tests.sh 52 KB
Newer Older
1
2
#!/bin/sh
#
3
# Copyright (C) Internet Systems Consortium, Inc. ("ISC")
Evan Hunt's avatar
Evan Hunt committed
4
#
5
6
# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
7
# file, you can obtain one at https://mozilla.org/MPL/2.0/.
8
9
10
#
# See the COPYRIGHT file distributed with this work for additional
# information regarding copyright ownership.
Evan Hunt's avatar
Evan Hunt committed
11

12
# shellcheck source=conf.sh
13
SYSTEMTESTTOP=..
14
. "$SYSTEMTESTTOP/conf.sh"
Evan Hunt's avatar
Evan Hunt committed
15

16
17
set -e

Evan Hunt's avatar
Evan Hunt committed
18
19
status=0
n=0
20

21
sendcmd() {
22
    "$PERL" "$SYSTEMTESTTOP/send.pl" "${1}" "$EXTRAPORT1"
23
24
25
26
27
28
29
30
31
32
}

dig_with_opts() {
    "$DIG" -p "$PORT" "$@"
}

mdig_with_opts() {
    "$MDIG" -p "$PORT" "$@"
}

Mark Andrews's avatar
Mark Andrews committed
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
# Check if response in file $1 has the correct TTL range.
# The response record must have RRtype $2 and class IN (CLASS1).
# Maximum TTL is given by $3.  This works in most cases where TTL is
# the second word on the line.  TTL position can be adjusted with
# setting the position $4, but that requires updating this function.
check_ttl_range() {
    file=$1
    pos=$4

    case "$pos" in
    "3")
    awk -v rrtype="$2" -v ttl="$3" '($4 == "IN" || $4 == "CLASS1" ) && $5 == rrtype { if ($3 <= ttl) { ok=1 } } END { exit(ok?0:1) }' < $file
    ;;
    *)
    awk -v rrtype="$2" -v ttl="$3" '($3 == "IN" || $3 == "CLASS1" ) && $4 == rrtype { if ($2 <= ttl) { ok=1 } } END { exit(ok?0:1) }' < $file
    ;;
    esac

   result=$?
   [ $result -eq 0 ] || echo_i "ttl check failed"
   return $result
}

56
57
# using delv insecure mode as not testing dnssec here
delv_with_opts() {
Evan Hunt's avatar
Evan Hunt committed
58
    "$DELV" +noroot -p "$PORT" "$@"
59
60
61
}

KEYID="$(cat ns2/keyid)"
62
63
KEYDATA="$(< ns2/keydata sed -e 's/+/[+]/g')"
NOSPLIT="$(< ns2/keydata sed -e 's/+/[+]/g' -e 's/ //g')"
64

Evan Hunt's avatar
Evan Hunt committed
65
66
67
68
69
HAS_PYYAML=0
if [ -n "$PYTHON" ] ; then
	$PYTHON -c "import yaml" 2> /dev/null && HAS_PYYAML=1
fi

70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
#
# test whether ans7/ans.pl will be able to send a UPDATE response.
# if it can't, we will log that below.
#
if "$PERL" -e 'use Net::DNS; use Net::DNS::Packet; my $p = new Net::DNS::Packet; $p->header->opcode(5);' > /dev/null 2>&1
then
	checkupdate=1
else
	checkupdate=0
fi

if [ -x "$NSLOOKUP" -a $checkupdate -eq 1 ] ; then

  n=$((n+1))
  echo_i "check nslookup handles UPDATE response ($n)"
  ret=0
  "$NSLOOKUP" -q=CNAME "-port=$PORT" foo.bar 10.53.0.7 > nslookup.out.test$n 2>&1 && ret=1
  grep "Opcode mismatch" nslookup.out.test$n > /dev/null || ret=1
  if [ $ret -ne 0 ]; then echo_i "failed"; fi
  status=$((status+ret))

fi

if [ -x "$HOST" -a $checkupdate -eq 1 ] ; then

  n=$((n+1))
  echo_i "check host handles UPDATE response ($n)"
  ret=0
  "$HOST" -t CNAME -p $PORT foo.bar 10.53.0.7 > host.out.test$n 2>&1 && ret=1
  grep "Opcode mismatch" host.out.test$n > /dev/null || ret=1
  if [ $ret -ne 0 ]; then echo_i "failed"; fi
  status=$((status+ret))

fi

105
if [ -x "$DIG" ] ; then
106

107
108
109
110
111
112
113
114
115
116
117
118
119
  if [ $checkupdate -eq 1 ] ; then

    n=$((n+1))
    echo_i "check dig handles UPDATE response ($n)"
    ret=0
    dig_with_opts @10.53.0.7 cname foo.bar > dig.out.test$n 2>&1 && ret=1
    grep "Opcode mismatch" dig.out.test$n > /dev/null || ret=1
    if [ $ret -ne 0 ]; then echo_i "failed"; fi
    status=$((status+ret))
  else
    echo_i "Skipped UPDATE handling test"
  fi

120
  n=$((n+1))
Evan Hunt's avatar
Evan Hunt committed
121
  echo_i "checking dig short form works ($n)"
122
  ret=0
123
124
125
126
  dig_with_opts @10.53.0.3 +short a a.example > dig.out.test$n || ret=1
  test "$(wc -l < dig.out.test$n)" -eq 1 || ret=1
  if [ $ret -ne 0 ]; then echo_i "failed"; fi
  status=$((status+ret))
127

128
  n=$((n+1))
Evan Hunt's avatar
Evan Hunt committed
129
  echo_i "checking dig split width works ($n)"
130
  ret=0
131
  dig_with_opts @10.53.0.3 +split=4 -t sshfp foo.example > dig.out.test$n || ret=1
132
  grep " 9ABC DEF6 7890 " < dig.out.test$n > /dev/null || ret=1
Matthijs Mekking's avatar
Matthijs Mekking committed
133
  check_ttl_range dig.out.test$n "SSHFP" 300 || ret=1
134
135
  if [ $ret -ne 0 ]; then echo_i "failed"; fi
  status=$((status+ret))
136

137
  n=$((n+1))
Evan Hunt's avatar
Evan Hunt committed
138
  echo_i "checking dig +unknownformat works ($n)"
139
  ret=0
140
  dig_with_opts @10.53.0.3 +unknownformat a a.example > dig.out.test$n || ret=1
141
  grep "CLASS1[ 	][ 	]*TYPE1[ 	][ 	]*\\\\# 4 0A000001" < dig.out.test$n > /dev/null || ret=1
Matthijs Mekking's avatar
Matthijs Mekking committed
142
  check_ttl_range dig.out.test$n "TYPE1" 300 || ret=1
143
144
  if [ $ret -ne 0 ]; then echo_i "failed"; fi
  status=$((status+ret))
145

146
  n=$((n+1))
Evan Hunt's avatar
Evan Hunt committed
147
  echo_i "checking dig with reverse lookup works ($n)"
148
  ret=0
149
  dig_with_opts @10.53.0.3 -x 127.0.0.1 > dig.out.test$n 2>&1 || ret=1
150
  # doesn't matter if has answer
151
  grep -i "127\\.in-addr\\.arpa\\." < dig.out.test$n > /dev/null || ret=1
Matthijs Mekking's avatar
Matthijs Mekking committed
152
  check_ttl_range dig.out.test$n "SOA" 86400 || ret=1
153
154
  if [ $ret -ne 0 ]; then echo_i "failed"; fi
  status=$((status+ret))
155

