Merge branch 'mnowak/pytest_rewrite_glue' into 'main'

Rewrite glue system test to pytest

See merge request isc-projects/bind9!8846

bin/tests/system/dialup/tests_dialup_zone_transfer.py

@@ -20,7 +20,7 @@ import dns.message
 def test_dialup_zone_transfer(named_port, servers, ns):
     msg = dns.message.make_query("example.", "SOA")
     # Drop the RD flag from the query
-    msg.flags -= dns.flags.RD
+    msg.flags &= ~dns.flags.RD
     ns1response = isctest.query.tcp(msg, "10.53.0.1")
     with servers[f"ns{ns}"].watch_log_from_start() as watcher:
         watcher.wait_for_line(

bin/tests/system/glue/clean.sh

@@ -18,7 +18,6 @@
 rm -f */named.conf
 rm -f */named.memstats
 rm -f */named.run
-rm -f dig.out
 rm -f ns*/K*
 rm -f ns*/dsset-*
 rm -f ns*/managed-keys.bind*

bin/tests/system/glue/fi.good

@@ -1,27 +0,0 @@
-
-; <<>> DiG 9.0 <<>> +norec @10.53.0.1 -p 5300 foo.bar.fi. A
-;; global options:  printcmd
-;; Got answer:
-;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 58772
-;; flags: qr ad; QUERY: 1, ANSWER: 0, AUTHORITY: 6, ADDITIONAL: 7
-
-;; QUESTION SECTION:
-;foo.bar.fi.			IN	A
-
-;; AUTHORITY SECTION:
-fi.			172800	IN	NS	NS.EU.NET.
-fi.			172800	IN	NS	NS.TELE.fi.
-fi.			172800	IN	NS	PRIFI.EUNET.fi.
-fi.			172800	IN	NS	NS.UU.NET.
-fi.			172800	IN	NS	T.NS.VERIO.NET.
-fi.			172800	IN	NS	HYDRA.HELSINKI.fi.
-
-;; ADDITIONAL SECTION:
-NS.TELE.fi.		172800	IN	A	193.210.19.19
-NS.TELE.fi.		172800	IN	A	193.210.18.18
-PRIFI.EUNET.fi.		172800	IN	A	193.66.1.146
-NS.UU.NET.		172800	IN	A	137.39.1.3
-T.NS.VERIO.NET.		172800	IN	A	192.67.14.16
-HYDRA.HELSINKI.fi.	172800	IN	A	128.214.4.29
-NS.EU.NET.		172800	IN	A	192.16.202.11
-

bin/tests/system/glue/noglue.good

@@ -1,14 +0,0 @@
-
-; <<>> DiG 9.0 <<>> @10.53.0.1 -p 5300 example.net a
-;; global options:  printcmd
-;; Got answer:
-;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 29409
-;; flags: qr rd ad; QUERY: 1, ANSWER: 0, AUTHORITY: 2, ADDITIONAL: 0
-
-;; QUESTION SECTION:
-;example.net.			IN	A
-
-;; AUTHORITY SECTION:
-example.net.		300	IN	NS	ns2.example.
-example.net.		300	IN	NS	ns1.example.
-

