sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-26 10:04:02 +03:00
Code
samba-mirror/python/samba/tests/dns.py

1484 lines
59 KiB
Python
Raw Normal View History

s4 dns: Add a first test case
2011-11-11 00:32:09 +01:00
# Unix SMB/CIFS implementation.
# Copyright (C) Kai Blin <kai@samba.org> 2011
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#
samba python tests: convert print func to be py2/py3 compatible Signed-off-by: Noel Power <noel.power@suse.com> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2018-03-09 13:38:42 +00:00
from __future__ import print_function
dns: record aging tests First basic DNS record aging tests. These check that we can turn aging on and off, and that timestamps are written on DNS add and update calls, but not RPC calls. BUG: https://bugzilla.samba.org/show_bug.cgi?id=10812 Signed-off-by: Aaron Haslett <aaronhaslett@catalyst.net.nz> Reviewed-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-05-09 18:02:28 +12:00
from samba import dsdb
from samba.ndr import ndr_unpack, ndr_pack
from samba.samdb import SamDB
from samba.auth import system_session
import ldb
s4 dns: Add a first test case
2011-11-11 00:32:09 +01:00
import os
CVE-2016-0771: tests/dns: change samba.tests.dns from being a unittest This makes it easier to invoke, particularly against Windows. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-29 17:03:56 +13:00
import sys
s4 dns: Add a first test case
2011-11-11 00:32:09 +01:00
import struct
import random
dns.py: Use the python socket module. We preload socket_wrapper, no need to use the special module. Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-07-05 12:07:49 +02:00
import socket
s4 dns: Add a first test case
2011-11-11 00:32:09 +01:00
import samba.ndr as ndr
dns.py: Test dns server reload zones from DSDB when are created or deleted Signed-off-by: Samuel Cabrero <samuelcabrero@kernevil.me> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2014-12-16 18:04:13 +01:00
from samba import credentials, param
CVE-2016-0771: tests/dns: Modify dns tests to match new IDL BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-06 14:12:35 +13:00
from samba.dcerpc import dns, dnsp, dnsserver
CVE-2016-0771: tests/dns: RPC => DNS roundtrip test Make sure that TXT entries stored via RPC come out the same in DNS. This has one caveat in that adding over RPC in Windows eats slashes, and so fails there. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-28 12:54:58 +13:00
from samba.netcmd.dns import TXTRecord, dns_record_match, data_to_dns_record
CVE-2016-0771: tests/dns: change samba.tests.dns from being a unittest This makes it easier to invoke, particularly against Windows. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-29 17:03:56 +13:00
from samba.tests.subunitrun import SubunitOptions, TestProgram
selftest: run dns tests in multiple envs This will let us check the negative behaviour: that updates against RODCs fail and un-authenticated updates fail. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-06-08 16:20:42 +12:00
from samba import werror, WERRORError
selftest: Create new common base class for dns.py and dns_tkey.py This will allow more DNS tests to be written in the future with less code duplication.
2017-06-01 13:26:37 +12:00
from samba.tests.dns_base import DNSTest
CVE-2016-0771: tests/dns: change samba.tests.dns from being a unittest This makes it easier to invoke, particularly against Windows. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-29 17:03:56 +13:00
import samba.getopt as options
import optparse
parser = optparse.OptionParser("dns.py <server name> <server ip> [options]")
sambaopts = options.SambaOptions(parser)
parser.add_option_group(sambaopts)
s4 dns: Add a first test case
2011-11-11 00:32:09 +01:00
CVE-2016-0771: tests/dns: FORMERR can simply timeout against Windows Two requests with identical parameters which are poorly formatted, can non-deterministically return FORMERR or simply fail to give a response. Setting the timeout to a number allows Windows to succeed. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-21 15:43:55 +13:00
# This timeout only has relevance when testing against Windows
# Format errors tend to return patchy responses, so a timeout is needed.
CVE-2016-0771: tests/dns: change samba.tests.dns from being a unittest This makes it easier to invoke, particularly against Windows. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-29 17:03:56 +13:00
parser.add_option("--timeout", type="int", dest="timeout",
help="Specify timeout for DNS requests")
# use command line creds if available
credopts = options.CredentialsOptions(parser)
parser.add_option_group(credopts)
subunitopts = SubunitOptions(parser)
parser.add_option_group(subunitopts)
opts, args = parser.parse_args()
lp = sambaopts.get_loadparm()
creds = credopts.get_credentials(lp)
timeout = opts.timeout
if len(args) < 2:
parser.print_usage()
sys.exit(1)
server_name = args[0]
server_ip = args[1]
creds.set_krb_forwardable(credentials.NO_KRB_FORWARDABLE)
dns: more debug debug options in the tests Signed-off-by: Kai Blin <kai@samba.org> Reviewed-By: Amitay Isaacs <amitay@gmail.com>
2013-01-14 00:56:48 +01:00
s4 dns: Structure tests a bit better
2012-05-30 08:08:53 +02:00
class TestSimpleQueries(DNSTest):
selftest: merge DNSTest boilerplate This will help unifying dns.py and dns_tkey.py to use common subclasses The code was originally copied, but has since divereged. This handles that divergence. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-06-09 10:00:09 +12:00
def setUp(self):
super(TestSimpleQueries, self).setUp()
global server, server_ip, lp, creds, timeout
self.server = server_name
self.server_ip = server_ip
self.lp = lp
self.creds = creds
self.timeout = timeout
s4-python: Formatting fixes, break lines. Autobuild-User(master): Jelmer Vernooij <jelmer@samba.org> Autobuild-Date(master): Sun Sep 16 15:58:04 CEST 2012 on sn-devel-104
2012-09-16 14:18:51 +02:00
s4 dns: Add a first test case
2011-11-11 00:32:09 +01:00
def test_one_a_query(self):
"create a query packet containing one query record"
p = self.make_name_packet(dns.DNS_OPCODE_QUERY)
questions = []
CVE-2016-0771: tests/dns: Remove dependencies on env variables Now that it is invoked as a normal script, there should be less of them. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-29 17:28:54 +13:00
name = "%s.%s" % (self.server, self.get_dns_domain())
s4 dns: Add a first test case
2011-11-11 00:32:09 +01:00
q = self.make_name_question(name, dns.DNS_QTYPE_A, dns.DNS_QCLASS_IN)
samba python tests: convert print func to be py2/py3 compatible Signed-off-by: Noel Power <noel.power@suse.com> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2018-03-09 13:38:42 +00:00
print("asking for ", q.name)
s4 dns: Add a first test case
2011-11-11 00:32:09 +01:00
questions.append(q)
self.finish_name_packet(p, questions)
selftest: merge DNSTest boilerplate This will help unifying dns.py and dns_tkey.py to use common subclasses The code was originally copied, but has since divereged. This handles that divergence. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-06-09 10:00:09 +12:00
(response, response_packet) = self.dns_transaction_udp(p, host=server_ip)
s4 dns: Add a first test case
2011-11-11 00:32:09 +01:00
self.assert_dns_rcode_equals(response, dns.DNS_RCODE_OK)
self.assert_dns_opcode_equals(response, dns.DNS_OPCODE_QUERY)
s4 dns: Check more of the returned values for the A query
2011-11-24 12:10:40 +01:00
self.assertEquals(response.ancount, 1)
self.assertEquals(response.answers[0].rdata,
CVE-2016-0771: tests/dns: Remove dependencies on env variables Now that it is invoked as a normal script, there should be less of them. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-29 17:28:54 +13:00
self.server_ip)
s4 dns: Add a first test case
2011-11-11 00:32:09 +01:00
selftest: confirm we clobber the MNAME in the SOA query in the DNS server All RW DCs should be their own master DNS server. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-06-08 15:54:22 +12:00
def test_one_SOA_query(self):
"create a query packet containing one query record for the SOA"
p = self.make_name_packet(dns.DNS_OPCODE_QUERY)
questions = []
name = "%s" % (self.get_dns_domain())
q = self.make_name_question(name, dns.DNS_QTYPE_SOA, dns.DNS_QCLASS_IN)
samba python tests: convert print func to be py2/py3 compatible Signed-off-by: Noel Power <noel.power@suse.com> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2018-03-09 13:38:42 +00:00
print("asking for ", q.name)
selftest: confirm we clobber the MNAME in the SOA query in the DNS server All RW DCs should be their own master DNS server. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-06-08 15:54:22 +12:00
questions.append(q)
self.finish_name_packet(p, questions)
selftest: merge DNSTest boilerplate This will help unifying dns.py and dns_tkey.py to use common subclasses The code was originally copied, but has since divereged. This handles that divergence. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-06-09 10:00:09 +12:00
(response, response_packet) = self.dns_transaction_udp(p, host=server_ip)
selftest: confirm we clobber the MNAME in the SOA query in the DNS server All RW DCs should be their own master DNS server. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-06-08 15:54:22 +12:00
self.assert_dns_rcode_equals(response, dns.DNS_RCODE_OK)
self.assert_dns_opcode_equals(response, dns.DNS_OPCODE_QUERY)
self.assertEquals(response.ancount, 1)
self.assertEquals(response.answers[0].rdata.mname.upper(),
("%s.%s" % (self.server, self.get_dns_domain())).upper())
s4 dns: Fix TCP handling in the DNS server Autobuild-User: Kai Blin <kai@samba.org> Autobuild-Date: Tue Mar 6 21:17:19 CET 2012 on sn-devel-104
2012-03-06 08:49:16 +01:00
def test_one_a_query_tcp(self):
"create a query packet containing one query record via TCP"
p = self.make_name_packet(dns.DNS_OPCODE_QUERY)
questions = []
CVE-2016-0771: tests/dns: Remove dependencies on env variables Now that it is invoked as a normal script, there should be less of them. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-29 17:28:54 +13:00
name = "%s.%s" % (self.server, self.get_dns_domain())
s4 dns: Fix TCP handling in the DNS server Autobuild-User: Kai Blin <kai@samba.org> Autobuild-Date: Tue Mar 6 21:17:19 CET 2012 on sn-devel-104
2012-03-06 08:49:16 +01:00
q = self.make_name_question(name, dns.DNS_QTYPE_A, dns.DNS_QCLASS_IN)
samba python tests: convert print func to be py2/py3 compatible Signed-off-by: Noel Power <noel.power@suse.com> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2018-03-09 13:38:42 +00:00
print("asking for ", q.name)
s4 dns: Fix TCP handling in the DNS server Autobuild-User: Kai Blin <kai@samba.org> Autobuild-Date: Tue Mar 6 21:17:19 CET 2012 on sn-devel-104
2012-03-06 08:49:16 +01:00
questions.append(q)
self.finish_name_packet(p, questions)
selftest: merge DNSTest boilerplate This will help unifying dns.py and dns_tkey.py to use common subclasses The code was originally copied, but has since divereged. This handles that divergence. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-06-09 10:00:09 +12:00
(response, response_packet) = self.dns_transaction_tcp(p, host=server_ip)
s4 dns: Fix TCP handling in the DNS server Autobuild-User: Kai Blin <kai@samba.org> Autobuild-Date: Tue Mar 6 21:17:19 CET 2012 on sn-devel-104
2012-03-06 08:49:16 +01:00
self.assert_dns_rcode_equals(response, dns.DNS_RCODE_OK)
self.assert_dns_opcode_equals(response, dns.DNS_OPCODE_QUERY)
self.assertEquals(response.ancount, 1)
self.assertEquals(response.answers[0].rdata,
CVE-2016-0771: tests/dns: Remove dependencies on env variables Now that it is invoked as a normal script, there should be less of them. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-29 17:28:54 +13:00
self.server_ip)
s4 dns: Fix TCP handling in the DNS server Autobuild-User: Kai Blin <kai@samba.org> Autobuild-Date: Tue Mar 6 21:17:19 CET 2012 on sn-devel-104
2012-03-06 08:49:16 +01:00
bug #10471: Don't respond with NXDOMAIN to records that exist with another type DNS queries for records with the wrong type need to trigger an empty response with RCODE_OK instead of returning NXDOMAIN. This adds a test and fixes bug #10471 Signed-off-by: Kai Blin <kai@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2014-02-27 23:49:24 +01:00
def test_one_mx_query(self):
"create a query packet causing an empty RCODE_OK answer"
p = self.make_name_packet(dns.DNS_OPCODE_QUERY)
questions = []
CVE-2016-0771: tests/dns: Remove dependencies on env variables Now that it is invoked as a normal script, there should be less of them. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-29 17:28:54 +13:00
name = "%s.%s" % (self.server, self.get_dns_domain())
bug #10471: Don't respond with NXDOMAIN to records that exist with another type DNS queries for records with the wrong type need to trigger an empty response with RCODE_OK instead of returning NXDOMAIN. This adds a test and fixes bug #10471 Signed-off-by: Kai Blin <kai@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2014-02-27 23:49:24 +01:00
q = self.make_name_question(name, dns.DNS_QTYPE_MX, dns.DNS_QCLASS_IN)
samba python tests: convert print func to be py2/py3 compatible Signed-off-by: Noel Power <noel.power@suse.com> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2018-03-09 13:38:42 +00:00
print("asking for ", q.name)
bug #10471: Don't respond with NXDOMAIN to records that exist with another type DNS queries for records with the wrong type need to trigger an empty response with RCODE_OK instead of returning NXDOMAIN. This adds a test and fixes bug #10471 Signed-off-by: Kai Blin <kai@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2014-02-27 23:49:24 +01:00
questions.append(q)
self.finish_name_packet(p, questions)
selftest: merge DNSTest boilerplate This will help unifying dns.py and dns_tkey.py to use common subclasses The code was originally copied, but has since divereged. This handles that divergence. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-06-09 10:00:09 +12:00
(response, response_packet) = self.dns_transaction_udp(p, host=server_ip)
bug #10471: Don't respond with NXDOMAIN to records that exist with another type DNS queries for records with the wrong type need to trigger an empty response with RCODE_OK instead of returning NXDOMAIN. This adds a test and fixes bug #10471 Signed-off-by: Kai Blin <kai@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2014-02-27 23:49:24 +01:00
self.assert_dns_rcode_equals(response, dns.DNS_RCODE_OK)
self.assert_dns_opcode_equals(response, dns.DNS_OPCODE_QUERY)
self.assertEquals(response.ancount, 0)
dns: Extend tests for records with another type Add another check to the one added for bug #10471, for added paranoia Signed-off-by: Kai Blin <kai@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Kai Blin <kai@samba.org> Autobuild-Date(master): Tue Mar 4 15:47:10 CET 2014 on sn-devel-104
2014-02-28 10:35:07 +01:00
p = self.make_name_packet(dns.DNS_OPCODE_QUERY)
questions = []
CVE-2016-0771: tests/dns: Remove dependencies on env variables Now that it is invoked as a normal script, there should be less of them. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-29 17:28:54 +13:00
name = "invalid-%s.%s" % (self.server, self.get_dns_domain())
dns: Extend tests for records with another type Add another check to the one added for bug #10471, for added paranoia Signed-off-by: Kai Blin <kai@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Kai Blin <kai@samba.org> Autobuild-Date(master): Tue Mar 4 15:47:10 CET 2014 on sn-devel-104
2014-02-28 10:35:07 +01:00
q = self.make_name_question(name, dns.DNS_QTYPE_MX, dns.DNS_QCLASS_IN)
samba python tests: convert print func to be py2/py3 compatible Signed-off-by: Noel Power <noel.power@suse.com> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2018-03-09 13:38:42 +00:00
print("asking for ", q.name)
dns: Extend tests for records with another type Add another check to the one added for bug #10471, for added paranoia Signed-off-by: Kai Blin <kai@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Kai Blin <kai@samba.org> Autobuild-Date(master): Tue Mar 4 15:47:10 CET 2014 on sn-devel-104
2014-02-28 10:35:07 +01:00
questions.append(q)
self.finish_name_packet(p, questions)
selftest: merge DNSTest boilerplate This will help unifying dns.py and dns_tkey.py to use common subclasses The code was originally copied, but has since divereged. This handles that divergence. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-06-09 10:00:09 +12:00
(response, response_packet) = self.dns_transaction_udp(p, host=server_ip)
dns: Extend tests for records with another type Add another check to the one added for bug #10471, for added paranoia Signed-off-by: Kai Blin <kai@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Kai Blin <kai@samba.org> Autobuild-Date(master): Tue Mar 4 15:47:10 CET 2014 on sn-devel-104
2014-02-28 10:35:07 +01:00
self.assert_dns_rcode_equals(response, dns.DNS_RCODE_NXDOMAIN)
self.assert_dns_opcode_equals(response, dns.DNS_OPCODE_QUERY)
self.assertEquals(response.ancount, 0)
s4 dns: Add a first test case
2011-11-11 00:32:09 +01:00
def test_two_queries(self):
"create a query packet containing two query records"
p = self.make_name_packet(dns.DNS_OPCODE_QUERY)
questions = []
CVE-2016-0771: tests/dns: Remove dependencies on env variables Now that it is invoked as a normal script, there should be less of them. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-29 17:28:54 +13:00
name = "%s.%s" % (self.server, self.get_dns_domain())
s4 dns: Add a first test case
2011-11-11 00:32:09 +01:00
q = self.make_name_question(name, dns.DNS_QTYPE_A, dns.DNS_QCLASS_IN)
questions.append(q)
name = "%s.%s" % ('bogusname', self.get_dns_domain())
q = self.make_name_question(name, dns.DNS_QTYPE_A, dns.DNS_QCLASS_IN)
questions.append(q)
self.finish_name_packet(p, questions)
CVE-2016-0771: tests/dns: FORMERR can simply timeout against Windows Two requests with identical parameters which are poorly formatted, can non-deterministically return FORMERR or simply fail to give a response. Setting the timeout to a number allows Windows to succeed. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-21 15:43:55 +13:00
try:
selftest: merge DNSTest boilerplate This will help unifying dns.py and dns_tkey.py to use common subclasses The code was originally copied, but has since divereged. This handles that divergence. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-06-09 10:00:09 +12:00
(response, response_packet) = self.dns_transaction_udp(p, host=server_ip)
CVE-2016-0771: tests/dns: FORMERR can simply timeout against Windows Two requests with identical parameters which are poorly formatted, can non-deterministically return FORMERR or simply fail to give a response. Setting the timeout to a number allows Windows to succeed. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-21 15:43:55 +13:00
self.assert_dns_rcode_equals(response, dns.DNS_RCODE_FORMERR)
except socket.timeout:
