Skip to content
Snippets Groups Projects
Commit ab832af4 authored by Jan Včelák's avatar Jan Včelák :rocket:
Browse files

tests: responses to signed DDNS queries should be signed

parent fb0f6690
No related branches found
No related tags found
1 merge request!264tests: DDNS response signatures checking
Hide whitespace changes
Inline Side-by-side
tests-extra/tools/dnstest/update.py
+ 6
1
View file @ ab832af4
......@@ -36,4 +36,9 @@ class Update(object):
detail_log(SEP)
resp = dns.query.tcp(self.upd, self.server.addr, port=self.server.port)
compare(dns.rcode.to_text(resp.rcode()), rc, "UPDATE RCODE")
resp_rc = dns.rcode.to_text(resp.rcode())
compare(resp_rc, rc, "UPDATE RCODE")
if resp_rc == "NOERROR" and self.upd.keyring and not resp.had_tsig:
  • Ghost User @ghost ·
    Contributor

    Is there an easy way to actually check the validity?

  • Jan Včelák :rocket: @jvcelak ·
    Author Contributor

    dnspython raises an exception when the signature is invalid. But does not require the answer to be signed.

  • Please register or sign in to reply
set_err("INVALID RESPONSE")
check_log("ERROR: Expected TSIG signed response")
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment