summaryrefslogtreecommitdiffstats
path: root/bin/tests/system/xfer
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--bin/tests/system/xfer/ans5/badkeydata10
-rw-r--r--bin/tests/system/xfer/ans5/badmessageid10
-rw-r--r--bin/tests/system/xfer/ans5/goodaxfr10
-rw-r--r--bin/tests/system/xfer/ans5/partial11
-rw-r--r--bin/tests/system/xfer/ans5/soamismatch10
-rw-r--r--bin/tests/system/xfer/ans5/unknownkey11
-rw-r--r--bin/tests/system/xfer/ans5/unsigned11
-rw-r--r--bin/tests/system/xfer/ans5/wrongkey11
-rw-r--r--bin/tests/system/xfer/axfr-stats.good3
-rw-r--r--bin/tests/system/xfer/clean.sh39
-rw-r--r--bin/tests/system/xfer/dig1.good178
-rw-r--r--bin/tests/system/xfer/dig2.good178
-rw-r--r--bin/tests/system/xfer/knowngood.mapped26
-rw-r--r--bin/tests/system/xfer/ns1/axfr-too-big.db15
-rw-r--r--bin/tests/system/xfer/ns1/ixfr-too-big.db.in18
-rw-r--r--bin/tests/system/xfer/ns1/named.conf.in61
-rw-r--r--bin/tests/system/xfer/ns1/root.db27
-rw-r--r--bin/tests/system/xfer/ns1/xfer-stats.db15
-rw-r--r--bin/tests/system/xfer/ns2/mapped.db.in28
-rw-r--r--bin/tests/system/xfer/ns2/named.conf.in74
-rw-r--r--bin/tests/system/xfer/ns2/sec.db.in19
-rw-r--r--bin/tests/system/xfer/ns3/named.conf.in79
-rw-r--r--bin/tests/system/xfer/ns4/named.conf.base49
-rw-r--r--bin/tests/system/xfer/ns4/root.db.in14
-rw-r--r--bin/tests/system/xfer/ns6/named.conf.in69
-rw-r--r--bin/tests/system/xfer/ns7/named.conf.in54
-rw-r--r--bin/tests/system/xfer/ns8/example.db24
-rw-r--r--bin/tests/system/xfer/ns8/named.conf.in46
-rw-r--r--bin/tests/system/xfer/prereq.sh35
-rw-r--r--bin/tests/system/xfer/setup.sh44
-rwxr-xr-xbin/tests/system/xfer/tests.sh547
-rw-r--r--bin/tests/system/xferquota/clean.sh26
-rw-r--r--bin/tests/system/xferquota/ns1/changing1.db27
-rw-r--r--bin/tests/system/xferquota/ns1/changing2.db27
-rw-r--r--bin/tests/system/xferquota/ns1/named.conf.in45
-rw-r--r--bin/tests/system/xferquota/ns1/root.db29
-rw-r--r--bin/tests/system/xferquota/ns2/example.db146
-rw-r--r--bin/tests/system/xferquota/ns2/named.conf.in40
-rw-r--r--bin/tests/system/xferquota/setup.pl40
-rw-r--r--bin/tests/system/xferquota/setup.sh26
-rwxr-xr-xbin/tests/system/xferquota/tests.sh64
41 files changed, 2196 insertions, 0 deletions
diff --git a/bin/tests/system/xfer/ans5/badkeydata b/bin/tests/system/xfer/ans5/badkeydata
new file mode 100644
index 0000000..8dc80fb
--- /dev/null
+++ b/bin/tests/system/xfer/ans5/badkeydata
@@ -0,0 +1,10 @@
+/SOA tsig_key LSAnCU+Z/
+nil. 300 SOA ns.nil. root.nil. 3 300 300 604800 300
+/AXFR tsig_key abcd1234ffff/
+nil. 300 SOA ns.nil. root.nil. 3 300 300 604800 300
+/AXFR tsig_key abcd1234ffff/
+nil. 300 NS ns.nil.
+nil. 300 TXT "bad keydata AXFR"
+a.nil. 60 A 10.0.0.61
+/AXFR tsig_key abcd1234ffff/
+nil. 300 SOA ns.nil. root.nil. 3 300 300 604800 300
diff --git a/bin/tests/system/xfer/ans5/badmessageid b/bin/tests/system/xfer/ans5/badmessageid
new file mode 100644
index 0000000..e0dc041
--- /dev/null
+++ b/bin/tests/system/xfer/ans5/badmessageid
@@ -0,0 +1,10 @@
+/SOA tsig_key LSAnCU+Z/
+nil. 300 SOA ns.nil. root.nil. 1 300 300 604800 300
+/AXFR tsig_key LSAnCU+Z/
+nil. 300 SOA ns.nil. root.nil. 1 300 300 604800 300
+/AXFR bad-id tsig_key LSAnCU+Z/
+nil. 300 NS ns.nil.
+nil. 300 TXT "bad message id"
+a.nil. 60 A 10.0.0.61
+/AXFR bad-id tsig_key LSAnCU+Z/
+nil. 300 SOA ns.nil. root.nil. 1 300 300 604800 300
diff --git a/bin/tests/system/xfer/ans5/goodaxfr b/bin/tests/system/xfer/ans5/goodaxfr
new file mode 100644
index 0000000..e5ccd43
--- /dev/null
+++ b/bin/tests/system/xfer/ans5/goodaxfr
@@ -0,0 +1,10 @@
+/SOA tsig_key LSAnCU+Z/
+nil. 300 SOA ns.nil. root.nil. 1 300 300 604800 300
+/AXFR tsig_key LSAnCU+Z/
+nil. 300 SOA ns.nil. root.nil. 1 300 300 604800 300
+/AXFR tsig_key LSAnCU+Z/
+nil. 300 NS ns.nil.
+nil. 300 TXT "initial AXFR"
+a.nil. 60 A 10.0.0.61
+/AXFR tsig_key LSAnCU+Z/
+nil. 300 SOA ns.nil. root.nil. 1 300 300 604800 300
diff --git a/bin/tests/system/xfer/ans5/partial b/bin/tests/system/xfer/ans5/partial
new file mode 100644
index 0000000..e7eff8e
--- /dev/null
+++ b/bin/tests/system/xfer/ans5/partial
@@ -0,0 +1,11 @@
+/SOA tsig_key LSAnCU+Z/
+nil. 300 SOA ns.nil. root.nil. 4 300 300 604800 300
+/AXFR tsig_key LSAnCU+Z/
+nil. 300 SOA ns.nil. root.nil. 4 300 300 604800 300
+/AXFR/
+nil. 300 NS ns.nil.
+nil. 300 TXT "partially signed AXFR"
+a.nil. 60 A 10.0.0.61
+b.nil. 60 A 10.0.0.62
+/AXFR/
+nil. 300 SOA ns.nil. root.nil. 4 300 300 604800 300
diff --git a/bin/tests/system/xfer/ans5/soamismatch b/bin/tests/system/xfer/ans5/soamismatch
new file mode 100644
index 0000000..14cfa41
--- /dev/null
+++ b/bin/tests/system/xfer/ans5/soamismatch
@@ -0,0 +1,10 @@
+/SOA tsig_key LSAnCU+Z/
+nil. 300 SOA ns.nil. root.nil. 1 300 300 604800 300
+/AXFR tsig_key LSAnCU+Z/
+nil. 300 SOA ns.nil. root.nil. 1 300 300 604800 300
+/AXFR tsig_key LSAnCU+Z/
+nil. 300 NS ns.nil.
+nil. 300 TXT "SOA mismatch AXFR"
+a.nil. 60 A 10.0.0.61
+/AXFR tsig_key LSAnCU+Z/
+nil. 300 SOA whatever. other. 1 300 300 604800 300
diff --git a/bin/tests/system/xfer/ans5/unknownkey b/bin/tests/system/xfer/ans5/unknownkey
new file mode 100644
index 0000000..da7889b
--- /dev/null
+++ b/bin/tests/system/xfer/ans5/unknownkey
@@ -0,0 +1,11 @@
+/SOA bad_key LSAnCU+Z/
+nil. 300 SOA ns.nil. root.nil. 5 300 300 604800 300
+/AXFR bad_key LSAnCU+Z/
+nil. 300 SOA ns.nil. root.nil. 5 300 300 604800 300
+/AXFR bad_key LSAnCU+Z/
+nil. 300 NS ns.nil.
+nil. 300 TXT "unknown key AXFR"
+a.nil. 60 A 10.0.0.61
+b.nil. 60 A 10.0.0.62
+/AXFR bad_key LSAnCU+Z/
+nil. 300 SOA ns.nil. root.nil. 5 300 300 604800 300
diff --git a/bin/tests/system/xfer/ans5/unsigned b/bin/tests/system/xfer/ans5/unsigned
new file mode 100644
index 0000000..3fe04db
--- /dev/null
+++ b/bin/tests/system/xfer/ans5/unsigned
@@ -0,0 +1,11 @@
+/SOA tsig_key LSAnCU+Z/
+nil. 300 SOA ns.nil. root.nil. 2 300 300 604800 300
+/AXFR/
+nil. 300 SOA ns.nil. root.nil. 2 300 300 604800 300
+/AXFR/
+nil. 300 NS ns.nil.
+nil. 300 TXT "unsigned AXFR"
+a.nil. 60 A 10.0.0.61
+b.nil. 60 A 10.0.0.62
+/AXFR/
+nil. 300 SOA ns.nil. root.nil. 2 300 300 604800 300
diff --git a/bin/tests/system/xfer/ans5/wrongkey b/bin/tests/system/xfer/ans5/wrongkey
new file mode 100644
index 0000000..af120b0
--- /dev/null
+++ b/bin/tests/system/xfer/ans5/wrongkey
@@ -0,0 +1,11 @@
+/SOA unused_key LSAnCU+Z/
+nil. 300 SOA ns.nil. root.nil. 6 300 300 604800 300
+/AXFR unused_key LSAnCU+Z/
+nil. 300 SOA ns.nil. root.nil. 6 300 300 604800 300
+/AXFR unused_key LSAnCU+Z/
+nil. 300 NS ns.nil.
+nil. 300 TXT "incorrect key AXFR"
+a.nil. 60 A 10.0.0.61
+b.nil. 60 A 10.0.0.62
+/AXFR unused_key LSAnCU+Z/
+nil. 300 SOA ns.nil. root.nil. 6 300 300 604800 300
diff --git a/bin/tests/system/xfer/axfr-stats.good b/bin/tests/system/xfer/axfr-stats.good
new file mode 100644
index 0000000..264af09
--- /dev/null
+++ b/bin/tests/system/xfer/axfr-stats.good
@@ -0,0 +1,3 @@
+messages=16
+records=10003
+bytes=218227
diff --git a/bin/tests/system/xfer/clean.sh b/bin/tests/system/xfer/clean.sh
new file mode 100644
index 0000000..2851553
--- /dev/null
+++ b/bin/tests/system/xfer/clean.sh
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+# Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+#
+# SPDX-License-Identifier: MPL-2.0
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, you can obtain one at https://mozilla.org/MPL/2.0/.
+#
+# See the COPYRIGHT file distributed with this work for additional
+# information regarding copyright ownership.
+
+#
+# Clean up after zone transfer tests.
+#
+
+rm -f */ans.run
+rm -f */named.conf
+rm -f */named.memstats
+rm -f */named.run
+rm -f */named.run.prev
+rm -f axfr.out
+rm -f dig.out.*
+rm -f ns*/managed-keys.bind*
+rm -f ns*/named.lock
+rm -f ns1/edns-expire.db
+rm -f ns1/ixfr-too-big.db ns1/ixfr-too-big.db.jnl
+rm -f ns1/sec.db ns2/sec.db
+rm -f ns2/example.db ns2/tsigzone.db ns2/example.db.jnl
+rm -f ns2/mapped.db
+rm -f ns3/example.bk ns3/xfer-stats.bk ns3/tsigzone.bk ns3/example.bk.jnl
+rm -f ns3/mapped.bk
+rm -f ns3/primary.bk ns3/primary.bk.jnl
+rm -f ns4/*.db ns4/*.jnl
+rm -f ns6/*.db ns6/*.bk ns6/*.jnl
+rm -f ns7/*.db ns7/*.bk ns7/*.jnl
+rm -f ns8/large.db ns8/small.db
+rm -f stats.*
diff --git a/bin/tests/system/xfer/dig1.good b/bin/tests/system/xfer/dig1.good
new file mode 100644
index 0000000..9fa5437
--- /dev/null
+++ b/bin/tests/system/xfer/dig1.good
@@ -0,0 +1,178 @@
+example. 86400 IN SOA ns2.example. hostmaster.example. 1397051952 5 5 1814400 3600
+example. 3600 IN NS ns2.example.
+example. 3600 IN NS ns3.example.
+a01.example. 3600 IN A 0.0.0.0
+a02.example. 3600 IN A 255.255.255.255
+a601.example. 3600 IN A6 0 ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff
+a601.example. 3600 IN A6 64 ::ffff:ffff:ffff:ffff foo.
+a601.example. 3600 IN A6 127 ::1 foo.
+a601.example. 3600 IN A6 128 .
+aaaa01.example. 3600 IN AAAA ::1
+aaaa02.example. 3600 IN AAAA fd92:7065:b8e:ffff::5
+afsdb01.example. 3600 IN AFSDB 0 hostname.example.
+afsdb02.example. 3600 IN AFSDB 65535 .
+amtrelay01.example. 3600 IN AMTRELAY 0 0 0
+amtrelay02.example. 3600 IN AMTRELAY 0 1 0
+amtrelay03.example. 3600 IN AMTRELAY 0 0 1 0.0.0.0
+amtrelay04.example. 3600 IN AMTRELAY 0 0 2 ::
+amtrelay05.example. 3600 IN AMTRELAY 0 0 3 example.net.
+amtrelay06.example. 3600 IN AMTRELAY \# 2 0004
+apl01.example. 3600 IN APL !1:10.0.0.1/32 1:10.0.0.0/24
+apl02.example. 3600 IN APL
+atma01.example. 3600 IN ATMA +61200000000
+atma02.example. 3600 IN ATMA +61200000000
+atma03.example. 3600 IN ATMA 1234567890abcdef
+atma04.example. 3600 IN ATMA fedcba0987654321
+avc.example. 3600 IN AVC "foo:bar"
+caa01.example. 3600 IN CAA 0 issue "ca.example.net; policy=ev"
+caa02.example. 3600 IN CAA 128 tbs "Unknown"
+caa03.example. 3600 IN CAA 128 tbs ""
+cdnskey01.example. 3600 IN CDNSKEY 512 255 1 AQMFD5raczCJHViKtLYhWGz8hMY9UGRuniJDBzC7w0aRyzWZriO6i2od GWWQVucZqKVsENW91IOW4vqudngPZsY3GvQ/xVA8/7pyFj6b7Esga60z yGW6LFe9r8n6paHrlG5ojqf0BaqHT+8=
+cds01.example. 3600 IN CDS 30795 1 1 310D27F4D82C1FC2400704EA9939FE6E1CEAA3B9
+cert01.example. 3600 IN CERT 65534 65535 PRIVATEOID MxFcby9k/yvedMfQgKzhH5er0Mu/vILz45IkskceFGgiWCn/GxHhai6V AuHAoNUz4YoU1tVfSCSqQYn6//11U6Nld80jEeC8aTrO+KKmCaY=
+cname01.example. 3600 IN CNAME cname-target.
