NS records returned for sub and sub sub domains
This commit is contained in:
		
							parent
							
								
									44f33c999d
								
							
						
					
					
						commit
						2ab424feb6
					
				
							
								
								
									
										76
									
								
								TESTS.md
									
									
									
									
									
								
							
							
						
						
									
										76
									
								
								TESTS.md
									
									
									
									
									
								
							| @ -33,18 +33,28 @@ Test that A queries for ANAME-enabled records (but no address) recurse (regardle | |||||||
| 
 | 
 | ||||||
| Generally speaking test the cases of 0, 1, and 2 records of any given type (null case, single case, multi case) | Generally speaking test the cases of 0, 1, and 2 records of any given type (null case, single case, multi case) | ||||||
| 
 | 
 | ||||||
|  | ### Variables | ||||||
|  | 
 | ||||||
| ``` | ``` | ||||||
| port=65053 | port=65053 | ||||||
| ns=localhost | ns=localhost | ||||||
| digcmd="node bin/dig.js" | 
 | ||||||
| #digcmd="dig" | # For the sake of accuracy, it's most important to test with the standard unix dig tool | ||||||
|  | digcmd="dig" | ||||||
|  | 
 | ||||||
|  | # For the sake of completeness, it's important to test with our very own dig tool | ||||||
|  | #digcmd="node bin/dig.js" | ||||||
| ``` | ``` | ||||||
| 
 | 
 | ||||||
|  | ### Run the server | ||||||
|  | 
 | ||||||
| ``` | ``` | ||||||
| # Serve: | # Serve: | ||||||
| node bin/digd.js +norecurse -p $port --input sample/db.json | node bin/digd.js +norecurse -p $port --input sample/db.json | ||||||
| ``` | ``` | ||||||
| 
 | 
 | ||||||
|  | ### Manual Tests | ||||||
|  | 
 | ||||||
| ``` | ``` | ||||||
| # Sample Data: | # Sample Data: | ||||||
| #   no A records for out-delegated.example.com | #   no A records for out-delegated.example.com | ||||||
| @ -54,15 +64,15 @@ node bin/digd.js +norecurse -p $port --input sample/db.json | |||||||
| # Test: | # Test: | ||||||
| #   should return NS records in AUTHORITY section, nothing else | #   should return NS records in AUTHORITY section, nothing else | ||||||
| $digcmd @$ns -p $port A out-delegated.example.com | $digcmd @$ns -p $port A out-delegated.example.com | ||||||
| node bin/dig.js @$ns -p $port ANY out-delegated.example.com | $digcmd @$ns -p $port ANY out-delegated.example.com | ||||||
| 
 | 
 | ||||||
| #   should return SOA records in AUTHORITY section, nothing else | #   should return SOA records in AUTHORITY section, nothing else | ||||||
| node bin/dig.js @$ns -p $port A in-delegated.example.com | $digcmd @$ns -p $port A in-delegated.example.com | ||||||
| node bin/dig.js @$ns -p $port ANY in-delegated.example.com | $digcmd @$ns -p $port ANY in-delegated.example.com | ||||||
| 
 | 
 | ||||||
| #   should return NS records in ANSWER section, nothing else | #   should return NS records in ANSWER section, nothing else | ||||||
| node bin/dig.js @$ns -p $port NS out-delegated.example.com | $digcmd @$ns -p $port NS out-delegated.example.com | ||||||
| node bin/dig.js @$ns -p $port NS in-delegated.example.com | $digcmd @$ns -p $port NS in-delegated.example.com | ||||||
| 
 | 
 | ||||||
| 
 | 
 | ||||||
| # Sample Data: | # Sample Data: | ||||||
| @ -71,16 +81,16 @@ node bin/dig.js @$ns -p $port NS in-delegated.example.com | |||||||
| 
 | 
 | ||||||
| # Test: | # Test: | ||||||
| #   should return records in ANSWER section, nothing else | #   should return records in ANSWER section, nothing else | ||||||
| node bin/dig.js @$ns -p $port A example.com | $digcmd @$ns -p $port A example.com | ||||||
| node bin/dig.js @$ns -p $port AAAA example.com | $digcmd @$ns -p $port AAAA example.com | ||||||
| node bin/dig.js @$ns -p $port MX example.com | $digcmd @$ns -p $port MX example.com | ||||||
| node bin/dig.js @$ns -p $port SRV example.com | $digcmd @$ns -p $port SRV example.com | ||||||
| node bin/dig.js @$ns -p $port TXT example.com | $digcmd @$ns -p $port TXT example.com | ||||||
| node bin/dig.js @$ns -p $port ANY example.com | $digcmd @$ns -p $port ANY example.com | ||||||
| 
 | 
 | ||||||
| #   should return SOA records in AUTHORITY section, nothing else | #   should return SOA records in AUTHORITY section, nothing else | ||||||
| node bin/dig.js @$ns -p $port A doesntexist.example.com | $digcmd @$ns -p $port A doesntexist.example.com | ||||||
