1 1.1 christos #!/bin/sh 2 1.1.1.6 christos 3 1.1 christos # Copyright (C) Internet Systems Consortium, Inc. ("ISC") 4 1.1 christos # 5 1.1.1.6 christos # SPDX-License-Identifier: MPL-2.0 6 1.1.1.6 christos # 7 1.1 christos # This Source Code Form is subject to the terms of the Mozilla Public 8 1.1.1.6 christos # License, v. 2.0. If a copy of the MPL was not distributed with this 9 1.1.1.5 christos # file, you can obtain one at https://mozilla.org/MPL/2.0/. 10 1.1 christos # 11 1.1 christos # See the COPYRIGHT file distributed with this work for additional 12 1.1 christos # information regarding copyright ownership. 13 1.1 christos 14 1.1.1.3 christos set -e 15 1.1 christos 16 1.1.1.7 christos # shellcheck source=conf.sh 17 1.1.1.7 christos . ../conf.sh 18 1.1.1.7 christos 19 1.1 christos status=0 20 1.1 christos n=0 21 1.1 christos 22 1.1 christos rm -f dig.out.* 23 1.1 christos 24 1.1.1.3 christos dig_with_opts() { 25 1.1.1.7 christos "$DIG" +tcp +noadd +nosea +nostat +nocmd -p "$PORT" "$@" 26 1.1.1.3 christos } 27 1.1.1.3 christos 28 1.1.1.3 christos rndc_with_opts() { 29 1.1.1.7 christos "$RNDC" -c ../_common/rndc.conf -p "$CONTROLPORT" -s "$@" 30 1.1.1.3 christos } 31 1.1 christos 32 1.1 christos echo_i "checking DNSSEC SERVFAIL is cached ($n)" 33 1.1 christos ret=0 34 1.1.1.7 christos dig_with_opts +dnssec foo.example. a @10.53.0.5 >dig.out.ns5.test$n || ret=1 35 1.1.1.4 christos rndc_dumpdb ns5 -all 36 1.1.1.7 christos awk '/Zone/{out=0} { if (out) print } /SERVFAIL/{out=1}' ns5/named_dump.db.test$n >sfcache.$n 37 1.1.1.7 christos grep "^; foo.example/A" sfcache.$n >/dev/null || ret=1 38 1.1.1.7 christos n=$((n + 1)) 39 1.1 christos if [ $ret != 0 ]; then echo_i "failed"; fi 40 1.1.1.7 christos status=$((status + ret)) 41 1.1 christos 42 1.1 christos echo_i "checking SERVFAIL is returned from cache ($n)" 43 1.1 christos ret=0 44 1.1.1.7 christos dig_with_opts +dnssec foo.example. a @10.53.0.5 >dig.out.ns5.test$n || ret=1 45 1.1.1.7 christos grep "SERVFAIL" dig.out.ns5.test$n >/dev/null || ret=1 46 1.1.1.7 christos n=$((n + 1)) 47 1.1 christos if [ $ret != 0 ]; then echo_i "failed"; fi 48 1.1.1.7 christos status=$((status + ret)) 49 1.1 christos 50 1.1 christos echo_i "checking that +cd bypasses cache check ($n)" 51 1.1 christos ret=0 52 1.1.1.7 christos dig_with_opts +dnssec +cd foo.example. a @10.53.0.5 >dig.out.ns5.test$n || ret=1 53 1.1.1.7 christos grep "SERVFAIL" dig.out.ns5.test$n >/dev/null && ret=1 54 1.1.1.7 christos n=$((n + 1)) 55 1.1 christos if [ $ret != 0 ]; then echo_i "failed"; fi 56 1.1.1.7 christos status=$((status + ret)) 57 1.1 christos 58 1.1.1.3 christos echo_i "switching to non-dnssec SERVFAIL tests" 59 1.1.1.3 christos ret=0 60 1.1.1.3 christos rndc_with_opts 10.53.0.5 flush 2>&1 | sed 's/^/I:ns5 /' 61 1.1.1.4 christos rndc_dumpdb ns5 -all 62 1.1.1.4 christos mv ns5/named_dump.db.test$n ns5/named_dump.db.test$n.1 63 1.1.1.7 christos awk '/SERVFAIL/ { next; out=1 } /Zone/ { out=0 } { if (out) print }' ns5/named_dump.db.test$n.1 >sfcache.