|
@@ -441,6 +441,8 @@ public:
|
|
|
{"0P9MHAVEQVM6T7VBL5LOP2U3T2RP3TOM.example.org. 300 IN "
|
|
{"0P9MHAVEQVM6T7VBL5LOP2U3T2RP3TOM.example.org. 300 IN "
|
|
|
"NSEC3 1 1 12 aabbccdd 2T7B4G4VSA5SMI47K61MV5BV1A22BOJR A RRSIG",
|
|
"NSEC3 1 1 12 aabbccdd 2T7B4G4VSA5SMI47K61MV5BV1A22BOJR A RRSIG",
|
|
|
&rr_nsec3_},
|
|
&rr_nsec3_},
|
|
|
|
|
+ {"example.org. 300 IN NSEC cname.example.org. A NS NSEC",
|
|
|
|
|
+ &rr_nsec_},
|
|
|
{NULL, NULL}
|
|
{NULL, NULL}
|
|
|
};
|
|
};
|
|
|
|
|
|
|
@@ -505,6 +507,7 @@ public:
|
|
|
RRsetPtr rr_not_wild_;
|
|
RRsetPtr rr_not_wild_;
|
|
|
RRsetPtr rr_not_wild_another_;
|
|
RRsetPtr rr_not_wild_another_;
|
|
|
RRsetPtr rr_nsec3_;
|
|
RRsetPtr rr_nsec3_;
|
|
|
|
|
+ RRsetPtr rr_nsec_;
|
|
|
|
|
|
|
|
// A faked NSEC3 hash calculator for convenience.
|
|
// A faked NSEC3 hash calculator for convenience.
|
|
|
// Tests that need to use the faked hashed values should call
|
|
// Tests that need to use the faked hashed values should call
|
|
@@ -984,6 +987,9 @@ InMemoryZoneFinderTest::findCheck(ZoneFinder::FindResultFlags expected_flags) {
|
|
|
if ((expected_flags & ZoneFinder::RESULT_NSEC3_SIGNED) != 0) {
|
|
if ((expected_flags & ZoneFinder::RESULT_NSEC3_SIGNED) != 0) {
|
|
|
EXPECT_EQ(SUCCESS, zone_finder_.add(rr_nsec3_));
|
|
EXPECT_EQ(SUCCESS, zone_finder_.add(rr_nsec3_));
|
|
|
}
|
|
}
|
|
|
|
|
+ if ((expected_flags & ZoneFinder::RESULT_NSEC_SIGNED) != 0) {
|
|
|
|
|
+ EXPECT_EQ(SUCCESS, zone_finder_.add(rr_nsec_));
|
|
|
|
|
+ }
|
|
|
|
|
|
|
|
// These two should be successful
|
|
// These two should be successful
|
|
|
findTest(origin_, RRType::NS(), ZoneFinder::SUCCESS, true, rr_ns_);
|
|
findTest(origin_, RRType::NS(), ZoneFinder::SUCCESS, true, rr_ns_);
|
|
@@ -1011,6 +1017,10 @@ TEST_F(InMemoryZoneFinderTest, findNSEC3Signed) {
|
|
|
findCheck(ZoneFinder::RESULT_NSEC3_SIGNED);
|
|
findCheck(ZoneFinder::RESULT_NSEC3_SIGNED);
|
|
|
}
|
|
}
|
|
|
|
|
|
|
|
|
|
+TEST_F(InMemoryZoneFinderTest, findNSECSigned) {
|
|
|
|
|
+ findCheck(ZoneFinder::RESULT_NSEC_SIGNED);
|
|
|
|
|
+}
|
|
|
|
|
+
|
|
|
void
|
|
void
|
|
|
InMemoryZoneFinderTest::emptyNodeCheck(
|
|
InMemoryZoneFinderTest::emptyNodeCheck(
|
|
|
ZoneFinder::FindResultFlags expected_flags)
|
|
ZoneFinder::FindResultFlags expected_flags)
|
|
@@ -1039,6 +1049,9 @@ InMemoryZoneFinderTest::emptyNodeCheck(
|
|
|
if ((expected_flags & ZoneFinder::RESULT_NSEC3_SIGNED) != 0) {
|
|
if ((expected_flags & ZoneFinder::RESULT_NSEC3_SIGNED) != 0) {
|
|
|
EXPECT_EQ(SUCCESS, zone_finder_.add(rr_nsec3_));
|
|
EXPECT_EQ(SUCCESS, zone_finder_.add(rr_nsec3_));
|
|
|
}
|
|
}
|
|
|
|
|
+ if ((expected_flags & ZoneFinder::RESULT_NSEC_SIGNED) != 0) {
|
|
|
|
|
+ EXPECT_EQ(SUCCESS, zone_finder_.add(rr_nsec_));
|
|
|
|
|
+ }
|
|
|
|
|
|
|
|
// empty node matching, easy case: the node for 'baz' exists with
|
|
// empty node matching, easy case: the node for 'baz' exists with
|
|
|
// no data.
