From: Aram Sargsyan <aram@isc.org>
Date: Mon, 4 May 2026 22:27:56 +0000 (+0000)
Subject: Add a catz test with invalid allow-transfer property
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=d2a5ae89aeede0cf1a3b50de05a27412df1252e2;p=thirdparty%2Fbind9.git

Add a catz test with invalid allow-transfer property

Check that invalid/unexpected RRtypes coexisting with a valid APL
RRtype does not cause an assertion failure.

(cherry picked from commit a4f05a26ad923de94d9311b631122f6de18e7f5e)
---

diff --git a/bin/tests/system/catz/tests.sh b/bin/tests/system/catz/tests.sh
index fb1a700eeb3..a8ffba43c30 100644
--- a/bin/tests/system/catz/tests.sh
+++ b/bin/tests/system/catz/tests.sh
@@ -2781,6 +2781,56 @@ wait_for_soa @10.53.0.4 check-allow-query.example. dig.out.test$n || ret=1
 if [ $ret -ne 0 ]; then echo_i "failed"; fi
 status=$((status + ret))
 
+##########################################################################
+# GL #5941
+
+nextpart ns4/named.run >/dev/null
+
+n=$((n + 1))
+echo_i "Add a normal and a spurious allow-transfer RRs to catalog-misc zone using nsupdate ($n)"
+ret=0
+# It is important to include an RRtype with a numeric representation that is
+# less than APL. E.g., AFSDB is 18 which is less than APL's 42. Also including
+# the AMTRELAY RRtype (260) which is bigger than APL, just for completeness.
+$NSUPDATE -d <<END >>nsupdate.out.test$n 2>&1 || ret=1
+    server 10.53.0.1 ${PORT}
+    update add allow-transfer.ext.catalog-misc.example. 3600 IN AFSDB 0 hostname
+    update add allow-transfer.ext.catalog-misc.example. 3600 IN APL 1:10.53.0.0/24
+    update add allow-transfer.ext.catalog-misc.example. 3600 IN AMTRELAY 0 0 0 .
+    send
+END
+if [ $ret -ne 0 ]; then echo_i "failed"; fi
+status=$((status + ret))
+
+n=$((n + 1))
+echo_i "waiting for secondary to sync up ($n)"
+ret=0
+wait_for_message ns4/named.run "catz: catalog-misc.example: reload done: success" || ret=1
+if [ $ret -ne 0 ]; then echo_i "failed"; fi
+status=$((status + ret))
+
+nextpart ns4/named.run >/dev/null
+
+n=$((n + 1))
+echo_i "Deleting the allow-query RRs from catalog-misc zone ($n)"
+ret=0
+$NSUPDATE -d <<END >>nsupdate.out.test$n 2>&1 || ret=1
+    server 10.53.0.1 ${PORT}
+    update delete allow-transfer.ext.catalog-misc.example. 3600 IN AFSDB 0 hostname
+    update delete allow-transfer.ext.catalog-misc.example. 3600 IN APL 1:10.53.0.0/24
+    update delete allow-transfer.ext.catalog-misc.example. 3600 IN AMTRELAY 0 0 0 .
+    send
+END
+if [ $ret -ne 0 ]; then echo_i "failed"; fi
+status=$((status + ret))
+
+n=$((n + 1))
+echo_i "waiting for secondary to sync up ($n)"
+ret=0
+wait_for_message ns4/named.run "catz: catalog-misc.example: reload done: success" || ret=1
+if [ $ret -ne 0 ]; then echo_i "failed"; fi
+status=$((status + ret))
+
 ##########################################################################
 # GL #5658