Check that dig/host/nslookup handle a UPDATE response.
Additionally check that "delete $qname SOA" in the update reponse doesn't trigger a insertion in nslookup.
This commit is contained in:
Mark Andrews
@@ -39,6 +39,7 @@ DNSTAPREAD=$TOP/bin/tools/dnstap-read
|
||||
DSFROMKEY=$TOP/bin/dnssec/dnssec-dsfromkey
|
||||
FEATURETEST=$TOP/bin/tests/system/feature-test
|
||||
FSTRM_CAPTURE=@FSTRM_CAPTURE@
|
||||
HOST=$TOP/bin/dig/host
|
||||
IMPORTKEY=$TOP/bin/dnssec/dnssec-importkey
|
||||
JOURNALPRINT=$TOP/bin/tools/named-journalprint
|
||||
KEYFRLAB=$TOP/bin/dnssec/dnssec-keyfromlabel
|
||||
|
||||
66
bin/tests/system/digdelv/ans7/ans.pl
Executable file
66
bin/tests/system/digdelv/ans7/ans.pl
Executable file
@@ -0,0 +1,66 @@
|
||||
#!/usr/bin/perl -w
|
||||
#
|
||||
# Copyright (C) Internet Systems Consortium, Inc. ("ISC")
|
||||
#
|
||||
# This Source Code Form is subject to the terms of the Mozilla Public
|
||||
# License, v. 2.0. If a copy of the MPL was not distributed with this
|
||||
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
|
||||
#
|
||||
# See the COPYRIGHT file distributed with this work for additional
|
||||
# information regarding copyright ownership.
|
||||
|
||||
use IO::File;
|
||||
use IO::Socket;
|
||||
use Net::DNS;
|
||||
use Net::DNS::Packet;
|
||||
|
||||
my $localport = int($ENV{'PORT'});
|
||||
if (!$localport) { $localport = 5300; }
|
||||
|
||||
my $sock = IO::Socket::INET->new(LocalAddr => "10.53.0.7",
|
||||
LocalPort => $localport, Proto => "udp") or die "$!";
|
||||
|
||||
my $pidf = new IO::File "ans.pid", "w" or die "cannot open pid file: $!";
|
||||
print $pidf "$$\n" or die "cannot write pid file: $!";
|
||||
$pidf->close or die "cannot close pid file: $!";
|
||||
sub rmpid { unlink "ans.pid"; exit 1; };
|
||||
|
||||
$SIG{INT} = \&rmpid;
|
||||
$SIG{TERM} = \&rmpid;
|
||||
|
||||
STDOUT->autoflush(1);
|
||||
|
||||
print "Net::DNS::VERSION => $Net::DNS::VERSION\n";
|
||||
|
||||
for (;;) {
|
||||
$sock->recv($buf, 512);
|
||||
|
||||
print "**** request from " , $sock->peerhost, " port ", $sock->peerport, "\n";
|
||||
|
||||
my $packet;
|
||||
|
||||
if ($Net::DNS::VERSION > 0.68) {
|
||||
$packet = new Net::DNS::Packet(\$buf, 0);
|
||||
$@ and die $@;
|
||||
} else {
|
||||
my $err;
|
||||
($packet, $err) = new Net::DNS::Packet(\$buf, 0);
|
||||
$err and die $err;
|
||||
}
|
||||
|
||||
print "REQUEST:\n";
|
||||
$packet->print;
|
||||
|
||||
$packet->header->qr(1);
|
||||
$packet->header->opcode(5);
|
||||
|
||||
my @questions = $packet->question;
|
||||
my $qname = $questions[0]->qname;
|
||||
my $qtype = $questions[0]->qtype;
|
||||
$packet->push("update", rr_del("$qname SOA"));
|
||||
|
||||
print "RESPONSE:\n";
|
||||
$packet->print;
|
||||
|
||||
$sock->send($packet->data);
