From: Remi Gacogne <remi.gacogne@powerdns.com>
Date: Wed, 13 Feb 2019 15:04:57 +0000 (+0100)
Subject: rec: Add a small regression test for 'max-cache-bogus-ttl'
X-Git-Tag: auth-4.2.0-beta1~12^2~1
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=c5b0071d4ad0513fdea56fc320d3cb4eb2646003;p=thirdparty%2Fpdns.git

rec: Add a small regression test for 'max-cache-bogus-ttl'
---

diff --git a/regression-tests.recursor-dnssec/basicDNSSEC.py b/regression-tests.recursor-dnssec/basicDNSSEC.py
index a630fac178..e754dffa84 100644
--- a/regression-tests.recursor-dnssec/basicDNSSEC.py
+++ b/regression-tests.recursor-dnssec/basicDNSSEC.py
@@ -11,16 +11,6 @@ class BasicDNSSEC(RecursorTest):
         confdir = os.path.join('configs', cls._confdir)
         cls.wipeRecursorCache(confdir)
 
-    @classmethod
-    def sendQuery(self, name, rdtype, useTCP=False):
-        """Helper function that creates the query"""
-        msg = dns.message.make_query(name, rdtype, want_dnssec=True)
-        msg.flags |= dns.flags.AD
-
-        if useTCP:
-            return self.sendTCPQuery(msg)
-        return self.sendUDPQuery(msg)
-
     def testSecureAnswer(self):
         res = self.sendQuery('ns.secure.example.', 'A')
         expected = dns.rrset.from_text('ns.secure.example.', 0, dns.rdataclass.IN, 'A', '{prefix}.10'.format(prefix=self._PREFIX))
diff --git a/regression-tests.recursor-dnssec/recursortests.py b/regression-tests.recursor-dnssec/recursortests.py
index 491aa89547..46ca97c467 100644
--- a/regression-tests.recursor-dnssec/recursortests.py
+++ b/regression-tests.recursor-dnssec/recursortests.py
@@ -804,3 +804,22 @@ distributor-threads=1""".format(confdir=confdir,
         print(expectedResponse)
         print(response)
         self.assertEquals(response, expectedResponse)
+
+    @classmethod
+    def sendQuery(cls, name, rdtype, useTCP=False):
+        """Helper function that creates the query"""
+        msg = dns.message.make_query(name, rdtype, want_dnssec=True)
+        msg.flags |= dns.flags.AD
+
+        if useTCP:
+            return cls.sendTCPQuery(msg)
+        return cls.sendUDPQuery(msg)
+
+    def createQuery(self, name, rdtype, flags, ednsflags):
+        """Helper function that creates the query with the specified flags.
+        The flags need to be strings (no checking is performed atm)"""
+        msg = dns.message.make_query(name, rdtype)
+        msg.flags = dns.flags.from_text(flags)
+        msg.flags += dns.flags.from_text('RD')
+        msg.use_edns(edns=0, ednsflags=dns.flags.edns_from_text(ednsflags))
+        return msg
diff --git a/regression-tests.recursor-dnssec/test_Flags.py b/regression-tests.recursor-dnssec/test_Flags.py
index 22b63c89d8..a550b9001d 100644
--- a/regression-tests.recursor-dnssec/test_Flags.py
+++ b/regression-tests.recursor-dnssec/test_Flags.py
@@ -76,15 +76,6 @@ class TestFlags(RecursorTest):
             cls._recursor = recursor
             cls.tearDownRecursor()
 
-    def createQuery(self, name, rdtype, flags, ednsflags):
-        """Helper function that creates the query with the specified flags.
-        The flags need to be strings (no checking is performed atm)"""
-        msg = dns.message.make_query(name, rdtype)
-        msg.flags = dns.flags.from_text(flags)
-        msg.flags += dns.flags.from_text('RD')
-        msg.use_edns(edns=0, ednsflags=dns.flags.edns_from_text(ednsflags))
-        return msg
-
     def getQueryForSecure(self, flags='', ednsflags=''):
         return self.createQuery('ns1.example.', 'A', flags, ednsflags)
 
diff --git a/regression-tests.recursor-dnssec/test_TTL.py b/regression-tests.recursor-dnssec/test_TTL.py
new file mode 100644
index 0000000000..68251572f0
--- /dev/null
+++ b/regression-tests.recursor-dnssec/test_TTL.py
@@ -0,0 +1,30 @@
+import dns
+import os
+from recursortests import RecursorTest
+
+class testBogusMaxTTL(RecursorTest):
+    _confdir = 'BogusMaxTTL'
+
+    _config_template = """dnssec=validate
+max-cache-bogus-ttl=5"""
+
+    @classmethod
+    def setUp(cls):
+        confdir = os.path.join('configs', cls._confdir)
+        cls.wipeRecursorCache(confdir)
+
+    def testBogusCheckDisabled(self):
+        # first query with CD=0, so we should get a ServFail
+        query = self.createQuery('ted.bogus.example.', 'A', 'AD', 'DO')
+        res = self.sendUDPQuery(query)
+        self.assertRcodeEqual(res, dns.rcode.SERVFAIL)
+
+        # then with CD=1 so we should get the A + RRSIG
+        # check that we correctly applied the maximum TTL when caching Bogus entries
+        query = self.createQuery('ted.bogus.example.', 'A', 'AD CD', 'DO')
+        res = self.sendUDPQuery(query)
+        self.assertMessageHasFlags(res, ['CD', 'QR', 'RA', 'RD'], ['DO'])
+        self.assertRcodeEqual(res, dns.rcode.NOERROR)
+        self.assertEquals(len(res.answer), 2)
+        for ans in res.answer:
+            self.assertLessEqual(ans.ttl, 5)