Commit Graph

2462 Commits

Author SHA1 Message Date
Evan Hunt
1fe2d7b97a silence a spurious dnssec-keygen warning in the dnssec system test
the occluded-key test creates both a KEY and a DNSKEY. the second
call to dnssec-keygen calls dns_dnssec_findmatchingkeys(), which causes
a spurious warning to be printed when it sees the type KEY record.
this should be fixed in dnssec.c, but the meantime this change silences
the warning by reversing the order in which the keys are created.

(cherry picked from commit 6661db9564)
2019-01-31 14:02:22 -08:00
Evan Hunt
607e42b560 detect crash on shutdown in stop.pl
(cherry picked from commit 9bf37f4e48)
2019-01-31 09:43:27 -08:00
Matthijs Mekking
13636ac3b0 Harden GSS-TSIG tests, verify signed TKEY response
(cherry picked from commit b0b846a4bb)
2019-01-30 12:34:01 -08:00
Mark Andrews
7b12906ac0 only use a single policy file when testing.
(cherry picked from commit 36ea9b8181)
2019-01-30 16:02:38 +11:00
Evan Hunt
dd54a08163 also add -D options for transient named processes started in tests.sh
(cherry picked from commit dd45831acc)
2019-01-28 21:22:13 -08:00
Evan Hunt
e5acb97c8a add properly-formatted -D options to named.args files
this prevents servers that use arguments specified in named.args
from appearing different in 'ps' output from servers run with arguments
from start.pl

(cherry picked from commit 175d6e9bfb)
2019-01-28 21:21:33 -08:00
Evan Hunt
0cc8758724 reset SYSTEMTESTTOP when changing directories
(cherry picked from commit 70f36a25e4)
2019-01-28 20:42:13 -08:00
Evan Hunt
7dad677ef8 fix runtime test
named doesn't understand cygwin paths, so we need to use
`cygpath -aw .` instead of `pwd` to get the absolute path to the
working directory.
2019-01-26 00:54:22 -08:00
Evan Hunt
f0ebe6cbe4 fix rrl test
strip CR characters before using awk/sed
2019-01-25 16:15:35 -08:00
Evan Hunt
77bc4e27f1 fix rpz test
- work around a CR newline problem
- use rndc to stop servers
2019-01-25 16:15:35 -08:00
Evan Hunt
aa1cf3c606 fix rpzrecurse test
- backport from v9_12 changes to enable rpzrecurse test to
  suspend and resume servers on win32
- use rndc to stop servers
2019-01-25 16:15:08 -08:00
Evan Hunt
be8dfc7421 fix dnssec test
- work around CR issues
- use UTC for time comparisons
- use $DIFF instead of cmp
2019-01-25 15:38:50 -08:00
Evan Hunt
4e597364a6 fix legacy test
use rndc rather than signals to stop the server
2019-01-25 15:38:49 -08:00
Evan Hunt
f1906e8ea3 fix fetchlimit test
use TCP for the test queries in between UDP bursts; this avoids
congestion issues that interfered with the test on windows
2019-01-25 15:38:49 -08:00
Evan Hunt
f7a77ff295 fix sfcache test
use a lame server configuration to force SERVFAILs instead of killing ns2.
this prevents test failures that occurred due to a different behavior of
the netowrking stack in windows.
2019-01-25 15:38:49 -08:00
Evan Hunt
d48fa83230 fix nsupdate test
rndc_reload was failing on windows
2019-01-25 15:38:49 -08:00
Evan Hunt
dc5c53b23a fix rndc test
use regex instead of exact string matching to deal with CR at end of line
2019-01-25 15:38:49 -08:00
Evan Hunt
4c5c91f36d fix statistics test
the active sockets test is supposed to be commented out on win32, but
only part of it was
2019-01-25 15:38:49 -08:00
Evan Hunt
73f9d372f6 fix redirect test
strip CR characters before using sed
2019-01-25 15:38:49 -08:00
Evan Hunt
0828d9c6db fix notify test
test the average delay between notifies instead of the minimum delay;
this helps avoid unnecessary test failures on systems with bursty
network performance.
2019-01-25 15:38:49 -08:00
Evan Hunt
57272bfb60 fix masterformat test
use stop.pl instead of rndc to stop server
2019-01-25 15:38:49 -08:00
Evan Hunt
09b61926d8 fix inline test
use regex instead of exact string matching, to deal with CR at end of ine
2019-01-25 15:38:48 -08:00
Evan Hunt
7a8058b988 fix forward test
strip CR characters before using sed
2019-01-25 15:38:48 -08:00
Evan Hunt
409a62c54c fix cookie test
strip CR characters before comparing files
2019-01-25 15:38:48 -08:00
Evan Hunt
e947cdfd27 use $DIFF instead of diff 2019-01-25 15:38:48 -08:00
Evan Hunt
cad88c5906 set and use SYSTEMTESTTOP consistently 2019-01-25 15:38:48 -08:00
Evan Hunt
79fa438d45 more reliable method for killing "ans" servers on windows
as perl and python are both native to cygwin, we don't want to use
the "kill -f" option to terminate them.
2019-01-25 15:38:48 -08:00
Evan Hunt
27e4da57f8 update ifconfig.bat with current test interfaces
the addresses set up in ifconfig.bat were out of sync with the
ones in ifconfig.sh
2019-01-25 15:38:48 -08:00
Evan Hunt
f0d8bf4d44 update conf.sh.win32 test list
- the test lists in conf.sh.in and conf.sh.win32 were out of sync
2019-01-25 15:38:48 -08:00
Evan Hunt
36221e6447 improve handling of trailing dots in dnssec-keymgr and dnssec-coverage
- mishandling of trailing dots caused bad behavior with the
  root zone or names like "example.com."
- fixing this exposed an error in dnssec-coverage caused the
  wrong return value if there were KSK errors but no ZSK errors
- incidentally silenced the dnssec-keygen output in the coverage
  system test