|
|
// no data.
|
|
@@ -1066,6 +1079,10 @@ TEST_F(InMemoryZoneFinderTest, emptyNodeNSEC3) {
|
|
|
emptyNodeCheck(ZoneFinder::RESULT_NSEC3_SIGNED);
|
|
emptyNodeCheck(ZoneFinder::RESULT_NSEC3_SIGNED);
|
|
|
}
|
|
}
|
|
|
|
|
|
|
|
|
|
+TEST_F(InMemoryZoneFinderTest, emptyNodeNSEC) {
|
|
|
|
|
+ emptyNodeCheck(ZoneFinder::RESULT_NSEC_SIGNED);
|
|
|
|
|
+}
|
|
|
|
|
+
|
|
|
TEST_F(InMemoryZoneFinderTest, load) {
|
|
TEST_F(InMemoryZoneFinderTest, load) {
|
|
|
// Put some data inside the zone
|
|
// Put some data inside the zone
|
|
|
EXPECT_NO_THROW(EXPECT_EQ(result::SUCCESS, zone_finder_.add(rr_ns_)));
|
|
EXPECT_NO_THROW(EXPECT_EQ(result::SUCCESS, zone_finder_.add(rr_ns_)));
|
|
@@ -1200,6 +1217,9 @@ InMemoryZoneFinderTest::wildcardCheck(
|
|
|
if ((expected_flags & ZoneFinder::RESULT_NSEC3_SIGNED) != 0) {
|
|
if ((expected_flags & ZoneFinder::RESULT_NSEC3_SIGNED) != 0) {
|
|
|
EXPECT_EQ(SUCCESS, zone_finder_.add(rr_nsec3_));
|
|
EXPECT_EQ(SUCCESS, zone_finder_.add(rr_nsec3_));
|
|
|
}
|
|
}
|
|
|
|
|
+ if ((expected_flags & ZoneFinder::RESULT_NSEC_SIGNED) != 0) {
|
|
|
|
|
+ EXPECT_EQ(SUCCESS, zone_finder_.add(rr_nsec_));
|
|
|
|
|
+ }
|
|
|
|
|
|
|
|
// Search at the parent. The parent will not have the A, but it will
|
|
// Search at the parent. The parent will not have the A, but it will
|
|
|
// be in the wildcard (so check the wildcard isn't matched at the parent)
|
|
// be in the wildcard (so check the wildcard isn't matched at the parent)
|
|
@@ -1267,6 +1287,11 @@ TEST_F(InMemoryZoneFinderTest, wildcardNSEC3) {
|
|
|
wildcardCheck(ZoneFinder::RESULT_NSEC3_SIGNED);
|
|
wildcardCheck(ZoneFinder::RESULT_NSEC3_SIGNED);
|
|
|
}
|
|
}
|
|
|
|
|
|
|
|
|
|
+TEST_F(InMemoryZoneFinderTest, wildcardNSEC) {
|
|
|
|
|
+ // Similar to the previous one, but the zone signed with NSEC
|
|
|
|
|
+ wildcardCheck(ZoneFinder::RESULT_NSEC_SIGNED);
|
|
|
|
|
+}
|
|
|
|
|
+
|
|
|
/*
|
|
/*
|
|
|
* Test that we don't match a wildcard if we get under delegation.
|
|
* Test that we don't match a wildcard if we get under delegation.
