Check responselog behaviour

Extends the resolver system test to to check whether responses are
logged to the query log in addition to the queries.

diff --git a/bin/tests/system/resolver/ns5/named.conf.in b/bin/tests/system/resolver/ns5/named.conf.in
index dc1704fd28e4bc30b9d168a68ad66242684b5c39..32c5fa71113b71512e9032bb67054b154eee3757 100644 (file)
--- a/bin/tests/system/resolver/ns5/named.conf.in
+++ b/bin/tests/system/resolver/ns5/named.conf.in
@@ -25,6 +25,7 @@ options {
        dnssec-validation yes;
        querylog yes;
        prefetch 4 10;
+       responselog yes;
 };
 
 include "trusted.conf";
@@ -48,6 +49,8 @@ zone "child.server" {
        file "child.server.db";
 };
 
+include "trusted.conf";
+
 key rndc_key {
         secret "1234abcd8765";
         algorithm @DEFAULT_HMAC@;

diff --git a/bin/tests/system/resolver/ns6/named.conf.in b/bin/tests/system/resolver/ns6/named.conf.in
index c6ec72abc417c3cc62c0433e5ffa0fb6cdd4ad01..34552af1b7d10a5c377cead037f214f5de53cf28 100644 (file)
--- a/bin/tests/system/resolver/ns6/named.conf.in
+++ b/bin/tests/system/resolver/ns6/named.conf.in
@@ -26,6 +26,7 @@ options {
        querylog yes;
        statistics-file "named.stats";
        max-udp-size 4096;
+       responselog no;
 };
 
 zone "." {

diff --git a/bin/tests/system/resolver/tests.sh b/bin/tests/system/resolver/tests.sh
index d718362e01f22a4e2090a520db42af1236dd34da..222b76838e2a3576a1974e7454ff90b46e2be216 100755 (executable)
--- a/bin/tests/system/resolver/tests.sh
+++ b/bin/tests/system/resolver/tests.sh
@@ -885,5 +885,104 @@ grep "status: SERVFAIL" dig.out.${n} >/dev/null || ret=1
 if [ $ret != 0 ]; then echo_i "failed"; fi
 status=$((status + ret))
 
+n=$((n + 1))
+echo_i "check that response codes have been logged with 'responselog yes;' ($n)"
+ret=0
+grep "responselog yes;" ns5/named.conf >/dev/null || ret=1
+grep "response: version.bind CH TXT NOERROR" ns5/named.run >/dev/null || ret=1
+if [ $ret != 0 ]; then echo_i "failed"; fi
+status=$((status + ret))
+
+n=$((n + 1))
+echo_i "check that 'rndc responselog off' disables logging 'responselog yes;' ($n)"
+ret=0
+rndccmd 10.53.0.5 responselog off || ret=1
+dig_with_opts @10.53.0.5 should.not.be.logged >dig.ns5.out.${n} || ret=1
+grep "response: should.not.be.logged" ns5/named.run >/dev/null && ret=1
+if [ $ret != 0 ]; then echo_i "failed"; fi
+status=$((status + ret))
+
+n=$((n + 1))
+echo_i "check that 'rndc responselog on' enables logging 'responselog yes;' ($n)"
+ret=0
+grep "response: should.be.logged" ns5/named.run >/dev/null && ret=1
+rndccmd 10.53.0.5 responselog on || ret=1
+dig_with_opts @10.53.0.5 should.be.logged >dig.ns5.out.${n} || ret=1
+grep "response: should.be.logged" ns5/named.run >/dev/null || ret=1
+if [ $ret != 0 ]; then echo_i "failed"; fi
+status=$((status + ret))
+
+n=$((n + 1))
+echo_i "check that response codes have not been logged with default 'responselog' ($n)"
+ret=0
+grep "responselog" ns1/named.conf >/dev/null && ret=1
+grep "response: version.bind CH TXT NOERROR" ns1/named.run >/dev/null && ret=1
+if [ $ret != 0 ]; then echo_i "failed"; fi
+status=$((status + ret))
+
+n=$((n + 1))
+echo_i "check that 'rndc responselog on' enables logging with default 'responselog' ($n)"
+ret=0
+grep "response: should.be.logged" ns1/named.run >/dev/null && ret=1
+rndccmd 10.53.0.1 responselog on || ret=1
+dig_with_opts @10.53.0.1 should.be.logged >dig.ns1.out.${n} || ret=1
+grep "response: should.be.logged" ns1/named.run >/dev/null || ret=1
+if [ $ret != 0 ]; then echo_i "failed"; fi
+status=$((status + ret))
+
+n=$((n + 1))
+echo_i "check that 'rndc responselog off' disables logging with default 'responselog' ($n)"
+ret=0
+rndccmd 10.53.0.1 responselog off || ret=1
+dig_with_opts @10.53.0.1 should.not.be.logged >dig.ns1.out.${n} || ret=1
+grep "response: should.not.be.logged" ns1/named.run >/dev/null && ret=1
+if [ $ret != 0 ]; then echo_i "failed"; fi
+status=$((status + ret))
+
+n=$((n + 1))
+echo_i "check that response codes have not been logged with 'responselog no;' ($n)"
+ret=0
+grep "responselog no;" ns6/named.conf >/dev/null || ret=1
+grep "response: version.bind CH TXT NOERROR" ns6/named.run >/dev/null && ret=1
+if [ $ret != 0 ]; then echo_i "failed"; fi
+status=$((status + ret))
+
+n=$((n + 1))
+echo_i "check that 'rndc responselog on' enables logging with default 'responselog no;' ($n)"
+ret=0
+grep "response: should.be.logged" ns6/named.run >/dev/null && ret=1
+rndccmd 10.53.0.6 responselog on || ret=1
+dig_with_opts @10.53.0.6 should.be.logged >dig.ns6.out.${n} || ret=1
+grep "response: should.be.logged" ns6/named.run >/dev/null || ret=1
+if [ $ret != 0 ]; then echo_i "failed"; fi
+status=$((status + ret))
+
+n=$((n + 1))
+echo_i "check that 'rndc responselog' toggles logging off with default 'responselog no;' ($n)"
+ret=0
+rndccmd 10.53.0.6 responselog || ret=1
+dig_with_opts @10.53.0.6 toggled.should.not.be.logged >dig.ns6.out.${n} || ret=1
+grep "response: toggled.should.not.be.logged" ns6/named.run >/dev/null && ret=1
+if [ $ret != 0 ]; then echo_i "failed"; fi
+status=$((status + ret))
+
+n=$((n + 1))
+echo_i "check that 'rndc responselog' toggles logging on with default 'responselog no;' ($n)"
+ret=0
+rndccmd 10.53.0.6 responselog || ret=1
+dig_with_opts @10.53.0.6 toggled.should.be.logged >dig.ns6.out.${n} || ret=1
+grep "response: toggled.should.be.logged" ns6/named.run >/dev/null || ret=1
+if [ $ret != 0 ]; then echo_i "failed"; fi
+status=$((status + ret))
+
+n=$((n + 1))
+echo_i "check that 'rndc responselog off' disables logging with default 'responselog no;' ($n)"
+ret=0
+rndccmd 10.53.0.6 responselog off || ret=1
+dig_with_opts @10.53.0.6 should.not.be.logged >dig.ns6.out.${n} || ret=1
+grep "response: should.not.be.logged" ns6/named.run >/dev/null && ret=1
+if [ $ret != 0 ]; then echo_i "failed"; fi
+status=$((status + ret))
+
 echo_i "exit status: $status"
 [ $status -eq 0 ] || exit 1