(cherry picked from commit 1ccf4e6c16)
2019-01-24 13:58:05 -08:00
Mark Andrews
67b001b190 introducing keymgr need to preserve functionality
(cherry picked from commit 083b730ec7)
(cherry picked from commit 15b4240764)
2019-01-22 11:17:28 -08:00
Witold Kręcicki
aa9866c390 If possible don't use forwarders when priming the resolver.
If we try to fetch a record from cache and need to look into
hints database we assume that the resolver is not primed and
start dns_resolver_prime(). Priming query is supposed to return
NSes for "." in ANSWER section and glue records for them in
ADDITIONAL section, so that we can fill that info in 'regular'
cache and not use hints db anymore.
However, if we're using a forwarder the priming query goes through
it, and if it's configured to return minimal answers we won't get
the addresses of root servers in ADDITIONAL section. Since the
only records for root servers we have are in hints database we'll
try to prime the resolver with every single query.

This patch adds a DNS_FETCHOPT_NOFORWARD flag which avoids using
forwarders if possible (that is if we have forward-first policy).
Using this flag on priming fetch fixes the problem as we get the
proper glue. With forward-only policy the problem is non-existent,
as we'll never ask for root server addresses because we'll never
have a need to query them.

Also added a test to confirm priming queries are not forwarded.

(cherry picked from commit b49310ac06)
(cherry picked from commit f8963ad70e)
2019-01-16 22:27:52 -08:00
Petr Menšík
2e8a927912 Normalize windows files and shell scripts
Commands used:
git add --chmod=+x bin/tests/system/ifconfig.sh mkinstalldirs
git add --renormalize 'win32utils/**.txt' '**.dsw'
2019-01-16 19:04:50 -05:00
Mark Andrews
06eb0a4367 add multi-view server and tests
(cherry picked from commit 7122b5786d)
(cherry picked from commit 22b77f45b7)
2019-01-14 18:31:02 -08:00
Evan Hunt
3b367ef3cb b/t/s/dnssec/tests.sh: Cleanup showprivate() function
(cherry picked from commit b241dc58ec)
2019-01-14 13:23:36 -08:00
Evan Hunt
d653989a1e fix testing errors
- the checkprivate function in the dnssec test set ret=0, erasing
  results from previous tests and making the test appear to have passed
  when it shouldn't have
- checkprivate needed a delay loop to ensure there was time for all
  private signing records to be updated before the test

