Андрей Листочкин (Andrei Listochkin)
568c75ec6f
Merge pull request #65 from ferrous-systems/ja-graph-two-point-o
...
tweak `Graph::build` to support anydomain.com. as leaf zone
2024-05-23 12:22:37 +01:00
Jorge Aparicio
f87d98eaaf
explore: use Graph
API and use mydomain.com.
as leaf zone
2024-05-23 13:11:04 +02:00
Jorge Aparicio
a0909f3c04
tweak Graph::build
to support anydomain.com. as leaf zone
2024-05-23 13:10:53 +02:00
Jorge Aparicio
ab2aa39b06
NameServer: fix generation of SOA record
...
`unbound` requires that the MNAME lies underneath the zone. That is
`primaryNN.nameservers.com.` is not a valid MNAME for a nameserver
authoritative over `mydomain.com.`. For that zone,
`primaryNN.mydomain.com.` would be a valid MNAME.
2024-05-23 13:10:53 +02:00
Jorge Aparicio
0ba63a167d
Merge pull request #58 from ferrous-systems/refactor-test-helpers
...
Refactor test helpers
2024-05-22 19:07:58 +02:00
Sebastian Ziebell
0ea1397480
Add function to return root hint
...
This adds a function to `NameServer` to return root hints.
2024-05-22 19:00:55 +02:00
Sebastian Ziebell
0bcf749617
Add function to set referral via other nameserver
...
* fix clippy lints
2024-05-22 18:51:44 +02:00
Sebastian Ziebell
96b3b6650d
Add function to return A record
...
A NameServer can now return the `Record::A` entry for itself.
2024-05-22 18:49:12 +02:00
Jorge Aparicio
14ee8fd6cc
Merge pull request #57 from ferrous-systems/ja-clear-ad-bit-on-queries
...
resolver: check that out queries don't have the AD bit
2024-05-22 18:06:26 +02:00
Jorge Aparicio
2de7139bc6
resolver: check that out queries don't have the AD bit
2024-05-22 17:56:57 +02:00
Jorge Aparicio
a58fb71eeb
Merge pull request #56 from ferrous-systems/ja-cd-bit-handling
...
resolver: add CD bit handling tests
2024-05-22 17:49:11 +02:00
Jorge Aparicio
b6e97bf3b6
move existing test into RFC4035 section 3.2.2
2024-05-22 17:44:08 +02:00
Jorge Aparicio
8f414879b8
test CD bit forwarding
2024-05-22 17:39:13 +02:00
Jorge Aparicio
c50b28262e
Merge pull request #53 from ferrous-systems/ja-do-bit-tests
...
resolver: test DO bit handling
2024-05-22 14:56:14 +02:00
Jorge Aparicio
8b582baffc
resolver: test DO bit handling
...
this corresponds to section 3.2.1 of RFC4035
2024-05-22 14:47:06 +02:00
Jorge Aparicio
b3b214317a
Merge pull request #54 from ferrous-systems/ja-ds-query
...
resolver: test that DS query is sent to parent zone
2024-05-22 14:44:38 +02:00
Jorge Aparicio
261b9f4428
resolver: test that DS query is sent to parent zone
2024-05-22 14:38:50 +02:00
Jorge Aparicio
fef26b7139
dns-test: add getters & make some fields public
2024-05-22 14:32:02 +02:00
Jorge Aparicio
3a54e693fa
Merge pull request #31 from ferrous-systems/ja-explore-opt-in-dnssec
...
`explore`: make DNSSEC opt-in
2024-05-22 14:31:40 +02:00
Jorge Aparicio
5d15aa2228
explore
: generate bind.keys
w/o querying resolver
...
this avoids the resolver caching any query. that way `tshark` can
observe all the messages involved in DNSSEC validating a query "from
scratch"
2024-05-22 14:26:55 +02:00
Jorge Aparicio
1aab8812df
explore
: make DNSSEC opt-in
2024-05-22 14:26:55 +02:00
Jorge Aparicio
a9c6e42715
Merge pull request #52 from ferrous-systems/ja-use-default-cache-size
...
hickory/resolver: drop _cache_size settings
2024-05-22 14:26:23 +02:00
Jorge Aparicio
b840819998
hickory/resolver: drop _cache_size settings
...
they are not required as default values exist
2024-05-22 14:21:38 +02:00
Jorge Aparicio
e12a1f4d92
Merge pull request #44 from ferrous-systems/ja-clippier
...
