RUN pip3 install pylint
RUN pip3 install pep8
RUN pip3 install pytest-xdist
+# FIXME replace with dnspython >= 2.2.0 once released
+RUN pip3 install git+git://github.com/bwelling/dnspython.git@72348d4698a8f8b209fbdf9e72738904ad31b930
# tests/pytest dependencies: skip over broken versions
-RUN pip3 install 'dnspython != 2.0.0' jinja2 'pytest != 6.0.0' pytest-html pytest-xdist
+RUN pip3 install jinja2 'pytest != 6.0.0' pytest-html pytest-xdist
# apkg for packaging
RUN pip3 install apkg
policy.add(policy.suffix(policy.PASS, {todname('test.')}))
{% endif %}
+-- EDNS EDE tests
+policy.add(policy.suffix(policy.DENY, {todname('deny.test.')}))
+policy.add(policy.suffix(policy.REFUSE, {todname('refuse.test.')}))
+policy.add(policy.suffix(policy.ANSWER({ [kres.type.A] = { rdata=kres.str2ip('192.0.2.7'), ttl=300 } }), {todname('forge.test.')}))
+
-- make sure DNSSEC is turned off for tests
trust_anchors.remove('.')
modules.unload("ta_update")
--- /dev/null
+# SPDX-License-Identifier: GPL-3.0-or-later
+"""EDNS tests"""
+
+import dns
+import pytest
+
+import utils
+
+
+@pytest.mark.parametrize('dname, code, text', [
+ ('deny.test.', dns.edns.EDECode.BLOCKED, 'CR36'),
+ ('refuse.test.', dns.edns.EDECode.PROHIBITED, 'EIM4'),
+ ('forge.test.', dns.edns.EDECode.FORGED_ANSWER, '5DO5'),
+])
+def test_edns_ede(kresd_sock, dname, code, text):
+ """Check that kresd responds with EDNS EDE codes in selected cases."""
+ buff, msgid = utils.get_msgbuff(dname)
+ kresd_sock.sendall(buff)
+ answer = utils.receive_parse_answer(kresd_sock)
+ assert answer.id == msgid
+ assert answer.options[0].code == code
+ assert answer.options[0].text == text
qclass=dns.rdataclass.IN,
msgid=None):
"""Utility function to generate DNS wire format message"""
- msg = dns.message.make_query(qname, qtype, qclass)
+ msg = dns.message.make_query(qname, qtype, qclass, use_edns=True)
if msgid is not None:
msg.id = msgid
return msg.to_wire(), msg.id
projects / thirdparty / knot-resolver.git / commitdiff
