From 22d10df0f0a94aa8db228fcd3693262b852ada68 Mon Sep 17 00:00:00 2001 From: Mark Andrews Date: Thu, 24 Sep 2020 14:57:47 +1000 Subject: [PATCH 1/2] add test markers to ns3 named.log --- bin/tests/system/rpzrecurse/tests.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/bin/tests/system/rpzrecurse/tests.sh b/bin/tests/system/rpzrecurse/tests.sh index f3ca29b9d4..ee79f3fe7c 100644 --- a/bin/tests/system/rpzrecurse/tests.sh +++ b/bin/tests/system/rpzrecurse/tests.sh @@ -502,7 +502,7 @@ for mode in native dnsrps; do t=`expr $t + 1` echo_i "checking 'nsip-wait-recurse no' is faster than 'nsip-wait-recurse yes' ($t)" - add_test_marker 10.53.0.2 + add_test_marker 10.53.0.2 10.53.0.3 echo_i "timing 'nsip-wait-recurse yes' (default)" ret=0 t1=`$PERL -e 'print time()."\n";'` @@ -533,7 +533,7 @@ for mode in native dnsrps; do t=`expr $t + 1` echo_i "checking 'nsdname-wait-recurse no' is faster than 'nsdname-wait-recurse yes' ($t)" - add_test_marker 10.53.0.2 + add_test_marker 10.53.0.2 10.53.0.3 echo_i "timing 'nsdname-wait-recurse yes' (default)" ret=0 t1=`$PERL -e 'print time()."\n";'` From bdf8194af8855b0c5199ca49f3296e1160069a88 Mon Sep 17 00:00:00 2001 From: Mark Andrews Date: Fri, 25 Sep 2020 17:42:41 +1000 Subject: [PATCH 2/2] Wait for 'rpz: policy: reload done' to signalled before proceeding. RPZ rules cannot be fully relied upon until the summary RPZ database is updated after an "rndc reload". Wait until the relevant message is logged after an "rndc reload" to prevent false positives in the "rpzrecurse" system test caused by the RPZ rules not yet being in effect by the time ns3 is queried. --- bin/tests/system/rpzrecurse/tests.sh | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/bin/tests/system/rpzrecurse/tests.sh b/bin/tests/system/rpzrecurse/tests.sh index ee79f3fe7c..320ee08314 100644 --- a/bin/tests/system/rpzrecurse/tests.sh +++ b/bin/tests/system/rpzrecurse/tests.sh @@ -513,7 +513,9 @@ for mode in native dnsrps; do $RNDC -c ../common/rndc.conf -s 10.53.0.3 -p ${CONTROLPORT} flush copy_setports ns3/named2.conf.in ns3/named.conf + nextpart ns3/named.run > /dev/null $RNDC -c ../common/rndc.conf -s 10.53.0.3 -p ${CONTROLPORT} reload > /dev/null + wait_for_log 20 "rpz: policy: reload done" ns3/named.run || ret=1 echo_i "timing 'nsip-wait-recurse no'" t3=`$PERL -e 'print time()."\n";'` @@ -529,7 +531,9 @@ for mode in native dnsrps; do $RNDC -c ../common/rndc.conf -s 10.53.0.3 -p ${CONTROLPORT} flush # restore original named.conf copy_setports ns3/named1.conf.in ns3/named.conf + nextpart ns3/named.run > /dev/null $RNDC -c ../common/rndc.conf -s 10.53.0.3 -p ${CONTROLPORT} reload > /dev/null + wait_for_log 20 "rpz: policy: reload done" ns3/named.run || ret=1 t=`expr $t + 1` echo_i "checking 'nsdname-wait-recurse no' is faster than 'nsdname-wait-recurse yes' ($t)" @@ -544,7 +548,9 @@ for mode in native dnsrps; do $RNDC -c ../common/rndc.conf -s 10.53.0.3 -p ${CONTROLPORT} flush copy_setports ns3/named3.conf.in ns3/named.conf + nextpart ns3/named.run > /dev/null $RNDC -c ../common/rndc.conf -s 10.53.0.3 -p ${CONTROLPORT} reload > /dev/null + wait_for_log 20 "rpz: policy: reload done" ns3/named.run || ret=1 echo_i "timing 'nsdname-wait-recurse no'" t3=`$PERL -e 'print time()."\n";'`