Add system test for dual-stack-servers with possible DNAME response

Create a zone that triggers DNAME owner name checks in a zone that
is only reachable using a dual stack server.  The answer contains
a name that is higher in the tree than the query name.

e.g.
	foo.v4only.net.	CNAME	v4only.net.
	v4only.net.	A	10.0.0.1

ns4 is serving the test zone (ipv4-only)
ns6 is the root server for this test (dual stacked)
ns7 is acting as the dual stack server (dual stacked)
ns9 is the server under test (ipv6-only)

diff --git a/bin/tests/system/resolver/ns4/named.conf.in b/bin/tests/system/resolver/ns4/named.conf.in
index 2fe6fbbf7d838b6deea736f57505a0617e7bb3cb..6a44110b04ef9a7d00993575533c08bd365f5b29 100644 (file)
--- a/bin/tests/system/resolver/ns4/named.conf.in
+++ b/bin/tests/system/resolver/ns4/named.conf.in
@@ -57,6 +57,11 @@ zone "sourcens" {
     file "sourcens.db";
 };
 
+zone "v4only.net" {
+       type primary;
+       file "v4only.net.db";
+};
+
 key rndc_key {
        secret "1234abcd8765";
        algorithm @DEFAULT_HMAC@;

diff --git a/bin/tests/system/resolver/ns4/v4only.net.db b/bin/tests/system/resolver/ns4/v4only.net.db
new file mode 100644 (file)
index 0000000..b097f3a
--- /dev/null
+++ b/bin/tests/system/resolver/ns4/v4only.net.db
@@ -0,0 +1,22 @@
+; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+;
+; SPDX-License-Identifier: MPL-2.0
+;
+; This Source Code Form is subject to the terms of the Mozilla Public
+; License, v. 2.0.  If a copy of the MPL was not distributed with this
+; file, you can obtain one at https://mozilla.org/MPL/2.0/.
+;
+; See the COPYRIGHT file distributed with this work for additional
+; information regarding copyright ownership.
+
+$TTL 300
+@                      IN SOA  marka.isc.org. ns.server. (
+                               2010    ; serial
+                               600             ; refresh
+                               600             ; retry
+                               1200            ; expire
+                               600             ; minimum
+                               )
+@                      NS      v4.nameserver.
+                       A       10.0.0.1
+*                      CNAME   @

diff --git a/bin/tests/system/resolver/ns6/named.conf.in b/bin/tests/system/resolver/ns6/named.conf.in
index a069e00a49b2fffc0cc1990625c14588f755a04d..2ebcdd7c91a87da89882f17bf2e3817db9396889 100644 (file)
--- a/bin/tests/system/resolver/ns6/named.conf.in
+++ b/bin/tests/system/resolver/ns6/named.conf.in
@@ -20,7 +20,7 @@ options {
        port @PORT@;
        pid-file "named.pid";
        listen-on { 10.53.0.6; };
-       listen-on-v6 { none; };
+       listen-on-v6 { fd92:7065:b8e:ffff::6; };
        recursion no;
        dnssec-validation no;
        querylog yes;

diff --git a/bin/tests/system/resolver/ns6/root.db b/bin/tests/system/resolver/ns6/root.db
index 55e9ba86f33a74409f2d8e4ba5395ce5e780327e..096381c3ce9ed8590afc3afbb3e1318d8cd70da6 100644 (file)
--- a/bin/tests/system/resolver/ns6/root.db
+++ b/bin/tests/system/resolver/ns6/root.db
@@ -19,6 +19,7 @@ $TTL 300
                                )
 .                      NS      a.root-servers.nil.
 a.root-servers.nil.    A       10.53.0.6
+a.root-servers.nil.    AAAA    fd92:7065:b8e:ffff::6
 moves.                 NS      ns.server.
 server.                        NS      ns7.server.
 ns7.server.            A       10.53.0.7
@@ -31,3 +32,5 @@ no-edns-version.tld.  NS      ns.no-edns-version.tld.
 ns.no-edns-version.tld.        A       10.53.0.6
 edns-version.tld.      NS      ns.edns-version.tld.
 ns.edns-version.tld.   A       10.53.0.7
+v4only.net.            NS      v4.nameserver.
+v4.nameserver.         A       10.53.0.4

diff --git a/bin/tests/system/resolver/ns7/named1.conf.in b/bin/tests/system/resolver/ns7/named1.conf.in
index 2d6cc842ab64c857b695eb7f459912155b468415..5bb8c803bf9d9038bc5dd98f8dfd33e4400238d5 100644 (file)
--- a/bin/tests/system/resolver/ns7/named1.conf.in
+++ b/bin/tests/system/resolver/ns7/named1.conf.in
@@ -20,7 +20,7 @@ options {
        port @PORT@;
        pid-file "named.pid";
        listen-on { 10.53.0.7; };
-       listen-on-v6 { none; };
+       listen-on-v6 { fd92:7065:b8e:ffff::7; };
        recursion yes;
        dnssec-validation yes;
        empty-zones-enable yes;

diff --git a/bin/tests/system/resolver/ns7/named2.conf.in b/bin/tests/system/resolver/ns7/named2.conf.in
index 2d6cc842ab64c857b695eb7f459912155b468415..5bb8c803bf9d9038bc5dd98f8dfd33e4400238d5 100644 (file)
--- a/bin/tests/system/resolver/ns7/named2.conf.in
+++ b/bin/tests/system/resolver/ns7/named2.conf.in
@@ -20,7 +20,7 @@ options {
        port @PORT@;
        pid-file "named.pid";
        listen-on { 10.53.0.7; };
-       listen-on-v6 { none; };
+       listen-on-v6 { fd92:7065:b8e:ffff::7; };
        recursion yes;
        dnssec-validation yes;
        empty-zones-enable yes;

