xref: /netbsd-src/external/mpl/bind/dist/bin/tests/system/sfcache/tests.sh (revision 2718af68c3efc72c9769069b5c7f9ed36f6b9def) 
1#!/bin/sh
2#
3# Copyright (C) Internet Systems Consortium, Inc. ("ISC")
4#
5# This Source Code Form is subject to the terms of the Mozilla Public
6# License, v. 2.0. If a copy of the MPL was not distributed with this
7# file, you can obtain one at https://mozilla.org/MPL/2.0/.
8#
9# See the COPYRIGHT file distributed with this work for additional
10# information regarding copyright ownership.
11
12# shellcheck source=conf.sh
13SYSTEMTESTTOP=..
14. "$SYSTEMTESTTOP/conf.sh"
15
16set -e
17
18status=0
19n=0
20
21rm -f dig.out.*
22
23dig_with_opts() {
24    "$DIG" +tcp +noadd +nosea +nostat +nocmd -p "$PORT" "$@"
25}
26
27rndc_with_opts() {
28    "$RNDC" -c "$SYSTEMTESTTOP/common/rndc.conf" -p "$CONTROLPORT" -s "$@"
29}
30
31echo_i "checking DNSSEC SERVFAIL is cached ($n)"
32ret=0
33dig_with_opts +dnssec foo.example. a @10.53.0.5 > dig.out.ns5.test$n || ret=1
34rndc_dumpdb ns5 -all
35awk '/Zone/{out=0} { if (out) print } /SERVFAIL/{out=1}' ns5/named_dump.db.test$n > sfcache.$n
36grep "^; foo.example/A" sfcache.$n > /dev/null || ret=1
37n=$((n+1))
38if [ $ret != 0 ]; then echo_i "failed"; fi
39status=$((status+ret))
40
41echo_i "checking SERVFAIL is returned from cache ($n)"
42ret=0
43dig_with_opts +dnssec foo.example. a @10.53.0.5 > dig.out.ns5.test$n || ret=1
44grep "SERVFAIL" dig.out.ns5.test$n > /dev/null || ret=1
45n=$((n+1))
46if [ $ret != 0 ]; then echo_i "failed"; fi
47status=$((status+ret))
48
49echo_i "checking that +cd bypasses cache check ($n)"
50ret=0
51dig_with_opts +dnssec +cd foo.example. a @10.53.0.5 > dig.out.ns5.test$n || ret=1
52grep "SERVFAIL" dig.out.ns5.test$n > /dev/null && ret=1
53n=$((n+1))
54if [ $ret != 0 ]; then echo_i "failed"; fi
55status=$((status+ret))
56
57echo_i "switching to non-dnssec SERVFAIL tests"
58ret=0
59rndc_with_opts 10.53.0.5 flush 2>&1 | sed 's/^/I:ns5 /'
60rndc_dumpdb ns5 -all
61mv ns5/named_dump.db.test$n ns5/named_dump.db.test$n.1
62awk '/SERVFAIL/ { next; out=1 } /Zone/ { out=0 } { if (out) print }' ns5/named_dump.db.test$n.1 > sfcache.$n.1
63[ -s "sfcache.$n.1" ] && ret=1
64echo_i "checking SERVFAIL is cached ($n)"
65dig_with_opts bar.example2. a @10.53.0.5 > dig.out.ns5.test$n || ret=1
66rndc_dumpdb ns5 -all
67mv ns5/named_dump.db.test$n ns5/named_dump.db.test$n.2
68awk '/Zone/{out=0} { if (out) print } /SERVFAIL/{out=1}' ns5/named_dump.db.test$n.2 > sfcache.$n.2
69grep "^; bar.example2/A" sfcache.$n.2 > /dev/null || ret=1
70n=$((n+1))
71if [ $ret != 0 ]; then echo_i "failed"; fi
72status=$((status+ret))
73
74echo_i "checking SERVFAIL is returned from cache ($n)"
75ret=0
76nextpart ns5/named.run > /dev/null
77dig_with_opts bar.example2. a @10.53.0.5 > dig.out.ns5.test$n || ret=1
78grep "SERVFAIL" dig.out.ns5.test$n > /dev/null || ret=1
79nextpart ns5/named.run > ns5/named.run.part$n
80grep 'servfail cache hit bar.example2/A (CD=0)' ns5/named.run.part$n > /dev/null || ret=1
81n=$((n+1))
82if [ $ret != 0 ]; then echo_i "failed"; fi
83status=$((status+ret))
84
85echo_i "checking cache is bypassed with +cd query ($n)"
86ret=0
87dig_with_opts +cd bar.example2. a @10.53.0.5 > dig.out.ns5.test$n || ret=1
88grep "SERVFAIL" dig.out.ns5.test$n > /dev/null || ret=1
89nextpart ns5/named.run > ns5/named.run.part$n
90grep 'servfail cache hit' ns5/named.run.part$n > /dev/null && ret=1
91n=$((n+1))
92if [ $ret != 0 ]; then echo_i "failed"; fi
93status=$((status+ret))
94
95echo_i "checking cache is used for subsequent +cd query ($n)"
96ret=0
97dig_with_opts +dnssec bar.example2. a @10.53.0.5 > dig.out.ns5.test$n || ret=1
98grep "SERVFAIL" dig.out.ns5.test$n > /dev/null || ret=1
99nextpart ns5/named.run > ns5/named.run.part$n
100grep 'servfail cache hit bar.example2/A (CD=1)' ns5/named.run.part$n > /dev/null || ret=1
101n=$((n+1))
102if [ $ret != 0 ]; then echo_i "failed"; fi
103status=$((status+ret))
104
105echo_i "exit status: $status"
106[ $status -eq 0 ] || exit 1
107