(cherry picked from commit 82e83d5dc7)
2019-01-13 21:34:35 -05:00
Mark Andrews
58cc1ee718 Ensure base64/base32/hex fields in DNS records that should be non-empty are.
(cherry picked from commit 5e8b772ad1)
2019-01-09 18:52:50 +11:00
Mark Andrews
24f7bc252d wait longer for dump to complete
(cherry picked from commit 8a8d378def)
2019-01-08 20:18:26 -08:00
Michał Kępień
3db9f56718 Track forwarder timeouts in fetch contexts
Since following a delegation resets most fetch context state, address
marks (FCTX_ADDRINFO_MARK) set inside lib/dns/resolver.c are not
preserved when a delegation is followed.  This is fine for full
recursive resolution but when named is configured with "forward first;"
and one of the specified forwarders times out, triggering a fallback to
full recursive resolution, that forwarder should no longer be consulted
at each delegation point subsequently reached within a given fetch
context.

Add a new badnstype_t enum value, badns_forwarder, and use it to mark a
forwarder as bad when it times out in a "forward first;" configuration.
Since the bad server list is not cleaned when a fetch context follows a
delegation, this prevents a forwarder from being queried again after
falling back to full recursive resolution.  Yet, as each fetch context
maintains its own list of bad servers, this change does not cause a
forwarder timeout to prevent that forwarder from being used by other
fetch contexts.

(cherry picked from commit 33350626f9)
2019-01-08 08:34:37 +01:00
Matthijs Mekking
bb2c242c39 Remove dig_with_opts 2018-12-20 15:23:07 +01:00
Matthijs Mekking
0e9a8da68c Replace DSA with Reserved algorithm
(cherry picked from commit 17cdde1e56)
2018-12-20 04:50:08 -05:00
Matthijs Mekking
9f81119c02 Add dnssec-signzone tests with unsupported alg
dnssec-signzone should sign a zonefile that contains a DNSKEY record
with an unsupported algorithm.

(cherry picked from commit 6d976b37c1)
(cherry picked from commit 8619318a1e6207e487438a93bd7a620967091347)
2018-12-20 04:50:08 -05:00
Ondřej Surý
c1c10ca2b9 Properly detect msys/msys2 environment in the stop.pl script.
(cherry picked from commit 808dac0760)
2018-12-19 21:31:41 +01:00
Ondřej Surý
b9e16f3475 Revert "Merge branch '782-cygwin-grep-CRLF-issue-v9_12-v9_11' into 'v9_11'"
This reverts commit b644eb672b, reversing
changes made to 3b302c58e2.
2018-12-17 12:44:24 +01:00
Curtis Blackburn
5641664f91 minor fixes to dns64 and rndc CRLF fix. rpzrecurse failure will be addressed in a separate issue 2018-12-14 19:45:42 -08:00
Curtis Blackburn
d9fe816644 more CRLF fixes (dns64) 2018-12-14 19:45:38 -08:00
Curtis Blackburn
99fcbcf904 digdelv test fixed for CRLF issue 2018-12-14 19:45:37 -08:00
Curtis Blackburn
ddee74194c windows CRLF issues fixed in builtin test 2018-12-14 19:45:34 -08:00
Mark Andrews
7aecb8b1fd pass the correct object to cfg_obj_log
(cherry picked from commit 53a33f7365)
2018-12-15 09:38:42 +11:00
Mark Andrews
637e3c4c4b check that DNSKEY and other occluded data are excluded from the delegating bitmap
(cherry picked from commit 7e4b82103b)
2018-12-14 14:44:18 +11:00