# Windows chooses not to respond to incorrectly formatted queries.
# Although this appears to be non-deterministic even for the same
# request twice, it also appears to be based on a how poorly the
# request is formatted.
pass
s4 dns: Add a first test case
2011-11-11 00:32:09 +01:00
s4 dns: Test QTYPE_ALL query
2011-11-24 12:11:26 +01:00
def test_qtype_all_query(self):
"create a QTYPE_ALL query"
p = self.make_name_packet(dns.DNS_OPCODE_QUERY)
questions = []
CVE-2016-0771: tests/dns: Remove dependencies on env variables Now that it is invoked as a normal script, there should be less of them. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-29 17:28:54 +13:00
name = "%s.%s" % (self.server, self.get_dns_domain())
s4 dns: Test QTYPE_ALL query
2011-11-24 12:11:26 +01:00
q = self.make_name_question(name, dns.DNS_QTYPE_ALL, dns.DNS_QCLASS_IN)
samba python tests: convert print func to be py2/py3 compatible Signed-off-by: Noel Power <noel.power@suse.com> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2018-03-09 13:38:42 +00:00
print("asking for ", q.name)
s4 dns: Test QTYPE_ALL query
2011-11-24 12:11:26 +01:00
questions.append(q)
self.finish_name_packet(p, questions)
selftest: merge DNSTest boilerplate This will help unifying dns.py and dns_tkey.py to use common subclasses The code was originally copied, but has since divereged. This handles that divergence. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-06-09 10:00:09 +12:00
(response, response_packet) = self.dns_transaction_udp(p, host=server_ip)
s4 dns: Test QTYPE_ALL query
2011-11-24 12:11:26 +01:00
num_answers = 1
s4 dns: Run python tests in fl2003dc env
2012-09-11 00:14:39 +02:00
dc_ipv6 = os.getenv('SERVER_IPV6')
s4 dns: Test QTYPE_ALL query
2011-11-24 12:11:26 +01:00
if dc_ipv6 is not None:
num_answers += 1
self.assert_dns_rcode_equals(response, dns.DNS_RCODE_OK)
self.assert_dns_opcode_equals(response, dns.DNS_OPCODE_QUERY)
self.assertEquals(response.ancount, num_answers)
self.assertEquals(response.answers[0].rdata,
CVE-2016-0771: tests/dns: Remove dependencies on env variables Now that it is invoked as a normal script, there should be less of them. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-29 17:28:54 +13:00
self.server_ip)
s4 dns: Test QTYPE_ALL query
2011-11-24 12:11:26 +01:00
if dc_ipv6 is not None:
self.assertEquals(response.answers[1].rdata, dc_ipv6)
s4 dns: Add a first test case
2011-11-11 00:32:09 +01:00
s4 dns: Test QCLASS_NONE query Autobuild-User: Kai Blin <kai@samba.org> Autobuild-Date: Thu Nov 24 14:10:45 CET 2011 on sn-devel-104
2011-11-24 12:14:55 +01:00
def test_qclass_none_query(self):
"create a QCLASS_NONE query"
p = self.make_name_packet(dns.DNS_OPCODE_QUERY)
questions = []
CVE-2016-0771: tests/dns: Remove dependencies on env variables Now that it is invoked as a normal script, there should be less of them. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-29 17:28:54 +13:00
name = "%s.%s" % (self.server, self.get_dns_domain())
s4 dns: Test QCLASS_NONE query Autobuild-User: Kai Blin <kai@samba.org> Autobuild-Date: Thu Nov 24 14:10:45 CET 2011 on sn-devel-104
2011-11-24 12:14:55 +01:00
q = self.make_name_question(name, dns.DNS_QTYPE_ALL, dns.DNS_QCLASS_NONE)
questions.append(q)
self.finish_name_packet(p, questions)
CVE-2016-0771: tests/dns: FORMERR can simply timeout against Windows Two requests with identical parameters which are poorly formatted, can non-deterministically return FORMERR or simply fail to give a response. Setting the timeout to a number allows Windows to succeed. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-21 15:43:55 +13:00
try:
selftest: merge DNSTest boilerplate This will help unifying dns.py and dns_tkey.py to use common subclasses The code was originally copied, but has since divereged. This handles that divergence. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-06-09 10:00:09 +12:00
(response, response_packet) = self.dns_transaction_udp(p, host=server_ip)
CVE-2016-0771: tests/dns: FORMERR can simply timeout against Windows Two requests with identical parameters which are poorly formatted, can non-deterministically return FORMERR or simply fail to give a response. Setting the timeout to a number allows Windows to succeed. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-21 15:43:55 +13:00
self.assert_dns_rcode_equals(response, dns.DNS_RCODE_NOTIMP)
except socket.timeout:
# Windows chooses not to respond to incorrectly formatted queries.
# Although this appears to be non-deterministic even for the same
# request twice, it also appears to be based on a how poorly the
# request is formatted.
pass
s4 dns: Test QCLASS_NONE query Autobuild-User: Kai Blin <kai@samba.org> Autobuild-Date: Thu Nov 24 14:10:45 CET 2011 on sn-devel-104
2011-11-24 12:14:55 +01:00
dns: always add authority records Signed-off-by: Kai Blin <kai@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Kai Blin <kai@samba.org> Autobuild-Date(master): Thu Aug 6 14:06:52 CEST 2015 on sn-devel-104
2015-07-17 15:27:51 +02:00
def test_soa_hostname_query(self):
"create a SOA query for a hostname"
p = self.make_name_packet(dns.DNS_OPCODE_QUERY)
questions = []
CVE-2016-0771: tests/dns: Remove dependencies on env variables Now that it is invoked as a normal script, there should be less of them. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-29 17:28:54 +13:00
name = "%s.%s" % (self.server, self.get_dns_domain())
dns: always add authority records Signed-off-by: Kai Blin <kai@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Kai Blin <kai@samba.org> Autobuild-Date(master): Thu Aug 6 14:06:52 CEST 2015 on sn-devel-104
2015-07-17 15:27:51 +02:00
q = self.make_name_question(name, dns.DNS_QTYPE_SOA, dns.DNS_QCLASS_IN)
questions.append(q)
self.finish_name_packet(p, questions)
selftest: merge DNSTest boilerplate This will help unifying dns.py and dns_tkey.py to use common subclasses The code was originally copied, but has since divereged. This handles that divergence. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-06-09 10:00:09 +12:00
(response, response_packet) = self.dns_transaction_udp(p, host=server_ip)
dns: always add authority records Signed-off-by: Kai Blin <kai@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Kai Blin <kai@samba.org> Autobuild-Date(master): Thu Aug 6 14:06:52 CEST 2015 on sn-devel-104
2015-07-17 15:27:51 +02:00
self.assert_dns_rcode_equals(response, dns.DNS_RCODE_OK)
self.assert_dns_opcode_equals(response, dns.DNS_OPCODE_QUERY)
# We don't get SOA records for single hosts
self.assertEquals(response.ancount, 0)
# But we do respond with an authority section
self.assertEqual(response.nscount, 1)
s4 dns: Test SOA queries Autobuild-User: Kai Blin <kai@samba.org> Autobuild-Date: Sat Dec 3 20:52:51 CET 2011 on sn-devel-104
2011-12-03 19:08:09 +01:00
def test_soa_domain_query(self):
"create a SOA query for a domain"
p = self.make_name_packet(dns.DNS_OPCODE_QUERY)
questions = []
name = self.get_dns_domain()
q = self.make_name_question(name, dns.DNS_QTYPE_SOA, dns.DNS_QCLASS_IN)
questions.append(q)
self.finish_name_packet(p, questions)
selftest: merge DNSTest boilerplate This will help unifying dns.py and dns_tkey.py to use common subclasses The code was originally copied, but has since divereged. This handles that divergence. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-06-09 10:00:09 +12:00
(response, response_packet) = self.dns_transaction_udp(p, host=server_ip)
s4 dns: Test SOA queries Autobuild-User: Kai Blin <kai@samba.org> Autobuild-Date: Sat Dec 3 20:52:51 CET 2011 on sn-devel-104
2011-12-03 19:08:09 +01:00
self.assert_dns_rcode_equals(response, dns.DNS_RCODE_OK)
self.assert_dns_opcode_equals(response, dns.DNS_OPCODE_QUERY)
self.assertEquals(response.ancount, 1)
provision: Correctly provision the SOA record minimum TTL This fixes bug #10466 Signed-off-by: Kai Blin <kai@samba.org> Reviewed-by: Guenter Kukkukk <kukks@samba.org> Autobuild-User(master): Kai Blin <kai@samba.org> Autobuild-Date(master): Wed May 21 10:55:00 CEST 2014 on sn-devel-104
2014-05-16 18:33:42 +02:00
self.assertEquals(response.answers[0].rdata.minimum, 3600)
s4 dns: Test QCLASS_NONE query Autobuild-User: Kai Blin <kai@samba.org> Autobuild-Date: Thu Nov 24 14:10:45 CET 2011 on sn-devel-104
2011-11-24 12:14:55 +01:00
s4 dns: Structure tests a bit better
2012-05-30 08:08:53 +02:00
class TestDNSUpdates(DNSTest):
selftest: merge DNSTest boilerplate This will help unifying dns.py and dns_tkey.py to use common subclasses The code was originally copied, but has since divereged. This handles that divergence. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-06-09 10:00:09 +12:00
def setUp(self):
super(TestDNSUpdates, self).setUp()
global server, server_ip, lp, creds, timeout
self.server = server_name
self.server_ip = server_ip
self.lp = lp
self.creds = creds
self.timeout = timeout
s4-python: Formatting fixes, break lines. Autobuild-User(master): Jelmer Vernooij <jelmer@samba.org> Autobuild-Date(master): Sun Sep 16 15:58:04 CEST 2012 on sn-devel-104
2012-09-16 14:18:51 +02:00
s4 dns: Add test to prove two updates in one packet are a FORMERR
2011-12-09 01:14:35 +01:00
def test_two_updates(self):
"create two update requests"
p = self.make_name_packet(dns.DNS_OPCODE_UPDATE)
updates = []
CVE-2016-0771: tests/dns: Remove dependencies on env variables Now that it is invoked as a normal script, there should be less of them. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-29 17:28:54 +13:00
name = "%s.%s" % (self.server, self.get_dns_domain())
s4 dns: Add test to prove two updates in one packet are a FORMERR
2011-12-09 01:14:35 +01:00
u = self.make_name_question(name, dns.DNS_QTYPE_A, dns.DNS_QCLASS_IN)
updates.append(u)
name = self.get_dns_domain()
u = self.make_name_question(name, dns.DNS_QTYPE_A, dns.DNS_QCLASS_IN)
updates.append(u)
self.finish_name_packet(p, updates)
CVE-2016-0771: tests/dns: FORMERR can simply timeout against Windows Two requests with identical parameters which are poorly formatted, can non-deterministically return FORMERR or simply fail to give a response. Setting the timeout to a number allows Windows to succeed. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-21 15:43:55 +13:00
try:
selftest: merge DNSTest boilerplate This will help unifying dns.py and dns_tkey.py to use common subclasses The code was originally copied, but has since divereged. This handles that divergence. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-06-09 10:00:09 +12:00
(response, response_packet) = self.dns_transaction_udp(p, host=server_ip)
CVE-2016-0771: tests/dns: FORMERR can simply timeout against Windows Two requests with identical parameters which are poorly formatted, can non-deterministically return FORMERR or simply fail to give a response. Setting the timeout to a number allows Windows to succeed. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-21 15:43:55 +13:00
self.assert_dns_rcode_equals(response, dns.DNS_RCODE_FORMERR)
except socket.timeout:
# Windows chooses not to respond to incorrectly formatted queries.
# Although this appears to be non-deterministic even for the same
# request twice, it also appears to be based on a how poorly the
# request is formatted.
pass
s4 dns: Add test to prove two updates in one packet are a FORMERR
2011-12-09 01:14:35 +01:00
s4 dns: Update requests with QCLASS != IN or ALL trigger NOTIMPLEMENTED errors Autobuild-User: Kai Blin <kai@samba.org> Autobuild-Date: Fri Dec 9 03:32:28 CET 2011 on sn-devel-104
2011-12-09 01:26:39 +01:00
def test_update_wrong_qclass(self):
"create update with DNS_QCLASS_NONE"
p = self.make_name_packet(dns.DNS_OPCODE_UPDATE)
updates = []
name = self.get_dns_domain()
u = self.make_name_question(name, dns.DNS_QTYPE_A, dns.DNS_QCLASS_NONE)
updates.append(u)
self.finish_name_packet(p, updates)
selftest: merge DNSTest boilerplate This will help unifying dns.py and dns_tkey.py to use common subclasses The code was originally copied, but has since divereged. This handles that divergence. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-06-09 10:00:09 +12:00
(response, response_packet) = self.dns_transaction_udp(p, host=server_ip)
s4 dns: Update requests with QCLASS != IN or ALL trigger NOTIMPLEMENTED errors Autobuild-User: Kai Blin <kai@samba.org> Autobuild-Date: Fri Dec 9 03:32:28 CET 2011 on sn-devel-104
2011-12-09 01:26:39 +01:00
self.assert_dns_rcode_equals(response, dns.DNS_RCODE_NOTIMP)
s4 dns: Add test to prove two updates in one packet are a FORMERR
2011-12-09 01:14:35 +01:00
s4 dns: Update prerequisite checking conforming to RFC
2011-12-16 13:45:22 +01:00
def test_update_prereq_with_non_null_ttl(self):
"test update with a non-null TTL"
p = self.make_name_packet(dns.DNS_OPCODE_UPDATE)
updates = []
name = self.get_dns_domain()
u = self.make_name_question(name, dns.DNS_QTYPE_SOA, dns.DNS_QCLASS_IN)
updates.append(u)
self.finish_name_packet(p, updates)
prereqs = []
r = dns.res_rec()
CVE-2016-0771: tests/dns: Remove dependencies on env variables Now that it is invoked as a normal script, there should be less of them. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-29 17:28:54 +13:00
r.name = "%s.%s" % (self.server, self.get_dns_domain())
s4 dns: Update prerequisite checking conforming to RFC
2011-12-16 13:45:22 +01:00
r.rr_type = dns.DNS_QTYPE_TXT
r.rr_class = dns.DNS_QCLASS_NONE
r.ttl = 1
r.length = 0
prereqs.append(r)
p.ancount = len(prereqs)
p.answers = prereqs
CVE-2016-0771: tests/dns: FORMERR can simply timeout against Windows Two requests with identical parameters which are poorly formatted, can non-deterministically return FORMERR or simply fail to give a response. Setting the timeout to a number allows Windows to succeed. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-21 15:43:55 +13:00
try:
selftest: merge DNSTest boilerplate This will help unifying dns.py and dns_tkey.py to use common subclasses The code was originally copied, but has since divereged. This handles that divergence. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-06-09 10:00:09 +12:00
(response, response_packet) = self.dns_transaction_udp(p, host=server_ip)
CVE-2016-0771: tests/dns: FORMERR can simply timeout against Windows Two requests with identical parameters which are poorly formatted, can non-deterministically return FORMERR or simply fail to give a response. Setting the timeout to a number allows Windows to succeed. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-21 15:43:55 +13:00
self.assert_dns_rcode_equals(response, dns.DNS_RCODE_FORMERR)
except socket.timeout:
