Merge branch '1721-grow-shrink-dnssec-sign-stats-v9_16' into 'v9_16'

Grow and shrink dnssec-sign statistics on key rollover events (9.16)

See merge request isc-projects/bind9!5354
This commit is contained in:
Matthijs Mekking 2021-08-24 08:58:21 +00:00
commit 2bc855fff8
15 changed files with 451 additions and 47 deletions

View file

@ -1,3 +1,6 @@
5699. [func] Grow and shrink dnssec-sign statistics on key rollover
events. [GL #1721]
5698. [bug] Migrate a single key to CSK when reconfiguring a zone
to use 'dnssec-policy'. [GL #2857]

View file

@ -36,8 +36,8 @@ controls {
dnssec-policy "manykeys" {
keys {
ksk lifetime unlimited algorithm 5;
zsk lifetime unlimited algorithm 5;
ksk lifetime unlimited algorithm 8;
zsk lifetime unlimited algorithm 8;
ksk lifetime unlimited algorithm 13;
zsk lifetime unlimited algorithm 13;
ksk lifetime unlimited algorithm 14;
@ -62,8 +62,9 @@ zone "dnssec" {
};
zone "manykeys" {
type primary;
file "manykeys.db.signed";
type primary;
file "manykeys.db.signed";
allow-update { any; };
zone-statistics full;
dnssec-policy "manykeys";
};

View file

@ -0,0 +1,66 @@
/*
* Copyright (C) Internet Systems Consortium, Inc. ("ISC")
*
* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
*
* See the COPYRIGHT file distributed with this work for additional
* information regarding copyright ownership.
*/
options {
query-source address 10.53.0.2;
notify-source 10.53.0.2;
transfer-source 10.53.0.2;
port @PORT@;
pid-file "named.pid";
listen-on { 10.53.0.2; };
listen-on-v6 { none; };
recursion no;
notify no;
minimal-responses no;
version none; // make statistics independent of the version number
};
statistics-channels { inet 10.53.0.2 port @EXTRAPORT1@ allow { localhost; }; };
key rndc_key {
secret "1234abcd8765";
algorithm hmac-sha256;
};
controls {
inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; };
};
dnssec-policy "manykeys" {
keys {
ksk lifetime unlimited algorithm 8;
zsk lifetime unlimited algorithm 8;
};
};
zone "example" {
type primary;
file "example.db";
allow-transfer { any; };
};
zone "dnssec" {
type primary;
file "dnssec.db.signed";
auto-dnssec maintain;
allow-update { any; };
zone-statistics full;
dnssec-dnskey-kskonly yes;
update-check-ksk yes;
};
zone "manykeys" {
type primary;
file "manykeys.db.signed";
allow-update { any; };
zone-statistics full;
dnssec-policy "manykeys";
};

