/* append serial for IXFR */
if(qinfo.qtype == LDNS_RR_TYPE_IXFR) {
- sldns_buffer_set_position(buf, sldns_buffer_limit(buf));
+ size_t end = sldns_buffer_limit(buf);
+ sldns_buffer_clear(buf);
+ sldns_buffer_set_position(buf, end);
/* auth section count 1 */
- sldns_buffer_write_u16_at(buf, 1, LDNS_NSCOUNT_OFF);
+ sldns_buffer_write_u16_at(buf, LDNS_NSCOUNT_OFF, 1);
/* write SOA */
sldns_buffer_write_u8(buf, 0xC0); /* compressed ptr to qname */
sldns_buffer_write_u8(buf, 0x0C);
- sldns_buffer_write_u16(buf, qinfo.qtype);
+ sldns_buffer_write_u16(buf, LDNS_RR_TYPE_SOA);
sldns_buffer_write_u16(buf, qinfo.qclass);
sldns_buffer_write_u32(buf, 0); /* ttl */
sldns_buffer_write_u16(buf, 22); /* rdata length */
/* failed to parse RR */
return 0;
}
- if(verbosity>=7) log_rrlist_position("apply_ixfr",
+ if(verbosity>=7) log_rrlist_position("apply ixfr",
rr_chunk, rr_dname, rr_type, rr_counter);
/* twiddle add/del mode and check for start and end */
if(rr_counter == 0 && rr_type != LDNS_RR_TYPE_SOA)
if(have_transfer_serial == 0) {
have_transfer_serial = 1;
transfer_serial = serial;
- delmode = 0;
+ delmode = 1; /* gets negated below */
} else if(transfer_serial == serial) {
have_transfer_serial++;
if(rr_counter == 1) {
/* if the RR is deleted twice or added twice, then we
* softfail, and continue with the rest of the IXFR, so
* that we serve something fairly nice during the refetch */
+ if(verbosity>=7) log_rrlist_position((delmode?"del":"add"),
+ rr_chunk, rr_dname, rr_type, rr_counter);
if(delmode) {
/* delete this RR */
int nonexist = 0;
}
if(nonexist) {
/* it was removal of a nonexisting RR */
+ if(verbosity>=4) log_rrlist_position(
+ "IXFR error nonexistent RR",
+ rr_chunk, rr_dname, rr_type, rr_counter);
softfail = 1;
}
- } else {
+ } else if(rr_counter != 0) {
+ /* skip first SOA RR for addition, it is added in
+ * the addition part near the end of the ixfr, when
+ * that serial is seen the second time. */
int duplicate = 0;
/* add this RR */
if(!az_insert_rr_decompress(z, rr_chunk->data,
}
if(duplicate) {
/* it was a duplicate */
+ if(verbosity>=4) log_rrlist_position(
+ "IXFR error duplicate RR",
+ rr_chunk, rr_dname, rr_type, rr_counter);
softfail = 1;
}
}
rr_counter++;
chunk_rrlist_gonext(&rr_chunk, &rr_num, &rr_pos, rr_nextpos);
}
- if(softfail) return 0;
+ if(softfail) {
+ verbose(VERB_ALGO, "IXFR did not apply cleanly, fetching full zone");
+ return 0;
+ }
return 1;
}
--- /dev/null
+; config options
+server:
+ target-fetch-policy: "0 0 0 0 0"
+
+auth-zone:
+ name: "example.com."
+ ## zonefile (or none).
+ ## zonefile: "example.com.zone"
+ ## master by IP address or hostname
+ ## can list multiple masters, each on one line.
+ ## master:
+ master: 1.2.3.44
+ ## url for http fetch
+ ## url:
+ ## queries from downstream clients get authoritative answers.
+ ## for-downstream: yes
+ for-downstream: yes
+ ## queries are used to fetch authoritative answers from this zone,
+ ## instead of unbound itself sending queries there.
+ ## for-upstream: yes
+ for-upstream: yes
+ ## on failures with for-upstream, fallback to sending queries to
+ ## the authority servers
+ ## fallback-enabled: no
+
+ ## this line generates zonefile: \n"/tmp/xxx.example.com"\n
+ zonefile:
+TEMPFILE_NAME example.com
+ ## this is the inline file /tmp/xxx.example.com
+ ## the tempfiles are deleted when the testrun is over.