# Windows chooses not to respond to incorrectly formatted queries.
# Although this appears to be non-deterministic even for the same
# request twice, it also appears to be based on a how poorly the
# request is formatted.
pass
s4 dns: Update prerequisite checking conforming to RFC
2011-12-16 13:45:22 +01:00
CVE-2016-0771: tests/dns: restore formerly segfaulting test This was on the client side, due the a strlen(NULL) on the previously DOS-encoded TXT field. With a new IDL structure, this segfault no longer exists. Note that both Samba and Windows return NXRRSET instead of FORMERR. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2015-12-15 17:22:32 +13:00
def test_update_prereq_with_non_null_length(self):
"test update with a non-null length"
p = self.make_name_packet(dns.DNS_OPCODE_UPDATE)
updates = []
name = self.get_dns_domain()
u = self.make_name_question(name, dns.DNS_QTYPE_SOA, dns.DNS_QCLASS_IN)
updates.append(u)
self.finish_name_packet(p, updates)
prereqs = []
r = dns.res_rec()
CVE-2016-0771: tests/dns: Remove dependencies on env variables Now that it is invoked as a normal script, there should be less of them. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-29 17:28:54 +13:00
r.name = "%s.%s" % (self.server, self.get_dns_domain())
CVE-2016-0771: tests/dns: restore formerly segfaulting test This was on the client side, due the a strlen(NULL) on the previously DOS-encoded TXT field. With a new IDL structure, this segfault no longer exists. Note that both Samba and Windows return NXRRSET instead of FORMERR. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2015-12-15 17:22:32 +13:00
r.rr_type = dns.DNS_QTYPE_TXT
r.rr_class = dns.DNS_QCLASS_ANY
r.ttl = 0
r.length = 1
prereqs.append(r)
p.ancount = len(prereqs)
p.answers = prereqs
selftest: merge DNSTest boilerplate This will help unifying dns.py and dns_tkey.py to use common subclasses The code was originally copied, but has since divereged. This handles that divergence. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-06-09 10:00:09 +12:00
(response, response_packet) = self.dns_transaction_udp(p, host=server_ip)
CVE-2016-0771: tests/dns: Correct error code for formerly unrun test Both Samba and Windows returned NXRRSET BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-21 10:25:44 +13:00
self.assert_dns_rcode_equals(response, dns.DNS_RCODE_NXRRSET)
s4 dns: Update prerequisite checking conforming to RFC
2011-12-16 13:45:22 +01:00
def test_update_prereq_nonexisting_name(self):
s4 dns: Clean up tests a bit
2012-03-10 23:49:18 +01:00
"test update with a nonexisting name"
s4 dns: Update prerequisite checking conforming to RFC
2011-12-16 13:45:22 +01:00
p = self.make_name_packet(dns.DNS_OPCODE_UPDATE)
updates = []
name = self.get_dns_domain()
u = self.make_name_question(name, dns.DNS_QTYPE_SOA, dns.DNS_QCLASS_IN)
updates.append(u)
self.finish_name_packet(p, updates)
prereqs = []
r = dns.res_rec()
r.name = "idontexist.%s" % self.get_dns_domain()
r.rr_type = dns.DNS_QTYPE_TXT
r.rr_class = dns.DNS_QCLASS_ANY
r.ttl = 0
r.length = 0
prereqs.append(r)
p.ancount = len(prereqs)
p.answers = prereqs
selftest: merge DNSTest boilerplate This will help unifying dns.py and dns_tkey.py to use common subclasses The code was originally copied, but has since divereged. This handles that divergence. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-06-09 10:00:09 +12:00
(response, response_packet) = self.dns_transaction_udp(p, host=server_ip)
s4 dns: Update prerequisite checking conforming to RFC
2011-12-16 13:45:22 +01:00
self.assert_dns_rcode_equals(response, dns.DNS_RCODE_NXRRSET)
CVE-2016-0771: tests/dns: Add some more test cases for TXT records BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-18 12:39:46 +13:00
def test_update_add_txt_record(self):
"test adding records works"
prefix, txt = 'textrec', ['"This is a test"']
p = self.make_txt_update(prefix, txt)
selftest: merge DNSTest boilerplate This will help unifying dns.py and dns_tkey.py to use common subclasses The code was originally copied, but has since divereged. This handles that divergence. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-06-09 10:00:09 +12:00
(response, response_packet) = self.dns_transaction_udp(p, host=server_ip)
CVE-2016-0771: tests/dns: Add some more test cases for TXT records BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-18 12:39:46 +13:00
self.assert_dns_rcode_equals(response, dns.DNS_RCODE_OK)
self.check_query_txt(prefix, txt)
s4 dns: Support TXT updates, add tests
2012-03-10 23:48:44 +01:00
s4 dns: Test deleting records and fix a small bu Autobuild-User: Kai Blin <kai@samba.org> Autobuild-Date: Sun Mar 11 02:27:45 CET 2012 on sn-devel-104
2012-03-11 00:25:57 +01:00
def test_delete_record(self):
"Test if deleting records works"
s4 dns: Fix return code for deleted records This fixes bug #9225. We already had a test for this scenario, but the test wasn't correct. This patch fixes the test, and also fixes the bug. Signed-off-by: Kai Blin <kai@samba.org> Autobuild-User(master): Kai Blin <kai@samba.org> Autobuild-Date(master): Sun Sep 30 13:09:14 CEST 2012 on sn-devel-104
2012-09-30 11:26:24 +02:00
NAME = "deleterec.%s" % self.get_dns_domain()
# First, create a record to make sure we have a record to delete.
s4 dns: Test deleting records and fix a small bu Autobuild-User: Kai Blin <kai@samba.org> Autobuild-Date: Sun Mar 11 02:27:45 CET 2012 on sn-devel-104
2012-03-11 00:25:57 +01:00
p = self.make_name_packet(dns.DNS_OPCODE_UPDATE)
updates = []
name = self.get_dns_domain()
u = self.make_name_question(name, dns.DNS_QTYPE_SOA, dns.DNS_QCLASS_IN)
updates.append(u)
self.finish_name_packet(p, updates)
updates = []
r = dns.res_rec()
s4 dns: Fix return code for deleted records This fixes bug #9225. We already had a test for this scenario, but the test wasn't correct. This patch fixes the test, and also fixes the bug. Signed-off-by: Kai Blin <kai@samba.org> Autobuild-User(master): Kai Blin <kai@samba.org> Autobuild-Date(master): Sun Sep 30 13:09:14 CEST 2012 on sn-devel-104
2012-09-30 11:26:24 +02:00
r.name = NAME
r.rr_type = dns.DNS_QTYPE_TXT
r.rr_class = dns.DNS_QCLASS_IN
r.ttl = 900
r.length = 0xffff
selftest: move make_txt_record() onto self in samba.tests.dns This will help unifying dns.py and dns_tkey.py to use common subclasses Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-05-31 13:57:25 +12:00
rdata = self.make_txt_record(['"This is a test"'])
dns: Fix allocation of txt_record in txt record tests Signed-off-by: Kai Blin <kai@samba.org> Reviewed-By: Amitay Isaacs <amitay@gmail.com> Autobuild-User(master): Amitay Isaacs <amitay@samba.org> Autobuild-Date(master): Thu May 16 15:39:15 CEST 2013 on sn-devel-104
2013-05-16 12:13:22 +02:00
r.rdata = rdata
s4 dns: Fix return code for deleted records This fixes bug #9225. We already had a test for this scenario, but the test wasn't correct. This patch fixes the test, and also fixes the bug. Signed-off-by: Kai Blin <kai@samba.org> Autobuild-User(master): Kai Blin <kai@samba.org> Autobuild-Date(master): Sun Sep 30 13:09:14 CEST 2012 on sn-devel-104
2012-09-30 11:26:24 +02:00
updates.append(r)
p.nscount = len(updates)
p.nsrecs = updates
selftest: merge DNSTest boilerplate This will help unifying dns.py and dns_tkey.py to use common subclasses The code was originally copied, but has since divereged. This handles that divergence. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-06-09 10:00:09 +12:00
(response, response_packet) = self.dns_transaction_udp(p, host=server_ip)
s4 dns: Fix return code for deleted records This fixes bug #9225. We already had a test for this scenario, but the test wasn't correct. This patch fixes the test, and also fixes the bug. Signed-off-by: Kai Blin <kai@samba.org> Autobuild-User(master): Kai Blin <kai@samba.org> Autobuild-Date(master): Sun Sep 30 13:09:14 CEST 2012 on sn-devel-104
2012-09-30 11:26:24 +02:00
self.assert_dns_rcode_equals(response, dns.DNS_RCODE_OK)
# Now check the record is around
p = self.make_name_packet(dns.DNS_OPCODE_QUERY)
questions = []
q = self.make_name_question(NAME, dns.DNS_QTYPE_TXT, dns.DNS_QCLASS_IN)
questions.append(q)
self.finish_name_packet(p, questions)
selftest: merge DNSTest boilerplate This will help unifying dns.py and dns_tkey.py to use common subclasses The code was originally copied, but has since divereged. This handles that divergence. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-06-09 10:00:09 +12:00
(response, response_packet) = self.dns_transaction_udp(p, host=server_ip)
s4 dns: Fix return code for deleted records This fixes bug #9225. We already had a test for this scenario, but the test wasn't correct. This patch fixes the test, and also fixes the bug. Signed-off-by: Kai Blin <kai@samba.org> Autobuild-User(master): Kai Blin <kai@samba.org> Autobuild-Date(master): Sun Sep 30 13:09:14 CEST 2012 on sn-devel-104
2012-09-30 11:26:24 +02:00
self.assert_dns_rcode_equals(response, dns.DNS_RCODE_OK)
# Now delete the record
p = self.make_name_packet(dns.DNS_OPCODE_UPDATE)
updates = []
name = self.get_dns_domain()
u = self.make_name_question(name, dns.DNS_QTYPE_SOA, dns.DNS_QCLASS_IN)
updates.append(u)
self.finish_name_packet(p, updates)
updates = []
r = dns.res_rec()
r.name = NAME
s4 dns: Test deleting records and fix a small bu Autobuild-User: Kai Blin <kai@samba.org> Autobuild-Date: Sun Mar 11 02:27:45 CET 2012 on sn-devel-104
2012-03-11 00:25:57 +01:00
r.rr_type = dns.DNS_QTYPE_TXT
r.rr_class = dns.DNS_QCLASS_NONE
r.ttl = 0
r.length = 0xffff
selftest: move make_txt_record() onto self in samba.tests.dns This will help unifying dns.py and dns_tkey.py to use common subclasses Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-05-31 13:57:25 +12:00
rdata = self.make_txt_record(['"This is a test"'])
dns: Fix allocation of txt_record in txt record tests Signed-off-by: Kai Blin <kai@samba.org> Reviewed-By: Amitay Isaacs <amitay@gmail.com> Autobuild-User(master): Amitay Isaacs <amitay@samba.org> Autobuild-Date(master): Thu May 16 15:39:15 CEST 2013 on sn-devel-104
2013-05-16 12:13:22 +02:00
r.rdata = rdata
s4 dns: Test deleting records and fix a small bu Autobuild-User: Kai Blin <kai@samba.org> Autobuild-Date: Sun Mar 11 02:27:45 CET 2012 on sn-devel-104
2012-03-11 00:25:57 +01:00
updates.append(r)
p.nscount = len(updates)
p.nsrecs = updates
selftest: merge DNSTest boilerplate This will help unifying dns.py and dns_tkey.py to use common subclasses The code was originally copied, but has since divereged. This handles that divergence. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-06-09 10:00:09 +12:00
(response, response_packet) = self.dns_transaction_udp(p, host=server_ip)
s4 dns: Test deleting records and fix a small bu Autobuild-User: Kai Blin <kai@samba.org> Autobuild-Date: Sun Mar 11 02:27:45 CET 2012 on sn-devel-104
2012-03-11 00:25:57 +01:00
self.assert_dns_rcode_equals(response, dns.DNS_RCODE_OK)
s4 dns: Fix return code for deleted records This fixes bug #9225. We already had a test for this scenario, but the test wasn't correct. This patch fixes the test, and also fixes the bug. Signed-off-by: Kai Blin <kai@samba.org> Autobuild-User(master): Kai Blin <kai@samba.org> Autobuild-Date(master): Sun Sep 30 13:09:14 CEST 2012 on sn-devel-104
2012-09-30 11:26:24 +02:00
# And finally check it's gone
s4 dns: Test deleting records and fix a small bu Autobuild-User: Kai Blin <kai@samba.org> Autobuild-Date: Sun Mar 11 02:27:45 CET 2012 on sn-devel-104
2012-03-11 00:25:57 +01:00
p = self.make_name_packet(dns.DNS_OPCODE_QUERY)
questions = []
s4 dns: Fix return code for deleted records This fixes bug #9225. We already had a test for this scenario, but the test wasn't correct. This patch fixes the test, and also fixes the bug. Signed-off-by: Kai Blin <kai@samba.org> Autobuild-User(master): Kai Blin <kai@samba.org> Autobuild-Date(master): Sun Sep 30 13:09:14 CEST 2012 on sn-devel-104
2012-09-30 11:26:24 +02:00
q = self.make_name_question(NAME, dns.DNS_QTYPE_TXT, dns.DNS_QCLASS_IN)
s4 dns: Test deleting records and fix a small bu Autobuild-User: Kai Blin <kai@samba.org> Autobuild-Date: Sun Mar 11 02:27:45 CET 2012 on sn-devel-104
2012-03-11 00:25:57 +01:00
questions.append(q)
self.finish_name_packet(p, questions)
selftest: merge DNSTest boilerplate This will help unifying dns.py and dns_tkey.py to use common subclasses The code was originally copied, but has since divereged. This handles that divergence. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-06-09 10:00:09 +12:00
(response, response_packet) = self.dns_transaction_udp(p, host=server_ip)
s4 dns: Test deleting records and fix a small bu Autobuild-User: Kai Blin <kai@samba.org> Autobuild-Date: Sun Mar 11 02:27:45 CET 2012 on sn-devel-104
2012-03-11 00:25:57 +01:00
self.assert_dns_rcode_equals(response, dns.DNS_RCODE_NXDOMAIN)
dns: Delete dnsNode objects when they are empty If an update leaves the dnsNode without any entries, the dnsNode object should be deleted. Thanks to Günter Kukkukk for his excellent debugging work on this one. This should fix bug #9559 Signed-off-by: Kai Blin <kai@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-06-01 10:24:11 +02:00
def test_readd_record(self):
"Test if adding, deleting and then readding a records works"
NAME = "readdrec.%s" % self.get_dns_domain()
# Create the record
p = self.make_name_packet(dns.DNS_OPCODE_UPDATE)
updates = []
name = self.get_dns_domain()
u = self.make_name_question(name, dns.DNS_QTYPE_SOA, dns.DNS_QCLASS_IN)
updates.append(u)
self.finish_name_packet(p, updates)
updates = []
r = dns.res_rec()
r.name = NAME
r.rr_type = dns.DNS_QTYPE_TXT
r.rr_class = dns.DNS_QCLASS_IN
r.ttl = 900
r.length = 0xffff
selftest: move make_txt_record() onto self in samba.tests.dns This will help unifying dns.py and dns_tkey.py to use common subclasses Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-05-31 13:57:25 +12:00
rdata = self.make_txt_record(['"This is a test"'])
dns: Delete dnsNode objects when they are empty If an update leaves the dnsNode without any entries, the dnsNode object should be deleted. Thanks to Günter Kukkukk for his excellent debugging work on this one. This should fix bug #9559 Signed-off-by: Kai Blin <kai@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-06-01 10:24:11 +02:00
r.rdata = rdata
updates.append(r)
p.nscount = len(updates)
p.nsrecs = updates
selftest: merge DNSTest boilerplate This will help unifying dns.py and dns_tkey.py to use common subclasses The code was originally copied, but has since divereged. This handles that divergence. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-06-09 10:00:09 +12:00
(response, response_packet) = self.dns_transaction_udp(p, host=server_ip)
dns: Delete dnsNode objects when they are empty If an update leaves the dnsNode without any entries, the dnsNode object should be deleted. Thanks to Günter Kukkukk for his excellent debugging work on this one. This should fix bug #9559 Signed-off-by: Kai Blin <kai@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-06-01 10:24:11 +02:00
self.assert_dns_rcode_equals(response, dns.DNS_RCODE_OK)
# Now check the record is around
p = self.make_name_packet(dns.DNS_OPCODE_QUERY)
questions = []
q = self.make_name_question(NAME, dns.DNS_QTYPE_TXT, dns.DNS_QCLASS_IN)
questions.append(q)
self.finish_name_packet(p, questions)
selftest: merge DNSTest boilerplate This will help unifying dns.py and dns_tkey.py to use common subclasses The code was originally copied, but has since divereged. This handles that divergence. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-06-09 10:00:09 +12:00
(response, response_packet) = self.dns_transaction_udp(p, host=server_ip)
dns: Delete dnsNode objects when they are empty If an update leaves the dnsNode without any entries, the dnsNode object should be deleted. Thanks to Günter Kukkukk for his excellent debugging work on this one. This should fix bug #9559 Signed-off-by: Kai Blin <kai@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-06-01 10:24:11 +02:00
self.assert_dns_rcode_equals(response, dns.DNS_RCODE_OK)
# Now delete the record
p = self.make_name_packet(dns.DNS_OPCODE_UPDATE)
updates = []
name = self.get_dns_domain()
u = self.make_name_question(name, dns.DNS_QTYPE_SOA, dns.DNS_QCLASS_IN)
updates.append(u)
self.finish_name_packet(p, updates)
updates = []
r = dns.res_rec()
r.name = NAME
r.rr_type = dns.DNS_QTYPE_TXT
r.rr_class = dns.DNS_QCLASS_NONE
r.ttl = 0
r.length = 0xffff
selftest: move make_txt_record() onto self in samba.tests.dns This will help unifying dns.py and dns_tkey.py to use common subclasses Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-05-31 13:57:25 +12:00
rdata = self.make_txt_record(['"This is a test"'])
dns: Delete dnsNode objects when they are empty If an update leaves the dnsNode without any entries, the dnsNode object should be deleted. Thanks to Günter Kukkukk for his excellent debugging work on this one. This should fix bug #9559 Signed-off-by: Kai Blin <kai@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-06-01 10:24:11 +02:00
r.rdata = rdata
updates.append(r)
p.nscount = len(updates)
p.nsrecs = updates
selftest: merge DNSTest boilerplate This will help unifying dns.py and dns_tkey.py to use common subclasses The code was originally copied, but has since divereged. This handles that divergence. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-06-09 10:00:09 +12:00
(response, response_packet) = self.dns_transaction_udp(p, host=server_ip)
dns: Delete dnsNode objects when they are empty If an update leaves the dnsNode without any entries, the dnsNode object should be deleted. Thanks to Günter Kukkukk for his excellent debugging work on this one. This should fix bug #9559 Signed-off-by: Kai Blin <kai@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-06-01 10:24:11 +02:00
self.assert_dns_rcode_equals(response, dns.DNS_RCODE_OK)
# check it's gone
p = self.make_name_packet(dns.DNS_OPCODE_QUERY)
questions = []
q = self.make_name_question(NAME, dns.DNS_QTYPE_TXT, dns.DNS_QCLASS_IN)
questions.append(q)
self.finish_name_packet(p, questions)
selftest: merge DNSTest boilerplate This will help unifying dns.py and dns_tkey.py to use common subclasses The code was originally copied, but has since divereged. This handles that divergence. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-06-09 10:00:09 +12:00
(response, response_packet) = self.dns_transaction_udp(p, host=server_ip)
dns: Delete dnsNode objects when they are empty If an update leaves the dnsNode without any entries, the dnsNode object should be deleted. Thanks to Günter Kukkukk for his excellent debugging work on this one. This should fix bug #9559 Signed-off-by: Kai Blin <kai@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-06-01 10:24:11 +02:00
self.assert_dns_rcode_equals(response, dns.DNS_RCODE_NXDOMAIN)
# recreate the record
p = self.make_name_packet(dns.DNS_OPCODE_UPDATE)
updates = []
name = self.get_dns_domain()
u = self.make_name_question(name, dns.DNS_QTYPE_SOA, dns.DNS_QCLASS_IN)
updates.append(u)
self.finish_name_packet(p, updates)
updates = []
r = dns.res_rec()
r.name = NAME
r.rr_type = dns.DNS_QTYPE_TXT
r.rr_class = dns.DNS_QCLASS_IN
r.ttl = 900
r.length = 0xffff
selftest: move make_txt_record() onto self in samba.tests.dns This will help unifying dns.py and dns_tkey.py to use common subclasses Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-05-31 13:57:25 +12:00
rdata = self.make_txt_record(['"This is a test"'])
dns: Delete dnsNode objects when they are empty If an update leaves the dnsNode without any entries, the dnsNode object should be deleted. Thanks to Günter Kukkukk for his excellent debugging work on this one. This should fix bug #9559 Signed-off-by: Kai Blin <kai@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-06-01 10:24:11 +02:00
r.rdata = rdata
updates.append(r)
p.nscount = len(updates)
p.nsrecs = updates
selftest: merge DNSTest boilerplate This will help unifying dns.py and dns_tkey.py to use common subclasses The code was originally copied, but has since divereged. This handles that divergence. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-06-09 10:00:09 +12:00
(response, response_packet) = self.dns_transaction_udp(p, host=server_ip)
dns: Delete dnsNode objects when they are empty If an update leaves the dnsNode without any entries, the dnsNode object should be deleted. Thanks to Günter Kukkukk for his excellent debugging work on this one. This should fix bug #9559 Signed-off-by: Kai Blin <kai@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-06-01 10:24:11 +02:00
self.assert_dns_rcode_equals(response, dns.DNS_RCODE_OK)
# Now check the record is around
p = self.make_name_packet(dns.DNS_OPCODE_QUERY)
questions = []
q = self.make_name_question(NAME, dns.DNS_QTYPE_TXT, dns.DNS_QCLASS_IN)
questions.append(q)
self.finish_name_packet(p, questions)
selftest: merge DNSTest boilerplate This will help unifying dns.py and dns_tkey.py to use common subclasses The code was originally copied, but has since divereged. This handles that divergence. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-06-09 10:00:09 +12:00
(response, response_packet) = self.dns_transaction_udp(p, host=server_ip)