View file

@ -185,14 +185,11 @@ refresh_prefix="dnssec-refresh operations"
ksk_id=`cat ns2/$zone.ksk.id`
zsk_id=`cat ns2/$zone.zsk.id`
# 1. Test sign operations for scheduled resigning.
# Test sign operations for scheduled resigning.
ret=0
# The dnssec zone has 10 RRsets to sign (including NSEC) with the ZSK and one
# RRset (DNSKEY) with the KSK. So starting named with signatures that expire
# almost right away, this should trigger 10 zsk and 1 ksk sign operations.
# However, the DNSSEC maintenance assumes when we see the SOA record we have
# walked the whole zone, since the SOA record should always have the most
# recent signature.
echo "${refresh_prefix} ${zsk_id}: 10" > zones.expect
echo "${refresh_prefix} ${ksk_id}: 1" >> zones.expect
echo "${sign_prefix} ${zsk_id}: 10" >> zones.expect
@ -200,20 +197,20 @@ echo "${sign_prefix} ${ksk_id}: 1" >> zones.expect
cat zones.expect | sort > zones.expect.$n
rm -f zones.expect
# Fetch and check the dnssec sign statistics.
echo_i "fetching zone stats data after zone maintenance at startup ($n)"
echo_i "fetching zone '$zone' stats data after zone maintenance at startup ($n)"
if [ $PERL_XML ]; then
getzones xml $zone x$n || ret=1
cmp zones.out.x$n zones.expect.$n || ret=1
fi
if [ $PERL_JSON ]; then
getzones json $zone j$n || ret=1
getzones json 0 j$n || ret=1
cmp zones.out.j$n zones.expect.$n || ret=1
fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
n=`expr $n + 1`
# 2. Test sign operations after dynamic update.
# Test sign operations after dynamic update.
ret=0
(
# Update dnssec zone to trigger signature creation.
@ -230,22 +227,22 @@ echo "${sign_prefix} ${ksk_id}: 1" >> zones.expect
cat zones.expect | sort > zones.expect.$n
rm -f zones.expect
# Fetch and check the dnssec sign statistics.
echo_i "fetching zone stats data after dynamic update ($n)"
echo_i "fetching zone '$zone' stats data after dynamic update ($n)"
if [ $PERL_XML ]; then
getzones xml $zone x$n || ret=1
cmp zones.out.x$n zones.expect.$n || ret=1
fi
if [ $PERL_JSON ]; then
getzones json $zone j$n || ret=1
getzones json 0 j$n || ret=1
cmp zones.out.j$n zones.expect.$n || ret=1
fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
n=`expr $n + 1`
# 3. Test sign operations of KSK.
# Test sign operations of KSK.
ret=0
echo_i "fetch zone stats data after updating DNSKEY RRset ($n)"
echo_i "fetch zone '$zone' stats data after updating DNSKEY RRset ($n)"
# Add a standby DNSKEY, this triggers resigning the DNSKEY RRset.
zsk=$("$KEYGEN" -K ns2 -q -a "$DEFAULT_ALGORITHM" -b "$DEFAULT_BITS" "$zone")
$SETTIME -K ns2 -P now -A never $zsk.key > /dev/null
@ -263,13 +260,117 @@ if [ $PERL_XML ]; then
cmp zones.out.x$n zones.expect.$n || ret=1
fi
if [ $PERL_JSON ]; then
getzones json $zone j$n || ret=1
getzones json 0 j$n || ret=1
cmp zones.out.j$n zones.expect.$n || ret=1
fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
n=`expr $n + 1`
# Test sign operations for scheduled resigning (many keys).
ret=0
zone="manykeys"
ksk8_id=`cat ns2/$zone.ksk8.id`
zsk8_id=`cat ns2/$zone.zsk8.id`
ksk13_id=`cat ns2/$zone.ksk13.id`
zsk13_id=`cat ns2/$zone.zsk13.id`
ksk14_id=`cat ns2/$zone.ksk14.id`
zsk14_id=`cat ns2/$zone.zsk14.id`
# The dnssec zone has 10 RRsets to sign (including NSEC) with the ZSKs and one
# RRset (DNSKEY) with the KSKs. So starting named with signatures that expire
# almost right away, this should trigger 10 zsk and 1 ksk sign operations per
# key.
echo "${refresh_prefix} ${zsk8_id}: 10" > zones.expect
echo "${refresh_prefix} ${zsk13_id}: 10" >> zones.expect
