From: Aram Sargsyan <aram@isc.org>
Date: Fri, 17 Feb 2023 12:38:40 +0000 (+0000)
Subject: Add an "rpz" system test check for a failed reconfiguration
X-Git-Tag: v9.19.11~44^2~2
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=95f4bac00236fd430131b8db8009de777d8db444;p=thirdparty%2Fbind9.git

Add an "rpz" system test check for a failed reconfiguration

The faulty "DLZ" configuration triggers a reconfiguration failure
in such a place where view reverting code is covered.
---

diff --git a/bin/tests/system/rpz/ns3/named.conf.in b/bin/tests/system/rpz/ns3/named.conf.in
index b0f6804bd29..80a9d832f03 100644
--- a/bin/tests/system/rpz/ns3/named.conf.in
+++ b/bin/tests/system/rpz/ns3/named.conf.in
@@ -148,3 +148,13 @@ zone "static-stub-nomatch." {
 	type static-stub;
 	server-addresses { 10.53.0.10; };
 };
+
+# A faulty dlz configuration to check if named with response policy zones
+# survives a certain class of failed configuration attempts (see GL #3880).
+# "dlz" is used because the dlz processing code is located in an ideal place in
+# the view configuration function for the test to cover the view reverting code.
+# The "BAD" comments below are necessary, because they will be removed using
+# 'sed' by tests.sh in order to activate the faulty configuration.
+#BAD	dlz "bad-dlz" {
+#BAD		database "dlopen bad-dlz.so example.org";
+#BAD	};
diff --git a/bin/tests/system/rpz/tests.sh b/bin/tests/system/rpz/tests.sh
index 1cfafbe813c..4e83a6b7021 100644
--- a/bin/tests/system/rpz/tests.sh
+++ b/bin/tests/system/rpz/tests.sh
@@ -848,6 +848,16 @@ EOF
     stop_server --use-rndc --port ${CONTROLPORT} ns3
     restart 3 "rebuild-bl-rpz"
 
+    t=`expr $t + 1`
+    echo_i "checking if rpz survives a certain class of failed reconfiguration attempts (${t})"
+    sed -e "s/^#BAD//" < ns3/named.conf.in > ns3/named.conf.tmp
+    copy_setports ns3/named.conf.tmp ns3/named.conf
+    rm ns3/named.conf.tmp
+    $RNDCCMD $ns3 reconfig > /dev/null 2>&1 && setret "failed"
+    sleep 1
+    copy_setports ns3/named.conf.in ns3/named.conf
+    $RNDCCMD $ns3 reconfig || setret "failed"
+
     t=`expr $t + 1`
     echo_i "checking the configured extended DNS error code (EDE) (${t})"
     $DIG -p ${PORT} @$ns3 walled.tld2 > dig.out.$t