1. 19 Mar, 2019 8 commits
    • Matthijs Mekking's avatar
      Ignore trust anchors using disabled algorithm · 1d45ad8f
      Matthijs Mekking authored
      More specifically: ignore configured trusted and managed keys that
      match a disabled algorithm.  The behavioral change is that
      associated responses no longer SERVFAIL, but return insecure.
      1d45ad8f
    • Matthijs Mekking's avatar
      Move algorithm variables, add disabled algorithms · 07c35f32
      Matthijs Mekking authored
      Move from conf.sh.in to conf.sh.common as they will also need to be
      added to conf.sh.win32.  Add variables for testing disabled
      algorithms.
      07c35f32
    • Matthijs Mekking's avatar
      924fdad0
    • Matthijs Mekking's avatar
      dfcf9bb0
    • Ondřej Surý's avatar
    • Ondřej Surý's avatar
      Add shell system test driver · 25a689ec
      Ondřej Surý authored
      25a689ec
    • Michał Kępień's avatar
      Make stop.pl wait for lock file cleanup · c787a539
      Michał Kępień authored
      bin/tests/system/stop.pl only waits for the PID file to be cleaned up
      while named cleans up the lock file after the PID file.  Thus, the
      aforementioned script may consider a named instance to be fully shut
      down when in fact it is not.
      
      Fix by also checking whether the lock file exists when determining a
      given instance's shutdown status.  This change assumes that if a named
      instance uses a lock file, it is called "named.lock".
      
      Also rename clean_pid_file() to pid_file_exists(), so that it is called
      more appropriately (it does not clean up the PID file itself, it only
      returns the server's identifier if its PID file is not yet cleaned up).
      c787a539
    • Michał Kępień's avatar
      Correctly invoke stop.pl when start.pl fails · 4afad2a0
      Michał Kępień authored
      MR !1141 broke the way stop.pl is invoked when start.pl fails:
      
        - start.pl changes the working directory to $testdir/$server before
          attempting to start $server,
      
        - commit 27ee629e causes the $testdir
          variable in stop.pl to be determined using the $SYSTEMTESTTOP
          environment variable, which is set to ".." by all tests.sh scripts,
      
        - commit e227815a makes start.pl pass
          $test (the test's name) rather than $testdir (the path to the test's
          directory) to stop.pl when a given server fails to start.
      
      Thus, when a server is restarted from within a tests.sh script and such
      a restart fails, stop.pl attempts to look for the server directory in a
      nonexistent location ($testdir/$server/../$test, i.e. $testdir/$test,
      instead of $testdir/../$test).  Fix the issue by changing the working
      directory before stop.pl is invoked in the scenario described above.
      4afad2a0
  2. 15 Mar, 2019 1 commit
  3. 14 Mar, 2019 2 commits
  4. 12 Mar, 2019 2 commits
    • Michał Kępień's avatar
      Silence a Perl warning output by stop.pl · 91e5a99b
      Michał Kępień authored
      On Unix systems, the CYGWIN environment variable is not set at all when
      BIND system tests are run.  If a named instance crashes on shutdown or
      otherwise fails to clean up its pidfile and the CYGWIN environment
      variable is not set, stop.pl will print an uninitialized value warning
      on standard error.  Prevent this by using defined().
      91e5a99b
    • Petr Menšík's avatar
      Allow ifconfig to be called from any directory · 38301052
      Petr Menšík authored
      ifconfig.sh depends on config.guess for platform guessing. It uses it to
      choose between ifconfig or ip tools to configure interfaces. If
      system-wide automake script is installed and local was not found, use
      platform guess. It should work well on mostly any sane platform. Still
      prefers local guess, but passes when if cannot find it.
      38301052
  5. 11 Mar, 2019 7 commits
    • Michał Kępień's avatar
      Stabilize "delzsk.example" zone checks · e02de04e
      Michał Kępień authored
      When a zone is converted from NSEC to NSEC3, the private record at zone
      apex indicating that NSEC3 chain creation is in progress may be removed
      during a different (later) zone_nsec3chain() call than the one which
      adds the NSEC3PARAM record.  The "delzsk.example" zone check only waits
      for the NSEC3PARAM record to start appearing in dig output while private
      records at zone apex directly affect "rndc signing -list" output.  This
      may trigger false positives for the "autosign" system test as the output
      of the "rndc signing -list" command used for checking ZSK deletion
      progress may contain extra lines which are not accounted for.  Ensure
      the private record is removed from zone apex before triggering ZSK
      deletion in the aforementioned check.
      
