Implement '-T slowrpz' named testing option

When used, named processes RPZ zones slowly. Useful for system tests. (cherry picked from commit 5e718dd220)
2026-06-10 19:10:00 -04:00 · 2025-08-19 09:10:06 +00:00 · 2025-08-19 09:10:06 +00:00 · ec2c3db702
commit ec2c3db702
parent ee29e133ac
5 changed files with 20 additions and 0 deletions
--- a/bin/named/main.c
+++ b/bin/named/main.c
@ -142,6 +142,7 @@ static bool noedns = false;
 static bool nonearest = false;
 static bool nosoa = false;
 static bool notcp = false;
+static bool rpzslow = false;
 static bool sigvalinsecs = false;
 static bool transferinsecs = false;
 static bool transferslowly = false;
@ -789,6 +790,8 @@ parse_T_opt(char *option) {
 		if (dns_zone_mkey_month < dns_zone_mkey_day) {
 			named_main_earlyfatal("bad mkeytimer");
 		}
+	} else if (!strcmp(option, "rpzslow")) {
+		rpzslow = true;
 	} else if (!strcmp(option, "sigvalinsecs")) {
 		sigvalinsecs = true;
 	} else if (!strcmp(option, "transferinsecs")) {
@ -1368,6 +1371,9 @@ setup(void) {
 	if (notcp) {
 		ns_server_setoption(sctx, NS_SERVER_NOTCP, true);
 	}
+	if (rpzslow) {
+		ns_server_setoption(sctx, NS_SERVER_RPZSLOW, true);
+	}
 	if (sigvalinsecs) {
 		ns_server_setoption(sctx, NS_SERVER_SIGVALINSECS, true);
 	}
--- a/bin/named/server.c
+++ b/bin/named/server.c
@ -2554,6 +2554,8 @@ configure_rpz(dns_view_t *view, dns_view_t *pview, const cfg_obj_t **maps,

 	zones->p.nsip_on = nsip_on;
 	zones->p.nsdname_on = nsdname_on;
+	zones->p.slow_mode = ns_server_getoption(named_g_server->sctx,
+						 NS_SERVER_RPZSLOW);

 	sub_obj = cfg_tuple_get(rpz_obj, "recursive-only");
 	if (!cfg_obj_isvoid(sub_obj) && !cfg_obj_asboolean(sub_obj)) {
--- a/lib/dns/include/dns/rpz.h
+++ b/lib/dns/include/dns/rpz.h
@ -209,6 +209,7 @@ struct dns_rpz_popt {
 	bool		nsip_wait_recurse;
 	bool		nsdname_wait_recurse;
 	bool		servfail_until_ready;
+	bool		slow_mode; /* Used for system tests with '-T rpzslow' */
 	unsigned int	min_ns_labels;
 	dns_rpz_num_t	num_zones;
 };
--- a/lib/dns/rpz.c
+++ b/lib/dns/rpz.c
@ -30,6 +30,7 @@
 #include <isc/rwlock.h>
 #include <isc/string.h>
 #include <isc/util.h>
+#include <isc/uv.h>
 #include <isc/work.h>

 #include <dns/db.h>
@ -1784,6 +1785,7 @@ update_nodes(dns_rpz_zone_t *rpz, isc_ht_t *newnodes) {
 	dns_name_t *name = NULL;
 	dns_fixedname_t fixname;
 	char domain[DNS_NAME_FORMATSIZE];
+	bool slow_mode;

 	dns_name_format(&rpz->origin, domain, DNS_NAME_FORMATSIZE);

@ -1807,6 +1809,10 @@ update_nodes(dns_rpz_zone_t *rpz, isc_ht_t *newnodes) {
 		goto cleanup;
 	}

+	LOCK(&rpz->rpzs->maint_lock);
+	slow_mode = rpz->rpzs->p.slow_mode;
+	UNLOCK(&rpz->rpzs->maint_lock);
+
 	while (result == ISC_R_SUCCESS) {
 		char namebuf[DNS_NAME_FORMATSIZE];
 		dns_rdatasetiter_t *rdsiter = NULL;
@ -1907,6 +1913,10 @@ update_nodes(dns_rpz_zone_t *rpz, isc_ht_t *newnodes) {

 	next:
 		result = dns_dbiterator_next(updbit);
+
+		if (slow_mode) {
+			uv_sleep(100);
+		}
 	}
 	INSIST(result != ISC_R_SUCCESS);
 	if (result == ISC_R_NOMORE) {
--- a/lib/ns/include/ns/server.h
+++ b/lib/ns/include/ns/server.h
@ -51,6 +51,7 @@
 #define NS_SERVER_TRANSFERSTUCK	    0x00020000U /*%< -T transferstuck */
 #define NS_SERVER_LOGRESPONSES	    0x00040000U /*%< log responses */
 #define NS_SERVER_COOKIEALWAYSVALID 0x00080000U /*%< -T cookiealwaysvalid */
+#define NS_SERVER_RPZSLOW	    0x00100000U /*%< -T rpzslow */

 /*%
 * Type for callback function to get hostname.