Mirrors/coredns
1
0
Fork 0
mirror of https://github.com/coredns/coredns.git synced 2025-10-31 02:03:20 -04:00
Code Issues Packages Projects Releases Wiki Activity

middleware/file: add nsec for wildcard expansion (#382)

Browse Source 
A NSEC record is need to deny any other name that might exist.
Also don't blindly perform the interface conversion when getting
glue for NS records as they now may include RRSIG - also add tests
for that.
This commit is contained in:
Miek Gieben
2016-11-06 08:32:07 +00:00
committed by GitHub
parent 8d3418c015
commit 243797a387
4 changed files with 34 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
middleware/file/wildcard_test.go
View File

@@ -31,6 +31,10 @@ var wildcardTestCases = []test.Case{
test.RRSIG("wild.dnssex.nl. 1800 IN RRSIG TXT 8 2 1800 20160428190224 20160329190224 14460 dnssex.nl. FUZSTyvZfeuuOpCm"),
test.TXT(`wild.dnssex.nl. 1800 IN TXT "Doing It Safe Is Better"`),
},
Ns: []dns.RR{
test.NSEC("a.dnssex.nl. 14400 IN NSEC www.dnssex.nl. A AAAA RRSIG NSEC"),
test.RRSIG("a.dnssex.nl. 14400 IN RRSIG NSEC 8 3 14400 20160428190224 20160329190224 14460 dnssex.nl. S+UMs2ySgRaaRY"),
},
Extra: []dns.RR{test.OPT(4096, true)},
},
{
@@ -39,6 +43,10 @@ var wildcardTestCases = []test.Case{
test.RRSIG("a.wild.dnssex.nl. 1800 IN RRSIG TXT 8 2 1800 20160428190224 20160329190224 14460 dnssex.nl. FUZSTyvZfeuuOpCm"),
test.TXT(`a.wild.dnssex.nl. 1800 IN TXT "Doing It Safe Is Better"`),
},
Ns: []dns.RR{
test.NSEC("a.dnssex.nl. 14400 IN NSEC www.dnssex.nl. A AAAA RRSIG NSEC"),
test.RRSIG("a.dnssex.nl. 14400 IN RRSIG NSEC 8 3 14400 20160428190224 20160329190224 14460 dnssex.nl. S+UMs2ySgRaaRY"),
},
Extra: []dns.RR{test.OPT(4096, true)},
},
// nodata responses