+TEMPFILE_CONTENTS example.com
+example.com. 3600 IN SOA ns.example.com. hostmaster.example.com. 1 3600 900 86400 3600
+example.com. 3600 IN NS ns.example.net.
+www.example.com. 3600 IN A 1.2.3.4
+mail.example.com. 3600 IN A 1.2.3.4
+mail.example.com. 3600 IN A 1.2.3.5
+mail.example.com. 3600 IN A 1.2.3.6
+mail.example.com. 3600 IN A 1.2.3.7
+zup.example.com. 3600 IN A 1.2.3.4
+yyy.example.com. 3600 IN A 1.2.3.4
+yyy.example.com. 3600 IN AAAA ::5
+r1.example.com. 3600 IN A 1.2.3.4
+r1.example.com. 3600 IN RRSIG A 8 3 10200 20170612005010 20170515005010 42393 nlnetlabs.nl. NhEDrHkuIgHkjWhDRVsGOIJWZpSs+QdduilWFe5d+/ZhOheLJbaTYD5w6+ZZ3yPh1tNud+jlg+GyiOSVapLEO31swDCIarL1UfRjRSpxxDCHGag5Zu+S4hF+KURxO3cJk8jLBELMQyRuMRHoKrw/wsiLGVu1YpAyAPPMcjFBNbk=
+r2.example.com. 3600 IN A 1.2.3.4
+r2.example.com. 3600 IN RRSIG A 8 3 10200 20170612005010 20170515005010 42393 nlnetlabs.nl. NhEDrHkuIgHkjWhDRVsGOIJWZpSs+QdduilWFe5d+/ZhOheLJbaTYD5w6+ZZ3yPh1tNud+jlg+GyiOSVapLEO31swDCIarL1UfRjRSpxxDCHGag5Zu+S4hF+KURxO3cJk8jLBELMQyRuMRHoKrw/wsiLGVu1YpAyAPPMcjFBNbk=
+r2.example.com. 3600 IN RRSIG AAAA 8 3 10200 20170612005010 20170515005010 42393 nlnetlabs.nl. NhEDrHkuIgHkjWhDRVsGOIJWZpSs+QdduilWFe5d+/ZhOheLJbaTYD5w6+ZZ3yPh1tNud+jlg+GyiOSVapLEO31swDCIarL1UfRjRSpxxDCHGag5Zu+S4hF+KURxO3cJk8jLBELMQyRuMRHoKrw/wsiLGVu1YpAyAPPMcjFBNbk=
+r3.example.com. 3600 IN A 1.2.3.4
+r3.example.com. 3600 IN RRSIG A 8 3 10200 20170612005010 20170515005010 42393 nlnetlabs.nl. NhEDrHkuIgHkjWhDRVsGOIJWZpSs+QdduilWFe5d+/ZhOheLJbaTYD5w6+ZZ3yPh1tNud+jlg+GyiOSVapLEO31swDCIarL1UfRjRSpxxDCHGag5Zu+S4hF+KURxO3cJk8jLBELMQyRuMRHoKrw/wsiLGVu1YpAyAPPMcjFBNbk=
+r3.example.com. 3600 IN RRSIG A 8 3 10200 20170612005010 20170515005010 12345 nlnetlabs.nl. NhEDrHkuIgHkjWhDRVsGOIJWZpSs+QdduilWFe5d+/ZhOheLJbaTYD5w6+ZZ3yPh1tNud+jlg+GyiOSVapLEO31swDCIarL1UfRjRSpxxDCHGag5Zu+S4hF+KURxO3cJk8jLBELMQyRuMRHoKrw/wsiLGVu1YpAyAPPMcjFBNbk=
+add.example.com. 3600 IN A 1.2.3.4
+TEMPFILE_END
+
+stub-zone:
+ name: "."
+ stub-addr: 193.0.14.129 # K.ROOT-SERVERS.NET.
+CONFIG_END
+
+SCENARIO_BEGIN Test authority zone with IXFR
+
+; K.ROOT-SERVERS.NET.
+RANGE_BEGIN 0 100
+ ADDRESS 193.0.14.129
+ENTRY_BEGIN
+MATCH opcode qtype qname
+ADJUST copy_id
+REPLY QR NOERROR
+SECTION QUESTION
+. IN NS
+SECTION ANSWER
+. IN NS K.ROOT-SERVERS.NET.
+SECTION ADDITIONAL
+K.ROOT-SERVERS.NET. IN A 193.0.14.129
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode subdomain
+ADJUST copy_id copy_query
+REPLY QR NOERROR
+SECTION QUESTION
+com. IN NS
+SECTION AUTHORITY
+com. IN NS a.gtld-servers.net.
