From 4200d23882cd898732ea81625c18432cd4937a1a Mon Sep 17 00:00:00 2001 From: Yorgos Thessalonikefs Date: Wed, 25 Jun 2025 14:02:47 +0200 Subject: [PATCH] - For #1247, replay test (added tcp_transport to outnet_serviced_query). --- doc/Changelog | 2 + testcode/fake_event.c | 4 +- testdata/iter_fwdfirstequaltcp.rpl | 163 +++++++++++++++++++++++++++++ 3 files changed, 167 insertions(+), 2 deletions(-) create mode 100644 testdata/iter_fwdfirstequaltcp.rpl diff --git a/doc/Changelog b/doc/Changelog index 5be77bedb..a14a8ad3d 100644 --- a/doc/Changelog +++ b/doc/Changelog @@ -3,6 +3,8 @@ - For #1247, turn off fetch-policy for delegation when looking into parent side name servers that may not update the addresses and hit NXNS limits. + - For #1247, replay test (added tcp_transport to + outnet_serviced_query). 20 June 2025: Yorgos - Fix #1293: EDE 6 is attached to insecure cached answers when client diff --git a/testcode/fake_event.c b/testcode/fake_event.c index 0942fcd83..ea05ea1ed 100644 --- a/testcode/fake_event.c +++ b/testcode/fake_event.c @@ -1256,7 +1256,7 @@ struct serviced_query* outnet_serviced_query(struct outside_network* outnet, struct query_info* qinfo, uint16_t flags, int dnssec, int ATTR_UNUSED(want_dnssec), int ATTR_UNUSED(nocaps), int ATTR_UNUSED(check_ratelimit), - int ATTR_UNUSED(tcp_upstream), int ATTR_UNUSED(ssl_upstream), + int tcp_upstream, int ATTR_UNUSED(ssl_upstream), char* ATTR_UNUSED(tls_auth_name), struct sockaddr_storage* addr, socklen_t addrlen, uint8_t* zone, size_t zonelen, struct module_qstate* qstate, comm_point_callback_type* callback, @@ -1353,7 +1353,7 @@ struct serviced_query* outnet_serviced_query(struct outside_network* outnet, pend->callback = callback; pend->cb_arg = callback_arg; pend->timeout = UDP_AUTH_QUERY_TIMEOUT/1000; - pend->transport = transport_udp; /* pretend UDP */ + pend->transport = tcp_upstream?transport_tcp:transport_udp; pend->pkt = NULL; pend->runtime = runtime; pend->serviced = 1; diff --git a/testdata/iter_fwdfirstequaltcp.rpl b/testdata/iter_fwdfirstequaltcp.rpl new file mode 100644 index 000000000..72dd441f5 --- /dev/null +++ b/testdata/iter_fwdfirstequaltcp.rpl @@ -0,0 +1,163 @@ +; config options +server: + target-fetch-policy: "0 0 0 0 0" + minimal-responses: no + tcp-upstream: no + #tls-upstream:no # same case but not testable in rpl. + +# Builtin hints work similar to this explicit '.' stub-zone. +stub-zone: + name: "." + stub-addr: 193.0.14.129 # K.ROOT-SERVERS.NET. + +forward-zone: + name: "." + forward-addr: 1.2.3.6 # failing resolver + forward-first: yes + forward-tcp-upstream: yes + #forward-tls-upstream:yes # same case but not testable in rpl. + +CONFIG_END + +SCENARIO_BEGIN Test forward-first directive in forward zone configured with explicit tcp upstream next to an equal stub name. + +; K.ROOT-SERVERS.NET. +RANGE_BEGIN 0 100 + ADDRESS 193.0.14.129 +ENTRY_BEGIN +MATCH UDP opcode qtype qname +ADJUST copy_id +REPLY QR NOERROR +SECTION QUESTION +. IN NS +SECTION ANSWER +. IN NS K.ROOT-SERVERS.NET. +SECTION ADDITIONAL +K.ROOT-SERVERS.NET. IN A 193.0.14.129 +ENTRY_END + +ENTRY_BEGIN +MATCH UDP opcode subdomain +ADJUST copy_id copy_query +REPLY QR NOERROR +SECTION QUESTION +com. IN A +SECTION AUTHORITY +com. IN NS a.gtld-servers.net. +SECTION ADDITIONAL +a.gtld-servers.net. IN A 192.5.6.30 +ENTRY_END +RANGE_END + +; a.gtld-servers.net. +RANGE_BEGIN 0 100 + ADDRESS 192.5.6.30 +ENTRY_BEGIN +MATCH UDP opcode qtype qname +ADJUST copy_id +REPLY QR NOERROR +SECTION QUESTION +com. IN NS +SECTION ANSWER +com. IN NS a.gtld-servers.net. +SECTION ADDITIONAL +a.gtld-servers.net. IN A 192.5.6.30 +ENTRY_END + +ENTRY_BEGIN +MATCH UDP opcode subdomain +ADJUST copy_id copy_query +REPLY QR NOERROR +SECTION QUESTION +example.com. IN A +SECTION AUTHORITY +example.com. IN NS ns.example.com. +SECTION ADDITIONAL +ns.example.com. IN A 1.2.3.4 +ENTRY_END +RANGE_END + +; ns.example.com. +RANGE_BEGIN 0 100 + ADDRESS 1.2.3.4 +ENTRY_BEGIN +MATCH UDP opcode qtype qname +ADJUST copy_id +REPLY QR NOERROR +SECTION QUESTION +example.com. IN NS +SECTION ANSWER +example.com. IN NS ns.example.com. +SECTION ADDITIONAL +ns.example.com. IN A 1.2.3.4 +ENTRY_END + +ENTRY_BEGIN +MATCH UDP opcode qtype qname +ADJUST copy_id +REPLY QR NOERROR +SECTION QUESTION +www.example.com. IN A +SECTION ANSWER +www.example.com. IN A 10.20.30.40 +SECTION AUTHORITY +example.com. IN NS ns.example.com. +SECTION ADDITIONAL +ns.example.com. IN A 1.2.3.4 +ENTRY_END +RANGE_END + +; local resolver (that fails a lot) +RANGE_BEGIN 0 100 + ADDRESS 1.2.3.6 + +ENTRY_BEGIN +MATCH TCP opcode qtype qname +ADJUST copy_id +REPLY QR RA SERVFAIL +SECTION QUESTION +example.com. IN NS +SECTION ANSWER +;example.com. IN NS ns.example.com. +SECTION ADDITIONAL +;ns.example.com. IN A 1.2.3.4 +ENTRY_END + +ENTRY_BEGIN +MATCH TCP opcode qtype qname +ADJUST copy_id +REPLY QR RA SERVFAIL +SECTION QUESTION +www.example.com. IN A +SECTION ANSWER +;www.example.com. IN A 10.20.30.50 +SECTION AUTHORITY +;example.com. IN NS ns.example.com. +SECTION ADDITIONAL +;ns.example.com. IN A 1.2.3.4 +ENTRY_END +RANGE_END + +STEP 1 QUERY +ENTRY_BEGIN +REPLY RD +SECTION QUESTION +www.example.com. IN A +ENTRY_END + +; recursion happens here. +STEP 10 CHECK_ANSWER +ENTRY_BEGIN +MATCH all +REPLY QR RD RA NOERROR +SECTION QUESTION +www.example.com. IN A +SECTION ANSWER +www.example.com. IN A 10.20.30.40 +SECTION AUTHORITY +example.com. IN NS ns.example.com. +SECTION ADDITIONAL +ns.example.com. IN A 1.2.3.4 +ENTRY_END + +SCENARIO_END -- 2.47.3