+4627. [func] Deprecate 'dig +sit', it is replaced by 'dig +cookie'.
+ [RT #45245]
+
4626. [test] Added more tests for handling of different record
ordering in CNAME and DNAME responses. [QA #430]
" +[no]cl (Control display of class in records)\n"
" +[no]cmd (Control display of command line)\n"
" +[no]comments (Control display of comment lines)\n"
+#ifdef ISC_PLATFORM_USESIT
+" +[no]cookie (Add a COOKIE option to the request)\n"
+#endif
" +[no]crypto (Control display of cryptographic "
"fields in records)\n"
" +[no]defname (Use search list (+[no]search))\n"
" +[no]sigchase (Chase DNSSEC signatures)\n"
#endif
#ifdef ISC_PLATFORM_USESIT
-" +[no]sit (Request a Source Identity Token)\n"
+" +[no]sit (A synonym for +[no]cookie)\n"
#endif
" +[no]split=## (Split hex/base64 fields into chunks)\n"
" +[no]stats (Control display of statistics)\n"
printcmd = state;
break;
case 'o': /* comments */
- FULLCHECK("comments");
- lookup->comments = state;
- if (lookup == default_lookup)
- pluscomm = state;
+#ifdef ISC_PLATFORM_USESIT
+ switch (cmd[2]) {
+ case 'o':
+ FULLCHECK("cookie");
+ goto sit;
+ case 'm':
+#endif
+ FULLCHECK("comments");
+ lookup->comments = state;
+ if (lookup == default_lookup)
+ pluscomm = state;
+#ifdef ISC_PLATFORM_USESIT
+ break;
+ default:
+ goto invalid_option;
+ }
+#endif
break;
case 'r':
FULLCHECK("crypto");
#ifdef ISC_PLATFORM_USESIT
case 't': /* sit */
FULLCHECK("sit");
+ sit:
if (state && lookup->edns == -1)
lookup->edns = 0;
lookup->sit = state;
</listitem>
</varlistentry>
+ <varlistentry>
+ <term><option>+[no]cookie<optional>=####</optional></option></term>
+ <listitem>
+ <para>
+ Send an COOKIE EDNS option, containing an optional
+ <replaceable>value</replaceable>. Replaying a COOKIE
+ from a previous response will allow the server to
+ identify a previous client. The default is
+ <option>+nocookie</option>.
+ </para>
+ <para>
+ <command>+cookie</command> is automatically set when +trace
+ is in use, to better emulate the default queries from a
+ nameserver.
+ </para>
+ <para>
+ This option was formerly called <option>+[no]sit</option>
+ (Server Identity Token). In BIND 9.10.0 through BIND 9.10.2,
+ it sent the experimental option code 65001. This was
+ changed to option code 10 in BIND 9.10.3 when the DNS
+ COOKIE option was allocated.
+ </para>
+ <para>
+ The <option>+[no]sit</option> is now deprecated, but has
+ been retained as a synonym for <option>+[no]cookie</option>
+ for backward compatibility within the BIND 9.10 branch.
+ </para>
+ </listitem>
+ </varlistentry>
+
<varlistentry>
<term><option>+[no]crypto</option></term>
<listitem>
<term><option>+[no]sit<optional>=####</optional></option></term>
<listitem>
<para>
- Send a DNS COOKIE option, with optional value.
- Replaying a DNS COOKIE from a previous response will
- allow the server to identify a previous client. The
- default is <option>+nosit</option>.
+ This option is a synonym for <option>+[no]cookie</option>.
</para>
<para>
- This option is <option>+[no]cookie</option> from
- BIND 9.11.0 onwards. BIND 9.10.0 through BIND 9.10.2
- sent the experimental option code 65001. This was
- changed to 10 in BIND 9.10.3 when the DNS COOKIE
- option was allocated.
+ The <option>+[no]sit</option> is deprecated.
