From edbb256c3a7fc5c11a3f52fcb4bb3c6fef62c2d4 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Micha=C5=82=20K=C4=99pie=C5=84?= <michal@isc.org>
Date: Thu, 28 Jun 2018 13:38:39 +0200
Subject: [PATCH] Verify mirror zone journals

As mirror zone files are verified when they are loaded from disk, verify
journal files as well to ensure invalid data is not used.  Reuse the
journals generated during IXFR tests to test this.
---
 bin/tests/system/mirror/clean.sh          |  1 +
 bin/tests/system/mirror/ns3/named.conf.in |  1 +
 bin/tests/system/mirror/tests.sh          | 35 +++++++++++++++++++++++
 3 files changed, 37 insertions(+)

diff --git a/bin/tests/system/mirror/clean.sh b/bin/tests/system/mirror/clean.sh
index d8edbd403e..1c98ed6d3c 100644
--- a/bin/tests/system/mirror/clean.sh
+++ b/bin/tests/system/mirror/clean.sh
@@ -16,6 +16,7 @@ rm -f */*.signed
 rm -f */K*
 rm -f */db-*
 rm -f */dsset-*
+rm -f */jn-*
 rm -f */named.memstats
 rm -f */named.run
 rm -f dig.out.*
diff --git a/bin/tests/system/mirror/ns3/named.conf.in b/bin/tests/system/mirror/ns3/named.conf.in
index 775a7fe6b9..b4508eacfe 100644
--- a/bin/tests/system/mirror/ns3/named.conf.in
+++ b/bin/tests/system/mirror/ns3/named.conf.in
@@ -46,6 +46,7 @@ zone "verify-ixfr" {
 	masters { 10.53.0.2; };
 	mirror yes;
 	file "verify-ixfr.db.mirror";
+	masterfile-format text;
 };
 
 zone "verify-load" {
diff --git a/bin/tests/system/mirror/tests.sh b/bin/tests/system/mirror/tests.sh
index e5748328d4..20016a4b7e 100644
--- a/bin/tests/system/mirror/tests.sh
+++ b/bin/tests/system/mirror/tests.sh
@@ -107,11 +107,15 @@ nextpartreset ns3/named.run
 ret=0
 wait_for_transfer verify-ixfr
 nextpart ns3/named.run > /dev/null
+# Make a copy of the original zone file for reuse in journal tests below.
+cp ns2/verify-ixfr.db.signed ns3/verify-journal.db.mirror
 # Wait 1 second so that the zone file timestamp changes and the subsequent
 # invocation of "rndc reload" triggers a zone reload.
 sleep 1
 cat ns2/verify-ixfr.db.bad.signed > ns2/verify-ixfr.db.signed
 reload_zone verify-ixfr ${UPDATED_SERIAL_BAD}
+# Make a copy of the bad zone journal for reuse in journal tests below.
+cp ns2/verify-ixfr.db.signed.jnl ns3/verify-journal.db.bad.mirror.jnl
 # Trigger IXFR.
 $RNDCCMD 10.53.0.3 refresh verify-ixfr > /dev/null 2>&1
 wait_for_transfer verify-ixfr
@@ -136,6 +140,8 @@ nextpart ns3/named.run > /dev/null
 sleep 1
 cat ns2/verify-ixfr.db.good.signed > ns2/verify-ixfr.db.signed
 reload_zone verify-ixfr ${UPDATED_SERIAL_GOOD}
+# Make a copy of the good zone journal for reuse in journal tests below.
+cp ns2/verify-ixfr.db.signed.jnl ns3/verify-journal.db.good.mirror.jnl
 # Trigger IXFR.
 $RNDCCMD 10.53.0.3 refresh verify-ixfr > /dev/null 2>&1
 wait_for_transfer verify-ixfr
@@ -169,5 +175,34 @@ grep "${UPDATED_SERIAL_GOOD}.*; serial" dig.out.ns3.test$n > /dev/null || ret=1
 if [ $ret != 0 ]; then echo_i "failed"; fi
 status=`expr $status + $ret`
 
+n=`expr $n + 1`
+echo_i "checking that loading a journal for an incorrectly signed mirror zone fails ($n)"
+ret=0
+$PERL $SYSTEMTESTTOP/stop.pl --use-rndc --port ${CONTROLPORT} . ns3
+cp ns3/verify-journal.db.mirror ns3/verify-ixfr.db.mirror
+cp ns3/verify-journal.db.bad.mirror.jnl ns3/verify-ixfr.db.mirror.jnl
+nextpart ns3/named.run > /dev/null
+$PERL $SYSTEMTESTTOP/start.pl --noclean --restart --port ${PORT} . ns3
+wait_for_load verify-ixfr ${UPDATED_SERIAL_BAD} ns3/named.run
+$DIG $DIGOPTS @10.53.0.3 +norec verify-ixfr SOA > dig.out.ns3.test$n 2>&1 || ret=1
+grep "${UPDATED_SERIAL_BAD}.*; serial" dig.out.ns3.test$n > /dev/null && ret=1
+nextpart ns3/named.run | grep "No correct RSASHA256 signature for verify-ixfr SOA" > /dev/null || ret=1
+if [ $ret != 0 ]; then echo_i "failed"; fi
+status=`expr $status + $ret`
+
+n=`expr $n + 1`
+echo_i "checking that loading a journal for a correctly signed mirror zone succeeds ($n)"
+ret=0
+$PERL $SYSTEMTESTTOP/stop.pl --use-rndc --port ${CONTROLPORT} . ns3
+cp ns3/verify-journal.db.mirror ns3/verify-ixfr.db.mirror
+cp ns3/verify-journal.db.good.mirror.jnl ns3/verify-ixfr.db.mirror.jnl
+nextpart ns3/named.run > /dev/null
+$PERL $SYSTEMTESTTOP/start.pl --noclean --restart --port ${PORT} . ns3
+wait_for_load verify-ixfr ${UPDATED_SERIAL_GOOD} ns3/named.run
+$DIG $DIGOPTS @10.53.0.3 +norec verify-ixfr SOA > dig.out.ns3.test$n 2>&1 || ret=1
+grep "${UPDATED_SERIAL_GOOD}.*; serial" dig.out.ns3.test$n > /dev/null || ret=1
+if [ $ret != 0 ]; then echo_i "failed"; fi
+status=`expr $status + $ret`
+
 echo_i "exit status: $status"
 [ $status -eq 0 ] || exit 1