system test for the ADB fetch loop detection

Add a system test which implement the scenario described in the previous
commit "relaxes fetch loop detection".

bin/tests/system/expiredglue/ns1/named.conf.j2

@@ -0,0 +1,39 @@
+/*
+ * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+ *
+ * SPDX-License-Identifier: MPL-2.0
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0.  If a copy of the MPL was not distributed with this
+ * file, you can obtain one at https://mozilla.org/MPL/2.0/.
+ *
+ * See the COPYRIGHT file distributed with this work for additional
+ * information regarding copyright ownership.
+ */
+
+options {
+	query-source address 10.53.0.1;
+	notify-source 10.53.0.1;
+	transfer-source 10.53.0.1;
+	port @PORT@;
+	pid-file "named.pid";
+	listen-on { 10.53.0.1; };
+	recursion no;
+	dnssec-validation no;
+};
+
+view "default" {
+	zone "." {
+		type primary;
+		file "root.db";
+	};
+};
+
+key rndc_key {
+	secret "1234abcd8765";
+	algorithm @DEFAULT_HMAC@;
+};
+
+controls {
+	inet 10.53.0.1 port @CONTROLPORT@ allow { any; } keys { rndc_key; };
+};

bin/tests/system/expiredglue/ns1/root.db

@@ -0,0 +1,24 @@
+; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+;
+; SPDX-License-Identifier: MPL-2.0
+;
+; This Source Code Form is subject to the terms of the Mozilla Public
+; License, v. 2.0.  If a copy of the MPL was not distributed with this
+; file, you can obtain one at https://mozilla.org/MPL/2.0/.
+;
+; See the COPYRIGHT file distributed with this work for additional
+; information regarding copyright ownership.
+
+$TTL 300
+. 			IN SOA	marka.isc.org. a.root.servers.nil. (
+				2010   	; serial
+				600         	; refresh
+				600         	; retry
+				1200    	; expire
+				600       	; minimum
+				)
+.			NS	a.root-servers.nil.
+a.root-servers.nil.	A	10.53.0.1
+
+tld.	 		NS	ns.tld.
+ns.tld. 		A 	10.53.0.2

bin/tests/system/expiredglue/ns2/named.conf.j2

@@ -0,0 +1,37 @@
+/*
+ * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+ *
+ * SPDX-License-Identifier: MPL-2.0
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0.  If a copy of the MPL was not distributed with this
+ * file, you can obtain one at https://mozilla.org/MPL/2.0/.
+ *
+ * See the COPYRIGHT file distributed with this work for additional
+ * information regarding copyright ownership.
+ */
+
+options {
+	query-source address 10.53.0.2;
+	notify-source 10.53.0.2;
+	transfer-source 10.53.0.2;
+	port @PORT@;
+	pid-file "named.pid";
+	listen-on { 10.53.0.2; };
+	recursion no;
+	dnssec-validation no;
+};
+
+zone "tld." {
+	type primary;
+	file "tld.db";
+};
+
+key rndc_key {
+	secret "1234abcd8765";
+	algorithm @DEFAULT_HMAC@;
+};
+
+controls {
+	inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; };
+};

bin/tests/system/expiredglue/ns2/tld.db

@@ -0,0 +1,28 @@
+; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+;
+; SPDX-License-Identifier: MPL-2.0
+;
+; This Source Code Form is subject to the terms of the Mozilla Public
+; License, v. 2.0.  If a copy of the MPL was not distributed with this
+; file, you can obtain one at https://mozilla.org/MPL/2.0/.
+;
+; See the COPYRIGHT file distributed with this work for additional
+; information regarding copyright ownership.
+
+$TTL 300
+tld. 			IN SOA	marka.isc.org. ns.tld. (
+				2010   	; serial
+				600         	; refresh
+				600         	; retry
+				1200    	; expire
+				600       	; minimum
+				)
+tld.			NS	ns.tld.
+ns.tld. 		A 	10.53.0.2
+
+example.tld.		NS	ns.dnshoster.tld.
+missing.tld.		NS	ns.missing.tld.
+dnshoster.tld.		NS	ns.dnshoster.tld.
+
+; Delegation's glue has a TTL of 300 on parent-side
+ns.dnshoster.tld.	A	10.53.0.3

bin/tests/system/expiredglue/ns3/dnshoster.tld.db

@@ -0,0 +1,24 @@
+; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+;
+; SPDX-License-Identifier: MPL-2.0
+;
+; This Source Code Form is subject to the terms of the Mozilla Public
+; License, v. 2.0.  If a copy of the MPL was not distributed with this
+; file, you can obtain one at https://mozilla.org/MPL/2.0/.
+;
+; See the COPYRIGHT file distributed with this work for additional
+; information regarding copyright ownership.
+
+$TTL 300
+dnshoster.tld.		IN SOA	marka.isc.org. ns.dnshoster.tld. (
+				2010   	; serial
+				600         	; refresh
+				600         	; retry
+				1200    	; expire
+				600       	; minimum
+				)
+
+; The TTL of the delegation's glue child-side is 2 seconds.
+dnshoster.tld.			NS	ns.dnshoster.tld.
+ns.dnshoster.tld.	2	A 	10.53.0.3
+a.dnshoster.tld.	2	A	10.53.0.10

bin/tests/system/expiredglue/ns3/example.tld.db

@@ -0,0 +1,22 @@
+; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+;
+; SPDX-License-Identifier: MPL-2.0
+;
+; This Source Code Form is subject to the terms of the Mozilla Public
+; License, v. 2.0.  If a copy of the MPL was not distributed with this
+; file, you can obtain one at https://mozilla.org/MPL/2.0/.
+;
+; See the COPYRIGHT file distributed with this work for additional
+; information regarding copyright ownership.
+
+$TTL 300
+example.tld.		IN SOA	marka.isc.org. ns.dnshoster.tld. (
+				2010   	; serial
+				600         	; refresh
+				600         	; retry
+				1200    	; expire
+				600       	; minimum
+				)
+
+example.tld.			NS	ns.dnshoster.tld.
+a.example.tld.		2	A 	10.53.0.10