</para>
</listitem>
</varlistentry>
# load on the machine to make it unusable to other users.
# v6synth
SUBDIRS="acl additional allow_query addzone autosign builtin
- cacheclean case chain checkconf @CHECKDS@ checknames checkzone
- @COVERAGE@ database delv digdelv dlv dlvauto dlz dlzexternal
- dlzredir dns64 dnssec dsdigest dscp ecdsa ednscompliance
- emptyzones fetchlimit filter-aaaa formerr forward geoip
- glue gost ixfr inline integrity legacy limits logfileconfig
- lwresd masterfile masterformat metadata notify nslookup
- nsupdate pending @PKCS11_TEST@ reclimit redirect resolver
- rndc rpz rpzrecurse rrl rrchecker rrsetorder rsabigexponent
- sit smartsign sortlist spf staticstub statistics statschannel
- stub tcp tkey tsig tsiggss unknown upforwd verify views
- wildcard xfer xferquota zero zonechecks"
+ cacheclean case chain checkconf @CHECKDS@ checknames
+ checkzone cookie @COVERAGE@ database delv digdelv dlv
+ dlvauto dlz dlzexternal dlzredir dns64 dnssec dsdigest
+ dscp ecdsa ednscompliance emptyzones fetchlimit filter-aaaa
+ formerr forward geoip glue gost ixfr inline integrity
+ legacy limits logfileconfig lwresd masterfile masterformat
+ metadata notify nslookup nsupdate pending @PKCS11_TEST@
+ reclimit redirect resolver rndc rpz rpzrecurse rrl rrchecker
+ rrsetorder rsabigexponent smartsign sortlist spf staticstub
+ statistics statschannel stub tcp tkey tsig tsiggss unknown
+ upforwd verify views wildcard xfer xferquota zero zonechecks"
# Things that are different on Windows
KILL=kill
# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
# PERFORMANCE OF THIS SOFTWARE.
-# $Id: tests.sh,v 1.22 2012/02/09 23:47:18 tbox Exp $
-
SYSTEMTESTTOP=..
. $SYSTEMTESTTOP/conf.sh
status=0
n=0
-getsit() {
+getcookie() {
awk '$2 == "COOKIE:" {
print $3;
}' < $1
}
-fullsit() {
+fullcookie() {
awk 'BEGIN { n = 0 }
// { v[n++] = length(); }
END { print (v[1] == v[2]); }'
done
n=`expr $n + 1`
-echo "I:checking SIT token returned to empty SIT option ($n)"
+echo "I:checking COOKIE token returned to empty COOKIE option ($n)"
+ret=0
+$DIG +qr +cookie version.bind txt ch @10.53.0.1 -p 5300 > dig.out.test$n
+grep COOKIE: dig.out.test$n > /dev/null || ret=1
+grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1
+if [ $ret != 0 ]; then echo "I:failed"; fi
+status=`expr $status + $ret`
+
+n=`expr $n + 1`
+echo "I:checking COOKIE token returned to empty COOKIE option (+sit) ($n)"
ret=0
$DIG +qr +sit version.bind txt ch @10.53.0.1 -p 5300 > dig.out.test$n
grep COOKIE: dig.out.test$n > /dev/null || ret=1
status=`expr $status + $ret`
n=`expr $n + 1`
-echo "I:checking response size without SIT ($n)"
+echo "I:checking response size without COOKIE ($n)"
ret=0
$DIG large.example txt @10.53.0.1 -p 5300 +ignore > dig.out.test$n
havetc dig.out.test$n || ret=1
status=`expr $status + $ret`
n=`expr $n + 1`
-echo "I:checking response size without valid SIT ($n)"
+echo "I:checking response size without valid COOKIE ($n)"
+ret=0
+$DIG +cookie large.example txt @10.53.0.1 -p 5300 +ignore > dig.out.test$n
+havetc dig.out.test$n || ret=1
+grep "; COOKIE:.*(good)" dig.out.test$n > /dev/null || ret=1
+if [ $ret != 0 ]; then echo "I:failed"; fi
