From c6d98623215e37d6a28e590413a18f8d9aec9c8b Mon Sep 17 00:00:00 2001 From: Gary Lockyer Date: Wed, 18 Jul 2018 15:29:21 +1200 Subject: [PATCH] dns wildcards: tests to confirm BUG 13536 DNS wildcard matching failing if more than one label to the left of the wildcard. This commits adds tests to confirm the bug. Wildcard entry: *.example.org bar.example.com matches foo.bar.example.com does not, but it it should. Signed-off-by: Gary Lockyer Reviewed-by: Jeremy Allison (cherry picked from commit 0d3aec18679a2637430263a55de5e210a9201e21) --- python/samba/tests/dns_wildcard.py | 48 ++++++++++++++++++++++++++++++++++++++ selftest/knownfail.d/dns_wildcard | 5 ++++ 2 files changed, 53 insertions(+) create mode 100644 selftest/knownfail.d/dns_wildcard diff --git a/python/samba/tests/dns_wildcard.py b/python/samba/tests/dns_wildcard.py index ca8426a6f14..01e06b8e262 100644 --- a/python/samba/tests/dns_wildcard.py +++ b/python/samba/tests/dns_wildcard.py @@ -172,6 +172,30 @@ class TestWildCardQueries(DNSTest): self.assertEquals(response.answers[0].rr_type, dns.DNS_QTYPE_A) self.assertEquals(response.answers[0].rdata, WILDCARD_IP) + def test_one_a_query_match_wildcard_2_labels(self): + """ Query an A record, should match the wild card entry + have two labels to the left of the wild card target. + """ + + p = self.make_name_packet(dns.DNS_OPCODE_QUERY) + questions = [] + + # Check the record + name = "label2.label1.wildcardtest.%s" % self.get_dns_domain() + q = self.make_name_question(name, + dns.DNS_QTYPE_A, + dns.DNS_QCLASS_IN) + questions.append(q) + + self.finish_name_packet(p, questions) + (response, response_packet) =\ + self.dns_transaction_udp(p, host=self.server_ip) + self.assert_dns_rcode_equals(response, dns.DNS_RCODE_OK) + self.assert_dns_opcode_equals(response, dns.DNS_OPCODE_QUERY) + self.assertEquals(response.ancount, 1) + self.assertEquals(response.answers[0].rr_type, dns.DNS_QTYPE_A) + self.assertEquals(response.answers[0].rdata, WILDCARD_IP) + def test_one_a_query_wildcard_entry(self): "Query the wildcard entry" @@ -239,6 +263,30 @@ class TestWildCardQueries(DNSTest): self.assertEquals(response.answers[0].rr_type, dns.DNS_QTYPE_A) self.assertEquals(response.answers[0].rdata, LEVEL2_WILDCARD_IP) + def test_one_a_query_match_wildcard_l2_2_labels(self): + """Query an A record, should match the level 2 wild card entry + have two labels to the left of the wild card target + """ + + p = self.make_name_packet(dns.DNS_OPCODE_QUERY) + questions = [] + + # Check the record + name = "label1.label2.level2.wildcardtest.%s" % self.get_dns_domain() + q = self.make_name_question(name, + dns.DNS_QTYPE_A, + dns.DNS_QCLASS_IN) + questions.append(q) + + self.finish_name_packet(p, questions) + (response, response_packet) =\ + self.dns_transaction_udp(p, host=self.server_ip) + self.assert_dns_rcode_equals(response, dns.DNS_RCODE_OK) + self.assert_dns_opcode_equals(response, dns.DNS_OPCODE_QUERY) + self.assertEquals(response.ancount, 1) + self.assertEquals(response.answers[0].rr_type, dns.DNS_QTYPE_A) + self.assertEquals(response.answers[0].rdata, LEVEL2_WILDCARD_IP) + def test_one_a_query_exact_match_l2(self): """Query an entry that matches the wild card but has an exact match as well. diff --git a/selftest/knownfail.d/dns_wildcard b/selftest/knownfail.d/dns_wildcard new file mode 100644 index 00000000000..2c9ade138fc --- /dev/null +++ b/selftest/knownfail.d/dns_wildcard @@ -0,0 +1,5 @@ +# https://bugzilla.samba.org/show_bug.cgi?id=13536 +# + +^samba.*.TestWildCardQueries.test_one_a_query_match_wildcard_l2_2_labels +^samba.*.TestWildCardQueries.test_one_a_query_match_wildcard_2_labels -- 2.11.4.GIT