Dyomedea
/
binder
1
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 10 Wiki Activity
Browse Source

Add integration test for denied zone transfer

pull/10/head
Jeffrey Forman 10 years ago
parent
0b048f46f8
commit
308be6a025
4 changed files with 32 additions and 1 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +1
    -1
      binder/models.py
  2. +10
    -0
      binder/testdata/db.10.254.3
  3. +10
    -0
      binder/testdata/db.domain3.local
  4. +11
    -0
      binder/tests/integration.py

+ 1
- 1
binder/models.py View File

@ -122,7 +122,7 @@ class BindServer(models.Model):
except dns.exception.FormError:
# When the DNS message is malformed.
# * Can happen if a TSIG key is required but a default_transfer_key is not specified.
raise exceptions.TransferException("There was an error attempting to list zone records. Did you forget to specify a default transfer key?")
raise exceptions.TransferException("Unable to perform AXFR to list zone records. Did you forget to specify a default transfer key?")
names = zone.nodes.keys()
names.sort()

+ 10
- 0
binder/testdata/db.10.254.3 View File

@ -0,0 +1,10 @@
$TTL 86400 ; 1 day
@ IN SOA ns1.example.com. mymail.example.com. (
2 ; serial
10800 ; refresh (3 hours)
15 ; retry (15 seconds)
604800 ; expire (1 week)
10800 ; minimum (3 hours)
)
NS localhost.
$ORIGIN 3.254.10.in-addr.arpa.

+ 10
- 0
binder/testdata/db.domain3.local View File

@ -0,0 +1,10 @@
$TTL 86400 ; 1 day
@ IN SOA ns1.example.com. mymail.example.com. (
24 ; serial
10800 ; refresh (3 hours)
15 ; retry (15 seconds)
604800 ; expire (1 week)
10800 ; minimum (3 hours)
)
NS localhost.
$ORIGIN domain3.local.

+ 11
- 0
binder/tests/integration.py View File

@ -90,3 +90,14 @@ class Integration_Tests(TestCase):
self.assertEqual(response.context["errors"], "Unable to list server zones. Error: <urlopen error [Errno 111] Connection refused>")
dns_server.statistics_port = original_statistics_port
dns_server.save()
def test_Integration_ZoneList_MissingTransferKey(self):
"""Attempt to list a zone's records with missing TSIG key.
domain3.local should be configured to require a TSIG key
for transfers."""
dns_server = models.BindServer.objects.get(hostname="testserver1")
response = self.client.get("/info/testserver1/domain3.local/")
self.assertEqual(response.status_code, 200)
self.assertEqual(response.context["zone_name"], "domain3.local")
self.assertEqual(response.context["dns_server"], "testserver1")
self.assertRegexpMatches(str(response.context["errors"]), "Unable to perform AXFR to list zone records. Did you forget to specify a default transfer key?")

Write Preview
Loading…
Cancel
Save