+status=`expr $status + $ret`
+
+n=`expr $n + 1`
+echo "I:checking response size without valid COOKIE (+sit) ($n)"
ret=0
$DIG +sit large.example txt @10.53.0.1 -p 5300 +ignore > dig.out.test$n
havetc dig.out.test$n || ret=1
status=`expr $status + $ret`
n=`expr $n + 1`
-echo "I:checking response size with SIT ($n)"
+echo "I:checking response size with COOKIE ($n)"
+ret=0
+$DIG +cookie large.example txt @10.53.0.1 -p 5300 > dig.out.test$n.l
+cookie=`getcookie dig.out.test$n.l`
+$DIG +qr +cookie=$cookie large.example txt @10.53.0.1 -p 5300 +ignore > dig.out.test$n
+havetc dig.out.test$n && ret=1
+grep "; COOKIE:.*(good)" dig.out.test$n > /dev/null || ret=1
+if [ $ret != 0 ]; then echo "I:failed"; fi
+status=`expr $status + $ret`
+
+n=`expr $n + 1`
+echo "I:checking response size with COOKIE (+sit) ($n)"
ret=0
$DIG +sit large.example txt @10.53.0.1 -p 5300 > dig.out.test$n.l
-sit=`getsit dig.out.test$n.l`
-$DIG +qr +sit=$sit large.example txt @10.53.0.1 -p 5300 +ignore > dig.out.test$n
+cookie=`getcookie dig.out.test$n.l`
+$DIG +qr +cookie=$cookie large.example txt @10.53.0.1 -p 5300 +ignore > dig.out.test$n
+havetc dig.out.test$n && ret=1
+grep "; COOKIE:.*(good)" dig.out.test$n > /dev/null || ret=1
+if [ $ret != 0 ]; then echo "I:failed"; fi
+status=`expr $status + $ret`
+
+n=`expr $n + 1`
+echo "I:checking response size with COOKIE recursive ($n)"
+ret=0
+$DIG +qr +cookie=$cookie large.xxx txt @10.53.0.1 -p 5300 +ignore > dig.out.test$n
havetc dig.out.test$n && ret=1
grep "; COOKIE:.*(good)" dig.out.test$n > /dev/null || ret=1
if [ $ret != 0 ]; then echo "I:failed"; fi
status=`expr $status + $ret`
n=`expr $n + 1`
-echo "I:checking response size with SIT recursive ($n)"
+echo "I:checking response size with COOKIE recursive (+sit) ($n)"
ret=0
-$DIG +qr +sit=$sit large.xxx txt @10.53.0.1 -p 5300 +ignore > dig.out.test$n
+$DIG +qr +sit=$cookie large.xxx txt @10.53.0.1 -p 5300 +ignore > dig.out.test$n
havetc dig.out.test$n && ret=1
grep "; COOKIE:.*(good)" dig.out.test$n > /dev/null || ret=1
if [ $ret != 0 ]; then echo "I:failed"; fi
status=`expr $status + $ret`
n=`expr $n + 1`
-echo "I:checking SIT is learnt for TCP retry ($n)"
+echo "I:checking COOKIE is learnt for TCP retry ($n)"
+ret=0
+$DIG +qr +cookie large.example txt @10.53.0.1 -p 5300 > dig.out.test$n
+linecount=`getcookie dig.out.test$n | wc -l`
+if [ $linecount != 3 ]; then ret=1; fi
+checkfull=`getcookie dig.out.test$n | fullcookie`
+if [ $checkfull != 1 ]; then ret=1; fi
+if [ $ret != 0 ]; then echo "I:failed"; fi
+status=`expr $status + $ret`
+
+n=`expr $n + 1`
+echo "I:checking COOKIE is learnt for TCP retry (+sit) ($n)"
ret=0
$DIG +qr +sit large.example txt @10.53.0.1 -p 5300 > dig.out.test$n
-linecount=`getsit dig.out.test$n | wc -l`
+linecount=`getcookie dig.out.test$n | wc -l`
if [ $linecount != 3 ]; then ret=1; fi
-checkfull=`getsit dig.out.test$n | fullsit`
+checkfull=`getcookie dig.out.test$n | fullcookie`
if [ $checkfull != 1 ]; then ret=1; fi
if [ $ret != 0 ]; then echo "I:failed"; fi
status=`expr $status + $ret`
n=`expr $n + 1`
-echo "I:checking for SIT value in adb ($n)"
+echo "I:checking for COOKIE value in adb ($n)"
