[svn] commit: r1160 - in /trunk/src/lib/auth: data_source_sqlite3_unittest.cc testdata/example.com.signed testdata/test.sqlite3
BIND 10 source code commits
bind10-changes at lists.isc.org
Sat Mar 6 22:43:09 UTC 2010
Author: jinmei
Date: Sat Mar 6 22:43:09 2010
New Revision: 1160
Log:
added more sqlite3 data source tests.
these cover bugs of trac tickets #73 and #74 (currently commented out).
Modified:
trunk/src/lib/auth/data_source_sqlite3_unittest.cc
trunk/src/lib/auth/testdata/example.com.signed
trunk/src/lib/auth/testdata/test.sqlite3
Modified: trunk/src/lib/auth/data_source_sqlite3_unittest.cc
==============================================================================
--- trunk/src/lib/auth/data_source_sqlite3_unittest.cc (original)
+++ trunk/src/lib/auth/data_source_sqlite3_unittest.cc Sat Mar 6 22:43:09 2010
@@ -44,6 +44,21 @@
static const string sigdata_common(" 20100322084538 20100220084538 "
"33495 example.com. FAKEFAKEFAKEFAKE");
+static const string dnskey1_data(" AwEAAcOUBllYc1hf7ND9uDy+Yz1BF3sI0m4q"
+ "NGV7WcTD0WEiuV7IjXgHE36fCmS9QsUxSSOV"
+ "o1I/FMxI2PJVqTYHkXFBS7AzLGsQYMU7UjBZ"
+ "SotBJ6Imt5pXMu+lEDNy8TOUzG3xm7g0qcbW"
+ "YF6qCEfvZoBtAqi5Rk7Mlrqs8agxYyMx");
+static const string dnskey2_data(" AwEAAe5WFbxdCPq2jZrZhlMj7oJdff3W7syJ"
+ "tbvzg62tRx0gkoCDoBI9DPjlOQG0UAbj+xUV"
+ "4HQZJStJaZ+fHU5AwVNT+bBZdtV+NujSikhd"
+ "THb4FYLg2b3Cx9NyJvAVukHp/91HnWuG4T36"
+ "CzAFrfPwsHIrBz9BsaIQ21VRkcmj7DswfI/i"
+ "DGd8j6bqiODyNZYQ+ZrLmF0KIJ2yPN3iO6Zq"
+ "23TaOrVTjB7d1a/h31ODfiHAxFHrkY3t3D5J"
+ "R9Nsl/7fdRmSznwtcSDgLXBoFEYmw6p86Acv"
+ "RyoYNcL1SXjaKVLG5jyU3UR+LcGZT5t/0xGf"
+ "oIK/aKwENrsjcKZZj660b1M=");
static const Name zone_name("example.com");
static const Name nomatch_name("example.org");
@@ -65,14 +80,44 @@
message.addQuestion(Question(Name("example.org"), rrclass, rrtype));
query = new Query(message, true);
- www_data.push_back("192.0.2.1");
- www_sig_data.push_back("A 5 3 3600" + sigdata_common);
+ common_a_data.push_back("192.0.2.1");
+ common_sig_data.push_back("A 5 3 3600" + sigdata_common);
+
www_nsec_data.push_back("example.com. A RRSIG NSEC");
www_nsec_sig_data.push_back("NSEC 5 3 7200" + sigdata_common);
+
+ apex_soa_data.push_back("master.example.com. admin.example.com. "
+ "1234 3600 1800 2419200 7200");
+ apex_soa_sig_data.push_back("SOA 5 2 3600" + sigdata_common);
apex_ns_data.push_back("dns01.example.com.");
apex_ns_data.push_back("dns02.example.com.");
apex_ns_data.push_back("dns03.example.com.");
apex_ns_sig_data.push_back("NS 5 2 3600" + sigdata_common);
+ apex_mx_data.push_back("10 mail.example.com.");
+ apex_mx_data.push_back("20 mail.subzone.example.com.");
+ apex_mx_sig_data.push_back("MX 5 2 3600" + sigdata_common);
+ apex_nsec_data.push_back("cname-ext.example.com. "
+ "NS SOA MX RRSIG NSEC DNSKEY");
+ apex_nsec_sig_data.push_back("NSEC 5 2 7200" + sigdata_common);
+ apex_dnskey_data.push_back("256 3 5" + dnskey1_data);
+ apex_dnskey_data.push_back("257 3 5" + dnskey2_data);
+ // this one is special (using different key):
+ apex_dnskey_sig_data.push_back("DNSKEY 5 2 3600 20100322084538 "
+ "20100220084538 4456 example.com. "
+ "FAKEFAKEFAKEFAKE");
