NS records returned for sub and sub sub domains
This commit is contained in:
parent
44f33c999d
commit
2ab424feb6
76
TESTS.md
76
TESTS.md
|
@ -33,18 +33,28 @@ Test that A queries for ANAME-enabled records (but no address) recurse (regardle
|
||||||
|
|
||||||
Generally speaking test the cases of 0, 1, and 2 records of any given type (null case, single case, multi case)
|
Generally speaking test the cases of 0, 1, and 2 records of any given type (null case, single case, multi case)
|
||||||
|
|
||||||
|
### Variables
|
||||||
|
|
||||||
```
|
```
|
||||||
port=65053
|
port=65053
|
||||||
ns=localhost
|
ns=localhost
|
||||||
digcmd="node bin/dig.js"
|
|
||||||
#digcmd="dig"
|
# For the sake of accuracy, it's most important to test with the standard unix dig tool
|
||||||
|
digcmd="dig"
|
||||||
|
|
||||||
|
# For the sake of completeness, it's important to test with our very own dig tool
|
||||||
|
#digcmd="node bin/dig.js"
|
||||||
```
|
```
|
||||||
|
|
||||||
|
### Run the server
|
||||||
|
|
||||||
```
|
```
|
||||||
# Serve:
|
# Serve:
|
||||||
node bin/digd.js +norecurse -p $port --input sample/db.json
|
node bin/digd.js +norecurse -p $port --input sample/db.json
|
||||||
```
|
```
|
||||||
|
|
||||||
|
### Manual Tests
|
||||||
|
|
||||||
```
|
```
|
||||||
# Sample Data:
|
# Sample Data:
|
||||||
# no A records for out-delegated.example.com
|
# no A records for out-delegated.example.com
|
||||||
|
@ -54,15 +64,15 @@ node bin/digd.js +norecurse -p $port --input sample/db.json
|
||||||
# Test:
|
# Test:
|
||||||
# should return NS records in AUTHORITY section, nothing else
|
# should return NS records in AUTHORITY section, nothing else
|
||||||
$digcmd @$ns -p $port A out-delegated.example.com
|
$digcmd @$ns -p $port A out-delegated.example.com
|
||||||
node bin/dig.js @$ns -p $port ANY out-delegated.example.com
|
$digcmd @$ns -p $port ANY out-delegated.example.com
|
||||||
|
|
||||||
# should return SOA records in AUTHORITY section, nothing else
|
# should return SOA records in AUTHORITY section, nothing else
|
||||||
node bin/dig.js @$ns -p $port A in-delegated.example.com
|
$digcmd @$ns -p $port A in-delegated.example.com
|
||||||
node bin/dig.js @$ns -p $port ANY in-delegated.example.com
|
$digcmd @$ns -p $port ANY in-delegated.example.com
|
||||||
|
|
||||||
# should return NS records in ANSWER section, nothing else
|
# should return NS records in ANSWER section, nothing else
|
||||||
node bin/dig.js @$ns -p $port NS out-delegated.example.com
|
$digcmd @$ns -p $port NS out-delegated.example.com
|
||||||
node bin/dig.js @$ns -p $port NS in-delegated.example.com
|
$digcmd @$ns -p $port NS in-delegated.example.com
|
||||||
|
|
||||||
|
|
||||||
# Sample Data:
|
# Sample Data:
|
||||||
|
@ -71,16 +81,16 @@ node bin/dig.js @$ns -p $port NS in-delegated.example.com
|
||||||
|
|
||||||
# Test:
|
# Test:
|
||||||
# should return records in ANSWER section, nothing else
|
# should return records in ANSWER section, nothing else
|
||||||
node bin/dig.js @$ns -p $port A example.com
|
$digcmd @$ns -p $port A example.com
|
||||||
node bin/dig.js @$ns -p $port AAAA example.com
|
$digcmd @$ns -p $port AAAA example.com
|
||||||
node bin/dig.js @$ns -p $port MX example.com
|
$digcmd @$ns -p $port MX example.com
|
||||||
node bin/dig.js @$ns -p $port SRV example.com
|
$digcmd @$ns -p $port SRV example.com
|
||||||
node bin/dig.js @$ns -p $port TXT example.com
|
$digcmd @$ns -p $port TXT example.com
|
||||||
node bin/dig.js @$ns -p $port ANY example.com
|
$digcmd @$ns -p $port ANY example.com
|
||||||
|
|
||||||
# should return SOA records in AUTHORITY section, nothing else
|
# should return SOA records in AUTHORITY section, nothing else
|
||||||
node bin/dig.js @$ns -p $port A doesntexist.example.com
|
$digcmd @$ns -p $port A doesntexist.example.com