+cname02.example. 3600 IN CNAME cname-target.example.
+cname03.example. 3600 IN CNAME .
+csync01.example. 3600 IN CSYNC 0 0 A NS AAAA
+csync02.example. 3600 IN CSYNC 0 0
+dhcid01.example. 3600 IN DHCID AAIBY2/AuCccgoJbsaxcQc9TUapptP69lOjxfNuVAA2kjEA=
+dhcid02.example. 3600 IN DHCID AAEBOSD+XR3Os/0LozeXVqcNc7FwCfQdWL3b/NaiUDlW2No=
+dhcid03.example. 3600 IN DHCID AAABxLmlskllE0MVjd57zHcWmEH3pCQ6VytcKD//7es/deY=
+dlv.example. 3600 IN DLV 30795 1 1 310D27F4D82C1FC2400704EA9939FE6E1CEAA3B9
+dname01.example. 3600 IN DNAME dname-target.
+dname02.example. 3600 IN DNAME dname-target.example.
+dname03.example. 3600 IN DNAME .
+doa01.example. 3600 IN DOA 1234567890 1234567890 1 "image/gif" R0lGODlhKAAZAOMCAGZmZgBmmf///zOZzMz//5nM/zNmmWbM/5nMzMzMzACZ/////////////////////yH5BAEKAA8ALAAAAAAoABkAAATH8IFJK5U2a4337F5ogRkpnoCJrly7PrCKyh8c3HgAhzT35MDbbtO7/IJIHbGiOiaTxVTpSVWWLqNq1UVyapNS1wd3OAxug0LhnCubcVhsxysQnOt4ATpvvzHlFzl1AwODhWeFAgRpen5/UhheAYMFdUB4SFcpGEGGdQeCAqBBLTuSk30EeXd9pEsAbKGxjHqDSE0Sp6ixN4N1BJmbc7lIhmsBich1awPAjkY1SZR8bJWrz382SGqIBQQFQd4IsUTaX+ceuudPEQA7
+doa02.example. 3600 IN DOA 0 1 2 "" aHR0cHM6Ly93d3cuaXNjLm9yZy8=
+ds01.example. 3600 IN NS ns42.example.
+ds01.example. 3600 IN DS 12892 5 2 26584835CA80C81C91999F31CFAF2A0E89D4FF1C8FAFD0DDB31A85C7 19277C13
+ds02.example. 3600 IN NS ns43.example.
+ds02.example. 3600 IN DS 12892 5 1 7AA4A3F416C2F2391FB7AB0D434F762CD62D1390
+eid01.example. 3600 IN EID 1289AB
+eui48.example. 3600 IN EUI48 01-23-45-67-89-ab
+eui64.example. 3600 IN EUI64 01-23-45-67-89-ab-cd-ef
+gid01.example. 3600 IN GID \# 1 03
+unspec01.example. 3600 IN UNSPEC \# 1 04
+gpos01.example. 3600 IN GPOS "-22.6882" "116.8652" "250.0"
+gpos02.example. 3600 IN GPOS "" "" ""
+hinfo01.example. 3600 IN HINFO "Generic PC clone" "NetBSD-1.4"
+hinfo02.example. 3600 IN HINFO "PC" "NetBSD"
+hip1.example. 3600 IN HIP 2 200100107B1A74DF365639CC39F1D578 AwEAAbdxyhNuSutc5EMzxTs9LBPCIkOFH8cIvM4p9+LrV4e19WzK00+CI6zBCQTdtWsuxKbWIy87UOoJTwkUs7lBu+Upr1gsNrut79ryra+bSRGQb1slImA8YVJyuIDsj7kwzG7jnERNqnWxZ48AWkskmdHaVDP4BcelrTI3rMXdXF5D
+hip2.example. 3600 IN HIP 2 200100107B1A74DF365639CC39F1D578 AwEAAbdxyhNuSutc5EMzxTs9LBPCIkOFH8cIvM4p9+LrV4e19WzK00+CI6zBCQTdtWsuxKbWIy87UOoJTwkUs7lBu+Upr1gsNrut79ryra+bSRGQb1slImA8YVJyuIDsj7kwzG7jnERNqnWxZ48AWkskmdHaVDP4BcelrTI3rMXdXF5D rvs.example.com.
+https0.example. 3600 IN HTTPS 0 example.net.
+https1.example. 3600 IN HTTPS 1 . port=60
+ipseckey01.example. 3600 IN IPSECKEY 10 1 2 192.0.2.38 AQNRU3mG7TVTO2BkR47usntb102uFJtugbo6BSGvgqt4AQ==
+ipseckey02.example. 3600 IN IPSECKEY 10 0 2 . AQNRU3mG7TVTO2BkR47usntb102uFJtugbo6BSGvgqt4AQ==
+ipseckey03.example. 3600 IN IPSECKEY 10 1 2 192.0.2.3 AQNRU3mG7TVTO2BkR47usntb102uFJtugbo6BSGvgqt4AQ==
+ipseckey04.example. 3600 IN IPSECKEY 10 3 2 mygateway.example.com. AQNRU3mG7TVTO2BkR47usntb102uFJtugbo6BSGvgqt4AQ==
+ipseckey05.example. 3600 IN IPSECKEY 10 2 2 2001:db8:0:8002::2000:1 AQNRU3mG7TVTO2BkR47usntb102uFJtugbo6BSGvgqt4AQ==
+isdn01.example. 3600 IN ISDN "isdn-address"
+isdn02.example. 3600 IN ISDN "isdn-address" "subaddress"
+isdn03.example. 3600 IN ISDN "isdn-address"
+isdn04.example. 3600 IN ISDN "isdn-address" "subaddress"
+dnskey01.example. 3600 IN DNSKEY 512 255 1 AQMFD5raczCJHViKtLYhWGz8hMY9UGRuniJDBzC7w0aRyzWZriO6i2od GWWQVucZqKVsENW91IOW4vqudngPZsY3GvQ/xVA8/7pyFj6b7Esga60z yGW6LFe9r8n6paHrlG5ojqf0BaqHT+8=
+keydata.example. 3600 IN TYPE65533 \# 0
+keydata.example. 3600 IN TYPE65533 \# 6 010203040506
+keydata.example. 3600 IN TYPE65533 \# 18 010203040506010203040506010203040506
+kx01.example. 3600 IN KX 10 kdc.example.
+kx02.example. 3600 IN KX 10 .
+loc01.example. 3600 IN LOC 60 9 0.000 N 24 39 0.000 E 10.00m 20m 2000m 20m
+loc02.example. 3600 IN LOC 60 9 0.000 N 24 39 0.000 E 10.00m 20m 2000m 20m
+l32.example. 3600 IN L32 10 1.2.3.4
+l64.example. 3600 IN L64 10 14:4fff:ff20:ee64
+lp.example. 3600 IN LP 10 example.net.
+nid.example. 3600 IN NID 10 14:4fff:ff20:ee64
+mb01.example. 3600 IN MG madname.example.
+mb02.example. 3600 IN MG .
+mg01.example. 3600 IN MG mgmname.example.
+mg02.example. 3600 IN MG .
+minfo01.example. 3600 IN MINFO rmailbx.example. emailbx.example.
+minfo02.example. 3600 IN MINFO . .
+mr01.example. 3600 IN MR mrname.example.
+mr02.example. 3600 IN MR .
+mx01.example. 3600 IN MX 10 mail.example.
+mx02.example. 3600 IN MX 10 .
+naptr01.example. 3600 IN NAPTR 0 0 "" "" "" .
+naptr02.example. 3600 IN NAPTR 65535 65535 "blurgh" "blorf" "blllbb" foo.
+nimloc01.example. 3600 IN NIMLOC 1289AB
+ninfo01.example. 3600 IN NINFO "foo"
+ninfo02.example. 3600 IN NINFO "foo" "bar"
+ninfo03.example. 3600 IN NINFO "foo"
+ninfo04.example. 3600 IN NINFO "foo" "bar"
+ninfo05.example. 3600 IN NINFO "foo bar"
+ninfo06.example. 3600 IN NINFO "foo bar"
+ninfo07.example. 3600 IN NINFO "foo bar"
+ninfo08.example. 3600 IN NINFO "foo\010bar"
+ninfo09.example. 3600 IN NINFO "foo\010bar"
+ninfo10.example. 3600 IN NINFO "foo bar"
+ninfo11.example. 3600 IN NINFO "\"foo\""
+ninfo12.example. 3600 IN NINFO "\"foo\""
+ninfo13.example. 3600 IN NINFO "foo;"
+ninfo14.example. 3600 IN NINFO "foo;"
+ninfo15.example. 3600 IN NINFO "bar\\;"
+ns2.example. 3600 IN A 10.53.0.2
+ns3.example. 3600 IN A 10.53.0.3
+nsap-ptr01.example. 3600 IN NSAP-PTR .
+nsap-ptr01.example. 3600 IN NSAP-PTR foo.
+nsap01.example. 3600 IN NSAP 0x47000580005a0000000001e133ffffff00016100
+nsap02.example. 3600 IN NSAP 0x47000580005a0000000001e133ffffff00016100
+nsec01.example. 3600 IN NSEC a.secure.nil. NS SOA MX LOC RRSIG NSEC DNSKEY
+nsec02.example. 3600 IN NSEC . NSAP-PTR NSEC
+nsec03.example. 3600 IN NSEC . A
+nsec04.example. 3600 IN NSEC . TYPE127
+openpgpkey.example. 3600 IN OPENPGPKEY AQMFD5raczCJHViKtLYhWGz8hMY9UGRuniJDBzC7w0aRyzWZriO6i2od GWWQVucZqKVsENW91IOW4vqudngPZsY3GvQ/xVA8/7pyFj6b7Esga60z yGW6LFe9r8n6paHrlG5ojqf0BaqHT+8=
+ptr01.example. 3600 IN PTR example.
+px01.example. 3600 IN PX 65535 foo. bar.
+px02.example. 3600 IN PX 65535 . .
+rkey01.example. 3600 IN RKEY 0 255 1 AQMFD5raczCJHViKtLYhWGz8hMY9UGRuniJDBzC7w0aRyzWZriO6i2od GWWQVucZqKVsENW91IOW4vqudngPZsY3GvQ/xVA8/7pyFj6b7Esga60z yGW6LFe9r8n6paHrlG5ojqf0BaqHT+8=
+rp01.example. 3600 IN RP mbox-dname.example. txt-dname.example.
+rp02.example. 3600 IN RP . .
+rt01.example. 3600 IN RT 0 intermediate-host.example.
+rt02.example. 3600 IN RT 65535 .
+rrsig01.example. 3600 IN RRSIG NSEC 1 3 3600 20000102030405 19961211100908 2143 foo.nil. MxFcby9k/yvedMfQgKzhH5er0Mu/vILz45IkskceFGgiWCn/GxHhai6V AuHAoNUz4YoU1tVfSCSqQYn6//11U6Nld80jEeC8aTrO+KKmCaY=
+spf01.example. 3600 IN SPF "v=spf1 -all"
+spf02.example. 3600 IN SPF "v=spf1" " -all"
+sshfp01.example. 3600 IN SSHFP 4 2 C76D8329954DA2835751E371544E963EFDA099080D6C58DD2BFD9A31 6E162C83
+sshfp02.example. 3600 IN SSHFP 1 2 BF29468C83AC58CCF8C85AB7B3BEB054ECF1E38512B8353AB36471FA 88961DCC
+sink01.example. 3600 IN SINK 1 0 0
+sink02.example. 3600 IN SINK 8 0 2 l4ik
+smimea.example. 3600 IN SMIMEA 1 1 2 92003BA34942DC74152E2F2C408D29ECA5A520E7F2E06BB944F4DCA3 46BAF63C1B177615D466F6C4B71C216A50292BD58C9EBDD2F74E38FE 51FFD48C43326CBC
+srv01.example. 3600 IN SRV 0 0 0 .
+srv02.example. 3600 IN SRV 65535 65535 65535 old-slow-box.example.
+svcb0.example. 3600 IN SVCB 0 example.net.
+svcb1.example. 3600 IN SVCB 1 . port=60
+ta.example. 3600 IN TA 30795 1 1 310D27F4D82C1FC2400704EA9939FE6E1CEAA3B9
+talink0.example. 3600 IN TALINK . talink1.example.
+talink1.example. 3600 IN TALINK talink0.example. talink2.example.
+talink2.example. 3600 IN TALINK talink2.example. .
