upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-05-28 04:34:54 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge branch 'each-remove-resolve' into 'main'

Browse source 
remove 'resolve' test binary

See merge request isc-projects/bind9!6733
This commit is contained in:
Evan Hunt 2022-09-14 17:20:52 +00:00
commit 491ead7820
6 changed files with 2 additions and 630 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
CHANGES
View file

@ -1,3 +1,5 @@
5968. [cleanup] Remove 'resolve' binary from tests. [GL !6733]
5967. [cleanup] Flagged the obsolete "random-device" option as
ancient; it is now an error to configure it. [GL #3399]

9
bin/tests/system/Makefile.am
View file

@ -23,7 +23,6 @@ check_PROGRAMS = \
feature-test \
makejournal \
pipelined/pipequeries \
resolve \
rndc/gencheck \
rpz/dnsrps \
tkey/keycreate \
@ -49,14 +48,6 @@ pipelined_pipequeries_LDADD = \
$(LDADD) \
$(LIBDNS_LIBS)
resolve_CPPFLAGS = \
$(AM_CPPFLAGS) \
$(LIBISC_CFLAGS) \
$(LIBDNS_CFLAGS) \
$(LIBIRS_CFLAGS)
resolve_LDADD = $(LIBISC_LIBS) $(LIBIRS_LIBS) $(LIBDNS_LIBS)
tkey_keycreate_CPPFLAGS = \
$(AM_CPPFLAGS) \
$(LIBDNS_CFLAGS)

1
bin/tests/system/conf.sh.common
View file

@ -754,7 +754,6 @@ export NZD2NZF
export PERL
export PIPEQUERIES
export PYTHON
export RESOLVE
export RNDC
export RRCHECKER
export SIGNER

1
bin/tests/system/conf.sh.in
View file

@ -47,7 +47,6 @@ NSEC3HASH=$TOP_BUILDDIR/bin/tools/nsec3hash
NSLOOKUP=$TOP_BUILDDIR/bin/dig/nslookup
NSUPDATE=$TOP_BUILDDIR/bin/nsupdate/nsupdate
NZD2NZF=$TOP_BUILDDIR/bin/tools/named-nzd2nzf
RESOLVE=$TOP_BUILDDIR/bin/tests/system/resolve
REVOKE=$TOP_BUILDDIR/bin/dnssec/dnssec-revoke
RNDC=$TOP_BUILDDIR/bin/rndc/rndc
RNDCCONFGEN=$TOP_BUILDDIR/bin/confgen/rndc-confgen

