9 files changed, 250 insertions, 0 deletions
diff --git a/bin/tests/system/emptyzones/clean.sh b/bin/tests/system/emptyzones/clean.sh
new file mode 100644
index 0000000..c7ff161
--- /dev/null
+++ b/bin/tests/system/emptyzones/clean.sh
@@ -0,0 +1,19 @@
+#!/bin/sh
+
+# Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+#
+# SPDX-License-Identifier: MPL-2.0
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0.  If a copy of the MPL was not distributed with this
+# file, you can obtain one at https://mozilla.org/MPL/2.0/.
+#
+# See the COPYRIGHT file distributed with this work for additional
+# information regarding copyright ownership.
+
+rm -f ns1/named.conf
+rm -f ns*/named.lock
+rm -f ns*/named.run
+rm -f ns*/named.memstats
+rm -f dig.out.test*
+rm -f ns*/managed-keys.bind*
diff --git a/bin/tests/system/emptyzones/ns1/empty.db b/bin/tests/system/emptyzones/ns1/empty.db
new file mode 100644
index 0000000..70dbcaf
--- /dev/null
+++ b/bin/tests/system/emptyzones/ns1/empty.db
@@ -0,0 +1,13 @@
+; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+;
+; SPDX-License-Identifier: MPL-2.0
+;
+; This Source Code Form is subject to the terms of the Mozilla Public
+; License, v. 2.0.  If a copy of the MPL was not distributed with this
+; file, you can obtain one at https://mozilla.org/MPL/2.0/.
+;
+; See the COPYRIGHT file distributed with this work for additional
+; information regarding copyright ownership.
+
+@ 0 SOA . . 0 0 0 0 0
+@ 0 NS .
diff --git a/bin/tests/system/emptyzones/ns1/named1.conf.in b/bin/tests/system/emptyzones/ns1/named1.conf.in
new file mode 100644
index 0000000..4aad843
--- /dev/null
+++ b/bin/tests/system/emptyzones/ns1/named1.conf.in
@@ -0,0 +1,46 @@
+/*
+ * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+ *
+ * SPDX-License-Identifier: MPL-2.0
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0.  If a copy of the MPL was not distributed with this
+ * file, you can obtain one at https://mozilla.org/MPL/2.0/.
+ *
+ * See the COPYRIGHT file distributed with this work for additional
+ * information regarding copyright ownership.
+ */
+
+key rndc_key {
+	algorithm       @DEFAULT_HMAC@;
+	secret          "1234abcd8765";
+};
+
+controls {
+	inet 10.53.0.1 port @CONTROLPORT@ allow { any; } keys { rndc_key; };
+};
+
+options {
+	query-source address 10.53.0.1;
+	notify-source 10.53.0.1;
+	transfer-source 10.53.0.1;
+	port @PORT@;
+	pid-file "named.pid";
+	listen-on { 10.53.0.1; };
+	listen-on-v6 { none; };
+	recursion yes;
+	dnssec-validation no;
+	deny-answer-addresses { 192.0.2.0/24; 2001:db8:beef::/48; }
+		 except-from { "example.org"; };
+	deny-answer-aliases { "example.org"; }
+		except-from { "goodcname.example.net";
+			      "gooddname.example.net"; };
+	allow-query {!10.53.0.8; any; };
+};
+
+zone "." {
+	type hint;
+	file "root.hint";
+};
+
+include "rfc1918.zones";
diff --git a/bin/tests/system/emptyzones/ns1/named2.conf.in b/bin/tests/system/emptyzones/ns1/named2.conf.in
new file mode 100644
index 0000000..89fe2b4
--- /dev/null
+++ b/bin/tests/system/emptyzones/ns1/named2.conf.in
@@ -0,0 +1,49 @@
+/*
+ * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+ *
+ * SPDX-License-Identifier: MPL-2.0
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0.  If a copy of the MPL was not distributed with this
+ * file, you can obtain one at https://mozilla.org/MPL/2.0/.
+ *
+ * See the COPYRIGHT file distributed with this work for additional
+ * information regarding copyright ownership.
+ */
+
+key rndc_key {
+	algorithm       @DEFAULT_HMAC@;
+	secret          "1234abcd8765";
+};
+
+controls {
+	inet 10.53.0.1 port @CONTROLPORT@ allow { any; } keys { rndc_key; };
+};
+
+options {
+	query-source address 10.53.0.1;
+	notify-source 10.53.0.1;
+	transfer-source 10.53.0.1;
+	port @PORT@;
+	pid-file "named.pid";
+	listen-on { 10.53.0.1; };
+	listen-on-v6 { none; };
+	recursion yes;
+	dnssec-validation no;
+	deny-answer-addresses { 192.0.2.0/24; 2001:db8:beef::/48; }
+		 except-from { "example.org"; };
+	deny-answer-aliases { "example.org"; }
+		except-from { "goodcname.example.net";
+			      "gooddname.example.net"; };
+	allow-query {!10.53.0.8; any; };
+	allow-transfer { none; };
+};
+
+zone "." {
+	type hint;
+	file "root.hint";
+};
+
+zone "1.10.in-addr.arpa" {
+	type primary; file "empty.db";
+};
diff --git a/bin/tests/system/emptyzones/ns1/rfc1918.zones b/bin/tests/system/emptyzones/ns1/rfc1918.zones
new file mode 100644
index 0000000..07858f9
--- /dev/null
+++ b/bin/tests/system/emptyzones/ns1/rfc1918.zones
@@ -0,0 +1,32 @@
+/*
+ * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+ *
+ * SPDX-License-Identifier: MPL-2.0
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, you can obtain one at https://mozilla.org/MPL/2.0/.
+ *
+ * See the COPYRIGHT file distributed with this work for additional
+ * information regarding copyright ownership.
+ */
+
+zone "10.IN-ADDR.ARPA" { type primary; file "empty.db"; };
+zone "16.172.IN-ADDR.ARPA" { type primary; file "empty.db"; };
+zone "17.172.IN-ADDR.ARPA" { type primary; file "empty.db"; };
+zone "18.172.IN-ADDR.ARPA" { type primary; file "empty.db"; };
+zone "19.172.IN-ADDR.ARPA" { type primary; file "empty.db"; };
+zone "20.172.IN-ADDR.ARPA" { type primary; file "empty.db"; };
+zone "21.172.IN-ADDR.ARPA" { type primary; file "empty.db"; };
+zone "22.172.IN-ADDR.ARPA" { type primary; file "empty.db"; };
+zone "23.172.IN-ADDR.ARPA" { type primary; file "empty.db"; };
+zone "24.172.IN-ADDR.ARPA" { type primary; file "empty.db"; };
+zone "25.172.IN-ADDR.ARPA" { type primary; file "empty.db"; };
+zone "26.172.IN-ADDR.ARPA" { type primary; file "empty.db"; };
+zone "27.172.IN-ADDR.ARPA" { type primary; file "empty.db"; };
+zone "28.172.IN-ADDR.ARPA" { type primary; file "empty.db"; };
+zone "29.172.IN-ADDR.ARPA" { type primary; file "empty.db"; };
+zone "30.172.IN-ADDR.ARPA" { type primary; file "empty.db"; };
+zone "31.172.IN-ADDR.ARPA" { type primary; file "empty.db"; };
+zone "168.192.IN-ADDR.ARPA" { type primary; file "empty.db"; };
+
diff --git a/bin/tests/system/emptyzones/ns1/root.hint b/bin/tests/system/emptyzones/ns1/root.hint
new file mode 100644
index 0000000..993227d
--- /dev/null
+++ b/bin/tests/system/emptyzones/ns1/root.hint
@@ -0,0 +1,14 @@
+; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+;
+; SPDX-License-Identifier: MPL-2.0
+;
+; This Source Code Form is subject to the terms of the Mozilla Public
+; License, v. 2.0.  If a copy of the MPL was not distributed with this
+; file, you can obtain one at https://mozilla.org/MPL/2.0/.