      Also future-proof the ZSK deletion progress check by making it only look
      at lines it should care about.
      e02de04e
    • Mark Andrews's avatar
      ${ttl} must exist and be non null · dee1f1a4
      Mark Andrews authored
      dee1f1a4
    • Michał Kępień's avatar
      Make ANSWER TTL capping checks stricter · a85cc414
      Michał Kępień authored
      For checks querying a named instance with "dnssec-accept-expired yes;"
      set, authoritative responses have a TTL of 300 seconds.  Assuming empty
      resolver cache, TTLs of RRsets in the ANSWER section of the first
      response to a given query will always match their authoritative
      counterparts.  Also note that for a DNSSEC-validating named resolver,
      validated RRsets replace any existing non-validated RRsets with the same
      owner name and type, e.g. cached from responses received while resolving
      CD=1 queries.  Since TTL capping happens before a validated RRset is
      inserted into the cache and RRSIG expiry time does not impose an upper
      TTL bound when "dnssec-accept-expired yes;" is set and, as pointed out
      above, the original TTLs of the relevant RRsets equal 300 seconds, the
      RRsets in the ANSWER section of the responses to expiring.example/SOA
      and expired.example/SOA queries sent with CD=0 should always be exactly
      120 seconds, never a lower value.  Make the relevant TTL checks stricter
      to reflect that.
      a85cc414
    • Michał Kępień's avatar
      Relax ADDITIONAL TTL capping checks · 8baf8590
      Michał Kępień authored
      Always expecting a TTL of exactly 300 seconds for RRsets found in the
      ADDITIONAL section of responses received for CD=1 queries sent during
      TTL capping checks is too strict since these responses will contain
      records cached from multiple DNS messages received during the resolution
      process.
      
      In responses to queries sent with CD=1, ns.expiring.example/A in the
      ADDITIONAL section will come from a delegation returned by ns2 while the
      ANSWER section will come from an authoritative answer returned by ns3.
      If the queries to ns2 and ns3 happen at different Unix timestamps,
      RRsets cached from the older response will have a different TTL by the
      time they are returned to dig, triggering a false positive.
      
      Allow a safety margin of 60 seconds for checks inspecting the ADDITIONAL
      section of responses to queries sent with CD=1 to fix the issue.  A
      safety margin this large is likely overkill, but it is used nevertheless
      for consistency with similar safety margins used in other TTL capping
      checks.
      8baf8590
    • Michał Kępień's avatar
      Fix message section checked in a TTL capping test · a597bd52
      Michał Kępień authored
      Commit c032c54d inadvertently changed
      the DNS message section inspected by one of the TTL capping checks from
      ADDITIONAL to ANSWER, introducing a discrepancy between that check's
      description and its actual meaning.  Revert to inspecting the ADDITIONAL
      section in the aforementioned check.
      a597bd52
    • Michał Kępień's avatar
      Fix NTA-related races · 9a36a1bb
      Michał Kępień authored
      Changes introduced by commit 6b8e4d6e
      were incomplete as not all time-sensitive checks were updated to match
      revised "nta-lifetime" and "nta-recheck" values.  Prevent rare false
      positives by updating all NTA-related checks so that they work reliably
      with "nta-lifetime 12s;" and "nta-recheck 9s;".  Update comments as well
      to prevent confusion.
      9a36a1bb
    • Evan Hunt's avatar
      test the use of the view ACL in DLZ · e2062879
      Evan Hunt authored
      e2062879
  6. 08 Mar, 2019 5 commits
  7. 07 Mar, 2019 2 commits
  8. 06 Mar, 2019 1 commit
  9. 05 Mar, 2019 1 commit
    • Michał Kępień's avatar
      Disable SERVFAIL cache for ns5 in the "mkeys" system test · 7c6bff3c
      Michał Kępień authored
      The "check key refreshes are resumed after root servers become
      available" check may trigger a false positive for the "mkeys" system
      test if the second example/TXT query sent by dig is received by ns5 less
      than a second after it receives a REFUSED response to the upstream query
      it sends to ns1 in order to resolve the first example/TXT query sent by
      dig.  Since that REFUSED response from ns1 causes ns5 to return a
      SERVFAIL answer to dig, example/TXT is added to the SERVFAIL cache,
      which is enabled by default with a TTL of 1 second.  This in turn may
      cause ns5 to return a cached SERVFAIL response to the second example/TXT
      query sent by dig, i.e. make ns5 not perform full query processing as
      expected by the check.
      
