port) { BOOST_AUTO_TEST_SUITE(rpzloader_cc) -BOOST_AUTO_TEST_CASE(test_rpz_loader) { +BOOST_AUTO_TEST_CASE(test_rpz_loader) +{ string tests[][2] = { - {"32.3.2.168.192", "192.168.2.3/32"}, - {"27.73.2.168.192", "192.168.2.73/27"}, - {"24.0.2.168.192", "192.168.2.0/24"}, - {"128.57.zz.1.0.db8.2001", "2001:db8:0:1::57/128"}, - {"48.zz.1.0.db8.2001", "2001:db8:0:1::/48"}, - {"128.5.C0A8.FFFF.0.1.0.db8.2001", "2001:db8:0:1:0:ffff:c0a8:5/128"}, - - {"21.0.248.44.5", "5.44.248.0/21"}, - {"64.0.0.0.0.0.1.0.0.", "0:0:1::/64"}, - {"64.zz.2.0.0", "0:0:2::/64"}, - {"80.0.0.0.1.0.0.0.0", "::1:0:0:0/80"}, - {"80.0.0.0.1.zz", "::1:0:0:0/80"}}; - - for (auto &test : tests) { + {"32.3.2.168.192", "192.168.2.3/32"}, + {"27.73.2.168.192", "192.168.2.73/27"}, + {"24.0.2.168.192", "192.168.2.0/24"}, + {"128.57.zz.1.0.db8.2001", "2001:db8:0:1::57/128"}, + {"48.zz.1.0.db8.2001", "2001:db8:0:1::/48"}, + {"128.5.C0A8.FFFF.0.1.0.db8.2001", "2001:db8:0:1:0:ffff:c0a8:5/128"}, + + {"21.0.248.44.5", "5.44.248.0/21"}, + {"64.0.0.0.0.0.1.0.0.", "0:0:1::/64"}, + {"64.zz.2.0.0", "0:0:2::/64"}, + {"80.0.0.0.1.0.0.0.0", "::1:0:0:0/80"}, + {"80.0.0.0.1.zz", "::1:0:0:0/80"}}; + + for (auto& test : tests) { Netmask n = makeNetmaskFromRPZ(DNSName(test[0])); BOOST_CHECK_EQUAL(n.toString(), test[1]); } diff --git a/pdns/recursordist/test-secpoll_cc.cc b/pdns/recursordist/test-secpoll_cc.cc index c1b2778f51..3fd5bd2f0d 100644 --- a/pdns/recursordist/test-secpoll_cc.cc +++ b/pdns/recursordist/test-secpoll_cc.cc @@ -12,38 +12,43 @@ BOOST_AUTO_TEST_SUITE(test_secpoll_cc) -bool checkBasicMessage1(const PDNSException &ex) { +bool checkBasicMessage1(const PDNSException& ex) +{ BOOST_CHECK_EQUAL(ex.reason, "Had empty answer on NOERROR RCODE"); return true; } -bool checkBasicMessage2(const PDNSException &ex) { +bool checkBasicMessage2(const PDNSException& ex) +{ BOOST_CHECK_EQUAL(ex.reason, "RCODE was not NOERROR but " + RCode::to_s(1)); return true; } -bool checkBasicMessage3(const PDNSException &ex) { +bool checkBasicMessage3(const PDNSException& ex) +{ BOOST_CHECK_EQUAL(ex.reason, "No TXT record found in response"); return true; } -bool checkBasicMessage4(const PDNSException &ex) { +bool checkBasicMessage4(const PDNSException& ex) +{ BOOST_CHECK(ex.reason.find("Could not parse status number: stoi") == 0); return true; } -bool checkBasicMessage5(const PDNSException &ex) { +bool checkBasicMessage5(const PDNSException& ex) +{ BOOST_CHECK(ex.reason.find("Could not parse status number: stoi") == 0); return true; } -BOOST_AUTO_TEST_CASE(test_secpoll_basic) { +BOOST_AUTO_TEST_CASE(test_secpoll_basic) +{ BOOST_CHECK(!isReleaseVersion("")); BOOST_CHECK(isReleaseVersion("..")); BOOST_CHECK(!isReleaseVersion("...")); - int status = 0; std::string message; @@ -80,6 +85,5 @@ BOOST_AUTO_TEST_CASE(test_secpoll_basic) { v.clear(); addRecordToList(v, DNSName("aname"), QType::TXT, "\"X OK\""); BOOST_CHECK_EXCEPTION(processSecPoll(0, v, status, message), PDNSException, checkBasicMessage5); - } BOOST_AUTO_TEST_SUITE_END(); diff --git a/pdns/recursordist/test-syncres_cc.cc b/pdns/recursordist/test-syncres_cc.cc index 2c0b68273a..69fb5ba1b6 100644 --- a/pdns/recursordist/test-syncres_cc.cc +++ b/pdns/recursordist/test-syncres_cc.cc @@ -16,7 +16,7 @@ bool g_lowercaseOutgoing = false; /* Fake some required functions we didn't want the trouble to link with */ -ArgvMap &arg() +ArgvMap& arg() { static ArgvMap theArg; return theArg; @@ -36,7 +36,7 @@ bool RecursorLua4::preoutquery(const ComboAddress& ns, const ComboAddress& reque return false; } -int asyncresolve(const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, const std::shared_ptr>>& outgoingLoggers, const std::shared_ptr>>& fstrmLoggers,const std::set& exportTypes, LWResult* res, bool* chained) +int asyncresolve(const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, const std::shared_ptr>>& outgoingLoggers, const std::shared_ptr>>& fstrmLoggers, const std::set& exportTypes, LWResult* res, bool* chained) { return 0; } @@ -52,29 +52,29 @@ int asyncresolve(const ComboAddress& ip, const DNSName& domain, int type, bool d void primeHints(void) { vector nsset; - if(!t_RC) + if (!t_RC) t_RC = std::unique_ptr(new MemRecursorCache()); DNSRecord arr, aaaarr, nsrr; - nsrr.d_name=g_rootdnsname; - arr.d_type=QType::A; - aaaarr.d_type=QType::AAAA; - nsrr.d_type=QType::NS; - arr.d_ttl=aaaarr.d_ttl=nsrr.d_ttl=time(nullptr)+3600000; + nsrr.d_name = g_rootdnsname; + arr.d_type = QType::A; + aaaarr.d_type = QType::AAAA; + nsrr.d_type = QType::NS; + arr.d_ttl = aaaarr.d_ttl = nsrr.d_ttl = time(nullptr) + 3600000; - for(char c='a';c<='m';++c) { + for (char c = 'a'; c <= 'm'; ++c) { char templ[40]; - strncpy(templ,"a.root-servers.net.", sizeof(templ) - 1); - templ[sizeof(templ)-1] = '\0'; - *templ=c; - aaaarr.d_name=arr.d_name=DNSName(templ); - nsrr.d_content=std::make_shared(DNSName(templ)); - arr.d_content=std::make_shared(ComboAddress(rootIps4[c-'a'])); + strncpy(templ, "a.root-servers.net.", sizeof(templ) - 1); + templ[sizeof(templ) - 1] = '\0'; + *templ = c; + aaaarr.d_name = arr.d_name = DNSName(templ); + nsrr.d_content = std::make_shared(DNSName(templ)); + arr.d_content = std::make_shared(ComboAddress(rootIps4[c - 'a'])); vector aset; aset.push_back(arr); t_RC->replace(time(nullptr), DNSName(templ), QType(QType::A), aset, vector>(), vector>(), true); // auth, nuke it all - if (rootIps6[c-'a'] != NULL) { - aaaarr.d_content=std::make_shared(ComboAddress(rootIps6[c-'a'])); + if (rootIps6[c - 'a'] != NULL) { + aaaarr.d_content = std::make_shared(ComboAddress(rootIps6[c - 'a'])); vector aaaaset; aaaaset.push_back(aaaarr); @@ -88,8 +88,8 @@ void primeHints(void) LuaConfigItems::LuaConfigItems() { - for (const auto &dsRecord : rootDSs) { - auto ds=std::dynamic_pointer_cast(DSRecordContent::make(dsRecord)); + for (const auto& dsRecord : rootDSs) { + auto ds = std::dynamic_pointer_cast(DSRecordContent::make(dsRecord)); dsAnchors[g_rootdnsname].insert(*ds); } } @@ -113,7 +113,7 @@ void initSR(bool debug) t_RC = std::unique_ptr(new MemRecursorCache()); SyncRes::s_maxqperq = 50; - SyncRes::s_maxtotusec = 1000*7000; + SyncRes::s_maxtotusec = 1000 * 7000; SyncRes::s_maxdepth = 40; SyncRes::s_maxnegttl = 3600; SyncRes::s_maxbogusttl = 3600; @@ -156,8 +156,8 @@ void initSR(bool debug) auto luaconfsCopy = g_luaconfs.getCopy(); luaconfsCopy.dfe.clear(); luaconfsCopy.dsAnchors.clear(); - for (const auto &dsRecord : rootDSs) { - auto ds=std::dynamic_pointer_cast(DSRecordContent::make(dsRecord)); + for (const auto& dsRecord : rootDSs) { + auto ds = std::dynamic_pointer_cast(DSRecordContent::make(dsRecord)); luaconfsCopy.dsAnchors[g_rootdnsname].insert(*ds); } luaconfsCopy.negAnchors.clear(); @@ -167,9 +167,9 @@ void initSR(bool debug) g_dnssecLOG = debug; g_maxNSEC3Iterations = 2500; - ::arg().set("version-string", "string reported on version.pdns or version.bind")="PowerDNS Unit Tests"; - ::arg().set("rng")="auto"; - ::arg().set("entropy-source")="/dev/urandom"; + ::arg().set("version-string", "string reported on version.pdns or version.bind") = "PowerDNS Unit Tests"; + ::arg().set("rng") = "auto"; + ::arg().set("entropy-source") = "/dev/urandom"; ::arg().setSwitch("qname-minimization", "Use Query Name Minimization") = "yes"; } @@ -243,7 +243,7 @@ bool isRootServer(const ComboAddress& ip) return false; } -void computeRRSIG(const DNSSECPrivateKey& dpk, const DNSName& signer, const DNSName& signQName, uint16_t signQType, uint32_t signTTL, uint32_t sigValidity, RRSIGRecordContent& rrc, vector >& toSign, boost::optional algo, boost::optional inception, boost::optional now) +void computeRRSIG(const DNSSECPrivateKey& dpk, const DNSName& signer, const DNSName& signQName, uint16_t signQType, uint32_t signTTL, uint32_t sigValidity, RRSIGRecordContent& rrc, vector>& toSign, boost::optional algo, boost::optional inception, boost::optional now) { if (!now) { now = time(nullptr); @@ -266,7 +266,7 @@ void computeRRSIG(const DNSSECPrivateKey& dpk, const DNSName& signer, const DNSN rrc.d_signature = rc->sign(msg); } -typedef std::unordered_map > testkeysset_t; +typedef std::unordered_map> testkeysset_t; bool addRRSIG(const testkeysset_t& keys, std::vector& records, const DNSName& signer, uint32_t sigValidity, bool broken, boost::optional algo, boost::optional wildcard, boost::optional now) { @@ -280,10 +280,10 @@ bool addRRSIG(const testkeysset_t& keys, std::vector& records, const } size_t recordsCount = records.size(); - const DNSName& name = records[recordsCount-1].d_name; - const uint16_t type = records[recordsCount-1].d_type; + const DNSName& name = records[recordsCount - 1].d_name; + const uint16_t type = records[recordsCount - 1].d_type; - std::vector > recordcontents; + std::vector> recordcontents; for (const auto record : records) { if (record.d_name == name && record.d_type == type) { recordcontents.push_back(record.d_content); @@ -291,16 +291,16 @@ bool addRRSIG(const testkeysset_t& keys, std::vector& records, const } RRSIGRecordContent rrc; - computeRRSIG(it->second.first, signer, wildcard ? *wildcard : records[recordsCount-1].d_name, records[recordsCount-1].d_type, records[recordsCount-1].d_ttl, sigValidity, rrc, recordcontents, algo, boost::none, now); + computeRRSIG(it->second.first, signer, wildcard ? *wildcard : records[recordsCount - 1].d_name, records[recordsCount - 1].d_type, records[recordsCount - 1].d_ttl, sigValidity, rrc, recordcontents, algo, boost::none, now); if (broken) { rrc.d_signature[0] ^= 42; } DNSRecord rec; rec.d_type = QType::RRSIG; - rec.d_place = records[recordsCount-1].d_place; - rec.d_name = records[recordsCount-1].d_name; - rec.d_ttl = records[recordsCount-1].d_ttl; + rec.d_place = records[recordsCount - 1].d_place; + rec.d_name = records[recordsCount - 1].d_name; + rec.d_ttl = records[recordsCount - 1].d_ttl; rec.d_content = std::make_shared(rrc); records.push_back(rec); @@ -343,7 +343,7 @@ bool addDS(const DNSName& domain, uint32_t ttl, std::vector& records, return true; } -void addNSECRecordToLW(const DNSName& domain, const DNSName& next, const std::set& types, uint32_t ttl, std::vector& records) +void addNSECRecordToLW(const DNSName& domain, const DNSName& next, const std::set& types, uint32_t ttl, std::vector& records) { NSECRecordContent nrc; nrc.d_next = next; @@ -361,7 +361,7 @@ void addNSECRecordToLW(const DNSName& domain, const DNSName& next, const std::se records.push_back(rec); } -void addNSEC3RecordToLW(const DNSName& hashedName, const std::string& hashedNext, const std::string& salt, unsigned int iterations, const std::set& types, uint32_t ttl, std::vector& records) +void addNSEC3RecordToLW(const DNSName& hashedName, const std::string& hashedNext, const std::string& salt, unsigned int iterations, const std::set& types, uint32_t ttl, std::vector& records) { NSEC3RecordContent nrc; nrc.d_algorithm = 1; @@ -383,7 +383,7 @@ void addNSEC3RecordToLW(const DNSName& hashedName, const std::string& hashedNext records.push_back(rec); } -void addNSEC3UnhashedRecordToLW(const DNSName& domain, const DNSName& zone, const std::string& next, const std::set& types, uint32_t ttl, std::vector& records, unsigned int iterations) +void addNSEC3UnhashedRecordToLW(const DNSName& domain, const DNSName& zone, const std::string& next, const std::set& types, uint32_t ttl, std::vector& records, unsigned int iterations) { static const std::string salt = "deadbeef"; std::string hashed = hashQNameWithSalt(salt, iterations, domain); @@ -391,7 +391,7 @@ void addNSEC3UnhashedRecordToLW(const DNSName& domain, const DNSName& zone, cons addNSEC3RecordToLW(DNSName(toBase32Hex(hashed)) + zone, next, salt, iterations, types, ttl, records); } -void addNSEC3NarrowRecordToLW(const DNSName& domain, const DNSName& zone, const std::set& types, uint32_t ttl, std::vector& records, unsigned int iterations) +void addNSEC3NarrowRecordToLW(const DNSName& domain, const DNSName& zone, const std::set& types, uint32_t ttl, std::vector& records, unsigned int iterations) { static const std::string salt = "deadbeef"; std::string hashed = hashQNameWithSalt(salt, iterations, domain); @@ -410,10 +410,10 @@ void generateKeyMaterial(const DNSName& name, unsigned int algo, uint8_t digest, dpk.d_flags = 256; dpk.setKey(dcke); DSRecordContent ds = makeDSFromDNSKey(name, dpk.getDNSKEY(), digest); - keys[name] = std::pair(dpk,ds); + keys[name] = std::pair(dpk, ds); } -void generateKeyMaterial(const DNSName& name, unsigned int algo, uint8_t digest, testkeysset_t& keys, map& dsAnchors) +void generateKeyMaterial(const DNSName& name, unsigned int algo, uint8_t digest, testkeysset_t& keys, map& dsAnchors) { generateKeyMaterial(name, algo, digest, keys); dsAnchors[name].insert(keys[name].second); @@ -438,7 +438,7 @@ int genericDSAndDNSKEYHandler(LWResult* res, const DNSName& domain, DNSName auth /* sign the SOA */ addRRSIG(keys, res->d_records, auth, 300, false, boost::none, boost::none, now); /* add a NSEC denying the DS */ - std::set types = { QType::NSEC }; + std::set types = {QType::NSEC}; if (proveCut) { types.insert(QType::NS); } @@ -461,7 +461,8 @@ int genericDSAndDNSKEYHandler(LWResult* res, const DNSName& domain, DNSName auth return 0; } -int basicRecordsForQnameMinimization(LWResult* res, const DNSName& domain, int type) { +int basicRecordsForQnameMinimization(LWResult* res, const DNSName& domain, int type) +{ if (domain == DNSName(".") && type == QType::A) { setLWResult(res, 0, true); addRecordToLW(res, DNSName("."), QType::SOA, "a.root-servers.net. nstld.verisign-grs.com. 2019042400 1800 900 604800 86400", DNSResourceRecord::AUTHORITY); diff --git a/pdns/recursordist/test-syncres_cc.hh b/pdns/recursordist/test-syncres_cc.hh index db63a00230..2c1fd30fda 100644 --- a/pdns/recursordist/test-syncres_cc.hh +++ b/pdns/recursordist/test-syncres_cc.hh @@ -31,49 +31,46 @@ extern GlobalStateHolder g_luaconfs; -ArgvMap &arg(); +ArgvMap& arg(); int getMTaskerTID(); void primeHints(void); -void initSR(bool debug=false); -void initSR(std::unique_ptr& sr, bool dnssec=false, bool debug=false, time_t fakeNow=0); +void initSR(bool debug = false); +void initSR(std::unique_ptr& sr, bool dnssec = false, bool debug = false, time_t fakeNow = 0); void setDNSSECValidation(std::unique_ptr& sr, const DNSSECMode& mode); -void setLWResult(LWResult* res, int rcode, bool aa=false, bool tc=false, bool edns=false, bool validpacket=true); +void setLWResult(LWResult* res, int rcode, bool aa = false, bool tc = false, bool edns = false, bool validpacket = true); -void addRecordToLW(LWResult* res, const DNSName& name, uint16_t type, const std::string& content, DNSResourceRecord::Place place=DNSResourceRecord::ANSWER, uint32_t ttl=60); +void addRecordToLW(LWResult* res, const DNSName& name, uint16_t type, const std::string& content, DNSResourceRecord::Place place = DNSResourceRecord::ANSWER, uint32_t ttl = 60); -void addRecordToLW(LWResult* res, const std::string& name, uint16_t type, const std::string& content, DNSResourceRecord::Place place=DNSResourceRecord::ANSWER, uint32_t ttl=60); +void addRecordToLW(LWResult* res, const std::string& name, uint16_t type, const std::string& content, DNSResourceRecord::Place place = DNSResourceRecord::ANSWER, uint32_t ttl = 60); bool isRootServer(const ComboAddress& ip); +void computeRRSIG(const DNSSECPrivateKey& dpk, const DNSName& signer, const DNSName& signQName, uint16_t signQType, uint32_t signTTL, uint32_t sigValidity, RRSIGRecordContent& rrc, vector>& toSign, boost::optional algo = boost::none, boost::optional inception = boost::none, boost::optional now = boost::none); -void computeRRSIG(const DNSSECPrivateKey& dpk, const DNSName& signer, const DNSName& signQName, uint16_t signQType, uint32_t signTTL, uint32_t sigValidity, RRSIGRecordContent& rrc, vector >& toSign, boost::optional algo=boost::none, boost::optional inception=boost::none, boost::optional now=boost::none); - -typedef std::unordered_map > testkeysset_t; - -bool addRRSIG(const testkeysset_t& keys, std::vector& records, const DNSName& signer, uint32_t sigValidity, bool broken=false, boost::optional algo=boost::none, boost::optional wildcard=boost::none, boost::optional now=boost::none); +typedef std::unordered_map> testkeysset_t; +bool addRRSIG(const testkeysset_t& keys, std::vector& records, const DNSName& signer, uint32_t sigValidity, bool broken = false, boost::optional algo = boost::none, boost::optional wildcard = boost::none, boost::optional now = boost::none); void addDNSKEY(const testkeysset_t& keys, const DNSName& signer, uint32_t ttl, std::vector& records); -bool addDS(const DNSName& domain, uint32_t ttl, std::vector& records, const testkeysset_t& keys, DNSResourceRecord::Place place=DNSResourceRecord::AUTHORITY); +bool addDS(const DNSName& domain, uint32_t ttl, std::vector& records, const testkeysset_t& keys, DNSResourceRecord::Place place = DNSResourceRecord::AUTHORITY); -void addNSECRecordToLW(const DNSName& domain, const DNSName& next, const std::set& types, uint32_t ttl, std::vector& records); +void addNSECRecordToLW(const DNSName& domain, const DNSName& next, const std::set& types, uint32_t ttl, std::vector& records); -void addNSEC3RecordToLW(const DNSName& hashedName, const std::string& hashedNext, const std::string& salt, unsigned int iterations, const std::set& types, uint32_t ttl, std::vector& records); +void addNSEC3RecordToLW(const DNSName& hashedName, const std::string& hashedNext, const std::string& salt, unsigned int iterations, const std::set& types, uint32_t ttl, std::vector& records); -void addNSEC3UnhashedRecordToLW(const DNSName& domain, const DNSName& zone, const std::string& next, const std::set& types, uint32_t ttl, std::vector& records, unsigned int iterations=10); +void addNSEC3UnhashedRecordToLW(const DNSName& domain, const DNSName& zone, const std::string& next, const std::set& types, uint32_t ttl, std::vector& records, unsigned int iterations = 10); -void addNSEC3NarrowRecordToLW(const DNSName& domain, const DNSName& zone, const std::set& types, uint32_t ttl, std::vector& records, unsigned int iterations=10); +void addNSEC3NarrowRecordToLW(const DNSName& domain, const DNSName& zone, const std::set& types, uint32_t ttl, std::vector& records, unsigned int iterations = 10); void generateKeyMaterial(const DNSName& name, unsigned int algo, uint8_t digest, testkeysset_t& keys); -void generateKeyMaterial(const DNSName& name, unsigned int algo, uint8_t digest, testkeysset_t& keys, map& dsAnchors); +void generateKeyMaterial(const DNSName& name, unsigned int algo, uint8_t digest, testkeysset_t& keys, map& dsAnchors); -int genericDSAndDNSKEYHandler(LWResult* res, const DNSName& domain, DNSName auth, int type, const testkeysset_t& keys, bool proveCut=true, boost::optional now=boost::none); +int genericDSAndDNSKEYHandler(LWResult* res, const DNSName& domain, DNSName auth, int type, const testkeysset_t& keys, bool proveCut = true, boost::optional now = boost::none); int basicRecordsForQnameMinimization(LWResult* res, const DNSName& domain, int type); - diff --git a/pdns/recursordist/test-syncres_cc1.cc b/pdns/recursordist/test-syncres_cc1.cc index 9132cd08d7..e39176ac91 100644 --- a/pdns/recursordist/test-syncres_cc1.cc +++ b/pdns/recursordist/test-syncres_cc1.cc @@ -5,7 +5,8 @@ BOOST_AUTO_TEST_SUITE(syncres_cc1) -BOOST_AUTO_TEST_CASE(test_root_primed) { +BOOST_AUTO_TEST_CASE(test_root_primed) +{ std::unique_ptr sr; initSR(sr); @@ -30,7 +31,8 @@ BOOST_AUTO_TEST_CASE(test_root_primed) { BOOST_CHECK_EQUAL(ret[0].d_name, target); } -BOOST_AUTO_TEST_CASE(test_root_primed_ns) { +BOOST_AUTO_TEST_CASE(test_root_primed_ns) +{ std::unique_ptr sr; initSR(sr); @@ -42,26 +44,26 @@ BOOST_AUTO_TEST_CASE(test_root_primed_ns) { size_t queriesCount = 0; - sr->setAsyncCallback([target,&queriesCount](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - queriesCount++; + sr->setAsyncCallback([target, &queriesCount](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queriesCount++; - if (domain == target && type == QType::NS) { + if (domain == target && type == QType::NS) { - setLWResult(res, 0, true, false, true); - char addr[] = "a.root-servers.net."; - for (char idx = 'a'; idx <= 'm'; idx++) { - addr[0] = idx; - addRecordToLW(res, g_rootdnsname, QType::NS, std::string(addr), DNSResourceRecord::ANSWER, 3600); - } + setLWResult(res, 0, true, false, true); + char addr[] = "a.root-servers.net."; + for (char idx = 'a'; idx <= 'm'; idx++) { + addr[0] = idx; + addRecordToLW(res, g_rootdnsname, QType::NS, std::string(addr), DNSResourceRecord::ANSWER, 3600); + } - addRecordToLW(res, "a.root-servers.net.", QType::A, "198.41.0.4", DNSResourceRecord::ADDITIONAL, 3600); - addRecordToLW(res, "a.root-servers.net.", QType::AAAA, "2001:503:ba3e::2:30", DNSResourceRecord::ADDITIONAL, 3600); + addRecordToLW(res, "a.root-servers.net.", QType::A, "198.41.0.4", DNSResourceRecord::ADDITIONAL, 3600); + addRecordToLW(res, "a.root-servers.net.", QType::AAAA, "2001:503:ba3e::2:30", DNSResourceRecord::ADDITIONAL, 3600); - return 1; - } + return 1; + } - return 0; - }); + return 0; + }); vector ret; int res = sr->beginResolve(target, QType(QType::NS), QClass::IN, ret); @@ -70,26 +72,27 @@ BOOST_AUTO_TEST_CASE(test_root_primed_ns) { BOOST_CHECK_EQUAL(queriesCount, 1U); } -BOOST_AUTO_TEST_CASE(test_root_not_primed) { +BOOST_AUTO_TEST_CASE(test_root_not_primed) +{ std::unique_ptr sr; initSR(sr); size_t queriesCount = 0; sr->setAsyncCallback([&queriesCount](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - queriesCount++; + queriesCount++; - if (domain == g_rootdnsname && type == QType::NS) { - setLWResult(res, 0, true, false, true); - addRecordToLW(res, g_rootdnsname, QType::NS, "a.root-servers.net.", DNSResourceRecord::ANSWER, 3600); - addRecordToLW(res, "a.root-servers.net.", QType::A, "198.41.0.4", DNSResourceRecord::ADDITIONAL, 3600); - addRecordToLW(res, "a.root-servers.net.", QType::AAAA, "2001:503:ba3e::2:30", DNSResourceRecord::ADDITIONAL, 3600); + if (domain == g_rootdnsname && type == QType::NS) { + setLWResult(res, 0, true, false, true); + addRecordToLW(res, g_rootdnsname, QType::NS, "a.root-servers.net.", DNSResourceRecord::ANSWER, 3600); + addRecordToLW(res, "a.root-servers.net.", QType::A, "198.41.0.4", DNSResourceRecord::ADDITIONAL, 3600); + addRecordToLW(res, "a.root-servers.net.", QType::AAAA, "2001:503:ba3e::2:30", DNSResourceRecord::ADDITIONAL, 3600); - return 1; - } + return 1; + } - return 0; - }); + return 0; + }); /* we are not primed yet, so SyncRes will have to call primeHints() then call getRootNS(), for which at least one of the root servers needs to answer */ @@ -100,7 +103,8 @@ BOOST_AUTO_TEST_CASE(test_root_not_primed) { BOOST_CHECK_EQUAL(queriesCount, 2U); } -BOOST_AUTO_TEST_CASE(test_root_not_primed_and_no_response) { +BOOST_AUTO_TEST_CASE(test_root_not_primed_and_no_response) +{ std::unique_ptr sr; initSR(sr); std::set downServers; @@ -110,10 +114,9 @@ BOOST_AUTO_TEST_CASE(test_root_not_primed_and_no_response) { None will, so it should ServFail. */ sr->setAsyncCallback([&downServers](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - - downServers.insert(ip); - return 0; - }); + downServers.insert(ip); + return 0; + }); vector ret; int res = sr->beginResolve(DNSName("."), QType(QType::NS), QClass::IN, ret); @@ -126,7 +129,8 @@ BOOST_AUTO_TEST_CASE(test_root_not_primed_and_no_response) { } } -static void test_edns_formerr_fallback_f(bool sample) { +static void test_edns_formerr_fallback_f(bool sample) +{ std::unique_ptr sr; initSR(sr); if (sample) { @@ -137,24 +141,24 @@ static void test_edns_formerr_fallback_f(bool sample) { size_t queriesWithoutEDNS = 0; sr->setAsyncCallback([&queriesWithEDNS, &queriesWithoutEDNS, &noEDNSServer, sample](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - if (EDNS0Level != 0) { - queriesWithEDNS++; - noEDNSServer = ip; + if (EDNS0Level != 0) { + queriesWithEDNS++; + noEDNSServer = ip; - setLWResult(res, RCode::FormErr); - return 1; - } + setLWResult(res, RCode::FormErr); + return 1; + } - queriesWithoutEDNS++; + queriesWithoutEDNS++; - if (domain == DNSName("powerdns.com") && type == QType::A && !doTCP) { - setLWResult(res, 0, true, false, false); - addRecordToLW(res, domain, QType::A, "192.0.2.1"); - return 1; - } + if (domain == DNSName("powerdns.com") && type == QType::A && !doTCP) { + setLWResult(res, 0, true, false, false); + addRecordToLW(res, domain, QType::A, "192.0.2.1"); + return 1; + } - return sample ? basicRecordsForQnameMinimization(res, domain, type) : 0; - }); + return sample ? basicRecordsForQnameMinimization(res, domain, type) : 0; + }); primeHints(); @@ -169,17 +173,20 @@ static void test_edns_formerr_fallback_f(bool sample) { BOOST_CHECK_EQUAL(SyncRes::getEDNSStatus(noEDNSServer), SyncRes::EDNSStatus::NOEDNS); } -BOOST_AUTO_TEST_CASE(test_edns_formerr_fallback) { +BOOST_AUTO_TEST_CASE(test_edns_formerr_fallback) +{ test_edns_formerr_fallback_f(false); } -BOOST_AUTO_TEST_CASE(test_edns_formerr_fallback_qmin) { +BOOST_AUTO_TEST_CASE(test_edns_formerr_fallback_qmin) +{ // DISABLED UNTIL QNAME MINIMIZATON IS THERE return; test_edns_formerr_fallback_f(true); } -BOOST_AUTO_TEST_CASE(test_edns_formerr_but_edns_enabled) { +BOOST_AUTO_TEST_CASE(test_edns_formerr_but_edns_enabled) +{ std::unique_ptr sr; initSR(sr); @@ -192,25 +199,24 @@ BOOST_AUTO_TEST_CASE(test_edns_formerr_but_edns_enabled) { std::set usedServers; sr->setAsyncCallback([&queriesWithEDNS, &queriesWithoutEDNS, &usedServers](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + if (EDNS0Level > 0) { + queriesWithEDNS++; + } + else { + queriesWithoutEDNS++; + } + usedServers.insert(ip); + if (type == QType::DNAME) { + setLWResult(res, RCode::FormErr); if (EDNS0Level > 0) { - queriesWithEDNS++; - } - else { - queriesWithoutEDNS++; - } - usedServers.insert(ip); - - if (type == QType::DNAME) { - setLWResult(res, RCode::FormErr); - if (EDNS0Level > 0) { - res->d_haveEDNS = true; - } - return 1; + res->d_haveEDNS = true; } + return 1; + } - return 0; - }); + return 0; + }); primeHints(); @@ -227,17 +233,17 @@ BOOST_AUTO_TEST_CASE(test_edns_formerr_but_edns_enabled) { } } -BOOST_AUTO_TEST_CASE(test_meta_types) { +BOOST_AUTO_TEST_CASE(test_meta_types) +{ std::unique_ptr sr; initSR(sr); - static const std::set invalidTypes = { 128, QType::AXFR, QType::IXFR, QType::RRSIG, QType::NSEC3, QType::OPT, QType::TSIG, QType::TKEY, QType::MAILA, QType::MAILB, 65535 }; + static const std::set invalidTypes = {128, QType::AXFR, QType::IXFR, QType::RRSIG, QType::NSEC3, QType::OPT, QType::TSIG, QType::TKEY, QType::MAILA, QType::MAILB, 65535}; for (const auto qtype : invalidTypes) { size_t queriesCount = 0; sr->setAsyncCallback([&queriesCount](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - queriesCount++; return 0; }); @@ -252,23 +258,24 @@ BOOST_AUTO_TEST_CASE(test_meta_types) { } } -BOOST_AUTO_TEST_CASE(test_tc_fallback_to_tcp) { +BOOST_AUTO_TEST_CASE(test_tc_fallback_to_tcp) +{ std::unique_ptr sr; initSR(sr); sr->setAsyncCallback([](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - if (!doTCP) { - setLWResult(res, 0, false, true, false); - return 1; - } - if (domain == DNSName("powerdns.com") && type == QType::A && doTCP) { - setLWResult(res, 0, true, false, false); - addRecordToLW(res, domain, QType::A, "192.0.2.1"); - return 1; - } + if (!doTCP) { + setLWResult(res, 0, false, true, false); + return 1; + } + if (domain == DNSName("powerdns.com") && type == QType::A && doTCP) { + setLWResult(res, 0, true, false, false); + addRecordToLW(res, domain, QType::A, "192.0.2.1"); + return 1; + } - return 0; - }); + return 0; + }); primeHints(); @@ -278,30 +285,31 @@ BOOST_AUTO_TEST_CASE(test_tc_fallback_to_tcp) { BOOST_CHECK_EQUAL(res, RCode::NoError); } -BOOST_AUTO_TEST_CASE(test_tc_over_tcp) { +BOOST_AUTO_TEST_CASE(test_tc_over_tcp) +{ std::unique_ptr sr; initSR(sr); size_t tcpQueriesCount = 0; sr->setAsyncCallback([&tcpQueriesCount](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - if (!doTCP) { - setLWResult(res, 0, true, true, false); - return 1; - } + if (!doTCP) { + setLWResult(res, 0, true, true, false); + return 1; + } - /* first TCP query is answered with a TC response */ - tcpQueriesCount++; - if (tcpQueriesCount == 1) { - setLWResult(res, 0, true, true, false); - } - else { - setLWResult(res, 0, true, false, false); - } + /* first TCP query is answered with a TC response */ + tcpQueriesCount++; + if (tcpQueriesCount == 1) { + setLWResult(res, 0, true, true, false); + } + else { + setLWResult(res, 0, true, false, false); + } - addRecordToLW(res, domain, QType::A, "192.0.2.1"); - return 1; - }); + addRecordToLW(res, domain, QType::A, "192.0.2.1"); + return 1; + }); primeHints(); @@ -311,7 +319,8 @@ BOOST_AUTO_TEST_CASE(test_tc_over_tcp) { BOOST_CHECK_EQUAL(tcpQueriesCount, 2U); } -BOOST_AUTO_TEST_CASE(test_all_nss_down) { +BOOST_AUTO_TEST_CASE(test_all_nss_down) +{ std::unique_ptr sr; initSR(sr); std::set downServers; @@ -319,29 +328,28 @@ BOOST_AUTO_TEST_CASE(test_all_nss_down) { primeHints(); sr->setAsyncCallback([&downServers](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - - if (isRootServer(ip)) { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800); - addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - addRecordToLW(res, "a.gtld-servers.net.", QType::AAAA, "2001:DB8::1", DNSResourceRecord::ADDITIONAL, 3600); - return 1; - } - else if (ip == ComboAddress("192.0.2.1:53") || ip == ComboAddress("[2001:DB8::1]:53")) { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, "powerdns.com.", QType::NS, "pdns-public-ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800); - addRecordToLW(res, "powerdns.com.", QType::NS, "pdns-public-ns2.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800); - addRecordToLW(res, "pdns-public-ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 172800); - addRecordToLW(res, "pdns-public-ns1.powerdns.com.", QType::AAAA, "2001:DB8::2", DNSResourceRecord::ADDITIONAL, 172800); - addRecordToLW(res, "pdns-public-ns2.powerdns.com.", QType::A, "192.0.2.3", DNSResourceRecord::ADDITIONAL, 172800); - addRecordToLW(res, "pdns-public-ns2.powerdns.com.", QType::AAAA, "2001:DB8::3", DNSResourceRecord::ADDITIONAL, 172800); - return 1; - } - else { - downServers.insert(ip); - return 0; - } - }); + if (isRootServer(ip)) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800); + addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); + addRecordToLW(res, "a.gtld-servers.net.", QType::AAAA, "2001:DB8::1", DNSResourceRecord::ADDITIONAL, 3600); + return 1; + } + else if (ip == ComboAddress("192.0.2.1:53") || ip == ComboAddress("[2001:DB8::1]:53")) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, "powerdns.com.", QType::NS, "pdns-public-ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800); + addRecordToLW(res, "powerdns.com.", QType::NS, "pdns-public-ns2.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800); + addRecordToLW(res, "pdns-public-ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 172800); + addRecordToLW(res, "pdns-public-ns1.powerdns.com.", QType::AAAA, "2001:DB8::2", DNSResourceRecord::ADDITIONAL, 172800); + addRecordToLW(res, "pdns-public-ns2.powerdns.com.", QType::A, "192.0.2.3", DNSResourceRecord::ADDITIONAL, 172800); + addRecordToLW(res, "pdns-public-ns2.powerdns.com.", QType::AAAA, "2001:DB8::3", DNSResourceRecord::ADDITIONAL, 172800); + return 1; + } + else { + downServers.insert(ip); + return 0; + } + }); DNSName target("powerdns.com."); @@ -358,7 +366,8 @@ BOOST_AUTO_TEST_CASE(test_all_nss_down) { } } -BOOST_AUTO_TEST_CASE(test_all_nss_network_error) { +BOOST_AUTO_TEST_CASE(test_all_nss_network_error) +{ std::unique_ptr sr; initSR(sr); std::set downServers; @@ -366,29 +375,28 @@ BOOST_AUTO_TEST_CASE(test_all_nss_network_error) { primeHints(); sr->setAsyncCallback([&downServers](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - - if (isRootServer(ip)) { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800); - addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - addRecordToLW(res, "a.gtld-servers.net.", QType::AAAA, "2001:DB8::1", DNSResourceRecord::ADDITIONAL, 3600); - return 1; - } - else if (ip == ComboAddress("192.0.2.1:53") || ip == ComboAddress("[2001:DB8::1]:53")) { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, "powerdns.com.", QType::NS, "pdns-public-ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800); - addRecordToLW(res, "powerdns.com.", QType::NS, "pdns-public-ns2.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800); - addRecordToLW(res, "pdns-public-ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 172800); - addRecordToLW(res, "pdns-public-ns1.powerdns.com.", QType::AAAA, "2001:DB8::2", DNSResourceRecord::ADDITIONAL, 172800); - addRecordToLW(res, "pdns-public-ns2.powerdns.com.", QType::A, "192.0.2.3", DNSResourceRecord::ADDITIONAL, 172800); - addRecordToLW(res, "pdns-public-ns2.powerdns.com.", QType::AAAA, "2001:DB8::3", DNSResourceRecord::ADDITIONAL, 172800); - return 1; - } - else { - downServers.insert(ip); - return 0; - } - }); + if (isRootServer(ip)) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800); + addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); + addRecordToLW(res, "a.gtld-servers.net.", QType::AAAA, "2001:DB8::1", DNSResourceRecord::ADDITIONAL, 3600); + return 1; + } + else if (ip == ComboAddress("192.0.2.1:53") || ip == ComboAddress("[2001:DB8::1]:53")) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, "powerdns.com.", QType::NS, "pdns-public-ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800); + addRecordToLW(res, "powerdns.com.", QType::NS, "pdns-public-ns2.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800); + addRecordToLW(res, "pdns-public-ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 172800); + addRecordToLW(res, "pdns-public-ns1.powerdns.com.", QType::AAAA, "2001:DB8::2", DNSResourceRecord::ADDITIONAL, 172800); + addRecordToLW(res, "pdns-public-ns2.powerdns.com.", QType::A, "192.0.2.3", DNSResourceRecord::ADDITIONAL, 172800); + addRecordToLW(res, "pdns-public-ns2.powerdns.com.", QType::AAAA, "2001:DB8::3", DNSResourceRecord::ADDITIONAL, 172800); + return 1; + } + else { + downServers.insert(ip); + return 0; + } + }); /* exact same test than the previous one, except instead of a time out we fake a network error */ DNSName target("powerdns.com."); @@ -406,7 +414,8 @@ BOOST_AUTO_TEST_CASE(test_all_nss_network_error) { } } -BOOST_AUTO_TEST_CASE(test_only_one_ns_up_resolving_itself_with_glue) { +BOOST_AUTO_TEST_CASE(test_only_one_ns_up_resolving_itself_with_glue) +{ std::unique_ptr sr; initSR(sr); @@ -415,45 +424,44 @@ BOOST_AUTO_TEST_CASE(test_only_one_ns_up_resolving_itself_with_glue) { DNSName target("www.powerdns.com."); sr->setAsyncCallback([target](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - - if (isRootServer(ip)) { - setLWResult(res, 0, false, false, true); - if (domain == target) { - addRecordToLW(res, "powerdns.com.", QType::NS, "pdns-public-ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800); - addRecordToLW(res, "powerdns.com.", QType::NS, "pdns-public-ns2.powerdns.net.", DNSResourceRecord::AUTHORITY, 172800); - addRecordToLW(res, "pdns-public-ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 172800); - addRecordToLW(res, "pdns-public-ns1.powerdns.com.", QType::AAAA, "2001:DB8::2", DNSResourceRecord::ADDITIONAL, 172800); + if (isRootServer(ip)) { + setLWResult(res, 0, false, false, true); + if (domain == target) { + addRecordToLW(res, "powerdns.com.", QType::NS, "pdns-public-ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800); + addRecordToLW(res, "powerdns.com.", QType::NS, "pdns-public-ns2.powerdns.net.", DNSResourceRecord::AUTHORITY, 172800); + addRecordToLW(res, "pdns-public-ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 172800); + addRecordToLW(res, "pdns-public-ns1.powerdns.com.", QType::AAAA, "2001:DB8::2", DNSResourceRecord::ADDITIONAL, 172800); + } + else if (domain == DNSName("pdns-public-ns2.powerdns.net.")) { + addRecordToLW(res, "powerdns.net.", QType::NS, "pdns-public-ns2.powerdns.net.", DNSResourceRecord::AUTHORITY, 172800); + addRecordToLW(res, "powerdns.net.", QType::NS, "pdns-public-ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800); + addRecordToLW(res, "pdns-public-ns2.powerdns.net.", QType::A, "192.0.2.3", DNSResourceRecord::ADDITIONAL, 172800); + addRecordToLW(res, "pdns-public-ns2.powerdns.net.", QType::AAAA, "2001:DB8::3", DNSResourceRecord::ADDITIONAL, 172800); + } + return 1; + } + else if (ip == ComboAddress("192.0.2.3:53")) { + setLWResult(res, 0, true, false, true); + if (domain == DNSName("pdns-public-ns2.powerdns.net.")) { + if (type == QType::A) { + addRecordToLW(res, "pdns-public-ns2.powerdns.net.", QType::A, "192.0.2.3"); } - else if (domain == DNSName("pdns-public-ns2.powerdns.net.")) { - addRecordToLW(res, "powerdns.net.", QType::NS, "pdns-public-ns2.powerdns.net.", DNSResourceRecord::AUTHORITY, 172800); - addRecordToLW(res, "powerdns.net.", QType::NS, "pdns-public-ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800); - addRecordToLW(res, "pdns-public-ns2.powerdns.net.", QType::A, "192.0.2.3", DNSResourceRecord::ADDITIONAL, 172800); - addRecordToLW(res, "pdns-public-ns2.powerdns.net.", QType::AAAA, "2001:DB8::3", DNSResourceRecord::ADDITIONAL, 172800); + else if (type == QType::AAAA) { + addRecordToLW(res, "pdns-public-ns2.powerdns.net.", QType::AAAA, "2001:DB8::3"); } - return 1; } - else if (ip == ComboAddress("192.0.2.3:53")) { - setLWResult(res, 0, true, false, true); - if (domain == DNSName("pdns-public-ns2.powerdns.net.")) { - if (type == QType::A) { - addRecordToLW(res, "pdns-public-ns2.powerdns.net.", QType::A, "192.0.2.3"); - } - else if (type == QType::AAAA) { - addRecordToLW(res, "pdns-public-ns2.powerdns.net.", QType::AAAA, "2001:DB8::3"); - } + else if (domain == target) { + if (type == QType::A) { + addRecordToLW(res, domain, QType::A, "192.0.2.1"); } - else if (domain == target) { - if (type == QType::A) { - addRecordToLW(res, domain, QType::A, "192.0.2.1"); - } - else if (type == QType::AAAA) { - addRecordToLW(res, domain, QType::AAAA, "2001:DB8::1"); - } + else if (type == QType::AAAA) { + addRecordToLW(res, domain, QType::AAAA, "2001:DB8::1"); } - return 1; } - return 0; - }); + return 1; + } + return 0; + }); vector ret; int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret); @@ -461,7 +469,8 @@ BOOST_AUTO_TEST_CASE(test_only_one_ns_up_resolving_itself_with_glue) { BOOST_CHECK_EQUAL(ret.size(), 1U); } -BOOST_AUTO_TEST_CASE(test_os_limit_errors) { +BOOST_AUTO_TEST_CASE(test_os_limit_errors) +{ std::unique_ptr sr; initSR(sr); std::set downServers; @@ -469,37 +478,36 @@ BOOST_AUTO_TEST_CASE(test_os_limit_errors) { primeHints(); sr->setAsyncCallback([&downServers](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - - if (isRootServer(ip)) { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800); - addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - addRecordToLW(res, "a.gtld-servers.net.", QType::AAAA, "2001:DB8::1", DNSResourceRecord::ADDITIONAL, 3600); - return 1; - } - else if (ip == ComboAddress("192.0.2.1:53") || ip == ComboAddress("[2001:DB8::1]:53")) { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, "powerdns.com.", QType::NS, "pdns-public-ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800); - addRecordToLW(res, "powerdns.com.", QType::NS, "pdns-public-ns2.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800); - addRecordToLW(res, "pdns-public-ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 172800); - addRecordToLW(res, "pdns-public-ns1.powerdns.com.", QType::AAAA, "2001:DB8::2", DNSResourceRecord::ADDITIONAL, 172800); - addRecordToLW(res, "pdns-public-ns2.powerdns.com.", QType::A, "192.0.2.3", DNSResourceRecord::ADDITIONAL, 172800); - addRecordToLW(res, "pdns-public-ns2.powerdns.com.", QType::AAAA, "2001:DB8::3", DNSResourceRecord::ADDITIONAL, 172800); - return 1; + if (isRootServer(ip)) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800); + addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); + addRecordToLW(res, "a.gtld-servers.net.", QType::AAAA, "2001:DB8::1", DNSResourceRecord::ADDITIONAL, 3600); + return 1; + } + else if (ip == ComboAddress("192.0.2.1:53") || ip == ComboAddress("[2001:DB8::1]:53")) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, "powerdns.com.", QType::NS, "pdns-public-ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800); + addRecordToLW(res, "powerdns.com.", QType::NS, "pdns-public-ns2.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800); + addRecordToLW(res, "pdns-public-ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 172800); + addRecordToLW(res, "pdns-public-ns1.powerdns.com.", QType::AAAA, "2001:DB8::2", DNSResourceRecord::ADDITIONAL, 172800); + addRecordToLW(res, "pdns-public-ns2.powerdns.com.", QType::A, "192.0.2.3", DNSResourceRecord::ADDITIONAL, 172800); + addRecordToLW(res, "pdns-public-ns2.powerdns.com.", QType::AAAA, "2001:DB8::3", DNSResourceRecord::ADDITIONAL, 172800); + return 1; + } + else { + if (downServers.size() < 3) { + /* only the last one will answer */ + downServers.insert(ip); + return -2; } else { - if (downServers.size() < 3) { - /* only the last one will answer */ - downServers.insert(ip); - return -2; - } - else { - setLWResult(res, 0, true, false, true); - addRecordToLW(res, "powerdns.com.", QType::A, "192.0.2.42"); - return 1; - } + setLWResult(res, 0, true, false, true); + addRecordToLW(res, "powerdns.com.", QType::A, "192.0.2.42"); + return 1; } - }); + } + }); DNSName target("powerdns.com."); @@ -517,7 +525,8 @@ BOOST_AUTO_TEST_CASE(test_os_limit_errors) { } } -BOOST_AUTO_TEST_CASE(test_glued_referral) { +BOOST_AUTO_TEST_CASE(test_glued_referral) +{ std::unique_ptr sr; initSR(sr); @@ -526,37 +535,37 @@ BOOST_AUTO_TEST_CASE(test_glued_referral) { const DNSName target("powerdns.com."); sr->setAsyncCallback([target](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - /* this will cause issue with qname minimization if we ever implement it */ - if (domain != target) { - return 0; - } + /* this will cause issue with qname minimization if we ever implement it */ + if (domain != target) { + return 0; + } - if (isRootServer(ip)) { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800); - addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - addRecordToLW(res, "a.gtld-servers.net.", QType::AAAA, "2001:DB8::1", DNSResourceRecord::ADDITIONAL, 3600); - return 1; - } - else if (ip == ComboAddress("192.0.2.1:53") || ip == ComboAddress("[2001:DB8::1]:53")) { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, "powerdns.com.", QType::NS, "pdns-public-ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800); - addRecordToLW(res, "powerdns.com.", QType::NS, "pdns-public-ns2.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800); - addRecordToLW(res, "pdns-public-ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 172800); - addRecordToLW(res, "pdns-public-ns1.powerdns.com.", QType::AAAA, "2001:DB8::2", DNSResourceRecord::ADDITIONAL, 172800); - addRecordToLW(res, "pdns-public-ns2.powerdns.com.", QType::A, "192.0.2.3", DNSResourceRecord::ADDITIONAL, 172800); - addRecordToLW(res, "pdns-public-ns2.powerdns.com.", QType::AAAA, "2001:DB8::3", DNSResourceRecord::ADDITIONAL, 172800); - return 1; - } - else if (ip == ComboAddress("192.0.2.2:53") || ip == ComboAddress("192.0.2.3:53") || ip == ComboAddress("[2001:DB8::2]:53") || ip == ComboAddress("[2001:DB8::3]:53")) { - setLWResult(res, 0, true, false, true); - addRecordToLW(res, target, QType::A, "192.0.2.4"); - return 1; - } - else { - return 0; - } - }); + if (isRootServer(ip)) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800); + addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); + addRecordToLW(res, "a.gtld-servers.net.", QType::AAAA, "2001:DB8::1", DNSResourceRecord::ADDITIONAL, 3600); + return 1; + } + else if (ip == ComboAddress("192.0.2.1:53") || ip == ComboAddress("[2001:DB8::1]:53")) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, "powerdns.com.", QType::NS, "pdns-public-ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800); + addRecordToLW(res, "powerdns.com.", QType::NS, "pdns-public-ns2.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800); + addRecordToLW(res, "pdns-public-ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 172800); + addRecordToLW(res, "pdns-public-ns1.powerdns.com.", QType::AAAA, "2001:DB8::2", DNSResourceRecord::ADDITIONAL, 172800); + addRecordToLW(res, "pdns-public-ns2.powerdns.com.", QType::A, "192.0.2.3", DNSResourceRecord::ADDITIONAL, 172800); + addRecordToLW(res, "pdns-public-ns2.powerdns.com.", QType::AAAA, "2001:DB8::3", DNSResourceRecord::ADDITIONAL, 172800); + return 1; + } + else if (ip == ComboAddress("192.0.2.2:53") || ip == ComboAddress("192.0.2.3:53") || ip == ComboAddress("[2001:DB8::2]:53") || ip == ComboAddress("[2001:DB8::3]:53")) { + setLWResult(res, 0, true, false, true); + addRecordToLW(res, target, QType::A, "192.0.2.4"); + return 1; + } + else { + return 0; + } + }); vector ret; int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret); @@ -566,7 +575,8 @@ BOOST_AUTO_TEST_CASE(test_glued_referral) { BOOST_CHECK_EQUAL(ret[0].d_name, target); } -BOOST_AUTO_TEST_CASE(test_glueless_referral) { +BOOST_AUTO_TEST_CASE(test_glueless_referral) +{ std::unique_ptr sr; initSR(sr); @@ -575,56 +585,56 @@ BOOST_AUTO_TEST_CASE(test_glueless_referral) { const DNSName target("powerdns.com."); sr->setAsyncCallback([target](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + if (isRootServer(ip)) { + setLWResult(res, 0, false, false, true); - if (isRootServer(ip)) { - setLWResult(res, 0, false, false, true); - - if (domain.isPartOf(DNSName("com."))) { - addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800); - } else if (domain.isPartOf(DNSName("org."))) { - addRecordToLW(res, "org.", QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800); - } - else { - setLWResult(res, RCode::NXDomain, false, false, true); - return 1; - } - - addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - addRecordToLW(res, "a.gtld-servers.net.", QType::AAAA, "2001:DB8::1", DNSResourceRecord::ADDITIONAL, 3600); + if (domain.isPartOf(DNSName("com."))) { + addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800); + } + else if (domain.isPartOf(DNSName("org."))) { + addRecordToLW(res, "org.", QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800); + } + else { + setLWResult(res, RCode::NXDomain, false, false, true); return 1; } - else if (ip == ComboAddress("192.0.2.1:53") || ip == ComboAddress("[2001:DB8::1]:53")) { - if (domain == target) { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, "powerdns.com.", QType::NS, "pdns-public-ns1.powerdns.org.", DNSResourceRecord::AUTHORITY, 172800); - addRecordToLW(res, "powerdns.com.", QType::NS, "pdns-public-ns2.powerdns.org.", DNSResourceRecord::AUTHORITY, 172800); - return 1; - } - else if (domain == DNSName("pdns-public-ns1.powerdns.org.")) { - setLWResult(res, 0, true, false, true); - addRecordToLW(res, "pdns-public-ns1.powerdns.org.", QType::A, "192.0.2.2"); - addRecordToLW(res, "pdns-public-ns1.powerdns.org.", QType::AAAA, "2001:DB8::2"); - return 1; - } - else if (domain == DNSName("pdns-public-ns2.powerdns.org.")) { - setLWResult(res, 0, true, false, true); - addRecordToLW(res, "pdns-public-ns2.powerdns.org.", QType::A, "192.0.2.3"); - addRecordToLW(res, "pdns-public-ns2.powerdns.org.", QType::AAAA, "2001:DB8::3"); - return 1; - } - setLWResult(res, RCode::NXDomain, false, false, true); + addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); + addRecordToLW(res, "a.gtld-servers.net.", QType::AAAA, "2001:DB8::1", DNSResourceRecord::ADDITIONAL, 3600); + return 1; + } + else if (ip == ComboAddress("192.0.2.1:53") || ip == ComboAddress("[2001:DB8::1]:53")) { + if (domain == target) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, "powerdns.com.", QType::NS, "pdns-public-ns1.powerdns.org.", DNSResourceRecord::AUTHORITY, 172800); + addRecordToLW(res, "powerdns.com.", QType::NS, "pdns-public-ns2.powerdns.org.", DNSResourceRecord::AUTHORITY, 172800); return 1; } - else if (ip == ComboAddress("192.0.2.2:53") || ip == ComboAddress("192.0.2.3:53") || ip == ComboAddress("[2001:DB8::2]:53") || ip == ComboAddress("[2001:DB8::3]:53")) { + else if (domain == DNSName("pdns-public-ns1.powerdns.org.")) { setLWResult(res, 0, true, false, true); - addRecordToLW(res, target, QType::A, "192.0.2.4"); + addRecordToLW(res, "pdns-public-ns1.powerdns.org.", QType::A, "192.0.2.2"); + addRecordToLW(res, "pdns-public-ns1.powerdns.org.", QType::AAAA, "2001:DB8::2"); return 1; } - else { - return 0; + else if (domain == DNSName("pdns-public-ns2.powerdns.org.")) { + setLWResult(res, 0, true, false, true); + addRecordToLW(res, "pdns-public-ns2.powerdns.org.", QType::A, "192.0.2.3"); + addRecordToLW(res, "pdns-public-ns2.powerdns.org.", QType::AAAA, "2001:DB8::3"); + return 1; } - }); + + setLWResult(res, RCode::NXDomain, false, false, true); + return 1; + } + else if (ip == ComboAddress("192.0.2.2:53") || ip == ComboAddress("192.0.2.3:53") || ip == ComboAddress("[2001:DB8::2]:53") || ip == ComboAddress("[2001:DB8::3]:53")) { + setLWResult(res, 0, true, false, true); + addRecordToLW(res, target, QType::A, "192.0.2.4"); + return 1; + } + else { + return 0; + } + }); vector ret; int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret); @@ -634,7 +644,8 @@ BOOST_AUTO_TEST_CASE(test_glueless_referral) { BOOST_CHECK_EQUAL(ret[0].d_name, target); } -BOOST_AUTO_TEST_CASE(test_edns_subnet_by_domain) { +BOOST_AUTO_TEST_CASE(test_edns_subnet_by_domain) +{ std::unique_ptr sr; initSR(sr); @@ -648,32 +659,32 @@ BOOST_AUTO_TEST_CASE(test_edns_subnet_by_domain) { sr->setQuerySource(ComboAddress(), boost::optional(incomingECS)); sr->setAsyncCallback([target](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + BOOST_REQUIRE(srcmask); + BOOST_CHECK_EQUAL(srcmask->toString(), "192.0.2.0/24"); - BOOST_REQUIRE(srcmask); - BOOST_CHECK_EQUAL(srcmask->toString(), "192.0.2.0/24"); - - if (isRootServer(ip)) { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, domain, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800); - addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); + if (isRootServer(ip)) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, domain, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800); + addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - /* this one did not use the ECS info */ - srcmask = boost::none; + /* this one did not use the ECS info */ + srcmask = boost::none; - return 1; - } else if (ip == ComboAddress("192.0.2.1:53")) { + return 1; + } + else if (ip == ComboAddress("192.0.2.1:53")) { - setLWResult(res, 0, true, false, false); - addRecordToLW(res, domain, QType::A, "192.0.2.2"); + setLWResult(res, 0, true, false, false); + addRecordToLW(res, domain, QType::A, "192.0.2.2"); - /* this one did, but only up to a precision of /16, not the full /24 */ - srcmask = Netmask("192.0.0.0/16"); + /* this one did, but only up to a precision of /16, not the full /24 */ + srcmask = Netmask("192.0.0.0/16"); - return 1; - } + return 1; + } - return 0; - }); + return 0; + }); SyncRes::s_ecsqueries = 0; SyncRes::s_ecsresponses = 0; @@ -693,7 +704,8 @@ BOOST_AUTO_TEST_CASE(test_edns_subnet_by_domain) { } } -BOOST_AUTO_TEST_CASE(test_edns_subnet_by_addr) { +BOOST_AUTO_TEST_CASE(test_edns_subnet_by_addr) +{ std::unique_ptr sr; initSR(sr); @@ -707,26 +719,26 @@ BOOST_AUTO_TEST_CASE(test_edns_subnet_by_addr) { sr->setQuerySource(ComboAddress(), boost::optional(incomingECS)); sr->setAsyncCallback([target](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + if (isRootServer(ip)) { + BOOST_REQUIRE(!srcmask); - if (isRootServer(ip)) { - BOOST_REQUIRE(!srcmask); - - setLWResult(res, 0, false, false, true); - addRecordToLW(res, domain, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800); - addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - return 1; - } else if (ip == ComboAddress("192.0.2.1:53")) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, domain, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800); + addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); + return 1; + } + else if (ip == ComboAddress("192.0.2.1:53")) { - BOOST_REQUIRE(srcmask); - BOOST_CHECK_EQUAL(srcmask->toString(), "2001:db8::/56"); + BOOST_REQUIRE(srcmask); + BOOST_CHECK_EQUAL(srcmask->toString(), "2001:db8::/56"); - setLWResult(res, 0, true, false, false); - addRecordToLW(res, domain, QType::A, "192.0.2.2"); - return 1; - } + setLWResult(res, 0, true, false, false); + addRecordToLW(res, domain, QType::A, "192.0.2.2"); + return 1; + } - return 0; - }); + return 0; + }); SyncRes::s_ecsqueries = 0; SyncRes::s_ecsresponses = 0; @@ -746,7 +758,8 @@ BOOST_AUTO_TEST_CASE(test_edns_subnet_by_addr) { } } -BOOST_AUTO_TEST_CASE(test_ecs_use_requestor) { +BOOST_AUTO_TEST_CASE(test_ecs_use_requestor) +{ std::unique_ptr sr; initSR(sr); @@ -758,26 +771,26 @@ BOOST_AUTO_TEST_CASE(test_ecs_use_requestor) { sr->setQuerySource(ComboAddress("192.0.2.127"), boost::none); sr->setAsyncCallback([target](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + if (isRootServer(ip)) { + BOOST_REQUIRE(!srcmask); - if (isRootServer(ip)) { - BOOST_REQUIRE(!srcmask); - - setLWResult(res, 0, false, false, true); - addRecordToLW(res, domain, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800); - addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - return 1; - } else if (ip == ComboAddress("192.0.2.1:53")) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, domain, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800); + addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); + return 1; + } + else if (ip == ComboAddress("192.0.2.1:53")) { - BOOST_REQUIRE(srcmask); - BOOST_CHECK_EQUAL(srcmask->toString(), "192.0.2.0/24"); + BOOST_REQUIRE(srcmask); + BOOST_CHECK_EQUAL(srcmask->toString(), "192.0.2.0/24"); - setLWResult(res, 0, true, false, false); - addRecordToLW(res, domain, QType::A, "192.0.2.2"); - return 1; - } + setLWResult(res, 0, true, false, false); + addRecordToLW(res, domain, QType::A, "192.0.2.2"); + return 1; + } - return 0; - }); + return 0; + }); vector ret; int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret); @@ -787,7 +800,8 @@ BOOST_AUTO_TEST_CASE(test_ecs_use_requestor) { BOOST_CHECK_EQUAL(ret[0].d_name, target); } -BOOST_AUTO_TEST_CASE(test_ecs_use_scope_zero) { +BOOST_AUTO_TEST_CASE(test_ecs_use_scope_zero) +{ std::unique_ptr sr; initSR(sr); @@ -801,26 +815,26 @@ BOOST_AUTO_TEST_CASE(test_ecs_use_scope_zero) { sr->setQuerySource(ComboAddress("192.0.2.127"), boost::none); sr->setAsyncCallback([target](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + if (isRootServer(ip)) { + BOOST_REQUIRE(!srcmask); - if (isRootServer(ip)) { - BOOST_REQUIRE(!srcmask); - - setLWResult(res, 0, false, false, true); - addRecordToLW(res, domain, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800); - addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - return 1; - } else if (ip == ComboAddress("192.0.2.1:53")) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, domain, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800); + addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); + return 1; + } + else if (ip == ComboAddress("192.0.2.1:53")) { - BOOST_REQUIRE(srcmask); - BOOST_CHECK_EQUAL(srcmask->toString(), "127.0.0.1/32"); + BOOST_REQUIRE(srcmask); + BOOST_CHECK_EQUAL(srcmask->toString(), "127.0.0.1/32"); - setLWResult(res, 0, true, false, false); - addRecordToLW(res, domain, QType::A, "192.0.2.2"); - return 1; - } + setLWResult(res, 0, true, false, false); + addRecordToLW(res, domain, QType::A, "192.0.2.2"); + return 1; + } - return 0; - }); + return 0; + }); vector ret; int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret); @@ -830,7 +844,8 @@ BOOST_AUTO_TEST_CASE(test_ecs_use_scope_zero) { BOOST_CHECK_EQUAL(ret[0].d_name, target); } -BOOST_AUTO_TEST_CASE(test_ecs_honor_incoming_mask) { +BOOST_AUTO_TEST_CASE(test_ecs_honor_incoming_mask) +{ std::unique_ptr sr; initSR(sr); @@ -845,26 +860,26 @@ BOOST_AUTO_TEST_CASE(test_ecs_honor_incoming_mask) { sr->setQuerySource(ComboAddress("192.0.2.127"), boost::optional(incomingECS)); sr->setAsyncCallback([target](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + if (isRootServer(ip)) { + BOOST_REQUIRE(!srcmask); - if (isRootServer(ip)) { - BOOST_REQUIRE(!srcmask); - - setLWResult(res, 0, false, false, true); - addRecordToLW(res, domain, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800); - addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - return 1; - } else if (ip == ComboAddress("192.0.2.1:53")) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, domain, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800); + addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); + return 1; + } + else if (ip == ComboAddress("192.0.2.1:53")) { - BOOST_REQUIRE(srcmask); - BOOST_CHECK_EQUAL(srcmask->toString(), "192.0.0.0/16"); + BOOST_REQUIRE(srcmask); + BOOST_CHECK_EQUAL(srcmask->toString(), "192.0.0.0/16"); - setLWResult(res, 0, true, false, false); - addRecordToLW(res, domain, QType::A, "192.0.2.2"); - return 1; - } + setLWResult(res, 0, true, false, false); + addRecordToLW(res, domain, QType::A, "192.0.2.2"); + return 1; + } - return 0; - }); + return 0; + }); vector ret; int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret); @@ -874,7 +889,8 @@ BOOST_AUTO_TEST_CASE(test_ecs_honor_incoming_mask) { BOOST_CHECK_EQUAL(ret[0].d_name, target); } -BOOST_AUTO_TEST_CASE(test_ecs_honor_incoming_mask_zero) { +BOOST_AUTO_TEST_CASE(test_ecs_honor_incoming_mask_zero) +{ std::unique_ptr sr; initSR(sr); @@ -889,26 +905,26 @@ BOOST_AUTO_TEST_CASE(test_ecs_honor_incoming_mask_zero) { sr->setQuerySource(ComboAddress("192.0.2.127"), boost::optional(incomingECS)); sr->setAsyncCallback([target](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + if (isRootServer(ip)) { + BOOST_REQUIRE(!srcmask); - if (isRootServer(ip)) { - BOOST_REQUIRE(!srcmask); - - setLWResult(res, 0, false, false, true); - addRecordToLW(res, domain, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800); - addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - return 1; - } else if (ip == ComboAddress("192.0.2.1:53")) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, domain, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800); + addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); + return 1; + } + else if (ip == ComboAddress("192.0.2.1:53")) { - BOOST_REQUIRE(srcmask); - BOOST_CHECK_EQUAL(srcmask->toString(), "127.0.0.1/32"); + BOOST_REQUIRE(srcmask); + BOOST_CHECK_EQUAL(srcmask->toString(), "127.0.0.1/32"); - setLWResult(res, 0, true, false, false); - addRecordToLW(res, domain, QType::A, "192.0.2.2"); - return 1; - } + setLWResult(res, 0, true, false, false); + addRecordToLW(res, domain, QType::A, "192.0.2.2"); + return 1; + } - return 0; - }); + return 0; + }); vector ret; int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret); @@ -918,7 +934,8 @@ BOOST_AUTO_TEST_CASE(test_ecs_honor_incoming_mask_zero) { BOOST_CHECK_EQUAL(ret[0].d_name, target); } -BOOST_AUTO_TEST_CASE(test_following_cname) { +BOOST_AUTO_TEST_CASE(test_following_cname) +{ std::unique_ptr sr; initSR(sr); @@ -928,29 +945,29 @@ BOOST_AUTO_TEST_CASE(test_following_cname) { const DNSName cnameTarget("cname-target.powerdns.com"); sr->setAsyncCallback([target, cnameTarget](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + if (isRootServer(ip)) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, domain, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800); + addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); + return 1; + } + else if (ip == ComboAddress("192.0.2.1:53")) { - if (isRootServer(ip)) { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, domain, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800); - addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - return 1; - } else if (ip == ComboAddress("192.0.2.1:53")) { - - if (domain == target) { - setLWResult(res, 0, true, false, false); - addRecordToLW(res, domain, QType::CNAME, cnameTarget.toString()); - return 1; - } - else if (domain == cnameTarget) { - setLWResult(res, 0, true, false, false); - addRecordToLW(res, domain, QType::A, "192.0.2.2"); - } - + if (domain == target) { + setLWResult(res, 0, true, false, false); + addRecordToLW(res, domain, QType::CNAME, cnameTarget.toString()); return 1; } + else if (domain == cnameTarget) { + setLWResult(res, 0, true, false, false); + addRecordToLW(res, domain, QType::A, "192.0.2.2"); + } - return 0; - }); + return 1; + } + + return 0; + }); vector ret; int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret); @@ -962,7 +979,8 @@ BOOST_AUTO_TEST_CASE(test_following_cname) { BOOST_CHECK_EQUAL(ret[1].d_name, cnameTarget); } -BOOST_AUTO_TEST_CASE(test_cname_nxdomain) { +BOOST_AUTO_TEST_CASE(test_cname_nxdomain) +{ std::unique_ptr sr; initSR(sr); @@ -972,29 +990,30 @@ BOOST_AUTO_TEST_CASE(test_cname_nxdomain) { const DNSName cnameTarget("cname-target.powerdns.com"); sr->setAsyncCallback([target, cnameTarget](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + if (isRootServer(ip)) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, "powerdns.com.", QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800); + addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); + return 1; + } + else if (ip == ComboAddress("192.0.2.1:53")) { - if (isRootServer(ip)) { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, "powerdns.com.", QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800); - addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - return 1; - } else if (ip == ComboAddress("192.0.2.1:53")) { - - if (domain == target) { - setLWResult(res, RCode::NXDomain, true, false, false); - addRecordToLW(res, domain, QType::CNAME, cnameTarget.toString()); - addRecordToLW(res, "powerdns.com.", QType::SOA, "a.powerdns.com. nstld.verisign-grs.com. 2017032800 1800 900 604800 86400", DNSResourceRecord::AUTHORITY, 86400); - } else if (domain == cnameTarget) { - setLWResult(res, RCode::NXDomain, true, false, false); - addRecordToLW(res, "powerdns.com.", QType::SOA, "a.powerdns.com. nstld.verisign-grs.com. 2017032800 1800 900 604800 86400", DNSResourceRecord::AUTHORITY, 86400); - return 1; - } - + if (domain == target) { + setLWResult(res, RCode::NXDomain, true, false, false); + addRecordToLW(res, domain, QType::CNAME, cnameTarget.toString()); + addRecordToLW(res, "powerdns.com.", QType::SOA, "a.powerdns.com. nstld.verisign-grs.com. 2017032800 1800 900 604800 86400", DNSResourceRecord::AUTHORITY, 86400); + } + else if (domain == cnameTarget) { + setLWResult(res, RCode::NXDomain, true, false, false); + addRecordToLW(res, "powerdns.com.", QType::SOA, "a.powerdns.com. nstld.verisign-grs.com. 2017032800 1800 900 604800 86400", DNSResourceRecord::AUTHORITY, 86400); return 1; } - return 0; - }); + return 1; + } + + return 0; + }); vector ret; int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret); @@ -1014,7 +1033,8 @@ BOOST_AUTO_TEST_CASE(test_cname_nxdomain) { BOOST_CHECK(ret[1].d_type == QType::SOA); } -BOOST_AUTO_TEST_CASE(test_included_poisonous_cname) { +BOOST_AUTO_TEST_CASE(test_included_poisonous_cname) +{ std::unique_ptr sr; initSR(sr); @@ -1028,32 +1048,33 @@ BOOST_AUTO_TEST_CASE(test_included_poisonous_cname) { const DNSName cnameTarget("cname-target.powerdns.com"); sr->setAsyncCallback([target, cnameTarget](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + if (isRootServer(ip)) { - if (isRootServer(ip)) { + setLWResult(res, 0, false, false, true); - setLWResult(res, 0, false, false, true); + addRecordToLW(res, domain, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800); + addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); + return 1; + } + else if (ip == ComboAddress("192.0.2.1:53")) { - addRecordToLW(res, domain, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800); - addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); + if (domain == target) { + setLWResult(res, 0, true, false, false); + addRecordToLW(res, domain, QType::CNAME, cnameTarget.toString()); + addRecordToLW(res, cnameTarget, QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL); return 1; - } else if (ip == ComboAddress("192.0.2.1:53")) { - - if (domain == target) { - setLWResult(res, 0, true, false, false); - addRecordToLW(res, domain, QType::CNAME, cnameTarget.toString()); - addRecordToLW(res, cnameTarget, QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL); - return 1; - } else if (domain == cnameTarget) { - setLWResult(res, 0, true, false, false); - addRecordToLW(res, cnameTarget, QType::A, "192.0.2.3"); - return 1; - } - + } + else if (domain == cnameTarget) { + setLWResult(res, 0, true, false, false); + addRecordToLW(res, cnameTarget, QType::A, "192.0.2.3"); return 1; } - return 0; - }); + return 1; + } + + return 0; + }); vector ret; int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret); @@ -1067,7 +1088,8 @@ BOOST_AUTO_TEST_CASE(test_included_poisonous_cname) { BOOST_CHECK(getRR(ret[1])->getCA() == ComboAddress("192.0.2.3")); } -BOOST_AUTO_TEST_CASE(test_cname_loop) { +BOOST_AUTO_TEST_CASE(test_cname_loop) +{ std::unique_ptr sr; initSR(sr); @@ -1076,29 +1098,29 @@ BOOST_AUTO_TEST_CASE(test_cname_loop) { size_t count = 0; const DNSName target("cname.powerdns.com."); - sr->setAsyncCallback([target,&count](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - - count++; + sr->setAsyncCallback([target, &count](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + count++; - if (isRootServer(ip)) { - - setLWResult(res, 0, false, false, true); - addRecordToLW(res, domain, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800); - addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - return 1; - } else if (ip == ComboAddress("192.0.2.1:53")) { + if (isRootServer(ip)) { - if (domain == target) { - setLWResult(res, 0, true, false, false); - addRecordToLW(res, domain, QType::CNAME, domain.toString()); - return 1; - } + setLWResult(res, 0, false, false, true); + addRecordToLW(res, domain, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800); + addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); + return 1; + } + else if (ip == ComboAddress("192.0.2.1:53")) { + if (domain == target) { + setLWResult(res, 0, true, false, false); + addRecordToLW(res, domain, QType::CNAME, domain.toString()); return 1; } - return 0; - }); + return 1; + } + + return 0; + }); vector ret; int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret); @@ -1107,7 +1129,8 @@ BOOST_AUTO_TEST_CASE(test_cname_loop) { BOOST_CHECK_EQUAL(count, 2U); } -BOOST_AUTO_TEST_CASE(test_cname_depth) { +BOOST_AUTO_TEST_CASE(test_cname_depth) +{ std::unique_ptr sr; initSR(sr); @@ -1116,24 +1139,24 @@ BOOST_AUTO_TEST_CASE(test_cname_depth) { size_t depth = 0; const DNSName target("cname.powerdns.com."); - sr->setAsyncCallback([target,&depth](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - - if (isRootServer(ip)) { + sr->setAsyncCallback([target, &depth](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + if (isRootServer(ip)) { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, domain, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800); - addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - return 1; - } else if (ip == ComboAddress("192.0.2.1:53")) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, domain, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800); + addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); + return 1; + } + else if (ip == ComboAddress("192.0.2.1:53")) { - setLWResult(res, 0, true, false, false); - addRecordToLW(res, domain, QType::CNAME, std::to_string(depth) + "-cname.powerdns.com"); - depth++; - return 1; - } + setLWResult(res, 0, true, false, false); + addRecordToLW(res, domain, QType::CNAME, std::to_string(depth) + "-cname.powerdns.com"); + depth++; + return 1; + } - return 0; - }); + return 0; + }); vector ret; int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret); @@ -1143,7 +1166,8 @@ BOOST_AUTO_TEST_CASE(test_cname_depth) { BOOST_CHECK_EQUAL(depth, 10U + 2U); } -BOOST_AUTO_TEST_CASE(test_time_limit) { +BOOST_AUTO_TEST_CASE(test_time_limit) +{ std::unique_ptr sr; initSR(sr); @@ -1152,27 +1176,27 @@ BOOST_AUTO_TEST_CASE(test_time_limit) { size_t queries = 0; const DNSName target("cname.powerdns.com."); - sr->setAsyncCallback([target,&queries](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - - queries++; + sr->setAsyncCallback([target, &queries](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queries++; - if (isRootServer(ip)) { - setLWResult(res, 0, false, false, true); - /* Pretend that this query took 2000 ms */ - res->d_usec = 2000; + if (isRootServer(ip)) { + setLWResult(res, 0, false, false, true); + /* Pretend that this query took 2000 ms */ + res->d_usec = 2000; - addRecordToLW(res, domain, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800); - addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - return 1; - } else if (ip == ComboAddress("192.0.2.1:53")) { + addRecordToLW(res, domain, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800); + addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); + return 1; + } + else if (ip == ComboAddress("192.0.2.1:53")) { - setLWResult(res, 0, true, false, false); - addRecordToLW(res, domain, QType::A, "192.0.2.2"); - return 1; - } + setLWResult(res, 0, true, false, false); + addRecordToLW(res, domain, QType::A, "192.0.2.2"); + return 1; + } - return 0; - }); + return 0; + }); /* Set the maximum time to 1 ms */ SyncRes::s_maxtotusec = 1000; @@ -1182,12 +1206,13 @@ BOOST_AUTO_TEST_CASE(test_time_limit) { sr->beginResolve(target, QType(QType::A), QClass::IN, ret); BOOST_CHECK(false); } - catch(const ImmediateServFailException& e) { + catch (const ImmediateServFailException& e) { } BOOST_CHECK_EQUAL(queries, 1U); } -BOOST_AUTO_TEST_CASE(test_dname_processing) { +BOOST_AUTO_TEST_CASE(test_dname_processing) +{ std::unique_ptr sr; initSR(sr); @@ -1208,41 +1233,43 @@ BOOST_AUTO_TEST_CASE(test_dname_processing) { size_t queries = 0; sr->setAsyncCallback([dnameOwner, dnameTarget, target, cnameTarget, uncachedTarget, uncachedCNAMETarget, &queries](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - queries++; - - if (isRootServer(ip)) { - if (domain.isPartOf(dnameOwner)) { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, dnameOwner, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800); - addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - return 1; - } - if (domain.isPartOf(dnameTarget)) { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, dnameTarget, QType::NS, "b.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800); - addRecordToLW(res, "b.gtld-servers.net.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); - return 1; - } - } else if (ip == ComboAddress("192.0.2.1:53")) { - if (domain == target) { - setLWResult(res, 0, true, false, false); - addRecordToLW(res, dnameOwner, QType::DNAME, dnameTarget.toString()); - addRecordToLW(res, domain, QType::CNAME, cnameTarget.toString()); - return 1; - } - } else if (ip == ComboAddress("192.0.2.2:53")) { - if (domain == cnameTarget) { - setLWResult(res, 0, true, false, false); - addRecordToLW(res, domain, QType::A, "192.0.2.2"); - } - if (domain == uncachedCNAMETarget) { - setLWResult(res, 0, true, false, false); - addRecordToLW(res, domain, QType::A, "192.0.2.3"); - } + queries++; + + if (isRootServer(ip)) { + if (domain.isPartOf(dnameOwner)) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, dnameOwner, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800); + addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); return 1; } - return 0; - }); + if (domain.isPartOf(dnameTarget)) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, dnameTarget, QType::NS, "b.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800); + addRecordToLW(res, "b.gtld-servers.net.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); + return 1; + } + } + else if (ip == ComboAddress("192.0.2.1:53")) { + if (domain == target) { + setLWResult(res, 0, true, false, false); + addRecordToLW(res, dnameOwner, QType::DNAME, dnameTarget.toString()); + addRecordToLW(res, domain, QType::CNAME, cnameTarget.toString()); + return 1; + } + } + else if (ip == ComboAddress("192.0.2.2:53")) { + if (domain == cnameTarget) { + setLWResult(res, 0, true, false, false); + addRecordToLW(res, domain, QType::A, "192.0.2.2"); + } + if (domain == uncachedCNAMETarget) { + setLWResult(res, 0, true, false, false); + addRecordToLW(res, domain, QType::A, "192.0.2.3"); + } + return 1; + } + return 0; + }); vector ret; int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret); @@ -1324,7 +1351,8 @@ BOOST_AUTO_TEST_CASE(test_dname_processing) { BOOST_CHECK_EQUAL(getRR(ret[1])->getTarget(), synthCNAMETarget); } -BOOST_AUTO_TEST_CASE(test_dname_dnssec_secure) { +BOOST_AUTO_TEST_CASE(test_dname_dnssec_secure) +{ std::unique_ptr sr; initSR(sr, true); setDNSSECValidation(sr, DNSSECMode::ValidateAll); @@ -1349,77 +1377,79 @@ BOOST_AUTO_TEST_CASE(test_dname_dnssec_secure) { size_t queries = 0; sr->setAsyncCallback([dnameOwner, dnameTarget, target, cnameTarget, keys, &queries](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - queries++; - /* We don't use the genericDSAndDNSKEYHandler here, as it would deny names existing at the wrong level of the tree, due to the way computeZoneCuts works + queries++; + /* We don't use the genericDSAndDNSKEYHandler here, as it would deny names existing at the wrong level of the tree, due to the way computeZoneCuts works * As such, we need to do some more work to make the answers correct. */ - if (isRootServer(ip)) { - if (domain.countLabels() == 0 && type == QType::DNSKEY) { // .|DNSKEY - setLWResult(res, 0, true, false, true); - addDNSKEY(keys, domain, 300, res->d_records); - addRRSIG(keys, res->d_records, DNSName("."), 300); - return 1; - } - if (domain.countLabels() == 1 && type == QType::DS) { // powerdns|DS or example|DS - setLWResult(res, 0, true, false, true); - addDS(domain, 300, res->d_records, keys, DNSResourceRecord::ANSWER); - addRRSIG(keys, res->d_records, DNSName("."), 300); - return 1; - } - // For the rest, delegate! - if (domain.isPartOf(dnameOwner)) { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, dnameOwner, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800); - addDS(dnameOwner, 300, res->d_records, keys); - addRRSIG(keys, res->d_records, DNSName("."), 300); - addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - return 1; - } - if (domain.isPartOf(dnameTarget)) { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, dnameTarget, QType::NS, "b.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800); - addDS(dnameTarget, 300, res->d_records, keys); - addRRSIG(keys, res->d_records, DNSName("."), 300); - addRecordToLW(res, "b.gtld-servers.net.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); - return 1; - } - } else if (ip == ComboAddress("192.0.2.1:53")) { - if (domain.countLabels() == 1 && type == QType::DNSKEY) { // powerdns|DNSKEY - setLWResult(res, 0, true, false, true); - addDNSKEY(keys, domain, 300, res->d_records); - addRRSIG(keys, res->d_records, domain, 300); - return 1; - } - if (domain == target && type == QType::DS) { // dname.powerdns|DS - return genericDSAndDNSKEYHandler(res, domain, domain, type, keys, false); - } - if (domain == target) { - setLWResult(res, 0, true, false, false); - addRecordToLW(res, dnameOwner, QType::DNAME, dnameTarget.toString()); - addRRSIG(keys, res->d_records, dnameOwner, 300); - addRecordToLW(res, domain, QType::CNAME, cnameTarget.toString()); // CNAME from a DNAME is not signed - return 1; - } - } else if (ip == ComboAddress("192.0.2.2:53")) { - if (domain.countLabels() == 1 && type == QType::DNSKEY) { // example|DNSKEY - setLWResult(res, 0, true, false, true); - addDNSKEY(keys, domain, 300, res->d_records); - addRRSIG(keys, res->d_records, domain, 300); - return 1; - } - if (domain == cnameTarget && type == QType::DS) { // dname.example|DS - return genericDSAndDNSKEYHandler(res, domain, domain, type, keys, false); - } - if (domain == cnameTarget) { - setLWResult(res, 0, true, false, false); - addRecordToLW(res, domain, QType::A, "192.0.2.2"); - addRRSIG(keys, res->d_records, dnameTarget, 300); - } + if (isRootServer(ip)) { + if (domain.countLabels() == 0 && type == QType::DNSKEY) { // .|DNSKEY + setLWResult(res, 0, true, false, true); + addDNSKEY(keys, domain, 300, res->d_records); + addRRSIG(keys, res->d_records, DNSName("."), 300); return 1; } - return 0; - }); + if (domain.countLabels() == 1 && type == QType::DS) { // powerdns|DS or example|DS + setLWResult(res, 0, true, false, true); + addDS(domain, 300, res->d_records, keys, DNSResourceRecord::ANSWER); + addRRSIG(keys, res->d_records, DNSName("."), 300); + return 1; + } + // For the rest, delegate! + if (domain.isPartOf(dnameOwner)) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, dnameOwner, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800); + addDS(dnameOwner, 300, res->d_records, keys); + addRRSIG(keys, res->d_records, DNSName("."), 300); + addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); + return 1; + } + if (domain.isPartOf(dnameTarget)) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, dnameTarget, QType::NS, "b.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800); + addDS(dnameTarget, 300, res->d_records, keys); + addRRSIG(keys, res->d_records, DNSName("."), 300); + addRecordToLW(res, "b.gtld-servers.net.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); + return 1; + } + } + else if (ip == ComboAddress("192.0.2.1:53")) { + if (domain.countLabels() == 1 && type == QType::DNSKEY) { // powerdns|DNSKEY + setLWResult(res, 0, true, false, true); + addDNSKEY(keys, domain, 300, res->d_records); + addRRSIG(keys, res->d_records, domain, 300); + return 1; + } + if (domain == target && type == QType::DS) { // dname.powerdns|DS + return genericDSAndDNSKEYHandler(res, domain, domain, type, keys, false); + } + if (domain == target) { + setLWResult(res, 0, true, false, false); + addRecordToLW(res, dnameOwner, QType::DNAME, dnameTarget.toString()); + addRRSIG(keys, res->d_records, dnameOwner, 300); + addRecordToLW(res, domain, QType::CNAME, cnameTarget.toString()); // CNAME from a DNAME is not signed + return 1; + } + } + else if (ip == ComboAddress("192.0.2.2:53")) { + if (domain.countLabels() == 1 && type == QType::DNSKEY) { // example|DNSKEY + setLWResult(res, 0, true, false, true); + addDNSKEY(keys, domain, 300, res->d_records); + addRRSIG(keys, res->d_records, domain, 300); + return 1; + } + if (domain == cnameTarget && type == QType::DS) { // dname.example|DS + return genericDSAndDNSKEYHandler(res, domain, domain, type, keys, false); + } + if (domain == cnameTarget) { + setLWResult(res, 0, true, false, false); + addRecordToLW(res, domain, QType::A, "192.0.2.2"); + addRRSIG(keys, res->d_records, dnameTarget, 300); + } + return 1; + } + return 0; + }); vector ret; int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret); @@ -1471,10 +1501,10 @@ BOOST_AUTO_TEST_CASE(test_dname_dnssec_secure) { BOOST_CHECK(ret[4].d_type == QType::RRSIG); BOOST_CHECK_EQUAL(ret[4].d_name, cnameTarget); - } -BOOST_AUTO_TEST_CASE(test_dname_dnssec_insecure) { +BOOST_AUTO_TEST_CASE(test_dname_dnssec_insecure) +{ /* * The DNAME itself is signed, but the final A record is not */ @@ -1501,70 +1531,72 @@ BOOST_AUTO_TEST_CASE(test_dname_dnssec_insecure) { size_t queries = 0; sr->setAsyncCallback([dnameOwner, dnameTarget, target, cnameTarget, keys, &queries](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - queries++; - - if (isRootServer(ip)) { - if (domain.countLabels() == 0 && type == QType::DNSKEY) { // .|DNSKEY - setLWResult(res, 0, true, false, true); - addDNSKEY(keys, domain, 300, res->d_records); - addRRSIG(keys, res->d_records, DNSName("."), 300); - return 1; - } - if (domain == dnameOwner && type == QType::DS) { // powerdns|DS - setLWResult(res, 0, true, false, true); - addDS(domain, 300, res->d_records, keys, DNSResourceRecord::ANSWER); - addRRSIG(keys, res->d_records, DNSName("."), 300); - return 1; - } - if (domain == dnameTarget && type == QType::DS) { // example|DS - return genericDSAndDNSKEYHandler(res, domain, DNSName("."), type, keys); - } - // For the rest, delegate! - if (domain.isPartOf(dnameOwner)) { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, dnameOwner, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800); - addDS(dnameOwner, 300, res->d_records, keys); - addRRSIG(keys, res->d_records, DNSName("."), 300); - addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - return 1; - } - if (domain.isPartOf(dnameTarget)) { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, dnameTarget, QType::NS, "b.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800); - addDS(dnameTarget, 300, res->d_records, keys); - addRRSIG(keys, res->d_records, DNSName("."), 300); - addRecordToLW(res, "b.gtld-servers.net.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); - return 1; - } - } else if (ip == ComboAddress("192.0.2.1:53")) { - if (domain.countLabels() == 1 && type == QType::DNSKEY) { // powerdns|DNSKEY - setLWResult(res, 0, true, false, true); - addDNSKEY(keys, domain, 300, res->d_records); - addRRSIG(keys, res->d_records, domain, 300); - return 1; - } - if (domain == target && type == QType::DS) { // dname.powerdns|DS - return genericDSAndDNSKEYHandler(res, domain, dnameOwner, type, keys, false); - } - if (domain == target) { - setLWResult(res, 0, true, false, false); - addRecordToLW(res, dnameOwner, QType::DNAME, dnameTarget.toString()); - addRRSIG(keys, res->d_records, dnameOwner, 300); - addRecordToLW(res, domain, QType::CNAME, cnameTarget.toString()); // CNAME from a DNAME is not signed - return 1; - } - } else if (ip == ComboAddress("192.0.2.2:53")) { - if (domain == target && type == QType::DS) { // dname.example|DS - return genericDSAndDNSKEYHandler(res, domain, dnameTarget, type, keys, false); - } - if (domain == cnameTarget) { - setLWResult(res, 0, true, false, false); - addRecordToLW(res, domain, QType::A, "192.0.2.2"); - } + queries++; + + if (isRootServer(ip)) { + if (domain.countLabels() == 0 && type == QType::DNSKEY) { // .|DNSKEY + setLWResult(res, 0, true, false, true); + addDNSKEY(keys, domain, 300, res->d_records); + addRRSIG(keys, res->d_records, DNSName("."), 300); return 1; } - return 0; - }); + if (domain == dnameOwner && type == QType::DS) { // powerdns|DS + setLWResult(res, 0, true, false, true); + addDS(domain, 300, res->d_records, keys, DNSResourceRecord::ANSWER); + addRRSIG(keys, res->d_records, DNSName("."), 300); + return 1; + } + if (domain == dnameTarget && type == QType::DS) { // example|DS + return genericDSAndDNSKEYHandler(res, domain, DNSName("."), type, keys); + } + // For the rest, delegate! + if (domain.isPartOf(dnameOwner)) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, dnameOwner, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800); + addDS(dnameOwner, 300, res->d_records, keys); + addRRSIG(keys, res->d_records, DNSName("."), 300); + addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); + return 1; + } + if (domain.isPartOf(dnameTarget)) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, dnameTarget, QType::NS, "b.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800); + addDS(dnameTarget, 300, res->d_records, keys); + addRRSIG(keys, res->d_records, DNSName("."), 300); + addRecordToLW(res, "b.gtld-servers.net.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); + return 1; + } + } + else if (ip == ComboAddress("192.0.2.1:53")) { + if (domain.countLabels() == 1 && type == QType::DNSKEY) { // powerdns|DNSKEY + setLWResult(res, 0, true, false, true); + addDNSKEY(keys, domain, 300, res->d_records); + addRRSIG(keys, res->d_records, domain, 300); + return 1; + } + if (domain == target && type == QType::DS) { // dname.powerdns|DS + return genericDSAndDNSKEYHandler(res, domain, dnameOwner, type, keys, false); + } + if (domain == target) { + setLWResult(res, 0, true, false, false); + addRecordToLW(res, dnameOwner, QType::DNAME, dnameTarget.toString()); + addRRSIG(keys, res->d_records, dnameOwner, 300); + addRecordToLW(res, domain, QType::CNAME, cnameTarget.toString()); // CNAME from a DNAME is not signed + return 1; + } + } + else if (ip == ComboAddress("192.0.2.2:53")) { + if (domain == target && type == QType::DS) { // dname.example|DS + return genericDSAndDNSKEYHandler(res, domain, dnameTarget, type, keys, false); + } + if (domain == cnameTarget) { + setLWResult(res, 0, true, false, false); + addRecordToLW(res, domain, QType::A, "192.0.2.2"); + } + return 1; + } + return 0; + }); vector ret; int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret); @@ -1612,7 +1644,8 @@ BOOST_AUTO_TEST_CASE(test_dname_dnssec_insecure) { BOOST_CHECK_EQUAL(ret[3].d_name, cnameTarget); } -BOOST_AUTO_TEST_CASE(test_dname_processing_no_CNAME) { +BOOST_AUTO_TEST_CASE(test_dname_processing_no_CNAME) +{ std::unique_ptr sr; initSR(sr); @@ -1627,37 +1660,39 @@ BOOST_AUTO_TEST_CASE(test_dname_processing_no_CNAME) { size_t queries = 0; sr->setAsyncCallback([dnameOwner, dnameTarget, target, cnameTarget, &queries](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - queries++; - - if (isRootServer(ip)) { - if (domain.isPartOf(dnameOwner)) { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, dnameOwner, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800); - addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - return 1; - } - if (domain.isPartOf(dnameTarget)) { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, dnameTarget, QType::NS, "b.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800); - addRecordToLW(res, "b.gtld-servers.net.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); - return 1; - } - } else if (ip == ComboAddress("192.0.2.1:53")) { - if (domain == target) { - setLWResult(res, 0, true, false, false); - addRecordToLW(res, dnameOwner, QType::DNAME, dnameTarget.toString()); - // No CNAME, recursor should synth - return 1; - } - } else if (ip == ComboAddress("192.0.2.2:53")) { - if (domain == cnameTarget) { - setLWResult(res, 0, true, false, false); - addRecordToLW(res, domain, QType::A, "192.0.2.2"); - } + queries++; + + if (isRootServer(ip)) { + if (domain.isPartOf(dnameOwner)) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, dnameOwner, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800); + addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); return 1; } - return 0; - }); + if (domain.isPartOf(dnameTarget)) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, dnameTarget, QType::NS, "b.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800); + addRecordToLW(res, "b.gtld-servers.net.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); + return 1; + } + } + else if (ip == ComboAddress("192.0.2.1:53")) { + if (domain == target) { + setLWResult(res, 0, true, false, false); + addRecordToLW(res, dnameOwner, QType::DNAME, dnameTarget.toString()); + // No CNAME, recursor should synth + return 1; + } + } + else if (ip == ComboAddress("192.0.2.2:53")) { + if (domain == cnameTarget) { + setLWResult(res, 0, true, false, false); + addRecordToLW(res, domain, QType::A, "192.0.2.2"); + } + return 1; + } + return 0; + }); vector ret; int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret); diff --git a/pdns/recursordist/test-syncres_cc2.cc b/pdns/recursordist/test-syncres_cc2.cc index 4387ba68fa..198a4aec66 100644 --- a/pdns/recursordist/test-syncres_cc2.cc +++ b/pdns/recursordist/test-syncres_cc2.cc @@ -5,7 +5,8 @@ BOOST_AUTO_TEST_SUITE(syncres_cc2) -BOOST_AUTO_TEST_CASE(test_referral_depth) { +BOOST_AUTO_TEST_CASE(test_referral_depth) +{ std::unique_ptr sr; initSR(sr); @@ -14,43 +15,43 @@ BOOST_AUTO_TEST_CASE(test_referral_depth) { size_t queries = 0; const DNSName target("www.powerdns.com."); - sr->setAsyncCallback([target,&queries](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + sr->setAsyncCallback([target, &queries](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queries++; - queries++; + if (isRootServer(ip)) { + setLWResult(res, 0, false, false, true); - if (isRootServer(ip)) { - setLWResult(res, 0, false, false, true); - - if (domain == DNSName("www.powerdns.com.")) { - addRecordToLW(res, domain, QType::NS, "ns.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800); - } - else if (domain == DNSName("ns.powerdns.com.")) { - addRecordToLW(res, domain, QType::NS, "ns1.powerdns.org.", DNSResourceRecord::AUTHORITY, 172800); - } - else if (domain == DNSName("ns1.powerdns.org.")) { - addRecordToLW(res, domain, QType::NS, "ns2.powerdns.org.", DNSResourceRecord::AUTHORITY, 172800); - } - else if (domain == DNSName("ns2.powerdns.org.")) { - addRecordToLW(res, domain, QType::NS, "ns3.powerdns.org.", DNSResourceRecord::AUTHORITY, 172800); - } - else if (domain == DNSName("ns3.powerdns.org.")) { - addRecordToLW(res, domain, QType::NS, "ns4.powerdns.org.", DNSResourceRecord::AUTHORITY, 172800); - } - else if (domain == DNSName("ns4.powerdns.org.")) { - addRecordToLW(res, domain, QType::NS, "ns5.powerdns.org.", DNSResourceRecord::AUTHORITY, 172800); - addRecordToLW(res, domain, QType::A, "192.0.2.1", DNSResourceRecord::AUTHORITY, 172800); - } + if (domain == DNSName("www.powerdns.com.")) { + addRecordToLW(res, domain, QType::NS, "ns.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800); + } + else if (domain == DNSName("ns.powerdns.com.")) { + addRecordToLW(res, domain, QType::NS, "ns1.powerdns.org.", DNSResourceRecord::AUTHORITY, 172800); + } + else if (domain == DNSName("ns1.powerdns.org.")) { + addRecordToLW(res, domain, QType::NS, "ns2.powerdns.org.", DNSResourceRecord::AUTHORITY, 172800); + } + else if (domain == DNSName("ns2.powerdns.org.")) { + addRecordToLW(res, domain, QType::NS, "ns3.powerdns.org.", DNSResourceRecord::AUTHORITY, 172800); + } + else if (domain == DNSName("ns3.powerdns.org.")) { + addRecordToLW(res, domain, QType::NS, "ns4.powerdns.org.", DNSResourceRecord::AUTHORITY, 172800); + } + else if (domain == DNSName("ns4.powerdns.org.")) { + addRecordToLW(res, domain, QType::NS, "ns5.powerdns.org.", DNSResourceRecord::AUTHORITY, 172800); + addRecordToLW(res, domain, QType::A, "192.0.2.1", DNSResourceRecord::AUTHORITY, 172800); + } - return 1; - } else if (ip == ComboAddress("192.0.2.1:53")) { + return 1; + } + else if (ip == ComboAddress("192.0.2.1:53")) { - setLWResult(res, 0, true, false, false); - addRecordToLW(res, domain, QType::A, "192.0.2.2"); - return 1; - } + setLWResult(res, 0, true, false, false); + addRecordToLW(res, domain, QType::A, "192.0.2.2"); + return 1; + } - return 0; - }); + return 0; + }); /* Set the maximum depth low */ SyncRes::s_maxdepth = 10; @@ -60,11 +61,12 @@ BOOST_AUTO_TEST_CASE(test_referral_depth) { sr->beginResolve(target, QType(QType::A), QClass::IN, ret); BOOST_CHECK(false); } - catch(const ImmediateServFailException& e) { + catch (const ImmediateServFailException& e) { } } -BOOST_AUTO_TEST_CASE(test_cname_qperq) { +BOOST_AUTO_TEST_CASE(test_cname_qperq) +{ std::unique_ptr sr; initSR(sr); @@ -73,25 +75,25 @@ BOOST_AUTO_TEST_CASE(test_cname_qperq) { size_t queries = 0; const DNSName target("cname.powerdns.com."); - sr->setAsyncCallback([target,&queries](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + sr->setAsyncCallback([target, &queries](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queries++; - queries++; + if (isRootServer(ip)) { - if (isRootServer(ip)) { - - setLWResult(res, 0, false, false, true); - addRecordToLW(res, domain, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800); - addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - return 1; - } else if (ip == ComboAddress("192.0.2.1:53")) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, domain, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800); + addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); + return 1; + } + else if (ip == ComboAddress("192.0.2.1:53")) { - setLWResult(res, 0, true, false, false); - addRecordToLW(res, domain, QType::CNAME, std::to_string(queries) + "-cname.powerdns.com"); - return 1; - } + setLWResult(res, 0, true, false, false); + addRecordToLW(res, domain, QType::CNAME, std::to_string(queries) + "-cname.powerdns.com"); + return 1; + } - return 0; - }); + return 0; + }); /* Set the maximum number of questions very low */ SyncRes::s_maxqperq = 5; @@ -101,12 +103,13 @@ BOOST_AUTO_TEST_CASE(test_cname_qperq) { sr->beginResolve(target, QType(QType::A), QClass::IN, ret); BOOST_CHECK(false); } - catch(const ImmediateServFailException& e) { + catch (const ImmediateServFailException& e) { BOOST_CHECK_EQUAL(queries, SyncRes::s_maxqperq); } } -BOOST_AUTO_TEST_CASE(test_throttled_server) { +BOOST_AUTO_TEST_CASE(test_throttled_server) +{ std::unique_ptr sr; initSR(sr); @@ -116,26 +119,26 @@ BOOST_AUTO_TEST_CASE(test_throttled_server) { const ComboAddress ns("192.0.2.1:53"); size_t queriesToNS = 0; - sr->setAsyncCallback([target,ns,&queriesToNS](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + sr->setAsyncCallback([target, ns, &queriesToNS](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + if (isRootServer(ip)) { - if (isRootServer(ip)) { - - setLWResult(res, 0, false, false, true); - addRecordToLW(res, domain, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800); - addRecordToLW(res, "a.gtld-servers.net.", QType::A, ns.toString(), DNSResourceRecord::ADDITIONAL, 3600); - return 1; - } else if (ip == ns) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, domain, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800); + addRecordToLW(res, "a.gtld-servers.net.", QType::A, ns.toString(), DNSResourceRecord::ADDITIONAL, 3600); + return 1; + } + else if (ip == ns) { - queriesToNS++; + queriesToNS++; - setLWResult(res, 0, true, false, false); - addRecordToLW(res, domain, QType::A, "192.0.2.2"); + setLWResult(res, 0, true, false, false); + addRecordToLW(res, domain, QType::A, "192.0.2.2"); - return 1; - } + return 1; + } - return 0; - }); + return 0; + }); /* mark ns as down */ time_t now = sr->getNow().tv_sec; @@ -149,7 +152,8 @@ BOOST_AUTO_TEST_CASE(test_throttled_server) { BOOST_CHECK_EQUAL(queriesToNS, 0U); } -BOOST_AUTO_TEST_CASE(test_throttled_server_count) { +BOOST_AUTO_TEST_CASE(test_throttled_server_count) +{ std::unique_ptr sr; initSR(sr); @@ -170,7 +174,8 @@ BOOST_AUTO_TEST_CASE(test_throttled_server_count) { BOOST_CHECK(!SyncRes::isThrottled(now, ns)); } -BOOST_AUTO_TEST_CASE(test_throttled_server_time) { +BOOST_AUTO_TEST_CASE(test_throttled_server_time) +{ std::unique_ptr sr; initSR(sr); @@ -189,7 +194,8 @@ BOOST_AUTO_TEST_CASE(test_throttled_server_time) { BOOST_CHECK(!SyncRes::isThrottled(now + 2, ns)); } -BOOST_AUTO_TEST_CASE(test_dont_query_server) { +BOOST_AUTO_TEST_CASE(test_dont_query_server) +{ std::unique_ptr sr; initSR(sr); @@ -199,26 +205,26 @@ BOOST_AUTO_TEST_CASE(test_dont_query_server) { const ComboAddress ns("192.0.2.1:53"); size_t queriesToNS = 0; - sr->setAsyncCallback([target,ns,&queriesToNS](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + sr->setAsyncCallback([target, ns, &queriesToNS](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + if (isRootServer(ip)) { - if (isRootServer(ip)) { - - setLWResult(res, 0, false, false, true); - addRecordToLW(res, domain, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800); - addRecordToLW(res, "a.gtld-servers.net.", QType::A, ns.toString(), DNSResourceRecord::ADDITIONAL, 3600); - return 1; - } else if (ip == ns) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, domain, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800); + addRecordToLW(res, "a.gtld-servers.net.", QType::A, ns.toString(), DNSResourceRecord::ADDITIONAL, 3600); + return 1; + } + else if (ip == ns) { - queriesToNS++; + queriesToNS++; - setLWResult(res, 0, true, false, false); - addRecordToLW(res, domain, QType::A, "192.0.2.2"); + setLWResult(res, 0, true, false, false); + addRecordToLW(res, domain, QType::A, "192.0.2.2"); - return 1; - } + return 1; + } - return 0; - }); + return 0; + }); /* prevent querying this NS */ SyncRes::addDontQuery(Netmask(ns)); @@ -231,7 +237,8 @@ BOOST_AUTO_TEST_CASE(test_dont_query_server) { BOOST_CHECK_EQUAL(queriesToNS, 0U); } -BOOST_AUTO_TEST_CASE(test_root_nx_trust) { +BOOST_AUTO_TEST_CASE(test_root_nx_trust) +{ std::unique_ptr sr; initSR(sr); @@ -243,32 +250,32 @@ BOOST_AUTO_TEST_CASE(test_root_nx_trust) { size_t queriesCount = 0; sr->setAsyncCallback([target1, target2, ns, &queriesCount](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queriesCount++; - queriesCount++; + if (isRootServer(ip)) { - if (isRootServer(ip)) { - - if (domain == target1) { - setLWResult(res, RCode::NXDomain, true, false, true); - addRecordToLW(res, ".", QType::SOA, "a.root-servers.net. nstld.verisign-grs.com. 2017032800 1800 900 604800 86400", DNSResourceRecord::AUTHORITY, 86400); - } - else { - setLWResult(res, 0, true, false, true); - addRecordToLW(res, domain, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800); - addRecordToLW(res, "a.gtld-servers.net.", QType::A, ns.toString(), DNSResourceRecord::ADDITIONAL, 3600); - } + if (domain == target1) { + setLWResult(res, RCode::NXDomain, true, false, true); + addRecordToLW(res, ".", QType::SOA, "a.root-servers.net. nstld.verisign-grs.com. 2017032800 1800 900 604800 86400", DNSResourceRecord::AUTHORITY, 86400); + } + else { + setLWResult(res, 0, true, false, true); + addRecordToLW(res, domain, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800); + addRecordToLW(res, "a.gtld-servers.net.", QType::A, ns.toString(), DNSResourceRecord::ADDITIONAL, 3600); + } - return 1; - } else if (ip == ns) { + return 1; + } + else if (ip == ns) { - setLWResult(res, 0, true, false, false); - addRecordToLW(res, domain, QType::A, "192.0.2.2"); + setLWResult(res, 0, true, false, false); + addRecordToLW(res, domain, QType::A, "192.0.2.2"); - return 1; - } + return 1; + } - return 0; - }); + return 0; + }); SyncRes::s_maxnegttl = 3600; @@ -291,7 +298,8 @@ BOOST_AUTO_TEST_CASE(test_root_nx_trust) { BOOST_CHECK_EQUAL(queriesCount, 1U); } -BOOST_AUTO_TEST_CASE(test_root_nx_trust_specific) { +BOOST_AUTO_TEST_CASE(test_root_nx_trust_specific) +{ std::unique_ptr sr; initSR(); initSR(sr, true, false); @@ -307,32 +315,32 @@ BOOST_AUTO_TEST_CASE(test_root_nx_trust_specific) { We should add target1 to the negcache, but not "com.". */ sr->setAsyncCallback([target1, target2, ns, &queriesCount](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queriesCount++; - queriesCount++; - - if (isRootServer(ip)) { + if (isRootServer(ip)) { - if (domain == target1) { - setLWResult(res, RCode::NXDomain, true, false, true); - addRecordToLW(res, "com.", QType::SOA, "a.root-servers.net. nstld.verisign-grs.com. 2017032800 1800 900 604800 86400", DNSResourceRecord::AUTHORITY, 86400); - } - else { - setLWResult(res, 0, true, false, true); - addRecordToLW(res, domain, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800); - addRecordToLW(res, "a.gtld-servers.net.", QType::A, ns.toString(), DNSResourceRecord::ADDITIONAL, 3600); - } + if (domain == target1) { + setLWResult(res, RCode::NXDomain, true, false, true); + addRecordToLW(res, "com.", QType::SOA, "a.root-servers.net. nstld.verisign-grs.com. 2017032800 1800 900 604800 86400", DNSResourceRecord::AUTHORITY, 86400); + } + else { + setLWResult(res, 0, true, false, true); + addRecordToLW(res, domain, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800); + addRecordToLW(res, "a.gtld-servers.net.", QType::A, ns.toString(), DNSResourceRecord::ADDITIONAL, 3600); + } - return 1; - } else if (ip == ns) { + return 1; + } + else if (ip == ns) { - setLWResult(res, 0, true, false, false); - addRecordToLW(res, domain, QType::A, "192.0.2.2"); + setLWResult(res, 0, true, false, false); + addRecordToLW(res, domain, QType::A, "192.0.2.2"); - return 1; - } + return 1; + } - return 0; - }); + return 0; + }); vector ret; int res = sr->beginResolve(target1, QType(QType::A), QClass::IN, ret); @@ -356,7 +364,8 @@ BOOST_AUTO_TEST_CASE(test_root_nx_trust_specific) { BOOST_CHECK_EQUAL(queriesCount, 3U); } -BOOST_AUTO_TEST_CASE(test_root_nx_dont_trust) { +BOOST_AUTO_TEST_CASE(test_root_nx_dont_trust) +{ std::unique_ptr sr; initSR(sr); @@ -368,32 +377,32 @@ BOOST_AUTO_TEST_CASE(test_root_nx_dont_trust) { size_t queriesCount = 0; sr->setAsyncCallback([target1, target2, ns, &queriesCount](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queriesCount++; - queriesCount++; + if (isRootServer(ip)) { - if (isRootServer(ip)) { - - if (domain == target1) { - setLWResult(res, RCode::NXDomain, true, false, true); - addRecordToLW(res, ".", QType::SOA, "a.root-servers.net. nstld.verisign-grs.com. 2017032800 1800 900 604800 86400", DNSResourceRecord::AUTHORITY, 86400); - } - else { - setLWResult(res, 0, true, false, true); - addRecordToLW(res, domain, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800); - addRecordToLW(res, "a.gtld-servers.net.", QType::A, ns.toString(), DNSResourceRecord::ADDITIONAL, 3600); - } + if (domain == target1) { + setLWResult(res, RCode::NXDomain, true, false, true); + addRecordToLW(res, ".", QType::SOA, "a.root-servers.net. nstld.verisign-grs.com. 2017032800 1800 900 604800 86400", DNSResourceRecord::AUTHORITY, 86400); + } + else { + setLWResult(res, 0, true, false, true); + addRecordToLW(res, domain, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800); + addRecordToLW(res, "a.gtld-servers.net.", QType::A, ns.toString(), DNSResourceRecord::ADDITIONAL, 3600); + } - return 1; - } else if (ip == ns) { + return 1; + } + else if (ip == ns) { - setLWResult(res, 0, true, false, false); - addRecordToLW(res, domain, QType::A, "192.0.2.2"); + setLWResult(res, 0, true, false, false); + addRecordToLW(res, domain, QType::A, "192.0.2.2"); - return 1; - } + return 1; + } - return 0; - }); + return 0; + }); SyncRes::s_rootNXTrust = false; @@ -415,7 +424,8 @@ BOOST_AUTO_TEST_CASE(test_root_nx_dont_trust) { BOOST_CHECK_EQUAL(queriesCount, 3U); } -BOOST_AUTO_TEST_CASE(test_rfc8020_nothing_underneath) { +BOOST_AUTO_TEST_CASE(test_rfc8020_nothing_underneath) +{ std::unique_ptr sr; initSR(sr); SyncRes::s_hardenNXD = SyncRes::HardenNXD::Yes; @@ -430,21 +440,21 @@ BOOST_AUTO_TEST_CASE(test_rfc8020_nothing_underneath) { size_t queriesCount = 0; sr->setAsyncCallback([ns, &queriesCount](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queriesCount++; - queriesCount++; - - if (isRootServer(ip)) { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, "powerdns.com.", QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800); - addRecordToLW(res, "ns1.powerdns.com.", QType::A, ns.toString(), DNSResourceRecord::ADDITIONAL, 3600); - return 1; - } else if (ip == ns) { - setLWResult(res, RCode::NXDomain, true, false, false); - addRecordToLW(res, "powerdns.com.", QType::SOA, "ns1.powerdns.com. hostmaster.powerdns.com. 2017032800 1800 900 604800 86400", DNSResourceRecord::AUTHORITY, 86400); - return 1; - } - return 0; - }); + if (isRootServer(ip)) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, "powerdns.com.", QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800); + addRecordToLW(res, "ns1.powerdns.com.", QType::A, ns.toString(), DNSResourceRecord::ADDITIONAL, 3600); + return 1; + } + else if (ip == ns) { + setLWResult(res, RCode::NXDomain, true, false, false); + addRecordToLW(res, "powerdns.com.", QType::SOA, "ns1.powerdns.com. hostmaster.powerdns.com. 2017032800 1800 900 604800 86400", DNSResourceRecord::AUTHORITY, 86400); + return 1; + } + return 0; + }); vector ret; int res = sr->beginResolve(target1, QType(QType::A), QClass::IN, ret); @@ -510,8 +520,9 @@ BOOST_AUTO_TEST_CASE(test_rfc8020_nothing_underneath) { // reset SyncRes::s_hardenNXD = SyncRes::HardenNXD::DNSSEC; } - -BOOST_AUTO_TEST_CASE(test_rfc8020_nothing_underneath_dnssec) { + +BOOST_AUTO_TEST_CASE(test_rfc8020_nothing_underneath_dnssec) +{ std::unique_ptr sr; initSR(sr, true); setDNSSECValidation(sr, DNSSECMode::ValidateAll); @@ -537,7 +548,7 @@ BOOST_AUTO_TEST_CASE(test_rfc8020_nothing_underneath_dnssec) { size_t queriesCount = 0; - sr->setAsyncCallback([target1,target2,target3,target4,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + sr->setAsyncCallback([target1, target2, target3, target4, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { queriesCount++; DNSName auth = domain; @@ -549,7 +560,7 @@ BOOST_AUTO_TEST_CASE(test_rfc8020_nothing_underneath_dnssec) { setLWResult(res, RCode::NXDomain, true, false, true); addRecordToLW(res, DNSName("powerdns.com."), QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); addRRSIG(keys, res->d_records, auth, 300); - addNSECRecordToLW(DNSName("wwa.powerdns.com."), DNSName("wwz.powerdns.com."), { QType::RRSIG, QType::NSEC }, 600, res->d_records); + addNSECRecordToLW(DNSName("wwa.powerdns.com."), DNSName("wwz.powerdns.com."), {QType::RRSIG, QType::NSEC}, 600, res->d_records); addRRSIG(keys, res->d_records, auth, 300); return 1; } @@ -597,10 +608,10 @@ BOOST_AUTO_TEST_CASE(test_rfc8020_nothing_underneath_dnssec) { setLWResult(res, RCode::NXDomain, true, false, true); addRecordToLW(res, DNSName("powerdns.com."), QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); addRRSIG(keys, res->d_records, auth, 300); - addNSECRecordToLW(DNSName("wwa.powerdns.com."), DNSName("wwz.powerdns.com."), { QType::RRSIG, QType::NSEC }, 600, res->d_records); + addNSECRecordToLW(DNSName("wwa.powerdns.com."), DNSName("wwz.powerdns.com."), {QType::RRSIG, QType::NSEC}, 600, res->d_records); addRRSIG(keys, res->d_records, auth, 300); /* add wildcard denial */ - addNSECRecordToLW(DNSName("powerdns.com."), DNSName("a.powerdns.com."), { QType::RRSIG, QType::NSEC }, 600, res->d_records); + addNSECRecordToLW(DNSName("powerdns.com."), DNSName("a.powerdns.com."), {QType::RRSIG, QType::NSEC}, 600, res->d_records); addRRSIG(keys, res->d_records, auth, 300); } return 1; @@ -683,7 +694,8 @@ BOOST_AUTO_TEST_CASE(test_rfc8020_nothing_underneath_dnssec) { SyncRes::s_hardenNXD = SyncRes::HardenNXD::DNSSEC; } -BOOST_AUTO_TEST_CASE(test_rfc8020_nodata) { +BOOST_AUTO_TEST_CASE(test_rfc8020_nodata) +{ std::unique_ptr sr; initSR(sr); SyncRes::s_hardenNXD = SyncRes::HardenNXD::Yes; @@ -697,35 +709,35 @@ BOOST_AUTO_TEST_CASE(test_rfc8020_nodata) { size_t queriesCount = 0; sr->setAsyncCallback([ns, target1, target2, target3, &queriesCount](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queriesCount++; - queriesCount++; - - if (isRootServer(ip)) { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, "powerdns.com.", QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800); - addRecordToLW(res, "ns1.powerdns.com.", QType::A, ns.toString(), DNSResourceRecord::ADDITIONAL, 3600); - return 1; - } else if (ip == ns) { - if (domain == target1) { // NODATA for TXT, NOERROR for A - if (type == QType::TXT) { - setLWResult(res, RCode::NoError, true); - addRecordToLW(res, "powerdns.com.", QType::SOA, "ns1.powerdns.com. hostmaster.powerdns.com. 2017032800 1800 900 604800 86400", DNSResourceRecord::AUTHORITY, 86400); - return 1; - } - if (type == QType::A) { - setLWResult(res, RCode::NoError, true); - addRecordToLW(res, domain, QType::A, "192.0.2.1", DNSResourceRecord::ANSWER, 86400); - return 1; - } - } - if (domain == target2 || domain == target3) { - setLWResult(res, RCode::NXDomain, true); + if (isRootServer(ip)) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, "powerdns.com.", QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800); + addRecordToLW(res, "ns1.powerdns.com.", QType::A, ns.toString(), DNSResourceRecord::ADDITIONAL, 3600); + return 1; + } + else if (ip == ns) { + if (domain == target1) { // NODATA for TXT, NOERROR for A + if (type == QType::TXT) { + setLWResult(res, RCode::NoError, true); addRecordToLW(res, "powerdns.com.", QType::SOA, "ns1.powerdns.com. hostmaster.powerdns.com. 2017032800 1800 900 604800 86400", DNSResourceRecord::AUTHORITY, 86400); return 1; } + if (type == QType::A) { + setLWResult(res, RCode::NoError, true); + addRecordToLW(res, domain, QType::A, "192.0.2.1", DNSResourceRecord::ANSWER, 86400); + return 1; + } } - return 0; - }); + if (domain == target2 || domain == target3) { + setLWResult(res, RCode::NXDomain, true); + addRecordToLW(res, "powerdns.com.", QType::SOA, "ns1.powerdns.com. hostmaster.powerdns.com. 2017032800 1800 900 604800 86400", DNSResourceRecord::AUTHORITY, 86400); + return 1; + } + } + return 0; + }); vector ret; int res = sr->beginResolve(target1, QType(QType::TXT), QClass::IN, ret); @@ -756,7 +768,8 @@ BOOST_AUTO_TEST_CASE(test_rfc8020_nodata) { BOOST_CHECK_EQUAL(SyncRes::getNegCacheSize(), 2U); } -BOOST_AUTO_TEST_CASE(test_rfc8020_nodata_bis) { +BOOST_AUTO_TEST_CASE(test_rfc8020_nodata_bis) +{ std::unique_ptr sr; initSR(sr); SyncRes::s_hardenNXD = SyncRes::HardenNXD::Yes; @@ -770,35 +783,35 @@ BOOST_AUTO_TEST_CASE(test_rfc8020_nodata_bis) { size_t queriesCount = 0; sr->setAsyncCallback([ns, target1, target2, target3, &queriesCount](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queriesCount++; - queriesCount++; - - if (isRootServer(ip)) { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, "powerdns.com.", QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800); - addRecordToLW(res, "ns1.powerdns.com.", QType::A, ns.toString(), DNSResourceRecord::ADDITIONAL, 3600); - return 1; - } else if (ip == ns) { - if (domain == target1) { // NODATA for TXT, NOERROR for A - if (type == QType::TXT) { - setLWResult(res, RCode::NoError, true); - addRecordToLW(res, "powerdns.com.", QType::SOA, "ns1.powerdns.com. hostmaster.powerdns.com. 2017032800 1800 900 604800 86400", DNSResourceRecord::AUTHORITY, 86400); - return 1; - } - if (type == QType::A) { - setLWResult(res, RCode::NoError, true); - addRecordToLW(res, domain, QType::A, "192.0.2.1", DNSResourceRecord::ANSWER, 86400); - return 1; - } - } - if (domain == target2 || domain == target3) { - setLWResult(res, RCode::NXDomain, true); + if (isRootServer(ip)) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, "powerdns.com.", QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800); + addRecordToLW(res, "ns1.powerdns.com.", QType::A, ns.toString(), DNSResourceRecord::ADDITIONAL, 3600); + return 1; + } + else if (ip == ns) { + if (domain == target1) { // NODATA for TXT, NOERROR for A + if (type == QType::TXT) { + setLWResult(res, RCode::NoError, true); addRecordToLW(res, "powerdns.com.", QType::SOA, "ns1.powerdns.com. hostmaster.powerdns.com. 2017032800 1800 900 604800 86400", DNSResourceRecord::AUTHORITY, 86400); return 1; } + if (type == QType::A) { + setLWResult(res, RCode::NoError, true); + addRecordToLW(res, domain, QType::A, "192.0.2.1", DNSResourceRecord::ANSWER, 86400); + return 1; + } } - return 0; - }); + if (domain == target2 || domain == target3) { + setLWResult(res, RCode::NXDomain, true); + addRecordToLW(res, "powerdns.com.", QType::SOA, "ns1.powerdns.com. hostmaster.powerdns.com. 2017032800 1800 900 604800 86400", DNSResourceRecord::AUTHORITY, 86400); + return 1; + } + } + return 0; + }); vector ret; int res = sr->beginResolve(target1, QType(QType::TXT), QClass::IN, ret); @@ -829,7 +842,8 @@ BOOST_AUTO_TEST_CASE(test_rfc8020_nodata_bis) { BOOST_CHECK_EQUAL(SyncRes::getNegCacheSize(), 2U); } -BOOST_AUTO_TEST_CASE(test_skip_negcache_for_variable_response) { +BOOST_AUTO_TEST_CASE(test_skip_negcache_for_variable_response) +{ std::unique_ptr sr; initSR(sr); @@ -844,38 +858,38 @@ BOOST_AUTO_TEST_CASE(test_skip_negcache_for_variable_response) { incomingECS.source = Netmask("192.0.2.128/32"); sr->setQuerySource(ComboAddress(), boost::optional(incomingECS)); - sr->setAsyncCallback([target,cnameTarget](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + sr->setAsyncCallback([target, cnameTarget](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + BOOST_REQUIRE(srcmask); + BOOST_CHECK_EQUAL(srcmask->toString(), "192.0.2.0/24"); - BOOST_REQUIRE(srcmask); - BOOST_CHECK_EQUAL(srcmask->toString(), "192.0.2.0/24"); - - if (isRootServer(ip)) { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, "powerdns.com.", QType::NS, "pdns-public-ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800); - addRecordToLW(res, "pdns-public-ns1.powerdns.