|
|
@@ -34,6 +34,7 @@
|
|
|
#include <datasrc/memory_datasrc.h>
|
|
|
|
|
|
#include <auth/query.h>
|
|
|
+#include <auth/list.h>
|
|
|
|
|
|
#include <testutils/dnsmessage_test.h>
|
|
|
|
|
|
@@ -879,6 +880,7 @@ MockZoneFinder::find(const Name& name, const RRType& type,
|
|
|
class QueryTest : public ::testing::Test {
|
|
|
protected:
|
|
|
QueryTest() :
|
|
|
+ list(memory_client),
|
|
|
qname(Name("www.example.com")), qclass(RRClass::IN()),
|
|
|
qtype(RRType::A()), response(Message::RENDER),
|
|
|
qid(response.getQid()), query_code(Opcode::QUERY().getCode()),
|
|
|
@@ -902,6 +904,8 @@ protected:
|
|
|
// (originally named MemoryDataSrc) and was tested with it, so we keep
|
|
|
// it like this for now.
|
|
|
InMemoryClient memory_client;
|
|
|
+ // A wrapper client list to wrap the single data source.
|
|
|
+ SingletonList list;
|
|
|
const Name qname;
|
|
|
const RRClass qclass;
|
|
|
const RRType qtype;
|
|
|
@@ -953,20 +957,21 @@ TEST_F(QueryTest, noZone) {
|
|
|
// There's no zone in the memory datasource. So the response should have
|
|
|
// REFUSED.
|
|
|
InMemoryClient empty_memory_client;
|
|
|
- EXPECT_NO_THROW(query.process(empty_memory_client, qname, qtype,
|
|
|
+ SingletonList empty_list(empty_memory_client);
|
|
|
+ EXPECT_NO_THROW(query.process(empty_list, qname, qtype,
|
|
|
response));
|
|
|
EXPECT_EQ(Rcode::REFUSED(), response.getRcode());
|
|
|
}
|
|
|
|
|
|
TEST_F(QueryTest, exactMatch) {
|
|
|
- EXPECT_NO_THROW(query.process(memory_client, qname, qtype, response));
|
|
|
+ EXPECT_NO_THROW(query.process(list, qname, qtype, response));
|
|
|
// find match rrset
|
|
|
responseCheck(response, Rcode::NOERROR(), AA_FLAG, 1, 3, 3,
|
|
|
www_a_txt, zone_ns_txt, ns_addrs_txt);
|
|
|
}
|
|
|
|
|
|
TEST_F(QueryTest, exactMatchMultipleQueries) {
|
|
|
- EXPECT_NO_THROW(query.process(memory_client, qname, qtype, response));
|
|
|
+ EXPECT_NO_THROW(query.process(list, qname, qtype, response));
|
|
|
// find match rrset
|
|
|
responseCheck(response, Rcode::NOERROR(), AA_FLAG, 1, 3, 3,
|
|
|
www_a_txt, zone_ns_txt, ns_addrs_txt);
|
|
|
@@ -975,7 +980,7 @@ TEST_F(QueryTest, exactMatchMultipleQueries) {
|
|
|
response.clear(isc::dns::Message::RENDER);
|
|
|
response.setRcode(Rcode::NOERROR());
|
|
|
response.setOpcode(Opcode::QUERY());
|
|
|
- EXPECT_NO_THROW(query.process(memory_client, qname, qtype, response));
|
|
|
+ EXPECT_NO_THROW(query.process(list, qname, qtype, response));
|
|
|
// find match rrset
|
|
|
SCOPED_TRACE("Second query");
|
|
|
responseCheck(response, Rcode::NOERROR(), AA_FLAG, 1, 3, 3,
|
|
|
@@ -986,7 +991,7 @@ TEST_F(QueryTest, exactMatchIgnoreSIG) {
|
|
|
// Check that we do not include the RRSIG when not requested even when
|
|
|
// we receive it from the data source.
|
|
|
mock_finder->setIncludeRRSIGAnyway(true);
|
|
|
- EXPECT_NO_THROW(query.process(memory_client, qname, qtype, response));
|
|
|
+ EXPECT_NO_THROW(query.process(list, qname, qtype, response));
|
|
|
// find match rrset
|
|
|
responseCheck(response, Rcode::NOERROR(), AA_FLAG, 1, 3, 3,
|
|
|
www_a_txt, zone_ns_txt, ns_addrs_txt);
|
|
|
@@ -994,7 +999,7 @@ TEST_F(QueryTest, exactMatchIgnoreSIG) {
|
|
|
|
|
|
TEST_F(QueryTest, dnssecPositive) {
|
|
|
// Just like exactMatch, but the signatures should be included as well
|
|
|
- EXPECT_NO_THROW(query.process(memory_client, qname, qtype, response,
|
|
|
+ EXPECT_NO_THROW(query.process(list, qname, qtype, response,
|
|
|
true));
|
|
|
// find match rrset
|
|
|
responseCheck(response, Rcode::NOERROR(), AA_FLAG, 2, 4, 6,
|
|
|
@@ -1013,7 +1018,7 @@ TEST_F(QueryTest, dnssecPositive) {
|
|
|
TEST_F(QueryTest, exactAddrMatch) {
|
|
|
// find match rrset, omit additional data which has already been provided
|
|
|
// in the answer section from the additional.
|
|
|
- EXPECT_NO_THROW(query.process(memory_client,
|
|
|
+ EXPECT_NO_THROW(query.process(list,
|
|
|
Name("noglue.example.com"),
|
|
|
qtype, response));
|
|
|
|
|
|
@@ -1026,7 +1031,7 @@ TEST_F(QueryTest, exactAddrMatch) {
|
|
|
TEST_F(QueryTest, apexNSMatch) {
|
|
|
// find match rrset, omit authority data which has already been provided
|
|
|
// in the answer section from the authority section.
|
|
|
- EXPECT_NO_THROW(query.process(memory_client, Name("example.com"),
|
|
|
+ EXPECT_NO_THROW(query.process(list, Name("example.com"),
|
|
|
RRType::NS(), response));
|
|
|
|
|
|
responseCheck(response, Rcode::NOERROR(), AA_FLAG, 3, 0, 3,
|
|
|
@@ -1037,7 +1042,7 @@ TEST_F(QueryTest, apexNSMatch) {
|
|
|
TEST_F(QueryTest, exactAnyMatch) {
|
|
|
// find match rrset, omit additional data which has already been provided
|
|
|
// in the answer section from the additional.
