Add middleware/dnssec (#133)

This adds an online dnssec middleware. The middleware will sign responses on the fly. Negative responses are signed with NSEC black lies.
2025-10-27 16:24:19 -04:00 · 2016-04-26 17:57:11 +01:00
parent 8e6c690484
commit 1aa1a92198
39 changed files with 1206 additions and 144 deletions
--- a/middleware/classify_test.go
+++ b/middleware/classify_test.go
@@ -0,0 +1,31 @@
+package middleware
+
+import (
+	"testing"
+
+	"github.com/miekg/coredns/middleware/test"
+
+	"github.com/miekg/dns"
+)
+
+func TestClassifyDelegation(t *testing.T) {
+	m := delegationMsg()
+	mt, _ := Classify(m)
+	if mt != Delegation {
+		t.Errorf("message is wrongly classified, expected delegation, got %d", mt)
+	}
+}
+
+func delegationMsg() *dns.Msg {
+	return &dns.Msg{
+		Ns: []dns.RR{
+			test.NS("miek.nl.	3600	IN	NS	linode.atoom.net."),
+			test.NS("miek.nl.	3600	IN	NS	ns-ext.nlnetlabs.nl."),
+			test.NS("miek.nl.	3600	IN	NS	omval.tednet.nl."),
+		},
+		Extra: []dns.RR{
+			test.A("omval.tednet.nl.	3600	IN	A	185.49.141.42"),
+			test.AAAA("omval.tednet.nl.	3600	IN	AAAA	2a04:b900:0:100::42"),
+		},
+	}
+}