From: =?utf-8?b?T25kxZllaiBTdXLDvQ==?= Date: Tue, 28 May 2024 16:13:53 +0200 Subject: Add test for not-loading many RRsets per name on a secondary This tests makes sure the zone with many RRsets per name is not loaded via XFR on the secondary server. (cherry picked from commit 4cfeed912a5e7440f04cb088a461ff47305da2e7) --- bin/tests/system/masterformat/ns1/compile.sh | 1 + bin/tests/system/masterformat/ns1/many.db.in | 22 ++++++++++++++++++++++ bin/tests/system/masterformat/ns1/named.conf.in | 9 +++++++++ bin/tests/system/masterformat/ns2/named.conf.in | 8 ++++++++ bin/tests/system/masterformat/setup.sh | 5 +++++ bin/tests/system/masterformat/tests.sh | 23 +++++++++++++++++++++++ 6 files changed, 68 insertions(+) create mode 100644 bin/tests/system/masterformat/ns1/many.db.in diff --git a/bin/tests/system/masterformat/ns1/compile.sh b/bin/tests/system/masterformat/ns1/compile.sh index 3427954..7e6931e 100755 --- a/bin/tests/system/masterformat/ns1/compile.sh +++ b/bin/tests/system/masterformat/ns1/compile.sh @@ -31,6 +31,7 @@ $CHECKZONE -D -F map -o example.db.map example-map \ example.db >/dev/null 2>&1 $CHECKZONE -D -F raw -o huge.db.raw huge huge.db >/dev/null 2>&1 $CHECKZONE -D -F raw -o uber.db.raw uber uber.db >/dev/null 2>&1 +$CHECKZONE -D -F raw -o many.db.raw many many.db >/dev/null 2>&1 $KEYGEN -q -a "$DEFAULT_ALGORITHM" -b "$DEFAULT_BITS" -f KSK signed >/dev/null 2>&1 $KEYGEN -q -a "$DEFAULT_ALGORITHM" -b "$DEFAULT_BITS" signed >/dev/null 2>&1 diff --git a/bin/tests/system/masterformat/ns1/many.db.in b/bin/tests/system/masterformat/ns1/many.db.in new file mode 100644 index 0000000..5a81863 --- /dev/null +++ b/bin/tests/system/masterformat/ns1/many.db.in @@ -0,0 +1,22 @@ +; Copyright (C) Internet Systems Consortium, Inc. ("ISC") +; +; SPDX-License-Identifier: MPL-2.0 +; +; This Source Code Form is subject to the terms of the Mozilla Public +; License, v. 2.0. If a copy of the MPL was not distributed with this +; file, you can obtain one at https://mozilla.org/MPL/2.0/. +; +; See the COPYRIGHT file distributed with this work for additional +; information regarding copyright ownership. + +$TTL 1D + +@ IN SOA ns hostmaster ( + 1 + 3600 + 1800 + 1814400 + 3 + ) + NS ns +ns A 10.53.0.1 diff --git a/bin/tests/system/masterformat/ns1/named.conf.in b/bin/tests/system/masterformat/ns1/named.conf.in index 1434ec3..6d55dfb 100644 --- a/bin/tests/system/masterformat/ns1/named.conf.in +++ b/bin/tests/system/masterformat/ns1/named.conf.in @@ -23,6 +23,7 @@ options { session-keyfile "session.key"; servfail-ttl 0; max-records-per-type 2050; + max-types-per-name 500; }; key rndc_key { @@ -85,6 +86,7 @@ zone "huge" { allow-transfer { any; }; }; + zone "uber" { type primary; file "uber.db.raw"; @@ -92,6 +94,13 @@ zone "uber" { allow-transfer { any; }; }; +zone "many" { + type primary; + file "many.db.raw"; + masterfile-format raw; + allow-transfer { any; }; +}; + zone "signed" { type primary; file "signed.db.map"; diff --git a/bin/tests/system/masterformat/ns2/named.conf.in b/bin/tests/system/masterformat/ns2/named.conf.in index df778bc..64640cd 100644 --- a/bin/tests/system/masterformat/ns2/named.conf.in +++ b/bin/tests/system/masterformat/ns2/named.conf.in @@ -22,6 +22,7 @@ options { notify no; servfail-ttl 0; max-records-per-type 2000; + max-types-per-name 200; }; zone "example" { @@ -69,3 +70,10 @@ zone "huge" { masterfile-format raw; file "huge.bk"; }; + +zone "many" { + type secondary; + primaries { 10.53.0.1; }; + masterfile-format raw; + file "many.bk"; +}; diff --git a/bin/tests/system/masterformat/setup.sh b/bin/tests/system/masterformat/setup.sh index 57b8a24..005fca9 100755 --- a/bin/tests/system/masterformat/setup.sh +++ b/bin/tests/system/masterformat/setup.sh @@ -43,4 +43,9 @@ awk 'END { for (i = 0; i < 2050; i++ ) { print "d TXT", i; } for (i = 0; i < 2100; i++ ) { print "e TXT", i; } }' >ns1/uber.db +cp ns1/many.db.in ns1/many.db +for ntype in $(seq 65280 65534); do + echo "m TYPE${ntype} \# 0" +done >>ns1/many.db +echo "m TXT bunny" >>ns1/many.db cd ns1 && $SHELL compile.sh diff --git a/bin/tests/system/masterformat/tests.sh b/bin/tests/system/masterformat/tests.sh index f88916d..e13a419 100755 --- a/bin/tests/system/masterformat/tests.sh +++ b/bin/tests/system/masterformat/tests.sh @@ -254,6 +254,29 @@ n=$((n + 1)) [ $ret -eq 0 ] || echo_i "failed" status=$((status + ret)) +echo_i "checking that many types are loaded ($n)" +for i in 0 1 2 3 4 5 6 7 8 9; do + ret=0 + $DIG +tcp TXT "m.many" @10.53.0.1 -p "${PORT}" >"dig.out.ns1.test$n" + grep "status: NOERROR" "dig.out.ns1.test$n" >/dev/null || ret=1 + [ $ret -eq 0 ] && break + sleep 1 +done +n=$((n + 1)) +[ $ret -eq 0 ] || echo_i "failed" +status=$((status + ret)) + +echo_i "checking that many types are not transfered ($n)" +for i in 0 1 2 3 4 5 6 7 8 9; do + $DIG +tcp TXT "m.many" @10.53.0.2 -p "${PORT}" >"dig.out.ns2.test$n" + grep "status: SERVFAIL" "dig.out.ns2.test$n" >/dev/null || ret=1 + [ $ret -eq 0 ] && break + sleep 1 +done +n=$((n + 1)) +[ $ret -eq 0 ] || echo_i "failed" +status=$((status + ret)) + echo_i "checking format transitions: text->raw->map->text ($n)" ret=0 $CHECKZONE -D -f text -F text -o baseline.txt example.nil ns1/example.db >/dev/null