From e8154b50d4b6e1272a833301ad28dcc4681d3901 Mon Sep 17 00:00:00 2001 From: Mark Andrews Date: Fri, 15 Jun 2018 13:34:27 +1000 Subject: [PATCH] Restore default rrset-order to random. --- CHANGES | 2 ++ bin/named/config.c | 1 + bin/tests/system/rrsetorder/ns5/named.conf.in | 28 +++++++++++++++ bin/tests/system/rrsetorder/setup.sh | 1 + bin/tests/system/rrsetorder/tests.sh | 36 ++++++++++++++++--- util/copyrights | 1 + 6 files changed, 64 insertions(+), 5 deletions(-) create mode 100644 bin/tests/system/rrsetorder/ns5/named.conf.in diff --git a/CHANGES b/CHANGES index 4e66137b0a..5e10b9dc99 100644 --- a/CHANGES +++ b/CHANGES @@ -1,3 +1,5 @@ +4974. [bug] Restore default rrset-order to random. [GL #336] + 4973. [func] verifyzone() and the functions it uses were moved to libdns and refactored to prevent exit() from being called upon failure. A side effect of that is that diff --git a/bin/named/config.c b/bin/named/config.c index 14b3228750..ad310307d3 100644 --- a/bin/named/config.c +++ b/bin/named/config.c @@ -96,6 +96,7 @@ options {\n\ request-nsid false;\n\ reserved-sockets 512;\n\ resolver-query-timeout 10;\n\ + rrset-order { order random; };\n\ secroots-file \"named.secroots\";\n\ send-cookie true;\n\ # serial-queries ;\n\ diff --git a/bin/tests/system/rrsetorder/ns5/named.conf.in b/bin/tests/system/rrsetorder/ns5/named.conf.in new file mode 100644 index 0000000000..005c6313c5 --- /dev/null +++ b/bin/tests/system/rrsetorder/ns5/named.conf.in @@ -0,0 +1,28 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +options { + query-source address 10.53.0.5; + notify-source 10.53.0.5; + transfer-source 10.53.0.5; + port @PORT@; + pid-file "named.pid"; + listen-on { 10.53.0.5; }; + listen-on-v6 { none; }; + recursion yes; + dnssec-validation yes; + notify yes; +}; + +zone "." { + type hint; + file "../../common/root.hint"; +}; diff --git a/bin/tests/system/rrsetorder/setup.sh b/bin/tests/system/rrsetorder/setup.sh index 3a14fe9e3a..c63aeb10d2 100644 --- a/bin/tests/system/rrsetorder/setup.sh +++ b/bin/tests/system/rrsetorder/setup.sh @@ -17,3 +17,4 @@ copy_setports ns1/named.conf.in ns1/named.conf copy_setports ns2/named.conf.in ns2/named.conf copy_setports ns3/named.conf.in ns3/named.conf copy_setports ns4/named.conf.in ns4/named.conf +copy_setports ns5/named.conf.in ns5/named.conf diff --git a/bin/tests/system/rrsetorder/tests.sh b/bin/tests/system/rrsetorder/tests.sh index c0d6b2054e..35ba87a029 100644 --- a/bin/tests/system/rrsetorder/tests.sh +++ b/bin/tests/system/rrsetorder/tests.sh @@ -136,7 +136,7 @@ do eval "match=\`expr \$match + \$match$i\`" done echo_i "Random selection return $match of 24 possible orders in 36 samples" -if [ $match -lt 8 ]; then echo ret=1; fi +if [ $match -lt 8 ]; then ret=1; fi if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` @@ -230,7 +230,7 @@ do eval "match=\`expr \$match + \$match$i\`" done echo_i "Random selection return $match of 24 possible orders in 36 samples" -if [ $match -lt 8 ]; then echo ret=1; fi +if [ $match -lt 8 ]; then ret=1; fi if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` @@ -340,7 +340,7 @@ do eval "match=\`expr \$match + \$match$i\`" done echo_i "Random selection return $match of 24 possible orders in 36 samples" -if [ $match -lt 8 ]; then echo ret=1; fi +if [ $match -lt 8 ]; then ret=1; fi if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` @@ -438,7 +438,33 @@ do eval "match=\`expr \$match + \$match$i\`" done echo_i "Random selection return $match of 24 possible orders in 36 samples" -if [ $match -lt 8 ]; then echo ret=1; fi +if [ $match -lt 8 ]; then ret=1; fi +if [ $ret != 0 ]; then echo_i "failed"; fi + +echo_i "Checking default order (cache)" +ret=0 +for i in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 +do + eval match$i=0 +done +for i in a b c d e f g h i j k l m n o p q r s t u v w x y z 0 1 2 3 4 5 6 7 9 +do + $DIGCMD @10.53.0.5 random.example > dig.out.random || ret=1 + match=0 + for j in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 + do + eval "$DIFF dig.out.random dig.out.random.good$j >/dev/null && match$j=1 match=1" + if [ $match -eq 1 ]; then break; fi + done + if [ $match -eq 0 ]; then ret=1; fi +done +match=0 +for i in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 +do +eval "match=\`expr \$match + \$match$i\`" +done +echo_i "Default selection return $match of 24 possible orders in 36 samples" +if [ $match -lt 8 ]; then ret=1; fi if [ $ret != 0 ]; then echo_i "failed"; fi echo_i "Checking default order no match in rrset-order (no shuffling)" @@ -464,7 +490,7 @@ do eval "match=\`expr \$match + \$match$i\`" done echo_i "Consistent selection return $match of 24 possible orders in 36 samples" -if [ $match -ne 1 ]; then echo ret=1; fi +if [ $match -ne 1 ]; then ret=1; fi if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` diff --git a/util/copyrights b/util/copyrights index d948050617..32f7aaa31c 100644 --- a/util/copyrights +++ b/util/copyrights @@ -1992,6 +1992,7 @@ ./bin/tests/system/rrsetorder/ns2/named.conf.in CONF-C 2006,2007,2016,2018 ./bin/tests/system/rrsetorder/ns3/named.conf.in CONF-C 2006,2007,2016,2017,2018 ./bin/tests/system/rrsetorder/ns4/named.conf.in CONF-C 2015,2016,2017,2018 +./bin/tests/system/rrsetorder/ns5/named.conf.in CONF-C 2018 ./bin/tests/system/rrsetorder/setup.sh SH 2018 ./bin/tests/system/rrsetorder/tests.sh SH 2006,2007,2008,2011,2012,2014,2015,2016,2017,2018 ./bin/tests/system/rsabigexponent/.gitignore X 2013,2018