|
||||||
node bin/dig.js @$ns -p $port NS doesntexist.example.com
|
$digcmd @$ns -p $port NS doesntexist.example.com
|
||||||
|
|
||||||
|
|
||||||
# Sample Data:
|
# Sample Data:
|
||||||
|
@ -89,23 +99,31 @@ node bin/dig.js @$ns -p $port NS doesntexist.example.com
|
||||||
|
|
||||||
# Test:
|
# Test:
|
||||||
# should return record of correct type in ANSWER section, nothing else
|
# should return record of correct type in ANSWER section, nothing else
|
||||||
node bin/dig.js @$ns -p $port A a.example.com
|
$digcmd @$ns -p $port A a.example.com
|
||||||
node bin/dig.js @$ns -p $port ANY a.example.com
|
$digcmd @$ns -p $port AAAA aaaa.example.com
|
||||||
node bin/dig.js @$ns -p $port AAAA aaaa.example.com
|
$digcmd @$ns -p $port MX mx.example.com
|
||||||
node bin/dig.js @$ns -p $port ANY aaaa.example.com
|
$digcmd @$ns -p $port SRV srv.example.com
|
||||||
node bin/dig.js @$ns -p $port MX mx.example.com
|
$digcmd @$ns -p $port TXT txt.example.com
|
||||||
node bin/dig.js @$ns -p $port ANY mx.example.com
|
$digcmd @$ns -p $port TXT mtxt.example.com
|
||||||
node bin/dig.js @$ns -p $port SRV srv.example.com
|
|
||||||
node bin/dig.js @$ns -p $port ANY srv.example.com
|
# should return record of correct type in ANSWER section, and SOA / NS
|
||||||
node bin/dig.js @$ns -p $port TXT txt.example.com
|
$digcmd @$ns -p $port ANY a.example.com
|
||||||
node bin/dig.js @$ns -p $port ANY txt.example.com
|
$digcmd @$ns -p $port ANY aaaa.example.com
|
||||||
node bin/dig.js @$ns -p $port TXT mtxt.example.com
|
$digcmd @$ns -p $port ANY mx.example.com
|
||||||
node bin/dig.js @$ns -p $port ANY mtxt.example.com
|
$digcmd @$ns -p $port ANY srv.example.com
|
||||||
|
$digcmd @$ns -p $port ANY txt.example.com
|
||||||
|
$digcmd @$ns -p $port ANY mtxt.example.com
|
||||||
|
|
||||||
|
# Test:
|
||||||
|
# all subdomains of a delegated domain should return NS for that domain
|
||||||
|
$digcmd @$ns -p 65053 ANY ns.example.com
|
||||||
|
$digcmd @$ns -p 65053 ANY foo.ns.example.com
|
||||||
|
$digcmd @$ns -p 65053 ANY bar.foo.ns.example.com
|
||||||
|
|
||||||
# should return SOA record in AUTHORITY section, nothing else
|
# should return SOA record in AUTHORITY section, nothing else
|
||||||
node bin/dig.js @$ns -p $port A doesntexist.a.example.com
|
$digcmd @$ns -p $port A doesntexist.a.example.com
|
||||||
|
|
||||||
# should return NS records in ANSWER section, nothing else
|
# should return NS records in ANSWER section, nothing else
|
||||||
node bin/dig.js @$ns -p $port NS a.example.com
|
$digcmd @$ns -p $port NS a.example.com
|
||||||
|
|
||||||
```
|
```
|
||||||
|
|
|
@ -114,9 +114,10 @@ function dbToResourceRecord(r) {
|
||||||
}
|
}
|
||||||
|
|
||||||
function getNs(db, ds, results, cb) {
|
function getNs(db, ds, results, cb) {
|
||||||
console.log('[DEV] getNs entered');
|
console.log('[DEV] getNs entered with domains', ds);
|
||||||
|
|
||||||
var d = ds.shift();
|
var d = ds.shift();
|
||||||
|
console.log('[DEV] trying another one', d);
|
||||||
|
|
||||||
if (!d) {
|
if (!d) {
|
||||||
results.header.rcode = NXDOMAIN;
|
results.header.rcode = NXDOMAIN;
|
||||||
|
@ -298,6 +299,10 @@ module.exports.query = function (input, query, cb) {
|
||||||
qarr.shift(); // first
|
qarr.shift(); // first
|
||||||
}
|
}
|
||||||
|
|
||||||
|
console.log('[DEV] getNsAlso?', getNsAlso);
|
||||||
|
console.log('[DEV] answerSoa?', answerSoa);
|
||||||
|
console.log('[DEV] qnames');
|
||||||
|
console.log(qnames);
|
||||||
var myDomains = db.domains.filter(function (d) {
|
var myDomains = db.domains.filter(function (d) {
|
||||||
return -1 !== qnames.indexOf(d.id.toLowerCase());
|
return -1 !== qnames.indexOf(d.id.toLowerCase());
|
||||||
});
|
});
|
||||||
|
@ -325,7 +330,7 @@ module.exports.query = function (input, query, cb) {
|
||||||