+ apex_dnskey_sig_data.push_back("DNSKEY 5 2 3600" + sigdata_common);
+
+ wild_a_data.push_back("192.0.2.255");
+ dname_data.push_back("sql1.example.com.");
+ dname_sig_data.push_back("DNAME 5 3 3600" + sigdata_common);
+ cname_data.push_back("cnametest.example.org.");
+ cname_sig_data.push_back("CNAME 5 3 3600" + sigdata_common);
+ cname_nsec_data.push_back("mail.example.com. CNAME RRSIG NSEC");
+ cname_nsec_sig_data.push_back("NSEC 5 3 7200" + sigdata_common);
+ delegation_ns_data.push_back("ns1.subzone.example.com.");
+ delegation_ns_data.push_back("ns2.subzone.example.com.");
+ delegation_nsec_data.push_back("*.wild.example.com. NS DS RRSIG NSEC");
+ delegation_nsec_sig_data.push_back("NSEC 5 3 7200" + sigdata_common);
}
~Sqlite3DataSourceTest() { delete query; }
Sqlite3DataSrc data_source;
@@ -93,12 +138,31 @@
vector<const vector<string>* > signatures;
vector<RRType> expected_types;
- vector<string> www_data;
- vector<string> www_sig_data;
+ vector<string> common_a_data;
+ vector<string> common_sig_data;
vector<string> www_nsec_data;
vector<string> www_nsec_sig_data;
+ vector<string> apex_soa_data;
+ vector<string> apex_soa_sig_data;
vector<string> apex_ns_data;
vector<string> apex_ns_sig_data;
+ vector<string> apex_mx_data;
+ vector<string> apex_mx_sig_data;
+ vector<string> apex_nsec_data;
+ vector<string> apex_nsec_sig_data;
+ vector<string> apex_dnskey_data;
+ vector<string> apex_dnskey_sig_data;
+ vector<string> wild_a_data;
+ vector<string> dname_data;
+ vector<string> dname_sig_data;
+ vector<string> cname_data;
+ vector<string> cname_sig_data;
+ vector<string> cname_nsec_data;
+ vector<string> cname_nsec_sig_data;
+ vector<string> delegation_ns_data;
+ vector<string> delegation_ns_sig_data;
+ vector<string> delegation_nsec_data;
+ vector<string> delegation_nsec_sig_data;
};
void
@@ -161,8 +225,9 @@
EXPECT_EQ(expected_flags, find_flags);
RRsetList::iterator it = result_sets.begin();
for (; it != result_sets.end(); ++it) {
- vector<RRType>::const_iterator found_type = find(expected_types.begin(), expected_types.end(),
- (*it)->getType());
+ vector<RRType>::const_iterator found_type =
+ find(expected_types.begin(), expected_types.end(),
+ (*it)->getType());
// there should be a match
EXPECT_TRUE(found_type != expected_types.end());
if (found_type != expected_types.end()) {
@@ -222,10 +287,10 @@
TEST_F(Sqlite3DataSourceTest, findRRsetNormal) {
// Without specifying the zone name, and then with the zone name
checkFind(data_source, *query, www_name, NULL, rrclass, rrtype, rrttl, 0,
- www_data, &www_sig_data);
+ common_a_data, &common_sig_data);
checkFind(data_source, *query, www_name, &zone_name, rrclass, rrtype, rrttl,
- 0, www_data, &www_sig_data);
+ 0, common_a_data, &common_sig_data);
// With a zone name that doesn't match
EXPECT_EQ(DataSrc::SUCCESS,
@@ -240,9 +305,9 @@
types.push_back(RRType::NSEC());
ttls.push_back(RRTTL(3600));
ttls.push_back(RRTTL(7200));
- answers.push_back(&www_data);
+ answers.push_back(&common_a_data);
answers.push_back(&www_nsec_data);
- signatures.push_back(&www_sig_data);
+ signatures.push_back(&common_sig_data);
