rm -f */named.run
rm -f */ans.run
rm -f */*.jdb
-rm -f dig.out dig.out.*
-rm -f dig.*.out.*
+rm -f dig.out dig.out.* dig.*.out.*
rm -f dig.*.foo.*
rm -f dig.*.bar.*
rm -f dig.*.prime.*
rm -f ns6/ds.example.net.db.signed ns6/ds.example.net.db
rm -f ns6/dsset-ds.example.net*
rm -f ns6/dsset-example.net* ns6/example.net.db.signed.jnl
+rm -f ns6/named.stats*
rm -f ns6/to-be-removed.tld.db ns6/to-be-removed.tld.db.jnl
rm -f ns7/server.db ns7/server.db.jnl
rm -f resolve.out.*.test*
file "broken.db";
};
+zone "sourcens" {
+ type master;
+ file "sourcens.db";
+};
+
key rndc_key {
secret "1234abcd8765";
algorithm hmac-sha256;
ns.example.net. A 10.53.0.6
no-questions. NS ns.no-questions.
ns.no-questions. A 10.53.0.8
+sourcens. NS ns.sourcens.
+ns.sourcens. A 10.53.0.4
+targetns. NS ns.targetns.
+ns.targetns. A 10.53.0.6
--- /dev/null
+; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+;
+; This Source Code Form is subject to the terms of the Mozilla Public
+; License, v. 2.0. If a copy of the MPL was not distributed with this
+; file, You can obtain one at http://mozilla.org/MPL/2.0/.
+;
+; See the COPYRIGHT file distributed with this work for additional
+; information regarding copyright ownership.
+
+; This zone contains a set of delegations with varying numbers of NS
+; records. This is used to check that BIND is limiting the number of
+; NS records it follows when resolving a delegation. It tests all
+; numbers of NS records up to twice the number followed.
+
+$TTL 60
+@ IN SOA marka.isc.org. ns.server. (
+ 2010 ; serial
+ 600 ; refresh
+ 600 ; retry
+ 1200 ; expire
+ 600 ; minimum
+ )
+@ NS ns
+ns A 10.53.0.4
+
+target1 NS ns.fake11.targetns.
+
+target2 NS ns.fake21.targetns.
+ NS ns.fake22.targetns.
+
+target3 NS ns.fake31.targetns.
+ NS ns.fake32.targetns.
+ NS ns.fake33.targetns.
+
+target4 NS ns.fake41.targetns.
+ NS ns.fake42.targetns.
+ NS ns.fake43.targetns.
+ NS ns.fake44.targetns.
+
+target5 NS ns.fake51.targetns.
+ NS ns.fake52.targetns.
+ NS ns.fake53.targetns.
+ NS ns.fake54.targetns.
+ NS ns.fake55.targetns.
+
+target6 NS ns.fake61.targetns.
+ NS ns.fake62.targetns.
+ NS ns.fake63.targetns.
+ NS ns.fake64.targetns.
+ NS ns.fake65.targetns.
+ NS ns.fake66.targetns.
+
+target7 NS ns.fake71.targetns.
+ NS ns.fake72.targetns.
+ NS ns.fake73.targetns.
+ NS ns.fake74.targetns.
+ NS ns.fake75.targetns.
+ NS ns.fake76.targetns.
+ NS ns.fake77.targetns.
+
+target8 NS ns.fake81.targetns.
+ NS ns.fake82.targetns.
+ NS ns.fake83.targetns.
+ NS ns.fake84.targetns.
+ NS ns.fake85.targetns.
+ NS ns.fake86.targetns.
+ NS ns.fake87.targetns.
+ NS ns.fake88.targetns.
+
+target9 NS ns.fake91.targetns.
+ NS ns.fake92.targetns.
+ NS ns.fake93.targetns.
+ NS ns.fake94.targetns.
+ NS ns.fake95.targetns.
+ NS ns.fake96.targetns.
+ NS ns.fake97.targetns.
+ NS ns.fake98.targetns.
+ NS ns.fake99.targetns.
+
+target10 NS ns.fake101.targetns.
+ NS ns.fake102.targetns.
+ NS ns.fake103.targetns.
+ NS ns.fake104.targetns.
+ NS ns.fake105.targetns.
+ NS ns.fake106.targetns.
+ NS ns.fake107.targetns.
+ NS ns.fake108.targetns.
+ NS ns.fake109.targetns.
+ NS ns.fake1010.targetns.
type delegation-only;
};
-include "trusted.conf";
+key rndc_key {
+ secret "1234abcd8765";
+ algorithm hmac-sha256;
+};
+
+controls {
+ inet 10.53.0.5 port @CONTROLPORT@ allow { any; } keys { rndc_key; };
+};
recursion no;
// minimal-responses yes;
querylog yes;
+ statistics-file "named.stats";
/*
* test that named loads with root-delegation-only that
* has a exclude list.
type master;
file "delegation-only.db";
};
+
+zone "targetns" {
+ type master;
+ file "targetns.db";
+};
+
+key rndc_key {
+ secret "1234abcd8765";
+ algorithm hmac-sha256;
+};
+
+controls {
+ inet 10.53.0.6 port @CONTROLPORT@ allow { any; } keys { rndc_key; };
+};
--- /dev/null
+; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+;
+; This Source Code Form is subject to the terms of the Mozilla Public
+; License, v. 2.0. If a copy of the MPL was not distributed with this
+; file, You can obtain one at http://mozilla.org/MPL/2.0/.