bin/tests/system/glue/tests.sh

@@ -1,90 +0,0 @@
-#!/bin/sh
-
-# Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-#
-# SPDX-License-Identifier: MPL-2.0
-#
-# This Source Code Form is subject to the terms of the Mozilla Public
-# License, v. 2.0.  If a copy of the MPL was not distributed with this
-# file, you can obtain one at https://mozilla.org/MPL/2.0/.
-#
-# See the COPYRIGHT file distributed with this work for additional
-# information regarding copyright ownership.
-
-set -e
-
-. ../conf.sh
-
-dig_with_opts() {
-  "$DIG" +norec -p "${PORT}" "$@"
-}
-
-status=0
-n=0
-
-n=$((n + 1))
-echo_i "testing that a ccTLD referral gets a full glue set from the root zone ($n)"
-ret=0
-dig_with_opts @10.53.0.1 foo.bar.fi. A >dig.out.$n || ret=1
-digcomp --lc fi.good dig.out.$n || ret=1
-if [ "$ret" -ne 0 ]; then echo_i "failed"; fi
-status=$((status + ret))
-
-n=$((n + 1))
-echo_i "testing that we don't find out-of-zone glue ($n)"
-ret=0
-dig_with_opts @10.53.0.1 example.net. A >dig.out.$n || ret=1
-digcomp noglue.good dig.out.$n || ret=1
-if [ "$ret" -ne 0 ]; then echo_i "failed"; fi
-status=$((status + ret))
-
-n=$((n + 1))
-echo_i "testing truncation for unsigned referrals close to UDP packet size limit (A glue) ($n)"
-ret=0
-dig_with_opts @10.53.0.1 +ignore +noedns foo.subdomain-a.tc-test-unsigned. >dig.out.$n || ret=1
-grep -q "flags:[^;]* tc" dig.out.$n || ret=1
-if [ "$ret" -ne 0 ]; then echo_i "failed"; fi
-status=$((status + ret))
-
-n=$((n + 1))
-echo_i "testing truncation for unsigned referrals close to UDP packet size limit (AAAA glue) ($n)"
-ret=0
-dig_with_opts @10.53.0.1 +ignore +noedns foo.subdomain-aaaa.tc-test-unsigned. >dig.out.$n || ret=1
-grep -q "flags:[^;]* tc" dig.out.$n || ret=1
-if [ "$ret" -ne 0 ]; then echo_i "failed"; fi
-status=$((status + ret))
-
-n=$((n + 1))
-echo_i "testing truncation for unsigned referrals close to UDP packet size limit (A+AAAA glue) ($n)"
-ret=0
-dig_with_opts @10.53.0.1 +ignore +noedns foo.subdomain-both.tc-test-unsigned. >dig.out.$n || ret=1
-grep -q "flags:[^;]* tc" dig.out.$n || ret=1
-if [ "$ret" -ne 0 ]; then echo_i "failed"; fi
-status=$((status + ret))
-
-n=$((n + 1))
-echo_i "testing truncation for signed referrals close to UDP packet size limit (A glue) ($n)"
-ret=0
-dig_with_opts @10.53.0.1 +ignore +dnssec +bufsize=512 foo.subdomain-a.tc-test-signed. >dig.out.$n || ret=1
-grep -q "flags:[^;]* tc" dig.out.$n || ret=1
-if [ "$ret" -ne 0 ]; then echo_i "failed"; fi
-status=$((status + ret))
-
-n=$((n + 1))
-echo_i "testing truncation for signed referrals close to UDP packet size limit (AAAA glue) ($n)"
-ret=0
-dig_with_opts @10.53.0.1 +ignore +dnssec +bufsize=512 foo.subdomain-aaaa.tc-test-signed. >dig.out.$n || ret=1
-grep -q "flags:[^;]* tc" dig.out.$n || ret=1
-if [ "$ret" -ne 0 ]; then echo_i "failed"; fi
-status=$((status + ret))
-
-n=$((n + 1))
-echo_i "testing truncation for signed referrals close to UDP packet size limit (A+AAAA glue) ($n)"
-ret=0
-dig_with_opts @10.53.0.1 +ignore +dnssec +bufsize=512 foo.subdomain-both.tc-test-signed. >dig.out.$n || ret=1
-grep -q "flags:[^;]* tc" dig.out.$n || ret=1
-if [ "$ret" -ne 0 ]; then echo_i "failed"; fi
-status=$((status + ret))
-
-echo_i "exit status: $status"
-[ $status -eq 0 ] || exit 1