|
|
|
- EXPECT_NO_THROW(query.process(memory_client, Name("noglue.example.com"),
|
|
|
+ EXPECT_NO_THROW(query.process(list, Name("noglue.example.com"),
|
|
|
RRType::ANY(), response));
|
|
|
|
|
|
responseCheck(response, Rcode::NOERROR(), AA_FLAG, 2, 3, 2,
|
|
|
@@ -1051,7 +1056,7 @@ TEST_F(QueryTest, exactAnyMatch) {
|
|
|
TEST_F(QueryTest, apexAnyMatch) {
|
|
|
// find match rrset, omit additional data which has already been provided
|
|
|
// in the answer section from the additional.
|
|
|
- EXPECT_NO_THROW(query.process(memory_client, Name("example.com"),
|
|
|
+ EXPECT_NO_THROW(query.process(list, Name("example.com"),
|
|
|
RRType::ANY(), response));
|
|
|
responseCheck(response, Rcode::NOERROR(), AA_FLAG, 5, 0, 3,
|
|
|
(string(soa_txt) + string(zone_ns_txt) +
|
|
|
@@ -1060,7 +1065,7 @@ TEST_F(QueryTest, apexAnyMatch) {
|
|
|
}
|
|
|
|
|
|
TEST_F(QueryTest, mxANYMatch) {
|
|
|
- EXPECT_NO_THROW(query.process(memory_client, Name("mx.example.com"),
|
|
|
+ EXPECT_NO_THROW(query.process(list, Name("mx.example.com"),
|
|
|
RRType::ANY(), response));
|
|
|
responseCheck(response, Rcode::NOERROR(), AA_FLAG, 4, 3, 4,
|
|
|
(string(mx_txt) + string(nsec_mx_txt)).c_str(), zone_ns_txt,
|
|
|
@@ -1068,14 +1073,14 @@ TEST_F(QueryTest, mxANYMatch) {
|
|
|
}
|
|
|
|
|
|
TEST_F(QueryTest, glueANYMatch) {
|
|
|
- EXPECT_NO_THROW(query.process(memory_client, Name("delegation.example.com"),
|
|
|
+ EXPECT_NO_THROW(query.process(list, Name("delegation.example.com"),
|
|
|
RRType::ANY(), response));
|
|
|
responseCheck(response, Rcode::NOERROR(), 0, 0, 4, 3,
|
|
|
NULL, delegation_txt, ns_addrs_txt);
|
|
|
}
|
|
|
|
|
|
TEST_F(QueryTest, nodomainANY) {
|
|
|
- EXPECT_NO_THROW(query.process(memory_client, Name("nxdomain.example.com"),
|
|
|
+ EXPECT_NO_THROW(query.process(list, Name("nxdomain.example.com"),
|
|
|
RRType::ANY(), response));
|
|
|
responseCheck(response, Rcode::NXDOMAIN(), AA_FLAG, 0, 1, 0,
|
|
|
NULL, soa_txt, NULL, mock_finder->getOrigin());
|
|
|
@@ -1088,13 +1093,13 @@ TEST_F(QueryTest, noApexNS) {
|
|
|
// Disable apex NS record
|
|
|
mock_finder->setApexNSFlag(false);
|
|
|
|
|
|
- EXPECT_THROW(query.process(memory_client, Name("noglue.example.com"), qtype,
|
|
|
+ EXPECT_THROW(query.process(list, Name("noglue.example.com"), qtype,
|
|
|
response), Query::NoApexNS);
|
|
|
// We don't look into the response, as it threw
|
|
|
}
|
|
|
|
|
|
TEST_F(QueryTest, delegation) {
|
|
|
- EXPECT_NO_THROW(query.process(memory_client,
|
|
|
+ EXPECT_NO_THROW(query.process(list,
|
|
|
Name("delegation.example.com"),
|
|
|
qtype, response));
|
|
|
|
|
|
@@ -1106,7 +1111,7 @@ TEST_F(QueryTest, delegationWithDNSSEC) {
|
|
|
// Similar to the previous one, but with requesting DNSSEC.
|
|
|
// In this case the parent zone would behave as unsigned, so the result
|
|
|
// should be just like non DNSSEC delegation.
|
|
|
- query.process(memory_client, Name("www.nosec-delegation.example.com"),
|
|
|
+ query.process(list, Name("www.nosec-delegation.example.com"),
|
|
|
qtype, response, true);
|
|
|
|
|
|
responseCheck(response, Rcode::NOERROR(), 0, 0, 1, 0,
|
|
|
@@ -1114,7 +1119,7 @@ TEST_F(QueryTest, delegationWithDNSSEC) {
|
|
|
}
|
|
|
|
|
|
TEST_F(QueryTest, secureDelegation) {
|
|
|
- EXPECT_NO_THROW(query.process(memory_client,
|
|
|
+ EXPECT_NO_THROW(query.process(list,
|
|
|
Name("foo.signed-delegation.example.com"),
|
|
|
qtype, response, true));
|
|
|
|
|
|
@@ -1129,7 +1134,7 @@ TEST_F(QueryTest, secureDelegation) {
|
|
|
}
|
|
|
|
|
|
TEST_F(QueryTest, secureUnsignedDelegation) {
|
|
|
- EXPECT_NO_THROW(query.process(memory_client,
|
|
|
+ EXPECT_NO_THROW(query.process(list,
|
|
|
Name("foo.unsigned-delegation.example.com"),
|
|
|
qtype, response, true));
|
|
|
|
|
|
@@ -1150,7 +1155,7 @@ TEST_F(QueryTest, secureUnsignedDelegationWithNSEC3) {
|
|
|
mock_finder->setNSEC3Flag(true);
|
|
|
mock_finder->addRecord(unsigned_delegation_nsec3_txt);
|
|
|
|
|
|
- query.process(memory_client,
|
|
|
+ query.process(list,
|
|
|
Name("foo.unsigned-delegation.example.com"),
|
|
|
qtype, response, true);
|
|
|
|
|
|
@@ -1169,7 +1174,7 @@ TEST_F(QueryTest, secureUnsignedDelegationWithNSEC3OptOut) {
|
|
|
// Similar to the previous case, but the delegation is an optout.
