RFC4035: test EDNS support

2024-02-12 18:57:44 +01:00 · 2024-02-12 18:57:44 +01:00 · 156e005ff2
commit 156e005ff2
parent 438af31340
5 changed files with 62 additions and 0 deletions
--- a/packages/conformance-tests/src/resolver/dnssec.rs
+++ b/packages/conformance-tests/src/resolver/dnssec.rs
@ -1,3 +1,4 @@
 //! DNSSEC functionality

+mod rfc4035;
 mod scenarios;
--- a/packages/conformance-tests/src/resolver/dnssec/rfc4035.rs
+++ b/packages/conformance-tests/src/resolver/dnssec/rfc4035.rs
@ -0,0 +1 @@
+mod section_4;
--- a/packages/conformance-tests/src/resolver/dnssec/rfc4035/section_4.rs
+++ b/packages/conformance-tests/src/resolver/dnssec/rfc4035/section_4.rs
@ -0,0 +1 @@
+mod section_4_1;
--- a/packages/conformance-tests/src/resolver/dnssec/rfc4035/section_4/section_4_1.rs
+++ b/packages/conformance-tests/src/resolver/dnssec/rfc4035/section_4/section_4_1.rs
@ -0,0 +1,54 @@
+use dns_test::client::{Client, Dnssec, Recurse};
+use dns_test::name_server::NameServer;
+use dns_test::record::RecordType;
+use dns_test::tshark::{Capture, Direction};
+use dns_test::zone_file::Root;
+use dns_test::{Network, Resolver, Result, TrustAnchor, FQDN};
+
+#[test]
+#[ignore]
+fn edns_support() -> Result<()> {
+    let network = &Network::new()?;
+    let ns = NameServer::new(FQDN::ROOT, network)?.start()?;
+    let resolver = Resolver::start(
+        dns_test::subject(),
+        &[Root::new(ns.fqdn().clone(), ns.ipv4_addr())],
+        &TrustAnchor::empty(),
+        network,
+    )?;
+
+    let mut tshark = resolver.eavesdrop()?;
+
+    let client = Client::new(network)?;
+    let ans = client.dig(
+        Recurse::Yes,
+        Dnssec::Yes,
+        resolver.ipv4_addr(),
+        RecordType::SOA,
+        &FQDN::ROOT,
+    )?;
+    assert!(ans.status.is_servfail());
+
+    tshark.wait_for_capture()?;
+
+    let captures = tshark.terminate()?;
+
+    let ns_addr = ns.ipv4_addr();
+    for Capture { message, direction } in captures {
+        if let Direction::Outgoing { destination } = direction {
+            if destination == client.ipv4_addr() {
+                continue;
+            }
+
+            // sanity check
+            assert_eq!(ns_addr, destination);
+
+            if destination == ns_addr {
+                assert_eq!(Some(true), message.is_do_bit_set());
+                assert!(message.udp_payload_size().unwrap() >= 1220);
+            }
+        }
+    }
+
+    Ok(())
+}
--- a/packages/dns-test/src/client.rs
+++ b/packages/dns-test/src/client.rs
@ -237,6 +237,11 @@ impl DigStatus {
    pub fn is_nxdomain(&self) -> bool {
        matches!(self, Self::NXDOMAIN)
    }
+
+    #[must_use]
+    pub fn is_servfail(&self) -> bool {
+        matches!(self, Self::SERVFAIL)
+    }
 }

 impl FromStr for DigStatus {