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); + if (isRootServer(ip)) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, "powerdns.com.", QType::NS, "pdns-public-ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800); + addRecordToLW(res, "pdns-public-ns1.powerdns.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - srcmask = boost::none; + srcmask = boost::none; - return 1; - } else if (ip == ComboAddress("192.0.2.1:53")) { - if (domain == target) { - /* Type 2 NXDOMAIN (rfc2308 section-2.1) */ - setLWResult(res, RCode::NXDomain, true, false, true); - addRecordToLW(res, domain, QType::CNAME, cnameTarget.toString()); - addRecordToLW(res, "powerdns.com", QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); - } - else if (domain == cnameTarget) { - /* we shouldn't get there since the Type NXDOMAIN should have been enough, + return 1; + } + else if (ip == ComboAddress("192.0.2.1:53")) { + if (domain == target) { + /* Type 2 NXDOMAIN (rfc2308 section-2.1) */ + setLWResult(res, RCode::NXDomain, true, false, true); + addRecordToLW(res, domain, QType::CNAME, cnameTarget.toString()); + addRecordToLW(res, "powerdns.com", QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); + } + else if (domain == cnameTarget) { + /* we shouldn't get there since the Type NXDOMAIN should have been enough, but we might if we still chase the CNAME. */ - setLWResult(res, RCode::NXDomain, true, false, true); - addRecordToLW(res, "powerdns.com", QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); - } - - return 1; + setLWResult(res, RCode::NXDomain, true, false, true); + addRecordToLW(res, "powerdns.com", QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); } - return 0; - }); + return 1; + } + + return 0; + }); vector ret; int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret); @@ -885,7 +899,8 @@ BOOST_AUTO_TEST_CASE(test_skip_negcache_for_variable_response) { BOOST_CHECK_EQUAL(SyncRes::getNegCacheSize(), 0U); } -BOOST_AUTO_TEST_CASE(test_ecs_cache_limit_allowed) { +BOOST_AUTO_TEST_CASE(test_ecs_cache_limit_allowed) +{ std::unique_ptr sr; initSR(sr); @@ -901,15 +916,14 @@ BOOST_AUTO_TEST_CASE(test_ecs_cache_limit_allowed) { SyncRes::s_ecsipv4cachelimit = 24; sr->setAsyncCallback([target](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + BOOST_REQUIRE(srcmask); + BOOST_CHECK_EQUAL(srcmask->toString(), "192.0.2.0/24"); - BOOST_REQUIRE(srcmask); - BOOST_CHECK_EQUAL(srcmask->toString(), "192.0.2.0/24"); - - setLWResult(res, 0, true, false, true); - addRecordToLW(res, target, QType::A, "192.0.2.1"); + setLWResult(res, 0, true, false, true); + addRecordToLW(res, target, QType::A, "192.0.2.1"); - return 1; - }); + return 1; + }); const time_t now = sr->getNow().tv_sec; vector ret; @@ -924,7 +938,8 @@ BOOST_AUTO_TEST_CASE(test_ecs_cache_limit_allowed) { BOOST_REQUIRE_EQUAL(cached.size(), 1U); } -BOOST_AUTO_TEST_CASE(test_ecs_cache_limit_no_ttl_limit_allowed) { +BOOST_AUTO_TEST_CASE(test_ecs_cache_limit_no_ttl_limit_allowed) +{ std::unique_ptr sr; initSR(sr); @@ -940,15 +955,14 @@ BOOST_AUTO_TEST_CASE(test_ecs_cache_limit_no_ttl_limit_allowed) { SyncRes::s_ecsipv4cachelimit = 16; sr->setAsyncCallback([target](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + BOOST_REQUIRE(srcmask); + BOOST_CHECK_EQUAL(srcmask->toString(), "192.0.2.0/24"); - BOOST_REQUIRE(srcmask); - BOOST_CHECK_EQUAL(srcmask->toString(), "192.0.2.0/24"); - - setLWResult(res, 0, true, false, true); - addRecordToLW(res, target, QType::A, "192.0.2.1"); + setLWResult(res, 0, true, false, true); + addRecordToLW(res, target, QType::A, "192.0.2.1"); - return 1; - }); + return 1; + }); const time_t now = sr->getNow().tv_sec; vector ret; @@ -963,127 +977,127 @@ BOOST_AUTO_TEST_CASE(test_ecs_cache_limit_no_ttl_limit_allowed) { BOOST_REQUIRE_EQUAL(cached.size(), 1U); } -BOOST_AUTO_TEST_CASE(test_ecs_cache_ttllimit_allowed) { - std::unique_ptr sr; - initSR(sr); +BOOST_AUTO_TEST_CASE(test_ecs_cache_ttllimit_allowed) +{ + std::unique_ptr sr; + initSR(sr); - primeHints(); + primeHints(); - const DNSName target("www.powerdns.com."); + const DNSName target("www.powerdns.com."); - SyncRes::addEDNSDomain(DNSName("powerdns.com.")); + SyncRes::addEDNSDomain(DNSName("powerdns.com.")); - EDNSSubnetOpts incomingECS; - incomingECS.source = Netmask("192.0.2.128/32"); - sr->setQuerySource(ComboAddress(), boost::optional(incomingECS)); - SyncRes::s_ecscachelimitttl = 30; + EDNSSubnetOpts incomingECS; + incomingECS.source = Netmask("192.0.2.128/32"); + sr->setQuerySource(ComboAddress(), boost::optional(incomingECS)); + SyncRes::s_ecscachelimitttl = 30; - sr->setAsyncCallback([target](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + sr->setAsyncCallback([target](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + BOOST_REQUIRE(srcmask); + BOOST_CHECK_EQUAL(srcmask->toString(), "192.0.2.0/24"); - BOOST_REQUIRE(srcmask); - BOOST_CHECK_EQUAL(srcmask->toString(), "192.0.2.0/24"); + setLWResult(res, 0, true, false, true); + addRecordToLW(res, target, QType::A, "192.0.2.1"); - setLWResult(res, 0, true, false, true); - addRecordToLW(res, target, QType::A, "192.0.2.1"); + return 1; + }); - return 1; - }); + const time_t now = sr->getNow().tv_sec; + vector ret; + int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret); + BOOST_CHECK_EQUAL(res, RCode::NoError); + BOOST_CHECK_EQUAL(ret.size(), 1U); - const time_t now = sr->getNow().tv_sec; - vector ret; - int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret); - BOOST_CHECK_EQUAL(res, RCode::NoError); - BOOST_CHECK_EQUAL(ret.size(), 1U); - - /* should have been cached */ - const ComboAddress who("192.0.2.128"); - vector cached; - BOOST_REQUIRE_GT(t_RC->get(now, target, QType(QType::A), true, &cached, who), 0); - BOOST_REQUIRE_EQUAL(cached.size(), 1U); + /* should have been cached */ + const ComboAddress who("192.0.2.128"); + vector cached; + BOOST_REQUIRE_GT(t_RC->get(now, target, QType(QType::A), true, &cached, who), 0); + BOOST_REQUIRE_EQUAL(cached.size(), 1U); } -BOOST_AUTO_TEST_CASE(test_ecs_cache_ttllimit_and_scope_allowed) { - std::unique_ptr sr; - initSR(sr); +BOOST_AUTO_TEST_CASE(test_ecs_cache_ttllimit_and_scope_allowed) +{ + std::unique_ptr sr; + initSR(sr); - primeHints(); + primeHints(); - const DNSName target("www.powerdns.com."); + const DNSName target("www.powerdns.com."); - SyncRes::addEDNSDomain(DNSName("powerdns.com.")); + SyncRes::addEDNSDomain(DNSName("powerdns.com.")); - EDNSSubnetOpts incomingECS; - incomingECS.source = Netmask("192.0.2.128/32"); - sr->setQuerySource(ComboAddress(), boost::optional(incomingECS)); - SyncRes::s_ecscachelimitttl = 100; - SyncRes::s_ecsipv4cachelimit = 24; + EDNSSubnetOpts incomingECS; + incomingECS.source = Netmask("192.0.2.128/32"); + sr->setQuerySource(ComboAddress(), boost::optional(incomingECS)); + SyncRes::s_ecscachelimitttl = 100; + SyncRes::s_ecsipv4cachelimit = 24; - sr->setAsyncCallback([target](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + sr->setAsyncCallback([target](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + BOOST_REQUIRE(srcmask); + BOOST_CHECK_EQUAL(srcmask->toString(), "192.0.2.0/24"); - BOOST_REQUIRE(srcmask); - BOOST_CHECK_EQUAL(srcmask->toString(), "192.0.2.0/24"); + setLWResult(res, 0, true, false, true); + addRecordToLW(res, target, QType::A, "192.0.2.1"); - setLWResult(res, 0, true, false, true); - addRecordToLW(res, target, QType::A, "192.0.2.1"); + return 1; + }); - return 1; - }); + const time_t now = sr->getNow().tv_sec; + vector ret; + int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret); + BOOST_CHECK_EQUAL(res, RCode::NoError); + BOOST_CHECK_EQUAL(ret.size(), 1U); - const time_t now = sr->getNow().tv_sec; - vector ret; - int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret); - BOOST_CHECK_EQUAL(res, RCode::NoError); - BOOST_CHECK_EQUAL(ret.size(), 1U); - - /* should have been cached */ - const ComboAddress who("192.0.2.128"); - vector cached; - BOOST_REQUIRE_GT(t_RC->get(now, target, QType(QType::A), true, &cached, who), 0); - BOOST_REQUIRE_EQUAL(cached.size(), 1U); + /* should have been cached */ + const ComboAddress who("192.0.2.128"); + vector cached; + BOOST_REQUIRE_GT(t_RC->get(now, target, QType(QType::A), true, &cached, who), 0); + BOOST_REQUIRE_EQUAL(cached.size(), 1U); } -BOOST_AUTO_TEST_CASE(test_ecs_cache_ttllimit_notallowed) { - std::unique_ptr sr; - initSR(sr); +BOOST_AUTO_TEST_CASE(test_ecs_cache_ttllimit_notallowed) +{ + std::unique_ptr sr; + initSR(sr); - primeHints(); + primeHints(); - const DNSName target("www.powerdns.com."); + const DNSName target("www.powerdns.com."); - SyncRes::addEDNSDomain(DNSName("powerdns.com.")); + SyncRes::addEDNSDomain(DNSName("powerdns.com.")); - EDNSSubnetOpts incomingECS; - incomingECS.source = Netmask("192.0.2.128/32"); - sr->setQuerySource(ComboAddress(), boost::optional(incomingECS)); - SyncRes::s_ecscachelimitttl = 100; - SyncRes::s_ecsipv4cachelimit = 16; + EDNSSubnetOpts incomingECS; + incomingECS.source = Netmask("192.0.2.128/32"); + sr->setQuerySource(ComboAddress(), boost::optional(incomingECS)); + SyncRes::s_ecscachelimitttl = 100; + SyncRes::s_ecsipv4cachelimit = 16; - sr->setAsyncCallback([target](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + sr->setAsyncCallback([target](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + BOOST_REQUIRE(srcmask); + BOOST_CHECK_EQUAL(srcmask->toString(), "192.0.2.0/24"); - BOOST_REQUIRE(srcmask); - BOOST_CHECK_EQUAL(srcmask->toString(), "192.0.2.0/24"); + setLWResult(res, 0, true, false, true); + addRecordToLW(res, target, QType::A, "192.0.2.1"); - setLWResult(res, 0, true, false, true); - addRecordToLW(res, target, QType::A, "192.0.2.1"); + return 1; + }); - return 1; - }); + const time_t now = sr->getNow().tv_sec; + vector ret; + int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret); + BOOST_CHECK_EQUAL(res, RCode::NoError); + BOOST_CHECK_EQUAL(ret.size(), 1U); - const time_t now = sr->getNow().tv_sec; - vector ret; - int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret); - BOOST_CHECK_EQUAL(res, RCode::NoError); - BOOST_CHECK_EQUAL(ret.size(), 1U); - - /* should have NOT been cached because TTL of 60 is too small and /24 is more specific than /16 */ - const ComboAddress who("192.0.2.128"); - vector cached; - BOOST_REQUIRE_LT(t_RC->get(now, target, QType(QType::A), true, &cached, who), 0); - BOOST_REQUIRE_EQUAL(cached.size(), 0U); + /* should have NOT been cached because TTL of 60 is too small and /24 is more specific than /16 */ + const ComboAddress who("192.0.2.128"); + vector cached; + BOOST_REQUIRE_LT(t_RC->get(now, target, QType(QType::A), true, &cached, who), 0); + BOOST_REQUIRE_EQUAL(cached.size(), 0U); } - -BOOST_AUTO_TEST_CASE(test_ns_speed) { +BOOST_AUTO_TEST_CASE(test_ns_speed) +{ std::unique_ptr sr; initSR(sr); @@ -1093,44 +1107,44 @@ BOOST_AUTO_TEST_CASE(test_ns_speed) { std::map nsCounts; - sr->setAsyncCallback([target,&nsCounts](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - - if (isRootServer(ip)) { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, domain, QType::NS, "pdns-public-ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800); - addRecordToLW(res, domain, QType::NS, "pdns-public-ns2.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800); - addRecordToLW(res, domain, QType::NS, "pdns-public-ns3.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800); - - addRecordToLW(res, "pdns-public-ns1.powerdns.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - addRecordToLW(res, "pdns-public-ns1.powerdns.com.", QType::AAAA, "2001:DB8::1", DNSResourceRecord::ADDITIONAL, 3600); - addRecordToLW(res, "pdns-public-ns2.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); - addRecordToLW(res, "pdns-public-ns2.powerdns.com.", QType::AAAA, "2001:DB8::2", DNSResourceRecord::ADDITIONAL, 3600); - addRecordToLW(res, "pdns-public-ns3.powerdns.com.", QType::A, "192.0.2.3", DNSResourceRecord::ADDITIONAL, 3600); - addRecordToLW(res, "pdns-public-ns3.powerdns.com.", QType::AAAA, "2001:DB8::3", DNSResourceRecord::ADDITIONAL, 3600); - - return 1; - } else { - nsCounts[ip]++; + sr->setAsyncCallback([target, &nsCounts](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + if (isRootServer(ip)) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, domain, QType::NS, "pdns-public-ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800); + addRecordToLW(res, domain, QType::NS, "pdns-public-ns2.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800); + addRecordToLW(res, domain, QType::NS, "pdns-public-ns3.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800); - if (ip == ComboAddress("[2001:DB8::2]:53") || ip == ComboAddress("192.0.2.2:53")) { - BOOST_CHECK_LT(nsCounts.size(), 3U); + addRecordToLW(res, "pdns-public-ns1.powerdns.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); + addRecordToLW(res, "pdns-public-ns1.powerdns.com.", QType::AAAA, "2001:DB8::1", DNSResourceRecord::ADDITIONAL, 3600); + addRecordToLW(res, "pdns-public-ns2.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); + addRecordToLW(res, "pdns-public-ns2.powerdns.com.", QType::AAAA, "2001:DB8::2", DNSResourceRecord::ADDITIONAL, 3600); + addRecordToLW(res, "pdns-public-ns3.powerdns.com.", QType::A, "192.0.2.3", DNSResourceRecord::ADDITIONAL, 3600); + addRecordToLW(res, "pdns-public-ns3.powerdns.com.", QType::AAAA, "2001:DB8::3", DNSResourceRecord::ADDITIONAL, 3600); - /* let's time out on pdns-public-ns2.powerdns.com. */ - return 0; - } - else if (ip == ComboAddress("192.0.2.1:53")) { - BOOST_CHECK_EQUAL(nsCounts.size(), 3U); + return 1; + } + else { + nsCounts[ip]++; - setLWResult(res, 0, true, false, true); - addRecordToLW(res, domain, QType::A, "192.0.2.254"); - return 1; - } + if (ip == ComboAddress("[2001:DB8::2]:53") || ip == ComboAddress("192.0.2.2:53")) { + BOOST_CHECK_LT(nsCounts.size(), 3U); + /* let's time out on pdns-public-ns2.powerdns.com. */ return 0; } + else if (ip == ComboAddress("192.0.2.1:53")) { + BOOST_CHECK_EQUAL(nsCounts.size(), 3U); + + setLWResult(res, 0, true, false, true); + addRecordToLW(res, domain, QType::A, "192.0.2.254"); + return 1; + } return 0; - }); + } + + return 0; + }); struct timeval now = sr->getNow(); @@ -1153,7 +1167,8 @@ BOOST_AUTO_TEST_CASE(test_ns_speed) { BOOST_CHECK_EQUAL(nsCounts[ComboAddress("[2001:DB8::2]:53")], 1U); } -BOOST_AUTO_TEST_CASE(test_flawed_nsset) { +BOOST_AUTO_TEST_CASE(test_flawed_nsset) +{ std::unique_ptr sr; initSR(sr); @@ -1162,27 +1177,27 @@ BOOST_AUTO_TEST_CASE(test_flawed_nsset) { const DNSName target("powerdns.com."); sr->setAsyncCallback([target](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + if (isRootServer(ip)) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, domain, QType::NS, "pdns-public-ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800); - if (isRootServer(ip)) { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, domain, QType::NS, "pdns-public-ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800); - - addRecordToLW(res, "pdns-public-ns1.powerdns.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); + addRecordToLW(res, "pdns-public-ns1.powerdns.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - return 1; - } else if (ip == ComboAddress("192.0.2.1:53")) { - setLWResult(res, 0, true, false, true); - addRecordToLW(res, domain, QType::A, "192.0.2.254"); - return 1; - } + return 1; + } + else if (ip == ComboAddress("192.0.2.1:53")) { + setLWResult(res, 0, true, false, true); + addRecordToLW(res, domain, QType::A, "192.0.2.254"); + return 1; + } - return 0; - }); + return 0; + }); /* we populate the cache with a flawed NSset, i.e. there is a NS entry but no corresponding glue */ time_t now = sr->getNow().tv_sec; std::vector records; - std::vector > sigs; + std::vector> sigs; addRecordToList(records, target, QType::NS, "pdns-public-ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, now + 3600); t_RC->replace(now, target, QType(QType::NS), records, sigs, vector>(), true, boost::optional()); @@ -1193,7 +1208,8 @@ BOOST_AUTO_TEST_CASE(test_flawed_nsset) { BOOST_CHECK_EQUAL(ret.size(), 1U); } -BOOST_AUTO_TEST_CASE(test_completely_flawed_nsset) { +BOOST_AUTO_TEST_CASE(test_completely_flawed_nsset) +{ std::unique_ptr sr; initSR(sr); @@ -1202,23 +1218,23 @@ BOOST_AUTO_TEST_CASE(test_completely_flawed_nsset) { const DNSName target("powerdns.com."); size_t queriesCount = 0; - sr->setAsyncCallback([&queriesCount,target](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - - queriesCount++; + sr->setAsyncCallback([&queriesCount, target](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queriesCount++; - if (isRootServer(ip) && domain == target) { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, domain, QType::NS, "pdns-public-ns2.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800); - addRecordToLW(res, domain, QType::NS, "pdns-public-ns3.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800); - return 1; - } else if (domain == DNSName("pdns-public-ns2.powerdns.com.") || domain == DNSName("pdns-public-ns3.powerdns.com.")){ - setLWResult(res, 0, true, false, true); - addRecordToLW(res, ".", QType::SOA, "a.root-servers.net. nstld.verisign-grs.com. 2017032800 1800 900 604800 86400", DNSResourceRecord::AUTHORITY, 86400); - return 1; - } + if (isRootServer(ip) && domain == target) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, domain, QType::NS, "pdns-public-ns2.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800); + addRecordToLW(res, domain, QType::NS, "pdns-public-ns3.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800); + return 1; + } + else if (domain == DNSName("pdns-public-ns2.powerdns.com.") || domain == DNSName("pdns-public-ns3.powerdns.com.")) { + setLWResult(res, 0, true, false, true); + addRecordToLW(res, ".", QType::SOA, "a.root-servers.net. nstld.verisign-grs.com. 2017032800 1800 900 604800 86400", DNSResourceRecord::AUTHORITY, 86400); + return 1; + } - return 0; - }); + return 0; + }); vector ret; int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret); @@ -1228,7 +1244,8 @@ BOOST_AUTO_TEST_CASE(test_completely_flawed_nsset) { BOOST_CHECK_EQUAL(queriesCount, 5U); } -BOOST_AUTO_TEST_CASE(test_cache_hit) { +BOOST_AUTO_TEST_CASE(test_cache_hit) +{ std::unique_ptr sr; initSR(sr); @@ -1237,17 +1254,16 @@ BOOST_AUTO_TEST_CASE(test_cache_hit) { const DNSName target("powerdns.com."); sr->setAsyncCallback([target](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - - return 0; - }); + return 0; + }); /* we populate the cache with eveything we need */ time_t now = sr->getNow().tv_sec; std::vector records; - std::vector > sigs; + std::vector> sigs; addRecordToList(records, target, QType::A, "192.0.2.1", DNSResourceRecord::ANSWER, now + 3600); - t_RC->replace(now, target , QType(QType::A), records, sigs, vector>(), true, boost::optional()); + t_RC->replace(now, target, QType(QType::A), records, sigs, vector>(), true, boost::optional()); vector ret; int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret); @@ -1255,7 +1271,8 @@ BOOST_AUTO_TEST_CASE(test_cache_hit) { BOOST_CHECK_EQUAL(ret.size(), 1U); } -BOOST_AUTO_TEST_CASE(test_no_rd) { +BOOST_AUTO_TEST_CASE(test_no_rd) +{ std::unique_ptr sr; initSR(sr); @@ -1266,11 +1283,10 @@ BOOST_AUTO_TEST_CASE(test_no_rd) { sr->setCacheOnly(); - sr->setAsyncCallback([target,&queriesCount](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - - queriesCount++; - return 0; - }); + sr->setAsyncCallback([target, &queriesCount](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queriesCount++; + return 0; + }); vector ret; int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret); @@ -1279,7 +1295,8 @@ BOOST_AUTO_TEST_CASE(test_no_rd) { BOOST_CHECK_EQUAL(queriesCount, 0U); } -BOOST_AUTO_TEST_CASE(test_cache_min_max_ttl) { +BOOST_AUTO_TEST_CASE(test_cache_min_max_ttl) +{ std::unique_ptr sr; initSR(sr); @@ -1288,24 +1305,24 @@ BOOST_AUTO_TEST_CASE(test_cache_min_max_ttl) { const DNSName target("cachettl.powerdns.com."); const ComboAddress ns("192.0.2.1:53"); - sr->setAsyncCallback([target,ns](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + sr->setAsyncCallback([target, ns](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + if (isRootServer(ip)) { - if (isRootServer(ip)) { - - setLWResult(res, 0, false, false, true); - addRecordToLW(res, domain, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800); - addRecordToLW(res, "a.gtld-servers.net.", QType::A, ns.toString(), DNSResourceRecord::ADDITIONAL, 7200); - return 1; - } else if (ip == ns) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, domain, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800); + addRecordToLW(res, "a.gtld-servers.net.", QType::A, ns.toString(), DNSResourceRecord::ADDITIONAL, 7200); + return 1; + } + else if (ip == ns) { - setLWResult(res, 0, true, false, false); - addRecordToLW(res, domain, QType::A, "192.0.2.2", DNSResourceRecord::ANSWER, 10); + setLWResult(res, 0, true, false, false); + addRecordToLW(res, domain, QType::A, "192.0.2.2", DNSResourceRecord::ANSWER, 10); - return 1; - } + return 1; + } - return 0; - }); + return 0; + }); const time_t now = sr->getNow().tv_sec; SyncRes::s_minimumTTL = 60; @@ -1331,7 +1348,8 @@ BOOST_AUTO_TEST_CASE(test_cache_min_max_ttl) { BOOST_CHECK_LE((cached[0].d_ttl - now), SyncRes::s_maxcachettl); } -BOOST_AUTO_TEST_CASE(test_cache_min_max_ecs_ttl) { +BOOST_AUTO_TEST_CASE(test_cache_min_max_ecs_ttl) +{ std::unique_ptr sr; initSR(sr); @@ -1345,29 +1363,29 @@ BOOST_AUTO_TEST_CASE(test_cache_min_max_ecs_ttl) { sr->setQuerySource(ComboAddress(), boost::optional(incomingECS)); SyncRes::addEDNSDomain(target); - sr->setAsyncCallback([target,ns](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - - BOOST_REQUIRE(srcmask); - BOOST_CHECK_EQUAL(srcmask->toString(), "192.0.2.0/24"); + sr->setAsyncCallback([target, ns](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + BOOST_REQUIRE(srcmask); + BOOST_CHECK_EQUAL(srcmask->toString(), "192.0.2.0/24"); - if (isRootServer(ip)) { + if (isRootServer(ip)) { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, domain, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800); - addRecordToLW(res, "a.gtld-servers.net.", QType::A, ns.toString(), DNSResourceRecord::ADDITIONAL, 20); - srcmask = boost::none; + setLWResult(res, 0, false, false, true); + addRecordToLW(res, domain, QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800); + addRecordToLW(res, "a.gtld-servers.net.", QType::A, ns.toString(), DNSResourceRecord::ADDITIONAL, 20); + srcmask = boost::none; - return 1; - } else if (ip == ns) { + return 1; + } + else if (ip == ns) { - setLWResult(res, 0, true, false, false); - addRecordToLW(res, domain, QType::A, "192.0.2.2", DNSResourceRecord::ANSWER, 10); + setLWResult(res, 0, true, false, false); + addRecordToLW(res, domain, QType::A, "192.0.2.2", DNSResourceRecord::ANSWER, 10); - return 1; - } + return 1; + } - return 0; - }); + return 0; + }); const time_t now = sr->getNow().tv_sec; SyncRes::s_minimumTTL = 60; @@ -1400,7 +1418,8 @@ BOOST_AUTO_TEST_CASE(test_cache_min_max_ecs_ttl) { BOOST_CHECK_LE((cached[0].d_ttl - now), SyncRes::s_minimumTTL); } -BOOST_AUTO_TEST_CASE(test_cache_expired_ttl) { +BOOST_AUTO_TEST_CASE(test_cache_expired_ttl) +{ std::unique_ptr sr; initSR(sr); @@ -1409,28 +1428,28 @@ BOOST_AUTO_TEST_CASE(test_cache_expired_ttl) { const DNSName target("powerdns.com."); sr->setAsyncCallback([target](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + if (isRootServer(ip)) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, domain, QType::NS, "pdns-public-ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800); - if (isRootServer(ip)) { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, domain, QType::NS, "pdns-public-ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800); - - addRecordToLW(res, "pdns-public-ns1.powerdns.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); + addRecordToLW(res, "pdns-public-ns1.powerdns.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - return 1; - } else if (ip == ComboAddress("192.0.2.1:53")) { - setLWResult(res, 0, true, false, true); - addRecordToLW(res, domain, QType::A, "192.0.2.2"); - return 1; - } + return 1; + } + else if (ip == ComboAddress("192.0.2.1:53")) { + setLWResult(res, 0, true, false, true); + addRecordToLW(res, domain, QType::A, "192.0.2.2"); + return 1; + } - return 0; - }); + return 0; + }); /* we populate the cache with entries that expired 60s ago*/ const time_t now = sr->getNow().tv_sec; std::vector records; - std::vector > sigs; + std::vector> sigs; addRecordToList(records, target, QType::A, "192.0.2.42", DNSResourceRecord::ANSWER, now - 60); t_RC->replace(now - 3600, target, QType(QType::A), records, sigs, vector>(), true, boost::optional()); diff --git a/pdns/recursordist/test-syncres_cc3.cc b/pdns/recursordist/test-syncres_cc3.cc index 83ea80afea..2a544ac886 100644 --- a/pdns/recursordist/test-syncres_cc3.cc +++ b/pdns/recursordist/test-syncres_cc3.cc @@ -5,7 +5,8 @@ BOOST_AUTO_TEST_SUITE(syncres_cc3) -BOOST_AUTO_TEST_CASE(test_cache_auth) { +BOOST_AUTO_TEST_CASE(test_cache_auth) +{ std::unique_ptr sr; initSR(sr); @@ -16,13 +17,12 @@ BOOST_AUTO_TEST_CASE(test_cache_auth) { const DNSName target("cache-auth.powerdns.com."); sr->setAsyncCallback([target](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + setLWResult(res, 0, true, false, true); + addRecordToLW(res, domain, QType::A, "192.0.2.2", DNSResourceRecord::ANSWER, 10); + addRecordToLW(res, domain, QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 10); - setLWResult(res, 0, true, false, true); - addRecordToLW(res, domain, QType::A, "192.0.2.2", DNSResourceRecord::ANSWER, 10); - addRecordToLW(res, domain, QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 10); - - return 1; - }); + return 1; + }); const time_t now = sr->getNow().tv_sec; @@ -42,7 +42,8 @@ BOOST_AUTO_TEST_CASE(test_cache_auth) { BOOST_CHECK_EQUAL(getRR(cached.at(0))->getCA().toString(), ComboAddress("192.0.2.2").toString()); } -BOOST_AUTO_TEST_CASE(test_delegation_only) { +BOOST_AUTO_TEST_CASE(test_delegation_only) +{ std::unique_ptr sr; initSR(sr); @@ -55,21 +56,21 @@ BOOST_AUTO_TEST_CASE(test_delegation_only) { const DNSName target("nx-powerdns.com."); sr->setAsyncCallback([target](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + if (isRootServer(ip)) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800); + addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); + return 1; + } + else if (ip == ComboAddress("192.0.2.1:53")) { - if (isRootServer(ip)) { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800); - addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - return 1; - } else if (ip == ComboAddress("192.0.2.1:53")) { - - setLWResult(res, 0, true, false, true); - addRecordToLW(res, domain, QType::A, "192.0.2.42"); - return 1; - } + setLWResult(res, 0, true, false, true); + addRecordToLW(res, domain, QType::A, "192.0.2.42"); + return 1; + } - return 0; - }); + return 0; + }); vector ret; int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret); @@ -77,7 +78,8 @@ BOOST_AUTO_TEST_CASE(test_delegation_only) { BOOST_CHECK_EQUAL(ret.size(), 0U); } -BOOST_AUTO_TEST_CASE(test_unauth_any) { +BOOST_AUTO_TEST_CASE(test_unauth_any) +{ std::unique_ptr sr; initSR(sr); @@ -86,21 +88,21 @@ BOOST_AUTO_TEST_CASE(test_unauth_any) { const DNSName target("powerdns.com."); sr->setAsyncCallback([target](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + if (isRootServer(ip)) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800); + addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); + return 1; + } + else if (ip == ComboAddress("192.0.2.1:53")) { - if (isRootServer(ip)) { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800); - addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - return 1; - } else if (ip == ComboAddress("192.0.2.1:53")) { - - setLWResult(res, 0, false, false, true); - addRecordToLW(res, domain, QType::A, "192.0.2.42"); - return 1; - } + setLWResult(res, 0, false, false, true); + addRecordToLW(res, domain, QType::A, "192.0.2.42"); + return 1; + } - return 0; - }); + return 0; + }); vector ret; int res = sr->beginResolve(target, QType(QType::ANY), QClass::IN, ret); @@ -108,7 +110,8 @@ BOOST_AUTO_TEST_CASE(test_unauth_any) { BOOST_CHECK_EQUAL(ret.size(), 0U); } -static void test_no_data_f(bool qmin) { +static void test_no_data_f(bool qmin) +{ std::unique_ptr sr; initSR(sr); if (qmin) @@ -119,10 +122,9 @@ static void test_no_data_f(bool qmin) { const DNSName target("powerdns.com."); sr->setAsyncCallback( - [target](const ComboAddress &ip, const DNSName &domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, - struct timeval *now, boost::optional &srcmask, boost::optional context, - LWResult *res, bool *chained) { - + [target](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, + struct timeval* now, boost::optional& srcmask, boost::optional context, + LWResult* res, bool* chained) { setLWResult(res, 0, true, false, true); return 1; }); @@ -133,15 +135,18 @@ static void test_no_data_f(bool qmin) { BOOST_CHECK_EQUAL(ret.size(), 0U); } -BOOST_AUTO_TEST_CASE(test_no_data) { +BOOST_AUTO_TEST_CASE(test_no_data) +{ test_no_data_f(false); } -BOOST_AUTO_TEST_CASE(test_no_data_qmin) { +BOOST_AUTO_TEST_CASE(test_no_data_qmin) +{ test_no_data_f(true); } -BOOST_AUTO_TEST_CASE(test_skip_opt_any) { +BOOST_AUTO_TEST_CASE(test_skip_opt_any) +{ std::unique_ptr sr; initSR(sr); @@ -150,13 +155,12 @@ BOOST_AUTO_TEST_CASE(test_skip_opt_any) { const DNSName target("powerdns.com."); sr->setAsyncCallback([target](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - - setLWResult(res, 0, true, false, true); - addRecordToLW(res, domain, QType::A, "192.0.2.42"); - addRecordToLW(res, domain, QType::ANY, "0 0"); - addRecordToLW(res, domain, QType::OPT, ""); - return 1; - }); + setLWResult(res, 0, true, false, true); + addRecordToLW(res, domain, QType::A, "192.0.2.42"); + addRecordToLW(res, domain, QType::ANY, "0 0"); + addRecordToLW(res, domain, QType::OPT, ""); + return 1; + }); vector ret; int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret); @@ -164,7 +168,8 @@ BOOST_AUTO_TEST_CASE(test_skip_opt_any) { BOOST_CHECK_EQUAL(ret.size(), 1U); } -BOOST_AUTO_TEST_CASE(test_nodata_nsec_nodnssec) { +BOOST_AUTO_TEST_CASE(test_nodata_nsec_nodnssec) +{ std::unique_ptr sr; initSR(sr); @@ -173,15 +178,14 @@ BOOST_AUTO_TEST_CASE(test_nodata_nsec_nodnssec) { const DNSName target("powerdns.com."); sr->setAsyncCallback([target](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - - setLWResult(res, 0, true, false, true); - addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); - /* the NSEC and RRSIG contents are complete garbage, please ignore them */ - addRecordToLW(res, domain, QType::NSEC, "deadbeef", DNSResourceRecord::AUTHORITY); - addRecordToLW(res, domain, QType::RRSIG, "NSEC 5 2 600 2100010100000000 2100010100000000 24567 dummy data", DNSResourceRecord::AUTHORITY); - addRecordToLW(res, domain, QType::RRSIG, "SOA 5 3 600 2100010100000000 2100010100000000 24567 dummy data", DNSResourceRecord::AUTHORITY); - return 1; - }); + setLWResult(res, 0, true, false, true); + addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); + /* the NSEC and RRSIG contents are complete garbage, please ignore them */ + addRecordToLW(res, domain, QType::NSEC, "deadbeef", DNSResourceRecord::AUTHORITY); + addRecordToLW(res, domain, QType::RRSIG, "NSEC 5 2 600 2100010100000000 2100010100000000 24567 dummy data", DNSResourceRecord::AUTHORITY); + addRecordToLW(res, domain, QType::RRSIG, "SOA 5 3 600 2100010100000000 2100010100000000 24567 dummy data", DNSResourceRecord::AUTHORITY); + return 1; + }); vector ret; int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret); @@ -189,7 +193,8 @@ BOOST_AUTO_TEST_CASE(test_nodata_nsec_nodnssec) { BOOST_CHECK_EQUAL(ret.size(), 1U); } -BOOST_AUTO_TEST_CASE(test_nodata_nsec_dnssec) { +BOOST_AUTO_TEST_CASE(test_nodata_nsec_dnssec) +{ std::unique_ptr sr; initSR(sr, true); @@ -198,15 +203,14 @@ BOOST_AUTO_TEST_CASE(test_nodata_nsec_dnssec) { const DNSName target("powerdns.com."); sr->setAsyncCallback([target](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - - setLWResult(res, 0, true, false, true); - addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); - /* the NSEC and RRSIG contents are complete garbage, please ignore them */ - addRecordToLW(res, domain, QType::NSEC, "deadbeef", DNSResourceRecord::AUTHORITY); - addRecordToLW(res, domain, QType::RRSIG, "NSEC 5 2 600 2100010100000000 2100010100000000 24567 dummy data", DNSResourceRecord::AUTHORITY); - addRecordToLW(res, domain, QType::RRSIG, "SOA 5 3 600 2100010100000000 2100010100000000 24567 dummy data", DNSResourceRecord::AUTHORITY); - return 1; - }); + setLWResult(res, 0, true, false, true); + addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); + /* the NSEC and RRSIG contents are complete garbage, please ignore them */ + addRecordToLW(res, domain, QType::NSEC, "deadbeef", DNSResourceRecord::AUTHORITY); + addRecordToLW(res, domain, QType::RRSIG, "NSEC 5 2 600 2100010100000000 2100010100000000 24567 dummy data", DNSResourceRecord::AUTHORITY); + addRecordToLW(res, domain, QType::RRSIG, "SOA 5 3 600 2100010100000000 2100010100000000 24567 dummy data", DNSResourceRecord::AUTHORITY); + return 1; + }); vector ret; int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret); @@ -214,7 +218,8 @@ BOOST_AUTO_TEST_CASE(test_nodata_nsec_dnssec) { BOOST_CHECK_EQUAL(ret.size(), 4U); } -BOOST_AUTO_TEST_CASE(test_nx_nsec_nodnssec) { +BOOST_AUTO_TEST_CASE(test_nx_nsec_nodnssec) +{ std::unique_ptr sr; initSR(sr); @@ -223,15 +228,14 @@ BOOST_AUTO_TEST_CASE(test_nx_nsec_nodnssec) { const DNSName target("powerdns.com."); sr->setAsyncCallback([target](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - - setLWResult(res, RCode::NXDomain, true, false, true); - addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); - /* the NSEC and RRSIG contents are complete garbage, please ignore them */ - addRecordToLW(res, domain, QType::NSEC, "deadbeef", DNSResourceRecord::AUTHORITY); - addRecordToLW(res, domain, QType::RRSIG, "NSEC 5 2 600 2100010100000000 2100010100000000 24567 dummy data", DNSResourceRecord::AUTHORITY); - addRecordToLW(res, domain, QType::RRSIG, "SOA 5 3 600 2100010100000000 2100010100000000 24567 dummy data", DNSResourceRecord::AUTHORITY); - return 1; - }); + setLWResult(res, RCode::NXDomain, true, false, true); + addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); + /* the NSEC and RRSIG contents are complete garbage, please ignore them */ + addRecordToLW(res, domain, QType::NSEC, "deadbeef", DNSResourceRecord::AUTHORITY); + addRecordToLW(res, domain, QType::RRSIG, "NSEC 5 2 600 2100010100000000 2100010100000000 24567 dummy data", DNSResourceRecord::AUTHORITY); + addRecordToLW(res, domain, QType::RRSIG, "SOA 5 3 600 2100010100000000 2100010100000000 24567 dummy data", DNSResourceRecord::AUTHORITY); + return 1; + }); vector ret; int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret); @@ -239,7 +243,8 @@ BOOST_AUTO_TEST_CASE(test_nx_nsec_nodnssec) { BOOST_CHECK_EQUAL(ret.size(), 1U); } -BOOST_AUTO_TEST_CASE(test_nx_nsec_dnssec) { +BOOST_AUTO_TEST_CASE(test_nx_nsec_dnssec) +{ std::unique_ptr sr; initSR(sr, true); @@ -248,15 +253,14 @@ BOOST_AUTO_TEST_CASE(test_nx_nsec_dnssec) { const DNSName target("powerdns.com."); sr->setAsyncCallback([target](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - - setLWResult(res, RCode::NXDomain, true, false, true); - addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); - /* the NSEC and RRSIG contents are complete garbage, please ignore them */ - addRecordToLW(res, domain, QType::NSEC, "deadbeef", DNSResourceRecord::AUTHORITY); - addRecordToLW(res, domain, QType::RRSIG, "NSEC 5 2 600 2100010100000000 2100010100000000 24567 dummy data", DNSResourceRecord::AUTHORITY); - addRecordToLW(res, domain, QType::RRSIG, "SOA 5 3 600 2100010100000000 2100010100000000 24567 dummy data", DNSResourceRecord::AUTHORITY); - return 1; - }); + setLWResult(res, RCode::NXDomain, true, false, true); + addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); + /* the NSEC and RRSIG contents are complete garbage, please ignore them */ + addRecordToLW(res, domain, QType::NSEC, "deadbeef", DNSResourceRecord::AUTHORITY); + addRecordToLW(res, domain, QType::RRSIG, "NSEC 5 2 600 2100010100000000 2100010100000000 24567 dummy data", DNSResourceRecord::AUTHORITY); + addRecordToLW(res, domain, QType::RRSIG, "SOA 5 3 600 2100010100000000 2100010100000000 24567 dummy data", DNSResourceRecord::AUTHORITY); + return 1; + }); vector ret; int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret); @@ -264,7 +268,8 @@ BOOST_AUTO_TEST_CASE(test_nx_nsec_dnssec) { BOOST_CHECK_EQUAL(ret.size(), 4U); } -BOOST_AUTO_TEST_CASE(test_qclass_none) { +BOOST_AUTO_TEST_CASE(test_qclass_none) +{ std::unique_ptr sr; initSR(sr); @@ -274,10 +279,9 @@ BOOST_AUTO_TEST_CASE(test_qclass_none) { size_t queriesCount = 0; sr->setAsyncCallback([&queriesCount](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - - queriesCount++; - return 0; - }); + queriesCount++; + return 0; + }); const DNSName target("powerdns.com."); vector ret; @@ -287,7 +291,8 @@ BOOST_AUTO_TEST_CASE(test_qclass_none) { BOOST_CHECK_EQUAL(queriesCount, 0U); } -BOOST_AUTO_TEST_CASE(test_answer_no_aa) { +BOOST_AUTO_TEST_CASE(test_answer_no_aa) +{ std::unique_ptr sr; initSR(sr, true); @@ -296,11 +301,10 @@ BOOST_AUTO_TEST_CASE(test_answer_no_aa) { const DNSName target("powerdns.com."); sr->setAsyncCallback([target](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - - setLWResult(res, 0, false, false, true); - addRecordToLW(res, domain, QType::A, "192.0.2.1"); - return 1; - }); + setLWResult(res, 0, false, false, true); + addRecordToLW(res, domain, QType::A, "192.0.2.1"); + return 1; + }); const time_t now = sr->getNow().tv_sec; @@ -316,7 +320,8 @@ BOOST_AUTO_TEST_CASE(test_answer_no_aa) { BOOST_REQUIRE_EQUAL(t_RC->get(now, target, QType(QType::A), false, &cached, who, &signatures), -1); } -BOOST_AUTO_TEST_CASE(test_special_types) { +BOOST_AUTO_TEST_CASE(test_special_types) +{ std::unique_ptr sr; initSR(sr); @@ -326,11 +331,10 @@ BOOST_AUTO_TEST_CASE(test_special_types) { size_t queriesCount = 0; sr->setAsyncCallback([&queriesCount](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - - cerr<<"asyncresolve called to ask "< ret; @@ -355,7 +359,8 @@ BOOST_AUTO_TEST_CASE(test_special_types) { BOOST_CHECK_EQUAL(queriesCount, 0U); } -BOOST_AUTO_TEST_CASE(test_special_names) { +BOOST_AUTO_TEST_CASE(test_special_names) +{ std::unique_ptr sr; initSR(sr); @@ -366,10 +371,9 @@ BOOST_AUTO_TEST_CASE(test_special_names) { size_t queriesCount = 0; sr->setAsyncCallback([&queriesCount](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - - queriesCount++; - return 0; - }); + queriesCount++; + return 0; + }); vector ret; int res = sr->beginResolve(DNSName("1.0.0.127.in-addr.arpa."), QType(QType::PTR), QClass::IN, ret); @@ -479,7 +483,8 @@ BOOST_AUTO_TEST_CASE(test_special_names) { BOOST_CHECK_EQUAL(queriesCount, 0U); } -BOOST_AUTO_TEST_CASE(test_nameserver_ipv4_rpz) { +BOOST_AUTO_TEST_CASE(test_nameserver_ipv4_rpz) +{ std::unique_ptr sr; initSR(sr); @@ -488,21 +493,21 @@ BOOST_AUTO_TEST_CASE(test_nameserver_ipv4_rpz) { const DNSName target("rpz.powerdns.com."); const ComboAddress ns("192.0.2.1:53"); - sr->setAsyncCallback([target,ns](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - - if (isRootServer(ip)) { - setLWResult(res, false, true, false, true); - addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800); - addRecordToLW(res, "a.gtld-servers.net.", QType::A, ns.toString(), DNSResourceRecord::ADDITIONAL, 3600); - return 1; - } else if (ip == ns) { + sr->setAsyncCallback([target, ns](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + if (isRootServer(ip)) { + setLWResult(res, false, true, false, true); + addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800); + addRecordToLW(res, "a.gtld-servers.net.", QType::A, ns.toString(), DNSResourceRecord::ADDITIONAL, 3600); + return 1; + } + else if (ip == ns) { - setLWResult(res, 0, true, false, true); - addRecordToLW(res, domain, QType::A, "192.0.2.42"); - return 1; - } + setLWResult(res, 0, true, false, true); + addRecordToLW(res, domain, QType::A, "192.0.2.42"); + return 1; + } - return 0; + return 0; }); DNSFilterEngine::Policy pol; @@ -521,7 +526,8 @@ BOOST_AUTO_TEST_CASE(test_nameserver_ipv4_rpz) { BOOST_CHECK_EQUAL(ret.size(), 0U); } -BOOST_AUTO_TEST_CASE(test_nameserver_ipv6_rpz) { +BOOST_AUTO_TEST_CASE(test_nameserver_ipv6_rpz) +{ std::unique_ptr sr; initSR(sr); @@ -530,21 +536,21 @@ BOOST_AUTO_TEST_CASE(test_nameserver_ipv6_rpz) { const DNSName target("rpz.powerdns.com."); const ComboAddress ns("[2001:DB8::42]:53"); - sr->setAsyncCallback([target,ns](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - - if (isRootServer(ip)) { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800); - addRecordToLW(res, "a.gtld-servers.net.", QType::AAAA, ns.toString(), DNSResourceRecord::ADDITIONAL, 3600); - return 1; - } else if (ip == ns) { + sr->setAsyncCallback([target, ns](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + if (isRootServer(ip)) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800); + addRecordToLW(res, "a.gtld-servers.net.", QType::AAAA, ns.toString(), DNSResourceRecord::ADDITIONAL, 3600); + return 1; + } + else if (ip == ns) { - setLWResult(res, 0, true, false, true); - addRecordToLW(res, domain, QType::A, "192.0.2.42"); - return 1; - } + setLWResult(res, 0, true, false, true); + addRecordToLW(res, domain, QType::A, "192.0.2.42"); + return 1; + } - return 0; + return 0; }); DNSFilterEngine::Policy pol; @@ -563,7 +569,8 @@ BOOST_AUTO_TEST_CASE(test_nameserver_ipv6_rpz) { BOOST_CHECK_EQUAL(ret.size(), 0U); } -BOOST_AUTO_TEST_CASE(test_nameserver_name_rpz) { +BOOST_AUTO_TEST_CASE(test_nameserver_name_rpz) +{ std::unique_ptr sr; initSR(sr); @@ -573,21 +580,21 @@ BOOST_AUTO_TEST_CASE(test_nameserver_name_rpz) { const ComboAddress ns("192.0.2.1:53"); const DNSName nsName("ns1.powerdns.com."); - sr->setAsyncCallback([target,ns,nsName](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - - if (isRootServer(ip)) { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, domain, QType::NS, nsName.toString(), DNSResourceRecord::AUTHORITY, 172800); - addRecordToLW(res, nsName, QType::A, ns.toString(), DNSResourceRecord::ADDITIONAL, 3600); - return 1; - } else if (ip == ns) { + sr->setAsyncCallback([target, ns, nsName](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + if (isRootServer(ip)) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, domain, QType::NS, nsName.toString(), DNSResourceRecord::AUTHORITY, 172800); + addRecordToLW(res, nsName, QType::A, ns.toString(), DNSResourceRecord::ADDITIONAL, 3600); + return 1; + } + else if (ip == ns) { - setLWResult(res, 0, true, false, true); - addRecordToLW(res, domain, QType::A, "192.0.2.42"); - return 1; - } + setLWResult(res, 0, true, false, true); + addRecordToLW(res, domain, QType::A, "192.0.2.42"); + return 1; + } - return 0; + return 0; }); DNSFilterEngine::Policy pol; @@ -606,7 +613,8 @@ BOOST_AUTO_TEST_CASE(test_nameserver_name_rpz) { BOOST_CHECK_EQUAL(ret.size(), 0U); } -BOOST_AUTO_TEST_CASE(test_nameserver_name_rpz_disabled) { +BOOST_AUTO_TEST_CASE(test_nameserver_name_rpz_disabled) +{ std::unique_ptr sr; initSR(sr); @@ -616,21 +624,21 @@ BOOST_AUTO_TEST_CASE(test_nameserver_name_rpz_disabled) { const ComboAddress ns("192.0.2.1:53"); const DNSName nsName("ns1.powerdns.com."); - sr->setAsyncCallback([target,ns,nsName](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - - if (isRootServer(ip)) { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, domain, QType::NS, nsName.toString(), DNSResourceRecord::AUTHORITY, 172800); - addRecordToLW(res, nsName, QType::A, ns.toString(), DNSResourceRecord::ADDITIONAL, 3600); - return 1; - } else if (ip == ns) { + sr->setAsyncCallback([target, ns, nsName](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + if (isRootServer(ip)) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, domain, QType::NS, nsName.toString(), DNSResourceRecord::AUTHORITY, 172800); + addRecordToLW(res, nsName, QType::A, ns.toString(), DNSResourceRecord::ADDITIONAL, 3600); + return 1; + } + else if (ip == ns) { - setLWResult(res, 0, true, false, true); - addRecordToLW(res, domain, QType::A, "192.0.2.42"); - return 1; - } + setLWResult(res, 0, true, false, true); + addRecordToLW(res, domain, QType::A, "192.0.2.42"); + return 1; + } - return 0; + return 0; }); DNSFilterEngine::Policy pol; @@ -653,7 +661,8 @@ BOOST_AUTO_TEST_CASE(test_nameserver_name_rpz_disabled) { BOOST_CHECK_EQUAL(ret.size(), 1U); } -BOOST_AUTO_TEST_CASE(test_forward_zone_nord) { +BOOST_AUTO_TEST_CASE(test_forward_zone_nord) +{ std::unique_ptr sr; initSR(sr); @@ -669,16 +678,15 @@ BOOST_AUTO_TEST_CASE(test_forward_zone_nord) { (*SyncRes::t_sstorage.domainmap)[target] = ad; sr->setAsyncCallback([forwardedNS](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + if (ip == forwardedNS) { + BOOST_CHECK_EQUAL(sendRDQuery, false); - if (ip == forwardedNS) { - BOOST_CHECK_EQUAL(sendRDQuery, false); - - setLWResult(res, 0, true, false, true); - addRecordToLW(res, domain, QType::A, "192.0.2.42"); - return 1; - } + setLWResult(res, 0, true, false, true); + addRecordToLW(res, domain, QType::A, "192.0.2.42"); + return 1; + } - return 0; + return 0; }); /* simulate a no-RD query */ @@ -690,7 +698,8 @@ BOOST_AUTO_TEST_CASE(test_forward_zone_nord) { BOOST_CHECK_EQUAL(ret.size(), 1U); } -BOOST_AUTO_TEST_CASE(test_forward_zone_rd) { +BOOST_AUTO_TEST_CASE(test_forward_zone_rd) +{ std::unique_ptr sr; initSR(sr); @@ -707,19 +716,18 @@ BOOST_AUTO_TEST_CASE(test_forward_zone_rd) { (*SyncRes::t_sstorage.domainmap)[target] = ad; sr->setAsyncCallback([forwardedNS, &queriesCount](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queriesCount++; - queriesCount++; - - if (ip == forwardedNS) { - BOOST_CHECK_EQUAL(sendRDQuery, true); + if (ip == forwardedNS) { + BOOST_CHECK_EQUAL(sendRDQuery, true); - /* set AA=0, we are a recursor */ - setLWResult(res, 0, false, false, true); - addRecordToLW(res, domain, QType::A, "192.0.2.42"); - return 1; - } + /* set AA=0, we are a recursor */ + setLWResult(res, 0, false, false, true); + addRecordToLW(res, domain, QType::A, "192.0.2.42"); + return 1; + } - return 0; + return 0; }); vector ret; @@ -740,7 +748,8 @@ BOOST_AUTO_TEST_CASE(test_forward_zone_rd) { BOOST_CHECK_EQUAL(queriesCount, 1U); } -BOOST_AUTO_TEST_CASE(test_forward_zone_recurse_nord) { +BOOST_AUTO_TEST_CASE(test_forward_zone_recurse_nord) +{ std::unique_ptr sr; initSR(sr); @@ -756,16 +765,15 @@ BOOST_AUTO_TEST_CASE(test_forward_zone_recurse_nord) { (*SyncRes::t_sstorage.domainmap)[target] = ad; sr->setAsyncCallback([forwardedNS](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + if (ip == forwardedNS) { + BOOST_CHECK_EQUAL(sendRDQuery, false); - if (ip == forwardedNS) { - BOOST_CHECK_EQUAL(sendRDQuery, false); - - setLWResult(res, 0, true, false, true); - addRecordToLW(res, domain, QType::A, "192.0.2.42"); - return 1; - } + setLWResult(res, 0, true, false, true); + addRecordToLW(res, domain, QType::A, "192.0.2.42"); + return 1; + } - return 0; + return 0; }); /* simulate a no-RD query */ @@ -777,7 +785,8 @@ BOOST_AUTO_TEST_CASE(test_forward_zone_recurse_nord) { BOOST_CHECK_EQUAL(ret.size(), 1U); } -BOOST_AUTO_TEST_CASE(test_forward_zone_recurse_rd) { +BOOST_AUTO_TEST_CASE(test_forward_zone_recurse_rd) +{ std::unique_ptr sr; initSR(sr); @@ -793,16 +802,15 @@ BOOST_AUTO_TEST_CASE(test_forward_zone_recurse_rd) { (*SyncRes::t_sstorage.domainmap)[target] = ad; sr->setAsyncCallback([forwardedNS](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + if (ip == forwardedNS) { + BOOST_CHECK_EQUAL(sendRDQuery, true); - if (ip == forwardedNS) { - BOOST_CHECK_EQUAL(sendRDQuery, true); - - setLWResult(res, 0, true, false, true); - addRecordToLW(res, domain, QType::A, "192.0.2.42"); - return 1; - } + setLWResult(res, 0, true, false, true); + addRecordToLW(res, domain, QType::A, "192.0.2.42"); + return 1; + } - return 0; + return 0; }); vector ret; @@ -811,7 +819,8 @@ BOOST_AUTO_TEST_CASE(test_forward_zone_recurse_rd) { BOOST_CHECK_EQUAL(ret.size(), 1U); } -BOOST_AUTO_TEST_CASE(test_forward_zone_recurse_rd_dnssec) { +BOOST_AUTO_TEST_CASE(test_forward_zone_recurse_rd_dnssec) +{ std::unique_ptr sr; initSR(sr, true); @@ -838,29 +847,29 @@ BOOST_AUTO_TEST_CASE(test_forward_zone_recurse_rd_dnssec) { ad.d_servers.push_back(forwardedNS); (*SyncRes::t_sstorage.domainmap)[g_rootdnsname] = ad; - sr->setAsyncCallback([target,cnameTarget,keys,forwardedNS,&queriesCount](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - queriesCount++; + sr->setAsyncCallback([target, cnameTarget, keys, forwardedNS, &queriesCount](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queriesCount++; - BOOST_CHECK_EQUAL(sendRDQuery, true); + BOOST_CHECK_EQUAL(sendRDQuery, true); - if (ip != forwardedNS) { - return 0; - } + if (ip != forwardedNS) { + return 0; + } - if (type == QType::DS || type == QType::DNSKEY) { - return genericDSAndDNSKEYHandler(res, domain, DNSName("."), type, keys); - } + if (type == QType::DS || type == QType::DNSKEY) { + return genericDSAndDNSKEYHandler(res, domain, DNSName("."), type, keys); + } - if (domain == target && type == QType::A) { + if (domain == target && type == QType::A) { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, target, QType::CNAME, cnameTarget.toString()); - addRRSIG(keys, res->d_records, domain, 300); - addRecordToLW(res, cnameTarget, QType::A, "192.0.2.1"); + setLWResult(res, 0, false, false, true); + addRecordToLW(res, target, QType::CNAME, cnameTarget.toString()); + addRRSIG(keys, res->d_records, domain, 300); + addRecordToLW(res, cnameTarget, QType::A, "192.0.2.1"); - return 1; - } - return 0; + return 1; + } + return 0; }); vector ret; @@ -879,7 +888,8 @@ BOOST_AUTO_TEST_CASE(test_forward_zone_recurse_rd_dnssec) { BOOST_CHECK_EQUAL(queriesCount, 5U); } -BOOST_AUTO_TEST_CASE(test_forward_zone_recurse_rd_dnssec_bogus) { +BOOST_AUTO_TEST_CASE(test_forward_zone_recurse_rd_dnssec_bogus) +{ std::unique_ptr sr; initSR(sr, true); @@ -907,30 +917,30 @@ BOOST_AUTO_TEST_CASE(test_forward_zone_recurse_rd_dnssec_bogus) { ad.d_servers.push_back(forwardedNS); (*SyncRes::t_sstorage.domainmap)[g_rootdnsname] = ad; - sr->setAsyncCallback([target,cnameTarget,keys,forwardedNS,&queriesCount](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - queriesCount++; + sr->setAsyncCallback([target, cnameTarget, keys, forwardedNS, &queriesCount](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queriesCount++; - BOOST_CHECK_EQUAL(sendRDQuery, true); + BOOST_CHECK_EQUAL(sendRDQuery, true); - if (ip != forwardedNS) { - return 0; - } + if (ip != forwardedNS) { + return 0; + } - if (type == QType::DS || type == QType::DNSKEY) { - return genericDSAndDNSKEYHandler(res, domain, DNSName("."), type, keys); - } + if (type == QType::DS || type == QType::DNSKEY) { + return genericDSAndDNSKEYHandler(res, domain, DNSName("."), type, keys); + } - if (domain == target && type == QType::A) { + if (domain == target && type == QType::A) { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, target, QType::CNAME, cnameTarget.toString()); - addRRSIG(keys, res->d_records, domain, 300); - addRecordToLW(res, cnameTarget, QType::A, "192.0.2.1"); - /* no RRSIG in a signed zone, Bogus ! */ + setLWResult(res, 0, false, false, true); + addRecordToLW(res, target, QType::CNAME, cnameTarget.toString()); + addRRSIG(keys, res->d_records, domain, 300); + addRecordToLW(res, cnameTarget, QType::A, "192.0.2.1"); + /* no RRSIG in a signed zone, Bogus ! */ - return 1; - } - return 0; + return 1; + } + return 0; }); vector ret; @@ -949,7 +959,8 @@ BOOST_AUTO_TEST_CASE(test_forward_zone_recurse_rd_dnssec_bogus) { BOOST_CHECK_EQUAL(queriesCount, 5U); } -BOOST_AUTO_TEST_CASE(test_forward_zone_recurse_rd_dnssec_nodata_bogus) { +BOOST_AUTO_TEST_CASE(test_forward_zone_recurse_rd_dnssec_nodata_bogus) +{ std::unique_ptr sr; initSR(sr, true); @@ -974,26 +985,26 @@ BOOST_AUTO_TEST_CASE(test_forward_zone_recurse_rd_dnssec_nodata_bogus) { size_t queriesCount = 0; - sr->setAsyncCallback([target,forwardedNS,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - queriesCount++; + sr->setAsyncCallback([target, forwardedNS, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queriesCount++; - BOOST_CHECK_EQUAL(sendRDQuery, true); + BOOST_CHECK_EQUAL(sendRDQuery, true); - if (ip != forwardedNS) { - return 0; - } + if (ip != forwardedNS) { + return 0; + } - if (type == QType::DS || type == QType::DNSKEY) { - return genericDSAndDNSKEYHandler(res, domain, domain, type, keys); - } - else { + if (type == QType::DS || type == QType::DNSKEY) { + return genericDSAndDNSKEYHandler(res, domain, domain, type, keys); + } + else { - setLWResult(res, 0, false, false, true); - return 1; - } + setLWResult(res, 0, false, false, true); + return 1; + } - return 0; - }); + return 0; + }); vector ret; int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret); @@ -1013,7 +1024,8 @@ BOOST_AUTO_TEST_CASE(test_forward_zone_recurse_rd_dnssec_nodata_bogus) { BOOST_CHECK_EQUAL(queriesCount, 4U); } -BOOST_AUTO_TEST_CASE(test_auth_zone_oob) { +BOOST_AUTO_TEST_CASE(test_auth_zone_oob) +{ std::unique_ptr sr; initSR(sr, true); @@ -1037,9 +1049,9 @@ BOOST_AUTO_TEST_CASE(test_auth_zone_oob) { (*SyncRes::t_sstorage.domainmap)[authZone] = ad; sr->setAsyncCallback([&queriesCount](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - queriesCount++; - return 0; - }); + queriesCount++; + return 0; + }); vector ret; int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret); @@ -1072,7 +1084,8 @@ BOOST_AUTO_TEST_CASE(test_auth_zone_oob) { BOOST_CHECK_EQUAL(sr->getValidationState(), Indeterminate); } -BOOST_AUTO_TEST_CASE(test_auth_zone_oob_cname) { +BOOST_AUTO_TEST_CASE(test_auth_zone_oob_cname) +{ std::unique_ptr sr; initSR(sr, true); @@ -1104,9 +1117,9 @@ BOOST_AUTO_TEST_CASE(test_auth_zone_oob_cname) { (*SyncRes::t_sstorage.domainmap)[authZone] = ad; sr->setAsyncCallback([&queriesCount](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - queriesCount++; - return 0; - }); + queriesCount++; + return 0; + }); vector ret; int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret); @@ -1142,7 +1155,8 @@ BOOST_AUTO_TEST_CASE(test_auth_zone_oob_cname) { BOOST_CHECK_EQUAL(sr->getValidationState(), Indeterminate); } -BOOST_AUTO_TEST_CASE(test_auth_zone) { +BOOST_AUTO_TEST_CASE(test_auth_zone) +{ std::unique_ptr sr; initSR(sr); @@ -1174,11 +1188,10 @@ BOOST_AUTO_TEST_CASE(test_auth_zone) { SyncRes::setDomainMap(map); sr->setAsyncCallback([&queriesCount](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - - queriesCount++; - setLWResult(res, 0, true, false, true); - addRecordToLW(res, domain, QType::A, "192.0.2.42"); - return 1; + queriesCount++; + setLWResult(res, 0, true, false, true); + addRecordToLW(res, domain, QType::A, "192.0.2.42"); + return 1; }); vector ret; @@ -1190,7 +1203,8 @@ BOOST_AUTO_TEST_CASE(test_auth_zone) { BOOST_CHECK_EQUAL(queriesCount, 0U); } -BOOST_AUTO_TEST_CASE(test_auth_zone_cname_lead_to_oob) { +BOOST_AUTO_TEST_CASE(test_auth_zone_cname_lead_to_oob) +{ std::unique_ptr sr; initSR(sr); @@ -1222,17 +1236,16 @@ BOOST_AUTO_TEST_CASE(test_auth_zone_cname_lead_to_oob) { (*map)[authZone] = ad; SyncRes::setDomainMap(map); - sr->setAsyncCallback([&queriesCount,target,authZone](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + sr->setAsyncCallback([&queriesCount, target, authZone](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queriesCount++; - queriesCount++; - - if (domain == target) { - setLWResult(res, 0, true, false, true); - addRecordToLW(res, target, QType::CNAME, authZone.toString(), DNSResourceRecord::ANSWER, 3600); - return 1; - } + if (domain == target) { + setLWResult(res, 0, true, false, true); + addRecordToLW(res, target, QType::CNAME, authZone.toString(), DNSResourceRecord::ANSWER, 3600); + return 1; + } - return 0; + return 0; }); vector ret; @@ -1246,7 +1259,8 @@ BOOST_AUTO_TEST_CASE(test_auth_zone_cname_lead_to_oob) { BOOST_CHECK_EQUAL(queriesCount, 1U); } -BOOST_AUTO_TEST_CASE(test_auth_zone_oob_lead_to_outgoing_queryb) { +BOOST_AUTO_TEST_CASE(test_auth_zone_oob_lead_to_outgoing_queryb) +{ std::unique_ptr sr; initSR(sr); @@ -1278,17 +1292,16 @@ BOOST_AUTO_TEST_CASE(test_auth_zone_oob_lead_to_outgoing_queryb) { (*map)[target] = ad; SyncRes::setDomainMap(map); - sr->setAsyncCallback([&queriesCount,externalCNAME,addr](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + sr->setAsyncCallback([&queriesCount, externalCNAME, addr](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queriesCount++; - queriesCount++; - - if (domain == externalCNAME) { - setLWResult(res, 0, true, false, true); - addRecordToLW(res, externalCNAME, QType::A, addr.toString(), DNSResourceRecord::ANSWER, 3600); - return 1; - } + if (domain == externalCNAME) { + setLWResult(res, 0, true, false, true); + addRecordToLW(res, externalCNAME, QType::A, addr.toString(), DNSResourceRecord::ANSWER, 3600); + return 1; + } - return 0; + return 0; }); vector ret; diff --git a/pdns/recursordist/test-syncres_cc4.cc b/pdns/recursordist/test-syncres_cc4.cc index 441212023d..cee166ace7 100644 --- a/pdns/recursordist/test-syncres_cc4.cc +++ b/pdns/recursordist/test-syncres_cc4.cc @@ -5,7 +5,8 @@ BOOST_AUTO_TEST_SUITE(syncres_cc4) -BOOST_AUTO_TEST_CASE(test_auth_zone_nodata) { +BOOST_AUTO_TEST_CASE(test_auth_zone_nodata) +{ std::unique_ptr sr; initSR(sr); @@ -37,10 +38,9 @@ BOOST_AUTO_TEST_CASE(test_auth_zone_nodata) { SyncRes::setDomainMap(map); sr->setAsyncCallback([&queriesCount](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queriesCount++; - queriesCount++; - - return 0; + return 0; }); vector ret; @@ -51,7 +51,8 @@ BOOST_AUTO_TEST_CASE(test_auth_zone_nodata) { BOOST_CHECK_EQUAL(queriesCount, 0U); } -BOOST_AUTO_TEST_CASE(test_auth_zone_nx) { +BOOST_AUTO_TEST_CASE(test_auth_zone_nx) +{ std::unique_ptr sr; initSR(sr); @@ -76,10 +77,9 @@ BOOST_AUTO_TEST_CASE(test_auth_zone_nx) { SyncRes::setDomainMap(map); sr->setAsyncCallback([&queriesCount](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queriesCount++; - queriesCount++; - - return 0; + return 0; }); vector ret; @@ -90,7 +90,8 @@ BOOST_AUTO_TEST_CASE(test_auth_zone_nx) { BOOST_CHECK_EQUAL(queriesCount, 0U); } -BOOST_AUTO_TEST_CASE(test_auth_zone_delegation) { +BOOST_AUTO_TEST_CASE(test_auth_zone_delegation) +{ std::unique_ptr sr; initSR(sr, true, false); @@ -142,20 +143,19 @@ BOOST_AUTO_TEST_CASE(test_auth_zone_delegation) { takes too long. */ const time_t fixedNow = sr->getNow().tv_sec; - sr->setAsyncCallback([&queriesCount,target,targetAddr,nsAddr,authZone,keys,fixedNow](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - - queriesCount++; - if (type == QType::DS || type == QType::DNSKEY) { - return genericDSAndDNSKEYHandler(res, domain, DNSName("."), type, keys, domain == authZone, fixedNow); - } + sr->setAsyncCallback([&queriesCount, target, targetAddr, nsAddr, authZone, keys, fixedNow](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queriesCount++; + if (type == QType::DS || type == QType::DNSKEY) { + return genericDSAndDNSKEYHandler(res, domain, DNSName("."), type, keys, domain == authZone, fixedNow); + } - if (ip == ComboAddress(nsAddr.toString(), 53) && domain == target) { - setLWResult(res, 0, true, false, true); - addRecordToLW(res, domain, QType::A, targetAddr.toString(), DNSResourceRecord::ANSWER, 3600); - return 1; - } + if (ip == ComboAddress(nsAddr.toString(), 53) && domain == target) { + setLWResult(res, 0, true, false, true); + addRecordToLW(res, domain, QType::A, targetAddr.toString(), DNSResourceRecord::ANSWER, 3600); + return 1; + } - return 0; + return 0; }); sr->setDNSSECValidationRequested(true); @@ -168,7 +168,8 @@ BOOST_AUTO_TEST_CASE(test_auth_zone_delegation) { BOOST_CHECK_EQUAL(sr->getValidationState(), Indeterminate); } -BOOST_AUTO_TEST_CASE(test_auth_zone_delegation_point) { +BOOST_AUTO_TEST_CASE(test_auth_zone_delegation_point) +{ std::unique_ptr sr; initSR(sr); @@ -209,17 +210,16 @@ BOOST_AUTO_TEST_CASE(test_auth_zone_delegation_point) { (*map)[authZone] = ad; SyncRes::setDomainMap(map); - sr->setAsyncCallback([&queriesCount,nsAddr,target,targetAddr](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + sr->setAsyncCallback([&queriesCount, nsAddr, target, targetAddr](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queriesCount++; - queriesCount++; - - if (ip == ComboAddress(nsAddr.toString(), 53) && domain == target) { - setLWResult(res, 0, true, false, true); - addRecordToLW(res, domain, QType::A, targetAddr.toString(), DNSResourceRecord::ANSWER, 3600); - return 1; - } + if (ip == ComboAddress(nsAddr.toString(), 53) && domain == target) { + setLWResult(res, 0, true, false, true); + addRecordToLW(res, domain, QType::A, targetAddr.toString(), DNSResourceRecord::ANSWER, 3600); + return 1; + } - return 0; + return 0; }); vector ret; @@ -230,7 +230,8 @@ BOOST_AUTO_TEST_CASE(test_auth_zone_delegation_point) { BOOST_CHECK_EQUAL(queriesCount, 1U); } -BOOST_AUTO_TEST_CASE(test_auth_zone_wildcard) { +BOOST_AUTO_TEST_CASE(test_auth_zone_wildcard) +{ std::unique_ptr sr; initSR(sr); @@ -263,10 +264,9 @@ BOOST_AUTO_TEST_CASE(test_auth_zone_wildcard) { SyncRes::setDomainMap(map); sr->setAsyncCallback([&queriesCount](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queriesCount++; - queriesCount++; - - return 0; + return 0; }); vector ret; @@ -277,7 +277,8 @@ BOOST_AUTO_TEST_CASE(test_auth_zone_wildcard) { BOOST_CHECK_EQUAL(queriesCount, 0U); } -BOOST_AUTO_TEST_CASE(test_auth_zone_wildcard_with_ent) { +BOOST_AUTO_TEST_CASE(test_auth_zone_wildcard_with_ent) +{ std::unique_ptr sr; initSR(sr); @@ -318,24 +319,24 @@ BOOST_AUTO_TEST_CASE(test_auth_zone_wildcard_with_ent) { SyncRes::setDomainMap(map); sr->setAsyncCallback([&queriesCount](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queriesCount++; - queriesCount++; - - return 0; + return 0; }); vector ret; int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret); BOOST_CHECK_EQUAL(res, RCode::NoError); BOOST_REQUIRE_EQUAL(ret.size(), 1U); - + // WARN below should be changed to CHECK once the issue is fixed. const string m("Please fix issue #8312"); BOOST_WARN_MESSAGE(ret[0].d_type == QType::SOA, m); BOOST_CHECK_EQUAL(queriesCount, 0U); } -BOOST_AUTO_TEST_CASE(test_auth_zone_wildcard_nodata) { +BOOST_AUTO_TEST_CASE(test_auth_zone_wildcard_nodata) +{ std::unique_ptr sr; initSR(sr); @@ -368,10 +369,9 @@ BOOST_AUTO_TEST_CASE(test_auth_zone_wildcard_nodata) { SyncRes::setDomainMap(map); sr->setAsyncCallback([&queriesCount](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queriesCount++; - queriesCount++; - - return 0; + return 0; }); vector ret; @@ -382,7 +382,8 @@ BOOST_AUTO_TEST_CASE(test_auth_zone_wildcard_nodata) { BOOST_CHECK_EQUAL(queriesCount, 0U); } -BOOST_AUTO_TEST_CASE(test_auth_zone_cache_only) { +BOOST_AUTO_TEST_CASE(test_auth_zone_cache_only) +{ std::unique_ptr sr; initSR(sr); @@ -414,11 +415,10 @@ BOOST_AUTO_TEST_CASE(test_auth_zone_cache_only) { SyncRes::setDomainMap(map); sr->setAsyncCallback([&queriesCount](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - - queriesCount++; - setLWResult(res, 0, true, false, true); - addRecordToLW(res, domain, QType::A, "192.0.2.42"); - return 1; + queriesCount++; + setLWResult(res, 0, true, false, true); + addRecordToLW(res, domain, QType::A, "192.0.2.42"); + return 1; }); /* simulate a no-RD query */ @@ -433,7 +433,8 @@ BOOST_AUTO_TEST_CASE(test_auth_zone_cache_only) { BOOST_CHECK_EQUAL(queriesCount, 0U); } -BOOST_AUTO_TEST_CASE(test_dnssec_rrsig) { +BOOST_AUTO_TEST_CASE(test_dnssec_rrsig) +{ initSR(); auto dcke = std::shared_ptr(DNSCryptoKeyEngine::make(DNSSECKeeper::ECDSA256)); @@ -443,7 +444,7 @@ BOOST_AUTO_TEST_CASE(test_dnssec_rrsig) { dpk.d_flags = 256; dpk.setKey(dcke); - std::vector > recordcontents; + std::vector> recordcontents; recordcontents.push_back(getRecordContent(QType::A, "192.0.2.1")); DNSName qname("powerdns.com."); @@ -456,13 +457,14 @@ BOOST_AUTO_TEST_CASE(test_dnssec_rrsig) { skeyset_t keyset; keyset.insert(std::make_shared(dpk.getDNSKEY())); - std::vector > sigs; + std::vector> sigs; sigs.push_back(std::make_shared(rrc)); BOOST_CHECK(validateWithKeySet(now, qname, recordcontents, sigs, keyset)); } -BOOST_AUTO_TEST_CASE(test_dnssec_root_validation_csk) { +BOOST_AUTO_TEST_CASE(test_dnssec_root_validation_csk) +{ std::unique_ptr sr; initSR(sr, true); @@ -479,36 +481,37 @@ BOOST_AUTO_TEST_CASE(test_dnssec_root_validation_csk) { size_t queriesCount = 0; - sr->setAsyncCallback([target,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - queriesCount++; + sr->setAsyncCallback([target, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queriesCount++; - if (domain == target && type == QType::NS) { + if (domain == target && type == QType::NS) { - setLWResult(res, 0, true, false, true); - char addr[] = "a.root-servers.net."; - for (char idx = 'a'; idx <= 'm'; idx++) { - addr[0] = idx; - addRecordToLW(res, domain, QType::NS, std::string(addr), DNSResourceRecord::ANSWER, 3600); - } + setLWResult(res, 0, true, false, true); + char addr[] = "a.root-servers.net."; + for (char idx = 'a'; idx <= 'm'; idx++) { + addr[0] = idx; + addRecordToLW(res, domain, QType::NS, std::string(addr), DNSResourceRecord::ANSWER, 3600); + } - addRRSIG(keys, res->d_records, domain, 300); + addRRSIG(keys, res->d_records, domain, 300); - addRecordToLW(res, "a.root-servers.net.", QType::A, "198.41.0.4", DNSResourceRecord::ADDITIONAL, 3600); - addRecordToLW(res, "a.root-servers.net.", QType::AAAA, "2001:503:ba3e::2:30", DNSResourceRecord::ADDITIONAL, 3600); + addRecordToLW(res, "a.root-servers.net.", QType::A, "198.41.0.4", DNSResourceRecord::ADDITIONAL, 3600); + addRecordToLW(res, "a.root-servers.net.", QType::AAAA, "2001:503:ba3e::2:30", DNSResourceRecord::ADDITIONAL, 3600); - return 1; - } else if (domain == target && type == QType::DNSKEY) { + return 1; + } + else if (domain == target && type == QType::DNSKEY) { - setLWResult(res, 0, true, false, true); + setLWResult(res, 0, true, false, true); - addDNSKEY(keys, domain, 300, res->d_records); - addRRSIG(keys, res->d_records, domain, 300); + addDNSKEY(keys, domain, 300, res->d_records); + addRRSIG(keys, res->d_records, domain, 300); - return 1; - } + return 1; + } - return 0; - }); + return 0; + }); vector ret; int res = sr->beginResolve(target, QType(QType::NS), QClass::IN, ret); @@ -527,7 +530,8 @@ BOOST_AUTO_TEST_CASE(test_dnssec_root_validation_csk) { BOOST_CHECK_EQUAL(queriesCount, 2U); } -BOOST_AUTO_TEST_CASE(test_dnssec_root_validation_ksk_zsk) { +BOOST_AUTO_TEST_CASE(test_dnssec_root_validation_ksk_zsk) +{ std::unique_ptr sr; initSR(sr, true); @@ -553,8 +557,8 @@ BOOST_AUTO_TEST_CASE(test_dnssec_root_validation_ksk_zsk) { zsk.setKey(dckeK); DSRecordContent zskds = makeDSFromDNSKey(target, zsk.getDNSKEY(), DNSSECKeeper::DIGEST_SHA256); - kskeys[target] = std::pair(ksk, kskds); - zskeys[target] = std::pair(zsk, zskds); + kskeys[target] = std::pair(ksk, kskds); + zskeys[target] = std::pair(zsk, zskds); /* Set the root DS */ auto luaconfsCopy = g_luaconfs.getCopy(); @@ -564,37 +568,38 @@ BOOST_AUTO_TEST_CASE(test_dnssec_root_validation_ksk_zsk) { size_t queriesCount = 0; - sr->setAsyncCallback([target,&queriesCount,zskeys,kskeys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - queriesCount++; + sr->setAsyncCallback([target, &queriesCount, zskeys, kskeys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queriesCount++; - if (domain == target && type == QType::NS) { + if (domain == target && type == QType::NS) { - setLWResult(res, 0, true, false, true); - char addr[] = "a.root-servers.net."; - for (char idx = 'a'; idx <= 'm'; idx++) { - addr[0] = idx; - addRecordToLW(res, domain, QType::NS, std::string(addr), DNSResourceRecord::ANSWER, 3600); - } + setLWResult(res, 0, true, false, true); + char addr[] = "a.root-servers.net."; + for (char idx = 'a'; idx <= 'm'; idx++) { + addr[0] = idx; + addRecordToLW(res, domain, QType::NS, std::string(addr), DNSResourceRecord::ANSWER, 3600); + } - addRRSIG(zskeys, res->d_records, domain, 300); + addRRSIG(zskeys, res->d_records, domain, 300); - addRecordToLW(res, "a.root-servers.net.", QType::A, "198.41.0.4", DNSResourceRecord::ADDITIONAL, 3600); - addRecordToLW(res, "a.root-servers.net.", QType::AAAA, "2001:503:ba3e::2:30", DNSResourceRecord::ADDITIONAL, 3600); + addRecordToLW(res, "a.root-servers.net.", QType::A, "198.41.0.4", DNSResourceRecord::ADDITIONAL, 3600); + addRecordToLW(res, "a.root-servers.net.", QType::AAAA, "2001:503:ba3e::2:30", DNSResourceRecord::ADDITIONAL, 3600); - return 1; - } else if (domain == target && type == QType::DNSKEY) { + return 1; + } + else if (domain == target && type == QType::DNSKEY) { - setLWResult(res, 0, true, false, true); + setLWResult(res, 0, true, false, true); - addDNSKEY(kskeys, domain, 300, res->d_records); - addDNSKEY(zskeys, domain, 300, res->d_records); - addRRSIG(kskeys, res->d_records, domain, 300); + addDNSKEY(kskeys, domain, 300, res->d_records); + addDNSKEY(zskeys, domain, 300, res->d_records); + addRRSIG(kskeys, res->d_records, domain, 300); - return 1; - } + return 1; + } - return 0; - }); + return 0; + }); vector ret; int res = sr->beginResolve(target, QType(QType::NS), QClass::IN, ret); @@ -613,7 +618,8 @@ BOOST_AUTO_TEST_CASE(test_dnssec_root_validation_ksk_zsk) { BOOST_CHECK_EQUAL(queriesCount, 2U); } -BOOST_AUTO_TEST_CASE(test_dnssec_bogus_no_dnskey) { +BOOST_AUTO_TEST_CASE(test_dnssec_bogus_no_dnskey) +{ std::unique_ptr sr; initSR(sr, true); @@ -630,35 +636,36 @@ BOOST_AUTO_TEST_CASE(test_dnssec_bogus_no_dnskey) { size_t queriesCount = 0; - sr->setAsyncCallback([target,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - queriesCount++; + sr->setAsyncCallback([target, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queriesCount++; - if (domain == target && type == QType::NS) { + if (domain == target && type == QType::NS) { - setLWResult(res, 0, true, false, true); - char addr[] = "a.root-servers.net."; - for (char idx = 'a'; idx <= 'm'; idx++) { - addr[0] = idx; - addRecordToLW(res, domain, QType::NS, std::string(addr), DNSResourceRecord::ANSWER, 3600); - } + setLWResult(res, 0, true, false, true); + char addr[] = "a.root-servers.net."; + for (char idx = 'a'; idx <= 'm'; idx++) { + addr[0] = idx; + addRecordToLW(res, domain, QType::NS, std::string(addr), DNSResourceRecord::ANSWER, 3600); + } - addRRSIG(keys, res->d_records, domain, 300); + addRRSIG(keys, res->d_records, domain, 300); - addRecordToLW(res, "a.root-servers.net.", QType::A, "198.41.0.4", DNSResourceRecord::ADDITIONAL, 3600); - addRecordToLW(res, "a.root-servers.net.", QType::AAAA, "2001:503:ba3e::2:30", DNSResourceRecord::ADDITIONAL, 3600); + addRecordToLW(res, "a.root-servers.net.", QType::A, "198.41.0.4", DNSResourceRecord::ADDITIONAL, 3600); + addRecordToLW(res, "a.root-servers.net.", QType::AAAA, "2001:503:ba3e::2:30", DNSResourceRecord::ADDITIONAL, 3600); - return 1; - } else if (domain == target && type == QType::DNSKEY) { + return 1; + } + else if (domain == target && type == QType::DNSKEY) { - setLWResult(res, 0, true, false, true); + setLWResult(res, 0, true, false, true); - /* No DNSKEY */ + /* No DNSKEY */ - return 1; - } + return 1; + } - return 0; - }); + return 0; + }); vector ret; int res = sr->beginResolve(target, QType(QType::NS), QClass::IN, ret); @@ -677,7 +684,8 @@ BOOST_AUTO_TEST_CASE(test_dnssec_bogus_no_dnskey) { BOOST_CHECK_EQUAL(queriesCount, 2U); } -BOOST_AUTO_TEST_CASE(test_dnssec_bogus_dnskey_doesnt_match_ds) { +BOOST_AUTO_TEST_CASE(test_dnssec_bogus_dnskey_doesnt_match_ds) +{ std::unique_ptr sr; initSR(sr, true); @@ -703,8 +711,8 @@ BOOST_AUTO_TEST_CASE(test_dnssec_bogus_dnskey_doesnt_match_ds) { dpk.setKey(dcke); DSRecordContent uselessdrc = makeDSFromDNSKey(target, dpk.getDNSKEY(), DNSSECKeeper::DIGEST_SHA256); - dskeys[target] = std::pair(dskey, drc); - keys[target] = std::pair(dpk, uselessdrc); + dskeys[target] = std::pair(dskey, drc); + keys[target] = std::pair(dpk, uselessdrc); /* Set the root DS */ auto luaconfsCopy = g_luaconfs.getCopy(); @@ -714,36 +722,37 @@ BOOST_AUTO_TEST_CASE(test_dnssec_bogus_dnskey_doesnt_match_ds) { size_t queriesCount = 0; - sr->setAsyncCallback([target,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - queriesCount++; + sr->setAsyncCallback([target, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queriesCount++; - if (domain == target && type == QType::NS) { + if (domain == target && type == QType::NS) { - setLWResult(res, 0, true, false, true); - char addr[] = "a.root-servers.net."; - for (char idx = 'a'; idx <= 'm'; idx++) { - addr[0] = idx; - addRecordToLW(res, domain, QType::NS, std::string(addr), DNSResourceRecord::ANSWER, 3600); - } + setLWResult(res, 0, true, false, true); + char addr[] = "a.root-servers.net."; + for (char idx = 'a'; idx <= 'm'; idx++) { + addr[0] = idx; + addRecordToLW(res, domain, QType::NS, std::string(addr), DNSResourceRecord::ANSWER, 3600); + } - addRRSIG(keys, res->d_records, domain, 300); + addRRSIG(keys, res->d_records, domain, 300); - addRecordToLW(res, "a.root-servers.net.", QType::A, "198.41.0.4", DNSResourceRecord::ADDITIONAL, 3600); - addRecordToLW(res, "a.root-servers.net.", QType::AAAA, "2001:503:ba3e::2:30", DNSResourceRecord::ADDITIONAL, 3600); + addRecordToLW(res, "a.root-servers.net.", QType::A, "198.41.0.4", DNSResourceRecord::ADDITIONAL, 3600); + addRecordToLW(res, "a.root-servers.net.", QType::AAAA, "2001:503:ba3e::2:30", DNSResourceRecord::ADDITIONAL, 3600); - return 1; - } else if (domain == target && type == QType::DNSKEY) { + return 1; + } + else if (domain == target && type == QType::DNSKEY) { - setLWResult(res, 0, true, false, true); + setLWResult(res, 0, true, false, true); - addDNSKEY(keys, domain, 300, res->d_records); - addRRSIG(keys, res->d_records, domain, 300); + addDNSKEY(keys, domain, 300, res->d_records); + addRRSIG(keys, res->d_records, domain, 300); - return 1; - } + return 1; + } - return 0; - }); + return 0; + }); vector ret; int res = sr->beginResolve(target, QType(QType::NS), QClass::IN, ret); @@ -762,7 +771,8 @@ BOOST_AUTO_TEST_CASE(test_dnssec_bogus_dnskey_doesnt_match_ds) { BOOST_CHECK_EQUAL(queriesCount, 2U); } -BOOST_AUTO_TEST_CASE(test_dnssec_bogus_rrsig_signed_with_unknown_dnskey) { +BOOST_AUTO_TEST_CASE(test_dnssec_bogus_rrsig_signed_with_unknown_dnskey) +{ std::unique_ptr sr; initSR(sr, true); @@ -785,40 +795,41 @@ BOOST_AUTO_TEST_CASE(test_dnssec_bogus_rrsig_signed_with_unknown_dnskey) { rrsigkey.setKey(dckeRRSIG); DSRecordContent rrsigds = makeDSFromDNSKey(target, rrsigkey.getDNSKEY(), DNSSECKeeper::DIGEST_SHA256); - rrsigkeys[target] = std::pair(rrsigkey, rrsigds); + rrsigkeys[target] = std::pair(rrsigkey, rrsigds); size_t queriesCount = 0; - sr->setAsyncCallback([target,&queriesCount,keys,rrsigkeys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - queriesCount++; + sr->setAsyncCallback([target, &queriesCount, keys, rrsigkeys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queriesCount++; - if (domain == target && type == QType::NS) { + if (domain == target && type == QType::NS) { - setLWResult(res, 0, true, false, true); - char addr[] = "a.root-servers.net."; - for (char idx = 'a'; idx <= 'm'; idx++) { - addr[0] = idx; - addRecordToLW(res, domain, QType::NS, std::string(addr), DNSResourceRecord::ANSWER, 3600); - } + setLWResult(res, 0, true, false, true); + char addr[] = "a.root-servers.net."; + for (char idx = 'a'; idx <= 'm'; idx++) { + addr[0] = idx; + addRecordToLW(res, domain, QType::NS, std::string(addr), DNSResourceRecord::ANSWER, 3600); + } - addRRSIG(rrsigkeys, res->d_records, domain, 300); + addRRSIG(rrsigkeys, res->d_records, domain, 300); - addRecordToLW(res, "a.root-servers.net.", QType::A, "198.41.0.4", DNSResourceRecord::ADDITIONAL, 3600); - addRecordToLW(res, "a.root-servers.net.", QType::AAAA, "2001:503:ba3e::2:30", DNSResourceRecord::ADDITIONAL, 3600); + addRecordToLW(res, "a.root-servers.net.", QType::A, "198.41.0.4", DNSResourceRecord::ADDITIONAL, 3600); + addRecordToLW(res, "a.root-servers.net.", QType::AAAA, "2001:503:ba3e::2:30", DNSResourceRecord::ADDITIONAL, 3600); - return 1; - } else if (domain == target && type == QType::DNSKEY) { + return 1; + } + else if (domain == target && type == QType::DNSKEY) { - setLWResult(res, 0, true, false, true); + setLWResult(res, 0, true, false, true); - addDNSKEY(keys, domain, 300, res->d_records); - addRRSIG(rrsigkeys, res->d_records, domain, 300); + addDNSKEY(keys, domain, 300, res->d_records); + addRRSIG(rrsigkeys, res->d_records, domain, 300); - return 1; - } + return 1; + } - return 0; - }); + return 0; + }); vector ret; int res = sr->beginResolve(target, QType(QType::NS), QClass::IN, ret); @@ -837,7 +848,8 @@ BOOST_AUTO_TEST_CASE(test_dnssec_bogus_rrsig_signed_with_unknown_dnskey) { BOOST_CHECK_EQUAL(queriesCount, 2U); } -BOOST_AUTO_TEST_CASE(test_dnssec_bogus_no_rrsig) { +BOOST_AUTO_TEST_CASE(test_dnssec_bogus_no_rrsig) +{ std::unique_ptr sr; initSR(sr, true); @@ -854,36 +866,37 @@ BOOST_AUTO_TEST_CASE(test_dnssec_bogus_no_rrsig) { size_t queriesCount = 0; - sr->setAsyncCallback([target,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - queriesCount++; + sr->setAsyncCallback([target, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queriesCount++; - if (domain == target && type == QType::NS) { + if (domain == target && type == QType::NS) { - setLWResult(res, 0, true, false, true); - char addr[] = "a.root-servers.net."; - for (char idx = 'a'; idx <= 'm'; idx++) { - addr[0] = idx; - addRecordToLW(res, domain, QType::NS, std::string(addr), DNSResourceRecord::ANSWER, 86400); - } + setLWResult(res, 0, true, false, true); + char addr[] = "a.root-servers.net."; + for (char idx = 'a'; idx <= 'm'; idx++) { + addr[0] = idx; + addRecordToLW(res, domain, QType::NS, std::string(addr), DNSResourceRecord::ANSWER, 86400); + } - /* No RRSIG */ + /* No RRSIG */ - addRecordToLW(res, "a.root-servers.net.", QType::A, "198.41.0.4", DNSResourceRecord::ADDITIONAL, 3600); - addRecordToLW(res, "a.root-servers.net.", QType::AAAA, "2001:503:ba3e::2:30", DNSResourceRecord::ADDITIONAL, 3600); + addRecordToLW(res, "a.root-servers.net.", QType::A, "198.41.0.4", DNSResourceRecord::ADDITIONAL, 3600); + addRecordToLW(res, "a.root-servers.net.", QType::AAAA, "2001:503:ba3e::2:30", DNSResourceRecord::ADDITIONAL, 3600); - return 1; - } else if (domain == target && type == QType::DNSKEY) { + return 1; + } + else if (domain == target && type == QType::DNSKEY) { - setLWResult(res, 0, true, false, true); + setLWResult(res, 0, true, false, true); - addDNSKEY(keys, domain, 300, res->d_records); - addRRSIG(keys, res->d_records, domain, 300); + addDNSKEY(keys, domain, 300, res->d_records); + addRRSIG(keys, res->d_records, domain, 300); - return 1; - } + return 1; + } - return 0; - }); + return 0; + }); SyncRes::s_maxcachettl = 86400; SyncRes::s_maxbogusttl = 3600; @@ -910,7 +923,8 @@ BOOST_AUTO_TEST_CASE(test_dnssec_bogus_no_rrsig) { BOOST_CHECK_EQUAL(queriesCount, 1U); } -BOOST_AUTO_TEST_CASE(test_dnssec_insecure_unknown_ds_algorithm) { +BOOST_AUTO_TEST_CASE(test_dnssec_insecure_unknown_ds_algorithm) +{ std::unique_ptr sr; initSR(sr, true); @@ -930,7 +944,7 @@ BOOST_AUTO_TEST_CASE(test_dnssec_insecure_unknown_ds_algorithm) { dpk.d_algorithm = 253; DSRecordContent drc = makeDSFromDNSKey(target, dpk.getDNSKEY(), DNSSECKeeper::DIGEST_SHA256); - keys[target] = std::pair(dpk, drc); + keys[target] = std::pair(dpk, drc); /* Fake algorithm number (private) */ drc.d_algorithm = 253; @@ -942,36 +956,37 @@ BOOST_AUTO_TEST_CASE(test_dnssec_insecure_unknown_ds_algorithm) { size_t queriesCount = 0; - sr->setAsyncCallback([target,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - queriesCount++; + sr->setAsyncCallback([target, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queriesCount++; - if (domain == target && type == QType::NS) { + if (domain == target && type == QType::NS) { - setLWResult(res, 0, true, false, true); - char addr[] = "a.root-servers.net."; - for (char idx = 'a'; idx <= 'm'; idx++) { - addr[0] = idx; - addRecordToLW(res, domain, QType::NS, std::string(addr), DNSResourceRecord::ANSWER, 3600); - } + setLWResult(res, 0, true, false, true); + char addr[] = "a.root-servers.net."; + for (char idx = 'a'; idx <= 'm'; idx++) { + addr[0] = idx; + addRecordToLW(res, domain, QType::NS, std::string(addr), DNSResourceRecord::ANSWER, 3600); + } - addRRSIG(keys, res->d_records, domain, 300); + addRRSIG(keys, res->d_records, domain, 300); - addRecordToLW(res, "a.root-servers.net.", QType::A, "198.41.0.4", DNSResourceRecord::ADDITIONAL, 3600); - addRecordToLW(res, "a.root-servers.net.", QType::AAAA, "2001:503:ba3e::2:30", DNSResourceRecord::ADDITIONAL, 3600); + addRecordToLW(res, "a.root-servers.net.", QType::A, "198.41.0.4", DNSResourceRecord::ADDITIONAL, 3600); + addRecordToLW(res, "a.root-servers.net.", QType::AAAA, "2001:503:ba3e::2:30", DNSResourceRecord::ADDITIONAL, 3600); - return 1; - } else if (domain == target && type == QType::DNSKEY) { + return 1; + } + else if (domain == target && type == QType::DNSKEY) { - setLWResult(res, 0, true, false, true); + setLWResult(res, 0, true, false, true); - addDNSKEY(keys, domain, 300, res->d_records); - addRRSIG(keys, res->d_records, domain, 300); + addDNSKEY(keys, domain, 300, res->d_records); + addRRSIG(keys, res->d_records, domain, 300); - return 1; - } + return 1; + } - return 0; - }); + return 0; + }); vector ret; int res = sr->beginResolve(target, QType(QType::NS), QClass::IN, ret); @@ -991,7 +1006,8 @@ BOOST_AUTO_TEST_CASE(test_dnssec_insecure_unknown_ds_algorithm) { BOOST_CHECK_EQUAL(queriesCount, 1U); } -BOOST_AUTO_TEST_CASE(test_dnssec_insecure_unknown_ds_digest) { +BOOST_AUTO_TEST_CASE(test_dnssec_insecure_unknown_ds_digest) +{ std::unique_ptr sr; initSR(sr, true); @@ -1021,36 +1037,37 @@ BOOST_AUTO_TEST_CASE(test_dnssec_insecure_unknown_ds_digest) { size_t queriesCount = 0; - sr->setAsyncCallback([target,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - queriesCount++; + sr->setAsyncCallback([target, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queriesCount++; - if (domain == target && type == QType::NS) { + if (domain == target && type == QType::NS) { - setLWResult(res, 0, true, false, true); - char addr[] = "a.root-servers.net."; - for (char idx = 'a'; idx <= 'm'; idx++) { - addr[0] = idx; - addRecordToLW(res, domain, QType::NS, std::string(addr), DNSResourceRecord::ANSWER, 3600); - } + setLWResult(res, 0, true, false, true); + char addr[] = "a.root-servers.net."; + for (char idx = 'a'; idx <= 'm'; idx++) { + addr[0] = idx; + addRecordToLW(res, domain, QType::NS, std::string(addr), DNSResourceRecord::ANSWER, 3600); + } - addRRSIG(keys, res->d_records, domain, 300); + addRRSIG(keys, res->d_records, domain, 300); - addRecordToLW(res, "a.root-servers.net.", QType::A, "198.41.0.4", DNSResourceRecord::ADDITIONAL, 3600); - addRecordToLW(res, "a.root-servers.net.", QType::AAAA, "2001:503:ba3e::2:30", DNSResourceRecord::ADDITIONAL, 3600); + addRecordToLW(res, "a.root-servers.net.", QType::A, "198.41.0.4", DNSResourceRecord::ADDITIONAL, 3600); + addRecordToLW(res, "a.root-servers.net.", QType::AAAA, "2001:503:ba3e::2:30", DNSResourceRecord::ADDITIONAL, 3600); - return 1; - } else if (domain == target && type == QType::DNSKEY) { + return 1; + } + else if (domain == target && type == QType::DNSKEY) { - setLWResult(res, 0, true, false, true); + setLWResult(res, 0, true, false, true); - addDNSKEY(keys, domain, 300, res->d_records); - addRRSIG(keys, res->d_records, domain, 300); + addDNSKEY(keys, domain, 300, res->d_records); + addRRSIG(keys, res->d_records, domain, 300); - return 1; - } + return 1; + } - return 0; - }); + return 0; + }); vector ret; int res = sr->beginResolve(target, QType(QType::NS), QClass::IN, ret); @@ -1070,7 +1087,8 @@ BOOST_AUTO_TEST_CASE(test_dnssec_insecure_unknown_ds_digest) { BOOST_CHECK_EQUAL(queriesCount, 1U); } -BOOST_AUTO_TEST_CASE(test_dnssec_bogus_bad_sig) { +BOOST_AUTO_TEST_CASE(test_dnssec_bogus_bad_sig) +{ std::unique_ptr sr; initSR(sr, true); @@ -1088,36 +1106,37 @@ BOOST_AUTO_TEST_CASE(test_dnssec_bogus_bad_sig) { size_t queriesCount = 0; - sr->setAsyncCallback([target,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - queriesCount++; + sr->setAsyncCallback([target, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queriesCount++; - if (domain == target && type == QType::NS) { + if (domain == target && type == QType::NS) { - setLWResult(res, 0, true, false, true); - char addr[] = "a.root-servers.net."; - for (char idx = 'a'; idx <= 'm'; idx++) { - addr[0] = idx; - addRecordToLW(res, domain, QType::NS, std::string(addr), DNSResourceRecord::ANSWER, 3600); - } + setLWResult(res, 0, true, false, true); + char addr[] = "a.root-servers.net."; + for (char idx = 'a'; idx <= 'm'; idx++) { + addr[0] = idx; + addRecordToLW(res, domain, QType::NS, std::string(addr), DNSResourceRecord::ANSWER, 3600); + } - addRRSIG(keys, res->d_records, domain, 300, true); + addRRSIG(keys, res->d_records, domain, 300, true); - addRecordToLW(res, "a.root-servers.net.", QType::A, "198.41.0.4", DNSResourceRecord::ADDITIONAL, 3600); - addRecordToLW(res, "a.root-servers.net.", QType::AAAA, "2001:503:ba3e::2:30", DNSResourceRecord::ADDITIONAL, 3600); + addRecordToLW(res, "a.root-servers.net.", QType::A, "198.41.0.4", DNSResourceRecord::ADDITIONAL, 3600); + addRecordToLW(res, "a.root-servers.net.", QType::AAAA, "2001:503:ba3e::2:30", DNSResourceRecord::ADDITIONAL, 3600); - return 1; - } else if (domain == target && type == QType::DNSKEY) { + return 1; + } + else if (domain == target && type == QType::DNSKEY) { - setLWResult(res, 0, true, false, true); + setLWResult(res, 0, true, false, true); - addDNSKEY(keys, domain, 300, res->d_records); - addRRSIG(keys, res->d_records, domain, 300); + addDNSKEY(keys, domain, 300, res->d_records); + addRRSIG(keys, res->d_records, domain, 300); - return 1; - } + return 1; + } - return 0; - }); + return 0; + }); vector ret; int res = sr->beginResolve(target, QType(QType::NS), QClass::IN, ret); @@ -1136,7 +1155,8 @@ BOOST_AUTO_TEST_CASE(test_dnssec_bogus_bad_sig) { BOOST_CHECK_EQUAL(queriesCount, 2U); } -BOOST_AUTO_TEST_CASE(test_dnssec_bogus_bad_algo) { +BOOST_AUTO_TEST_CASE(test_dnssec_bogus_bad_algo) +{ std::unique_ptr sr; initSR(sr, true); @@ -1154,37 +1174,38 @@ BOOST_AUTO_TEST_CASE(test_dnssec_bogus_bad_algo) { size_t queriesCount = 0; - sr->setAsyncCallback([target,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - queriesCount++; + sr->setAsyncCallback([target, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queriesCount++; - if (domain == target && type == QType::NS) { + if (domain == target && type == QType::NS) { - setLWResult(res, 0, true, false, true); - char addr[] = "a.root-servers.net."; - for (char idx = 'a'; idx <= 'm'; idx++) { - addr[0] = idx; - addRecordToLW(res, domain, QType::NS, std::string(addr), DNSResourceRecord::ANSWER, 3600); - } + setLWResult(res, 0, true, false, true); + char addr[] = "a.root-servers.net."; + for (char idx = 'a'; idx <= 'm'; idx++) { + addr[0] = idx; + addRecordToLW(res, domain, QType::NS, std::string(addr), DNSResourceRecord::ANSWER, 3600); + } - /* FORCE WRONG ALGO */ - addRRSIG(keys, res->d_records, domain, 300, false, DNSSECKeeper::RSASHA256); + /* FORCE WRONG ALGO */ + addRRSIG(keys, res->d_records, domain, 300, false, DNSSECKeeper::RSASHA256); - addRecordToLW(res, "a.root-servers.net.", QType::A, "198.41.0.4", DNSResourceRecord::ADDITIONAL, 3600); - addRecordToLW(res, "a.root-servers.net.", QType::AAAA, "2001:503:ba3e::2:30", DNSResourceRecord::ADDITIONAL, 3600); + addRecordToLW(res, "a.root-servers.net.", QType::A, "198.41.0.4", DNSResourceRecord::ADDITIONAL, 3600); + addRecordToLW(res, "a.root-servers.net.", QType::AAAA, "2001:503:ba3e::2:30", DNSResourceRecord::ADDITIONAL, 3600); - return 1; - } else if (domain == target && type == QType::DNSKEY) { + return 1; + } + else if (domain == target && type == QType::DNSKEY) { - setLWResult(res, 0, true, false, true); + setLWResult(res, 0, true, false, true); - addDNSKEY(keys, domain, 300, res->d_records); - addRRSIG(keys, res->d_records, domain, 300); + addDNSKEY(keys, domain, 300, res->d_records); + addRRSIG(keys, res->d_records, domain, 300); - return 1; - } + return 1; + } - return 0; - }); + return 0; + }); vector ret; int res = sr->beginResolve(target, QType(QType::NS), QClass::IN, ret); @@ -1203,7 +1224,8 @@ BOOST_AUTO_TEST_CASE(test_dnssec_bogus_bad_algo) { BOOST_CHECK_EQUAL(queriesCount, 2U); } -BOOST_AUTO_TEST_CASE(test_dnssec_bogus_unsigned_ds) { +BOOST_AUTO_TEST_CASE(test_dnssec_bogus_unsigned_ds) +{ std::unique_ptr sr; initSR(sr, true); @@ -1223,42 +1245,42 @@ BOOST_AUTO_TEST_CASE(test_dnssec_bogus_unsigned_ds) { size_t queriesCount = 0; - sr->setAsyncCallback([target,targetAddr,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - queriesCount++; - - DNSName auth = domain; - - if (type == QType::DS || type == QType::DNSKEY) { - if (genericDSAndDNSKEYHandler(res, domain, auth, type, keys) == 0) { - return 0; - } + sr->setAsyncCallback([target, targetAddr, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queriesCount++; - if (type == QType::DS && domain == target) { - /* remove the last record, which is the DS's RRSIG */ - res->d_records.pop_back(); - } + DNSName auth = domain; - return 1; + if (type == QType::DS || type == QType::DNSKEY) { + if (genericDSAndDNSKEYHandler(res, domain, auth, type, keys) == 0) { + return 0; } - if (isRootServer(ip)) { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600); - /* Include the DS but omit the RRSIG*/ - addDS(DNSName("com."), 300, res->d_records, keys); - addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - return 1; + if (type == QType::DS && domain == target) { + /* remove the last record, which is the DS's RRSIG */ + res->d_records.pop_back(); } - if (ip == ComboAddress("192.0.2.1:53")) { - setLWResult(res, RCode::NoError, true, false, true); - addRecordToLW(res, domain, QType::A, targetAddr.toString(), DNSResourceRecord::ANSWER, 3600); - addRRSIG(keys, res->d_records, auth, 300); - return 1; - } + return 1; + } + + if (isRootServer(ip)) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600); + /* Include the DS but omit the RRSIG*/ + addDS(DNSName("com."), 300, res->d_records, keys); + addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); + return 1; + } - return 0; - }); + if (ip == ComboAddress("192.0.2.1:53")) { + setLWResult(res, RCode::NoError, true, false, true); + addRecordToLW(res, domain, QType::A, targetAddr.toString(), DNSResourceRecord::ANSWER, 3600); + addRRSIG(keys, res->d_records, auth, 300); + return 1; + } + + return 0; + }); vector ret; int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret); @@ -1284,7 +1306,8 @@ BOOST_AUTO_TEST_CASE(test_dnssec_bogus_unsigned_ds) { BOOST_CHECK_EQUAL(queriesCount, 3U); } -BOOST_AUTO_TEST_CASE(test_dnssec_bogus_unsigned_ds_direct) { +BOOST_AUTO_TEST_CASE(test_dnssec_bogus_unsigned_ds_direct) +{ std::unique_ptr sr; initSR(sr, true); @@ -1303,35 +1326,35 @@ BOOST_AUTO_TEST_CASE(test_dnssec_bogus_unsigned_ds_direct) { size_t queriesCount = 0; - sr->setAsyncCallback([target,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - queriesCount++; + sr->setAsyncCallback([target, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queriesCount++; - DNSName auth = domain; + DNSName auth = domain; - if (type == QType::DS || type == QType::DNSKEY) { - if (genericDSAndDNSKEYHandler(res, domain, auth, type, keys) == 0) { - return 0; - } - - if (type == QType::DS && domain == target) { - /* remove the last record, which is the DS's RRSIG */ - res->d_records.pop_back(); - } - - return 1; + if (type == QType::DS || type == QType::DNSKEY) { + if (genericDSAndDNSKEYHandler(res, domain, auth, type, keys) == 0) { + return 0; } - if (isRootServer(ip)) { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600); - /* Include the DS but omit the RRSIG*/ - addDS(DNSName("com."), 300, res->d_records, keys); - addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - return 1; + if (type == QType::DS && domain == target) { + /* remove the last record, which is the DS's RRSIG */ + res->d_records.pop_back(); } - return 0; - }); + return 1; + } + + if (isRootServer(ip)) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600); + /* Include the DS but omit the RRSIG*/ + addDS(DNSName("com."), 300, res->d_records, keys); + addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); + return 1; + } + + return 0; + }); vector ret; int res = sr->beginResolve(DNSName("com."), QType(QType::DS), QClass::IN, ret); diff --git a/pdns/recursordist/test-syncres_cc5.cc b/pdns/recursordist/test-syncres_cc5.cc index 2da3351fa1..4869292476 100644 --- a/pdns/recursordist/test-syncres_cc5.cc +++ b/pdns/recursordist/test-syncres_cc5.cc @@ -5,7 +5,8 @@ BOOST_AUTO_TEST_SUITE(syncres_cc5) -BOOST_AUTO_TEST_CASE(test_dnssec_secure_various_algos) { +BOOST_AUTO_TEST_CASE(test_dnssec_secure_various_algos) +{ std::unique_ptr sr; initSR(sr, true); @@ -32,63 +33,63 @@ BOOST_AUTO_TEST_CASE(test_dnssec_secure_various_algos) { const time_t fixedNow = sr->getNow().tv_sec; - sr->setAsyncCallback([target,targetAddr,&queriesCount,keys,fixedNow](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - queriesCount++; + sr->setAsyncCallback([target, targetAddr, &queriesCount, keys, fixedNow](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queriesCount++; - DNSName auth = domain; - if (domain == target) { - auth = DNSName("powerdns.com."); - } + DNSName auth = domain; + if (domain == target) { + auth = DNSName("powerdns.com."); + } - if (type == QType::DS || type == QType::DNSKEY) { - return genericDSAndDNSKEYHandler(res, domain, auth, type, keys, true, fixedNow); - } + if (type == QType::DS || type == QType::DNSKEY) { + return genericDSAndDNSKEYHandler(res, domain, auth, type, keys, true, fixedNow); + } - if (isRootServer(ip)) { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600); - addDS(DNSName("com."), 300, res->d_records, keys); - addRRSIG(keys, res->d_records, DNSName("."), 300, false, boost::none, boost::none, fixedNow); + if (isRootServer(ip)) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600); + addDS(DNSName("com."), 300, res->d_records, keys); + addRRSIG(keys, res->d_records, DNSName("."), 300, false, boost::none, boost::none, fixedNow); + addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); + return 1; + } + + if (ip == ComboAddress("192.0.2.1:53")) { + if (domain == DNSName("com.")) { + setLWResult(res, 0, true, false, true); + addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com."); + addRRSIG(keys, res->d_records, domain, 300, false, boost::none, boost::none, fixedNow); addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - return 1; + addRRSIG(keys, res->d_records, domain, 300); } - - if (ip == ComboAddress("192.0.2.1:53")) { - if (domain == DNSName("com.")) { - setLWResult(res, 0, true, false, true); - addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com."); - addRRSIG(keys, res->d_records, domain, 300, false, boost::none, boost::none, fixedNow); - addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - addRRSIG(keys, res->d_records, domain, 300); - } - else { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, auth, QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600); - addDS(auth, 300, res->d_records, keys); - addRRSIG(keys, res->d_records, DNSName("com."), 300, false, boost::none, boost::none, fixedNow); - addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); - } - return 1; + else { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, auth, QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600); + addDS(auth, 300, res->d_records, keys); + addRRSIG(keys, res->d_records, DNSName("com."), 300, false, boost::none, boost::none, fixedNow); + addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); } + return 1; + } - if (ip == ComboAddress("192.0.2.2:53")) { - if (type == QType::NS) { - setLWResult(res, 0, true, false, true); - addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com."); - addRRSIG(keys, res->d_records, auth, 300, false, boost::none, boost::none, fixedNow); - addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); - addRRSIG(keys, res->d_records, auth, 300); - } - else { - setLWResult(res, RCode::NoError, true, false, true); - addRecordToLW(res, domain, QType::A, targetAddr.toString(), DNSResourceRecord::ANSWER, 3600); - addRRSIG(keys, res->d_records, auth, 300, false, boost::none, boost::none, fixedNow); - } - return 1; + if (ip == ComboAddress("192.0.2.2:53")) { + if (type == QType::NS) { + setLWResult(res, 0, true, false, true); + addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com."); + addRRSIG(keys, res->d_records, auth, 300, false, boost::none, boost::none, fixedNow); + addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); + addRRSIG(keys, res->d_records, auth, 300); } + else { + setLWResult(res, RCode::NoError, true, false, true); + addRecordToLW(res, domain, QType::A, targetAddr.toString(), DNSResourceRecord::ANSWER, 3600); + addRRSIG(keys, res->d_records, auth, 300, false, boost::none, boost::none, fixedNow); + } + return 1; + } - return 0; - }); + return 0; + }); vector ret; int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret); @@ -106,7 +107,8 @@ BOOST_AUTO_TEST_CASE(test_dnssec_secure_various_algos) { BOOST_CHECK_EQUAL(queriesCount, 8U); } -BOOST_AUTO_TEST_CASE(test_dnssec_secure_a_then_ns) { +BOOST_AUTO_TEST_CASE(test_dnssec_secure_a_then_ns) +{ std::unique_ptr sr; initSR(sr, true); @@ -126,63 +128,63 @@ BOOST_AUTO_TEST_CASE(test_dnssec_secure_a_then_ns) { size_t queriesCount = 0; - sr->setAsyncCallback([target,targetAddr,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - queriesCount++; + sr->setAsyncCallback([target, targetAddr, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queriesCount++; - DNSName auth = domain; - if (domain == target) { - auth = DNSName("powerdns.com."); - } + DNSName auth = domain; + if (domain == target) { + auth = DNSName("powerdns.com."); + } - if (type == QType::DS || type == QType::DNSKEY) { - return genericDSAndDNSKEYHandler(res, domain, auth, type, keys); - } + if (type == QType::DS || type == QType::DNSKEY) { + return genericDSAndDNSKEYHandler(res, domain, auth, type, keys); + } - if (isRootServer(ip)) { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600); - addDS(DNSName("com."), 300, res->d_records, keys); - addRRSIG(keys, res->d_records, DNSName("."), 300); + if (isRootServer(ip)) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600); + addDS(DNSName("com."), 300, res->d_records, keys); + addRRSIG(keys, res->d_records, DNSName("."), 300); + addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); + return 1; + } + + if (ip == ComboAddress("192.0.2.1:53")) { + if (domain == DNSName("com.")) { + setLWResult(res, 0, true, false, true); + addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com."); + addRRSIG(keys, res->d_records, domain, 300); addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - return 1; + addRRSIG(keys, res->d_records, domain, 300); } - - if (ip == ComboAddress("192.0.2.1:53")) { - if (domain == DNSName("com.")) { - setLWResult(res, 0, true, false, true); - addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com."); - addRRSIG(keys, res->d_records, domain, 300); - addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - addRRSIG(keys, res->d_records, domain, 300); - } - else { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, auth, QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600); - addDS(auth, 300, res->d_records, keys); - addRRSIG(keys, res->d_records, DNSName("com."), 300); - addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); - } - return 1; + else { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, auth, QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600); + addDS(auth, 300, res->d_records, keys); + addRRSIG(keys, res->d_records, DNSName("com."), 300); + addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); } + return 1; + } - if (ip == ComboAddress("192.0.2.2:53")) { - if (type == QType::NS) { - setLWResult(res, 0, true, false, true); - addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com."); - addRRSIG(keys, res->d_records, auth, 300); - addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); - addRRSIG(keys, res->d_records, auth, 300); - } - else { - setLWResult(res, RCode::NoError, true, false, true); - addRecordToLW(res, domain, QType::A, targetAddr.toString(), DNSResourceRecord::ANSWER, 3600); - addRRSIG(keys, res->d_records, auth, 300); - } - return 1; + if (ip == ComboAddress("192.0.2.2:53")) { + if (type == QType::NS) { + setLWResult(res, 0, true, false, true); + addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com."); + addRRSIG(keys, res->d_records, auth, 300); + addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); + addRRSIG(keys, res->d_records, auth, 300); + } + else { + setLWResult(res, RCode::NoError, true, false, true); + addRecordToLW(res, domain, QType::A, targetAddr.toString(), DNSResourceRecord::ANSWER, 3600); + addRRSIG(keys, res->d_records, auth, 300); } + return 1; + } - return 0; - }); + return 0; + }); vector ret; int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret); @@ -207,10 +209,10 @@ BOOST_AUTO_TEST_CASE(test_dnssec_secure_a_then_ns) { BOOST_CHECK_EQUAL(sr->getValidationState(), Secure); BOOST_REQUIRE_EQUAL(ret.size(), 2U); BOOST_CHECK_EQUAL(queriesCount, 9U); - } -BOOST_AUTO_TEST_CASE(test_dnssec_insecure_a_then_ns) { +BOOST_AUTO_TEST_CASE(test_dnssec_insecure_a_then_ns) +{ std::unique_ptr sr; initSR(sr, true); @@ -229,61 +231,61 @@ BOOST_AUTO_TEST_CASE(test_dnssec_insecure_a_then_ns) { size_t queriesCount = 0; - sr->setAsyncCallback([target,targetAddr,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - queriesCount++; + sr->setAsyncCallback([target, targetAddr, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queriesCount++; - DNSName auth = domain; - if (domain == target) { - auth = DNSName("powerdns.com."); - } + DNSName auth = domain; + if (domain == target) { + auth = DNSName("powerdns.com."); + } - if (type == QType::DS || type == QType::DNSKEY) { - return genericDSAndDNSKEYHandler(res, domain, auth, type, keys); - } + if (type == QType::DS || type == QType::DNSKEY) { + return genericDSAndDNSKEYHandler(res, domain, auth, type, keys); + } - if (isRootServer(ip)) { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600); - addDS(DNSName("com."), 300, res->d_records, keys); - addRRSIG(keys, res->d_records, DNSName("."), 300); + if (isRootServer(ip)) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600); + addDS(DNSName("com."), 300, res->d_records, keys); + addRRSIG(keys, res->d_records, DNSName("."), 300); + addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); + return 1; + } + + if (ip == ComboAddress("192.0.2.1:53")) { + if (domain == DNSName("com.")) { + setLWResult(res, 0, true, false, true); + addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com."); + addRRSIG(keys, res->d_records, domain, 300); addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - return 1; + addRRSIG(keys, res->d_records, domain, 300); } - - if (ip == ComboAddress("192.0.2.1:53")) { - if (domain == DNSName("com.")) { - setLWResult(res, 0, true, false, true); - addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com."); - addRRSIG(keys, res->d_records, domain, 300); - addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - addRRSIG(keys, res->d_records, domain, 300); - } - else { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, auth, QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600); - /* no DS */ - addNSECRecordToLW(domain, DNSName("z.powerdns.com."), { QType::NS }, 600, res->d_records); - addRRSIG(keys, res->d_records, DNSName("com."), 300); - addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); - } - return 1; + else { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, auth, QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600); + /* no DS */ + addNSECRecordToLW(domain, DNSName("z.powerdns.com."), {QType::NS}, 600, res->d_records); + addRRSIG(keys, res->d_records, DNSName("com."), 300); + addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); } + return 1; + } - if (ip == ComboAddress("192.0.2.2:53")) { - if (type == QType::NS) { - setLWResult(res, 0, true, false, true); - addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com."); - addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); - } - else { - setLWResult(res, RCode::NoError, true, false, true); - addRecordToLW(res, domain, QType::A, targetAddr.toString(), DNSResourceRecord::ANSWER, 3600); - } - return 1; + if (ip == ComboAddress("192.0.2.2:53")) { + if (type == QType::NS) { + setLWResult(res, 0, true, false, true); + addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com."); + addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); + } + else { + setLWResult(res, RCode::NoError, true, false, true); + addRecordToLW(res, domain, QType::A, targetAddr.toString(), DNSResourceRecord::ANSWER, 3600); } + return 1; + } - return 0; - }); + return 0; + }); vector ret; int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret); @@ -310,7 +312,8 @@ BOOST_AUTO_TEST_CASE(test_dnssec_insecure_a_then_ns) { BOOST_CHECK_EQUAL(queriesCount, 8U); } -BOOST_AUTO_TEST_CASE(test_dnssec_secure_with_nta) { +BOOST_AUTO_TEST_CASE(test_dnssec_secure_with_nta) +{ std::unique_ptr sr; initSR(sr, true); @@ -334,63 +337,63 @@ BOOST_AUTO_TEST_CASE(test_dnssec_secure_with_nta) { size_t queriesCount = 0; - sr->setAsyncCallback([target,targetAddr,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - queriesCount++; + sr->setAsyncCallback([target, targetAddr, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queriesCount++; - DNSName auth = domain; - if (domain == target) { - auth = DNSName("powerdns.com."); - } + DNSName auth = domain; + if (domain == target) { + auth = DNSName("powerdns.com."); + } - if (type == QType::DS || type == QType::DNSKEY) { - return genericDSAndDNSKEYHandler(res, domain, auth, type, keys); - } + if (type == QType::DS || type == QType::DNSKEY) { + return genericDSAndDNSKEYHandler(res, domain, auth, type, keys); + } - if (isRootServer(ip)) { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600); - addDS(DNSName("com."), 300, res->d_records, keys); - addRRSIG(keys, res->d_records, DNSName("."), 300); + if (isRootServer(ip)) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600); + addDS(DNSName("com."), 300, res->d_records, keys); + addRRSIG(keys, res->d_records, DNSName("."), 300); + addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); + return 1; + } + + if (ip == ComboAddress("192.0.2.1:53")) { + if (domain == DNSName("com.")) { + setLWResult(res, 0, true, false, true); + addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com."); + addRRSIG(keys, res->d_records, domain, 300); addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - return 1; + addRRSIG(keys, res->d_records, domain, 300); } - - if (ip == ComboAddress("192.0.2.1:53")) { - if (domain == DNSName("com.")) { - setLWResult(res, 0, true, false, true); - addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com."); - addRRSIG(keys, res->d_records, domain, 300); - addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - addRRSIG(keys, res->d_records, domain, 300); - } - else { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, auth, QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600); - addDS(auth, 300, res->d_records, keys); - addRRSIG(keys, res->d_records, DNSName("com."), 300); - addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); - } - return 1; + else { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, auth, QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600); + addDS(auth, 300, res->d_records, keys); + addRRSIG(keys, res->d_records, DNSName("com."), 300); + addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); } + return 1; + } - if (ip == ComboAddress("192.0.2.2:53")) { - if (type == QType::NS) { - setLWResult(res, 0, true, false, true); - addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com."); - addRRSIG(keys, res->d_records, auth, 300); - addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); - addRRSIG(keys, res->d_records, auth, 300); - } - else { - setLWResult(res, RCode::NoError, true, false, true); - addRecordToLW(res, domain, QType::A, targetAddr.toString(), DNSResourceRecord::ANSWER, 3600); - addRRSIG(keys, res->d_records, auth, 300); - } - return 1; + if (ip == ComboAddress("192.0.2.2:53")) { + if (type == QType::NS) { + setLWResult(res, 0, true, false, true); + addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com."); + addRRSIG(keys, res->d_records, auth, 300); + addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); + addRRSIG(keys, res->d_records, auth, 300); + } + else { + setLWResult(res, RCode::NoError, true, false, true); + addRecordToLW(res, domain, QType::A, targetAddr.toString(), DNSResourceRecord::ANSWER, 3600); + addRRSIG(keys, res->d_records, auth, 300); } + return 1; + } - return 0; - }); + return 0; + }); vector ret; int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret); @@ -410,7 +413,8 @@ BOOST_AUTO_TEST_CASE(test_dnssec_secure_with_nta) { BOOST_CHECK_EQUAL(queriesCount, 5U); } -BOOST_AUTO_TEST_CASE(test_dnssec_bogus_with_nta) { +BOOST_AUTO_TEST_CASE(test_dnssec_bogus_with_nta) +{ std::unique_ptr sr; initSR(sr, true); @@ -434,50 +438,50 @@ BOOST_AUTO_TEST_CASE(test_dnssec_bogus_with_nta) { size_t queriesCount = 0; - sr->setAsyncCallback([target,targetAddr,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - queriesCount++; + sr->setAsyncCallback([target, targetAddr, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queriesCount++; - if (type == QType::DS || type == QType::DNSKEY) { - setLWResult(res, 0, true, false, true); - addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); + if (type == QType::DS || type == QType::DNSKEY) { + setLWResult(res, 0, true, false, true); + addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); + return 1; + } + else { + if (isRootServer(ip)) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600); + addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); return 1; } - else { - if (isRootServer(ip)) { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600); + else if (ip == ComboAddress("192.0.2.1:53")) { + if (domain == DNSName("com.")) { + setLWResult(res, 0, true, false, true); + addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com."); addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - return 1; } - else if (ip == ComboAddress("192.0.2.1:53")) { - if (domain == DNSName("com.")) { - setLWResult(res, 0, true, false, true); - addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com."); - addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - } - else { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600); - addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); - } - return 