From: Colin Vidal Date: Thu, 4 Dec 2025 15:44:42 +0000 (+0100) Subject: add tests for EDE 13 support X-Git-Tag: v9.21.17~59^2 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=0b9da992a5699788e0612cbbc48cc7ff1607f01a;p=thirdparty%2Fbind9.git add tests for EDE 13 support Add system test covering EDE 13 being added in the response in case of SERVFAIL cache hits. --- diff --git a/bin/tests/system/sfcache/ns5/named.conf.in b/bin/tests/system/sfcache/ns5/named.conf.j2 similarity index 91% rename from bin/tests/system/sfcache/ns5/named.conf.in rename to bin/tests/system/sfcache/ns5/named.conf.j2 index 36bfb96759d..6d19f16ed46 100644 --- a/bin/tests/system/sfcache/ns5/named.conf.in +++ b/bin/tests/system/sfcache/ns5/named.conf.j2 @@ -13,6 +13,8 @@ // NS5 +{% set servfail_ttl = servfail_ttl | default(30) %} + options { query-source address 10.53.0.5; notify-source 10.53.0.5; @@ -23,7 +25,7 @@ options { listen-on-v6 { none; }; recursion yes; dnssec-validation yes; - servfail-ttl 30; + servfail-ttl @servfail_ttl@; }; key rndc_key { diff --git a/bin/tests/system/sfcache/setup.sh b/bin/tests/system/sfcache/setup.sh index a51b814b943..0ff78b71c32 100644 --- a/bin/tests/system/sfcache/setup.sh +++ b/bin/tests/system/sfcache/setup.sh @@ -18,7 +18,6 @@ set -e copy_setports ns1/named.conf.in ns1/named.conf copy_setports ns2/named.conf.in ns2/named.conf -copy_setports ns5/named.conf.in ns5/named.conf cd ns1 && $SHELL sign.sh && cd .. cd ns5 && $SHELL sign.sh && cd .. diff --git a/bin/tests/system/sfcache/tests_sfcache.py b/bin/tests/system/sfcache/tests_sfcache.py new file mode 100644 index 00000000000..4802fbafa96 --- /dev/null +++ b/bin/tests/system/sfcache/tests_sfcache.py @@ -0,0 +1,48 @@ +# Copyright (C) Internet Systems Consortium, Inc. ("ISC") +# +# SPDX-License-Identifier: MPL-2.0 +# +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, you can obtain one at https://mozilla.org/MPL/2.0/. +# +# See the COPYRIGHT file distributed with this work for additional +# information regarding copyright ownership. + +import time + +import isctest +from isctest.compat import EDECode + + +def check_sfcache_ede(ns, ede): + msg = isctest.query.create("foo.example.", "A") + res = isctest.query.udp(msg, ns.ip) + isctest.check.servfail(res) + if ede: + isctest.check.ede(res, EDECode.CACHED_ERROR) + else: + isctest.check.noede(res) + + +def test_sfcache_ede(ns5, templates): + # Reconfigure the server so servfail-ttl is 1 second + templates.render("ns5/named.conf", {"servfail_ttl": 1}) + with ns5.watch_log_from_here() as watcher: + ns5.rndc("reload") + watcher.wait_for_line("running") + + # First query do not have a cached SERVFAIL, no EDE + check_sfcache_ede(ns5, False) + + # Immediates next queries are cached SERVFAIL, EDE present + check_sfcache_ede(ns5, True) + check_sfcache_ede(ns5, True) + + # Wait enough time so we know he cached SERVFAIL is removed + time.sleep(2) + + # And again, first query is not cached, subsequent ones are. + check_sfcache_ede(ns5, False) + check_sfcache_ede(ns5, True) + check_sfcache_ede(ns5, True)