Add XFR max-transfer-time-out and max-tranfer-idle-out system tests

Extend the timeouts system test to ensure that the maximum outgoing transfer time (max-transfer-time-out) and maximum outgoing transfer idle time (max-transfer-idle-out) works as expected. This is done by lowering the limits to 5/1 minutes and testing that the connection has been dropped while sleeping between the individual XFR messages.
2026-06-08 19:52:07 -04:00 · 2022-02-08 21:32:10 +01:00 · 2022-02-08 21:32:10 +01:00 · 8fed1b6461
commit 8fed1b6461
parent 8643bbab84
4 changed files with 86 additions and 0 deletions
--- a/bin/tests/system/run.sh.in
+++ b/bin/tests/system/run.sh.in
@ -88,6 +88,7 @@ if ! $do_run; then
        LOG_DRIVER_FLAGS="--verbose yes --color-tests yes" \
        LOG_FLAGS="$log_flags" \
        TEST_LARGE_MAP="${TEST_LARGE_MAP}" \
+        CI_ENABLE_ALL_TESTS="${CI_ENABLE_ALL_TESTS}" \
        make -e check
    exit $?
 fi
--- a/bin/tests/system/timeouts/conftest.py
+++ b/bin/tests/system/timeouts/conftest.py
@ -20,6 +20,9 @@ def pytest_configure(config):
    config.addinivalue_line(
        "markers", "dnspython2: mark tests that need dnspython >= 2.0.0"
    )
+    config.addinivalue_line(
+        "markers", "long: mark tests that take a long time to run"
+    )


 def pytest_collection_modifyitems(config, items):
@ -46,6 +49,13 @@ def pytest_collection_modifyitems(config, items):
            if "dnspython2" in item.keywords:
                item.add_marker(skip_dnspython2)

+    skip_long_tests = pytest.mark.skip(
+        reason="need CI_ENABLE_ALL_TESTS environment variable")
+    if not os.environ.get("CI_ENABLE_ALL_TESTS"):
+        for item in items:
+            if "long" in item.keywords:
+                item.add_marker(skip_long_tests)
+

@pytest.fixture
 def port(request):
--- a/bin/tests/system/timeouts/ns1/named.conf.in
+++ b/bin/tests/system/timeouts/ns1/named.conf.in
@ -30,6 +30,8 @@ options {
 	tcp-initial-timeout 20;
 	tcp-idle-timeout 50;
 	tcp-keepalive-timeout 70;
+	max-transfer-time-out 5; /* minutes */
+	max-transfer-idle-out 1; /* minutes */
 };

 zone "." {
--- a/bin/tests/system/timeouts/tests-tcp.py
+++ b/bin/tests/system/timeouts/tests-tcp.py
@ -220,3 +220,76 @@ def test_send_timeout(port):
                (response, rtime) = dns.query.receive_tcp(sock, timeout())
            except ConnectionError as e:
                raise EOFError from e
+
+
+@pytest.mark.dnspython
+@pytest.mark.dnspython2
+@pytest.mark.long
+def test_max_transfer_idle_out(port):
+    import dns.query
+    import dns.rdataclass
+    import dns.rdatatype
+
+    with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as sock:
+        sock.connect(("10.53.0.1", port))
+
+        name = dns.name.from_text("example.")
+        msg = create_msg("example.", "AXFR")
+        (sbytes, stime) = dns.query.send_tcp(sock, msg, timeout())
+
+        # Receive the initial DNS message with SOA
+        (response, rtime) = dns.query.receive_tcp(sock, timeout(),
+                                                  one_rr_per_rrset=True)
+        soa = response.get_rrset(dns.message.ANSWER, name,
+                                 dns.rdataclass.IN, dns.rdatatype.SOA)
+        assert soa is not None
+
+        time.sleep(61)  # max-transfer-idle-out is 1 minute
+
+        with pytest.raises(ConnectionResetError):
+            # Process queued TCP messages
+            while True:
+                (response, rtime) = \
+                    dns.query.receive_tcp(sock, timeout(),
+                                          one_rr_per_rrset=True)
+                soa = response.get_rrset(dns.message.ANSWER, name,
+                                         dns.rdataclass.IN, dns.rdatatype.SOA)
+                if soa is not None:
+                    break
+            assert soa is None
+
+
+@pytest.mark.dnspython
+@pytest.mark.dnspython2
+@pytest.mark.long
+def test_max_transfer_time_out(port):
+    import dns.query
+    import dns.rdataclass
+    import dns.rdatatype
+
+    with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as sock:
+        sock.connect(("10.53.0.1", port))
+
+        name = dns.name.from_text("example.")
+        msg = create_msg("example.", "AXFR")
+        (sbytes, stime) = dns.query.send_tcp(sock, msg, timeout())
+
+        # Receive the initial DNS message with SOA
+        (response, rtime) = dns.query.receive_tcp(sock, timeout(),
+                                                  one_rr_per_rrset=True)
+        soa = response.get_rrset(dns.message.ANSWER, name,
+                                 dns.rdataclass.IN, dns.rdatatype.SOA)
+        assert soa is not None
+
+        # The loop should timeout at the 5 minutes (max-transfer-time-out)
+        with pytest.raises(EOFError):
+            while True:
+                time.sleep(1)
+                (response, rtime) = \
+                    dns.query.receive_tcp(sock, timeout(),
+                                          one_rr_per_rrset=True)
+                soa = response.get_rrset(dns.message.ANSWER, name,
+                                         dns.rdataclass.IN, dns.rdatatype.SOA)
+                if soa is not None:
+                    break
+        assert soa is None