Check that dig/host/nslookup handle a UPDATE response.

Additionally check that "delete $qname SOA" in the update
reponse doesn't trigger a insertion in nslookup.

(cherry picked from commit 6593cf0b5a0f1e5064f5a0d59323968b55c2cf1b)

diff --git a/bin/tests/system/conf.sh.in b/bin/tests/system/conf.sh.in
index 65dbf5caf67ec1476248e30737d01a225a2c59de..769980913e57f3e5d1bb7a924a0b0940e9275ea5 100644 (file)
--- a/bin/tests/system/conf.sh.in
+++ b/bin/tests/system/conf.sh.in
@@ -54,6 +54,7 @@ SIGNER=$TOP/bin/dnssec/dnssec-signzone
 REVOKE=$TOP/bin/dnssec/dnssec-revoke
 SETTIME=$TOP/bin/dnssec/dnssec-settime
 DSFROMKEY=$TOP/bin/dnssec/dnssec-dsfromkey
+HOST=$TOP/bin/dig/host
 IMPORTKEY=$TOP/bin/dnssec/dnssec-importkey
 CHECKDS=$TOP/bin/python/dnssec-checkds
 COVERAGE=$TOP/bin/python/dnssec-coverage

diff --git a/bin/tests/system/digdelv/ans7/ans.pl b/bin/tests/system/digdelv/ans7/ans.pl
new file mode 100755 (executable)
index 0000000..934c345
--- /dev/null
+++ b/bin/tests/system/digdelv/ans7/ans.pl
@@ -0,0 +1,66 @@
+#!/usr/bin/perl -w
+#
+# Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+#
+# See the COPYRIGHT file distributed with this work for additional
+# information regarding copyright ownership.
+
+use IO::File;
+use IO::Socket;
+use Net::DNS;
+use Net::DNS::Packet;
+
+my $localport = int($ENV{'PORT'});
+if (!$localport) { $localport = 5300; }
+
+my $sock = IO::Socket::INET->new(LocalAddr => "10.53.0.7",
+   LocalPort => $localport, Proto => "udp") or die "$!";
+
+my $pidf = new IO::File "ans.pid", "w" or die "cannot open pid file: $!";
+print $pidf "$$\n" or die "cannot write pid file: $!";
+$pidf->close or die "cannot close pid file: $!";
+sub rmpid { unlink "ans.pid"; exit 1; };
+
+$SIG{INT} = \&rmpid;
+$SIG{TERM} = \&rmpid;
+
+STDOUT->autoflush(1);
+
+print "Net::DNS::VERSION => $Net::DNS::VERSION\n";
+
+for (;;) {
+       $sock->recv($buf, 512);
+
+       print "**** request from " , $sock->peerhost, " port ", $sock->peerport, "\n";
+
+       my $packet;
+
+       if ($Net::DNS::VERSION > 0.68) {
+               $packet = new Net::DNS::Packet(\$buf, 0);
+               $@ and die $@;
+       } else {
+               my $err;
+               ($packet, $err) = new Net::DNS::Packet(\$buf, 0);
+               $err and die $err;
+       }
+
+       print "REQUEST:\n";
+       $packet->print;
+
+       $packet->header->qr(1);
+       $packet->header->opcode(5);
+
+       my @questions = $packet->question;
+       my $qname = $questions[0]->qname;
+       my $qtype = $questions[0]->qtype;
+       $packet->push("update", rr_del("$qname SOA"));
+
+       print "RESPONSE:\n";
+       $packet->print;
+
+       $sock->send($packet->data);
+}

diff --git a/bin/tests/system/digdelv/clean.sh b/bin/tests/system/digdelv/clean.sh
index 681c027a2ebb8e5fe3c7d89caf4b553b4d9d8308..cef2c4d8d1eddf0ccb6aa367998d49b270db2a2a 100644 (file)
--- a/bin/tests/system/digdelv/clean.sh
+++ b/bin/tests/system/digdelv/clean.sh
@@ -11,7 +11,8 @@
 
