Update implementation of Nameserver11 - zonemaster#993

tgreenx · Jan 3, 2022 · 71a38bc · 71a38bc
1 parent 087066d
commit 71a38bc
Show file tree

Hide file tree

Showing 2 changed files with 78 additions and 15 deletions.
diff --git a/lib/Zonemaster/Engine/Test/Nameserver.pm b/lib/Zonemaster/Engine/Test/Nameserver.pm
@@ -188,9 +188,13 @@ sub metadata {
         ],
         nameserver11 => [
             qw(
+              BREAKS_ON_EDNS
+              EDNS_RESPONSE_WITHOUT_EDNS
+              EDNS_VERSION_ERROR
               NO_RESPONSE
               NO_EDNS_SUPPORT
               UNKNOWN_OPTION_CODE
+              EDNS_OPTION_CODE_SUPPORT
               NS_ERROR
               TEST_CASE_END
               TEST_CASE_START
@@ -313,6 +317,10 @@ Readonly my %TAG_DESCRIPTIONS => (
         __x    # NAMESERVER:EDNS0_SUPPORT
           'The following nameservers support EDNS0 : {ns_list}.', @_;
     },
+    EDNS_OPTION_CODE_SUPPORT => sub {
+        __x    # NAMESERVER:EDNS_OPTION_CODE_SUPPORT
+          'The following nameservers support unknown EDNS OPTION-CODE : {ns_list}.', @_;
+    },
     IPV4_DISABLED => sub {
         __x    # NAMESERVER:IPV4_DISABLED
           'IPv4 is disabled, not sending "{rrtype}" query to {ns}.', @_;
@@ -1075,32 +1083,86 @@ sub nameserver11 {
     my $opt_length = length($opt_data);
     my $rdata = $opt_code*65536 + $opt_length;
 
+    my %nsnames_and_ip;
+
     for my $ns ( @nss ) {
-        my $p = $ns->query( $zone->name, q{SOA}, { edns_details => { data => $rdata } } );
+        next if $nsnames_and_ip{ $ns->name->string . q{/} . $ns->address->short };
+
+        my $p = $ns->query( $zone->name, q{SOA}, { edns_size => 512 } );
+        my $p2 = $ns->query( $zone->name, q{SOA}, { edns_details => { data => $rdata } } );
+
         if ( $p ) {
-            if ( $p->rcode eq q{FORMERR} and not $p->edns_rcode ) {
+            if ( $p->rcode eq q{FORMERR} and not $p->has_edns ) {
                 push @results, info( NO_EDNS_SUPPORT => { ns => $ns->string } );
             }
-            elsif ( defined $p->edns_data ) {
-                push @results, info( UNKNOWN_OPTION_CODE => { ns => $ns->string } );
-            }
-            elsif ( $p->rcode eq q{NOERROR} and not $p->edns_rcode and $p->edns_version == 0 and not defined $p->edns_data and $p->get_records( q{SOA}, q{answer} ) ) {
+            elsif ( $p->rcode eq q{NOERROR} and not $p->edns_rcode and $p->get_records( q{SOA}, q{answer} ) and $p->edns_version == 0 ) {
+                if ( $p2 ) {
+                    if ( defined $p2->edns_data ) {
+                        push @results, info( UNKNOWN_OPTION_CODE => { ns => $ns->string } );
+                    }
+                    elsif ( $p2->rcode eq q{NOERROR} and not $p2->edns_rcode and $p2->edns_version == 0 and not defined $p2->edns_data and $p2->get_records( q{SOA}, q{answer} ) ) {
+                        $nsnames_and_ip{ $ns->name->string . q{/} . $ns->address->short }++;
+                        next;
+                    }
+                    else {
+                        push @results, info( NS_ERROR => { ns => $ns->string, } );
+                    }
+                }
                 next;
             }
+            elsif ( $p->rcode eq q{NOERROR} and not $p->has_edns ) {
+                push @results,
+                  info(
+                    EDNS_RESPONSE_WITHOUT_EDNS => {
+                        ns     => $ns->string,
+                        domain => $zone->name,
+                    }
+                  );
+            }
+            elsif ( $p->rcode eq q{NOERROR} and $p->has_edns and $p->edns_version != 0 ) {
+                push @results,
+                  info(
+                    EDNS_VERSION_ERROR => {
+                        ns     => $ns->string,
+                        domain => $zone->name,
+                    }
+                  );
+            }
             else {
-                push @results, info( NS_ERROR => { ns => $ns->string, } );
+                push @results, info( NS_ERROR => { ns => $ns->string } );
             }
         }
         else {
-            push @results,
-              info(
-                NO_RESPONSE => {
-                    ns     => $ns->string,
-                    domain => $zone->name,
-                }
-              );
+            my $p3 = $ns->query( $zone->name, q{SOA} );
+            if ( $p3 ) {
+                push @results,
+                  info(
+                    BREAKS_ON_EDNS => {
+                        ns     => $ns->string,
+                        domain => $zone->name,
+                    }
+                  );
+            }
+            else {
+                push @results,
+                  info(
+                    NO_RESPONSE => {
+                        ns     => $ns->string,
+                        domain => $zone->name,
+                    }
+                  );
+            }
         }
-
+        $nsnames_and_ip{ $ns->name->string . q{/} . $ns->address->short }++;
+    }
+
+    if ( scalar keys %nsnames_and_ip and not grep { $_->tag ne q{TEST_CASE_START} } @results ) {
+        push @results,
+          info(
+            EDNS_OPTION_CODE_SUPPORT => {
+                ns_list => join( q{;}, keys %nsnames_and_ip ),
+            }
+          );
     }
 
     return ( @results, info( TEST_CASE_END => { testcase => (split /::/, (caller(0))[3])[-1] } ) );

diff --git a/share/profile.json b/share/profile.json
@@ -308,6 +308,7 @@
             "CASE_QUERY_SAME_RC" : "DEBUG",
             "DIFFERENT_SOURCE_IP" : "WARNING",
             "EDNS0_SUPPORT" : "INFO",
+            "EDNS_OPTION_CODE_SUPPORT" : "INFO",
             "EDNS_RESPONSE_WITHOUT_EDNS" : "ERROR",
             "EDNS_VERSION_ERROR" : "ERROR",
             "IPV4_DISABLED" : "DEBUG",