bin/tests/system/expiredglue/ns3/named.conf.j2

@@ -0,0 +1,42 @@
+/*
+ * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+ *
+ * SPDX-License-Identifier: MPL-2.0
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0.  If a copy of the MPL was not distributed with this
+ * file, you can obtain one at https://mozilla.org/MPL/2.0/.
+ *
+ * See the COPYRIGHT file distributed with this work for additional
+ * information regarding copyright ownership.
+ */
+
+options {
+	query-source address 10.53.0.3;
+	notify-source 10.53.0.3;
+	transfer-source 10.53.0.3;
+	port @PORT@;
+	pid-file "named.pid";
+	listen-on { 10.53.0.3; };
+	recursion no;
+	dnssec-validation no;
+};
+
+zone "dnshoster.tld." {
+	type primary;
+	file "dnshoster.tld.db";
+};
+
+zone "example.tld." {
+	type primary;
+	file "example.tld.db";
+};
+
+key rndc_key {
+	secret "1234abcd8765";
+	algorithm @DEFAULT_HMAC@;
+};
+
+controls {
+	inet 10.53.0.3 port @CONTROLPORT@ allow { any; } keys { rndc_key; };
+};

bin/tests/system/expiredglue/ns4/named.args

@@ -0,0 +1 @@
+-D expiredglue-ns4 -m record -c named.conf -d 99 -g -4 -T adbentrywindow=0 -T adbcachemin=1 -T maxcachesize=2097152

bin/tests/system/expiredglue/ns4/named.conf.j2

@@ -0,0 +1,37 @@
+/*
+ * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+ *
+ * SPDX-License-Identifier: MPL-2.0
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0.  If a copy of the MPL was not distributed with this
+ * file, you can obtain one at https://mozilla.org/MPL/2.0/.
+ *
+ * See the COPYRIGHT file distributed with this work for additional
+ * information regarding copyright ownership.
+ */
+
+options {
+	query-source address 10.53.0.4;
+	notify-source 10.53.0.4;
+	transfer-source 10.53.0.4;
+	port @PORT@;
+	pid-file "named.pid";
+	listen-on { 10.53.0.4; };
+	recursion yes;
+	dnssec-validation no;
+};
+
+zone "." {
+	type hint;
+	file "root.hint";
+};
+
+key rndc_key {
+	secret "1234abcd8765";
+	algorithm @DEFAULT_HMAC@;
+};
+
+controls {
+	inet 10.53.0.4 port @CONTROLPORT@ allow { any; } keys { rndc_key; };
+};

bin/tests/system/expiredglue/ns4/root.hint

@@ -0,0 +1,14 @@
+; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+;
+; SPDX-License-Identifier: MPL-2.0
+;
+; This Source Code Form is subject to the terms of the Mozilla Public
+; License, v. 2.0.  If a copy of the MPL was not distributed with this
+; file, you can obtain one at https://mozilla.org/MPL/2.0/.
+;
+; See the COPYRIGHT file distributed with this work for additional
+; information regarding copyright ownership.
+
+$TTL 999999
+.			 IN NS		a.root-servers.nil.
+a.root-servers.nil.	 IN A		10.53.0.1

bin/tests/system/expiredglue/tests_expiredglue.py

@@ -0,0 +1,55 @@
+# Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+#
+# SPDX-License-Identifier: MPL-2.0
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0.  If a copy of the MPL was not distributed with this
+# file, you can obtain one at https://mozilla.org/MPL/2.0/.
+#
+# See the COPYRIGHT file distributed with this work for additional
+# information regarding copyright ownership.
+
+import time
+
+import isctest
+
+
+def test_expiredglue(ns4):
+    msg1 = isctest.query.create("a.example.tld.", "A")
+    res1 = isctest.query.udp(msg1, ns4.ip)
+    isctest.check.noerror(res1)
+    isctest.check.rr_count_eq(res1.answer, 1)
+
+    msg2 = isctest.query.create("a.dnshoster.tld.", "A")
+    res2 = isctest.query.udp(msg2, ns4.ip)
+    isctest.check.rr_count_eq(res2.answer, 1)
+
+    msg3 = isctest.query.create("ns.dnshoster.tld.", "A")
+    res3 = isctest.query.udp(msg3, ns4.ip)
+    isctest.check.rr_count_eq(res3.answer, 1)
+
+    time.sleep(3)
+
+    # Even if the glue is expired but the delegation is not, named
+    # is able to "recover" by looking up the hints again and does
+    # not bails out with a fetch loop detection.
+    res1_2 = isctest.query.udp(msg1, ns4.ip)
+    isctest.check.same_data(res1_2, res1)
+
+    time.sleep(3)
+    res2_2 = isctest.query.udp(msg2, ns4.ip)
+    isctest.check.same_data(res2_2, res2)
+
+    time.sleep(3)
+    res3_2 = isctest.query.udp(msg3, ns4.ip)
+    isctest.check.same_data(res3_2, res3)
+
+
+def test_loopdetected(ns4):
+    msg = isctest.query.create("a.missing.tld.", "A")
+    with ns4.watch_log_from_here() as watcher:
+        res = isctest.query.udp(msg, ns4.ip)
+
+        # However, this is a valid fetch loop, and named detects it.
+        watcher.wait_for_line("loop detected resolving 'ns.missing.tld/A'")
+        isctest.check.servfail(res)