+;
+; See the COPYRIGHT file distributed with this work for additional
+; information regarding copyright ownership.
+
+; In the test for checking how many NS records BIND will follow, this
+; zone marks the server as the one to which the NS lookups will be
+; directed.
+
+$TTL 300
+@ IN SOA marka.isc.org. ns.server. (
+ 2010 ; serial
+ 600 ; refresh
+ 600 ; retry
+ 1200 ; expire
+ 600 ; minimum
+ )
+ NS ns
+ns A 10.53.0.6
status=`expr $status + $ret`
fi
+n=`expr $n + 1`
+echo_i "check that the resolver limits the number of NS records it follows in a referral response ($n)"
+# ns5 is the recusor being tested. ns4 holds the sourcens zone containing names with varying numbers of NS
+# records pointing to non-existent nameservers in the targetns zone on ns6.
+ret=0
+$RNDCCMD 10.53.0.5 flush || ret=1 # Ensure cache is empty before doing this test
+for nscount in 1 2 3 4 5 6 7 8 9 10
+do
+ # Verify number of NS records at source server
+ $DIG $DIGOPTS +norecurse @10.53.0.4 target${nscount}.sourcens ns > dig.ns4.out.${nscount}.${n}
+ sourcerecs=`grep NS dig.ns4.out.${nscount}.${n} | grep -v ';' | wc -l`
+ test $sourcerecs -eq $nscount || ret=1
+ test $sourcerecs -eq $nscount || echo_i "NS count incorrect for target${nscount}.sourcens"
+ # Expected queries = 2 * number of NS records, up to a maximum of 10.
+ expected=`expr 2 \* $nscount`
+ if [ $expected -gt 10 ]; then expected=10; fi
+ # Work out the queries made by checking statistics on the target before and after the test
+ $RNDCCMD 10.53.0.6 stats || ret=1
+ initial_count=`awk '/responses sent/ {print $1}' ns6/named.stats`
+ mv ns6/named.stats ns6/named.stats.initial.${nscount}.${n}
+ $DIG $DIGOPTS @10.53.0.5 target${nscount}.sourcens A > dig.ns5.out.${nscount}.${n} || ret=1
+ $RNDCCMD 10.53.0.6 stats || ret=1
+ final_count=`awk '/responses sent/ {print $1}' ns6/named.stats`
+ mv ns6/named.stats ns6/named.stats.final.${nscount}.${n}
+ # Check number of queries during the test is as expected
+ actual=`expr $final_count - $initial_count`
+ if [ $actual -ne $expected ]; then
+ echo_i "query count error: $nscount NS records: expected queries $expected, actual $actual"
+ ret=1
+ fi
+done
+if [ $ret != 0 ]; then echo_i "failed"; fi
+status=`expr $status + $ret`
+
n=`expr $n + 1`
echo_i "RT21594 regression test check setup ($n)"
ret=0
./bin/tests/system/resolver/ns4/named.conf.in CONF-C 2018,2019,2020
./bin/tests/system/resolver/ns4/named.noaa TXT.BRIEF 2010,2016,2018,2019,2020
./bin/tests/system/resolver/ns4/root.db ZONE 2010,2014,2015,2016,2017,2018,2019,2020
+./bin/tests/system/resolver/ns4/sourcens.db ZONE 2020
./bin/tests/system/resolver/ns4/tld1.db ZONE 2012,2014,2016,2018,2019,2020
./bin/tests/system/resolver/ns4/tld2.db ZONE 2012,2014,2016,2018,2019,2020
./bin/tests/system/resolver/ns5/child.server.db ZONE 2011,2016,2018,2019,2020
./bin/tests/system/resolver/ns6/named.conf.in CONF-C 2018,2019,2020
./bin/tests/system/resolver/ns6/no-edns-version.tld.db ZONE 2014,2016,2018,2019,2020
./bin/tests/system/resolver/ns6/root.db ZONE 2010,2011,2014,2016,2018,2019,2020
+./bin/tests/system/resolver/ns6/targetns.db ZONE 2020
./bin/tests/system/resolver/ns6/to-be-removed.tld.db.in ZONE 2012,2016,2018,2019,2020
./bin/tests/system/resolver/ns7/all-cnames.db ZONE 2014,2016,2018,2019,2020
./bin/tests/system/resolver/ns7/edns-version.tld.db ZONE 2014,2016,2018,2019,2020
projects / thirdparty / bind9.git / commitdiff
