- Introduce test for statistics.

doc/Changelog

@@ -1,3 +1,6 @@
+15 September 2020: George
+	- Introduce test for statistics.
+
 11 September 2020: Wouter
 	- Remove x file mode on ipset/ipset.c and h files.
 

testdata/stat_values.tdir/stat_values.conf

@@ -0,0 +1,31 @@
+server:
+	verbosity: 5
+	num-threads: 1
+	interface: 127.0.0.1
+	port: @PORT@
+	use-syslog: no
+	directory: ""
+	pidfile: "unbound.pid"
+	chroot: ""
+	username: ""
+	do-not-query-localhost: no
+	extended-statistics: yes
+	identity: "stat_values"
+
+	local-zone: local.zone static
+	local-data: "www.local.zone A 192.0.2.1"
+remote-control:
+	control-enable: yes
+	control-interface: 127.0.0.1
+	# control-interface: ::1
+	control-port: @CONTROL_PORT@
+	server-key-file: "unbound_server.key"
+	server-cert-file: "unbound_server.pem"
+	control-key-file: "unbound_control.key"
+	control-cert-file: "unbound_control.pem"
+forward-zone:
+	name: "."
+	forward-addr: "127.0.0.1@@TOPORT@"
+forward-zone:
+	name: "expired."
+	forward-addr: "127.0.0.1@@EXPIREDPORT@"

testdata/stat_values.tdir/stat_values.dsc

@@ -0,0 +1,16 @@
+BaseName: stat_values
+Version: 1.0
+Description: Test unbound statistics
+CreationDate: Mon Sep 09 14:48:03 CEST 2020
+Maintainer:
+Category:
+Component:
+CmdDepends:
+Depends:
+Help:
+Pre: stat_values.pre
+Post: stat_values.post
+Test: stat_values.test
+AuxFiles:
+Passed:
+Failure:

testdata/stat_values.tdir/stat_values.post

@@ -0,0 +1,14 @@
+# #-- stat_values.post --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# source the test var file when it's there
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+#
+# do your teardown here
+. ../common.sh
+kill_pid $FWD_PID
+kill $FWD_EXPIRED_PID >/dev/null 2>&1  # This is killed during testing.
+# it was stopped with unbound-control (if the test succeeded)
+kill $UNBOUND_PID >/dev/null 2>&1
+kill $UNBOUND_PID >/dev/null 2>&1
+exit 0

testdata/stat_values.tdir/stat_values.pre

@@ -0,0 +1,41 @@
+# #-- stat_values.pre--#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+. ../common.sh
+get_random_port 4
+UNBOUND_PORT=$RND_PORT
+FWD_PORT=$(($RND_PORT + 1))
+FWD_EXPIRED_PORT=$(($RND_PORT + 2))
+CONTROL_PORT=$(($RND_PORT + 3))
+FWD_EXPIRED_PORT=$(($RND_PORT + 4))
+echo "UNBOUND_PORT=$UNBOUND_PORT" >> .tpkg.var.test
+echo "FWD_PORT=$FWD_PORT" >> .tpkg.var.test
+echo "FWD_EXPIRED_PORT=$FWD_EXPIRED_PORT" >> .tpkg.var.test
+echo "CONTROL_PORT=$CONTROL_PORT" >> .tpkg.var.test
+
+# start forwarder
+get_ldns_testns
+$LDNS_TESTNS -p $FWD_PORT stat_values.testns >fwd.log 2>&1 &
+FWD_PID=$!
+echo "FWD_PID=$FWD_PID" >> .tpkg.var.test
+
+# start expired forwarder
+$LDNS_TESTNS -p $FWD_EXPIRED_PORT stat_values.testexpiredns >fwd_expired.log 2>&1 &
+FWD_EXPIRED_PID=$!
+echo "FWD_EXPIRED_PID=$FWD_EXPIRED_PID" >> .tpkg.var.test
+
+# make config file
+sed -e 's/@PORT\@/'$UNBOUND_PORT'/' -e 's/@TOPORT\@/'$FWD_PORT'/' -e 's/@EXPIREDPORT\@/'$FWD_EXPIRED_PORT'/' -e 's/@CONTROL_PORT\@/'$CONTROL_PORT'/' < stat_values.conf > ub.conf
+# start unbound in the background
+PRE="../.."
+$PRE/unbound -d -c ub.conf >unbound.log 2>&1 &
+UNBOUND_PID=$!
+echo "UNBOUND_PID=$UNBOUND_PID" >> .tpkg.var.test
+
+cat .tpkg.var.test
+wait_ldns_testns_up fwd.log
+wait_ldns_testns_up fwd_expired.log
+wait_unbound_up unbound.log