|
|
|
mock_finder->setNSEC3Flag(true);
|
|
|
|
|
|
- query.process(memory_client,
|
|
|
+ query.process(list,
|
|
|
Name("foo.unsigned-delegation.example.com"),
|
|
|
qtype, response, true);
|
|
|
|
|
|
@@ -1194,20 +1199,20 @@ TEST_F(QueryTest, secureUnsignedDelegationWithNSEC3OptOut) {
|
|
|
TEST_F(QueryTest, badSecureDelegation) {
|
|
|
// Test whether exception is raised if DS query at delegation results in
|
|
|
// something different than SUCCESS or NXRRSET
|
|
|
- EXPECT_THROW(query.process(memory_client,
|
|
|
+ EXPECT_THROW(query.process(list,
|
|
|
Name("bad-delegation.example.com"),
|
|
|
qtype, response, true), Query::BadDS);
|
|
|
|
|
|
// But only if DNSSEC is requested (it shouldn't even try to look for
|
|
|
// the DS otherwise)
|
|
|
- EXPECT_NO_THROW(query.process(memory_client,
|
|
|
+ EXPECT_NO_THROW(query.process(list,
|
|
|
Name("bad-delegation.example.com"),
|
|
|
qtype, response));
|
|
|
}
|
|
|
|
|
|
|
|
|
TEST_F(QueryTest, nxdomain) {
|
|
|
- EXPECT_NO_THROW(query.process(memory_client,
|
|
|
+ EXPECT_NO_THROW(query.process(list,
|
|
|
Name("nxdomain.example.com"), qtype,
|
|
|
response));
|
|
|
responseCheck(response, Rcode::NXDOMAIN(), AA_FLAG, 0, 1, 0,
|
|
|
@@ -1218,7 +1223,7 @@ TEST_F(QueryTest, nxdomainWithNSEC) {
|
|
|
// NXDOMAIN with DNSSEC proof. We should have SOA, NSEC that proves
|
|
|
// NXDOMAIN and NSEC that proves nonexistence of matching wildcard,
|
|
|
// as well as their RRSIGs.
|
|
|
- EXPECT_NO_THROW(query.process(memory_client,
|
|
|
+ EXPECT_NO_THROW(query.process(list,
|
|
|
Name("nxdomain.example.com"), qtype,
|
|
|
response, true));
|
|
|
responseCheck(response, Rcode::NXDOMAIN(), AA_FLAG, 0, 6, 0,
|
|
|
@@ -1239,7 +1244,7 @@ TEST_F(QueryTest, nxdomainWithNSEC2) {
|
|
|
// is derived from the next domain of the NSEC that proves NXDOMAIN, and
|
|
|
// the NSEC to provide the non existence of wildcard is different from
|
|
|
// the first NSEC.
|
|
|
- query.process(memory_client, Name("(.no.example.com"), qtype, response,
|
|
|
+ query.process(list, Name("(.no.example.com"), qtype, response,
|
|
|
true);
|
|
|
responseCheck(response, Rcode::NXDOMAIN(), AA_FLAG, 0, 6, 0,
|
|
|
NULL, (string(soa_txt) +
|
|
|
@@ -1257,7 +1262,7 @@ TEST_F(QueryTest, nxdomainWithNSEC2) {
|
|
|
TEST_F(QueryTest, nxdomainWithNSECDuplicate) {
|
|
|
// See comments about nz_txt. In this case we only need one NSEC,
|
|
|
// which proves both NXDOMAIN and the non existence of wildcard.
|
|
|
- query.process(memory_client, Name("nx.no.example.com"), qtype, response,
|
|
|
+ query.process(list, Name("nx.no.example.com"), qtype, response,
|
|
|
true);
|
|
|
responseCheck(response, Rcode::NXDOMAIN(), AA_FLAG, 0, 4, 0,
|
|
|
NULL, (string(soa_txt) +
|
|
|
@@ -1274,7 +1279,7 @@ TEST_F(QueryTest, nxdomainBadNSEC1) {
|
|
|
mock_finder->setNSECResult(Name("badnsec.example.com"),
|
|
|
ZoneFinder::NXDOMAIN,
|
|
|
mock_finder->dname_rrset_);
|
|
|
- EXPECT_THROW(query.process(memory_client, Name("badnsec.example.com"),
|
|
|
+ EXPECT_THROW(query.process(list, Name("badnsec.example.com"),
|
|
|
qtype, response, true),
|
|
|
std::bad_cast);
|
|
|
}
|
|
|
@@ -1284,7 +1289,7 @@ TEST_F(QueryTest, nxdomainBadNSEC2) {
|
|
|
mock_finder->setNSECResult(Name("emptynsec.example.com"),
|
|
|
ZoneFinder::NXDOMAIN,
|
|
|
mock_finder->empty_nsec_rrset_);
|
|
|
- EXPECT_THROW(query.process(memory_client, Name("emptynsec.example.com"),
|
|
|
+ EXPECT_THROW(query.process(list, Name("emptynsec.example.com"),
|
|
|
qtype, response, true),
|
|
|
Query::BadNSEC);
|
|
|
}
|
|
|
@@ -1294,7 +1299,7 @@ TEST_F(QueryTest, nxdomainBadNSEC3) {
|
|
|
mock_finder->setNSECResult(Name("*.example.com"),
|
|
|
ZoneFinder::SUCCESS,
|
|
|
mock_finder->dname_rrset_);
|
|
|
- EXPECT_THROW(query.process(memory_client, Name("nxdomain.example.com"),
|
|
|
+ EXPECT_THROW(query.process(list, Name("nxdomain.example.com"),
|
|
|
qtype, response, true),
|
|
|
Query::BadNSEC);
|
|
|
}
|
|
|
@@ -1303,7 +1308,7 @@ TEST_F(QueryTest, nxdomainBadNSEC4) {
|
|
|
// "no-wildcard proof" doesn't return RRset.
|
|
|
mock_finder->setNSECResult(Name("*.example.com"),
|
|
|
ZoneFinder::NXDOMAIN, ConstRRsetPtr());
|
|
|
- EXPECT_THROW(query.process(memory_client, Name("nxdomain.example.com"),
|
|
|
+ EXPECT_THROW(query.process(list, Name("nxdomain.example.com"),
|
|
|
qtype, response, true),
|
|
|
Query::BadNSEC);
|
|
|
}
|
|
|
@@ -1314,7 +1319,7 @@ TEST_F(QueryTest, nxdomainBadNSEC5) {
|
|
|
ZoneFinder::NXDOMAIN,
|
|
|
mock_finder->dname_rrset_);
|
|
|
// This is a bit odd, but we'll simply include the returned RRset.
|
|
|
- query.process(memory_client, Name("nxdomain.example.com"), qtype,
|
|
|
+ query.process(list, Name("nxdomain.example.com"), qtype,
|
|
|
response, true);
|
|
|
responseCheck(response, Rcode::NXDOMAIN(), AA_FLAG, 0, 6, 0,
|
|
|
NULL, (string(soa_txt) +
|
|
|
@@ -1334,13 +1339,13 @@ TEST_F(QueryTest, nxdomainBadNSEC6) {
|
|
|
mock_finder->setNSECResult(Name("*.example.com"),
|
|
|
ZoneFinder::NXDOMAIN,
|
|
|
mock_finder->empty_nsec_rrset_);
|
|
|
- EXPECT_THROW(query.process(memory_client, Name("nxdomain.example.com"),
|
|
|
+ EXPECT_THROW(query.process(list, Name("nxdomain.example.com"),
|
|
|
qtype, response, true),
|
|
|
Query::BadNSEC);
|
|
|
}
|
|
|
|
|
|
TEST_F(QueryTest, nxrrset) {
|
|
|
- EXPECT_NO_THROW(query.process(memory_client, Name("www.example.com"),
|
|
|
+ EXPECT_NO_THROW(query.process(list, Name("www.example.com"),
|
|
|
RRType::TXT(), response));
|
|
|
|
|
|
responseCheck(response, Rcode::NOERROR(), AA_FLAG, 0, 1, 0,
|
|
|
@@ -1350,7 +1355,7 @@ TEST_F(QueryTest, nxrrset) {
|
|
|
TEST_F(QueryTest, nxrrsetWithNSEC) {
|
|
|
// NXRRSET with DNSSEC proof. We should have SOA, NSEC that proves the
|
|
|
// NXRRSET and their RRSIGs.