dns: Delete dnsNode objects when they are empty If an update leaves the dnsNode without any entries, the dnsNode object should be deleted. Thanks to Günter Kukkukk for his excellent debugging work on this one. This should fix bug #9559 Signed-off-by: Kai Blin <kai@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2013-06-01 10:24:11 +02:00
self.assert_dns_rcode_equals(response, dns.DNS_RCODE_OK)
dns: Add support for MX queries Due to an oversight, the internal DNS server supports MX record updates, but not MX record queries. Add support for MX queries and tests. This should fix bug #9485 Signed-off-by: Kai Blin <kai@samba.org> Reviewed-By: Amitay Isaacs <amitay@gmail.com>
2012-12-10 05:50:05 +10:00
def test_update_add_mx_record(self):
"test adding MX records works"
p = self.make_name_packet(dns.DNS_OPCODE_UPDATE)
updates = []
name = self.get_dns_domain()
u = self.make_name_question(name, dns.DNS_QTYPE_SOA, dns.DNS_QCLASS_IN)
updates.append(u)
self.finish_name_packet(p, updates)
updates = []
r = dns.res_rec()
r.name = "%s" % self.get_dns_domain()
r.rr_type = dns.DNS_QTYPE_MX
r.rr_class = dns.DNS_QCLASS_IN
r.ttl = 900
r.length = 0xffff
rdata = dns.mx_record()
rdata.preference = 10
rdata.exchange = 'mail.%s' % self.get_dns_domain()
r.rdata = rdata
updates.append(r)
p.nscount = len(updates)
p.nsrecs = updates
selftest: merge DNSTest boilerplate This will help unifying dns.py and dns_tkey.py to use common subclasses The code was originally copied, but has since divereged. This handles that divergence. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-06-09 10:00:09 +12:00
(response, response_packet) = self.dns_transaction_udp(p, host=server_ip)
dns: Add support for MX queries Due to an oversight, the internal DNS server supports MX record updates, but not MX record queries. Add support for MX queries and tests. This should fix bug #9485 Signed-off-by: Kai Blin <kai@samba.org> Reviewed-By: Amitay Isaacs <amitay@gmail.com>
2012-12-10 05:50:05 +10:00
self.assert_dns_rcode_equals(response, dns.DNS_RCODE_OK)
p = self.make_name_packet(dns.DNS_OPCODE_QUERY)
questions = []
name = "%s" % self.get_dns_domain()
q = self.make_name_question(name, dns.DNS_QTYPE_MX, dns.DNS_QCLASS_IN)
questions.append(q)
self.finish_name_packet(p, questions)
selftest: merge DNSTest boilerplate This will help unifying dns.py and dns_tkey.py to use common subclasses The code was originally copied, but has since divereged. This handles that divergence. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-06-09 10:00:09 +12:00
(response, response_packet) = self.dns_transaction_udp(p, host=server_ip)
dns: Add support for MX queries Due to an oversight, the internal DNS server supports MX record updates, but not MX record queries. Add support for MX queries and tests. This should fix bug #9485 Signed-off-by: Kai Blin <kai@samba.org> Reviewed-By: Amitay Isaacs <amitay@gmail.com>
2012-12-10 05:50:05 +10:00
self.assert_dns_rcode_equals(response, dns.DNS_RCODE_OK)
self.assertEqual(response.ancount, 1)
dns: more debug debug options in the tests Signed-off-by: Kai Blin <kai@samba.org> Reviewed-By: Amitay Isaacs <amitay@gmail.com>
2013-01-14 00:56:48 +01:00
ans = response.answers[0]
self.assertEqual(ans.rr_type, dns.DNS_QTYPE_MX)
self.assertEqual(ans.rdata.preference, 10)
self.assertEqual(ans.rdata.exchange, 'mail.%s' % self.get_dns_domain())
dns: Add support for MX queries Due to an oversight, the internal DNS server supports MX record updates, but not MX record queries. Add support for MX queries and tests. This should fix bug #9485 Signed-off-by: Kai Blin <kai@samba.org> Reviewed-By: Amitay Isaacs <amitay@gmail.com>
2012-12-10 05:50:05 +10:00
s4 dns: Test deleting records and fix a small bu Autobuild-User: Kai Blin <kai@samba.org> Autobuild-Date: Sun Mar 11 02:27:45 CET 2012 on sn-devel-104
2012-03-11 00:25:57 +01:00
s4 dns: Correctly handle A questions for CNAMEs When an A/AAAA lookup is made for a name that actually is a CNAME record, we need to return the CNAME record, and then do the A/AAAA lookup for the name the CNAME points at. This still fails for CNAMEs pointing at records for domains we need to ask our forwarders for. Autobuild-User: Kai Blin <kai@samba.org> Autobuild-Date: Wed Jun 6 15:23:55 CEST 2012 on sn-devel-104
2012-06-01 08:05:54 +02:00
class TestComplexQueries(DNSTest):
tests/dns: Add additional testing of CNAME handling RFC 1034, for instance, describes that all intermediate CNAMEs should be returned. As it is, CNAME do not return all found intermediate results in the case of straightforward failure. It should be noted that in the case of forwarding success, ALL intermediate paths are returned, including the failure ones. Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-04-06 15:44:58 +12:00
def make_dns_update(self, key, value, qtype):
s4 dns: Correctly handle A questions for CNAMEs When an A/AAAA lookup is made for a name that actually is a CNAME record, we need to return the CNAME record, and then do the A/AAAA lookup for the name the CNAME points at. This still fails for CNAMEs pointing at records for domains we need to ask our forwarders for. Autobuild-User: Kai Blin <kai@samba.org> Autobuild-Date: Wed Jun 6 15:23:55 CEST 2012 on sn-devel-104
2012-06-01 08:05:54 +02:00
p = self.make_name_packet(dns.DNS_OPCODE_UPDATE)
name = self.get_dns_domain()
u = self.make_name_question(name, dns.DNS_QTYPE_SOA, dns.DNS_QCLASS_IN)
tests/dns: Add additional testing of CNAME handling RFC 1034, for instance, describes that all intermediate CNAMEs should be returned. As it is, CNAME do not return all found intermediate results in the case of straightforward failure. It should be noted that in the case of forwarding success, ALL intermediate paths are returned, including the failure ones. Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-04-06 15:44:58 +12:00
self.finish_name_packet(p, [u])
s4 dns: Correctly handle A questions for CNAMEs When an A/AAAA lookup is made for a name that actually is a CNAME record, we need to return the CNAME record, and then do the A/AAAA lookup for the name the CNAME points at. This still fails for CNAMEs pointing at records for domains we need to ask our forwarders for. Autobuild-User: Kai Blin <kai@samba.org> Autobuild-Date: Wed Jun 6 15:23:55 CEST 2012 on sn-devel-104
2012-06-01 08:05:54 +02:00
r = dns.res_rec()
tests/dns: Add additional testing of CNAME handling RFC 1034, for instance, describes that all intermediate CNAMEs should be returned. As it is, CNAME do not return all found intermediate results in the case of straightforward failure. It should be noted that in the case of forwarding success, ALL intermediate paths are returned, including the failure ones. Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-04-06 15:44:58 +12:00
r.name = key
r.rr_type = qtype
s4 dns: Correctly handle A questions for CNAMEs When an A/AAAA lookup is made for a name that actually is a CNAME record, we need to return the CNAME record, and then do the A/AAAA lookup for the name the CNAME points at. This still fails for CNAMEs pointing at records for domains we need to ask our forwarders for. Autobuild-User: Kai Blin <kai@samba.org> Autobuild-Date: Wed Jun 6 15:23:55 CEST 2012 on sn-devel-104
2012-06-01 08:05:54 +02:00
r.rr_class = dns.DNS_QCLASS_IN
r.ttl = 900
r.length = 0xffff
dns: record aging tests First basic DNS record aging tests. These check that we can turn aging on and off, and that timestamps are written on DNS add and update calls, but not RPC calls. BUG: https://bugzilla.samba.org/show_bug.cgi?id=10812 Signed-off-by: Aaron Haslett <aaronhaslett@catalyst.net.nz> Reviewed-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-05-09 18:02:28 +12:00
r.rdata = value
tests/dns: Add additional testing of CNAME handling RFC 1034, for instance, describes that all intermediate CNAMEs should be returned. As it is, CNAME do not return all found intermediate results in the case of straightforward failure. It should be noted that in the case of forwarding success, ALL intermediate paths are returned, including the failure ones. Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-04-06 15:44:58 +12:00
p.nscount = 1
dns: record aging tests First basic DNS record aging tests. These check that we can turn aging on and off, and that timestamps are written on DNS add and update calls, but not RPC calls. BUG: https://bugzilla.samba.org/show_bug.cgi?id=10812 Signed-off-by: Aaron Haslett <aaronhaslett@catalyst.net.nz> Reviewed-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-05-09 18:02:28 +12:00
p.nsrecs = [r]
selftest: merge DNSTest boilerplate This will help unifying dns.py and dns_tkey.py to use common subclasses The code was originally copied, but has since divereged. This handles that divergence. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-06-09 10:00:09 +12:00
(response, response_packet) = self.dns_transaction_udp(p, host=server_ip)
s4 dns: Correctly handle A questions for CNAMEs When an A/AAAA lookup is made for a name that actually is a CNAME record, we need to return the CNAME record, and then do the A/AAAA lookup for the name the CNAME points at. This still fails for CNAMEs pointing at records for domains we need to ask our forwarders for. Autobuild-User: Kai Blin <kai@samba.org> Autobuild-Date: Wed Jun 6 15:23:55 CEST 2012 on sn-devel-104
2012-06-01 08:05:54 +02:00
self.assert_dns_rcode_equals(response, dns.DNS_RCODE_OK)
tests/dns: Add additional testing of CNAME handling RFC 1034, for instance, describes that all intermediate CNAMEs should be returned. As it is, CNAME do not return all found intermediate results in the case of straightforward failure. It should be noted that in the case of forwarding success, ALL intermediate paths are returned, including the failure ones. Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-04-06 15:44:58 +12:00
def setUp(self):
super(TestComplexQueries, self).setUp()
selftest: merge DNSTest boilerplate This will help unifying dns.py and dns_tkey.py to use common subclasses The code was originally copied, but has since divereged. This handles that divergence. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-06-09 10:00:09 +12:00
global server, server_ip, lp, creds, timeout
self.server = server_name
self.server_ip = server_ip
self.lp = lp
self.creds = creds
self.timeout = timeout
s4 dns: Correctly handle A questions for CNAMEs When an A/AAAA lookup is made for a name that actually is a CNAME record, we need to return the CNAME record, and then do the A/AAAA lookup for the name the CNAME points at. This still fails for CNAMEs pointing at records for domains we need to ask our forwarders for. Autobuild-User: Kai Blin <kai@samba.org> Autobuild-Date: Wed Jun 6 15:23:55 CEST 2012 on sn-devel-104
2012-06-01 08:05:54 +02:00
selftest: run dns tests in multiple envs This will let us check the negative behaviour: that updates against RODCs fail and un-authenticated updates fail. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-06-08 16:20:42 +12:00
def test_one_a_query(self):
"create a query packet containing one query record"
s4 dns: Correctly handle A questions for CNAMEs When an A/AAAA lookup is made for a name that actually is a CNAME record, we need to return the CNAME record, and then do the A/AAAA lookup for the name the CNAME points at. This still fails for CNAMEs pointing at records for domains we need to ask our forwarders for. Autobuild-User: Kai Blin <kai@samba.org> Autobuild-Date: Wed Jun 6 15:23:55 CEST 2012 on sn-devel-104
2012-06-01 08:05:54 +02:00
selftest: run dns tests in multiple envs This will let us check the negative behaviour: that updates against RODCs fail and un-authenticated updates fail. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-06-08 16:20:42 +12:00
try:
s4 dns: Correctly handle A questions for CNAMEs When an A/AAAA lookup is made for a name that actually is a CNAME record, we need to return the CNAME record, and then do the A/AAAA lookup for the name the CNAME points at. This still fails for CNAMEs pointing at records for domains we need to ask our forwarders for. Autobuild-User: Kai Blin <kai@samba.org> Autobuild-Date: Wed Jun 6 15:23:55 CEST 2012 on sn-devel-104
2012-06-01 08:05:54 +02:00
selftest: run dns tests in multiple envs This will let us check the negative behaviour: that updates against RODCs fail and un-authenticated updates fail. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-06-08 16:20:42 +12:00
# Create the record
name = "cname_test.%s" % self.get_dns_domain()
rdata = "%s.%s" % (self.server, self.get_dns_domain())
self.make_dns_update(name, rdata, dns.DNS_QTYPE_CNAME)
s4 dns: Correctly handle A questions for CNAMEs When an A/AAAA lookup is made for a name that actually is a CNAME record, we need to return the CNAME record, and then do the A/AAAA lookup for the name the CNAME points at. This still fails for CNAMEs pointing at records for domains we need to ask our forwarders for. Autobuild-User: Kai Blin <kai@samba.org> Autobuild-Date: Wed Jun 6 15:23:55 CEST 2012 on sn-devel-104
2012-06-01 08:05:54 +02:00
selftest: run dns tests in multiple envs This will let us check the negative behaviour: that updates against RODCs fail and un-authenticated updates fail. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-06-08 16:20:42 +12:00
p = self.make_name_packet(dns.DNS_OPCODE_QUERY)
questions = []
s4 dns: Correctly handle A questions for CNAMEs When an A/AAAA lookup is made for a name that actually is a CNAME record, we need to return the CNAME record, and then do the A/AAAA lookup for the name the CNAME points at. This still fails for CNAMEs pointing at records for domains we need to ask our forwarders for. Autobuild-User: Kai Blin <kai@samba.org> Autobuild-Date: Wed Jun 6 15:23:55 CEST 2012 on sn-devel-104
2012-06-01 08:05:54 +02:00
selftest: run dns tests in multiple envs This will let us check the negative behaviour: that updates against RODCs fail and un-authenticated updates fail. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-06-08 16:20:42 +12:00
# Check the record
name = "cname_test.%s" % self.get_dns_domain()
q = self.make_name_question(name, dns.DNS_QTYPE_A, dns.DNS_QCLASS_IN)
samba python tests: convert print func to be py2/py3 compatible Signed-off-by: Noel Power <noel.power@suse.com> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2018-03-09 13:38:42 +00:00
print("asking for ", q.name)
selftest: run dns tests in multiple envs This will let us check the negative behaviour: that updates against RODCs fail and un-authenticated updates fail. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-06-08 16:20:42 +12:00
questions.append(q)
s4 dns: Correctly handle A questions for CNAMEs When an A/AAAA lookup is made for a name that actually is a CNAME record, we need to return the CNAME record, and then do the A/AAAA lookup for the name the CNAME points at. This still fails for CNAMEs pointing at records for domains we need to ask our forwarders for. Autobuild-User: Kai Blin <kai@samba.org> Autobuild-Date: Wed Jun 6 15:23:55 CEST 2012 on sn-devel-104
2012-06-01 08:05:54 +02:00
selftest: run dns tests in multiple envs This will let us check the negative behaviour: that updates against RODCs fail and un-authenticated updates fail. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-06-08 16:20:42 +12:00
self.finish_name_packet(p, questions)
selftest: merge DNSTest boilerplate This will help unifying dns.py and dns_tkey.py to use common subclasses The code was originally copied, but has since divereged. This handles that divergence. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-06-09 10:00:09 +12:00
(response, response_packet) = self.dns_transaction_udp(p, host=self.server_ip)
selftest: run dns tests in multiple envs This will let us check the negative behaviour: that updates against RODCs fail and un-authenticated updates fail. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-06-08 16:20:42 +12:00
self.assert_dns_rcode_equals(response, dns.DNS_RCODE_OK)
self.assert_dns_opcode_equals(response, dns.DNS_OPCODE_QUERY)
self.assertEquals(response.ancount, 2)
self.assertEquals(response.answers[0].rr_type, dns.DNS_QTYPE_CNAME)
self.assertEquals(response.answers[0].rdata, "%s.%s" %
(self.server, self.get_dns_domain()))
self.assertEquals(response.answers[1].rr_type, dns.DNS_QTYPE_A)
self.assertEquals(response.answers[1].rdata,
self.server_ip)
finally:
# Delete the record
p = self.make_name_packet(dns.DNS_OPCODE_UPDATE)
updates = []
name = self.get_dns_domain()
u = self.make_name_question(name, dns.DNS_QTYPE_SOA, dns.DNS_QCLASS_IN)
updates.append(u)
self.finish_name_packet(p, updates)
updates = []
r = dns.res_rec()
r.name = "cname_test.%s" % self.get_dns_domain()
r.rr_type = dns.DNS_QTYPE_CNAME
r.rr_class = dns.DNS_QCLASS_NONE
r.ttl = 0
r.length = 0xffff
r.rdata = "%s.%s" % (self.server, self.get_dns_domain())
updates.append(r)
p.nscount = len(updates)
p.nsrecs = updates
selftest: merge DNSTest boilerplate This will help unifying dns.py and dns_tkey.py to use common subclasses The code was originally copied, but has since divereged. This handles that divergence. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-06-09 10:00:09 +12:00
(response, response_packet) = self.dns_transaction_udp(p, host=self.server_ip)
selftest: run dns tests in multiple envs This will let us check the negative behaviour: that updates against RODCs fail and un-authenticated updates fail. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-06-08 16:20:42 +12:00
self.assert_dns_rcode_equals(response, dns.DNS_RCODE_OK)
s4 dns: Correctly handle A questions for CNAMEs When an A/AAAA lookup is made for a name that actually is a CNAME record, we need to return the CNAME record, and then do the A/AAAA lookup for the name the CNAME points at. This still fails for CNAMEs pointing at records for domains we need to ask our forwarders for. Autobuild-User: Kai Blin <kai@samba.org> Autobuild-Date: Wed Jun 6 15:23:55 CEST 2012 on sn-devel-104
2012-06-01 08:05:54 +02:00
tests/dns: Add additional testing of CNAME handling RFC 1034, for instance, describes that all intermediate CNAMEs should be returned. As it is, CNAME do not return all found intermediate results in the case of straightforward failure. It should be noted that in the case of forwarding success, ALL intermediate paths are returned, including the failure ones. Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-04-06 15:44:58 +12:00
def test_cname_two_chain(self):
name0 = "cnamechain0.%s" % self.get_dns_domain()
name1 = "cnamechain1.%s" % self.get_dns_domain()
name2 = "cnamechain2.%s" % self.get_dns_domain()
self.make_dns_update(name1, name2, dns.DNS_QTYPE_CNAME)
self.make_dns_update(name2, name0, dns.DNS_QTYPE_CNAME)
self.make_dns_update(name0, server_ip, dns.DNS_QTYPE_A)
p = self.make_name_packet(dns.DNS_OPCODE_QUERY)
questions = []
q = self.make_name_question(name1, dns.DNS_QTYPE_A,
dns.DNS_QCLASS_IN)
questions.append(q)
self.finish_name_packet(p, questions)
selftest: merge DNSTest boilerplate This will help unifying dns.py and dns_tkey.py to use common subclasses The code was originally copied, but has since divereged. This handles that divergence. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-06-09 10:00:09 +12:00
(response, response_packet) = self.dns_transaction_udp(p, host=server_ip)
tests/dns: Add additional testing of CNAME handling RFC 1034, for instance, describes that all intermediate CNAMEs should be returned. As it is, CNAME do not return all found intermediate results in the case of straightforward failure. It should be noted that in the case of forwarding success, ALL intermediate paths are returned, including the failure ones. Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-04-06 15:44:58 +12:00
self.assert_dns_rcode_equals(response, dns.DNS_RCODE_OK)
self.assert_dns_opcode_equals(response, dns.DNS_OPCODE_QUERY)
self.assertEquals(response.ancount, 3)
self.assertEquals(response.answers[0].rr_type, dns.DNS_QTYPE_CNAME)
self.assertEquals(response.answers[0].name, name1)
self.assertEquals(response.answers[0].rdata, name2)
self.assertEquals(response.answers[1].rr_type, dns.DNS_QTYPE_CNAME)
self.assertEquals(response.answers[1].name, name2)
self.assertEquals(response.answers[1].rdata, name0)
self.assertEquals(response.answers[2].rr_type, dns.DNS_QTYPE_A)
self.assertEquals(response.answers[2].rdata,
self.server_ip)
tests/dns: Check you cannot add empty CNAME This exercises the dns_check_name case in the DNS server. Directly attempting to add an invalid name with leading . or double .. cannot be done due to ndr_pull_component forcing the check on the client side (leading to a CNAME name of NUL and unexpected data of the actual name). Signed-off-by: Garming Sam <garming@catalyst.net.nz> Pair-programmed-with: Bob Campbell <bobcampbell@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Garming Sam <garming@samba.org> Autobuild-Date(master): Mon Dec 12 08:46:26 CET 2016 on sn-devel-144
2016-12-07 16:42:38 +13:00
def test_invalid_empty_cname(self):
name0 = "cnamedotprefix0.%s" % self.get_dns_domain()
try:
self.make_dns_update(name0, "", dns.DNS_QTYPE_CNAME)
except AssertionError as e:
pass
else:
self.fail("Successfully added empty CNAME, which is invalid.")
