Use +dnssec instead of separate TXT records

When testing named instances which are configured to drop outgoing UDP
responses larger than 512 bytes, querying with DO=1 may be used instead
of querying for large TXT records as the effect achieved will be
identical: an unsigned response for a SOA query will be below 512 bytes
in size while a signed response for the same query will be over 512
bytes in size.  Doing this makes all resolution checks in the "legacy"
system test more similar.  Add checks for the TC flag being set in UDP
responses which are expected to be truncated to further make sure that
tested named instances behave as expected.

(cherry picked from commit aaf81ca6ef0a4b3725de9f41efa3f442a6de1c85)

diff --git a/bin/tests/system/legacy/ns6/edns512.db.in b/bin/tests/system/legacy/ns6/edns512.db.in
index 6da723f1807c06945718785d163a8d1ffd9b6ca4..8afe499c0083fab44254819cc5db87b2c5ed1686 100644 (file)
--- a/bin/tests/system/legacy/ns6/edns512.db.in
+++ b/bin/tests/system/legacy/ns6/edns512.db.in
@@ -10,15 +10,3 @@
 @      60      SOA     ns marka.isc.org. 1 0 0 0 0
 @      60      NS      ns
 ns     60      A       10.53.0.6
-txt500 60      TXT     ( "01234567890123456789012345678901234567890123456789"
-                       "01234567890123456789012345678901234567890123456789"
-                       "01234567890123456789012345678901234567890123456789"
-                       "01234567890123456789012345678901234567890123456789"
-                       "01234567890123456789012345678901234567890123456789"
-                       "01234567890123456789012345678901234567890123456789"
-                       "01234567890123456789012345678901234567890123456789"
-                       "01234567890123456789012345678901234567890123456789"
-                       "01234567890123456789012345678901234567890123456789"
-                       "01234567890123456789012345678901234567890123456789"
-                       "01234567890123456789012345678901234567890123456789"
-                       "01234567890123456789012345678901234567890123456789" )

diff --git a/bin/tests/system/legacy/ns7/edns512-notcp.db.in b/bin/tests/system/legacy/ns7/edns512-notcp.db.in
index 007eefca619b76c534fcce6f52c0a4d931027be3..646d488e1a0ed3b50c2c43b9de6ae78166787ffe 100644 (file)
--- a/bin/tests/system/legacy/ns7/edns512-notcp.db.in
+++ b/bin/tests/system/legacy/ns7/edns512-notcp.db.in
@@ -10,15 +10,3 @@
 @      60      SOA     ns marka.isc.org. 1 0 0 0 0
 @      60      NS      ns
 ns     60      A       10.53.0.7
-txt500 60      TXT     ( "01234567890123456789012345678901234567890123456789"
-                       "01234567890123456789012345678901234567890123456789"
-                       "01234567890123456789012345678901234567890123456789"
-                       "01234567890123456789012345678901234567890123456789"
-                       "01234567890123456789012345678901234567890123456789"
-                       "01234567890123456789012345678901234567890123456789"
-                       "01234567890123456789012345678901234567890123456789"
-                       "01234567890123456789012345678901234567890123456789"
-                       "01234567890123456789012345678901234567890123456789"
-                       "01234567890123456789012345678901234567890123456789"
-                       "01234567890123456789012345678901234567890123456789"
-                       "01234567890123456789012345678901234567890123456789" )

diff --git a/bin/tests/system/legacy/tests.sh b/bin/tests/system/legacy/tests.sh
index fa35d8a36956fa35eb2632853b657a61f9c23b39..545ef0bd208e83c3fdb638c3685ecec19582fcd1 100755 (executable)
--- a/bin/tests/system/legacy/tests.sh
+++ b/bin/tests/system/legacy/tests.sh
@@ -105,17 +105,18 @@ $DIG $DIGOPTS +edns @10.53.0.6 edns512 soa > dig.out.1.test$n || ret=1
 grep "status: NOERROR" dig.out.1.test$n > /dev/null || ret=1
 $DIG $DIGOPTS +edns +tcp @10.53.0.6 edns512 soa > dig.out.2.test$n || ret=1
 grep "status: NOERROR" dig.out.2.test$n > /dev/null || ret=1
-$DIG $DIGOPTS +edns @10.53.0.6 txt500.edns512 txt > dig.out.3.test$n
+$DIG $DIGOPTS +edns +dnssec @10.53.0.6 edns512 soa > dig.out.3.test$n
 grep "connection timed out; no servers could be reached" dig.out.3.test$n > /dev/null || ret=1
-$DIG $DIGOPTS +edns +bufsize=512 +ignor @10.53.0.6 txt500.edns512 txt > dig.out.4.test$n
+$DIG $DIGOPTS +edns +dnssec +bufsize=512 +ignore @10.53.0.6 edns512 soa > dig.out.4.test$n
 grep "status: NOERROR" dig.out.4.test$n > /dev/null || ret=1
+grep "flags:.* tc[ ;]" dig.out.4.test$n > /dev/null || ret=1
 if [ $ret != 0 ]; then echo_i "failed"; fi
 status=`expr $status + $ret`
 
 n=`expr $n + 1`
 echo_i "checking recursive lookup to edns 512 server succeeds ($n)"
 ret=0
-$DIG $DIGOPTS +tcp @10.53.0.1 txt500.edns512 txt > dig.out.test$n || ret=1
+$DIG $DIGOPTS +tcp @10.53.0.1 edns512 soa > dig.out.test$n || ret=1
 grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1
 if [ $ret != 0 ]; then echo_i "failed"; fi
 status=`expr $status + $ret`
@@ -123,14 +124,15 @@ status=`expr $status + $ret`
 n=`expr $n + 1`
 echo_i "checking edns 512 + no tcp server setup ($n)"
 ret=0
-$DIG $DIGOPTS +noedns @10.53.0.7 edns512-notcp soa > dig.out.1.test$n || ret=1
+$DIG $DIGOPTS +edns @10.53.0.7 edns512-notcp soa > dig.out.1.test$n || ret=1
 grep "status: NOERROR" dig.out.1.test$n > /dev/null || ret=1
-$DIG $DIGOPTS +noedns +tcp @10.53.0.7 edns512-notcp soa > dig.out.2.test$n
+$DIG $DIGOPTS +edns +tcp @10.53.0.7 edns512-notcp soa > dig.out.2.test$n
 grep "connection refused" dig.out.2.test$n > /dev/null || ret=1
-$DIG $DIGOPTS +edns @10.53.0.7 edns512-notcp soa > dig.out.3.test$n
+$DIG $DIGOPTS +edns +dnssec @10.53.0.7 edns512-notcp soa > dig.out.3.test$n
 grep "connection timed out; no servers could be reached" dig.out.3.test$n > /dev/null || ret=1
-$DIG $DIGOPTS +edns +bufsize=512 +ignor @10.53.0.7 edns512-notcp soa > dig.out.4.test$n
+$DIG $DIGOPTS +edns +dnssec +bufsize=512 +ignore @10.53.0.7 edns512-notcp soa > dig.out.4.test$n
 grep "status: NOERROR" dig.out.4.test$n > /dev/null || ret=1
+grep "flags:.* tc[ ;]" dig.out.4.test$n > /dev/null || ret=1
 if [ $ret != 0 ]; then echo_i "failed"; fi
 status=`expr $status + $ret`