echo "${refresh_prefix} ${zsk14_id}: 10" >> zones.expect
echo "${refresh_prefix} ${ksk8_id}: 1" >> zones.expect
echo "${refresh_prefix} ${ksk13_id}: 1" >> zones.expect
echo "${refresh_prefix} ${ksk14_id}: 1" >> zones.expect
echo "${sign_prefix} ${zsk8_id}: 10" >> zones.expect
echo "${sign_prefix} ${zsk13_id}: 10" >> zones.expect
echo "${sign_prefix} ${zsk14_id}: 10" >> zones.expect
echo "${sign_prefix} ${ksk8_id}: 1" >> zones.expect
echo "${sign_prefix} ${ksk13_id}: 1" >> zones.expect
echo "${sign_prefix} ${ksk14_id}: 1" >> zones.expect
cat zones.expect | sort > zones.expect.$n
rm -f zones.expect
# Fetch and check the dnssec sign statistics.
echo_i "fetching zone '$zone' stats data after zone maintenance at startup ($n)"
if [ $PERL_XML ]; then
getzones xml $zone x$n || ret=1
cmp zones.out.x$n zones.expect.$n || ret=1
fi
if [ $PERL_JSON ]; then
getzones json 2 j$n || ret=1
cmp zones.out.j$n zones.expect.$n || ret=1
fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
n=`expr $n + 1`
# Test sign operations after dynamic update (many keys).
ret=0
(
# Update dnssec zone to trigger signature creation.
echo zone $zone
echo server 10.53.0.2 "$PORT"
echo update add $zone. 300 in txt "nsupdate added me"
echo send
) | $NSUPDATE
# This should trigger the resign of SOA, TXT and NSEC (+3 zsk).
echo "${refresh_prefix} ${zsk8_id}: 10" > zones.expect
echo "${refresh_prefix} ${zsk13_id}: 10" >> zones.expect
echo "${refresh_prefix} ${zsk14_id}: 10" >> zones.expect
echo "${refresh_prefix} ${ksk8_id}: 1" >> zones.expect
echo "${refresh_prefix} ${ksk13_id}: 1" >> zones.expect
echo "${refresh_prefix} ${ksk14_id}: 1" >> zones.expect
echo "${sign_prefix} ${zsk8_id}: 13" >> zones.expect
echo "${sign_prefix} ${zsk13_id}: 13" >> zones.expect
echo "${sign_prefix} ${zsk14_id}: 13" >> zones.expect
echo "${sign_prefix} ${ksk8_id}: 1" >> zones.expect
echo "${sign_prefix} ${ksk13_id}: 1" >> zones.expect
echo "${sign_prefix} ${ksk14_id}: 1" >> zones.expect
cat zones.expect | sort > zones.expect.$n
rm -f zones.expect
# Fetch and check the dnssec sign statistics.
echo_i "fetching zone '$zone' stats data after dynamic update ($n)"
if [ $PERL_XML ]; then
getzones xml $zone x$n || ret=1
cmp zones.out.x$n zones.expect.$n || ret=1
fi
if [ $PERL_JSON ]; then
getzones json 2 j$n || ret=1
cmp zones.out.j$n zones.expect.$n || ret=1
fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
n=`expr $n + 1`
# Test sign operations after dnssec-policy change (removing keys).
ret=0
copy_setports ns2/named2.conf.in ns2/named.conf
$RNDCCMD 10.53.0.2 reload 2>&1 | sed 's/^/I:ns2 /'
# This should trigger the resign of DNSKEY (+1 ksk), and SOA, NSEC,
# TYPE65534 (+3 zsk). The dnssec-sign statistics for the removed keys should
# be cleared and thus no longer visible. But NSEC and SOA are (mistakenly)
# counted double, one time because of zone_resigninc and one time because of
# zone_nsec3chain. So +5 zsk in total.
echo "${refresh_prefix} ${zsk8_id}: 15" > zones.expect
echo "${refresh_prefix} ${ksk8_id}: 2" >> zones.expect
echo "${sign_prefix} ${zsk8_id}: 18" >> zones.expect
echo "${sign_prefix} ${ksk8_id}: 2" >> zones.expect
cat zones.expect | sort > zones.expect.$n
rm -f zones.expect
# Fetch and check the dnssec sign statistics.
echo_i "fetching zone '$zone' stats data after dnssec-policy change ($n)"
if [ $PERL_XML ]; then
getzones xml $zone x$n || ret=1
cmp zones.out.x$n zones.expect.$n || ret=1
fi
if [ $PERL_JSON ]; then
getzones json 2 j$n || ret=1
cmp zones.out.j$n zones.expect.$n || ret=1
fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
n=`expr $n + 1`