diff --git a/bin/tests/system/resolver/ns9/named.args b/bin/tests/system/resolver/ns9/named.args
new file mode 100644 (file)
index 0000000..0c66bc0
--- /dev/null
+++ b/bin/tests/system/resolver/ns9/named.args
@@ -0,0 +1,2 @@
+# this server is IPv6 only
+-6 -m record -c named.conf -d 99 -D resolver-ns9 -X named.lock -g -T maxcachesize=2097152

diff --git a/bin/tests/system/resolver/ns9/named.conf.in b/bin/tests/system/resolver/ns9/named.conf.in
new file mode 100644 (file)
index 0000000..3be31db
--- /dev/null
+++ b/bin/tests/system/resolver/ns9/named.conf.in
@@ -0,0 +1,39 @@
+/*
+ * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+ *
+ * SPDX-License-Identifier: MPL-2.0
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0.  If a copy of the MPL was not distributed with this
+ * file, you can obtain one at https://mozilla.org/MPL/2.0/.
+ *
+ * See the COPYRIGHT file distributed with this work for additional
+ * information regarding copyright ownership.
+ */
+
+// NS9
+
+options {
+       port @PORT@;
+       pid-file "named.pid";
+       listen-on { none; };
+       listen-on-v6 { fd92:7065:b8e:ffff::9; };
+       recursion yes;
+       dnssec-validation yes;
+       dual-stack-servers { fd92:7065:b8e:ffff::7; };
+       qname-minimization off;
+};
+
+key rndc_key {
+       secret "1234abcd8765";
+       algorithm @DEFAULT_HMAC@;
+};
+
+controls {
+       inet fd92:7065:b8e:ffff::9 port @CONTROLPORT@ allow { any; } keys { rndc_key; };
+};
+
+zone "." {
+       type hint;
+       file "root.hint";
+};

diff --git a/bin/tests/system/resolver/ns9/named.ipv6-only b/bin/tests/system/resolver/ns9/named.ipv6-only
new file mode 100644 (file)
index 0000000..e69de29

diff --git a/bin/tests/system/resolver/ns9/root.hint b/bin/tests/system/resolver/ns9/root.hint
new file mode 100644 (file)
index 0000000..f74fbf1
--- /dev/null
+++ b/bin/tests/system/resolver/ns9/root.hint
@@ -0,0 +1,15 @@
+; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+;
+; SPDX-License-Identifier: MPL-2.0
+;
+; This Source Code Form is subject to the terms of the Mozilla Public
+; License, v. 2.0.  If a copy of the MPL was not distributed with this
+; file, you can obtain one at https://mozilla.org/MPL/2.0/.
+;
+; See the COPYRIGHT file distributed with this work for additional
+; information regarding copyright ownership.
+
+$TTL 999999
+.                       IN NS   a.root-servers.nil.
+a.root-servers.nil.     IN A    10.53.0.6
+a.root-servers.nil.     IN AAAA fd92:7065:b8e:ffff::6;

diff --git a/bin/tests/system/resolver/setup.sh b/bin/tests/system/resolver/setup.sh
index ecc43490b0516b94bbfba7ff39ca846bf9a1a5ea..eeda13bcd0270b5618c35dd022ab8a53764612e1 100644 (file)
--- a/bin/tests/system/resolver/setup.sh
+++ b/bin/tests/system/resolver/setup.sh
@@ -23,5 +23,6 @@ copy_setports ns4/named.conf.in ns4/named.conf
 copy_setports ns5/named.conf.in ns5/named.conf
 copy_setports ns6/named.conf.in ns6/named.conf
 copy_setports ns7/named1.conf.in ns7/named.conf
+copy_setports ns9/named.conf.in ns9/named.conf
 
 (cd ns6 && $SHELL keygen.sh)

diff --git a/bin/tests/system/resolver/tests.sh b/bin/tests/system/resolver/tests.sh
index 78fa92c617b263e703e45b226e69c9905c3298c9..8c0a50949738659d67b65118612912240fc44187 100755 (executable)
--- a/bin/tests/system/resolver/tests.sh
+++ b/bin/tests/system/resolver/tests.sh
@@ -847,5 +847,18 @@ grep "IN.*TXT.*baz" dig.out.ns1.test${n} > /dev/null || ret=1
 if [ $ret != 0 ]; then echo_i "failed"; fi
 status=$((status + ret))
 
+n=$((n+1))
+echo_i "check that correct namespace is chosen for dual-stack-servers ($n)"
+ret=0
+#
+# The two priming queries are needed until we fix dual-stack-servers fully
+#
+dig_with_opts @fd92:7065:b8e:ffff::9 v4.nameserver A > dig.out.prime1.${n} || ret=1
+dig_with_opts @fd92:7065:b8e:ffff::9 v4.nameserver AAAA > dig.out.prime2.${n} || ret=1
+dig_with_opts @fd92:7065:b8e:ffff::9 foo.v4only.net A > dig.out.ns9.${n} || ret=1
+grep "status: NOERROR" dig.out.ns9.${n} > /dev/null || ret=1
+if [ $ret != 0 ]; then echo_i "failed"; fi
+status=$((status + ret))
+
 echo_i "exit status: $status"
 [ $status -eq 0 ] || exit 1