xref: /netbsd-src/external/mpl/bind/dist/bin/tests/system/padding/tests.sh (revision 734a9f3d6cd20770d53d02e90be56c0051c48e5f) 
1#!/bin/sh
2
3# Copyright (C) Internet Systems Consortium, Inc. ("ISC")
4#
5# SPDX-License-Identifier: MPL-2.0
6#
7# This Source Code Form is subject to the terms of the Mozilla Public
8# License, v. 2.0.  If a copy of the MPL was not distributed with this
9# file, you can obtain one at https://mozilla.org/MPL/2.0/.
10#
11# See the COPYRIGHT file distributed with this work for additional
12# information regarding copyright ownership.
13
14set -e
15
16. ../conf.sh
17
18n=0
19status=0
20
21DIGOPTS="-p ${PORT}"
22RNDCCMD="$RNDC -c ../_common/rndc.conf -p ${CONTROLPORT} -s"
23
24getcookie() {
25  awk '$2 == "COOKIE:" {
26		print $3;
27	}' <$1
28}
29
30echo_i "checking that dig handles padding ($n)"
31ret=0
32n=$((n + 1))
33$DIG $DIGOPTS +qr +padding=128 foo.example @10.53.0.2 >dig.out.test$n || ret=1
34grep "; PAD" dig.out.test$n >/dev/null || ret=1
35grep "; QUERY SIZE: 128" dig.out.test$n >/dev/null || ret=1
36if [ $ret != 0 ]; then echo_i "failed"; fi
37status=$((status + ret))
38
39echo_i "checking that dig added padding ($n)"
40ret=0
41n=$((n + 1))
42nextpart ns2/named.stats >/dev/null
43$RNDCCMD 10.53.0.2 stats
44wait_for_log_peek 5 "--- Statistics Dump ---" ns2/named.stats || ret=1
45nextpart ns2/named.stats | grep "EDNS padding option received" >/dev/null || ret=1
46
47if [ $ret != 0 ]; then echo_i "failed"; fi
48status=$((status + ret))
49
50echo_i "checking that padding is added for TCP responses ($n)"
51ret=0
52n=$((n + 1))
53$DIG $DIGOPTS +vc +padding=128 foo.example @10.53.0.2 >dig.out.test$n || ret=1
54grep "; PAD" dig.out.test$n >/dev/null || ret=1
55grep "rcvd: 128" dig.out.test$n >/dev/null || ret=1
56if [ $ret != 0 ]; then echo_i "failed"; fi
57status=$((status + ret))
58
59echo_i "checking that padding is added to valid cookie responses ($n)"
60ret=0
61n=$((n + 1))
62$DIG $DIGOPTS +cookie foo.example @10.53.0.2 >dig.out.testc || ret=1
63cookie=$(getcookie dig.out.testc)
64$DIG $DIGOPTS +cookie=$cookie +padding=128 foo.example @10.53.0.2 >dig.out.test$n || ret=1
65grep "; PAD" dig.out.test$n >/dev/null || ret=1
66grep "rcvd: 128" dig.out.test$n >/dev/null || ret=1
67if [ $ret != 0 ]; then echo_i "failed"; fi
68status=$((status + ret))
69
70echo_i "checking that padding must be requested (TCP) ($n)"
71ret=0
72n=$((n + 1))
73$DIG $DIGOPTS +vc foo.example @10.53.0.2 >dig.out.test$n || ret=1
74grep "; PAD" dig.out.test$n >/dev/null && ret=1
75if [ $ret != 0 ]; then echo_i "failed"; fi
76status=$((status + ret))
77
78echo_i "checking that padding must be requested (valid cookie) ($n)"
79ret=0
80n=$((n + 1))
81$DIG $DIGOPTS +cookie=$cookie foo.example @10.53.0.2 >dig.out.test$n || ret=1
82grep "; PAD" dig.out.test$n >/dev/null && ret=1
83if [ $ret != 0 ]; then echo_i "failed"; fi
84status=$((status + ret))
85
86echo_i "checking that padding can be filtered out ($n)"
87ret=0
88n=$((n + 1))
89$DIG $DIGOPTS +vc +padding=128 -b 10.53.0.8 foo.example @10.53.0.2 >dig.out.test$n || ret=1
90grep "; PAD" dig.out.test$n >/dev/null && ret=1
91if [ $ret != 0 ]; then echo_i "failed"; fi
92status=$((status + ret))
93
94echo_i "checking that a TCP and padding server config enables padding ($n)"
95ret=0
96n=$((n + 1))
97nextpart ns2/named.stats >/dev/null
98$RNDCCMD 10.53.0.2 stats
99wait_for_log_peek 5 "--- Statistics Dump ---" ns2/named.stats || ret=1
100opad=$(nextpart ns2/named.stats | awk '/EDNS padding option received/ { print $1}')
101$DIG $DIGOPTS foo.example @10.53.0.3 >dig.out.test$n || ret=1
102$RNDCCMD 10.53.0.2 stats
103wait_for_log_peek 5 "--- Statistics Dump ---" ns2/named.stats || ret=1
104npad=$(nextpart ns2/named.stats | awk '/EDNS padding option received/ { print $1}')
105if [ "$opad" -eq "$npad" ]; then
106  echo_i "error: opad ($opad) == npad ($npad)"
107  ret=1
108fi
109if [ $ret != 0 ]; then echo_i "failed"; fi
110status=$((status + ret))
111
112echo_i "checking that a padding server config should enforce TCP ($n)"
113ret=0
114n=$((n + 1))
115nextpart ns2/named.stats >/dev/null
116$RNDCCMD 10.53.0.2 stats
117wait_for_log_peek 5 "--- Statistics Dump ---" ns2/named.stats || ret=1
118opad=$(nextpart ns2/named.stats | awk '/EDNS padding option received/ { print $1}')
119$DIG $DIGOPTS foo.example @10.53.0.4 >dig.out.test$n || ret=1
120$RNDCCMD 10.53.0.2 stats
121wait_for_log_peek 5 "--- Statistics Dump ---" ns2/named.stats || ret=1
122npad=$(nextpart ns2/named.stats | awk '/EDNS padding option received/ { print $1}')
123if [ "$opad" -ne "$npad" ]; then
124  echo_i "error: opad ($opad) != npad ($npad)"
125  ret=1
126fi
127if [ $ret != 0 ]; then echo_i "failed"; fi
128status=$((status + ret))
129
130echo_i "checking that zero-length padding option has no effect ($n)"
131ret=0
132n=$((n + 1))
133$DIG $DIGOPTS +qr +ednsopt=12 foo.example @10.53.0.2 >dig.out.test$n.1 || ret=1
134grep "; PAD" dig.out.test$n.1 >/dev/null || ret=1
135$DIG $DIGOPTS +qr +ednsopt=12:00 foo.example @10.53.0.2 >dig.out.test$n.2 || ret=1
136grep "; PAD" dig.out.test$n.2 >/dev/null || ret=1
137if [ $ret != 0 ]; then echo_i "failed"; fi
138status=$((status + ret))
139
140echo_i "exit status: $status"
141[ $status -eq 0 ] || exit 1
142