signatures.push_back(&www_nsec_sig_data);
rrtype = RRType::ANY();
@@ -256,10 +321,10 @@
// Case insensitive lookup
TEST_F(Sqlite3DataSourceTest, findRRsetNormalCase) {
checkFind(data_source, *query, www_upper_name, NULL, rrclass, rrtype, rrttl,
- 0, www_data, &www_sig_data);
+ 0, common_a_data, &common_sig_data);
checkFind(data_source, *query, www_upper_name, &zone_name, rrclass, rrtype,
- rrttl, 0, www_data, &www_sig_data);
+ rrttl, 0, common_a_data, &common_sig_data);
EXPECT_EQ(DataSrc::SUCCESS,
data_source.findRRset(*query, www_upper_name, rrclass, rrtype,
@@ -283,4 +348,190 @@
EXPECT_TRUE(result_sets.begin() == result_sets.end()); // should be empty
}
-}
+TEST_F(Sqlite3DataSourceTest, findRRsetApexANY) {
+ types.push_back(RRType::SOA());
+ types.push_back(RRType::NS());
+ types.push_back(RRType::MX());
+ types.push_back(RRType::NSEC());
+ types.push_back(RRType::DNSKEY());
+ ttls.push_back(rrttl); // SOA TTL
+ ttls.push_back(rrttl); // NS TTL
+ ttls.push_back(rrttl); // MX TTL
+ ttls.push_back(RRTTL(7200)); // NSEC TTL
+ ttls.push_back(rrttl); // DNSKEY TTL
+ answers.push_back(&apex_soa_data);
+ answers.push_back(&apex_ns_data);
+ answers.push_back(&apex_mx_data);
+ answers.push_back(&apex_nsec_data);
+ answers.push_back(&apex_dnskey_data);
+ signatures.push_back(&apex_soa_sig_data);
+ signatures.push_back(&apex_ns_sig_data);
+ signatures.push_back(&apex_mx_sig_data);
+ signatures.push_back(&apex_nsec_sig_data);
+ signatures.push_back(&apex_dnskey_sig_data);
+
+ rrtype = RRType::ANY();
+ checkFind(data_source, *query, zone_name, NULL, rrclass, rrtype, ttls, 0,
+ types, answers, signatures);
+
+ checkFind(data_source, *query, zone_name, &zone_name, rrclass, rrtype, ttls,
+ 0, types, answers, signatures);
+}
+
+TEST_F(Sqlite3DataSourceTest, findRRsetApexNXRRSET) {
+ rrtype = RRType::AAAA();
+ EXPECT_EQ(DataSrc::SUCCESS,
+ data_source.findRRset(*query, zone_name, rrclass, rrtype,
+ result_sets, find_flags, &zone_name));
+ // there's an NS RRset at the apex name, so the REFERRAL flag should be
+ // set, too.
+ EXPECT_EQ(DataSrc::TYPE_NOT_FOUND | DataSrc::REFERRAL, find_flags);
+ EXPECT_TRUE(result_sets.begin() == result_sets.end());
+
+ // Same test, without specifying the zone name
+ EXPECT_EQ(DataSrc::SUCCESS,
+ data_source.findRRset(*query, zone_name, rrclass, rrtype,
+ result_sets, find_flags, NULL));
+ // there's an NS RRset at the apex name, so the REFERRAL flag should be
+ // set, too.
+ EXPECT_EQ(DataSrc::TYPE_NOT_FOUND | DataSrc::REFERRAL, find_flags);
+ EXPECT_TRUE(result_sets.begin() == result_sets.end());
+}
+
+// Matching a wildcard node. There's nothing special for the data source API
+// point of view, but perform minimal tests anyway.
+TEST_F(Sqlite3DataSourceTest, findRRsetWildcard) {
+ Name qname("*.wild.example.com");
+ checkFind(data_source, *query, qname, NULL, rrclass,
+ rrtype, rrttl, 0, wild_a_data, &common_sig_data);
+ checkFind(data_source, *query, qname, &zone_name, rrclass,
+ rrtype, rrttl, 0, wild_a_data, &common_sig_data);
+}
+
+TEST_F(Sqlite3DataSourceTest, findRRsetEmptyNode) {
+ // foo.bar.example.com exists, but bar.example.com doesn't have any data.