+tlsa.example. 3600 IN TLSA 1 1 2 92003BA34942DC74152E2F2C408D29ECA5A520E7F2E06BB944F4DCA3 46BAF63C1B177615D466F6C4B71C216A50292BD58C9EBDD2F74E38FE 51FFD48C43326CBC
+txt01.example. 3600 IN TXT "foo"
+txt02.example. 3600 IN TXT "foo" "bar"
+txt03.example. 3600 IN TXT "foo"
+txt04.example. 3600 IN TXT "foo" "bar"
+txt05.example. 3600 IN TXT "foo bar"
+txt06.example. 3600 IN TXT "foo bar"
+txt07.example. 3600 IN TXT "foo bar"
+txt08.example. 3600 IN TXT "foo\010bar"
+txt09.example. 3600 IN TXT "foo\010bar"
+txt10.example. 3600 IN TXT "foo bar"
+txt11.example. 3600 IN TXT "\"foo\""
+txt12.example. 3600 IN TXT "\"foo\""
+txt13.example. 3600 IN TXT "foo;"
+txt14.example. 3600 IN TXT "foo;"
+txt15.example. 3600 IN TXT "bar\\;"
+uid01.example. 3600 IN UID \# 1 02
+uinfo01.example. 3600 IN UINFO \# 1 01
+uri01.example. 3600 IN URI 10 20 "https://www.isc.org/"
+uri02.example. 3600 IN URI 30 40 "https://www.isc.org/HolyCowThisSureIsAVeryLongURIRecordIDontEvenKnowWhatSomeoneWouldEverWantWithSuchAThingButTheSpecificationRequiresThatWesupportItSoHereWeGoTestingItLaLaLaLaLaLaLaSeriouslyThoughWhyWouldYouEvenConsiderUsingAURIThisLongItSeemsLikeASillyIdeaButEnhWhatAreYouGonnaDo/"
+uri03.example. 3600 IN URI 30 40 ""
+wks01.example. 3600 IN WKS 10.0.0.1 6 0 1 2 21 23
+wks02.example. 3600 IN WKS 10.0.0.1 17 0 1 2 53
+wks03.example. 3600 IN WKS 10.0.0.2 6 65535
+x2501.example. 3600 IN X25 "123456789"
+zonemd01.example. 3600 IN ZONEMD 2019020700 1 1 C220B8A6ED5728A971902F7E3D4FD93ADEEA88B0453C2E8E8C863D46 5AB06CF34EB95B266398C98B59124FA239CB7EEB
+zonemd02.example. 3600 IN ZONEMD 2019020700 1 2 08CFA1115C7B948C4163A901270395EA226A930CD2CBCF2FA9A5E6EB 85F37C8A4E114D884E66F176EAB121CB02DB7D652E0CC4827E7A3204 F166B47E5613FD27
+8f1tmio9avcom2k0frp92lgcumak0cad.example. 3600 IN NSEC3 1 0 10 D2CF0294C020CE6C 8FPNS2UCT7FBS643THP2B77PEQ77K6IU A NS SOA MX AAAA RRSIG DNSKEY NSEC3PARAM
+kcd3juae64f9c5csl1kif1htaui7un0g.example. 3600 IN NSEC3 1 0 10 D2CF0294C020CE6C KD5MN2M20340DGO0BL7NTSB8JP4BSC7E
+mr5ukvsk1l37btu4q7b1dfevft4hkqdk.example. 3600 IN NSEC3 1 0 10 D2CF0294C020CE6C MT38J6VG7S0SN5G17MCUF6IQIKFUAJ05 A AAAA RRSIG
+example. 86400 IN SOA ns2.example. hostmaster.example. 1397051952 5 5 1814400 3600
diff --git a/bin/tests/system/xfer/dig2.good b/bin/tests/system/xfer/dig2.good
new file mode 100644
index 0000000..2229f9c
--- /dev/null
+++ b/bin/tests/system/xfer/dig2.good
@@ -0,0 +1,178 @@
+example. 86400 IN SOA ns2.example. hostmaster.example. 1397051953 5 5 1814400 3600
+example. 3600 IN NS ns2.example.
+example. 3600 IN NS ns3.example.
+a01.example. 3600 IN A 0.0.0.1
+a02.example. 3600 IN A 255.255.255.255
+a601.example. 3600 IN A6 0 ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff
+a601.example. 3600 IN A6 64 ::ffff:ffff:ffff:ffff foo.
+a601.example. 3600 IN A6 127 ::1 foo.
+a601.example. 3600 IN A6 128 .
+aaaa01.example. 3600 IN AAAA ::1
+aaaa02.example. 3600 IN AAAA fd92:7065:b8e:ffff::5
+afsdb01.example. 3600 IN AFSDB 0 hostname.example.
+afsdb02.example. 3600 IN AFSDB 65535 .
+amtrelay01.example. 3600 IN AMTRELAY 0 0 0
+amtrelay02.example. 3600 IN AMTRELAY 0 1 0
+amtrelay03.example. 3600 IN AMTRELAY 0 0 1 0.0.0.1
+amtrelay04.example. 3600 IN AMTRELAY 0 0 2 ::
+amtrelay05.example. 3600 IN AMTRELAY 0 0 3 example.net.
+amtrelay06.example. 3600 IN AMTRELAY \# 2 0004
+apl01.example. 3600 IN APL !1:10.0.0.1/32 1:10.0.0.1/24
+apl02.example. 3600 IN APL
+atma01.example. 3600 IN ATMA +61200000000
+atma02.example. 3600 IN ATMA +61200000000
+atma03.example. 3600 IN ATMA 1234567890abcdef
+atma04.example. 3600 IN ATMA fedcba0987654321
+avc.example. 3600 IN AVC "foo:bar"
+caa01.example. 3600 IN CAA 0 issue "ca.example.net; policy=ev"
+caa02.example. 3600 IN CAA 128 tbs "Unknown"
+caa03.example. 3600 IN CAA 128 tbs ""
+cdnskey01.example. 3600 IN CDNSKEY 512 255 1 AQMFD5raczCJHViKtLYhWGz8hMY9UGRuniJDBzC7w0aRyzWZriO6i2od GWWQVucZqKVsENW91IOW4vqudngPZsY3GvQ/xVA8/7pyFj6b7Esga60z yGW6LFe9r8n6paHrlG5ojqf0BaqHT+8=
+cds01.example. 3600 IN CDS 30795 1 1 310D27F4D82C1FC2400704EA9939FE6E1CEAA3B9
+cert01.example. 3600 IN CERT 65534 65535 PRIVATEOID MxFcby9k/yvedMfQgKzhH5er0Mu/vILz45IkskceFGgiWCn/GxHhai6V AuHAoNUz4YoU1tVfSCSqQYn6//11U6Nld80jEeC8aTrO+KKmCaY=
+cname01.example. 3600 IN CNAME cname-target.
+cname02.example. 3600 IN CNAME cname-target.example.
+cname03.example. 3600 IN CNAME .
+csync01.example. 3600 IN CSYNC 0 0 A NS AAAA
+csync02.example. 3600 IN CSYNC 0 0
+dhcid01.example. 3600 IN DHCID AAIBY2/AuCccgoJbsaxcQc9TUapptP69lOjxfNuVAA2kjEA=
+dhcid02.example. 3600 IN DHCID AAEBOSD+XR3Os/0LozeXVqcNc7FwCfQdWL3b/NaiUDlW2No=
+dhcid03.example. 3600 IN DHCID AAABxLmlskllE0MVjd57zHcWmEH3pCQ6VytcKD//7es/deY=
+dlv.example. 3600 IN DLV 30795 1 1 310D27F4D82C1FC2400704EA9939FE6E1CEAA3B9
+dname01.example. 3600 IN DNAME dname-target.
+dname02.example. 3600 IN DNAME dname-target.example.
+dname03.example. 3600 IN DNAME .
+doa01.example. 3600 IN DOA 1234567890 1234567890 1 "image/gif" R0lGODlhKAAZAOMCAGZmZgBmmf///zOZzMz//5nM/zNmmWbM/5nMzMzMzACZ/////////////////////yH5BAEKAA8ALAAAAAAoABkAAATH8IFJK5U2a4337F5ogRkpnoCJrly7PrCKyh8c3HgAhzT35MDbbtO7/IJIHbGiOiaTxVTpSVWWLqNq1UVyapNS1wd3OAxug0LhnCubcVhsxysQnOt4ATpvvzHlFzl1AwODhWeFAgRpen5/UhheAYMFdUB4SFcpGEGGdQeCAqBBLTuSk30EeXd9pEsAbKGxjHqDSE0Sp6ixN4N1BJmbc7lIhmsBich1awPAjkY1SZR8bJWrz382SGqIBQQFQd4IsUTaX+ceuudPEQA7
+doa02.example. 3600 IN DOA 0 1 2 "" aHR0cHM6Ly93d3cuaXNjLm9yZy8=
+ds01.example. 3600 IN NS ns42.example.
+ds01.example. 3600 IN DS 12892 5 2 26584835CA80C81C91999F31CFAF2A0E89D4FF1C8FAFD0DDB31A85C7 19277C13
+ds02.example. 3600 IN NS ns43.example.
+ds02.example. 3600 IN DS 12892 5 1 7AA4A3F416C2F2391FB7AB0D434F762CD62D1390
+eid01.example. 3600 IN EID 1289AB
+eui48.example. 3600 IN EUI48 01-23-45-67-89-ab
+eui64.example. 3600 IN EUI64 01-23-45-67-89-ab-cd-ef
+gid01.example. 3600 IN GID \# 1 03
+unspec01.example. 3600 IN UNSPEC \# 1 04
+gpos01.example. 3600 IN GPOS "-22.6882" "116.8652" "250.0"
+gpos02.example. 3600 IN GPOS "" "" ""
+hinfo01.example. 3600 IN HINFO "Generic PC clone" "NetBSD-1.4"
+hinfo02.example. 3600 IN HINFO "PC" "NetBSD"
+ipseckey01.example. 3600 IN IPSECKEY 10 1 2 192.0.2.38 AQNRU3mG7TVTO2BkR47usntb102uFJtugbo6BSGvgqt4AQ==
+ipseckey02.example. 3600 IN IPSECKEY 10 0 2 . AQNRU3mG7TVTO2BkR47usntb102uFJtugbo6BSGvgqt4AQ==
+ipseckey03.example. 3600 IN IPSECKEY 10 1 2 192.0.2.3 AQNRU3mG7TVTO2BkR47usntb102uFJtugbo6BSGvgqt4AQ==
+ipseckey04.example. 3600 IN IPSECKEY 10 3 2 mygateway.example.com. AQNRU3mG7TVTO2BkR47usntb102uFJtugbo6BSGvgqt4AQ==
+ipseckey05.example. 3600 IN IPSECKEY 10 2 2 2001:db8:0:8002::2000:1 AQNRU3mG7TVTO2BkR47usntb102uFJtugbo6BSGvgqt4AQ==
+isdn01.example. 3600 IN ISDN "isdn-address"
+isdn02.example. 3600 IN ISDN "isdn-address" "subaddress"
+isdn03.example. 3600 IN ISDN "isdn-address"
+isdn04.example. 3600 IN ISDN "isdn-address" "subaddress"
+hip1.example. 3600 IN HIP 2 200100107B1A74DF365639CC39F1D578 AwEAAbdxyhNuSutc5EMzxTs9LBPCIkOFH8cIvM4p9+LrV4e19WzK00+CI6zBCQTdtWsuxKbWIy87UOoJTwkUs7lBu+Upr1gsNrut79ryra+bSRGQb1slImA8YVJyuIDsj7kwzG7jnERNqnWxZ48AWkskmdHaVDP4BcelrTI3rMXdXF5D
+hip2.example. 3600 IN HIP 2 200100107B1A74DF365639CC39F1D578 AwEAAbdxyhNuSutc5EMzxTs9LBPCIkOFH8cIvM4p9+LrV4e19WzK00+CI6zBCQTdtWsuxKbWIy87UOoJTwkUs7lBu+Upr1gsNrut79ryra+bSRGQb1slImA8YVJyuIDsj7kwzG7jnERNqnWxZ48AWkskmdHaVDP4BcelrTI3rMXdXF5D rvs.example.com.
+dnskey01.example. 3600 IN DNSKEY 512 255 1 AQMFD5raczCJHViKtLYhWGz8hMY9UGRuniJDBzC7w0aRyzWZriO6i2od GWWQVucZqKVsENW91IOW4vqudngPZsY3GvQ/xVA8/7pyFj6b7Esga60z yGW6LFe9r8n6paHrlG5ojqf0BaqHT+8=
+https0.example. 3600 IN HTTPS 0 example.net.
+https1.example. 3600 IN HTTPS 1 . port=60
+keydata.example. 3600 IN TYPE65533 \# 0
+keydata.example. 3600 IN TYPE65533 \# 6 010203040506
+keydata.example. 3600 IN TYPE65533 \# 18 010203040506010203040506010203040506
+kx01.example. 3600 IN KX 10 kdc.example.
+kx02.example. 3600 IN KX 10 .
+loc01.example. 3600 IN LOC 60 9 0.000 N 24 39 0.000 E 10.00m 20m 2000m 20m
+loc02.example. 3600 IN LOC 60 9 0.000 N 24 39 0.000 E 10.00m 20m 2000m 20m
+l32.example. 3600 IN L32 10 1.2.3.4
+l64.example. 3600 IN L64 10 14:4fff:ff20:ee64
+lp.example. 3600 IN LP 10 example.net.
+nid.example. 3600 IN NID 10 14:4fff:ff20:ee64
+mb01.example. 3600 IN MG madname.example.
+mb02.example. 3600 IN MG .
+mg01.example. 3600 IN MG mgmname.example.
+mg02.example. 3600 IN MG .
+minfo01.example. 3600 IN MINFO rmailbx.example. emailbx.example.
+minfo02.example. 3600 IN MINFO . .
+mr01.example. 3600 IN MR mrname.example.
+mr02.example. 3600 IN MR .
+mx01.example. 3600 IN MX 10 mail.example.
+mx02.example. 3600 IN MX 10 .
+naptr01.example. 3600 IN NAPTR 0 0 "" "" "" .
+naptr02.example. 3600 IN NAPTR 65535 65535 "blurgh" "blorf" "blllbb" foo.
+nimloc01.example. 3600 IN NIMLOC 1289AB
+ninfo01.example. 3600 IN NINFO "foo"
+ninfo02.example. 3600 IN NINFO "foo" "bar"
+ninfo03.example. 3600 IN NINFO "foo"
+ninfo04.example. 3600 IN NINFO "foo" "bar"
+ninfo05.example. 3600 IN NINFO "foo bar"
+ninfo06.example. 3600 IN NINFO "foo bar"
+ninfo07.example. 3600 IN NINFO "foo bar"
+ninfo08.example. 3600 IN NINFO "foo\010bar"
+ninfo09.example. 3600 IN NINFO "foo\010bar"
+ninfo10.example. 3600 IN NINFO "foo bar"
+ninfo11.example. 3600 IN NINFO "\"foo\""
+ninfo12.example. 3600 IN NINFO "\"foo\""
+ninfo13.example. 3600 IN NINFO "foo;"
+ninfo14.example. 3600 IN NINFO "foo;"
+ninfo15.example. 3600 IN NINFO "bar\\;"
+ns2.example. 3600 IN A 10.53.0.2
+ns3.example. 3600 IN A 10.53.0.3
+nsap-ptr01.example. 3600 IN NSAP-PTR .
+nsap-ptr01.example. 3600 IN NSAP-PTR foo.
+nsap01.example. 3600 IN NSAP 0x47000580005a0000000001e133ffffff00016100
+nsap02.example. 3600 IN NSAP 0x47000580005a0000000001e133ffffff00016100
+nsec01.example. 3600 IN NSEC a.secure.nil. NS SOA MX LOC RRSIG NSEC DNSKEY
+nsec02.example. 3600 IN NSEC . NSAP-PTR NSEC
+nsec03.example. 3600 IN NSEC . A
+nsec04.example. 3600 IN NSEC . TYPE127
+openpgpkey.example. 3600 IN OPENPGPKEY AQMFD5raczCJHViKtLYhWGz8hMY9UGRuniJDBzC7w0aRyzWZriO6i2od GWWQVucZqKVsENW91IOW4vqudngPZsY3GvQ/xVA8/7pyFj6b7Esga60z yGW6LFe9r8n6paHrlG5ojqf0BaqHT+8=
+ptr01.example. 3600 IN PTR example.
