Skip to content

Commit

Permalink
Update DNSSEC10 implementation
Browse files Browse the repository at this point in the history
  • Loading branch information
@tgreenx
tgreenx committed Nov 19, 2024
1 parent 1b8482e commit 2a83a5d
Show file tree
Hide file tree
Showing 7 changed files with 1,402 additions and 410 deletions.
2 changes: 2 additions & 0 deletions MANIFEST
View file
Original file line number Diff line number Diff line change
Expand Up @@ -237,6 +237,8 @@ t/Test-dnssec05-I.data
t/Test-dnssec05-I.t
t/Test-dnssec05-J.data
t/Test-dnssec05-J.t
t/Test-dnssec10.data
t/Test-dnssec10.t
t/Test-dnssec16.data
t/Test-dnssec16.t
t/Test-nameserver.data
Expand Down
1 change: 1 addition & 0 deletions Makefile.PL
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,7 @@ requires 'Email::Valid' => 0;
requires 'File::ShareDir' => 1.00;
requires 'File::Slurp' => 0;
requires 'IO::Socket::INET6' => 2.69;
requires 'List::Compare' => 0;
requires 'List::MoreUtils' => 0;
requires 'Locale::TextDomain' => 1.20;
requires 'Log::Any' => 0;
Expand Down
1,051 changes: 653 additions & 398 deletions lib/Zonemaster/Engine/Test/DNSSEC.pm
View file

Large diffs are not rendered by default.