|
||||
}
|
||||
@@ -20,6 +20,8 @@ rm -f ./dig.out.mm.*
|
||||
rm -f ./dig.out.mn.*
|
||||
rm -f ./dig.out.nm.*
|
||||
rm -f ./dig.out.nn.*
|
||||
rm -f ./host.out.test*
|
||||
rm -f ./nslookup.out.test*
|
||||
rm -f ./ns*/named.lock
|
||||
rm -f ./ns*/managed-keys.bind*
|
||||
rm -f ./ns2/example.db ./ns2/K* ./ns2/keyid ./ns2/keydata
|
||||
|
||||
@@ -67,8 +67,56 @@ if [ -n "$PYTHON" ] ; then
|
||||
$PYTHON -c "import yaml" 2> /dev/null && HAS_PYYAML=1
|
||||
fi
|
||||
|
||||
#
|
||||
# test whether ans7/ans.pl will be able to send a UPDATE response.
|
||||
# if it can't, we will log that below.
|
||||
#
|
||||
if "$PERL" -e 'use Net::DNS; use Net::DNS::Packet; my $p = new Net::DNS::Packet; $p->header->opcode(5);' > /dev/null 2>&1
|
||||
then
|
||||
checkupdate=1
|
||||
else
|
||||
checkupdate=0
|
||||
fi
|
||||
|
||||
if [ -x "$NSLOOKUP" -a $checkupdate -eq 1 ] ; then
|
||||
|
||||
n=$((n+1))
|
||||
echo_i "check nslookup handles UPDATE response ($n)"
|
||||
ret=0
|
||||
"$NSLOOKUP" -q=CNAME "-port=$PORT" foo.bar 10.53.0.7 > nslookup.out.test$n 2>&1 && ret=1
|
||||
grep "Opcode mismatch" nslookup.out.test$n > /dev/null || ret=1
|
||||
if [ $ret -ne 0 ]; then echo_i "failed"; fi
|
||||
status=$((status+ret))
|
||||
|
||||
fi
|
||||
|
||||
if [ -x "$HOST" -a $checkupdate -eq 1 ] ; then
|
||||
|
||||
n=$((n+1))
|
||||
echo_i "check host handles UPDATE response ($n)"
|
||||
ret=0
|
||||
"$HOST" -t CNAME -p $PORT foo.bar 10.53.0.7 > host.out.test$n 2>&1 && ret=1
|
||||
grep "Opcode mismatch" host.out.test$n > /dev/null || ret=1
|
||||
if [ $ret -ne 0 ]; then echo_i "failed"; fi
|
||||
status=$((status+ret))
|
||||
|
||||
fi
|
||||
|
||||
if [ -x "$DIG" ] ; then
|
||||
|
||||
if [ $checkupdate -eq 1 ] ; then
|
||||
|
||||
n=$((n+1))
|
||||
echo_i "check dig handles UPDATE response ($n)"
|
||||
ret=0
|
||||
dig_with_opts @10.53.0.7 cname foo.bar > dig.out.test$n 2>&1 && ret=1
|
||||
grep "Opcode mismatch" dig.out.test$n > /dev/null || ret=1
|
||||
if [ $ret -ne 0 ]; then echo_i "failed"; fi
|
||||
status=$((status+ret))
|
||||
else
|
||||
echo_i "Skipped UPDATE handling test"
|
||||
fi
|
||||
|
||||
n=$((n+1))
|
||||
echo_i "checking dig short form works ($n)"
|
||||
ret=0
|
||||
|
||||
@@ -493,6 +493,7 @@
|
||||
./bin/tests/system/digdelv/ans4/startme X 2017,2018,2019,2020
|
||||
./bin/tests/system/digdelv/ans5/ans.pl PERL 2019,2020
|
||||
./bin/tests/system/digdelv/ans6/ans.pl PERL 2019,2020
|
||||
./bin/tests/system/digdelv/ans7/ans.pl PERL 2020
|
||||
./bin/tests/system/digdelv/clean.sh SH 2015,2016,2018,2019,2020
|
||||
./bin/tests/system/digdelv/ns2/sign.sh SH 2018,2019,2020
|
||||
./bin/tests/system/digdelv/prereq.sh SH 2018,2019,2020
|
||||
|
||||
Reference in New Issue
Block a user