494
bin/tests/system/resolve.c
View file

@ -1,494 +0,0 @@
/*
* Copyright (C) Internet Systems Consortium, Inc. ("ISC")
*
* SPDX-License-Identifier: MPL-2.0
*
* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, you can obtain one at https://mozilla.org/MPL/2.0/.
*
* See the COPYRIGHT file distributed with this work for additional
* information regarding copyright ownership.
*/
#include <arpa/inet.h>
#include <netdb.h>
#include <netinet/in.h>
#include <stdbool.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/socket.h>
#include <sys/types.h>
#include <unistd.h>
#include <isc/attributes.h>
#include <isc/base64.h>
#include <isc/buffer.h>
#include <isc/commandline.h>
#include <isc/loop.h>
#include <isc/managers.h>
#include <isc/mem.h>
#include <isc/netmgr.h>
#include <isc/print.h>
#include <isc/result.h>
#include <isc/sockaddr.h>
#include <isc/task.h>
#include <isc/timer.h>
#include <isc/util.h>
#include <dns/client.h>
#include <dns/fixedname.h>
#include <dns/keyvalues.h>
#include <dns/name.h>
#include <dns/rdata.h>
#include <dns/rdataset.h>
#include <dns/rdatastruct.h>
#include <dns/rdatatype.h>
#include <dns/secalg.h>
#include <dst/dst.h>
#include <irs/resconf.h>
/*
* Global contexts
*/
isc_mem_t *ctxs_mctx = NULL;
isc_loopmgr_t *ctxs_loopmgr = NULL;
isc_nm_t *ctxs_netmgr = NULL;
isc_taskmgr_t *ctxs_taskmgr = NULL;
static char *algname = NULL;
static isc_result_t
printdata(dns_rdataset_t *rdataset, dns_name_t *owner) {
isc_buffer_t target;
isc_result_t result;
isc_region_t r;
char t[4096];
if (!dns_rdataset_isassociated(rdataset)) {
printf("[WARN: empty]\n");
return (ISC_R_SUCCESS);
}
isc_buffer_init(&target, t, sizeof(t));
result = dns_rdataset_totext(rdataset, owner, false, false, &target);
if (result != ISC_R_SUCCESS) {
return (result);
}
isc_buffer_usedregion(&target, &r);
printf("%.*s", (int)r.length, (char *)r.base);
return (ISC_R_SUCCESS);
}
noreturn static void
usage(void);
static void
usage(void) {
fprintf(stderr, "resolve [-t RRtype] "
"[[-a algorithm] [-e] -k keyname -K keystring] "
"[-S domain:serveraddr_for_domain ] [-s server_address]"
"[-b address[#port]] hostname\n");
exit(1);
}
static void
set_key(dns_client_t *client, char *keynamestr, char *keystr, bool is_sep) {
isc_result_t result;
dns_fixedname_t fkeyname;
unsigned int namelen;
dns_name_t *keyname;
dns_rdata_dnskey_t keystruct;
unsigned char keydata[4096];
isc_buffer_t keydatabuf;
unsigned char rrdata[4096];
isc_buffer_t rrdatabuf;
isc_buffer_t b;
isc_textregion_t tr;
isc_region_t r;
dns_secalg_t alg;
if (algname != NULL) {
tr.base = algname;
tr.length = strlen(algname);
result = dns_secalg_fromtext(&alg, &tr);
if (result != ISC_R_SUCCESS) {
fprintf(stderr, "failed to identify the algorithm\n");
exit(1);
}
} else {
alg = DNS_KEYALG_RSASHA1;
}
keystruct.common.rdclass = dns_rdataclass_in;
