From: Mark Andrews <marka@isc.org>
Date: Mon, 17 Jun 2024 01:38:19 +0000 (+1000)
Subject: Check that received ZONEVERSION is logged
X-Git-Tag: v9.21.7~34^2~4
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=480122f98895e1717b570666b65aa06dc1792d74;p=thirdparty%2Fbind9.git

Check that received ZONEVERSION is logged
---

diff --git a/bin/tests/system/resolver/ans2/ans.pl b/bin/tests/system/resolver/ans2/ans.pl
index 079a7d98794..8ec4b0a59b1 100644
--- a/bin/tests/system/resolver/ans2/ans.pl
+++ b/bin/tests/system/resolver/ans2/ans.pl
@@ -20,6 +20,8 @@ use IO::Socket;
 use Net::DNS;
 use Net::DNS::Packet;
 
+print "Using Net::DNS $Net::DNS::VERSION\n";
+
 my $localport = int($ENV{'PORT'});
 if (!$localport) { $localport = 5300; }
 
@@ -170,6 +172,15 @@ for (;;) {
 			$packet->push("authority",
 				      new Net::DNS::RR($qname . " 300 SOA . . 0 0 0 0 0"));
 		}
+	} elsif ($qname eq "zoneversion") {
+		$packet->push("authority", new Net::DNS::RR(". 300 SOA . . 0 0 0 0 0"));
+		if ($Net::DNS::VERSION >= 1.49) {
+			$packet->edns->option('ZONEVERSION' => [0, 1, '01022304'] )
+		} elsif ($Net::DNS::VERSION >= 1.35) {
+			$packet->edns->option('19' => {'BASE16' => '000101022304'} )
+		} else {
+			$packet->edns->option('19' => pack 'H*', '000101022304')
+		}
 	} else {
 		# Data for the "bogus referrals" test
 		$packet->push("authority", new Net::DNS::RR("below.www.example.com 300 NS ns.below.www.example.com"));
diff --git a/bin/tests/system/resolver/ns1/named.conf.in b/bin/tests/system/resolver/ns1/named.conf.in
index 23356889cc7..cb0cb13d173 100644
--- a/bin/tests/system/resolver/ns1/named.conf.in
+++ b/bin/tests/system/resolver/ns1/named.conf.in
@@ -31,6 +31,7 @@ options {
 	resolver-query-timeout 5000; # 5 seconds
 	attach-cache "globalcache";
 	max-recursion-queries 100;
+	request-zoneversion yes;
 };
 
 trust-anchors { };
diff --git a/bin/tests/system/resolver/ns5/named.conf.in b/bin/tests/system/resolver/ns5/named.conf.in
index 32c5fa71113..21c5fe87357 100644
--- a/bin/tests/system/resolver/ns5/named.conf.in
+++ b/bin/tests/system/resolver/ns5/named.conf.in
@@ -26,6 +26,15 @@ options {
 	querylog yes;
 	prefetch 4 10;
 	responselog yes;
+	request-nsid yes;
+	request-zoneversion yes;
+};
+
+// Don't break tests which depend on ans10 by requesting
+// zoneversion or nsid
+server 10.53.0.10 {
+	request-nsid no;
+	request-zoneversion no;
 };
 
 include "trusted.conf";
diff --git a/bin/tests/system/resolver/tests.sh b/bin/tests/system/resolver/tests.sh
index 01de8e7d7fd..894f7c52668 100755
--- a/bin/tests/system/resolver/tests.sh
+++ b/bin/tests/system/resolver/tests.sh
@@ -901,6 +901,23 @@ test ${lines:-1} -ne 0 && ret=1
 if [ $ret != 0 ]; then echo_i "failed"; fi
 status=$((status + ret))
 
+n=$((n + 1))
+echo_i "check that received ZONEVERSION is logged ($n)"
+ret=0
+pat="received ZONEVERSION serial 2010 from 10.53.0.4#[0-9]* for mixedttl.tld/TXT zone tld"
+grep "$pat" ns5/named.run >/dev/null || ret=1
+if [ $ret != 0 ]; then echo_i "failed"; fi
+status=$((status + ret))
+
+n=$((n + 1))
+echo_i "check that received ZONEVERSION is logged non serial ($n)"
+ret=0
+dig_with_opts +tcp @10.53.0.1 zoneversion >dig.out.${n} || ret=1
+pat='received ZONEVERSION type 1 value 01022304 (\.\.#\.) from 10.53.0.2#[0-9]* for zoneversion/A zone \.'
+grep "$pat" ns1/named.run >/dev/null || ret=1
+if [ $ret != 0 ]; then echo_i "failed"; fi
+status=$((status + ret))
+
 n=$((n + 1))
 echo_i "check resolver behavior when FORMERR for EDNS options happens (${n})"
 ret=0