testdata/stat_values.tdir/stat_values.test

@@ -0,0 +1,411 @@
+# #-- stat_values.test --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+# We need kill_pid for the serve-expired-client-timeour test
+. ../common.sh
+
+PRE="../.."
+
+# Individual thread stats.
+STATS_IGNORE_THREAD="\
+^thread"
+
+# Histogram stats.
+STATS_IGNORE_HISTOGRAM="\
+^histogram"
+
+# Time dependent stats.
+STATS_IGNORE_TIME_SPECIFIC="\
+^total.recursion.time.avg=
+^total.recursion.time.median=
+^time.now=
+^time.up=
+^time.elapsed="
+
+# Usage dependent stats.
+STATS_IGNORE_USAGE_SPECIFIC="\
+^total.requestlist.avg=
+^total.requestlist.max=
+^total.requestlist.overwritten=
+^total.requestlist.exceeded=
+^total.requestlist.current.all=
+^total.requestlist.current.user=
+^total.tcpusage=
+^mem\."
+
+# Stats to ignore by default.
+STATS_IGNORE_DEFAULT="\
+$STATS_IGNORE_THREAD
+$STATS_IGNORE_HISTOGRAM
+$STATS_IGNORE_TIME_SPECIFIC
+$STATS_IGNORE_USAGE_SPECIFIC"
+
+# Various files to be used while testing.
+STATS_FILE=stats.$$
+EXPECTED_STATS_FILE=expected_stats.$$
+IGNORE_REGEX_FILE=ignore_regex.$$
+FILTERED_STATS_FILE=filtered_stats.$$
+FOUND_STATS_FILE=found_stats.$$
+REST_STATS_FILE=rest_stats.$$
+
+DEBUG=0
+
+# Write stats to $STATS_FILE.
+# Call this when you want to get stats from unbound.
+get_stats () {
+	echo "> Getting stats"
+	echo "$PRE/unbound-control -c ub.conf stats"
+	$PRE/unbound-control -c ub.conf stats > $STATS_FILE
+	if test $? -ne 0; then
+		echo "wrong exit value after success"
+		exit 1
+	fi
+}
+
+# Set the expected stat values by writing to $EXPECTED_STATS_FILE.
+# sort is used for proper diff later.
+set_expected_stats () {
+	echo "$1" | sort > $EXPECTED_STATS_FILE
+}
+
+# Set the regex to ignore stats by writing to $IGNORE_REGEX_FILE.
+set_ignore_regex_stats () {
+	echo "$1" > $IGNORE_REGEX_FILE
+}
+
+# Filter the stats by removing any matched regex from $IGNORE_REGEX_FILE,
+# sorts and writes the left over stats to $FILTERED_STATS_FILE.
+filter_stats () {
+	grep -v -f $IGNORE_REGEX_FILE $STATS_FILE | sort > $FILTERED_STATS_FILE
+}
+
+# Check that the stats in $FILTERED_STATS_FILE include the expected stats in
+# $EXPECTED_STATS_FILE.
+check_expected_stats () {
+	echo "> Checking expected stats"
+	grep -F -x -f $EXPECTED_STATS_FILE $FILTERED_STATS_FILE > $FOUND_STATS_FILE
+	if test $DEBUG -ne 0; then
+		echo "Found:"
+		cat $FOUND_STATS_FILE
+	fi
+	if diff $EXPECTED_STATS_FILE $FOUND_STATS_FILE; then
+		echo "OK"
+	else
+		echo "! bad expected stats:"
+        cat $FILTERED_STATS_FILE
+		exit 1
+	fi
+}
+
+# Check that the rest (unspecified) stats are all 0 (no surprises).
+check_rest_stats () {
+	echo "> Checking rest stats"
+	grep -F -x -v -f $EXPECTED_STATS_FILE $FILTERED_STATS_FILE > $REST_STATS_FILE
+	if test $DEBUG -ne 0; then
+		echo "Rest:"
+		cat $REST_STATS_FILE
+	fi
+	if grep -v "=0$" $REST_STATS_FILE; then
+		echo "! bad rest stats"
+		exit 1
+	else
+		echo "OK"
+	fi
+}
+
+# Main function to check stats by:
+# - Getting stats from unbound
+# - Filtering out the stats we are not interested in
+# - Checking that the expected stats are part of the filtered stats
