Update implementation of Nameserver15

Follows test specification update (zonemaster/zonemaster#1199). Unit tests and data are also updated, based on zonemaster/zonemaster#1217.
zonemaster · Nov 16, 2023 · f4af7a2 · f4af7a2
1 parent 49ecbf6
commit f4af7a2
Show file tree

Hide file tree

Showing 5 changed files with 204 additions and 150 deletions.
diff --git a/lib/Zonemaster/Engine/Test/Nameserver.pm b/lib/Zonemaster/Engine/Test/Nameserver.pm
@@ -254,10 +254,10 @@ sub metadata {
         ],
         nameserver15 => [
             qw(
-              N15_NO_VERSION
+              N15_ERROR_ON_VERSION_QUERY
+              N15_NO_VERSION_REVEALED
               N15_SOFTWARE_VERSION
-              TEST_CASE_END
-              TEST_CASE_START
+              N15_WRONG_CLASS
               )
         ],
     };
@@ -493,13 +493,21 @@ Readonly my %TAG_DESCRIPTIONS => (
         __x    # NAMESERVER:N11_UNSET_AA
           'The DNS response, on query with unknown EDNS option-code, is unexpectedly not authoritative from name servers "{ns_ip_list}".', @_;
     },
-    N15_NO_VERSION => sub {
-        __x    # NAMESERVER:N15_NO_VERSION
-          'The following name server(s) do not respond to software version queries. Returned from name servers: "{ns_ip_list}"', @_;
+    N15_ERROR_ON_VERSION_QUERY => sub {
+        __x    # NAMESERVER:N15_ERROR_ON_VERSION_QUERY
+          'The following name server(s) do not respond or respond with SERVFAIL to software version query "{query_name}". Returned from name servers: "{ns_list}"', @_;
+    },
+    N15_NO_VERSION_REVEALED => sub {
+        __x    # NAMESERVER:N15_NO_VERSION_REVEALED
+          'The following name server(s) do not reveal the software version. Returned from name servers: "{ns_list}"', @_;
     },
     N15_SOFTWARE_VERSION => sub {
         __x    # NAMESERVER:N15_SOFTWARE_VERSION
-          'The following name server(s) respond to software version query "{query_name}" with string "{string}". Returned from name servers: "{ns_ip_list}"', @_;
+          'The following name server(s) respond to software version query "{query_name}" with string "{string}". Returned from name servers: "{ns_list}"', @_;
+    },
+    N15_WRONG_CLASS => sub {
+        __x    # NAMESERVER:N15_WRONG_CLASS
+          'The following name server(s) do not return CH class record(s) on CH class query. Returned from name servers: "{ns_list}"', @_;
     },
     QNAME_CASE_INSENSITIVE => sub {
         __x    # NAMESERVER:QNAME_CASE_INSENSITIVE
@@ -1669,32 +1677,45 @@ sub nameserver15 {
     push my @results, info( TEST_CASE_START => { testcase => (split /::/, (caller(0))[3])[-1] } );
 
     my %txt_data;
-    my @no_version;
+    my %error_on_version_query;
+    my %sending_version_query;
+    my @wrong_record_class;
 
     foreach my $ns ( @{ Zonemaster::Engine::TestMethods->method4and5( $zone ) } ) {
+        next if ( _ip_disabled_message( \@results, $ns, q{SOA TXT} ) );
 
-        next if ( _ip_disabled_message( \@results, $ns, q{TXT} ) );
+        my $p_soa = $ns->query( $zone->name, q{SOA} );
 
-        my $found_string = 0;
+        next if not $p_soa;
+
+        $sending_version_query{$ns} = 1;
 
         foreach my $query_name ( q{version.bind}, q{version.server} ) {
-            my $p = $ns->query( $query_name, q{TXT}, { class => q{CH}, blacklisting_disabled => 1 } );
+            my $p_txt = $ns->query( $query_name, q{TXT}, { class => q{CH}, blacklisting_disabled => 1 } );
+
+            if ( not $p_txt or $p_txt->rcode eq q{SERVFAIL} ) {
+                push @{ $error_on_version_query{$query_name} }, $ns;
+                next;
+            }
+
+            my @rrs_txt = $p_txt->get_records_for_name(q{TXT}, $query_name, q{answer});
+
+            if ( scalar @rrs_txt ) {
+                foreach my $rr ( @rrs_txt ) {
+                    if ( $rr->class ne q{CH} ) {
+                        push @wrong_record_class, $ns;
+                    }
 
