mirror of
https://github.com/coredns/coredns.git
synced 2025-10-28 00:34:24 -04:00
Add middleware/dnssec (#133)
This adds an online dnssec middleware. The middleware will sign responses on the fly. Negative responses are signed with NSEC black lies.
This commit is contained in:
Miek Gieben
32
middleware/dnssec/cache_test.go
Normal file
32
middleware/dnssec/cache_test.go
Normal file
@@ -0,0 +1,32 @@
|
||||
package dnssec
|
||||
|
||||
import (
|
||||
"testing"
|
||||
"time"
|
||||
|
||||
"github.com/miekg/coredns/middleware"
|
||||
"github.com/miekg/coredns/middleware/test"
|
||||
)
|
||||
|
||||
func TestCacheSet(t *testing.T) {
|
||||
fPriv, rmPriv, _ := test.TempFile(t, ".", privKey)
|
||||
fPub, rmPub, _ := test.TempFile(t, ".", pubKey)
|
||||
defer rmPriv()
|
||||
defer rmPub()
|
||||
|
||||
dnskey, err := ParseKeyFile(fPub, fPriv)
|
||||
if err != nil {
|
||||
t.Fatalf("failed to parse key: %v\n", err)
|
||||
}
|
||||
|
||||
m := testMsg()
|
||||
state := middleware.State{Req: m}
|
||||
k := key(m.Answer) // calculate *before* we add the sig
|
||||
d := NewDnssec([]string{"miek.nl."}, []*DNSKEY{dnskey}, nil)
|
||||
m = d.Sign(state, "miek.nl.", time.Now().UTC())
|
||||
|
||||
_, ok := d.get(k)
|
||||
if !ok {
|
||||
t.Errorf("signature was not added to the cache")
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user