Check notify with bad notify source address and tsig

named was asserting when the notify source address was not available
and TSIG was being used.  Check this scenario by adding a nameserver
to the zone which is configured to uses a non-existent source address
and a blackholed destination address and a TSIG using a server clause
for that destination address.

diff --git a/bin/tests/system/notify/ns2/named.conf.j2 b/bin/tests/system/notify/ns2/named.conf.j2
index 6ef327398d9bc3d6eef1934459c3b45645095527..3fe8caa390726666e9c2cde3f7f4427cab830529 100644 (file)
--- a/bin/tests/system/notify/ns2/named.conf.j2
+++ b/bin/tests/system/notify/ns2/named.conf.j2
@@ -97,3 +97,19 @@ zone x18 { type primary; file "generic.db"; also-notify { 10.53.0.3; }; };
 zone x19 { type primary; file "generic.db"; also-notify { 10.53.0.3; }; };
 zone x20 { type primary; file "generic.db"; also-notify { 10.53.0.3; }; };
 zone x21 { type primary; file "x21.db"; allow-update { any; }; also-notify { x21; }; };
+
+key 10.53.0.53 {
+       algorithm hmac-sha256;
+       secret "aaaabbbbccccddddeeeeffffgggghhhhiiii";
+};
+
+server 10.53.0.53 {
+       notify-source 198.51.100.0; // non existant / not configured
+       keys 10.53.0.53;
+};
+
+zone "change-ns" {
+       type primary;
+       file "change-ns.db";
+       allow-update { any; };
+};

diff --git a/bin/tests/system/notify/setup.sh b/bin/tests/system/notify/setup.sh
index 5948652d130a8850727043b0cba8e8744e94f141..4c8c104be1612d46c2fc30d588e0c8a84881eeb1 100644 (file)
--- a/bin/tests/system/notify/setup.sh
+++ b/bin/tests/system/notify/setup.sh
@@ -15,3 +15,4 @@
 
 cp -f ns2/example1.db ns2/example.db
 cp -f ns2/generic.db ns2/x21.db
+cp -f ns2/generic.db ns2/change-ns.db

diff --git a/bin/tests/system/notify/tests.sh b/bin/tests/system/notify/tests.sh
index 3beb52ae9af61514d48c7c0baa158643ce3d2d29..668573bdce41f3886fe23353f58ee5429137e3d6 100644 (file)
--- a/bin/tests/system/notify/tests.sh
+++ b/bin/tests/system/notify/tests.sh
@@ -237,5 +237,18 @@ nextpartreset ns3/named.run
 wait_for_log 30 'retries exceeded' ns3/named.run || ret=1
 test_end
 
+test_start "checking notify with bad notify source address and tsig"
+$NSUPDATE <<EOF
+server 10.53.0.2 ${PORT}
+zone change-ns
+update add change-ns 0 NS ns53.change-ns
+update add ns53.change-ns 0 A 10.53.0.53
+send
+EOF
+wait_for_log 10 "zone change-ns/IN: sending notify(SOA) to 10.53.0.53#${PORT} : TSIG (10.53.0.53)" ns2/named.run
+dig_plus_opts ns change-ns @10.53.0.2 >dig.out.test$n || ret=1
+grep "ns2.change-ns." dig.out.test$n >/dev/null || ret=1
+test_end
+
 echo_i "exit status: $status"
 [ $status -eq 0 ] || exit 1

diff --git a/bin/tests/system/notify/tests_sh_notify.py b/bin/tests/system/notify/tests_sh_notify.py
index 74c626b76b95f7cf8909fc937926399562c66eff..f4a425533bbfda9bec8c4db960e30fce4d670586 100644 (file)
--- a/bin/tests/system/notify/tests_sh_notify.py
+++ b/bin/tests/system/notify/tests_sh_notify.py
@@ -15,6 +15,8 @@ pytestmark = pytest.mark.extra_artifacts(
     [
         "awk.out.*",
         "dig.out.*",
+        "ns2/change-ns.db",
+        "ns2/change-ns.db.jnl",
         "ns2/example.db",
         "ns2/named-tls.conf",
         "ns2/x21.db*",