View file

@ -23,7 +23,6 @@ close(INPUT);
my $ref = decode_json($text);
my $dnssecsign = $ref->{views}->{_default}->{zones}[$zone]->{"dnssec-sign"};
my $type = "dnssec-sign operations ";
foreach $key (keys %{$dnssecsign}) {

View file

@ -698,8 +698,17 @@ void
dns_dnssecsignstats_increment(dns_stats_t *stats, dns_keytag_t id, uint8_t alg,
dnssecsignstats_type_t operation);
/*%<
* Increment the statistics counter for the DNSKEY 'id'. The 'operation'
* determines what counter is incremented.
* Increment the statistics counter for the DNSKEY 'id' with algorithm 'alg'.
* The 'operation' determines what counter is incremented.
*
* Requires:
*\li 'stats' is a valid dns_stats_t created by dns_dnssecsignstats_create().
*/
void
dns_dnssecsignstats_clear(dns_stats_t *stats, dns_keytag_t id, uint8_t alg);
/*%<
* Clear the statistics counter for the DNSKEY 'id' with algorithm 'alg'.
*
* Requires:
*\li 'stats' is a valid dns_stats_t created by dns_dnssecsignstats_create().

View file

@ -103,7 +103,7 @@ typedef enum {
*/
/* Maximum number of keys to keep track of for DNSSEC signing statistics. */
static int dnssecsign_max_keys = 4;
static int dnssecsign_num_keys = 4;
static int dnssecsign_block_size = 3;
/* Key id mask */
#define DNSSECSIGNSTATS_KEY_ID_MASK 0x0000FFFF
@ -245,7 +245,8 @@ dns_dnssecsignstats_create(isc_mem_t *mctx, dns_stats_t **statsp) {
* the actual counters for creating and refreshing signatures.
*/
return (create_stats(mctx, dns_statstype_dnssec,
dnssecsign_max_keys * 3, statsp));
dnssecsign_num_keys * dnssecsign_block_size,
statsp));
}
/*%
@ -361,6 +362,8 @@ void
dns_dnssecsignstats_increment(dns_stats_t *stats, dns_keytag_t id, uint8_t alg,
dnssecsignstats_type_t operation) {
uint32_t kval;
int num_keys = isc_stats_ncounters(stats->counters) /
dnssecsign_block_size;
REQUIRE(DNS_STATS_VALID(stats) && stats->type == dns_statstype_dnssec);
@ -368,7 +371,7 @@ dns_dnssecsignstats_increment(dns_stats_t *stats, dns_keytag_t id, uint8_t alg,
kval = (uint32_t)(alg << 16 | id);
/* Look up correct counter. */
for (int i = 0; i < dnssecsign_max_keys; i++) {
for (int i = 0; i < num_keys; i++) {
int idx = i * dnssecsign_block_size;
uint32_t counter = isc_stats_get_counter(stats->counters, idx);
if (counter == kval) {
@ -379,7 +382,7 @@ dns_dnssecsignstats_increment(dns_stats_t *stats, dns_keytag_t id, uint8_t alg,
}
/* No match found. Store key in unused slot. */
for (int i = 0; i < dnssecsign_max_keys; i++) {
for (int i = 0; i < num_keys; i++) {
int idx = i * dnssecsign_block_size;
uint32_t counter = isc_stats_get_counter(stats->counters, idx);
if (counter == 0) {
@ -389,27 +392,12 @@ dns_dnssecsignstats_increment(dns_stats_t *stats, dns_keytag_t id, uint8_t alg,
}
}
/* No room, rotate keys. */
for (int i = 1; i < dnssecsign_max_keys; i++) {
int gidx = i * dnssecsign_block_size; /* Get key (get index,
gidx) */
uint32_t keyv = isc_stats_get_counter(stats->counters, gidx);
uint32_t sign = isc_stats_get_counter(
stats->counters, (gidx + dns_dnssecsignstats_sign));
uint32_t refr = isc_stats_get_counter(
stats->counters, (gidx + dns_dnssecsignstats_refresh));
int sidx = (i - 1) * dnssecsign_block_size; /* Set key, (set
index, sidx) */
isc_stats_set(stats->counters, keyv, sidx);
isc_stats_set(stats->counters, sign,
(sidx + dns_dnssecsignstats_sign));
isc_stats_set(stats->counters, refr,
(sidx + dns_dnssecsignstats_refresh));
}
/* No room, grow stats storage. */
isc_stats_resize(&stats->counters,
(num_keys * dnssecsign_block_size * 2));
/* Reset counters for new key (new index, nidx). */
int nidx = (dnssecsign_max_keys - 1) * dnssecsign_block_size;
int nidx = num_keys * dnssecsign_block_size;
isc_stats_set(stats->counters, kval, nidx);
isc_stats_set(stats->counters, 0, (nidx + dns_dnssecsignstats_sign));
isc_stats_set(stats->counters, 0, (nidx + dns_dnssecsignstats_refresh));
@ -418,6 +406,33 @@ dns_dnssecsignstats_increment(dns_stats_t *stats, dns_keytag_t id, uint8_t alg,
isc_stats_increment(stats->counters, (nidx + operation));
}
void
dns_dnssecsignstats_clear(dns_stats_t *stats, dns_keytag_t id, uint8_t alg) {
uint32_t kval;
int num_keys = isc_stats_ncounters(stats->counters) /
dnssecsign_block_size;
REQUIRE(DNS_STATS_VALID(stats) && stats->type == dns_statstype_dnssec);
/* Shift algorithm in front of key tag, which is 16 bits */
kval = (uint32_t)(alg << 16 | id);
/* Look up correct counter. */
for (int i = 0; i < num_keys; i++) {
int idx = i * dnssecsign_block_size;
uint32_t counter = isc_stats_get_counter(stats->counters, idx);
if (counter == kval) {
/* Match */
isc_stats_set(stats->counters, 0, idx);
isc_stats_set(stats->counters, 0,
(idx + dns_dnssecsignstats_sign));
isc_stats_set(stats->counters, 0,
(idx + dns_dnssecsignstats_refresh));
return;
}
}
}
/*%
* Dump methods
*/
@ -525,9 +540,10 @@ dnssec_dumpcb(isc_statscounter_t counter, uint64_t value, void *arg) {
static void
dnssec_statsdump(isc_stats_t *stats, dnssecsignstats_type_t operation,
isc_stats_dumper_t dump_fn, void *arg, unsigned int options) {
int i;
int i, num_keys;
for (i = 0; i < dnssecsign_max_keys; i++) {
num_keys = isc_stats_ncounters(stats) / dnssecsign_block_size;
for (i = 0; i < num_keys; i++) {
int idx = dnssecsign_block_size * i;
uint32_t kval, val;
dns_keytag_t id;

View file

@ -339,6 +339,7 @@ dns_dnssec_verify
dns_dnssec_verifymessage
dns_dnsseckey_create
dns_dnsseckey_destroy
dns_dnssecsignstats_clear
dns_dnssecsignstats_create
dns_dnssecsignstats_dump
dns_dnssecsignstats_increment

View file

@ -21560,6 +21560,8 @@ zone_rekey(dns_zone_t *zone) {
if (commit) {
dns_difftuple_t *tuple;
dns_stats_t *dnssecsignstats =
dns_zone_getdnssecsignstats(zone);
DNS_ZONE_SETFLAG(zone, DNS_ZONEFLG_NEEDNOTIFY);
@ -21580,6 +21582,22 @@ zone_rekey(dns_zone_t *zone) {
"%s",
dns_result_totext(result));
}
/* Clear DNSSEC sign statistics. */
if (dnssecsignstats != NULL) {
dns_dnssecsignstats_clear(
dnssecsignstats,
dst_key_id(key->key),
dst_key_alg(key->key));
/*
* Also clear the dnssec-sign
* statistics of the revoked key id.
*/
dns_dnssecsignstats_clear(
dnssecsignstats,
dst_key_rid(key->key),
dst_key_alg(key->key));
}
}
}

View file

@ -238,6 +238,17 @@ isc_stats_get_counter(isc_stats_t *stats, isc_statscounter_t counter);
* on creation.
*/
void
isc_stats_resize(isc_stats_t **stats, int ncounters);
/*%<
* Resize a statistics counter structure of general type. The new set of
* counters are indexed by an ID between 0 and ncounters -1.
*
* Requires:
*\li 'stats' is a valid isc_stats_t.
*\li 'ncounters' is a non-zero positive number.
*/
ISC_LANG_ENDDECLS
#endif /* ISC_STATS_H */