return getSoa(db, myDomains[0], results, cb, answerSoa);
|
return getSoa(db, myDomains[0], results, cb, answerSoa);
|
||||||
}
|
}
|
||||||
|
|
||||||
return getNs(db, myDomains.slice(0), results, function (err, results) {
|
return getNs(db, /*myDomains.slice(0)*/qnames.map(function (qn) { return { id: qn }; }), results, function (err, results) {
|
||||||
//console.log('[DEV] getNs complete');
|
//console.log('[DEV] getNs complete');
|
||||||
|
|
||||||
if (err) { cb(err, results); return; }
|
if (err) { cb(err, results); return; }
|
||||||
|
@ -352,6 +357,12 @@ module.exports.query = function (input, query, cb) {
|
||||||
|
|
||||||
if (err) { cb(err); return; }
|
if (err) { cb(err); return; }
|
||||||
|
|
||||||
|
// There are two special cases
|
||||||
|
// NS records are returned as ANSWER for NS and ANY, and as AUTHORITY when an externally-delegated domain would return an SOA (no records)
|
||||||
|
// SOA records are returned as ANSWER for SOA and ANY, and as AUTHORITY when no records are found, but the domain is controlled here
|
||||||
|
|
||||||
|
console.log("[DEV] has records");
|
||||||
|
|
||||||
// filter out NS (delegation) records, unless that is what is intended
|
// filter out NS (delegation) records, unless that is what is intended
|
||||||
someRecords = someRecords.filter(function (r) {
|
someRecords = someRecords.filter(function (r) {
|
||||||
// If it's not an NS record, it's a potential result
|
// If it's not an NS record, it's a potential result
|
||||||
|
@ -359,21 +370,23 @@ module.exports.query = function (input, query, cb) {
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
// If the query was for NS, it's a potential result
|
console.log("It's NS");
|
||||||
if ('NS' === query.question[0].typeName) {
|
|
||||||
return true;
|
|
||||||
}
|
|
||||||
|
|
||||||
// If it's a vanity NS, it's not a valid NS for lookup
|
// If it's a vanity NS, it's not a valid NS for lookup
|
||||||
if (-1 !== db.primaryNameservers.indexOf(r.data.toLowerCase())) {
|
if (-1 !== db.primaryNameservers.indexOf(r.data.toLowerCase())) {
|
||||||
|
console.log("It's a vanity NS");
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// If the query was for NS, it's a potential result
|
||||||
|
if ('ANY' === query.question[0].typeName || 'NS' === query.question[0].typeName) {
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
nsRecords.push(r);
|
nsRecords.push(r);
|
||||||
return false;
|
return false;
|
||||||
});
|
});
|
||||||
|
|
||||||
// TODO should NS be returned as ANSWER or AUTHORITY in ANY?
|
|
||||||
myRecords = someRecords;
|
myRecords = someRecords;
|
||||||
if (255 !== query.question[0].type && 'ANY' !== query.question[0].typeName) {
|
if (255 !== query.question[0].type && 'ANY' !== query.question[0].typeName) {
|
||||||
myRecords = myRecords.filter(function (r) {
|
myRecords = myRecords.filter(function (r) {
|
||||||
|
@ -391,6 +404,11 @@ module.exports.query = function (input, query, cb) {
|
||||||
});
|
});
|
||||||
results.header.rcode = NOERROR;
|
results.header.rcode = NOERROR;
|
||||||
//console.log('[DEV] ANSWER results', results);
|
//console.log('[DEV] ANSWER results', results);
|
||||||
|
|
||||||
|
if (255 === query.question[0].type && 'ANY' === query.question[0].typeName) {
|
||||||
|
getNsAndSoa(false, true);
|
||||||
|
return;
|
||||||
|
}
|
||||||
cb(null, results);
|
cb(null, results);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
@ -404,9 +422,10 @@ module.exports.query = function (input, query, cb) {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!myRecords.length) {
|
console.log("[DEV] Gonna get NS and SOA");
|
||||||
|
|
||||||
|
// !myRecords.length
|
||||||
getNsAndSoa(true);
|
getNsAndSoa(true);
|
||||||
}
|
|
||||||
});
|
});
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue