diff --git a/bin/tests/system/rndc/clean.sh b/bin/tests/system/rndc/clean.sh index 9faf948262..151aa015cb 100644 --- a/bin/tests/system/rndc/clean.sh +++ b/bin/tests/system/rndc/clean.sh @@ -21,6 +21,8 @@ rm -f ns4/*.nta rm -f ns4/example.db ns4/example.db.jnl rm -f ns4/key?.conf rm -f ns6/huge.zone.db +rm -f ns7/include.db ns7/test.db ns7/*.jnl +rm -f ns7/named_dump.db* rm -f ns*/named.conf rm -f nsupdate.out.*.test* rm -f python.out.*.test* diff --git a/bin/tests/system/rndc/ns7/include.db.in b/bin/tests/system/rndc/ns7/include.db.in new file mode 100644 index 0000000000..ff722735d8 --- /dev/null +++ b/bin/tests/system/rndc/ns7/include.db.in @@ -0,0 +1,14 @@ +; Copyright (C) Internet Systems Consortium, Inc. ("ISC") +; +; This Source Code Form is subject to the terms of the Mozilla Public +; License, v. 2.0. If a copy of the MPL was not distributed with this +; file, You can obtain one at http://mozilla.org/MPL/2.0/. +; +; See the COPYRIGHT file distributed with this work for additional +; information regarding copyright ownership. + +@ 86400 IN SOA ns7 hostmaster 1 5 5 1814400 3600 +@ NS ns7 +ns7 A 10.53.0.7 + +text1 TXT "include 1" diff --git a/bin/tests/system/rndc/ns7/include2.db.in b/bin/tests/system/rndc/ns7/include2.db.in new file mode 100644 index 0000000000..dbdd0ea20f --- /dev/null +++ b/bin/tests/system/rndc/ns7/include2.db.in @@ -0,0 +1,14 @@ +; Copyright (C) Internet Systems Consortium, Inc. ("ISC") +; +; This Source Code Form is subject to the terms of the Mozilla Public +; License, v. 2.0. If a copy of the MPL was not distributed with this +; file, You can obtain one at http://mozilla.org/MPL/2.0/. +; +; See the COPYRIGHT file distributed with this work for additional +; information regarding copyright ownership. + +@ 86400 IN SOA ns7 hostmaster 4 5 5 1814400 3600 +@ NS ns7 +ns7 A 10.53.0.7 + +text1 TXT "include 2" diff --git a/bin/tests/system/rndc/ns7/named.conf.in b/bin/tests/system/rndc/ns7/named.conf.in new file mode 100644 index 0000000000..db1fb8ca13 --- /dev/null +++ b/bin/tests/system/rndc/ns7/named.conf.in @@ -0,0 +1,55 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +options { + port @PORT@; + pid-file "named.pid"; + listen-on { 10.53.0.7; }; + listen-on-v6 { none; }; +}; + +key rndc_key { + secret "1234abcd8765"; + algorithm hmac-sha256; +}; + +key int { + algorithm "hmac-sha1"; + secret "FrSt77yPTFx6hTs4i2tKLB9LmE0="; +}; + +key ext { + algorithm "hmac-sha1"; + secret "FrSt77yPTFx6hTs4i2tKLB9LmE0="; +}; + +controls { + inet 10.53.0.7 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; +}; + +view internal { + match-clients { key "int"; }; + + zone "test" { + type primary; + update-policy { grant int zonesub any; }; + file "test.db"; + ixfr-from-differences yes; + }; +}; + +view external { + match-clients { key "ext"; }; + + zone "test" { + in-view internal; + }; +}; diff --git a/bin/tests/system/rndc/ns7/test.db.in b/bin/tests/system/rndc/ns7/test.db.in new file mode 100644 index 0000000000..cd776045ab --- /dev/null +++ b/bin/tests/system/rndc/ns7/test.db.in @@ -0,0 +1,11 @@ +; Copyright (C) Internet Systems Consortium, Inc. ("ISC") +; +; This Source Code Form is