diff --git a/bin/tests/system/rpz/ckdnsrps.sh b/bin/tests/system/rpz/ckdnsrps.sh index 5e60743a92..1e2b4e4ad3 100644 --- a/bin/tests/system/rpz/ckdnsrps.sh +++ b/bin/tests/system/rpz/ckdnsrps.sh @@ -61,9 +61,11 @@ if ! $FEATURETEST --enable-dnsrps; then fi if [ -z "$TEST_DNSRPS" ]; then - add_conf "## DNSRPS testing is disabled" + add_conf "## testing with native RPZ" add_conf '#skip' exit 0 +else + add_conf "## testing with DNSRPS" fi if [ ! -x $DNSRPS_CMD ]; then diff --git a/bin/tests/system/rpz/clean.sh b/bin/tests/system/rpz/clean.sh index 44ceff4c4a..cf38807b6a 100644 --- a/bin/tests/system/rpz/clean.sh +++ b/bin/tests/system/rpz/clean.sh @@ -9,17 +9,42 @@ # Clean up after rpz tests. -rm -f proto.* dsset-* trusted.conf dig.out* nsupdate.tmp ns*/*tmp -rm -f ns*/*.key ns*/*.private ns2/tld2s.db ns2/bl.tld2.db -rm -f ns3/bl*.db ns*/*switch ns*/empty.db ns*/empty.db.jnl -rm -f ns5/requests ns5/example.db ns5/bl.db ns5/*.perf -rm -f */named.memstats */*.run */named.stats */session.key -rm -f */*.log */*.jnl */*core */*.pid +USAGE="$0: [-Px]" +DEBUG= +while getopts "Px" c; do + case $c in + x) set -x ;; + P) PARTIAL=set ;; + *) echo "$USAGE" 1>&2; exit 1;; + esac +done +shift `expr $OPTIND - 1 || true` +if test "$#" -ne 0; then + echo "$USAGE" 1>&2 + exit 1 +fi + +# this might be called from setup.sh to partially clean up the files +# from the first test pass so the second pass can be set up correctly. +# remove those files first, then decide whether to remove the others. +rm -f ns*/*.key ns*/*.private +rm -f ns2/tld2s.db ns2/bl.tld2.db +rm -f ns3/bl*.db ns*/empty.db +rm -f ns5/example.db ns5/bl.db rm -f */policy2.db -rm -f ns*/named.lock -rm -f ns*/named.conf -rm -f dnsrps*.conf -rm -f dnsrpzd.conf -rm -f dnsrpzd-license-cur.conf dnsrpzd.rpzf dnsrpzd.sock dnsrpzd.pid -rm -f tmp -rm -f ns*/managed-keys.bind* +rm -f */*.jnl + +if [ ${PARTIAL:-unset} = unset ]; then + rm -f proto.* dsset-* trusted.conf dig.out* nsupdate.tmp ns*/*tmp + rm -f ns5/requests ns5/*.perf + rm -f */named.memstats */*.run */*.run.prev */named.stats */session.key + rm -f */*.log */*core */*.pid + rm -f ns*/named.lock + rm -f ns*/named.conf + rm -f ns*/*switch + rm -f dnsrps*.conf + rm -f dnsrpzd.conf + rm -f dnsrpzd-license-cur.conf dnsrpzd.rpzf dnsrpzd.sock dnsrpzd.pid + rm -f ns*/managed-keys.bind* + rm -f tmp +fi diff --git a/bin/tests/system/rpz/setup.sh b/bin/tests/system/rpz/setup.sh index a4d4063779..b873f2aaf9 100644 --- a/bin/tests/system/rpz/setup.sh +++ b/bin/tests/system/rpz/setup.sh @@ -18,14 +18,14 @@ SYSTEMTESTTOP=.. QPERF=`$SHELL qperf.sh` -USAGE="$0: [-Dx]" +USAGE="$0: [-DNx]" DEBUG= -while getopts "Dx" c; do +while getopts "DNx" c; do case $c in - x) set -x; DEBUG=-x;; - D) TEST_DNSRPS="-D";; - N) NOCLEAN=set;; - *) echo "$USAGE" 1>&2; exit 1;; + x) set -x; DEBUG=-x ;; + D) TEST_DNSRPS="-D" ;; + N) PARTIAL=-P ;; + *) echo "$USAGE" 1>&2; exit 1 ;; esac done shift `expr $OPTIND - 1 || true` @@ -34,7 +34,14 @@ if test "$#" -ne 0; then exit 1 fi -[ ${NOCLEAN:-unset} = unset ] && $SHELL clean.sh $DEBUG +if [ ${NOCLEAN:-unset} = unset ]; then + $SHELL clean.sh $PARTIAL $DEBUG +fi + +for dir in ns*; do + touch $dir/named.run + nextpart $dir/named.run > /dev/null +done copy_setports ns1/named.conf.in ns1/named.conf copy_setports ns2/named.conf.in ns2/named.conf diff --git a/bin/tests/system/rpz/tests.sh b/bin/tests/system/rpz/tests.sh index a55b1bb1fe..5d5bb1d867 100644 --- a/bin/tests/system/rpz/tests.sh +++ b/bin/tests/system/rpz/tests.sh @@ -33,15 +33,13 @@ t=0 DEBUG= SAVE_RESULTS= -DNSRPS_TEST_MODE= # "" to test with and then without DNSRPS ARGS= -USAGE="$0: [-xS] [-D {1,2}]" -while getopts "xSD:" c; do +USAGE="$0: [-xS]" +while getopts "xS:" c; do case $c in x) set -x; DEBUG=-x; ARGS="$ARGS -x";; S) SAVE_RESULTS=-S; ARGS="$ARGS -S";; - D) DNSRPS_TEST_MODE="$OPTARG";; # with or without DNSRPZ *) echo "$USAGE" 1>&2; exit 1;; esac done @@ -130,7 +128,7 @@ get_sn_fast () { # $1=domain $2=DNS server IP address FZONES=`sed -n -e 's/^zone "\(.*\)".*\(10.53.0..\).*/Z=\1;M=\2/p' dnsrpzd.conf` dnsrps_loaded() { - test "$DNSRPS_TEST_MODE" = dnsrps || return + test "$mode" = dnsrps || return n=0 for V in $FZONES; do eval "$V" @@ -157,7 +155,7 @@ dnsrps_loaded() { ck_soa() { n=0 while true; do - if test "$DNSRPS_TEST_MODE" = dnsrps; then + if test "$mode" = dnsrps; then get_sn_fast "$2" test "$RSN" -eq "$1" && return else @@ -228,6 +226,11 @@ ckalive () { return 1 } +resetstats () { + NSDIR=$1 + eval "${NSDIR}_CNT=''" +} + ckstats () { HOST=$1 LABEL="$2" @@ -410,43 +413,46 @@ EOF sleep 2 } -# make prototype files to check against rewritten results -digcmd nonexistent @$ns2 >proto.nxdomain -digcmd txt-only.tld2 @$ns2 >proto.nodata - -case "$DNSRPS_TEST_MODE" in -''|native|dnsrps);; -*) - echo "bad test mode'${DNSRPS_TEST_MODE}' should be 'native' or 'dnsrps'" - exit 1 - ;; -esac - -for mode in ${DNSRPS_TEST_MODE:-native dnsrps} -do +for mode in native dnsrps; do status=0 case ${mode} in native) - if [ ${DNSRPS_TEST_MODE:-unset} = unset -a -e dnsrps-only ] ; then - echo_i "'dnsrps-only' found: skipping native RPZ sub-test" - continue + if [ -e dnsrps-only ] ; then + echo_i "'dnsrps-only' found: skipping native RPZ sub-test" + continue + else + echo_i "running native RPZ sub-test" fi ;; dnsrps) - if [ ${DNSRPS_TEST_MODE:-unset} = unset -a -e dnsrps-off ] ; then + if [ -e dnsrps-off ] ; then echo_i "'dnsrps-off' found: skipping DNSRPS sub-test" continue fi - if grep '^#skip' dnsrps.conf > /dev/null ; then - echo_i "DNSRPS sub-test skipped" - continue - fi + echo_i "attempting to configure servers with DNSRPS..." $PERL $SYSTEMTESTTOP/stop.pl . $SHELL ./setup.sh -N -D $DEBUG - $PERL $SYSTEMTESTTOP/start.pl --noclean --restart --port ${PORT} . + for server in ns*; do + resetstats $server + done + sed -n 's/^## //p' dnsrps.conf | cat_i + if grep '^#fail' dnsrps.conf >/dev/null; then + echo_i "exit status: 1" + exit 1 + fi + if grep '^#skip' dnsrps.conf > /dev/null; then + echo_i "DNSRPS sub-test skipped" + continue + else + echo_i "running DNSRPS sub-test" + $PERL $SYSTEMTESTTOP/start.pl --noclean --restart --port ${PORT} . + fi ;; esac - sed -n 's/^## //p' dnsrps.conf | cat_i + + # make prototype files to check against rewritten results + digcmd nonexistent @$ns2 >proto.nxdomain + digcmd txt-only.tld2 @$ns2 >proto.nodata start_group "QNAME rewrites" test1 nochange . # 1 do not crash or rewrite root @@ -742,12 +748,14 @@ EOF fi # look for complaints from lib/dns/rpz.c and bin/name/query.c - EMSGS=`egrep -l 'invalid rpz|rpz.