#!/bin/sh # Copyright (C) Internet Systems Consortium, Inc. ("ISC") # # SPDX-License-Identifier: MPL-2.0 # # This Source Code Form is subject to the terms of the Mozilla Public # License, v. 2.0. If a copy of the MPL was not distributed with this # file, you can obtain one at https://mozilla.org/MPL/2.0/. # # See the COPYRIGHT file distributed with this work for additional # information regarding copyright ownership. # WARNING: The test labelled "testing request-ixfr option in view vs zone" # is fragile because it depends upon counting instances of records # in the log file - need a better approach - until then, # if you add any tests above that point, you will break the test. set -e . ../conf.sh wait_for_serial() ( $DIG $DIGOPTS "@$1" "$2" SOA >"$4" serial=$(awk '$4 == "SOA" { print $7 }' "$4") [ "$3" -eq "${serial:--1}" ] ) status=0 n=0 DIGOPTS="+tcp +noadd +nosea +nostat +noquest +nocomm +nocmd -p ${PORT}" RNDCCMD="$RNDC -p ${CONTROLPORT} -c ../_common/rndc.conf -s" switch_responses() { RESPONSES_KEY="${1}" $DIG $DIGOPTS "@10.53.0.2" "${RESPONSES_KEY}.switch._control." TXT +time=5 +tries=1 +tcp >/dev/null 2>&1 } n=$((n + 1)) echo_i "testing initial AXFR ($n)" ret=0 switch_responses "initial_axfr" sleep 1 # Initially, ns1 is not authoritative for anything (see setup.sh). # Now that ans is up and running with the right data, we make it # a secondary for nil. cat <>ns1/named.conf zone "nil" { type secondary; file "myftp.db"; primaries { 10.53.0.2; }; max-records-per-type 5; # use a small value for fallback test }; EOF rndc_reload ns1 10.53.0.1 retry_quiet 10 wait_for_serial 10.53.0.1 nil. 1 dig.out.test$n || ret=1 $DIG $DIGOPTS @10.53.0.1 nil. TXT | grep 'initial AXFR' >/dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) n=$((n + 1)) echo_i "testing successful IXFR ($n)" ret=0 # We change the IP address of a.nil., and the TXT record at the apex. # Then we do a SOA-only update. switch_responses "successful_ixfr" sleep 1 $RNDCCMD 10.53.0.1 refresh nil | sed 's/^/ns1 /' | cat_i sleep 2 $DIG $DIGOPTS @10.53.0.1 nil. TXT | grep 'successful IXFR' >/dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) n=$((n + 1)) echo_i "testing AXFR fallback after IXFR failure (not exact error) ($n)" ret=0 # Provide a broken IXFR response and a working fallback AXFR response switch_responses "not_exact" sleep 1 $RNDCCMD 10.53.0.1 refresh nil | sed 's/^/ns1 /' | cat_i sleep 2 $DIG $DIGOPTS @10.53.0.1 nil. TXT | grep 'fallback AXFR' >/dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) n=$((n + 1)) echo_i "testing AXFR fallback after IXFR failure (too many records) ($n)" ret=0 # Provide an IXFR response that would cause a "too many records" condition switch_responses "too_many_records" sleep 1 $RNDCCMD 10.53.0.1 refresh nil | sed 's/^/ns1 /' | cat_i sleep 2 $DIG $DIGOPTS @10.53.0.1 nil. TXT | grep 'AXFR on too many records' >/dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) msg="error adding 'nil/TXT' in 'nil/IN' (zone): too many records (must not exceed 5)" wait_for_log 10 "$msg" ns1/named.run || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) n=$((n + 1)) echo_i "testing AXFR fallback after IXFR failure (bad SOA owner) ($n)" ret=0 # Prepare for checking the logs later on. nextpart ns1/named.run >/dev/null # Provide a broken IXFR response and a working fallback AXFR response. switch_responses "bad_soa_owner" $RNDCCMD 10.53.0.1 refresh nil | sed 's/^/ns1 /' | cat_i # A broken server would accept the malformed IXFR and apply its contents to the # zone. A fixed one would reject the IXFR and fall back to AXFR. Both IXFR and # AXFR above bring the nil. zone up to serial 4, but we cannot reliably query # for the SOA record to check whether the transfer was finished because a broken # server would send back SERVFAIL responses to SOA queries after accepting the # malformed IXFR. Instead, check transfer progress by querying for a TXT record # at test.nil. which is present in both IXFR and AXFR (with different contents). _wait_until_transfer_is_finished() { $DIG $DIGOPTS +tries=1 +time=1 @10.53.0.1 test.nil. TXT >dig.out.test$n.1 \ && grep -q -F "serial 4" dig.out.test$n.1 } if ! retry_quiet 10 _wait_until_transfer_is_finished; then echo_i "timed out waiting for version 4 of zone nil. to be transferred" ret=1 fi # At this point a broken server would be serving a zone with no SOA records. # Try crashing it by triggering a SOA refresh query. $RNDCCMD 10.53.0.1 refresh nil | sed 's/^/ns1 /' | cat_i # Do not wait until the zone refresh completes - even if a crash has not # happened by now, a broken server would never serve the record which is only # present in the fallback AXFR, so checking for that is enough to verify if a # server is broken or not; if it is, it is bound to crash shortly anyway. $DIG $DIGOPTS test.nil. TXT @10.53.0.1 >dig.out.test$n.2 || ret=1 grep -q -F "serial 4, fallback AXFR" dig.out.test$n.2 || ret=1 # Ensure the expected error is logged. nextpart ns1/named.run | grep -F "SOA name mismatch" >/dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) n=$((n + 1)) echo_i "testing ixfr-from-differences option ($n)" # ns3 is primary; ns4 is secondary { $CHECKZONE test. ns3/mytest.db >/dev/null 2>&1 rc=$? } || true if [ $rc -ne 0 ]; then echo_i "named-checkzone returned failure on ns3/mytest.db" fi retry_quiet 10 wait_for_serial 10.53.0.4 test. 1 dig.out.test$n || ret=1 nextpart ns4/named.run >/dev/null # modify the primary sleep 1 cp ns3/mytest1.db ns3/mytest.db $RNDCCMD 10.53.0.3 reload | sed 's/^/ns3 /' | cat_i # wait for primary to reload retry_quiet 10 wait_for_serial 10.53.0.3 test. 2 dig.out.test$n || ret=1 # wait for secondary to reload tret=0 retry_quiet 5 wait_for_serial 10.53.0.4 test. 2 dig.out.test$n || tret=1 if [ $tret -eq 1 ]; then # re-noitfy after 5 seconds, then wait another 10 $RNDCCMD 10.53.0.3 notify test | set 's/^/ns3 /' | cat_i retry_quiet 10 wait_for_serial 10.53.0.4 test. 2 dig.out.test$n || ret=1 fi wait_for_log 10 'got incremental' ns4/named.run || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) n=$((n + 1)) echo_i "testing 'request-ixfr no' option inheritance from view ($n)" ret=0 # There's a view with 2 zones. In the view, "request-ixfr yes" # but in the zone "sub.test", request-ixfr no" # we want to make sure that a change to sub.test results in AXFR, while # changes to test. result in IXFR sleep 1 cp ns3/subtest1.db ns3/subtest.db # change to sub.test zone, should be AXFR nextpart ns4/named.run >/dev/null $RNDCCMD 10.53.0.3 reload | sed 's/^/ns3 /' | cat_i # wait for primary to reload retry_quiet 10 wait_for_serial 10.53.0.3 sub.test. 3 dig.out.test$n || ret=1 # wait for secondary to reload tret=0 retry_quiet 5 wait_for_serial 10.53.0.4 sub.test. 3 dig.out.test$n || tret=1 if [ $tret -eq 1 ]; then # re-noitfy after 5 seconds, then wait