From 6bad06ea2eaddbb0c73af067f932e382347674f9 Mon Sep 17 00:00:00 2001
From: Aram Sargsyan <aram@isc.org>
Date: Thu, 6 Jun 2024 20:49:34 +0000
Subject: [PATCH] Update the chain test

Update the CNAME chain test to correspond to the changed behavior,
because now named returns SERVFAIL when hitting the maximum query
restarts limit (e.g. happening when following a long CNAME chain).

In the current test auth will hit the limit and return partial data
with a SERVFAIL code, while the resolver will return no data with
a SERVFAIL code after auth returns SERVFAIL to it.

(cherry picked from commit 7751c7eca6ad543106e2517e5e172ad30aeb6c76)
---
 bin/tests/system/chain/tests.sh | 14 ++++++++++++--
 1 file changed, 12 insertions(+), 2 deletions(-)

diff --git a/bin/tests/system/chain/tests.sh b/bin/tests/system/chain/tests.sh
index 4957fe769b..6330dafdc8 100644
--- a/bin/tests/system/chain/tests.sh
+++ b/bin/tests/system/chain/tests.sh
@@ -439,11 +439,21 @@ if [ $ret != 0 ]; then echo_i "failed"; fi
 status=$((status + ret))
 
 n=$((n + 1))
-echo_i "checking CNAME loops are detected ($n)"
+echo_i "checking CNAME loops are detected (resolver) ($n)"
 ret=0
 $RNDCCMD 10.53.0.7 null --- start test$n --- 2>&1 | sed 's/^/ns7 /' | cat_i
 $DIG $DIGOPTS @10.53.0.7 loop.example >dig.out.test$n
-grep "status: NOERROR" dig.out.test$n >/dev/null || ret=1
+grep "status: SERVFAIL" dig.out.test$n >/dev/null || ret=1
+grep "ANSWER: 0" dig.out.test$n >/dev/null || ret=1
+if [ $ret != 0 ]; then echo_i "failed"; fi
+status=$((status + ret))
+
+n=$((n + 1))
+echo_i "checking CNAME loops are detected (auth) ($n)"
+ret=0
+$DIG $DIGOPTS @10.53.0.2 loop.example >dig.out.test$n
+grep "status: SERVFAIL" dig.out.test$n >/dev/null || ret=1
+grep "max. restarts reached" dig.out.test$n >/dev/null || ret=1
 grep "ANSWER: 17" dig.out.test$n >/dev/null || ret=1
 if [ $ret != 0 ]; then echo_i "failed"; fi
 status=$((status + ret))