+# - The rest of the stats have 0 values.
+check_stats () {
+	set_expected_stats "$1"
+	if test $DEBUG -ne 0; then
+		echo "Expected:"
+		cat $EXPECTED_STATS_FILE
+	fi
+	get_stats
+	filter_stats
+	if test $DEBUG -ne 0; then
+		echo "Filtered:"
+		cat $FILTERED_STATS_FILE
+	fi
+	check_expected_stats
+	check_rest_stats
+}
+
+# Convenient function to set an option through unbound-control.
+set_ub_option () {
+	name=$1
+	value=$2
+	echo "$PRE/unbound-control -c ub.conf set_option $name: $value"
+	$PRE/unbound-control -c ub.conf set_option $name: $value
+	if test $? -ne 0; then
+		echo "wrong exit value after success"
+		exit 1
+	fi
+}
+
+# Convenient function to exit the test.
+end () {
+	echo "> cat logfiles"
+	cat fwd.log
+	cat unbound.log
+	if test $1 -eq 1; then
+		echo "Not OK"
+	else
+		echo "> OK"
+	fi
+	exit $1
+}
+
+# Ignore all run specific stats.
+set_ignore_regex_stats "$STATS_IGNORE_DEFAULT"
+
+# Check if the server is up.
+echo "> dig 1ttl.example.com."
+dig @127.0.0.1 -p $UNBOUND_PORT 1ttl.example.com. | tee outfile
+echo "> check answer"
+if grep "1.1.1.1" outfile; then
+	echo "OK"
+else
+	end 1
+fi
+
+echo
+echo "[ Check initial stats based on first query. ]"
+check_stats "\
+total.num.queries=1
+total.num.cachemiss=1
+total.num.recursivereplies=1
+num.query.type.A=1
+num.query.class.IN=1
+num.query.opcode.QUERY=1
+num.query.flags.RD=1
+num.query.flags.AD=1
+num.query.edns.present=1
+msg.cache.count=1
+rrset.cache.count=1
+infra.cache.count=1
+num.answer.rcode.NOERROR=1"
+
+echo
+echo "[ Check stat reset. ]"
+check_stats "\
+msg.cache.count=1
+rrset.cache.count=1
+infra.cache.count=1"
+
+
+echo
+echo "[ Enable serve-expired and check. ]"
+set_ub_option serve-expired yes
+sleep 2  # make sure the TTL has expired.
+echo "> dig 1ttl.example.com."
+dig @127.0.0.1 -p $UNBOUND_PORT 1ttl.example.com. | tee outfile
+echo "> check answer"
+if grep "1.1.1.1" outfile; then
+	echo "OK"
+else
+	end 1
+fi
+check_stats "\
+total.num.queries=1
+total.num.expired=1
+total.num.cachehits=1
+total.num.prefetch=1
+num.answer.rcode.NOERROR=1
+num.query.class.IN=1
+num.query.edns.present=1
+num.query.flags.AD=1
+num.query.flags.RD=1
+num.query.opcode.QUERY=1
+num.query.type.A=1
+msg.cache.count=1
+rrset.cache.count=1
+infra.cache.count=1"
+
+
+echo
+echo "[ Enable serve-expired-client-timeout and check. ]"
+set_ub_option serve-expired-client-timeout 1
+echo "> dig servfail.expired."
+dig @127.0.0.1 -p $UNBOUND_PORT servfail.expired. | tee outfile
+echo "> check answer"
+if grep "192.0.2.1" outfile; then
+	echo "OK"
+else
+	end 1
+fi
+check_stats "\
+total.num.queries=1
+total.num.cachemiss=1
+total.num.recursivereplies=1
+num.query.type.A=1
+num.query.class.IN=1
+num.query.opcode.QUERY=1
+num.query.flags.RD=1
+num.query.flags.AD=1
+num.query.edns.present=1
+msg.cache.count=2
+rrset.cache.count=2
+infra.cache.count=2
+num.answer.rcode.NOERROR=1"
+kill_pid $FWD_EXPIRED_PID  # kill the expired forwarder to force a servfail from upstream.
+sleep 2  # make sure the TTL has expired.
+echo "> dig servfail.expired."
+dig @127.0.0.1 -p $UNBOUND_PORT servfail.expired. | tee outfile
