ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity

Add test for in-view zone edits

Browse Source 
Add a test case for GL #2845 where a zone is in two views, one base
view and one "in-view" and that zone is using an $INCLUDE. Make sure
that there is a jnl file (have ixfr-from-differences enabled and do a
dynamic update). Then freeze and make updates in the included file
(this requires the test.db file also to be updated because 'rndc freeze'
causes the zone file to be overwritten). Finally reload and ensure that
the edit in the included file has been loaded.
This commit is contained in:
Matthijs Mekking
2021-08-06 14:28:01 +02:00
parent b98594e048
commit 598bf1c29b
7 changed files with 174 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
bin/tests/system/rndc/clean.sh
View File

@@ -21,6 +21,8 @@ rm -f ns4/*.nta
rm -f ns4/example.db ns4/example.db.jnl
rm -f ns4/key?.conf
rm -f ns6/huge.zone.db
rm -f ns7/include.db ns7/test.db ns7/*.jnl
rm -f ns7/named_dump.db*
rm -f ns*/named.conf
rm -f nsupdate.out.*.test*
rm -f python.out.*.test*

14
bin/tests/system/rndc/ns7/include.db.in Normal file
View File

@@ -0,0 +1,14 @@
; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
;
; This Source Code Form is subject to the terms of the Mozilla Public
; License, v. 2.0. If a copy of the MPL was not distributed with this
; file, You can obtain one at http://mozilla.org/MPL/2.0/.
;
; See the COPYRIGHT file distributed with this work for additional
; information regarding copyright ownership.
@ 86400 IN SOA ns7 hostmaster 1 5 5 1814400 3600
@ NS ns7
ns7 A 10.53.0.7
text1 TXT "include 1"

14
bin/tests/system/rndc/ns7/include2.db.in Normal file
View File

@@ -0,0 +1,14 @@
; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
;
; This Source Code Form is subject to the terms of the Mozilla Public
; License, v. 2.0. If a copy of the MPL was not distributed with this
; file, You can obtain one at http://mozilla.org/MPL/2.0/.
;
; See the COPYRIGHT file distributed with this work for additional
; information regarding copyright ownership.
@ 86400 IN SOA ns7 hostmaster 4 5 5 1814400 3600
@ NS ns7
ns7 A 10.53.0.7
text1 TXT "include 2"

55
bin/tests/system/rndc/ns7/named.conf.in Normal file
View File

@@ -0,0 +1,55 @@
/*
* Copyright (C) Internet Systems Consortium, Inc. ("ISC")
*
* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
*
* See the COPYRIGHT file distributed with this work for additional
* information regarding copyright ownership.
*/
options {
port @PORT@;
pid-file "named.pid";
listen-on { 10.53.0.7; };
listen-on-v6 { none; };
};
key rndc_key {
secret "1234abcd8765";
algorithm hmac-sha256;
};
key int {
algorithm "hmac-sha1";
secret "FrSt77yPTFx6hTs4i2tKLB9LmE0=";
};
key ext {
algorithm "hmac-sha1";
secret "FrSt77yPTFx6hTs4i2tKLB9LmE0=";
};
controls {
inet 10.53.0.7 port @CONTROLPORT@ allow { any; } keys { rndc_key; };
};
view internal {
match-clients { key "int"; };
zone "test" {
type primary;
update-policy { grant int zonesub any; };
file "test.db";
ixfr-from-differences yes;
};
};
view external {
match-clients { key "ext"; };
zone "test" {
in-view internal;
};
};

11
bin/tests/system/rndc/ns7/test.db.in Normal file
View File

@@ -0,0 +1,11 @@
; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
;
; This Source Code Form is subject to the terms of the Mozilla Public
; License, v. 2.0. If a copy of the MPL was not distributed with this
; file, You can obtain one at http://mozilla.org/MPL/2.0/.
;
; See the COPYRIGHT file distributed with this work for additional
; information regarding copyright ownership.
$TTL 3600
$INCLUDE "include.db"

4
bin/tests/system/rndc/setup.sh
View File

@@ -19,6 +19,9 @@ $SHELL ${TOP_SRCDIR}/bin/tests/system/genzone.sh 2 >ns4/example.db
$SHELL ${TOP_SRCDIR}/bin/tests/system/genzone.sh 2 >ns6/huge.zone.db
cp ns7/test.db.in ns7/test.db
cp ns7/include.db.in ns7/include.db
# we make the huge zone less huge if we're running under
# TSAN, to give the test a fighting chance not to time out.
size=1000000
@@ -33,6 +36,7 @@ copy_setports ns3/named.conf.in ns3/named.conf
copy_setports ns4/named.conf.in ns4/named.conf
copy_setports ns5/named.conf.in ns5/named.conf
copy_setports ns6/named.conf.in ns6/named.conf
copy_setports ns7/named.conf.in ns7/named.conf
make_key () {
$RNDCCONFGEN -k key$1 -A $3 -s 10.53.0.4 -p $2 \

