- Add unit tests for non-ecs aggregation.

doc/Changelog

@@ -3,6 +3,7 @@
 	  from AOSP Lab Nankai University.
 	- Tag for 1.23.1 with the release of 1.23.0 and the CVE fix, the
 	  repository continues with the previous fixes, with 1.23.2.
+	- Add unit tests for non-ecs aggregation.
 
 12 July 2025: Yorgos
 	- Merge #1289 from Roland van Rijswijk-Deij: Add extra statistic to

testdata/subnet_noecs_mult.crpl

@@ -0,0 +1,334 @@
+# config
+server:
+	send-client-subnet: 1.2.3.4
+	max-client-subnet-ipv4: 17
+	module-config: "subnetcache iterator"
+	qname-minimisation: no
+	minimal-responses: yes
+	target-fetch-policy: "0 0 0 0 0"
+
+stub-zone:
+	name: "."
+	stub-addr: 193.0.14.129 # K.ROOT-SERVERS.NET.
+CONFIG_END
+
+SCENARIO_BEGIN Test subnet with no edns subnet from server multiple times
+; Multiple queries are sent to a server that does not reply with the
+; edns-subnet option.
+
+; K.ROOT-SERVERS.NET.
+RANGE_BEGIN 0 100
+	ADDRESS 193.0.14.129
+ENTRY_BEGIN
+MATCH opcode qtype qname
+ADJUST copy_id
+REPLY QR NOERROR
+SECTION QUESTION
+. IN NS
+SECTION ANSWER
+. IN NS K.ROOT-SERVERS.NET.
+SECTION ADDITIONAL
+K.ROOT-SERVERS.NET. IN A 193.0.14.129
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode subdomain
+ADJUST copy_id copy_query
+REPLY QR NOERROR
+SECTION QUESTION
+com. IN NS
+SECTION AUTHORITY
+com. IN NS a.gtld-servers.net.
+SECTION ADDITIONAL
+a.gtld-servers.net. IN A 192.5.6.30
+ENTRY_END
+RANGE_END
+
+; a.gtld-servers.net.
+RANGE_BEGIN 0 100
+	ADDRESS 192.5.6.30
+
+ENTRY_BEGIN
+MATCH opcode subdomain
+ADJUST copy_id copy_query
+REPLY QR NOERROR
+SECTION QUESTION
+example.com. IN NS
+SECTION AUTHORITY
+example.com. IN NS ns.example.com.
+SECTION ADDITIONAL
+ns.example.com. IN A 1.2.3.4
+ENTRY_END
+RANGE_END
+
+; ns.example.com.
+RANGE_BEGIN 50 52
+	ADDRESS 1.2.3.4
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+ADJUST copy_id
+REPLY QR AA NOERROR
+SECTION QUESTION
+example.com. IN NS
+SECTION ANSWER
+example.com. IN NS ns.example.com.
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+ADJUST copy_id
+REPLY QR AA NOERROR
+SECTION QUESTION
+ns.example.com. IN A
+SECTION ANSWER
+ns.example.com. IN A 1.2.3.4
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+ADJUST copy_id
+REPLY QR AA NOERROR
+SECTION QUESTION
+ns.example.com. IN AAAA
+SECTION ANSWER
+SECTION AUTHORITY
+example.com. IN SOA ns.example.com. host.example.com. 4 86400 3600 86400 3600
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode qtype qname ednsdata
+ADJUST copy_id
+REPLY QR AA NOERROR
+SECTION QUESTION
+www.example.com. IN A
+SECTION ANSWER
+SECTION ADDITIONAL
+	; Match this subnet option
+	HEX_EDNSDATA_BEGIN