 rm -f dig.out.*test*
 rm -f delv.out.test*
+rm -f host.out.test*
+rm -f nslookup.out.test*
 rm -f */named.memstats
 rm -f */named.run
 rm -f */named.conf
-rm -f ns*/named.lock

diff --git a/bin/tests/system/digdelv/tests.sh b/bin/tests/system/digdelv/tests.sh
index ef8a7a1eaed2e7276eecf3c738966193f087774b..69194cc931e18b443d4e2a5802f92e32e31acebd 100644 (file)
--- a/bin/tests/system/digdelv/tests.sh
+++ b/bin/tests/system/digdelv/tests.sh
@@ -38,7 +38,56 @@ check_ttl_range() {
    return $result
 }
 
+#
+# test whether ans7/ans.pl will be able to send a UPDATE response.
+# if it can't, we will log that below.
+#
+if "$PERL" -e 'use Net::DNS; use Net::DNS::Packet; my $p = new Net::DNS::Packet; $p->header->opcode(5);' > /dev/null 2>&1
+then
+       checkupdate=1
+else
+       checkupdate=0
+fi
+
+if [ -x "$NSLOOKUP" -a $checkupdate -eq 1 ] ; then
+
+  n=`expr $n + 1`
+  echo_i "check nslookup handles UPDATE response ($n)"
+  ret=0
+  "$NSLOOKUP" -q=CNAME "-port=$PORT" foo.bar 10.53.0.7 > nslookup.out.test$n 2>&1 && ret=1
+  grep "Opcode mismatch" nslookup.out.test$n > /dev/null || ret=1
+  if [ $ret -ne 0 ]; then echo_i "failed"; fi
+  status=`expr $status + $ret`
+
+fi
+
+if [ -x "$HOST" -a $checkupdate -eq 1 ] ; then
+
+  n=`expr $n + 1`
+  echo_i "check host handles UPDATE response ($n)"
+  ret=0
+  "$HOST" -t CNAME -p $PORT foo.bar 10.53.0.7 > host.out.test$n 2>&1 && ret=1
+  grep "Opcode mismatch" host.out.test$n > /dev/null || ret=1
+  if [ $ret -ne 0 ]; then echo_i "failed"; fi
+  status=`expr $status + $ret`
+
+fi
+
 if [ -x "$DIG" ] ; then
+
+  if [ $checkupdate -eq 1 ] ; then
+
+    n=`expr $n + 1`
+    echo_i "check dig handles UPDATE response ($n)"
+    ret=0
+    $DIG $DIGOPTS @10.53.0.7 cname foo.bar > dig.out.test$n 2>&1 && ret=1
+    grep "Opcode mismatch" dig.out.test$n > /dev/null || ret=1
+    if [ $ret -ne 0 ]; then echo_i "failed"; fi
+    status=`expr $status + $ret`
+  else
+    echo_i "Skipped UPDATE handling test"
+  fi
+
   n=`expr $n + 1`
   echo_i "checking dig short form works ($n)"
   ret=0

diff --git a/util/copyrights b/util/copyrights
index 6007f8b9ef4989aee6415802fb8ec9b9a30ee5b3..ab9faff3da2ea2aa8d8334e0d3837df142b0a77c 100644 (file)
--- a/util/copyrights
+++ b/util/copyrights
@@ -1000,6 +1000,7 @@
 ./bin/tests/system/dialup/tests.sh             SH      2000,2001,2004,2007,2012,2016,2018,2019,2020
 ./bin/tests/system/digcomp.pl                  PERL    2000,2001,2004,2007,2012,2013,2016,2018,2019,2020
 ./bin/tests/system/digdelv/ans4/startme                X       2017,2018,2019,2020
+./bin/tests/system/digdelv/ans7/ans.pl         PERL    2020
 ./bin/tests/system/digdelv/clean.sh            SH      2015,2016,2018,2019,2020
 ./bin/tests/system/digdelv/ns1/named.conf.in   CONF-C  2018,2019,2020
 ./bin/tests/system/digdelv/ns1/root.db         ZONE    2015,2016,2018,2019,2020