CI: make clippy check cfg(test) code, tests & examples
2024-05-22 14:21:17 +02:00
Jorge Aparicio
49990d2530
fix previously undetected clippy warning
2024-05-22 14:16:53 +02:00
Jorge Aparicio
cd2895a168
CI: make clippy check cfg(test) code, tests & examples
2024-05-22 14:16:53 +02:00
Jorge Aparicio
76d308c984
Merge pull request #43 from ferrous-systems/ja-immutable-subject-peer
...
turn `dns_test::{subject,peer}` into immutable statics
2024-05-22 14:16:27 +02:00
Jorge Aparicio
58239028f4
turn dns_test::{subject,peer} into immutable statics
...
using `std::env::set_var` to set or change the value of either
DNS_TEST_SUBJECT or DNS_TEST_PEER is A Bad Idea, specially so when
tests are running in parallel
we can't forbid the use of `env::set_var` _but_ at least we can ensure
that even in its presence the return value of `dns_test::{subject,peer}`
will not change
this is accomplished using a "lazy" static variable that gets
initialized at most once during the lifetime of the process instead of
reading the env var each time `{subject,peer}` is called
to better convey the fact that the return value of `{subject,peer}`
won't change, we present them as static variables instead
2024-05-22 14:03:18 +02:00
Sebastian Ziebell
2e46421927
Check hickory-dns is fully started
...
When starting `hickory-dns` there is no easy way to check the start
sequence has finished & its fully ready to accept connections. Other
tools, e.g. unbound, are designed as services, they will correctly
manage their `pidfile`. They also could be queried by the `servicectl`
inside the Docker container.
2024-05-21 15:05:29 +01:00
Jorge Aparicio
fe3961ffe1
Merge pull request #42 from ferrous-systems/ja-terminate-hickory
...
implement terminate for Hickory
2024-05-08 12:44:14 +02:00
Jorge Aparicio
4f277c1dbb
implement terminate for Hickory
...
both in the NameServer and Resolver roles
2024-04-22 17:14:11 +02:00
Jorge Aparicio
6189787d9f
Merge pull request #51 from ferrous-systems/ja-hickory-name-server-take-2
...
support Hickory in the NameServer role
2024-04-22 16:51:29 +02:00
Jorge Aparicio
74e4797061
add a DNSSEC-disabled NameServer scenario test
...
to ensure that hickory-dns is correctly configured to work in NameServer
mode
2024-04-22 16:40:56 +02:00
Jorge Aparicio
ce222b3de1
support Hickory in NameServer role
...
note that because Hickory does not support pre-signed zone files all the
DNSSEC tests fail with it
2024-04-22 16:40:56 +02:00
Jorge Aparicio
05ffecec45
add a few NameServer role DNSSEC tests
2024-04-22 16:40:56 +02:00
Jorge Aparicio
4ce9ec9937
Merge pull request #50 from ferrous-systems/ja-ede-support-take-2
...
add support for Extended DNS Error (EDE)
2024-04-22 16:40:38 +02:00
Jorge Aparicio
b96aa89da9
add more EDE tests
2024-04-22 16:23:03 +02:00
Jorge Aparicio
4d31eca533
use Graph to simplify tests
2024-04-22 16:23:03 +02:00
Jorge Aparicio
7bb6b9439c
add name_server::Graph
2024-04-22 16:23:03 +02:00
Jorge Aparicio
95f94e2c7b
add first EDE test
2024-04-22 16:23:03 +02:00
Jorge Aparicio
31048f5cd0
extend DNSKEY API
2024-04-22 16:23:03 +02:00
Jorge Aparicio
dc19776107
parse EDE info from dig's output
2024-04-22 16:23:03 +02:00
Jorge Aparicio
166863bcc4
allow enabling Extended DNS Errors (EDE)
2024-04-22 16:23:03 +02:00
Jorge Aparicio
75de211a06
Merge pull request #49 from ferrous-systems/ja-resolver-builder-take-2
...
refactor: use builder pattern in Resolver ctor
2024-04-22 16:22:38 +02:00
Jorge Aparicio
70245e7ff8
refactor: use builder pattern in Resolver ctor
...
the `start` constructor's parameter list was getting long and we want to
add even more configuration options, like EDE, in the future.
using the builder pattern lets us introduce new settings without
breaking changes
2024-04-22 16:18:47 +02:00
Jorge Aparicio
63c95fd0db
Merge pull request #48 from ferrous-systems/ja-refactor-impl-take-2
...
refactor Implementation branching into its own module
2024-04-22 16:18:24 +02:00
Jorge Aparicio
9689568974
refactor Implementation branching into its own module
2024-04-22 16:07:36 +02:00
Jorge Aparicio
4f024887e0
CI: test unbound (subject) against BIND (peers)
2024-03-28 21:41:31 +00:00
Jorge Aparicio
7aa9d543b4
support BIND in the NameServer role
2024-03-28 21:41:31 +00:00
Jorge Aparicio
d25cc923ec
Merge pull request #27 from ferrous-systems/ja-bind-impl
...
support using BIND in the Resolver role
2024-03-11 12:04:58 +01:00