From f8f3e5b901eb0d622795fad0b88be43946b9b952 Mon Sep 17 00:00:00 2001
From: Tim Kimber <tkimber@mobius.org.uk>
Date: Tue, 29 Dec 2020 21:36:44 +0000
Subject: [PATCH] Updated tests to reproduce bug in #617

---
 .../u5-test-get_auth_dns-no-root-servers.bats | 15 ++-
 .../u6-test-get_auth_dns-no-root-servers.bats | 99 -------------------
 2 files changed, 11 insertions(+), 103 deletions(-)
 delete mode 100644 test/u6-test-get_auth_dns-no-root-servers.bats

diff --git a/test/u5-test-get_auth_dns-no-root-servers.bats b/test/u5-test-get_auth_dns-no-root-servers.bats
index 40d79a4..b88fd41 100644
--- a/test/u5-test-get_auth_dns-no-root-servers.bats
+++ b/test/u5-test-get_auth_dns-no-root-servers.bats
@@ -7,6 +7,12 @@ load '/getssl/test/test_helper.bash'
 
 # This is run for every test
 setup() {
+    cp /etc/resolv.conf /etc/resolv.conf.getssl
+    cat <<- EOF > /etc/resolv.conf
+nameserver 8.8.8.8
+options ndots:0
+EOF
+
     for app in drill host nslookup
     do
         if [ -f /usr/bin/${app} ]; then
@@ -22,6 +28,7 @@ setup() {
 
 
 teardown() {
+    cat /etc/resolv.conf.getssl > /etc/resolv.conf
     for app in drill host nslookup
     do
         if [ -f /usr/bin/${app}.getssl.bak ]; then
@@ -44,7 +51,7 @@ teardown() {
     _TEST_SKIP_CNAME_CALL=1
     _TEST_SKIP_SOA_CALL=1
 
-    PUBLIC_DNS_SERVER=8.8.8.8
+    PUBLIC_DNS_SERVER=
     CHECK_PUBLIC_DNS_SERVER=false
     CHECK_ALL_AUTH_DNS=true
 
@@ -56,7 +63,7 @@ teardown() {
     assert_line --partial 'Using dig NS'
 
     # Check we didn't include any root servers
-    refute_line --partial 'IN\WNS\W\.root-servers\.net\.'
+    refute_line --partial 'root-servers.net'
 }
 
 
@@ -73,7 +80,7 @@ teardown() {
     _TEST_SKIP_CNAME_CALL=1
     _TEST_SKIP_SOA_CALL=0
 
-    PUBLIC_DNS_SERVER=8.8.8.8
+    PUBLIC_DNS_SERVER=
     CHECK_PUBLIC_DNS_SERVER=false
     CHECK_ALL_AUTH_DNS=true
 
@@ -85,5 +92,5 @@ teardown() {
     assert_line --partial 'Using dig SOA'
 
     # Check we didn't include any root servers
-    refute_line --partial 'IN\WNS\W\.root-servers\.net\.'
+    refute_line --partial 'root-servers.net'
 }
diff --git a/test/u6-test-get_auth_dns-no-root-servers.bats b/test/u6-test-get_auth_dns-no-root-servers.bats
deleted file mode 100644
index 84012c3..0000000
--- a/test/u6-test-get_auth_dns-no-root-servers.bats
+++ /dev/null
@@ -1,99 +0,0 @@
-#! /usr/bin/env bats
-
-load '/bats-support/load.bash'
-load '/bats-assert/load.bash'
-load '/getssl/test/test_helper.bash'
-
-
-# This is run for every test
-setup() {
-    for app in dig host nslookup
-    do
-        if [ -f /usr/bin/${app} ]; then
-            mv /usr/bin/${app} /usr/bin/${app}.getssl.bak
-        fi
-    done
-
-    . /getssl/getssl --source
-    find_dns_utils
-    _RUNNING_TEST=1
-    _USE_DEBUG=0
-}
-
-
-teardown() {
-    for app in dig host nslookup
-    do
-        if [ -f /usr/bin/${app}.getssl.bak ]; then
-            mv /usr/bin/${app}.getssl.bak /usr/bin/${app}
-        fi
-    done
-}
-
-
-@test "Check get_auth_dns doesn't include root servers (drill NS)" {
-    if [ ! -f /usr/bin/drill ]; then
-        # Can't find drill package for centos8
-        skip "Drill not installed on this system"
-    fi
-
-    # Test that get_auth_dns() handles scenario where NS query returns root servers
-    # Issue #617
-    #
-    # Log output was:
-    #   Verifying example.com
-    #   checking DNS at h.root-servers.net for example.com. Attempt 1/100 gave wrong result, waiting 10 secs before checking again
-    #   ... (retried until max attempts then failed)
-
-    # Disable CNAME check, ensure SOA check is enabled
-    _TEST_SKIP_CNAME_CALL=1
-    _TEST_SKIP_SOA_CALL=1
-
-    PUBLIC_DNS_SERVER=8.8.8.8
-    CHECK_PUBLIC_DNS_SERVER=false
-    CHECK_ALL_AUTH_DNS=true
-
-    run get_auth_dns example.com
-
-    # Assert that we've found the primary_ns server
-    assert_output --regexp 'set primary_ns = '
-    # Assert that we had to use drill NS
-    assert_line --partial 'Using drill NS'
-
-    # Check we didn't include any root servers
-    refute_line --partial 'IN\WNS\W\.root-servers\.net\.'
-}
-
-
-@test "Check get_auth_dns doesn't include root servers (drill SOA)" {
-    if [ ! -f /usr/bin/drill ]; then
-        # Can't find drill package for centos8
-        skip "Drill not installed on this system"
-    fi
-
-    # Test that get_auth_dns() handles scenario where NS query returns root servers
-    # Issue #617
-    #
-    # Log output was:
-    #   Verifying example.com
-    #   checking DNS at h.root-servers.net for example.com. Attempt 1/100 gave wrong result, waiting 10 secs before checking again
-    #   ... (retried until max attempts then failed)
-
-    # Disable SOA and CNAME check
-    _TEST_SKIP_CNAME_CALL=1
-    _TEST_SKIP_SOA_CALL=0
-
-    PUBLIC_DNS_SERVER=8.8.8.8
-    CHECK_PUBLIC_DNS_SERVER=false
-    CHECK_ALL_AUTH_DNS=true
-
-    run get_auth_dns example.com
-
-    # Assert that we've found the primary_ns server
-    assert_output --regexp 'set primary_ns = '
-    # Assert that we had to use drill SOA
-    assert_line --partial 'Using drill SOA'
-
-    # Check we didn't include any root servers
-    refute_line --partial 'IN\WNS\W\.root-servers\.net\.'
-}