From: Evan Hunt Date: Wed, 26 May 2021 21:10:50 +0000 (-0700) Subject: add a test of DNS64 processing with a stale negative response X-Git-Tag: v9.17.14~18^2~3 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=453e905d7ef166ceb61ca5636c6c2e9f74318ddc;p=thirdparty%2Fbind9.git add a test of DNS64 processing with a stale negative response - send a query for an AAAA which will be resolved as a mapped A - disable authoritative responses - wait for the negative AAAA response to become stale - send another query, wait for the stale answer - re-enable authorative responses so that a real answer arrives - currently, this triggers an assertion in query.c --- diff --git a/bin/tests/system/serve-stale/ans2/ans.pl b/bin/tests/system/serve-stale/ans2/ans.pl index 4bb9f896ffe..a046417e09c 100644 --- a/bin/tests/system/serve-stale/ans2/ans.pl +++ b/bin/tests/system/serve-stale/ans2/ans.pl @@ -117,6 +117,15 @@ sub reply_handler { push @auth, $rr; } $rcode = "NOERROR"; + } elsif ($qname eq "a-only.example") { + if ($qtype eq "A") { + my $rr = new Net::DNS::RR("a-only.example 2 IN A $localaddr"); + push @ans, $rr; + } else { + my $rr = new Net::DNS::RR($negSOA); + push @auth, $rr; + } + $rcode = "NOERROR"; } elsif ($qname eq "longttl.example") { if ($qtype eq "TXT") { my $rr = new Net::DNS::RR($LONGTXT); diff --git a/bin/tests/system/serve-stale/ns3/named.conf.in b/bin/tests/system/serve-stale/ns3/named1.conf.in similarity index 100% rename from bin/tests/system/serve-stale/ns3/named.conf.in rename to bin/tests/system/serve-stale/ns3/named1.conf.in diff --git a/bin/tests/system/serve-stale/ns3/named8.conf.in b/bin/tests/system/serve-stale/ns3/named8.conf.in new file mode 100644 index 00000000000..49802f7f07d --- /dev/null +++ b/bin/tests/system/serve-stale/ns3/named8.conf.in @@ -0,0 +1,43 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +key rndc_key { + secret "1234abcd8765"; + algorithm hmac-sha256; +}; + +controls { + inet 10.53.0.3 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; +}; + +options { + query-source address 10.53.0.3; + notify-source 10.53.0.3; + transfer-source 10.53.0.3; + port @PORT@; + pid-file "named.pid"; + listen-on { 10.53.0.3; }; + listen-on-v6 { none; }; + recursion yes; + stale-answer-enable yes; + stale-cache-enable yes; + stale-answer-client-timeout 1800; + dns64 2001:aaaa::/96 { + clients { any; }; + mapped { any; }; + }; +}; + +zone "." { + type secondary; + primaries { 10.53.0.1; }; + file "root.bk"; +}; diff --git a/bin/tests/system/serve-stale/setup.sh b/bin/tests/system/serve-stale/setup.sh index 6e58dc5808b..02fd1990ca6 100644 --- a/bin/tests/system/serve-stale/setup.sh +++ b/bin/tests/system/serve-stale/setup.sh @@ -14,6 +14,6 @@ $SHELL clean.sh copy_setports ns1/named1.conf.in ns1/named.conf -copy_setports ns3/named.conf.in ns3/named.conf +copy_setports ns3/named1.conf.in ns3/named.conf copy_setports ns4/named.conf.in ns4/named.conf copy_setports ns5/named.conf.in ns5/named.conf diff --git a/bin/tests/system/serve-stale/tests.sh b/bin/tests/system/serve-stale/tests.sh index b17d5363a48..66344c4d291 100755 --- a/bin/tests/system/serve-stale/tests.sh +++ b/bin/tests/system/serve-stale/tests.sh @@ -19,6 +19,7 @@ stale_answer_ttl=$(sed -ne 's,^[[:space:]]*stale-answer-ttl \([[:digit:]]*\).*,\ status=0 n=0 + # # First test server with serve-stale options set. # @@ -1646,6 +1647,8 @@ status=$((status+ret)) # Allow RRset to become stale. sleep 2 +nextpart ns3/named.run > /dev/null + echo_i "sending queries for tests $((n+1))-$((n+2))..." t1=`$PERL -e 'print time()'` $DIG -p ${PORT} +tries=1 +timeout=10 @10.53.0.3 data.example TXT > dig.out.test$((n+1)) & @@ -1658,9 +1661,8 @@ t2=`$PERL -e 'print time()'` # after stale-answer-client-timeout timer of 1.8 sec triggers. n=$((n+1)) echo_i "check stale data.example comes from cache (default stale-answer-client-timeout) ($n)" -nextpart ns3/named.run > /dev/null -wait_for_log 5 "data.example client timeout, stale answer used" ns3/named.run || ret=1 ret=0 +wait_for_log 5 "data.example client timeout, stale answer used" ns3/named.run || ret=1 grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 grep "data\.example\..*3.*IN.*TXT.*A text record with a 2 second ttl" dig.out.test$n > /dev/null || ret=1 @@ -1672,6 +1674,7 @@ status=$((status+ret)) n=$((n+1)) echo_i "check stale nodata.example comes from cache (default stale-answer-client-timeout) ($n)" +ret=0 grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 grep "ANSWER: 0," dig.out.test$n > /dev/null || ret=1 grep "example\..*3.*IN.*SOA" dig.out.test$n > /dev/null || ret=1 @@ -2198,5 +2201,32 @@ grep "status: SERVFAIL" dig.out.test$n > /dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status+ret)) +n=$((n+1)) +echo_i "check DNS64 processing of a stale negative answer ($n)" +# configure ns3 with dns64 +copy_setports ns3/named8.conf.in ns3/named.conf +rndc_reload ns3 10.53.0.3 +# flush cache, enable ans2 responses +$RNDCCMD 10.53.0.3 flush > rndc.out.test$n.1 2>&1 || ret=1 +$DIG -p ${PORT} @10.53.0.2 txt enable > /dev/null +# prime the cache with an AAAA NXRRSET response +$DIG -p ${PORT} @10.53.0.3 a-only.example AAAA > dig.out.1.test$n +grep "status: NOERROR" dig.out.1.test$n > /dev/null || ret=1 +grep "2001:aaaa" dig.out.1.test$n > /dev/null || ret=1 +# disable responses from the auth server +$DIG -p ${PORT} @10.53.0.2 txt disable > /dev/null +# wait two seconds for the previous answer to become stale +sleep 2 +# resend the query and wait in the background; we should get a stale answer +$DIG -p ${PORT} @10.53.0.3 a-only.example AAAA > dig.out.2.test$n & +# re-enable queries after a pause, so the server gets a real answer too +sleep 2 +$DIG -p ${PORT} @10.53.0.2 txt enable > /dev/null +wait +grep "status: NOERROR" dig.out.2.test$n > /dev/null || ret=1 +grep "2001:aaaa" dig.out.2.test$n > /dev/null || ret=1 +if [ $ret != 0 ]; then echo_i "failed"; fi +status=$((status+ret)) + echo_i "exit status: $status" [ $status -eq 0 ] || exit 1