ret=0
$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 dumpdb
sleep 1
# elsewhere if there's a good reason for doing so.
#
-ac_config_files="$ac_config_files make/Makefile make/mkdep Makefile bin/Makefile bin/check/Makefile bin/confgen/Makefile bin/confgen/unix/Makefile bin/delv/Makefile bin/dig/Makefile bin/dnssec/Makefile bin/named/Makefile bin/named/unix/Makefile bin/nsupdate/Makefile bin/pkcs11/Makefile bin/python/Makefile bin/python/isc/Makefile bin/python/isc/utils.py bin/python/isc/tests/Makefile bin/python/dnssec-checkds.py bin/python/dnssec-coverage.py bin/python/isc/__init__.py bin/python/isc/checkds.py bin/python/isc/coverage.py bin/python/isc/dnskey.py bin/python/isc/eventlist.py bin/python/isc/keydict.py bin/python/isc/keyevent.py bin/python/isc/keyzone.py bin/python/isc/tests/dnskey_test.py bin/rndc/Makefile bin/tests/Makefile bin/tests/atomic/Makefile bin/tests/db/Makefile bin/tests/dst/Makefile bin/tests/dst/Kdh.+002+18602.key bin/tests/dst/Kdh.+002+18602.private bin/tests/dst/Kdh.+002+48957.key bin/tests/dst/Kdh.+002+48957.private bin/tests/dst/Ktest.+001+00002.key bin/tests/dst/Ktest.+001+54622.key bin/tests/dst/Ktest.+001+54622.private bin/tests/dst/Ktest.+003+23616.key bin/tests/dst/Ktest.+003+23616.private bin/tests/dst/Ktest.+003+49667.key bin/tests/dst/dst_2_data bin/tests/dst/t2_data_1 bin/tests/dst/t2_data_2 bin/tests/dst/t2_dsasig bin/tests/dst/t2_rsasig bin/tests/hashes/Makefile bin/tests/headerdep_test.sh bin/tests/master/Makefile bin/tests/mem/Makefile bin/tests/names/Makefile bin/tests/net/Makefile bin/tests/pkcs11/Makefile bin/tests/pkcs11/benchmarks/Makefile bin/tests/rbt/Makefile bin/tests/resolver/Makefile bin/tests/sockaddr/Makefile bin/tests/system/Makefile bin/tests/system/conf.sh bin/tests/system/dlz/prereq.sh bin/tests/system/dlzexternal/Makefile bin/tests/system/dlzexternal/ns1/named.conf bin/tests/system/dlzredir/prereq.sh bin/tests/system/inline/checkdsa.sh bin/tests/system/lwresd/Makefile bin/tests/system/rsabigexponent/Makefile bin/tests/system/sit/prereq.sh bin/tests/system/tkey/Makefile bin/tests/tasks/Makefile bin/tests/timers/Makefile bin/tests/virtual-time/Makefile bin/tests/virtual-time/conf.sh bin/tools/Makefile contrib/scripts/check-secure-delegation.pl contrib/scripts/zone-edit.sh doc/Makefile doc/arm/Makefile doc/arm/noteversion.xml doc/arm/pkgversion.xml doc/arm/releaseinfo.xml doc/doxygen/Doxyfile doc/doxygen/Makefile doc/doxygen/doxygen-input-filter doc/misc/Makefile doc/tex/Makefile doc/tex/armstyle.sty doc/xsl/Makefile doc/xsl/isc-docbook-chunk.xsl doc/xsl/isc-docbook-html.xsl doc/xsl/isc-manpage.xsl doc/xsl/isc-notes-html.xsl isc-config.sh lib/Makefile lib/bind9/Makefile lib/bind9/include/Makefile lib/bind9/include/bind9/Makefile lib/dns/Makefile lib/dns/include/Makefile lib/dns/include/dns/Makefile lib/dns/include/dst/Makefile lib/dns/tests/Makefile lib/irs/Makefile lib/irs/include/Makefile lib/irs/include/irs/Makefile lib/irs/include/irs/netdb.h lib/irs/include/irs/platform.h lib/irs/tests/Makefile lib/isc/$arch/Makefile lib/isc/$arch/include/Makefile lib/isc/$arch/include/isc/Makefile