|
|
|
- query.process(memory_client, Name("www.example.com"), RRType::TXT(),
|
|
|
+ query.process(list, Name("www.example.com"), RRType::TXT(),
|
|
|
response, true);
|
|
|
|
|
|
responseCheck(response, Rcode::NOERROR(), AA_FLAG, 0, 4, 0, NULL,
|
|
|
@@ -1371,7 +1376,7 @@ TEST_F(QueryTest, emptyNameWithNSEC) {
|
|
|
// exact match), so we only need one NSEC.
|
|
|
// From the point of the Query::process(), this is actually no different
|
|
|
// from the other NXRRSET case, but we check that explicitly just in case.
|
|
|
- query.process(memory_client, Name("no.example.com"), RRType::A(),
|
|
|
+ query.process(list, Name("no.example.com"), RRType::A(),
|
|
|
response, true);
|
|
|
|
|
|
responseCheck(response, Rcode::NOERROR(), AA_FLAG, 0, 4, 0, NULL,
|
|
|
@@ -1387,7 +1392,7 @@ TEST_F(QueryTest, nxrrsetWithoutNSEC) {
|
|
|
// NXRRSET with DNSSEC proof requested, but there's no NSEC at that node.
|
|
|
// This is an unexpected event (if the zone is supposed to be properly
|
|
|
// signed with NSECs), but we accept and ignore the oddity.
|
|
|
- query.process(memory_client, Name("nonsec.example.com"), RRType::TXT(),
|
|
|
+ query.process(list, Name("nonsec.example.com"), RRType::TXT(),
|
|
|
response, true);
|
|
|
|
|
|
responseCheck(response, Rcode::NOERROR(), AA_FLAG, 0, 2, 0, NULL,
|
|
|
@@ -1399,7 +1404,7 @@ TEST_F(QueryTest, nxrrsetWithoutNSEC) {
|
|
|
TEST_F(QueryTest, wildcardNSEC) {
|
|
|
// The qname matches *.wild.example.com. The response should contain
|
|
|
// an NSEC that proves the non existence of a closer name.
|
|
|
- query.process(memory_client, Name("www.wild.example.com"), RRType::A(),
|
|
|
+ query.process(list, Name("www.wild.example.com"), RRType::A(),
|
|
|
response, true);
|
|
|
responseCheck(response, Rcode::NOERROR(), AA_FLAG, 2, 6, 6,
|
|
|
(string(wild_txt).replace(0, 1, "www") +
|
|
|
@@ -1419,7 +1424,7 @@ TEST_F(QueryTest, wildcardNSEC) {
|
|
|
TEST_F(QueryTest, CNAMEwildNSEC) {
|
|
|
// Similar to the previous case, but the matching wildcard record is
|
|
|
// CNAME.
|
|
|
- query.process(memory_client, Name("www.cnamewild.example.com"),
|
|
|
+ query.process(list, Name("www.cnamewild.example.com"),
|
|
|
RRType::A(), response, true);
|
|
|
responseCheck(response, Rcode::NOERROR(), AA_FLAG, 2, 2, 0,
|
|
|
(string(cnamewild_txt).replace(0, 1, "www") +
|
|
|
@@ -1442,7 +1447,7 @@ TEST_F(QueryTest, wildcardNSEC3) {
|
|
|
// of identifying the next closer name.
|
|
|
mock_finder->addRecord(nsec3_atwild_txt);
|
|
|
|
|
|
- query.process(memory_client, Name("x.y.wild.example.com"), RRType::A(),
|
|
|
+ query.process(list, Name("x.y.wild.example.com"), RRType::A(),
|
|
|
response, true);
|
|
|
responseCheck(response, Rcode::NOERROR(), AA_FLAG, 2, 6, 6,
|
|
|
(string(wild_txt).replace(0, 1, "x.y") +
|
|
|
@@ -1467,7 +1472,7 @@ TEST_F(QueryTest, CNAMEwildNSEC3) {
|
|
|
mock_finder->setNSEC3Flag(true);
|
|
|
mock_finder->addRecord(nsec3_atcnamewild_txt);
|
|
|
|
|
|
- query.process(memory_client, Name("www.cnamewild.example.com"),
|
|
|
+ query.process(list, Name("www.cnamewild.example.com"),
|
|
|
RRType::A(), response, true);
|
|
|
responseCheck(response, Rcode::NOERROR(), AA_FLAG, 2, 2, 0,
|
|
|
(string(cnamewild_txt).replace(0, 1, "www") +
|
|
|
@@ -1490,7 +1495,7 @@ TEST_F(QueryTest, badWildcardNSEC3) {
|
|
|
ConstRRsetPtr());
|
|
|
mock_finder->setNSEC3Result(&nsec3);
|
|
|
|
|
|
- EXPECT_THROW(query.process(memory_client, Name("www.wild.example.com"),
|
|
|
+ EXPECT_THROW(query.process(list, Name("www.wild.example.com"),
|
|
|
RRType::A(), response, true),
|
|
|
Query::BadNSEC3);
|
|
|
}
|
|
|
@@ -1501,7 +1506,7 @@ TEST_F(QueryTest, badWildcardProof1) {
|
|
|
mock_finder->setNSECResult(Name("www.wild.example.com"),
|
|
|
ZoneFinder::SUCCESS,
|
|
|
mock_finder->dname_rrset_);
|
|
|
- EXPECT_THROW(query.process(memory_client, Name("www.wild.example.com"),
|
|
|
+ EXPECT_THROW(query.process(list, Name("www.wild.example.com"),
|
|
|
RRType::A(), response, true),
|
|
|
Query::BadNSEC);
|
|
|
}
|
|
|
@@ -1510,7 +1515,7 @@ TEST_F(QueryTest, badWildcardProof2) {
|
|
|
// "wildcard proof" doesn't return RRset.
