--- /dev/null
+; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+;
+; This Source Code Form is subject to the terms of the Mozilla Public
+; License, v. 2.0. If a copy of the MPL was not distributed with this
+; file, You can obtain one at http://mozilla.org/MPL/2.0/.
+;
+; See the COPYRIGHT file distributed with this work for additional
+; information regarding copyright ownership.
+
+$TTL 3600
+@ IN SOA ns.example.com. root.example.com. 1 3600 3600 3600 3600
+@ NS ns.example.com.
+
+ns.example.com. A 10.53.0.1
+@ A 1.2.3.4
+www A 1.2.3.5
type master;
file "test2.example.net.db";
};
+
+zone "example.com" {
+ type master;
+ file "example.com.db";
+};
--- /dev/null
+$ORIGIN given.zone.
+$TTL 3600
+@ IN SOA ns.given.zone. hostmaster.given.zone. 1 600 300 604800 3600
+ IN NS ns.given.zone.
+
+ns IN A 127.0.0.1
+; this should be ignores as it matches earlier passthru entry.
+example.com CNAME .
+; this should be ignored as it matches earlier wildcard passthru entry.
+www.example.com CNAME .
--- /dev/null
+$ORIGIN passthru.zone.
+$TTL 3600
+@ IN SOA ns.passthru.zone. hostmaster.passthru.zone. 1 600 300 604800 3600
+ IN NS ns.passthru.zone.
+
+ns IN A 127.0.0.1
+example.com CNAME rpz-passthru.
+*.example.com CNAME rpz-passthru.
--- /dev/null
+/*
+ * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ *
+ * See the COPYRIGHT file distributed with this work for additional
+ * information regarding copyright ownership.
+ */
+
+# common configuration
+include "named.conf.header";
+
+view "recursive" {
+ # policy configuration to be tested
+ response-policy {
+ zone "passthru.zone" policy passthru;
+ zone "given.zone" policy given;
+ };
+
+ # policy zones to be tested
+ zone "passthru.zone" { type master; file "db.passthru"; };
+ zone "given.zone" { type master; file "db.given"; };
+
+ zone "." {
+ type hint;
+ file "root.hint";
+ };
+
+ recursion yes;
+ dnssec-validation yes;
+};
if test $ret != 0; then echo_i "failed"; fi
status=`expr $status + $ret`
+t=`expr $t + 1`
+echo_i "testing wildcard passthru before explicit drop (${t})"
+run_server wildcard4
+$DIG $DIGOPTS example.com a @10.53.0.2 -p ${PORT} > dig.out.${t}.1
+grep "status: NOERROR" dig.out.${t}.1 > /dev/null || {
+ echo_i "test ${t} failed"
+ status=1
+}
+$DIG $DIGOPTS www.example.com a @10.53.0.2 -p ${PORT} > dig.out.${t}.2
+grep "status: NOERROR" dig.out.${t}.2 > /dev/null || {
+ echo_i "test ${t} failed"
+ status=1
+}
+
echo_i "exit status: $status"
[ $status -eq 0 ] || exit 1
elif [ "$sanitizer_summaries" -ne 0 ]; then
echoinfo "I:$systest:$sanitizer_summaries sanitizer report(s) found"
echofail "R:$systest:FAIL"
+elif [ "$status" != 0 ]; then
+ echofail "R:$systest:FAIL"
else
echopass "R:$systest:PASS"
if $clean; then
projects / thirdparty / bind9.git / commitdiff