+px01.example. 3600 IN PX 65535 foo. bar.
+px02.example. 3600 IN PX 65535 . .
+rkey01.example. 3600 IN RKEY 0 255 1 AQMFD5raczCJHViKtLYhWGz8hMY9UGRuniJDBzC7w0aRyzWZriO6i2od GWWQVucZqKVsENW91IOW4vqudngPZsY3GvQ/xVA8/7pyFj6b7Esga60z yGW6LFe9r8n6paHrlG5ojqf0BaqHT+8=
+rp01.example. 3600 IN RP mbox-dname.example. txt-dname.example.
+rp02.example. 3600 IN RP . .
+rt01.example. 3600 IN RT 0 intermediate-host.example.
+rt02.example. 3600 IN RT 65535 .
+rrsig01.example. 3600 IN RRSIG NSEC 1 3 3600 20000102030405 19961211100908 2143 foo.nil. MxFcby9k/yvedMfQgKzhH5er0Mu/vILz45IkskceFGgiWCn/GxHhai6V AuHAoNUz4YoU1tVfSCSqQYn6//11U6Nld80jEeC8aTrO+KKmCaY=
+sink01.example. 3600 IN SINK 1 0 0
+sink02.example. 3600 IN SINK 8 0 2 l4ik
+smimea.example. 3600 IN SMIMEA 1 1 2 92003BA34942DC74152E2F2C408D29ECA5A520E7F2E06BB944F4DCA3 46BAF63C1B177615D466F6C4B71C216A50292BD58C9EBDD2F74E38FE 51FFD48C43326CBC
+spf01.example. 3600 IN SPF "v=spf1 -all"
+spf02.example. 3600 IN SPF "v=spf1" " -all"
+srv01.example. 3600 IN SRV 0 0 0 .
+srv02.example. 3600 IN SRV 65535 65535 65535 old-slow-box.example.
+sshfp01.example. 3600 IN SSHFP 4 2 C76D8329954DA2835751E371544E963EFDA099080D6C58DD2BFD9A31 6E162C83
+sshfp02.example. 3600 IN SSHFP 1 2 BF29468C83AC58CCF8C85AB7B3BEB054ECF1E38512B8353AB36471FA 88961DCC
+svcb0.example. 3600 IN SVCB 0 example.net.
+svcb1.example. 3600 IN SVCB 1 . port=60
+ta.example. 3600 IN TA 30795 1 1 310D27F4D82C1FC2400704EA9939FE6E1CEAA3B9
+talink0.example. 3600 IN TALINK . talink1.example.
+talink1.example. 3600 IN TALINK talink0.example. talink2.example.
+talink2.example. 3600 IN TALINK talink2.example. .
+tlsa.example. 3600 IN TLSA 1 1 2 92003BA34942DC74152E2F2C408D29ECA5A520E7F2E06BB944F4DCA3 46BAF63C1B177615D466F6C4B71C216A50292BD58C9EBDD2F74E38FE 51FFD48C43326CBC
+txt01.example. 3600 IN TXT "foo"
+txt02.example. 3600 IN TXT "foo" "bar"
+txt03.example. 3600 IN TXT "foo"
+txt04.example. 3600 IN TXT "foo" "bar"
+txt05.example. 3600 IN TXT "foo bar"
+txt06.example. 3600 IN TXT "foo bar"
+txt07.example. 3600 IN TXT "foo bar"
+txt08.example. 3600 IN TXT "foo\010bar"
+txt09.example. 3600 IN TXT "foo\010bar"
+txt10.example. 3600 IN TXT "foo bar"
+txt11.example. 3600 IN TXT "\"foo\""
+txt12.example. 3600 IN TXT "\"foo\""
+txt13.example. 3600 IN TXT "foo;"
+txt14.example. 3600 IN TXT "foo;"
+txt15.example. 3600 IN TXT "bar\\;"
+uid01.example. 3600 IN UID \# 1 02
+uinfo01.example. 3600 IN UINFO \# 1 01
+uri01.example. 3600 IN URI 10 20 "https://www.isc.org/"
+uri02.example. 3600 IN URI 30 40 "https://www.isc.org/HolyCowThisSureIsAVeryLongURIRecordIDontEvenKnowWhatSomeoneWouldEverWantWithSuchAThingButTheSpecificationRequiresThatWesupportItSoHereWeGoTestingItLaLaLaLaLaLaLaSeriouslyThoughWhyWouldYouEvenConsiderUsingAURIThisLongItSeemsLikeASillyIdeaButEnhWhatAreYouGonnaDo/"
+uri03.example. 3600 IN URI 30 40 ""
+wks01.example. 3600 IN WKS 10.0.0.1 6 0 1 2 21 23
+wks02.example. 3600 IN WKS 10.0.0.1 17 0 1 2 53
+wks03.example. 3600 IN WKS 10.0.0.2 6 65535
+x2501.example. 3600 IN X25 "123456789"
+zonemd01.example. 3600 IN ZONEMD 2019020700 1 1 C220B8A6ED5728A971902F7E3D4FD93ADEEA88B0453C2E8E8C863D46 5AB06CF34EB95B266398C98B59124FA239CB7EEB
+zonemd02.example. 3600 IN ZONEMD 2019020700 1 2 08CFA1115C7B948C4163A901270395EA226A930CD2CBCF2FA9A5E6EB 85F37C8A4E114D884E66F176EAB121CB02DB7D652E0CC4827E7A3204 F166B47E5613FD27
+8f1tmio9avcom2k0frp92lgcumak0cad.example. 3600 IN NSEC3 1 0 10 D2CF0294C020CE6C 8FPNS2UCT7FBS643THP2B77PEQ77K6IU A NS SOA MX AAAA RRSIG DNSKEY NSEC3PARAM
+kcd3juae64f9c5csl1kif1htaui7un0g.example. 3600 IN NSEC3 1 0 10 D2CF0294C020CE6C KD5MN2M20340DGO0BL7NTSB8JP4BSC7E
+mr5ukvsk1l37btu4q7b1dfevft4hkqdk.example. 3600 IN NSEC3 1 0 10 D2CF0294C020CE6C MT38J6VG7S0SN5G17MCUF6IQIKFUAJ05 A AAAA RRSIG
+example. 86400 IN SOA ns2.example. hostmaster.example. 1397051953 5 5 1814400 3600
diff --git a/bin/tests/system/xfer/knowngood.mapped b/bin/tests/system/xfer/knowngood.mapped
new file mode 100644
index 0000000..5fcd00b
--- /dev/null
+++ b/bin/tests/system/xfer/knowngood.mapped
@@ -0,0 +1,26 @@
+
+; <<>> DiG 9.10.2-P3 <<>> -p 5300 axfr mapped @10.53.0.3
+;; global options: +cmd
+mapped. 3600 IN SOA . . 0 0 0 2147483647 0
+example.aa. 3600 IN A 1.2.3.4
+example1.aa. 3600 IN A 1.2.3.4
+example.bb. 3600 IN A 1.2.3.4
+example1.bb. 3600 IN A 1.2.3.4
+example.com. 3600 IN A 1.2.3.4
+example1.com. 3600 IN A 1.2.3.4
+bar.dd. 3600 IN A 1.2.3.4
+foo.ee. 3600 IN A 1.2.3.4
+foo.ff. 3600 IN A 1.2.3.4
+foo.gg. 3600 IN A 1.2.3.4
+foo.hh. 3600 IN A 1.2.3.4
+foo.ii. 3600 IN A 1.2.3.4
+foo.jj. 3600 IN A 1.2.3.4
+foo.kk. 3600 IN A 1.2.3.4
+foo.ll. 3600 IN A 1.2.3.4
+mapped. 3600 IN NS .
+mapped. 3600 IN SOA . . 0 0 0 2147483647 0
+;; Query time: 4 msec
+;; SERVER: 10.53.0.3#5300(10.53.0.3)
+;; WHEN: Tue Feb 16 14:38:25 EST 2016
+;; XFR size: 18 records (messages 1, bytes 468)
+
diff --git a/bin/tests/system/xfer/ns1/axfr-too-big.db b/bin/tests/system/xfer/ns1/axfr-too-big.db
new file mode 100644
index 0000000..37987a6
--- /dev/null
+++ b/bin/tests/system/xfer/ns1/axfr-too-big.db
@@ -0,0 +1,15 @@
+; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+;
+; SPDX-License-Identifier: MPL-2.0
+;
+; This Source Code Form is subject to the terms of the Mozilla Public
+; License, v. 2.0. If a copy of the MPL was not distributed with this
+; file, you can obtain one at https://mozilla.org/MPL/2.0/.
+;
+; See the COPYRIGHT file distributed with this work for additional
+; information regarding copyright ownership.
+
+$TTL 3600
+@ IN SOA . . 0 0 0 0 0
+@ IN NS .
+$GENERATE 1-29 host$ A 1.2.3.$
diff --git a/bin/tests/system/xfer/ns1/ixfr-too-big.db.in b/bin/tests/system/xfer/ns1/ixfr-too-big.db.in
new file mode 100644
index 0000000..c192316
--- /dev/null
+++ b/bin/tests/system/xfer/ns1/ixfr-too-big.db.in
@@ -0,0 +1,18 @@
+; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+;
+; SPDX-License-Identifier: MPL-2.0
+;
+; This Source Code Form is subject to the terms of the Mozilla Public
+; License, v. 2.0. If a copy of the MPL was not distributed with this
+; file, you can obtain one at https://mozilla.org/MPL/2.0/.
+;
+; See the COPYRIGHT file distributed with this work for additional
+; information regarding copyright ownership.
+
+$TTL 3600
+@ IN SOA . . 0 0 0 0 0
+@ IN NS ns1
+@ IN NS ns6
+ns1 IN A 10.53.0.1
+ns6 IN A 10.53.0.6
+$GENERATE 1-25 host$ A 1.2.3.$
diff --git a/bin/tests/system/xfer/ns1/named.conf.in b/bin/tests/system/xfer/ns1/named.conf.in
new file mode 100644
index 0000000..3ff6cdf
--- /dev/null
+++ b/bin/tests/system/xfer/ns1/named.conf.in
@@ -0,0 +1,61 @@
+/*
+ * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+ *
+ * SPDX-License-Identifier: MPL-2.0
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, you can obtain one at https://mozilla.org/MPL/2.0/.
+ *
+ * See the COPYRIGHT file distributed with this work for additional
+ * information regarding copyright ownership.
+ */
+
+include "../../common/rndc.key";
+
+controls {
+ inet 10.53.0.1 port @CONTROLPORT@ allow { any; } keys { rndc_key; };
+};
+
+options {
+ query-source address 10.53.0.1;
+ notify-source 10.53.0.1;
+ transfer-source 10.53.0.1;
+ port @PORT@;
+ pid-file "named.pid";
+ listen-on { 10.53.0.1; };
+ listen-on-v6 { none; };
+ recursion no;
+ notify yes;
+};
+
+zone "." {
+ type primary;
+ file "root.db";
+};
+
+zone "secondary" {
+ type primary;
+ file "sec.db";
+};
+
+zone "edns-expire" {
+ type primary;
+ file "edns-expire.db";
+};
+
+zone "axfr-too-big" {
+ type primary;
+ file "axfr-too-big.db";
+};
+
+zone "ixfr-too-big" {
+ type primary;
+ allow-update { any; };
+ file "ixfr-too-big.db";
+};
+
+zone "xfer-stats" {
+ type primary;
+ file "xfer-stats.db";
+};
diff --git a/bin/tests/system/xfer/ns1/root.db b/bin/tests/system/xfer/ns1/root.db
new file mode 100644
index 0000000..58a675c
--- /dev/null
+++ b/bin/tests/system/xfer/ns1/root.db
@@ -0,0 +1,27 @@
+; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+;
+; SPDX-License-Identifier: MPL-2.0
+;
+; This Source Code Form is subject to the terms of the Mozilla Public
+; License, v. 2.0. If a copy of the MPL was not distributed with this
+; file, you can obtain one at https://mozilla.org/MPL/2.0/.
+;
+; See the COPYRIGHT file distributed with this work for additional
+; information regarding copyright ownership.
+
+$TTL 300
+. IN SOA gson.nominum.com. a.root.servers.nil. (
+ 2000042100 ; serial
+ 600 ; refresh
+ 600 ; retry
+ 1200 ; expire
+ 600 ; minimum
+ )
+. NS a.root-servers.nil.
+a.root-servers.nil. A 10.53.0.1
+
+example. NS ns2.example.
+ns2.example. A 10.53.0.2
+
+tsigzone. NS ns2.tsigzone.
+ns2.tsigzone. A 10.53.0.2
diff --git a/bin/tests/system/xfer/ns1/xfer-stats.db b/bin/tests/system/xfer/ns1/xfer-stats.db
new file mode 100644
index 0000000..42e1c9c
--- /dev/null
+++ b/bin/tests/system/xfer/ns1/xfer-stats.db
@@ -0,0 +1,15 @@
+; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+;
+; SPDX-License-Identifier: MPL-2.0
+;
+; This Source Code Form is subject to the terms of the Mozilla Public
+; License, v. 2.0. If a copy of the MPL was not distributed with this
+; file, you can obtain one at https://mozilla.org/MPL/2.0/.
+;
+; See the COPYRIGHT file distributed with this work for additional
+; information regarding copyright ownership.
+
+$TTL 3600
+@ SOA . . 0 0 0 0 0
+@ NS .
+$GENERATE 1-10000 $ TXT $
diff --git a/bin/tests/system/xfer/ns2/mapped.db.in b/bin/tests/system/xfer/ns2/mapped.db.in
new file mode 100644
index 0000000..d928d69
--- /dev/null
+++ b/bin/tests/system/xfer/ns2/mapped.db.in
@@ -0,0 +1,28 @@
+; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+;
+; SPDX-License-Identifier: MPL-2.0
+;
+; This Source Code Form is subject to the terms of the Mozilla Public
+; License, v. 2.0. If a copy of the MPL was not distributed with this
+; file, you can obtain one at https://mozilla.org/MPL/2.0/.
+;
+; See the COPYRIGHT file distributed with this work for additional
+; information regarding copyright ownership.