156
  n=$((n+1))
Evan Hunt's avatar
Evan Hunt committed
157
  echo_i "checking dig over TCP works ($n)"
158
  ret=0
159
  dig_with_opts +tcp @10.53.0.3 a a.example > dig.out.test$n || ret=1
160
  grep "10\\.0\\.0\\.1$" < dig.out.test$n > /dev/null || ret=1
Matthijs Mekking's avatar
Matthijs Mekking committed
161
  check_ttl_range dig.out.test$n "A" 300 || ret=1
162
163
  if [ $ret -ne 0 ]; then echo_i "failed"; fi
  status=$((status+ret))
164

165
  n=$((n+1))
166
  echo_i "checking dig +multi +norrcomments works for DNSKEY (when default is rrcomments)($n)"
Evan Hunt's avatar
Evan Hunt committed
167
  ret=0
168
  dig_with_opts +tcp @10.53.0.3 +multi +norrcomments -t DNSKEY example > dig.out.test$n || ret=1
169
  grep "; ZSK; alg = $DEFAULT_ALGORITHM ; key id = $KEYID" dig.out.test$n > /dev/null && ret=1
Matthijs Mekking's avatar
Matthijs Mekking committed
170
  check_ttl_range dig.out.test$n "DNSKEY" 300 || ret=1
171
172
  if [ $ret -ne 0 ]; then echo_i "failed"; fi
  status=$((status+ret))
Evan Hunt's avatar
Evan Hunt committed
173

174
  n=$((n+1))
175
  echo_i "checking dig +multi +norrcomments works for SOA (when default is rrcomments)($n)"
Evan Hunt's avatar
Evan Hunt committed
176
  ret=0
177
178
  dig_with_opts +tcp @10.53.0.3 +multi +norrcomments -t SOA example > dig.out.test$n || ret=1
  grep "; serial" dig.out.test$n > /dev/null && ret=1
Matthijs Mekking's avatar
Matthijs Mekking committed
179
  check_ttl_range dig.out.test$n "SOA" 300 || ret=1
180
181
  if [ $ret -ne 0 ]; then echo_i "failed"; fi
  status=$((status+ret))
Evan Hunt's avatar
Evan Hunt committed
182

183
  n=$((n+1))
Evan Hunt's avatar
Evan Hunt committed
184
  echo_i "checking dig +rrcomments works for DNSKEY($n)"
Evan Hunt's avatar
Evan Hunt committed
185
  ret=0
186
  dig_with_opts +tcp @10.53.0.3 +rrcomments DNSKEY example > dig.out.test$n || ret=1
187
  grep "; ZSK; alg = $DEFAULT_ALGORITHM ; key id = $KEYID" < dig.out.test$n > /dev/null || ret=1
Matthijs Mekking's avatar
Matthijs Mekking committed
188
  check_ttl_range dig.out.test$n "DNSKEY" 300 || ret=1
189
190
  if [ $ret -ne 0 ]; then echo_i "failed"; fi
  status=$((status+ret))
Evan Hunt's avatar
Evan Hunt committed
191

192
  n=$((n+1))
Evan Hunt's avatar
Evan Hunt committed
193
  echo_i "checking dig +short +rrcomments works for DNSKEY ($n)"
Evan Hunt's avatar
Evan Hunt committed
194
  ret=0
195
  dig_with_opts +tcp @10.53.0.3 +short +rrcomments DNSKEY example > dig.out.test$n || ret=1
196
197
198
  grep "; ZSK; alg = $DEFAULT_ALGORITHM ; key id = $KEYID" < dig.out.test$n > /dev/null || ret=1
  if [ $ret -ne 0 ]; then echo_i "failed"; fi
  status=$((status+ret))
Evan Hunt's avatar
Evan Hunt committed
199

200
  n=$((n+1))
Evan Hunt's avatar
Evan Hunt committed
201
  echo_i "checking dig +short +nosplit works($n)"
202
  ret=0
203
  dig_with_opts +tcp @10.53.0.3 +short +nosplit DNSKEY example > dig.out.test$n || ret=1
204
205
206
  grep "$NOSPLIT" < dig.out.test$n > /dev/null || ret=1
  if [ $ret -ne 0 ]; then echo_i "failed"; fi
  status=$((status+ret))
207

208
  n=$((n+1))
Evan Hunt's avatar
Evan Hunt committed
209
  echo_i "checking dig +short +rrcomments works($n)"
210
  ret=0
211
  dig_with_opts +tcp @10.53.0.3 +short +rrcomments DNSKEY example > dig.out.test$n || ret=1
212
  grep -q "$KEYDATA  ; ZSK; alg = $DEFAULT_ALGORITHM ; key id = $KEYID\$" < dig.out.test$n || ret=1
213
214
  if [ $ret -ne 0 ]; then echo_i "failed"; fi
  status=$((status+ret))
215

216
  n=$((n+1))
Evan Hunt's avatar
Evan Hunt committed
217
  echo_i "checking dig multi flag is local($n)"
218
  ret=0
219
220
221
222
  dig_with_opts +tcp @10.53.0.3 -t DNSKEY example +nomulti example +nomulti > dig.out.nn.$n || ret=1
  dig_with_opts +tcp @10.53.0.3 -t DNSKEY example +multi example +nomulti > dig.out.mn.$n || ret=1
  dig_with_opts +tcp @10.53.0.3 -t DNSKEY example +nomulti example +multi > dig.out.nm.$n || ret=1
  dig_with_opts +tcp @10.53.0.3 -t DNSKEY example +multi example +multi > dig.out.mm.$n || ret=1
223
224
225
226
227
228
229
230
  lcnn=$(wc -l < dig.out.nn.$n)
  lcmn=$(wc -l < dig.out.mn.$n)
  lcnm=$(wc -l < dig.out.nm.$n)
  lcmm=$(wc -l < dig.out.mm.$n)
  test "$lcmm" -ge "$lcnm" || ret=1
  test "$lcmm" -ge "$lcmn" || ret=1
  test "$lcnm" -ge "$lcnn" || ret=1
  test "$lcmn" -ge "$lcnn" || ret=1
Matthijs Mekking's avatar
Matthijs Mekking committed
231
232
233
234
  check_ttl_range dig.out.nn.$n "DNSKEY" 300 || ret=1
  check_ttl_range dig.out.mn.$n "DNSKEY" 300 || ret=1
  check_ttl_range dig.out.nm.$n "DNSKEY" 300 || ret=1
  check_ttl_range dig.out.mm.$n "DNSKEY" 300 || ret=1
235
236
237
238
  if [ $ret -ne 0 ]; then echo_i "failed"; fi
  status=$((status+ret))

  n=$((n+1))
Evan Hunt's avatar
Evan Hunt committed
239
  echo_i "checking dig +noheader-only works ($n)"
240
  ret=0
241
  dig_with_opts +tcp @10.53.0.3 +noheader-only A example > dig.out.test$n || ret=1
242
  grep "Got answer:" < dig.out.test$n > /dev/null || ret=1
Matthijs Mekking's avatar
Matthijs Mekking committed
243
  check_ttl_range dig.out.test$n "SOA" 300 || ret=1
244
245
  if [ $ret -ne 0 ]; then echo_i "failed"; fi
  status=$((status+ret))
246

