add system test for a no-questions reply over TCP

diff --git a/bin/tests/system/resolver/ans8/ans.pl b/bin/tests/system/resolver/ans8/ans.pl
index 753fc65f65c2ae088e2e2e89a24e1d5c1aeb45f6..0364e13870ef72d83e6610f4a63933fc23dadb1c 100644 (file)
--- a/bin/tests/system/resolver/ans8/ans.pl
+++ b/bin/tests/system/resolver/ans8/ans.pl
@@ -86,8 +86,11 @@ sub handleUDP {
        # versions just get it completely wrong.
 
        if ($qname eq "truncated.no-questions") {
-               # QR, AA, TC
+               # QR, AA, TC: forces TCP retry
                return (pack("nnnnnn", $id, 0x8600, 0, 0, 0, 0));
+       } elsif ($qname eq "tcpalso.no-questions") {
+               # QR, REFUSED: forces TCP retry
+               return (pack("nnnnnn", $id, 0x8205, 0, 0, 0, 0));
        }
        # QR, AA
        return (pack("nnnnnn", $id, 0x8400, 0, 0, 0, 0));
@@ -118,9 +121,15 @@ sub handleTCP {
        $response->header->qr(1);
        $response->header->aa(1);
        $response->header->id($id);
-
        $response->push("answer", new Net::DNS::RR("$qname 300 A 1.2.3.4"));
-       push(@results, $response->data);
+
+       if ($qname eq "tcpalso.no-questions") {
+               # for this qname we also return a bad reply over TCP
+               # QR, REFUSED, no question section
+               push (@results, pack("nnnnnn", $id, 0x8005, 0, 0, 0, 0));
+       } else {
+               push(@results, $response->data);
+       }
 
        return \@results;
 }

diff --git a/bin/tests/system/resolver/clean.sh b/bin/tests/system/resolver/clean.sh
index 1d32bc122ed376d860c24dd3fddf742a81cd56d8..2a3b2e555c2d548c410f83aee1d78ecc7c9581c6 100644 (file)
--- a/bin/tests/system/resolver/clean.sh
+++ b/bin/tests/system/resolver/clean.sh
@@ -21,6 +21,7 @@ rm -f dig.out dig.out.* dig.*.out.*
 rm -f dig.*.foo.*
 rm -f dig.*.bar.*
 rm -f dig.*.prime.*
+rm -f nextpart.out.*
 rm -f ns4/tld.db
 rm -f ns6/K*
 rm -f ns6/example.net.db.signed ns6/example.net.db

diff --git a/bin/tests/system/resolver/tests.sh b/bin/tests/system/resolver/tests.sh
index 4f2cdc49078d78c21156cfb422aedaa8468317de..e2a43bdf4847e82b5b30c245392e16d8b7e4e2aa 100755 (executable)
--- a/bin/tests/system/resolver/tests.sh
+++ b/bin/tests/system/resolver/tests.sh
@@ -822,6 +822,27 @@ grep "1\.2\.3\.4" dig.ns5.out.${n} > /dev/null && ret=1
 if [ $ret != 0 ]; then echo_i "failed"; fi
 status=`expr $status + $ret`
 
+n=`expr $n + 1`
+echo_i "check that SERVFAIL is returned for an empty question section via TCP ($n)"
+ret=0
+nextpart ns5/named.run > /dev/null
+# bind to local address so that addresses in log messages are consistent
+# between platforms; use tcp to get SERVFAIL rather than timeout on slow
+# machines
+$DIG $DIGOPTS @10.53.0.5 -b 10.53.0.5 +tcp tcpalso.no-questions. a +tries=3 +time=4 > dig.ns5.out.${n} || ret=1
+grep "status: SERVFAIL" dig.ns5.out.${n} > /dev/null || ret=1
+check_namedrun() {
+nextpartpeek ns5/named.run > nextpart.out.${n}
+grep 'resolving tcpalso.no-questions/A for [^:]*: empty question section, accepting it anyway as TC=1' nextpart.out.${n} > /dev/null || return 1
+grep '(tcpalso.no-questions/A): connecting via TCP' nextpart.out.${n} > /dev/null || return 1
+grep 'resolving tcpalso.no-questions/A for [^:]*: empty question section$' nextpart.out.${n} > /dev/null || return 1
+grep '(tcpalso.no-questions/A): nextitem' nextpart.out.${n} > /dev/null || return 1
+return 0
+}
+retry_quiet 12 check_namedrun || ret=1
+if [ $ret != 0 ]; then echo_i "failed"; fi
+status=`expr $status + $ret`
+
 n=`expr $n + 1`
 echo_i "checking SERVFAIL is returned when all authoritative servers return FORMERR ($n)"
 ret=0