From: Evan Hunt Date: Wed, 17 Jun 2020 22:30:59 +0000 (-0700) Subject: update the acl system test to include a blackhole test case X-Git-Tag: v9.16.8~17^2~18 X-Git-Url: http://git.ipfire.org/gitweb/?a=commitdiff_plain;h=0a58a8e049bed1f60eb2c85a6e6e43b0e423b25d;p=thirdparty%2Fbind9.git update the acl system test to include a blackhole test case this ACL was previously untested, which allowed a regression to go undetected. (cherry picked from commit e3ee138098897e0f53b2950dfe8a234543ec134e) --- diff --git a/bin/tests/system/acl/ns2/named5.conf.in b/bin/tests/system/acl/ns2/named5.conf.in index 4b4e05027aa..7e20bac49dc 100644 --- a/bin/tests/system/acl/ns2/named5.conf.in +++ b/bin/tests/system/acl/ns2/named5.conf.in @@ -31,6 +31,7 @@ options { ixfr-from-differences yes; check-integrity no; allow-query-on { 10.53.0.2; }; + blackhole { 10.53.0.8; }; }; key one { diff --git a/bin/tests/system/acl/tests.sh b/bin/tests/system/acl/tests.sh index 9fc600dd258..b4d30451d1b 100644 --- a/bin/tests/system/acl/tests.sh +++ b/bin/tests/system/acl/tests.sh @@ -144,6 +144,26 @@ $DIG -p ${PORT} +tcp soa example. \ @10.53.0.2 -b 10.53.0.3 > dig.out.${t} grep "status: NOERROR" dig.out.${t} > /dev/null 2>&1 || { echo_i "test $t failed" ; status=1; } +echo_i "testing blackhole ACL processing" +t=`expr $t + 1` +ret=0 +$DIG -p ${PORT} +tcp soa example. \ + @10.53.0.2 -b 10.53.0.3 > dig.out.1.${t} +grep "status: NOERROR" dig.out.1.${t} > /dev/null 2>&1 || ret=1 +$DIG -p ${PORT} +tcp soa example. \ + @10.53.0.2 -b 10.53.0.8 > dig.out.2.${t} +grep "status: NOERROR" dig.out.2.${t} > /dev/null 2>&1 && ret=1 +grep "communications error" dig.out.2.${t} > /dev/null 2>&1 || ret=1 +$DIG -p ${PORT} soa example. \ + @10.53.0.2 -b 10.53.0.3 > dig.out.3.${t} +grep "status: NOERROR" dig.out.3.${t} > /dev/null 2>&1 || ret=1 +$DIG -p ${PORT} soa example. \ + @10.53.0.2 -b 10.53.0.8 > dig.out.4.${t} +grep "status: NOERROR" dig.out.4.${t} > /dev/null 2>&1 && ret=1 +grep "connection timed out" dig.out.4.${t} > /dev/null 2>&1 || ret=1 +[ $ret -eq 0 ] || echo_i "failed" +status=`expr $status + $ret` + # AXFR tests against ns3 echo_i "testing allow-transfer ACLs against ns3 (no existing zones)"