add tests for EDE 13 support

Add system test covering EDE 13 being added in the response in case of
SERVFAIL cache hits.

diff --git a/bin/tests/system/sfcache/ns5/named.conf.in b/bin/tests/system/sfcache/ns5/named.conf.j2
similarity index 91%
rename from bin/tests/system/sfcache/ns5/named.conf.in
rename to bin/tests/system/sfcache/ns5/named.conf.j2
index 36bfb96759d59ea52a15c4ccd2f3694f660f0e63..6d19f16ed466af56b10cab701e8f39e8a73b36f8 100644 (file)
--- a/bin/tests/system/sfcache/ns5/named.conf.in
+++ b/bin/tests/system/sfcache/ns5/named.conf.j2
@@ -13,6 +13,8 @@
 
 // NS5
 
+{% set servfail_ttl = servfail_ttl | default(30) %}
+
 options {
        query-source address 10.53.0.5;
        notify-source 10.53.0.5;
@@ -23,7 +25,7 @@ options {
        listen-on-v6 { none; };
        recursion yes;
        dnssec-validation yes;
-       servfail-ttl 30;
+       servfail-ttl @servfail_ttl@;
 };
 
 key rndc_key {

diff --git a/bin/tests/system/sfcache/setup.sh b/bin/tests/system/sfcache/setup.sh
index a51b814b94369cfe9fa4cc9a9d209856661272bf..0ff78b71c32da9f2642e9152c0b0cf5f1a6d2019 100644 (file)
--- a/bin/tests/system/sfcache/setup.sh
+++ b/bin/tests/system/sfcache/setup.sh
@@ -18,7 +18,6 @@ set -e
 
 copy_setports ns1/named.conf.in ns1/named.conf
 copy_setports ns2/named.conf.in ns2/named.conf
-copy_setports ns5/named.conf.in ns5/named.conf
 
 cd ns1 && $SHELL sign.sh && cd ..
 cd ns5 && $SHELL sign.sh && cd ..

diff --git a/bin/tests/system/sfcache/tests_sfcache.py b/bin/tests/system/sfcache/tests_sfcache.py
new file mode 100644 (file)
index 0000000..4802fba
--- /dev/null
+++ b/bin/tests/system/sfcache/tests_sfcache.py
@@ -0,0 +1,48 @@
+# Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+#
+# SPDX-License-Identifier: MPL-2.0
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0.  If a copy of the MPL was not distributed with this
+# file, you can obtain one at https://mozilla.org/MPL/2.0/.
+#
+# See the COPYRIGHT file distributed with this work for additional
+# information regarding copyright ownership.
+
+import time
+
+import isctest
+from isctest.compat import EDECode
+
+
+def check_sfcache_ede(ns, ede):
+    msg = isctest.query.create("foo.example.", "A")
+    res = isctest.query.udp(msg, ns.ip)
+    isctest.check.servfail(res)
+    if ede:
+        isctest.check.ede(res, EDECode.CACHED_ERROR)
+    else:
+        isctest.check.noede(res)
+
+
+def test_sfcache_ede(ns5, templates):
+    # Reconfigure the server so servfail-ttl is 1 second
+    templates.render("ns5/named.conf", {"servfail_ttl": 1})
+    with ns5.watch_log_from_here() as watcher:
+        ns5.rndc("reload")
+        watcher.wait_for_line("running")
+
+    # First query do not have a cached SERVFAIL, no EDE
+    check_sfcache_ede(ns5, False)
+
+    # Immediates next queries are cached SERVFAIL, EDE present
+    check_sfcache_ede(ns5, True)
+    check_sfcache_ede(ns5, True)
+
+    # Wait enough time so we know he cached SERVFAIL is removed
+    time.sleep(2)
+
+    # And again, first query is not cached, subsequent ones are.
+    check_sfcache_ede(ns5, False)
+    check_sfcache_ede(ns5, True)
+    check_sfcache_ede(ns5, True)