mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-08-30 14:07:59 +00:00
Code Issues Releases Wiki Activity

Add a test for not caching large RRset

Browse Source 
Send a recursive query for a large (2500 record) RRset, which should
fail when using the default max-records-per-type setting of 100, but
succeed when the cap is disabled.
This commit is contained in:
Evan Hunt
2024-05-23 19:07:34 -07:00
committed by Nicki Křížek
parent 5d4e57b914
commit 3dc4388f4a
5 changed files with 2577 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2515
bin/tests/system/reclimit/ns1/big.db Normal file
View File

File diff suppressed because it is too large Load Diff

6
bin/tests/system/reclimit/ns1/named.conf.in
View File

@@ -22,6 +22,12 @@ options {
listen-on-v6 { none; };
recursion no;
dnssec-validation no;
max-records-per-type 0;
};
zone "." { type primary; file "root.db"; };
zone "big." {
type primary;
file "big.db";
};

3
bin/tests/system/reclimit/ns1/root.db
View File

@@ -19,3 +19,6 @@ example.net. 60 IN NS direct.example.net.
direct.example.net. 60 IN A 10.53.0.2
example.com. 60 IN NS direct.example.com.
direct.example.com. 60 IN A 10.53.0.4
big. in NS ns.big.
ns.big. 60 IN A 10.53.0.1

42
bin/tests/system/reclimit/ns3/named5.conf.in Normal file
View File

@@ -0,0 +1,42 @@
/*
* Copyright (C) Internet Systems Consortium, Inc. ("ISC")
*
* SPDX-License-Identifier: MPL-2.0
*
* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, you can obtain one at https://mozilla.org/MPL/2.0/.
*
* See the COPYRIGHT file distributed with this work for additional
* information regarding copyright ownership.
*/
options {
directory ".";
query-source address 10.53.0.3;
notify-source 10.53.0.3;
transfer-source 10.53.0.3;
port @PORT@;
pid-file "named.pid";
listen-on { 10.53.0.3; };
listen-on-v6 { none; };
servfail-ttl 0;
qname-minimization disabled;
max-recursion-depth 12;
recursion yes;
dnssec-validation yes;
max-records-per-type 0;
};
trust-anchors { };
key rndc_key {
secret "1234abcd8765";
algorithm @DEFAULT_HMAC@;
};
controls {
inet 10.53.0.3 port @CONTROLPORT@ allow { any; } keys { rndc_key; };
};
zone "." { type hint; file "hints.db"; };

12
bin/tests/system/reclimit/tests.sh
View File

@@ -222,6 +222,16 @@ eval count=$(cat dig.out.3.test$n)
if [ $ret != 0 ]; then echo_i "failed"; fi
status=$((status + ret))
#grep "duplicate query" ns3/named.run
n=$((n + 1))
echo_i "checking RRset that exceeds max-records-per-type ($n)"
ret=0
$DIG $DIGOPTS @10.53.0.3 biganswer.big >dig.out.1.test$n || ret=1
grep 'status: SERVFAIL' dig.out.1.test$n >/dev/null || ret=1
ns3_reset ns3/named5.conf.in
$DIG $DIGOPTS @10.53.0.3 biganswer.big >dig.out.2.test$n || ret=1
grep 'status: NOERROR' dig.out.2.test$n >/dev/null || ret=1
if [ $ret != 0 ]; then echo_i "failed"; fi
status=$((status + ret))
echo_i "exit status: $status"
[ $status -eq 0 ] || exit 1