From: Nicki Křížek Date: Fri, 5 Dec 2025 16:03:51 +0000 (+0100) Subject: Use jinja2 templates in forward test X-Git-Tag: v9.21.17~46^2~16 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=8e525f2154bc1534d6e075742bc6a81cede05cb4;p=thirdparty%2Fbind9.git Use jinja2 templates in forward test - Merge options-tls.conf into named.conf in ns2 and ns4 and render it conditionally. Also conditionally include the additional named-tls.conf which is always rendered. - Use multiple templates for ns3 and ns9 and replace the copy_setports. - In ns3/named2.conf, use "root2.db" directly rather than replacing it with "sed" later. --- diff --git a/bin/tests/system/forward/ns1/named.conf.in b/bin/tests/system/forward/ns1/named.conf.j2 similarity index 100% rename from bin/tests/system/forward/ns1/named.conf.in rename to bin/tests/system/forward/ns1/named.conf.j2 diff --git a/bin/tests/system/forward/ns10/named.conf.in b/bin/tests/system/forward/ns10/named.conf.j2 similarity index 100% rename from bin/tests/system/forward/ns10/named.conf.in rename to bin/tests/system/forward/ns10/named.conf.j2 diff --git a/bin/tests/system/forward/ns2/named-tls.conf.in b/bin/tests/system/forward/ns2/named-tls.conf.j2 similarity index 100% rename from bin/tests/system/forward/ns2/named-tls.conf.in rename to bin/tests/system/forward/ns2/named-tls.conf.j2 diff --git a/bin/tests/system/forward/ns2/named.conf.in b/bin/tests/system/forward/ns2/named.conf.j2 similarity index 80% rename from bin/tests/system/forward/ns2/named.conf.in rename to bin/tests/system/forward/ns2/named.conf.j2 index 02da868fb2c..b42a34f1590 100644 --- a/bin/tests/system/forward/ns2/named.conf.in +++ b/bin/tests/system/forward/ns2/named.conf.j2 @@ -11,7 +11,9 @@ * information regarding copyright ownership. */ +{% if FEATURE_FIPS_DH == "1" %} include "named-tls.conf"; +{% endif %} options { query-source address 10.53.0.2; @@ -23,10 +25,18 @@ options { port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.2; }; - include "options-tls.conf"; listen-on-v6 { fd92:7065:b8e:ffff::2; }; recursion no; dnssec-validation no; + +{% if FEATURE_FIPS_DH == "1" %} + tls-port @TLSPORT@; + listen-on tls ephemeral { 10.53.0.2; }; + listen-on port @EXTRAPORT1@ tls tls-forward-secrecy { 10.53.0.2; }; + listen-on port @EXTRAPORT2@ tls tls-forward-secrecy-mutual-tls { 10.53.0.2; }; + listen-on port @EXTRAPORT3@ tls tls-expired { 10.53.0.2; }; +{% endif %} + }; zone "." { diff --git a/bin/tests/system/forward/ns2/options-tls.conf.in b/bin/tests/system/forward/ns2/options-tls.conf.in deleted file mode 100644 index fab1fa706dd..00000000000 --- a/bin/tests/system/forward/ns2/options-tls.conf.in +++ /dev/null @@ -1,18 +0,0 @@ -/* - * Copyright (C) Internet Systems Consortium, Inc. ("ISC") - * - * SPDX-License-Identifier: MPL-2.0 - * - * This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, you can obtain one at https://mozilla.org/MPL/2.0/. - * - * See the COPYRIGHT file distributed with this work for additional - * information regarding copyright ownership. - */ - - tls-port @TLSPORT@; - listen-on tls ephemeral { 10.53.0.2; }; - listen-on port @EXTRAPORT1@ tls tls-forward-secrecy { 10.53.0.2; }; - listen-on port @EXTRAPORT2@ tls tls-forward-secrecy-mutual-tls { 10.53.0.2; }; - listen-on port @EXTRAPORT3@ tls tls-expired { 10.53.0.2; }; diff --git a/bin/tests/system/forward/ns3/named1.conf.in b/bin/tests/system/forward/ns3/named.conf.j2 similarity index 100% rename from bin/tests/system/forward/ns3/named1.conf.in rename to bin/tests/system/forward/ns3/named.conf.j2 diff --git a/bin/tests/system/forward/ns3/named2.conf.in b/bin/tests/system/forward/ns3/named2.conf.j2 similarity index 98% rename from bin/tests/system/forward/ns3/named2.conf.in rename to