Add server christmas tree test

This sets as many server options as possible at once to detect
cut-and-paste bugs when implementing new server options in peer.c.
Most of the accessor functions are similar and it is easy to miss
updating a macro name or structure element name when adding new
accessor functions.

checkconf/setup.sh is there to minimise the difference to branches
with optional server options where the list is updated at runtime.

diff --git a/bin/tests/system/checkconf/clean.sh b/bin/tests/system/checkconf/clean.sh
index aed6231e46c24044be88e2185d9e64a1ec611b0f..b8ed80b08e1e664d69b58bfe00c709ae72917049 100644 (file)
--- a/bin/tests/system/checkconf/clean.sh
+++ b/bin/tests/system/checkconf/clean.sh
@@ -15,3 +15,4 @@ rm -rf test.keydir
 rm -f checkconf.out*
 rm -f diff.out*
 rm -f ns*/named.lock
+rm -f good-server-christmas-tree.conf

diff --git a/bin/tests/system/checkconf/good-server-christmas-tree.conf.in b/bin/tests/system/checkconf/good-server-christmas-tree.conf.in
new file mode 100644 (file)
index 0000000..467f750
--- /dev/null
+++ b/bin/tests/system/checkconf/good-server-christmas-tree.conf.in
@@ -0,0 +1,50 @@
+key example {
+       algorithm hmac-sha256;
+       secret "aaaaaaaaaaaaaaaaaaaaaaaa";
+};
+
+server 0.0.0.0 {
+       bogus no;
+       broken-nsec no;
+       edns no;
+       edns-udp-size 512;
+       edns-version 0;
+       keys example;
+       max-udp-size 512;
+       notify-source 0.0.0.0;
+       padding 512;
+       provide-ixfr no;
+       query-source 0.0.0.0;
+       request-expire no;
+       request-ixfr no;
+       request-nsid no;
+       send-cookie no;
+       tcp-keepalive no;
+       tcp-only no;
+       transfer-format one-answer;
+       transfer-source 0.0.0.0;
+       transfers 1;
+};
+
+server :: {
+       bogus no;
+       broken-nsec no;
+       edns no;
+       edns-udp-size 512;
+       edns-version 0;
+       keys example;
+       max-udp-size 512;
+       notify-source-v6 ::;
+       padding 512;
+       provide-ixfr no;
+       query-source-v6 ::;
+       request-expire no;
+       request-ixfr no;
+       request-nsid no;
+       send-cookie no;
+       tcp-keepalive no;
+       tcp-only no;
+       transfer-format one-answer;
+       transfer-source-v6 ::;
+       transfers 1;
+};

diff --git a/bin/tests/system/checkconf/setup.sh b/bin/tests/system/checkconf/setup.sh
new file mode 100644 (file)
index 0000000..a424eef
--- /dev/null
+++ b/bin/tests/system/checkconf/setup.sh
@@ -0,0 +1,10 @@
+# Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, you can obtain one at https://mozilla.org/MPL/2.0/.
+#
+# See the COPYRIGHT file distributed with this work for additional
+# information regarding copyright ownership.
+
+cp -f good-server-christmas-tree.conf.in good-server-christmas-tree.conf

diff --git a/lib/bind9/check.c b/lib/bind9/check.c
index 715d9fd9dfb61846f1c1a1027d18785861e639f9..3ff5803096cc61061c857da70f440db3d6deb099 100644 (file)
--- a/lib/bind9/check.c
+++ b/lib/bind9/check.c
@@ -47,6 +47,7 @@
 #include <dns/fixedname.h>
 #include <dns/kasp.h>
 #include <dns/keyvalues.h>
+#include <dns/peer.h>
 #include <dns/rbt.h>
 #include <dns/rdataclass.h>
 #include <dns/rdatatype.h>
@@ -4093,9 +4094,25 @@ static struct {
                { "query-source", "query-source-v6" },
                { NULL, NULL } };
 