+				; client is 127.0.0.1
+		00 08		; OPC
+		00 07		; option length
+		00 01		; Family
+		11 00		; source mask, scopemask
+		7f 00 00	; address
+	HEX_EDNSDATA_END
+	; This is the response, without the subnet option
+	HEX_ANSWER_BEGIN;
+		00 00 84 00 00 01 00 01	 ; ID 0 QR AA NOERROR
+		00 00 00 01 03 77 77 77	 ; www.example.com A (DO)
+		07 65 78 61 6d 70 6c 65
+		03 63 6f 6d 00 00 01 00
+		01 
+		C0 0C 00 01 00 01 00 00 0E 10 ; www.example.com. A IN 3600
+		00 04 0A 14 1E 2C	 ; rdata 10.20.30.44
+		00 00 29 10 00 00 00
+		80 00 00 00
+	HEX_ANSWER_END
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode qtype qname ednsdata
+ADJUST copy_id
+REPLY QR AA NOERROR
+SECTION QUESTION
+www.example.com. IN A
+SECTION ANSWER
+SECTION ADDITIONAL
+	; Match this subnet option
+	HEX_EDNSDATA_BEGIN
+				; client is 127.2.0.1
+		00 08		; OPC
+		00 07		; option length
+		00 01		; Family
+		11 00		; source mask, scopemask
+		7f 02 00	; address
+	HEX_EDNSDATA_END
+	; This is the response, without the subnet option
+	HEX_ANSWER_BEGIN;
+		00 00 84 00 00 01 00 01	 ; ID 0 QR AA NOERROR
+		00 00 00 01 03 77 77 77	 ; www.example.com A (DO)
+		07 65 78 61 6d 70 6c 65
+		03 63 6f 6d 00 00 01 00
+		01 
+		C0 0C 00 01 00 01 00 00 0E 10 ; www.example.com. A IN 3600
+		00 04 0A 14 1E 2C	 ; rdata 10.20.30.44
+		00 00 29 10 00 00 00
+		80 00 00 00
+	HEX_ANSWER_END
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode qtype qname ednsdata
+ADJUST copy_id
+REPLY QR AA NOERROR
+SECTION QUESTION
+www.example.com. IN A
+SECTION ANSWER
+SECTION ADDITIONAL
+	; Match this subnet option
+	HEX_EDNSDATA_BEGIN
+				; client is 127.3.0.1
+		00 08		; OPC
+		00 07		; option length
+		00 01		; Family
+		11 00		; source mask, scopemask
+		7f 03 00	; address
+	HEX_EDNSDATA_END
+	; This is the response, without the subnet option
+	HEX_ANSWER_BEGIN;
+		00 00 84 00 00 01 00 01	 ; ID 0 QR AA NOERROR
+		00 00 00 01 03 77 77 77	 ; www.example.com A (DO)
+		07 65 78 61 6d 70 6c 65
+		03 63 6f 6d 00 00 01 00
+		01 
+		C0 0C 00 01 00 01 00 00 0E 10 ; www.example.com. A IN 3600
+		00 04 0A 14 1E 2C	 ; rdata 10.20.30.44
+		00 00 29 10 00 00 00
+		80 00 00 00
+	HEX_ANSWER_END
+ENTRY_END
+
+; The answer for a query without subnet
+;ENTRY_BEGIN
+;MATCH opcode qtype qname
+;ADJUST copy_id
+;REPLY QR AA NOERROR
+;SECTION QUESTION
+;www.example.com. IN A
+;SECTION ANSWER
+;www.example.com. IN A 10.20.30.40
+;ENTRY_END
+RANGE_END
+
+; ns.example.com.
+RANGE_BEGIN 53 57
+	ADDRESS 1.2.3.4
+; The answer for a query without subnet
+ENTRY_BEGIN
+MATCH opcode qtype qname
+ADJUST copy_id
+REPLY QR AA NOERROR
+SECTION QUESTION
+www.example.com. IN A
+SECTION ANSWER