bin/tests/system/glue/tests_glue.py

@@ -0,0 +1,104 @@
+# Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+#
+# SPDX-License-Identifier: MPL-2.0
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0.  If a copy of the MPL was not distributed with this
+# file, you can obtain one at https://mozilla.org/MPL/2.0/.
+#
+# See the COPYRIGHT file distributed with this work for additional
+# information regarding copyright ownership.
+
+import dns.message
+
+import isctest
+
+import pytest
+
+pytest.importorskip("dns", minversion="2.0.0")
+
+
+def test_glue_full_glue_set():
+    """test that a ccTLD referral gets a full glue set from the root zone"""
+    msg = dns.message.make_query("foo.bar.fi", "A")
+    msg.flags &= ~dns.flags.RD
+    res = isctest.query.udp(msg, "10.53.0.1")
+
+    answer = """;ANSWER
+;AUTHORITY
+fi. 172800 IN NS HYDRA.HELSINKI.fi.
+fi. 172800 IN NS NS.EU.NET.
+fi. 172800 IN NS NS.UU.NET.
+fi. 172800 IN NS NS.TELE.fi.
+fi. 172800 IN NS T.NS.VERIO.NET.
+fi. 172800 IN NS PRIFI.EUNET.fi.
+;ADDITIONAL
+NS.TELE.fi. 172800 IN A 193.210.18.18
+NS.TELE.fi. 172800 IN A 193.210.19.19
+PRIFI.EUNET.fi. 172800 IN A 193.66.1.146
+HYDRA.HELSINKI.fi. 172800 IN A 128.214.4.29
+NS.EU.NET. 172800 IN A 192.16.202.11
+T.NS.VERIO.NET. 172800 IN A 192.67.14.16
+NS.UU.NET. 172800 IN A 137.39.1.3
+"""
+    expected_answer = dns.message.from_text(answer)
+
+    isctest.check.noerror(res)
+    isctest.check.rrsets_equal(res.answer, expected_answer.answer)
+    isctest.check.rrsets_equal(res.authority, expected_answer.authority)
+    isctest.check.rrsets_equal(res.additional, expected_answer.additional)
+
+
+def test_glue_no_glue_set():
+    """test that out-of-zone glue is not found"""
+    msg = dns.message.make_query("example.net.", "A")
+    msg.flags &= ~dns.flags.RD
+    res = isctest.query.udp(msg, "10.53.0.1")
+
+    answer = """;ANSWER
+;AUTHORITY
+example.net. 300 IN NS ns2.example.
+example.net. 300 IN NS ns1.example.
+;ADDITIONAL
+"""
+    expected_answer = dns.message.from_text(answer)
+
+    isctest.check.noerror(res)
+    isctest.check.rrsets_equal(res.answer, expected_answer.answer)
+    isctest.check.rrsets_equal(res.authority, expected_answer.authority)
+    isctest.check.rrsets_equal(res.additional, expected_answer.additional)
+
+
+@pytest.mark.parametrize(
+    "qname,dnssec",
+    [
+        # test truncation for unsigned referrals close to UDP packet size limit (A glue)
+        ("foo.subdomain-a.tc-test-unsigned.", False),
+        # test truncation for unsigned referrals close to UDP packet size limit (AAAA glue)
+        ("foo.subdomain-aaaa.tc-test-unsigned.", False),
+        # test truncation for unsigned referrals close to UDP packet size limit (A+AAAA glue)
+        ("foo.subdomain-both.tc-test-unsigned.", False),
+        # test truncation for signed referrals close to UDP packet size limit (A glue)
+        ("foo.subdomain-a.tc-test-signed.", True),
+        # test truncation for signed referrals close to UDP packet size limit (AAAA glue)
+        ("foo.subdomain-aaaa.tc-test-signed.", True),
+        # test truncation for signed referrals close to UDP packet size limit (A+AAAA glue)
+        ("foo.subdomain-both.tc-test-signed.", True),
+    ],
+)
+def test_glue_truncation(qname, dnssec):
+    msg = dns.message.make_query(qname, "A")
+    msg.flags &= ~dns.flags.RD
+    if dnssec:
+        msg.use_edns(
+            payload=512,
+            # Zones used in this test were created with dig in mind that, unlike dnspython,
+            # by default, sets a cookie. Given that the message size must be close to the
+            # truncation limit, we also need to set a cookie here.
+            options=[dns.edns.GenericOption(dns.edns.OptionType.COOKIE, b"0xda13cc")],
+        )
+        msg.want_dnssec(wanted=True)
+    res = isctest.query.udp(msg, "10.53.0.1")
+
+    isctest.check.noerror(res)
+    assert res.flags & dns.flags.TC

bin/tests/system/glue/tests_sh_glue.py

@@ -1,14 +0,0 @@
-# Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-#
-# SPDX-License-Identifier: MPL-2.0
-#
-# This Source Code Form is subject to the terms of the Mozilla Public
-# License, v. 2.0.  If a copy of the MPL was not distributed with this
-# file, you can obtain one at https://mozilla.org/MPL/2.0/.
-#
-# See the COPYRIGHT file distributed with this work for additional
-# information regarding copyright ownership.
-
-
-def test_glue(run_tests_sh):
-    run_tests_sh()