-            if ( $p and $p->rcode eq q{NOERROR} and scalar $p->get_records_for_name( q{TXT}, $query_name, q{answer} ) ) {
-                foreach my $rr ( $p->get_records_for_name(q{TXT}, $query_name, q{answer} ) ) {
                     my $string = $rr->txtdata;
+                    $string =~ s/^\s+|\s+$//g; # Remove leading and trailing spaces
 
                     if ( $string and $string ne "") {
-                        $found_string = 1;
-                        push @{ $txt_data{$string}{$query_name} }, $ns->string;
+                        push @{ $txt_data{$string}{$query_name} }, $ns;
+                        delete $sending_version_query{$ns};
                     }
                 }
             }
         }
-
-        if ( not $found_string ) {
-            push @no_version, $ns->string;
-        }
     }
 
     if ( scalar keys %txt_data ) {
@@ -1704,18 +1725,38 @@ sub nameserver15 {
                 N15_SOFTWARE_VERSION => {
                    string => $string,
                    query_name => $_,
-                   ns_ip_list => join( q{;}, uniq sort @{ $txt_data{$string}{$_} } )
+                   ns_list => join( q{;}, sort @{ $txt_data{$string}{$_} } )
                 }
               )
             } keys %{ $txt_data{$string} };
         }
     }
 
-    if ( scalar @no_version ) {
+    if ( scalar keys %error_on_version_query ) {
+        push @results, map {
+          info(
+            N15_ERROR_ON_VERSION_QUERY => {
+               query_name => $_,
+               ns_list => join( q{;}, sort @{ $error_on_version_query{$_} } )
+            }
+          )
+        } keys %error_on_version_query;
+    }
+
+    if ( scalar keys %sending_version_query ) {
+        push @results,
+          info(
+            N15_NO_VERSION_REVEALED => {
+               ns_list => join( q{;}, sort keys %sending_version_query )
+            }
+          );
+    }
+
+    if ( scalar @wrong_record_class ) {
         push @results,
           info(
-            N15_NO_VERSION => {
-               ns_ip_list => join( q{;}, uniq sort @no_version )
+            N15_WRONG_CLASS => {
+               ns_list => join( q{;}, sort @wrong_record_class )
             }
           );
     }

diff --git a/share/profile.json b/share/profile.json
@@ -359,8 +359,10 @@
             "N11_UNEXPECTED_ANSWER_SECTION" : "WARNING",
             "N11_UNEXPECTED_RCODE" : "WARNING",
             "N11_UNSET_AA" : "WARNING",
-            "N15_NO_VERSION": "INFO",
-            "N15_SOFTWARE_VERSION": "INFO",
+            "N15_ERROR_ON_VERSION_QUERY" : "NOTICE",
+            "N15_NO_VERSION_REVEALED" : "INFO",
+            "N15_SOFTWARE_VERSION" : "NOTICE",
+            "N15_WRONG_CLASS" : "WARNING",
             "QNAME_CASE_INSENSITIVE" : "WARNING",
             "QNAME_CASE_SENSITIVE" : "INFO",
             "QUERY_DROPPED" : "NOTICE",

diff --git a/share/profile.yaml b/share/profile.yaml
@@ -74,6 +74,7 @@ test_cases:
   - nameserver11
   - nameserver12
   - nameserver13
+  - nameserver15
   - syntax01
   - syntax02
   - syntax03
@@ -395,6 +396,10 @@ test_levels:
     N11_UNEXPECTED_ANSWER_SECTION: WARNING
     N11_UNEXPECTED_RCODE: WARNING
     N11_UNSET_AA: WARNING
+    N15_ERROR_ON_VERSION_QUERY: NOTICE
+    N15_NO_VERSION_REVEALED: INFO
+    N15_SOFTWARE_VERSION: NOTICE
+    N15_WRONG_CLASS: WARNING
     NO_EDNS_SUPPORT: WARNING
     NO_RECURSOR: INFO
     NO_RESOLUTION: ERROR