247
  n=$((n+1))
Evan Hunt's avatar
Evan Hunt committed
248
  echo_i "checking dig +short +rrcomments works($n)"
249
  ret=0
250
  dig_with_opts +tcp @10.53.0.3 +short +rrcomments DNSKEY example > dig.out.test$n || ret=1
251
  grep -q "$KEYDATA  ; ZSK; alg = $DEFAULT_ALGORITHM ; key id = $KEYID\$" < dig.out.test$n || ret=1
252
253
  if [ $ret -ne 0 ]; then echo_i "failed"; fi
  status=$((status+ret))
254

255
  n=$((n+1))
Evan Hunt's avatar
Evan Hunt committed
256
  echo_i "checking dig +header-only works ($n)"
257
  ret=0
258
  dig_with_opts +tcp @10.53.0.3 +header-only example > dig.out.test$n || ret=1
259
260
  grep "^;; flags: qr rd; QUERY: 0, ANSWER: 0," < dig.out.test$n > /dev/null || ret=1
  grep "^;; QUESTION SECTION:" < dig.out.test$n > /dev/null && ret=1
261
262
  if [ $ret -ne 0 ]; then echo_i "failed"; fi
  status=$((status+ret))
263

264
  n=$((n+1))
265
266
  echo_i "checking dig +raflag works ($n)"
  ret=0
267
  dig_with_opts +tcp @10.53.0.3 +raflag +qr example > dig.out.test$n || ret=1
268
269
  grep "^;; flags: rd ra ad; QUERY: 1, ANSWER: 0," < dig.out.test$n > /dev/null || ret=1
  grep "^;; flags: qr rd ra; QUERY: 1, ANSWER: 0," < dig.out.test$n > /dev/null || ret=1
Matthijs Mekking's avatar
Matthijs Mekking committed
270
  check_ttl_range dig.out.test$n "SOA" 300 || ret=1
271
272
  if [ $ret -ne 0 ]; then echo_i "failed"; fi
  status=$((status+ret))
273

274
  n=$((n+1))
275
276
  echo_i "checking dig +tcflag works ($n)"
  ret=0
277
  dig_with_opts +tcp @10.53.0.3 +tcflag +qr example > dig.out.test$n || ret=1
278
279
  grep "^;; flags: tc rd ad; QUERY: 1, ANSWER: 0" < dig.out.test$n > /dev/null || ret=1
  grep "^;; flags: qr rd ra; QUERY: 1, ANSWER: 0," < dig.out.test$n > /dev/null || ret=1
Matthijs Mekking's avatar
Matthijs Mekking committed
280
  check_ttl_range dig.out.test$n "SOA" 300 || ret=1
281
282
  if [ $ret -ne 0 ]; then echo_i "failed"; fi
  status=$((status+ret))
283

284
  n=$((n+1))
Evan Hunt's avatar
Evan Hunt committed
285
  echo_i "checking dig +header-only works (with class and type set) ($n)"
286
  ret=0
287
  dig_with_opts +tcp @10.53.0.3 +header-only -c IN -t A example > dig.out.test$n || ret=1
288
289
  grep "^;; flags: qr rd; QUERY: 0, ANSWER: 0," < dig.out.test$n > /dev/null || ret=1
  grep "^;; QUESTION SECTION:" < dig.out.test$n > /dev/null && ret=1
290
291
  if [ $ret -ne 0 ]; then echo_i "failed"; fi
  status=$((status+ret))
292

293
  n=$((n+1))
Evan Hunt's avatar
Evan Hunt committed
294
  echo_i "checking dig +zflag works, and that BIND properly ignores it ($n)"
295
  ret=0
296
  dig_with_opts +tcp @10.53.0.3 +zflag +qr A example > dig.out.test$n || ret=1
297
298
  sed -n '/Sending:/,/Got answer:/p' dig.out.test$n | grep "^;; flags: rd ad; MBZ: 0x4;" > /dev/null || ret=1
  sed -n '/Got answer:/,/AUTHORITY SECTION:/p' dig.out.test$n | grep "^;; flags: qr rd ra; QUERY: 1" > /dev/null || ret=1
Matthijs Mekking's avatar
Matthijs Mekking committed
299
  check_ttl_range dig.out.test$n "SOA" 300 || ret=1
300
301
  if [ $ret -ne 0 ]; then echo_i "failed"; fi
  status=$((status+ret))
302

303
  n=$((n+1))
Evan Hunt's avatar
Evan Hunt committed
304
  echo_i "checking dig +qr +ednsopt=08 does not cause an INSIST failure ($n)"
305
  ret=0
306
  dig_with_opts @10.53.0.3 +ednsopt=08 +qr a a.example > dig.out.test$n || ret=1
307
308
  grep "INSIST" < dig.out.test$n > /dev/null && ret=1
  grep "FORMERR" < dig.out.test$n > /dev/null || ret=1
309
310
  if [ $ret -ne 0 ]; then echo_i "failed"; fi
  status=$((status+ret))
311

Matthijs Mekking's avatar
Matthijs Mekking committed
312
  n=$((n+1))
Evan Hunt's avatar
Evan Hunt committed
313
  echo_i "checking dig +ttlunits works ($n)"
314
  ret=0
315
  dig_with_opts +tcp @10.53.0.2 +ttlunits A weeks.example > dig.out.test$n || ret=1
316
  grep "^weeks.example.		3w" < dig.out.test$n > /dev/null || ret=1
317
  dig_with_opts +tcp @10.53.0.2 +ttlunits A days.example > dig.out.test$n || ret=1
318
  grep "^days.example.		3d" < dig.out.test$n > /dev/null || ret=1
319
  dig_with_opts +tcp @10.53.0.2 +ttlunits A hours.example > dig.out.test$n || ret=1
320
  grep "^hours.example.		3h" < dig.out.test$n > /dev/null || ret=1
321
  dig_with_opts +tcp @10.53.0.2 +ttlunits A minutes.example > dig.out.test$n || ret=1
322
  grep "^minutes.example.	45m" < dig.out.test$n > /dev/null || ret=1
323
  dig_with_opts +tcp @10.53.0.2 +ttlunits A seconds.example > dig.out.test$n || ret=1
324
  grep "^seconds.example.	45s" < dig.out.test$n > /dev/null || ret=1
325
326
  if [ $ret -ne 0 ]; then echo_i "failed"; fi
  status=$((status+ret))
327

328
  n=$((n+1))
Evan Hunt's avatar
Evan Hunt committed
329
  echo_i "checking dig respects precedence of options with +ttlunits ($n)"
330
  ret=0
331
  dig_with_opts +tcp @10.53.0.2 +ttlunits +nottlid A weeks.example > dig.out.test$n || ret=1
332
  grep "^weeks.example.		IN" < dig.out.test$n > /dev/null || ret=1
333
  dig_with_opts +tcp @10.53.0.2 +nottlid +ttlunits A weeks.example > dig.out.test$n || ret=1
334
  grep "^weeks.example.		3w" < dig.out.test$n > /dev/null || ret=1
335
  dig_with_opts +tcp @10.53.0.2 +nottlid +nottlunits A weeks.example > dig.out.test$n || ret=1
336
  grep "^weeks.example.		1814400" < dig.out.test$n > /dev/null || ret=1
337
338
  if [ $ret -ne 0 ]; then echo_i "failed"; fi
  status=$((status+ret))
Evan Hunt's avatar
Evan Hunt committed
339

340
  n=$((n+1))
Evan Hunt's avatar
Evan Hunt committed
341
  echo_i "checking dig preserves origin on TCP retries ($n)"
342
343
  ret=0
  # Ask ans4 to still accept TCP connections, but not respond to queries
344
  echo "//" | sendcmd 10.53.0.4
345
346
  dig_with_opts -d +tcp @10.53.0.4 +retry=1 +time=1 +domain=bar foo > dig.out.test$n 2>&1 && ret=1
  test "$(grep -c "trying origin bar" dig.out.test$n)" -eq 2 || ret=1
347
  grep "using root origin" < dig.out.test$n > /dev/null && ret=1
348
349
  if [ $ret -ne 0 ]; then echo_i "failed"; fi
  status=$((status+ret))
350

351
  n=$((n+1))
Evan Hunt's avatar
Evan Hunt committed
352
  echo_i "checking dig -6 -4 ($n)"
353
  ret=0
354
  dig_with_opts +tcp @10.53.0.2 -4 -6 A a.example > dig.out.test$n 2>&1 && ret=1
355
  grep "only one of -4 and -6 allowed" < dig.out.test$n > /dev/null || ret=1
356
357
  if [ $ret -ne 0 ]; then echo_i "failed"; fi
  status=$((status+ret))
Evan Hunt's avatar
Evan Hunt committed
358

359
  n=$((n+1))
Evan Hunt's avatar
Evan Hunt committed
360
  echo_i "checking dig @IPv6addr -4 A a.example ($n)"
361
  if testsock6 fd92:7065:b8e:ffff::2 2>/dev/null
362
363
  then
    ret=0
364
    dig_with_opts +tcp @fd92:7065:b8e:ffff::2 -4 A a.example > dig.out.test$n 2>&1 && ret=1
365
    grep "address family not supported" < dig.out.test$n > /dev/null || ret=1
366
367
    if [ $ret -ne 0 ]; then echo_i "failed"; fi
    status=$((status+ret))
368
  else
Evan Hunt's avatar
Evan Hunt committed
369
    echo_i "IPv6 unavailable; skipping"
370
  fi
Evan Hunt's avatar
Evan Hunt committed
371

372
  n=$((n+1))
Evan Hunt's avatar
Evan Hunt committed
373
  echo_i "checking dig @IPv4addr -6 +mapped A a.example ($n)"
374
  if testsock6 fd92:7065:b8e:ffff::2 2>/dev/null && [ "$(uname -s)" != "OpenBSD" ]
375
376
  then
    ret=0
377
378
379
380
    dig_with_opts +tcp @10.53.0.2 -6 +mapped A a.example > dig.out.test$n 2>&1 || ret=1
    grep "SERVER: ::ffff:10.53.0.2#$PORT" < dig.out.test$n > /dev/null || ret=1
    if [ $ret -ne 0 ]; then echo_i "failed"; fi
    status=$((status+ret))
381
  else
Evan Hunt's avatar
Evan Hunt committed
382
    echo_i "IPv6 or IPv4-to-IPv6 mapping unavailable; skipping"
383
  fi
384

385
  n=$((n+1))
Evan Hunt's avatar
Evan Hunt committed
386
  echo_i "checking dig +tcp @IPv4addr -6 +nomapped A a.example ($n)"
387
  if testsock6 fd92:7065:b8e:ffff::2 2>/dev/null
388
389
  then
    ret=0
390
391
392
393
    dig_with_opts +tcp @10.53.0.2 -6 +nomapped A a.example > dig.out.test$n 2>&1 || ret=1
    grep "SERVER: ::ffff:10.53.0.2#$PORT" < dig.out.test$n > /dev/null && ret=1
    if [ $ret -ne 0 ]; then echo_i "failed"; fi
    status=$((status+ret))
394
  else
Evan Hunt's avatar
Evan Hunt committed
395
    echo_i "IPv6 unavailable; skipping"
396
  fi
397
  n=$((n+1))
398

Evan Hunt's avatar
Evan Hunt committed
399
  echo_i "checking dig +notcp @IPv4addr -6 +nomapped A a.example ($n)"
400
  if testsock6 fd92:7065:b8e:ffff::2 2>/dev/null
401
402
  then
    ret=0
403
404
405
406
    dig_with_opts +notcp @10.53.0.2 -6 +nomapped A a.example > dig.out.test$n 2>&1 || ret=1
    grep "SERVER: ::ffff:10.53.0.2#$PORT" < dig.out.test$n > /dev/null && ret=1
    if [ $ret -ne 0 ]; then echo_i "failed"; fi
    status=$((status+ret))
407
  else
Evan Hunt's avatar
Evan Hunt committed
408
    echo_i "IPv6 unavailable; skipping"
409
  fi
Evan Hunt's avatar
Evan Hunt committed
410

411
  n=$((n+1))
Evan Hunt's avatar
Evan Hunt committed
412
  echo_i "checking dig +subnet ($n)"
413
  ret=0
414
  dig_with_opts +tcp @10.53.0.2 +subnet=127.0.0.1 A a.example > dig.out.test$n 2>&1 || ret=1
415
  grep "CLIENT-SUBNET: 127.0.0.1/32/0" < dig.out.test$n > /dev/null || ret=1
Matthijs Mekking's avatar
Matthijs Mekking committed
416
  check_ttl_range dig.out.test$n "A" 300 || ret=1
417
418
  if [ $ret -ne 0 ]; then echo_i "failed"; fi
  status=$((status+ret))
419

420
  n=$((n+1))
Evan Hunt's avatar
Evan Hunt committed
421
  echo_i "checking dig +subnet +subnet ($n)"
422
  ret=0
423
  dig_with_opts +tcp @10.53.0.2 +subnet=127.0.0.0 +subnet=127.0.0.1 A a.example > dig.out.test$n 2>&1 || ret=1
424
  grep "CLIENT-SUBNET: 127.0.0.1/32/0" < dig.out.test$n > /dev/null || ret=1
Matthijs Mekking's avatar
Matthijs Mekking committed
425
  check_ttl_range dig.out.test$n "A" 300 || ret=1
426
427
  if [ $ret -ne 0 ]; then echo_i "failed"; fi
  status=$((status+ret))
428

429
  n=$((n+1))
Evan Hunt's avatar
Evan Hunt committed
430
  echo_i "checking dig +subnet with various prefix lengths ($n)"
431
432
  ret=0
  for i in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24; do
433
      dig_with_opts +tcp @10.53.0.2 +subnet=255.255.255.255/$i A a.example > dig.out.$i.test$n 2>&1 || ret=1
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
      case $i in
      1|9|17) octet=128 ;;
      2|10|18) octet=192 ;;
      3|11|19) octet=224 ;;
      4|12|20) octet=240 ;;
      5|13|21) octet=248 ;;
      6|14|22) octet=252 ;;
      7|15|23) octet=254 ;;
      8|16|24) octet=255 ;;
      esac
      case $i in
      1|2|3|4|5|6|7|8) addr="${octet}.0.0.0";;
      9|10|11|12|13|14|15|16) addr="255.${octet}.0.0";;
      17|18|19|20|21|22|23|24) addr="255.255.${octet}.0" ;;
      esac
449
450
      grep "FORMERR" < dig.out.$i.test$n > /dev/null && ret=1
      grep "CLIENT-SUBNET: $addr/$i/0" < dig.out.$i.test$n > /dev/null || ret=1
Matthijs Mekking's avatar
Matthijs Mekking committed
451
      check_ttl_range dig.out.$i.test$n "A" 300 || ret=1
452
  done
453
454
  if [ $ret -ne 0 ]; then echo_i "failed"; fi
  status=$((status+ret))
455

456
  n=$((n+1))
Evan Hunt's avatar
Evan Hunt committed
457
  echo_i "checking dig +subnet=0/0 ($n)"
458
  ret=0
459
  dig_with_opts +tcp @10.53.0.2 +subnet=0/0 A a.example > dig.out.test$n 2>&1 || ret=1
460
461
462
  grep "status: NOERROR" < dig.out.test$n > /dev/null || ret=1
  grep "CLIENT-SUBNET: 0.0.0.0/0/0" < dig.out.test$n > /dev/null || ret=1
  grep "10.0.0.1" < dig.out.test$n > /dev/null || ret=1
Matthijs Mekking's avatar
Matthijs Mekking committed
463
  check_ttl_range dig.out.test$n "A" 300 || ret=1
464
465
  if [ $ret -ne 0 ]; then echo_i "failed"; fi
  status=$((status+ret))
466

467
  n=$((n+1))
Evan Hunt's avatar
Evan Hunt committed
468
  echo_i "checking dig +subnet=0 ($n)"
469
  ret=0
470
  dig_with_opts +tcp @10.53.0.2 +subnet=0 A a.example > dig.out.test$n 2>&1 || ret=1
471
472
473
  grep "status: NOERROR" < dig.out.test$n > /dev/null || ret=1
  grep "CLIENT-SUBNET: 0.0.0.0/0/0" < dig.out.test$n > /dev/null || ret=1
  grep "10.0.0.1" < dig.out.test$n > /dev/null || ret=1
Matthijs Mekking's avatar
Matthijs Mekking committed
474
  check_ttl_range dig.out.test$n "A" 300 || ret=1
475
476
  if [ $ret -ne 0 ]; then echo_i "failed"; fi
  status=$((status+ret))
477

478
  n=$((n+1))
Evan Hunt's avatar
Evan Hunt committed
479
  echo_i "checking dig +subnet=::/0 ($n)"
480
  ret=0
481
  dig_with_opts +tcp @10.53.0.2 +subnet=::/0 A a.example > dig.out.test$n 2>&1 || ret=1
482
483
484
  grep "status: NOERROR" < dig.out.test$n > /dev/null || ret=1
  grep "CLIENT-SUBNET: ::/0/0" < dig.out.test$n > /dev/null || ret=1
  grep "10.0.0.1" < dig.out.test$n > /dev/null || ret=1
Matthijs Mekking's avatar
Matthijs Mekking committed
485
  check_ttl_range dig.out.test$n "A" 300 || ret=1
486
487
  if [ $ret -ne 0 ]; then echo_i "failed"; fi
  status=$((status+ret))
488

489
  n=$((n+1))
Evan Hunt's avatar
Evan Hunt committed
490
  echo_i "checking dig +ednsopt=8:00000000 (family=0, source=0, scope=0) ($n)"
491
  ret=0
492
  dig_with_opts +tcp @10.53.0.2 +ednsopt=8:00000000 A a.example > dig.out.test$n 2>&1 || ret=1
493
  grep "status: NOERROR" < dig.out.test$n > /dev/null || ret=1
494
  grep "CLIENT-SUBNET: 0/0/0" < dig.out.test$n > /dev/null || ret=1
495
  grep "10.0.0.1" < dig.out.test$n > /dev/null || ret=1
Matthijs Mekking's avatar
Matthijs Mekking committed
496
  check_ttl_range dig.out.test$n "A" 300 || ret=1
497
498
  if [ $ret -ne 0 ]; then echo_i "failed"; fi
  status=$((status+ret))
499

500
  n=$((n+1))
Evan Hunt's avatar
Evan Hunt committed
501
  echo_i "checking dig +ednsopt=8:00030000 (family=3, source=0, scope=0) ($n)"
502
  ret=0
503
  dig_with_opts +qr +tcp @10.53.0.2 +ednsopt=8:00030000 A a.example > dig.out.test$n 2>&1 || ret=1
504
505
  grep "status: FORMERR" < dig.out.test$n > /dev/null || ret=1
  grep "CLIENT-SUBNET: 00 03 00 00" < dig.out.test$n > /dev/null || ret=1
506
507
508
  test "$(grep -c "CLIENT-SUBNET: 00 03 00 00" dig.out.test$n)" -eq 1 || ret=1
  if [ $ret -ne 0 ]; then echo_i "failed"; fi
  status=$((status+ret))
509

510
  n=$((n+1))
Evan Hunt's avatar
Evan Hunt committed
511
  echo_i "checking dig +subnet with prefix lengths between byte boundaries ($n)"
512
513
  ret=0
  for p in 9 10 11 12 13 14 15; do
514
    dig_with_opts +tcp @10.53.0.2 +subnet=10.53/$p A a.example > dig.out.test.$p.$n 2>&1 || ret=1
515
516
    grep "FORMERR" < dig.out.test.$p.$n > /dev/null && ret=1
    grep "CLIENT-SUBNET.*/$p/0" < dig.out.test.$p.$n > /dev/null || ret=1
Matthijs Mekking's avatar
Matthijs Mekking committed
517
    check_ttl_range dig.out.test.$p.$n "A" 300 || ret=1
518
  done
519
520
  if [ $ret -ne 0 ]; then echo_i "failed"; fi
  status=$((status+ret))
Evan Hunt's avatar
Evan Hunt committed
521

522
  n=$((n+1))
Evan Hunt's avatar
Evan Hunt committed
523
  echo_i "checking dig +sp works as an abbreviated form of split ($n)"
524
  ret=0
525
  dig_with_opts @10.53.0.3 +sp=4 -t sshfp foo.example > dig.out.test$n || ret=1
526
  grep " 9ABC DEF6 7890 " < dig.out.test$n > /dev/null || ret=1
Matthijs Mekking's avatar
Matthijs Mekking committed
527
  check_ttl_range dig.out.test$n "SSHFP" 300 || ret=1
528
529
  if [ $ret -ne 0 ]; then echo_i "failed"; fi
  status=$((status+ret))
530

531
  n=$((n+1))
Evan Hunt's avatar
Evan Hunt committed
532
  echo_i "checking dig -c works ($n)"
533
  ret=0
534
  dig_with_opts @10.53.0.3 -c CHAOS -t txt version.bind > dig.out.test$n || ret=1
535
  grep "version.bind.		0	CH	TXT" < dig.out.test$n > /dev/null || ret=1
536
537
  if [ $ret -ne 0 ]; then echo_i "failed"; fi
  status=$((status+ret))
538

539
  n=$((n+1))
Evan Hunt's avatar
Evan Hunt committed
540
  echo_i "checking dig +dscp ($n)"
541
  ret=0
542
543
544
  dig_with_opts @10.53.0.3 +dscp=32 a a.example > /dev/null 2>&1 || ret=1
  dig_with_opts @10.53.0.3 +dscp=-1 a a.example > /dev/null 2>&1 && ret=1
  dig_with_opts @10.53.0.3 +dscp=64 a a.example > /dev/null 2>&1 && ret=1
545
546
  #TODO add a check to make sure dig is actually setting the dscp on the query
  #we might have to add better logging to named for this
547
548
  if [ $ret -ne 0 ]; then echo_i "failed"; fi
  status=$((status+ret))
549

550
  n=$((n+1))
Evan Hunt's avatar
Evan Hunt committed
551
  echo_i "checking dig +ednsopt with option number ($n)"
552
  ret=0
553
  dig_with_opts @10.53.0.3 +ednsopt=3 a.example > dig.out.test$n 2>&1 || ret=1
554
  grep 'NSID: .* ("ns3")' dig.out.test$n > /dev/null || ret=1
Matthijs Mekking's avatar
Matthijs Mekking committed
555
  check_ttl_range dig.out.test$n "A" 300 || ret=1
556
557
  if [ $ret -ne 0 ]; then echo_i "failed"; fi
  status=$((status+ret))
558

559
  n=$((n+1))
Evan Hunt's avatar
Evan Hunt committed
560
  echo_i "checking dig +ednsopt with option name ($n)"
561
  ret=0
562
  dig_with_opts @10.53.0.3 +ednsopt=nsid a.example > dig.out.test$n 2>&1 || ret=1
563
  grep 'NSID: .* ("ns3")' dig.out.test$n > /dev/null || ret=1
Matthijs Mekking's avatar
Matthijs Mekking committed
564
  check_ttl_range dig.out.test$n "A" 300 || ret=1
565
566
  if [ $ret -ne 0 ]; then echo_i "failed"; fi
  status=$((status+ret))
567

568
569
570
571
  n=$((n+1))
  echo_i "checking ednsopt LLQ prints as expected ($n)"
  ret=0
  dig_with_opts @10.53.0.3 +ednsopt=llq:0001000200001234567812345678fefefefe +qr a.example > dig.out.test$n 2>&1 || ret=1
Mark Andrews's avatar
Mark Andrews committed
572
573
  pat='LLQ: Version: 1, Opcode: 2, Error: 0, Identifier: 1311768465173141112, Lifetime: 4278124286$'
  tr -d '\r' < dig.out.test$n | grep "$pat" > /dev/null || ret=1
574
575
576
  if [ $ret -ne 0 ]; then echo_i "failed"; fi
  status=$((status+ret))

577
  n=$((n+1))
Evan Hunt's avatar
Evan Hunt committed
578
  echo_i "checking that dig warns about .local queries ($n)"
579
  ret=0
580
  dig_with_opts @10.53.0.3 local soa > dig.out.test$n 2>&1 || ret=1
581
  grep ";; WARNING: .local is reserved for Multicast DNS" dig.out.test$n > /dev/null || ret=1
582
583
  if [ $ret -ne 0 ]; then echo_i "failed"; fi
  status=$((status+ret))
584

585
  n=$((n+1))
Evan Hunt's avatar
Evan Hunt committed
586
  echo_i "check that dig processes +ednsopt=key-tag and FORMERR is returned ($n)"
Evan Hunt's avatar
Evan Hunt committed
587
  ret=0
588
  dig_with_opts @10.53.0.3 +ednsopt=key-tag a.example +qr > dig.out.test$n 2>&1 || ret=1
Evan Hunt's avatar
Evan Hunt committed
589
  grep "; KEY-TAG: *$" dig.out.test$n > /dev/null || ret=1
590
  grep "status: FORMERR" dig.out.test$n > /dev/null || ret=1
591
592
  if [ $ret -ne 0 ]; then echo_i "failed"; fi
  status=$((status+ret))
593

594
  n=$((n+1))
Evan Hunt's avatar
Evan Hunt committed
595
  echo_i "check that dig processes +ednsopt=key-tag:<value-list> ($n)"
Evan Hunt's avatar
Evan Hunt committed
596
  ret=0
597
  dig_with_opts @10.53.0.3 +ednsopt=key-tag:00010002 a.example +qr > dig.out.test$n 2>&1 || ret=1
598
  grep "; KEY-TAG: 1, 2$" dig.out.test$n > /dev/null || ret=1
599
  grep "status: FORMERR" dig.out.test$n > /dev/null && ret=1
Matthijs Mekking's avatar
Matthijs Mekking committed
600
  check_ttl_range dig.out.test$n "A" 300 || ret=1
601
602
  if [ $ret -ne 0 ]; then echo_i "failed"; fi
  status=$((status+ret))
603

604
  n=$((n+1))
Evan Hunt's avatar
Evan Hunt committed
605
  echo_i "check that dig processes +ednsopt=key-tag:<malformed-value-list> and FORMERR is returned ($n)"
606
  ret=0
607
  dig_with_opts @10.53.0.3 +ednsopt=key-tag:0001000201 a.example +qr > dig.out.test$n 2>&1 || ret=1
608
  grep "; KEY-TAG: 00 01 00 02 01" dig.out.test$n > /dev/null || ret=1
609
610
611
612
613
614
  grep "status: FORMERR" dig.out.test$n > /dev/null || ret=1
  if [ $ret -ne 0 ]; then echo_i "failed"; fi
  status=$((status+ret))

  n=$((n+1))
  echo_i "check that dig processes +ednsopt=client-tag:value ($n)"
Evan Hunt's avatar
Evan Hunt committed
615
  ret=0
616
617
618
619
620
621
622
623
  dig_with_opts @10.53.0.3 +ednsopt=client-tag:0001 a.example +qr > dig.out.test$n 2>&1 || ret=1
  grep "; CLIENT-TAG: 1$" dig.out.test$n > /dev/null || ret=1
  grep "status: FORMERR" dig.out.test$n > /dev/null && ret=1
  if [ $ret -ne 0 ]; then echo_i "failed"; fi
  status=$((status+ret))

  n=$((n+1))
  echo_i "check that FORMERR is returned for a too short client-tag ($n)"
Evan Hunt's avatar
Evan Hunt committed
624
  ret=0
625
626
627
628
629
630
631
632
  dig_with_opts @10.53.0.3 +ednsopt=client-tag:01 a.example +qr > dig.out.test$n 2>&1 || ret=1
  grep "; CLIENT-TAG" dig.out.test$n > /dev/null || ret=1
  grep "status: FORMERR" dig.out.test$n > /dev/null || ret=1
  if [ $ret -ne 0 ]; then echo_i "failed"; fi
  status=$((status+ret))

  n=$((n+1))
  echo_i "check that FORMERR is returned for a too long client-tag ($n)"
Evan Hunt's avatar
Evan Hunt committed
633
  ret=0
634
635
636
637
638
639
640
641
  dig_with_opts @10.53.0.3 +ednsopt=client-tag:000001 a.example +qr > dig.out.test$n 2>&1 || ret=1
  grep "; CLIENT-TAG" dig.out.test$n > /dev/null || ret=1
  grep "status: FORMERR" dig.out.test$n > /dev/null || ret=1
  if [ $ret -ne 0 ]; then echo_i "failed"; fi
  status=$((status+ret))

  n=$((n+1))
  echo_i "check that dig processes +ednsopt=server-tag:value ($n)"
Evan Hunt's avatar
Evan Hunt committed
642
  ret=0
643
644
645
646
647
648
649
650
  dig_with_opts @10.53.0.3 +ednsopt=server-tag:0001 a.example +qr > dig.out.test$n 2>&1 || ret=1
  grep "; SERVER-TAG: 1$" dig.out.test$n > /dev/null || ret=1
  grep "status: FORMERR" dig.out.test$n > /dev/null && ret=1
  if [ $ret -ne 0 ]; then echo_i "failed"; fi
  status=$((status+ret))

  n=$((n+1))
  echo_i "check that FORMERR is returned for a too short server-tag ($n)"
Evan Hunt's avatar
Evan Hunt committed
651
  ret=0
652
653
654
655
656
657
658
659
  dig_with_opts @10.53.0.3 +ednsopt=server-tag:01 a.example +qr > dig.out.test$n 2>&1 || ret=1
  grep "; SERVER-TAG" dig.out.test$n > /dev/null || ret=1
  grep "status: FORMERR" dig.out.test$n > /dev/null || ret=1
  if [ $ret -ne 0 ]; then echo_i "failed"; fi
  status=$((status+ret))

  n=$((n+1))
  echo_i "check that FORMERR is returned for a too long server-tag ($n)"
Evan Hunt's avatar
Evan Hunt committed
660
  ret=0
661
662
  dig_with_opts @10.53.0.3 +ednsopt=server-tag:000001 a.example +qr > dig.out.test$n 2>&1 || ret=1
  grep "; SERVER-TAG" dig.out.test$n > /dev/null || ret=1
663
  grep "status: FORMERR" dig.out.test$n > /dev/null || ret=1
664
665
  if [ $ret -ne 0 ]; then echo_i "failed"; fi
  status=$((status+ret))
666

Mark Andrews's avatar
Mark Andrews committed
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
  n=$((n+1))
  echo_i "check that Extended DNS Error 0 is printed correctly ($n)"
  # First defined EDE code, additional text "foo".
  dig_with_opts @10.53.0.3 +ednsopt=ede:0000666f6f a.example +qr > dig.out.test$n 2>&1 || ret=1
  pat='^; EDE: 0 (Other): (foo)$'
  tr -d '\r' < dig.out.test$n | grep "$pat" > /dev/null || ret=1
  if [ $ret -ne 0 ]; then echo_i "failed"; fi
  status=$((status+ret))

  n=$((n+1))
  echo_i "check that Extended DNS Error 24 is printed correctly ($n)"
  # Last defined EDE code, no additional text.
  dig_with_opts @10.53.0.3 +ednsopt=ede:0018 a.example +qr > dig.out.test$n 2>&1 || ret=1
  pat='^; EDE: 24 (Invalid Data)$'
  tr -d '\r' < dig.out.test$n | grep "$pat" > /dev/null || ret=1
  if [ $ret -ne 0 ]; then echo_i "failed"; fi
  status=$((status+ret))

  n=$((n+1))
  echo_i "check that Extended DNS Error 25 is printed correctly ($n)"
  # First undefined EDE code, additional text "foo".
  dig_with_opts @10.53.0.3 +ednsopt=ede:0019666f6f a.example +qr > dig.out.test$n 2>&1 || ret=1
  pat='^; EDE: 25: (foo)$'
  tr -d '\r' < dig.out.test$n | grep "$pat" > /dev/null || ret=1
  if [ $ret -ne 0 ]; then echo_i "failed"; fi
  status=$((status+ret))

  n=$((n+1))
  echo_i "check that invalid Extended DNS Error (length 0) is printed ($n)"
  # EDE payload is too short
  dig_with_opts @10.53.0.3 +ednsopt=ede a.example +qr > dig.out.test$n 2>&1 || ret=1
  pat='^; EDE:$'
  tr -d '\r' < dig.out.test$n | grep "$pat" > /dev/null || ret=1
  if [ $ret -ne 0 ]; then echo_i "failed"; fi
  status=$((status+ret))

  n=$((n+1))
  echo_i "check that invalid Extended DNS Error (length 1) is printed ($n)"
  # EDE payload is too short
  dig_with_opts @10.53.0.3 +ednsopt=ede:00 a.example +qr > dig.out.test$n 2>&1 || ret=1
  pat='^; EDE: 00 (".")$'
  tr -d '\r' < dig.out.test$n | grep "$pat" > /dev/null || ret=1
  if [ $ret -ne 0 ]; then echo_i "failed"; fi
  status=$((status+ret))

Mark Andrews's avatar
Mark Andrews committed
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
  if [ $HAS_PYYAML -ne 0 ] ; then
    n=$((n+1))
    echo_i "check that +yaml Extended DNS Error 0 is printed correctly ($n)"
    # First defined EDE code, additional text "foo".
    dig_with_opts @10.53.0.3 +yaml +ednsopt=ede:0000666f6f a.example +qr > dig.out.test$n 2>&1 || ret=1
    $PYTHON yamlget.py dig.out.test$n 0 message query_message_data OPT_PSEUDOSECTION EDNS EDE INFO-CODE > yamlget.out.test$n 2>&1 || ret=1
    read -r value < yamlget.out.test$n
    [ "$value" = "0 (Other)" ] || ret=1
    $PYTHON yamlget.py dig.out.test$n 0 message query_message_data OPT_PSEUDOSECTION EDNS EDE EXTRA-TEXT > yamlget.out.test$n 2>&1 || ret=1
    read -r value < yamlget.out.test$n
    [ "$value" = "foo" ] || ret=1
    if [ $ret -ne 0 ]; then echo_i "failed"; fi
    status=$((status+ret))

    n=$((n+1))
    echo_i "check that +yaml Extended DNS Error 24 is printed correctly ($n)"
    # Last defined EDE code, no additional text.
    dig_with_opts @10.53.0.3 +yaml +ednsopt=ede:0018 a.example +qr > dig.out.test$n 2>&1 || ret=1
    $PYTHON yamlget.py dig.out.test$n 0 message query_message_data OPT_PSEUDOSECTION EDNS EDE INFO-CODE > yamlget.out.test$n 2>&1 || ret=1
    read -r value < yamlget.out.test$n
    [ "$value" = "24 (Invalid Data)" ] || ret=1
    $PYTHON yamlget.py dig.out.test$n 0 message query_message_data OPT_PSEUDOSECTION EDNS EDE EXTRA-TEXT > yamlget.out.test$n 2>&1 && ret=1
    if [ $ret -ne 0 ]; then echo_i "failed"; fi
    status=$((status+ret))

    n=$((n+1))
    echo_i "check that +yaml Extended DNS Error 25 is printed correctly ($n)"
    # First undefined EDE code, additional text "foo".
    dig_with_opts @10.53.0.3 +yaml +ednsopt=ede:0019666f6f a.example +qr > dig.out.test$n 2>&1 || ret=1
    $PYTHON yamlget.py dig.out.test$n 0 message query_message_data OPT_PSEUDOSECTION EDNS EDE INFO-CODE > yamlget.out.test$n 2>&1 || ret=1
    read -r value < yamlget.out.test$n
    [ "$value" = "25" ] || ret=1
    $PYTHON yamlget.py dig.out.test$n 0 message query_message_data OPT_PSEUDOSECTION EDNS EDE EXTRA-TEXT > yamlget.out.test$n 2>&1 || ret=1
    read -r value < yamlget.out.test$n
    [ "$value" = "foo" ] || ret=1
    if [ $ret -ne 0 ]; then echo_i "failed"; fi
    status=$((status+ret))