keystruct.common.rdtype = dns_rdatatype_dnskey;
keystruct.flags = DNS_KEYOWNER_ZONE; /* fixed */
if (is_sep) {
keystruct.flags |= DNS_KEYFLAG_KSK;
}
keystruct.protocol = DNS_KEYPROTO_DNSSEC; /* fixed */
keystruct.algorithm = alg;
isc_buffer_init(&keydatabuf, keydata, sizeof(keydata));
isc_buffer_init(&rrdatabuf, rrdata, sizeof(rrdata));
result = isc_base64_decodestring(keystr, &keydatabuf);
if (result != ISC_R_SUCCESS) {
fprintf(stderr, "base64 decode failed\n");
exit(1);
}
isc_buffer_usedregion(&keydatabuf, &r);
keystruct.datalen = r.length;
keystruct.data = r.base;
result = dns_rdata_fromstruct(NULL, keystruct.common.rdclass,
keystruct.common.rdtype, &keystruct,
&rrdatabuf);
if (result != ISC_R_SUCCESS) {
fprintf(stderr, "failed to construct key rdata\n");
exit(1);
}
namelen = strlen(keynamestr);
isc_buffer_init(&b, keynamestr, namelen);
isc_buffer_add(&b, namelen);
keyname = dns_fixedname_initname(&fkeyname);
result = dns_name_fromtext(keyname, &b, dns_rootname, 0, NULL);
if (result != ISC_R_SUCCESS) {
fprintf(stderr, "failed to construct key name\n");
exit(1);
}
result = dns_client_addtrustedkey(client, dns_rdataclass_in,
dns_rdatatype_dnskey, keyname,
&rrdatabuf);
if (result != ISC_R_SUCCESS) {
fprintf(stderr, "failed to add key for %s\n", keynamestr);
exit(1);
}
}
static void
addserver(dns_client_t *client, const char *addrstr, const char *port,
const char *name_space) {
struct addrinfo hints, *res;
int gaierror;
isc_sockaddr_t sa;
isc_sockaddrlist_t servers;
isc_result_t result;
isc_buffer_t b;
dns_fixedname_t fname;
dns_name_t *name = NULL;
memset(&hints, 0, sizeof(hints));
hints.ai_family = AF_UNSPEC;
hints.ai_socktype = SOCK_DGRAM;
hints.ai_protocol = IPPROTO_UDP;
hints.ai_flags = AI_NUMERICHOST;
gaierror = getaddrinfo(addrstr, port, &hints, &res);
if (gaierror != 0) {
fprintf(stderr, "getaddrinfo failed: %s\n",
gai_strerror(gaierror));
exit(1);
}
INSIST(res->ai_addrlen <= sizeof(sa.type));
memmove(&sa.type, res->ai_addr, res->ai_addrlen);
sa.length = (unsigned int)res->ai_addrlen;
freeaddrinfo(res);
ISC_LINK_INIT(&sa, link);
ISC_LIST_INIT(servers);
ISC_LIST_APPEND(servers, &sa, link);
if (name_space != NULL) {
unsigned int namelen = strlen(name_space);
isc_buffer_constinit(&b, name_space, namelen);
isc_buffer_add(&b, namelen);
name = dns_fixedname_initname(&fname);
result = dns_name_fromtext(name, &b, dns_rootname, 0, NULL);
if (result != ISC_R_SUCCESS) {
fprintf(stderr, "failed to convert qname: %u\n",
(unsigned int)result);
exit(1);
}
}
result = dns_client_setservers(client, dns_rdataclass_in, name,
&servers);
if (result != ISC_R_SUCCESS) {
fprintf(stderr, "set server failed: %u\n",
(unsigned int)result);
exit(1);
}
}
static dns_name_t *qname = NULL;
static unsigned int resopt = 0;
static dns_rdatatype_t type = dns_rdatatype_a;
static void
resolve_cb(dns_client_t *client, const dns_name_t *query_name,
dns_namelist_t *namelist, isc_result_t result) {
UNUSED(query_name);
if (result != ISC_R_SUCCESS) {
fprintf(stderr, "resolution failed: %s\n",
isc_result_totext(result));
goto cleanup;
}
for (dns_name_t *name = ISC_LIST_HEAD(*namelist); name != NULL;
name = ISC_LIST_NEXT(name, link))
{
for (dns_rdataset_t *rdataset = ISC_LIST_HEAD(name->list);
rdataset != NULL; rdataset = ISC_LIST_NEXT(rdataset, link))
{
if (printdata(rdataset, name) != ISC_R_SUCCESS) {
fprintf(stderr, "print data failed\n");
}
}
}
cleanup:
dns_client_freeresanswer(client, namelist);
dns_client_detach(&client);
isc_mem_put(ctxs_mctx, namelist, sizeof(*namelist));
isc_loopmgr_shutdown(ctxs_loopmgr);
}
static void
resolve(void *arg) {
dns_client_t *client = (void *)arg;
dns_namelist_t *namelist = isc_mem_get(ctxs_mctx, sizeof(*namelist));
isc_result_t result;
ISC_LIST_INIT(*namelist);
result = dns_client_resolve(client, qname, dns_rdataclass_in, type,
resopt, namelist, resolve_cb);
if (result != ISC_R_SUCCESS) {
fprintf(stderr, "resolution failed: %s\n",
isc_result_totext(result));
isc_mem_put(ctxs_mctx, namelist, sizeof(*namelist));
isc_loopmgr_shutdown(ctxs_loopmgr);
}
}
int
main(int argc, char *argv[]) {
int ch;
isc_textregion_t tr;
char *server = NULL;
char *altserver = NULL;
char *altserveraddr = NULL;
char *altservername = NULL;
dns_client_t *client = NULL;
char *keynamestr = NULL;
char *keystr = NULL;
isc_result_t result;
isc_buffer_t b;
dns_fixedname_t qname0;
unsigned int namelen;
unsigned int clientopt;
bool is_sep = false;
const char *port = "53";
struct in_addr in4;
struct in6_addr in6;
isc_sockaddr_t a4, a6;
isc_sockaddr_t *addr4 = NULL, *addr6 = NULL;
while ((ch = isc_commandline_parse(argc, argv, "a:b:es:t:k:K:p:S:")) !=
-1) {
switch (ch) {
case 't':
tr.base = isc_commandline_argument;
tr.length = strlen(isc_commandline_argument);
result = dns_rdatatype_fromtext(&type, &tr);
if (result != ISC_R_SUCCESS) {
fprintf(stderr, "invalid RRtype: %s\n",
isc_commandline_argument);
exit(1);
}
break;
case 'a':
algname = isc_commandline_argument;
break;
case 'b':
if (inet_pton(AF_INET, isc_commandline_argument,
&in4) == 1) {
if (addr4 != NULL) {
fprintf(stderr, "only one local "
"address per family "
"can be specified\n");
exit(1);
}
isc_sockaddr_fromin(&a4, &in4, 0);
addr4 = &a4;
} else if (inet_pton(AF_INET6, isc_commandline_argument,
&in6) == 1) {
if (addr6 != NULL) {
fprintf(stderr, "only one local "
"address per family "
"can be specified\n");
exit(1);
}
isc_sockaddr_fromin6(&a6, &in6, 0);
addr6 = &a6;
} else {
fprintf(stderr, "invalid address %s\n",
isc_commandline_argument);
exit(1);
}
break;
case 'e':
is_sep = true;
break;
case 'S':
if (altserver != NULL) {
fprintf(stderr,
"alternate server "
"already defined: %s\n",
altserver);
exit(1);
}
altserver = isc_commandline_argument;
break;
case 's':
if (server != NULL) {
fprintf(stderr,
"server "
"already defined: %s\n",
server);
exit(1);
}
server = isc_commandline_argument;
break;
case 'k':
keynamestr = isc_commandline_argument;
break;
case 'K':
keystr = isc_commandline_argument;
break;
case 'p':
port = isc_commandline_argument;
break;
default:
usage();
}
}
argc -= isc_commandline_index;
argv += isc_commandline_index;
if (argc < 1) {
usage();
}
if (altserver != NULL) {
char *cp;
cp = strchr(altserver, ':');
if (cp == NULL) {
fprintf(stderr, "invalid alternate server: %s\n",
altserver);
exit(1);
}
*cp = '\0';
altservername = altserver;
altserveraddr = cp + 1;
}
isc_managers_create(&ctxs_mctx, 1, &ctxs_loopmgr, &ctxs_netmgr,
&ctxs_taskmgr);
result = dst_lib_init(ctxs_mctx, NULL);
if (result != ISC_R_SUCCESS) {
fprintf(stderr, "dst_lib_init failed: %u\n",
(unsigned int)result);
exit(1);
}
clientopt = 0;
result = dns_client_create(ctxs_mctx, ctxs_loopmgr, ctxs_taskmgr,
ctxs_netmgr, clientopt, &client, addr4,
addr6);
if (result != ISC_R_SUCCESS) {
fprintf(stderr, "dns_client_create failed: %u, %s\n",
(unsigned int)result, isc_result_totext(result));
exit(1);
}
/* Set the nameserver */
if (server == NULL) {
irs_resconf_t *resconf = NULL;
isc_sockaddrlist_t *nameservers;
result = irs_resconf_load(ctxs_mctx, "/etc/resolv.conf",
&resconf);
if (result != ISC_R_SUCCESS && result != ISC_R_FILENOTFOUND) {
fprintf(stderr, "irs_resconf_load failed: %u\n",
(unsigned int)result);
exit(1);
}
nameservers = irs_resconf_getnameservers(resconf);
result = dns_client_setservers(client, dns_rdataclass_in, NULL,
nameservers);
if (result != ISC_R_SUCCESS) {
irs_resconf_destroy(&resconf);
fprintf(stderr, "dns_client_setservers failed: %u\n",
(unsigned int)result);
exit(1);
}
irs_resconf_destroy(&resconf);
} else {
addserver(client, server, port, NULL);
}
/* Set the alternate nameserver (when specified) */
if (altserver != NULL) {
addserver(client, altserveraddr, port, altservername);
}
/* Install DNSSEC key (if given) */
if (keynamestr != NULL) {
if (keystr == NULL) {
fprintf(stderr, "key string is missing "
"while key name is provided\n");
exit(1);
}
set_key(client, keynamestr, keystr, is_sep);
}
/* Construct qname */
namelen = strlen(argv[0]);
isc_buffer_init(&b, argv[0], namelen);
isc_buffer_add(&b, namelen);
qname = dns_fixedname_initname(&qname0);
result = dns_name_fromtext(qname, &b, dns_rootname, 0, NULL);
if (result != ISC_R_SUCCESS) {
fprintf(stderr, "failed to convert qname: %u\n",
(unsigned int)result);
exit(1);
}
/* Perform resolution */
if (keynamestr == NULL) {
resopt |= DNS_CLIENTRESOPT_NODNSSEC;
}
isc_loopmgr_setup(ctxs_loopmgr, resolve, client);
isc_loopmgr_run(ctxs_loopmgr);
dst_lib_destroy();
isc_managers_destroy(&ctxs_mctx, &ctxs_loopmgr, &ctxs_netmgr,
&ctxs_taskmgr);
return (0);
}