another 10 $RNDCCMD 10.53.0.3 notify sub.test | set 's/^/ns3 /' | cat_i retry_quiet 10 wait_for_serial 10.53.0.4 sub.test. 3 dig.out.test$n || ret=1 fi wait_for_log 10 'got nonincremental response' ns4/named.run || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) n=$((n + 1)) echo_i "testing 'request-ixfr yes' option inheritance from view ($n)" ret=0 sleep 1 cp ns3/mytest2.db ns3/mytest.db # change to test zone, should be IXFR nextpart ns4/named.run >/dev/null $RNDCCMD 10.53.0.3 reload | sed 's/^/ns3 /' | cat_i # wait for primary to reload retry_quiet 10 wait_for_serial 10.53.0.3 test. 3 dig.out.test$n || ret=1 # wait for secondary to reload tret=0 retry_quiet 5 wait_for_serial 10.53.0.4 test. 3 dig.out.test$n || tret=1 if [ $tret -eq 1 ]; then # re-noitfy after 5 seconds, then wait another 10 $RNDCCMD 10.53.0.3 notify test | set 's/^/ns3 /' | cat_i retry_quiet 10 wait_for_serial 10.53.0.4 test. 3 dig.out.test$n || ret=1 fi wait_for_log 10 'got incremental response' ns4/named.run || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) n=$((n + 1)) ret=0 echo_i "testing DiG's handling of a multi message AXFR style IXFR response ($n)" ( (sleep 10 && kill $$) 2>/dev/null & sub=$! $DIG -p ${PORT} ixfr=0 large @10.53.0.3 >dig.out.test$n kill $sub ) lines=$(grep hostmaster.large dig.out.test$n | wc -l) test ${lines:-0} -eq 2 || ret=1 messages=$(sed -n 's/^;;.*messages \([0-9]*\),.*/\1/p' dig.out.test$n) test ${messages:-0} -gt 1 || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) n=$((n + 1)) echo_i "test 'dig +notcp ixfr=' vs 'dig ixfr= +notcp' vs 'dig ixfr=' ($n)" ret=0 # Should be "switch to TCP" response $DIG $DIGOPTS +notcp ixfr=1 test @10.53.0.4 >dig.out1.test$n || ret=1 $DIG $DIGOPTS ixfr=1 +notcp test @10.53.0.4 >dig.out2.test$n || ret=1 digcomp dig.out1.test$n dig.out2.test$n || ret=1 awk '$4 == "SOA" { soacnt++} END {if (soacnt == 1) exit(0); else exit(1);}' dig.out1.test$n || ret=1 awk '$4 == "SOA" { if ($7 == 3) exit(0); else exit(1);}' dig.out1.test$n || ret=1 # nextpart ns4/named.run >/dev/null # Should be incremental transfer. $DIG $DIGOPTS ixfr=1 test @10.53.0.4 >dig.out3.test$n || ret=1 awk '$4 == "SOA" { soacnt++} END { if (soacnt == 6) exit(0); else exit(1);}' dig.out3.test$n || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) n=$((n + 1)) echo_i "check estimated IXFR size ($n)" ret=0 # note IXFR delta size will be slightly bigger with version 1 transaction # headers as there is no correction for the overall record length storage. # Ver1 = 4 * (6 + 10 + 10 + 17 + 5 * 4) + 2 * (13 + 10 + 4) + (6 * 4) = 330 # Ver2 = 4 * (6 + 10 + 10 + 17 + 5 * 4) + 2 * (13 + 10 + 4) = 306 nextpart ns4/named.run | grep "IXFR delta size (306 bytes)" >/dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) # make sure ns5 has transfered the zone # wait for secondary to reload tret=0 retry_quiet 5 wait_for_serial 10.53.0.5 test. 4 dig.out.test$n || tret=1 if [ $tret -eq 1 ]; then # re-noitfy after 5 seconds, then wait another 10 $RNDCCMD 10.53.0.3 notify test | set 's/^/ns3 /' | cat_i retry_quiet 10 wait_for_serial 10.53.0.5 test. 3 dig.out.test$n || ret=1 fi n=$((n + 1)) echo_i "test 'provide-ixfr no;' (serial < current) ($n)" ret=0 nextpart ns5/named.run >/dev/null # Should be "AXFR style" response $DIG $DIGOPTS ixfr=1 test @10.53.0.5 >dig.out1.test$n || ret=1 # Should be "switch to TCP" response $DIG $DIGOPTS ixfr=1 +notcp test @10.53.0.5 >dig.out2.test$n || ret=1 awk '$4 == "SOA" { soacnt++} END {if (soacnt == 2) exit(0); else exit(1);}' dig.out1.test$n || ret=1 awk '$4 == "SOA" { soacnt++} END {if (soacnt == 1) exit(0); else exit(1);}' dig.out2.test$n || ret=1 msg="IXFR delta response disabled due to 'provide-ixfr no;' being set" nextpart ns5/named.run | grep "$msg" >/dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) n=$((n + 1)) echo_i "test 'provide-ixfr no;' (serial = current) ($n)" ret=0 # Should be "AXFR style" response $DIG $DIGOPTS ixfr=3 test @10.53.0.5 >dig.out1.test$n || ret=1 # Should be "switch to TCP" response $DIG $DIGOPTS ixfr=3 +notcp test @10.53.0.5 >dig.out2.test$n || ret=1 awk '$4 == "SOA" { soacnt++} END {if (soacnt == 1) exit(0); else exit(1);}' dig.out1.test$n || ret=1 awk '$4 == "SOA" { soacnt++} END {if (soacnt == 1) exit(0); else exit(1);}' dig.out2.test$n || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) n=$((n + 1)) echo_i "test 'provide-ixfr no;' (serial > current) ($n)" ret=0 # Should be "AXFR style" response $DIG $DIGOPTS ixfr=4 test @10.53.0.5 >dig.out1.test$n || ret=1 # Should be "switch to TCP" response $DIG $DIGOPTS ixfr=4 +notcp test @10.53.0.5 >dig.out2.test$n || ret=1 awk '$4 == "SOA" { soacnt++} END {if (soacnt == 1) exit(0); else exit(1);}' dig.out1.test$n || ret=1 awk '$4 == "SOA" { soacnt++} END {if (soacnt == 1) exit(0); else exit(1);}' dig.out2.test$n || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) n=$((n + 1)) echo_i "checking whether dig calculates IXFR statistics correctly ($n)" ret=0 $DIG $DIGOPTS +expire +nocookie +stat -b 10.53.0.4 @10.53.0.4 test. ixfr=2 >dig.out1.test$n get_dig_xfer_stats dig.out1.test$n >stats.dig diff ixfr-stats-with-expire.good stats.dig >/dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) # Note: in the next two tests, we use ns4 logs for checking both incoming and # outgoing transfer statistics as ns4 is both a secondary server (for ns3) and a # primary server (for dig queries from the previous test) for "test". _wait_for_stats() { get_named_xfer_stats ns4/named.run "$1" test "$2" >"$3" diff "$4" "$3" >/dev/null || return 1 return 0 } n=$((n + 1)) echo_i "checking whether named calculates incoming IXFR statistics correctly ($n)" ret=0 retry_quiet 10 _wait_for_stats 10.53.0.3 "Transfer completed" stats.incoming ixfr-stats-without-expire.good || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) n=$((n + 1)) echo_i "checking whether named calculates outgoing IXFR statistics correctly ($n)" retry_quiet 10 _wait_for_stats 10.53.0.4 "IXFR ended" stats.outgoing ixfr-stats-with-expire.good || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) n=$((n + 1)) ret=0 echo_i "testing fallback to AXFR when max-ixfr-ratio is exceeded ($n)" nextpart ns4/named.run >/dev/null sleep 1 cp ns3/mytest3.db ns3/mytest.db # change to test zone, too big for IXFR $RNDCCMD 10.53.0.3 reload | sed 's/^/ns3 /' | cat_i # wait for secondary to reload tret=0 retry_quiet 5 wait_for_serial 10.53.0.4 test. 4 dig.out.test$n || tret=1 if [ $tret -eq 1 ]; then # re-noitfy after 5 seconds, then wait another 10 $RNDCCMD 10.53.0.3 notify test | set 's/^/ns3 /' | cat_i retry_quiet 10 wait_for_serial 10.53.0.4 test. 4 dig.out.test$n || ret=1 fi wait_for_log 10 'got nonincremental response' ns4/named.run || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) echo_i "exit status: $status" [ $status -eq 0 ] || exit 1