]> git.ipfire.org Git - thirdparty/bind9.git/commitdiff
projects / thirdparty / bind9.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 67d4c78)
Add additional checks that upstream queries are not made
authorMark Andrews <marka@isc.org>
Fri, 15 Oct 2021 02:04:57 +0000 (13:04 +1100)
committerPetr Špaček <pspacek@isc.org>
Thu, 2 Dec 2021 13:18:40 +0000 (14:18 +0100)
Check the named.run of authorative server that queries for the
synthesis target name are only made when expected and not when
unexpected.

bin/tests/system/synthfromdnssec/clean.sh patch | blob | blame | history
bin/tests/system/synthfromdnssec/tests.sh patch | blob | blame | history

diff --git a/bin/tests/system/synthfromdnssec/clean.sh b/bin/tests/system/synthfromdnssec/clean.sh
index 88ae09d24a18a464f6995230693936a974c55413..64d6ac63311565ed5a533a281d032511ea11ad9a 100644 (file)
--- a/bin/tests/system/synthfromdnssec/clean.sh
+++ b/bin/tests/system/synthfromdnssec/clean.sh
@@ -14,6 +14,7 @@ set -e
 rm -f ./*/named.memstats
 rm -f ./*/named.conf
 rm -f ./*/named.run
+rm -f ./*/named.run.prev
 rm -f ./dig.out.*
 rm -f ./ns1/K*+*+*.key
 rm -f ./ns1/K*+*+*.private
diff --git a/bin/tests/system/synthfromdnssec/tests.sh b/bin/tests/system/synthfromdnssec/tests.sh
index c828160eba5c4708001d2f9b1ef35857e885af92..ab11cdd7369aa69005187c5909dcef5be6801e7d 100644 (file)
--- a/bin/tests/system/synthfromdnssec/tests.sh
+++ b/bin/tests/system/synthfromdnssec/tests.sh
@@ -91,7 +91,7 @@ do
     check_ad_flag yes dig.out.ns${ns}.test$n || ret=1
     check_status NXDOMAIN dig.out.ns${ns}.test$n || ret=1
     check_nosynth_soa example. dig.out.ns${ns}.test$n || ret=1
-    [ $ns -eq ${ns} ] && nxdomain=dig.out.ns${ns}.test$n
+    [ $ns -eq 2 ] && nxdomain=dig.out.ns${ns}.test$n
     n=$((n+1))
     if [ $ret != 0 ]; then echo_i "failed"; fi
     status=$((status+ret))
@@ -153,14 +153,17 @@ do
     esac
     echo_i "check synthesized NXDOMAIN response (synth-from-dnssec ${description};) ($n)"
     ret=0
+    nextpart ns1/named.run > /dev/null
     dig_with_opts b.example. @10.53.0.${ns} a > dig.out.ns${ns}.test$n || ret=1
     check_ad_flag yes dig.out.ns${ns}.test$n || ret=1
     check_status NXDOMAIN dig.out.ns${ns}.test$n || ret=1
     if [ ${synth} = yes ]
     then
        check_synth_soa example. dig.out.ns${ns}.test$n || ret=1
+       nextpart ns1/named.run | grep b.example/A > /dev/null && ret=1
     else
        check_nosynth_soa example. dig.out.ns${ns}.test$n || ret=1
+       nextpart ns1/named.run | grep b.example/A > /dev/null || ret=1
     fi
     digcomp $nxdomain dig.out.ns${ns}.test$n || ret=1
     n=$((n+1))
@@ -169,14 +172,17 @@ do
 
     echo_i "check synthesized NODATA response (synth-from-dnssec ${description};) ($n)"
     ret=0
+    nextpart ns1/named.run > /dev/null
     dig_with_opts nodata.example. @10.53.0.${ns} aaaa > dig.out.ns${ns}.test$n || ret=1
     check_ad_flag yes dig.out.ns${ns}.test$n || ret=1
     check_status NOERROR dig.out.ns${ns}.test$n || ret=1
     if [ ${synth} = yes ]
     then
        check_synth_soa example. dig.out.ns${ns}.test$n || ret=1
+       nextpart ns1/named.run | grep nodata.example/AAAA > /dev/null && ret=1
     else
        check_nosynth_soa example. dig.out.ns${ns}.test$n || ret=1
+       nextpart ns1/named.run | grep nodata.example/AAAA > /dev/null || ret=1
     fi
     digcomp $nodata dig.out.ns${ns}.test$n || ret=1
     n=$((n+1))
@@ -185,14 +191,17 @@ do
 
     echo_i "check synthesized wildcard response (synth-from-dnssec ${description};) ($n)"
     ret=0
+    nextpart ns1/named.run > /dev/null
     dig_with_opts b.wild-a.example. @10.53.0.${ns} a > dig.out.ns${ns}.test$n || ret=1
     check_ad_flag yes dig.out.ns${ns}.test$n || ret=1
     check_status NOERROR dig.out.ns${ns}.test$n || ret=1
     if [ ${synth} = yes ]
     then
        check_synth_a b.wild-a.example. dig.out.ns${ns}.test$n || ret=1
+       nextpart ns1/named.run | grep b.wild-a.example/A > /dev/null && ret=1
     else
        check_nosynth_a b.wild-a.example. dig.out.ns${ns}.test$n || ret=1
+       nextpart ns1/named.run | grep b.wild-a.example/A > /dev/null || ret=1
     fi
     n=$((n+1))
     if [ $ret != 0 ]; then echo_i "failed"; fi
@@ -200,14 +209,17 @@ do
 
     echo_i "check synthesized wildcard CNAME response (synth-from-dnssec ${description};) ($n)"
     ret=0
+    nextpart ns1/named.run > /dev/null
     dig_with_opts b.wild-cname.example. @10.53.0.${ns} a > dig.out.ns${ns}.test$n || ret=1
     check_ad_flag yes dig.out.ns${ns}.test$n || ret=1
     check_status NOERROR dig.out.ns${ns}.test$n || ret=1
     if [ ${synth} = yes ]
     then
        check_synth_cname b.wild-cname.example. dig.out.ns${ns}.test$n || ret=1
+       nextpart ns1/named.run | grep b.wild-cname.example/A > /dev/null && ret=1
     else
        check_nosynth_cname b.wild-cname.example. dig.out.ns${ns}.test$n || ret=1
+       nextpart ns1/named.run | grep b.wild-cname.example/A > /dev/null || ret=1
     fi
     grep "ns1.example.*.IN.A" dig.out.ns${ns}.test$n > /dev/null || ret=1
     n=$((n+1))
Mirror of https://gitlab.isc.org/isc-projects/bind9.git