tests/dns: Add additional testing of CNAME handling RFC 1034, for instance, describes that all intermediate CNAMEs should be returned. As it is, CNAME do not return all found intermediate results in the case of straightforward failure. It should be noted that in the case of forwarding success, ALL intermediate paths are returned, including the failure ones. Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-04-06 15:44:58 +12:00
def test_cname_two_chain_not_matching_qtype(self):
name0 = "cnamechain0.%s" % self.get_dns_domain()
name1 = "cnamechain1.%s" % self.get_dns_domain()
name2 = "cnamechain2.%s" % self.get_dns_domain()
self.make_dns_update(name1, name2, dns.DNS_QTYPE_CNAME)
self.make_dns_update(name2, name0, dns.DNS_QTYPE_CNAME)
self.make_dns_update(name0, server_ip, dns.DNS_QTYPE_A)
p = self.make_name_packet(dns.DNS_OPCODE_QUERY)
questions = []
q = self.make_name_question(name1, dns.DNS_QTYPE_TXT,
dns.DNS_QCLASS_IN)
questions.append(q)
self.finish_name_packet(p, questions)
selftest: merge DNSTest boilerplate This will help unifying dns.py and dns_tkey.py to use common subclasses The code was originally copied, but has since divereged. This handles that divergence. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-06-09 10:00:09 +12:00
(response, response_packet) = self.dns_transaction_udp(p, host=server_ip)
tests/dns: Add additional testing of CNAME handling RFC 1034, for instance, describes that all intermediate CNAMEs should be returned. As it is, CNAME do not return all found intermediate results in the case of straightforward failure. It should be noted that in the case of forwarding success, ALL intermediate paths are returned, including the failure ones. Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-04-06 15:44:58 +12:00
self.assert_dns_rcode_equals(response, dns.DNS_RCODE_OK)
self.assert_dns_opcode_equals(response, dns.DNS_OPCODE_QUERY)
# CNAME should return all intermediate results!
# Only the A records exists, not the TXT.
self.assertEquals(response.ancount, 2)
self.assertEquals(response.answers[0].rr_type, dns.DNS_QTYPE_CNAME)
self.assertEquals(response.answers[0].name, name1)
self.assertEquals(response.answers[0].rdata, name2)
self.assertEquals(response.answers[1].rr_type, dns.DNS_QTYPE_CNAME)
self.assertEquals(response.answers[1].name, name2)
python/tests: fix typo to use correct var Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Bob Campbell <bobcampbell@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-12-07 14:25:35 +13:00
self.assertEquals(response.answers[1].rdata, name0)
tests/dns: Add additional testing of CNAME handling RFC 1034, for instance, describes that all intermediate CNAMEs should be returned. As it is, CNAME do not return all found intermediate results in the case of straightforward failure. It should be noted that in the case of forwarding success, ALL intermediate paths are returned, including the failure ones. Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-04-06 15:44:58 +12:00
s4:dns.py: reproducer for (bug #9184) metze Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Sat Sep 22 06:08:05 CEST 2012 on sn-devel-104
2012-09-21 23:06:13 +02:00
class TestInvalidQueries(DNSTest):
selftest: merge DNSTest boilerplate This will help unifying dns.py and dns_tkey.py to use common subclasses The code was originally copied, but has since divereged. This handles that divergence. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-06-09 10:00:09 +12:00
def setUp(self):
super(TestInvalidQueries, self).setUp()
global server, server_ip, lp, creds, timeout
self.server = server_name
self.server_ip = server_ip
self.lp = lp
self.creds = creds
self.timeout = timeout
s4:dns.py: reproducer for (bug #9184) metze Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Sat Sep 22 06:08:05 CEST 2012 on sn-devel-104
2012-09-21 23:06:13 +02:00
def test_one_a_query(self):
"send 0 bytes follows by create a query packet containing one query record"
s = None
try:
s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM, 0)
CVE-2016-0771: tests/dns: Remove dependencies on env variables Now that it is invoked as a normal script, there should be less of them. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-29 17:28:54 +13:00
s.connect((self.server_ip, 53))
s4:dns.py: reproducer for (bug #9184) metze Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Sat Sep 22 06:08:05 CEST 2012 on sn-devel-104
2012-09-21 23:06:13 +02:00
s.send("", 0)
finally:
if s is not None:
s.close()
p = self.make_name_packet(dns.DNS_OPCODE_QUERY)
questions = []
CVE-2016-0771: tests/dns: Remove dependencies on env variables Now that it is invoked as a normal script, there should be less of them. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-29 17:28:54 +13:00
name = "%s.%s" % (self.server, self.get_dns_domain())
s4:dns.py: reproducer for (bug #9184) metze Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Sat Sep 22 06:08:05 CEST 2012 on sn-devel-104
2012-09-21 23:06:13 +02:00
q = self.make_name_question(name, dns.DNS_QTYPE_A, dns.DNS_QCLASS_IN)
samba python tests: convert print func to be py2/py3 compatible Signed-off-by: Noel Power <noel.power@suse.com> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2018-03-09 13:38:42 +00:00
print("asking for ", q.name)
s4:dns.py: reproducer for (bug #9184) metze Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Sat Sep 22 06:08:05 CEST 2012 on sn-devel-104
2012-09-21 23:06:13 +02:00
questions.append(q)
self.finish_name_packet(p, questions)
selftest: merge DNSTest boilerplate This will help unifying dns.py and dns_tkey.py to use common subclasses The code was originally copied, but has since divereged. This handles that divergence. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-06-09 10:00:09 +12:00
(response, response_packet) = self.dns_transaction_udp(p, host=self.server_ip)
s4:dns.py: reproducer for (bug #9184) metze Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Sat Sep 22 06:08:05 CEST 2012 on sn-devel-104
2012-09-21 23:06:13 +02:00
self.assert_dns_rcode_equals(response, dns.DNS_RCODE_OK)
self.assert_dns_opcode_equals(response, dns.DNS_OPCODE_QUERY)
self.assertEquals(response.ancount, 1)
self.assertEquals(response.answers[0].rdata,
CVE-2016-0771: tests/dns: Remove dependencies on env variables Now that it is invoked as a normal script, there should be less of them. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-29 17:28:54 +13:00
self.server_ip)
s4 dns: Correctly handle A questions for CNAMEs When an A/AAAA lookup is made for a name that actually is a CNAME record, we need to return the CNAME record, and then do the A/AAAA lookup for the name the CNAME points at. This still fails for CNAMEs pointing at records for domains we need to ask our forwarders for. Autobuild-User: Kai Blin <kai@samba.org> Autobuild-Date: Wed Jun 6 15:23:55 CEST 2012 on sn-devel-104
2012-06-01 08:05:54 +02:00
bug #10609: CVE-2014-0239 Don't reply to replies Due to insufficient input checking, the DNS server will reply to a packet that has the "reply" bit set. Over UDP, this allows to send a packet with a spoofed sender address and have two servers DOS each other with circular replies. This patch fixes bug #10609 and adds a test to make sure we don't regress. CVE-2014-2039 has been assigned to this issue. Bug: https://bugzilla.samba.org/show_bug.cgi?id=10609 Signed-off-by: Kai Blin <kai@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Kai Blin <kai@samba.org> Autobuild-Date(master): Tue May 20 04:15:44 CEST 2014 on sn-devel-104
2014-05-13 08:13:29 +02:00
def test_one_a_reply(self):
"send a reply instead of a query"
CVE-2016-0771: tests/dns: FORMERR can simply timeout against Windows Two requests with identical parameters which are poorly formatted, can non-deterministically return FORMERR or simply fail to give a response. Setting the timeout to a number allows Windows to succeed. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-21 15:43:55 +13:00
global timeout
bug #10609: CVE-2014-0239 Don't reply to replies Due to insufficient input checking, the DNS server will reply to a packet that has the "reply" bit set. Over UDP, this allows to send a packet with a spoofed sender address and have two servers DOS each other with circular replies. This patch fixes bug #10609 and adds a test to make sure we don't regress. CVE-2014-2039 has been assigned to this issue. Bug: https://bugzilla.samba.org/show_bug.cgi?id=10609 Signed-off-by: Kai Blin <kai@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Kai Blin <kai@samba.org> Autobuild-Date(master): Tue May 20 04:15:44 CEST 2014 on sn-devel-104
2014-05-13 08:13:29 +02:00
p = self.make_name_packet(dns.DNS_OPCODE_QUERY)
questions = []
name = "%s.%s" % ('fakefakefake', self.get_dns_domain())
q = self.make_name_question(name, dns.DNS_QTYPE_A, dns.DNS_QCLASS_IN)
samba python tests: convert print func to be py2/py3 compatible Signed-off-by: Noel Power <noel.power@suse.com> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2018-03-09 13:38:42 +00:00
print("asking for ", q.name)
bug #10609: CVE-2014-0239 Don't reply to replies Due to insufficient input checking, the DNS server will reply to a packet that has the "reply" bit set. Over UDP, this allows to send a packet with a spoofed sender address and have two servers DOS each other with circular replies. This patch fixes bug #10609 and adds a test to make sure we don't regress. CVE-2014-2039 has been assigned to this issue. Bug: https://bugzilla.samba.org/show_bug.cgi?id=10609 Signed-off-by: Kai Blin <kai@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Kai Blin <kai@samba.org> Autobuild-Date(master): Tue May 20 04:15:44 CEST 2014 on sn-devel-104
2014-05-13 08:13:29 +02:00
questions.append(q)
self.finish_name_packet(p, questions)
p.operation |= dns.DNS_FLAG_REPLY
s = None
try:
send_packet = ndr.ndr_pack(p)
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM, 0)
CVE-2016-0771: tests/dns: FORMERR can simply timeout against Windows Two requests with identical parameters which are poorly formatted, can non-deterministically return FORMERR or simply fail to give a response. Setting the timeout to a number allows Windows to succeed. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-21 15:43:55 +13:00
s.settimeout(timeout)
CVE-2016-0771: tests/dns: Remove dependencies on env variables Now that it is invoked as a normal script, there should be less of them. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-29 17:28:54 +13:00
host=self.server_ip
bug #10609: CVE-2014-0239 Don't reply to replies Due to insufficient input checking, the DNS server will reply to a packet that has the "reply" bit set. Over UDP, this allows to send a packet with a spoofed sender address and have two servers DOS each other with circular replies. This patch fixes bug #10609 and adds a test to make sure we don't regress. CVE-2014-2039 has been assigned to this issue. Bug: https://bugzilla.samba.org/show_bug.cgi?id=10609 Signed-off-by: Kai Blin <kai@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Kai Blin <kai@samba.org> Autobuild-Date(master): Tue May 20 04:15:44 CEST 2014 on sn-devel-104
2014-05-13 08:13:29 +02:00
s.connect((host, 53))
tcp_packet = struct.pack('!H', len(send_packet))
tcp_packet += send_packet
s.send(tcp_packet, 0)
recv_packet = s.recv(0xffff + 2, 0)
self.assertEquals(0, len(recv_packet))
CVE-2016-0771: tests/dns: FORMERR can simply timeout against Windows Two requests with identical parameters which are poorly formatted, can non-deterministically return FORMERR or simply fail to give a response. Setting the timeout to a number allows Windows to succeed. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-21 15:43:55 +13:00
except socket.timeout:
# Windows chooses not to respond to incorrectly formatted queries.
# Although this appears to be non-deterministic even for the same
# request twice, it also appears to be based on a how poorly the
# request is formatted.
pass
bug #10609: CVE-2014-0239 Don't reply to replies Due to insufficient input checking, the DNS server will reply to a packet that has the "reply" bit set. Over UDP, this allows to send a packet with a spoofed sender address and have two servers DOS each other with circular replies. This patch fixes bug #10609 and adds a test to make sure we don't regress. CVE-2014-2039 has been assigned to this issue. Bug: https://bugzilla.samba.org/show_bug.cgi?id=10609 Signed-off-by: Kai Blin <kai@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Kai Blin <kai@samba.org> Autobuild-Date(master): Tue May 20 04:15:44 CEST 2014 on sn-devel-104
2014-05-13 08:13:29 +02:00
finally:
if s is not None:
s.close()
dns.py: Test dns server reload zones from DSDB when are created or deleted Signed-off-by: Samuel Cabrero <samuelcabrero@kernevil.me> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2014-12-16 18:04:13 +01:00
class TestZones(DNSTest):
def setUp(self):
super(TestZones, self).setUp()
selftest: merge DNSTest boilerplate This will help unifying dns.py and dns_tkey.py to use common subclasses The code was originally copied, but has since divereged. This handles that divergence. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-06-09 10:00:09 +12:00
global server, server_ip, lp, creds, timeout
self.server = server_name
self.server_ip = server_ip
self.lp = lp
self.creds = creds
self.timeout = timeout
dns.py: Test dns server reload zones from DSDB when are created or deleted Signed-off-by: Samuel Cabrero <samuelcabrero@kernevil.me> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2014-12-16 18:04:13 +01:00
self.zone = "test.lan"
dns: record aging tests First basic DNS record aging tests. These check that we can turn aging on and off, and that timestamps are written on DNS add and update calls, but not RPC calls. BUG: https://bugzilla.samba.org/show_bug.cgi?id=10812 Signed-off-by: Aaron Haslett <aaronhaslett@catalyst.net.nz> Reviewed-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-05-09 18:02:28 +12:00
self.rpc_conn = dnsserver.dnsserver("ncacn_ip_tcp:%s[sign]" %\
(self.server_ip),
dns.py: Test dns server reload zones from DSDB when are created or deleted Signed-off-by: Samuel Cabrero <samuelcabrero@kernevil.me> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2014-12-16 18:04:13 +01:00
self.lp, self.creds)
dns: record aging tests First basic DNS record aging tests. These check that we can turn aging on and off, and that timestamps are written on DNS add and update calls, but not RPC calls. BUG: https://bugzilla.samba.org/show_bug.cgi?id=10812 Signed-off-by: Aaron Haslett <aaronhaslett@catalyst.net.nz> Reviewed-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-05-09 18:02:28 +12:00
self.samdb = SamDB(url="ldap://" + self.server_ip,
lp = self.get_loadparm(),
session_info=system_session(),
credentials=self.creds)
self.zone_dn = "DC=" + self.zone +\
",CN=MicrosoftDNS,DC=DomainDNSZones," +\
str(self.samdb.get_default_basedn())
dns.py: Always remove the test zone in tearDown() Change-Id: Ic6d6c51579f8859b4e396179123974382c253bf7 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Pair-programmed-with: Garming Sam <garming@catalyst.net.nz> Signed-off-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Garming Sam <garming@samba.org> Autobuild-Date(master): Mon Dec 22 08:21:22 CET 2014 on sn-devel-104
2014-12-19 15:14:22 +13:00
def tearDown(self):
super(TestZones, self).tearDown()
dns: record aging tests First basic DNS record aging tests. These check that we can turn aging on and off, and that timestamps are written on DNS add and update calls, but not RPC calls. BUG: https://bugzilla.samba.org/show_bug.cgi?id=10812 Signed-off-by: Aaron Haslett <aaronhaslett@catalyst.net.nz> Reviewed-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-05-09 18:02:28 +12:00
dns.py: Always remove the test zone in tearDown() Change-Id: Ic6d6c51579f8859b4e396179123974382c253bf7 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Pair-programmed-with: Garming Sam <garming@catalyst.net.nz> Signed-off-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Garming Sam <garming@samba.org> Autobuild-Date(master): Mon Dec 22 08:21:22 CET 2014 on sn-devel-104
2014-12-19 15:14:22 +13:00
try:
self.delete_zone(self.zone)
samba python tests: convert 'except X, (tuple)' to 'except X as e' In addition to converting the except line another line is also added for each except to extract the tuple contents. Signed-off-by: Noel Power <noel.power@suse.com> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-02-23 14:32:17 +00:00
except RuntimeError as e:
(num, string) = e.args
python: Use generated WERROR definitions Previously we either defined WERRORs locally or compared them against strings where we needed to use them. Signed-off-by: Bob Campbell <bobcampbell@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-02-13 11:12:54 +13:00
if num != werror.WERR_DNS_ERROR_ZONE_DOES_NOT_EXIST:
dns.py: Always remove the test zone in tearDown() Change-Id: Ic6d6c51579f8859b4e396179123974382c253bf7 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Pair-programmed-with: Garming Sam <garming@catalyst.net.nz> Signed-off-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Garming Sam <garming@samba.org> Autobuild-Date(master): Mon Dec 22 08:21:22 CET 2014 on sn-devel-104
2014-12-19 15:14:22 +13:00
raise
dns: record aging tests First basic DNS record aging tests. These check that we can turn aging on and off, and that timestamps are written on DNS add and update calls, but not RPC calls. BUG: https://bugzilla.samba.org/show_bug.cgi?id=10812 Signed-off-by: Aaron Haslett <aaronhaslett@catalyst.net.nz> Reviewed-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-05-09 18:02:28 +12:00
def create_zone(self, zone, aging_enabled=False):
dns.py: Test dns server reload zones from DSDB when are created or deleted Signed-off-by: Samuel Cabrero <samuelcabrero@kernevil.me> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2014-12-16 18:04:13 +01:00
zone_create = dnsserver.DNS_RPC_ZONE_CREATE_INFO_LONGHORN()
zone_create.pszZoneName = zone
zone_create.dwZoneType = dnsp.DNS_ZONE_TYPE_PRIMARY
dns: record aging tests First basic DNS record aging tests. These check that we can turn aging on and off, and that timestamps are written on DNS add and update calls, but not RPC calls. BUG: https://bugzilla.samba.org/show_bug.cgi?id=10812 Signed-off-by: Aaron Haslett <aaronhaslett@catalyst.net.nz> Reviewed-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-05-09 18:02:28 +12:00
zone_create.fAging = int(aging_enabled)
dns.py: Test dns server reload zones from DSDB when are created or deleted Signed-off-by: Samuel Cabrero <samuelcabrero@kernevil.me> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2014-12-16 18:04:13 +01:00
zone_create.dwDpFlags = dnsserver.DNS_DP_DOMAIN_DEFAULT
dns: record aging tests First basic DNS record aging tests. These check that we can turn aging on and off, and that timestamps are written on DNS add and update calls, but not RPC calls. BUG: https://bugzilla.samba.org/show_bug.cgi?id=10812 Signed-off-by: Aaron Haslett <aaronhaslett@catalyst.net.nz> Reviewed-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-05-09 18:02:28 +12:00
zone_create.fDsIntegrated = 1
zone_create.fLoadExisting = 1
zone_create.fAllowUpdate = dnsp.DNS_ZONE_UPDATE_UNSECURE
selftest: run dns tests in multiple envs This will let us check the negative behaviour: that updates against RODCs fail and un-authenticated updates fail. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-06-08 16:20:42 +12:00
try:
dns: record aging tests First basic DNS record aging tests. These check that we can turn aging on and off, and that timestamps are written on DNS add and update calls, but not RPC calls. BUG: https://bugzilla.samba.org/show_bug.cgi?id=10812 Signed-off-by: Aaron Haslett <aaronhaslett@catalyst.net.nz> Reviewed-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-05-09 18:02:28 +12:00
client_version = dnsserver.DNS_CLIENT_VERSION_LONGHORN
self.rpc_conn.DnssrvOperation2(client_version,
selftest: run dns tests in multiple envs This will let us check the negative behaviour: that updates against RODCs fail and un-authenticated updates fail. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-06-08 16:20:42 +12:00
0,
self.server_ip,
None,
0,
'ZoneCreate',
dnsserver.DNSSRV_TYPEID_ZONE_CREATE,
zone_create)
except WERRORError as e:
self.fail(str(e))
dns.py: Test dns server reload zones from DSDB when are created or deleted Signed-off-by: Samuel Cabrero <samuelcabrero@kernevil.me> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2014-12-16 18:04:13 +01:00
dns: record aging tests First basic DNS record aging tests. These check that we can turn aging on and off, and that timestamps are written on DNS add and update calls, but not RPC calls. BUG: https://bugzilla.samba.org/show_bug.cgi?id=10812 Signed-off-by: Aaron Haslett <aaronhaslett@catalyst.net.nz> Reviewed-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-05-09 18:02:28 +12:00
def set_params(self, **kwargs):
zone = kwargs.pop('zone', None)
for key,val in kwargs.items():
name_param = dnsserver.DNS_RPC_NAME_AND_PARAM()
name_param.dwParam = val
name_param.pszNodeName = key
client_version = dnsserver.DNS_CLIENT_VERSION_LONGHORN
nap_type = dnsserver.DNSSRV_TYPEID_NAME_AND_PARAM
try:
self.rpc_conn.DnssrvOperation2(client_version, 0, self.server, zone,
0, 'ResetDwordProperty', nap_type,
name_param)
except WERRORError as e:
self.fail(str(e))
def ldap_modify_dnsrecs(self, name, func):
dn = 'DC={},{}'.format(name, self.zone_dn)
dns_recs = self.ldap_get_dns_records(name)
for rec in dns_recs:
func(rec)
update_dict = {'dn':dn, 'dnsRecord':[ndr_pack(r) for r in dns_recs]}
self.samdb.modify(ldb.Message.from_dict(self.samdb,
update_dict,
ldb.FLAG_MOD_REPLACE))
def dns_update_record(self, prefix, txt):
p = self.make_txt_update(prefix, txt, self.zone)
(code, response) = self.dns_transaction_udp(p, host=self.server_ip)
self.assert_dns_rcode_equals(code, dns.DNS_RCODE_OK)
recs = self.ldap_get_dns_records(prefix)
recs = [r for r in recs if r.data.str == txt]
self.assertEqual(len(recs), 1)
return recs[0]
def ldap_get_records(self, name):
dn = 'DC={},{}'.format(name, self.zone_dn)
expr = "(&(objectClass=dnsNode)(name={}))".format(name)
return self.samdb.search(base=dn, scope=ldb.SCOPE_SUBTREE,
expression=expr, attrs=["*"])
def ldap_get_dns_records(self, name):
records = self.ldap_get_records(name)
return [ndr_unpack(dnsp.DnssrvRpcRecord, r)
for r in records[0].get('dnsRecord')]
def ldap_get_zone_settings(self):
records = self.samdb.search(base=self.zone_dn, scope=ldb.SCOPE_BASE,
expression="(&(objectClass=dnsZone)"+\
"(name={}))".format(self.zone),
attrs=["dNSProperty"])
self.assertEqual(len(records), 1)
props = [ndr_unpack(dnsp.DnsProperty, r)
for r in records[0].get('dNSProperty')]
#We have no choice but to repeat these here.
zone_prop_ids = {0x00: "EMPTY",
0x01: "TYPE",
0x02: "ALLOW_UPDATE",
0x08: "SECURE_TIME",
0x10: "NOREFRESH_INTERVAL",
0x11: "SCAVENGING_SERVERS",
0x12: "AGING_ENABLED_TIME",
0x20: "REFRESH_INTERVAL",
0x40: "AGING_STATE",
0x80: "DELETED_FROM_HOSTNAME",
0x81: "MASTER_SERVERS",
0x82: "AUTO_NS_SERVERS",
0x83: "DCPROMO_CONVERT",
0x90: "SCAVENGING_SERVERS_DA",
0x91: "MASTER_SERVERS_DA",
0x92: "NS_SERVERS_DA",
0x100: "NODE_DBFLAGS"}
return {zone_prop_ids[p.id].lower(): p.data for p in props}
def set_aging(self, enable=False):
self.create_zone(self.zone, aging_enabled=enable)
self.set_params(NoRefreshInterval=1, RefreshInterval=1,
Aging=int(bool(enable)), zone=self.zone,
AllowUpdate = dnsp.DNS_ZONE_UPDATE_UNSECURE)
def test_set_aging(self, enable=True, name='agingtest', txt=['test txt']):
self.set_aging(enable=True)
settings = self.ldap_get_zone_settings()
self.assertTrue(settings['aging_state'] is not None)
self.assertTrue(settings['aging_state'])
rec = self.dns_update_record('agingtest', ['test txt'])
self.assertNotEqual(rec.dwTimeStamp, 0)
def test_set_aging_disabled(self):
self.set_aging(enable=False)
settings = self.ldap_get_zone_settings()
self.assertTrue(settings['aging_state'] is not None)
self.assertFalse(settings['aging_state'])
rec = self.dns_update_record('agingtest', ['test txt'])
self.assertNotEqual(rec.dwTimeStamp, 0)
def test_aging_update(self, enable=True):
name, txt = 'agingtest', ['test txt']
self.set_aging(enable=True)
before_mod = self.dns_update_record(name, txt)
if not enable:
self.set_params(zone=self.zone, Aging=0)
dec = 2
def mod_ts(rec):
rpc dns: reset dword aging related zone properties This allows a user to set zone properties relevant to DNS record aging over RPC. BUG: https://bugzilla.samba.org/show_bug.cgi?id=10812 Signed-off-by: Aaron Haslett <aaronhaslett@catalyst.net.nz> Reviewed-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-07-03 15:34:32 +12:00
self.assertTrue(rec.dwTimeStamp > 0)
dns: record aging tests First basic DNS record aging tests. These check that we can turn aging on and off, and that timestamps are written on DNS add and update calls, but not RPC calls. BUG: https://bugzilla.samba.org/show_bug.cgi?id=10812 Signed-off-by: Aaron Haslett <aaronhaslett@catalyst.net.nz> Reviewed-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-05-09 18:02:28 +12:00
rec.dwTimeStamp -= dec
self.ldap_modify_dnsrecs(name, mod_ts)
after_mod = self.ldap_get_dns_records(name)
self.assertEqual(len(after_mod), 1)
after_mod = after_mod[0]
self.assertEqual(after_mod.dwTimeStamp,
before_mod.dwTimeStamp - dec)
after_update = self.dns_update_record(name, txt)
after_should_equal = before_mod if enable else after_mod
self.assertEqual(after_should_equal.dwTimeStamp,
after_update.dwTimeStamp)
def test_aging_update_disabled(self):
self.test_aging_update(enable=False)
def test_aging_refresh(self):
name,txt = 'agingtest', ['test txt']
self.create_zone(self.zone, aging_enabled=True)
interval = 10
self.set_params(NoRefreshInterval=interval, RefreshInterval=interval,
Aging=1, zone=self.zone,
AllowUpdate = dnsp.DNS_ZONE_UPDATE_UNSECURE)
before_mod = self.dns_update_record(name, txt)
def mod_ts(rec):
rpc dns: reset dword aging related zone properties This allows a user to set zone properties relevant to DNS record aging over RPC. BUG: https://bugzilla.samba.org/show_bug.cgi?id=10812 Signed-off-by: Aaron Haslett <aaronhaslett@catalyst.net.nz> Reviewed-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-07-03 15:34:32 +12:00
self.assertTrue(rec.dwTimeStamp > 0)
dns: record aging tests First basic DNS record aging tests. These check that we can turn aging on and off, and that timestamps are written on DNS add and update calls, but not RPC calls. BUG: https://bugzilla.samba.org/show_bug.cgi?id=10812 Signed-off-by: Aaron Haslett <aaronhaslett@catalyst.net.nz> Reviewed-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-05-09 18:02:28 +12:00
rec.dwTimeStamp -= interval/2
self.ldap_modify_dnsrecs(name, mod_ts)
update_during_norefresh = self.dns_update_record(name, txt)
def mod_ts(rec):
rpc dns: reset dword aging related zone properties This allows a user to set zone properties relevant to DNS record aging over RPC. BUG: https://bugzilla.samba.org/show_bug.cgi?id=10812 Signed-off-by: Aaron Haslett <aaronhaslett@catalyst.net.nz> Reviewed-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-07-03 15:34:32 +12:00
self.assertTrue(rec.dwTimeStamp > 0)
dns: record aging tests First basic DNS record aging tests. These check that we can turn aging on and off, and that timestamps are written on DNS add and update calls, but not RPC calls. BUG: https://bugzilla.samba.org/show_bug.cgi?id=10812 Signed-off-by: Aaron Haslett <aaronhaslett@catalyst.net.nz> Reviewed-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-05-09 18:02:28 +12:00
rec.dwTimeStamp -= interval + interval/2
self.ldap_modify_dnsrecs(name, mod_ts)
update_during_refresh = self.dns_update_record(name, txt)
self.assertEqual(update_during_norefresh.dwTimeStamp,
before_mod.dwTimeStamp - interval/2)
self.assertEqual(update_during_refresh.dwTimeStamp,
before_mod.dwTimeStamp)
def test_rpc_add_no_timestamp(self):
name,txt = 'agingtest', ['test txt']
self.set_aging(enable=True)
rec_buf = dnsserver.DNS_RPC_RECORD_BUF()
rec_buf.rec = TXTRecord(txt)
self.rpc_conn.DnssrvUpdateRecord2(dnsserver.DNS_CLIENT_VERSION_LONGHORN,
0, self.server_ip,
self.zone, name, rec_buf, None)
recs = self.ldap_get_dns_records(name)
self.assertEqual(len(recs), 1)
self.assertEqual(recs[0].dwTimeStamp, 0)
def test_basic_scavenging(self):
self.create_zone(self.zone, aging_enabled=True)
interval = 1
self.set_params(NoRefreshInterval=interval, RefreshInterval=interval,
zone=self.zone, Aging=1,
AllowUpdate = dnsp.DNS_ZONE_UPDATE_UNSECURE)
name, txt = 'agingtest', ['test txt']
rec = self.dns_update_record(name,txt)
rec = self.dns_update_record(name+'2',txt)
def mod_ts(rec):
rpc dns: reset dword aging related zone properties This allows a user to set zone properties relevant to DNS record aging over RPC. BUG: https://bugzilla.samba.org/show_bug.cgi?id=10812 Signed-off-by: Aaron Haslett <aaronhaslett@catalyst.net.nz> Reviewed-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-07-03 15:34:32 +12:00
self.assertTrue(rec.dwTimeStamp > 0)
dns: record aging tests First basic DNS record aging tests. These check that we can turn aging on and off, and that timestamps are written on DNS add and update calls, but not RPC calls. BUG: https://bugzilla.samba.org/show_bug.cgi?id=10812 Signed-off-by: Aaron Haslett <aaronhaslett@catalyst.net.nz> Reviewed-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-05-09 18:02:28 +12:00
rec.dwTimeStamp -= interval*5
self.ldap_modify_dnsrecs(name, mod_ts)
dns: server side implementation of record aging Code for retrieving aging properties from a zone and using them for timestamp setting logic during processing of DNS requests. BUG: https://bugzilla.samba.org/show_bug.cgi?id=10812 Signed-off-by: Aaron Haslett <aaronhaslett@catalyst.net.nz> Reviewed-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-07-02 13:43:33 +12:00