+echo "> check answer"
+if grep "192.0.2.1" outfile; then
+	echo "OK"
+else
+	end 1
+fi
+check_stats "\
+total.num.queries=1
+total.num.expired=1
+total.num.recursivereplies=1
+num.answer.rcode.NOERROR=1
+num.query.class.IN=1
+num.query.edns.present=1
+num.query.flags.AD=1
+num.query.flags.RD=1
+num.query.opcode.QUERY=1
+num.query.type.A=1
+total.num.cachemiss=1
+msg.cache.count=2
+rrset.cache.count=2
+infra.cache.count=2"
+
+
+# Disable serve-expired
+set_ub_option serve-expired no
+
+
+echo
+echo "[ Check REFUSED; try without RD flag. ]"
+echo "> dig somethingelse.example.com."
+dig @127.0.0.1 -p $UNBOUND_PORT +nordflag somethingelse.example.com. | tee outfile
+echo "> check answer"
+if grep "REFUSED" outfile; then
+	echo "OK"
+else
+	end 1
+fi
+check_stats "\
+num.answer.rcode.REFUSED=1
+total.num.cachehits=1
+num.query.class.IN=1
+num.query.edns.present=1
+num.query.flags.AD=1
+num.query.opcode.QUERY=1
+num.query.type.A=1
+total.num.queries=1
+msg.cache.count=2
+rrset.cache.count=2
+infra.cache.count=2"
+
+
+echo
+echo "[ Check the AD flag. ]"
+echo "> dig www.example.com."
+dig @127.0.0.1 -p $UNBOUND_PORT +noadflag www.example.com. | tee outfile
+echo "> check answer"
+if grep "10.20.30.40" outfile; then
+	echo "OK"
+else
+	end 1
+fi
+check_stats "\
+num.query.flags.AD=0
+total.num.cachemiss=1
+num.answer.rcode.NOERROR=1
+num.query.class.IN=1
+num.query.edns.present=1
+num.query.flags.RD=1
+num.query.opcode.QUERY=1
+num.query.type.A=1
+total.num.queries=1
+total.num.recursivereplies=1
+msg.cache.count=3
+rrset.cache.count=3
+infra.cache.count=2"
+
+echo
+echo "[ Check local zone. ]"
+echo "> dig www.local.zone."
+dig @127.0.0.1 -p $UNBOUND_PORT www.local.zone. | tee outfile
+echo "> check answer"
+if grep "192.0.2.1" outfile; then
+	echo "OK"
+else
+	end 1
+fi
+check_stats "\
+num.answer.rcode.NOERROR=1
+total.num.cachehits=1
+num.query.class.IN=1
+num.query.edns.present=1
+num.query.flags.AD=1
+num.query.flags.RD=1
+num.query.opcode.QUERY=1
+num.query.type.A=1
+total.num.queries=1
+msg.cache.count=3
+rrset.cache.count=3
+infra.cache.count=2"
+
+
+echo
+echo "[ Check NXDOMAIN (with local data). ]"
+echo "> dig mail.local.zone."
+dig @127.0.0.1 -p $UNBOUND_PORT mail.local.zone. | tee outfile
+echo "> check answer"
+if grep "NXDOMAIN" outfile; then
+	echo "OK"
+else
+	end 1
+fi
+check_stats "\
+num.answer.rcode.NXDOMAIN=1
+total.num.cachehits=1
+num.query.class.IN=1
+num.query.edns.present=1
+num.query.flags.AD=1
+num.query.flags.RD=1
+num.query.opcode.QUERY=1
+num.query.type.A=1
+total.num.queries=1
+msg.cache.count=3
+rrset.cache.count=3
+infra.cache.count=2"
+
+
+echo
+echo "[ Check CHAOS. ]"
+echo "> dig id.server. ch txt"
+dig @127.0.0.1 -p $UNBOUND_PORT id.server. ch txt | tee outfile
+echo "> check answer"
+if grep "stat_values" outfile; then
+	echo "OK"
+else
+	end 1
+fi
+check_stats "\
+num.query.class.CH=1
+total.num.cachehits=1
+num.answer.rcode.NOERROR=1
+num.query.edns.present=1
+num.query.flags.AD=1
+num.query.flags.RD=1
+num.query.opcode.QUERY=1
+num.query.type.TXT=1
+total.num.queries=1
+msg.cache.count=3
+rrset.cache.count=3
+infra.cache.count=2"
+
+
+end 0

