distro/tests/ansible-roles/knot_resolver/tasks/test_doh2.yaml


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24

---
# SPDX-License-Identifier: GPL-3.0-or-later
- name: doh2_test check kdig https support
  shell: kdig --help | grep -q '+\S*https'
  register: kdig_https
  ignore_errors: true

- name: doh2_test query localhost. A
  # use curl instead of ansible builtins (get_url/uri)
  # because they currently use unsupported HTTP/1.1
  shell: |
    curl -k -o /tmp/doh_test https://127.0.0.1:44354/doh?dns=1Y0BAAABAAAAAAAACWxvY2FsaG9zdAAAAQAB
    echo "e5c2710e6ecb78c089ab608ad5861b87be0d1c623c4d58b4eee3b21c06aa2008  /tmp/doh_test" > /tmp/doh_test.sha256
    sha256sum --check /tmp/doh_test.sha256
  args:
    # disable warning about using curl - we know what we're doing
    warn: false
  when: kdig_https is failed

- name: doh2_test kdig localhost. A
  shell: |
    kdig @127.0.0.1 -p 44354 +https nic.cz || exit 1
    kdig @127.0.0.1 -p 44354 +https-get nic.cz || exit 2
  when: kdig_https is succeeded