subject to the terms of the Mozilla Public +; License, v. 2.0. If a copy of the MPL was not distributed with this +; file, You can obtain one at http://mozilla.org/MPL/2.0/. +; +; See the COPYRIGHT file distributed with this work for additional +; information regarding copyright ownership. + +$TTL 3600 +$INCLUDE "include.db" diff --git a/bin/tests/system/rndc/setup.sh b/bin/tests/system/rndc/setup.sh index fb56de80a4..b7721a38d4 100644 --- a/bin/tests/system/rndc/setup.sh +++ b/bin/tests/system/rndc/setup.sh @@ -19,6 +19,9 @@ $SHELL ${TOP_SRCDIR}/bin/tests/system/genzone.sh 2 >ns4/example.db $SHELL ${TOP_SRCDIR}/bin/tests/system/genzone.sh 2 >ns6/huge.zone.db +cp ns7/test.db.in ns7/test.db +cp ns7/include.db.in ns7/include.db + # we make the huge zone less huge if we're running under # TSAN, to give the test a fighting chance not to time out. size=1000000 @@ -33,6 +36,7 @@ copy_setports ns3/named.conf.in ns3/named.conf copy_setports ns4/named.conf.in ns4/named.conf copy_setports ns5/named.conf.in ns5/named.conf copy_setports ns6/named.conf.in ns6/named.conf +copy_setports ns7/named.conf.in ns7/named.conf make_key () { $RNDCCONFGEN -k key$1 -A $3 -s 10.53.0.4 -p $2 \ diff --git a/bin/tests/system/rndc/tests.sh b/bin/tests/system/rndc/tests.sh index c3dda378f8..d25aec63a3 100644 --- a/bin/tests/system/rndc/tests.sh +++ b/bin/tests/system/rndc/tests.sh @@ -12,7 +12,8 @@ . ../conf.sh DIGOPTS="+tcp +noadd +nosea +nostat +noquest +nocomm +nocmd" -DIGCMD="$DIG $DIGOPTS @10.53.0.2 -p ${PORT}" +DIGOPTS="" +DIGCMD="$DIG $DIGOPTS -p ${PORT}" RNDCCMD="$RNDC -p ${CONTROLPORT} -c ../common/rndc.conf -s" status=0 @@ -73,7 +74,7 @@ update add text2.nil. 600 IN TXT "addition 2" send END -$DIGCMD text2.nil. TXT > dig.out.1.test$n +$DIGCMD @10.53.0.2 text2.nil. TXT > dig.out.1.test$n grep 'addition 2' dig.out.1.test$n >/dev/null && ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status+ret)) @@ -90,7 +91,7 @@ zone nil. update add text3.nil. 600 IN TXT "addition 3" send END -$DIGCMD text3.nil. TXT > dig.out.1.test$n +$DIGCMD @10.53.0.2 text3.nil. TXT > dig.out.1.test$n grep 'addition 3' dig.out.1.test$n >/dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status+ret)) @@ -130,7 +131,7 @@ update add text4.nil. 600 IN TXT "addition 4" send END -$DIGCMD text4.nil. TXT > dig.out.1.test$n +$DIGCMD @10.53.0.2 text4.nil. TXT > dig.out.1.test$n grep 'addition 4' dig.out.1.test$n > /dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status+ret)) @@ -170,7 +171,7 @@ update add text5.nil. 600 IN TXT "addition 5" send END -$DIGCMD text4.nil. TXT > dig.out.1.test$n +$DIGCMD @10.53.0.2 text4.nil. TXT > dig.out.1.test$n grep 'addition 4' dig.out.1.test$n >/dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status+ret)) @@ -242,11 +243,11 @@ zone other. update add text7.other. 