33 changes: 27 additions & 6 deletions share/profile.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -257,20 +257,41 @@
"DS09_SOA_RRSIG_EXPIRED" : "ERROR",
"DS09_SOA_RRSIG_NOT_YET_VALID" : "ERROR",
"DS10_ALGO_NOT_SUPPORTED_BY_ZM" : "NOTICE",
"DS10_ANSWER_VERIFY_ERROR" : "DEBUG",
"DS10_ERR_MULT_NSEC" : "ERROR",
"DS10_ERR_MULT_NSEC3" : "ERROR",
"DS10_EXPECTED_NSEC_NSEC3_MISSING" : "ERROR",
"DS10_HAS_NSEC" : "INFO",
"DS10_HAS_NSEC3" : "INFO",
"DS10_INCONSISTENT_NSEC" : "ERROR",
"DS10_INCONSISTENT_NSEC3" : "ERROR",
"DS10_INCONSISTENT_NSEC_NSEC3" : "ERROR",
"DS10_MISSING_NSEC_NSEC3" : "ERROR",
"DS10_MIXED_NSEC_NSEC3" : "ERROR",
"DS10_NAME_NOT_COVERED_BY_NSEC" : "ERROR",
"DS10_NAME_NOT_COVERED_BY_NSEC3" : "ERROR",
"DS10_NON_EXISTENT_RESPONSE_ERROR" : "ERROR",
"DS10_NSEC3PARAM_GIVES_ERR_ANSWER" : "ERROR",
"DS10_NSEC3PARAM_QUERY_RESPONSE_ERR" : "ERROR",
"DS10_NSEC3_ERR_TYPE_LIST" : "ERROR",
"DS10_NSEC3_MISMATCHES_APEX" : "ERROR",
"DS10_NSEC3_MISSING_SIGNATURE" : "ERROR",
"DS10_NSEC3_NODATA_MISSING_SOA" : "ERROR",
"DS10_NSEC3_NODATA_WRONG_SOA" : "ERROR",
"DS10_NSEC3_NO_VERIFIED_SIGNATURE" : "ERROR",
"DS10_NSEC3_RRSIG_EXPIRED" : "ERROR",
"DS10_NSEC3_RRSIG_NOT_YET_VALID" : "ERROR",
"DS10_NSEC3_RRSIG_NO_DNSKEY" : "WARNING",
"DS10_NSEC3_RRSIG_VERIFY_ERROR" : "ERROR",
"DS10_NSEC_ERR_TYPE_LIST" : "ERROR",
"DS10_NSEC_GIVES_ERR_ANSWER" : "ERROR",
"DS10_NSEC_MISMATCHES_APEX" : "ERROR",
"DS10_NSEC_MISSING_SIGNATURE" : "ERROR",
"DS10_NSEC_NODATA_MISSING_SOA" : "ERROR",
"DS10_NSEC_NODATA_WRONG_SOA" : "ERROR",
"DS10_NSEC_NO_VERIFIED_SIGNATURE" : "ERROR",
"DS10_NSEC_QUERY_RESPONSE_ERR" : "ERROR",
"DS10_NSEC_RRSIG_EXPIRED" : "ERROR",
"DS10_NSEC_RRSIG_NOT_YET_VALID" : "ERROR",
"DS10_NSEC_RRSIG_NO_DNSKEY" : "WARNING",
"DS10_NSEC_RRSIG_VERIFY_ERROR" : "ERROR",
"DS10_UNSIGNED_ANSWER" : "ERROR",
"DS10_SERVER_NO_DNSSEC" : "ERROR",
"DS10_ZONE_NO_DNSSEC" : "NOTICE",
"DS11_INCONSISTENT_DS" : "WARNING",
"DS11_INCONSISTENT_SIGNED_ZONE" : "ERROR",
"DS11_UNDETERMINED_DS" : "ERROR",
Expand Down
33 changes: 27 additions & 6 deletions share/profile.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -322,20 +322,41 @@ test_levels:
DS09_SOA_RRSIG_EXPIRED: ERROR
DS09_SOA_RRSIG_NOT_YET_VALID: ERROR
DS10_ALGO_NOT_SUPPORTED_BY_ZM: NOTICE
DS10_ANSWER_VERIFY_ERROR: DEBUG # Temporarily lowered from ERROR due to https://github.com/zonemaster/zonemaster/issues/1153
DS10_ERR_MULT_NSEC: ERROR
DS10_ERR_MULT_NSEC3: ERROR
DS10_EXPECTED_NSEC_NSEC3_MISSING: ERROR
DS10_HAS_NSEC: INFO
DS10_HAS_NSEC3: INFO
DS10_INCONSISTENT_NSEC: ERROR
DS10_INCONSISTENT_NSEC3: ERROR
DS10_INCONSISTENT_NSEC_NSEC3: ERROR
DS10_MISSING_NSEC_NSEC3: ERROR
DS10_MIXED_NSEC_NSEC3: ERROR
DS10_NAME_NOT_COVERED_BY_NSEC: ERROR
DS10_NAME_NOT_COVERED_BY_NSEC3: ERROR
DS10_NON_EXISTENT_RESPONSE_ERROR: ERROR
DS10_NSEC3PARAM_GIVES_ERR_ANSWER: ERROR
DS10_NSEC3PARAM_QUERY_RESPONSE_ERR: ERROR
DS10_NSEC3_ERR_TYPE_LIST: ERROR
DS10_NSEC3_MISMATCHES_APEX: ERROR
DS10_NSEC3_MISSING_SIGNATURE: ERROR
DS10_NSEC3_NODATA_MISSING_SOA: ERROR
DS10_NSEC3_NODATA_WRONG_SOA: ERROR
DS10_NSEC3_NO_VERIFIED_SIGNATURE: ERROR
DS10_NSEC3_RRSIG_EXPIRED: ERROR
DS10_NSEC3_RRSIG_NOT_YET_VALID: ERROR
DS10_NSEC3_RRSIG_NO_DNSKEY: WARNING
DS10_NSEC3_RRSIG_VERIFY_ERROR: ERROR
DS10_NSEC_ERR_TYPE_LIST: ERROR
DS10_NSEC_GIVES_ERR_ANSWER: ERROR
DS10_NSEC_MISMATCHES_APEX: ERROR
DS10_NSEC_MISSING_SIGNATURE: ERROR
DS10_NSEC_NODATA_MISSING_SOA: ERROR
DS10_NSEC_NODATA_WRONG_SOA: ERROR
DS10_NSEC_NO_VERIFIED_SIGNATURE: ERROR
DS10_NSEC_QUERY_RESPONSE_ERR: ERROR
DS10_NSEC_RRSIG_EXPIRED: ERROR
DS10_NSEC_RRSIG_NOT_YET_VALID: ERROR
DS10_NSEC_RRSIG_NO_DNSKEY: WARNING
DS10_NSEC_RRSIG_VERIFY_ERROR: ERROR
DS10_UNSIGNED_ANSWER: ERROR
DS10_SERVER_NO_DNSSEC: ERROR
DS10_ZONE_NO_DNSSEC: NOTICE
DS11_DS_BUT_UNSIGNED_ZONE: ERROR
DS11_INCONSISTENT_DS: WARNING
DS11_INCONSISTENT_SIGNED_ZONE: ERROR
Expand Down
200 changes: 200 additions & 0 deletions t/Test-dnssec10.data
View file

Large diffs are not rendered by default.

Loading

0 comments on commit 2a83a5d

Please sign in to comment.