125
bin/tests/system/resolver/tests.sh
View file

@ -18,10 +18,6 @@ dig_with_opts() {
"${DIG}" -p "${PORT}" "${@}"
}
resolve_with_opts() {
"${RESOLVE}" -p "${PORT}" "${@}"
}
rndccmd() {
"${RNDC}" -c ../common/rndc.conf -p "${CONTROLPORT}" -s "${@}"
}
@ -37,34 +33,6 @@ grep "status: NXDOMAIN" dig.out.ns1.test${n} > /dev/null || ret=1
if [ $ret != 0 ]; then echo_i "failed"; fi
status=$((status + ret))
if [ -x ${RESOLVE} ] ; then
n=$((n+1))
echo_i "checking non-cachable NXDOMAIN response handling using dns_client ($n)"
ret=0
resolve_with_opts -t a -s 10.53.0.1 nxdomain.example.net 2> resolve.out.ns1.test${n} || ret=1
grep "resolution failed: ncache nxdomain" resolve.out.ns1.test${n} > /dev/null || ret=1
if [ $ret != 0 ]; then echo_i "failed"; fi
status=$((status + ret))
fi
if [ -x ${RESOLVE} ] ; then
n=$((n+1))
echo_i "checking that local bound address can be set (Can't query from a denied address) ($n)"
ret=0
resolve_with_opts -b 10.53.0.8 -t a -s 10.53.0.1 www.example.org 2> resolve.out.ns1.test${n} || ret=1
grep "resolution failed: SERVFAIL" resolve.out.ns1.test${n} > /dev/null || ret=1
if [ $ret != 0 ]; then echo_i "failed"; fi
status=$((status + ret))
n=$((n+1))
echo_i "checking that local bound address can be set (Can query from an allowed address) ($n)"
ret=0
resolve_with_opts -b 10.53.0.1 -t a -s 10.53.0.1 www.example.org > resolve.out.ns1.test${n} || ret=1
grep "www.example.org..*.192.0.2.1" resolve.out.ns1.test${n} > /dev/null || ret=1
if [ $ret != 0 ]; then echo_i "failed"; fi
status=$((status + ret))
fi
n=$((n+1))
echo_i "checking non-cachable NODATA response handling ($n)"
ret=0
@ -73,31 +41,11 @@ grep "status: NOERROR" dig.out.ns1.test${n} > /dev/null || ret=1
if [ $ret != 0 ]; then echo_i "failed"; fi
status=$((status + ret))
if [ -x ${RESOLVE} ] ; then
n=$((n+1))
echo_i "checking non-cachable NODATA response handling using dns_client ($n)"
ret=0
resolve_with_opts -t a -s 10.53.0.1 nodata.example.net 2> resolve.out.ns1.test${n} || ret=1
grep "resolution failed: ncache nxrrset" resolve.out.ns1.test${n} > /dev/null || ret=1
if [ $ret != 0 ]; then echo_i "failed"; fi
status=$((status + ret))
fi
n=$((n+1))
echo_i "checking handling of bogus referrals ($n)"
# If the server has the "INSIST(!external)" bug, this query will kill it.
dig_with_opts +tcp www.example.com. a @10.53.0.1 >/dev/null || { echo_i "failed"; status=$((status + 1)); }
if [ -x ${RESOLVE} ] ; then
n=$((n+1))
echo_i "checking handling of bogus referrals using dns_client ($n)"
ret=0
resolve_with_opts -t a -s 10.53.0.1 www.example.com 2> resolve.out.ns1.test${n} || ret=1
grep "resolution failed: SERVFAIL" resolve.out.ns1.test${n} > /dev/null || ret=1
if [ $ret != 0 ]; then echo_i "failed"; fi
status=$((status + ret))
fi
n=$((n+1))
echo_i "check handling of cname + other data / 1 ($n)"
dig_with_opts +tcp cname1.example.com. a @10.53.0.1 >/dev/null || { echo_i "failed"; status=$((status + 1)); }
@ -134,17 +82,6 @@ grep "status: NOERROR" dig.out.ns1.test${n} > /dev/null || ret=1
if [ $ret != 0 ]; then echo_i "failed"; fi
status=$((status + ret))
if [ -x ${RESOLVE} ] ; then
n=$((n+1))
echo_i "checking answer IPv4 address filtering using dns_client (accept) ($n)"
ret=0
resolve_with_opts -t a -s 10.53.0.1 www.example.org > resolve.out.ns1.test${n} || ret=1
grep "www.example.org..*.192.0.2.1" resolve.out.ns1.test${n} > /dev/null || ret=1
if [ $ret != 0 ]; then echo_i "failed"; fi
status=$((status + ret))
fi
n=$((n+1))
echo_i "checking answer IPv6 address filtering (accept) ($n)"
ret=0