bin/tests/system/forward/ns3/named2.conf.j2 index 986a60e02d2..4d032689cac 100644 --- a/bin/tests/system/forward/ns3/named2.conf.in +++ b/bin/tests/system/forward/ns3/named2.conf.j2 @@ -39,5 +39,5 @@ controls { zone "." { type hint; - file "root.db"; + file "root2.db"; }; diff --git a/bin/tests/system/forward/ns4/named-tls.conf.in b/bin/tests/system/forward/ns4/named-tls.conf.j2 similarity index 100% rename from bin/tests/system/forward/ns4/named-tls.conf.in rename to bin/tests/system/forward/ns4/named-tls.conf.j2 diff --git a/bin/tests/system/forward/ns4/named.conf.in b/bin/tests/system/forward/ns4/named.conf.j2 similarity index 91% rename from bin/tests/system/forward/ns4/named.conf.in rename to bin/tests/system/forward/ns4/named.conf.j2 index cd7c5000d9a..5a12eef685c 100644 --- a/bin/tests/system/forward/ns4/named.conf.in +++ b/bin/tests/system/forward/ns4/named.conf.j2 @@ -11,22 +11,27 @@ * information regarding copyright ownership. */ +{% if FEATURE_FIPS_DH == "1" %} include "named-tls.conf"; +{% endif %} options { query-source address 10.53.0.4; notify-source 10.53.0.4; transfer-source 10.53.0.4; port @PORT@; - include "options-tls.conf"; pid-file "named.pid"; listen-on { 10.53.0.4; }; listen-on-v6 { none; }; recursion yes; dnssec-validation no; minimal-responses yes; -}; +{% if FEATURE_FIPS_DH == "1" %} + tls-port @TLSPORT@; +{% endif %} + +}; statistics-channels { inet 10.53.0.4 port @EXTRAPORT1@ allow { localhost; }; }; diff --git a/bin/tests/system/forward/ns4/options-tls.conf.in b/bin/tests/system/forward/ns4/options-tls.conf.in deleted file mode 100644 index fe3491e6c8e..00000000000 --- a/bin/tests/system/forward/ns4/options-tls.conf.in +++ /dev/null @@ -1,14 +0,0 @@ -/* - * Copyright (C) Internet Systems Consortium, Inc. ("ISC") - * - * SPDX-License-Identifier: MPL-2.0 - * - * This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, you can obtain one at https://mozilla.org/MPL/2.0/. - * - * See the COPYRIGHT file distributed with this work for additional - * information regarding copyright ownership. - */ - - tls-port @TLSPORT@; diff --git a/bin/tests/system/forward/ns5/named.conf.in b/bin/tests/system/forward/ns5/named.conf.j2 similarity index 100% rename from bin/tests/system/forward/ns5/named.conf.in rename to bin/tests/system/forward/ns5/named.conf.j2 diff --git a/bin/tests/system/forward/ns7/named.conf.in b/bin/tests/system/forward/ns7/named.conf.j2 similarity index 100% rename from bin/tests/system/forward/ns7/named.conf.in rename to bin/tests/system/forward/ns7/named.conf.j2 diff --git a/bin/tests/system/forward/ns8/named.conf.in b/bin/tests/system/forward/ns8/named.conf.j2 similarity index 100% rename from bin/tests/system/forward/ns8/named.conf.in rename to bin/tests/system/forward/ns8/named.conf.j2 diff --git a/bin/tests/system/forward/ns9/named1.conf.in b/bin/tests/system/forward/ns9/named.conf.j2 similarity index 100% rename from bin/tests/system/forward/ns9/named1.conf.in rename to bin/tests/system/forward/ns9/named.conf.j2 diff --git a/bin/tests/system/forward/ns9/named2.conf.in b/bin/tests/system/forward/ns9/named2.conf.j2 similarity index 100% rename from bin/tests/system/forward/ns9/named2.conf.in rename to bin/tests/system/forward/ns9/named2.conf.j2 diff --git a/bin/tests/system/forward/ns9/named3.conf.in b/bin/tests/system/forward/ns9/named3.conf.j2 similarity index 100% rename from bin/tests/system/forward/ns9/named3.conf.in rename to bin/tests/system/forward/ns9/named3.conf.j2 diff --git a/bin/tests/system/forward/ns9/named4.conf.in b/bin/tests/system/forward/ns9/named4.conf.j2 similarity index 100% rename from bin/tests/system/forward/ns9/named4.conf.in rename to bin/tests/system/forward/ns9/named4.conf.j2 diff --git a/bin/tests/system/forward/setup.sh