self.assertTrue(callable(getattr(dsdb, '_scavenge_dns_records', None)))
dns: record aging tests First basic DNS record aging tests. These check that we can turn aging on and off, and that timestamps are written on DNS add and update calls, but not RPC calls. BUG: https://bugzilla.samba.org/show_bug.cgi?id=10812 Signed-off-by: Aaron Haslett <aaronhaslett@catalyst.net.nz> Reviewed-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-05-09 18:02:28 +12:00
dsdb._scavenge_dns_records(self.samdb)
recs = self.ldap_get_dns_records(name)
self.assertEqual(len(recs), 1)
self.assertEqual(recs[0].wType, dnsp.DNS_TYPE_TOMBSTONE)
recs = self.ldap_get_dns_records(name+'2')
self.assertEqual(len(recs), 1)
self.assertEqual(recs[0].wType, dnsp.DNS_TYPE_TXT)
dns.py: Test dns server reload zones from DSDB when are created or deleted Signed-off-by: Samuel Cabrero <samuelcabrero@kernevil.me> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2014-12-16 18:04:13 +01:00
def delete_zone(self, zone):
self.rpc_conn.DnssrvOperation2(dnsserver.DNS_CLIENT_VERSION_LONGHORN,
0,
CVE-2016-0771: tests/dns: RPC => DNS roundtrip test Make sure that TXT entries stored via RPC come out the same in DNS. This has one caveat in that adding over RPC in Windows eats slashes, and so fails there. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-28 12:54:58 +13:00
self.server_ip,
dns.py: Test dns server reload zones from DSDB when are created or deleted Signed-off-by: Samuel Cabrero <samuelcabrero@kernevil.me> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2014-12-16 18:04:13 +01:00
zone,
0,
'DeleteZoneFromDs',
dnsserver.DNSSRV_TYPEID_NULL,
None)
def test_soa_query(self):
zone = "test.lan"
p = self.make_name_packet(dns.DNS_OPCODE_QUERY)
questions = []
q = self.make_name_question(zone, dns.DNS_QTYPE_SOA, dns.DNS_QCLASS_IN)
questions.append(q)
self.finish_name_packet(p, questions)
selftest: merge DNSTest boilerplate This will help unifying dns.py and dns_tkey.py to use common subclasses The code was originally copied, but has since divereged. This handles that divergence. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-06-09 10:00:09 +12:00
(response, response_packet) = self.dns_transaction_udp(p, host=server_ip)
CVE-2016-0771: tests/dns: Add a comment regarding odd Windows behaviour BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-21 17:08:18 +13:00
# Windows returns OK while BIND logically seems to return NXDOMAIN
dns.py: Test dns server reload zones from DSDB when are created or deleted Signed-off-by: Samuel Cabrero <samuelcabrero@kernevil.me> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2014-12-16 18:04:13 +01:00
self.assert_dns_rcode_equals(response, dns.DNS_RCODE_NXDOMAIN)
self.assert_dns_opcode_equals(response, dns.DNS_OPCODE_QUERY)
self.assertEquals(response.ancount, 0)
self.create_zone(zone)
selftest: merge DNSTest boilerplate This will help unifying dns.py and dns_tkey.py to use common subclasses The code was originally copied, but has since divereged. This handles that divergence. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-06-09 10:00:09 +12:00
(response, response_packet) = self.dns_transaction_udp(p, host=server_ip)
dns.py: Test dns server reload zones from DSDB when are created or deleted Signed-off-by: Samuel Cabrero <samuelcabrero@kernevil.me> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2014-12-16 18:04:13 +01:00
self.assert_dns_rcode_equals(response, dns.DNS_RCODE_OK)
self.assert_dns_opcode_equals(response, dns.DNS_OPCODE_QUERY)
self.assertEquals(response.ancount, 1)
self.assertEquals(response.answers[0].rr_type, dns.DNS_QTYPE_SOA)
self.delete_zone(zone)
selftest: merge DNSTest boilerplate This will help unifying dns.py and dns_tkey.py to use common subclasses The code was originally copied, but has since divereged. This handles that divergence. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-06-09 10:00:09 +12:00
(response, response_packet) = self.dns_transaction_udp(p, host=server_ip)
dns.py: Test dns server reload zones from DSDB when are created or deleted Signed-off-by: Samuel Cabrero <samuelcabrero@kernevil.me> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2014-12-16 18:04:13 +01:00
self.assert_dns_rcode_equals(response, dns.DNS_RCODE_NXDOMAIN)
self.assert_dns_opcode_equals(response, dns.DNS_OPCODE_QUERY)
self.assertEquals(response.ancount, 0)
CVE-2016-0771: tests/dns: modify tests to check via RPC This checks that TXT records added over DNS, look the same over RPC. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-27 17:41:44 +13:00
class TestRPCRoundtrip(DNSTest):
def setUp(self):
super(TestRPCRoundtrip, self).setUp()
selftest: merge DNSTest boilerplate This will help unifying dns.py and dns_tkey.py to use common subclasses The code was originally copied, but has since divereged. This handles that divergence. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-06-09 10:00:09 +12:00
global server, server_ip, lp, creds
self.server = server_name
self.server_ip = server_ip
self.lp = lp
self.creds = creds
CVE-2016-0771: tests/dns: RPC => DNS roundtrip test Make sure that TXT entries stored via RPC come out the same in DNS. This has one caveat in that adding over RPC in Windows eats slashes, and so fails there. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-28 12:54:58 +13:00
self.rpc_conn = dnsserver.dnsserver("ncacn_ip_tcp:%s[sign]" % (self.server_ip),
CVE-2016-0771: tests/dns: modify tests to check via RPC This checks that TXT records added over DNS, look the same over RPC. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-27 17:41:44 +13:00
self.lp, self.creds)
def tearDown(self):
super(TestRPCRoundtrip, self).tearDown()
CVE-2016-0771: tests/dns: RPC => DNS roundtrip test Make sure that TXT entries stored via RPC come out the same in DNS. This has one caveat in that adding over RPC in Windows eats slashes, and so fails there. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-28 12:54:58 +13:00
def test_update_add_txt_rpc_to_dns(self):
prefix, txt = 'rpctextrec', ['"This is a test"']
name = "%s.%s" % (prefix, self.get_dns_domain())
rec = data_to_dns_record(dnsp.DNS_TYPE_TXT, '"\\"This is a test\\""')
add_rec_buf = dnsserver.DNS_RPC_RECORD_BUF()
add_rec_buf.rec = rec
try:
self.rpc_conn.DnssrvUpdateRecord2(dnsserver.DNS_CLIENT_VERSION_LONGHORN,
0, self.server_ip, self.get_dns_domain(),
name, add_rec_buf, None)
selftest: run dns tests in multiple envs This will let us check the negative behaviour: that updates against RODCs fail and un-authenticated updates fail. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-06-08 16:20:42 +12:00
except WERRORError as e:
self.fail(str(e))
CVE-2016-0771: tests/dns: RPC => DNS roundtrip test Make sure that TXT entries stored via RPC come out the same in DNS. This has one caveat in that adding over RPC in Windows eats slashes, and so fails there. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-28 12:54:58 +13:00
selftest: run dns tests in multiple envs This will let us check the negative behaviour: that updates against RODCs fail and un-authenticated updates fail. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-06-08 16:20:42 +12:00
try:
CVE-2016-0771: tests/dns: RPC => DNS roundtrip test Make sure that TXT entries stored via RPC come out the same in DNS. This has one caveat in that adding over RPC in Windows eats slashes, and so fails there. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-28 12:54:58 +13:00
self.check_query_txt(prefix, txt)
finally:
self.rpc_conn.DnssrvUpdateRecord2(dnsserver.DNS_CLIENT_VERSION_LONGHORN,
0, self.server_ip, self.get_dns_domain(),
name, None, add_rec_buf)
CVE-2016-0771: tests/dns: modify tests to check via RPC This checks that TXT records added over DNS, look the same over RPC. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-27 17:41:44 +13:00
def test_update_add_null_padded_txt_record(self):
"test adding records works"
prefix, txt = 'pad1textrec', ['"This is a test"', '', '']
p = self.make_txt_update(prefix, txt)
selftest: merge DNSTest boilerplate This will help unifying dns.py and dns_tkey.py to use common subclasses The code was originally copied, but has since divereged. This handles that divergence. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-06-09 10:00:09 +12:00
(response, response_packet) = self.dns_transaction_udp(p, host=server_ip)
CVE-2016-0771: tests/dns: modify tests to check via RPC This checks that TXT records added over DNS, look the same over RPC. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-27 17:41:44 +13:00
self.assert_dns_rcode_equals(response, dns.DNS_RCODE_OK)
self.check_query_txt(prefix, txt)
CVE-2016-0771: tests/dns: RPC => DNS roundtrip test Make sure that TXT entries stored via RPC come out the same in DNS. This has one caveat in that adding over RPC in Windows eats slashes, and so fails there. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-28 12:54:58 +13:00
self.assertIsNotNone(dns_record_match(self.rpc_conn, self.server_ip,
CVE-2016-0771: tests/dns: modify tests to check via RPC This checks that TXT records added over DNS, look the same over RPC. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-27 17:41:44 +13:00
self.get_dns_domain(),
"%s.%s" % (prefix, self.get_dns_domain()),
dnsp.DNS_TYPE_TXT, '"\\"This is a test\\"" "" ""'))
dns.py: Test dns server reload zones from DSDB when are created or deleted Signed-off-by: Samuel Cabrero <samuelcabrero@kernevil.me> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2014-12-16 18:04:13 +01:00
CVE-2016-0771: tests/dns: modify tests to check via RPC This checks that TXT records added over DNS, look the same over RPC. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-27 17:41:44 +13:00
prefix, txt = 'pad2textrec', ['"This is a test"', '', '', 'more text']
p = self.make_txt_update(prefix, txt)
selftest: merge DNSTest boilerplate This will help unifying dns.py and dns_tkey.py to use common subclasses The code was originally copied, but has since divereged. This handles that divergence. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-06-09 10:00:09 +12:00
(response, response_packet) = self.dns_transaction_udp(p, host=server_ip)
CVE-2016-0771: tests/dns: modify tests to check via RPC This checks that TXT records added over DNS, look the same over RPC. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-27 17:41:44 +13:00
self.assert_dns_rcode_equals(response, dns.DNS_RCODE_OK)
self.check_query_txt(prefix, txt)
CVE-2016-0771: tests/dns: RPC => DNS roundtrip test Make sure that TXT entries stored via RPC come out the same in DNS. This has one caveat in that adding over RPC in Windows eats slashes, and so fails there. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-28 12:54:58 +13:00
self.assertIsNotNone(dns_record_match(self.rpc_conn, self.server_ip,
CVE-2016-0771: tests/dns: modify tests to check via RPC This checks that TXT records added over DNS, look the same over RPC. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-27 17:41:44 +13:00
self.get_dns_domain(),
"%s.%s" % (prefix, self.get_dns_domain()),
dnsp.DNS_TYPE_TXT, '"\\"This is a test\\"" "" "" "more text"'))
prefix, txt = 'pad3textrec', ['', '', '"This is a test"']
p = self.make_txt_update(prefix, txt)
selftest: merge DNSTest boilerplate This will help unifying dns.py and dns_tkey.py to use common subclasses The code was originally copied, but has since divereged. This handles that divergence. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-06-09 10:00:09 +12:00
(response, response_packet) = self.dns_transaction_udp(p, host=server_ip)
CVE-2016-0771: tests/dns: modify tests to check via RPC This checks that TXT records added over DNS, look the same over RPC. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-27 17:41:44 +13:00
self.assert_dns_rcode_equals(response, dns.DNS_RCODE_OK)
self.check_query_txt(prefix, txt)
CVE-2016-0771: tests/dns: RPC => DNS roundtrip test Make sure that TXT entries stored via RPC come out the same in DNS. This has one caveat in that adding over RPC in Windows eats slashes, and so fails there. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-28 12:54:58 +13:00
self.assertIsNotNone(dns_record_match(self.rpc_conn, self.server_ip,
CVE-2016-0771: tests/dns: modify tests to check via RPC This checks that TXT records added over DNS, look the same over RPC. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-27 17:41:44 +13:00
self.get_dns_domain(),
"%s.%s" % (prefix, self.get_dns_domain()),
dnsp.DNS_TYPE_TXT, '"" "" "\\"This is a test\\""'))
CVE-2016-0771: tests/dns: RPC => DNS roundtrip test Make sure that TXT entries stored via RPC come out the same in DNS. This has one caveat in that adding over RPC in Windows eats slashes, and so fails there. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-28 12:54:58 +13:00
def test_update_add_padding_rpc_to_dns(self):
prefix, txt = 'pad1textrec', ['"This is a test"', '', '']
prefix = 'rpc' + prefix
name = "%s.%s" % (prefix, self.get_dns_domain())
rec = data_to_dns_record(dnsp.DNS_TYPE_TXT, '"\\"This is a test\\"" "" ""')
add_rec_buf = dnsserver.DNS_RPC_RECORD_BUF()
add_rec_buf.rec = rec
try:
self.rpc_conn.DnssrvUpdateRecord2(dnsserver.DNS_CLIENT_VERSION_LONGHORN,
0, self.server_ip, self.get_dns_domain(),
name, add_rec_buf, None)
selftest: run dns tests in multiple envs This will let us check the negative behaviour: that updates against RODCs fail and un-authenticated updates fail. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-06-08 16:20:42 +12:00
except WERRORError as e:
self.fail(str(e))
try:
CVE-2016-0771: tests/dns: RPC => DNS roundtrip test Make sure that TXT entries stored via RPC come out the same in DNS. This has one caveat in that adding over RPC in Windows eats slashes, and so fails there. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-28 12:54:58 +13:00
self.check_query_txt(prefix, txt)
finally:
self.rpc_conn.DnssrvUpdateRecord2(dnsserver.DNS_CLIENT_VERSION_LONGHORN,
0, self.server_ip, self.get_dns_domain(),
name, None, add_rec_buf)
prefix, txt = 'pad2textrec', ['"This is a test"', '', '', 'more text']
prefix = 'rpc' + prefix
name = "%s.%s" % (prefix, self.get_dns_domain())
rec = data_to_dns_record(dnsp.DNS_TYPE_TXT, '"\\"This is a test\\"" "" "" "more text"')
add_rec_buf = dnsserver.DNS_RPC_RECORD_BUF()
add_rec_buf.rec = rec
try:
self.rpc_conn.DnssrvUpdateRecord2(dnsserver.DNS_CLIENT_VERSION_LONGHORN,
0, self.server_ip, self.get_dns_domain(),
name, add_rec_buf, None)
selftest: run dns tests in multiple envs This will let us check the negative behaviour: that updates against RODCs fail and un-authenticated updates fail. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-06-08 16:20:42 +12:00
except WERRORError as e:
self.fail(str(e))
try:
CVE-2016-0771: tests/dns: RPC => DNS roundtrip test Make sure that TXT entries stored via RPC come out the same in DNS. This has one caveat in that adding over RPC in Windows eats slashes, and so fails there. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-28 12:54:58 +13:00
self.check_query_txt(prefix, txt)
finally:
self.rpc_conn.DnssrvUpdateRecord2(dnsserver.DNS_CLIENT_VERSION_LONGHORN,
0, self.server_ip, self.get_dns_domain(),
name, None, add_rec_buf)
prefix, txt = 'pad3textrec', ['', '', '"This is a test"']
prefix = 'rpc' + prefix
name = "%s.%s" % (prefix, self.get_dns_domain())
rec = data_to_dns_record(dnsp.DNS_TYPE_TXT, '"" "" "\\"This is a test\\""')
add_rec_buf = dnsserver.DNS_RPC_RECORD_BUF()
add_rec_buf.rec = rec
try:
self.rpc_conn.DnssrvUpdateRecord2(dnsserver.DNS_CLIENT_VERSION_LONGHORN,
0, self.server_ip, self.get_dns_domain(),
name, add_rec_buf, None)
selftest: run dns tests in multiple envs This will let us check the negative behaviour: that updates against RODCs fail and un-authenticated updates fail. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-06-08 16:20:42 +12:00
except WERRORError as e:
self.fail(str(e))
CVE-2016-0771: tests/dns: RPC => DNS roundtrip test Make sure that TXT entries stored via RPC come out the same in DNS. This has one caveat in that adding over RPC in Windows eats slashes, and so fails there. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-28 12:54:58 +13:00
selftest: run dns tests in multiple envs This will let us check the negative behaviour: that updates against RODCs fail and un-authenticated updates fail. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-06-08 16:20:42 +12:00
try:
CVE-2016-0771: tests/dns: RPC => DNS roundtrip test Make sure that TXT entries stored via RPC come out the same in DNS. This has one caveat in that adding over RPC in Windows eats slashes, and so fails there. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-28 12:54:58 +13:00
self.check_query_txt(prefix, txt)
finally:
self.rpc_conn.DnssrvUpdateRecord2(dnsserver.DNS_CLIENT_VERSION_LONGHORN,
0, self.server_ip, self.get_dns_domain(),
name, None, add_rec_buf)
CVE-2016-0771: tests/dns: modify tests to check via RPC This checks that TXT records added over DNS, look the same over RPC. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-27 17:41:44 +13:00
# Test is incomplete due to strlen against txt records
def test_update_add_null_char_txt_record(self):
"test adding records works"
prefix, txt = 'nulltextrec', ['NULL\x00BYTE']
p = self.make_txt_update(prefix, txt)
selftest: merge DNSTest boilerplate This will help unifying dns.py and dns_tkey.py to use common subclasses The code was originally copied, but has since divereged. This handles that divergence. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-06-09 10:00:09 +12:00
(response, response_packet) = self.dns_transaction_udp(p, host=server_ip)
CVE-2016-0771: tests/dns: modify tests to check via RPC This checks that TXT records added over DNS, look the same over RPC. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-27 17:41:44 +13:00
self.assert_dns_rcode_equals(response, dns.DNS_RCODE_OK)
self.check_query_txt(prefix, ['NULL'])