|
|
|
mock_finder->setNSECResult(Name("www.wild.example.com"),
|
|
|
ZoneFinder::NXDOMAIN, ConstRRsetPtr());
|
|
|
- EXPECT_THROW(query.process(memory_client, Name("www.wild.example.com"),
|
|
|
+ EXPECT_THROW(query.process(list, Name("www.wild.example.com"),
|
|
|
RRType::A(), response, true),
|
|
|
Query::BadNSEC);
|
|
|
}
|
|
|
@@ -1520,7 +1525,7 @@ TEST_F(QueryTest, badWildcardProof3) {
|
|
|
mock_finder->setNSECResult(Name("www.wild.example.com"),
|
|
|
ZoneFinder::NXDOMAIN,
|
|
|
mock_finder->empty_nsec_rrset_);
|
|
|
- EXPECT_THROW(query.process(memory_client, Name("www.wild.example.com"),
|
|
|
+ EXPECT_THROW(query.process(list, Name("www.wild.example.com"),
|
|
|
RRType::A(), response, true),
|
|
|
Query::BadNSEC);
|
|
|
}
|
|
|
@@ -1529,7 +1534,7 @@ TEST_F(QueryTest, wildcardNxrrsetWithDuplicateNSEC) {
|
|
|
// NXRRSET on WILDCARD with DNSSEC proof. We should have SOA, NSEC that
|
|
|
// proves the NXRRSET and their RRSIGs. In this case we only need one NSEC,
|
|
|
// which proves both NXDOMAIN and the non existence RRSETs of wildcard.
|
|
|
- query.process(memory_client, Name("www.wild.example.com"), RRType::TXT(),
|
|
|
+ query.process(list, Name("www.wild.example.com"), RRType::TXT(),
|
|
|
response, true);
|
|
|
|
|
|
responseCheck(response, Rcode::NOERROR(), AA_FLAG, 0, 4, 0, NULL,
|
|
|
@@ -1546,7 +1551,7 @@ TEST_F(QueryTest, wildcardNxrrsetWithNSEC) {
|
|
|
// proves the NXRRSET and their RRSIGs. In this case we need two NSEC RRs,
|
|
|
// one proves NXDOMAIN and the other proves non existence RRSETs of
|
|
|
// wildcard.
|
|
|
- query.process(memory_client, Name("www1.uwild.example.com"),
|
|
|
+ query.process(list, Name("www1.uwild.example.com"),
|
|
|
RRType::TXT(), response, true);
|
|
|
|
|
|
responseCheck(response, Rcode::NOERROR(), AA_FLAG, 0, 6, 0, NULL,
|
|
|
@@ -1569,7 +1574,7 @@ TEST_F(QueryTest, wildcardNxrrsetWithNSEC3) {
|
|
|
mock_finder->addRecord(nsec3_uwild_txt);
|
|
|
mock_finder->setNSEC3Flag(true);
|
|
|
|
|
|
- query.process(memory_client, Name("www1.uwild.example.com"),
|
|
|
+ query.process(list, Name("www1.uwild.example.com"),
|
|
|
RRType::TXT(), response, true);
|
|
|
|
|
|
responseCheck(response, Rcode::NOERROR(), AA_FLAG, 0, 8, 0, NULL,
|
|
|
@@ -1603,7 +1608,7 @@ TEST_F(QueryTest, wildcardNxrrsetWithNSEC3Collision) {
|
|
|
ConstRRsetPtr());
|
|
|
mock_finder->setNSEC3Result(&nsec3);
|
|
|
|
|
|
- EXPECT_THROW(query.process(memory_client, Name("www1.uwild.example.com"),
|
|
|
+ EXPECT_THROW(query.process(list, Name("www1.uwild.example.com"),
|
|
|
RRType::TXT(), response, true),
|
|
|
Query::BadNSEC3);
|
|
|
}
|
|
|
@@ -1620,7 +1625,7 @@ TEST_F(QueryTest, wildcardNxrrsetWithNSEC3Broken) {
|
|
|
mock_finder->addRecord(nsec3_wild_txt);
|
|
|
mock_finder->addRecord(nsec3_uwild_txt);
|
|
|
|
|
|
- EXPECT_THROW(query.process(memory_client, Name("www1.uwild.example.com"),
|
|
|
+ EXPECT_THROW(query.process(list, Name("www1.uwild.example.com"),
|
|
|
RRType::TXT(), response, true),
|
|
|
Query::BadNSEC3);
|
|
|
}
|
|
|
@@ -1629,7 +1634,7 @@ TEST_F(QueryTest, wildcardEmptyWithNSEC) {
|
|
|
// Empty WILDCARD with DNSSEC proof. We should have SOA, NSEC that proves
|
|
|
// the NXDOMAIN and their RRSIGs. In this case we need two NSEC RRs,
|
|
|
// one proves NXDOMAIN and the other proves non existence wildcard.
|
|
|
- query.process(memory_client, Name("a.t.example.com"), RRType::A(),
|
|
|
+ query.process(list, Name("a.t.example.com"), RRType::A(),
|
|
|
response, true);
|
|
|
|
|
|
responseCheck(response, Rcode::NOERROR(), AA_FLAG, 0, 6, 0, NULL,
|
|
|
@@ -1653,19 +1658,19 @@ TEST_F(QueryTest, noSOA) {
|
|
|
mock_finder->setSOAFlag(false);
|
|
|
|
|
|
// The NX Domain
|
|
|
- EXPECT_THROW(query.process(memory_client, Name("nxdomain.example.com"),
|
|
|
+ EXPECT_THROW(query.process(list, Name("nxdomain.example.com"),
|
|
|
qtype, response), Query::NoSOA);
|
|
|
// Of course, we don't look into the response, as it throwed
|
|
|
|
|
|
// NXRRSET
|
|
|
- EXPECT_THROW(query.process(memory_client, Name("nxrrset.example.com"),
|
|
|
+ EXPECT_THROW(query.process(list, Name("nxrrset.example.com"),
|
|
|
qtype, response), Query::NoSOA);
|
|
|
}
|
|
|
|
|
|
TEST_F(QueryTest, noMatchZone) {
|
|
|
// there's a zone in the memory datasource but it doesn't match the qname.
|
|
|
// should result in REFUSED.
|
|
|
- query.process(memory_client, Name("example.org"), qtype, response);
|
|
|
+ query.process(list, Name("example.org"), qtype, response);
|
|
|
EXPECT_EQ(Rcode::REFUSED(), response.getRcode());
|
|
|
}
|
|
|
|
|
|
@@ -1676,7 +1681,7 @@ TEST_F(QueryTest, noMatchZone) {
|
|
|
* A record, other to unknown out of zone one.
|
|
|
*/
|
|
|
TEST_F(QueryTest, MX) {
|
|
|
- query.process(memory_client, Name("mx.example.com"), RRType::MX(),
|
|
|
+ query.process(list, Name("mx.example.com"), RRType::MX(),
|
|
|
response);
|
|
|
|
|
|
responseCheck(response, Rcode::NOERROR(), AA_FLAG, 3, 3, 4,
|
|
|
@@ -1690,7 +1695,7 @@ TEST_F(QueryTest, MX) {
|
|
|
* This should not trigger the additional processing for the exchange.
