Test case for issue #4355

Add a test case where serve-stale is enabled on a server that also servers a local authoritative zone. The particular case tests a lame delegation and checks if falling back to serving stale data does not attempt to retrieve the query by recursing from the root down. (cherry picked from commit e196ba6168)
2026-06-14 00:20:00 -04:00 · 2023-10-23 13:52:12 +02:00 · 2023-10-23 13:52:12 +02:00 · 784b096098
commit 784b096098
parent 15f664171d
8 changed files with 184 additions and 1 deletions
--- a/bin/tests/system/serve-stale/ns1/root.db
+++ b/bin/tests/system/serve-stale/ns1/root.db
@ -16,3 +16,5 @@ example.	300	NS	ns.example.
 ns.example.	300	A	10.53.0.2
 slow.		300	NS	ns.slow.
 ns.slow.	300	A	10.53.0.2
+stale.		300	NS	ns.stale.
+ns.stale.	300	A	10.53.0.6
--- a/bin/tests/system/serve-stale/ns3/named.conf.in
+++ b/bin/tests/system/serve-stale/ns3/named.conf.in
@ -0,0 +1,51 @@
+/*
+ * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+ *
+ * SPDX-License-Identifier: MPL-2.0
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0.  If a copy of the MPL was not distributed with this
+ * file, you can obtain one at https://mozilla.org/MPL/2.0/.
+ *
+ * See the COPYRIGHT file distributed with this work for additional
+ * information regarding copyright ownership.
+ */
+
+key rndc_key {
+	secret "1234abcd8765";
+	algorithm @DEFAULT_HMAC@;
+};
+
+controls {
+	inet 10.53.0.3 port @CONTROLPORT@ allow { any; } keys { rndc_key; };
+};
+
+options {
+	query-source address 10.53.0.3;
+	notify-source 10.53.0.3;
+	transfer-source 10.53.0.3;
+	port @PORT@;
+	pid-file "named.pid";
+	listen-on { 10.53.0.3; };
+	listen-on-v6 { none; };
+	recursion yes;
+	dnssec-validation no;
+	qname-minimization off;
+
+	stale-answer-enable yes;
+	stale-cache-enable yes;
+	stale-refresh-time 30;
+	stale-answer-client-timeout 1800;
+	max-cache-ttl 24h;
+};
+
+zone "." {
+	type hint;
+	file "root.db";
+};
+
+zone "serve.stale" IN {
+	type primary;
+	notify no;
+	file "serve.stale.db";
+};
--- a/bin/tests/system/serve-stale/ns3/serve.stale.db
+++ b/bin/tests/system/serve-stale/ns3/serve.stale.db
@ -0,0 +1,18 @@
+; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+;
+; SPDX-License-Identifier: MPL-2.0
+;
+; This Source Code Form is subject to the terms of the Mozilla Public
+; License, v. 2.0.  If a copy of the MPL was not distributed with this
+; file, you can obtain one at https://mozilla.org/MPL/2.0/.
+;
+; See the COPYRIGHT file distributed with this work for additional
+; information regarding copyright ownership.
+
+serve.stale.		IN SOA	ns.serve.stale. matthijs.isc.org. 1 0 0 0 0
+serve.stale.		IN NS	ns.serve.stale.
+ns.serve.stale.		IN A    10.53.0.6
+
+$ORIGIN serve.stale.
+test			IN NS	nss1.example.nxd.
+test			IN NS	nss2.example.nxd.
--- a/bin/tests/system/serve-stale/ns6/named.conf.in
+++ b/bin/tests/system/serve-stale/ns6/named.conf.in
@ -0,0 +1,44 @@
+/*
+ * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+ *
+ * SPDX-License-Identifier: MPL-2.0
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0.  If a copy of the MPL was not distributed with this
+ * file, you can obtain one at https://mozilla.org/MPL/2.0/.
+ *
+ * See the COPYRIGHT file distributed with this work for additional
+ * information regarding copyright ownership.
+ */
+
+key rndc_key {
+	secret "1234abcd8765";
+	algorithm @DEFAULT_HMAC@;
+};
+
+controls {
+	inet 10.53.0.6 port @CONTROLPORT@ allow { any; } keys { rndc_key; };
+};
+
+options {
+	query-source address 10.53.0.6;
+	notify-source 10.53.0.6;
+	transfer-source 10.53.0.6;
+	port @PORT@;
+	pid-file "named.pid";
+	listen-on { 10.53.0.6; };
+	listen-on-v6 { none; };
+	recursion no;
+};
+
+zone "stale" IN {
+	type primary;
+	notify no;
+	file "stale.db";
+};
+
+zone "serve.stale" IN {
+	type primary;
+	notify no;
+	file "serve.stale.db";
+};
--- a/bin/tests/system/serve-stale/ns6/serve.stale.db
+++ b/bin/tests/system/serve-stale/ns6/serve.stale.db
@ -0,0 +1,16 @@
+; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+;
+; SPDX-License-Identifier: MPL-2.0
+;
+; This Source Code Form is subject to the terms of the Mozilla Public
+; License, v. 2.0.  If a copy of the MPL was not distributed with this
+; file, you can obtain one at https://mozilla.org/MPL/2.0/.
+;
+; See the COPYRIGHT file distributed with this work for additional
+; information regarding copyright ownership.
+
+serve.stale.		IN SOA	ns.serve.stale. matthijs.isc.org. 1 0 0 0 0
+serve.stale.		IN NS	ns.serve.stale.
+ns.serve.stale.		IN A    10.53.0.6
+
+test			IN TXT	"Oops, I did it again"
--- a/bin/tests/system/serve-stale/ns6/stale.db
+++ b/bin/tests/system/serve-stale/ns6/stale.db
@ -0,0 +1,17 @@
+; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+;
+; SPDX-License-Identifier: MPL-2.0
+;
+; This Source Code Form is subject to the terms of the Mozilla Public
+; License, v. 2.0.  If a copy of the MPL was not distributed with this
+; file, you can obtain one at https://mozilla.org/MPL/2.0/.
+;
+; See the COPYRIGHT file distributed with this work for additional
+; information regarding copyright ownership.
+
+stale.		IN SOA	ns.stale. matthijs.isc.org. 1 0 0 0 0
+stale.		IN NS	ns.stale.
+ns.stale.	IN A    10.53.0.6
+
+serve.stale.	IN NS	ns.serve.stale.
+ns.serve.stale.	IN A    10.53.0.6
--- a/bin/tests/system/serve-stale/setup.sh
+++ b/bin/tests/system/serve-stale/setup.sh
@ -16,6 +16,7 @@
 $SHELL clean.sh

