From: Wouter Wijngaards Date: Thu, 22 Nov 2007 16:13:16 +0000 (+0000) Subject: test and fixes. X-Git-Tag: release-0.8~11 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=99590f93bdfac1030033311b2283f1231deb22dd;p=thirdparty%2Funbound.git test and fixes. git-svn-id: file:///svn/unbound/trunk@776 be551aaa-1e26-0410-a405-d3ace91eadb9 --- diff --git a/doc/Changelog b/doc/Changelog index bf00e0def..ccda8ed22 100644 --- a/doc/Changelog +++ b/doc/Changelog @@ -9,6 +9,10 @@ * empty-nonterminal answer. * But not: wildcard, nsec, referral, rrsig, cname/dname, or additional section processing, NS put in auth. + - test for correct working of static and transparent and couple + of important defaults (localhost, as112, reverses). + Also checks deny and refuse settings. + - fixup implicit zone generation and AA bit for NXDOMAIN on localdata. 21 November 2007: Wouter - local zone internal data setup. diff --git a/services/localzone.c b/services/localzone.c index 7aa3be331..270f48bca 100644 --- a/services/localzone.c +++ b/services/localzone.c @@ -710,6 +710,7 @@ lz_setup_implicit(struct local_zones* zones, struct config_file* cfg) have_name = 1; } else { int m; + free(rr_name); if(rr_class != dclass) { /* process other classes later */ have_other_classes = 1; @@ -721,8 +722,7 @@ lz_setup_implicit(struct local_zones* zones, struct config_file* cfg) if(m < match) match = m; } - } - free(rr_name); + } else free(rr_name); } if(have_name) { uint8_t* n2; @@ -917,7 +917,7 @@ local_encode(struct query_info* qinfo, struct edns_data* edns, ldns_buffer_read_u16_at(buf, 2), buf, 0, 0, temp, udpsize, edns, (int)(edns->bits&EDNS_DO), 0)) - error_encode(buf, LDNS_RCODE_SERVFAIL, qinfo, + error_encode(buf, (LDNS_RCODE_SERVFAIL|BIT_AA), qinfo, *(uint16_t*)ldns_buffer_begin(buf), ldns_buffer_read_u16_at(buf, 2), edns); return 1; @@ -979,9 +979,10 @@ lz_zone_answer(struct local_zone* z, struct query_info* qinfo, if(z->type == local_zone_deny) { /** no reply at all, signal caller by clearing buffer. */ ldns_buffer_clear(buf); + ldns_buffer_flip(buf); return 1; } else if(z->type == local_zone_refuse) { - error_encode(buf, LDNS_RCODE_REFUSED, qinfo, + error_encode(buf, (LDNS_RCODE_REFUSED|BIT_AA), qinfo, *(uint16_t*)ldns_buffer_begin(buf), ldns_buffer_read_u16_at(buf, 2), edns); return 1; @@ -998,7 +999,7 @@ lz_zone_answer(struct local_zone* z, struct query_info* qinfo, if(z->soa) return local_encode(qinfo, edns, buf, temp, z->soa, 0, rcode); - error_encode(buf, rcode, qinfo, + error_encode(buf, (rcode|BIT_AA), qinfo, *(uint16_t*)ldns_buffer_begin(buf), ldns_buffer_read_u16_at(buf, 2), edns); return 1; diff --git a/testdata/localdata.rpl b/testdata/localdata.rpl new file mode 100644 index 000000000..50f7f5707 --- /dev/null +++ b/testdata/localdata.rpl @@ -0,0 +1,274 @@ +; config options +server: + hide-identity: no + hide-version: no + identity: "test-identity" + version: "test-version" + + ; implicit transparent zone should not block id.server + local-data: "mydata.server. CH A 10.11.12.13" + + ; static zone + local-zone: "local" static + local-data: "local SOA nobody nobody 1 2 3 4 5" + local-data: "serv.local. A 20.30.40.50" + local-data: "bla.bla.local. A 20.30.40.51" + + ; static zone (no soa) + local-zone: "noso.local" static + local-data: "bla.bla.noso.local AAAA 2001::2" + + ; deny zone (no answer) + local-zone: "deny.top." deny + + ; refuse zone (error) + local-zone: "refuse.top." refuse + +CONFIG_END +SCENARIO_BEGIN Test local data queries + +; id.server. +STEP 1 QUERY +ENTRY_BEGIN +SECTION QUESTION +id.server. CH TXT +ENTRY_END +STEP 2 CHECK_ANSWER +ENTRY_BEGIN +MATCH all +REPLY QR RA +SECTION QUESTION +id.server. CH TXT +SECTION ANSWER +id.server. 0 CH TXT "test-identity" +ENTRY_END + +; mydata.server. +STEP 3 QUERY +ENTRY_BEGIN +SECTION QUESTION +mydata.server. CH A +ENTRY_END +STEP 4 CHECK_ANSWER +ENTRY_BEGIN +MATCH all +REPLY QR RA AA +SECTION QUESTION +mydata.server. CH A +SECTION ANSWER +mydata.server. 