+
+mapped. 3600 IN SOA . . 0 0 0 2147483647 0
+example.aa. 3600 IN A 1.2.3.4
+example1.aa. 3600 IN A 1.2.3.4
+example.bb. 3600 IN A 1.2.3.4
+example1.bb. 3600 IN A 1.2.3.4
+example.com. 3600 IN A 1.2.3.4
+example1.com. 3600 IN A 1.2.3.4
+bar.dd. 3600 IN A 1.2.3.4
+foo.ee. 3600 IN A 1.2.3.4
+foo.ff. 3600 IN A 1.2.3.4
+foo.gg. 3600 IN A 1.2.3.4
+foo.hh. 3600 IN A 1.2.3.4
+foo.ii. 3600 IN A 1.2.3.4
+foo.jj. 3600 IN A 1.2.3.4
+foo.kk. 3600 IN A 1.2.3.4
+foo.ll. 3600 IN A 1.2.3.4
+mapped. 3600 IN NS .
diff --git a/bin/tests/system/xfer/ns2/named.conf.in b/bin/tests/system/xfer/ns2/named.conf.in
new file mode 100644
index 0000000..fbde9c1
--- /dev/null
+++ b/bin/tests/system/xfer/ns2/named.conf.in
@@ -0,0 +1,74 @@
+/*
+ * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+ *
+ * SPDX-License-Identifier: MPL-2.0
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, you can obtain one at https://mozilla.org/MPL/2.0/.
+ *
+ * See the COPYRIGHT file distributed with this work for additional
+ * information regarding copyright ownership.
+ */
+
+options {
+ query-source address 10.53.0.2;
+ notify-source 10.53.0.2;
+ transfer-source 10.53.0.2;
+ port @PORT@;
+ pid-file "named.pid";
+ listen-on { 10.53.0.2; };
+ listen-on-v6 { none; };
+ recursion no;
+ notify yes;
+ ixfr-from-differences yes;
+ check-integrity no;
+};
+
+key rndc_key {
+ secret "1234abcd8765";
+ algorithm hmac-sha256;
+};
+
+controls {
+ inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; };
+};
+
+key tsigzone. {
+ algorithm hmac-md5;
+ secret "1234abcd8765";
+};
+
+acl tzkey {
+ key tsigzone.;
+};
+
+zone "." {
+ type hint;
+ file "../../common/root.hint";
+};
+
+zone "example" {
+ type primary;
+ file "example.db";
+};
+
+zone "tsigzone" {
+ type primary;
+ file "tsigzone.db";
+ allow-transfer { tzkey; };
+};
+
+zone "secondary" {
+ type secondary;
+ file "sec.db";
+ primaries { 10.53.0.1; };
+ masterfile-format text;
+};
+
+zone "mapped" {
+ type secondary;
+ file "mapped.db";
+ masterfile-format text;
+ primaries { 10.53.0.100; };
+};
diff --git a/bin/tests/system/xfer/ns2/sec.db.in b/bin/tests/system/xfer/ns2/sec.db.in
new file mode 100644
index 0000000..7978598
--- /dev/null
+++ b/bin/tests/system/xfer/ns2/sec.db.in
@@ -0,0 +1,19 @@
+; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+;
+; SPDX-License-Identifier: MPL-2.0
+;
+; This Source Code Form is subject to the terms of the Mozilla Public
+; License, v. 2.0. If a copy of the MPL was not distributed with this
+; file, you can obtain one at https://mozilla.org/MPL/2.0/.
+;
+; See the COPYRIGHT file distributed with this work for additional
+; information regarding copyright ownership.
+
+$TTL 5
+
+@ IN SOA ns1 hostmaster 1 5 5 5 5
+@ NS ns1
+ns1 A 10.53.0.1
+a01 A 1.1.1.1
+a02 A 255.255.255.255
+
diff --git a/bin/tests/system/xfer/ns3/named.conf.in b/bin/tests/system/xfer/ns3/named.conf.in
new file mode 100644
index 0000000..5fc0183
--- /dev/null
+++ b/bin/tests/system/xfer/ns3/named.conf.in
@@ -0,0 +1,79 @@
+/*
+ * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+ *
+ * SPDX-License-Identifier: MPL-2.0
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, you can obtain one at https://mozilla.org/MPL/2.0/.
+ *
+ * See the COPYRIGHT file distributed with this work for additional
+ * information regarding copyright ownership.
+ */
+
+options {
+ query-source address 10.53.0.3;
+ notify-source 10.53.0.3;
+ transfer-source 10.53.0.3;
+ port @PORT@;
+ pid-file "named.pid";
+ listen-on { 10.53.0.3; };
+ listen-on-v6 { none; };
+ recursion yes;
+ notify yes;
+};
+
+key rndc_key {
+ secret "1234abcd8765";
+ algorithm hmac-sha256;
+};
+
+controls {
+ inet 10.53.0.3 port @CONTROLPORT@ allow { any; } keys { rndc_key; };
+};
+
+key tsigzone. {
+ algorithm hmac-md5;
+ secret "1234abcd8765";
+};
+
+zone "." {
+ type hint;
+ file "../../common/root.hint";
+};
+
+zone "example" {
+ type secondary;
+ primaries { 10.53.0.2; };
+ file "example.bk";
+};
+
+zone "primary" {
+ type secondary;
+ primaries { 10.53.0.6; };
+ file "primary.bk";
+};
+
+server 10.53.0.2 {
+ keys { tsigzone.; };
+};
+
+zone "tsigzone" {
+ type secondary;
+ primaries { 10.53.0.2; };
+ file "tsigzone.bk";
+ allow-transfer { key tsigzone.; };
+};
+
+zone "mapped" {
+ type secondary;
+ primaries { 10.53.0.2; };
+ masterfile-format map;
+ file "mapped.bk";
+};
+
+zone "xfer-stats" {
+ type secondary;
+ primaries { 10.53.0.1; };
+ file "xfer-stats.bk";
+};
diff --git a/bin/tests/system/xfer/ns4/named.conf.base b/bin/tests/system/xfer/ns4/named.conf.base
new file mode 100644
index 0000000..8e77d0c
--- /dev/null
+++ b/bin/tests/system/xfer/ns4/named.conf.base
@@ -0,0 +1,49 @@
+/*
+ * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+ *
+ * SPDX-License-Identifier: MPL-2.0
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, you can obtain one at https://mozilla.org/MPL/2.0/.
+ *
+ * See the COPYRIGHT file distributed with this work for additional
+ * information regarding copyright ownership.
+ */
+
+options {
+ query-source address 10.53.0.4;
+ notify-source 10.53.0.4;
+ transfer-source 10.53.0.4;
+ port @PORT@;
+ pid-file "named.pid";
+ listen-on { 10.53.0.4; };
+ listen-on-v6 { none; };
+ recursion no;
+ notify yes;
+ blackhole { none; };
+};
+
+key rndc_key {
+ secret "1234abcd8765";
+ algorithm hmac-sha256;
+};
+
+key unused_key. {
+ secret "1234abcd8765";
+ algorithm hmac-md5;
+};
+
+key tsig_key. {
+ secret "LSAnCU+Z";
+ algorithm hmac-md5;
+};
+
+controls {
+ inet 10.53.0.4 port @CONTROLPORT@ allow { any; } keys { rndc_key; };
+};
+
+zone "." {
+ type primary;
+ file "root.db";
+};
diff --git a/bin/tests/system/xfer/ns4/root.db.in b/bin/tests/system/xfer/ns4/root.db.in
new file mode 100644
index 0000000..29ee0ec
--- /dev/null
+++ b/bin/tests/system/xfer/ns4/root.db.in
@@ -0,0 +1,14 @@
+; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+;
+; SPDX-License-Identifier: MPL-2.0
+;
+; This Source Code Form is subject to the terms of the Mozilla Public
+; License, v. 2.0. If a copy of the MPL was not distributed with this
+; file, you can obtain one at https://mozilla.org/MPL/2.0/.
+;
+; See the COPYRIGHT file distributed with this work for additional
+; information regarding copyright ownership.
+
+@ 0 SOA . . 0 0 0 0 0
+@ 0 NS .
+@ 0 A 10.53.0.4
diff --git a/bin/tests/system/xfer/ns6/named.conf.in b/bin/tests/system/xfer/ns6/named.conf.in
new file mode 100644
index 0000000..636400c
--- /dev/null
+++ b/bin/tests/system/xfer/ns6/named.conf.in
@@ -0,0 +1,69 @@
+/*
+ * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+ *
+ * SPDX-License-Identifier: MPL-2.0
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, you can obtain one at https://mozilla.org/MPL/2.0/.
+ *
+ * See the COPYRIGHT file distributed with this work for additional
+ * information regarding copyright ownership.
+ */
+
+include "../../common/rndc.key";
+
+controls {
+ inet 10.53.0.6 port @CONTROLPORT@ allow { any; } keys { rndc_key; };
+};
+
+options {
+ query-source address 10.53.0.6;
+ notify-source 10.53.0.6;
+ transfer-source 10.53.0.6;
+ port @PORT@;
+ pid-file "named.pid";
+ listen-on { 10.53.0.6; };
+ listen-on-v6 { none; };
+ recursion no;
+ notify yes;
+ ixfr-from-differences primary;
+ check-integrity no;
+};
+
+zone "." {
+ type hint;
+ file "../../common/root.hint";
+};
+
+zone "primary" {
+ type primary;
+ file "primary.db";
+};
+
+zone "secondary" {
+ type secondary;
+ notify no;
+ primaries { 10.53.0.1; };
+ file "sec.bk";
+};
+
+zone "edns-expire" {
+ type secondary;
+ primaries { 10.53.0.1; };
+ file "edns-expire.bk";
+};
+
+zone "axfr-too-big" {
+ type secondary;
+ max-records 30;
+ primaries { 10.53.0.1; };
+ file "axfr-too-big.bk";
+};
+
+zone "ixfr-too-big" {
+ type secondary;
+ max-records 30;
+ primaries { 10.53.0.1; };
+ file "ixfr-too-big.bk";
+};
diff --git a/bin/tests/system/xfer/ns7/named.conf.in b/bin/tests/system/xfer/ns7/named.conf.in
new file mode 100644
index 0000000..9bd92b3
--- /dev/null
+++ b/bin/tests/system/xfer/ns7/named.conf.in
@@ -0,0 +1,54 @@
+/*
+ * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+ *
+ * SPDX-License-Identifier: MPL-2.0
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, you can obtain one at https://mozilla.org/MPL/2.0/.
+ *
+ * See the COPYRIGHT file distributed with this work for additional
+ * information regarding copyright ownership.
+ */
+
+include "../../common/rndc.key";
+
+controls {
+ inet 10.53.0.7 port @CONTROLPORT@ allow { any; } keys { rndc_key; };
+};
+
+options {
+ query-source address 10.53.0.7;
+ notify-source 10.53.0.7;
+ transfer-source 10.53.0.7;
+ port @PORT@;
+ pid-file "named.pid";
+ listen-on { 10.53.0.7; };
+ listen-on-v6 { none; };
+ recursion no;
+ notify yes;
+ ixfr-from-differences secondary;
+ check-integrity no;
+};
+
+zone "." {
+ type hint;
+ file "../../common/root.hint";
+};
+
+zone "primary2" {
+ type primary;
+ file "primary2.db";
+};
+
+zone "secondary" {
+ type secondary;
+ primaries { 10.53.0.1; };
+ file "sec.bk";
+};
+
+zone "edns-expire" {
+ type secondary;
+ primaries { 10.53.0.6; };
+ file "edns-expire.bk";
+};
diff --git a/bin/tests/system/xfer/ns8/example.db b/bin/tests/system/xfer/ns8/example.db
new file mode 100644
index 0000000..8e8ccb9
--- /dev/null
+++ b/bin/tests/system/xfer/ns8/example.db
@@ -0,0 +1,24 @@
+; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+;
+; SPDX-License-Identifier: MPL-2.0
+;
+; This Source Code Form is subject to the terms of the Mozilla Public
+; License, v. 2.0. If a copy of the MPL was not distributed with this
+; file, you can obtain one at https://mozilla.org/MPL/2.0/.
+;
+; See the COPYRIGHT file distributed with this work for additional
+; information regarding copyright ownership.
+
+$TTL 300 ; 5 minutes
+@ SOA mname1. . (
+ 2000062101 ; serial
+ 20 ; refresh (20 seconds)
+ 20 ; retry (20 seconds)
+ 1814400 ; expire (3 weeks)
+ 3600 ; minimum (1 hour)
+ )
+ NS ns
+ns A 10.53.0.1
+
+$INCLUDE large.db
+$INCLUDE small.db
diff --git a/bin/tests/system/xfer/ns8/named.conf.in b/bin/tests/system/xfer/ns8/named.conf.in
new file mode 100644
index 0000000..22b3272
--- /dev/null
+++ b/bin/tests/system/xfer/ns8/named.conf.in
@@ -0,0 +1,46 @@
+/*
+ * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+ *
+ * SPDX-License-Identifier: MPL-2.0
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, you can obtain one at https://mozilla.org/MPL/2.0/.
+ *
+ * See the COPYRIGHT file distributed with this work for additional
+ * information regarding copyright ownership.
+ */
+
+include "../../common/rndc.key";
+
+controls {
+ inet 10.53.0.8 port @CONTROLPORT@ allow { any; } keys { rndc_key; };
+};
+
+options {
+ query-source address 10.53.0.8;
+ notify-source 10.53.0.8;
+ transfer-source 10.53.0.8;
+ port @PORT@;
+ pid-file "named.pid";
+ listen-on { 10.53.0.8; };
+ listen-on-v6 { none; };
+ recursion no;
+ notify no;
+ transfer-message-size 1024;
+};
+
+key key1. {
+ algorithm hmac-md5;
+ secret "1234abcd8765";
+};
+
+acl tzkey {
+ key key1.;
+};
+
+zone "example." {
+ type primary;
+ file "example.db";
+ allow-transfer { tzkey; };
+};
diff --git a/bin/tests/system/xfer/prereq.sh b/bin/tests/system/xfer/prereq.sh
new file mode 100644
index 0000000..b262501
--- /dev/null
+++ b/bin/tests/system/xfer/prereq.sh
@@ -0,0 +1,35 @@
+#!/bin/sh
+
+# Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+#
+# SPDX-License-Identifier: MPL-2.0
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, you can obtain one at https://mozilla.org/MPL/2.0/.
+#
+# See the COPYRIGHT file distributed with this work for additional
+# information regarding copyright ownership.
+
+SYSTEMTESTTOP=..