lib/isc/$thread_dir/Makefile lib/isc/$thread_dir/include/Makefile lib/isc/$thread_dir/include/isc/Makefile lib/isc/Makefile lib/isc/include/Makefile lib/isc/include/isc/Makefile lib/isc/include/isc/platform.h lib/isc/include/pk11/Makefile lib/isc/include/pkcs11/Makefile lib/isc/tests/Makefile lib/isc/nls/Makefile lib/isc/unix/Makefile lib/isc/unix/include/Makefile lib/isc/unix/include/isc/Makefile lib/isc/unix/include/pkcs11/Makefile lib/isccc/Makefile lib/isccc/include/Makefile lib/isccc/include/isccc/Makefile lib/isccfg/Makefile lib/isccfg/include/Makefile lib/isccfg/include/isccfg/Makefile lib/lwres/Makefile lib/lwres/include/Makefile lib/lwres/include/lwres/Makefile lib/lwres/include/lwres/netdb.h lib/lwres/include/lwres/platform.h lib/lwres/man/Makefile lib/lwres/tests/Makefile lib/lwres/unix/Makefile lib/lwres/unix/include/Makefile lib/lwres/unix/include/lwres/Makefile lib/tests/Makefile lib/tests/include/Makefile lib/tests/include/tests/Makefile lib/samples/Makefile lib/samples/Makefile-postinstall unit/Makefile unit/unittest.sh"
+ac_config_files="$ac_config_files make/Makefile make/mkdep Makefile bin/Makefile bin/check/Makefile bin/confgen/Makefile bin/confgen/unix/Makefile bin/delv/Makefile bin/dig/Makefile bin/dnssec/Makefile bin/named/Makefile bin/named/unix/Makefile bin/nsupdate/Makefile bin/pkcs11/Makefile bin/python/Makefile bin/python/isc/Makefile bin/python/isc/utils.py bin/python/isc/tests/Makefile bin/python/dnssec-checkds.py bin/python/dnssec-coverage.py bin/python/isc/__init__.py bin/python/isc/checkds.py bin/python/isc/coverage.py bin/python/isc/dnskey.py bin/python/isc/eventlist.py bin/python/isc/keydict.py bin/python/isc/keyevent.py bin/python/isc/keyzone.py bin/python/isc/tests/dnskey_test.py bin/rndc/Makefile bin/tests/Makefile bin/tests/atomic/Makefile bin/tests/db/Makefile bin/tests/dst/Makefile bin/tests/dst/Kdh.+002+18602.key bin/tests/dst/Kdh.+002+18602.private bin/tests/dst/Kdh.+002+48957.key bin/tests/dst/Kdh.+002+48957.private bin/tests/dst/Ktest.+001+00002.key bin/tests/dst/Ktest.+001+54622.key bin/tests/dst/Ktest.+001+54622.private bin/tests/dst/Ktest.+003+23616.key bin/tests/dst/Ktest.+003+23616.private bin/tests/dst/Ktest.+003+49667.key bin/tests/dst/dst_2_data bin/tests/dst/t2_data_1 bin/tests/dst/t2_data_2 bin/tests/dst/t2_dsasig bin/tests/dst/t2_rsasig bin/tests/hashes/Makefile bin/tests/headerdep_test.sh bin/tests/master/Makefile bin/tests/mem/Makefile bin/tests/names/Makefile bin/tests/net/Makefile bin/tests/pkcs11/Makefile bin/tests/pkcs11/benchmarks/Makefile bin/tests/rbt/Makefile bin/tests/resolver/Makefile bin/tests/sockaddr/Makefile bin/tests/system/Makefile bin/tests/system/conf.sh bin/tests/system/dlz/prereq.sh bin/tests/system/dlzexternal/Makefile bin/tests/system/dlzexternal/ns1/named.conf bin/tests/system/dlzredir/prereq.sh bin/tests/system/inline/checkdsa.sh bin/tests/system/lwresd/Makefile bin/tests/system/rsabigexponent/Makefile bin/tests/system/cookie/prereq.sh bin/tests/system/tkey/Makefile bin/tests/tasks/Makefile bin/tests/timers/Makefile bin/tests/virtual-time/Makefile