3600 CH A 10.11.12.13 +ENTRY_END + +; nodata with SOA +STEP 5 QUERY +ENTRY_BEGIN +SECTION QUESTION +local. IN A +ENTRY_END +STEP 6 CHECK_ANSWER +ENTRY_BEGIN +MATCH all +REPLY QR RA AA +SECTION QUESTION +local. IN A +SECTION AUTHORITY +local. 3600 IN SOA nobody nobody 1 2 3 4 5 +ENTRY_END + +; positive SOA +STEP 7 QUERY +ENTRY_BEGIN +SECTION QUESTION +local. IN SOA +ENTRY_END +STEP 8 CHECK_ANSWER +ENTRY_BEGIN +MATCH all +REPLY QR RA AA +SECTION QUESTION +local. IN SOA +SECTION ANSWER +local. 3600 IN SOA nobody nobody 1 2 3 4 5 +ENTRY_END + +; positive subdomain +STEP 9 QUERY +ENTRY_BEGIN +SECTION QUESTION +serv.local. IN A +ENTRY_END +STEP 10 CHECK_ANSWER +ENTRY_BEGIN +MATCH all +REPLY QR RA AA +SECTION QUESTION +serv.local. IN A +SECTION ANSWER +serv.local. IN A 20.30.40.50 +ENTRY_END + +; no such type +STEP 11 QUERY +ENTRY_BEGIN +SECTION QUESTION +serv.local. IN MX +ENTRY_END +STEP 12 CHECK_ANSWER +ENTRY_BEGIN +MATCH all +REPLY QR RA AA +SECTION QUESTION +serv.local. IN MX +SECTION AUTHORITY +local. 3600 IN SOA nobody nobody 1 2 3 4 5 +ENTRY_END + +; no such type, empty nonterminal +STEP 13 QUERY +ENTRY_BEGIN +SECTION QUESTION +bla.local. IN MX +ENTRY_END +STEP 14 CHECK_ANSWER +ENTRY_BEGIN +MATCH all +REPLY QR RA AA +SECTION QUESTION +bla.local. IN MX +SECTION AUTHORITY +local. 3600 IN SOA nobody nobody 1 2 3 4 5 +ENTRY_END + +; nxdomain with SOA +STEP 15 QUERY +ENTRY_BEGIN +SECTION QUESTION +doing.local. IN MX +ENTRY_END +STEP 16 CHECK_ANSWER +ENTRY_BEGIN +MATCH all +REPLY QR RA AA NXDOMAIN +SECTION QUESTION +doing.local. IN MX +SECTION AUTHORITY +local. 3600 IN SOA nobody nobody 1 2 3 4 5 +ENTRY_END + +; nxdomain without SOA +STEP 17 QUERY +ENTRY_BEGIN +SECTION QUESTION +doing.noso.local. IN MX +ENTRY_END +STEP 18 CHECK_ANSWER +ENTRY_BEGIN +MATCH all +REPLY QR RA AA NXDOMAIN +SECTION QUESTION +doing.noso.local. IN MX +ENTRY_END + +; localhost A default +STEP 30 QUERY +ENTRY_BEGIN +SECTION QUESTION +localhost. IN A +ENTRY_END +STEP 31 CHECK_ANSWER +ENTRY_BEGIN +MATCH all +REPLY QR RA AA +SECTION QUESTION +localhost. IN A +SECTION ANSWER +localhost. 10800 IN A 127.0.0.1 +ENTRY_END + +; localhost AAAA default +STEP 32 QUERY +ENTRY_BEGIN +SECTION QUESTION +localhost. IN AAAA +ENTRY_END +STEP 33 CHECK_ANSWER +ENTRY_BEGIN +MATCH all +REPLY QR RA AA +SECTION QUESTION +localhost. IN AAAA +SECTION ANSWER +localhost. 10800 IN AAAA ::1 +ENTRY_END + +; localhost A reverse default +STEP 34 QUERY +ENTRY_BEGIN +SECTION QUESTION +1.0.0.127.in-addr.arpa. IN PTR +ENTRY_END +STEP 35 CHECK_ANSWER +ENTRY_BEGIN +MATCH all +REPLY QR RA AA +SECTION QUESTION +1.0.0.127.in-addr.arpa. IN PTR +SECTION ANSWER +1.0.0.127.in-addr.arpa. 10800 IN PTR localhost. +ENTRY_END + +; localhost AAAA reverse default +STEP 36 QUERY +ENTRY_BEGIN +SECTION QUESTION +1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa. IN PTR +ENTRY_END +STEP 37 CHECK_ANSWER +ENTRY_BEGIN +MATCH all +REPLY QR RA AA +SECTION QUESTION +1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa. IN PTR +SECTION ANSWER +1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa. 10800 IN PTR localhost. +ENTRY_END + +; blocked AS112 reverse default +STEP 38 QUERY +ENTRY_BEGIN +SECTION QUESTION +1.0.0.10.in-addr.arpa. IN PTR +ENTRY_END +STEP 39 CHECK_ANSWER +ENTRY_BEGIN +MATCH all +REPLY QR RA AA NXDOMAIN +SECTION QUESTION +1.0.0.10.in-addr.arpa. IN PTR +SECTION AUTHORITY +10.in-addr.arpa. 10800 IN SOA localhost. nobody.invalid. 1 3600 1200 604800 10800 +ENTRY_END + +; refuse zone +STEP 40 QUERY +ENTRY_BEGIN +SECTION QUESTION +www.refuse.top. IN A +ENTRY_END +STEP 41 CHECK_ANSWER +ENTRY_BEGIN +MATCH all +REPLY QR RA AA REFUSED +SECTION QUESTION +www.refuse.top. IN A +ENTRY_END + +; deny zone +STEP 42 QUERY +ENTRY_BEGIN +SECTION QUESTION +www.deny.top. IN A +ENTRY_END +; no answer is checked at exit of testbound. + +SCENARIO_END