+www.example.com. IN A 10.20.30.40
+ENTRY_END
+RANGE_END
+
+STEP 10 QUERY
+ENTRY_BEGIN
+	HEX_ANSWER_BEGIN;
+		00 00 01 00 00 01 00 00	 ; ID 0
+		00 00 00 01 03 77 77 77	 ; www.example.com A? (DO)
+		07 65 78 61 6d 70 6c 65
+		03 63 6f 6d 00 00 01 00
+		01 00 00 29 10 00 00 00
+		80 00 00 0b
+
+		00 08 00 07		; OPC, optlen
+		00 01 11 00		; ip4, scope 17, source 0
+		7f 00 00		; 127.0.0.0/17
+	HEX_ANSWER_END
+ENTRY_END
+
+STEP 20 QUERY
+ENTRY_BEGIN
+	HEX_ANSWER_BEGIN;
+		00 00 01 00 00 01 00 00	 ; ID 0
+		00 00 00 01 03 77 77 77	 ; www.example.com A? (DO)
+		07 65 78 61 6d 70 6c 65
+		03 63 6f 6d 00 00 01 00
+		01 00 00 29 10 00 00 00
+		80 00 00 0b
+
+		00 08 00 07		; OPC, optlen
+		00 01 11 00		; ip4, scope 17, source 0
+		7f 02 00		; 127.2.0.0/17
+	HEX_ANSWER_END
+ENTRY_END
+
+STEP 30 QUERY
+ENTRY_BEGIN
+	HEX_ANSWER_BEGIN;
+		00 00 01 00 00 01 00 00	 ; ID 0
+		00 00 00 01 03 77 77 77	 ; www.example.com A? (DO)
+		07 65 78 61 6d 70 6c 65
+		03 63 6f 6d 00 00 01 00
+		01 00 00 29 10 00 00 00
+		80 00 00 0b
+
+		00 08 00 07		; OPC, optlen
+		00 01 11 00		; ip4, scope 17, source 0
+		7f 03 00		; 127.3.0.0/17
+	HEX_ANSWER_END
+ENTRY_END
+
+; recursion happens here.
+; The upstream server RANGE starts responding at STEP 50.
+STEP 50 TRAFFIC
+
+; The upstream server now responds for the nonsubnet response.
+STEP 55 TRAFFIC
+
+STEP 60 CHECK_ANSWER
+ENTRY_BEGIN
+MATCH all ednsdata
+REPLY QR RD RA DO NOERROR
+SECTION QUESTION
+www.example.com. IN A
+SECTION ANSWER
+www.example.com. IN A 10.20.30.40
+;www.example.com. IN A 10.20.30.44
+SECTION ADDITIONAL
+;	HEX_EDNSDATA_BEGIN
+;				; client is 127.3.0.1
+;		00 08		; OPC
+;		00 07		; option length
+;		00 01		; Family
+;		11 00		; source mask, scopemask
+;		7f 03 00	; address
+;	HEX_EDNSDATA_END
+ENTRY_END
+
+STEP 70 CHECK_ANSWER
+ENTRY_BEGIN
+MATCH all ednsdata
+REPLY QR RD RA DO NOERROR
+SECTION QUESTION
+www.example.com. IN A
+SECTION ANSWER
+www.example.com. IN A 10.20.30.40
+;www.example.com. IN A 10.20.30.44
+SECTION ADDITIONAL
+;	HEX_EDNSDATA_BEGIN
+;				; client is 127.2.0.1
+;		00 08		; OPC
+;		00 07		; option length
+;		00 01		; Family
+;		11 00		; source mask, scopemask
+;		7f 02 00	; address
+;	HEX_EDNSDATA_END
+ENTRY_END
+
+STEP 80 CHECK_ANSWER
+ENTRY_BEGIN
+MATCH all ednsdata
+REPLY QR RD RA DO NOERROR
+SECTION QUESTION
+www.example.com. IN A
+SECTION ANSWER
+www.example.com. IN A 10.20.30.40
+;www.example.com. IN A 10.20.30.44
+SECTION ADDITIONAL
+;	HEX_EDNSDATA_BEGIN
+;				; client is 127.0.0.1
+;		00 08		; OPC
+;		00 07		; option length
+;		00 01		; Family
+;		11 00		; source mask, scopemask
+;		7f 00 00	; address
+;	HEX_EDNSDATA_END
+ENTRY_END
+
+SCENARIO_END

