From: Aram Sargsyan Date: Thu, 7 May 2026 11:44:44 +0000 (+0000) Subject: Add a new check in "inline" system test X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=37f265f59aabefec9d2b4721be083bad466e04c8;p=thirdparty%2Fbind9.git Add a new check in "inline" system test This new check floods the server with DNS UPDATE messages for an 'inline-signing yes; sig-signing-signatures 1;' zone to see if it manages to process the updates correctly. --- diff --git a/bin/tests/system/inline/ns3/named.conf.j2 b/bin/tests/system/inline/ns3/named.conf.j2 index 55e20481177..fd28e9da0b9 100644 --- a/bin/tests/system/inline/ns3/named.conf.j2 +++ b/bin/tests/system/inline/ns3/named.conf.j2 @@ -57,6 +57,15 @@ zone "bits" { sig-signing-signatures 1; // force incremental processing }; +zone "incremental-updates" { + type primary; + file "incremental-updates.db"; + inline-signing yes; + dnssec-policy inline; + sig-signing-signatures 1; // force incremental processing + allow-update { any; }; +}; + server 10.53.0.4 { request-ixfr no; }; zone "noixfr" { diff --git a/bin/tests/system/inline/setup.sh b/bin/tests/system/inline/setup.sh index c1b38e86063..50d2a07347b 100644 --- a/bin/tests/system/inline/setup.sh +++ b/bin/tests/system/inline/setup.sh @@ -31,6 +31,7 @@ cp ns3/primary.db.in ns3/nsec3.db cp ns3/primary.db.in ns3/externalkey.db cp ns3/primary.db.in ns3/delayedkeys.db cp ns3/primary.db.in ns3/removedkeys-primary.db +cp ns3/primary.db.in ns3/incremental-updates.db cp ns3/include.db.in ns3/include.db mkdir ns3/removedkeys diff --git a/bin/tests/system/inline/tests_inline_incremental_updates.py b/bin/tests/system/inline/tests_inline_incremental_updates.py new file mode 100644 index 00000000000..fdc3c18d634 --- /dev/null +++ b/bin/tests/system/inline/tests_inline_incremental_updates.py @@ -0,0 +1,65 @@ +# Copyright (C) Internet Systems Consortium, Inc. ("ISC") +# +# SPDX-License-Identifier: MPL-2.0 +# +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, you can obtain one at https://mozilla.org/MPL/2.0/. +# +# See the COPYRIGHT file distributed with this work for additional +# information regarding copyright ownership. + +import random +import threading + +import dns.update +import pytest + +pytestmark = pytest.mark.extra_artifacts( + [ + "K*", + "*.out*", + "*/*.out*", + "ns*/K*", + "ns*/dsset-*", + "ns*/*.bk", + "ns*/*.db", + "ns*/*.jbk", + "ns*/*.jnl", + "ns*/*.nzd", + "ns*/*.signed", + "ns*/trusted.conf", + "ns3/delayedkeys.conf", + "ns3/removedkeys", + ] +) + + +def worker(server, count) -> None: + zone = "incremental-updates" + for i in range(count): + try: + sub = random.randrange(1000000) + update_msg = dns.update.UpdateMessage(zone) + update_msg.add(f"a-{sub}-{i}.{zone}.", 300, "A", "10.0.0.1") + server.nsupdate(update_msg) + except Exception: # pylint: disable=broad-exception-caught + break + + +def test_inline_incremental_updates(ns3): + """ + Flood the server with updates to check how 'receive secure serial' + is coping with quick incremental updates. + """ + threads_n = 10 + updates_n = 10 + threads = [ + threading.Thread(target=worker, args=(ns3, updates_n), daemon=True) + for _ in range(threads_n) + ] + + for thread in threads: + thread.start() + for thread in threads: + thread.join()