+static struct {
+       const char *name;
+       isc_result_t (*set)(dns_peer_t *peer, bool newval);
+} bools[] = {
+       { "bogus", dns_peer_setbogus },
+       { "broken-nsec", dns_peer_setbrokennsec },
+       { "edns", dns_peer_setsupportedns },
+       { "provide-ixfr", dns_peer_setprovideixfr },
+       { "request-expire", dns_peer_setrequestexpire },
+       { "request-ixfr", dns_peer_setrequestixfr },
+       { "request-nsid", dns_peer_setrequestnsid },
+       { "send-cookie", dns_peer_setsendcookie },
+       { "tcp-keepalive", dns_peer_settcpkeepalive },
+       { "tcp-only", dns_peer_setforcetcp },
+};
+
 static isc_result_t
 check_servers(const cfg_obj_t *config, const cfg_obj_t *voptions,
-             isc_symtab_t *symtab, isc_log_t *logctx) {
+             isc_symtab_t *symtab, isc_mem_t *mctx, isc_log_t *logctx) {
        dns_fixedname_t fname;
        isc_result_t result = ISC_R_SUCCESS;
        isc_result_t tresult;
@@ -4125,6 +4142,8 @@ check_servers(const cfg_obj_t *config, const cfg_obj_t *voptions,
        }
 
        for (e1 = cfg_list_first(servers); e1 != NULL; e1 = cfg_list_next(e1)) {
+               dns_peer_t *peer = NULL;
+               size_t i;
                v1 = cfg_listelt_value(e1);
                cfg_obj_asnetprefix(cfg_map_getname(v1), &n1, &p1);
                /*
@@ -4232,6 +4251,24 @@ check_servers(const cfg_obj_t *config, const cfg_obj_t *voptions,
                                result = ISC_R_FAILURE;
                        }
                }
+               (void)dns_peer_newprefix(mctx, &n1, p1, &peer);
+               for (i = 0; i < ARRAY_SIZE(bools); i++) {
+                       const cfg_obj_t *opt = NULL;
+                       cfg_map_get(v1, bools[i].name, &opt);
+                       if (opt != NULL) {
+                               tresult = (bools[i].set)(
+                                       peer, cfg_obj_asboolean(opt));
+                               if (tresult != ISC_R_SUCCESS) {
+                                       cfg_obj_log(opt, logctx, ISC_LOG_ERROR,
+                                                   "setting server option "
+                                                   "'%s' failed: %s",
+                                                   bools[i].name,
+                                                   isc_result_totext(tresult));
+                                       result = ISC_R_FAILURE;
+                               }
+                       }
+               }
+               dns_peer_detach(&peer);
        }
        return (result);
 }
@@ -5225,7 +5262,8 @@ check_viewconf(const cfg_obj_t *config, const cfg_obj_t *voptions,
        /*
         * Global servers can refer to keys in views.
         */
-       if (check_servers(config, voptions, symtab, logctx) != ISC_R_SUCCESS) {
+       if (check_servers(config, voptions, symtab, mctx, logctx) !=
+           ISC_R_SUCCESS) {
                result = ISC_R_FAILURE;
        }
 

diff --git a/lib/isccfg/namedconf.c b/lib/isccfg/namedconf.c
index 2641802e11b74c61fd6fe202e56f52bc88f0e6ee..ee0f3091f3b61151012a9f7bd123fff655f28f73 100644 (file)
--- a/lib/isccfg/namedconf.c
+++ b/lib/isccfg/namedconf.c
@@ -2507,6 +2507,10 @@ static cfg_type_t cfg_type_key = { "key",          cfg_parse_named_map,
 
 /*%
  * Clauses that can be found in a 'server' statement.
+ *
+ * Please update lib/bind9/check.c and
+ * bin/tests/system/checkconf/good-server-christmas-tree.conf.in to
+ * exercise the new clause when adding new clauses.
  */
 static cfg_clausedef_t server_clauses[] = {
        { "bogus", &cfg_type_boolean, 0 },

diff --git a/util/copyrights b/util/copyrights
index 408c3d0c14f68c3fac839e2f86e94d41f8441770..d3bfda3433445c0bdf2d7d841324a545d85aa20d 100644 (file)
--- a/util/copyrights
+++ b/util/copyrights
@@ -179,6 +179,7 @@
 ./bin/tests/system/checkconf/dnssec.1          X       2011,2016,2018,2019,2020,2021
 ./bin/tests/system/checkconf/dnssec.2          X       2011,2016,2018,2019,2020,2021
 ./bin/tests/system/checkconf/good.zonelist     X       2016,2017,2018,2019,2020,2021
+./bin/tests/system/checkconf/setup.sh          SH      2021
 ./bin/tests/system/checkconf/tests.sh          SH      2005,2007,2010,2011,2012,2013,2014,2015,2016,2017,2018,2019,2020,2021
 ./bin/tests/system/checkds/README              TXT.BRIEF       2021
 ./bin/tests/system/checkds/clean.sh            SH      2021