|
|
|
* By 4.3.3 of RFC1034:
|
|
* By 4.3.3 of RFC1034:
|
|
@@ -1301,6 +1326,9 @@ InMemoryZoneFinderTest::anyWildcardCheck(
|
|
|
if ((expected_flags & ZoneFinder::RESULT_NSEC3_SIGNED) != 0) {
|
|
if ((expected_flags & ZoneFinder::RESULT_NSEC3_SIGNED) != 0) {
|
|
|
EXPECT_EQ(SUCCESS, zone_finder_.add(rr_nsec3_));
|
|
EXPECT_EQ(SUCCESS, zone_finder_.add(rr_nsec3_));
|
|
|
}
|
|
}
|
|
|
|
|
+ if ((expected_flags & ZoneFinder::RESULT_NSEC_SIGNED) != 0) {
|
|
|
|
|
+ EXPECT_EQ(SUCCESS, zone_finder_.add(rr_nsec_));
|
|
|
|
|
+ }
|
|
|
|
|
|
|
|
vector<ConstRRsetPtr> expected_sets;
|
|
vector<ConstRRsetPtr> expected_sets;
|
|
|
|
|
|
|
@@ -1335,6 +1363,10 @@ TEST_F(InMemoryZoneFinderTest, anyWildcardNSEC3) {
|
|
|
anyWildcardCheck(ZoneFinder::RESULT_NSEC3_SIGNED);
|
|
anyWildcardCheck(ZoneFinder::RESULT_NSEC3_SIGNED);
|
|
|
}
|
|
}
|
|
|
|
|
|
|
|
|
|
+TEST_F(InMemoryZoneFinderTest, anyWildcardNSEC) {
|
|
|
|
|
+ anyWildcardCheck(ZoneFinder::RESULT_NSEC_SIGNED);
|
|
|
|
|
+}
|
|
|
|
|
+
|
|
|
// Test there's nothing in the wildcard in the middle if we load
|
|
// Test there's nothing in the wildcard in the middle if we load
|
|
|
// wild.*.foo.example.org.
|
|
// wild.*.foo.example.org.
|
|
|
void
|
|
void
|
|
@@ -1351,6 +1383,9 @@ InMemoryZoneFinderTest::emptyWildcardCheck(
|
|
|
if ((expected_flags & ZoneFinder::RESULT_NSEC3_SIGNED) != 0) {
|
|
if ((expected_flags & ZoneFinder::RESULT_NSEC3_SIGNED) != 0) {
|
|
|
EXPECT_EQ(SUCCESS, zone_finder_.add(rr_nsec3_));
|
|
EXPECT_EQ(SUCCESS, zone_finder_.add(rr_nsec3_));
|
|
|
}
|
|
}
|
|
|
|
|
+ if ((expected_flags & ZoneFinder::RESULT_NSEC_SIGNED) != 0) {
|
|
|
|
|
+ EXPECT_EQ(SUCCESS, zone_finder_.add(rr_nsec_));
|
|
|
|
|
+ }
|
|
|
|
|
|
|
|
{
|
|
{
|
|
|
SCOPED_TRACE("Asking for the original record under wildcard");
|
|
SCOPED_TRACE("Asking for the original record under wildcard");
|
|
@@ -1395,6 +1430,10 @@ TEST_F(InMemoryZoneFinderTest, emptyWildcardNSEC3) {
|
|
|
emptyWildcardCheck(ZoneFinder::RESULT_NSEC3_SIGNED);
|
|
emptyWildcardCheck(ZoneFinder::RESULT_NSEC3_SIGNED);
|
|
|
}
|
|
}
|
|
|
|
|
|
|
|
|
|
+TEST_F(InMemoryZoneFinderTest, emptyWildcardNSEC) {
|
|
|
|
|
+ emptyWildcardCheck(ZoneFinder::RESULT_NSEC_SIGNED);
|
|
|
|
|
+}
|
|
|
|
|
+
|
|
|
// Same as emptyWildcard, but with multiple * in the path.
|
|
// Same as emptyWildcard, but with multiple * in the path.
|
|
|
TEST_F(InMemoryZoneFinderTest, nestedEmptyWildcard) {
|
|
TEST_F(InMemoryZoneFinderTest, nestedEmptyWildcard) {
|
|
|
EXPECT_EQ(SUCCESS, zone_finder_.add(rr_nested_emptywild_));
|
|
EXPECT_EQ(SUCCESS, zone_finder_.add(rr_nested_emptywild_));
|
Michal 'vorner' Vaner