 copy_setports ns1/named1.conf.in ns1/named.conf
-copy_setports ns3/named1.conf.in ns3/named.conf
+copy_setports ns3/named.conf.in ns3/named.conf
 copy_setports ns4/named.conf.in ns4/named.conf
 copy_setports ns5/named.conf.in ns5/named.conf
+copy_setports ns6/named.conf.in ns6/named.conf
--- a/bin/tests/system/serve-stale/tests.sh
+++ b/bin/tests/system/serve-stale/tests.sh
@ -259,6 +259,29 @@ grep "data\.example\..*4.*IN.*TXT.*A text record with a 2 second ttl" dig.out.te
 if [ $ret != 0 ]; then echo_i "failed"; fi
 status=$((status + ret))

+#
+# Test interaction with local zone
+#
+
+n=$((n + 1))
+echo_i "check that serve-stale does not recurse for local authoritative zone ($n)"
+ret=0
+
+num=0
+threshold=10
+while [ $num -lt $threshold ]; do
+
+  echo_i "dig test.serve.stale TXT ($n)"
+  $DIG -p ${PORT} @10.53.0.3 test.serve.stale TXT >dig.out.test$n.$num
+  grep "status: SERVFAIL" dig.out.test$n.$num >/dev/null || ret=1
+  if [ $ret != 0 ]; then num=$threshold; fi
+
+  sleep 1
+  num=$((num + 1))
+done
+if [ $ret != 0 ]; then echo_i "failed"; fi
+status=$((status + ret))
+
 #
 # Test disabling serve-stale via rndc.
 #
@ -957,6 +980,17 @@ status=$((status + ret))
 #
 echo_i "test server with no serve-stale options set"

+n=$((n + 1))
+echo_i "updating ns3/named.conf ($n)"
+ret=0
+copy_setports ns3/named1.conf.in ns3/named.conf
+if [ $ret != 0 ]; then echo_i "failed"; fi
+status=$((status + ret))
+
+echo_i "restart ns3"
+stop_server --use-rndc --port ${CONTROLPORT} ns3
+start_server --noclean --restart --port ${PORT} ns3
+
 n=$((n + 1))
 echo_i "enable responses from authoritative server ($n)"
 ret=0