87
bin/tests/system/rndc/tests.sh
View File

@@ -12,7 +12,8 @@
. ../conf.sh
DIGOPTS="+tcp +noadd +nosea +nostat +noquest +nocomm +nocmd"
DIGCMD="$DIG $DIGOPTS @10.53.0.2 -p ${PORT}"
DIGOPTS=""
DIGCMD="$DIG $DIGOPTS -p ${PORT}"
RNDCCMD="$RNDC -p ${CONTROLPORT} -c ../common/rndc.conf -s"
status=0
@@ -73,7 +74,7 @@ update add text2.nil. 600 IN TXT "addition 2"
send
END
$DIGCMD text2.nil. TXT > dig.out.1.test$n
$DIGCMD @10.53.0.2 text2.nil. TXT > dig.out.1.test$n
grep 'addition 2' dig.out.1.test$n >/dev/null && ret=1
if [ $ret != 0 ]; then echo_i "failed"; fi
status=$((status+ret))
@@ -90,7 +91,7 @@ zone nil.
update add text3.nil. 600 IN TXT "addition 3"
send
END
$DIGCMD text3.nil. TXT > dig.out.1.test$n
$DIGCMD @10.53.0.2 text3.nil. TXT > dig.out.1.test$n
grep 'addition 3' dig.out.1.test$n >/dev/null || ret=1
if [ $ret != 0 ]; then echo_i "failed"; fi
status=$((status+ret))
@@ -130,7 +131,7 @@ update add text4.nil. 600 IN TXT "addition 4"
send
END
$DIGCMD text4.nil. TXT > dig.out.1.test$n
$DIGCMD @10.53.0.2 text4.nil. TXT > dig.out.1.test$n
grep 'addition 4' dig.out.1.test$n > /dev/null || ret=1
if [ $ret != 0 ]; then echo_i "failed"; fi
status=$((status+ret))
@@ -170,7 +171,7 @@ update add text5.nil. 600 IN TXT "addition 5"
send
END
$DIGCMD text4.nil. TXT > dig.out.1.test$n
$DIGCMD @10.53.0.2 text4.nil. TXT > dig.out.1.test$n
grep 'addition 4' dig.out.1.test$n >/dev/null || ret=1
if [ $ret != 0 ]; then echo_i "failed"; fi
status=$((status+ret))
@@ -242,11 +243,11 @@ zone other.
update add text7.other. 600 IN TXT "addition 7"
send
END
$DIGCMD text6.other. TXT > dig.out.1.test$n
$DIGCMD @10.53.0.2 text6.other. TXT > dig.out.1.test$n
grep 'addition 6' dig.out.1.test$n >/dev/null || ret=1
$DIGCMD text7.other. TXT > dig.out.2.test$n
$DIGCMD @10.53.0.2 text7.other. TXT > dig.out.2.test$n
grep 'addition 7' dig.out.2.test$n >/dev/null || ret=1
$DIGCMD frozen.other. TXT > dig.out.3.test$n
$DIGCMD @10.53.0.2 frozen.other. TXT > dig.out.3.test$n
grep 'frozen addition' dig.out.3.test$n >/dev/null || ret=1
if [ $ret != 0 ]; then echo_i "failed"; fi
status=$((status+ret))
@@ -285,11 +286,11 @@ zone nil.
update add text7.nil. 600 IN TXT "addition 7"
send
END
$DIGCMD text6.nil. TXT > dig.out.1.test$n
$DIGCMD @10.53.0.2 text6.nil. TXT > dig.out.1.test$n
grep 'addition 6' dig.out.1.test$n > /dev/null || ret=1
$DIGCMD text7.nil. TXT > dig.out.2.test$n
$DIGCMD @10.53.0.2 text7.nil. TXT > dig.out.2.test$n
grep 'addition 7' dig.out.2.test$n > /dev/null || ret=1
$DIGCMD frozen.nil. TXT > dig.out.3.test$n
$DIGCMD @10.53.0.2 frozen.nil. TXT > dig.out.3.test$n
grep 'frozen addition' dig.out.3.test$n >/dev/null || ret=1
if [ $ret != 0 ]; then echo_i "failed"; fi
status=$((status+ret))