*failed' ns*/named.run` - if test -n "$EMSGS"; then - setret "error messages in $EMSGS starting with:" - egrep 'invalid rpz|rpz.*failed' ns*/named.run | \ - sed -e '10,$d' -e 's/^//' | cat_i - fi + for runfile in ns*/named.run; do + EMSGS=`nextpart $runfile | egrep -l 'invalid rpz|rpz.*failed'` + if test -n "$EMSGS"; then + setret "error messages in $runfile starting with:" + egrep 'invalid rpz|rpz.*failed' ns*/named.run | \ + sed -e '10,$d' -e 's/^//' | cat_i + fi + done t=`expr $t + 1` echo_i "checking that ttl values are not zeroed when qtype is '*' (${t})" @@ -756,23 +764,17 @@ EOF if test ${ttl:=0} -eq 0; then setret "failed"; fi t=`expr $t + 1` - echo_i "checking rpz updates/transfers with parent nodes added after children" \ - | tr -d '\n' + echo_i "checking rpz updates/transfers with parent nodes added after children (${t})" # regression test for RT #36272: the success condition # is the slave server not crashing. for i in 1 2 3 4 5; do nsd $ns5 add example.com.policy1. '*.example.com.policy1.' - echo . | tr -d '\n' nsd $ns5 delete example.com.policy1. '*.example.com.policy1.' - echo . | tr -d '\n' done for i in 1 2 3 4 5; do nsd $ns5 add '*.example.com.policy1.' example.com.policy1. - echo . | tr -d '\n' nsd $ns5 delete '*.example.com.policy1.' example.com.policy1. - echo . | tr -d '\n' done - echo " (${t})" t=`expr $t + 1` echo_i "checking that going from an empty policy zone works (${t})" diff --git a/bin/tests/system/rpzrecurse/setup.sh b/bin/tests/system/rpzrecurse/setup.sh index 9a40fee872..36786a72de 100644 --- a/bin/tests/system/rpzrecurse/setup.sh +++ b/bin/tests/system/rpzrecurse/setup.sh @@ -16,12 +16,12 @@ set -e SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh -USAGE="$0: [-xD]" +USAGE="$0: [-DNx]" DEBUG= -while getopts "xD" c; do +while getopts "DNx" c; do case $c in x) set -x; DEBUG=-x;; - D) TEST_DNSRPS="-D";; + D) TEST_DNSRPS="-D";; N) NOCLEAN=set;; *) echo "$USAGE" 1>&2; exit 1;; esac @@ -31,7 +31,6 @@ if test "$#" -ne 0; then echo "$USAGE" 1>&2 exit 1 fi -OPTIND=1 [ ${NOCLEAN:-unset} = unset ] && $SHELL clean.sh $DEBUG diff --git a/bin/tests/system/rpzrecurse/tests.sh b/bin/tests/system/rpzrecurse/tests.sh index 923f6f4182..38dead46e2 100644 --- a/bin/tests/system/rpzrecurse/tests.sh +++ b/bin/tests/system/rpzrecurse/tests.sh @@ -20,14 +20,13 @@ status=0 t=0 DEBUG= -DNSRPS_TEST_MODE= # "" to test with and then without DNSRPS ARGS= -USAGE="$0: [-xS] [-D {1,2}]" -while getopts "xSD:" c; do +USAGE="$0: [-xS]" +while getopts "xS:" c; do case $c in x) set -x; DEBUG=-x; ARGS="$ARGS -x";; - D) DNSRPS_TEST_MODE="$OPTARG";; # with or without DNSRPS + S) SAVE_RESULTS=-S; ARGS="$ARGS -S";; *) echo "$USAGE" 1>&2; exit 1;; esac done @@ -39,7 +38,6 @@ fi # really quit on control-C trap 'exit 1' 1 2 15 - DNSRPSCMD=../rpz/dnsrps RNDCCMD="$RNDC -c $SYSTEMTESTTOP/common/rndc.conf -p ${CONTROLPORT} -s" @@ -107,43 +105,42 @@ add_test_marker() { done } -case "$DNSRPS_TEST_MODE" in -''|native|dnsrps);; -*) - echo "bad test mode'${DNSRPS_TEST_MODE}' should be 'native' or 'dnsrps'" - exit 1 - ;; -esac - -for mode in ${DNSRPS_TEST_MODE:-native dnsrps} -do +for mode in native dnsrps; do status=0 case $mode in native) - if [ ${DNSRPS_TEST_MODE:-unset} = unset -a -e dnsrps-only ] ; then - echo_i "'dnsrps-only' found: skipping native RPZ sub-test" - continue + if [ -e dnsrps-only ] ; then + echo_i "'dnsrps-only' found: skipping native RPZ sub-test" + continue + else + echo_i "running native RPZ sub-test" fi ;; dnsrps) - if [ ${DNSRPS_TEST_MODE:-unset} = unset -a -e dnsrps-off ] ; then + if [ -e dnsrps-off ] ; then echo_i "'dnsrps-off' found: skipping DNSRPS sub-test" continue fi - if grep '^#skip' dnsrps.conf > /dev/null ; then + echo_i "attempting to configure servers with DNSRPS..." + $PERL $SYSTEMTESTTOP/stop.pl . + $SHELL ./setup.sh -N -D $DEBUG + sed -n 's/^## //p' dnsrps.conf | cat_i + if grep '^#fail' dnsrps.conf >/dev/null; then + echo_i "exit status: 1" + exit 1 + fi + if grep '^#skip' dnsrps.conf > /dev/null; then echo_i "DNSRPS sub-test skipped" continue + else + echo_i "running DNSRPS sub-test" + $PERL $SYSTEMTESTTOP/start.pl --noclean --restart --port ${PORT} . fi - $SHELL ./setup.sh -N -D $DEBUG - $RNDCCMD 10.53.0.2 reload - $RNDCCMD 10.53.0.3 reload - $RNDCCMD 10.53.0.2 flush - $RNDCCMD 10.53.0.3 flush ;; esac # show whether and why DNSRPS is enabled or disabled - sed -n 's/^## /I:/p' dnsrps.conf + sed -n 's/^## //p' dnsrps.conf | cat_i t=`expr $t + 1` echo_i "testing that l1.l0 exists without RPZ (${t})" @@ -261,7 +258,7 @@ do echo_i "adding an NSDNAME policy" cp ns2/db.6a.00.policy.local ns2/saved.policy.local cp ns2/db.6b.00.policy.local ns2/db.6a.00.policy.local - $RNDC -c ../common/rndc.conf -s 10.53.0.2 -p ${CONTROLPORT} reload 6a.00.policy.local 2>&1 | sed 's/^/I:ns2 /' + $RNDC -c ../common/rndc.conf -s 10.53.0.2 -p ${CONTROLPORT} reload 6a.00.policy.local 2>&1 | sed 's/^/I:ns2 /' | cat_i test -f dnsrpzd.pid && $KILL -USR1 `cat dnsrpzd.pid` sleep 1 t=`expr $t + 1` @@ -271,7 +268,7 @@ do sleep 1 echo_i "removing the NSDNAME policy" cp ns2/db.6c.00.policy.local ns2/db.6a.00.policy.local - $RNDC -c ../common/rndc.conf -s 10.53.0.2 -p ${CONTROLPORT} reload 6a.00.policy.local 2>&1 | sed 's/^/I:ns2 /' + $RNDC -c ../common/rndc.conf -s 10.53.0.2 -p ${CONTROLPORT} reload 6a.00.policy.local 2>&1 | sed 's/^/I:ns2 /' | cat_i test -f dnsrpzd.pid && $KILL -USR1 `cat dnsrpzd.pid` sleep 1 echo_i "resuming authority server" @@ -313,7 +310,7 @@ do fi echo_i "adding an NSDNAME policy" cp ns2/db.6b.00.policy.local ns2/db.6a.00.policy.local - $RNDC -c ../common/rndc.conf -s 10.53.0.2 -p ${CONTROLPORT} reload 6a.00.policy.local 2>&1 | sed 's/^/I:ns2 /' + $RNDC -c ../common/rndc.conf -s 10.53.0.2 -p ${CONTROLPORT} reload 6a.00.policy.local 2>&1 | sed 's/^/I:ns2 /' | cat_i test -f dnsrpzd.pid && $KILL -USR1 `cat dnsrpzd.pid` sleep 1 t=`expr $t + 1` @@ -323,7 +320,7 @@ do sleep 1 echo_i "removing the policy zone" cp ns2/named.default.conf ns2/named.conf - $RNDC -c ../common/rndc.conf -s 10.53.0.2 -p ${CONTROLPORT} reconfig 2>&1 | sed 's/^/I:ns2 /' + $RNDC -c ../common/rndc.conf -s 10.53.0.2 -p ${CONTROLPORT} reconfig 2>&1 | sed 's/^/I:ns2 /' | cat_i test -f dnsrpzd.pid && $KILL -USR1 `cat dnsrpzd.pid` sleep 1 echo_i "resuming authority server"