      Since the primary purpose of the check in question is to ensure that key
      refreshes are resumed once initially unavailable root servers become
      available, the optimal solution appears to be disabling SERVFAIL cache
      for ns5 as doing that still allows the check to fulfill its purpose and
      it is arguably more prudent than always sleeping for 1 second.
      7c6bff3c
  10. 04 Mar, 2019 2 commits
    • Matthijs Mekking's avatar
      Ensure all system tests run clean.sh from setup.sh · e4108039
      Matthijs Mekking authored
      For consistency between all system tests, add missing setup.sh scripts
      for tests which do not have one yet and ensure every setup.sh script
      calls its respective clean.sh script.
      e4108039
    • Matthijs Mekking's avatar
      Only perform test cleanups in clean.sh scripts · c64ed484
      Matthijs Mekking authored
      Temporary files created by a given system test should be removed by its
      clean.sh script, not its setup.sh script.  Remove redundant "rm"
      invocations from setup.sh scripts.  Move required "rm" invocations from
      setup.sh scripts to their corresponding clean.sh scripts.
      c64ed484
  11. 01 Mar, 2019 2 commits
    • Petr Menšík's avatar
      Support DLZ filesystem detection in feature-test · 759a7b4c
      Petr Menšík authored
      Do not use variable from configure to detect the feature.
      759a7b4c
    • Michał Kępień's avatar
      Fix IP regex used in the "resolver" system test · 70ae48e5
      Michał Kępień authored
      If dots are not escaped in the "1.2.3.4" regular expressions used for
      checking whether IP address 1.2.3.4 is present in the tested resolver's
      answers, a COOKIE that matches such a regular expression will trigger a
      false positive for the "resolver" system test.  Properly escape dots in
      the aforementioned regular expressions to prevent that from happening.
      70ae48e5
  12. 28 Feb, 2019 3 commits
    • Evan Hunt's avatar
      test correct occlusion of DNSSEC records · c6939f0b
      Evan Hunt authored
      c6939f0b
    • Michał Kępień's avatar
      Do not include conf.sh from ttl/clean.sh · 66028484
      Michał Kępień authored
      Including $SYSTEMTESTTOP/conf.sh from a system test's clean.sh script is
      not needed for anything while it causes an error message to be printed
      out when "./configure" is run, as "make clean" is invoked at the end.
      Remove the offending line to prevent the error from occurring.
      66028484
    • Michał Kępień's avatar
      Call clean.sh from all relevant setup.sh scripts · a077a3ae
      Michał Kępień authored
      For all system tests utilizing named instances, call clean.sh from each
      test's setup.sh script in a consistent way to make sure running the same
      system test multiple times using run.sh does not trigger false positives
      caused by stale files created by previous runs.
      
      Ideally we would just call clean.sh from run.sh, but that would break
      some quirky system tests like "rpz" or "rpzrecurse" and being consistent
      for the time being does not hurt.
      a077a3ae
  13. 22 Feb, 2019 4 commits