Fix RPZ bugs related to wildcard triggers (#40357)

2015-08-18 19:39:53 +05:30
parent 1a38ba7b41
commit bf350c9f1a
15 changed files with 308 additions and 25 deletions
--- a/bin/tests/system/rpzrecurse/tests.sh
+++ b/bin/tests/system/rpzrecurse/tests.sh
@@ -266,4 +266,48 @@ sed -n "$cur,"'$p' < ns2/named.run | grep "view recursive: rpz CLIENT-IP Local-D
    status=1
 }

+# Check wildcard behavior
+
+t=`expr $t + 1`
+echo "I:testing wildcard behavior with 1 RPZ zone (${t})"
+run_server wildcard1
+$DIG $DIGOPTS www.test1.example.net a @10.53.0.2 -p 5300 > dig.out.${t}.1
+grep "status: NXDOMAIN" dig.out.${t}.1 > /dev/null || {
+    echo "I:test ${t} failed"
+    status=1
+}
+$DIG $DIGOPTS test1.example.net a @10.53.0.2 -p 5300 > dig.out.${t}.2
+grep "status: NXDOMAIN" dig.out.${t}.2 > /dev/null || {
+    echo "I:test ${t} failed"
+    status=1
+}
+
+t=`expr $t + 1`
+echo "I:testing wildcard behavior with 2 RPZ zones (${t})"
+run_server wildcard2
+$DIG $DIGOPTS www.test1.example.net a @10.53.0.2 -p 5300 > dig.out.${t}.1
+grep "status: NXDOMAIN" dig.out.${t}.1 > /dev/null || {
+    echo "I:test ${t} failed"
+    status=1
+}
+$DIG $DIGOPTS test1.example.net a @10.53.0.2 -p 5300 > dig.out.${t}.2
+grep "status: NXDOMAIN" dig.out.${t}.2 > /dev/null || {
+    echo "I:test ${t} failed"
+    status=1
+}
+
+t=`expr $t + 1`
+echo "I:testing wildcard behavior with 1 RPZ zone and no non-wildcard triggers (${t})"
+run_server wildcard3
+$DIG $DIGOPTS www.test1.example.net a @10.53.0.2 -p 5300 > dig.out.${t}.1
+grep "status: NXDOMAIN" dig.out.${t}.1 > /dev/null || {
+    echo "I:test ${t} failed"
+    status=1
+}
+$DIG $DIGOPTS test1.example.net a @10.53.0.2 -p 5300 > dig.out.${t}.2
+grep "status: NOERROR" dig.out.${t}.2 > /dev/null || {
+    echo "I:test ${t} failed"
+    status=1
+}
+
 exit $status