Commit ce39e53b authored by Jelte Jansen's avatar Jelte Jansen
Browse files

[1696] tweaks and comments

parent d1f64eda
Feature: NSEC3 Authoritative service
This feature tests NSEC3 as defined in RFC5155, using the example
zone from appendix A and testing responses appendix B.
Additional tests can be added as well
# Data is taken directly from RFC5155; with 1 changes:
# inserted whitespace in base64 output where it is inserted by dig
zone from appendix A and testing the example responses from appendix B.
Additional tests can be added as well.
# Response section data is taken directly from RFC5155
# It has been modified slightly; it has been 'flattened' (i.e. converted
# to 1-line RRs with TTL and class data), and whitespace has been added
# in the places where dig adds them too.
# Any other changes from the specific example data are added as inline
# comments.
Scenario: B.1. Name Error
Given I have bind10 running with configuration nsec3/nsec3_auth.config
......@@ -25,7 +30,6 @@ Feature: NSEC3 Authoritative service
35mthgpgcu1qg68fab165klnsnk3dpvl.example. 3600 IN RRSIG NSEC3 7 2 3600 20150420235959 20051021000000 40430 example. g6jPUUpduAJKRljUsN8gB4UagAX0NxY9shwQAynzo8EUWH+z6hEIBlUT PGj15eZll6VhQqgZXtAIR3chwgW+SA==
"""
Scenario: B.2. No Data Error
Given I have bind10 running with configuration nsec3/nsec3_auth.config
A dnssec query for ns1.example. type MX should have rcode NOERROR
......@@ -86,10 +90,11 @@ Feature: NSEC3 Authoritative service
A dnssec query for a.z.w.example. type MX should have rcode NOERROR
The last query response should have flags qr aa rd
# TODO: check DO bit?
# BUG: NO RRSIG IN WILDCARD RESPONSE!!!
# BUG: NO RRSIG IN WILDCARD RESPONSE!!! (see ticket #1701)
#The last query response should have ancount 2
The last query response should have nscount 5
The last query response should have adcount 9
# BUG: NO RRSIG IN WILDCARD RESPONSE!!! (see ticket #1701)
#The answer section of the last query response should be
#"""
#a.z.w.example. 3600 IN MX 1 ai.example.
......@@ -103,7 +108,8 @@ Feature: NSEC3 Authoritative service
q04jkcevqvmu85r014c7dkba38o0ji5r.example. 3600 IN NSEC3 1 1 12 aabbccdd r53bq7cc2uvmubfu5ocmm6pers9tk9en A RRSIG
q04jkcevqvmu85r014c7dkba38o0ji5r.example. 3600 IN RRSIG NSEC3 7 2 3600 20150420235959 20051021000000 40430 example. hV5I89b+4FHJDATp09g4bbN0R1F845CaXpL3ZxlMKimoPAyqletMlEWw LfFia7sdpSzn+ZlNNlkxWcLsIlMmUg==
"""
# This is slightly different from the example in RFC5155
# This is slightly different from the example in RFC5155; there are
# more RRs in the additional section.
The additional section of the last query response should be
"""
ai.example. 3600 IN A 192.0.2.9
......
......@@ -68,7 +68,7 @@ class QueryResult(object):
qclass: The RR class to query. Defaults to IN if it is None.
address: The IP adress to send the query to.
port: The port number to send the query to.
additional_args: List of additional arguments
additional_args: List of additional arguments (e.g. '+dnssec').
All parameters must be either strings or have the correct string
representation.
Only one query attempt will be made.
......@@ -183,8 +183,9 @@ class QueryResult(object):
"""
pass
@step('A (dnssec )?query for ([\w.-]+) (?:type ([A-Z0-9]+) )?(?:class ([A-Z]+) )?' +
'(?:to ([^:]+)(?::([0-9]+))? )?should have rcode ([\w.]+)')
@step('A (dnssec )?query for ([\w.-]+) (?:type ([A-Z0-9]+) )?' +
'(?:class ([A-Z]+) )?(?:to ([^:]+)(?::([0-9]+))? )?' +
'should have rcode ([\w.]+)')
def query(step, dnssec, query_name, qtype, qclass, addr, port, rcode):
"""
Run a query, check the rcode of the response, and store the query
......@@ -210,7 +211,8 @@ def query(step, dnssec, query_name, qtype, qclass, addr, port, rcode):
additional_arguments = []
if dnssec is not None:
additional_arguments.append("+dnssec")
query_result = QueryResult(query_name, qtype, qclass, addr, port, additional_arguments)
query_result = QueryResult(query_name, qtype, qclass, addr, port,
additional_arguments)
assert query_result.rcode == rcode,\
"Expected: " + rcode + ", got " + query_result.rcode
world.last_query_result = query_result
......@@ -262,9 +264,8 @@ def check_last_query_section(step, section):
section ('<section> section'): The name of the section (QUESTION, ANSWER,
AUTHORITY or ADDITIONAL).
The expected response is taken from the multiline part of the step in the
scenario. Differing whitespace is ignored, but currently the order is
significant.
The comparison is case insensitive.
scenario. Differing whitespace is ignored, the order of the lines is
ignored, and the comparison is case insensitive.
Fails if they do not match.
"""
response_string = None
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment