# $Id: 05-rr.t 643 2007-05-25 15:19:19Z olaf $ -*-perl-*-
use Test::More;
use strict;
use Net::DNS;
use vars qw( $HAS_DNSSEC $HAS_DLV $HAS_NSEC3 $HAS_NSEC3PARAM);
my $keypathrsa="Kexample.com.+005+24866.private";
my $rsakeyrr;
BEGIN {
if(
eval {require Net::DNS::SEC;}
){
$HAS_DNSSEC=1;
if (
defined($Net::DNS::SEC::SVNVERSION) &&
$Net::DNS::SEC::SVNVERSION > 619
)
{
$HAS_NSEC3PARAM=1;
plan tests => 301; # Hook
}else{
plan tests => 301;
}
}else{
$HAS_DNSSEC=0;
plan tests => 270;
}
};
if ($HAS_DNSSEC){ # Create key material
diag "The suite will run additonal DNSSEC tests";
my $privrsakey= << 'ENDRSA' ;
Private-key-format: v1.2
Algorithm: 5 (RSASHA1)
Modulus: osG7zULAQoU3HxVnQl0dj8pLCcxA4ZQk9lgSzd+Q5GvhQYPS4vtnBRvwQDPTckfINqHYbxLQBZGYyl3n0ZQ0W5GDUlnDkeKk+2fe0UIbArY+xkODYGBmv6VGDk1K0kc7mH6cYHUciEtPMdyzYa9hIPfPDp2IE0+BRpr3hPkRnLE=
PublicExponent: Aw==
PrivateExponent: bIEn3iyALFjPag5E1ui+X9wyBogrQQ1t+ZAMiT+17Z1A1lfh7KeaA2f1gCKM9tqFecE69Lc1WQu7MZPv4Q14O/uDO/th5aF6oUL6kYYiSkbmxZ138w6g/PRh+Y/F135Hz8nVyTLrbmo+l5tjiaN5LOgUjvYYwSR3k1FFhgW3zks=
Prime1: zF8a/5xhYpBZH7uVB0xxuo7FbepslQnCSudXRd+1KFmpJ6z4XSDEJVl/XngaVw4j4IvHL9FpjF8JkH1PUn2c7Q==
Prime2: y99dYRRYDdywY6th8ZshkVXYaWUHNWuB68vAr8JZ4XY3qC66S5qehpfPFSX44x05uyRw/JGIDG7gEJHsngBKVQ==
Exponent1: iD9nVRLrlwrmFSe4r4hL0bSDnpxIY1vW3Jo6LpUjcDvGGnNQPhXYGOZU6aVm5LQX6wfaH+DxCD9btajfjFO98w==
Exponent2: h+o+QLg6s+h1l8eWoRIWYOPlm5ivePJWnTKAdSw766QlGsnRh7xprw/fY26l7L4mfML1/bZasvSVYGFIaVWG4w==
Coefficient: BV4xfdcDiyLKBr6647EUocgAziN3qfVsfJc0DdJjYW3VnuECVvNo8Q2ehAYTAwdzNRjBhwB7ZV3Mi6+S8OXFTQ==
ENDRSA
open (RSA,">$keypathrsa") or die "Could not open $keypathrsa";
print RSA $privrsakey;
close(RSA);
$rsakeyrr=new Net::DNS::RR ("example.com. IN DNSKEY 256 3 5 AQOiwbvNQsBChTcfFWdCXR2PyksJzEDhlCT2WBLN35Dka+FBg9Li+2cF G/BAM9NyR8g2odhvEtAFkZjKXefRlDRbkYNSWcOR4qT7Z97RQhsCtj7G Q4NgYGa/pUYOTUrSRzuYfpxgdRyIS08x3LNhr2Eg988OnYgTT4FGmveE +RGcsQ==
");
ok( $rsakeyrr, 'RSA public key created'); # test 5
if ($HAS_DLV){
diag("DLV Supported in this version of Net::DNS::SEC");
my $dlv=new Net::DNS::RR ("dskey.example.com. 86400 IN DS 60485 5 2 (
D4B7D520E7BB5F0F67674A0C
CEB1E3E0614B93C4F9E99B83
83F6A1E4469DA50A )");
ok( $dlv, "DLV RR created");
}
if ($HAS_NSEC3PARAM){
diag("NSEC3PARAM / NSEC3 Supported in this version of Net::DNS::SEC (no tests yet)");
}
}
BEGIN { use_ok('Net::DNS'); }
#------------------------------------------------------------------------------
# Canned data.
#------------------------------------------------------------------------------
my $name = "foo.example.com";
my $class = "IN";
my $ttl = 43200;
my @rrs = (
{ #[0]
type => 'A',
address => '10.0.0.1',
},
{ #[1]
type => 'AAAA',
address => '102:304:506:708:90a:b0c:d0e:ff10',
},
{ #[2]
type => 'AFSDB',
subtype => 1,
hostname => 'afsdb-hostname.example.com',
},
{ #[3]
type => 'CNAME',
cname => 'cname-cname.example.com',
},
{ #[4]
type => 'DNAME',
dname => 'dname.example.com',
},
{ #[5]
type => 'HINFO',
cpu => 'test-cpu',
os => 'test-os',
},
{ #[6]
type => 'ISDN',
address => '987654321',
sa => '001',
},
{ #[7]
type => 'MB',
madname => 'mb-madname.example.com',
},
{ #[8]
type => 'MG',
mgmname => 'mg-mgmname.example.com',
},
{ #[9]
type => 'MINFO',
rmailbx => 'minfo-rmailbx.example.com',
emailbx => 'minfo-emailbx.example.com',
},
{ #[10]
type => 'MR',
newname => 'mr-newname.example.com',
},
{ #[11]
type => 'MX',
preference => 10,
exchange => 'mx-exchange.example.com',
},
{ #[12]
type => 'NAPTR',
order => 100,
preference => 10,
flags => 'naptr-flags',
service => 'naptr-service',
regexp => 'naptr-regexp',
replacement => 'naptr-rEplacement.example.com',
},
{ #[13]
type => 'NS',
nsdname => 'ns-nsdname.example.com',
},
{ #[14]
type => 'NSAP',
afi => '47',
idi => '0005',
dfi => '80',
aa => '005a00',
rd => '1000',
area => '0020',
id => '00800a123456',
sel => '00',
},
{ #[15]
type => 'PTR',
ptrdname => 'ptr-ptrdname.example.com',
},
{ #[16]
type => 'PX',
preference => 10,
map822 => 'px-map822.example.com',
mapx400 => 'px-mapx400.example.com',
},
{ #[17]
type => 'RP',
mbox => 'rp-mbox.example.com',
txtdname => 'rp-txtdname.example.com',
},
{ #[18]
type => 'RT',
preference => 10,
intermediate => 'rt-intermediate.example.com',
},
{ #[19]
type => 'SOA',
mname => 'soa-mname.example.com',
rname => 'soa-rname.example.com',
serial => 12345,
refresh => 7200,
retry => 3600,
expire => 2592000,
minimum => 86400,
},
{ #[20]
type => 'SRV',
priority => 1,
weight => 2,
port => 3,
target => 'srv-target.example.com',
},
{ #[21]
type => 'TXT',
txtdata => 'txt-txtdata',
},
{ #[22]
type => 'X25',
psdn => 123456789,
},
{ #[23]
type => 'LOC',
version => 0,
size => 3000,
horiz_pre => 500000,
vert_pre => 500,
latitude => 2001683648,
longitude => 1856783648,
altitude => 9997600,
}, #[24]
{
type => 'CERT',
'format' => 3,
tag => 1,
algorithm => 1,
certificate => '123456789abcdefghijklmnopqrstuvwxyz',
},
{ #[25]
type => 'SPF',
txtdata => 'txt-txtdata',
},
# 38.2.0.192.in-addr.arpa. 7200 IN IPSECKEY ( 10 1 2
# 192.0.2.38
# AQNRU3mG7TVTO2BkR47usntb102uFJtugbo6BSGvgqt4AQ== )
{ #[26]
type => 'IPSECKEY',
precedence => 10,
algorithm => 2,
gatetype => 1,
gateway => '192.0.2.38',
pubkey => "AQNRU3mG7TVTO2BkR47usntb102uFJtugbo6BSGvgqt4AQ==",
},
{ #[27]
type => 'IPSECKEY',
precedence => 10,
algorithm => 2,
gatetype => 0,
gateway => '.',
pubkey => "AQNRU3mG7TVTO2BkR47usntb102uFJtugbo6BSGvgqt4AQ==",
},
{ #[28]
type => 'IPSECKEY',
precedence => 10,
algorithm => 1,
gatetype => 2,
gateway => '2001:db8:0:8002:0:2000:1:0',
pubkey => "AQNRU3mG7TVTO2BkR47usntb102uFJtugbo6BSGvgqt4AQ==",
},
{ #[28]
type => 'IPSECKEY',
precedence => 10,
algorithm => 2,
gatetype => 3,
gateway => 'gateway.example.com',
pubkey => "AQNRU3mG7TVTO2BkR47usntb102uFJtugbo6BSGvgqt4AQ==",
},
);
#------------------------------------------------------------------------------
# Create the packet and signatures (if DNSSEC is available.)
#------------------------------------------------------------------------------
my @rrsigs;
my $packet = Net::DNS::Packet->new($name);
ok($packet, 'Packet created');
foreach my $data (@rrs) {
my $RR=Net::DNS::RR->new(
name => $name,
ttl => $ttl,
%{$data});
if ($HAS_DNSSEC){
my $sigrr= create Net::DNS::RR::RRSIG( [ $RR ],
$keypathrsa,
(
ttl => 360,
sigval => 100,
));
# $sigrr->print;
push @rrsigs, $sigrr;
}
$packet->push('answer', $RR );
}
#------------------------------------------------------------------------------
# Re-create the packet from data.
#------------------------------------------------------------------------------
my $data = $packet->data;
ok($data, 'Packet has data after pushes');
undef $packet;
$packet = Net::DNS::Packet->new(\$data);
ok($packet, 'Packet reconstructed from data');
my @answer = $packet->answer;
ok(@answer && @answer == @rrs, 'Packet returned correct answer section');
while (@answer and @rrs) {
my $data = shift @rrs;
my $rr = shift @answer;
my $type = $data->{'type'};
ok($rr, "$type - RR defined");
is($rr->name, $name, "$type - name() correct");
is($rr->class, $class, "$type - class() correct");
is($rr->ttl, $ttl, "$type - ttl() correct");
foreach my $meth (keys %{$data}) {
is($rr->$meth(), $data->{$meth}, "$type - $meth() correct");
}
my $rr2 = Net::DNS::RR->new($rr->string);
is($rr2->string, $rr->string, "$type - Parsing from string works");
if ($HAS_DNSSEC){
my $rrsig=shift @rrsigs;
ok($rrsig->verify([ $rr ], $rsakeyrr), "RR of type ".$type." signature creation/validation cycle");
}
}
unlink($keypathrsa);