testdata/stat_values.tdir/stat_values.testexpiredns

@@ -0,0 +1,13 @@
+; nameserver test file
+$ORIGIN expired.
+$TTL 3600
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id
+SECTION QUESTION
+servfail	IN	A
+SECTION ANSWER
+servfail    1 IN A 192.0.2.1
+ENTRY_END

testdata/stat_values.tdir/stat_values.testns

@@ -0,0 +1,23 @@
+; nameserver test file
+$ORIGIN example.com.
+$TTL 3600
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id
+SECTION QUESTION
+www	IN	A
+SECTION ANSWER
+www	IN	A	10.20.30.40
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id
+SECTION QUESTION
+1ttl	IN	A
+SECTION ANSWER
+1ttl	1 IN	A 1.1.1.1
+ENTRY_END

testdata/stat_values.tdir/unbound_control.key

@@ -0,0 +1,39 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIG4gIBAAKCAYEAstEp+Pyh8XGrtZ77A4FhYjvbeB3dMa7Q2rGWxobzlA9przhA
+1aChAvUtCOAuM+rB6NTNB8YWfZJbQHawyMNpmC77cg6vXLYCGUQHZyAqidN049RJ
+F5T7j4N8Vniv17LiRdr0S6swy4PRvEnIPPV43EQHZqC5jVvHsKkhIfmBF/Dj5TXR
+ypeawWV/m5jeU6/4HRYMfytBZdO1mPXuWLh0lgbQ4SCbgrOUVD3rniMk1yZIbQOm
+vlDHYqekjDb/vOW2KxUQLG04aZMJ1mWfdbwG0CKQkSjISEDZ1l76vhM6mTM0fwXb
+IvyFZ9yPPCle1mF5aSlxS2cmGuGVSRQaw8XF9fe3a9ACJJTr33HdSpyaZkKRAUzL
+cKqLCl323daKv3NwwAT03Tj4iQM416ASMoiyfFa/2GWTKQVjddu8Crar7tGaf5xr
+lig4DBmrBvdYA3njy72/RD71hLwmlRoCGU7dRuDr9O6KASUm1Ri91ONZ/qdjMvov
+15l2vj4GV+KXR00dAgMBAAECggGAHepIL1N0dEQkCdpy+/8lH54L9WhpnOo2HqAf
+LU9eaKK7d4jdr9+TkD8cLaPzltPrZNxVALvu/0sA4SP6J1wpyj/x6P7z73qzly5+
+Xo5PD4fEwmi9YaiW/UduAblnEZrnp/AddptJKoL/D5T4XtpiQddPtael4zQ7kB57
+YIexRSQTvEDovA/o3/nvA0TrzOxfgd4ycQP3iOWGN/TMzyLsvjydrUwbOB567iz9
+whL3Etdgvnwh5Sz2blbFfH+nAR8ctvFFz+osPvuIVR21VMEI6wm7kTpSNnQ6sh/c
+lrLb/bTADn4g7z/LpIZJ+MrLvyEcoqValrLYeFBhM9CV8woPxvkO2P3pU47HVGax
+tC7GV6a/kt5RoKFd/TNdiA3OC7NGZtaeXv9VkPf4fVwBtSO9d5ZZXTGEynDD/rUQ
+U4KFJe6OD23APjse08HiiKqTPhsOneOONU67iqoaTdIkT2R4EdlkVEDpXVtWb+G9
+Q+IqYzVljlzuyHrhWXLJw/FMa2aBAoHBAOnZbi4gGpH+P6886WDWVgIlTccuXoyc
+Mg9QQYk9UDeXxL0AizR5bZy49Sduegz9vkHpAiZARQsUnizHjZ8YlRcrmn4t6tx3
+ahTIKAjdprnxJfYINM580j8CGbXvX5LhIlm3O267D0Op+co3+7Ujy+cjsIuFQrP+
+1MqMgXSeBjzC1APivmps7HeFE+4w0k2PfN5wSMDNCzLo99PZuUG5XZ93OVOS5dpN
+b+WskdcD8NOoJy/X/5A08veEI/jYO/DyqQKBwQDDwUQCOWf41ecvJLtBHKmEnHDz
+ftzHino9DRKG8a9XaN4rmetnoWEaM2vHGX3pf3mwH+dAe8vJdAQueDhBKYeEpm6C
+TYNOpou1+Zs5s99BilCTNYo8fkMOAyqwRwmz9zgHS6QxXuPwsghKefLJGt6o6RFF
+tfWVTfLlYJ+I3GQe3ySsk3wjVz4oUTKiyiq5+KzD+HhEkS7u+RQ7Z0ZI2xd2cF8Y
+aN2hjKDpcOiFf3CDoqka5D1qMNLgIHO52AHww1UCgcA1h7o7AMpURRka6hyaODY0
+A4oMYEbwdQjYjIyT998W+rzkbu1us6UtzQEBZ760npkgyU/epbOoV63lnkCC/MOU
+LD0PST+L/CHiY/cWIHb79YG1EifUZKpUFg0Aoq0EGFkepF0MefGCkbRGYA5UZr9U
+R80wAu9D+L+JJiS0J0BSRF74DL196zUuHt5zFeXuLzxsRtPAnq9DliS08BACRYZy
+7H3I7cWD9Vn5/0jbKWHFcaaWwyETR6uekTcSzZzbCRECgcBeoE3/xUA9SSk34Mmj
+7/cB4522Ft0imA3+9RK/qJTZ7Bd5fC4PKjOGNtUiqW/0L2rjeIiQ40bfWvWqgPKw
+jSK1PL6uvkl6+4cNsFsYyZpiVDoe7wKju2UuoNlB3RUTqa2r2STFuNj2wRjA57I1
+BIgdnox65jqQsd14g/yaa+75/WP9CE45xzKEyrtvdcqxm0Pod3OrsYK+gikFjiar
+kT0GQ8u0QPzh2tjt/2ZnIfOBrl+QYERP0MofDZDjhUdq2wECgcB0Lu841+yP5cdR
+qbJhXO4zJNh7oWNcJlOuQp3ZMNFrA1oHpe9pmLukiROOy01k9WxIMQDzU5GSqRv3
+VLkYOIcbhJ3kClKAcM3j95SkKbU2H5/RENb3Ck52xtl4pNU1x/3PnVFZfDVuuHO9
+MZ9YBcIeK98MyP2jr5JtFKnOyPE7xKq0IHIhXadpbc2wjje5FtZ1cUtMyEECCXNa
+C1TpXebHGyXGpY9WdWXhjdE/1jPvfS+uO5WyuDpYPr339gsdq1g=
+-----END RSA PRIVATE KEY-----

testdata/stat_values.tdir/unbound_control.pem

@@ -0,0 +1,22 @@
+-----BEGIN CERTIFICATE-----
+MIIDszCCAhsCFGD5193whHQ2bVdzbaQfdf1gc4SkMA0GCSqGSIb3DQEBCwUAMBIx
+EDAOBgNVBAMMB3VuYm91bmQwHhcNMjAwNzA4MTMzMjMwWhcNNDAwMzI1MTMzMjMw
+WjAaMRgwFgYDVQQDDA91bmJvdW5kLWNvbnRyb2wwggGiMA0GCSqGSIb3DQEBAQUA
+A4IBjwAwggGKAoIBgQCy0Sn4/KHxcau1nvsDgWFiO9t4Hd0xrtDasZbGhvOUD2mv
+OEDVoKEC9S0I4C4z6sHo1M0HxhZ9kltAdrDIw2mYLvtyDq9ctgIZRAdnICqJ03Tj
+1EkXlPuPg3xWeK/XsuJF2vRLqzDLg9G8Scg89XjcRAdmoLmNW8ewqSEh+YEX8OPl
+NdHKl5rBZX+bmN5Tr/gdFgx/K0Fl07WY9e5YuHSWBtDhIJuCs5RUPeueIyTXJkht
+A6a+UMdip6SMNv+85bYrFRAsbThpkwnWZZ91vAbQIpCRKMhIQNnWXvq+EzqZMzR/
+Bdsi/IVn3I88KV7WYXlpKXFLZyYa4ZVJFBrDxcX197dr0AIklOvfcd1KnJpmQpEB
+TMtwqosKXfbd1oq/c3DABPTdOPiJAzjXoBIyiLJ8Vr/YZZMpBWN127wKtqvu0Zp/
+nGuWKDgMGasG91gDeePLvb9EPvWEvCaVGgIZTt1G4Ov07ooBJSbVGL3U41n+p2My
++i/XmXa+PgZX4pdHTR0CAwEAATANBgkqhkiG9w0BAQsFAAOCAYEAd++Wen6l8Ifj
+4h3p/y16PhSsWJWuJ4wdNYy3/GM84S26wGjzlEEwiW76HpH6VJzPOiBAeWnFKE83
+hFyetEIxgJeIPbcs9ZP/Uoh8GZH9tRISBSN9Hgk2Slr9llo4t1H0g/XTgA5HqMQU
+9YydlBh43G7Vw3FVwh09OM6poNOGQKNc/tq2/QdKeUMtyBbLWpRmjH5XcCT35fbn
+ZiVOUldqSHD4kKrFO4nJYXZyipRbcXybsLiX9GP0GLemc3IgIvOXyJ2RPp06o/SJ
+pzlMlkcAfLJaSuEW57xRakhuNK7m051TKKzJzIEX+NFYOVdafFHS8VwGrYsdrFvD
+72tMfu+Fu55y3awdWWGc6YlaGogZiuMnJkvQphwgn+5qE/7CGEckoKEsH601rqIZ
+muaIc85+nEcHJeijd/ZlBN9zeltjFoMuqTUENgmv8+tUAdVm/UMY9Vjme6b43ydP
+uv6DS02+k9z8toxXworLiPr94BGaiGV1NxgwZKLZigYJt/Fi2Qte
+-----END CERTIFICATE-----