+SECTION ADDITIONAL
+a.gtld-servers.net. IN A 192.5.6.30
+ENTRY_END
+RANGE_END
+
+; a.gtld-servers.net.
+RANGE_BEGIN 0 100
+ ADDRESS 192.5.6.30
+ENTRY_BEGIN
+MATCH opcode qtype qname
+ADJUST copy_id
+REPLY QR NOERROR
+SECTION QUESTION
+com. IN NS
+SECTION ANSWER
+com. IN NS a.gtld-servers.net.
+SECTION ADDITIONAL
+a.gtld-servers.net. IN A 192.5.6.30
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode subdomain
+ADJUST copy_id copy_query
+REPLY QR NOERROR
+SECTION QUESTION
+example.com. IN NS
+SECTION AUTHORITY
+example.com. IN NS ns.example.com.
+SECTION ADDITIONAL
+ns.example.com. IN A 1.2.3.44
+ENTRY_END
+RANGE_END
+
+; ns.example.net.
+RANGE_BEGIN 0 100
+ ADDRESS 1.2.3.44
+ENTRY_BEGIN
+MATCH opcode qtype qname
+ADJUST copy_id
+REPLY QR NOERROR
+SECTION QUESTION
+example.net. IN NS
+SECTION ANSWER
+example.net. IN NS ns.example.net.
+SECTION ADDITIONAL
+ns.example.net. IN A 1.2.3.44
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+ADJUST copy_id
+REPLY QR NOERROR
+SECTION QUESTION
+ns.example.net. IN A
+SECTION ANSWER
+ns.example.net. IN A 1.2.3.44
+SECTION AUTHORITY
+example.net. IN NS ns.example.net.
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+ADJUST copy_id
+REPLY QR NOERROR
+SECTION QUESTION
+ns.example.net. IN AAAA
+SECTION AUTHORITY
+example.net. IN NS ns.example.net.
+SECTION ADDITIONAL
+www.example.net. IN A 1.2.3.44
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+ADJUST copy_id
+REPLY QR NOERROR
+SECTION QUESTION
+example.com. IN NS
+SECTION ANSWER
+example.com. IN NS ns.example.net.
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+ADJUST copy_id
+REPLY QR NOERROR
+SECTION QUESTION
+www.example.com. IN A
+SECTION ANSWER
+www.example.com. IN A 10.20.30.40
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+ADJUST copy_id
+REPLY QR NOERROR
+SECTION QUESTION
+example.com. IN SOA
+SECTION ANSWER
+; serial, refresh, retry, expire, minimum
+example.com. 3600 IN SOA ns.example.com. hostmaster.example.com. 2 3600 900 86400 3600
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+ADJUST copy_id
+REPLY QR AA NOERROR
+SECTION QUESTION
+example.com. IN IXFR
+SECTION ANSWER
+example.com. IN SOA ns.example.com. hostmaster.example.com. 2 3600 900 86400 3600
+example.com. IN SOA ns.example.com. hostmaster.example.com. 1 3600 900 86400 3600
+www.example.com. IN A 1.2.3.4
+mail.example.com. 3600 IN A 1.2.3.6
+zup.example.com. 3600 IN A 1.2.3.4
+yyy.example.com. 3600 IN AAAA ::5
+r1.example.com. 3600 IN A 1.2.3.4
+r2.example.com. 3600 IN A 1.2.3.4
+r3.example.com. 3600 IN RRSIG A 8 3 10200 20170612005010 20170515005010 12345 nlnetlabs.nl. NhEDrHkuIgHkjWhDRVsGOIJWZpSs+QdduilWFe5d+/ZhOheLJbaTYD5w6+ZZ3yPh1tNud+jlg+GyiOSVapLEO31swDCIarL1UfRjRSpxxDCHGag5Zu+S4hF+KURxO3cJk8jLBELMQyRuMRHoKrw/wsiLGVu1YpAyAPPMcjFBNbk=
+example.com. IN SOA ns.example.com. hostmaster.example.com. 2 3600 900 86400 3600
+EXTRA_PACKET
+REPLY QR AA NOERROR
+SECTION QUESTION
+example.com. IN IXFR
+SECTION ANSWER
+www.example.com. IN A 1.2.3.5
+mail.example.com. 3600 IN A 1.2.3.8
+mail.example.com. IN AAAA ::5
+example.com. IN SOA ns.example.com. hostmaster.example.com. 2 3600 900 86400 3600
+ENTRY_END
+RANGE_END
+
+STEP 1 QUERY
+ENTRY_BEGIN
+REPLY RD
+SECTION QUESTION
+www.example.com. IN A
+ENTRY_END
+
+; recursion happens here.
