diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-08 16:41:29 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-08 16:41:29 +0000 |
commit | e2fc8e037ea6bb5de92b25ec9c12a624737ac5ca (patch) | |
tree | 65e6bbf5e12c3fe09b43e577f8d1786d06bcd559 /bin/tests/system/padding | |
parent | Releasing progress-linux version 1:9.18.19-1~deb12u1progress7u1. (diff) | |
download | bind9-e2fc8e037ea6bb5de92b25ec9c12a624737ac5ca.tar.xz bind9-e2fc8e037ea6bb5de92b25ec9c12a624737ac5ca.zip |
Merging upstream version 1:9.18.24.
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'bin/tests/system/padding')
-rw-r--r-- | bin/tests/system/padding/ns2/named.conf.in | 2 | ||||
-rw-r--r-- | bin/tests/system/padding/ns3/named.conf.in | 2 | ||||
-rw-r--r-- | bin/tests/system/padding/ns4/named.conf.in | 2 | ||||
-rw-r--r-- | bin/tests/system/padding/tests.sh | 68 |
4 files changed, 40 insertions, 34 deletions
diff --git a/bin/tests/system/padding/ns2/named.conf.in b/bin/tests/system/padding/ns2/named.conf.in index 10ba86b..6f2a34c 100644 --- a/bin/tests/system/padding/ns2/named.conf.in +++ b/bin/tests/system/padding/ns2/named.conf.in @@ -36,7 +36,7 @@ options { zone "." { type hint; - file "../../common/root.hint"; + file "../../_common/root.hint"; }; zone "example" { diff --git a/bin/tests/system/padding/ns3/named.conf.in b/bin/tests/system/padding/ns3/named.conf.in index a719249..1b44e47 100644 --- a/bin/tests/system/padding/ns3/named.conf.in +++ b/bin/tests/system/padding/ns3/named.conf.in @@ -41,5 +41,5 @@ controls { zone "." { type hint; - file "../../common/root.hint"; + file "../../_common/root.hint"; }; diff --git a/bin/tests/system/padding/ns4/named.conf.in b/bin/tests/system/padding/ns4/named.conf.in index 6828f2a..957175c 100644 --- a/bin/tests/system/padding/ns4/named.conf.in +++ b/bin/tests/system/padding/ns4/named.conf.in @@ -41,5 +41,5 @@ controls { zone "." { type hint; - file "../../common/root.hint"; + file "../../_common/root.hint"; }; diff --git a/bin/tests/system/padding/tests.sh b/bin/tests/system/padding/tests.sh index c952537..f20ba0b 100644 --- a/bin/tests/system/padding/tests.sh +++ b/bin/tests/system/padding/tests.sh @@ -19,30 +19,30 @@ n=0 status=0 DIGOPTS="-p ${PORT}" -RNDCCMD="$RNDC -c ../common/rndc.conf -p ${CONTROLPORT} -s" +RNDCCMD="$RNDC -c ../_common/rndc.conf -p ${CONTROLPORT} -s" getcookie() { - awk '$2 == "COOKIE:" { + awk '$2 == "COOKIE:" { print $3; - }' < $1 + }' <$1 } echo_i "checking that dig handles padding ($n)" ret=0 n=$((n + 1)) -$DIG $DIGOPTS +qr +padding=128 foo.example @10.53.0.2 > dig.out.test$n -grep "; PAD" dig.out.test$n > /dev/null || ret=1 -grep "; QUERY SIZE: 128" dig.out.test$n > /dev/null || ret=1 +$DIG $DIGOPTS +qr +padding=128 foo.example @10.53.0.2 >dig.out.test$n +grep "; PAD" dig.out.test$n >/dev/null || ret=1 +grep "; QUERY SIZE: 128" dig.out.test$n >/dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) echo_i "checking that dig added padding ($n)" ret=0 n=$((n + 1)) -nextpart ns2/named.stats > /dev/null +nextpart ns2/named.stats >/dev/null $RNDCCMD 10.53.0.2 stats wait_for_log_peek 5 "--- Statistics Dump ---" ns2/named.stats || ret=1 -nextpart ns2/named.stats | grep "EDNS padding option received" > /dev/null || ret=1 +nextpart ns2/named.stats | grep "EDNS padding option received" >/dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) @@ -50,84 +50,90 @@ status=$((status + ret)) echo_i "checking that padding is added for TCP responses ($n)" ret=0 n=$((n + 1)) -$DIG $DIGOPTS +vc +padding=128 foo.example @10.53.0.2 > dig.out.test$n -grep "; PAD" dig.out.test$n > /dev/null || ret=1 -grep "rcvd: 128" dig.out.test$n > /dev/null || ret=1 +$DIG $DIGOPTS +vc +padding=128 foo.example @10.53.0.2 >dig.out.test$n +grep "; PAD" dig.out.test$n >/dev/null || ret=1 +grep "rcvd: 128" dig.out.test$n >/dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) echo_i "checking that padding is added to valid cookie responses ($n)" ret=0 n=$((n + 1)) -$DIG $DIGOPTS +cookie foo.example @10.53.0.2 > dig.out.testc +$DIG $DIGOPTS +cookie foo.example @10.53.0.2 >dig.out.testc cookie=$(getcookie dig.out.testc) -$DIG $DIGOPTS +cookie=$cookie +padding=128 foo.example @10.53.0.2 > dig.out.test$n -grep "; PAD" dig.out.test$n > /dev/null || ret=1 -grep "rcvd: 128" dig.out.test$n > /dev/null || ret=1 +$DIG $DIGOPTS +cookie=$cookie +padding=128 foo.example @10.53.0.2 >dig.out.test$n +grep "; PAD" dig.out.test$n >/dev/null || ret=1 +grep "rcvd: 128" dig.out.test$n >/dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) echo_i "checking that padding must be requested (TCP) ($n)" ret=0 n=$((n + 1)) -$DIG $DIGOPTS +vc foo.example @10.53.0.2 > dig.out.test$n -grep "; PAD" dig.out.test$n > /dev/null && ret=1 +$DIG $DIGOPTS +vc foo.example @10.53.0.2 >dig.out.test$n +grep "; PAD" dig.out.test$n >/dev/null && ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) echo_i "checking that padding must be requested (valid cookie) ($n)" ret=0 n=$((n + 1)) -$DIG $DIGOPTS +cookie=$cookie foo.example @10.53.0.2 > dig.out.test$n -grep "; PAD" dig.out.test$n > /dev/null && ret=1 +$DIG $DIGOPTS +cookie=$cookie foo.example @10.53.0.2 >dig.out.test$n +grep "; PAD" dig.out.test$n >/dev/null && ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) echo_i "checking that padding can be filtered out ($n)" ret=0 n=$((n + 1)) -$DIG $DIGOPTS +vc +padding=128 -b 10.53.0.8 foo.example @10.53.0.2 > dig.out.test$n -grep "; PAD" dig.out.test$n > /dev/null && ret=1 +$DIG $DIGOPTS +vc +padding=128 -b 10.53.0.8 foo.example @10.53.0.2 >dig.out.test$n +grep "; PAD" dig.out.test$n >/dev/null && ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) echo_i "checking that a TCP and padding server config enables padding ($n)" ret=0 n=$((n + 1)) -nextpart ns2/named.stats > /dev/null +nextpart ns2/named.stats >/dev/null $RNDCCMD 10.53.0.2 stats wait_for_log_peek 5 "--- Statistics Dump ---" ns2/named.stats || ret=1 opad=$(nextpart ns2/named.stats | awk '/EDNS padding option received/ { print $1}') -$DIG $DIGOPTS foo.example @10.53.0.3 > dig.out.test$n +$DIG $DIGOPTS foo.example @10.53.0.3 >dig.out.test$n $RNDCCMD 10.53.0.2 stats wait_for_log_peek 5 "--- Statistics Dump ---" ns2/named.stats || ret=1 npad=$(nextpart ns2/named.stats | awk '/EDNS padding option received/ { print $1}') -if [ "$opad" -eq "$npad" ]; then echo_i "error: opad ($opad) == npad ($npad)"; ret=1; fi +if [ "$opad" -eq "$npad" ]; then + echo_i "error: opad ($opad) == npad ($npad)" + ret=1 +fi if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) echo_i "checking that a padding server config should enforce TCP ($n)" ret=0 n=$((n + 1)) -nextpart ns2/named.stats > /dev/null +nextpart ns2/named.stats >/dev/null $RNDCCMD 10.53.0.2 stats wait_for_log_peek 5 "--- Statistics Dump ---" ns2/named.stats || ret=1 opad=$(nextpart ns2/named.stats | awk '/EDNS padding option received/ { print $1}') -$DIG $DIGOPTS foo.example @10.53.0.4 > dig.out.test$n +$DIG $DIGOPTS foo.example @10.53.0.4 >dig.out.test$n $RNDCCMD 10.53.0.2 stats wait_for_log_peek 5 "--- Statistics Dump ---" ns2/named.stats || ret=1 npad=$(nextpart ns2/named.stats | awk '/EDNS padding option received/ { print $1}') -if [ "$opad" -ne "$npad" ]; then echo_i "error: opad ($opad) != npad ($npad)"; ret=1; fi +if [ "$opad" -ne "$npad" ]; then + echo_i "error: opad ($opad) != npad ($npad)" + ret=1 +fi if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) echo_i "checking that zero-length padding option has no effect ($n)" ret=0 n=$((n + 1)) -$DIG $DIGOPTS +qr +ednsopt=12 foo.example @10.53.0.2 > dig.out.test$n.1 -grep "; PAD" dig.out.test$n.1 > /dev/null || ret=1 -$DIG $DIGOPTS +qr +ednsopt=12:00 foo.example @10.53.0.2 > dig.out.test$n.2 -grep "; PAD" dig.out.test$n.2 > /dev/null || ret=1 +$DIG $DIGOPTS +qr +ednsopt=12 foo.example @10.53.0.2 >dig.out.test$n.1 +grep "; PAD" dig.out.test$n.1 >/dev/null || ret=1 +$DIG $DIGOPTS +qr +ednsopt=12:00 foo.example @10.53.0.2 >dig.out.test$n.2 +grep "; PAD" dig.out.test$n.2 >/dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) |