bin/tests/virtual-time/conf.sh bin/tools/Makefile contrib/scripts/check-secure-delegation.pl contrib/scripts/zone-edit.sh doc/Makefile doc/arm/Makefile doc/arm/noteversion.xml doc/arm/pkgversion.xml doc/arm/releaseinfo.xml doc/doxygen/Doxyfile doc/doxygen/Makefile doc/doxygen/doxygen-input-filter doc/misc/Makefile doc/tex/Makefile doc/tex/armstyle.sty doc/xsl/Makefile doc/xsl/isc-docbook-chunk.xsl doc/xsl/isc-docbook-html.xsl doc/xsl/isc-manpage.xsl doc/xsl/isc-notes-html.xsl isc-config.sh lib/Makefile lib/bind9/Makefile lib/bind9/include/Makefile lib/bind9/include/bind9/Makefile lib/dns/Makefile lib/dns/include/Makefile lib/dns/include/dns/Makefile lib/dns/include/dst/Makefile lib/dns/tests/Makefile lib/irs/Makefile lib/irs/include/Makefile lib/irs/include/irs/Makefile lib/irs/include/irs/netdb.h lib/irs/include/irs/platform.h lib/irs/tests/Makefile lib/isc/$arch/Makefile lib/isc/$arch/include/Makefile lib/isc/$arch/include/isc/Makefile lib/isc/$thread_dir/Makefile lib/isc/$thread_dir/include/Makefile lib/isc/$thread_dir/include/isc/Makefile lib/isc/Makefile lib/isc/include/Makefile lib/isc/include/isc/Makefile lib/isc/include/isc/platform.h lib/isc/include/pk11/Makefile lib/isc/include/pkcs11/Makefile lib/isc/tests/Makefile lib/isc/nls/Makefile lib/isc/unix/Makefile lib/isc/unix/include/Makefile lib/isc/unix/include/isc/Makefile lib/isc/unix/include/pkcs11/Makefile lib/isccc/Makefile lib/isccc/include/Makefile lib/isccc/include/isccc/Makefile lib/isccfg/Makefile lib/isccfg/include/Makefile lib/isccfg/include/isccfg/Makefile lib/lwres/Makefile lib/lwres/include/Makefile lib/lwres/include/lwres/Makefile lib/lwres/include/lwres/netdb.h lib/lwres/include/lwres/platform.h lib/lwres/man/Makefile lib/lwres/tests/Makefile lib/lwres/unix/Makefile lib/lwres/unix/include/Makefile lib/lwres/unix/include/lwres/Makefile lib/tests/Makefile lib/tests/include/Makefile lib/tests/include/tests/Makefile lib/samples/Makefile lib/samples/Makefile-postinstall unit/Makefile unit/unittest.sh"
#
"bin/tests/system/inline/checkdsa.sh") CONFIG_FILES="$CONFIG_FILES bin/tests/system/inline/checkdsa.sh" ;;
"bin/tests/system/lwresd/Makefile") CONFIG_FILES="$CONFIG_FILES bin/tests/system/lwresd/Makefile" ;;
"bin/tests/system/rsabigexponent/Makefile") CONFIG_FILES="$CONFIG_FILES bin/tests/system/rsabigexponent/Makefile" ;;
- "bin/tests/system/sit/prereq.sh") CONFIG_FILES="$CONFIG_FILES bin/tests/system/sit/prereq.sh" ;;
+ "bin/tests/system/cookie/prereq.sh") CONFIG_FILES="$CONFIG_FILES bin/tests/system/cookie/prereq.sh" ;;
"bin/tests/system/tkey/Makefile") CONFIG_FILES="$CONFIG_FILES bin/tests/system/tkey/Makefile" ;;
"bin/tests/tasks/Makefile") CONFIG_FILES="$CONFIG_FILES bin/tests/tasks/Makefile" ;;
"bin/tests/timers/Makefile") CONFIG_FILES="$CONFIG_FILES bin/tests/timers/Makefile" ;;
bin/tests/system/inline/checkdsa.sh
bin/tests/system/lwresd/Makefile
bin/tests/system/rsabigexponent/Makefile
- bin/tests/system/sit/prereq.sh
+ bin/tests/system/cookie/prereq.sh
bin/tests/system/tkey/Makefile
bin/tests/tasks/Makefile
bin/tests/timers/Makefile
projects / thirdparty / bind9.git / commitdiff