1; + else { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600); + addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); } - else if (ip == ComboAddress("192.0.2.2:53")) { - if (type == QType::NS) { - setLWResult(res, 0, true, false, true); - addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com."); - addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); - } - else { - setLWResult(res, RCode::NoError, true, false, true); - addRecordToLW(res, domain, QType::A, targetAddr.toString(), DNSResourceRecord::ANSWER, 3600); - } - return 1; + return 1; + } + else if (ip == ComboAddress("192.0.2.2:53")) { + if (type == QType::NS) { + setLWResult(res, 0, true, false, true); + addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com."); + addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); } + else { + setLWResult(res, RCode::NoError, true, false, true); + addRecordToLW(res, domain, QType::A, targetAddr.toString(), DNSResourceRecord::ANSWER, 3600); + } + return 1; } + } - return 0; - }); + return 0; + }); /* There is TA for root but no DS/DNSKEY/RRSIG, should be Bogus, but.. */ vector ret; @@ -497,7 +501,8 @@ BOOST_AUTO_TEST_CASE(test_dnssec_bogus_with_nta) { BOOST_CHECK_EQUAL(queriesCount, 4U); } -BOOST_AUTO_TEST_CASE(test_dnssec_validation_nsec) { +BOOST_AUTO_TEST_CASE(test_dnssec_validation_nsec) +{ std::unique_ptr sr; initSR(sr, true); @@ -517,59 +522,59 @@ BOOST_AUTO_TEST_CASE(test_dnssec_validation_nsec) { size_t queriesCount = 0; - sr->setAsyncCallback([target,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - queriesCount++; + sr->setAsyncCallback([target, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queriesCount++; - if (type == QType::DS || type == QType::DNSKEY) { - return genericDSAndDNSKEYHandler(res, domain, domain, type, keys); + if (type == QType::DS || type == QType::DNSKEY) { + return genericDSAndDNSKEYHandler(res, domain, domain, type, keys); + } + else { + if (isRootServer(ip)) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600); + addDS(DNSName("com."), 300, res->d_records, keys); + addRRSIG(keys, res->d_records, DNSName("."), 300); + addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); + return 1; } - else { - if (isRootServer(ip)) { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600); - addDS(DNSName("com."), 300, res->d_records, keys); - addRRSIG(keys, res->d_records, DNSName("."), 300); + else if (ip == ComboAddress("192.0.2.1:53")) { + if (domain == DNSName("com.")) { + setLWResult(res, 0, true, false, true); + addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com."); + addRRSIG(keys, res->d_records, domain, 300); addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - return 1; + addRRSIG(keys, res->d_records, domain, 300); } - else if (ip == ComboAddress("192.0.2.1:53")) { - if (domain == DNSName("com.")) { - setLWResult(res, 0, true, false, true); - addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com."); - addRRSIG(keys, res->d_records, domain, 300); - addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - addRRSIG(keys, res->d_records, domain, 300); - } - else { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600); - addDS(domain, 300, res->d_records, keys); - addRRSIG(keys, res->d_records, DNSName("com."), 300); - addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); - } - return 1; + else { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600); + addDS(domain, 300, res->d_records, keys); + addRRSIG(keys, res->d_records, DNSName("com."), 300); + addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); } - else if (ip == ComboAddress("192.0.2.2:53")) { - if (type == QType::NS) { - setLWResult(res, 0, true, false, true); - addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com."); - addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300); - addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); - addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300); - } - else { - setLWResult(res, 0, true, false, true); - addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); - addRRSIG(keys, res->d_records, domain, 300); - addNSECRecordToLW(domain, DNSName("z.powerdns.com."), { QType::NS, QType::DNSKEY }, 600, res->d_records); - addRRSIG(keys, res->d_records, domain, 300); - } - return 1; + return 1; + } + else if (ip == ComboAddress("192.0.2.2:53")) { + if (type == QType::NS) { + setLWResult(res, 0, true, false, true); + addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com."); + addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300); + addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); + addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300); } + else { + setLWResult(res, 0, true, false, true); + addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); + addRRSIG(keys, res->d_records, domain, 300); + addNSECRecordToLW(domain, DNSName("z.powerdns.com."), {QType::NS, QType::DNSKEY}, 600, res->d_records); + addRRSIG(keys, res->d_records, domain, 300); + } + return 1; } + } - return 0; - }); + return 0; + }); vector ret; int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret); @@ -587,7 +592,8 @@ BOOST_AUTO_TEST_CASE(test_dnssec_validation_nsec) { BOOST_CHECK_EQUAL(queriesCount, 8U); } -BOOST_AUTO_TEST_CASE(test_dnssec_validation_nxdomain_nsec) { +BOOST_AUTO_TEST_CASE(test_dnssec_validation_nxdomain_nsec) +{ std::unique_ptr sr; initSR(sr, true); @@ -607,84 +613,84 @@ BOOST_AUTO_TEST_CASE(test_dnssec_validation_nxdomain_nsec) { size_t queriesCount = 0; - sr->setAsyncCallback([target,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - queriesCount++; + sr->setAsyncCallback([target, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queriesCount++; - DNSName auth = domain; - if (domain == target) { - auth = DNSName("powerdns.com."); + DNSName auth = domain; + if (domain == target) { + auth = DNSName("powerdns.com."); + } + if (type == QType::DS || type == QType::DNSKEY) { + if (type == QType::DS && domain == target) { + setLWResult(res, RCode::NXDomain, true, false, true); + addRecordToLW(res, DNSName("powerdns.com."), QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); + addRRSIG(keys, res->d_records, auth, 300); + addNSECRecordToLW(DNSName("nw.powerdns.com."), DNSName("ny.powerdns.com."), {QType::RRSIG, QType::NSEC}, 600, res->d_records); + addRRSIG(keys, res->d_records, auth, 300); + return 1; } - if (type == QType::DS || type == QType::DNSKEY) { - if (type == QType::DS && domain == target) { - setLWResult(res, RCode::NXDomain, true, false, true); - addRecordToLW(res, DNSName("powerdns.com."), QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); - addRRSIG(keys, res->d_records, auth, 300); - addNSECRecordToLW(DNSName("nw.powerdns.com."), DNSName("ny.powerdns.com."), { QType::RRSIG, QType::NSEC }, 600, res->d_records); - addRRSIG(keys, res->d_records, auth, 300); - return 1; + else { + return genericDSAndDNSKEYHandler(res, domain, auth, type, keys); + } + } + else { + if (isRootServer(ip)) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600); + addDS(DNSName("com."), 300, res->d_records, keys); + addRRSIG(keys, res->d_records, DNSName("."), 300); + addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); + return 1; + } + else if (ip == ComboAddress("192.0.2.1:53")) { + if (domain == DNSName("com.")) { + setLWResult(res, 0, true, false, true); + addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com."); + addRRSIG(keys, res->d_records, domain, 300); + addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); + addRRSIG(keys, res->d_records, domain, 300); } else { - return genericDSAndDNSKEYHandler(res, domain, auth, type, keys); - } - } - else { - if (isRootServer(ip)) { setLWResult(res, 0, false, false, true); - addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600); - addDS(DNSName("com."), 300, res->d_records, keys); - addRRSIG(keys, res->d_records, DNSName("."), 300); - addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - return 1; + addRecordToLW(res, auth, QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600); + addDS(auth, 300, res->d_records, keys); + addRRSIG(keys, res->d_records, DNSName("com."), 300); + addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); } - else if (ip == ComboAddress("192.0.2.1:53")) { - if (domain == DNSName("com.")) { - setLWResult(res, 0, true, false, true); - addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com."); - addRRSIG(keys, res->d_records, domain, 300); - addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - addRRSIG(keys, res->d_records, domain, 300); - } - else { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, auth, QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600); - addDS(auth, 300, res->d_records, keys); - addRRSIG(keys, res->d_records, DNSName("com."), 300); + return 1; + } + else if (ip == ComboAddress("192.0.2.2:53")) { + if (type == QType::NS) { + setLWResult(res, 0, true, false, true); + if (domain == DNSName("powerdns.com.")) { + addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com."); + addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300); addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); - } - return 1; - } - else if (ip == ComboAddress("192.0.2.2:53")) { - if (type == QType::NS) { - setLWResult(res, 0, true, false, true); - if (domain == DNSName("powerdns.com.")) { - addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com."); - addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300); - addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); - addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300); - } - else { - addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); - addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300); - addNSECRecordToLW(DNSName("nx.powerdns.com."), DNSName("nz.powerdns.com."), { QType::A, QType::NSEC, QType::RRSIG }, 600, res->d_records); - addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300); - } + addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300); } else { - setLWResult(res, RCode::NXDomain, true, false, true); - addRecordToLW(res, DNSName("powerdns.com."), QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); - addRRSIG(keys, res->d_records, auth, 300); - addNSECRecordToLW(DNSName("nw.powerdns.com."), DNSName("ny.powerdns.com."), { QType::RRSIG, QType::NSEC }, 600, res->d_records); - addRRSIG(keys, res->d_records, auth, 300); - /* add wildcard denial */ - addNSECRecordToLW(DNSName("powerdns.com."), DNSName("a.powerdns.com."), { QType::RRSIG, QType::NSEC }, 600, res->d_records); - addRRSIG(keys, res->d_records, auth, 300); + addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); + addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300); + addNSECRecordToLW(DNSName("nx.powerdns.com."), DNSName("nz.powerdns.com."), {QType::A, QType::NSEC, QType::RRSIG}, 600, res->d_records); + addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300); } - return 1; } + else { + setLWResult(res, RCode::NXDomain, true, false, true); + addRecordToLW(res, DNSName("powerdns.com."), QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); + addRRSIG(keys, res->d_records, auth, 300); + addNSECRecordToLW(DNSName("nw.powerdns.com."), DNSName("ny.powerdns.com."), {QType::RRSIG, QType::NSEC}, 600, res->d_records); + addRRSIG(keys, res->d_records, auth, 300); + /* add wildcard denial */ + addNSECRecordToLW(DNSName("powerdns.com."), DNSName("a.powerdns.com."), {QType::RRSIG, QType::NSEC}, 600, res->d_records); + addRRSIG(keys, res->d_records, auth, 300); + } + return 1; } + } - return 0; - }); + return 0; + }); vector ret; int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret); @@ -702,7 +708,8 @@ BOOST_AUTO_TEST_CASE(test_dnssec_validation_nxdomain_nsec) { BOOST_CHECK_EQUAL(queriesCount, 9U); } -BOOST_AUTO_TEST_CASE(test_dnssec_validation_nsec_wildcard) { +BOOST_AUTO_TEST_CASE(test_dnssec_validation_nsec_wildcard) +{ std::unique_ptr sr; initSR(sr, true); @@ -722,77 +729,77 @@ BOOST_AUTO_TEST_CASE(test_dnssec_validation_nsec_wildcard) { size_t queriesCount = 0; - sr->setAsyncCallback([target,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - queriesCount++; + sr->setAsyncCallback([target, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queriesCount++; - if (type == QType::DS || type == QType::DNSKEY) { - if (type == QType::DS && domain == target) { - setLWResult(res, RCode::NoError, true, false, true); - addRecordToLW(res, DNSName("powerdns.com."), QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); - addRRSIG(keys, res->d_records, DNSName("powerdns.com."), 300); - addNSECRecordToLW(DNSName("www.powerdns.com."), DNSName("wwz.powerdns.com."), { QType::A, QType::NSEC, QType::RRSIG }, 600, res->d_records); - addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300); - return 1; - } - else { - return genericDSAndDNSKEYHandler(res, domain, domain, type, keys); - } + if (type == QType::DS || type == QType::DNSKEY) { + if (type == QType::DS && domain == target) { + setLWResult(res, RCode::NoError, true, false, true); + addRecordToLW(res, DNSName("powerdns.com."), QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); + addRRSIG(keys, res->d_records, DNSName("powerdns.com."), 300); + addNSECRecordToLW(DNSName("www.powerdns.com."), DNSName("wwz.powerdns.com."), {QType::A, QType::NSEC, QType::RRSIG}, 600, res->d_records); + addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300); + return 1; } else { - if (isRootServer(ip)) { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600); - addDS(DNSName("com."), 300, res->d_records, keys); - addRRSIG(keys, res->d_records, DNSName("."), 300); + return genericDSAndDNSKEYHandler(res, domain, domain, type, keys); + } + } + else { + if (isRootServer(ip)) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600); + addDS(DNSName("com."), 300, res->d_records, keys); + addRRSIG(keys, res->d_records, DNSName("."), 300); + addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); + return 1; + } + else if (ip == ComboAddress("192.0.2.1:53")) { + if (domain == DNSName("com.")) { + setLWResult(res, 0, true, false, true); + addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com."); + addRRSIG(keys, res->d_records, domain, 300); addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - return 1; + addRRSIG(keys, res->d_records, domain, 300); } - else if (ip == ComboAddress("192.0.2.1:53")) { - if (domain == DNSName("com.")) { - setLWResult(res, 0, true, false, true); - addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com."); - addRRSIG(keys, res->d_records, domain, 300); - addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - addRRSIG(keys, res->d_records, domain, 300); - } - else { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, "powerdns.com.", QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600); - addDS(DNSName("powerdns.com."), 300, res->d_records, keys); - addRRSIG(keys, res->d_records, DNSName("com."), 300); - addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); - } - return 1; + else { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, "powerdns.com.", QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600); + addDS(DNSName("powerdns.com."), 300, res->d_records, keys); + addRRSIG(keys, res->d_records, DNSName("com."), 300); + addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); } - else if (ip == ComboAddress("192.0.2.2:53")) { - setLWResult(res, 0, true, false, true); - if (type == QType::NS) { - if (domain == DNSName("powerdns.com.")) { - addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com."); - addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300); - addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); - addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300); - } - else { - addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); - addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300); - addNSECRecordToLW(DNSName("www.powerdns.com."), DNSName("wwz.powerdns.com."), { QType::A, QType::NSEC, QType::RRSIG }, 600, res->d_records); - addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300); - } + return 1; + } + else if (ip == ComboAddress("192.0.2.2:53")) { + setLWResult(res, 0, true, false, true); + if (type == QType::NS) { + if (domain == DNSName("powerdns.com.")) { + addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com."); + addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300); + addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); + addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300); } else { - addRecordToLW(res, domain, QType::A, "192.0.2.42"); - addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300, false, boost::none, DNSName("*.powerdns.com")); - /* we need to add the proof that this name does not exist, so the wildcard may apply */ - addNSECRecordToLW(DNSName("a.powerdns.com."), DNSName("wwz.powerdns.com."), { QType::A, QType::NSEC, QType::RRSIG }, 600, res->d_records); + addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); + addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300); + addNSECRecordToLW(DNSName("www.powerdns.com."), DNSName("wwz.powerdns.com."), {QType::A, QType::NSEC, QType::RRSIG}, 600, res->d_records); addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300); } - return 1; } + else { + addRecordToLW(res, domain, QType::A, "192.0.2.42"); + addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300, false, boost::none, DNSName("*.powerdns.com")); + /* we need to add the proof that this name does not exist, so the wildcard may apply */ + addNSECRecordToLW(DNSName("a.powerdns.com."), DNSName("wwz.powerdns.com."), {QType::A, QType::NSEC, QType::RRSIG}, 600, res->d_records); + addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300); + } + return 1; } + } - return 0; - }); + return 0; + }); vector ret; int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret); @@ -810,7 +817,8 @@ BOOST_AUTO_TEST_CASE(test_dnssec_validation_nsec_wildcard) { BOOST_CHECK_EQUAL(queriesCount, 9U); } -BOOST_AUTO_TEST_CASE(test_dnssec_validation_nsec_nodata_nowildcard) { +BOOST_AUTO_TEST_CASE(test_dnssec_validation_nsec_nodata_nowildcard) +{ std::unique_ptr sr; initSR(sr, true); @@ -829,49 +837,49 @@ BOOST_AUTO_TEST_CASE(test_dnssec_validation_nsec_nodata_nowildcard) { size_t queriesCount = 0; - sr->setAsyncCallback([target,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - queriesCount++; + sr->setAsyncCallback([target, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queriesCount++; - if (type == QType::DS || type == QType::DNSKEY) { - if (type == QType::DS && domain == target) { - DNSName auth("com."); - setLWResult(res, 0, true, false, true); + if (type == QType::DS || type == QType::DNSKEY) { + if (type == QType::DS && domain == target) { + DNSName auth("com."); + setLWResult(res, 0, true, false, true); - addRecordToLW(res, auth, QType::SOA, "foo. bar. 2017032800 1800 900 604800 86400", DNSResourceRecord::AUTHORITY, 86400); - addRRSIG(keys, res->d_records, auth, 300); - /* add a NSEC denying the DS AND the existence of a cut (no NS) */ - addNSECRecordToLW(domain, DNSName("z") + domain, { QType::NSEC }, 600, res->d_records); - addRRSIG(keys, res->d_records, auth, 300); - return 1; - } - return genericDSAndDNSKEYHandler(res, domain, domain, type, keys); + addRecordToLW(res, auth, QType::SOA, "foo. bar. 2017032800 1800 900 604800 86400", DNSResourceRecord::AUTHORITY, 86400); + addRRSIG(keys, res->d_records, auth, 300); + /* add a NSEC denying the DS AND the existence of a cut (no NS) */ + addNSECRecordToLW(domain, DNSName("z") + domain, {QType::NSEC}, 600, res->d_records); + addRRSIG(keys, res->d_records, auth, 300); + return 1; } - else { - if (isRootServer(ip)) { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600); - addDS(DNSName("com."), 300, res->d_records, keys); - addRRSIG(keys, res->d_records, DNSName("."), 300); - addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - return 1; - } - else if (ip == ComboAddress("192.0.2.1:53")) { - setLWResult(res, 0, true, false, true); - /* no data */ - addRecordToLW(res, DNSName("com."), QType::SOA, "com. com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); - addRRSIG(keys, res->d_records, DNSName("com."), 300); - /* no record for this name */ - addNSECRecordToLW(DNSName("wwv.com."), DNSName("wwx.com."), { QType::NSEC, QType::RRSIG }, 600, res->d_records); - addRRSIG(keys, res->d_records, DNSName("com."), 300); - /* a wildcard matches but has no record for this type */ - addNSECRecordToLW(DNSName("*.com."), DNSName("com."), { QType::AAAA, QType::NSEC, QType::RRSIG }, 600, res->d_records); - addRRSIG(keys, res->d_records, DNSName("com"), 300, false, boost::none, DNSName("*.com")); - return 1; - } + return genericDSAndDNSKEYHandler(res, domain, domain, type, keys); + } + else { + if (isRootServer(ip)) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600); + addDS(DNSName("com."), 300, res->d_records, keys); + addRRSIG(keys, res->d_records, DNSName("."), 300); + addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); + return 1; + } + else if (ip == ComboAddress("192.0.2.1:53")) { + setLWResult(res, 0, true, false, true); + /* no data */ + addRecordToLW(res, DNSName("com."), QType::SOA, "com. com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); + addRRSIG(keys, res->d_records, DNSName("com."), 300); + /* no record for this name */ + addNSECRecordToLW(DNSName("wwv.com."), DNSName("wwx.com."), {QType::NSEC, QType::RRSIG}, 600, res->d_records); + addRRSIG(keys, res->d_records, DNSName("com."), 300); + /* a wildcard matches but has no record for this type */ + addNSECRecordToLW(DNSName("*.com."), DNSName("com."), {QType::AAAA, QType::NSEC, QType::RRSIG}, 600, res->d_records); + addRRSIG(keys, res->d_records, DNSName("com"), 300, false, boost::none, DNSName("*.com")); + return 1; } + } - return 0; - }); + return 0; + }); vector ret; int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret); @@ -889,7 +897,8 @@ BOOST_AUTO_TEST_CASE(test_dnssec_validation_nsec_nodata_nowildcard) { BOOST_CHECK_EQUAL(queriesCount, 6U); } -BOOST_AUTO_TEST_CASE(test_dnssec_validation_nsec3_nodata_nowildcard) { +BOOST_AUTO_TEST_CASE(test_dnssec_validation_nsec3_nodata_nowildcard) +{ std::unique_ptr sr; initSR(sr, true); @@ -908,60 +917,60 @@ BOOST_AUTO_TEST_CASE(test_dnssec_validation_nsec3_nodata_nowildcard) { size_t queriesCount = 0; - sr->setAsyncCallback([target,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - queriesCount++; + sr->setAsyncCallback([target, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queriesCount++; - if (type == QType::DS || type == QType::DNSKEY) { - if (type == QType::DS && domain == target) { - DNSName auth("com."); - setLWResult(res, 0, true, false, true); + if (type == QType::DS || type == QType::DNSKEY) { + if (type == QType::DS && domain == target) { + DNSName auth("com."); + setLWResult(res, 0, true, false, true); - addRecordToLW(res, auth, QType::SOA, "foo. bar. 2017032800 1800 900 604800 86400", DNSResourceRecord::AUTHORITY, 86400); - addRRSIG(keys, res->d_records, auth, 300); - /* add a NSEC3 denying the DS AND the existence of a cut (no NS) */ - /* first the closest encloser */ - addNSEC3UnhashedRecordToLW(DNSName("com."), auth, "whatever", { QType::A, QType::TXT, QType::RRSIG, QType::NSEC }, 600, res->d_records); - addRRSIG(keys, res->d_records, auth, 300); - /* then the next closer */ - addNSEC3NarrowRecordToLW(domain, DNSName("com."), { QType::RRSIG, QType::NSEC }, 600, res->d_records); - addRRSIG(keys, res->d_records, auth, 300); - /* a wildcard matches but has no record for this type */ - addNSEC3UnhashedRecordToLW(DNSName("*.com."), DNSName("com."), "whatever", { QType::AAAA, QType::NSEC, QType::RRSIG }, 600, res->d_records); - addRRSIG(keys, res->d_records, DNSName("com"), 300, false, boost::none, DNSName("*.com")); - return 1; - } - return genericDSAndDNSKEYHandler(res, domain, domain, type, keys); + addRecordToLW(res, auth, QType::SOA, "foo. bar. 2017032800 1800 900 604800 86400", DNSResourceRecord::AUTHORITY, 86400); + addRRSIG(keys, res->d_records, auth, 300); + /* add a NSEC3 denying the DS AND the existence of a cut (no NS) */ + /* first the closest encloser */ + addNSEC3UnhashedRecordToLW(DNSName("com."), auth, "whatever", {QType::A, QType::TXT, QType::RRSIG, QType::NSEC}, 600, res->d_records); + addRRSIG(keys, res->d_records, auth, 300); + /* then the next closer */ + addNSEC3NarrowRecordToLW(domain, DNSName("com."), {QType::RRSIG, QType::NSEC}, 600, res->d_records); + addRRSIG(keys, res->d_records, auth, 300); + /* a wildcard matches but has no record for this type */ + addNSEC3UnhashedRecordToLW(DNSName("*.com."), DNSName("com."), "whatever", {QType::AAAA, QType::NSEC, QType::RRSIG}, 600, res->d_records); + addRRSIG(keys, res->d_records, DNSName("com"), 300, false, boost::none, DNSName("*.com")); + return 1; } - else { - if (isRootServer(ip)) { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600); - addDS(DNSName("com."), 300, res->d_records, keys); - addRRSIG(keys, res->d_records, DNSName("."), 300); - addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - return 1; - } - else if (ip == ComboAddress("192.0.2.1:53")) { - setLWResult(res, 0, true, false, true); - /* no data */ - addRecordToLW(res, DNSName("com."), QType::SOA, "com. com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); - addRRSIG(keys, res->d_records, DNSName("com."), 300); - /* no record for this name */ - /* first the closest encloser */ - addNSEC3UnhashedRecordToLW(DNSName("com."), DNSName("com."), "whatever", { QType::A, QType::TXT, QType::RRSIG, QType::NSEC }, 600, res->d_records); - addRRSIG(keys, res->d_records, DNSName("com."), 300); - /* then the next closer */ - addNSEC3NarrowRecordToLW(domain, DNSName("com."), { QType::RRSIG, QType::NSEC }, 600, res->d_records); - addRRSIG(keys, res->d_records, DNSName("com."), 300); - /* a wildcard matches but has no record for this type */ - addNSEC3UnhashedRecordToLW(DNSName("*.com."), DNSName("com."), "whatever", { QType::AAAA, QType::NSEC, QType::RRSIG }, 600, res->d_records); - addRRSIG(keys, res->d_records, DNSName("com"), 300, false, boost::none, DNSName("*.com")); - return 1; - } + return genericDSAndDNSKEYHandler(res, domain, domain, type, keys); + } + else { + if (isRootServer(ip)) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600); + addDS(DNSName("com."), 300, res->d_records, keys); + addRRSIG(keys, res->d_records, DNSName("."), 300); + addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); + return 1; } + else if (ip == ComboAddress("192.0.2.1:53")) { + setLWResult(res, 0, true, false, true); + /* no data */ + addRecordToLW(res, DNSName("com."), QType::SOA, "com. com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); + addRRSIG(keys, res->d_records, DNSName("com."), 300); + /* no record for this name */ + /* first the closest encloser */ + addNSEC3UnhashedRecordToLW(DNSName("com."), DNSName("com."), "whatever", {QType::A, QType::TXT, QType::RRSIG, QType::NSEC}, 600, res->d_records); + addRRSIG(keys, res->d_records, DNSName("com."), 300); + /* then the next closer */ + addNSEC3NarrowRecordToLW(domain, DNSName("com."), {QType::RRSIG, QType::NSEC}, 600, res->d_records); + addRRSIG(keys, res->d_records, DNSName("com."), 300); + /* a wildcard matches but has no record for this type */ + addNSEC3UnhashedRecordToLW(DNSName("*.com."), DNSName("com."), "whatever", {QType::AAAA, QType::NSEC, QType::RRSIG}, 600, res->d_records); + addRRSIG(keys, res->d_records, DNSName("com"), 300, false, boost::none, DNSName("*.com")); + return 1; + } + } - return 0; - }); + return 0; + }); vector ret; int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret); @@ -979,7 +988,8 @@ BOOST_AUTO_TEST_CASE(test_dnssec_validation_nsec3_nodata_nowildcard) { BOOST_CHECK_EQUAL(queriesCount, 6U); } -BOOST_AUTO_TEST_CASE(test_dnssec_validation_nsec3_nodata_nowildcard_too_many_iterations) { +BOOST_AUTO_TEST_CASE(test_dnssec_validation_nsec3_nodata_nowildcard_too_many_iterations) +{ std::unique_ptr sr; initSR(sr, true); @@ -998,60 +1008,60 @@ BOOST_AUTO_TEST_CASE(test_dnssec_validation_nsec3_nodata_nowildcard_too_many_ite size_t queriesCount = 0; - sr->setAsyncCallback([target,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - queriesCount++; + sr->setAsyncCallback([target, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queriesCount++; - if (type == QType::DS || type == QType::DNSKEY) { - if (type == QType::DS && domain == target) { - DNSName auth("com."); - setLWResult(res, 0, true, false, true); + if (type == QType::DS || type == QType::DNSKEY) { + if (type == QType::DS && domain == target) { + DNSName auth("com."); + setLWResult(res, 0, true, false, true); - addRecordToLW(res, auth, QType::SOA, "foo. bar. 2017032800 1800 900 604800 86400", DNSResourceRecord::AUTHORITY, 86400); - addRRSIG(keys, res->d_records, auth, 300); - /* add a NSEC3 denying the DS AND the existence of a cut (no NS) */ - /* first the closest encloser */ - addNSEC3UnhashedRecordToLW(DNSName("com."), auth, "whatever", { QType::A, QType::TXT, QType::RRSIG, QType::NSEC }, 600, res->d_records, g_maxNSEC3Iterations + 100); - addRRSIG(keys, res->d_records, auth, 300); - /* then the next closer */ - addNSEC3NarrowRecordToLW(domain, DNSName("com."), { QType::RRSIG, QType::NSEC }, 600, res->d_records, g_maxNSEC3Iterations + 100); - addRRSIG(keys, res->d_records, auth, 300); - /* a wildcard matches but has no record for this type */ - addNSEC3UnhashedRecordToLW(DNSName("*.com."), DNSName("com."), "whatever", { QType::AAAA, QType::NSEC, QType::RRSIG }, 600, res->d_records, g_maxNSEC3Iterations + 100); - addRRSIG(keys, res->d_records, DNSName("com"), 300, false, boost::none, DNSName("*.com")); - return 1; - } - return genericDSAndDNSKEYHandler(res, domain, domain, type, keys); + addRecordToLW(res, auth, QType::SOA, "foo. bar. 2017032800 1800 900 604800 86400", DNSResourceRecord::AUTHORITY, 86400); + addRRSIG(keys, res->d_records, auth, 300); + /* add a NSEC3 denying the DS AND the existence of a cut (no NS) */ + /* first the closest encloser */ + addNSEC3UnhashedRecordToLW(DNSName("com."), auth, "whatever", {QType::A, QType::TXT, QType::RRSIG, QType::NSEC}, 600, res->d_records, g_maxNSEC3Iterations + 100); + addRRSIG(keys, res->d_records, auth, 300); + /* then the next closer */ + addNSEC3NarrowRecordToLW(domain, DNSName("com."), {QType::RRSIG, QType::NSEC}, 600, res->d_records, g_maxNSEC3Iterations + 100); + addRRSIG(keys, res->d_records, auth, 300); + /* a wildcard matches but has no record for this type */ + addNSEC3UnhashedRecordToLW(DNSName("*.com."), DNSName("com."), "whatever", {QType::AAAA, QType::NSEC, QType::RRSIG}, 600, res->d_records, g_maxNSEC3Iterations + 100); + addRRSIG(keys, res->d_records, DNSName("com"), 300, false, boost::none, DNSName("*.com")); + return 1; } - else { - if (isRootServer(ip)) { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600); - addDS(DNSName("com."), 300, res->d_records, keys); - addRRSIG(keys, res->d_records, DNSName("."), 300); - addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - return 1; - } - else if (ip == ComboAddress("192.0.2.1:53")) { - setLWResult(res, 0, true, false, true); - /* no data */ - addRecordToLW(res, DNSName("com."), QType::SOA, "com. com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); - addRRSIG(keys, res->d_records, DNSName("com."), 300); - /* no record for this name */ - /* first the closest encloser */ - addNSEC3UnhashedRecordToLW(DNSName("com."), DNSName("com."), "whatever", { QType::A, QType::TXT, QType::RRSIG, QType::NSEC }, 600, res->d_records, g_maxNSEC3Iterations + 100); - addRRSIG(keys, res->d_records, DNSName("com."), 300); - /* then the next closer */ - addNSEC3NarrowRecordToLW(domain, DNSName("com."), { QType::RRSIG, QType::NSEC }, 600, res->d_records, g_maxNSEC3Iterations + 100); - addRRSIG(keys, res->d_records, DNSName("com."), 300); - /* a wildcard matches but has no record for this type */ - addNSEC3UnhashedRecordToLW(DNSName("*.com."), DNSName("com."), "whatever", { QType::AAAA, QType::NSEC, QType::RRSIG }, 600, res->d_records, g_maxNSEC3Iterations + 100); - addRRSIG(keys, res->d_records, DNSName("com"), 300, false, boost::none, DNSName("*.com")); - return 1; - } + return genericDSAndDNSKEYHandler(res, domain, domain, type, keys); + } + else { + if (isRootServer(ip)) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600); + addDS(DNSName("com."), 300, res->d_records, keys); + addRRSIG(keys, res->d_records, DNSName("."), 300); + addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); + return 1; + } + else if (ip == ComboAddress("192.0.2.1:53")) { + setLWResult(res, 0, true, false, true); + /* no data */ + addRecordToLW(res, DNSName("com."), QType::SOA, "com. com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); + addRRSIG(keys, res->d_records, DNSName("com."), 300); + /* no record for this name */ + /* first the closest encloser */ + addNSEC3UnhashedRecordToLW(DNSName("com."), DNSName("com."), "whatever", {QType::A, QType::TXT, QType::RRSIG, QType::NSEC}, 600, res->d_records, g_maxNSEC3Iterations + 100); + addRRSIG(keys, res->d_records, DNSName("com."), 300); + /* then the next closer */ + addNSEC3NarrowRecordToLW(domain, DNSName("com."), {QType::RRSIG, QType::NSEC}, 600, res->d_records, g_maxNSEC3Iterations + 100); + addRRSIG(keys, res->d_records, DNSName("com."), 300); + /* a wildcard matches but has no record for this type */ + addNSEC3UnhashedRecordToLW(DNSName("*.com."), DNSName("com."), "whatever", {QType::AAAA, QType::NSEC, QType::RRSIG}, 600, res->d_records, g_maxNSEC3Iterations + 100); + addRRSIG(keys, res->d_records, DNSName("com"), 300, false, boost::none, DNSName("*.com")); + return 1; } + } - return 0; - }); + return 0; + }); /* we are generating NSEC3 with more iterations than we allow, so we should go Insecure */ vector ret; @@ -1070,7 +1080,8 @@ BOOST_AUTO_TEST_CASE(test_dnssec_validation_nsec3_nodata_nowildcard_too_many_ite BOOST_CHECK_EQUAL(queriesCount, 6U); } -BOOST_AUTO_TEST_CASE(test_dnssec_validation_nsec3_wildcard) { +BOOST_AUTO_TEST_CASE(test_dnssec_validation_nsec3_wildcard) +{ std::unique_ptr sr; initSR(sr, true); @@ -1090,86 +1101,86 @@ BOOST_AUTO_TEST_CASE(test_dnssec_validation_nsec3_wildcard) { size_t queriesCount = 0; - sr->setAsyncCallback([target,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - queriesCount++; + sr->setAsyncCallback([target, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queriesCount++; - if (type == QType::DS || type == QType::DNSKEY) { - if (type == QType::DS && domain.isPartOf(DNSName("sub.powerdns.com"))) { - setLWResult(res, RCode::NoError, true, false, true); - addRecordToLW(res, DNSName("powerdns.com."), QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); - addRRSIG(keys, res->d_records, DNSName("powerdns.com."), 300); - if (domain == DNSName("sub.powerdns.com")) { - addNSECRecordToLW(DNSName("sub.powerdns.com."), DNSName("sud.powerdns.com."), { QType::A, QType::NSEC, QType::RRSIG }, 600, res->d_records); - } - else if (domain == target) { - addNSECRecordToLW(DNSName("www.sub.powerdns.com."), DNSName("wwz.sub.powerdns.com."), { QType::A, QType::NSEC, QType::RRSIG }, 600, res->d_records); - } - addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300); - return 1; + if (type == QType::DS || type == QType::DNSKEY) { + if (type == QType::DS && domain.isPartOf(DNSName("sub.powerdns.com"))) { + setLWResult(res, RCode::NoError, true, false, true); + addRecordToLW(res, DNSName("powerdns.com."), QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); + addRRSIG(keys, res->d_records, DNSName("powerdns.com."), 300); + if (domain == DNSName("sub.powerdns.com")) { + addNSECRecordToLW(DNSName("sub.powerdns.com."), DNSName("sud.powerdns.com."), {QType::A, QType::NSEC, QType::RRSIG}, 600, res->d_records); } - else { - return genericDSAndDNSKEYHandler(res, domain, domain, type, keys); + else if (domain == target) { + addNSECRecordToLW(DNSName("www.sub.powerdns.com."), DNSName("wwz.sub.powerdns.com."), {QType::A, QType::NSEC, QType::RRSIG}, 600, res->d_records); } + addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300); + return 1; } else { - if (isRootServer(ip)) { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600); - addDS(DNSName("com."), 300, res->d_records, keys); - addRRSIG(keys, res->d_records, DNSName("."), 300); + return genericDSAndDNSKEYHandler(res, domain, domain, type, keys); + } + } + else { + if (isRootServer(ip)) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600); + addDS(DNSName("com."), 300, res->d_records, keys); + addRRSIG(keys, res->d_records, DNSName("."), 300); + addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); + return 1; + } + else if (ip == ComboAddress("192.0.2.1:53")) { + if (domain == DNSName("com.")) { + setLWResult(res, 0, true, false, true); + addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com."); + addRRSIG(keys, res->d_records, domain, 300); addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - return 1; + addRRSIG(keys, res->d_records, domain, 300); } - else if (ip == ComboAddress("192.0.2.1:53")) { - if (domain == DNSName("com.")) { - setLWResult(res, 0, true, false, true); - addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com."); - addRRSIG(keys, res->d_records, domain, 300); - addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - addRRSIG(keys, res->d_records, domain, 300); - } - else { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, "powerdns.com.", QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600); - addDS(DNSName("powerdns.com."), 300, res->d_records, keys); - addRRSIG(keys, res->d_records, DNSName("com."), 300); - addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); - } - return 1; + else { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, "powerdns.com.", QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600); + addDS(DNSName("powerdns.com."), 300, res->d_records, keys); + addRRSIG(keys, res->d_records, DNSName("com."), 300); + addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); } - else if (ip == ComboAddress("192.0.2.2:53")) { - setLWResult(res, 0, true, false, true); - if (type == QType::NS) { - if (domain == DNSName("powerdns.com.")) { - addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com."); - addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300); - addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); - addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300); - } - else { - addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); - addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300); - addNSECRecordToLW(DNSName("www.powerdns.com."), DNSName("wwz.powerdns.com."), { QType::A, QType::NSEC, QType::RRSIG }, 600, res->d_records); - addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300); - } + return 1; + } + else if (ip == ComboAddress("192.0.2.2:53")) { + setLWResult(res, 0, true, false, true); + if (type == QType::NS) { + if (domain == DNSName("powerdns.com.")) { + addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com."); + addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300); + addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); + addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300); } else { - addRecordToLW(res, domain, QType::A, "192.0.2.42"); - addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300, false, boost::none, DNSName("*.powerdns.com")); - /* we need to add the proof that this name does not exist, so the wildcard may apply */ - /* first the closest encloser */ - addNSEC3UnhashedRecordToLW(DNSName("powerdns.com."), DNSName("powerdns.com."), "whatever", { QType::A, QType::TXT, QType::RRSIG, QType::NSEC }, 600, res->d_records); - addRRSIG(keys, res->d_records, DNSName("powerdns.com."), 300); - /* then the next closer */ - addNSEC3NarrowRecordToLW(DNSName("sub.powerdns.com."), DNSName("powerdns.com."), { QType::A, QType::TXT, QType::RRSIG, QType::NSEC }, 600, res->d_records); - addRRSIG(keys, res->d_records, DNSName("powerdns.com."), 300); + addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); + addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300); + addNSECRecordToLW(DNSName("www.powerdns.com."), DNSName("wwz.powerdns.com."), {QType::A, QType::NSEC, QType::RRSIG}, 600, res->d_records); + addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300); } - return 1; } + else { + addRecordToLW(res, domain, QType::A, "192.0.2.42"); + addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300, false, boost::none, DNSName("*.powerdns.com")); + /* we need to add the proof that this name does not exist, so the wildcard may apply */ + /* first the closest encloser */ + addNSEC3UnhashedRecordToLW(DNSName("powerdns.com."), DNSName("powerdns.com."), "whatever", {QType::A, QType::TXT, QType::RRSIG, QType::NSEC}, 600, res->d_records); + addRRSIG(keys, res->d_records, DNSName("powerdns.com."), 300); + /* then the next closer */ + addNSEC3NarrowRecordToLW(DNSName("sub.powerdns.com."), DNSName("powerdns.com."), {QType::A, QType::TXT, QType::RRSIG, QType::NSEC}, 600, res->d_records); + addRRSIG(keys, res->d_records, DNSName("powerdns.com."), 300); + } + return 1; } + } - return 0; - }); + return 0; + }); vector ret; int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret); @@ -1187,7 +1198,8 @@ BOOST_AUTO_TEST_CASE(test_dnssec_validation_nsec3_wildcard) { BOOST_CHECK_EQUAL(queriesCount, 10U); } -BOOST_AUTO_TEST_CASE(test_dnssec_validation_nsec3_wildcard_too_many_iterations) { +BOOST_AUTO_TEST_CASE(test_dnssec_validation_nsec3_wildcard_too_many_iterations) +{ std::unique_ptr sr; initSR(sr, true); @@ -1207,81 +1219,81 @@ BOOST_AUTO_TEST_CASE(test_dnssec_validation_nsec3_wildcard_too_many_iterations) size_t queriesCount = 0; - sr->setAsyncCallback([target,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - queriesCount++; + sr->setAsyncCallback([target, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queriesCount++; - if (type == QType::DS || type == QType::DNSKEY) { - if (type == QType::DS && domain == target) { - setLWResult(res, RCode::NoError, true, false, true); - addRecordToLW(res, DNSName("powerdns.com."), QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); - addRRSIG(keys, res->d_records, DNSName("powerdns.com."), 300); - addNSECRecordToLW(DNSName("www.powerdns.com."), DNSName("wwz.powerdns.com."), { QType::A, QType::NSEC, QType::RRSIG }, 600, res->d_records); - addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300); - return 1; - } - else { - return genericDSAndDNSKEYHandler(res, domain, domain, type, keys); - } + if (type == QType::DS || type == QType::DNSKEY) { + if (type == QType::DS && domain == target) { + setLWResult(res, RCode::NoError, true, false, true); + addRecordToLW(res, DNSName("powerdns.com."), QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); + addRRSIG(keys, res->d_records, DNSName("powerdns.com."), 300); + addNSECRecordToLW(DNSName("www.powerdns.com."), DNSName("wwz.powerdns.com."), {QType::A, QType::NSEC, QType::RRSIG}, 600, res->d_records); + addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300); + return 1; } else { - if (isRootServer(ip)) { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600); - addDS(DNSName("com."), 300, res->d_records, keys); - addRRSIG(keys, res->d_records, DNSName("."), 300); + return genericDSAndDNSKEYHandler(res, domain, domain, type, keys); + } + } + else { + if (isRootServer(ip)) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600); + addDS(DNSName("com."), 300, res->d_records, keys); + addRRSIG(keys, res->d_records, DNSName("."), 300); + addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); + return 1; + } + else if (ip == ComboAddress("192.0.2.1:53")) { + if (domain == DNSName("com.")) { + setLWResult(res, 0, true, false, true); + addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com."); + addRRSIG(keys, res->d_records, domain, 300); addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - return 1; + addRRSIG(keys, res->d_records, domain, 300); } - else if (ip == ComboAddress("192.0.2.1:53")) { - if (domain == DNSName("com.")) { - setLWResult(res, 0, true, false, true); - addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com."); - addRRSIG(keys, res->d_records, domain, 300); - addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - addRRSIG(keys, res->d_records, domain, 300); - } - else { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, "powerdns.com.", QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600); - addDS(DNSName("powerdns.com."), 300, res->d_records, keys); - addRRSIG(keys, res->d_records, DNSName("com."), 300); - addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); - } - return 1; + else { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, "powerdns.com.", QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600); + addDS(DNSName("powerdns.com."), 300, res->d_records, keys); + addRRSIG(keys, res->d_records, DNSName("com."), 300); + addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); } - else if (ip == ComboAddress("192.0.2.2:53")) { - setLWResult(res, 0, true, false, true); - if (type == QType::NS) { - if (domain == DNSName("powerdns.com.")) { - addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com."); - addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300); - addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); - addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300); - } - else { - addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); - addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300); - addNSECRecordToLW(DNSName("www.powerdns.com."), DNSName("wwz.powerdns.com."), { QType::A, QType::NSEC, QType::RRSIG }, 600, res->d_records); - addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300); - } + return 1; + } + else if (ip == ComboAddress("192.0.2.2:53")) { + setLWResult(res, 0, true, false, true); + if (type == QType::NS) { + if (domain == DNSName("powerdns.com.")) { + addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com."); + addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300); + addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); + addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300); } else { - addRecordToLW(res, domain, QType::A, "192.0.2.42"); - addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300, false, boost::none, DNSName("*.powerdns.com")); - /* we need to add the proof that this name does not exist, so the wildcard may apply */ - /* first the closest encloser */ - addNSEC3UnhashedRecordToLW(DNSName("powerdns.com."), DNSName("powerdns.com."), "whatever", { QType::A, QType::TXT, QType::RRSIG, QType::NSEC }, 600, res->d_records); - addRRSIG(keys, res->d_records, DNSName("powerdns.com."), 300); - /* then the next closer */ - addNSEC3NarrowRecordToLW(DNSName("www.powerdns.com."), DNSName("powerdns.com."), { QType::A, QType::TXT, QType::RRSIG, QType::NSEC }, 600, res->d_records, g_maxNSEC3Iterations + 100); - addRRSIG(keys, res->d_records, DNSName("powerdns.com."), 300); + addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); + addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300); + addNSECRecordToLW(DNSName("www.powerdns.com."), DNSName("wwz.powerdns.com."), {QType::A, QType::NSEC, QType::RRSIG}, 600, res->d_records); + addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300); } - return 1; } + else { + addRecordToLW(res, domain, QType::A, "192.0.2.42"); + addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300, false, boost::none, DNSName("*.powerdns.com")); + /* we need to add the proof that this name does not exist, so the wildcard may apply */ + /* first the closest encloser */ + addNSEC3UnhashedRecordToLW(DNSName("powerdns.com."), DNSName("powerdns.com."), "whatever", {QType::A, QType::TXT, QType::RRSIG, QType::NSEC}, 600, res->d_records); + addRRSIG(keys, res->d_records, DNSName("powerdns.com."), 300); + /* then the next closer */ + addNSEC3NarrowRecordToLW(DNSName("www.powerdns.com."), DNSName("powerdns.com."), {QType::A, QType::TXT, QType::RRSIG, QType::NSEC}, 600, res->d_records, g_maxNSEC3Iterations + 100); + addRRSIG(keys, res->d_records, DNSName("powerdns.com."), 300); + } + return 1; } + } - return 0; - }); + return 0; + }); /* the NSEC3 providing the denial of existence proof for the next closer has too many iterations, we should end up Insecure */ @@ -1301,7 +1313,8 @@ BOOST_AUTO_TEST_CASE(test_dnssec_validation_nsec3_wildcard_too_many_iterations) BOOST_CHECK_EQUAL(queriesCount, 9U); } -BOOST_AUTO_TEST_CASE(test_dnssec_validation_nsec_wildcard_missing) { +BOOST_AUTO_TEST_CASE(test_dnssec_validation_nsec_wildcard_missing) +{ std::unique_ptr sr; initSR(sr, true); @@ -1321,74 +1334,74 @@ BOOST_AUTO_TEST_CASE(test_dnssec_validation_nsec_wildcard_missing) { size_t queriesCount = 0; - sr->setAsyncCallback([target,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - queriesCount++; + sr->setAsyncCallback([target, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queriesCount++; - if (type == QType::DS || type == QType::DNSKEY) { - if (type == QType::DS && domain == target) { - setLWResult(res, RCode::NoError, true, false, true); - addRecordToLW(res, DNSName("powerdns.com."), QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); - addRRSIG(keys, res->d_records, DNSName("powerdns.com."), 300); - addNSECRecordToLW(DNSName("www.powerdns.com."), DNSName("wwz.powerdns.com."), { QType::A, QType::NSEC, QType::RRSIG }, 600, res->d_records); - addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300); - return 1; - } - else { - return genericDSAndDNSKEYHandler(res, domain, domain, type, keys); - } + if (type == QType::DS || type == QType::DNSKEY) { + if (type == QType::DS && domain == target) { + setLWResult(res, RCode::NoError, true, false, true); + addRecordToLW(res, DNSName("powerdns.com."), QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); + addRRSIG(keys, res->d_records, DNSName("powerdns.com."), 300); + addNSECRecordToLW(DNSName("www.powerdns.com."), DNSName("wwz.powerdns.com."), {QType::A, QType::NSEC, QType::RRSIG}, 600, res->d_records); + addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300); + return 1; } else { - if (isRootServer(ip)) { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600); - addDS(DNSName("com."), 300, res->d_records, keys); - addRRSIG(keys, res->d_records, DNSName("."), 300); + return genericDSAndDNSKEYHandler(res, domain, domain, type, keys); + } + } + else { + if (isRootServer(ip)) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600); + addDS(DNSName("com."), 300, res->d_records, keys); + addRRSIG(keys, res->d_records, DNSName("."), 300); + addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); + return 1; + } + else if (ip == ComboAddress("192.0.2.1:53")) { + if (domain == DNSName("com.")) { + setLWResult(res, 0, true, false, true); + addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com."); + addRRSIG(keys, res->d_records, domain, 300); addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - return 1; + addRRSIG(keys, res->d_records, domain, 300); } - else if (ip == ComboAddress("192.0.2.1:53")) { - if (domain == DNSName("com.")) { - setLWResult(res, 0, true, false, true); - addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com."); - addRRSIG(keys, res->d_records, domain, 300); - addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - addRRSIG(keys, res->d_records, domain, 300); - } - else { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, "powerdns.com.", QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600); - addDS(DNSName("powerdns.com."), 300, res->d_records, keys); - addRRSIG(keys, res->d_records, DNSName("com."), 300); - addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); - } - return 1; + else { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, "powerdns.com.", QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600); + addDS(DNSName("powerdns.com."), 300, res->d_records, keys); + addRRSIG(keys, res->d_records, DNSName("com."), 300); + addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); } - else if (ip == ComboAddress("192.0.2.2:53")) { - setLWResult(res, 0, true, false, true); - if (type == QType::NS) { - if (domain == DNSName("powerdns.com.")) { - addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com."); - addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300); - addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); - addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300); - } - else { - addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); - addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300); - addNSECRecordToLW(DNSName("www.powerdns.com."), DNSName("wwz.powerdns.com."), { QType::A, QType::NSEC, QType::RRSIG }, 600, res->d_records); - addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300); - } + return 1; + } + else if (ip == ComboAddress("192.0.2.2:53")) { + setLWResult(res, 0, true, false, true); + if (type == QType::NS) { + if (domain == DNSName("powerdns.com.")) { + addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com."); + addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300); + addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); + addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300); } else { - addRecordToLW(res, domain, QType::A, "192.0.2.42"); - addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300, false, boost::none, DNSName("*.powerdns.com")); + addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); + addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300); + addNSECRecordToLW(DNSName("www.powerdns.com."), DNSName("wwz.powerdns.com."), {QType::A, QType::NSEC, QType::RRSIG}, 600, res->d_records); + addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300); } - return 1; } + else { + addRecordToLW(res, domain, QType::A, "192.0.2.42"); + addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300, false, boost::none, DNSName("*.powerdns.com")); + } + return 1; } + } - return 0; - }); + return 0; + }); vector ret; int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret); @@ -1406,7 +1419,8 @@ BOOST_AUTO_TEST_CASE(test_dnssec_validation_nsec_wildcard_missing) { BOOST_CHECK_EQUAL(queriesCount, 9U); } -BOOST_AUTO_TEST_CASE(test_dnssec_validation_wildcard_expanded_onto_itself) { +BOOST_AUTO_TEST_CASE(test_dnssec_validation_wildcard_expanded_onto_itself) +{ std::unique_ptr sr; initSR(sr, true); @@ -1424,8 +1438,7 @@ BOOST_AUTO_TEST_CASE(test_dnssec_validation_wildcard_expanded_onto_itself) { g_luaconfs.setState(luaconfsCopy); - sr->setAsyncCallback([target,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - + sr->setAsyncCallback([target, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { if (type == QType::DS || type == QType::DNSKEY) { if (domain == target) { const auto auth = DNSName("powerdns.com."); @@ -1434,7 +1447,7 @@ BOOST_AUTO_TEST_CASE(test_dnssec_validation_wildcard_expanded_onto_itself) { addRecordToLW(res, auth, QType::SOA, "foo. bar. 2017032800 1800 900 604800 86400", DNSResourceRecord::AUTHORITY, 86400); addRRSIG(keys, res->d_records, auth, 300); /* add a NSEC denying the DS */ - std::set types = { QType::NSEC }; + std::set types = {QType::NSEC}; addNSECRecordToLW(domain, DNSName("z") + domain, types, 600, res->d_records); addRRSIG(keys, res->d_records, auth, 300); return 1; @@ -1447,7 +1460,7 @@ BOOST_AUTO_TEST_CASE(test_dnssec_validation_wildcard_expanded_onto_itself) { addRRSIG(keys, res->d_records, DNSName("powerdns.com."), 300, false, boost::none, DNSName("*.powerdns.com")); /* we don't _really_ need to add the proof that the exact name does not exist because it does, it's the wildcard itself, but let's do it so other validators don't choke on it */ - addNSECRecordToLW(DNSName("*.powerdns.com."), DNSName("wwz.powerdns.com."), { QType::A, QType::NSEC, QType::RRSIG }, 600, res->d_records); + addNSECRecordToLW(DNSName("*.powerdns.com."), DNSName("wwz.powerdns.com."), {QType::A, QType::NSEC, QType::RRSIG}, 600, res->d_records); addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300, false, boost::none, DNSName("*.powerdns.com")); return 1; } @@ -1461,7 +1474,8 @@ BOOST_AUTO_TEST_CASE(test_dnssec_validation_wildcard_expanded_onto_itself) { BOOST_REQUIRE_EQUAL(ret.size(), 4U); } -BOOST_AUTO_TEST_CASE(test_dnssec_validation_wildcard_like_expanded_from_wildcard) { +BOOST_AUTO_TEST_CASE(test_dnssec_validation_wildcard_like_expanded_from_wildcard) +{ std::unique_ptr sr; initSR(sr, true); @@ -1479,8 +1493,7 @@ BOOST_AUTO_TEST_CASE(test_dnssec_validation_wildcard_like_expanded_from_wildcard g_luaconfs.setState(luaconfsCopy); - sr->setAsyncCallback([target,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - + sr->setAsyncCallback([target, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { if (type == QType::DS || type == QType::DNSKEY) { if (domain == target) { const auto auth = DNSName("powerdns.com."); @@ -1488,7 +1501,7 @@ BOOST_AUTO_TEST_CASE(test_dnssec_validation_wildcard_like_expanded_from_wildcard setLWResult(res, 0, true, false, true); addRecordToLW(res, auth, QType::SOA, "foo. bar. 2017032800 1800 900 604800 86400", DNSResourceRecord::AUTHORITY, 86400); addRRSIG(keys, res->d_records, auth, 300); - addNSECRecordToLW(DNSName("*.powerdns.com."), DNSName("wwz.powerdns.com."), { QType::A, QType::NSEC, QType::RRSIG }, 600, res->d_records); + addNSECRecordToLW(DNSName("*.powerdns.com."), DNSName("wwz.powerdns.com."), {QType::A, QType::NSEC, QType::RRSIG}, 600, res->d_records); addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300, false, boost::none, DNSName("*.powerdns.com")); return 1; } @@ -1499,7 +1512,7 @@ BOOST_AUTO_TEST_CASE(test_dnssec_validation_wildcard_like_expanded_from_wildcard addRecordToLW(res, auth, QType::SOA, "foo. bar. 2017032800 1800 900 604800 86400", DNSResourceRecord::AUTHORITY, 86400); addRRSIG(keys, res->d_records, auth, 300); /* add a NSEC denying the DS */ - addNSECRecordToLW(DNSName("*.powerdns.com."), DNSName("wwz.powerdns.com."), { QType::A, QType::NSEC, QType::RRSIG }, 600, res->d_records); + addNSECRecordToLW(DNSName("*.powerdns.com."), DNSName("wwz.powerdns.com."), {QType::A, QType::NSEC, QType::RRSIG}, 600, res->d_records); addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300, false, boost::none, DNSName("*.powerdns.com")); return 1; } @@ -1509,7 +1522,7 @@ BOOST_AUTO_TEST_CASE(test_dnssec_validation_wildcard_like_expanded_from_wildcard setLWResult(res, 0, true, false, true); addRecordToLW(res, domain, QType::A, "192.0.2.42"); addRRSIG(keys, res->d_records, DNSName("powerdns.com."), 300, false, boost::none, DNSName("*.powerdns.com")); - addNSECRecordToLW(DNSName("*.powerdns.com."), DNSName("wwz.powerdns.com."), { QType::A, QType::NSEC, QType::RRSIG }, 600, res->d_records); + addNSECRecordToLW(DNSName("*.powerdns.com."), DNSName("wwz.powerdns.com."), {QType::A, QType::NSEC, QType::RRSIG}, 600, res->d_records); addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300, false, boost::none, DNSName("*.powerdns.com")); return 1; } diff --git a/pdns/recursordist/test-syncres_cc6.cc b/pdns/recursordist/test-syncres_cc6.cc index 2ed14375e6..a056712935 100644 --- a/pdns/recursordist/test-syncres_cc6.cc +++ b/pdns/recursordist/test-syncres_cc6.cc @@ -5,7 +5,8 @@ BOOST_AUTO_TEST_SUITE(syncres_cc6) -BOOST_AUTO_TEST_CASE(test_dnssec_no_ds_on_referral_secure) { +BOOST_AUTO_TEST_CASE(test_dnssec_no_ds_on_referral_secure) +{ std::unique_ptr sr; initSR(sr, true); @@ -26,83 +27,83 @@ BOOST_AUTO_TEST_CASE(test_dnssec_no_ds_on_referral_secure) { size_t queriesCount = 0; size_t dsQueriesCount = 0; - sr->setAsyncCallback([target,&queriesCount,&dsQueriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - queriesCount++; + sr->setAsyncCallback([target, &queriesCount, &dsQueriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queriesCount++; - if (type == QType::DS) { - DNSName auth(domain); - auth.chopOff(); - dsQueriesCount++; + if (type == QType::DS) { + DNSName auth(domain); + auth.chopOff(); + dsQueriesCount++; - if (domain == target) { - if (genericDSAndDNSKEYHandler(res, domain, auth, type, keys, false) == 0) { - return 0; - } - return 1; + if (domain == target) { + if (genericDSAndDNSKEYHandler(res, domain, auth, type, keys, false) == 0) { + return 0; } - - setLWResult(res, 0, true, false, true); - addDS(domain, 300, res->d_records, keys, DNSResourceRecord::ANSWER); - addRRSIG(keys, res->d_records, auth, 300); return 1; } - else if (type == QType::DNSKEY) { - setLWResult(res, 0, true, false, true); - addDNSKEY(keys, domain, 300, res->d_records); - addRRSIG(keys, res->d_records, domain, 300); + + setLWResult(res, 0, true, false, true); + addDS(domain, 300, res->d_records, keys, DNSResourceRecord::ANSWER); + addRRSIG(keys, res->d_records, auth, 300); + return 1; + } + else if (type == QType::DNSKEY) { + setLWResult(res, 0, true, false, true); + addDNSKEY(keys, domain, 300, res->d_records); + addRRSIG(keys, res->d_records, domain, 300); + return 1; + } + else { + if (isRootServer(ip)) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600); + addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); + /* No DS on referral, and no denial of the DS either */ return 1; } - else { - if (isRootServer(ip)) { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600); + else if (ip == ComboAddress("192.0.2.1:53")) { + if (domain == DNSName("com.")) { + setLWResult(res, 0, true, false, true); + addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com."); + addRRSIG(keys, res->d_records, domain, 300); addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); + addRRSIG(keys, res->d_records, domain, 300); + } + else { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, "powerdns.com.", QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600); + addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); /* No DS on referral, and no denial of the DS either */ - return 1; } - else if (ip == ComboAddress("192.0.2.1:53")) { - if (domain == DNSName("com.")) { - setLWResult(res, 0, true, false, true); - addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com."); - addRRSIG(keys, res->d_records, domain, 300); - addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - addRRSIG(keys, res->d_records, domain, 300); - } - else { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, "powerdns.com.", QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600); + return 1; + } + else if (ip == ComboAddress("192.0.2.2:53")) { + setLWResult(res, 0, true, false, true); + if (type == QType::NS) { + if (domain == DNSName("powerdns.com.")) { + addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com."); + addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300); addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); - /* No DS on referral, and no denial of the DS either */ - } - return 1; - } - else if (ip == ComboAddress("192.0.2.2:53")) { - setLWResult(res, 0, true, false, true); - if (type == QType::NS) { - if (domain == DNSName("powerdns.com.")) { - addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com."); - addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300); - addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); - addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300); - } - else { - addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); - addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300); - addNSECRecordToLW(DNSName("www.powerdns.com."), DNSName("wwz.powerdns.com."), { QType::A, QType::NSEC, QType::RRSIG }, 600, res->d_records); - addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300); - } + addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300); } else { - addRecordToLW(res, domain, QType::A, "192.0.2.42"); + addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); + addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300); + addNSECRecordToLW(DNSName("www.powerdns.com."), DNSName("wwz.powerdns.com."), {QType::A, QType::NSEC, QType::RRSIG}, 600, res->d_records); addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300); } - - return 1; } + else { + addRecordToLW(res, domain, QType::A, "192.0.2.42"); + addRRSIG(keys, res->d_records, DNSName("powerdns.com"), 300); + } + + return 1; } + } - return 0; - }); + return 0; + }); vector ret; int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret); @@ -122,7 +123,8 @@ BOOST_AUTO_TEST_CASE(test_dnssec_no_ds_on_referral_secure) { BOOST_CHECK_EQUAL(dsQueriesCount, 3U); } -BOOST_AUTO_TEST_CASE(test_dnssec_ds_sign_loop) { +BOOST_AUTO_TEST_CASE(test_dnssec_ds_sign_loop) +{ std::unique_ptr sr; initSR(sr, true); @@ -143,82 +145,82 @@ BOOST_AUTO_TEST_CASE(test_dnssec_ds_sign_loop) { size_t queriesCount = 0; - sr->setAsyncCallback([target,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - queriesCount++; + sr->setAsyncCallback([target, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queriesCount++; - if (type == QType::DS) { - DNSName auth(domain); - auth.chopOff(); + if (type == QType::DS) { + DNSName auth(domain); + auth.chopOff(); - setLWResult(res, 0, true, false, true); - if (domain == target) { - addDS(domain, 300, res->d_records, keys, DNSResourceRecord::ANSWER); + setLWResult(res, 0, true, false, true); + if (domain == target) { + addDS(domain, 300, res->d_records, keys, DNSResourceRecord::ANSWER); + addRRSIG(keys, res->d_records, domain, 300); + } + else { + addDS(domain, 300, res->d_records, keys, DNSResourceRecord::ANSWER); + addRRSIG(keys, res->d_records, auth, 300); + } + return 1; + } + else if (type == QType::DNSKEY) { + setLWResult(res, 0, true, false, true); + addDNSKEY(keys, domain, 300, res->d_records); + addRRSIG(keys, res->d_records, domain, 300); + return 1; + } + else { + if (isRootServer(ip)) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600); + addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); + addDS(DNSName("com."), 300, res->d_records, keys); + addRRSIG(keys, res->d_records, DNSName("."), 300); + return 1; + } + else if (ip == ComboAddress("192.0.2.1:53")) { + if (domain == DNSName("com.")) { + setLWResult(res, 0, true, false, true); + addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com."); + addRRSIG(keys, res->d_records, domain, 300); + addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); addRRSIG(keys, res->d_records, domain, 300); } else { - addDS(domain, 300, res->d_records, keys, DNSResourceRecord::ANSWER); - addRRSIG(keys, res->d_records, auth, 300); + setLWResult(res, 0, false, false, true); + addRecordToLW(res, "powerdns.com.", QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600); + /* no DS */ + addNSECRecordToLW(domain, DNSName("z.powerdns.com."), {QType::NS}, 600, res->d_records); + addRRSIG(keys, res->d_records, DNSName("com."), 300); + addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); } return 1; } - else if (type == QType::DNSKEY) { - setLWResult(res, 0, true, false, true); - addDNSKEY(keys, domain, 300, res->d_records); - addRRSIG(keys, res->d_records, domain, 300); - return 1; - } - else { - if (isRootServer(ip)) { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600); - addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - addDS(DNSName("com."), 300, res->d_records, keys); - addRRSIG(keys, res->d_records, DNSName("."), 300); - return 1; - } - else if (ip == ComboAddress("192.0.2.1:53")) { - if (domain == DNSName("com.")) { - setLWResult(res, 0, true, false, true); - addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com."); - addRRSIG(keys, res->d_records, domain, 300); - addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - addRRSIG(keys, res->d_records, domain, 300); - } - else { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, "powerdns.com.", QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600); - /* no DS */ - addNSECRecordToLW(domain, DNSName("z.powerdns.com."), { QType::NS }, 600, res->d_records); - addRRSIG(keys, res->d_records, DNSName("com."), 300); - addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); - } - return 1; - } - else if (ip == ComboAddress("192.0.2.2:53")) { - if (type == QType::NS) { - if (domain == DNSName("powerdns.com.")) { - setLWResult(res, RCode::Refused, false, false, true); - } - else { - setLWResult(res, 0, true, false, true); - addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com."); - addRRSIG(keys, res->d_records, domain, 300); - addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); - addRRSIG(keys, res->d_records, domain, 300); - } + else if (ip == ComboAddress("192.0.2.2:53")) { + if (type == QType::NS) { + if (domain == DNSName("powerdns.com.")) { + setLWResult(res, RCode::Refused, false, false, true); } else { setLWResult(res, 0, true, false, true); - addRecordToLW(res, domain, QType::A, "192.0.2.42"); - addRRSIG(keys, res->d_records, DNSName("www.powerdns.com"), 300); + addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com."); + addRRSIG(keys, res->d_records, domain, 300); + addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); + addRRSIG(keys, res->d_records, domain, 300); } - - return 1; } + else { + setLWResult(res, 0, true, false, true); + addRecordToLW(res, domain, QType::A, "192.0.2.42"); + addRRSIG(keys, res->d_records, DNSName("www.powerdns.com"), 300); + } + + return 1; } + } - return 0; - }); + return 0; + }); vector ret; int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret); @@ -236,7 +238,8 @@ BOOST_AUTO_TEST_CASE(test_dnssec_ds_sign_loop) { BOOST_CHECK_EQUAL(queriesCount, 8U); } -BOOST_AUTO_TEST_CASE(test_dnssec_dnskey_signed_child) { +BOOST_AUTO_TEST_CASE(test_dnssec_dnskey_signed_child) +{ /* check that we don't accept a signer below us */ std::unique_ptr sr; initSR(sr, true); @@ -259,75 +262,75 @@ BOOST_AUTO_TEST_CASE(test_dnssec_dnskey_signed_child) { size_t queriesCount = 0; - sr->setAsyncCallback([target,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - queriesCount++; - - if (type == QType::DS) { - DNSName auth(domain); - auth.chopOff(); - - setLWResult(res, 0, true, false, true); - addDS(domain, 300, res->d_records, keys, DNSResourceRecord::ANSWER); - addRRSIG(keys, res->d_records, auth, 300); + sr->setAsyncCallback([target, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queriesCount++; + + if (type == QType::DS) { + DNSName auth(domain); + auth.chopOff(); + + setLWResult(res, 0, true, false, true); + addDS(domain, 300, res->d_records, keys, DNSResourceRecord::ANSWER); + addRRSIG(keys, res->d_records, auth, 300); + return 1; + } + else if (type == QType::DNSKEY) { + setLWResult(res, 0, true, false, true); + addDNSKEY(keys, domain, 300, res->d_records); + if (domain == DNSName("www.powerdns.com.")) { + addRRSIG(keys, res->d_records, DNSName("sub.www.powerdns.com."), 300); + } + else { + addRRSIG(keys, res->d_records, domain, 300); + } + return 1; + } + else { + if (isRootServer(ip)) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600); + addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); + addDS(DNSName("com."), 300, res->d_records, keys); + addRRSIG(keys, res->d_records, DNSName("."), 300); return 1; } - else if (type == QType::DNSKEY) { - setLWResult(res, 0, true, false, true); - addDNSKEY(keys, domain, 300, res->d_records); - if (domain == DNSName("www.powerdns.com.")) { - addRRSIG(keys, res->d_records, DNSName("sub.www.powerdns.com."), 300); + else if (ip == ComboAddress("192.0.2.1:53")) { + if (domain == DNSName("com.")) { + setLWResult(res, 0, true, false, true); + addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com."); + addRRSIG(keys, res->d_records, domain, 300); + addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); + addRRSIG(keys, res->d_records, domain, 300); } else { - addRRSIG(keys, res->d_records, domain, 300); + setLWResult(res, 0, false, false, true); + addRecordToLW(res, "powerdns.com.", QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600); + addDS(DNSName("powerdns.com."), 300, res->d_records, keys); + addRRSIG(keys, res->d_records, DNSName("com."), 300); + addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); } return 1; } - else { - if (isRootServer(ip)) { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600); - addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - addDS(DNSName("com."), 300, res->d_records, keys); - addRRSIG(keys, res->d_records, DNSName("."), 300); - return 1; + else if (ip == ComboAddress("192.0.2.2:53")) { + if (type == QType::NS) { + setLWResult(res, 0, true, false, true); + addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com."); + addRRSIG(keys, res->d_records, domain, 300); + addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); + addRRSIG(keys, res->d_records, domain, 300); } - else if (ip == ComboAddress("192.0.2.1:53")) { - if (domain == DNSName("com.")) { - setLWResult(res, 0, true, false, true); - addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com."); - addRRSIG(keys, res->d_records, domain, 300); - addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - addRRSIG(keys, res->d_records, domain, 300); - } - else { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, "powerdns.com.", QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600); - addDS(DNSName("powerdns.com."), 300, res->d_records, keys); - addRRSIG(keys, res->d_records, DNSName("com."), 300); - addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); - } - return 1; + else { + setLWResult(res, 0, true, false, true); + addRecordToLW(res, domain, QType::A, "192.0.2.42"); + addRRSIG(keys, res->d_records, domain, 300); } - else if (ip == ComboAddress("192.0.2.2:53")) { - if (type == QType::NS) { - setLWResult(res, 0, true, false, true); - addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com."); - addRRSIG(keys, res->d_records, domain, 300); - addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); - addRRSIG(keys, res->d_records, domain, 300); - } - else { - setLWResult(res, 0, true, false, true); - addRecordToLW(res, domain, QType::A, "192.0.2.42"); - addRRSIG(keys, res->d_records, domain, 300); - } - return 1; - } + return 1; } + } - return 0; - }); + return 0; + }); vector ret; int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret); @@ -345,7 +348,8 @@ BOOST_AUTO_TEST_CASE(test_dnssec_dnskey_signed_child) { BOOST_CHECK_EQUAL(queriesCount, 10U); } -BOOST_AUTO_TEST_CASE(test_dnssec_no_ds_on_referral_insecure) { +BOOST_AUTO_TEST_CASE(test_dnssec_no_ds_on_referral_insecure) +{ std::unique_ptr sr; initSR(sr, true); @@ -365,76 +369,76 @@ BOOST_AUTO_TEST_CASE(test_dnssec_no_ds_on_referral_insecure) { size_t queriesCount = 0; size_t dsQueriesCount = 0; - sr->setAsyncCallback([target,&queriesCount,&dsQueriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - queriesCount++; + sr->setAsyncCallback([target, &queriesCount, &dsQueriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queriesCount++; - if (type == QType::DS) { - DNSName auth(domain); - auth.chopOff(); - dsQueriesCount++; + if (type == QType::DS) { + DNSName auth(domain); + auth.chopOff(); + dsQueriesCount++; - setLWResult(res, 0, true, false, true); + setLWResult(res, 0, true, false, true); + if (domain == DNSName("com.")) { + addDS(domain, 300, res->d_records, keys, DNSResourceRecord::ANSWER); + } + else { + addRecordToLW(res, "com.", QType::SOA, "a.gtld-servers.com. hostmastercom. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); + addRRSIG(keys, res->d_records, DNSName("com."), 300); + addNSECRecordToLW(domain, DNSName("powerdnt.com."), {QType::NS}, 600, res->d_records); + } + addRRSIG(keys, res->d_records, auth, 300); + return 1; + } + else if (type == QType::DNSKEY) { + setLWResult(res, 0, true, false, true); + addDNSKEY(keys, domain, 300, res->d_records); + addRRSIG(keys, res->d_records, domain, 300); + return 1; + } + else { + if (isRootServer(ip)) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600); + addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); + /* No DS on referral, and no denial of the DS either */ + return 1; + } + else if (ip == ComboAddress("192.0.2.1:53")) { if (domain == DNSName("com.")) { - addDS(domain, 300, res->d_records, keys, DNSResourceRecord::ANSWER); + setLWResult(res, 0, true, false, true); + addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com."); + addRRSIG(keys, res->d_records, domain, 300); + addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); + addRRSIG(keys, res->d_records, domain, 300); } else { - addRecordToLW(res, "com.", QType::SOA, "a.gtld-servers.com. hostmastercom. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); - addRRSIG(keys, res->d_records, DNSName("com."), 300); - addNSECRecordToLW(domain, DNSName("powerdnt.com."), { QType::NS }, 600, res->d_records); + setLWResult(res, 0, false, false, true); + addRecordToLW(res, "powerdns.com.", QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600); + addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); + /* No DS on referral, and no denial of the DS either */ } - addRRSIG(keys, res->d_records, auth, 300); return 1; } - else if (type == QType::DNSKEY) { + else if (ip == ComboAddress("192.0.2.2:53")) { setLWResult(res, 0, true, false, true); - addDNSKEY(keys, domain, 300, res->d_records); - addRRSIG(keys, res->d_records, domain, 300); - return 1; - } - else { - if (isRootServer(ip)) { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600); - addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - /* No DS on referral, and no denial of the DS either */ - return 1; - } - else if (ip == ComboAddress("192.0.2.1:53")) { - if (domain == DNSName("com.")) { - setLWResult(res, 0, true, false, true); - addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com."); - addRRSIG(keys, res->d_records, domain, 300); - addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - addRRSIG(keys, res->d_records, domain, 300); - } - else { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, "powerdns.com.", QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600); + if (type == QType::NS) { + if (domain == DNSName("powerdns.com.")) { + addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com."); addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); - /* No DS on referral, and no denial of the DS either */ - } - return 1; - } - else if (ip == ComboAddress("192.0.2.2:53")) { - setLWResult(res, 0, true, false, true); - if (type == QType::NS) { - if (domain == DNSName("powerdns.com.")) { - addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com."); - addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); - } - else { - addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); - } } else { - addRecordToLW(res, domain, QType::A, "192.0.2.42"); + addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); } - return 1; } + else { + addRecordToLW(res, domain, QType::A, "192.0.2.42"); + } + return 1; } + } - return 0; - }); + return 0; + }); vector ret; int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret); @@ -454,7 +458,8 @@ BOOST_AUTO_TEST_CASE(test_dnssec_no_ds_on_referral_insecure) { BOOST_CHECK_EQUAL(dsQueriesCount, 2U); } -BOOST_AUTO_TEST_CASE(test_dnssec_validation_bogus_unsigned_nsec) { +BOOST_AUTO_TEST_CASE(test_dnssec_validation_bogus_unsigned_nsec) +{ std::unique_ptr sr; initSR(sr, true); @@ -474,55 +479,55 @@ BOOST_AUTO_TEST_CASE(test_dnssec_validation_bogus_unsigned_nsec) { size_t queriesCount = 0; - sr->setAsyncCallback([target,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - queriesCount++; - - if (type == QType::DS || type == QType::DNSKEY) { - return genericDSAndDNSKEYHandler(res, domain, domain, type, keys); + sr->setAsyncCallback([target, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queriesCount++; + + if (type == QType::DS || type == QType::DNSKEY) { + return genericDSAndDNSKEYHandler(res, domain, domain, type, keys); + } + else { + if (isRootServer(ip)) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600); + addDS(DNSName("com."), 300, res->d_records, keys); + addRRSIG(keys, res->d_records, DNSName("."), 300); + addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); + return 1; } - else { - if (isRootServer(ip)) { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600); - addDS(DNSName("com."), 300, res->d_records, keys); - addRRSIG(keys, res->d_records, DNSName("."), 300); + else if (ip == ComboAddress("192.0.2.1:53")) { + if (domain == DNSName("com.")) { + setLWResult(res, 0, true, false, true); + addRecordToLW(res, DNSName("com."), QType::NS, "a.gtld-servers.com."); + addRRSIG(keys, res->d_records, DNSName("com."), 300); addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - return 1; } - else if (ip == ComboAddress("192.0.2.1:53")) { - if (domain == DNSName("com.")) { - setLWResult(res, 0, true, false, true); - addRecordToLW(res, DNSName("com."), QType::NS, "a.gtld-servers.com."); - addRRSIG(keys, res->d_records, DNSName("com."), 300); - addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - } - else { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600); - addDS(domain, 300, res->d_records, keys); - addRRSIG(keys, res->d_records, DNSName("com."), 300); - addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); - } - return 1; + else { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600); + addDS(domain, 300, res->d_records, keys); + addRRSIG(keys, res->d_records, DNSName("com."), 300); + addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); } - else if (ip == ComboAddress("192.0.2.2:53")) { - setLWResult(res, 0, true, false, true); - if (type == QType::NS) { - addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com."); - addRRSIG(keys, res->d_records, domain, 300); - } - else { - addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); - addRRSIG(keys, res->d_records, domain, 300); - addNSECRecordToLW(domain, DNSName("z.powerdns.com."), { QType::NS, QType::DNSKEY }, 600, res->d_records); - /* NO RRSIG for the NSEC record! */ - } - return 1; + return 1; + } + else if (ip == ComboAddress("192.0.2.2:53")) { + setLWResult(res, 0, true, false, true); + if (type == QType::NS) { + addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com."); + addRRSIG(keys, res->d_records, domain, 300); } + else { + addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); + addRRSIG(keys, res->d_records, domain, 300); + addNSECRecordToLW(domain, DNSName("z.powerdns.com."), {QType::NS, QType::DNSKEY}, 600, res->d_records); + /* NO RRSIG for the NSEC record! */ + } + return 1; } + } - return 0; - }); + return 0; + }); /* NSEC record without the corresponding RRSIG in a secure zone, should be Bogus! */ vector ret; @@ -541,7 +546,8 @@ BOOST_AUTO_TEST_CASE(test_dnssec_validation_bogus_unsigned_nsec) { BOOST_CHECK_EQUAL(queriesCount, 8U); } -BOOST_AUTO_TEST_CASE(test_dnssec_validation_bogus_no_nsec) { +BOOST_AUTO_TEST_CASE(test_dnssec_validation_bogus_no_nsec) +{ std::unique_ptr sr; initSR(sr, true); @@ -561,55 +567,55 @@ BOOST_AUTO_TEST_CASE(test_dnssec_validation_bogus_no_nsec) { size_t queriesCount = 0; - sr->setAsyncCallback([target,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - queriesCount++; - - if (type == QType::DS || type == QType::DNSKEY) { - return genericDSAndDNSKEYHandler(res, domain, domain, type, keys); + sr->setAsyncCallback([target, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queriesCount++; + + if (type == QType::DS || type == QType::DNSKEY) { + return genericDSAndDNSKEYHandler(res, domain, domain, type, keys); + } + else { + if (isRootServer(ip)) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600); + addDS(DNSName("com."), 300, res->d_records, keys); + addRRSIG(keys, res->d_records, DNSName("."), 300); + addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); + return 1; } - else { - if (isRootServer(ip)) { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600); - addDS(DNSName("com."), 300, res->d_records, keys); - addRRSIG(keys, res->d_records, DNSName("."), 300); + else if (ip == ComboAddress("192.0.2.1:53")) { + if (domain == DNSName("com.")) { + setLWResult(res, 0, true, false, true); + addRecordToLW(res, DNSName("com."), QType::NS, "a.gtld-servers.com."); + addRRSIG(keys, res->d_records, DNSName("com."), 300); addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - return 1; } - else if (ip == ComboAddress("192.0.2.1:53")) { - if (domain == DNSName("com.")) { - setLWResult(res, 0, true, false, true); - addRecordToLW(res, DNSName("com."), QType::NS, "a.gtld-servers.com."); - addRRSIG(keys, res->d_records, DNSName("com."), 300); - addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - } - else { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600); - addDS(domain, 300, res->d_records, keys); - addRRSIG(keys, res->d_records, DNSName("com."), 300); - addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); - } - return 1; + else { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600); + addDS(domain, 300, res->d_records, keys); + addRRSIG(keys, res->d_records, DNSName("com."), 300); + addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); } - else if (ip == ComboAddress("192.0.2.2:53")) { - setLWResult(res, 0, true, false, true); - if (type == QType::NS) { - addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com."); - addRRSIG(keys, res->d_records, domain, 300); - } - else { - addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); - addRRSIG(keys, res->d_records, domain, 300); + return 1; + } + else if (ip == ComboAddress("192.0.2.2:53")) { + setLWResult(res, 0, true, false, true); + if (type == QType::NS) { + addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com."); + addRRSIG(keys, res->d_records, domain, 300); + } + else { + addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); + addRRSIG(keys, res->d_records, domain, 300); - /* NO NSEC record! */ - } - return 1; + /* NO NSEC record! */ } + return 1; } + } - return 0; - }); + return 0; + }); /* no NSEC record in a secure zone, should be Bogus! */ vector ret; @@ -628,7 +634,8 @@ BOOST_AUTO_TEST_CASE(test_dnssec_validation_bogus_no_nsec) { BOOST_CHECK_EQUAL(queriesCount, 8U); } -BOOST_AUTO_TEST_CASE(test_dnssec_secure_to_insecure) { +BOOST_AUTO_TEST_CASE(test_dnssec_secure_to_insecure) +{ std::unique_ptr sr; initSR(sr, true); @@ -648,74 +655,75 @@ BOOST_AUTO_TEST_CASE(test_dnssec_secure_to_insecure) { size_t queriesCount = 0; - sr->setAsyncCallback([target,targetAddr,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - queriesCount++; + sr->setAsyncCallback([target, targetAddr, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queriesCount++; - if (type == QType::DS) { - if (domain == target) { - setLWResult(res, 0, true, false, true); - addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); - addRRSIG(keys, res->d_records, DNSName("com."), 300); - addNSECRecordToLW(domain, DNSName("z.powerdns.com."), { QType::NS }, 600, res->d_records); - addRRSIG(keys, res->d_records, DNSName("com."), 300); - return 1; - } else { - return genericDSAndDNSKEYHandler(res, domain, domain, type, keys); - } + if (type == QType::DS) { + if (domain == target) { + setLWResult(res, 0, true, false, true); + addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); + addRRSIG(keys, res->d_records, DNSName("com."), 300); + addNSECRecordToLW(domain, DNSName("z.powerdns.com."), {QType::NS}, 600, res->d_records); + addRRSIG(keys, res->d_records, DNSName("com."), 300); + return 1; } - else if (type == QType::DNSKEY) { - if (domain == g_rootdnsname || domain == DNSName("com.")) { + else { + return genericDSAndDNSKEYHandler(res, domain, domain, type, keys); + } + } + else if (type == QType::DNSKEY) { + if (domain == g_rootdnsname || domain == DNSName("com.")) { + setLWResult(res, 0, true, false, true); + addDNSKEY(keys, domain, 300, res->d_records); + addRRSIG(keys, res->d_records, domain, 300); + return 1; + } + else { + setLWResult(res, 0, true, false, true); + addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); + return 1; + } + } + else { + if (isRootServer(ip)) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600); + addDS(DNSName("com."), 300, res->d_records, keys); + addRRSIG(keys, res->d_records, DNSName("."), 300); + addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); + return 1; + } + else if (ip == ComboAddress("192.0.2.1:53")) { + if (domain == DNSName("com.")) { setLWResult(res, 0, true, false, true); - addDNSKEY(keys, domain, 300, res->d_records); - addRRSIG(keys, res->d_records, domain, 300); - return 1; + addRecordToLW(res, DNSName("com."), QType::NS, "a.gtld-servers.com."); + addRRSIG(keys, res->d_records, DNSName("com."), 300); + addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); } else { - setLWResult(res, 0, true, false, true); - addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); - return 1; - } - } - else { - if (isRootServer(ip)) { setLWResult(res, 0, false, false, true); - addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600); - addDS(DNSName("com."), 300, res->d_records, keys); - addRRSIG(keys, res->d_records, DNSName("."), 300); - addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - return 1; + addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600); + /* no DS */ + addNSECRecordToLW(domain, DNSName("z.powerdns.com."), {QType::NS}, 600, res->d_records); + addRRSIG(keys, res->d_records, DNSName("com."), 300); + addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); } - else if (ip == ComboAddress("192.0.2.1:53")) { - if (domain == DNSName("com.")) { - setLWResult(res, 0, true, false, true); - addRecordToLW(res, DNSName("com."), QType::NS, "a.gtld-servers.com."); - addRRSIG(keys, res->d_records, DNSName("com."), 300); - addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - } - else { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600); - /* no DS */ - addNSECRecordToLW(domain, DNSName("z.powerdns.com."), { QType::NS }, 600, res->d_records); - addRRSIG(keys, res->d_records, DNSName("com."), 300); - addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); - } - return 1; + return 1; + } + else if (ip == ComboAddress("192.0.2.2:53")) { + setLWResult(res, 0, true, false, true); + if (type == QType::NS) { + addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com."); } - else if (ip == ComboAddress("192.0.2.2:53")) { - setLWResult(res, 0, true, false, true); - if (type == QType::NS) { - addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com."); - } - else { - addRecordToLW(res, domain, QType::A, targetAddr.toString()); - } - return 1; + else { + addRecordToLW(res, domain, QType::A, targetAddr.toString()); } + return 1; } + } - return 0; - }); + return 0; + }); vector ret; int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret); @@ -738,8 +746,8 @@ BOOST_AUTO_TEST_CASE(test_dnssec_secure_to_insecure) { BOOST_CHECK_EQUAL(queriesCount, 7U); } - -BOOST_AUTO_TEST_CASE(test_dnssec_secure_direct_ds) { +BOOST_AUTO_TEST_CASE(test_dnssec_secure_direct_ds) +{ /* Direct DS query: - parent is secure, zone is secure: DS should be secure @@ -763,25 +771,25 @@ BOOST_AUTO_TEST_CASE(test_dnssec_secure_direct_ds) { size_t queriesCount = 0; - sr->setAsyncCallback([target,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - queriesCount++; - - if (type == QType::DS || type == QType::DNSKEY) { - return genericDSAndDNSKEYHandler(res, domain, domain, type, keys); - } - else { - if (isRootServer(ip)) { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600); - addDS(DNSName("com."), 300, res->d_records, keys); - addRRSIG(keys, res->d_records, DNSName("."), 300); - addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - return 1; - } + sr->setAsyncCallback([target, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queriesCount++; + + if (type == QType::DS || type == QType::DNSKEY) { + return genericDSAndDNSKEYHandler(res, domain, domain, type, keys); + } + else { + if (isRootServer(ip)) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600); + addDS(DNSName("com."), 300, res->d_records, keys); + addRRSIG(keys, res->d_records, DNSName("."), 300); + addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); + return 1; } + } - return 0; - }); + return 0; + }); vector ret; int res = sr->beginResolve(target, QType(QType::DS), QClass::IN, ret); @@ -805,7 +813,8 @@ BOOST_AUTO_TEST_CASE(test_dnssec_secure_direct_ds) { BOOST_CHECK_EQUAL(queriesCount, 4U); } -BOOST_AUTO_TEST_CASE(test_dnssec_insecure_direct_ds) { +BOOST_AUTO_TEST_CASE(test_dnssec_insecure_direct_ds) +{ /* Direct DS query: - parent is secure, zone is insecure: DS denial should be secure @@ -828,25 +837,25 @@ BOOST_AUTO_TEST_CASE(test_dnssec_insecure_direct_ds) { size_t queriesCount = 0; - sr->setAsyncCallback([target,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - queriesCount++; - - if (type == QType::DS || type == QType::DNSKEY) { - return genericDSAndDNSKEYHandler(res, domain, domain, type, keys); - } - else { - if (isRootServer(ip)) { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600); - addDS(DNSName("com."), 300, res->d_records, keys); - addRRSIG(keys, res->d_records, DNSName("."), 300); - addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - return 1; - } + sr->setAsyncCallback([target, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queriesCount++; + + if (type == QType::DS || type == QType::DNSKEY) { + return genericDSAndDNSKEYHandler(res, domain, domain, type, keys); + } + else { + if (isRootServer(ip)) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600); + addDS(DNSName("com."), 300, res->d_records, keys); + addRRSIG(keys, res->d_records, DNSName("."), 300); + addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); + return 1; } + } - return 0; - }); + return 0; + }); vector ret; int res = sr->beginResolve(target, QType(QType::DS), QClass::IN, ret); @@ -870,7 +879,8 @@ BOOST_AUTO_TEST_CASE(test_dnssec_insecure_direct_ds) { BOOST_CHECK_EQUAL(queriesCount, 4U); } -BOOST_AUTO_TEST_CASE(test_dnssec_secure_to_insecure_skipped_cut) { +BOOST_AUTO_TEST_CASE(test_dnssec_secure_to_insecure_skipped_cut) +{ std::unique_ptr sr; initSR(sr, true); @@ -891,87 +901,88 @@ BOOST_AUTO_TEST_CASE(test_dnssec_secure_to_insecure_skipped_cut) { size_t queriesCount = 0; - sr->setAsyncCallback([target,targetAddr,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - queriesCount++; + sr->setAsyncCallback([target, targetAddr, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queriesCount++; - if (type == QType::DS) { - if (domain == DNSName("sub.powerdns.com.")) { - setLWResult(res, 0, true, false, true); - addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); - addRRSIG(keys, res->d_records, DNSName("powerdns.com."), 300); - addNSECRecordToLW(domain, DNSName("z.powerdns.com."), { QType::NS }, 600, res->d_records); - addRRSIG(keys, res->d_records, DNSName("powerdns.com."), 300); - return 1; - } - else if (domain == DNSName("www.sub.powerdns.com.")) { - setLWResult(res, 0, true, false, true); - addRecordToLW(res, DNSName("sub.powerdns.com."), QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); - return 1; - } - else { - return genericDSAndDNSKEYHandler(res, domain, domain, type, keys); - } + if (type == QType::DS) { + if (domain == DNSName("sub.powerdns.com.")) { + setLWResult(res, 0, true, false, true); + addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); + addRRSIG(keys, res->d_records, DNSName("powerdns.com."), 300); + addNSECRecordToLW(domain, DNSName("z.powerdns.com."), {QType::NS}, 600, res->d_records); + addRRSIG(keys, res->d_records, DNSName("powerdns.com."), 300); + return 1; + } + else if (domain == DNSName("www.sub.powerdns.com.")) { + setLWResult(res, 0, true, false, true); + addRecordToLW(res, DNSName("sub.powerdns.com."), QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); + return 1; + } + else { + return genericDSAndDNSKEYHandler(res, domain, domain, type, keys); + } + } + else if (type == QType::DNSKEY) { + if (domain == g_rootdnsname || domain == DNSName("com.") || domain == DNSName("powerdns.com.")) { + setLWResult(res, 0, true, false, true); + addDNSKEY(keys, domain, 300, res->d_records); + addRRSIG(keys, res->d_records, domain, 300); + return 1; + } + else { + setLWResult(res, 0, true, false, true); + addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); + return 1; } - else if (type == QType::DNSKEY) { - if (domain == g_rootdnsname || domain == DNSName("com.") || domain == DNSName("powerdns.com.")) { + } + else { + if (isRootServer(ip)) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600); + addDS(DNSName("com."), 300, res->d_records, keys); + addRRSIG(keys, res->d_records, DNSName("."), 300); + addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); + return 1; + } + else if (ip == ComboAddress("192.0.2.1:53")) { + if (domain == DNSName("com.")) { setLWResult(res, 0, true, false, true); - addDNSKEY(keys, domain, 300, res->d_records); - addRRSIG(keys, res->d_records, domain, 300); - return 1; + addRecordToLW(res, DNSName("com."), QType::NS, "a.gtld-servers.com."); + addRRSIG(keys, res->d_records, DNSName("com."), 300); + addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); } else { - setLWResult(res, 0, true, false, true); - addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); - return 1; - } - } - else { - if (isRootServer(ip)) { setLWResult(res, 0, false, false, true); - addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600); - addDS(DNSName("com."), 300, res->d_records, keys); - addRRSIG(keys, res->d_records, DNSName("."), 300); - addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - return 1; + addRecordToLW(res, DNSName("powerdns.com."), QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600); + addDS(DNSName("powerdns.com."), 300, res->d_records, keys); + addRRSIG(keys, res->d_records, DNSName("com."), 300); + addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); } - else if (ip == ComboAddress("192.0.2.1:53")) { - if (domain == DNSName("com.")) { - setLWResult(res, 0, true, false, true); - addRecordToLW(res, DNSName("com."), QType::NS, "a.gtld-servers.com."); - addRRSIG(keys, res->d_records, DNSName("com."), 300); - addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); + return 1; + } + else if (ip == ComboAddress("192.0.2.2:53")) { + setLWResult(res, 0, true, false, true); + if (type == QType::NS) { + if (domain == DNSName("www.sub.powerdns.com.")) { + addRecordToLW(res, DNSName("sub.powerdns.com"), QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); } - else { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, DNSName("powerdns.com."), QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600); - addDS(DNSName("powerdns.com."), 300, res->d_records, keys); - addRRSIG(keys, res->d_records, DNSName("com."), 300); - addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); + else if (domain == DNSName("sub.powerdns.com.")) { + addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com."); } - return 1; - } - else if (ip == ComboAddress("192.0.2.2:53")) { - setLWResult(res, 0, true, false, true); - if (type == QType::NS) { - if (domain == DNSName("www.sub.powerdns.com.")) { - addRecordToLW(res, DNSName("sub.powerdns.com"), QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); - } - else if (domain == DNSName("sub.powerdns.com.")) { - addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com."); - } - else if (domain == DNSName("powerdns.com.")) { - addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com."); - addRRSIG(keys, res->d_records, DNSName("powerdns.com."), 300); - } - } else { - addRecordToLW(res, domain, QType::A, targetAddr.toString(), DNSResourceRecord::ANSWER, 3600); + else if (domain == DNSName("powerdns.com.")) { + addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com."); + addRRSIG(keys, res->d_records, DNSName("powerdns.com."), 300); } - return 1; } + else { + addRecordToLW(res, domain, QType::A, targetAddr.toString(), DNSResourceRecord::ANSWER, 3600); + } + return 1; } + } - return 0; - }); + return 0; + }); vector ret; int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret); diff --git a/pdns/recursordist/test-syncres_cc7.cc b/pdns/recursordist/test-syncres_cc7.cc index 3bcc604fc7..0ed32254fd 100644 --- a/pdns/recursordist/test-syncres_cc7.cc +++ b/pdns/recursordist/test-syncres_cc7.cc @@ -5,7 +5,8 @@ BOOST_AUTO_TEST_SUITE(syncres_cc7) -BOOST_AUTO_TEST_CASE(test_dnssec_insecure_to_ta_skipped_cut) { +BOOST_AUTO_TEST_CASE(test_dnssec_insecure_to_ta_skipped_cut) +{ std::unique_ptr sr; initSR(sr, true); @@ -27,92 +28,92 @@ BOOST_AUTO_TEST_CASE(test_dnssec_insecure_to_ta_skipped_cut) { size_t queriesCount = 0; - sr->setAsyncCallback([target,targetAddr,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - queriesCount++; + sr->setAsyncCallback([target, targetAddr, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queriesCount++; - if (type == QType::DS) { - if (domain == DNSName("www.sub.powerdns.com")) { - setLWResult(res, 0, true, false, true); - addRecordToLW(res, DNSName("sub.powerdns.com"), QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); - addRRSIG(keys, res->d_records, DNSName("sub.powerdns.com"), 300); - addNSECRecordToLW(DNSName("www.sub.powerdns.com"), DNSName("vww.sub.powerdns.com."), { QType::A }, 600, res->d_records); - addRRSIG(keys, res->d_records, DNSName("sub.powerdns.com"), 300); + if (type == QType::DS) { + if (domain == DNSName("www.sub.powerdns.com")) { + setLWResult(res, 0, true, false, true); + addRecordToLW(res, DNSName("sub.powerdns.com"), QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); + addRRSIG(keys, res->d_records, DNSName("sub.powerdns.com"), 300); + addNSECRecordToLW(DNSName("www.sub.powerdns.com"), DNSName("vww.sub.powerdns.com."), {QType::A}, 600, res->d_records); + addRRSIG(keys, res->d_records, DNSName("sub.powerdns.com"), 300); + } + else { + setLWResult(res, 0, true, false, true); + + if (domain == DNSName("com.")) { + addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); + addRRSIG(keys, res->d_records, DNSName("."), 300); + /* no DS */ + addNSECRecordToLW(DNSName("com."), DNSName("dom."), {QType::NS}, 600, res->d_records); + addRRSIG(keys, res->d_records, DNSName("."), 300); } else { setLWResult(res, 0, true, false, true); - - if (domain == DNSName("com.")) { - addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); - addRRSIG(keys, res->d_records, DNSName("."), 300); - /* no DS */ - addNSECRecordToLW(DNSName("com."), DNSName("dom."), { QType::NS }, 600, res->d_records); - addRRSIG(keys, res->d_records, DNSName("."), 300); - } - else { - setLWResult(res, 0, true, false, true); - addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); - } + addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); } + } + return 1; + } + else if (type == QType::DNSKEY) { + if (domain == g_rootdnsname || domain == DNSName("sub.powerdns.com.")) { + setLWResult(res, 0, true, false, true); + addDNSKEY(keys, domain, 300, res->d_records); + addRRSIG(keys, res->d_records, domain, 300); return 1; } - else if (type == QType::DNSKEY) { - if (domain == g_rootdnsname || domain == DNSName("sub.powerdns.com.")) { - setLWResult(res, 0, true, false, true); - addDNSKEY(keys, domain, 300, res->d_records); - addRRSIG(keys, res->d_records, domain, 300); - return 1; - } + } + else { + if (isRootServer(ip)) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600); + /* no DS */ + addNSECRecordToLW(DNSName("com."), DNSName("dom."), {QType::NS}, 600, res->d_records); + addRRSIG(keys, res->d_records, DNSName("."), 300); + addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); + return 1; } - else { - if (isRootServer(ip)) { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600); - /* no DS */ - addNSECRecordToLW(DNSName("com."), DNSName("dom."), { QType::NS }, 600, res->d_records); - addRRSIG(keys, res->d_records, DNSName("."), 300); + else if (ip == ComboAddress("192.0.2.1:53")) { + if (domain == DNSName("com.")) { + setLWResult(res, 0, true, false, true); + addRecordToLW(res, DNSName("com."), QType::NS, "a.gtld-servers.com."); addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - return 1; } - else if (ip == ComboAddress("192.0.2.1:53")) { - if (domain == DNSName("com.")) { - setLWResult(res, 0, true, false, true); - addRecordToLW(res, DNSName("com."), QType::NS, "a.gtld-servers.com."); - addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - } - else if (domain.isPartOf(DNSName("powerdns.com."))) { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, DNSName("powerdns.com."), QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600); - addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); - } - return 1; + else if (domain.isPartOf(DNSName("powerdns.com."))) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, DNSName("powerdns.com."), QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600); + addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); } - else if (ip == ComboAddress("192.0.2.2:53")) { - setLWResult(res, 0, true, false, true); - if (type == QType::NS) { - if (domain == DNSName("www.sub.powerdns.com.")) { - addRecordToLW(res, DNSName("sub.powerdns.com"), QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); - addRRSIG(keys, res->d_records, DNSName("sub.powerdns.com"), 300); - addNSECRecordToLW(DNSName("www.sub.powerdns.com"), DNSName("vww.sub.powerdns.com."), { QType::A }, 600, res->d_records); - addRRSIG(keys, res->d_records, DNSName("sub.powerdns.com"), 300); - } - else if (domain == DNSName("sub.powerdns.com.")) { - addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com."); - addRRSIG(keys, res->d_records, DNSName("sub.powerdns.com."), 300); - } - else if (domain == DNSName("powerdns.com.")) { - addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com."); - } + return 1; + } + else if (ip == ComboAddress("192.0.2.2:53")) { + setLWResult(res, 0, true, false, true); + if (type == QType::NS) { + if (domain == DNSName("www.sub.powerdns.com.")) { + addRecordToLW(res, DNSName("sub.powerdns.com"), QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); + addRRSIG(keys, res->d_records, DNSName("sub.powerdns.com"), 300); + addNSECRecordToLW(DNSName("www.sub.powerdns.com"), DNSName("vww.sub.powerdns.com."), {QType::A}, 600, res->d_records); + addRRSIG(keys, res->d_records, DNSName("sub.powerdns.com"), 300); } - else if (domain == DNSName("www.sub.powerdns.com.")) { - addRecordToLW(res, domain, QType::A, targetAddr.toString(), DNSResourceRecord::ANSWER, 3600); + else if (domain == DNSName("sub.powerdns.com.")) { + addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com."); addRRSIG(keys, res->d_records, DNSName("sub.powerdns.com."), 300); } - return 1; + else if (domain == DNSName("powerdns.com.")) { + addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com."); + } + } + else if (domain == DNSName("www.sub.powerdns.com.")) { + addRecordToLW(res, domain, QType::A, targetAddr.toString(), DNSResourceRecord::ANSWER, 3600); + addRRSIG(keys, res->d_records, DNSName("sub.powerdns.com."), 300); } + return 1; } + } - return 0; - }); + return 0; + }); vector ret; int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret); @@ -132,7 +133,8 @@ BOOST_AUTO_TEST_CASE(test_dnssec_insecure_to_ta_skipped_cut) { BOOST_CHECK_EQUAL(queriesCount, 7U); } -BOOST_AUTO_TEST_CASE(test_dnssec_secure_to_insecure_nodata) { +BOOST_AUTO_TEST_CASE(test_dnssec_secure_to_insecure_nodata) +{ std::unique_ptr sr; initSR(sr, true); @@ -151,77 +153,77 @@ BOOST_AUTO_TEST_CASE(test_dnssec_secure_to_insecure_nodata) { size_t queriesCount = 0; - sr->setAsyncCallback([target,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - queriesCount++; + sr->setAsyncCallback([target, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queriesCount++; - if (type == QType::DS) { - if (domain == target) { + if (type == QType::DS) { + if (domain == target) { + setLWResult(res, 0, true, false, true); + addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); + addRRSIG(keys, res->d_records, DNSName("com."), 300); + addNSECRecordToLW(domain, DNSName("z.powerdns.com."), {QType::NS}, 600, res->d_records); + addRRSIG(keys, res->d_records, DNSName("com."), 300); + return 1; + } + else { + return genericDSAndDNSKEYHandler(res, domain, domain, type, keys); + } + } + else if (type == QType::DNSKEY) { + if (domain == g_rootdnsname || domain == DNSName("com.")) { + setLWResult(res, 0, true, false, true); + addDNSKEY(keys, domain, 300, res->d_records); + addRRSIG(keys, res->d_records, domain, 300); + return 1; + } + else { + setLWResult(res, 0, true, false, true); + addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); + return 1; + } + } + else { + if (isRootServer(ip)) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600); + addDS(DNSName("com."), 300, res->d_records, keys); + addRRSIG(keys, res->d_records, DNSName("."), 300); + addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); + return 1; + } + else if (ip == ComboAddress("192.0.2.1:53")) { + if (domain == DNSName("com.")) { setLWResult(res, 0, true, false, true); - addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); + addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com."); addRRSIG(keys, res->d_records, DNSName("com."), 300); - addNSECRecordToLW(domain, DNSName("z.powerdns.com."), { QType::NS }, 600, res->d_records); + addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); addRRSIG(keys, res->d_records, DNSName("com."), 300); - return 1; } else { - return genericDSAndDNSKEYHandler(res, domain, domain, type, keys); + setLWResult(res, 0, false, false, true); + addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600); + /* no DS */ + addNSECRecordToLW(domain, DNSName("z.powerdns.com."), {QType::NS}, 600, res->d_records); + addRRSIG(keys, res->d_records, DNSName("com."), 300); + addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); } + return 1; } - else if (type == QType::DNSKEY) { - if (domain == g_rootdnsname || domain == DNSName("com.")) { - setLWResult(res, 0, true, false, true); - addDNSKEY(keys, domain, 300, res->d_records); - addRRSIG(keys, res->d_records, domain, 300); - return 1; + else if (ip == ComboAddress("192.0.2.2:53")) { + if (type == QType::NS) { + addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com."); + addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); } else { setLWResult(res, 0, true, false, true); addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); - return 1; - } - } - else { - if (isRootServer(ip)) { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600); - addDS(DNSName("com."), 300, res->d_records, keys); - addRRSIG(keys, res->d_records, DNSName("."), 300); - addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - return 1; - } - else if (ip == ComboAddress("192.0.2.1:53")) { - if (domain == DNSName("com.")) { - setLWResult(res, 0, true, false, true); - addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com."); - addRRSIG(keys, res->d_records, DNSName("com."), 300); - addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - addRRSIG(keys, res->d_records, DNSName("com."), 300); - } - else { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600); - /* no DS */ - addNSECRecordToLW(domain, DNSName("z.powerdns.com."), { QType::NS }, 600, res->d_records); - addRRSIG(keys, res->d_records, DNSName("com."), 300); - addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); - } - return 1; - } - else if (ip == ComboAddress("192.0.2.2:53")) { - if (type == QType::NS) { - addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com."); - addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); - } - else { - setLWResult(res, 0, true, false, true); - addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); - } - return 1; } + return 1; } + } - return 0; - }); + return 0; + }); vector ret; int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret); @@ -244,7 +246,8 @@ BOOST_AUTO_TEST_CASE(test_dnssec_secure_to_insecure_nodata) { BOOST_CHECK_EQUAL(queriesCount, 7U); } -BOOST_AUTO_TEST_CASE(test_dnssec_secure_to_insecure_cname) { +BOOST_AUTO_TEST_CASE(test_dnssec_secure_to_insecure_cname) +{ std::unique_ptr sr; initSR(sr, true); @@ -265,96 +268,96 @@ BOOST_AUTO_TEST_CASE(test_dnssec_secure_to_insecure_cname) { size_t queriesCount = 0; - sr->setAsyncCallback([target,targetCName,targetCNameAddr,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - queriesCount++; + sr->setAsyncCallback([target, targetCName, targetCNameAddr, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queriesCount++; - if (type == QType::DS) { - if (domain == targetCName) { + if (type == QType::DS) { + if (domain == targetCName) { + setLWResult(res, 0, true, false, true); + addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); + addRRSIG(keys, res->d_records, DNSName("com."), 300); + addNSECRecordToLW(domain, DNSName("z.power-dns.com."), {QType::NS}, 600, res->d_records); + addRRSIG(keys, res->d_records, DNSName("com."), 300); + return 1; + } + else { + return genericDSAndDNSKEYHandler(res, domain, domain, type, keys); + } + } + else if (type == QType::DNSKEY) { + if (domain == g_rootdnsname || domain == DNSName("com.") || domain == DNSName("powerdns.com.")) { + setLWResult(res, 0, true, false, true); + addDNSKEY(keys, domain, 300, res->d_records); + addRRSIG(keys, res->d_records, domain, 300); + return 1; + } + else { + setLWResult(res, 0, true, false, true); + addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); + return 1; + } + } + else { + if (isRootServer(ip)) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600); + addDS(DNSName("com."), 300, res->d_records, keys); + addRRSIG(keys, res->d_records, DNSName("."), 300); + addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); + return 1; + } + else if (ip == ComboAddress("192.0.2.1:53")) { + setLWResult(res, 0, false, false, true); + if (domain == DNSName("com.")) { setLWResult(res, 0, true, false, true); - addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); + addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com."); addRRSIG(keys, res->d_records, DNSName("com."), 300); - addNSECRecordToLW(domain, DNSName("z.power-dns.com."), { QType::NS }, 600, res->d_records); + addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); addRRSIG(keys, res->d_records, DNSName("com."), 300); - return 1; - } - else { - return genericDSAndDNSKEYHandler(res, domain, domain, type, keys); - } - } - else if (type == QType::DNSKEY) { - if (domain == g_rootdnsname || domain == DNSName("com.") || domain == DNSName("powerdns.com.")) { - setLWResult(res, 0, true, false, true); - addDNSKEY(keys, domain, 300, res->d_records); - addRRSIG(keys, res->d_records, domain, 300); - return 1; } else { - setLWResult(res, 0, true, false, true); - addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); - return 1; + addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600); + if (domain == DNSName("powerdns.com.")) { + addDS(DNSName("powerdns.com."), 300, res->d_records, keys); + } + else if (domain == targetCName) { + addNSECRecordToLW(domain, DNSName("z.power-dns.com."), {QType::NS}, 600, res->d_records); + } + addRRSIG(keys, res->d_records, DNSName("com."), 300); + addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); } + + return 1; } - else { - if (isRootServer(ip)) { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600); - addDS(DNSName("com."), 300, res->d_records, keys); - addRRSIG(keys, res->d_records, DNSName("."), 300); - addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - return 1; - } - else if (ip == ComboAddress("192.0.2.1:53")) { - setLWResult(res, 0, false, false, true); - if (domain == DNSName("com.")) { - setLWResult(res, 0, true, false, true); - addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com."); - addRRSIG(keys, res->d_records, DNSName("com."), 300); - addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - addRRSIG(keys, res->d_records, DNSName("com."), 300); + else if (ip == ComboAddress("192.0.2.2:53")) { + setLWResult(res, 0, true, false, true); + + if (type == QType::NS) { + addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com."); + if (domain == DNSName("powerdns.com.")) { + addRRSIG(keys, res->d_records, domain, 300); } - else { - addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600); - if (domain == DNSName("powerdns.com.")) { - addDS(DNSName("powerdns.com."), 300, res->d_records, keys); - } - else if (domain == targetCName) { - addNSECRecordToLW(domain, DNSName("z.power-dns.com."), { QType::NS }, 600, res->d_records); - } - addRRSIG(keys, res->d_records, DNSName("com."), 300); - addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); + addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); + if (domain == DNSName("powerdns.com.")) { + addRRSIG(keys, res->d_records, domain, 300); } - - return 1; } - else if (ip == ComboAddress("192.0.2.2:53")) { - setLWResult(res, 0, true, false, true); - - if (type == QType::NS) { - addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com."); - if (domain == DNSName("powerdns.com.")) { - addRRSIG(keys, res->d_records, domain, 300); - } - addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); - if (domain == DNSName("powerdns.com.")) { - addRRSIG(keys, res->d_records, domain, 300); - } + else { + if (domain == DNSName("powerdns.com.")) { + addRecordToLW(res, domain, QType::CNAME, targetCName.toString()); + addRRSIG(keys, res->d_records, domain, 300); } - else { - if (domain == DNSName("powerdns.com.")) { - addRecordToLW(res, domain, QType::CNAME, targetCName.toString()); - addRRSIG(keys, res->d_records, domain, 300); - } - else if (domain == targetCName) { - addRecordToLW(res, domain, QType::A, targetCNameAddr.toString()); - } + else if (domain == targetCName) { + addRecordToLW(res, domain, QType::A, targetCNameAddr.toString()); } - - return 1; } + + return 1; } + } - return 0; - }); + return 0; + }); vector ret; int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret); @@ -372,7 +375,8 @@ BOOST_AUTO_TEST_CASE(test_dnssec_secure_to_insecure_cname) { BOOST_CHECK_EQUAL(queriesCount, 11U); } -BOOST_AUTO_TEST_CASE(test_dnssec_secure_to_insecure_cname_glue) { +BOOST_AUTO_TEST_CASE(test_dnssec_secure_to_insecure_cname_glue) +{ std::unique_ptr sr; initSR(sr, true); @@ -394,89 +398,89 @@ BOOST_AUTO_TEST_CASE(test_dnssec_secure_to_insecure_cname_glue) { size_t queriesCount = 0; - sr->setAsyncCallback([target,targetCName1,targetCName2,targetCName2Addr,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - queriesCount++; + sr->setAsyncCallback([target, targetCName1, targetCName2, targetCName2Addr, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queriesCount++; - if (type == QType::DS || type == QType::DNSKEY) { - if (domain == DNSName("sub.powerdns.com")) { + if (type == QType::DS || type == QType::DNSKEY) { + if (domain == DNSName("sub.powerdns.com")) { + setLWResult(res, 0, true, false, true); + addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); + addRRSIG(keys, res->d_records, DNSName("com."), 300); + addNSECRecordToLW(domain, DNSName("z.power-dns.com."), {QType::NS}, 600, res->d_records); + addRRSIG(keys, res->d_records, DNSName("com."), 300); + return 1; + } + else { + return genericDSAndDNSKEYHandler(res, domain, domain, type, keys); + } + } + else { + if (isRootServer(ip)) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600); + addDS(DNSName("com."), 300, res->d_records, keys); + addRRSIG(keys, res->d_records, DNSName("."), 300); + addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); + return 1; + } + else if (ip == ComboAddress("192.0.2.1:53")) { + setLWResult(res, 0, false, false, true); + if (domain == DNSName("com.")) { setLWResult(res, 0, true, false, true); - addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); + addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com."); addRRSIG(keys, res->d_records, DNSName("com."), 300); - addNSECRecordToLW(domain, DNSName("z.power-dns.com."), { QType::NS }, 600, res->d_records); + addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); addRRSIG(keys, res->d_records, DNSName("com."), 300); - return 1; } else { - return genericDSAndDNSKEYHandler(res, domain, domain, type, keys); + addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600); + if (domain == DNSName("powerdns.com.")) { + addDS(DNSName("powerdns.com."), 300, res->d_records, keys); + } + else if (domain == DNSName("sub.powerdns.com")) { + addNSECRecordToLW(domain, DNSName("z.power-dns.com."), {QType::NS}, 600, res->d_records); + } + addRRSIG(keys, res->d_records, DNSName("com."), 300); + addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); } + + return 1; } - else { - if (isRootServer(ip)) { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600); - addDS(DNSName("com."), 300, res->d_records, keys); - addRRSIG(keys, res->d_records, DNSName("."), 300); - addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - return 1; - } - else if (ip == ComboAddress("192.0.2.1:53")) { - setLWResult(res, 0, false, false, true); - if (domain == DNSName("com.")) { - setLWResult(res, 0, true, false, true); - addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com."); - addRRSIG(keys, res->d_records, DNSName("com."), 300); - addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - addRRSIG(keys, res->d_records, DNSName("com."), 300); + else if (ip == ComboAddress("192.0.2.2:53")) { + setLWResult(res, 0, true, false, true); + + if (type == QType::NS) { + addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com."); + if (domain == DNSName("powerdns.com.")) { + addRRSIG(keys, res->d_records, domain, 300); } - else { - addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600); - if (domain == DNSName("powerdns.com.")) { - addDS(DNSName("powerdns.com."), 300, res->d_records, keys); - } - else if (domain == DNSName("sub.powerdns.com")) { - addNSECRecordToLW(domain, DNSName("z.power-dns.com."), { QType::NS }, 600, res->d_records); - } - addRRSIG(keys, res->d_records, DNSName("com."), 300); - addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); + addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); + if (domain == DNSName("powerdns.com.")) { + addRRSIG(keys, res->d_records, domain, 300); } - - return 1; } - else if (ip == ComboAddress("192.0.2.2:53")) { - setLWResult(res, 0, true, false, true); - - if (type == QType::NS) { - addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com."); - if (domain == DNSName("powerdns.com.")) { - addRRSIG(keys, res->d_records, domain, 300); - } - addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); - if (domain == DNSName("powerdns.com.")) { - addRRSIG(keys, res->d_records, domain, 300); - } + else { + if (domain == DNSName("powerdns.com.")) { + addRecordToLW(res, domain, QType::CNAME, targetCName1.toString()); + addRRSIG(keys, res->d_records, domain, 300); + /* add the CNAME target as a glue, with no RRSIG since the sub zone is insecure */ + addRecordToLW(res, targetCName1, QType::CNAME, targetCName2.toString()); + addRecordToLW(res, targetCName2, QType::A, targetCName2Addr.toString()); } - else { - if (domain == DNSName("powerdns.com.")) { - addRecordToLW(res, domain, QType::CNAME, targetCName1.toString()); - addRRSIG(keys, res->d_records, domain, 300); - /* add the CNAME target as a glue, with no RRSIG since the sub zone is insecure */ - addRecordToLW(res, targetCName1, QType::CNAME, targetCName2.toString()); - addRecordToLW(res, targetCName2, QType::A, targetCName2Addr.toString()); - } - else if (domain == targetCName1) { - addRecordToLW(res, domain, QType::CNAME, targetCName2.toString()); - } - else if (domain == targetCName2) { - addRecordToLW(res, domain, QType::A, targetCName2Addr.toString()); - } + else if (domain == targetCName1) { + addRecordToLW(res, domain, QType::CNAME, targetCName2.toString()); + } + else if (domain == targetCName2) { + addRecordToLW(res, domain, QType::A, targetCName2Addr.toString()); } - - return 1; } + + return 1; } + } - return 0; - }); + return 0; + }); vector ret; int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret); @@ -494,7 +498,8 @@ BOOST_AUTO_TEST_CASE(test_dnssec_secure_to_insecure_cname_glue) { BOOST_CHECK_EQUAL(queriesCount, 11U); } -BOOST_AUTO_TEST_CASE(test_dnssec_insecure_to_secure_cname) { +BOOST_AUTO_TEST_CASE(test_dnssec_insecure_to_secure_cname) +{ std::unique_ptr sr; initSR(sr, true); @@ -515,93 +520,93 @@ BOOST_AUTO_TEST_CASE(test_dnssec_insecure_to_secure_cname) { size_t queriesCount = 0; - sr->setAsyncCallback([target,targetCName,targetCNameAddr,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - queriesCount++; + sr->setAsyncCallback([target, targetCName, targetCNameAddr, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queriesCount++; - if (type == QType::DS) { - if (domain == DNSName("power-dns.com.")) { + if (type == QType::DS) { + if (domain == DNSName("power-dns.com.")) { + setLWResult(res, 0, true, false, true); + addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); + addRRSIG(keys, res->d_records, DNSName("com."), 300); + addNSECRecordToLW(domain, DNSName("z.power-dns.com."), {QType::NS}, 600, res->d_records); + addRRSIG(keys, res->d_records, DNSName("com."), 300); + return 1; + } + else { + return genericDSAndDNSKEYHandler(res, domain, domain, type, keys); + } + } + else if (type == QType::DNSKEY) { + if (domain == g_rootdnsname || domain == DNSName("com.") || domain == DNSName("powerdns.com.")) { + setLWResult(res, 0, true, false, true); + addDNSKEY(keys, domain, 300, res->d_records); + addRRSIG(keys, res->d_records, domain, 300); + return 1; + } + else { + setLWResult(res, 0, true, false, true); + addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); + return 1; + } + } + else { + if (isRootServer(ip)) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600); + addDS(DNSName("com."), 300, res->d_records, keys); + addRRSIG(keys, res->d_records, DNSName("."), 300); + addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); + return 1; + } + else if (ip == ComboAddress("192.0.2.1:53")) { + if (domain == DNSName("com.")) { setLWResult(res, 0, true, false, true); - addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); + addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com."); addRRSIG(keys, res->d_records, DNSName("com."), 300); - addNSECRecordToLW(domain, DNSName("z.power-dns.com."), { QType::NS }, 600, res->d_records); + addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); addRRSIG(keys, res->d_records, DNSName("com."), 300); - return 1; } - else { - return genericDSAndDNSKEYHandler(res, domain, domain, type, keys); - } - } - else if (type == QType::DNSKEY) { - if (domain == g_rootdnsname || domain == DNSName("com.") || domain == DNSName("powerdns.com.")) { - setLWResult(res, 0, true, false, true); - addDNSKEY(keys, domain, 300, res->d_records); - addRRSIG(keys, res->d_records, domain, 300); - return 1; - } - else { - setLWResult(res, 0, true, false, true); - addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); - return 1; - } - } - else { - if (isRootServer(ip)) { + else if (domain == DNSName("powerdns.com.") || domain == DNSName("power-dns.com.")) { setLWResult(res, 0, false, false, true); - addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600); - addDS(DNSName("com."), 300, res->d_records, keys); - addRRSIG(keys, res->d_records, DNSName("."), 300); - addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - return 1; + addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600); + if (domain == targetCName) { + addDS(DNSName("powerdns.com."), 300, res->d_records, keys); + } + else if (domain == target) { + addNSECRecordToLW(domain, DNSName("z.power-dns.com."), {QType::NS}, 600, res->d_records); + } + addRRSIG(keys, res->d_records, DNSName("com."), 300); + addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); } - else if (ip == ComboAddress("192.0.2.1:53")) { - if (domain == DNSName("com.")) { - setLWResult(res, 0, true, false, true); - addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com."); - addRRSIG(keys, res->d_records, DNSName("com."), 300); - addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - addRRSIG(keys, res->d_records, DNSName("com."), 300); + return 1; + } + else if (ip == ComboAddress("192.0.2.2:53")) { + setLWResult(res, 0, true, false, true); + if (type == QType::NS) { + addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com."); + if (domain == DNSName("powerdns.com.")) { + addRRSIG(keys, res->d_records, domain, 300); } - else if (domain == DNSName("powerdns.com.") || domain == DNSName("power-dns.com.")) { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600); - if (domain == targetCName) { - addDS(DNSName("powerdns.com."), 300, res->d_records, keys); - } - else if (domain == target) { - addNSECRecordToLW(domain, DNSName("z.power-dns.com."), { QType::NS }, 600, res->d_records); - } - addRRSIG(keys, res->d_records, DNSName("com."), 300); - addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); + addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); + if (domain == DNSName("powerdns.com.")) { + addRRSIG(keys, res->d_records, domain, 300); } - return 1; } - else if (ip == ComboAddress("192.0.2.2:53")) { - setLWResult(res, 0, true, false, true); - if (type == QType::NS) { - addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com."); - if (domain == DNSName("powerdns.com.")) { - addRRSIG(keys, res->d_records, domain, 300); - } - addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); - if (domain == DNSName("powerdns.com.")) { - addRRSIG(keys, res->d_records, domain, 300); - } + else { + if (domain == target) { + addRecordToLW(res, domain, QType::CNAME, targetCName.toString()); } - else { - if (domain == target) { - addRecordToLW(res, domain, QType::CNAME, targetCName.toString()); - } - else if (domain == targetCName) { - addRecordToLW(res, domain, QType::A, targetCNameAddr.toString()); - addRRSIG(keys, res->d_records, domain, 300); - } + else if (domain == targetCName) { + addRecordToLW(res, domain, QType::A, targetCNameAddr.toString()); + addRRSIG(keys, res->d_records, domain, 300); } - return 1; } + return 1; } + } - return 0; - }); + return 0; + }); vector ret; int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret); @@ -619,7 +624,8 @@ BOOST_AUTO_TEST_CASE(test_dnssec_insecure_to_secure_cname) { BOOST_CHECK_EQUAL(queriesCount, 11U); } -BOOST_AUTO_TEST_CASE(test_dnssec_bogus_to_secure_cname) { +BOOST_AUTO_TEST_CASE(test_dnssec_bogus_to_secure_cname) +{ std::unique_ptr sr; initSR(sr, true); @@ -641,62 +647,62 @@ BOOST_AUTO_TEST_CASE(test_dnssec_bogus_to_secure_cname) { size_t queriesCount = 0; - sr->setAsyncCallback([target,targetCName,targetCNameAddr,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - queriesCount++; - - if (type == QType::DS || type == QType::DNSKEY) { - return genericDSAndDNSKEYHandler(res, domain, domain, type, keys); + sr->setAsyncCallback([target, targetCName, targetCNameAddr, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queriesCount++; + + if (type == QType::DS || type == QType::DNSKEY) { + return genericDSAndDNSKEYHandler(res, domain, domain, type, keys); + } + else { + if (isRootServer(ip)) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600); + addDS(DNSName("com."), 300, res->d_records, keys); + addRRSIG(keys, res->d_records, DNSName("."), 300); + addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); + return 1; } - else { - if (isRootServer(ip)) { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600); - addDS(DNSName("com."), 300, res->d_records, keys); - addRRSIG(keys, res->d_records, DNSName("."), 300); + else if (ip == ComboAddress("192.0.2.1:53")) { + if (domain == DNSName("com.")) { + setLWResult(res, 0, true, false, true); + addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com."); + addRRSIG(keys, res->d_records, DNSName("com."), 300); addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - return 1; + addRRSIG(keys, res->d_records, DNSName("com."), 300); } - else if (ip == ComboAddress("192.0.2.1:53")) { - if (domain == DNSName("com.")) { - setLWResult(res, 0, true, false, true); - addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com."); - addRRSIG(keys, res->d_records, DNSName("com."), 300); - addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - addRRSIG(keys, res->d_records, DNSName("com."), 300); - } - else if (domain == DNSName("powerdns.com.") || domain == DNSName("power-dns.com.")) { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600); - addDS(DNSName(domain), 300, res->d_records, keys); - addRRSIG(keys, res->d_records, DNSName("com."), 300); - addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); - } - return 1; + else if (domain == DNSName("powerdns.com.") || domain == DNSName("power-dns.com.")) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600); + addDS(DNSName(domain), 300, res->d_records, keys); + addRRSIG(keys, res->d_records, DNSName("com."), 300); + addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); } - else if (ip == ComboAddress("192.0.2.2:53")) { - setLWResult(res, 0, true, false, true); - if (type == QType::NS) { - addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com."); - addRRSIG(keys, res->d_records, domain, 300); - addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); - addRRSIG(keys, res->d_records, domain, 300); + return 1; + } + else if (ip == ComboAddress("192.0.2.2:53")) { + setLWResult(res, 0, true, false, true); + if (type == QType::NS) { + addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com."); + addRRSIG(keys, res->d_records, domain, 300); + addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); + addRRSIG(keys, res->d_records, domain, 300); + } + else { + if (domain == target) { + addRecordToLW(res, domain, QType::CNAME, targetCName.toString()); + /* No RRSIG, leading to bogus */ } - else { - if (domain == target) { - addRecordToLW(res, domain, QType::CNAME, targetCName.toString()); - /* No RRSIG, leading to bogus */ - } - else if (domain == targetCName) { - addRecordToLW(res, domain, QType::A, targetCNameAddr.toString()); - addRRSIG(keys, res->d_records, domain, 300); - } + else if (domain == targetCName) { + addRecordToLW(res, domain, QType::A, targetCNameAddr.toString()); + addRRSIG(keys, res->d_records, domain, 300); } - return 1; } + return 1; } + } - return 0; - }); + return 0; + }); vector ret; int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret); @@ -714,7 +720,8 @@ BOOST_AUTO_TEST_CASE(test_dnssec_bogus_to_secure_cname) { BOOST_CHECK_EQUAL(queriesCount, 11U); } -BOOST_AUTO_TEST_CASE(test_dnssec_secure_to_bogus_cname) { +BOOST_AUTO_TEST_CASE(test_dnssec_secure_to_bogus_cname) +{ std::unique_ptr sr; initSR(sr, true); @@ -736,62 +743,62 @@ BOOST_AUTO_TEST_CASE(test_dnssec_secure_to_bogus_cname) { size_t queriesCount = 0; - sr->setAsyncCallback([target,targetCName,targetCNameAddr,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - queriesCount++; - - if (type == QType::DS || type == QType::DNSKEY) { - return genericDSAndDNSKEYHandler(res, domain, domain, type, keys); + sr->setAsyncCallback([target, targetCName, targetCNameAddr, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queriesCount++; + + if (type == QType::DS || type == QType::DNSKEY) { + return genericDSAndDNSKEYHandler(res, domain, domain, type, keys); + } + else { + if (isRootServer(ip)) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600); + addDS(DNSName("com."), 300, res->d_records, keys); + addRRSIG(keys, res->d_records, DNSName("."), 300); + addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); + return 1; } - else { - if (isRootServer(ip)) { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600); - addDS(DNSName("com."), 300, res->d_records, keys); - addRRSIG(keys, res->d_records, DNSName("."), 300); + else if (ip == ComboAddress("192.0.2.1:53")) { + if (domain == DNSName("com.")) { + setLWResult(res, 0, true, false, true); + addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com."); + addRRSIG(keys, res->d_records, DNSName("com."), 300); addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - return 1; + addRRSIG(keys, res->d_records, DNSName("com."), 300); } - else if (ip == ComboAddress("192.0.2.1:53")) { - if (domain == DNSName("com.")) { - setLWResult(res, 0, true, false, true); - addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com."); - addRRSIG(keys, res->d_records, DNSName("com."), 300); - addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - addRRSIG(keys, res->d_records, DNSName("com."), 300); - } - else if (domain == DNSName("powerdns.com.") || domain == DNSName("power-dns.com.")) { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600); - addDS(DNSName(domain), 300, res->d_records, keys); - addRRSIG(keys, res->d_records, DNSName("com."), 300); - addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); - } - return 1; + else if (domain == DNSName("powerdns.com.") || domain == DNSName("power-dns.com.")) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600); + addDS(DNSName(domain), 300, res->d_records, keys); + addRRSIG(keys, res->d_records, DNSName("com."), 300); + addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); } - else if (ip == ComboAddress("192.0.2.2:53")) { - setLWResult(res, 0, true, false, true); - if (type == QType::NS) { - addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com."); - addRRSIG(keys, res->d_records, domain, 300); - addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); + return 1; + } + else if (ip == ComboAddress("192.0.2.2:53")) { + setLWResult(res, 0, true, false, true); + if (type == QType::NS) { + addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com."); + addRRSIG(keys, res->d_records, domain, 300); + addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); + addRRSIG(keys, res->d_records, domain, 300); + } + else { + if (domain == target) { + addRecordToLW(res, domain, QType::CNAME, targetCName.toString()); addRRSIG(keys, res->d_records, domain, 300); } - else { - if (domain == target) { - addRecordToLW(res, domain, QType::CNAME, targetCName.toString()); - addRRSIG(keys, res->d_records, domain, 300); - } - else if (domain == targetCName) { - addRecordToLW(res, domain, QType::A, targetCNameAddr.toString()); - /* No RRSIG, leading to bogus */ - } + else if (domain == targetCName) { + addRecordToLW(res, domain, QType::A, targetCNameAddr.toString()); + /* No RRSIG, leading to bogus */ } - return 1; } + return 1; } + } - return 0; - }); + return 0; + }); vector ret; int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret); @@ -809,7 +816,8 @@ BOOST_AUTO_TEST_CASE(test_dnssec_secure_to_bogus_cname) { BOOST_CHECK_EQUAL(queriesCount, 11U); } -BOOST_AUTO_TEST_CASE(test_dnssec_secure_to_secure_cname) { +BOOST_AUTO_TEST_CASE(test_dnssec_secure_to_secure_cname) +{ std::unique_ptr sr; initSR(sr, true); @@ -831,62 +839,62 @@ BOOST_AUTO_TEST_CASE(test_dnssec_secure_to_secure_cname) { size_t queriesCount = 0; - sr->setAsyncCallback([target,targetCName,targetCNameAddr,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - queriesCount++; - - if (type == QType::DS || type == QType::DNSKEY) { - return genericDSAndDNSKEYHandler(res, domain, domain, type, keys); + sr->setAsyncCallback([target, targetCName, targetCNameAddr, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queriesCount++; + + if (type == QType::DS || type == QType::DNSKEY) { + return genericDSAndDNSKEYHandler(res, domain, domain, type, keys); + } + else { + if (isRootServer(ip)) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600); + addDS(DNSName("com."), 300, res->d_records, keys); + addRRSIG(keys, res->d_records, DNSName("."), 300); + addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); + return 1; } - else { - if (isRootServer(ip)) { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600); - addDS(DNSName("com."), 300, res->d_records, keys); - addRRSIG(keys, res->d_records, DNSName("."), 300); + else if (ip == ComboAddress("192.0.2.1:53")) { + if (domain == DNSName("com.")) { + setLWResult(res, 0, true, false, true); + addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com."); + addRRSIG(keys, res->d_records, DNSName("com."), 300); addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - return 1; + addRRSIG(keys, res->d_records, DNSName("com."), 300); } - else if (ip == ComboAddress("192.0.2.1:53")) { - if (domain == DNSName("com.")) { - setLWResult(res, 0, true, false, true); - addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com."); - addRRSIG(keys, res->d_records, DNSName("com."), 300); - addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - addRRSIG(keys, res->d_records, DNSName("com."), 300); - } - else if (domain == DNSName("powerdns.com.") || domain == DNSName("power-dns.com.")) { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600); - addDS(DNSName(domain), 300, res->d_records, keys); - addRRSIG(keys, res->d_records, DNSName("com."), 300); - addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); - } - return 1; + else if (domain == DNSName("powerdns.com.") || domain == DNSName("power-dns.com.")) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600); + addDS(DNSName(domain), 300, res->d_records, keys); + addRRSIG(keys, res->d_records, DNSName("com."), 300); + addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); } - else if (ip == ComboAddress("192.0.2.2:53")) { - setLWResult(res, 0, true, false, true); - if (type == QType::NS) { - addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com."); - addRRSIG(keys, res->d_records, domain, 300); - addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); + return 1; + } + else if (ip == ComboAddress("192.0.2.2:53")) { + setLWResult(res, 0, true, false, true); + if (type == QType::NS) { + addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com."); + addRRSIG(keys, res->d_records, domain, 300); + addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); + addRRSIG(keys, res->d_records, domain, 300); + } + else { + if (domain == target) { + addRecordToLW(res, domain, QType::CNAME, targetCName.toString()); addRRSIG(keys, res->d_records, domain, 300); } - else { - if (domain == target) { - addRecordToLW(res, domain, QType::CNAME, targetCName.toString()); - addRRSIG(keys, res->d_records, domain, 300); - } - else if (domain == targetCName) { - addRecordToLW(res, domain, QType::A, targetCNameAddr.toString()); - addRRSIG(keys, res->d_records, domain, 300); - } + else if (domain == targetCName) { + addRecordToLW(res, domain, QType::A, targetCNameAddr.toString()); + addRRSIG(keys, res->d_records, domain, 300); } - return 1; } + return 1; } + } - return 0; - }); + return 0; + }); vector ret; int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret); @@ -904,7 +912,8 @@ BOOST_AUTO_TEST_CASE(test_dnssec_secure_to_secure_cname) { BOOST_CHECK_EQUAL(queriesCount, 12U); } -BOOST_AUTO_TEST_CASE(test_dnssec_bogus_to_insecure_cname) { +BOOST_AUTO_TEST_CASE(test_dnssec_bogus_to_insecure_cname) +{ std::unique_ptr sr; initSR(sr, true); @@ -926,87 +935,87 @@ BOOST_AUTO_TEST_CASE(test_dnssec_bogus_to_insecure_cname) { size_t queriesCount = 0; - sr->setAsyncCallback([target,targetCName,targetCNameAddr,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - queriesCount++; + sr->setAsyncCallback([target, targetCName, targetCNameAddr, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queriesCount++; - if (type == QType::DS) { - if (domain == DNSName("power-dns.com.")) { - setLWResult(res, 0, true, false, true); - addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); - addRRSIG(keys, res->d_records, DNSName("com."), 300); - addNSECRecordToLW(domain, DNSName("z.power-dns.com."), { QType::NS }, 600, res->d_records); - addRRSIG(keys, res->d_records, DNSName("com."), 300); - return 1; - } - else { - return genericDSAndDNSKEYHandler(res, domain, domain, type, keys); - } + if (type == QType::DS) { + if (domain == DNSName("power-dns.com.")) { + setLWResult(res, 0, true, false, true); + addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); + addRRSIG(keys, res->d_records, DNSName("com."), 300); + addNSECRecordToLW(domain, DNSName("z.power-dns.com."), {QType::NS}, 600, res->d_records); + addRRSIG(keys, res->d_records, DNSName("com."), 300); + return 1; } - else if (type == QType::DNSKEY) { - if (domain == g_rootdnsname || domain == DNSName("com.") || domain == DNSName("powerdns.com.")) { - setLWResult(res, 0, true, false, true); - addDNSKEY(keys, domain, 300, res->d_records); - addRRSIG(keys, res->d_records, domain, 300); - return 1; - } - else { - setLWResult(res, 0, true, false, true); - addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); - return 1; - } + else { + return genericDSAndDNSKEYHandler(res, domain, domain, type, keys); + } + } + else if (type == QType::DNSKEY) { + if (domain == g_rootdnsname || domain == DNSName("com.") || domain == DNSName("powerdns.com.")) { + setLWResult(res, 0, true, false, true); + addDNSKEY(keys, domain, 300, res->d_records); + addRRSIG(keys, res->d_records, domain, 300); + return 1; } else { - if (isRootServer(ip)) { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600); - addDS(DNSName("com."), 300, res->d_records, keys); - addRRSIG(keys, res->d_records, DNSName("."), 300); + setLWResult(res, 0, true, false, true); + addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); + return 1; + } + } + else { + if (isRootServer(ip)) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600); + addDS(DNSName("com."), 300, res->d_records, keys); + addRRSIG(keys, res->d_records, DNSName("."), 300); + addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); + return 1; + } + else if (ip == ComboAddress("192.0.2.1:53")) { + if (domain == DNSName("com.")) { + setLWResult(res, 0, true, false, true); + addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com."); + addRRSIG(keys, res->d_records, DNSName("com."), 300); addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - return 1; + addRRSIG(keys, res->d_records, DNSName("com."), 300); } - else if (ip == ComboAddress("192.0.2.1:53")) { - if (domain == DNSName("com.")) { - setLWResult(res, 0, true, false, true); - addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com."); - addRRSIG(keys, res->d_records, DNSName("com."), 300); - addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - addRRSIG(keys, res->d_records, DNSName("com."), 300); + else if (domain == DNSName("powerdns.com.") || domain == DNSName("power-dns.com.")) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600); + if (domain == DNSName("powerdns.com.")) { + addDS(DNSName("powerdns.com."), 300, res->d_records, keys); } - else if (domain == DNSName("powerdns.com.") || domain == DNSName("power-dns.com.")) { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600); - if (domain == DNSName("powerdns.com.")) { - addDS(DNSName("powerdns.com."), 300, res->d_records, keys); - } - else if (domain == targetCName) { - addNSECRecordToLW(domain, DNSName("z.power-dns.com."), { QType::NS }, 600, res->d_records); - } - addRRSIG(keys, res->d_records, DNSName("com."), 300); - addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); + else if (domain == targetCName) { + addNSECRecordToLW(domain, DNSName("z.power-dns.com."), {QType::NS}, 600, res->d_records); } - return 1; + addRRSIG(keys, res->d_records, DNSName("com."), 300); + addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); } - else if (ip == ComboAddress("192.0.2.2:53")) { - setLWResult(res, 0, true, false, true); - if (type == QType::NS) { - addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com."); - addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); + return 1; + } + else if (ip == ComboAddress("192.0.2.2:53")) { + setLWResult(res, 0, true, false, true); + if (type == QType::NS) { + addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com."); + addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); + } + else { + if (domain == DNSName("powerdns.com.")) { + addRecordToLW(res, domain, QType::CNAME, targetCName.toString()); + /* No RRSIG -> Bogus */ } - else { - if (domain == DNSName("powerdns.com.")) { - addRecordToLW(res, domain, QType::CNAME, targetCName.toString()); - /* No RRSIG -> Bogus */ - } - else if (domain == targetCName) { - addRecordToLW(res, domain, QType::A, targetCNameAddr.toString()); - } + else if (domain == targetCName) { + addRecordToLW(res, domain, QType::A, targetCNameAddr.toString()); } - return 1; } + return 1; } + } - return 0; - }); + return 0; + }); vector ret; int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret); @@ -1025,7 +1034,8 @@ BOOST_AUTO_TEST_CASE(test_dnssec_bogus_to_insecure_cname) { BOOST_CHECK_EQUAL(queriesCount, 10U); } -BOOST_AUTO_TEST_CASE(test_dnssec_insecure_ta) { +BOOST_AUTO_TEST_CASE(test_dnssec_insecure_ta) +{ std::unique_ptr sr; initSR(sr, true); @@ -1046,59 +1056,59 @@ BOOST_AUTO_TEST_CASE(test_dnssec_insecure_ta) { size_t queriesCount = 0; - sr->setAsyncCallback([target,targetAddr,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - queriesCount++; + sr->setAsyncCallback([target, targetAddr, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queriesCount++; - if (type == QType::DNSKEY) { - if (domain == g_rootdnsname || domain == DNSName("powerdns.com.")) { - setLWResult(res, 0, true, false, true); - addDNSKEY(keys, domain, 300, res->d_records); - addRRSIG(keys, res->d_records, domain, 300); - return 1; + if (type == QType::DNSKEY) { + if (domain == g_rootdnsname || domain == DNSName("powerdns.com.")) { + setLWResult(res, 0, true, false, true); + addDNSKEY(keys, domain, 300, res->d_records); + addRRSIG(keys, res->d_records, domain, 300); + return 1; + } + else if (domain == DNSName("com.")) { + setLWResult(res, 0, true, false, true); + addRecordToLW(res, domain, QType::SOA, ". yop. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); + return 1; + } + } + else { + if (isRootServer(ip)) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600); + addNSECRecordToLW(DNSName("com."), DNSName("com."), {QType::NS}, 600, res->d_records); + addRRSIG(keys, res->d_records, DNSName("."), 300); + addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); + return 1; + } + else if (ip == ComboAddress("192.0.2.1:53")) { + if (target == domain) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600); + addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); } else if (domain == DNSName("com.")) { setLWResult(res, 0, true, false, true); - addRecordToLW(res, domain, QType::SOA, ". yop. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); - return 1; - } - } - else { - if (isRootServer(ip)) { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600); - addNSECRecordToLW(DNSName("com."), DNSName("com."), { QType::NS }, 600, res->d_records); - addRRSIG(keys, res->d_records, DNSName("."), 300); + addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com."); addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - return 1; } - else if (ip == ComboAddress("192.0.2.1:53")) { - if (target == domain) { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600); - addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); - } - else if (domain == DNSName("com.")) { - setLWResult(res, 0, true, false, true); - addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com."); - addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - } - return 1; + return 1; + } + else if (ip == ComboAddress("192.0.2.2:53")) { + setLWResult(res, 0, true, false, true); + if (type == QType::NS) { + addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com."); } - else if (ip == ComboAddress("192.0.2.2:53")) { - setLWResult(res, 0, true, false, true); - if (type == QType::NS) { - addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com."); - } - else { - addRecordToLW(res, domain, QType::A, targetAddr.toString(), DNSResourceRecord::ANSWER, 3600); - } - addRRSIG(keys, res->d_records, domain, 300); - return 1; + else { + addRecordToLW(res, domain, QType::A, targetAddr.toString(), DNSResourceRecord::ANSWER, 3600); } + addRRSIG(keys, res->d_records, domain, 300); + return 1; } + } - return 0; - }); + return 0; + }); vector ret; int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret); @@ -1120,7 +1130,8 @@ BOOST_AUTO_TEST_CASE(test_dnssec_insecure_ta) { BOOST_CHECK_EQUAL(queriesCount, 5U); } -BOOST_AUTO_TEST_CASE(test_dnssec_insecure_ta_norrsig) { +BOOST_AUTO_TEST_CASE(test_dnssec_insecure_ta_norrsig) +{ std::unique_ptr sr; initSR(sr, true); @@ -1141,59 +1152,59 @@ BOOST_AUTO_TEST_CASE(test_dnssec_insecure_ta_norrsig) { size_t queriesCount = 0; - sr->setAsyncCallback([target,targetAddr,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - queriesCount++; + sr->setAsyncCallback([target, targetAddr, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queriesCount++; - if (type == QType::DNSKEY) { - if (domain == g_rootdnsname || domain == DNSName("powerdns.com.")) { - setLWResult(res, 0, true, false, true); - addDNSKEY(keys, domain, 300, res->d_records); - addRRSIG(keys, res->d_records, domain, 300); - return 1; + if (type == QType::DNSKEY) { + if (domain == g_rootdnsname || domain == DNSName("powerdns.com.")) { + setLWResult(res, 0, true, false, true); + addDNSKEY(keys, domain, 300, res->d_records); + addRRSIG(keys, res->d_records, domain, 300); + return 1; + } + else if (domain == DNSName("com.")) { + setLWResult(res, 0, true, false, true); + addRecordToLW(res, domain, QType::SOA, ". yop. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); + return 1; + } + } + else { + if (target.isPartOf(domain) && isRootServer(ip)) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600); + addNSECRecordToLW(DNSName("com."), DNSName("com."), {QType::NS}, 600, res->d_records); + addRRSIG(keys, res->d_records, DNSName("."), 300); + addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); + return 1; + } + else if (ip == ComboAddress("192.0.2.1:53")) { + if (target == domain) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600); + addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); } else if (domain == DNSName("com.")) { setLWResult(res, 0, true, false, true); - addRecordToLW(res, domain, QType::SOA, ". yop. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); - return 1; - } - } - else { - if (target.isPartOf(domain) && isRootServer(ip)) { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.com.", DNSResourceRecord::AUTHORITY, 3600); - addNSECRecordToLW(DNSName("com."), DNSName("com."), { QType::NS }, 600, res->d_records); - addRRSIG(keys, res->d_records, DNSName("."), 300); + addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com."); addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - return 1; } - else if (ip == ComboAddress("192.0.2.1:53")) { - if (target == domain) { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 3600); - addRecordToLW(res, "ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); - } - else if (domain == DNSName("com.")) { - setLWResult(res, 0, true, false, true); - addRecordToLW(res, domain, QType::NS, "a.gtld-servers.com."); - addRecordToLW(res, "a.gtld-servers.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - } - return 1; + return 1; + } + else if (domain == target && ip == ComboAddress("192.0.2.2:53")) { + setLWResult(res, 0, true, false, true); + if (type == QType::NS) { + addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com."); } - else if (domain == target && ip == ComboAddress("192.0.2.2:53")) { - setLWResult(res, 0, true, false, true); - if (type == QType::NS) { - addRecordToLW(res, domain, QType::NS, "ns1.powerdns.com."); - } - else { - addRecordToLW(res, domain, QType::A, targetAddr.toString(), DNSResourceRecord::ANSWER, 3600); - } - /* No RRSIG in a now (thanks to TA) Secure zone -> Bogus*/ - return 1; + else { + addRecordToLW(res, domain, QType::A, targetAddr.toString(), DNSResourceRecord::ANSWER, 3600); } + /* No RRSIG in a now (thanks to TA) Secure zone -> Bogus*/ + return 1; } + } - return 0; - }); + return 0; + }); vector ret; int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret); @@ -1215,7 +1226,8 @@ BOOST_AUTO_TEST_CASE(test_dnssec_insecure_ta_norrsig) { BOOST_CHECK_EQUAL(queriesCount, 4U); } -BOOST_AUTO_TEST_CASE(test_dnssec_nta) { +BOOST_AUTO_TEST_CASE(test_dnssec_nta) +{ std::unique_ptr sr; initSR(sr, true); @@ -1234,35 +1246,36 @@ BOOST_AUTO_TEST_CASE(test_dnssec_nta) { size_t queriesCount = 0; - sr->setAsyncCallback([target,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - queriesCount++; + sr->setAsyncCallback([target, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queriesCount++; - if (domain == target && type == QType::NS) { + if (domain == target && type == QType::NS) { - setLWResult(res, 0, true, false, true); - char addr[] = "a.root-servers.net."; - for (char idx = 'a'; idx <= 'm'; idx++) { - addr[0] = idx; - addRecordToLW(res, domain, QType::NS, std::string(addr), DNSResourceRecord::ANSWER, 3600); - } + setLWResult(res, 0, true, false, true); + char addr[] = "a.root-servers.net."; + for (char idx = 'a'; idx <= 'm'; idx++) { + addr[0] = idx; + addRecordToLW(res, domain, QType::NS, std::string(addr), DNSResourceRecord::ANSWER, 3600); + } - addRRSIG(keys, res->d_records, domain, 300); + addRRSIG(keys, res->d_records, domain, 300); - addRecordToLW(res, "a.root-servers.net.", QType::A, "198.41.0.4", DNSResourceRecord::ADDITIONAL, 3600); - addRecordToLW(res, "a.root-servers.net.", QType::AAAA, "2001:503:ba3e::2:30", DNSResourceRecord::ADDITIONAL, 3600); + addRecordToLW(res, "a.root-servers.net.", QType::A, "198.41.0.4", DNSResourceRecord::ADDITIONAL, 3600); + addRecordToLW(res, "a.root-servers.net.", QType::AAAA, "2001:503:ba3e::2:30", DNSResourceRecord::ADDITIONAL, 3600); - return 1; - } else if (domain == target && type == QType::DNSKEY) { + return 1; + } + else if (domain == target && type == QType::DNSKEY) { - setLWResult(res, 0, true, false, true); + setLWResult(res, 0, true, false, true); - /* No DNSKEY */ + /* No DNSKEY */ - return 1; - } + return 1; + } - return 0; - }); + return 0; + }); vector ret; int res = sr->beginResolve(target, QType(QType::NS), QClass::IN, ret); @@ -1281,7 +1294,8 @@ BOOST_AUTO_TEST_CASE(test_dnssec_nta) { BOOST_CHECK_EQUAL(queriesCount, 1U); } -BOOST_AUTO_TEST_CASE(test_dnssec_no_ta) { +BOOST_AUTO_TEST_CASE(test_dnssec_no_ta) +{ std::unique_ptr sr; initSR(sr, true); @@ -1298,26 +1312,26 @@ BOOST_AUTO_TEST_CASE(test_dnssec_no_ta) { size_t queriesCount = 0; - sr->setAsyncCallback([target,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - queriesCount++; + sr->setAsyncCallback([target, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queriesCount++; - if (domain == target && type == QType::NS) { + if (domain == target && type == QType::NS) { - setLWResult(res, 0, true, false, true); - char addr[] = "a.root-servers.net."; - for (char idx = 'a'; idx <= 'm'; idx++) { - addr[0] = idx; - addRecordToLW(res, domain, QType::NS, std::string(addr), DNSResourceRecord::ANSWER, 3600); - } + setLWResult(res, 0, true, false, true); + char addr[] = "a.root-servers.net."; + for (char idx = 'a'; idx <= 'm'; idx++) { + addr[0] = idx; + addRecordToLW(res, domain, QType::NS, std::string(addr), DNSResourceRecord::ANSWER, 3600); + } - addRecordToLW(res, "a.root-servers.net.", QType::A, "198.41.0.4", DNSResourceRecord::ADDITIONAL, 3600); - addRecordToLW(res, "a.root-servers.net.", QType::AAAA, "2001:503:ba3e::2:30", DNSResourceRecord::ADDITIONAL, 3600); + addRecordToLW(res, "a.root-servers.net.", QType::A, "198.41.0.4", DNSResourceRecord::ADDITIONAL, 3600); + addRecordToLW(res, "a.root-servers.net.", QType::AAAA, "2001:503:ba3e::2:30", DNSResourceRecord::ADDITIONAL, 3600); - return 1; - } + return 1; + } - return 0; - }); + return 0; + }); vector ret; int res = sr->beginResolve(target, QType(QType::NS), QClass::IN, ret); @@ -1336,7 +1350,8 @@ BOOST_AUTO_TEST_CASE(test_dnssec_no_ta) { BOOST_CHECK_EQUAL(queriesCount, 1U); } -BOOST_AUTO_TEST_CASE(test_dnssec_bogus_nodata) { +BOOST_AUTO_TEST_CASE(test_dnssec_bogus_nodata) +{ std::unique_ptr sr; initSR(sr, true); @@ -1355,20 +1370,20 @@ BOOST_AUTO_TEST_CASE(test_dnssec_bogus_nodata) { size_t queriesCount = 0; - sr->setAsyncCallback([target,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - queriesCount++; + sr->setAsyncCallback([target, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queriesCount++; - if (type == QType::DS || type == QType::DNSKEY) { - return genericDSAndDNSKEYHandler(res, domain, domain, type, keys); - } - else { + if (type == QType::DS || type == QType::DNSKEY) { + return genericDSAndDNSKEYHandler(res, domain, domain, type, keys); + } + else { - setLWResult(res, 0, true, false, true); - return 1; - } + setLWResult(res, 0, true, false, true); + return 1; + } - return 0; - }); + return 0; + }); vector ret; int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret); diff --git a/pdns/recursordist/test-syncres_cc8.cc b/pdns/recursordist/test-syncres_cc8.cc index 4fcfc2cf03..a015227119 100644 --- a/pdns/recursordist/test-syncres_cc8.cc +++ b/pdns/recursordist/test-syncres_cc8.cc @@ -5,7 +5,8 @@ BOOST_AUTO_TEST_SUITE(syncres_cc8) -BOOST_AUTO_TEST_CASE(test_nsec_denial_nowrap) { +BOOST_AUTO_TEST_CASE(test_nsec_denial_nowrap) +{ initSR(); testkeysset_t keys; @@ -20,7 +21,7 @@ BOOST_AUTO_TEST_CASE(test_nsec_denial_nowrap) { No wrap test case: a.example.org. -> d.example.org. denies the existence of b.example.org. */ - addNSECRecordToLW(DNSName("a.example.org."), DNSName("d.example.org"), { QType::A, QType::TXT, QType::RRSIG, QType::NSEC }, 600, records); + addNSECRecordToLW(DNSName("a.example.org."), DNSName("d.example.org"), {QType::A, QType::TXT, QType::RRSIG, QType::NSEC}, 600, records); recordContents.push_back(records.at(0).d_content); addRRSIG(keys, records, DNSName("example.org."), 300); signatureContents.push_back(getRR(records.at(1))); @@ -35,7 +36,7 @@ BOOST_AUTO_TEST_CASE(test_nsec_denial_nowrap) { /* add wildcard denial */ recordContents.clear(); signatureContents.clear(); - addNSECRecordToLW(DNSName("example.org."), DNSName("+.example.org"), { QType::A, QType::TXT, QType::RRSIG, QType::NSEC }, 600, records); + addNSECRecordToLW(DNSName("example.org."), DNSName("+.example.org"), {QType::A, QType::TXT, QType::RRSIG, QType::NSEC}, 600, records); recordContents.push_back(records.at(0).d_content); addRRSIG(keys, records, DNSName("example.org."), 300); signatureContents.push_back(getRR(records.at(1))); @@ -53,7 +54,8 @@ BOOST_AUTO_TEST_CASE(test_nsec_denial_nowrap) { BOOST_CHECK_EQUAL(denialState, NODATA); } -BOOST_AUTO_TEST_CASE(test_nsec_denial_wrap_case_1) { +BOOST_AUTO_TEST_CASE(test_nsec_denial_wrap_case_1) +{ initSR(); testkeysset_t keys; @@ -68,7 +70,7 @@ BOOST_AUTO_TEST_CASE(test_nsec_denial_wrap_case_1) { Wrap case 1 test case: z.example.org. -> b.example.org. denies the existence of a.example.org. */ - addNSECRecordToLW(DNSName("z.example.org."), DNSName("b.example.org"), { QType::A, QType::TXT, QType::RRSIG, QType::NSEC }, 600, records); + addNSECRecordToLW(DNSName("z.example.org."), DNSName("b.example.org"), {QType::A, QType::TXT, QType::RRSIG, QType::NSEC}, 600, records); recordContents.push_back(records.at(0).d_content); addRRSIG(keys, records, DNSName("example.org."), 300); signatureContents.push_back(getRR(records.at(1))); @@ -88,7 +90,8 @@ BOOST_AUTO_TEST_CASE(test_nsec_denial_wrap_case_1) { BOOST_CHECK_EQUAL(denialState, NODATA); } -BOOST_AUTO_TEST_CASE(test_nsec_denial_wrap_case_2) { +BOOST_AUTO_TEST_CASE(test_nsec_denial_wrap_case_2) +{ initSR(); testkeysset_t keys; @@ -103,7 +106,7 @@ BOOST_AUTO_TEST_CASE(test_nsec_denial_wrap_case_2) { Wrap case 2 test case: y.example.org. -> a.example.org. denies the existence of z.example.org. */ - addNSECRecordToLW(DNSName("y.example.org."), DNSName("a.example.org"), { QType::A, QType::TXT, QType::RRSIG, QType::NSEC }, 600, records); + addNSECRecordToLW(DNSName("y.example.org."), DNSName("a.example.org"), {QType::A, QType::TXT, QType::RRSIG, QType::NSEC}, 600, records); recordContents.push_back(records.at(0).d_content); addRRSIG(keys, records, DNSName("example.org."), 300); signatureContents.push_back(getRR(records.at(1))); @@ -123,7 +126,8 @@ BOOST_AUTO_TEST_CASE(test_nsec_denial_wrap_case_2) { BOOST_CHECK_EQUAL(denialState, NODATA); } -BOOST_AUTO_TEST_CASE(test_nsec_denial_only_one_nsec) { +BOOST_AUTO_TEST_CASE(test_nsec_denial_only_one_nsec) +{ initSR(); testkeysset_t keys; @@ -138,7 +142,7 @@ BOOST_AUTO_TEST_CASE(test_nsec_denial_only_one_nsec) { Only one NSEC in the whole zone test case: a.example.org. -> a.example.org. denies the existence of b.example.org. */ - addNSECRecordToLW(DNSName("a.example.org."), DNSName("a.example.org"), { QType::A, QType::TXT, QType::RRSIG, QType::NSEC }, 600, records); + addNSECRecordToLW(DNSName("a.example.org."), DNSName("a.example.org"), {QType::A, QType::TXT, QType::RRSIG, QType::NSEC}, 600, records); recordContents.push_back(records.at(0).d_content); addRRSIG(keys, records, DNSName("example.org."), 300); signatureContents.push_back(getRR(records.at(1))); @@ -158,7 +162,8 @@ BOOST_AUTO_TEST_CASE(test_nsec_denial_only_one_nsec) { BOOST_CHECK_EQUAL(denialState, NODATA); } -BOOST_AUTO_TEST_CASE(test_nsec_root_nxd_denial) { +BOOST_AUTO_TEST_CASE(test_nsec_root_nxd_denial) +{ initSR(); testkeysset_t keys; @@ -173,7 +178,7 @@ BOOST_AUTO_TEST_CASE(test_nsec_root_nxd_denial) { The RRSIG from "." denies the existence of anything between a. and c., including b. */ - addNSECRecordToLW(DNSName("a."), DNSName("c."), { QType::NS }, 600, records); + addNSECRecordToLW(DNSName("a."), DNSName("c."), {QType::NS}, 600, records); recordContents.push_back(records.at(0).d_content); addRRSIG(keys, records, DNSName("."), 300); signatureContents.push_back(getRR(records.at(1))); @@ -188,7 +193,7 @@ BOOST_AUTO_TEST_CASE(test_nsec_root_nxd_denial) { /* add wildcard denial */ recordContents.clear(); signatureContents.clear(); - addNSECRecordToLW(DNSName("."), DNSName("+"), { QType::A, QType::TXT, QType::RRSIG, QType::NSEC }, 600, records); + addNSECRecordToLW(DNSName("."), DNSName("+"), {QType::A, QType::TXT, QType::RRSIG, QType::NSEC}, 600, records); recordContents.push_back(records.at(0).d_content); addRRSIG(keys, records, DNSName("."), 300); signatureContents.push_back(getRR(records.at(1))); @@ -202,7 +207,8 @@ BOOST_AUTO_TEST_CASE(test_nsec_root_nxd_denial) { BOOST_CHECK_EQUAL(denialState, NXDOMAIN); } -BOOST_AUTO_TEST_CASE(test_nsec_ancestor_nxqtype_denial) { +BOOST_AUTO_TEST_CASE(test_nsec_ancestor_nxqtype_denial) +{ initSR(); testkeysset_t keys; @@ -219,7 +225,7 @@ BOOST_AUTO_TEST_CASE(test_nsec_ancestor_nxqtype_denial) { signer field that is shorter than the owner name of the NSEC RR) it can't be used to deny anything except the whole name or a DS. */ - addNSECRecordToLW(DNSName("a."), DNSName("b."), { QType::NS }, 600, records); + addNSECRecordToLW(DNSName("a."), DNSName("b."), {QType::NS}, 600, records); recordContents.push_back(records.at(0).d_content); addRRSIG(keys, records, DNSName("."), 300); signatureContents.push_back(getRR(records.at(1))); @@ -251,7 +257,8 @@ BOOST_AUTO_TEST_CASE(test_nsec_ancestor_nxqtype_denial) { BOOST_CHECK_EQUAL(denialState, NXQTYPE); } -BOOST_AUTO_TEST_CASE(test_nsec_insecure_delegation_denial) { +BOOST_AUTO_TEST_CASE(test_nsec_insecure_delegation_denial) +{ initSR(); testkeysset_t keys; @@ -274,7 +281,7 @@ BOOST_AUTO_TEST_CASE(test_nsec_insecure_delegation_denial) { NS should be set if it was proving an insecure delegation, let's check that we correctly detect that it's not. */ - addNSECRecordToLW(DNSName("a."), DNSName("b."), { }, 600, records); + addNSECRecordToLW(DNSName("a."), DNSName("b."), {}, 600, records); recordContents.push_back(records.at(0).d_content); addRRSIG(keys, records, DNSName("."), 