# Note that this data will still be sent with any request for
# pattern, only this data will be signed. Currently, this is only
# done for TCP.
+#
+# /pattern bad-id <key> <key_data>/
+# /pattern bad-id/
+#
+# will add 50 to the message id of the response.
use IO::File;
my $r;
foreach $r (@rules) {
my $pattern = $r->{pattern};
- my($dbtype, $key_name, $key_data) = split(/ /,$pattern);
+ my($dbtype, $key_name, $key_data, $extra) = split(/ /,$pattern);
print "[handleTCP] $dbtype, $key_name, $key_data \n";
if ("$qname $qtype" =~ /$dbtype/) {
$count_these++;
foreach $a (@{$r->{answer}}) {
$packet->push("answer", $a);
}
+ if(defined($key_name) && $key_name eq "bad-id") {
+ $packet->header->id(($id+50)%0xffff);
+ $key_name = $key_data;
+ $key_data = $extra;
+ }
if (defined($key_name) && defined($key_data)) {
my $tsig;
# sign the packet
--- /dev/null
+/SOA tsig_key LSAnCU+Z/
+nil. 300 SOA ns.nil. root.nil. 1 300 300 604800 300
+/AXFR tsig_key LSAnCU+Z/
+nil. 300 SOA ns.nil. root.nil. 1 300 300 604800 300
+/AXFR bad-id tsig_key LSAnCU+Z/
+nil. 300 NS ns.nil.
+nil. 300 TXT "bad message id"
+a.nil. 60 A 10.0.0.61
+/AXFR bad-id tsig_key LSAnCU+Z/
+nil. 300 SOA ns.nil. root.nil. 1 300 300 604800 300
# Clean up after zone transfer tests.
#
-rm -f dig.out.*
+rm -f */ans.run
+rm -f */named.conf
+rm -f */named.memstats
+rm -f */named.run
+rm -f */named.run.prev
rm -f axfr.out
-rm -f ns1/slave.db ns2/slave.db
+rm -f dig.out.*
+rm -f ns*/managed-keys.bind*
+rm -f ns*/named.lock
rm -f ns1/edns-expire.db
+rm -f ns1/ixfr-too-big.db ns1/ixfr-too-big.db.jnl
+rm -f ns1/slave.db ns2/slave.db
rm -f ns2/example.db ns2/tsigzone.db ns2/example.db.jnl
+rm -f ns2/mapped.db
rm -f ns3/example.bk ns3/tsigzone.bk ns3/example.bk.jnl
+rm -f ns3/example.bk ns3/xfer-stats.bk ns3/tsigzone.bk ns3/example.bk.jnl
+rm -f ns3/mapped.bk
rm -f ns3/master.bk ns3/master.bk.jnl
rm -f ns4/*.db ns4/*.jnl
rm -f ns6/*.db ns6/*.bk ns6/*.jnl
rm -f ns7/*.db ns7/*.bk ns7/*.jnl
rm -f ns8/large.db ns8/small.db
-rm -f */named.conf
-rm -f */named.run
-rm -f */named.memstats
-rm -f */named.run
-rm -f */ans.run
-rm -f ns*/named.lock
-rm -f ns2/mapped.db
-rm -f ns3/mapped.bk
-rm -f ns1/ixfr-too-big.db ns1/ixfr-too-big.db.jnl
+rm -f stats.*
status=`expr $status + 1`
}
+n=`expr $n + 1`
+echo_i "bad message id ($n)"
+
+$SENDCMD < ans5/badmessageid
+
+# Uncomment to see AXFR stream with mismatching IDs.
+# $DIG $DIGOPTS @10.53.0.5 -y tsig_key:LSAnCU+Z nil. AXFR +all
+
+$RNDCCMD 10.53.0.4 retransfer nil | sed 's/^/ns4 /' | cat_i
+
+sleep 2
+
+msg="detected message ID mismatch on incoming AXFR stream, transfer will fail in BIND 9.17.2 and later if AXFR source is not fixed"
+nextpart ns4/named.run | grep "$msg" > /dev/null || {
+ echo_i "failed: expected status was not logged"
+ status=`expr $status + 1`
+}
+
+$DIGCMD nil. TXT | grep 'bad message id' >/dev/null || {
+ echo_i "failed"
+ status=`expr $status + 1`
+}
+
n=`expr $n + 1`
echo_i "check that we ask for and get a EDNS EXPIRE response ($n)"
# force a refresh query
./bin/tests/system/win32/pipequeries.vcxproj.in X 2016,2017,2018,2019,2020
./bin/tests/system/win32/pipequeries.vcxproj.user X 2016,2018,2019,2020
./bin/tests/system/xfer/ans5/badkeydata X 2011,2018,2019,2020
+./bin/tests/system/xfer/ans5/badmessageid X 2020
./bin/tests/system/xfer/ans5/goodaxfr X 2011,2018,2019,2020
./bin/tests/system/xfer/ans5/partial X 2011,2018,2019,2020
./bin/tests/system/xfer/ans5/unknownkey X 2011,2018,2019,2020
projects / thirdparty / bind9.git / commitdiff