@ -153,16 +90,6 @@ grep "status: NOERROR" dig.out.ns1.test${n} > /dev/null || ret=1
if [ $ret != 0 ]; then echo_i "failed"; fi
status=$((status + ret))
if [ -x ${RESOLVE} ] ; then
n=$((n+1))
echo_i "checking answer IPv6 address filtering using dns_client (accept) ($n)"
ret=0
resolve_with_opts -t aaaa -s 10.53.0.1 www.example.org > resolve.out.ns1.test${n} || ret=1
grep "www.example.org..*.2001:db8:beef::1" resolve.out.ns1.test${n} > /dev/null || ret=1
if [ $ret != 0 ]; then echo_i "failed"; fi
status=$((status + ret))
fi
n=$((n+1))
echo_i "checking CNAME target filtering (deny) ($n)"
ret=0
@ -179,36 +106,6 @@ grep "status: NOERROR" dig.out.ns1.test${n} > /dev/null || ret=1
if [ $ret != 0 ]; then echo_i "failed"; fi
status=$((status + ret))
if [ -x ${RESOLVE} ] ; then
n=$((n+1))
echo_i "checking CNAME target filtering using dns_client (accept) ($n)"
ret=0
resolve_with_opts -t a -s 10.53.0.1 goodcname.example.net > resolve.out.ns1.test${n} || ret=1
grep "goodcname.example.net..*.goodcname.example.org." resolve.out.ns1.test${n} > /dev/null || ret=1
grep "goodcname.example.org..*.192.0.2.1" resolve.out.ns1.test${n} > /dev/null || ret=1
if [ $ret != 0 ]; then echo_i "failed"; fi
status=$((status + ret))
fi
n=$((n+1))
echo_i "checking CNAME target filtering (accept due to subdomain) ($n)"
ret=0
dig_with_opts +tcp cname.sub.example.org @10.53.0.1 a > dig.out.ns1.test${n} || ret=1
grep "status: NOERROR" dig.out.ns1.test${n} > /dev/null || ret=1
if [ $ret != 0 ]; then echo_i "failed"; fi
status=$((status + ret))
if [ -x ${RESOLVE} ] ; then
n=$((n+1))
echo_i "checking CNAME target filtering using dns_client (accept due to subdomain) ($n)"
ret=0
resolve_with_opts -t a -s 10.53.0.1 cname.sub.example.org > resolve.out.ns1.test${n} || ret=1
grep "cname.sub.example.org..*.ok.sub.example.org." resolve.out.ns1.test${n} > /dev/null || ret=1
grep "ok.sub.example.org..*.192.0.2.1" resolve.out.ns1.test${n} > /dev/null || ret=1
if [ $ret != 0 ]; then echo_i "failed"; fi
status=$((status + ret))
fi
n=$((n+1))
echo_i "checking DNAME target filtering (deny) ($n)"
ret=0
@ -226,17 +123,6 @@ grep "status: NOERROR" dig.out.ns1.test${n} > /dev/null || ret=1
if [ $ret != 0 ]; then echo_i "failed"; fi
status=$((status + ret))
if [ -x ${RESOLVE} ] ; then
n=$((n+1))
echo_i "checking DNAME target filtering using dns_client (accept) ($n)"
ret=0
resolve_with_opts -t a -s 10.53.0.1 foo.gooddname.example.net > resolve.out.ns1.test${n} || ret=1
grep "foo.gooddname.example.net..*.gooddname.example.org" resolve.out.ns1.test${n} > /dev/null || ret=1
grep "foo.gooddname.example.org..*.192.0.2.1" resolve.out.ns1.test${n} > /dev/null || ret=1
if [ $ret != 0 ]; then echo_i "failed"; fi
status=$((status + ret))
fi
n=$((n+1))
echo_i "checking DNAME target filtering (accept due to subdomain) ($n)"
ret=0
@ -245,17 +131,6 @@ grep "status: NOERROR" dig.out.ns1.test${n} > /dev/null || ret=1
if [ $ret != 0 ]; then echo_i "failed"; fi
status=$((status + ret))
if [ -x ${RESOLVE} ] ; then
n=$((n+1))
echo_i "checking DNAME target filtering using dns_client (accept due to subdomain) ($n)"
ret=0
resolve_with_opts -t a -s 10.53.0.1 www.dname.sub.example.org > resolve.out.ns1.test${n} || ret=1
grep "www.dname.sub.example.org..*.ok.sub.example.org." resolve.out.ns1.test${n} > /dev/null || ret=1
grep "www.ok.sub.example.org..*.192.0.2.1" resolve.out.ns1.test${n} > /dev/null || ret=1
if [ $ret != 0 ]; then echo_i "failed"; fi
status=$((status + ret))
fi
n=$((n+1))
echo_i "check that the resolver accepts a referral response with a non-empty ANSWER section ($n)"
ret=0