testdata/subnet_noecs_refused.crpl

@@ -0,0 +1,159 @@
+# config
+server:
+	send-client-subnet: 1.2.3.4
+	max-client-subnet-ipv4: 17
+	module-config: "subnetcache iterator"
+	qname-minimisation: no
+	minimal-responses: yes
+	target-fetch-policy: "0 0 0 0 0"
+
+stub-zone:
+	name: "."
+	stub-addr: 193.0.14.129 # K.ROOT-SERVERS.NET.
+CONFIG_END
+
+SCENARIO_BEGIN Test subnet with no edns subnet support but it is refused
+; The query is sent to a server that does not reply with the edns-subnet
+; option. The upstream server sends rcode refused. That results in a
+; NULL return_msg.
+
+; K.ROOT-SERVERS.NET.
+RANGE_BEGIN 0 100
+	ADDRESS 193.0.14.129
+ENTRY_BEGIN
+MATCH opcode qtype qname
+ADJUST copy_id
+REPLY QR NOERROR
+SECTION QUESTION
+. IN NS
+SECTION ANSWER
+. IN NS K.ROOT-SERVERS.NET.
+SECTION ADDITIONAL
+K.ROOT-SERVERS.NET. IN A 193.0.14.129
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode subdomain
+ADJUST copy_id copy_query
+REPLY QR NOERROR
+SECTION QUESTION
+com. IN NS
+SECTION AUTHORITY
+com. IN NS a.gtld-servers.net.
+SECTION ADDITIONAL
+a.gtld-servers.net. IN A 192.5.6.30
+ENTRY_END
+RANGE_END
+
+; a.gtld-servers.net.
+RANGE_BEGIN 0 100
+	ADDRESS 192.5.6.30
+
+ENTRY_BEGIN
+MATCH opcode subdomain
+ADJUST copy_id copy_query
+REPLY QR NOERROR
+SECTION QUESTION
+example.com. IN NS
+SECTION AUTHORITY
+example.com. IN NS ns.example.com.
+SECTION ADDITIONAL
+ns.example.com. IN A 1.2.3.4
+ENTRY_END
+RANGE_END
+
+; ns.example.com.
+RANGE_BEGIN 0 100
+	ADDRESS 1.2.3.4
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+ADJUST copy_id
+REPLY QR AA NOERROR
+SECTION QUESTION
+example.com. IN NS
+SECTION ANSWER
+example.com. IN NS ns.example.com.
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+ADJUST copy_id
+REPLY QR AA NOERROR
+SECTION QUESTION
+ns.example.com. IN A
+SECTION ANSWER
+ns.example.com. IN A 1.2.3.4
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+ADJUST copy_id
+REPLY QR AA NOERROR
+SECTION QUESTION
+ns.example.com. IN AAAA
+SECTION ANSWER
+SECTION AUTHORITY
+example.com. IN SOA ns.example.com. host.example.com. 4 86400 3600 86400 3600
+ENTRY_END
+
+; This matches the no EDNS subnet info queries that are made for the
+; fallback without subnet. The answer is refused.
+ENTRY_BEGIN
+MATCH opcode qtype qname ednsdata
+ADJUST copy_id
+REPLY QR AA REFUSED
+SECTION QUESTION
+www.example.com. IN A
+SECTION ANSWER
+;www.example.com. IN A 10.20.30.40
+ENTRY_END
+
+; This matches the initial query with edns subnet in the query,
+; the answer has no edns subnet in the reply.
+ENTRY_BEGIN
+MATCH opcode qtype qname
+ADJUST copy_id
+REPLY QR AA NOERROR
+SECTION QUESTION
+www.example.com. IN A
+SECTION ANSWER
+www.example.com. IN A 10.20.30.40
+ENTRY_END
+RANGE_END
+
+STEP 1 QUERY
+;ENTRY_BEGIN
+;REPLY RD DO
+;SECTION QUESTION
+;www.example.com. IN A
+; but send this query with subnet scope zero in the query, because that
+; makes the reply possibly get stored in the cache.
+;
+; query with subnet 0.0.0.0/0.
+ENTRY_BEGIN
+HEX_ANSWER_BEGIN
+	00 00 01 00 00 01 00 00         ;ID 0
+	00 00 00 01 03 77 77 77         ; www.example.com A? (DO)
+	07 65 78 61 6d 70 6c 65
+	03 63 6f 6d 00 00 01 00
+	01 00 00 29 10 00 00 00
+	80 00 00 08
+
+	00 08 00 04                     ; OPC, optlen
+	00 01 00 00                     ; ip4, scope 0, source 0
+	                                ;0.0.0.0/0
+HEX_ANSWER_END
+ENTRY_END
+
+; recursion happens here.
+STEP 10 CHECK_ANSWER
+ENTRY_BEGIN
+MATCH all ednsdata
+REPLY QR RD RA DO SERVFAIL
+SECTION QUESTION
+www.example.com. IN A
+SECTION ANSWER
+;www.example.com. IN A 10.20.30.40
+ENTRY_END
+SCENARIO_END

