[9.20] new: test: Test another 'stale-answer-client-timeout 0' scenario

Add a test to check serve-stale with the 'stale-answer-client-timeout 0' configuration option and with a delegation which is a CNAME to a auth zone. Closes #5372 Backport of MR !10920 Merge branch 'backport-5372-serve-stale-crash-on-insist-unreachable-test-9.20' into 'bind-9.20' See merge request isc-projects/bind9!10927
2026-05-27 12:13:20 -04:00 · 2025-09-02 10:32:11 +00:00 · 2025-09-02 10:32:11 +00:00 · 8540cde99c
commit 8540cde99c
parent 9352ae65d7 7a03b59d0f
3 changed files with 39 additions and 3 deletions
--- a/bin/tests/system/serve-stale/ans2/ans.pl
+++ b/bin/tests/system/serve-stale/ans2/ans.pl
@ -259,6 +259,15 @@ sub reply_handler {
 	    push @auth, $rr;
 	}
 	$rcode = "NOERROR";
+    } elsif ($qname eq "cname.delegated.serve.stale") {
+	if ($qtype eq "A") {
+	    my $rr = new Net::DNS::RR("cname.delegated.serve.stale 2 IN CNAME cname-target.serve.stale.");
+	    push @ans, $rr;
+	} else {
+	    my $rr = new Net::DNS::RR($ssnegSOA);
+	    push @auth, $rr;
+	}
+	$rcode = "NOERROR";
    } elsif ($qname eq "ns.slow" ) {
 	if ($qtype eq "A") {
 	    my $rr = new Net::DNS::RR($slowA);
--- a/bin/tests/system/serve-stale/ns3/serve.stale.db
+++ b/bin/tests/system/serve-stale/ns3/serve.stale.db
@ -18,4 +18,5 @@ test			IN NS	nss1.example.nxd.
 test			IN NS	nss2.example.nxd.

 delegated		IN NS	ns2.delegated.serve.stale.
+cname-target		IN A	10.53.0.99
 ns2.delegated		IN A	10.53.0.2
--- a/bin/tests/system/serve-stale/tests.sh
+++ b/bin/tests/system/serve-stale/tests.sh
@ -2573,12 +2573,13 @@ grep "2001:aaaa" dig.out.2.test$n >/dev/null || ret=1
 if [ $ret != 0 ]; then echo_i "failed"; fi
 status=$((status + ret))

-n=$((n + 1))
-echo_i "check serve-stale (stale-answer-client-timeout 0) with a delegation ($n)"
-ret=0
 # configure ns3 with stale-answer-client-timeout 0 and a delegated zone
 copy_setports ns3/named9.conf.in ns3/named.conf
 rndc_reload ns3 10.53.0.3
+
+n=$((n + 1))
+echo_i "check serve-stale (stale-answer-client-timeout 0) with a delegation ($n)"
+ret=0
 # flush cache, enable ans2 responses, make sure serve-stale is on
 $RNDCCMD 10.53.0.3 flush >rndc.out.test$n.1 2>&1 || ret=1
 $DIG -p ${PORT} @10.53.0.2 txt enable >/dev/null || ret=1
@ -2601,5 +2602,30 @@ $DIG -p ${PORT} @10.53.0.2 txt enable >/dev/null || ret=1
 if [ $ret != 0 ]; then echo_i "failed"; fi
 status=$((status + ret))

+n=$((n + 1))
+echo_i "check serve-stale (stale-answer-client-timeout 0) with a delegation which is a CNAME to a local zone ($n)"
+ret=0
+# flush cache, enable ans2 responses, make sure serve-stale is on
+$RNDCCMD 10.53.0.3 flush >rndc.out.test$n.1 2>&1 || ret=1
+$DIG -p ${PORT} @10.53.0.2 txt enable >/dev/null || ret=1
+$RNDCCMD 10.53.0.3 serve-stale on >rndc.out.test$n.2 2>&1 || ret=1
+# prime the cache with the A response
+$DIG -p ${PORT} @10.53.0.3 cname.delegated.serve.stale >dig.out.1.test$n || ret=1
+grep -F "status: NOERROR" dig.out.1.test$n >/dev/null || ret=1
+grep -F "10.53.0.99" dig.out.1.test$n >/dev/null || ret=1
+# disable responses from the auth server
+$DIG -p ${PORT} @10.53.0.2 txt disable >/dev/null || ret=1
+# wait two seconds for the previous answer to become stale
+sleep 2
+# resend the query; we should immediately get a stale answer
+$DIG -p ${PORT} @10.53.0.3 cname.delegated.serve.stale >dig.out.2.test$n || ret=1
+grep -F "status: NOERROR" dig.out.2.test$n >/dev/null || ret=1
+grep -F "EDE: 3 (Stale Answer): (stale data prioritized over lookup)" dig.out.2.test$n >/dev/null || ret=1
+grep -F "10.53.0.99" dig.out.2.test$n >/dev/null || ret=1
+# re-enable responses
+$DIG -p ${PORT} @10.53.0.2 txt enable >/dev/null || ret=1
+if [ $ret != 0 ]; then echo_i "failed"; fi
+status=$((status + ret))
+
 echo_i "exit status: $status"
 [ $status -eq 0 ] || exit 1