colin/hickory-dns
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
146 Commits 2 Branches 0 Tags 14 MiB
c50b28262e
Commit Graph

66 Commits

Author SHA1 Message Date
Jorge Aparicio
8b582baffc resolver: test DO bit handling 
this corresponds to section 3.2.1 of RFC4035
 2024-05-22 14:47:06 +02:00
Jorge Aparicio
261b9f4428 resolver: test that DS query is sent to parent zone 2024-05-22 14:38:50 +02:00
Jorge Aparicio
fef26b7139 dns-test: add getters & make some fields public 2024-05-22 14:32:02 +02:00
Jorge Aparicio
5d15aa2228 explore: generate bind.keys w/o querying resolver 
this avoids the resolver caching any query. that way `tshark` can
observe all the messages involved in DNSSEC validating a query "from
scratch"
 2024-05-22 14:26:55 +02:00
Jorge Aparicio
1aab8812df explore: make DNSSEC opt-in 2024-05-22 14:26:55 +02:00
Jorge Aparicio
b840819998 hickory/resolver: drop _cache_size settings 
they are not required as default values exist
 2024-05-22 14:21:38 +02:00
Jorge Aparicio
49990d2530 fix previously undetected clippy warning 2024-05-22 14:16:53 +02:00
Jorge Aparicio
58239028f4 turn dns_test::{subject,peer} into immutable statics 
using `std::env::set_var` to set or change the value of either
DNS_TEST_SUBJECT or DNS_TEST_PEER  is A Bad Idea, specially so when
tests  are running in parallel

we can't forbid the use of `env::set_var` _but_ at least we can ensure
that even in its presence the return value of `dns_test::{subject,peer}`
will not change

this is accomplished using a "lazy" static variable that gets
initialized at most once during the lifetime of the process instead of
reading the env var each time `{subject,peer}` is called

to better convey the fact that the return value of `{subject,peer}`
won't change, we present them as static variables instead
 2024-05-22 14:03:18 +02:00
Sebastian Ziebell
2e46421927 Check hickory-dns is fully started 
When starting `hickory-dns` there is no easy way to check the start
sequence has finished & its fully ready to accept connections. Other
tools, e.g. unbound, are designed as services, they will correctly
manage their `pidfile`. They also could be queried by the `servicectl`
inside the Docker container.
 2024-05-21 15:05:29 +01:00
Jorge Aparicio
4f277c1dbb implement terminate for Hickory 
both in the NameServer and Resolver roles
 2024-04-22 17:14:11 +02:00
Jorge Aparicio
74e4797061 add a DNSSEC-disabled NameServer scenario test 
to ensure that hickory-dns is correctly configured to work in NameServer
mode
 2024-04-22 16:40:56 +02:00
Jorge Aparicio
ce222b3de1 support Hickory in NameServer role 
note that because Hickory does not support pre-signed zone files all the
DNSSEC tests fail with it
 2024-04-22 16:40:56 +02:00
Jorge Aparicio
05ffecec45 add a few NameServer role DNSSEC tests 2024-04-22 16:40:56 +02:00
Jorge Aparicio
b96aa89da9 add more EDE tests 2024-04-22 16:23:03 +02:00
Jorge Aparicio
4d31eca533 use Graph to simplify tests 2024-04-22 16:23:03 +02:00
Jorge Aparicio
7bb6b9439c add name_server::Graph 2024-04-22 16:23:03 +02:00
Jorge Aparicio
95f94e2c7b add first EDE test 2024-04-22 16:23:03 +02:00
Jorge Aparicio
31048f5cd0 extend DNSKEY API 2024-04-22 16:23:03 +02:00
Jorge Aparicio
dc19776107 parse EDE info from dig's output 2024-04-22 16:23:03 +02:00
Jorge Aparicio
166863bcc4 allow enabling Extended DNS Errors (EDE) 2024-04-22 16:23:03 +02:00
Jorge Aparicio
70245e7ff8 refactor: use builder pattern in Resolver ctor 
the `start` constructor's parameter list was getting long and we want to
add even more configuration options, like EDE, in the future.

