dns wildcards: tests to confirm BUG 13536

DNS wildcard matching failing if more than one label to the left of the
wildcard. This commits adds tests to confirm the bug.

Wildcard entry: *.example.org
bar.example.com matches
foo.bar.example.com does not, but it it should.

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Jeremy Allison <jra@samba.org>

diff --git a/python/samba/tests/dns_wildcard.py b/python/samba/tests/dns_wildcard.py
index ca8426a6f1442e54de0e74dbd997369cff09f7b1..01e06b8e262ff4080b14338d87b814e331490458 100644 (file)
--- a/python/samba/tests/dns_wildcard.py
+++ b/python/samba/tests/dns_wildcard.py
@@ -172,6 +172,30 @@ class TestWildCardQueries(DNSTest):
         self.assertEquals(response.answers[0].rr_type, dns.DNS_QTYPE_A)
         self.assertEquals(response.answers[0].rdata, WILDCARD_IP)
 
+    def test_one_a_query_match_wildcard_2_labels(self):
+        """ Query an A record, should match the wild card entry
+            have two labels to the left of the wild card target.
+        """
+
+        p = self.make_name_packet(dns.DNS_OPCODE_QUERY)
+        questions = []
+
+        # Check the record
+        name = "label2.label1.wildcardtest.%s" % self.get_dns_domain()
+        q = self.make_name_question(name,
+                                    dns.DNS_QTYPE_A,
+                                    dns.DNS_QCLASS_IN)
+        questions.append(q)
+
+        self.finish_name_packet(p, questions)
+        (response, response_packet) =\
+            self.dns_transaction_udp(p, host=self.server_ip)
+        self.assert_dns_rcode_equals(response, dns.DNS_RCODE_OK)
+        self.assert_dns_opcode_equals(response, dns.DNS_OPCODE_QUERY)
+        self.assertEquals(response.ancount, 1)
+        self.assertEquals(response.answers[0].rr_type, dns.DNS_QTYPE_A)
+        self.assertEquals(response.answers[0].rdata, WILDCARD_IP)
+
     def test_one_a_query_wildcard_entry(self):
         "Query the wildcard entry"
 
@@ -239,6 +263,30 @@ class TestWildCardQueries(DNSTest):
         self.assertEquals(response.answers[0].rr_type, dns.DNS_QTYPE_A)
         self.assertEquals(response.answers[0].rdata, LEVEL2_WILDCARD_IP)
 
+    def test_one_a_query_match_wildcard_l2_2_labels(self):
+        """Query an A record, should match the level 2 wild card entry
+           have two labels to the left of the wild card target
+        """
+
+        p = self.make_name_packet(dns.DNS_OPCODE_QUERY)
+        questions = []
+
+        # Check the record
+        name = "label1.label2.level2.wildcardtest.%s" % self.get_dns_domain()
+        q = self.make_name_question(name,
+                                    dns.DNS_QTYPE_A,
+                                    dns.DNS_QCLASS_IN)
+        questions.append(q)
+
+        self.finish_name_packet(p, questions)
+        (response, response_packet) =\
+            self.dns_transaction_udp(p, host=self.server_ip)
+        self.assert_dns_rcode_equals(response, dns.DNS_RCODE_OK)
+        self.assert_dns_opcode_equals(response, dns.DNS_OPCODE_QUERY)
+        self.assertEquals(response.ancount, 1)
+        self.assertEquals(response.answers[0].rr_type, dns.DNS_QTYPE_A)
+        self.assertEquals(response.answers[0].rdata, LEVEL2_WILDCARD_IP)
+
     def test_one_a_query_exact_match_l2(self):
         """Query an entry that matches the wild card but has an exact match as
          well.

diff --git a/selftest/knownfail.d/dns_wildcard b/selftest/knownfail.d/dns_wildcard
new file mode 100644 (file)
index 0000000..2c9ade1
--- /dev/null
+++ b/selftest/knownfail.d/dns_wildcard
@@ -0,0 +1,5 @@
+# https://bugzilla.samba.org/show_bug.cgi?id=13536
+#
+
+^samba.*.TestWildCardQueries.test_one_a_query_match_wildcard_l2_2_labels
+^samba.*.TestWildCardQueries.test_one_a_query_match_wildcard_2_labels