From 61ac32a9893aca42cf8cb02699c63c53cd7df9ad Mon Sep 17 00:00:00 2001
From: Evan Hunt <each@isc.org>
Date: Mon, 18 Oct 2021 23:14:28 -0700
Subject: [PATCH] add a system test with an ADB loop

Add a lame delegation to lame.example.org with only an A record
in the additional section; on failure, this will trigger a retry
with AAAA, which will loop. Test that dig returns SERVFAIL, in
addition to confirming that named doesn't hang on shutdown.
---
 bin/tests/system/resolver/ans2/ans.pl | 5 +++++
 bin/tests/system/resolver/ans3/ans.pl | 5 +++++
 bin/tests/system/resolver/tests.sh    | 8 ++++++++
 3 files changed, 18 insertions(+)

diff --git a/bin/tests/system/resolver/ans2/ans.pl b/bin/tests/system/resolver/ans2/ans.pl
index cc923e3dfb..d9f6f53508 100644
--- a/bin/tests/system/resolver/ans2/ans.pl
+++ b/bin/tests/system/resolver/ans2/ans.pl
@@ -102,6 +102,11 @@ for (;;) {
 	} elsif ($qname =~ /example\.net/) {
 		$packet->push("authority", new Net::DNS::RR("example.net 300 NS ns.example.net"));
 		$packet->push("additional", new Net::DNS::RR("ns.example.net 300 A 10.53.0.3"));
+	} elsif ($qname =~ /lame\.example\.org/) {
+		$packet->header->ad(0);
+		$packet->header->aa(0);
+		$packet->push("authority", new Net::DNS::RR("lame.example.org 300 NS ns.lame.example.org"));
+		$packet->push("additional", new Net::DNS::RR("ns.lame.example.org 300 A 10.53.0.3"));
 	} elsif ($qname =~ /sub\.example\.org/) {
 		# Data for CNAME/DNAME filtering.  The final answers are
 		# expected to be accepted regardless of the filter setting.
diff --git a/bin/tests/system/resolver/ans3/ans.pl b/bin/tests/system/resolver/ans3/ans.pl
index be8708ddf5..15d4c98780 100644
--- a/bin/tests/system/resolver/ans3/ans.pl
+++ b/bin/tests/system/resolver/ans3/ans.pl
@@ -98,6 +98,11 @@ for (;;) {
 	} elsif ($qname =~ /^nxdomain\.example\.net$/i) {
 		$packet->header->aa(1);
 		$packet->header->rcode(NXDOMAIN);
+	} elsif ($qname =~ /lame\.example\.org/) {
+		$packet->header->ad(0);
+		$packet->header->aa(0);
+		$packet->push("authority", new Net::DNS::RR("lame.example.org 300 NS ns.lame.example.org"));
+		$packet->push("additional", new Net::DNS::RR("ns.lame.example.org 300 A 10.53.0.3"));
 	} elsif ($qname eq "cname.sub.example.org") {
 		$packet->push("answer",
 			      new Net::DNS::RR($qname .
diff --git a/bin/tests/system/resolver/tests.sh b/bin/tests/system/resolver/tests.sh
index 165b196b70..d8485f29ed 100755
--- a/bin/tests/system/resolver/tests.sh
+++ b/bin/tests/system/resolver/tests.sh
@@ -889,5 +889,13 @@ grep 'cname-next\.example\.net\..*CNAME.http-server\.example\.net\.' dig.out.ns7
 if [ $ret != 0 ]; then echo_i "failed"; fi
 status=`expr $status + $ret`
 
+n=`expr $n + 1`
+echo_i "check ADB find loops are detected ($n)"
+ret=0
+$DIG $DIGOPTS +tcp +tries=1 +timeout=5 @10.53.0.1 fake.lame.example.org > dig.out.ns1.${n} || ret=1
+grep "status: SERVFAIL" dig.out.ns1.${n} > /dev/null || ret=1
+if [ $ret != 0 ]; then echo_i "failed"; fi
+status=`expr $status + $ret`
+
 echo_i "exit status: $status"
 [ $status -eq 0 ] || exit 1