using the builder pattern lets us introduce new settings without
breaking changes
 2024-04-22 16:18:47 +02:00
Jorge Aparicio
9689568974 refactor Implementation branching into its own module 2024-04-22 16:07:36 +02:00
Jorge Aparicio
7aa9d543b4 support BIND in the NameServer role 2024-03-28 21:41:31 +00:00
Jorge Aparicio
2c4ef88a98 support using BIND in the Resolver role 2024-03-11 11:59:56 +01:00
Jorge Aparicio
ab9b1e68cc also take Impl by ref in Resolver::new 
mainly for symmetry. the existing tests don't clone the subject so the
code does not become any shorter
 2024-02-26 14:48:48 +01:00
Jorge Aparicio
49b2abc6be take Impl by ref in NameServer::new 
this eliminates the need for cloning in tests that use more than one
name server, making the code more succint / less noisy
 2024-02-26 14:48:48 +01:00
Jorge Aparicio
6fda01af00 parse authority section from dig's output 2024-02-26 14:40:33 +01:00
Андрей Листочкин (Andrei Listochkin)
eda8fd6ec3
Merge branch 'main' into ja-explicit-license 2024-02-26 13:13:45 +00:00
Jorge Aparicio
5f26698a51 make license more visible 
it was already in the Cargo.toml metadata but add the files and mention
it in the README
 2024-02-26 12:28:42 +01:00
Jorge Aparicio
a39afe6412 test a bogus DNSSEC scenario 2024-02-26 11:50:48 +01:00
Jorge Aparicio
b87ae21d2a make dig queries more configurable 
switch from enum arguments like `Recurse` and `Dnssec` to a
build-pattern-based `Settings` struct
 2024-02-26 11:50:48 +01:00
Jorge Aparicio
df344e57b1 fix integer types in RRSIG 2024-02-26 11:50:48 +01:00
Jorge Aparicio
16e83b1d6b move secure DNSSEC scenarios into a module 2024-02-26 11:50:48 +01:00
Jorge Aparicio
1592454395 allow mutation of signed zone file 2024-02-26 11:50:48 +01:00
Jorge Aparicio
57a1fc9231 parse more record types 2024-02-26 11:50:48 +01:00
Jorge Aparicio
66d6061ffc drop most zone_file entry types 
instead use the record types in zone files

the main difference between e.g. zone_file::A and record::A was that the
latter had a TTL filed and the former didn't

to eliminate code duplication we make the `ZoneFile` API use the
`record` types and discard the zone_file entry types
 2024-02-26 11:50:43 +01:00
Jorge Aparicio
a83b6629a3 drop generic lifetime parameters from types 
none of the parsing we are doing requires a non-static lifetime
 2024-02-26 11:43:25 +01:00
Jorge Aparicio
56a9613615 fix the explore example 2024-02-23 15:35:51 +01:00
Андрей Листочкин (Andrei Listochkin)
9f03274589
Merge pull request #19 from japaric/ja-dns-test-peer 
add `dns_test::peer` and use it to initialize `NameServer`
 2024-02-23 13:59:25 +00:00
Jorge Aparicio
98cb9ddaae add a Client image 2024-02-23 13:21:07 +01:00
Jorge Aparicio
c0b681e0a3 add an Implementation parameter to NameServer::new 
use `dns_test::peer` for name servers in conformance tests
 2024-02-23 12:48:34 +01:00
Jorge Aparicio
59dc60c5c4 enable verbose docker build with any value of DNS_TEST_VERBOSE_DOCKER_BUILD 2024-02-20 16:36:52 +01:00
Jorge Aparicio
86284cce4b add explore example 2024-02-20 16:30:41 +01:00
Jorge Aparicio
709a8406b1 document what ./src refers to in hickory.Dockerfile 2024-02-20 10:28:13 +01:00
Jorge Aparicio
1cb7ee40fe perform some validation of the repository argument 2024-02-20 10:28:11 +01:00
Jorge Aparicio
0afae4f042 don't include the .git directory in the context send to docker build 
without this `DNS_TEST_SUBJECT="hickory $URL" cargo t` was re-building
hickory from scratch even when its source had not change

not including the `.git` directory in the hickory repository lets Docker
see that the source code has not changed
 2024-02-20 10:26:33 +01:00
Jorge Aparicio
55184172e3 build hickory from a local/remote git source 
DNS_TEST_SUBJECT now needs to contain the URL to the hickory source code
 2024-02-20 10:26:33 +01:00
Jorge Aparicio
0e2b35699c add mechanism to make docker build visible 
set the DNS_TEST_VERBOSE_DOCKER_BUILD env var to 1 to make the `docker
build` command print its output to the console
 2024-02-20 10:26:33 +01:00
Jorge Aparicio
156e005ff2 RFC4035: test EDNS support 2024-02-19 13:22:15 +01:00
Jorge Aparicio
438af31340 Tshark: newtype the json::Value & add some getters 2024-02-19 12:56:40 +01:00