| node bin/dig.js @$ns -p $port NS doesntexist.example.com | $digcmd @$ns -p $port NS doesntexist.example.com | ||||||
| 
 | 
 | ||||||
| 
 | 
 | ||||||
| # Sample Data: | # Sample Data: | ||||||
| @ -89,23 +99,31 @@ node bin/dig.js @$ns -p $port NS doesntexist.example.com | |||||||
| 
 | 
 | ||||||
| # Test: | # Test: | ||||||
| #   should return record of correct type in ANSWER section, nothing else | #   should return record of correct type in ANSWER section, nothing else | ||||||
| node bin/dig.js @$ns -p $port A a.example.com | $digcmd @$ns -p $port A a.example.com | ||||||
| node bin/dig.js @$ns -p $port ANY a.example.com | $digcmd @$ns -p $port AAAA aaaa.example.com | ||||||
| node bin/dig.js @$ns -p $port AAAA aaaa.example.com | $digcmd @$ns -p $port MX mx.example.com | ||||||
| node bin/dig.js @$ns -p $port ANY aaaa.example.com | $digcmd @$ns -p $port SRV srv.example.com | ||||||
| node bin/dig.js @$ns -p $port MX mx.example.com | $digcmd @$ns -p $port TXT txt.example.com | ||||||
| node bin/dig.js @$ns -p $port ANY mx.example.com | $digcmd @$ns -p $port TXT mtxt.example.com | ||||||
| node bin/dig.js @$ns -p $port SRV srv.example.com | 
 | ||||||
| node bin/dig.js @$ns -p $port ANY srv.example.com | #   should return record of correct type in ANSWER section, and SOA / NS | ||||||
| node bin/dig.js @$ns -p $port TXT txt.example.com | $digcmd @$ns -p $port ANY a.example.com | ||||||
| node bin/dig.js @$ns -p $port ANY txt.example.com | $digcmd @$ns -p $port ANY aaaa.example.com | ||||||
| node bin/dig.js @$ns -p $port TXT mtxt.example.com | $digcmd @$ns -p $port ANY mx.example.com | ||||||
| node bin/dig.js @$ns -p $port ANY mtxt.example.com | $digcmd @$ns -p $port ANY srv.example.com | ||||||
|  | $digcmd @$ns -p $port ANY txt.example.com | ||||||
|  | $digcmd @$ns -p $port ANY mtxt.example.com | ||||||
|  | 
 | ||||||
|  | # Test: | ||||||
|  | #   all subdomains of a delegated domain should return NS for that domain | ||||||
|  | $digcmd @$ns -p 65053 ANY ns.example.com | ||||||
|  | $digcmd @$ns -p 65053 ANY foo.ns.example.com | ||||||
|  | $digcmd @$ns -p 65053 ANY bar.foo.ns.example.com | ||||||
| 
 | 
 | ||||||
| #   should return SOA record in AUTHORITY section, nothing else | #   should return SOA record in AUTHORITY section, nothing else | ||||||
| node bin/dig.js @$ns -p $port A doesntexist.a.example.com | $digcmd @$ns -p $port A doesntexist.a.example.com | ||||||
| 
 | 
 | ||||||
| #   should return NS records in ANSWER section, nothing else | #   should return NS records in ANSWER section, nothing else | ||||||
| node bin/dig.js @$ns -p $port NS a.example.com | $digcmd @$ns -p $port NS a.example.com | ||||||
| 
 | 
 | ||||||
| ``` | ``` | ||||||
|  | |||||||
| @ -114,9 +114,10 @@ function dbToResourceRecord(r) { | |||||||
| } | } | ||||||
| 
 | 
 | ||||||
| function getNs(db, ds, results, cb) { | function getNs(db, ds, results, cb) { | ||||||
|   console.log('[DEV] getNs entered'); |   console.log('[DEV] getNs entered with domains', ds); | ||||||
| 
 | 
 | ||||||
|   var d = ds.shift(); |   var d = ds.shift(); | ||||||
|  |   console.log('[DEV] trying another one', d); | ||||||
| 
 | 
 | ||||||
|   if (!d) { |   if (!d) { | ||||||
|     results.header.rcode = NXDOMAIN; |     results.header.rcode = NXDOMAIN; | ||||||
| @ -298,6 +299,10 @@ module.exports.query = function (input, query, cb) { | |||||||
|       qarr.shift(); // first
 |       qarr.shift(); // first
 | ||||||
|     } |     } | ||||||
| 
 | 
 | ||||||
|  |     console.log('[DEV] getNsAlso?', getNsAlso); | ||||||
|  |     console.log('[DEV] answerSoa?', answerSoa); | ||||||
|  |     console.log('[DEV] qnames'); | ||||||
|  |     console.log(qnames); | ||||||
|     var myDomains = db.domains.filter(function (d) { |     var myDomains = db.domains.filter(function (d) { | ||||||
|       return -1 !== qnames.indexOf(d.id.toLowerCase()); |       return -1 !== qnames.indexOf(d.id.toLowerCase()); | ||||||
|     }); |     }); | ||||||
| @ -325,7 +330,7 @@ module.exports.query = function (input, query, cb) { | |||||||
|       return getSoa(db, myDomains[0], results, cb, answerSoa); |       return getSoa(db, myDomains[0], results, cb, answerSoa); | ||||||
|     } |     } | ||||||
| 
 | 
 | ||||||