CVE-2016-0771: tests/dns: RPC => DNS roundtrip test Make sure that TXT entries stored via RPC come out the same in DNS. This has one caveat in that adding over RPC in Windows eats slashes, and so fails there. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-28 12:54:58 +13:00
self.assertIsNotNone(dns_record_match(self.rpc_conn, self.server_ip,
CVE-2016-0771: tests/dns: modify tests to check via RPC This checks that TXT records added over DNS, look the same over RPC. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-27 17:41:44 +13:00
self.get_dns_domain(),
"%s.%s" % (prefix, self.get_dns_domain()),
dnsp.DNS_TYPE_TXT, '"NULL"'))
prefix, txt = 'nulltextrec2', ['NULL\x00BYTE', 'NULL\x00BYTE']
p = self.make_txt_update(prefix, txt)
selftest: merge DNSTest boilerplate This will help unifying dns.py and dns_tkey.py to use common subclasses The code was originally copied, but has since divereged. This handles that divergence. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-06-09 10:00:09 +12:00
(response, response_packet) = self.dns_transaction_udp(p, host=server_ip)
CVE-2016-0771: tests/dns: modify tests to check via RPC This checks that TXT records added over DNS, look the same over RPC. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-27 17:41:44 +13:00
self.assert_dns_rcode_equals(response, dns.DNS_RCODE_OK)
self.check_query_txt(prefix, ['NULL', 'NULL'])
CVE-2016-0771: tests/dns: RPC => DNS roundtrip test Make sure that TXT entries stored via RPC come out the same in DNS. This has one caveat in that adding over RPC in Windows eats slashes, and so fails there. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-28 12:54:58 +13:00
self.assertIsNotNone(dns_record_match(self.rpc_conn, self.server_ip,
CVE-2016-0771: tests/dns: modify tests to check via RPC This checks that TXT records added over DNS, look the same over RPC. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-27 17:41:44 +13:00
self.get_dns_domain(),
"%s.%s" % (prefix, self.get_dns_domain()),
dnsp.DNS_TYPE_TXT, '"NULL" "NULL"'))
CVE-2016-0771: tests/dns: RPC => DNS roundtrip test Make sure that TXT entries stored via RPC come out the same in DNS. This has one caveat in that adding over RPC in Windows eats slashes, and so fails there. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-28 12:54:58 +13:00
def test_update_add_null_char_rpc_to_dns(self):
prefix, txt = 'nulltextrec', ['NULL\x00BYTE']
prefix = 'rpc' + prefix
name = "%s.%s" % (prefix, self.get_dns_domain())
rec = data_to_dns_record(dnsp.DNS_TYPE_TXT, '"NULL"')
add_rec_buf = dnsserver.DNS_RPC_RECORD_BUF()
add_rec_buf.rec = rec
try:
self.rpc_conn.DnssrvUpdateRecord2(dnsserver.DNS_CLIENT_VERSION_LONGHORN,
0, self.server_ip, self.get_dns_domain(),
name, add_rec_buf, None)
selftest: run dns tests in multiple envs This will let us check the negative behaviour: that updates against RODCs fail and un-authenticated updates fail. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-06-08 16:20:42 +12:00
except WERRORError as e:
self.fail(str(e))
try:
self.check_query_txt(prefix, ['NULL'])
CVE-2016-0771: tests/dns: RPC => DNS roundtrip test Make sure that TXT entries stored via RPC come out the same in DNS. This has one caveat in that adding over RPC in Windows eats slashes, and so fails there. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-28 12:54:58 +13:00
finally:
self.rpc_conn.DnssrvUpdateRecord2(dnsserver.DNS_CLIENT_VERSION_LONGHORN,
0, self.server_ip, self.get_dns_domain(),
name, None, add_rec_buf)
CVE-2016-0771: tests/dns: modify tests to check via RPC This checks that TXT records added over DNS, look the same over RPC. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-27 17:41:44 +13:00
def test_update_add_hex_char_txt_record(self):
"test adding records works"
prefix, txt = 'hextextrec', ['HIGH\xFFBYTE']
p = self.make_txt_update(prefix, txt)
selftest: merge DNSTest boilerplate This will help unifying dns.py and dns_tkey.py to use common subclasses The code was originally copied, but has since divereged. This handles that divergence. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-06-09 10:00:09 +12:00
(response, response_packet) = self.dns_transaction_udp(p, host=server_ip)
CVE-2016-0771: tests/dns: modify tests to check via RPC This checks that TXT records added over DNS, look the same over RPC. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-27 17:41:44 +13:00
self.assert_dns_rcode_equals(response, dns.DNS_RCODE_OK)
self.check_query_txt(prefix, txt)
CVE-2016-0771: tests/dns: RPC => DNS roundtrip test Make sure that TXT entries stored via RPC come out the same in DNS. This has one caveat in that adding over RPC in Windows eats slashes, and so fails there. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-28 12:54:58 +13:00
self.assertIsNotNone(dns_record_match(self.rpc_conn, self.server_ip,
CVE-2016-0771: tests/dns: modify tests to check via RPC This checks that TXT records added over DNS, look the same over RPC. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-27 17:41:44 +13:00
self.get_dns_domain(),
"%s.%s" % (prefix, self.get_dns_domain()),
dnsp.DNS_TYPE_TXT, '"HIGH\xFFBYTE"'))
CVE-2016-0771: tests/dns: RPC => DNS roundtrip test Make sure that TXT entries stored via RPC come out the same in DNS. This has one caveat in that adding over RPC in Windows eats slashes, and so fails there. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-28 12:54:58 +13:00
def test_update_add_hex_rpc_to_dns(self):
prefix, txt = 'hextextrec', ['HIGH\xFFBYTE']
prefix = 'rpc' + prefix
name = "%s.%s" % (prefix, self.get_dns_domain())
rec = data_to_dns_record(dnsp.DNS_TYPE_TXT, '"HIGH\xFFBYTE"')
add_rec_buf = dnsserver.DNS_RPC_RECORD_BUF()
add_rec_buf.rec = rec
try:
self.rpc_conn.DnssrvUpdateRecord2(dnsserver.DNS_CLIENT_VERSION_LONGHORN,
0, self.server_ip, self.get_dns_domain(),
name, add_rec_buf, None)
selftest: run dns tests in multiple envs This will let us check the negative behaviour: that updates against RODCs fail and un-authenticated updates fail. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-06-08 16:20:42 +12:00
except WERRORError as e:
self.fail(str(e))
try:
self.check_query_txt(prefix, txt)
CVE-2016-0771: tests/dns: RPC => DNS roundtrip test Make sure that TXT entries stored via RPC come out the same in DNS. This has one caveat in that adding over RPC in Windows eats slashes, and so fails there. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-28 12:54:58 +13:00
finally:
self.rpc_conn.DnssrvUpdateRecord2(dnsserver.DNS_CLIENT_VERSION_LONGHORN,
0, self.server_ip, self.get_dns_domain(),
name, None, add_rec_buf)
CVE-2016-0771: tests/dns: modify tests to check via RPC This checks that TXT records added over DNS, look the same over RPC. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-27 17:41:44 +13:00
def test_update_add_slash_txt_record(self):
"test adding records works"
prefix, txt = 'slashtextrec', ['Th\\=is=is a test']
p = self.make_txt_update(prefix, txt)
selftest: merge DNSTest boilerplate This will help unifying dns.py and dns_tkey.py to use common subclasses The code was originally copied, but has since divereged. This handles that divergence. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-06-09 10:00:09 +12:00
(response, response_packet) = self.dns_transaction_udp(p, host=server_ip)
CVE-2016-0771: tests/dns: modify tests to check via RPC This checks that TXT records added over DNS, look the same over RPC. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-27 17:41:44 +13:00
self.assert_dns_rcode_equals(response, dns.DNS_RCODE_OK)
self.check_query_txt(prefix, txt)
CVE-2016-0771: tests/dns: RPC => DNS roundtrip test Make sure that TXT entries stored via RPC come out the same in DNS. This has one caveat in that adding over RPC in Windows eats slashes, and so fails there. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-28 12:54:58 +13:00
self.assertIsNotNone(dns_record_match(self.rpc_conn, self.server_ip,
CVE-2016-0771: tests/dns: modify tests to check via RPC This checks that TXT records added over DNS, look the same over RPC. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-27 17:41:44 +13:00
self.get_dns_domain(),
"%s.%s" % (prefix, self.get_dns_domain()),
dnsp.DNS_TYPE_TXT, '"Th\\\\=is=is a test"'))
CVE-2016-0771: tests/dns: RPC => DNS roundtrip test Make sure that TXT entries stored via RPC come out the same in DNS. This has one caveat in that adding over RPC in Windows eats slashes, and so fails there. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-28 12:54:58 +13:00
# This test fails against Windows as it eliminates slashes in RPC
# One typical use for a slash is in records like 'var=value' to
# escape '=' characters.
def test_update_add_slash_rpc_to_dns(self):
prefix, txt = 'slashtextrec', ['Th\\=is=is a test']
prefix = 'rpc' + prefix
name = "%s.%s" % (prefix, self.get_dns_domain())
rec = data_to_dns_record(dnsp.DNS_TYPE_TXT, '"Th\\\\=is=is a test"')
add_rec_buf = dnsserver.DNS_RPC_RECORD_BUF()
add_rec_buf.rec = rec
try:
self.rpc_conn.DnssrvUpdateRecord2(dnsserver.DNS_CLIENT_VERSION_LONGHORN,
0, self.server_ip, self.get_dns_domain(),
name, add_rec_buf, None)
selftest: run dns tests in multiple envs This will let us check the negative behaviour: that updates against RODCs fail and un-authenticated updates fail. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-06-08 16:20:42 +12:00
except WERRORError as e:
self.fail(str(e))
try:
CVE-2016-0771: tests/dns: RPC => DNS roundtrip test Make sure that TXT entries stored via RPC come out the same in DNS. This has one caveat in that adding over RPC in Windows eats slashes, and so fails there. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-28 12:54:58 +13:00
self.check_query_txt(prefix, txt)
selftest: run dns tests in multiple envs This will let us check the negative behaviour: that updates against RODCs fail and un-authenticated updates fail. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-06-08 16:20:42 +12:00
CVE-2016-0771: tests/dns: RPC => DNS roundtrip test Make sure that TXT entries stored via RPC come out the same in DNS. This has one caveat in that adding over RPC in Windows eats slashes, and so fails there. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-28 12:54:58 +13:00
finally:
self.rpc_conn.DnssrvUpdateRecord2(dnsserver.DNS_CLIENT_VERSION_LONGHORN,
0, self.server_ip, self.get_dns_domain(),
name, None, add_rec_buf)
CVE-2016-0771: tests/dns: modify tests to check via RPC This checks that TXT records added over DNS, look the same over RPC. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-27 17:41:44 +13:00
def test_update_add_two_txt_records(self):
"test adding two txt records works"
prefix, txt = 'textrec2', ['"This is a test"',
'"and this is a test, too"']
p = self.make_txt_update(prefix, txt)
selftest: merge DNSTest boilerplate This will help unifying dns.py and dns_tkey.py to use common subclasses The code was originally copied, but has since divereged. This handles that divergence. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-06-09 10:00:09 +12:00
(response, response_packet) = self.dns_transaction_udp(p, host=server_ip)
CVE-2016-0771: tests/dns: modify tests to check via RPC This checks that TXT records added over DNS, look the same over RPC. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-27 17:41:44 +13:00
self.assert_dns_rcode_equals(response, dns.DNS_RCODE_OK)
self.check_query_txt(prefix, txt)
CVE-2016-0771: tests/dns: RPC => DNS roundtrip test Make sure that TXT entries stored via RPC come out the same in DNS. This has one caveat in that adding over RPC in Windows eats slashes, and so fails there. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-28 12:54:58 +13:00
self.assertIsNotNone(dns_record_match(self.rpc_conn, self.server_ip,
CVE-2016-0771: tests/dns: modify tests to check via RPC This checks that TXT records added over DNS, look the same over RPC. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-27 17:41:44 +13:00
self.get_dns_domain(),
"%s.%s" % (prefix, self.get_dns_domain()),
dnsp.DNS_TYPE_TXT, '"\\"This is a test\\""' +
' "\\"and this is a test, too\\""'))
CVE-2016-0771: tests/dns: RPC => DNS roundtrip test Make sure that TXT entries stored via RPC come out the same in DNS. This has one caveat in that adding over RPC in Windows eats slashes, and so fails there. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-28 12:54:58 +13:00
def test_update_add_two_rpc_to_dns(self):
prefix, txt = 'textrec2', ['"This is a test"',
'"and this is a test, too"']
prefix = 'rpc' + prefix
name = "%s.%s" % (prefix, self.get_dns_domain())
rec = data_to_dns_record(dnsp.DNS_TYPE_TXT,
'"\\"This is a test\\""' +
' "\\"and this is a test, too\\""')
add_rec_buf = dnsserver.DNS_RPC_RECORD_BUF()
add_rec_buf.rec = rec
try:
self.rpc_conn.DnssrvUpdateRecord2(dnsserver.DNS_CLIENT_VERSION_LONGHORN,
0, self.server_ip, self.get_dns_domain(),
name, add_rec_buf, None)
selftest: run dns tests in multiple envs This will let us check the negative behaviour: that updates against RODCs fail and un-authenticated updates fail. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-06-08 16:20:42 +12:00
except WERRORError as e:
self.fail(str(e))
try:
CVE-2016-0771: tests/dns: RPC => DNS roundtrip test Make sure that TXT entries stored via RPC come out the same in DNS. This has one caveat in that adding over RPC in Windows eats slashes, and so fails there. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-28 12:54:58 +13:00
self.check_query_txt(prefix, txt)
finally:
self.rpc_conn.DnssrvUpdateRecord2(dnsserver.DNS_CLIENT_VERSION_LONGHORN,
0, self.server_ip, self.get_dns_domain(),
name, None, add_rec_buf)
CVE-2016-0771: tests/dns: modify tests to check via RPC This checks that TXT records added over DNS, look the same over RPC. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-27 17:41:44 +13:00
def test_update_add_empty_txt_records(self):
"test adding two txt records works"
prefix, txt = 'emptytextrec', []
p = self.make_txt_update(prefix, txt)
selftest: merge DNSTest boilerplate This will help unifying dns.py and dns_tkey.py to use common subclasses The code was originally copied, but has since divereged. This handles that divergence. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-06-09 10:00:09 +12:00
(response, response_packet) = self.dns_transaction_udp(p, host=server_ip)
CVE-2016-0771: tests/dns: modify tests to check via RPC This checks that TXT records added over DNS, look the same over RPC. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-27 17:41:44 +13:00
self.assert_dns_rcode_equals(response, dns.DNS_RCODE_OK)
self.check_query_txt(prefix, txt)
CVE-2016-0771: tests/dns: RPC => DNS roundtrip test Make sure that TXT entries stored via RPC come out the same in DNS. This has one caveat in that adding over RPC in Windows eats slashes, and so fails there. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-28 12:54:58 +13:00
self.assertIsNotNone(dns_record_match(self.rpc_conn, self.server_ip,
CVE-2016-0771: tests/dns: modify tests to check via RPC This checks that TXT records added over DNS, look the same over RPC. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-27 17:41:44 +13:00
self.get_dns_domain(),
"%s.%s" % (prefix, self.get_dns_domain()),
dnsp.DNS_TYPE_TXT, ''))
bug #10609: CVE-2014-0239 Don't reply to replies Due to insufficient input checking, the DNS server will reply to a packet that has the "reply" bit set. Over UDP, this allows to send a packet with a spoofed sender address and have two servers DOS each other with circular replies. This patch fixes bug #10609 and adds a test to make sure we don't regress. CVE-2014-2039 has been assigned to this issue. Bug: https://bugzilla.samba.org/show_bug.cgi?id=10609 Signed-off-by: Kai Blin <kai@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Kai Blin <kai@samba.org> Autobuild-Date(master): Tue May 20 04:15:44 CEST 2014 on sn-devel-104
2014-05-13 08:13:29 +02:00
CVE-2016-0771: tests/dns: RPC => DNS roundtrip test Make sure that TXT entries stored via RPC come out the same in DNS. This has one caveat in that adding over RPC in Windows eats slashes, and so fails there. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-28 12:54:58 +13:00
def test_update_add_empty_rpc_to_dns(self):
prefix, txt = 'rpcemptytextrec', []
name = "%s.%s" % (prefix, self.get_dns_domain())
rec = data_to_dns_record(dnsp.DNS_TYPE_TXT, '')
add_rec_buf = dnsserver.DNS_RPC_RECORD_BUF()
add_rec_buf.rec = rec
try:
self.rpc_conn.DnssrvUpdateRecord2(dnsserver.DNS_CLIENT_VERSION_LONGHORN,
0, self.server_ip, self.get_dns_domain(),
name, add_rec_buf, None)
selftest: run dns tests in multiple envs This will let us check the negative behaviour: that updates against RODCs fail and un-authenticated updates fail. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-06-08 16:20:42 +12:00
except WERRORError as e:
self.fail(str(e))
CVE-2016-0771: tests/dns: RPC => DNS roundtrip test Make sure that TXT entries stored via RPC come out the same in DNS. This has one caveat in that adding over RPC in Windows eats slashes, and so fails there. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-28 12:54:58 +13:00
selftest: run dns tests in multiple envs This will let us check the negative behaviour: that updates against RODCs fail and un-authenticated updates fail. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2017-06-08 16:20:42 +12:00
try:
CVE-2016-0771: tests/dns: RPC => DNS roundtrip test Make sure that TXT entries stored via RPC come out the same in DNS. This has one caveat in that adding over RPC in Windows eats slashes, and so fails there. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-28 12:54:58 +13:00
self.check_query_txt(prefix, txt)
finally:
self.rpc_conn.DnssrvUpdateRecord2(dnsserver.DNS_CLIENT_VERSION_LONGHORN,
0, self.server_ip, self.get_dns_domain(),
name, None, add_rec_buf)
CVE-2016-0771: tests/dns: change samba.tests.dns from being a unittest This makes it easier to invoke, particularly against Windows. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11128 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11686 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2016-01-29 17:03:56 +13:00
TestProgram(module=__name__, opts=subunitopts)
Copy Permalink