300); signatureContents.push_back(getRR(records.at(1))); @@ -292,7 +299,8 @@ BOOST_AUTO_TEST_CASE(test_nsec_insecure_delegation_denial) { BOOST_CHECK_EQUAL(denialState, NODATA); } -BOOST_AUTO_TEST_CASE(test_nsec_nxqtype_cname) { +BOOST_AUTO_TEST_CASE(test_nsec_nxqtype_cname) +{ initSR(); testkeysset_t keys; @@ -303,7 +311,7 @@ BOOST_AUTO_TEST_CASE(test_nsec_nxqtype_cname) { vector> recordContents; vector> signatureContents; - addNSECRecordToLW(DNSName("a.powerdns.com."), DNSName("a.c.powerdns.com."), { QType::CNAME }, 600, records); + addNSECRecordToLW(DNSName("a.powerdns.com."), DNSName("a.c.powerdns.com."), {QType::CNAME}, 600, records); recordContents.push_back(records.at(0).d_content); addRRSIG(keys, records, DNSName("powerdns.com."), 300); signatureContents.push_back(getRR(records.at(1))); @@ -320,7 +328,8 @@ BOOST_AUTO_TEST_CASE(test_nsec_nxqtype_cname) { BOOST_CHECK_EQUAL(denialState, NODATA); } -BOOST_AUTO_TEST_CASE(test_nsec3_nxqtype_cname) { +BOOST_AUTO_TEST_CASE(test_nsec3_nxqtype_cname) +{ initSR(); testkeysset_t keys; @@ -331,7 +340,7 @@ BOOST_AUTO_TEST_CASE(test_nsec3_nxqtype_cname) { vector> recordContents; vector> signatureContents; - addNSEC3UnhashedRecordToLW(DNSName("a.powerdns.com."), DNSName("powerdns.com."), "whatever", { QType::CNAME }, 600, records); + addNSEC3UnhashedRecordToLW(DNSName("a.powerdns.com."), DNSName("powerdns.com."), "whatever", {QType::CNAME}, 600, records); recordContents.push_back(records.at(0).d_content); addRRSIG(keys, records, DNSName("powerdns.com."), 300); signatureContents.push_back(getRR(records.at(1))); @@ -348,7 +357,8 @@ BOOST_AUTO_TEST_CASE(test_nsec3_nxqtype_cname) { BOOST_CHECK_EQUAL(denialState, NODATA); } -BOOST_AUTO_TEST_CASE(test_nsec_nxdomain_denial_missing_wildcard) { +BOOST_AUTO_TEST_CASE(test_nsec_nxdomain_denial_missing_wildcard) +{ initSR(); testkeysset_t keys; @@ -359,7 +369,7 @@ BOOST_AUTO_TEST_CASE(test_nsec_nxdomain_denial_missing_wildcard) { vector> recordContents; vector> signatureContents; - addNSECRecordToLW(DNSName("a.powerdns.com."), DNSName("d.powerdns.com"), { QType::A, QType::TXT, QType::RRSIG, QType::NSEC }, 600, records); + addNSECRecordToLW(DNSName("a.powerdns.com."), DNSName("d.powerdns.com"), {QType::A, QType::TXT, QType::RRSIG, QType::NSEC}, 600, records); recordContents.push_back(records.at(0).d_content); addRRSIG(keys, records, DNSName("powerdns.com."), 300); signatureContents.push_back(getRR(records.at(1))); @@ -375,7 +385,8 @@ BOOST_AUTO_TEST_CASE(test_nsec_nxdomain_denial_missing_wildcard) { BOOST_CHECK_EQUAL(denialState, NODATA); } -BOOST_AUTO_TEST_CASE(test_nsec3_nxdomain_denial_missing_wildcard) { +BOOST_AUTO_TEST_CASE(test_nsec3_nxdomain_denial_missing_wildcard) +{ initSR(); testkeysset_t keys; @@ -386,7 +397,7 @@ BOOST_AUTO_TEST_CASE(test_nsec3_nxdomain_denial_missing_wildcard) { vector> recordContents; vector> signatureContents; - addNSEC3NarrowRecordToLW(DNSName("a.powerdns.com."), DNSName("powerdns.com."), { QType::A, QType::TXT, QType::RRSIG, QType::NSEC }, 600, records); + addNSEC3NarrowRecordToLW(DNSName("a.powerdns.com."), DNSName("powerdns.com."), {QType::A, QType::TXT, QType::RRSIG, QType::NSEC}, 600, records); recordContents.push_back(records.at(0).d_content); addRRSIG(keys, records, DNSName("powerdns.com."), 300); signatureContents.push_back(getRR(records.at(1))); @@ -401,7 +412,7 @@ BOOST_AUTO_TEST_CASE(test_nsec3_nxdomain_denial_missing_wildcard) { recordContents.clear(); signatureContents.clear(); records.clear(); - addNSEC3UnhashedRecordToLW(DNSName("powerdns.com."), DNSName("powerdns.com."), "whatever", { QType::A, QType::TXT, QType::RRSIG, QType::NSEC }, 600, records); + addNSEC3UnhashedRecordToLW(DNSName("powerdns.com."), DNSName("powerdns.com."), "whatever", {QType::A, QType::TXT, QType::RRSIG, QType::NSEC}, 600, records); recordContents.push_back(records.at(0).d_content); addRRSIG(keys, records, DNSName("powerdns.com."), 300); signatureContents.push_back(getRR(records.at(1))); @@ -414,7 +425,8 @@ BOOST_AUTO_TEST_CASE(test_nsec3_nxdomain_denial_missing_wildcard) { BOOST_CHECK_EQUAL(denialState, NODATA); } -BOOST_AUTO_TEST_CASE(test_nsec_ent_denial) { +BOOST_AUTO_TEST_CASE(test_nsec_ent_denial) +{ initSR(); testkeysset_t keys; @@ -425,7 +437,7 @@ BOOST_AUTO_TEST_CASE(test_nsec_ent_denial) { vector> recordContents; vector> signatureContents; - addNSECRecordToLW(DNSName("a.powerdns.com."), DNSName("a.c.powerdns.com."), { QType::A }, 600, records); + addNSECRecordToLW(DNSName("a.powerdns.com."), DNSName("a.c.powerdns.com."), {QType::A}, 600, records); recordContents.push_back(records.at(0).d_content); addRRSIG(keys, records, DNSName("powerdns.com."), 300); signatureContents.push_back(getRR(records.at(1))); @@ -454,7 +466,7 @@ BOOST_AUTO_TEST_CASE(test_nsec_ent_denial) { /* if we add the wildcard denial proof, we should get a NXDOMAIN proof for b.powerdns.com */ recordContents.clear(); signatureContents.clear(); - addNSECRecordToLW(DNSName(").powerdns.com."), DNSName("+.powerdns.com."), { }, 600, records); + addNSECRecordToLW(DNSName(").powerdns.com."), DNSName("+.powerdns.com."), {}, 600, records); recordContents.push_back(records.at(0).d_content); addRRSIG(keys, records, DNSName("powerdns.com."), 300); signatureContents.push_back(getRR(records.at(1))); @@ -467,7 +479,8 @@ BOOST_AUTO_TEST_CASE(test_nsec_ent_denial) { BOOST_CHECK_EQUAL(denialState, NXDOMAIN); } -BOOST_AUTO_TEST_CASE(test_nsec3_ancestor_nxqtype_denial) { +BOOST_AUTO_TEST_CASE(test_nsec3_ancestor_nxqtype_denial) +{ initSR(); testkeysset_t keys; @@ -484,7 +497,7 @@ BOOST_AUTO_TEST_CASE(test_nsec3_ancestor_nxqtype_denial) { signer field that is shorter than the owner name of the NSEC RR) it can't be used to deny anything except the whole name or a DS. */ - addNSEC3UnhashedRecordToLW(DNSName("a."), DNSName("."), "whatever", { QType::NS }, 600, records); + addNSEC3UnhashedRecordToLW(DNSName("a."), DNSName("."), "whatever", {QType::NS}, 600, records); recordContents.push_back(records.at(0).d_content); addRRSIG(keys, records, DNSName("."), 300); signatureContents.push_back(getRR(records.at(1))); @@ -516,7 +529,7 @@ BOOST_AUTO_TEST_CASE(test_nsec3_ancestor_nxqtype_denial) { recordContents.clear(); signatureContents.clear(); records.clear(); - addNSEC3NarrowRecordToLW(DNSName("sub.a."), DNSName("."), { QType::A, QType::TXT, QType::RRSIG, QType::NSEC3 }, 600, records); + addNSEC3NarrowRecordToLW(DNSName("sub.a."), DNSName("."), {QType::A, QType::TXT, QType::RRSIG, QType::NSEC3}, 600, records); recordContents.push_back(records.at(0).d_content); addRRSIG(keys, records, DNSName("."), 300); signatureContents.push_back(getRR(records.at(1))); @@ -529,7 +542,7 @@ BOOST_AUTO_TEST_CASE(test_nsec3_ancestor_nxqtype_denial) { recordContents.clear(); signatureContents.clear(); records.clear(); - addNSEC3NarrowRecordToLW(DNSName("*.a."), DNSName("."), { QType::A, QType::TXT, QType::RRSIG, QType::NSEC3 }, 600, records); + addNSEC3NarrowRecordToLW(DNSName("*.a."), DNSName("."), {QType::A, QType::TXT, QType::RRSIG, QType::NSEC3}, 600, records); recordContents.push_back(records.at(0).d_content); addRRSIG(keys, records, DNSName("."), 300); signatureContents.push_back(getRR(records.at(1))); @@ -542,7 +555,8 @@ BOOST_AUTO_TEST_CASE(test_nsec3_ancestor_nxqtype_denial) { BOOST_CHECK_EQUAL(denialState, NODATA); } -BOOST_AUTO_TEST_CASE(test_nsec3_denial_too_many_iterations) { +BOOST_AUTO_TEST_CASE(test_nsec3_denial_too_many_iterations) +{ initSR(); testkeysset_t keys; @@ -554,7 +568,7 @@ BOOST_AUTO_TEST_CASE(test_nsec3_denial_too_many_iterations) { vector> signatureContents; /* adding a NSEC3 with more iterations that we support */ - addNSEC3UnhashedRecordToLW(DNSName("a."), DNSName("."), "whatever", { QType::AAAA }, 600, records, g_maxNSEC3Iterations + 100); + addNSEC3UnhashedRecordToLW(DNSName("a."), DNSName("."), "whatever", {QType::AAAA}, 600, records, g_maxNSEC3Iterations + 100); recordContents.push_back(records.at(0).d_content); addRRSIG(keys, records, DNSName("."), 300); signatureContents.push_back(getRR(records.at(1))); @@ -571,7 +585,8 @@ BOOST_AUTO_TEST_CASE(test_nsec3_denial_too_many_iterations) { BOOST_CHECK_EQUAL(denialState, INSECURE); } -BOOST_AUTO_TEST_CASE(test_nsec3_insecure_delegation_denial) { +BOOST_AUTO_TEST_CASE(test_nsec3_insecure_delegation_denial) +{ initSR(); testkeysset_t keys; @@ -594,7 +609,7 @@ BOOST_AUTO_TEST_CASE(test_nsec3_insecure_delegation_denial) { NS should be set if it was proving an insecure delegation, let's check that we correctly detect that it's not. */ - addNSEC3UnhashedRecordToLW(DNSName("a."), DNSName("."), "whatever", { }, 600, records); + addNSEC3UnhashedRecordToLW(DNSName("a."), DNSName("."), "whatever", {}, 600, records); recordContents.push_back(records.at(0).d_content); addRRSIG(keys, records, DNSName("."), 300); signatureContents.push_back(getRR(records.at(1))); @@ -612,7 +627,8 @@ BOOST_AUTO_TEST_CASE(test_nsec3_insecure_delegation_denial) { BOOST_CHECK_EQUAL(denialState, NODATA); } -BOOST_AUTO_TEST_CASE(test_dnssec_rrsig_negcache_validity) { +BOOST_AUTO_TEST_CASE(test_dnssec_rrsig_negcache_validity) +{ std::unique_ptr sr; initSR(sr, true); @@ -631,26 +647,26 @@ BOOST_AUTO_TEST_CASE(test_dnssec_rrsig_negcache_validity) { size_t queriesCount = 0; const time_t fixedNow = sr->getNow().tv_sec; - sr->setAsyncCallback([target,&queriesCount,keys,fixedNow](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - queriesCount++; + sr->setAsyncCallback([target, &queriesCount, keys, fixedNow](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queriesCount++; - DNSName auth = domain; - auth.chopOff(); + DNSName auth = domain; + auth.chopOff(); - if (type == QType::DS || type == QType::DNSKEY) { - return genericDSAndDNSKEYHandler(res, domain, auth, type, keys); - } - else { - setLWResult(res, RCode::NoError, true, false, true); - addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); - addRRSIG(keys, res->d_records, domain, 300); - addNSECRecordToLW(domain, DNSName("z."), { QType::NSEC, QType::RRSIG }, 600, res->d_records); - addRRSIG(keys, res->d_records, domain, 1, false, boost::none, boost::none, fixedNow); - return 1; - } + if (type == QType::DS || type == QType::DNSKEY) { + return genericDSAndDNSKEYHandler(res, domain, auth, type, keys); + } + else { + setLWResult(res, RCode::NoError, true, false, true); + addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); + addRRSIG(keys, res->d_records, domain, 300); + addNSECRecordToLW(domain, DNSName("z."), {QType::NSEC, QType::RRSIG}, 600, res->d_records); + addRRSIG(keys, res->d_records, domain, 1, false, boost::none, boost::none, fixedNow); + return 1; + } - return 0; - }); + return 0; + }); vector ret; int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret); @@ -679,7 +695,8 @@ BOOST_AUTO_TEST_CASE(test_dnssec_rrsig_negcache_validity) { BOOST_CHECK_EQUAL(queriesCount, 4U); } -BOOST_AUTO_TEST_CASE(test_dnssec_rrsig_negcache_bogus_validity) { +BOOST_AUTO_TEST_CASE(test_dnssec_rrsig_negcache_bogus_validity) +{ std::unique_ptr sr; initSR(sr, true); @@ -698,26 +715,26 @@ BOOST_AUTO_TEST_CASE(test_dnssec_rrsig_negcache_bogus_validity) { size_t queriesCount = 0; const time_t fixedNow = sr->getNow().tv_sec; - sr->setAsyncCallback([&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - queriesCount++; + sr->setAsyncCallback([&queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queriesCount++; - DNSName auth = domain; - auth.chopOff(); + DNSName auth = domain; + auth.chopOff(); - if (type == QType::DS || type == QType::DNSKEY) { - return genericDSAndDNSKEYHandler(res, domain, auth, type, keys); - } - else { - setLWResult(res, RCode::NoError, true, false, true); - addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 86400); - addRRSIG(keys, res->d_records, domain, 86400); - addNSECRecordToLW(domain, DNSName("z."), { QType::NSEC, QType::RRSIG }, 86400, res->d_records); - /* no RRSIG */ - return 1; - } + if (type == QType::DS || type == QType::DNSKEY) { + return genericDSAndDNSKEYHandler(res, domain, auth, type, keys); + } + else { + setLWResult(res, RCode::NoError, true, false, true); + addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 86400); + addRRSIG(keys, res->d_records, domain, 86400); + addNSECRecordToLW(domain, DNSName("z."), {QType::NSEC, QType::RRSIG}, 86400, res->d_records); + /* no RRSIG */ + return 1; + } - return 0; - }); + return 0; + }); SyncRes::s_maxnegttl = 3600; SyncRes::s_maxbogusttl = 360; @@ -749,7 +766,8 @@ BOOST_AUTO_TEST_CASE(test_dnssec_rrsig_negcache_bogus_validity) { BOOST_CHECK_EQUAL(queriesCount, 4U); } -BOOST_AUTO_TEST_CASE(test_dnssec_rrsig_cache_validity) { +BOOST_AUTO_TEST_CASE(test_dnssec_rrsig_cache_validity) +{ std::unique_ptr sr; initSR(sr, true); @@ -769,24 +787,24 @@ BOOST_AUTO_TEST_CASE(test_dnssec_rrsig_cache_validity) { size_t queriesCount = 0; const time_t tnow = sr->getNow().tv_sec; - sr->setAsyncCallback([target,targetAddr,&queriesCount,keys,tnow](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - queriesCount++; + sr->setAsyncCallback([target, targetAddr, &queriesCount, keys, tnow](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queriesCount++; - DNSName auth = domain; - auth.chopOff(); + DNSName auth = domain; + auth.chopOff(); - if (type == QType::DS || type == QType::DNSKEY) { - return genericDSAndDNSKEYHandler(res, domain, auth, type, keys); - } - else { - setLWResult(res, RCode::NoError, true, false, true); - addRecordToLW(res, domain, QType::A, targetAddr.toString(), DNSResourceRecord::ANSWER, 3600); - addRRSIG(keys, res->d_records, domain, 1, false, boost::none, boost::none, tnow); - return 1; - } + if (type == QType::DS || type == QType::DNSKEY) { + return genericDSAndDNSKEYHandler(res, domain, auth, type, keys); + } + else { + setLWResult(res, RCode::NoError, true, false, true); + addRecordToLW(res, domain, QType::A, targetAddr.toString(), DNSResourceRecord::ANSWER, 3600); + addRRSIG(keys, res->d_records, domain, 1, false, boost::none, boost::none, tnow); + return 1; + } - return 0; - }); + return 0; + }); vector ret; int res = sr->beginResolve(target, QType(QType::A), QClass::IN, ret); @@ -813,7 +831,8 @@ BOOST_AUTO_TEST_CASE(test_dnssec_rrsig_cache_validity) { BOOST_CHECK_EQUAL(queriesCount, 4U); } -BOOST_AUTO_TEST_CASE(test_dnssec_validation_from_cache_secure) { +BOOST_AUTO_TEST_CASE(test_dnssec_validation_from_cache_secure) +{ /* Validation is optional, and the first query does not ask for it, so the answer is cached as Indeterminate. @@ -836,23 +855,23 @@ BOOST_AUTO_TEST_CASE(test_dnssec_validation_from_cache_secure) { size_t queriesCount = 0; - sr->setAsyncCallback([target,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - queriesCount++; - - if (type == QType::DS || type == QType::DNSKEY) { - return genericDSAndDNSKEYHandler(res, domain, domain, type, keys, false); - } - else { - if (domain == target && type == QType::A) { - setLWResult(res, 0, true, false, true); - addRecordToLW(res, target, QType::A, "192.0.2.1"); - addRRSIG(keys, res->d_records, DNSName("."), 300); - return 1; - } + sr->setAsyncCallback([target, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queriesCount++; + + if (type == QType::DS || type == QType::DNSKEY) { + return genericDSAndDNSKEYHandler(res, domain, domain, type, keys, false); + } + else { + if (domain == target && type == QType::A) { + setLWResult(res, 0, true, false, true); + addRecordToLW(res, target, QType::A, "192.0.2.1"); + addRRSIG(keys, res->d_records, DNSName("."), 300); + return 1; } + } - return 0; - }); + return 0; + }); vector ret; /* first query does not require validation */ @@ -866,7 +885,6 @@ BOOST_AUTO_TEST_CASE(test_dnssec_validation_from_cache_secure) { } BOOST_CHECK_EQUAL(queriesCount, 1U); - ret.clear(); /* second one _does_ require validation */ sr->setDNSSECValidationRequested(true); @@ -880,7 +898,8 @@ BOOST_AUTO_TEST_CASE(test_dnssec_validation_from_cache_secure) { BOOST_CHECK_EQUAL(queriesCount, 3U); } -BOOST_AUTO_TEST_CASE(test_dnssec_validation_from_cache_insecure) { +BOOST_AUTO_TEST_CASE(test_dnssec_validation_from_cache_insecure) +{ /* Validation is optional, and the first query does not ask for it, so the answer is cached as Indeterminate. @@ -902,22 +921,22 @@ BOOST_AUTO_TEST_CASE(test_dnssec_validation_from_cache_insecure) { size_t queriesCount = 0; - sr->setAsyncCallback([target,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - queriesCount++; + sr->setAsyncCallback([target, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queriesCount++; - if (type == QType::DS || type == QType::DNSKEY) { - return genericDSAndDNSKEYHandler(res, domain, domain, type, keys, false); - } - else { - if (domain == target && type == QType::A) { - setLWResult(res, 0, true, false, true); - addRecordToLW(res, target, QType::A, "192.0.2.1"); - return 1; - } + if (type == QType::DS || type == QType::DNSKEY) { + return genericDSAndDNSKEYHandler(res, domain, domain, type, keys, false); + } + else { + if (domain == target && type == QType::A) { + setLWResult(res, 0, true, false, true); + addRecordToLW(res, target, QType::A, "192.0.2.1"); + return 1; } + } - return 0; - }); + return 0; + }); vector ret; /* first query does not require validation */ @@ -931,7 +950,6 @@ BOOST_AUTO_TEST_CASE(test_dnssec_validation_from_cache_insecure) { } BOOST_CHECK_EQUAL(queriesCount, 1U); - ret.clear(); /* second one _does_ require validation */ sr->setDNSSECValidationRequested(true); @@ -945,7 +963,8 @@ BOOST_AUTO_TEST_CASE(test_dnssec_validation_from_cache_insecure) { BOOST_CHECK_EQUAL(queriesCount, 1U); } -BOOST_AUTO_TEST_CASE(test_dnssec_validation_from_cache_bogus) { +BOOST_AUTO_TEST_CASE(test_dnssec_validation_from_cache_bogus) +{ /* Validation is optional, and the first query does not ask for it, so the answer is cached as Indeterminate. @@ -968,23 +987,23 @@ BOOST_AUTO_TEST_CASE(test_dnssec_validation_from_cache_bogus) { size_t queriesCount = 0; - sr->setAsyncCallback([target,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - queriesCount++; + sr->setAsyncCallback([target, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queriesCount++; - if (type == QType::DS || type == QType::DNSKEY) { - return genericDSAndDNSKEYHandler(res, domain, domain, type, keys, false); - } - else { - if (domain == target && type == QType::A) { - setLWResult(res, 0, true, false, true); - addRecordToLW(res, target, QType::A, "192.0.2.1", DNSResourceRecord::ANSWER, 86400); - /* no RRSIG */ - return 1; - } + if (type == QType::DS || type == QType::DNSKEY) { + return genericDSAndDNSKEYHandler(res, domain, domain, type, keys, false); + } + else { + if (domain == target && type == QType::A) { + setLWResult(res, 0, true, false, true); + addRecordToLW(res, target, QType::A, "192.0.2.1", DNSResourceRecord::ANSWER, 86400); + /* no RRSIG */ + return 1; } + } - return 0; - }); + return 0; + }); SyncRes::s_maxbogusttl = 3600; @@ -1001,7 +1020,6 @@ BOOST_AUTO_TEST_CASE(test_dnssec_validation_from_cache_bogus) { } BOOST_CHECK_EQUAL(queriesCount, 1U); - ret.clear(); /* second one _does_ require validation */ sr->setDNSSECValidationRequested(true); diff --git a/pdns/recursordist/test-syncres_cc9.cc b/pdns/recursordist/test-syncres_cc9.cc index fff5a5429b..cf12fa2736 100644 --- a/pdns/recursordist/test-syncres_cc9.cc +++ b/pdns/recursordist/test-syncres_cc9.cc @@ -5,7 +5,8 @@ BOOST_AUTO_TEST_SUITE(syncres_cc9) -BOOST_AUTO_TEST_CASE(test_dnssec_validation_from_cname_cache_secure) { +BOOST_AUTO_TEST_CASE(test_dnssec_validation_from_cname_cache_secure) +{ /* Validation is optional, and the first query does not ask for it, so the answer is cached as Indeterminate. @@ -29,30 +30,31 @@ BOOST_AUTO_TEST_CASE(test_dnssec_validation_from_cname_cache_secure) { size_t queriesCount = 0; - sr->setAsyncCallback([target,cnameTarget,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - queriesCount++; + sr->setAsyncCallback([target, cnameTarget, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queriesCount++; - if (type == QType::DS || type == QType::DNSKEY) { - return genericDSAndDNSKEYHandler(res, domain, domain, type, keys, false); + if (type == QType::DS || type == QType::DNSKEY) { + return genericDSAndDNSKEYHandler(res, domain, domain, type, keys, false); + } + else { + if (domain == target && type == QType::A) { + setLWResult(res, 0, true, false, true); + addRecordToLW(res, target, QType::CNAME, cnameTarget.toString()); + addRRSIG(keys, res->d_records, DNSName("."), 300); + addRecordToLW(res, cnameTarget, QType::A, "192.0.2.1"); + addRRSIG(keys, res->d_records, DNSName("."), 300); + return 1; } - else { - if (domain == target && type == QType::A) { - setLWResult(res, 0, true, false, true); - addRecordToLW(res, target, QType::CNAME, cnameTarget.toString()); - addRRSIG(keys, res->d_records, DNSName("."), 300); - addRecordToLW(res, cnameTarget, QType::A, "192.0.2.1"); - addRRSIG(keys, res->d_records, DNSName("."), 300); - return 1; - } else if (domain == cnameTarget && type == QType::A) { - setLWResult(res, 0, true, false, true); - addRecordToLW(res, cnameTarget, QType::A, "192.0.2.1"); - addRRSIG(keys, res->d_records, DNSName("."), 300); - return 1; - } + else if (domain == cnameTarget && type == QType::A) { + setLWResult(res, 0, true, false, true); + addRecordToLW(res, cnameTarget, QType::A, "192.0.2.1"); + addRRSIG(keys, res->d_records, DNSName("."), 300); + return 1; } + } - return 0; - }); + return 0; + }); vector ret; /* first query does not require validation */ @@ -66,7 +68,6 @@ BOOST_AUTO_TEST_CASE(test_dnssec_validation_from_cname_cache_secure) { } BOOST_CHECK_EQUAL(queriesCount, 2U); - ret.clear(); /* second one _does_ require validation */ sr->setDNSSECValidationRequested(true); @@ -80,7 +81,8 @@ BOOST_AUTO_TEST_CASE(test_dnssec_validation_from_cname_cache_secure) { BOOST_CHECK_EQUAL(queriesCount, 5U); } -BOOST_AUTO_TEST_CASE(test_dnssec_validation_from_cname_cache_insecure) { +BOOST_AUTO_TEST_CASE(test_dnssec_validation_from_cname_cache_insecure) +{ /* Validation is optional, and the first query does not ask for it, so the answer is cached as Indeterminate. @@ -103,27 +105,28 @@ BOOST_AUTO_TEST_CASE(test_dnssec_validation_from_cname_cache_insecure) { size_t queriesCount = 0; - sr->setAsyncCallback([target,cnameTarget,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - queriesCount++; + sr->setAsyncCallback([target, cnameTarget, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queriesCount++; - if (type == QType::DS || type == QType::DNSKEY) { - return genericDSAndDNSKEYHandler(res, domain, domain, type, keys, false); + if (type == QType::DS || type == QType::DNSKEY) { + return genericDSAndDNSKEYHandler(res, domain, domain, type, keys, false); + } + else { + if (domain == target && type == QType::A) { + setLWResult(res, 0, true, false, true); + addRecordToLW(res, target, QType::CNAME, cnameTarget.toString()); + addRecordToLW(res, cnameTarget, QType::A, "192.0.2.1"); + return 1; } - else { - if (domain == target && type == QType::A) { - setLWResult(res, 0, true, false, true); - addRecordToLW(res, target, QType::CNAME, cnameTarget.toString()); - addRecordToLW(res, cnameTarget, QType::A, "192.0.2.1"); - return 1; - } else if (domain == cnameTarget && type == QType::A) { - setLWResult(res, 0, true, false, true); - addRecordToLW(res, cnameTarget, QType::A, "192.0.2.1"); - return 1; - } + else if (domain == cnameTarget && type == QType::A) { + setLWResult(res, 0, true, false, true); + addRecordToLW(res, cnameTarget, QType::A, "192.0.2.1"); + return 1; } + } - return 0; - }); + return 0; + }); vector ret; /* first query does not require validation */ @@ -137,7 +140,6 @@ BOOST_AUTO_TEST_CASE(test_dnssec_validation_from_cname_cache_insecure) { } BOOST_CHECK_EQUAL(queriesCount, 2U); - ret.clear(); /* second one _does_ require validation */ sr->setDNSSECValidationRequested(true); @@ -151,7 +153,8 @@ BOOST_AUTO_TEST_CASE(test_dnssec_validation_from_cname_cache_insecure) { BOOST_CHECK_EQUAL(queriesCount, 2U); } -BOOST_AUTO_TEST_CASE(test_dnssec_validation_from_cname_cache_bogus) { +BOOST_AUTO_TEST_CASE(test_dnssec_validation_from_cname_cache_bogus) +{ /* Validation is optional, and the first query does not ask for it, so the answer is cached as Indeterminate. @@ -175,29 +178,30 @@ BOOST_AUTO_TEST_CASE(test_dnssec_validation_from_cname_cache_bogus) { size_t queriesCount = 0; - sr->setAsyncCallback([target,cnameTarget,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - queriesCount++; + sr->setAsyncCallback([target, cnameTarget, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queriesCount++; - if (type == QType::DS || type == QType::DNSKEY) { - return genericDSAndDNSKEYHandler(res, domain, domain, type, keys, false); + if (type == QType::DS || type == QType::DNSKEY) { + return genericDSAndDNSKEYHandler(res, domain, domain, type, keys, false); + } + else { + if (domain == target && type == QType::A) { + setLWResult(res, 0, true, false, true); + addRecordToLW(res, target, QType::CNAME, cnameTarget.toString(), DNSResourceRecord::ANSWER, 86400); + addRecordToLW(res, cnameTarget, QType::A, "192.0.2.1", DNSResourceRecord::ANSWER, 86400); + /* no RRSIG */ + return 1; } - else { - if (domain == target && type == QType::A) { - setLWResult(res, 0, true, false, true); - addRecordToLW(res, target, QType::CNAME, cnameTarget.toString(), DNSResourceRecord::ANSWER, 86400); - addRecordToLW(res, cnameTarget, QType::A, "192.0.2.1", DNSResourceRecord::ANSWER, 86400); - /* no RRSIG */ - return 1; - } else if (domain == cnameTarget && type == QType::A) { - setLWResult(res, 0, true, false, true); - addRecordToLW(res, cnameTarget, QType::A, "192.0.2.1", DNSResourceRecord::ANSWER, 86400); - /* no RRSIG */ - return 1; - } + else if (domain == cnameTarget && type == QType::A) { + setLWResult(res, 0, true, false, true); + addRecordToLW(res, cnameTarget, QType::A, "192.0.2.1", DNSResourceRecord::ANSWER, 86400); + /* no RRSIG */ + return 1; } + } - return 0; - }); + return 0; + }); SyncRes::s_maxbogusttl = 60; SyncRes::s_maxnegttl = 3600; @@ -215,7 +219,6 @@ BOOST_AUTO_TEST_CASE(test_dnssec_validation_from_cname_cache_bogus) { } BOOST_CHECK_EQUAL(queriesCount, 2U); - ret.clear(); /* second one _does_ require validation */ sr->setDNSSECValidationRequested(true); @@ -246,7 +249,8 @@ BOOST_AUTO_TEST_CASE(test_dnssec_validation_from_cname_cache_bogus) { BOOST_CHECK_EQUAL(queriesCount, 5U); } -BOOST_AUTO_TEST_CASE(test_dnssec_validation_additional_without_rrsig) { +BOOST_AUTO_TEST_CASE(test_dnssec_validation_additional_without_rrsig) +{ /* We get a record from a secure zone in the additional section, without the corresponding RRSIG. The record should not be marked as authoritative @@ -269,36 +273,37 @@ BOOST_AUTO_TEST_CASE(test_dnssec_validation_additional_without_rrsig) { size_t queriesCount = 0; - sr->setAsyncCallback([target,addTarget,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - queriesCount++; + sr->setAsyncCallback([target, addTarget, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queriesCount++; - if (type == QType::DS || type == QType::DNSKEY) { - if (domain == addTarget) { - DNSName auth(domain); - /* no DS for com, auth will be . */ - auth.chopOff(); - return genericDSAndDNSKEYHandler(res, domain, auth, type, keys, false); - } - return genericDSAndDNSKEYHandler(res, domain, domain, type, keys, false); + if (type == QType::DS || type == QType::DNSKEY) { + if (domain == addTarget) { + DNSName auth(domain); + /* no DS for com, auth will be . */ + auth.chopOff(); + return genericDSAndDNSKEYHandler(res, domain, auth, type, keys, false); } - else { - if (domain == target && type == QType::A) { - setLWResult(res, 0, true, false, true); - addRecordToLW(res, target, QType::A, "192.0.2.1"); - addRRSIG(keys, res->d_records, DNSName("."), 300); - addRecordToLW(res, addTarget, QType::A, "192.0.2.42", DNSResourceRecord::ADDITIONAL); - /* no RRSIG for the additional record */ - return 1; - } else if (domain == addTarget && type == QType::A) { - setLWResult(res, 0, true, false, true); - addRecordToLW(res, addTarget, QType::A, "192.0.2.42"); - addRRSIG(keys, res->d_records, DNSName("."), 300); - return 1; - } + return genericDSAndDNSKEYHandler(res, domain, domain, type, keys, false); + } + else { + if (domain == target && type == QType::A) { + setLWResult(res, 0, true, false, true); + addRecordToLW(res, target, QType::A, "192.0.2.1"); + addRRSIG(keys, res->d_records, DNSName("."), 300); + addRecordToLW(res, addTarget, QType::A, "192.0.2.42", DNSResourceRecord::ADDITIONAL); + /* no RRSIG for the additional record */ + return 1; } + else if (domain == addTarget && type == QType::A) { + setLWResult(res, 0, true, false, true); + addRecordToLW(res, addTarget, QType::A, "192.0.2.42"); + addRRSIG(keys, res->d_records, DNSName("."), 300); + return 1; + } + } - return 0; - }); + return 0; + }); vector ret; /* first query for target/A, will pick up the additional record as non-auth / unvalidated */ @@ -326,7 +331,8 @@ BOOST_AUTO_TEST_CASE(test_dnssec_validation_additional_without_rrsig) { BOOST_CHECK_EQUAL(queriesCount, 5U); } -BOOST_AUTO_TEST_CASE(test_dnssec_validation_from_negcache_secure) { +BOOST_AUTO_TEST_CASE(test_dnssec_validation_from_negcache_secure) +{ /* Validation is optional, and the first query does not ask for it, so the answer is negatively cached as Indeterminate. @@ -351,26 +357,26 @@ BOOST_AUTO_TEST_CASE(test_dnssec_validation_from_negcache_secure) { size_t queriesCount = 0; const time_t fixedNow = sr->getNow().tv_sec; - sr->setAsyncCallback([target,&queriesCount,keys,fixedNow](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - queriesCount++; + sr->setAsyncCallback([target, &queriesCount, keys, fixedNow](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queriesCount++; - DNSName auth = domain; - auth.chopOff(); + DNSName auth = domain; + auth.chopOff(); - if (type == QType::DS || type == QType::DNSKEY) { - return genericDSAndDNSKEYHandler(res, domain, auth, type, keys); - } - else { - setLWResult(res, RCode::NoError, true, false, true); - addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); - addRRSIG(keys, res->d_records, domain, 300); - addNSECRecordToLW(domain, DNSName("z."), { QType::NSEC, QType::RRSIG }, 600, res->d_records); - addRRSIG(keys, res->d_records, domain, 1, false, boost::none, boost::none, fixedNow); - return 1; - } + if (type == QType::DS || type == QType::DNSKEY) { + return genericDSAndDNSKEYHandler(res, domain, auth, type, keys); + } + else { + setLWResult(res, RCode::NoError, true, false, true); + addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); + addRRSIG(keys, res->d_records, domain, 300); + addNSECRecordToLW(domain, DNSName("z."), {QType::NSEC, QType::RRSIG}, 600, res->d_records); + addRRSIG(keys, res->d_records, domain, 1, false, boost::none, boost::none, fixedNow); + return 1; + } - return 0; - }); + return 0; + }); vector ret; /* first query does not require validation */ @@ -407,7 +413,8 @@ BOOST_AUTO_TEST_CASE(test_dnssec_validation_from_negcache_secure) { BOOST_CHECK_EQUAL(ne->DNSSECRecords.signatures.size(), 1U); } -BOOST_AUTO_TEST_CASE(test_dnssec_validation_from_negcache_secure_ds) { +BOOST_AUTO_TEST_CASE(test_dnssec_validation_from_negcache_secure_ds) +{ /* Validation is optional, and the first query does not ask for it, so the answer is negatively cached as Indeterminate. @@ -435,19 +442,19 @@ BOOST_AUTO_TEST_CASE(test_dnssec_validation_from_negcache_secure_ds) { size_t queriesCount = 0; - sr->setAsyncCallback([target,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - queriesCount++; + sr->setAsyncCallback([target, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queriesCount++; - if (type == QType::DS || type == QType::DNSKEY) { - if (domain == target) { - /* there is no cut */ - return genericDSAndDNSKEYHandler(res, domain, domain, type, keys, false); - } - return genericDSAndDNSKEYHandler(res, domain, domain, type, keys); + if (type == QType::DS || type == QType::DNSKEY) { + if (domain == target) { + /* there is no cut */ + return genericDSAndDNSKEYHandler(res, domain, domain, type, keys, false); } + return genericDSAndDNSKEYHandler(res, domain, domain, type, keys); + } - return 0; - }); + return 0; + }); vector ret; /* first query does not require validation */ @@ -468,7 +475,8 @@ BOOST_AUTO_TEST_CASE(test_dnssec_validation_from_negcache_secure_ds) { BOOST_CHECK_EQUAL(queriesCount, 4U); } -BOOST_AUTO_TEST_CASE(test_dnssec_validation_from_negcache_insecure) { +BOOST_AUTO_TEST_CASE(test_dnssec_validation_from_negcache_insecure) +{ /* Validation is optional, and the first query does not ask for it, so the answer is negatively cached as Indeterminate. @@ -490,23 +498,23 @@ BOOST_AUTO_TEST_CASE(test_dnssec_validation_from_negcache_insecure) { size_t queriesCount = 0; - sr->setAsyncCallback([target,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - queriesCount++; + sr->setAsyncCallback([target, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queriesCount++; - DNSName auth = domain; - auth.chopOff(); + DNSName auth = domain; + auth.chopOff(); - if (type == QType::DS || type == QType::DNSKEY) { - return genericDSAndDNSKEYHandler(res, domain, auth, type, keys); - } - else { - setLWResult(res, RCode::NoError, true, false, true); - addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); - return 1; - } + if (type == QType::DS || type == QType::DNSKEY) { + return genericDSAndDNSKEYHandler(res, domain, auth, type, keys); + } + else { + setLWResult(res, RCode::NoError, true, false, true); + addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 3600); + return 1; + } - return 0; - }); + return 0; + }); vector ret; /* first query does not require validation */ @@ -542,7 +550,8 @@ BOOST_AUTO_TEST_CASE(test_dnssec_validation_from_negcache_insecure) { BOOST_CHECK_EQUAL(ne->DNSSECRecords.signatures.size(), 0U); } -BOOST_AUTO_TEST_CASE(test_dnssec_validation_from_negcache_bogus) { +BOOST_AUTO_TEST_CASE(test_dnssec_validation_from_negcache_bogus) +{ /* Validation is optional, and the first query does not ask for it, so the answer is negatively cached as Indeterminate. @@ -566,25 +575,25 @@ BOOST_AUTO_TEST_CASE(test_dnssec_validation_from_negcache_bogus) { size_t queriesCount = 0; - sr->setAsyncCallback([target,&queriesCount,keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - queriesCount++; + sr->setAsyncCallback([target, &queriesCount, keys](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queriesCount++; - DNSName auth = domain; - auth.chopOff(); + DNSName auth = domain; + auth.chopOff(); - if (type == QType::DS || type == QType::DNSKEY) { - return genericDSAndDNSKEYHandler(res, domain, auth, type, keys); - } - else { - setLWResult(res, RCode::NoError, true, false, true); - addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 86400); - addRRSIG(keys, res->d_records, domain, 86400); - /* no denial */ - return 1; - } + if (type == QType::DS || type == QType::DNSKEY) { + return genericDSAndDNSKEYHandler(res, domain, auth, type, keys); + } + else { + setLWResult(res, RCode::NoError, true, false, true); + addRecordToLW(res, domain, QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY, 86400); + addRRSIG(keys, res->d_records, domain, 86400); + /* no denial */ + return 1; + } - return 0; - }); + return 0; + }); SyncRes::s_maxbogusttl = 60; SyncRes::s_maxnegttl = 3600; @@ -653,7 +662,8 @@ BOOST_AUTO_TEST_CASE(test_dnssec_validation_from_negcache_bogus) { BOOST_CHECK_EQUAL(ne->DNSSECRecords.signatures.size(), 0U); } -BOOST_AUTO_TEST_CASE(test_lowercase_outgoing) { +BOOST_AUTO_TEST_CASE(test_lowercase_outgoing) +{ g_lowercaseOutgoing = true; std::unique_ptr sr; initSR(sr); @@ -666,36 +676,37 @@ BOOST_AUTO_TEST_CASE(test_lowercase_outgoing) { const DNSName cname("WWW.PowerDNS.org"); sr->setAsyncCallback([target, cname, &sentOutQnames](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + sentOutQnames.push_back(domain); - sentOutQnames.push_back(domain); - - if (isRootServer(ip)) { - if (domain == target) { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, "powerdns.com.", QType::NS, "pdns-public-ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800); - addRecordToLW(res, "pdns-public-ns1.powerdns.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - return 1; - } - if (domain == cname) { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, "powerdns.org.", QType::NS, "pdns-public-ns1.powerdns.org.", DNSResourceRecord::AUTHORITY, 172800); - addRecordToLW(res, "pdns-public-ns1.powerdns.org.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); - return 1; - } - } else if (ip == ComboAddress("192.0.2.1:53")) { - if (domain == target) { - setLWResult(res, 0, true, false, false); - addRecordToLW(res, domain, QType::CNAME, cname.toString()); - return 1; - } - } else if (ip == ComboAddress("192.0.2.2:53")) { - if (domain == cname) { - setLWResult(res, 0, true, false, false); - addRecordToLW(res, domain, QType::A, "127.0.0.1"); - return 1; - } + if (isRootServer(ip)) { + if (domain == target) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, "powerdns.com.", QType::NS, "pdns-public-ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800); + addRecordToLW(res, "pdns-public-ns1.powerdns.com.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); + return 1; } - return 0; + if (domain == cname) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, "powerdns.org.", QType::NS, "pdns-public-ns1.powerdns.org.", DNSResourceRecord::AUTHORITY, 172800); + addRecordToLW(res, "pdns-public-ns1.powerdns.org.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 3600); + return 1; + } + } + else if (ip == ComboAddress("192.0.2.1:53")) { + if (domain == target) { + setLWResult(res, 0, true, false, false); + addRecordToLW(res, domain, QType::CNAME, cname.toString()); + return 1; + } + } + else if (ip == ComboAddress("192.0.2.2:53")) { + if (domain == cname) { + setLWResult(res, 0, true, false, false); + addRecordToLW(res, domain, QType::A, "127.0.0.1"); + return 1; + } + } + return 0; }); vector ret; @@ -715,7 +726,8 @@ BOOST_AUTO_TEST_CASE(test_lowercase_outgoing) { g_lowercaseOutgoing = false; } -BOOST_AUTO_TEST_CASE(test_getDSRecords_multialgo) { +BOOST_AUTO_TEST_CASE(test_getDSRecords_multialgo) +{ std::unique_ptr sr; initSR(sr, true); @@ -738,18 +750,18 @@ BOOST_AUTO_TEST_CASE(test_getDSRecords_multialgo) { keys2.insert(*rootkey); sr->setAsyncCallback([target, keys, keys2](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - DNSName auth = domain; - auth.chopOff(); - if (type == QType::DS || type == QType::DNSKEY) { - if (domain == target) { - if (genericDSAndDNSKEYHandler(res, domain, auth, type, keys2) != 1) { - return 0; - } + DNSName auth = domain; + auth.chopOff(); + if (type == QType::DS || type == QType::DNSKEY) { + if (domain == target) { + if (genericDSAndDNSKEYHandler(res, domain, auth, type, keys2) != 1) { + return 0; } - return genericDSAndDNSKEYHandler(res, domain, auth, type, keys); } - return 0; - }); + return genericDSAndDNSKEYHandler(res, domain, auth, type, keys); + } + return 0; + }); dsmap_t ds; auto state = sr->getDSRecords(target, ds, false, 0, false); @@ -760,7 +772,8 @@ BOOST_AUTO_TEST_CASE(test_getDSRecords_multialgo) { } } -BOOST_AUTO_TEST_CASE(test_getDSRecords_multialgo_all_sha) { +BOOST_AUTO_TEST_CASE(test_getDSRecords_multialgo_all_sha) +{ std::unique_ptr sr; initSR(sr, true); @@ -787,21 +800,21 @@ BOOST_AUTO_TEST_CASE(test_getDSRecords_multialgo_all_sha) { keys3.insert(*rootkey); sr->setAsyncCallback([target, keys, keys2, keys3](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - DNSName auth = domain; - auth.chopOff(); - if (type == QType::DS || type == QType::DNSKEY) { - if (domain == target) { - if (genericDSAndDNSKEYHandler(res, domain, auth, type, keys2) != 1) { - return 0; - } - if (genericDSAndDNSKEYHandler(res, domain, auth, type, keys3) != 1) { - return 0; - } + DNSName auth = domain; + auth.chopOff(); + if (type == QType::DS || type == QType::DNSKEY) { + if (domain == target) { + if (genericDSAndDNSKEYHandler(res, domain, auth, type, keys2) != 1) { + return 0; + } + if (genericDSAndDNSKEYHandler(res, domain, auth, type, keys3) != 1) { + return 0; } - return genericDSAndDNSKEYHandler(res, domain, auth, type, keys); } - return 0; - }); + return genericDSAndDNSKEYHandler(res, domain, auth, type, keys); + } + return 0; + }); dsmap_t ds; auto state = sr->getDSRecords(target, ds, false, 0, false); @@ -812,7 +825,8 @@ BOOST_AUTO_TEST_CASE(test_getDSRecords_multialgo_all_sha) { } } -BOOST_AUTO_TEST_CASE(test_getDSRecords_multialgo_two_highest) { +BOOST_AUTO_TEST_CASE(test_getDSRecords_multialgo_two_highest) +{ std::unique_ptr sr; initSR(sr, true); @@ -839,21 +853,21 @@ BOOST_AUTO_TEST_CASE(test_getDSRecords_multialgo_two_highest) { keys3.insert(*rootkey); sr->setAsyncCallback([target, keys, keys2, keys3](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - DNSName auth = domain; - auth.chopOff(); - if (type == QType::DS || type == QType::DNSKEY) { - if (domain == target) { - if (genericDSAndDNSKEYHandler(res, domain, auth, type, keys2) != 1) { - return 0; - } - if (genericDSAndDNSKEYHandler(res, domain, auth, type, keys3) != 1) { - return 0; - } + DNSName auth = domain; + auth.chopOff(); + if (type == QType::DS || type == QType::DNSKEY) { + if (domain == target) { + if (genericDSAndDNSKEYHandler(res, domain, auth, type, keys2) != 1) { + return 0; + } + if (genericDSAndDNSKEYHandler(res, domain, auth, type, keys3) != 1) { + return 0; } - return genericDSAndDNSKEYHandler(res, domain, auth, type, keys); } - return 0; - }); + return genericDSAndDNSKEYHandler(res, domain, auth, type, keys); + } + return 0; + }); dsmap_t ds; auto state = sr->getDSRecords(target, ds, false, 0, false); @@ -864,7 +878,8 @@ BOOST_AUTO_TEST_CASE(test_getDSRecords_multialgo_two_highest) { } } -BOOST_AUTO_TEST_CASE(test_cname_plus_authority_ns_ttl) { +BOOST_AUTO_TEST_CASE(test_cname_plus_authority_ns_ttl) +{ std::unique_ptr sr; initSR(sr); @@ -875,33 +890,33 @@ BOOST_AUTO_TEST_CASE(test_cname_plus_authority_ns_ttl) { size_t queriesCount = 0; sr->setAsyncCallback([target, cnameTarget, &queriesCount](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queriesCount++; - queriesCount++; - - if (isRootServer(ip)) { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, DNSName("powerdns.com"), QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 42); - addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); + if (isRootServer(ip)) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, DNSName("powerdns.com"), QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 42); + addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); + return 1; + } + else if (ip == ComboAddress("192.0.2.1:53")) { + if (domain == target) { + setLWResult(res, 0, true, false, false); + addRecordToLW(res, domain, QType::CNAME, cnameTarget.toString()); + addRecordToLW(res, cnameTarget, QType::A, "192.0.2.2"); + addRecordToLW(res, DNSName("powerdns.com."), QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800); + addRecordToLW(res, DNSName("a.gtld-servers.net."), QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); return 1; - } else if (ip == ComboAddress("192.0.2.1:53")) { - if (domain == target) { - setLWResult(res, 0, true, false, false); - addRecordToLW(res, domain, QType::CNAME, cnameTarget.toString()); - addRecordToLW(res, cnameTarget, QType::A, "192.0.2.2"); - addRecordToLW(res, DNSName("powerdns.com."), QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800); - addRecordToLW(res, DNSName("a.gtld-servers.net."), QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - return 1; - } - else if (domain == cnameTarget) { - setLWResult(res, 0, true, false, false); - addRecordToLW(res, domain, QType::A, "192.0.2.2"); - } - - return 1; + } + else if (domain == cnameTarget) { + setLWResult(res, 0, true, false, false); + addRecordToLW(res, domain, QType::A, "192.0.2.2"); } - return 0; - }); + return 1; + } + + return 0; + }); const time_t now = sr->getNow().tv_sec; vector ret; @@ -936,7 +951,8 @@ BOOST_AUTO_TEST_CASE(test_cname_plus_authority_ns_ttl) { BOOST_CHECK_EQUAL(wasAuth, false); } -BOOST_AUTO_TEST_CASE(test_records_sanitization_general) { +BOOST_AUTO_TEST_CASE(test_records_sanitization_general) +{ std::unique_ptr sr; initSR(sr); @@ -945,23 +961,22 @@ BOOST_AUTO_TEST_CASE(test_records_sanitization_general) { const DNSName target("sanitization.powerdns.com."); sr->setAsyncCallback([target](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - - setLWResult(res, 0, true, false, true); - addRecordToLW(res, domain, QType::A, "192.0.2.1"); - /* should be scrubbed because it doesn't match the QType */ - addRecordToLW(res, domain, QType::AAAA, "2001:db8::1"); - /* should be scrubbed because the DNAME is not relevant to the qname */ - addRecordToLW(res, DNSName("not-sanitization.powerdns.com."), QType::DNAME, "not-sanitization.powerdns.net."); - /* should be scrubbed because a MX has no reason to show up in AUTHORITY */ - addRecordToLW(res, domain, QType::MX, "10 mx.powerdns.com.", DNSResourceRecord::AUTHORITY); - /* should be scrubbed because the SOA name is not relevant to the qname */ - addRecordToLW(res, DNSName("not-sanitization.powerdns.com."), QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY); - /* should be scrubbed because types other than A or AAAA are not really supposed to show up in ADDITIONAL */ - addRecordToLW(res, domain, QType::TXT, "TXT", DNSResourceRecord::ADDITIONAL); - /* should be scrubbed because it doesn't match any of the accepted names in this answer (mostly 'domain') */ - addRecordToLW(res, DNSName("powerdns.com."), QType::AAAA, "2001:db8::1", DNSResourceRecord::ADDITIONAL); - return 1; - }); + setLWResult(res, 0, true, false, true); + addRecordToLW(res, domain, QType::A, "192.0.2.1"); + /* should be scrubbed because it doesn't match the QType */ + addRecordToLW(res, domain, QType::AAAA, "2001:db8::1"); + /* should be scrubbed because the DNAME is not relevant to the qname */ + addRecordToLW(res, DNSName("not-sanitization.powerdns.com."), QType::DNAME, "not-sanitization.powerdns.net."); + /* should be scrubbed because a MX has no reason to show up in AUTHORITY */ + addRecordToLW(res, domain, QType::MX, "10 mx.powerdns.com.", DNSResourceRecord::AUTHORITY); + /* should be scrubbed because the SOA name is not relevant to the qname */ + addRecordToLW(res, DNSName("not-sanitization.powerdns.com."), QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY); + /* should be scrubbed because types other than A or AAAA are not really supposed to show up in ADDITIONAL */ + addRecordToLW(res, domain, QType::TXT, "TXT", DNSResourceRecord::ADDITIONAL); + /* should be scrubbed because it doesn't match any of the accepted names in this answer (mostly 'domain') */ + addRecordToLW(res, DNSName("powerdns.com."), QType::AAAA, "2001:db8::1", DNSResourceRecord::ADDITIONAL); + return 1; + }); const time_t now = sr->getNow().tv_sec; @@ -982,7 +997,8 @@ BOOST_AUTO_TEST_CASE(test_records_sanitization_general) { BOOST_CHECK_EQUAL(t_RC->get(now, DNSName("powerdns.com."), QType(QType::AAAA), false, &cached, who), -1); } -BOOST_AUTO_TEST_CASE(test_records_sanitization_keep_relevant_additional_aaaa) { +BOOST_AUTO_TEST_CASE(test_records_sanitization_keep_relevant_additional_aaaa) +{ std::unique_ptr sr; initSR(sr); @@ -991,12 +1007,11 @@ BOOST_AUTO_TEST_CASE(test_records_sanitization_keep_relevant_additional_aaaa) { const DNSName target("sanitization.powerdns.com."); sr->setAsyncCallback([target](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - - setLWResult(res, 0, true, false, true); - addRecordToLW(res, domain, QType::A, "192.0.2.1"); - addRecordToLW(res, domain, QType::AAAA, "2001:db8::1", DNSResourceRecord::ADDITIONAL); - return 1; - }); + setLWResult(res, 0, true, false, true); + addRecordToLW(res, domain, QType::A, "192.0.2.1"); + addRecordToLW(res, domain, QType::AAAA, "2001:db8::1", DNSResourceRecord::ADDITIONAL); + return 1; + }); const time_t now = sr->getNow().tv_sec; @@ -1014,7 +1029,8 @@ BOOST_AUTO_TEST_CASE(test_records_sanitization_keep_relevant_additional_aaaa) { BOOST_CHECK_GT(t_RC->get(now, target, QType(QType::AAAA), false, &cached, who), 0); } -BOOST_AUTO_TEST_CASE(test_records_sanitization_keep_glue) { +BOOST_AUTO_TEST_CASE(test_records_sanitization_keep_glue) +{ std::unique_ptr sr; initSR(sr); @@ -1024,36 +1040,35 @@ BOOST_AUTO_TEST_CASE(test_records_sanitization_keep_glue) { size_t queriesCount = 0; - sr->setAsyncCallback([target,&queriesCount](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + sr->setAsyncCallback([target, &queriesCount](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { + queriesCount++; - queriesCount++; - - if (isRootServer(ip)) { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800); - addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - addRecordToLW(res, "a.gtld-servers.net.", QType::AAAA, "2001:DB8::1", DNSResourceRecord::ADDITIONAL, 3600); - return 1; - } - else if (ip == ComboAddress("192.0.2.1:53") || ip == ComboAddress("[2001:DB8::1]:53")) { - setLWResult(res, 0, false, false, true); - addRecordToLW(res, "powerdns.com.", QType::NS, "pdns-public-ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800); - addRecordToLW(res, "powerdns.com.", QType::NS, "pdns-public-ns2.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800); - addRecordToLW(res, "pdns-public-ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 172800); - addRecordToLW(res, "pdns-public-ns1.powerdns.com.", QType::AAAA, "2001:DB8::2", DNSResourceRecord::ADDITIONAL, 172800); - addRecordToLW(res, "pdns-public-ns2.powerdns.com.", QType::A, "192.0.2.3", DNSResourceRecord::ADDITIONAL, 172800); - addRecordToLW(res, "pdns-public-ns2.powerdns.com.", QType::AAAA, "2001:DB8::3", DNSResourceRecord::ADDITIONAL, 172800); - return 1; - } - else if (ip == ComboAddress("192.0.2.2:53") || ip == ComboAddress("192.0.2.3:53") || ip == ComboAddress("[2001:DB8::2]:53") || ip == ComboAddress("[2001:DB8::3]:53")) { - setLWResult(res, 0, true, false, true); - addRecordToLW(res, target, QType::A, "192.0.2.4"); - return 1; - } - else { - return 0; - } - }); + if (isRootServer(ip)) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, "com.", QType::NS, "a.gtld-servers.net.", DNSResourceRecord::AUTHORITY, 172800); + addRecordToLW(res, "a.gtld-servers.net.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); + addRecordToLW(res, "a.gtld-servers.net.", QType::AAAA, "2001:DB8::1", DNSResourceRecord::ADDITIONAL, 3600); + return 1; + } + else if (ip == ComboAddress("192.0.2.1:53") || ip == ComboAddress("[2001:DB8::1]:53")) { + setLWResult(res, 0, false, false, true); + addRecordToLW(res, "powerdns.com.", QType::NS, "pdns-public-ns1.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800); + addRecordToLW(res, "powerdns.com.", QType::NS, "pdns-public-ns2.powerdns.com.", DNSResourceRecord::AUTHORITY, 172800); + addRecordToLW(res, "pdns-public-ns1.powerdns.com.", QType::A, "192.0.2.2", DNSResourceRecord::ADDITIONAL, 172800); + addRecordToLW(res, "pdns-public-ns1.powerdns.com.", QType::AAAA, "2001:DB8::2", DNSResourceRecord::ADDITIONAL, 172800); + addRecordToLW(res, "pdns-public-ns2.powerdns.com.", QType::A, "192.0.2.3", DNSResourceRecord::ADDITIONAL, 172800); + addRecordToLW(res, "pdns-public-ns2.powerdns.com.", QType::AAAA, "2001:DB8::3", DNSResourceRecord::ADDITIONAL, 172800); + return 1; + } + else if (ip == ComboAddress("192.0.2.2:53") || ip == ComboAddress("192.0.2.3:53") || ip == ComboAddress("[2001:DB8::2]:53") || ip == ComboAddress("[2001:DB8::3]:53")) { + setLWResult(res, 0, true, false, true); + addRecordToLW(res, target, QType::A, "192.0.2.4"); + return 1; + } + else { + return 0; + } + }); const time_t now = sr->getNow().tv_sec; @@ -1078,7 +1093,8 @@ BOOST_AUTO_TEST_CASE(test_records_sanitization_keep_glue) { BOOST_CHECK_GT(t_RC->get(now, DNSName("pdns-public-ns2.powerdns.com."), QType(QType::AAAA), false, &cached, who), 0); } -BOOST_AUTO_TEST_CASE(test_records_sanitization_scrubs_ns_nxd) { +BOOST_AUTO_TEST_CASE(test_records_sanitization_scrubs_ns_nxd) +{ std::unique_ptr sr; initSR(sr); @@ -1087,14 +1103,13 @@ BOOST_AUTO_TEST_CASE(test_records_sanitization_scrubs_ns_nxd) { const DNSName target("sanitization-ns-nxd.powerdns.com."); sr->setAsyncCallback([target](const ComboAddress& ip, const DNSName& domain, int type, bool doTCP, bool sendRDQuery, int EDNS0Level, struct timeval* now, boost::optional& srcmask, boost::optional context, LWResult* res, bool* chained) { - - setLWResult(res, RCode::NXDomain, true, false, true); - addRecordToLW(res, "powerdns.com.", QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY); - addRecordToLW(res, "powerdns.com.", QType::NS, "spoofed.ns.", DNSResourceRecord::AUTHORITY, 172800); - addRecordToLW(res, "spoofed.ns.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); - addRecordToLW(res, "spoofed.ns.", QType::AAAA, "2001:DB8::1", DNSResourceRecord::ADDITIONAL, 3600); - return 1; - }); + setLWResult(res, RCode::NXDomain, true, false, true); + addRecordToLW(res, "powerdns.com.", QType::SOA, "pdns-public-ns1.powerdns.com. pieter\\.lexis.powerdns.com. 2017032301 10800 3600 604800 3600", DNSResourceRecord::AUTHORITY); + addRecordToLW(res, "powerdns.com.", QType::NS, "spoofed.ns.", DNSResourceRecord::AUTHORITY, 172800); + addRecordToLW(res, "spoofed.ns.", QType::A, "192.0.2.1", DNSResourceRecord::ADDITIONAL, 3600); + addRecordToLW(res, "spoofed.ns.", QType::AAAA, "2001:DB8::1", DNSResourceRecord::ADDITIONAL, 3600); + return 1; + }); const time_t now = sr->getNow().tv_sec; diff --git a/pdns/recursordist/test-xpf_cc.cc b/pdns/recursordist/test-xpf_cc.cc index d0100783d8..02abbad37a 100644 --- a/pdns/recursordist/test-xpf_cc.cc +++ b/pdns/recursordist/test-xpf_cc.cc @@ -10,7 +10,8 @@ BOOST_AUTO_TEST_SUITE(xpf_cc) -BOOST_AUTO_TEST_CASE(test_generateXPFPayload) { +BOOST_AUTO_TEST_CASE(test_generateXPFPayload) +{ /* Mixing v4 with v6 should throw */ BOOST_CHECK_THROW(generateXPFPayload(false, ComboAddress("192.0.2.1"), ComboAddress("2001:db8::1")), std::runtime_error); @@ -83,10 +84,10 @@ BOOST_AUTO_TEST_CASE(test_generateXPFPayload) { BOOST_CHECK_EQUAL(parsedSource.toStringWithPort(), source.toStringWithPort()); BOOST_CHECK_EQUAL(parsedDestination.toStringWithPort(), destination.toStringWithPort()); } - } -BOOST_AUTO_TEST_CASE(test_parseXPFPayload) { +BOOST_AUTO_TEST_CASE(test_parseXPFPayload) +{ /* invalid sizes */ { @@ -100,7 +101,6 @@ BOOST_AUTO_TEST_CASE(test_parseXPFPayload) { BOOST_CHECK_EQUAL(parseXPFPayload(nullptr, 39, source, &destination), false); } - { /* invalid protocol */ ComboAddress source("[2001:db8::1]:42"); @@ -134,7 +134,6 @@ BOOST_AUTO_TEST_CASE(test_parseXPFPayload) { ComboAddress source("192.0.2.1:53"); ComboAddress destination("192.0.2.2:65535"); - auto payload = generateXPFPayload(true, source, destination); /* set version to 6 */ payload.at(0) = 6; @@ -149,7 +148,6 @@ BOOST_AUTO_TEST_CASE(test_parseXPFPayload) { ComboAddress source("[2001:db8::1]:42"); ComboAddress destination("[::1]:65535"); - auto payload = generateXPFPayload(true, source, destination); /* set version to 4 */ payload.at(0) = 4; @@ -173,8 +171,6 @@ BOOST_AUTO_TEST_CASE(test_parseXPFPayload) { BOOST_CHECK(parseXPFPayload(payload.c_str(), payload.size(), parsedSource, nullptr)); BOOST_CHECK_EQUAL(parsedSource.toStringWithPort(), source.toStringWithPort()); } - } - BOOST_AUTO_TEST_SUITE_END() diff --git a/pdns/recursordist/testrunner.cc b/pdns/recursordist/testrunner.cc index 1c26d678b8..1aff2b5a15 100644 --- a/pdns/recursordist/testrunner.cc +++ b/pdns/recursordist/testrunner.cc @@ -29,7 +29,8 @@ #include #include -bool init_unit_test() { +bool init_unit_test() +{ reportAllTypes(); return true; } @@ -37,5 +38,5 @@ bool init_unit_test() { // entry point: int main(int argc, char* argv[]) { - return boost::unit_test::unit_test_main( &init_unit_test, argc, argv ); + return boost::unit_test::unit_test_main(&init_unit_test, argc, argv); }