ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity

Merge branch '2845-rndc-freeze-edit-include-file-thaw' into 'main'

Browse Source 
Add test for in-view zone edits

Closes #2845

See merge request isc-projects/bind9!5316
This commit is contained in:
Matthijs Mekking
2021-08-16 15:06:09 +00:00
parent b98594e048 598bf1c29b
commit f6999fb0ff
7 changed files with 174 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
bin/tests/system/rndc/clean.sh
View File

@@ -21,6 +21,8 @@ rm -f ns4/*.nta
rm -f ns4/example.db ns4/example.db.jnl
rm -f ns4/key?.conf
rm -f ns6/huge.zone.db
rm -f ns7/include.db ns7/test.db ns7/*.jnl
rm -f ns7/named_dump.db*
rm -f ns*/named.conf
rm -f nsupdate.out.*.test*
rm -f python.out.*.test*

14
bin/tests/system/rndc/ns7/include.db.in Normal file
View File

@@ -0,0 +1,14 @@
; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
;
; This Source Code Form is subject to the terms of the Mozilla Public
; License, v. 2.0. If a copy of the MPL was not distributed with this
; file, You can obtain one at http://mozilla.org/MPL/2.0/.
;
; See the COPYRIGHT file distributed with this work for additional
; information regarding copyright ownership.
@ 86400 IN SOA ns7 hostmaster 1 5 5 1814400 3600
@ NS ns7
ns7 A 10.53.0.7
text1 TXT "include 1"

14
bin/tests/system/rndc/ns7/include2.db.in Normal file
View File

@@ -0,0 +1,14 @@
; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
;
; This Source Code Form is subject to the terms of the Mozilla Public
; License, v. 2.0. If a copy of the MPL was not distributed with this
; file, You can obtain one at http://mozilla.org/MPL/2.0/.
;
; See the COPYRIGHT file distributed with this work for additional
; information regarding copyright ownership.
@ 86400 IN SOA ns7 hostmaster 4 5 5 1814400 3600
@ NS ns7
ns7 A 10.53.0.7
text1 TXT "include 2"

55
bin/tests/system/rndc/ns7/named.conf.in Normal file
View File

@@ -0,0 +1,55 @@
/*
* Copyright (C) Internet Systems Consortium, Inc. ("ISC")
*
* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
*
* See the COPYRIGHT file distributed with this work for additional
* information regarding copyright ownership.
*/
options {
port @PORT@;
pid-file "named.pid";
listen-on { 10.53.0.7; };
listen-on-v6 { none; };
};
key rndc_key {
secret "1234abcd8765";
algorithm hmac-sha256;
};
key int {
algorithm "hmac-sha1";
secret "FrSt77yPTFx6hTs4i2tKLB9LmE0=";
};
key ext {
algorithm "hmac-sha1";
secret "FrSt77yPTFx6hTs4i2tKLB9LmE0=";
};
controls {
inet 10.53.0.7 port @CONTROLPORT@ allow { any; } keys { rndc_key; };
};
view internal {
match-clients { key "int"; };
zone "test" {
type primary;
update-policy { grant int zonesub any; };
file "test.db";
ixfr-from-differences yes;
};
};
view external {
match-clients { key "ext"; };
zone "test" {
in-view internal;
};
};

11
bin/tests/system/rndc/ns7/test.db.in Normal file
View File

@@ -0,0 +1,11 @@
; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
;
; This Source Code Form is subject to the terms of the Mozilla Public
; License, v. 2.0. If a copy of the MPL was not distributed with this
; file, You can obtain one at http://mozilla.org/MPL/2.0/.
;
; See the COPYRIGHT file distributed with this work for additional
; information regarding copyright ownership.
$TTL 3600
$INCLUDE "include.db"

4
bin/tests/system/rndc/setup.sh
View File

@@ -19,6 +19,9 @@ $SHELL ${TOP_SRCDIR}/bin/tests/system/genzone.sh 2 >ns4/example.db
$SHELL ${TOP_SRCDIR}/bin/tests/system/genzone.sh 2 >ns6/huge.zone.db
cp ns7/test.db.in ns7/test.db
cp ns7/include.db.in ns7/include.db
# we make the huge zone less huge if we're running under
# TSAN, to give the test a fighting chance not to time out.
size=1000000
@@ -33,6 +36,7 @@ copy_setports ns3/named.conf.in ns3/named.conf
copy_setports ns4/named.conf.in ns4/named.conf
copy_setports ns5/named.conf.in ns5/named.conf
copy_setports ns6/named.conf.in ns6/named.conf
copy_setports ns7/named.conf.in ns7/named.conf
make_key () {
$RNDCCONFGEN -k key$1 -A $3 -s 10.53.0.4 -p $2 \