b/bin/tests/system/forward/setup.sh index 4251008b400..73e9c004858 100644 --- a/bin/tests/system/forward/setup.sh +++ b/bin/tests/system/forward/setup.sh @@ -13,36 +13,6 @@ . ../conf.sh -copy_setports ns1/named.conf.in ns1/named.conf - -if $FEATURETEST --have-fips-dh; then - copy_setports ns2/named-tls.conf.in ns2/named-tls.conf - copy_setports ns2/options-tls.conf.in ns2/options-tls.conf - copy_setports ns2/named.conf.in ns2/named.conf -else - cp /dev/null ns2/named-tls.conf - cp /dev/null ns2/options-tls.conf - copy_setports ns2/named.conf.in ns2/named.conf -fi - -copy_setports ns3/named1.conf.in ns3/named.conf - -if $FEATURETEST --have-fips-dh; then - copy_setports ns4/named-tls.conf.in ns4/named-tls.conf - copy_setports ns4/options-tls.conf.in ns4/options-tls.conf - copy_setports ns4/named.conf.in ns4/named.conf -else - cp /dev/null ns4/named-tls.conf - cp /dev/null ns4/options-tls.conf - copy_setports ns4/named.conf.in ns4/named.conf -fi - -copy_setports ns5/named.conf.in ns5/named.conf -copy_setports ns7/named.conf.in ns7/named.conf -copy_setports ns8/named.conf.in ns8/named.conf -copy_setports ns9/named1.conf.in ns9/named.conf -copy_setports ns10/named.conf.in ns10/named.conf - ( cd ns1 $SHELL sign.sh diff --git a/bin/tests/system/forward/tests.sh b/bin/tests/system/forward/tests.sh index 0e4fd5ac62b..024e21c3c7c 100644 --- a/bin/tests/system/forward/tests.sh +++ b/bin/tests/system/forward/tests.sh @@ -317,7 +317,7 @@ status=$((status + ret)) n=$((n + 1)) echo_i "checking switch from forwarding to normal resolution while chasing DS ($n)" ret=0 -copy_setports ns3/named2.conf.in ns3/named.conf +cp ns3/named2.conf ns3/named.conf rndccmd 10.53.0.3 reconfig 2>&1 | sed 's/^/ns3 /' | cat_i sleep 1 nextpart ns3/named.run >/dev/null @@ -332,9 +332,7 @@ sendcmd 10.53.0.11 send-responses "disable" n=$((n + 1)) echo_i "checking the handling of hung DS fetch while chasing DS ($n)" ret=0 -copy_setports ns3/named2.conf.in ns3/tmp -sed 's/root.db/root2.db/' ns3/tmp >ns3/named.conf -rm -f ns3/tmp +cp ns3/named2.conf ns3/named.conf rndccmd 10.53.0.3 reconfig 2>&1 | sed 's/^/ns3 /' | cat_i rndccmd 10.53.0.3 flush 2>&1 | sed 's/^/ns3 /' | cat_i sleep 1 @@ -401,7 +399,7 @@ run_spooftests() { echo_i "checking spoofed response scenarios with forward first zones" run_spooftests -copy_setports ns9/named2.conf.in ns9/named.conf +cp ns9/named2.conf ns9/named.conf rndccmd 10.53.0.9 reconfig 2>&1 | sed 's/^/ns3 /' | cat_i rndccmd 10.53.0.9 flush 2>&1 | sed 's/^/ns3 /' | cat_i sleep 1 @@ -414,7 +412,7 @@ run_spooftests # similar to the ones above, but not identical. # echo_i "rechecking spoofed response scenarios with 'forward only' set globally" -copy_setports ns9/named3.conf.in ns9/named.conf +cp ns9/named3.conf ns9/named.conf rndccmd 10.53.0.9 reconfig 2>&1 | sed 's/^/ns3 /' | cat_i rndccmd 10.53.0.9 flush 2>&1 | sed 's/^/ns3 /' | cat_i sleep 1 @@ -451,7 +449,7 @@ status=$((status + ret)) # the namespace is defined by the zone content. # echo_i "rechecking spoofed response scenarios glue below local zone" -copy_setports ns9/named4.conf.in ns9/named.conf +cp ns9/named4.conf ns9/named.conf rndccmd 10.53.0.9 reconfig 2>&1 | sed 's/^/ns3 /' | cat_i rndccmd 10.53.0.9 flush 2>&1 | sed 's/^/ns3 /' | cat_i sleep 1 diff --git a/bin/tests/system/forward/tests_sh_forward.py b/bin/tests/system/forward/tests_sh_forward.py index 4ffec3fbd7d..458928b0bc8 100644 --- a/bin/tests/system/forward/tests_sh_forward.py +++ b/bin/tests/system/forward/tests_sh_forward.py @@ -25,10 +25,8 @@ pytestmark = pytest.mark.extra_artifacts( "ns1/root.db", "ns1/root.db.signed", "ns2/named-tls.conf", - "ns2/options-tls.conf", "ns3/trusted.conf", "ns4/named-tls.conf", - "ns4/options-tls.conf", "ns9/named_dump.db", ] )