From ba5f46ae28b9502294424aaa90ff9dad729de757 Mon Sep 17 00:00:00 2001 From: Remi Gacogne Date: Thu, 28 May 2020 18:54:20 +0200 Subject: [PATCH] rec: Add a regression test for the RPZ updates with several deltas --- regression-tests.recursor-dnssec/test_RPZ.py | 34 ++++++++++++++++++-- 1 file changed, 32 insertions(+), 2 deletions(-) diff --git a/regression-tests.recursor-dnssec/test_RPZ.py b/regression-tests.recursor-dnssec/test_RPZ.py index 8341a8cd5a..593db43768 100644 --- a/regression-tests.recursor-dnssec/test_RPZ.py +++ b/regression-tests.recursor-dnssec/test_RPZ.py @@ -28,7 +28,7 @@ class RPZServer(object): return False if newSerial != self._currentSerial + 1: - raise AssertionError("Asking the RPZ server to server serial %d, already serving %d" % (newSerial, self._currentSerial)) + raise AssertionError("Asking the RPZ server to serve serial %d, already serving %d" % (newSerial, self._currentSerial)) self._targetSerial = newSerial return True @@ -136,12 +136,27 @@ class RPZServer(object): dns.rrset.from_text('zone.rpz.', 60, dns.rdataclass.IN, dns.rdatatype.SOA, 'ns.zone.rpz. hostmaster.zone.rpz. %d 3600 3600 3600 1' % newSerial) ] elif newSerial == 10: - # full AXFR to make sure we are removing the duplicate, adding a record, to the that the update was correctly applied + # full AXFR to make sure we are removing the duplicate, adding a record, to check that the update was correctly applied records = [ dns.rrset.from_text('zone.rpz.', 60, dns.rdataclass.IN, dns.rdatatype.SOA, 'ns.zone.rpz. hostmaster.zone.rpz. %d 3600 3600 3600 1' % newSerial), dns.rrset.from_text('f.example.zone.rpz.', 60, dns.rdataclass.IN, dns.rdatatype.A, '192.0.2.1'), dns.rrset.from_text('zone.rpz.', 60, dns.rdataclass.IN, dns.rdatatype.SOA, 'ns.zone.rpz. hostmaster.zone.rpz. %d 3600 3600 3600 1' % newSerial) ] + elif newSerial == 11: + # IXFR with two deltas, the first one adding a 'g' and the second one removing 'f' + records = [ + dns.rrset.from_text('zone.rpz.', 60, dns.rdataclass.IN, dns.rdatatype.SOA, 'ns.zone.rpz. hostmaster.zone.rpz. %d 3600 3600 3600 1' % (newSerial + 1)), + dns.rrset.from_text('zone.rpz.', 60, dns.rdataclass.IN, dns.rdatatype.SOA, 'ns.zone.rpz. hostmaster.zone.rpz. %d 3600 3600 3600 1' % oldSerial), + dns.rrset.from_text('zone.rpz.', 60, dns.rdataclass.IN, dns.rdatatype.SOA, 'ns.zone.rpz. hostmaster.zone.rpz. %d 3600 3600 3600 1' % newSerial), + dns.rrset.from_text('g.example.zone.rpz.', 60, dns.rdataclass.IN, dns.rdatatype.A, '192.0.2.1'), + dns.rrset.from_text('zone.rpz.', 60, dns.rdataclass.IN, dns.rdatatype.SOA, 'ns.zone.rpz. hostmaster.zone.rpz. %d 3600 3600 3600 1' % newSerial), + dns.rrset.from_text('f.example.zone.rpz.', 60, dns.rdataclass.IN, dns.rdatatype.A, '192.0.2.1'), + dns.rrset.from_text('zone.rpz.', 60, dns.rdataclass.IN, dns.rdatatype.SOA, 'ns.zone.rpz. hostmaster.zone.rpz. %d 3600 3600 3600 1' % (newSerial + 1)), + dns.rrset.from_text('zone.rpz.', 60, dns.rdataclass.IN, dns.rdatatype.SOA, 'ns.zone.rpz. hostmaster.zone.rpz. %d 3600 3600 3600 1' % (newSerial + 1)) + ] + # this one has two updates in one + newSerial = newSerial + 1 + self._targetSerial = self._targetSerial + 1 response.answer = records return (newSerial, response) @@ -490,6 +505,21 @@ e 3600 IN A 192.0.2.42 self.checkNXD('tc.example.') self.checkNXD('drop.example.') + # the next update will update the zone twice + rpzServer.moveToSerial(11) + time.sleep(3) + self.waitUntilCorrectSerialIsLoaded(12) + self.checkRPZStats(12, 1, 4, self._xfrDone) + self.checkNotBlocked('a.example.') + self.checkNotBlocked('b.example.') + self.checkNotBlocked('c.example.') + self.checkNotBlocked('d.example.') + self.checkNotBlocked('e.example.') + self.checkNXD('f.example.') + self.checkBlocked('g.example.') + self.checkNXD('tc.example.') + self.checkNXD('drop.example.') + class RPZFileRecursorTest(RPZRecursorTest): """ This test makes sure that we correctly load RPZ zones from a file -- 2.47.2