+. $SYSTEMTESTTOP/conf.sh
+
+if $PERL -e 'use Net::DNS;' 2>/dev/null
+then
+ if $PERL -e 'use Net::DNS; die if ($Net::DNS::VERSION >= 0.69 && $Net::DNS::VERSION <= 0.74);' 2>/dev/null
+ then
+ :
+ else
+ echo_i "Net::DNS versions 0.69 to 0.74 have bugs that cause this test to fail: please update." >&2
+ exit 1
+ fi
+else
+ echo_i "This test requires the Net::DNS library." >&2
+ exit 1
+fi
+
+if ! $PERL -e 'use Digest::HMAC;' 2>/dev/null
+then
+ echo_i "This test requires the Digest::HMAC Perl module." >&2
+ exit 1
+fi
diff --git a/bin/tests/system/xfer/setup.sh b/bin/tests/system/xfer/setup.sh
new file mode 100644
index 0000000..3180a7f
--- /dev/null
+++ b/bin/tests/system/xfer/setup.sh
@@ -0,0 +1,44 @@
+#!/bin/sh
+
+# Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+#
+# SPDX-License-Identifier: MPL-2.0
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, you can obtain one at https://mozilla.org/MPL/2.0/.
+#
+# See the COPYRIGHT file distributed with this work for additional
+# information regarding copyright ownership.
+
+SYSTEMTESTTOP=..
+. $SYSTEMTESTTOP/conf.sh
+
+$SHELL ../genzone.sh 1 6 7 >ns1/sec.db
+$SHELL ../genzone.sh 1 6 7 >ns1/edns-expire.db
+$SHELL ../genzone.sh 2 3 >ns2/example.db
+$SHELL ../genzone.sh 2 3 >ns2/tsigzone.db
+$SHELL ../genzone.sh 6 3 >ns6/primary.db
+$SHELL ../genzone.sh 7 >ns7/primary2.db
+
+cp -f ns4/root.db.in ns4/root.db
+$PERL -e 'for ($i=0;$i<10000;$i++){ printf("x%u 0 in a 10.53.0.1\n", $i);}' >> ns4/root.db
+
+copy_setports ns1/named.conf.in ns1/named.conf
+copy_setports ns2/named.conf.in ns2/named.conf
+copy_setports ns3/named.conf.in ns3/named.conf
+copy_setports ns6/named.conf.in ns6/named.conf
+copy_setports ns7/named.conf.in ns7/named.conf
+copy_setports ns8/named.conf.in ns8/named.conf
+
+copy_setports ns4/named.conf.base ns4/named.conf
+
+cp ns2/sec.db.in ns2/sec.db
+touch -t 200101010000 ns2/sec.db
+
+cp ns2/mapped.db.in ns2/mapped.db
+
+$PERL -e 'for ($i=0;$i<4096;$i++){ printf("name%u 259200 A 1.2.3.4\nname%u 259200 TXT \"Hello World %u\"\n", $i, $i, $i);}' > ns8/small.db
+$PERL -e 'printf("large IN TYPE45234 \\# 48000 "); for ($i=0;$i<16*3000;$i++) { printf("%02x", $i % 256); } printf("\n");' > ns8/large.db
+
+cp -f ns1/ixfr-too-big.db.in ns1/ixfr-too-big.db
diff --git a/bin/tests/system/xfer/tests.sh b/bin/tests/system/xfer/tests.sh
new file mode 100755
index 0000000..607d68a
--- /dev/null
+++ b/bin/tests/system/xfer/tests.sh
@@ -0,0 +1,547 @@
+#!/bin/sh
+
+# Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+#
+# SPDX-License-Identifier: MPL-2.0
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, you can obtain one at https://mozilla.org/MPL/2.0/.
+#
+# See the COPYRIGHT file distributed with this work for additional
+# information regarding copyright ownership.
+
+SYSTEMTESTTOP=..
+. $SYSTEMTESTTOP/conf.sh
+
+DIGOPTS="+tcp +noadd +nosea +nostat +noquest +nocomm +nocmd -p ${PORT}"
+RNDCCMD="$RNDC -c $SYSTEMTESTTOP/common/rndc.conf -p ${CONTROLPORT} -s"
+
+status=0
+n=0
+
+n=$((n+1))
+echo_i "testing basic zone transfer functionality (from primary) ($n)"
+tmp=0
+$DIG $DIGOPTS example. @10.53.0.2 axfr > dig.out.ns2.test$n || tmp=1
+grep "^;" dig.out.ns2.test$n | cat_i
+digcomp dig1.good dig.out.ns2.test$n || tmp=1
+if test $tmp != 0 ; then echo_i "failed"; fi
+status=$((status+tmp))
+
+n=$((n+1))
+echo_i "testing basic zone transfer functionality (from secondary) ($n)"
+tmp=0
+#
+# Spin to allow the zone to transfer.
+#
+wait_for_xfer () {
+ $DIG $DIGOPTS example. @10.53.0.3 axfr > dig.out.ns3.test$n || return 1
+ grep "^;" dig.out.ns3.test$n > /dev/null && return 1
+ return 0
+}
+retry_quiet 25 wait_for_xfer || tmp=1
+grep "^;" dig.out.ns3.test$n | cat_i
+digcomp dig1.good dig.out.ns3.test$n || tmp=1
+if test $tmp != 0 ; then echo_i "failed"; fi
+status=$((status+tmp))
+
+n=$((n+1))
+echo_i "testing TSIG signed zone transfers ($n)"
+tmp=0
+$DIG $DIGOPTS tsigzone. @10.53.0.2 axfr -y tsigzone.:1234abcd8765 > dig.out.ns2.test$n || tmp=1
+grep "^;" dig.out.ns2.test$n | cat_i
+
+#
+# Spin to allow the zone to transfer.
+#
+wait_for_xfer_tsig () {
+ $DIG $DIGOPTS tsigzone. @10.53.0.3 axfr -y tsigzone.:1234abcd8765 > dig.out.ns3.test$n || return 1
+ grep "^;" dig.out.ns3.test$n > /dev/null && return 1
+ return 0
+}
+retry_quiet 25 wait_for_xfer_tsig || tmp=1
+grep "^;" dig.out.ns3.test$n | cat_i
+digcomp dig.out.ns2.test$n dig.out.ns3.test$n || tmp=1
+if test $tmp != 0 ; then echo_i "failed"; fi
+status=$((status+tmp))
+
+echo_i "reload servers for in preparation for ixfr-from-differences tests"
+
+rndc_reload ns1 10.53.0.1
+rndc_reload ns2 10.53.0.2
+rndc_reload ns3 10.53.0.3
+rndc_reload ns6 10.53.0.6
+rndc_reload ns7 10.53.0.7
+
+sleep 2
+
+echo_i "updating primary zones for ixfr-from-differences tests"
+
+$PERL -i -p -e '
+ s/0\.0\.0\.0/0.0.0.1/;
+ s/1397051952/1397051953/
+' ns1/sec.db
+
+rndc_reload ns1 10.53.0.1
+
+$PERL -i -p -e '
+ s/0\.0\.0\.0/0.0.0.1/;
+ s/1397051952/1397051953/
+' ns2/example.db
+
+rndc_reload ns2 10.53.0.2
+
+$PERL -i -p -e '
+ s/0\.0\.0\.0/0.0.0.1/;
+ s/1397051952/1397051953/
+' ns6/primary.db
+
+rndc_reload ns6 10.53.0.6
+
+$PERL -i -p -e '
+ s/0\.0\.0\.0/0.0.0.1/;
+ s/1397051952/1397051953/
+' ns7/primary2.db
+
+rndc_reload ns7 10.53.0.7
+
+sleep 3
+
+n=$((n+1))
+echo_i "testing zone is dumped after successful transfer ($n)"
+tmp=0
+$DIG $DIGOPTS +noall +answer +multi @10.53.0.2 \
+ secondary. soa > dig.out.ns2.test$n || tmp=1
+grep "1397051952 ; serial" dig.out.ns2.test$n > /dev/null 2>&1 || tmp=1
+grep "1397051952 ; serial" ns2/sec.db > /dev/null 2>&1 || tmp=1
+if test $tmp != 0 ; then echo_i "failed"; fi
+status=$((status+tmp))
+
+n=$((n+1))
+echo_i "testing ixfr-from-differences yes; ($n)"
+tmp=0
+
+echo_i "wait for reloads..."
+wait_for_reloads() (
+ $DIG $DIGOPTS @10.53.0.6 +noall +answer soa primary > dig.out.soa1.ns6.test$n
+ grep "1397051953" dig.out.soa1.ns6.test$n > /dev/null || return 1
+ $DIG $DIGOPTS @10.53.0.1 +noall +answer soa secondary > dig.out.soa2.ns1.test$n
+ grep "1397051953" dig.out.soa2.ns1.test$n > /dev/null || return 1
+ $DIG $DIGOPTS @10.53.0.2 +noall +answer soa example > dig.out.soa3.ns2.test$n
+ grep "1397051953" dig.out.soa3.ns2.test$n > /dev/null || return 1
+ return 0
+)
+retry_quiet 20 wait_for_reloads || tmp=1
+
+echo_i "wait for transfers..."
+wait_for_transfers() (
+ a=0 b=0 c=0 d=0
+ $DIG $DIGOPTS @10.53.0.3 +noall +answer soa example > dig.out.soa1.ns3.test$n
+ grep "1397051953" dig.out.soa1.ns3.test$n > /dev/null && a=1
+ $DIG $DIGOPTS @10.53.0.3 +noall +answer soa primary > dig.out.soa2.ns3.test$n
+ grep "1397051953" dig.out.soa2.ns3.test$n > /dev/null && b=1
+ $DIG $DIGOPTS @10.53.0.6 +noall +answer soa secondary > dig.out.soa3.ns6.test$n
+ grep "1397051953" dig.out.soa3.ns6.test$n > /dev/null && c=1
+ [ $a -eq 1 -a $b -eq 1 -a $c -eq 1 ] && return 0
+
+ # re-notify if necessary
+ $RNDCCMD 10.53.0.6 notify primary 2>&1 | sed 's/^/ns6 /' | cat_i
+ $RNDCCMD 10.53.0.1 notify secondary 2>&1 | sed 's/^/ns1 /' | cat_i
+ $RNDCCMD 10.53.0.2 notify example 2>&1 | sed 's/^/ns2 /' | cat_i
+ return 1
+)
+retry_quiet 20 wait_for_transfers || tmp=1
+
+$DIG $DIGOPTS example. \
+ @10.53.0.3 axfr > dig.out.ns3.test$n || tmp=1
+grep "^;" dig.out.ns3.test$n | cat_i
+
+digcomp dig2.good dig.out.ns3.test$n || tmp=1
+
+# ns3 has a journal iff it received an IXFR.
+test -f ns3/example.bk || tmp=1
+test -f ns3/example.bk.jnl || tmp=1
+
+if test $tmp != 0 ; then echo_i "failed"; fi
+status=$((status+tmp))
+
+n=$((n+1))
+echo_i "testing ixfr-from-differences primary; (primary zone) ($n)"
+tmp=0
+
+$DIG $DIGOPTS primary. \
+ @10.53.0.6 axfr > dig.out.ns6.test$n || tmp=1
+grep "^;" dig.out.ns6.test$n | cat_i
+
+$DIG $DIGOPTS primary. \
+ @10.53.0.3 axfr > dig.out.ns3.test$n || tmp=1
+grep "^;" dig.out.ns3.test$n > /dev/null && cat_i dig.out.ns3.test$n
+
+digcomp dig.out.ns6.test$n dig.out.ns3.test$n || tmp=1
+
+# ns3 has a journal iff it received an IXFR.
+test -f ns3/primary.bk || tmp=1
+test -f ns3/primary.bk.jnl || tmp=1
+
+if test $tmp != 0 ; then echo_i "failed"; fi
+status=$((status+tmp))
+
+n=$((n+1))
+echo_i "testing ixfr-from-differences primary; (secondary zone) ($n)"
+tmp=0
+
+$DIG $DIGOPTS secondary. \
+ @10.53.0.6 axfr > dig.out.ns6.test$n || tmp=1
+grep "^;" dig.out.ns6.test$n | cat_i
+
+$DIG $DIGOPTS secondary. \
+ @10.53.0.1 axfr > dig.out.ns1.test$n || tmp=1
+grep "^;" dig.out.ns1.test$n | cat_i
+
+digcomp dig.out.ns6.test$n dig.out.ns1.test$n || tmp=1
+
+# ns6 has a journal iff it received an IXFR.
+test -f ns6/sec.bk || tmp=1
+test -f ns6/sec.bk.jnl && tmp=1
+
+if test $tmp != 0 ; then echo_i "failed"; fi
+status=$((status+tmp))
+
+n=$((n+1))
+echo_i "testing ixfr-from-differences secondary; (secondary zone) ($n)"
+tmp=0
+
+# ns7 has a journal iff it generates an IXFR.
+test -f ns7/primary2.db || tmp=1
+test -f ns7/primary2.db.jnl && tmp=1
+
+if test $tmp != 0 ; then echo_i "failed"; fi
+status=$((status+tmp))
+
+n=$((n+1))
+echo_i "testing ixfr-from-differences secondary; (secondary zone) ($n)"
+tmp=0
+
+$DIG $DIGOPTS secondary. \
+ @10.53.0.1 axfr > dig.out.ns1.test$n || tmp=1
+grep "^;" dig.out.ns1.test$n | cat_i
+
+$DIG $DIGOPTS secondary. \
+ @10.53.0.7 axfr > dig.out.ns7.test$n || tmp=1
+grep "^;" dig.out.ns7.test$n | cat_i
+
+digcomp dig.out.ns7.test$n dig.out.ns1.test$n || tmp=1
+
+# ns7 has a journal iff it generates an IXFR.
+test -f ns7/sec.bk || tmp=1
+test -f ns7/sec.bk.jnl || tmp=1
+
+if test $tmp != 0 ; then echo_i "failed"; fi
+status=$((status+tmp))
+
+n=$((n+1))
+echo_i "check that a multi-message uncompressable zone transfers ($n)"
+$DIG axfr . -p ${PORT} @10.53.0.4 | grep SOA > axfr.out
+if test `wc -l < axfr.out` != 2
+then
+ echo_i "failed"
+ status=$((status+1))
+fi
+
+# now we test transfers with assorted TSIG glitches
+DIGCMD="$DIG $DIGOPTS @10.53.0.4"
+SENDCMD="$PERL ../send.pl 10.53.0.5 $EXTRAPORT1"
+
+echo_i "testing that incorrectly signed transfers will fail..."
+n=$((n+1))
+echo_i "initial correctly-signed transfer should succeed ($n)"
+
+$SENDCMD < ans5/goodaxfr
+
+# Initially, ns4 is not authoritative for anything.
+# Now that ans is up and running with the right data, we make ns4
+# a secondary for nil.