View file

@ -167,3 +167,35 @@ isc_stats_get_counter(isc_stats_t *stats, isc_statscounter_t counter) {
return (atomic_load_acquire(&stats->counters[counter]));
}
void
isc_stats_resize(isc_stats_t **statsp, int ncounters) {
isc_stats_t *stats;
size_t counters_alloc_size;
isc__atomic_statcounter_t *newcounters;
REQUIRE(statsp != NULL && *statsp != NULL);
REQUIRE(ISC_STATS_VALID(*statsp));
REQUIRE(ncounters > 0);
stats = *statsp;
if (stats->ncounters >= ncounters) {
/* We already have enough counters. */
return;
}
/* Grow number of counters. */
counters_alloc_size = sizeof(isc__atomic_statcounter_t) * ncounters;
newcounters = isc_mem_get(stats->mctx, counters_alloc_size);
for (int i = 0; i < ncounters; i++) {
atomic_init(&newcounters[i], 0);
}
for (int i = 0; i < stats->ncounters; i++) {
uint32_t counter = atomic_load_acquire(&stats->counters[i]);
atomic_store_release(&newcounters[i], counter);
}
isc_mem_put(stats->mctx, stats->counters,
sizeof(isc__atomic_statcounter_t) * stats->ncounters);
stats->counters = newcounters;
stats->ncounters = ncounters;
}

View file

@ -36,7 +36,7 @@ SRCS = isctest.c aes_test.c buffer_test.c \
parse_test.c pool_test.c \
quota_test.c radix_test.c random_test.c \
regex_test.c result_test.c safe_test.c siphash_test.c sockaddr_test.c \
socket_test.c symtab_test.c task_test.c \
socket_test.c stats_test.c symtab_test.c task_test.c \
taskpool_test.c time_test.c timer_test.c
SUBDIRS =
@ -51,8 +51,9 @@ TARGETS = aes_test@EXEEXT@ buffer_test@EXEEXT@ \
quota_test@EXEEXT@ radix_test@EXEEXT@ \
random_test@EXEEXT@ regex_test@EXEEXT@ result_test@EXEEXT@ \
safe_test@EXEEXT@ siphash_test@EXEEXT@ sockaddr_test@EXEEXT@ \
socket_test@EXEEXT@ symtab_test@EXEEXT@ task_test@EXEEXT@ \
taskpool_test@EXEEXT@ time_test@EXEEXT@ timer_test@EXEEXT@
socket_test@EXEEXT@ stats_test@EXEEXT@ symtab_test@EXEEXT@ \
task_test@EXEEXT@ taskpool_test@EXEEXT@ time_test@EXEEXT@ \
timer_test@EXEEXT@
@BIND9_MAKE_RULES@
@ -181,6 +182,11 @@ sockaddr_test@EXEEXT@: sockaddr_test.@O@ isctest.@O@ ${ISCDEPLIBS}
${LDFLAGS} -o $@ sockaddr_test.@O@ isctest.@O@ \
${ISCLIBS} ${LIBS}
stats_test@EXEEXT@: stats_test.@O@ isctest.@O@ ${ISCDEPLIBS}
${LIBTOOL_MODE_LINK} ${PURIFY} ${CC} ${CFLAGS} \
${LDFLAGS} -o $@ stats_test.@O@ isctest.@O@ \
${ISCLIBS} ${LIBS}
symtab_test@EXEEXT@: symtab_test.@O@ isctest.@O@ ${ISCDEPLIBS}
${LIBTOOL_MODE_LINK} ${PURIFY} ${CC} ${CFLAGS} \
${LDFLAGS} -o $@ symtab_test.@O@ isctest.@O@ \