|
|
|
*/
|
|
|
TEST_F(QueryTest, MXAlias) {
|
|
|
- query.process(memory_client, Name("cnamemx.example.com"), RRType::MX(),
|
|
|
+ query.process(list, Name("cnamemx.example.com"), RRType::MX(),
|
|
|
response);
|
|
|
|
|
|
// there shouldn't be no additional RRs for the exchanges (we have 3
|
|
|
@@ -1710,7 +1715,7 @@ TEST_F(QueryTest, MXAlias) {
|
|
|
* returned.
|
|
|
*/
|
|
|
TEST_F(QueryTest, CNAME) {
|
|
|
- query.process(memory_client, Name("cname.example.com"), RRType::A(),
|
|
|
+ query.process(list, Name("cname.example.com"), RRType::A(),
|
|
|
response);
|
|
|
|
|
|
responseCheck(response, Rcode::NOERROR(), AA_FLAG, 1, 0, 0,
|
|
|
@@ -1720,7 +1725,7 @@ TEST_F(QueryTest, CNAME) {
|
|
|
TEST_F(QueryTest, explicitCNAME) {
|
|
|
// same owner name as the CNAME test but explicitly query for CNAME RR.
|
|
|
// expect the same response as we don't provide a full chain yet.
|
|
|
- query.process(memory_client, Name("cname.example.com"), RRType::CNAME(),
|
|
|
+ query.process(list, Name("cname.example.com"), RRType::CNAME(),
|
|
|
response);
|
|
|
|
|
|
responseCheck(response, Rcode::NOERROR(), AA_FLAG, 1, 3, 3,
|
|
|
@@ -1732,7 +1737,7 @@ TEST_F(QueryTest, CNAME_NX_RRSET) {
|
|
|
// note: with chaining, what should be expected is not trivial:
|
|
|
// BIND 9 returns the CNAME in answer and SOA in authority, no additional.
|
|
|
// NSD returns the CNAME, NS in authority, A/AAAA for NS in additional.
|
|
|
- query.process(memory_client, Name("cname.example.com"), RRType::TXT(),
|
|
|
+ query.process(list, Name("cname.example.com"), RRType::TXT(),
|
|
|
response);
|
|
|
|
|
|
responseCheck(response, Rcode::NOERROR(), AA_FLAG, 1, 0, 0,
|
|
|
@@ -1741,7 +1746,7 @@ TEST_F(QueryTest, CNAME_NX_RRSET) {
|
|
|
|
|
|
TEST_F(QueryTest, explicitCNAME_NX_RRSET) {
|
|
|
// same owner name as the NXRRSET test but explicitly query for CNAME RR.
|
|
|
- query.process(memory_client, Name("cname.example.com"), RRType::CNAME(),
|
|
|
+ query.process(list, Name("cname.example.com"), RRType::CNAME(),
|
|
|
response);
|
|
|
|
|
|
responseCheck(response, Rcode::NOERROR(), AA_FLAG, 1, 3, 3,
|
|
|
@@ -1755,7 +1760,7 @@ TEST_F(QueryTest, CNAME_NX_DOMAIN) {
|
|
|
// RCODE being NXDOMAIN.
|
|
|
// NSD returns the CNAME, NS in authority, A/AAAA for NS in additional,
|
|
|
// RCODE being NOERROR.
|
|
|
- query.process(memory_client, Name("cnamenxdom.example.com"), RRType::A(),
|
|
|
+ query.process(list, Name("cnamenxdom.example.com"), RRType::A(),
|
|
|
response);
|
|
|
|
|
|
responseCheck(response, Rcode::NOERROR(), AA_FLAG, 1, 0, 0,
|
|
|
@@ -1764,7 +1769,7 @@ TEST_F(QueryTest, CNAME_NX_DOMAIN) {
|
|
|
|
|
|
TEST_F(QueryTest, explicitCNAME_NX_DOMAIN) {
|
|
|
// same owner name as the NXDOMAIN test but explicitly query for CNAME RR.
|
|
|
- query.process(memory_client, Name("cnamenxdom.example.com"),
|
|
|
+ query.process(list, Name("cnamenxdom.example.com"),
|
|
|
RRType::CNAME(), response);
|
|
|
|
|
|
responseCheck(response, Rcode::NOERROR(), AA_FLAG, 1, 3, 3,
|
|
|
@@ -1780,7 +1785,7 @@ TEST_F(QueryTest, CNAME_OUT) {
|
|
|
* Then the same test should be done with .org included there and
|
|
|
* see what it does (depends on what we want to do)
|
|
|
*/
|
|
|
- query.process(memory_client, Name("cnameout.example.com"), RRType::A(),
|
|
|
+ query.process(list, Name("cnameout.example.com"), RRType::A(),
|
|
|
response);
|
|
|
|
|
|
responseCheck(response, Rcode::NOERROR(), AA_FLAG, 1, 0, 0,
|
|
|
@@ -1789,7 +1794,7 @@ TEST_F(QueryTest, CNAME_OUT) {
|
|
|
|
|
|
TEST_F(QueryTest, explicitCNAME_OUT) {
|
|
|
// same owner name as the OUT test but explicitly query for CNAME RR.
|
|
|
- query.process(memory_client, Name("cnameout.example.com"), RRType::CNAME(),
|
|
|
+ query.process(list, Name("cnameout.example.com"), RRType::CNAME(),
|
|
|
response);
|
|
|
|
|
|
responseCheck(response, Rcode::NOERROR(), AA_FLAG, 1, 3, 3,
|
|
|
@@ -1805,7 +1810,7 @@ TEST_F(QueryTest, explicitCNAME_OUT) {
|
|
|
* pointing to NXRRSET and NXDOMAIN cases (similarly as with CNAME).
|
|
|
*/
|
|
|
TEST_F(QueryTest, DNAME) {
|
|
|
- query.process(memory_client, Name("www.dname.example.com"), RRType::A(),
|
|
|
+ query.process(list, Name("www.dname.example.com"), RRType::A(),
|
|
|
response);
|
|
|
|
|
|
responseCheck(response, Rcode::NOERROR(), AA_FLAG, 2, 0, 0,
|
|
|
@@ -1821,7 +1826,7 @@ TEST_F(QueryTest, DNAME) {
|
|
|
* DNAME.
|
|
|
*/
|
|
|
TEST_F(QueryTest, DNAME_ANY) {
|
|
|
- query.process(memory_client, Name("www.dname.example.com"), RRType::ANY(),
|
|
|
+ query.process(list, Name("www.dname.example.com"), RRType::ANY(),
|
|
|
response);
|
|
|
|
|
|
responseCheck(response, Rcode::NOERROR(), AA_FLAG, 2, 0, 0,
|
|
|
@@ -1830,7 +1835,7 @@ TEST_F(QueryTest, DNAME_ANY) {
|
|
|
|
|
|
// Test when we ask for DNAME explicitly, it does no synthetizing.