+
+cat <<EOF >>ns4/named.conf
+zone "nil" {
+ type secondary;
+ file "nil.db";
+ primaries { 10.53.0.5 key tsig_key; };
+};
+EOF
+
+nextpart ns4/named.run >/dev/null
+
+rndc_reload ns4 10.53.0.4
+
+wait_for_soa() (
+ $DIGCMD nil. SOA > dig.out.ns4.test$n
+ grep SOA dig.out.ns4.test$n > /dev/null
+)
+retry_quiet 10 wait_for_soa
+
+nextpart ns4/named.run | grep "Transfer status: success" > /dev/null || {
+ echo_i "failed: expected status was not logged"
+ status=$((status+1))
+}
+
+$DIGCMD nil. TXT | grep 'initial AXFR' >/dev/null || {
+ echo_i "failed"
+ status=$((status+1))
+}
+
+n=$((n+1))
+echo_i "unsigned transfer ($n)"
+
+$SENDCMD < ans5/unsigned
+
+$RNDCCMD 10.53.0.4 retransfer nil | sed 's/^/ns4 /' | cat_i
+
+sleep 2
+
+nextpart ns4/named.run | grep "Transfer status: expected a TSIG or SIG(0)" > /dev/null || {
+ echo_i "failed: expected status was not logged"
+ status=$((status+1))
+}
+
+$DIGCMD nil. TXT | grep 'unsigned AXFR' >/dev/null && {
+ echo_i "failed"
+ status=$((status+1))
+}
+
+n=$((n+1))
+echo_i "bad keydata ($n)"
+
+$SENDCMD < ans5/badkeydata
+
+$RNDCCMD 10.53.0.4 retransfer nil | sed 's/^/ns4 /' | cat_i
+
+sleep 2
+
+nextpart ns4/named.run | grep "Transfer status: tsig verify failure" > /dev/null || {
+ echo_i "failed: expected status was not logged"
+ status=$((status+1))
+}
+
+$DIGCMD nil. TXT | grep 'bad keydata AXFR' >/dev/null && {
+ echo_i "failed"
+ status=$((status+1))
+}
+
+n=$((n+1))
+echo_i "partially-signed transfer ($n)"
+
+$SENDCMD < ans5/partial
+
+$RNDCCMD 10.53.0.4 retransfer nil | sed 's/^/ns4 /' | cat_i
+
+sleep 2
+
+nextpart ns4/named.run | grep "Transfer status: expected a TSIG or SIG(0)" > /dev/null || {
+ echo_i "failed: expected status was not logged"
+ status=$((status+1))
+}
+
+$DIGCMD nil. TXT | grep 'partially signed AXFR' >/dev/null && {
+ echo_i "failed"
+ status=$((status+1))
+}
+
+n=$((n+1))
+echo_i "unknown key ($n)"
+
+$SENDCMD < ans5/unknownkey
+
+$RNDCCMD 10.53.0.4 retransfer nil | sed 's/^/ns4 /' | cat_i
+
+sleep 2
+
+nextpart ns4/named.run | grep "tsig key 'tsig_key': key name and algorithm do not match" > /dev/null || {
+ echo_i "failed: expected status was not logged"
+ status=$((status+1))
+}
+
+$DIGCMD nil. TXT | grep 'unknown key AXFR' >/dev/null && {
+ echo_i "failed"
+ status=$((status+1))
+}
+
+n=$((n+1))
+echo_i "incorrect key ($n)"
+
+$SENDCMD < ans5/wrongkey
+
+$RNDCCMD 10.53.0.4 retransfer nil | sed 's/^/ns4 /' | cat_i
+
+sleep 2
+
+nextpart ns4/named.run | grep "tsig key 'tsig_key': key name and algorithm do not match" > /dev/null || {
+ echo_i "failed: expected status was not logged"
+ status=$((status+1))
+}
+
+$DIGCMD nil. TXT | grep 'incorrect key AXFR' >/dev/null && {
+ echo_i "failed"
+ status=$((status+1))
+}
+
+n=$((n+1))
+echo_i "bad message id ($n)"
+
+$SENDCMD < ans5/badmessageid
+
+# Uncomment to see AXFR stream with mismatching IDs.
+# $DIG $DIGOPTS @10.53.0.5 -y tsig_key:LSAnCU+Z nil. AXFR +all
+
+$RNDCCMD 10.53.0.4 retransfer nil | sed 's/^/ns4 /' | cat_i
+
+sleep 2
+
+msg="detected message ID mismatch on incoming AXFR stream, transfer will fail in BIND 9.17.2 and later if AXFR source is not fixed"
+nextpart ns4/named.run | grep "$msg" > /dev/null || {
+ echo_i "failed: expected status was not logged"
+ status=$((status+1))
+}
+
+$DIGCMD nil. TXT | grep 'bad message id' >/dev/null || {
+ echo_i "failed"
+ status=$((status+1))
+}
+
+n=$((n+1))
+echo_i "mismatched SOA ($n)"
+
+${SENDCMD} < ans5/soamismatch
+
+$RNDCCMD 10.53.0.4 retransfer nil | sed 's/^/ns4 /' | cat_i
+
+sleep 2
+
+nextpart ns4/named.run | grep "Transfer status: FORMERR" > /dev/null || {
+ echo_i "failed: expected status was not logged"
+ status=$((status+1))
+}
+
+$DIGCMD nil. TXT | grep 'SOA mismatch AXFR' >/dev/null && {
+ echo_i "failed"
+ status=$((status+1))
+}
+
+n=$((n+1))
+echo_i "check that we ask for and get a EDNS EXPIRE response ($n)"
+# force a refresh query
+$RNDCCMD 10.53.0.7 refresh edns-expire 2>&1 | sed 's/^/ns7 /' | cat_i
+sleep 10
+
+# there may be multiple log entries so get the last one.
+expire=`awk '/edns-expire\/IN: got EDNS EXPIRE of/ { x=$9 } END { print x }' ns7/named.run`
+test ${expire:-0} -gt 0 -a ${expire:-0} -lt 1814400 || {
+ echo_i "failed (expire=${expire:-0})"
+ status=$((status+1))
+}
+
+n=$((n+1))
+echo_i "test smaller transfer TCP message size ($n)"
+$DIG $DIGOPTS example. @10.53.0.8 axfr \
+ -y key1.:1234abcd8765 > dig.out.msgsize.test$n || status=1
+
+$DOS2UNIX dig.out.msgsize.test$n >/dev/null 2>&1
+
+bytes=`wc -c < dig.out.msgsize.test$n`
+if [ $bytes -ne 459357 ]; then
+ echo_i "failed axfr size check"
+ status=$((status+1))
+fi
+
+num_messages=`cat ns8/named.run | grep "sending TCP message of" | wc -l`
+if [ $num_messages -le 300 ]; then
+ echo_i "failed transfer message count check"
+ status=$((status+1))
+fi
+
+n=$((n+1))
+echo_i "test mapped zone with out of zone data ($n)"
+tmp=0
+$DIG -p ${PORT} txt mapped @10.53.0.3 > dig.out.1.test$n
+grep "status: NOERROR," dig.out.1.test$n > /dev/null || tmp=1
+stop_server ns3
+start_server --noclean --restart --port ${PORT} ns3
+check_mapped () {
+ $DIG -p ${PORT} txt mapped @10.53.0.3 > dig.out.2.test$n
+ grep "status: NOERROR," dig.out.2.test$n > /dev/null || return 1
+ $DIG -p ${PORT} axfr mapped @10.53.0.3 > dig.out.3.test$n
+ digcomp knowngood.mapped dig.out.3.test$n || return 1
+ return 0
+}
+retry_quiet 10 check_mapped || tmp=1
+[ "$tmp" -ne 0 ] && echo_i "failed"
+status=$((status+tmp))
+
+n=$((n+1))
+echo_i "test that a zone with too many records is rejected (AXFR) ($n)"
+tmp=0
+grep "'axfr-too-big/IN'.*: too many records" ns6/named.run >/dev/null || tmp=1
+if test $tmp != 0 ; then echo_i "failed"; fi
+status=$((status+tmp))
+
+n=$((n+1))
+echo_i "test that a zone with too many records is rejected (IXFR) ($n)"
+tmp=0
+nextpart ns6/named.run > /dev/null
+$NSUPDATE << EOF
+zone ixfr-too-big
+server 10.53.0.1 ${PORT}
+update add the-31st-record.ixfr-too-big 0 TXT this is it
+send
+EOF
+msg="'ixfr-too-big/IN' from 10.53.0.1#${PORT}: Transfer status: too many records"
+wait_for_log 10 "$msg" ns6/named.run || tmp=1
+if test $tmp != 0 ; then echo_i "failed"; fi
+status=$((status+tmp))
+
+n=$((n+1))
+echo_i "checking whether dig calculates AXFR statistics correctly ($n)"
+tmp=0
+# Loop until the secondary server manages to transfer the "xfer-stats" zone so
+# that we can both check dig output and immediately proceed with the next test.
+# Use -b so that we can discern between incoming and outgoing transfers in ns3
+# logs later on.
+wait_for_xfer() (
+ $DIG $DIGOPTS +noedns +stat -b 10.53.0.2 @10.53.0.3 xfer-stats. AXFR > dig.out.ns3.test$n
+ grep "; Transfer failed" dig.out.ns3.test$n > /dev/null || return 0
+ return 1
+)
+if retry_quiet 10 wait_for_xfer; then
+ get_dig_xfer_stats dig.out.ns3.test$n > stats.dig
+ diff axfr-stats.good stats.dig || tmp=1
+else
+ echo_i "timed out waiting for zone transfer"
+fi
+if test $tmp != 0 ; then echo_i "failed"; fi
+status=$((status+tmp))
+
+# Note: in the next two tests, we use ns3 logs for checking both incoming and
+# outgoing transfer statistics as ns3 is both a secondary server (for ns1) and a
+# primary server (for dig queries from the previous test) for "xfer-stats".
+n=$((n+1))
+echo_i "checking whether named calculates incoming AXFR statistics correctly ($n)"
+tmp=0
+get_named_xfer_stats ns3/named.run 10.53.0.1 xfer-stats "Transfer completed" > stats.incoming
+diff axfr-stats.good stats.incoming || tmp=1
+if test $tmp != 0 ; then echo_i "failed"; fi
+status=$((status+tmp))
+
+n=$((n+1))
+echo_i "checking whether named calculates outgoing AXFR statistics correctly ($n)"
+tmp=0
+check_xfer_stats() {
+ get_named_xfer_stats ns3/named.run 10.53.0.2 xfer-stats "AXFR ended" > stats.outgoing
+ diff axfr-stats.good stats.outgoing > /dev/null
+}
+retry_quiet 10 check_xfer_stats || tmp=1
+if test $tmp != 0 ; then echo_i "failed"; fi
+status=$((status+tmp))
+
+echo_i "exit status: $status"
+[ $status -eq 0 ] || exit 1
diff --git a/bin/tests/system/xferquota/clean.sh b/bin/tests/system/xferquota/clean.sh
new file mode 100644
index 0000000..9cc4057
--- /dev/null
+++ b/bin/tests/system/xferquota/clean.sh
@@ -0,0 +1,26 @@
+#!/bin/sh
+
+# Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+#
+# SPDX-License-Identifier: MPL-2.0
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, you can obtain one at https://mozilla.org/MPL/2.0/.
+#
+# See the COPYRIGHT file distributed with this work for additional
+# information regarding copyright ownership.
+
+#
+# Clean up after zone transfer quota tests.
+#
+
+rm -f ns1/zone*.example.db ns1/zones.conf
+rm -f ns2/zone*.example.bk ns2/zones.conf
+rm -f dig.out.* ns2/changing.bk
+rm -f ns1/changing.db
+rm -f */named.memstats
+rm -f */named.conf
+rm -f */named.run
+rm -f ns*/named.lock
+rm -f ns*/managed-keys.bind*
diff --git a/bin/tests/system/xferquota/ns1/changing1.db b/bin/tests/system/xferquota/ns1/changing1.db
new file mode 100644
index 0000000..0b5e893
--- /dev/null
+++ b/bin/tests/system/xferquota/ns1/changing1.db
@@ -0,0 +1,27 @@
+; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+;
+; SPDX-License-Identifier: MPL-2.0
+;
+; This Source Code Form is subject to the terms of the Mozilla Public
+; License, v. 2.0. If a copy of the MPL was not distributed with this
+; file, you can obtain one at https://mozilla.org/MPL/2.0/.
+;
+; See the COPYRIGHT file distributed with this work for additional
+; information regarding copyright ownership.
+
+$TTL 600
+
+@ IN SOA dns1.changing. postmaster.changing. (
+ 1 ;; serial
+ 3600 ;; refresh period
+ 1800 ;; retry interval
+ 604800 ;; expire time
+ 600 ) ;; default TTL
+
+ IN NS dns1.changing.
+ NS dns2.changing.
+
+dns1 IN A 10.53.0.1
+dns2 IN A 10.53.0.2
+
+a IN A 10.0.0.1
diff --git a/bin/tests/system/xferquota/ns1/changing2.db b/bin/tests/system/xferquota/ns1/changing2.db
new file mode 100644
index 0000000..33dd7f4
--- /dev/null
+++ b/bin/tests/system/xferquota/ns1/changing2.db
@@ -0,0 +1,27 @@
+; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+;
+; SPDX-License-Identifier: MPL-2.0
+;
+; This Source Code Form is subject to the terms of the Mozilla Public
+; License, v. 2.0. If a copy of the MPL was not distributed with this
+; file, you can obtain one at https://mozilla.org/MPL/2.0/.
+;
+; See the COPYRIGHT file distributed with this work for additional
+; information regarding copyright ownership.
+
+$TTL 600
+
+@ IN SOA dns1.changing. postmaster.changing. (
+ 2 ;; serial
+ 3600 ;; refresh period
+ 1800 ;; retry interval
+ 604800 ;; expire time
+ 600 ) ;; default TTL
+
+ IN NS dns1.changing.
+ NS dns2.changing.
+
+dns1 IN A 10.53.0.1
+dns2 IN A 10.53.0.2
+
+a IN A 10.0.0.2
diff --git a/bin/tests/system/xferquota/ns1/named.conf.in b/bin/tests/system/xferquota/ns1/named.conf.in
new file mode 100644
index 0000000..c9f19f9
--- /dev/null
+++ b/bin/tests/system/xferquota/ns1/named.conf.in
@@ -0,0 +1,45 @@
+/*
+ * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+ *
+ * SPDX-License-Identifier: MPL-2.0
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, you can obtain one at https://mozilla.org/MPL/2.0/.
+ *
+ * See the COPYRIGHT file distributed with this work for additional
+ * information regarding copyright ownership.
