upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-03-11 10:40:56 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
bind9/bin/tests/system/mirror
History
Mark Andrews de519cd1c9 Don't leak the original QTYPE to parent zone 
When performing QNAME minimization, named now sends an NS
query for the original QNAME, to prevent the parent zone from
receiving the QTYPE.

For example, when looking up example.com/A, we now send NS queries
for both com and example.com before sending the A query to the
servers for example.com.  Previously, an A query for example.com
would have been sent to the servers for com.

Several system tests needed to be adjusted for the new query pattern:

- Some queries in the serve-stale test were sent to the wrong server.
- The synthfromdnssec test could fail due to timing issues; this
  has been addressed by adding a 1-second delay.
- The cookie test could fail due to the a change in the count of
  TSIG records received in the "check that missing COOKIE with a
  valid TSIG signed response does not trigger TCP fallback" test case.
- The GL #4652 regression test case in the chain system test depends
  on a particular query order, which no longer occurs when QNAME
  minimization is active. We now disable qname-minimization
  for that test.
2025-03-14 01:01:26 +00:00
..
ns1 change allow-transfer default to "none" 2024-06-05 10:50:06 -07:00
ns2 change allow-transfer default to "none" 2024-06-05 10:50:06 -07:00
ns3 Remove -U 4 from system tests 2023-12-01 14:03:35 +01:00
README Update the copyright information in all files in the repository 2022-01-11 09:05:02 +01:00
setup.sh Remove invocations and mentions of clean.sh 2024-11-08 10:54:24 +01:00
tests.sh Don't leak the original QTYPE to parent zone 2025-03-14 01:01:26 +00:00
tests_sh_mirror.py Replace clean.sh files with extra_artifacts mark 2024-11-08 10:54:24 +01:00

README 

<!--
Copyright (C) Internet Systems Consortium, Inc. ("ISC")

SPDX-License-Identifier: MPL-2.0

This Source Code Form is subject to the terms of the Mozilla Public
License, v. 2.0.  If a copy of the MPL was not distributed with this
file, you can obtain one at https://mozilla.org/MPL/2.0/.

See the COPYRIGHT file distributed with this work for additional
information regarding copyright ownership.
-->

This test checks whether zones configured with "type mirror;" behave as
expected.

ns1 is an authoritative-only server.  It only serves the root zone, which is
mirrored by ns3.

ns2 is an authoritative-only server.  It serves a number of zones, some of which
are delegated to it by ns1 and used in recursive resolution tests aimed at ns3
while others are only served so that ns3 has a primary server to mirror zones
from during various tests of the mirror zone implementation.

ns3 is a recursive resolver.  It has a number of mirror zones configured.  This
is the only server whose behavior is being examined by this system test.