|
|
|
TEST_F(QueryTest, explicitDNAME) {
|
|
|
- query.process(memory_client, Name("dname.example.com"), RRType::DNAME(),
|
|
|
+ query.process(list, Name("dname.example.com"), RRType::DNAME(),
|
|
|
response);
|
|
|
|
|
|
responseCheck(response, Rcode::NOERROR(), AA_FLAG, 1, 3, 3,
|
|
|
@@ -1842,7 +1847,7 @@ TEST_F(QueryTest, explicitDNAME) {
|
|
|
* the CNAME, it should return the RRset.
|
|
|
*/
|
|
|
TEST_F(QueryTest, DNAME_A) {
|
|
|
- query.process(memory_client, Name("dname.example.com"), RRType::A(),
|
|
|
+ query.process(list, Name("dname.example.com"), RRType::A(),
|
|
|
response);
|
|
|
|
|
|
responseCheck(response, Rcode::NOERROR(), AA_FLAG, 1, 3, 3,
|
|
|
@@ -1854,7 +1859,7 @@ TEST_F(QueryTest, DNAME_A) {
|
|
|
* It should not synthetize the CNAME.
|
|
|
*/
|
|
|
TEST_F(QueryTest, DNAME_NX_RRSET) {
|
|
|
- EXPECT_NO_THROW(query.process(memory_client, Name("dname.example.com"),
|
|
|
+ EXPECT_NO_THROW(query.process(list, Name("dname.example.com"),
|
|
|
RRType::TXT(), response));
|
|
|
|
|
|
responseCheck(response, Rcode::NOERROR(), AA_FLAG, 0, 1, 0,
|
|
|
@@ -1874,7 +1879,7 @@ TEST_F(QueryTest, LongDNAME) {
|
|
|
"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa."
|
|
|
"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa."
|
|
|
"dname.example.com.");
|
|
|
- EXPECT_NO_THROW(query.process(memory_client, longname, RRType::A(),
|
|
|
+ EXPECT_NO_THROW(query.process(list, longname, RRType::A(),
|
|
|
response));
|
|
|
|
|
|
responseCheck(response, Rcode::YXDOMAIN(), AA_FLAG, 1, 0, 0,
|
|
|
@@ -1893,7 +1898,7 @@ TEST_F(QueryTest, MaxLenDNAME) {
|
|
|
"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa."
|
|
|
"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa."
|
|
|
"dname.example.com.");
|
|
|
- EXPECT_NO_THROW(query.process(memory_client, longname, RRType::A(),
|
|
|
+ EXPECT_NO_THROW(query.process(list, longname, RRType::A(),
|
|
|
response));
|
|
|
|
|
|
// Check the answer is OK
|
|
|
@@ -2079,7 +2084,7 @@ TEST_F(QueryTest, dsAboveDelegation) {
|
|
|
|
|
|
// The following will succeed only if the search goes to the parent
|
|
|
// zone, not the child one we added above.
|
|
|
- EXPECT_NO_THROW(query.process(memory_client,
|
|
|
+ EXPECT_NO_THROW(query.process(list,
|
|
|
Name("delegation.example.com"),
|
|
|
RRType::DS(), response, true));
|
|
|
|
|
|
@@ -2103,7 +2108,7 @@ TEST_F(QueryTest, dsAboveDelegationNoData) {
|
|
|
|
|
|
// The following will succeed only if the search goes to the parent
|
|
|
// zone, not the child one we added above.
|
|
|
- EXPECT_NO_THROW(query.process(memory_client,
|
|
|
+ EXPECT_NO_THROW(query.process(list,
|
|
|
Name("unsigned-delegation.example.com"),
|
|
|
RRType::DS(), response, true));
|
|
|
|
|
|
@@ -2121,7 +2126,7 @@ TEST_F(QueryTest, dsAboveDelegationNoData) {
|
|
|
// when it happens to be sent to the child zone, as described in RFC 4035,
|
|
|
// section 3.1.4.1. The example is inspired by the B.8. example from the RFC.
|
|
|
TEST_F(QueryTest, dsBelowDelegation) {
|
|
|
- EXPECT_NO_THROW(query.process(memory_client, Name("example.com"),
|
|
|
+ EXPECT_NO_THROW(query.process(list, Name("example.com"),
|
|
|
RRType::DS(), response, true));
|
|
|
|
|
|
responseCheck(response, Rcode::NOERROR(), AA_FLAG, 0, 4, 0, NULL,
|
|
|
@@ -2138,7 +2143,7 @@ TEST_F(QueryTest, dsBelowDelegation) {
|
|
|
// In our implementation NSEC/NSEC3 isn't attached in this case.
|
|
|
TEST_F(QueryTest, dsBelowDelegationWithDS) {
|
|
|
mock_finder->addRecord(zone_ds_txt); // add the DS to the child's apex
|
|
|
- EXPECT_NO_THROW(query.process(memory_client, Name("example.com"),
|
|
|
+ EXPECT_NO_THROW(query.process(list, Name("example.com"),
|
|
|
RRType::DS(), response, true));
|
|
|
|
|
|
responseCheck(response, Rcode::NOERROR(), AA_FLAG, 0, 2, 0, NULL,
|
|
|
@@ -2151,7 +2156,7 @@ TEST_F(QueryTest, dsBelowDelegationWithDS) {
|
|
|
// server. It should just like the "noZone" test case, but DS query involves
|
|
|
// special processing, so we test it explicitly.
|
|
|
TEST_F(QueryTest, dsNoZone) {
|
|
|
- query.process(memory_client, Name("example"), RRType::DS(), response,
|
|
|
+ query.process(list, Name("example"), RRType::DS(), response,
|
|
|
true);
|
|
|
responseCheck(response, Rcode::REFUSED(), 0, 0, 0, 0, NULL, NULL, NULL);
|
|
|
}
|
|
|
@@ -2159,7 +2164,7 @@ TEST_F(QueryTest, dsNoZone) {
|
|
|
// DS query for a "grandchild" zone. This should result in normal
|
|
|
// delegation (unless this server also has authority of the grandchild zone).