+ */
+
+options {
+ query-source address 10.53.0.1;
+ notify-source 10.53.0.1;
+ transfer-source 10.53.0.1;
+ port @PORT@;
+ pid-file "named.pid";
+ listen-on { 10.53.0.1; };
+ listen-on-v6 { none; };
+ recursion no;
+ notify yes;
+};
+
+key rndc_key {
+ secret "1234abcd8765";
+ algorithm hmac-sha256;
+};
+
+controls {
+ inet 10.53.0.1 port @CONTROLPORT@ allow { any; } keys { rndc_key; };
+};
+
+zone "." {
+ type primary;
+ file "root.db";
+};
+
+zone "changing." {
+ type primary;
+ file "changing.db";
+};
+
+include "zones.conf";
diff --git a/bin/tests/system/xferquota/ns1/root.db b/bin/tests/system/xferquota/ns1/root.db
new file mode 100644
index 0000000..c5049f4
--- /dev/null
+++ b/bin/tests/system/xferquota/ns1/root.db
@@ -0,0 +1,29 @@
+; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+;
+; SPDX-License-Identifier: MPL-2.0
+;
+; This Source Code Form is subject to the terms of the Mozilla Public
+; License, v. 2.0. If a copy of the MPL was not distributed with this
+; file, you can obtain one at https://mozilla.org/MPL/2.0/.
+;
+; See the COPYRIGHT file distributed with this work for additional
+; information regarding copyright ownership.
+
+$TTL 300
+. IN SOA gson.nominum.com. a.root.servers.nil. (
+ 2000042100 ; serial
+ 600 ; refresh
+ 600 ; retry
+ 1200 ; expire
+ 600 ; minimum
+ )
+. NS a.root-servers.nil.
+a.root-servers.nil. A 10.53.0.1
+
+example. NS ns2.example.
+ns2.example. A 10.53.0.2
+
+changing. NS dns1.changing.
+ A 10.53.0.1
+ NS dns2.changing.
+ A 10.53.0.2
diff --git a/bin/tests/system/xferquota/ns2/example.db b/bin/tests/system/xferquota/ns2/example.db
new file mode 100644
index 0000000..e1d2b82
--- /dev/null
+++ b/bin/tests/system/xferquota/ns2/example.db
@@ -0,0 +1,146 @@
+; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+;
+; SPDX-License-Identifier: MPL-2.0
+;
+; This Source Code Form is subject to the terms of the Mozilla Public
+; License, v. 2.0. If a copy of the MPL was not distributed with this
+; file, you can obtain one at https://mozilla.org/MPL/2.0/.
+;
+; See the COPYRIGHT file distributed with this work for additional
+; information regarding copyright ownership.
+
+$ORIGIN .
+$TTL 300 ; 5 minutes
+example IN SOA mname1. . (
+ 2000042795 ; serial
+ 20 ; refresh (20 seconds)
+ 20 ; retry (20 seconds)
+ 1814400 ; expire (3 weeks)
+ 3600 ; minimum (1 hour)
+ )
+example. NS ns2.example.
+ns2.example. A 10.53.0.2
+example. NS ns3.example.
+ns3.example. A 10.53.0.3
+
+$ORIGIN example.
+* MX 10 mail
+a TXT "foo foo foo"
+ PTR foo.net.
+$TTL 3600 ; 1 hour
+a01 A 0.0.0.0
+a02 A 255.255.255.255
+a601 AAAA ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff
+afsdb01 AFSDB 0 hostname
+afsdb02 AFSDB 65535 .
+$TTL 300 ; 5 minutes
+b CNAME foo.net.
+c A 73.80.65.49
+$TTL 3600 ; 1 hour
+cert01 CERT 65534 65535 PRIVATEOID (
+ MxFcby9k/yvedMfQgKzhH5er0Mu/vILz45IkskceFGgi
+ WCn/GxHhai6VAuHAoNUz4YoU1tVfSCSqQYn6//11U6Nl
+ d80jEeC8aTrO+KKmCaY= )
+cname01 CNAME cname-target.
+cname02 CNAME cname-target
+cname03 CNAME .
+$TTL 300 ; 5 minutes
+d A 73.80.65.49
+$TTL 3600 ; 1 hour
+dname01 DNAME dname-target.
+dname02 DNAME dname-target
+dname03 DNAME .
+$TTL 300 ; 5 minutes
+e MX 10 mail
+ TXT "one"
+ TXT "three"
+ TXT "two"
+ A 73.80.65.49
+ A 73.80.65.50
+ A 73.80.65.52
+ A 73.80.65.51
+f A 73.80.65.52
+$TTL 3600 ; 1 hour
+gpos01 GPOS "-22.6882" "116.8652" "250.0"
+gpos02 GPOS "" "" ""
+hinfo01 HINFO "Generic PC clone" "NetBSD-1.4"
+hinfo02 HINFO "PC" "NetBSD"
+isdn01 ISDN "isdn-address"
+isdn02 ISDN "isdn-address" "subaddress"
+isdn03 ISDN "isdn-address"
+isdn04 ISDN "isdn-address" "subaddress"
+dnskey01 DNSKEY 512 255 1 (
+ AQMFD5raczCJHViKtLYhWGz8hMY9UGRuniJDBzC7w0aR
+ yzWZriO6i2odGWWQVucZqKVsENW91IOW4vqudngPZsY3
+ GvQ/xVA8/7pyFj6b7Esga60zyGW6LFe9r8n6paHrlG5o
+ jqf0BaqHT+8= )
+kx01 KX 10 kdc
+kx02 KX 10 .
+loc01 LOC 60 9 0.000 N 24 39 0.000 E 10.00m 20m 2000m 20m
+loc02 LOC 60 9 0.000 N 24 39 0.000 E 10.00m 20m 2000m 20m
+mb01 MG madname
+mb02 MG .
+mg01 MG mgmname
+mg02 MG .
+minfo01 MINFO rmailbx emailbx
+minfo02 MINFO . .
+mr01 MR mrname
+mr02 MR .
+mx01 MX 10 mail
+mx02 MX 10 .
+naptr01 NAPTR 0 0 "" "" "" .
+naptr02 NAPTR 65535 65535 "blurgh" "blorf" ":(.*):\\1:" foo.
+nsap-ptr01 NSAP-PTR foo.
+ NSAP-PTR .
+nsap01 NSAP 0x47000580005a0000000001e133ffffff00016100
+nsap02 NSAP 0x47000580005a0000000001e133ffffff00016100
+nsec01 NSEC a.secure ( NS SOA MX RRSIG DNSKEY LOC NSEC )
+nsec02 NSEC . ( NSAP-PTR NSEC )
+nsec03 NSEC . ( A )
+nsec04 NSEC . ( 127 )
+ptr01 PTR example.
+px01 PX 65535 foo. bar.
+px02 PX 65535 . .
+rp01 RP mbox-dname txt-dname
+rp02 RP . .
+rt01 RT 0 intermediate-host
+rt02 RT 65535 .
+$TTL 300 ; 5 minutes
+s NS ns.s
+$ORIGIN s.example.
+ns A 73.80.65.49
+$ORIGIN example.
+$TTL 3600 ; 1 hour
+rrsig01 RRSIG NSEC 1 3 3600 20000102030405 (
+ 19961211100908 2143 foo
+ MxFcby9k/yvedMfQgKzhH5er0Mu/vILz45IkskceFGgi
+ WCn/GxHhai6VAuHAoNUz4YoU1tVfSCSqQYn6//11U6Nl
+ d80jEeC8aTrO+KKmCaY= )
+srv01 SRV 0 0 0 .
+srv02 SRV 65535 65535 65535 old-slow-box.example.com.
+$TTL 301 ; 5 minutes 1 second
+t A 73.80.65.49
+$TTL 3600 ; 1 hour
+txt01 TXT "foo"
+txt02 TXT "foo" "bar"
+txt03 TXT "foo"
+txt04 TXT "foo" "bar"
+txt05 TXT "foo bar"
+txt06 TXT "foo bar"
+txt07 TXT "foo bar"
+txt08 TXT "foo\010bar"
+txt09 TXT "foo\010bar"
+txt10 TXT "foo bar"
+txt11 TXT "\"foo\""
+txt12 TXT "\"foo\""
+$TTL 300 ; 5 minutes
+u TXT "txt-not-in-nsec"
+$ORIGIN u.example.
+a A 73.80.65.49
+b A 73.80.65.49
+$ORIGIN example.
+$TTL 3600 ; 1 hour
+wks01 WKS 10.0.0.1 6 ( 0 1 2 21 23 )
+wks02 WKS 10.0.0.1 17 ( 0 1 2 53 )
+wks03 WKS 10.0.0.2 6 ( 65535 )
+x2501 X25 "123456789"
diff --git a/bin/tests/system/xferquota/ns2/named.conf.in b/bin/tests/system/xferquota/ns2/named.conf.in
new file mode 100644
index 0000000..ef55dc6
--- /dev/null
+++ b/bin/tests/system/xferquota/ns2/named.conf.in
@@ -0,0 +1,40 @@
+/*
+ * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+ *
+ * SPDX-License-Identifier: MPL-2.0
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, you can obtain one at https://mozilla.org/MPL/2.0/.
+ *
+ * See the COPYRIGHT file distributed with this work for additional
+ * information regarding copyright ownership.
+ */
+
+options {
+ query-source address 10.53.0.2;
+ notify-source 10.53.0.2;
+ transfer-source 10.53.0.2;
+ port @PORT@;
+ pid-file "named.pid";
+ listen-on { 10.53.0.2; };
+ listen-on-v6 { none; };
+ recursion no;
+ notify no;
+
+ transfers-in 5;
+ transfers-per-ns 5;
+};
+
+zone "." {
+ type hint;
+ file "../../common/root.hint";
+};
+
+zone "changing." {
+ type secondary;
+ primaries { 10.53.0.1; };
+ file "changing.bk";
+};
+
+include "zones.conf";
diff --git a/bin/tests/system/xferquota/setup.pl b/bin/tests/system/xferquota/setup.pl
new file mode 100644
index 0000000..ab5450c
--- /dev/null
+++ b/bin/tests/system/xferquota/setup.pl
@@ -0,0 +1,40 @@
+#!/usr/bin/perl
+
+# Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+#
+# SPDX-License-Identifier: MPL-2.0
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, you can obtain one at https://mozilla.org/MPL/2.0/.
+#
+# See the COPYRIGHT file distributed with this work for additional
+# information regarding copyright ownership.
+
+#
+# Set up test data for zone transfer quota tests.
+#
+use FileHandle;
+
+my $priconf = new FileHandle("ns1/zones.conf", "w") or die;
+my $secconf = new FileHandle("ns2/zones.conf", "w") or die;
+
+for ($z = 0; $z < 300; $z++) {
+ my $zn = sprintf("zone%06d.example", $z);
+ print $priconf "zone \"$zn\" { type primary; file \"$zn.db\"; };\n";
+ print $secconf "zone \"$zn\" { type secondary; file \"$zn.bk\"; masterfile-format text; primaries { 10.53.0.1; }; };\n";
+ my $fn = "ns1/$zn.db";
+ my $f = new FileHandle($fn, "w") or die "open: $fn: $!";
+ print $f "\$TTL 300
+\@ IN SOA ns1 . 1 300 120 3600 86400
+ NS ns1
+ NS ns2
+ns1 A 10.53.0.1
+ns2 A 10.53.0.2
+ MX 10 mail1.isp.example.
+ MX 20 mail2.isp.example.
+www A 10.0.0.1
+xyzzy A 10.0.0.2
+";
+ $f->close;
+}
diff --git a/bin/tests/system/xferquota/setup.sh b/bin/tests/system/xferquota/setup.sh
new file mode 100644
index 0000000..c8c488d
--- /dev/null
+++ b/bin/tests/system/xferquota/setup.sh
@@ -0,0 +1,26 @@
+#!/bin/sh
+
+# Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+#
+# SPDX-License-Identifier: MPL-2.0
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, you can obtain one at https://mozilla.org/MPL/2.0/.
+#
+# See the COPYRIGHT file distributed with this work for additional
+# information regarding copyright ownership.
+
+#
+# Set up test data for zone transfer quota tests.
+#
+
+SYSTEMTESTTOP=..
+. $SYSTEMTESTTOP/conf.sh
+
+$PERL setup.pl
+
+cp -f ns1/changing1.db ns1/changing.db
+
+copy_setports ns1/named.conf.in ns1/named.conf
+copy_setports ns2/named.conf.in ns2/named.conf
diff --git a/bin/tests/system/xferquota/tests.sh b/bin/tests/system/xferquota/tests.sh
new file mode 100755
index 0000000..d6e0544
--- /dev/null
+++ b/bin/tests/system/xferquota/tests.sh
@@ -0,0 +1,64 @@
+#!/bin/sh
+
+# Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+#
+# SPDX-License-Identifier: MPL-2.0
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, you can obtain one at https://mozilla.org/MPL/2.0/.
+#
+# See the COPYRIGHT file distributed with this work for additional
+# information regarding copyright ownership.
+
+SYSTEMTESTTOP=..
+. $SYSTEMTESTTOP/conf.sh
+
+DIGOPTS="+tcp +noadd +nosea +nostat +noquest +nocomm +nocmd -p ${PORT}"
+RNDCCMD="$RNDC -c $SYSTEMTESTTOP/common/rndc.conf -p ${CONTROLPORT} -s"
+
+#
+# Perform tests
+#
+
+count=0
+ticks=0
+while [ $count != 300 ]; do
+ if [ $ticks = 1 ]; then
+ echo_i "Changing test zone..."
+ cp -f ns1/changing2.db ns1/changing.db
+ if [ ! "$CYGWIN" ]; then
+ $KILL -HUP `cat ns1/named.pid`
+ else
+ rndc_reload ns1 10.53.0.1
+ fi
+ fi
+ sleep 1
+ ticks=`expr $ticks + 1`
+ seconds=`expr $ticks \* 1`
+ if [ $ticks = 360 ]; then
+ echo_i "Took too long to load zones"
+ exit 1
+ fi
+ count=`cat ns2/zone*.bk | grep xyzzy | wc -l`
+ echo_i "Have $count zones up in $seconds seconds"
+done
+
+status=0
+
+$DIG $DIGOPTS zone000099.example. @10.53.0.1 axfr > dig.out.ns1 || status=1
+
+$DIG $DIGOPTS zone000099.example. @10.53.0.2 axfr > dig.out.ns2 || status=1
+
+digcomp dig.out.ns1 dig.out.ns2 || status=1
+
+sleep 15
+
+$DIG $DIGOPTS a.changing. @10.53.0.1 a > dig.out.ns1 || status=1
+
+$DIG $DIGOPTS a.changing. @10.53.0.2 a > dig.out.ns2 || status=1
+
+digcomp dig.out.ns1 dig.out.ns2 || status=1
+
+echo_i "exit status: $status"
+[ $status -eq 0 ] || exit 1