testdata/stat_values.tdir/unbound_server.key

@@ -0,0 +1,39 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIG5AIBAAKCAYEAvjSVSN2QMXudpzukdLCqgg/IOhCX8KYkD0FFFfWcQjgKq5wI
+0x41iG32a6wbGanre4IX7VxaSPu9kkHfnGgynCk5nwDRedE/FLFhAU78PoT0+Nqq
+GRS7XVQ24vLmIz9Hqc2Ozx1um1BXBTmIT0UfN2e22I0LWQ6a3seZlEDRj45gnk7Z
+uh9MDgotaBdm+v1JAbupSf6Zis4VEH3JNdvVGE3O1DHEIeuuz/3BDhpf6WBDH+8K
+WaBe1ca4TZHr9ThL2gEMEfAQl0wXDwRWRoi3NjNMH+mw0L1rjwThI5GXqNIee7o5
+FzUReSXZuTdFMyGe3Owcx+XoYnwi6cplSNoGsDBu4B9bKKglR9YleJVw4L4Xi8xP
+q6O9UPj4+nypHk/DOoC7DIM3ufN0yxPBsFo5TVowxfhdjZXJbbftd2TZv7AH8+XL
+A5UoZgRzXgzECelXSCTBFlMTnT48LfA9pMLydyjAz2UdPHs5Iv+TK5nnI+aJoeaP
+7kFZSngxdy1+A/bNAgMBAAECggGBALpTOIqQwVg4CFBylL/a8K1IWJTI/I65sklf
+XxYL7G7SB2HlEJ//z+E+F0+S4Vlao1vyLQ5QkgE82pAUB8FoMWvY1qF0Y8A5wtm6
+iZSGk4OLK488ZbT8Ii9i+AGKgPe2XbVxsJwj8N4k7Zooqec9hz73Up8ATEWJkRz7
+2u7oMGG4z91E0PULA64dOi3l/vOQe5w/Aa+CwVbAWtI05o7kMvQEBMDJn6C7CByo
+MB5op9wueJMnz7PM7hns+U7Dy6oE4ljuolJUy51bDzFWwoM54cRoQqLFNHd8JVQj
+WxldCkbfF43iyprlsEcUrTyUjtdA+ZeiG39vg/mtdmgNpGmdupHJZQvSuG8IcVlz
+O+eMSeQS1QXPD6Ik8UK4SU0h+zOl8xIWtRrsxQuh4fnTN40udm/YUWl/6gOebsBI
+IrVLlKGqJSfB3tMjpCRqdTzJ0dA9keVpkqm2ugZkxEf1+/efq/rFIQ2pUBLCqNTN
+qpNqruK8y8FphP30I2uI4Ej2UIB8AQKBwQDd2Yptj2FyDyaXCycsyde0wYkNyzGU
+dRnzdibfHnMZwjgTjwAwgIUBVIS8H0/z7ZJQKN7osJfddMrtjJtYYUk9g/dCpHXs
+bNh2QSoWah3FdzNGuWd0iRf9+LFxhjAAMo/FS8zFJAJKrFsBdCGTfFUMdsLC0bjr
+YjiWBuvV72uKf8XIZX5KIZruKdWBBcWukcb21R1UDyFYyXRBsly5XHaIYKZql3km
+7pV7MKWO0IYgHbHIqGUqPQlzZ/lkunS1jKECgcEA23wHffD6Ou9/x3okPx2AWpTr
+gh8rgqbyo6hQkBW5Y90Wz824cqaYebZDaBR/xlVx/YwjKkohv8Bde2lpH/ZxRZ1Z
+5Sk2s6GJ/vU0L9RsJZgCgj4L6Coal1NMxuZtCXAlnOpiCdxSZgfqbshbTVz30KsG
+ZJG361Cua1ScdAHxlZBxT52/1Sm0zRC2hnxL7h4qo7Idmtzs40LAJvYOKekR0pPN
+oWeJfra7vgx/jVNvMFWoOoSLpidVO4g+ot4ery6tAoHAdW3rCic1C2zdnmH28Iw+
+s50l8Lk3mz+I5wgJd1zkzCO0DxZIoWPGA3g7cmCYr6N3KRsZMs4W9NAXgjpFGDkW
+zYsG3K21BdpvkdjYcFjnPVjlOXB2RIc0vehf9Jl02wXoeCSxVUDEPcaRvWk9RJYx
+ZpGOchUU7vNkxHURbIJ4yCzuAi9G8/Jp0dsu+kaV5tufF5SjG5WOrzKjaQsCbdN1
+oqaWMCHRrTvov/Z2C+xwsptFOdN5CSyZzg6hQiI4GMlBAoHAXyb6KINcOEi0YMp3
+BFXJ23tMTnEs78tozcKeipigcsbaqORK3omS+NEnj+uzKUzJyl4CsMbKstK2tFYS
+mSTCHqgE3PBtIpsZtEqhgUraR8IK9GPpzZDTTl9ynZgwFTNlWw3RyuyVXF56J+T8
+kCGJ3hEHCHqT/ZRQyX85BKIDFhA0z4tYKxWVqIFiYBNq56R0X9tMMmMs36mEnF93
+7Ht6mowxTZQRa7nU0qOgeKh/P7ki4Zus3y+WJ+T9IqahLtlRAoHBAIhqMrcxSAB8
+RpB9jukJlAnidw2jCMPgrFE8tP0khhVvGrXMldxAUsMKntDIo8dGCnG1KTcWDI0O
+jepvSPHSsxVLFugL79h0eVIS5z4huW48i9xgU8VlHdgAcgEPIAOFcOw2BCu/s0Vp
+O+MM/EyUOdo3NsibB3qc/GJI6iNBYS7AljYEVo6rXo5V/MZvZUF4vClen6Obzsre
+MTTb+4sJjfqleWuvr1XNMeu2mBfXBQkWGZP1byBK0MvD/aQ2PWq92A==
+-----END RSA PRIVATE KEY-----