|
|
|
TEST_F(QueryTest, dsAtGrandParent) {
|
|
|
- query.process(memory_client, Name("grand.delegation.example.com"),
|
|
|
+ query.process(list, Name("grand.delegation.example.com"),
|
|
|
RRType::DS(), response, true);
|
|
|
responseCheck(response, Rcode::NOERROR(), 0, 0, 6, 6, NULL,
|
|
|
(string(delegation_txt) + string(delegation_ds_txt) +
|
|
|
@@ -2178,7 +2183,7 @@ TEST_F(QueryTest, dsAtGrandParentAndChild) {
|
|
|
const Name childname("grand.delegation.example.com");
|
|
|
memory_client.addZone(ZoneFinderPtr(
|
|
|
new AlternateZoneFinder(childname)));
|
|
|
- query.process(memory_client, childname, RRType::DS(), response, true);
|
|
|
+ query.process(list, childname, RRType::DS(), response, true);
|
|
|
responseCheck(response, Rcode::NOERROR(), AA_FLAG, 0, 4, 0, NULL,
|
|
|
(childname.toText() + " 3600 IN SOA . . 0 0 0 0 0\n" +
|
|
|
childname.toText() + " 3600 IN RRSIG " +
|
|
|
@@ -2196,7 +2201,7 @@ TEST_F(QueryTest, dsAtRoot) {
|
|
|
// Pretend to be a root server.
|
|
|
memory_client.addZone(ZoneFinderPtr(
|
|
|
new AlternateZoneFinder(Name::ROOT_NAME())));
|
|
|
- query.process(memory_client, Name::ROOT_NAME(), RRType::DS(), response,
|
|
|
+ query.process(list, Name::ROOT_NAME(), RRType::DS(), response,
|
|
|
true);
|
|
|
responseCheck(response, Rcode::NOERROR(), AA_FLAG, 0, 4, 0, NULL,
|
|
|
(string(". 3600 IN SOA . . 0 0 0 0 0\n") +
|
|
|
@@ -2213,7 +2218,7 @@ TEST_F(QueryTest, dsAtRootWithDS) {
|
|
|
memory_client.addZone(ZoneFinderPtr(
|
|
|
new AlternateZoneFinder(Name::ROOT_NAME(),
|
|
|
true)));
|
|
|
- query.process(memory_client, Name::ROOT_NAME(), RRType::DS(), response,
|
|
|
+ query.process(list, Name::ROOT_NAME(), RRType::DS(), response,
|
|
|
true);
|
|
|
responseCheck(response, Rcode::NOERROR(), AA_FLAG, 2, 2, 0,
|
|
|
(string(". 3600 IN DS 57855 5 1 49FD46E6C4B45C55D4AC69CBD"
|
|
|
@@ -2230,7 +2235,7 @@ TEST_F(QueryTest, nxrrsetWithNSEC3) {
|
|
|
|
|
|
// NXRRSET with DNSSEC proof. We should have SOA, NSEC3 that proves the
|
|
|
// NXRRSET and their RRSIGs.
|
|
|
- query.process(memory_client, Name("www.example.com"), RRType::TXT(),
|
|
|
+ query.process(list, Name("www.example.com"), RRType::TXT(),
|
|
|
response, true);
|
|
|
|
|
|
responseCheck(response, Rcode::NOERROR(), AA_FLAG, 0, 4, 0, NULL,
|
|
|
@@ -2253,7 +2258,7 @@ TEST_F(QueryTest, nxrrsetMissingNSEC3) {
|
|
|
ConstRRsetPtr());
|
|
|
mock_finder->setNSEC3Result(&nsec3);
|
|
|
|
|
|
- EXPECT_THROW(query.process(memory_client, Name("www.example.com"),
|
|
|
+ EXPECT_THROW(query.process(list, Name("www.example.com"),
|
|
|
RRType::TXT(), response, true),
|
|
|
Query::BadNSEC3);
|
|
|
}
|
|
|
@@ -2264,7 +2269,7 @@ TEST_F(QueryTest, nxrrsetWithNSEC3_ds_exact) {
|
|
|
|
|
|
// This delegation has no DS, but does have a matching NSEC3 record
|
|
|
// (See RFC5155 section 7.2.4)
|
|
|
- query.process(memory_client, Name("unsigned-delegation.example.com."),
|
|
|
+ query.process(list, Name("unsigned-delegation.example.com."),
|
|
|
RRType::DS(), response, true);
|
|
|
responseCheck(response, Rcode::NOERROR(), AA_FLAG, 0, 4, 0, NULL,
|
|
|
(string(soa_txt) + string("example.com. 3600 IN RRSIG ") +
|
|
|
@@ -2286,7 +2291,7 @@ TEST_F(QueryTest, nxrrsetWithNSEC3_ds_no_exact) {
|
|
|
// 'next closer' should have opt-out set, though that is not
|
|
|
// actually checked)
|
|
|
// (See RFC5155 section 7.2.4)
|
|
|
- query.process(memory_client, Name("unsigned-delegation-optout.example.com."),
|
|
|
+ query.process(list, Name("unsigned-delegation-optout.example.com."),
|
|
|
RRType::DS(), response, true);
|
|
|
responseCheck(response, Rcode::NOERROR(), AA_FLAG, 0, 6, 0, NULL,
|
|
|
(string(soa_txt) + string("example.com. 3600 IN RRSIG ") +
|
|
|
@@ -2313,7 +2318,7 @@ TEST_F(QueryTest, nxdomainWithNSEC3Proof) {
|
|
|
// This will be the covering NSEC3 for the possible wildcard
|
|
|
mock_finder->addRecord(unsigned_delegation_nsec3_txt);
|
|
|
|
|
|
- query.process(memory_client, Name("nxdomain.example.com"), qtype,
|
|
|
+ query.process(list, Name("nxdomain.example.com"), qtype,
|
|
|
response, true);
|
|
|
responseCheck(response, Rcode::NXDOMAIN(), AA_FLAG, 0, 8, 0, NULL,
|
|
|
// SOA + its RRSIG
|
|
|
@@ -2348,7 +2353,7 @@ TEST_F(QueryTest, nxdomainWithBadNextNSEC3Proof) {
|
|
|
ConstRRsetPtr());
|
|
|
mock_finder->setNSEC3Result(&nsec3);
|
|
|
|
|
|
- EXPECT_THROW(query.process(memory_client, Name("nxdomain.example.com"),
|
|
|
+ EXPECT_THROW(query.process(list, Name("nxdomain.example.com"),
|
|
|
RRType::TXT(), response, true),
|
|
|
Query::BadNSEC3);
|
|
|
}
|
|
|
@@ -2367,7 +2372,7 @@ TEST_F(QueryTest, nxdomainWithBadWildcardNSEC3Proof) {
|
|
|
ConstRRsetPtr());
|
|
|
mock_finder->setNSEC3Result(&nsec3, &wname);
|
|
|
|
|
|
- EXPECT_THROW(query.process(memory_client, Name("nxdomain.example.com"), qtype,
|
|
|
+ EXPECT_THROW(query.process(list, Name("nxdomain.example.com"), qtype,
|
|
|
response, true),
|
|
|
Query::BadNSEC3);
|
|
|
}
|
Michal 'vorner' Vaner