+;
+; See the COPYRIGHT file distributed with this work for additional
+; information regarding copyright ownership.
+
+$TTL 999999
+.			 IN NS	a.root-servers.nil.
+a.root-servers.nil.	 IN A	10.53.0.2
diff --git a/bin/tests/system/emptyzones/setup.sh b/bin/tests/system/emptyzones/setup.sh
new file mode 100644
index 0000000..935067f
--- /dev/null
+++ b/bin/tests/system/emptyzones/setup.sh
@@ -0,0 +1,17 @@
+#!/bin/sh
+
+# Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+#
+# SPDX-License-Identifier: MPL-2.0
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0.  If a copy of the MPL was not distributed with this
+# file, you can obtain one at https://mozilla.org/MPL/2.0/.
+#
+# See the COPYRIGHT file distributed with this work for additional
+# information regarding copyright ownership.
+
+. ../conf.sh
+
+$SHELL clean.sh
+copy_setports ns1/named1.conf.in ns1/named.conf
diff --git a/bin/tests/system/emptyzones/tests.sh b/bin/tests/system/emptyzones/tests.sh
new file mode 100644
index 0000000..c968d51
--- /dev/null
+++ b/bin/tests/system/emptyzones/tests.sh
@@ -0,0 +1,46 @@
+#!/bin/sh
+
+# Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+#
+# SPDX-License-Identifier: MPL-2.0
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0.  If a copy of the MPL was not distributed with this
+# file, you can obtain one at https://mozilla.org/MPL/2.0/.
+#
+# See the COPYRIGHT file distributed with this work for additional
+# information regarding copyright ownership.
+
+set -e
+
+. ../conf.sh
+
+DIGOPTS="-p ${PORT}"
+RNDCCMD="$RNDC -c ../common/rndc.conf -p ${CONTROLPORT} -s"
+
+status=0
+n=0
+
+n=$((n + 1))
+echo_i "check that switching to automatic empty zones works ($n)"
+ret=0
+rndc_reload ns1 10.53.0.1
+
+copy_setports ns1/named2.conf.in ns1/named.conf
+$RNDCCMD 10.53.0.1 reload > /dev/null || ret=1
+sleep 5
+
+$DIG $DIGOPTS +vc version.bind txt ch @10.53.0.1 > /dev/null || ret=1
+if [ $ret != 0 ]; then echo_i "failed"; fi
+status=$((status + ret))
+
+n=$((n + 1))
+echo_i "check that allow-transfer { none; } works ($n)"
+ret=0
+$DIG $DIGOPTS axfr 10.in-addr.arpa @10.53.0.1 +all > dig.out.test$n || ret=1
+grep "status: REFUSED" dig.out.test$n > /dev/null || ret=1
+if [ $ret != 0 ]; then echo_i "failed"; fi
+status=$((status + ret))
+
+echo_i "exit status: $status"
+[ $status -eq 0 ] || exit 1
diff --git a/bin/tests/system/emptyzones/tests_sh_emptyzones.py b/bin/tests/system/emptyzones/tests_sh_emptyzones.py
new file mode 100644
index 0000000..66dc9dc
--- /dev/null
+++ b/bin/tests/system/emptyzones/tests_sh_emptyzones.py
@@ -0,0 +1,14 @@
+# Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+#
+# SPDX-License-Identifier: MPL-2.0
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0.  If a copy of the MPL was not distributed with this
+# file, you can obtain one at https://mozilla.org/MPL/2.0/.
+#
+# See the COPYRIGHT file distributed with this work for additional
+# information regarding copyright ownership.
+
+
+def test_emptyzones(run_tests_sh):
+    run_tests_sh()