87
bin/tests/system/rndc/tests.sh
View File

@@ -12,7 +12,8 @@
. ../conf.sh
DIGOPTS="+tcp +noadd +nosea +nostat +noquest +nocomm +nocmd"
DIGCMD="$DIG $DIGOPTS @10.53.0.2 -p ${PORT}"
DIGOPTS=""
DIGCMD="$DIG $DIGOPTS -p ${PORT}"
RNDCCMD="$RNDC -p ${CONTROLPORT} -c ../common/rndc.conf -s"
status=0
@@ -73,7 +74,7 @@ update add text2.nil. 600 IN TXT "addition 2"
send
END
$DIGCMD text2.nil. TXT > dig.out.1.test$n
$DIGCMD @10.53.0.2 text2.nil. TXT > dig.out.1.test$n
grep 'addition 2' dig.out.1.test$n >/dev/null && ret=1
if [ $ret != 0 ]; then echo_i "failed"; fi
status=$((status+ret))
@@ -90,7 +91,7 @@ zone nil.
update add text3.nil. 600 IN TXT "addition 3"
send
END
$DIGCMD text3.nil. TXT > dig.out.1.test$n
$DIGCMD @10.53.0.2 text3.nil. TXT > dig.out.1.test$n
grep 'addition 3' dig.out.1.test$n >/dev/null || ret=1
if [ $ret != 0 ]; then echo_i "failed"; fi
status=$((status+ret))
@@ -130,7 +131,7 @@ update add text4.nil. 600 IN TXT "addition 4"
send
END
$DIGCMD text4.nil. TXT > dig.out.1.test$n
$DIGCMD @10.53.0.2 text4.nil. TXT > dig.out.1.test$n
grep 'addition 4' dig.out.1.test$n > /dev/null || ret=1
if [ $ret != 0 ]; then echo_i "failed"; fi
status=$((status+ret))
@@ -170,7 +171,7 @@ update add text5.nil. 600 IN TXT "addition 5"
send
END
$DIGCMD text4.nil. TXT > dig.out.1.test$n
$DIGCMD @10.53.0.2 text4.nil. TXT > dig.out.1.test$n
grep 'addition 4' dig.out.1.test$n >/dev/null || ret=1
if [ $ret != 0 ]; then echo_i "failed"; fi
status=$((status+ret))
@@ -242,11 +243,11 @@ zone other.
update add text7.other. 600 IN TXT "addition 7"
send
END
$DIGCMD text6.other. TXT > dig.out.1.test$n
$DIGCMD @10.53.0.2 text6.other. TXT > dig.out.1.test$n
grep 'addition 6' dig.out.1.test$n >/dev/null || ret=1
$DIGCMD text7.other. TXT > dig.out.2.test$n
$DIGCMD @10.53.0.2 text7.other. TXT > dig.out.2.test$n
grep 'addition 7' dig.out.2.test$n >/dev/null || ret=1
$DIGCMD frozen.other. TXT > dig.out.3.test$n
$DIGCMD @10.53.0.2 frozen.other. TXT > dig.out.3.test$n
grep 'frozen addition' dig.out.3.test$n >/dev/null || ret=1
if [ $ret != 0 ]; then echo_i "failed"; fi
status=$((status+ret))
@@ -285,11 +286,11 @@ zone nil.
update add text7.nil. 600 IN TXT "addition 7"
send
END
$DIGCMD text6.nil. TXT > dig.out.1.test$n
$DIGCMD @10.53.0.2 text6.nil. TXT > dig.out.1.test$n
grep 'addition 6' dig.out.1.test$n > /dev/null || ret=1
$DIGCMD text7.nil. TXT > dig.out.2.test$n
$DIGCMD @10.53.0.2 text7.nil. TXT > dig.out.2.test$n
grep 'addition 7' dig.out.2.test$n > /dev/null || ret=1
$DIGCMD frozen.nil. TXT > dig.out.3.test$n
$DIGCMD @10.53.0.2 frozen.nil. TXT > dig.out.3.test$n
grep 'frozen addition' dig.out.3.test$n >/dev/null || ret=1
if [ $ret != 0 ]; then echo_i "failed"; fi
status=$((status+ret))