@@ -706,7 +707,7 @@ zone example.
update add text2.example. 600 IN TXT "addition 3"
send
END
$DIG $DIGOPTS @10.53.0.4 -p ${PORT} text2.example. TXT > dig.out.1.test$n
$DIGCMD @10.53.0.4 -p ${PORT} text2.example. TXT > dig.out.1.test$n
grep 'addition 3' dig.out.1.test$n >/dev/null && ret=1
if [ $ret != 0 ]; then echo_i "failed"; fi
status=$((status+ret))
@@ -728,10 +729,70 @@ zone example.
update add text2.example. 600 IN TXT "addition 3"
send
END
$DIG $DIGOPTS @10.53.0.4 -p ${PORT} text2.example. TXT > dig.out.1.test$n
$DIGCMD @10.53.0.4 -p ${PORT} text2.example. TXT > dig.out.1.test$n
grep 'addition 3' dig.out.1.test$n >/dev/null || ret=1
if [ $ret != 0 ]; then echo_i "failed"; fi
status=$((status+ret))
n=$((n+1))
echo_i "checking initial in-view zone file is loaded ($n)"
ret=0
TSIG="hmac-sha1:int:FrSt77yPTFx6hTs4i2tKLB9LmE0="
$DIGCMD @10.53.0.7 -y "$TSIG" text1.test. TXT > dig.out.1.test$n
grep 'include 1' dig.out.1.test$n >/dev/null || ret=1
TSIG="hmac-sha1:ext:FrSt77yPTFx6hTs4i2tKLB9LmE0="
$DIGCMD @10.53.0.7 -y "$TSIG" text1.test. TXT > dig.out.2.test$n
grep 'include 1' dig.out.2.test$n >/dev/null || ret=1
if [ $ret != 0 ]; then echo_i "failed"; fi
status=$((status+ret))
echo_i "update in-view zone ($n)"
ret=0
TSIG="hmac-sha1:int:FrSt77yPTFx6hTs4i2tKLB9LmE0="
$NSUPDATE -p ${PORT} -y "$TSIG" > /dev/null 2>&1 <<END || ret=1
server 10.53.0.7
zone test.
update add text2.test. 600 IN TXT "addition 1"
send
END
[ -s ns7/test.db.jnl ] || {
echo_i "'test -s ns7/test.db.jnl' failed when it shouldn't have"; ret=1;
}
if [ $ret != 0 ]; then echo_i "failed"; fi
status=$((status+ret))
echo_i "checking update ($n)"
ret=0
TSIG="hmac-sha1:int:FrSt77yPTFx6hTs4i2tKLB9LmE0="
$DIGCMD @10.53.0.7 -y "$TSIG" text2.test. TXT > dig.out.1.test$n
grep 'addition 1' dig.out.1.test$n >/dev/null || ret=1
if [ $ret != 0 ]; then echo_i "failed"; fi
status=$((status+ret))
echo_i "rndc freeze"
$RNDCCMD 10.53.0.7 freeze | sed 's/^/ns7 /' | cat_i | cat_i
echo_i "edit zone files"
cp ns7/test.db.in ns7/test.db
cp ns7/include2.db.in ns7/include.db
echo_i "rndc thaw"
$RNDCCMD 10.53.0.7 thaw | sed 's/^/ns7 /' | cat_i
echo_i "rndc reload"
$RNDCCMD 10.53.0.7 reload | sed 's/^/ns7 /' | cat_i
n=$((n+1))
echo_i "checking zone file edits are loaded ($n)"
ret=0
TSIG="hmac-sha1:int:FrSt77yPTFx6hTs4i2tKLB9LmE0="
$DIGCMD @10.53.0.7 -y "$TSIG" text1.test. TXT > dig.out.1.test$n
grep 'include 2' dig.out.1.test$n >/dev/null || ret=1
TSIG="hmac-sha1:ext:FrSt77yPTFx6hTs4i2tKLB9LmE0="
$DIGCMD @10.53.0.7 -y "$TSIG" text1.test. TXT > dig.out.2.test$n
grep 'include 2' dig.out.2.test$n >/dev/null || ret=1
if [ $ret != 0 ]; then echo_i "failed"; fi
status=$((status+ret))
echo_i "exit status: $status"
[ $status -eq 0 ] || exit 1