$n.1 64 1.1.1.4 christos [ -s "sfcache.$n.1" ] && ret=1 65 1.1 christos echo_i "checking SERVFAIL is cached ($n)" 66 1.1.1.7 christos dig_with_opts bar.example2. a @10.53.0.5 >dig.out.ns5.test$n || ret=1 67 1.1.1.4 christos rndc_dumpdb ns5 -all 68 1.1.1.4 christos mv ns5/named_dump.db.test$n ns5/named_dump.db.test$n.2 69 1.1.1.7 christos awk '/Zone/{out=0} { if (out) print } /SERVFAIL/{out=1}' ns5/named_dump.db.test$n.2 >sfcache.$n.2 70 1.1.1.7 christos grep "^; bar.example2/A" sfcache.$n.2 >/dev/null || ret=1 71 1.1.1.7 christos n=$((n + 1)) 72 1.1 christos if [ $ret != 0 ]; then echo_i "failed"; fi 73 1.1.1.7 christos status=$((status + ret)) 74 1.1 christos 75 1.1 christos echo_i "checking SERVFAIL is returned from cache ($n)" 76 1.1 christos ret=0 77 1.1.1.7 christos nextpart ns5/named.run >/dev/null 78 1.1.1.7 christos dig_with_opts bar.example2. a @10.53.0.5 >dig.out.ns5.test$n || ret=1 79 1.1.1.7 christos grep "SERVFAIL" dig.out.ns5.test$n >/dev/null || ret=1 80 1.1.1.7 christos nextpart ns5/named.run >ns5/named.run.part$n 81 1.1.1.7 christos grep 'servfail cache hit bar.example2/A (CD=0)' ns5/named.run.part$n >/dev/null || ret=1 82 1.1.1.7 christos n=$((n + 1)) 83 1.1 christos if [ $ret != 0 ]; then echo_i "failed"; fi 84 1.1.1.7 christos status=$((status + ret)) 85 1.1 christos 86 1.1 christos echo_i "checking cache is bypassed with +cd query ($n)" 87 1.1 christos ret=0 88 1.1.1.7 christos dig_with_opts +cd bar.example2. a @10.53.0.5 >dig.out.ns5.test$n || ret=1 89 1.1.1.7 christos grep "SERVFAIL" dig.out.ns5.test$n >/dev/null || ret=1 90 1.1.1.7 christos nextpart ns5/named.run >ns5/named.run.part$n 91 1.1.1.7 christos grep 'servfail cache hit' ns5/named.run.part$n >/dev/null && ret=1 92 1.1.1.7 christos n=$((n + 1)) 93 1.1 christos if [ $ret != 0 ]; then echo_i "failed"; fi 94 1.1.1.7 christos status=$((status + ret)) 95 1.1 christos 96 1.1 christos echo_i "checking cache is used for subsequent +cd query ($n)" 97 1.1 christos ret=0 98 1.1.1.7 christos dig_with_opts +dnssec bar.example2. a @10.53.0.5 >dig.out.ns5.test$n || ret=1 99 1.1.1.7 christos grep "SERVFAIL" dig.out.ns5.test$n >/dev/null || ret=1 100 1.1.1.7 christos nextpart ns5/named.run >ns5/named.run.part$n 101 1.1.1.7 christos grep 'servfail cache hit bar.example2/A (CD=1)' ns5/named.run.part$n >/dev/null || ret=1 102 1.1.1.7 christos n=$((n + 1)) 103 1.1 christos if [ $ret != 0 ]; then echo_i "failed"; fi 104 1.1.1.7 christos status=$((status + ret)) 105 1.1 christos 106 1.1 christos echo_i "exit status: $status" 107 1.1 christos [ $status -eq 0 ] || exit 1 108
Indexes created Sat Feb 28 05:31:39 UTC 2026