testdata/stat_values.tdir/unbound_server.pem

@@ -0,0 +1,22 @@
+-----BEGIN CERTIFICATE-----
+MIIDqzCCAhMCFBHWXeQ6ZIa9QcQbXLFfC6tj+KA+MA0GCSqGSIb3DQEBCwUAMBIx
+EDAOBgNVBAMMB3VuYm91bmQwHhcNMjAwNzA4MTMzMjI5WhcNNDAwMzI1MTMzMjI5
+WjASMRAwDgYDVQQDDAd1bmJvdW5kMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIB
+igKCAYEAvjSVSN2QMXudpzukdLCqgg/IOhCX8KYkD0FFFfWcQjgKq5wI0x41iG32
+a6wbGanre4IX7VxaSPu9kkHfnGgynCk5nwDRedE/FLFhAU78PoT0+NqqGRS7XVQ2
+4vLmIz9Hqc2Ozx1um1BXBTmIT0UfN2e22I0LWQ6a3seZlEDRj45gnk7Zuh9MDgot
+aBdm+v1JAbupSf6Zis4VEH3JNdvVGE3O1DHEIeuuz/3BDhpf6WBDH+8KWaBe1ca4
+TZHr9ThL2gEMEfAQl0wXDwRWRoi3NjNMH+mw0L1rjwThI5GXqNIee7o5FzUReSXZ
+uTdFMyGe3Owcx+XoYnwi6cplSNoGsDBu4B9bKKglR9YleJVw4L4Xi8xPq6O9UPj4
++nypHk/DOoC7DIM3ufN0yxPBsFo5TVowxfhdjZXJbbftd2TZv7AH8+XLA5UoZgRz
+XgzECelXSCTBFlMTnT48LfA9pMLydyjAz2UdPHs5Iv+TK5nnI+aJoeaP7kFZSngx
+dy1+A/bNAgMBAAEwDQYJKoZIhvcNAQELBQADggGBABunf93MKaCUHiZgnoOTinsW
+84/EgInrgtKzAyH+BhnKkJOhhR0kkIAx5d9BpDlaSiRTACFon9moWCgDIIsK/Ar7
+JE0Kln9cV//wiiNoFU0O4mnzyGUIMvlaEX6QHMJJQYvL05+w/3AAcf5XmMJtR5ca
+fJ8FqvGC34b2WxX9lTQoyT52sRt+1KnQikiMEnEyAdKktMG+MwKsFDdOwDXyZhZg
+XZhRrfX3/NVJolqB6EahjWIGXDeKuSSKZVtCyib6LskyeMzN5lcRfvubKDdlqFVF
+qlD7rHBsKhQUWK/IO64mGf7y/de+CgHtED5vDvr/p2uj/9sABATfbrOQR3W/Of25
+sLBj4OEfrJ7lX8hQgFaxkMI3x6VFT3W8dTCp7xnQgb6bgROWB5fNEZ9jk/gjSRmD
+yIU+r0UbKe5kBk/CmZVFXL2TyJ92V5NYEQh8V4DGy19qZ6u/XKYyNJL4ocs35GGe
+CA8SBuyrmdhx38h1RHErR2Skzadi1S7MwGf1y431fQ==
+-----END CERTIFICATE-----