From: Stefan Metzmacher <metze@samba.org>
Date: Wed, 29 May 2024 12:15:45 +0000 (+0200)
Subject: python:tests/dns_tkey: let us have test_update_gss_tsig_tkey_req_{additional,answers}()
X-Git-Tag: samba-4.19.8~84
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f984b281c5fbe06328cc758a870baed175b46796;p=thirdparty%2Fsamba.git

python:tests/dns_tkey: let us have test_update_gss_tsig_tkey_req_{additional,answers}()

Also test using the additional record in the answers section.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13019

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 3c7cb85eaf8371be55a371601cc354440dab7a94)
---

diff --git a/python/samba/tests/dns_base.py b/python/samba/tests/dns_base.py
index fbba1773ac5..b8afc1f22a2 100644
--- a/python/samba/tests/dns_base.py
+++ b/python/samba/tests/dns_base.py
@@ -161,6 +161,10 @@ class DNSTest(TestCaseInTempDir):
             response = ndr.ndr_unpack(dns.name_packet, recv_packet_p,
                                       allow_remaining=allow_remaining)
             return (response, recv_packet)
+        except RuntimeError as re:
+            if s is not None:
+                s.close()
+            raise AssertionError(re)
         finally:
             if s is not None:
                 s.close()
@@ -198,6 +202,10 @@ class DNSTest(TestCaseInTempDir):
                 print(self.hexdump(recv_packet))
             response = ndr.ndr_unpack(dns.name_packet, recv_packet[2:])
 
+        except RuntimeError as re:
+            if s is not None:
+                s.close()
+            raise AssertionError(re)
         finally:
             if s is not None:
                 s.close()
diff --git a/python/samba/tests/dns_tkey.py b/python/samba/tests/dns_tkey.py
index 6d6bbd4973d..04cab75aa70 100644
--- a/python/samba/tests/dns_tkey.py
+++ b/python/samba/tests/dns_tkey.py
@@ -113,8 +113,8 @@ class TestDNSUpdates(DNSTKeyTest):
         rcode = self.search_record(self.newrecname)
         self.assert_rcode_equals(rcode, dns.DNS_RCODE_NXDOMAIN)
 
-    def test_update_tsig(self):
-        "test DNS update with correct TSIG record"
+    def test_update_gss_tsig_tkey_req_additional(self):
+        "test DNS update with correct gss-tsig record tkey req in additional"
 
         self.tkey_trans()
 
@@ -139,6 +139,32 @@ class TestDNSUpdates(DNSTKeyTest):
         rcode = self.search_record(self.newrecname)
         self.assert_rcode_equals(rcode, dns.DNS_RCODE_NXDOMAIN)
 
+    def test_update_gss_tsig_tkey_req_answers(self):
+        "test DNS update with correct gss-tsig record tsig req in answers"
+
+        self.tkey_trans(tkey_req_in_answers=True)
+
+        p = self.make_update_request()
+        mac = self.sign_packet(p, self.tkey['name'])
+        (response, response_p) = self.dns_transaction_udp(p, self.server_ip)
+        self.assert_dns_rcode_equals(response, dns.DNS_RCODE_OK)
+        self.verify_packet(response, response_p, mac)
+
+        # Check the record is around
+        rcode = self.search_record(self.newrecname)
+        self.assert_rcode_equals(rcode, dns.DNS_RCODE_OK)
+
+        # Now delete the record
+        p = self.make_update_request(delete=True)
+        mac = self.sign_packet(p, self.tkey['name'])
+        (response, response_p) = self.dns_transaction_udp(p, self.server_ip)
+        self.assert_dns_rcode_equals(response, dns.DNS_RCODE_OK)
+        self.verify_packet(response, response_p, mac)
+
+        # check it's gone
+        rcode = self.search_record(self.newrecname)
+        self.assert_rcode_equals(rcode, dns.DNS_RCODE_NXDOMAIN)
+
     def test_update_tsig_windows(self):
         "test DNS update with correct TSIG record (follow Windows pattern)"
 
diff --git a/selftest/knownfail.d/dns_tkey b/selftest/knownfail.d/dns_tkey
index fb0fca9ec58..141a3a405e3 100644
--- a/selftest/knownfail.d/dns_tkey
+++ b/selftest/knownfail.d/dns_tkey
@@ -3,3 +3,4 @@
 ^samba.tests.dns_tkey.__main__.TestDNSUpdates.test_tkey_gss_microsoft_com.fl2008r2dc
 ^samba.tests.dns_tkey.__main__.TestDNSUpdates.test_tkey_invalid_gss_MICROSOFT_com.fl2008r2dc
 ^samba.tests.dns_tkey.__main__.TestDNSUpdates.test_tkey_invalid_gss_TSIG.fl2008r2dc
+^samba.tests.dns_tkey.__main__.TestDNSUpdates.test_update_gss_tsig_tkey_req_answers.fl2008r2dc