testdata/subnet_noecs_support.crpl

@@ -0,0 +1,127 @@
+# config
+server:
+	send-client-subnet: 1.2.3.4
+	max-client-subnet-ipv4: 17
+	module-config: "subnetcache iterator"
+	qname-minimisation: no
+	minimal-responses: yes
+	target-fetch-policy: "0 0 0 0 0"
+
+stub-zone:
+	name: "."
+	stub-addr: 193.0.14.129 # K.ROOT-SERVERS.NET.
+CONFIG_END
+
+SCENARIO_BEGIN Test subnet with no edns subnet support from the server
+; The query is sent to a server that does not reply with the edns-subnet
+; option.
+
+; K.ROOT-SERVERS.NET.
+RANGE_BEGIN 0 100
+	ADDRESS 193.0.14.129
+ENTRY_BEGIN
+MATCH opcode qtype qname
+ADJUST copy_id
+REPLY QR NOERROR
+SECTION QUESTION
+. IN NS
+SECTION ANSWER
+. IN NS K.ROOT-SERVERS.NET.
+SECTION ADDITIONAL
+K.ROOT-SERVERS.NET. IN A 193.0.14.129
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode subdomain
+ADJUST copy_id copy_query
+REPLY QR NOERROR
+SECTION QUESTION
+com. IN NS
+SECTION AUTHORITY
+com. IN NS a.gtld-servers.net.
+SECTION ADDITIONAL
+a.gtld-servers.net. IN A 192.5.6.30
+ENTRY_END
+RANGE_END
+
+; a.gtld-servers.net.
+RANGE_BEGIN 0 100
+	ADDRESS 192.5.6.30
+
+ENTRY_BEGIN
+MATCH opcode subdomain
+ADJUST copy_id copy_query
+REPLY QR NOERROR
+SECTION QUESTION
+example.com. IN NS
+SECTION AUTHORITY
+example.com. IN NS ns.example.com.
+SECTION ADDITIONAL
+ns.example.com. IN A 1.2.3.4
+ENTRY_END
+RANGE_END
+
+; ns.example.com.
+RANGE_BEGIN 0 100
+	ADDRESS 1.2.3.4
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+ADJUST copy_id
+REPLY QR AA NOERROR
+SECTION QUESTION
+example.com. IN NS
+SECTION ANSWER
+example.com. IN NS ns.example.com.
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+ADJUST copy_id
+REPLY QR AA NOERROR
+SECTION QUESTION
+ns.example.com. IN A
+SECTION ANSWER
+ns.example.com. IN A 1.2.3.4
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+ADJUST copy_id
+REPLY QR AA NOERROR
+SECTION QUESTION
+ns.example.com. IN AAAA
+SECTION ANSWER
+SECTION AUTHORITY
+example.com. IN SOA ns.example.com. host.example.com. 4 86400 3600 86400 3600
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+ADJUST copy_id
+REPLY QR AA NOERROR
+SECTION QUESTION
+www.example.com. IN A
+SECTION ANSWER
+www.example.com. IN A 10.20.30.40
+ENTRY_END
+RANGE_END
+
+STEP 1 QUERY
+ENTRY_BEGIN
+REPLY RD DO
+SECTION QUESTION
+www.example.com. IN A
+ENTRY_END
+
+; recursion happens here.
+STEP 10 CHECK_ANSWER
+ENTRY_BEGIN
+MATCH all ednsdata
+REPLY QR RD RA DO NOERROR
+SECTION QUESTION
+www.example.com. IN A
+SECTION ANSWER
+www.example.com. IN A 10.20.30.40
+ENTRY_END
+SCENARIO_END