|     return getNs(db, myDomains.slice(0), results, function (err, results) { |     return getNs(db, /*myDomains.slice(0)*/qnames.map(function (qn) { return { id: qn }; }), results, function (err, results) { | ||||||
|       //console.log('[DEV] getNs complete');
 |       //console.log('[DEV] getNs complete');
 | ||||||
| 
 | 
 | ||||||
|       if (err) { cb(err, results); return; } |       if (err) { cb(err, results); return; } | ||||||
| @ -352,6 +357,12 @@ module.exports.query = function (input, query, cb) { | |||||||
| 
 | 
 | ||||||
|     if (err) { cb(err); return; } |     if (err) { cb(err); return; } | ||||||
| 
 | 
 | ||||||
|  |     // There are two special cases
 | ||||||
|  |     // NS records are returned as ANSWER for NS and ANY, and as AUTHORITY when an externally-delegated domain would return an SOA (no records)
 | ||||||
|  |     // SOA records are returned as ANSWER for SOA and ANY, and as AUTHORITY when no records are found, but the domain is controlled here
 | ||||||
|  | 
 | ||||||
|  |     console.log("[DEV] has records"); | ||||||
|  | 
 | ||||||
|     // filter out NS (delegation) records, unless that is what is intended
 |     // filter out NS (delegation) records, unless that is what is intended
 | ||||||
|     someRecords = someRecords.filter(function (r) { |     someRecords = someRecords.filter(function (r) { | ||||||
|       // If it's not an NS record, it's a potential result
 |       // If it's not an NS record, it's a potential result
 | ||||||
| @ -359,21 +370,23 @@ module.exports.query = function (input, query, cb) { | |||||||
|         return true; |         return true; | ||||||
|       } |       } | ||||||
| 
 | 
 | ||||||
|       // If the query was for NS, it's a potential result
 |       console.log("It's NS"); | ||||||
|       if ('NS' === query.question[0].typeName) { |  | ||||||
|         return true; |  | ||||||
|       } |  | ||||||
| 
 | 
 | ||||||
|       // If it's a vanity NS, it's not a valid NS for lookup
 |       // If it's a vanity NS, it's not a valid NS for lookup
 | ||||||
|       if (-1 !== db.primaryNameservers.indexOf(r.data.toLowerCase())) { |       if (-1 !== db.primaryNameservers.indexOf(r.data.toLowerCase())) { | ||||||
|  |         console.log("It's a vanity NS"); | ||||||
|         return false; |         return false; | ||||||
|       } |       } | ||||||
| 
 | 
 | ||||||
|  |       // If the query was for NS, it's a potential result
 | ||||||
|  |       if ('ANY' === query.question[0].typeName || 'NS' === query.question[0].typeName) { | ||||||
|  |         return true; | ||||||
|  |       } | ||||||
|  | 
 | ||||||
|       nsRecords.push(r); |       nsRecords.push(r); | ||||||
|       return false; |       return false; | ||||||
|     }); |     }); | ||||||
| 
 | 
 | ||||||
|     // TODO should NS be returned as ANSWER or AUTHORITY in ANY?
 |  | ||||||
|     myRecords = someRecords; |     myRecords = someRecords; | ||||||
|     if (255 !== query.question[0].type && 'ANY' !== query.question[0].typeName) { |     if (255 !== query.question[0].type && 'ANY' !== query.question[0].typeName) { | ||||||
|       myRecords = myRecords.filter(function (r) { |       myRecords = myRecords.filter(function (r) { | ||||||
| @ -391,6 +404,11 @@ module.exports.query = function (input, query, cb) { | |||||||
|       }); |       }); | ||||||
|       results.header.rcode = NOERROR; |       results.header.rcode = NOERROR; | ||||||
|       //console.log('[DEV] ANSWER results', results);
 |       //console.log('[DEV] ANSWER results', results);
 | ||||||
|  | 
 | ||||||
|  |       if (255 === query.question[0].type && 'ANY' === query.question[0].typeName) { | ||||||
|  |         getNsAndSoa(false, true); | ||||||
|  |         return; | ||||||
|  |       } | ||||||
|       cb(null, results); |       cb(null, results); | ||||||
|       return; |       return; | ||||||
|     } |     } | ||||||
| @ -404,9 +422,10 @@ module.exports.query = function (input, query, cb) { | |||||||
|       return; |       return; | ||||||
|     } |     } | ||||||
| 
 | 
 | ||||||
|     if (!myRecords.length) { |     console.log("[DEV] Gonna get NS and SOA"); | ||||||
|       getNsAndSoa(true); | 
 | ||||||
|     } |     // !myRecords.length
 | ||||||
|  |     getNsAndSoa(true); | ||||||
|   }); |   }); | ||||||
| }; | }; | ||||||
| 
 | 
 | ||||||
|  | |||||||
		Loading…
	
	
			
			x
			
			
		
	
		Reference in New Issue
	
	Block a user