+ Name qname("bar.example.com");
+
+ EXPECT_EQ(DataSrc::SUCCESS,
+ data_source.findRRset(*query, qname, rrclass, rrtype,
+ result_sets, find_flags, NULL));
+ EXPECT_EQ(DataSrc::TYPE_NOT_FOUND, find_flags);
+ EXPECT_TRUE(result_sets.begin() == result_sets.end());
+
+ EXPECT_EQ(DataSrc::SUCCESS,
+ data_source.findRRset(*query, qname, rrclass, rrtype,
+ result_sets, find_flags, &zone_name));
+ EXPECT_EQ(DataSrc::TYPE_NOT_FOUND, find_flags);
+ EXPECT_TRUE(result_sets.begin() == result_sets.end());
+}
+
+// There's nothing special about DNAME lookup for the data source API
+// point of view, but perform minimal tests anyway.
+TEST_F(Sqlite3DataSourceTest, findRRsetDNAME) {
+ Name qname("dname.example.com");
+
+ rrtype = RRType::DNAME();
+ checkFind(data_source, *query, qname, NULL, rrclass,
+ rrtype, rrttl, 0, dname_data, &dname_sig_data);
+ checkFind(data_source, *query, qname, &zone_name, rrclass,
+ rrtype, rrttl, 0, dname_data, &dname_sig_data);
+}
+
+TEST_F(Sqlite3DataSourceTest, findRRsetCNAME) {
+ Name qname("foo.example.com");
+
+ // This qname only has the CNAME (+ sigs). CNAME query is not different
+ // from ordinary queries.
+ rrtype = RRType::CNAME();
+ checkFind(data_source, *query, qname, NULL, rrclass,
+ rrtype, rrttl, 0, cname_data, &cname_sig_data);
+ checkFind(data_source, *query, qname, &zone_name, rrclass,
+ rrtype, rrttl, 0, cname_data, &cname_sig_data);
+
+ // queries for (ordinary) different RR types that match the CNAME.
+ // CNAME_FOUND flag is set, and the CNAME RR is returned instead of A
+ rrtype = RRType::A();
+ types.push_back(RRType::CNAME());
+ ttls.push_back(rrttl);
+ answers.push_back(&cname_data);
+ signatures.push_back(&cname_sig_data);
+ checkFind(data_source, *query, qname, NULL, rrclass,
+ rrtype, ttls, DataSrc::CNAME_FOUND, types, answers, signatures);
+ checkFind(data_source, *query, qname, &zone_name, rrclass,
+ rrtype, ttls, DataSrc::CNAME_FOUND, types, answers, signatures);
+
+ // NSEC query that match the CNAME.
+ // CNAME_FOUND flag is NOT set, and the NSEC RR is returned instead of
+ // CNAME.
+ rrtype = RRType::NSEC();
+ checkFind(data_source, *query, qname, NULL, rrclass,
+ rrtype, RRTTL(7200), 0, cname_nsec_data, &cname_nsec_sig_data);
+ checkFind(data_source, *query, qname, &zone_name, rrclass,
+ rrtype, RRTTL(7200), 0, cname_nsec_data, &cname_nsec_sig_data);
+}
+
+TEST_F(Sqlite3DataSourceTest, findRRsetDelegation) {
+ Name qname("www.subzone.example.com");
+
+ // query for a name under a zone cut. From the data source API point
+ // of view this is no different than "NXDOMAIN".
+ EXPECT_EQ(DataSrc::SUCCESS,
+ data_source.findRRset(*query, qname, rrclass, rrtype,
+ result_sets, find_flags, NULL));
+ // there's an NS RRset at the apex name, so the REFERRAL flag should be
+ // set, too.
+ EXPECT_EQ(DataSrc::NAME_NOT_FOUND, find_flags);
+ EXPECT_TRUE(result_sets.begin() == result_sets.end());
+}
+
+TEST_F(Sqlite3DataSourceTest, findRRsetDelegationAtZoneCut) {
+ Name qname("subzone.example.com");
+
+ // query for a name *at* a zone cut. It matches the NS RRset for the
+ // delegation.
+
+ // For non-NS ordinary queries, "no type" should be set too, and no RRset is
+ // returned.
+ EXPECT_EQ(DataSrc::SUCCESS,
+ data_source.findRRset(*query, qname, rrclass, rrtype,
+ result_sets, find_flags, NULL));
+ EXPECT_EQ(DataSrc::TYPE_NOT_FOUND | DataSrc::REFERRAL, find_flags);
+ EXPECT_TRUE(result_sets.begin() == result_sets.end());
+
+ EXPECT_EQ(DataSrc::SUCCESS,
+ data_source.findRRset(*query, qname, rrclass, rrtype,
+ result_sets, find_flags, &zone_name));
+ EXPECT_EQ(DataSrc::TYPE_NOT_FOUND | DataSrc::REFERRAL, find_flags);
+ EXPECT_TRUE(result_sets.begin() == result_sets.end());
+
+ // For NS query, RRset is returned with the REFERRAL flag. No RRSIG should
+ // be provided.
+ rrtype = RRType::NS();
+ checkFind(data_source, *query, qname, NULL, rrclass,
+ rrtype, rrttl, DataSrc::REFERRAL, delegation_ns_data, NULL);
+ checkFind(data_source, *query, qname, &zone_name, rrclass,
+ rrtype, rrttl, DataSrc::REFERRAL, delegation_ns_data, NULL);
+
+ // For ANY query. What should we do?
+#if 0
+ rrtype = RRType::ANY();
+ EXPECT_EQ(DataSrc::SUCCESS,
+ data_source.findRRset(*query, qname, rrclass, rrtype,
+ result_sets, find_flags, NULL));
+ EXPECT_EQ(DataSrc::REFERRAL, find_flags);
+#endif
+
+ // For NSEC query. What should we do? Probably return the NSEC + RRSIG
+ // without REFERRAL. But it currently doesn't act like so.
+#if 0
+ rrtype = RRType::NSEC();
+ checkFind(data_source, *query, qname, NULL, rrclass,
+ rrtype, RRTTL(7200), 0, delegation_nsec_data,
+ &delegation_nsec_sig_data);
+ checkFind(data_source, *query, qname, &zone_name, rrclass,
+ rrtype, RRTTL(7200), 0, delegation_nsec_data,
+ &delegation_nsec_sig_data);
+#endif
+}
+
+}
Modified: trunk/src/lib/auth/testdata/example.com.signed
==============================================================================
--- trunk/src/lib/auth/testdata/example.com.signed (original)
+++ trunk/src/lib/auth/testdata/example.com.signed Sat Mar 6 22:43:09 2010
@@ -99,7 +99,7 @@
7200 RRSIG NSEC 5 3 7200 20100322084538 (
20100220084538 33495 example.com.
FAKEFAKEFAKEFAKE )
-foo.example.com. 3600 IN CNAME cnametest.flame.org.
+foo.example.com. 3600 IN CNAME cnametest.example.org.
3600 RRSIG CNAME 5 3 3600 20100322084538 (
20100220084538 33495 example.com.
FAKEFAKEFAKEFAKE )
@@ -148,7 +148,7 @@
7200 RRSIG NSEC 5 3 7200 20100322084538 (
20100220084538 33495 example.com.
FAKEFAKEFAKEFAKE )
-*.wild.example.com. 3600 IN A 192.168.3.2
+*.wild.example.com. 3600 IN A 192.0.2.255
3600 RRSIG A 5 3 3600 20100322084538 (
20100220084538 33495 example.com.
FAKEFAKEFAKEFAKE )
@@ -167,3 +167,6 @@
;; This doesn't have an RRSIG. It makes this zone "incomplete signed",
;; but for the purpose of data source API testing it doesn't matter.
nosig.example.com. 3600 IN A 192.0.2.1
+
+;; Two labels + apex name for empty node test
+foo.bar.example.com. 3600 IN A 192.0.2.1
Modified: trunk/src/lib/auth/testdata/test.sqlite3
==============================================================================
Binary files - no diff available.
More information about the bind10-changes
mailing list