@@ -706,7 +707,7 @@ zone example.
update add text2.example. 600 IN TXT "addition 3"
send
END
$DIG $DIGOPTS @10.53.0.4 -p ${PORT} text2.example. TXT > dig.out.1.test$n
$DIGCMD @10.53.0.4 -p ${PORT} text2.example. TXT > dig.out.1.test$n
grep 'addition 3' dig.out.1.test$n >/dev/null && ret=1
if [ $ret != 0 ]; then echo_i "failed"; fi
status=$((status+ret))
@@ -728,10 +729,70 @@ zone example.
update add text2.example. 600 IN TXT "addition 3"
send
END
$DIG $DIGOPTS @10.53.0.4 -p ${PORT} text2.example. TXT > dig.out.1.test$n
$DIGCMD @10.53.0.4 -p ${PORT} text2.example. TXT > dig.out.1.test$n
grep 'addition 3' dig.out.1.test$n >/dev/null || ret=1
if [ $ret != 0 ]; then echo_i "failed"; fi
status=$((status+ret))
n=$((n+1))
echo_i "checking initial in-view zone file is loaded ($n)"
ret=0
TSIG="hmac-sha1:int:FrSt77yPTFx6hTs4i2tKLB9LmE0="
$DIGCMD @10.53.0.7 -y "$TSIG" text1.test. TXT > dig.out.1.test$n
grep 'include 1' dig.out.1.test$n >/dev/null || ret=1
TSIG="hmac-sha1:ext:FrSt77yPTFx6hTs4i2tKLB9LmE0="
$DIGCMD @10.53.0.7 -y "$TSIG" text1.test. TXT > dig.out.2.test$n
grep 'include 1' dig.out.2.test$n >/dev/null || ret=1
if [ $ret != 0 ]; then echo_i "failed"; fi
status=$((status+ret))
echo_i "update in-view zone ($n)"
ret=0
TSIG="hmac-sha1:int:FrSt77yPTFx6hTs4i2tKLB9LmE0="
$NSUPDATE -p ${PORT} -y "$TSIG" > /dev/null 2>&1 <<END || ret=1
server 10.53.0.7
zone test.
update add text2.test. 600 IN TXT "addition 1"
send
END
[ -s ns7/test.db.jnl ] || {
echo_i "'test -s ns7/test.db.jnl' failed when it shouldn't have"; ret=1;
}
if [ $ret != 0 ]; then echo_i "failed"; fi
status=$((status+ret))
echo_i "checking update ($n)"
ret=0
TSIG="hmac-sha1:int:FrSt77yPTFx6hTs4i2tKLB9LmE0="
$DIGCMD @10.53.0.7 -y "$TSIG" text2.test. TXT > dig.out.1.test$n
grep 'addition 1' dig.out.1.test$n >/dev/null || ret=1
if [ $ret != 0 ]; then echo_i "failed"; fi
status=$((status+ret))
echo_i "rndc freeze"
$RNDCCMD 10.53.0.7 freeze | sed 's/^/ns7 /' | cat_i | cat_i
echo_i "edit zone files"
cp ns7/test.db.in ns7/test.db
cp ns7/include2.db.in ns7/include.db
echo_i "rndc thaw"
$RNDCCMD 10.53.0.7 thaw | sed 's/^/ns7 /' | cat_i
echo_i "rndc reload"
$RNDCCMD 10.53.0.7 reload | sed 's/^/ns7 /' | cat_i
n=$((n+1))
echo_i "checking zone file edits are loaded ($n)"
ret=0
TSIG="hmac-sha1:int:FrSt77yPTFx6hTs4i2tKLB9LmE0="
$DIGCMD @10.53.0.7 -y "$TSIG" text1.test. TXT > dig.out.1.test$n
grep 'include 2' dig.out.1.test$n >/dev/null || ret=1
TSIG="hmac-sha1:ext:FrSt77yPTFx6hTs4i2tKLB9LmE0="
$DIGCMD @10.53.0.7 -y "$TSIG" text1.test. TXT > dig.out.2.test$n
grep 'include 2' dig.out.2.test$n >/dev/null || ret=1
if [ $ret != 0 ]; then echo_i "failed"; fi
status=$((status+ret))
echo_i "exit status: $status"
[ $status -eq 0 ] || exit 1