600 IN TXT "addition 7" send END -$DIGCMD text6.other. TXT > dig.out.1.test$n +$DIGCMD @10.53.0.2 text6.other. TXT > dig.out.1.test$n grep 'addition 6' dig.out.1.test$n >/dev/null || ret=1 -$DIGCMD text7.other. TXT > dig.out.2.test$n +$DIGCMD @10.53.0.2 text7.other. TXT > dig.out.2.test$n grep 'addition 7' dig.out.2.test$n >/dev/null || ret=1 -$DIGCMD frozen.other. TXT > dig.out.3.test$n +$DIGCMD @10.53.0.2 frozen.other. TXT > dig.out.3.test$n grep 'frozen addition' dig.out.3.test$n >/dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status+ret)) @@ -285,11 +286,11 @@ zone nil. update add text7.nil. 600 IN TXT "addition 7" send END -$DIGCMD text6.nil. TXT > dig.out.1.test$n +$DIGCMD @10.53.0.2 text6.nil. TXT > dig.out.1.test$n grep 'addition 6' dig.out.1.test$n > /dev/null || ret=1 -$DIGCMD text7.nil. TXT > dig.out.2.test$n +$DIGCMD @10.53.0.2 text7.nil. TXT > dig.out.2.test$n grep 'addition 7' dig.out.2.test$n > /dev/null || ret=1 -$DIGCMD frozen.nil. TXT > dig.out.3.test$n +$DIGCMD @10.53.0.2 frozen.nil. TXT > dig.out.3.test$n grep 'frozen addition' dig.out.3.test$n >/dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status+ret)) @@ -706,7 +707,7 @@ zone example. update add text2.example. 600 IN TXT "addition 3" send END -$DIG $DIGOPTS @10.53.0.4 -p ${PORT} text2.example. TXT > dig.out.1.test$n +$DIGCMD @10.53.0.4 -p ${PORT} text2.example. TXT > dig.out.1.test$n grep 'addition 3' dig.out.1.test$n >/dev/null && ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status+ret)) @@ -728,10 +729,70 @@ zone example. update add text2.example. 600 IN TXT "addition 3" send END -$DIG $DIGOPTS @10.53.0.4 -p ${PORT} text2.example. TXT > dig.out.1.test$n +$DIGCMD @10.53.0.4 -p ${PORT} text2.example. TXT > dig.out.1.test$n grep 'addition 3' dig.out.1.test$n >/dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status+ret)) +n=$((n+1)) +echo_i "checking initial in-view zone file is loaded ($n)" +ret=0 +TSIG="hmac-sha1:int:FrSt77yPTFx6hTs4i2tKLB9LmE0=" +$DIGCMD @10.53.0.7 -y "$TSIG" text1.test. TXT > dig.out.1.test$n +grep 'include 1' dig.out.1.test$n >/dev/null || ret=1 +TSIG="hmac-sha1:ext:FrSt77yPTFx6hTs4i2tKLB9LmE0=" +$DIGCMD @10.53.0.7 -y "$TSIG" text1.test. TXT > dig.out.2.test$n +grep 'include 1' dig.out.2.test$n >/dev/null || ret=1 +if [ $ret != 0 ]; then echo_i "failed"; fi +status=$((status+ret)) + +echo_i "update in-view zone ($n)" +ret=0 +TSIG="hmac-sha1:int:FrSt77yPTFx6hTs4i2tKLB9LmE0=" +$NSUPDATE -p ${PORT} -y "$TSIG" > /dev/null 2>&1 < dig.out.1.test$n +grep 'addition 1' dig.out.1.test$n >/dev/null || ret=1 +if [ $ret != 0 ]; then echo_i "failed"; fi +status=$((status+ret)) + +echo_i "rndc freeze" +$RNDCCMD 10.53.0.7 freeze | sed 's/^/ns7 /' | cat_i | cat_i + +echo_i "edit zone files" +cp ns7/test.db.in ns7/test.db +cp ns7/include2.db.in ns7/include.db + +echo_i "rndc thaw" +$RNDCCMD 10.53.0.7 thaw | sed 's/^/ns7 /' | cat_i + +echo_i "rndc reload" +$RNDCCMD 10.53.0.7 reload | sed 's/^/ns7 /' | cat_i + +n=$((n+1)) +echo_i "checking zone file edits are loaded ($n)" +ret=0 +TSIG="hmac-sha1:int:FrSt77yPTFx6hTs4i2tKLB9LmE0=" +$DIGCMD @10.53.0.7 -y "$TSIG" text1.test. TXT > dig.out.1.test$n +grep 'include 2' dig.out.1.test$n >/dev/null || ret=1 +TSIG="hmac-sha1:ext:FrSt77yPTFx6hTs4i2tKLB9LmE0=" +$DIGCMD @10.53.0.7 -y "$TSIG" text1.test. TXT > dig.out.2.test$n +grep 'include 2' dig.out.2.test$n >/dev/null || ret=1 +if [ $ret != 0 ]; then echo_i "failed"; fi +status=$((status+ret)) + echo_i "exit status: $status" [ $status -eq 0 ] || exit 1