From: Mark Andrews Date: Thu, 29 Feb 2024 06:14:43 +0000 (+1100) Subject: Check static-stub synthesised NS is not returned X-Git-Tag: v9.19.23~38^2~1 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=229bf863e25ebce0d652c1ed2af1fdbd662cf21b;p=thirdparty%2Fbind9.git Check static-stub synthesised NS is not returned --- diff --git a/bin/tests/system/staticstub/ns1/root.db b/bin/tests/system/staticstub/ns1/root.db index 26bc0394c88..46fe59f375b 100644 --- a/bin/tests/system/staticstub/ns1/root.db +++ b/bin/tests/system/staticstub/ns1/root.db @@ -17,3 +17,6 @@ a.root-servers.nil. A 10.53.0.1 example.com. NS example. ns.example.net. A 10.53.0.3 + +unsigned. NS ns.unsigned. +ns.unsigned. A 10.53.0.3 diff --git a/bin/tests/system/staticstub/ns2/named.conf.in b/bin/tests/system/staticstub/ns2/named.conf.in index a73407174f2..7ffe39f6b09 100644 --- a/bin/tests/system/staticstub/ns2/named.conf.in +++ b/bin/tests/system/staticstub/ns2/named.conf.in @@ -33,6 +33,7 @@ options { recursion yes; dnssec-validation yes; notify no; + minimal-responses no; }; zone "." { @@ -60,3 +61,8 @@ zone "undelegated" { type static-stub; server-addresses { 10.53.0.3; }; }; + +zone "unsigned" { + type static-stub; + server-addresses { 10.53.0.3; }; +}; diff --git a/bin/tests/system/staticstub/ns3/named.conf.in b/bin/tests/system/staticstub/ns3/named.conf.in index e6e49c37089..d6ff10c97a0 100644 --- a/bin/tests/system/staticstub/ns3/named.conf.in +++ b/bin/tests/system/staticstub/ns3/named.conf.in @@ -44,3 +44,8 @@ zone "undelegated" { type primary; file "undelegated.db.signed"; }; + +zone "unsigned" { + type primary; + file "unsigned.db"; +}; diff --git a/bin/tests/system/staticstub/ns3/unsigned.db b/bin/tests/system/staticstub/ns3/unsigned.db new file mode 100644 index 00000000000..1983b57d2d7 --- /dev/null +++ b/bin/tests/system/staticstub/ns3/unsigned.db @@ -0,0 +1,24 @@ +; Copyright (C) Internet Systems Consortium, Inc. ("ISC") +; +; SPDX-License-Identifier: MPL-2.0 +; +; This Source Code Form is subject to the terms of the Mozilla Public +; License, v. 2.0. If a copy of the MPL was not distributed with this +; file, you can obtain one at https://mozilla.org/MPL/2.0/. +; +; See the COPYRIGHT file distributed with this work for additional +; information regarding copyright ownership. + +$ORIGIN . +$TTL 300 ; 5 minutes +unsigned IN SOA ns.unsigned. hostmaster.unsigned. ( + 2010080906 ; serial + 20 ; refresh (20 seconds) + 20 ; retry (20 seconds) + 1814400 ; expire (3 weeks) + 3600 ; minimum (1 hour) + ) +unsigned. 5 NS ns.unsigned. +ns.unsigned. A 10.53.0.3 + +data.unsigned. 20 TXT "example org data" diff --git a/bin/tests/system/staticstub/tests.sh b/bin/tests/system/staticstub/tests.sh index 22d4658bbbe..4e68551ddc8 100755 --- a/bin/tests/system/staticstub/tests.sh +++ b/bin/tests/system/staticstub/tests.sh @@ -211,5 +211,25 @@ grep "status: NOERROR" dig.out.ns2.soa.test$n >/dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) +n=$((n + 1)) +echo_i "checking static-stub synthesised NS is not returned ($n)" +ret=0 +$DIG $DIGOPTS unsigned. @10.53.0.2 ns >dig.out.ns2.ns.test$n || ret=1 +sleep 2 +$DIG $DIGOPTS data.unsigned @10.53.0.2 txt >dig.out.ns2.txt1.test$n || ret=1 +sleep 4 +$DIG $DIGOPTS data.unsigned @10.53.0.2 txt >dig.out.ns2.txt2.test$n || ret=1 +grep "status: NOERROR" dig.out.ns2.ns.test$n >/dev/null || ret=1 +grep "status: NOERROR" dig.out.ns2.txt1.test$n >/dev/null || ret=1 +# NS RRset from zone is returned +grep '^unsigned\..*NS.ns\.unsigned\.$' dig.out.ns2.txt1.test$n >/dev/null || ret=1 +grep '^unsigned\..*NS.unsigned\.$' dig.out.ns2.txt1.test$n >/dev/null && ret=1 +# NS expired and synthesised response is not returned +grep "status: NOERROR" dig.out.ns2.txt2.test$n >/dev/null || ret=1 +grep '^unsigned\..*NS.ns\.unsigned\.$' dig.out.ns2.txt2.test$n >/dev/null && ret=1 +grep '^unsigned\..*NS.unsigned\.$' dig.out.ns2.txt2.test$n >/dev/null && ret=1 +if [ $ret != 0 ]; then echo_i "failed"; fi +status=$((status + ret)) + echo_i "exit status: $status" [ $status -eq 0 ] || exit 1