+STEP 20 CHECK_ANSWER
+ENTRY_BEGIN
+MATCH all
+REPLY QR AA RD RA NOERROR
+SECTION QUESTION
+www.example.com. IN A
+SECTION ANSWER
+www.example.com. IN A 1.2.3.4
+ENTRY_END
+
+STEP 30 TIME_PASSES ELAPSE 3600
+STEP 40 TRAFFIC
+
+STEP 50 QUERY
+ENTRY_BEGIN
+REPLY RD
+SECTION QUESTION
+www.example.com. IN A
+ENTRY_END
+
+; recursion happens here.
+STEP 60 CHECK_ANSWER
+ENTRY_BEGIN
+MATCH all
+REPLY QR AA RD RA NOERROR
+SECTION QUESTION
+www.example.com. IN A
+SECTION ANSWER
+www.example.com. IN A 1.2.3.5
+ENTRY_END
+
+; the zonefile was updated with new contents
+STEP 70 CHECK_TEMPFILE example.com
+FILE_BEGIN
+example.com. 3600 IN SOA ns.example.com. hostmaster.example.com. 2 3600 900 86400 3600
+example.com. 3600 IN NS ns.example.net.
+add.example.com. 3600 IN A 1.2.3.4
+mail.example.com. 3600 IN A 1.2.3.4
+mail.example.com. 3600 IN A 1.2.3.5
+mail.example.com. 3600 IN A 1.2.3.7
+mail.example.com. 3600 IN A 1.2.3.8
+mail.example.com. 3600 IN AAAA ::5
+r1.example.com. 3600 IN RRSIG A 8 3 10200 20170612005010 20170515005010 42393 nlnetlabs.nl. NhEDrHkuIgHkjWhDRVsGOIJWZpSs+QdduilWFe5d+/ZhOheLJbaTYD5w6+ZZ3yPh1tNud+jlg+GyiOSVapLEO31swDCIarL1UfRjRSpxxDCHGag5Zu+S4hF+KURxO3cJk8jLBELMQyRuMRHoKrw/wsiLGVu1YpAyAPPMcjFBNbk=
+r2.example.com. 3600 IN RRSIG AAAA 8 3 10200 20170612005010 20170515005010 42393 nlnetlabs.nl. NhEDrHkuIgHkjWhDRVsGOIJWZpSs+QdduilWFe5d+/ZhOheLJbaTYD5w6+ZZ3yPh1tNud+jlg+GyiOSVapLEO31swDCIarL1UfRjRSpxxDCHGag5Zu+S4hF+KURxO3cJk8jLBELMQyRuMRHoKrw/wsiLGVu1YpAyAPPMcjFBNbk=
+r2.example.com. 3600 IN RRSIG A 8 3 10200 20170612005010 20170515005010 42393 nlnetlabs.nl. NhEDrHkuIgHkjWhDRVsGOIJWZpSs+QdduilWFe5d+/ZhOheLJbaTYD5w6+ZZ3yPh1tNud+jlg+GyiOSVapLEO31swDCIarL1UfRjRSpxxDCHGag5Zu+S4hF+KURxO3cJk8jLBELMQyRuMRHoKrw/wsiLGVu1YpAyAPPMcjFBNbk=
+r3.example.com. 3600 IN A 1.2.3.4
+r3.example.com. 3600 IN RRSIG A 8 3 10200 20170612005010 20170515005010 42393 nlnetlabs.nl. NhEDrHkuIgHkjWhDRVsGOIJWZpSs+QdduilWFe5d+/ZhOheLJbaTYD5w6+ZZ3yPh1tNud+jlg+GyiOSVapLEO31swDCIarL1UfRjRSpxxDCHGag5Zu+S4hF+KURxO3cJk8jLBELMQyRuMRHoKrw/wsiLGVu1YpAyAPPMcjFBNbk=
+www.example.com. 3600 IN A 1.2.3.5
+yyy.example.com. 3600 IN A 1.2.3.4
+FILE_END
+
+SCENARIO_END
projects / thirdparty / unbound.git / commitdiff