139
lib/isc/tests/stats_test.c Normal file
View file

@ -0,0 +1,139 @@
/*
* Copyright (C) Internet Systems Consortium, Inc. ("ISC")
*
* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, you can obtain one at https://mozilla.org/MPL/2.0/.
*
* See the COPYRIGHT file distributed with this work for additional
* information regarding copyright ownership.
*/
#if HAVE_CMOCKA
#include <sched.h> /* IWYU pragma: keep */
#include <setjmp.h>
#include <stdarg.h>
#include <stddef.h>
#include <stdlib.h>
#include <string.h>
#define UNIT_TESTING
#include <cmocka.h>
#include <isc/mem.h>
#include <isc/result.h>
#include <isc/stats.h>
#include <isc/util.h>
#include "isctest.h"
static int
_setup(void **state) {
isc_result_t result;
UNUSED(state);
result = isc_test_begin(NULL, true, 0);
assert_int_equal(result, ISC_R_SUCCESS);
return (0);
}
static int
_teardown(void **state) {
UNUSED(state);
isc_test_end();
return (0);
}
/* test stats */
static void
isc_stats_basic_test(void **state) {
isc_stats_t *stats = NULL;
isc_result_t result;
UNUSED(state);
result = isc_stats_create(test_mctx, &stats, 4);
assert_int_equal(result, ISC_R_SUCCESS);
assert_int_equal(isc_stats_ncounters(stats), 4);
/* Default all 0. */
for (int i = 0; i < isc_stats_ncounters(stats); i++) {
assert_int_equal(isc_stats_get_counter(stats, i), 0);
}
/* Test increment. */
for (int i = 0; i < isc_stats_ncounters(stats); i++) {
isc_stats_increment(stats, i);
assert_int_equal(isc_stats_get_counter(stats, i), 1);
isc_stats_increment(stats, i);
assert_int_equal(isc_stats_get_counter(stats, i), 2);
}
/* Test decrement. */
for (int i = 0; i < isc_stats_ncounters(stats); i++) {
isc_stats_decrement(stats, i);
assert_int_equal(isc_stats_get_counter(stats, i), 1);
isc_stats_decrement(stats, i);
assert_int_equal(isc_stats_get_counter(stats, i), 0);
}
/* Test set. */
for (int i = 0; i < isc_stats_ncounters(stats); i++) {
isc_stats_set(stats, i, i);
assert_int_equal(isc_stats_get_counter(stats, i), i);
}
/* Test update if greater. */
for (int i = 0; i < isc_stats_ncounters(stats); i++) {
isc_stats_update_if_greater(stats, i, i);
assert_int_equal(isc_stats_get_counter(stats, i), i);
isc_stats_update_if_greater(stats, i, i + 1);
assert_int_equal(isc_stats_get_counter(stats, i), i + 1);
}
/* Test resize. */
isc_stats_resize(&stats, 3);
assert_int_equal(isc_stats_ncounters(stats), 4);
isc_stats_resize(&stats, 4);
assert_int_equal(isc_stats_ncounters(stats), 4);
isc_stats_resize(&stats, 5);
assert_int_equal(isc_stats_ncounters(stats), 5);
/* Existing counters are retained */
for (int i = 0; i < isc_stats_ncounters(stats); i++) {
uint32_t expect = i + 1;
if (i == 4) {
expect = 0;
}
assert_int_equal(isc_stats_get_counter(stats, i), expect);
}
isc_stats_detach(&stats);
}
int
main(void) {
const struct CMUnitTest tests[] = {
cmocka_unit_test_setup_teardown(isc_stats_basic_test, _setup,
_teardown),
};
return (cmocka_run_group_tests(tests, NULL, NULL));
}
#else /* HAVE_CMOCKA */
#include <stdio.h>
int
main(void) {
printf("1..0 # Skipped: cmocka not available\n");
return (SKIPPED_TEST_EXIT_CODE);
}
#endif /* if HAVE_CMOCKA */

View file

@ -609,6 +609,7 @@ isc_stats_dump
isc_stats_get_counter
isc_stats_increment
isc_stats_ncounters
isc_stats_resize
isc_stats_set
isc_stats_update_if_greater
isc_stdio_close

View file

@ -2275,6 +2275,7 @@
./lib/isc/tests/siphash_test.c C 2019,2020,2021
./lib/isc/tests/sockaddr_test.c C 2012,2015,2016,2017,2018,2019,2020,2021
./lib/isc/tests/socket_test.c C 2011,2012,2013,2014,2015,2016,2017,2018,2019,2020,2021
./lib/isc/tests/stats_test.c C 2021
./lib/isc/tests/symtab_test.c C 2011,2012,2013,2016,2018,2019,2020,2021
./lib/isc/tests/task_test.c C 2011,2012,2016,2017,2018,2019,2020,2021
./lib/isc/tests/taskpool_test.c C 2011,2012,2016,2018,2019,2020,2021