    n=$((n+1))
    echo_i "check that invalid Extended DNS Error (length 0) is printed ($n)"
    # EDE payload is too short
    dig_with_opts @10.53.0.3 +yaml +ednsopt=ede a.example +qr > dig.out.test$n 2>&1 || ret=1
    $PYTHON yamlget.py dig.out.test$n 0 message query_message_data OPT_PSEUDOSECTION EDNS EDE > yamlget.out.test$n 2>&1 || ret=1
    read -r value < yamlget.out.test$n
    [ "$value" = "None" ] || ret=1
    if [ $ret -ne 0 ]; then echo_i "failed"; fi
    status=$((status+ret))

    n=$((n+1))
    echo_i "check that invalid +yaml Extended DNS Error (length 1) is printed ($n)"
    # EDE payload is too short
    dig_with_opts @10.53.0.3 +yaml +ednsopt=ede:00 a.example +qr > dig.out.test$n 2>&1 || ret=1
    $PYTHON yamlget.py dig.out.test$n 0 message query_message_data OPT_PSEUDOSECTION EDNS EDE > yamlget.out.test$n 2>&1 || ret=1
    read -r value < yamlget.out.test$n
    [ "$value" = '00 (".")' ] || ret=1
    if [ $ret -ne 0 ]; then echo_i "failed"; fi
    status=$((status+ret))
  fi

771
  n=$((n+1))
772
773
  echo_i "check that dig handles malformed option '+ednsopt=:' gracefully ($n)"
  ret=0
774
  dig_with_opts @10.53.0.3 +ednsopt=: a.example > dig.out.test$n 2>&1 && ret=1
775
  grep "ednsopt no code point specified" dig.out.test$n > /dev/null || ret=1
776
777
  if [ $ret -ne 0 ]; then echo_i "failed"; fi
  status=$((status+ret))
778

779
  n=$((n+1))
Evan Hunt's avatar
Evan Hunt committed
780
  echo_i "check that dig gracefully handles bad escape in domain name ($n)"
781
  ret=0
782
783
  digstatus=0
  dig_with_opts @10.53.0.3 '\0.' > dig.out.test$n 2>&1 || digstatus=$?
784
785
786
787
  echo digstatus=$digstatus >> dig.out.test$n
  test $digstatus -eq 10 || ret=1
  grep REQUIRE dig.out.test$n > /dev/null && ret=1
  grep "is not a legal name (bad escape)" dig.out.test$n > /dev/null || ret=1
788
789
  if [ $ret -ne 0 ]; then echo_i "failed"; fi
  status=$((status+ret))
790

791
  n=$((n+1))
Mark Andrews's avatar
Mark Andrews committed
792
793
  echo_i "check that dig -q -m works ($n)"
  ret=0
794
  dig_with_opts @10.53.0.3 -q -m > dig.out.test$n 2>&1
Mark Andrews's avatar
Mark Andrews committed
795
796
  pat='^;-m\..*IN.*A$'
  tr -d '\r' < dig.out.test$n | grep "$pat" > /dev/null || ret=1
Mark Andrews's avatar
Mark Andrews committed
797
  grep "Dump of all outstanding memory allocations" dig.out.test$n > /dev/null && ret=1
798
799
  if [ $ret -ne 0 ]; then echo_i "failed"; fi
  status=$((status+ret))
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859

  n=$((n+1))
  echo_i "checking exit code for a retry upon TCP EOF (immediate -> immediate) ($n)"
  ret=0
  echo "no_response no_response" | sendcmd 10.53.0.5
  dig_with_opts @10.53.0.5 example AXFR +tries=1 > dig.out.test$n 2>&1 && ret=1
  # Sanity check: ensure ans5 behaves as expected.
  [ `grep "communications error.*end of file" dig.out.test$n | wc -l` -eq 2 ] || ret=1
  if [ $ret -ne 0 ]; then echo_i "failed"; fi
  status=$((status+ret))

  n=$((n+1))
  echo_i "checking exit code for a retry upon TCP EOF (partial AXFR -> partial AXFR) ($n)"
  ret=0
  echo "partial_axfr partial_axfr" | sendcmd 10.53.0.5
  dig_with_opts @10.53.0.5 example AXFR +tries=1 > dig.out.test$n 2>&1 && ret=1
  # Sanity check: ensure ans5 behaves as expected.
  [ `grep "communications error.*end of file" dig.out.test$n | wc -l` -eq 2 ] || ret=1
  if [ $ret -ne 0 ]; then echo_i "failed"; fi
  status=$((status+ret))

  n=$((n+1))
  echo_i "checking exit code for a retry upon TCP EOF (immediate -> partial AXFR) ($n)"
  ret=0
  echo "no_response partial_axfr" | sendcmd 10.53.0.5
  dig_with_opts @10.53.0.5 example AXFR +tries=1 > dig.out.test$n 2>&1 && ret=1
  # Sanity check: ensure ans5 behaves as expected.
  [ `grep "communications error.*end of file" dig.out.test$n | wc -l` -eq 2 ] || ret=1
  if [ $ret -ne 0 ]; then echo_i "failed"; fi
  status=$((status+ret))

  n=$((n+1))
  echo_i "checking exit code for a retry upon TCP EOF (partial AXFR -> immediate) ($n)"
  ret=0
  echo "partial_axfr no_response" | sendcmd 10.53.0.5
  dig_with_opts @10.53.0.5 example AXFR +tries=1 > dig.out.test$n 2>&1 && ret=1
  # Sanity check: ensure ans5 behaves as expected.
  [ `grep "communications error.*end of file" dig.out.test$n | wc -l` -eq 2 ] || ret=1
  if [ $ret -ne 0 ]; then echo_i "failed"; fi
  status=$((status+ret))

  n=$((n+1))
  echo_i "checking exit code for a retry upon TCP EOF (immediate -> complete AXFR) ($n)"
  ret=0
  echo "no_response complete_axfr" | sendcmd 10.53.0.5
  dig_with_opts @10.53.0.5 example AXFR +tries=1 > dig.out.test$n 2>&1 || ret=1
  # Sanity check: ensure ans5 behaves as expected.
  [ `grep "communications error.*end of file" dig.out.test$n | wc -l` -eq 1 ] || ret=1
  if [ $ret -ne 0 ]; then echo_i "failed"; fi
  status=$((status+ret))

  n=$((n+1))
  echo_i "checking exit code for a retry upon TCP EOF (partial AXFR -> complete AXFR) ($n)"
  ret=0
  echo "partial_axfr complete_axfr" | sendcmd 10.53.0.5
  dig_with_opts @10.53.0.5 example AXFR +tries=1 > dig.out.test$n 2>&1 || ret=1
  # Sanity check: ensure ans5 behaves as expected.
  [ `grep "communications error.*end of file" dig.out.test$n | wc -l` -eq 1 ] || ret=1
  if [ $ret -ne 0 ]; then echo_i "failed"; fi
  status=$((status+ret))
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880