diff --git a/bin/tests/system/ifconfig.sh.in b/bin/tests/system/ifconfig.sh.in index 0e054149f7..ef50291672 100755 --- a/bin/tests/system/ifconfig.sh.in +++ b/bin/tests/system/ifconfig.sh.in @@ -21,6 +21,7 @@ # fd92:7065:b8e:99ff::{1..2} # fd92:7065:b8e:ff::{1..2} # fd92:7065:b8e:fffe::10.53.0.4 +# 2002:0a35:0007::1 6to4 for 10.53.0.7 # # We also set the MTU on the 1500 bytes to match the default MTU on physical # interfaces, so we can properly test the cases with packets bigger than @@ -241,7 +242,7 @@ sequence() ( max=11 case $1 in start | up | stop | down) - for i in $(sequence 0 3); do + for i in $(sequence 0 4); do case $i in 0) ipv6="ff" ;; 1) ipv6="99" ;; @@ -261,6 +262,11 @@ case $1 in a= aaaa=fd92:7065:b8e:fffe::10.53.0.$ns ;; + 4) + [ $ns -ne 1 ] && continue + a= + aaaa=2002:0a35:0007::$ns + ;; esac case "$1" in start | up) up ;; diff --git a/bin/tests/system/nsupdate/ns10/named.conf.in b/bin/tests/system/nsupdate/ns10/named.conf.in index a186d14114..51a0b4f587 100644 --- a/bin/tests/system/nsupdate/ns10/named.conf.in +++ b/bin/tests/system/nsupdate/ns10/named.conf.in @@ -21,6 +21,7 @@ options { session-keyfile "session.key"; listen-on { 10.53.0.10; }; listen-on tls ephemeral { 10.53.0.10; }; + listen-on-v6 { none; }; recursion no; notify yes; minimal-responses no; diff --git a/bin/tests/system/nsupdate/ns5/named.conf.in b/bin/tests/system/nsupdate/ns5/named.conf.in index e3c4d1b33d..223abd925e 100644 --- a/bin/tests/system/nsupdate/ns5/named.conf.in +++ b/bin/tests/system/nsupdate/ns5/named.conf.in @@ -19,6 +19,7 @@ options { pid-file "named.pid"; session-keyfile "session.key"; listen-on { 10.53.0.5; }; + listen-on-v6 { none; }; recursion no; notify yes; minimal-responses no; diff --git a/bin/tests/system/nsupdate/ns6/named.conf.in b/bin/tests/system/nsupdate/ns6/named.conf.in index 5ed1623546..e2950aa3b7 100644 --- a/bin/tests/system/nsupdate/ns6/named.conf.in +++ b/bin/tests/system/nsupdate/ns6/named.conf.in @@ -15,10 +15,14 @@ options { query-source address 10.53.0.6; notify-source 10.53.0.6; transfer-source 10.53.0.6; + query-source-v6 address fd92:7065:b8e:ffff::6; + notify-source-v6 fd92:7065:b8e:ffff::6; + transfer-source-v6 fd92:7065:b8e:ffff::6; port @PORT@; pid-file "named.pid"; session-keyfile "session.key"; listen-on { 10.53.0.6; }; + listen-on-v6 { fd92:7065:b8e:ffff::6; }; recursion no; notify yes; minimal-responses no; diff --git a/bin/tests/system/nsupdate/ns7/named1.conf.in b/bin/tests/system/nsupdate/ns7/named1.conf.in index 28d2aeafd5..0fcdcab7b2 100644 --- a/bin/tests/system/nsupdate/ns7/named1.conf.in +++ b/bin/tests/system/nsupdate/ns7/named1.conf.in @@ -19,6 +19,7 @@ options { pid-file "named.pid"; session-keyfile "session.key"; listen-on { 10.53.0.7; }; + listen-on-v6 { none; }; recursion no; notify yes; minimal-responses no; diff --git a/bin/tests/system/nsupdate/ns7/named2.conf.in b/bin/tests/system/nsupdate/ns7/named2.conf.in index e5886e9acd..8ef779b81c 100644 --- a/bin/tests/system/nsupdate/ns7/named2.conf.in +++ b/bin/tests/system/nsupdate/ns7/named2.conf.in @@ -19,6 +19,7 @@ options { pid-file "named.pid"; session-keyfile "session.key"; listen-on { 10.53.0.7; }; + listen-on-v6 { none; }; recursion no; notify yes; minimal-responses no; diff --git a/bin/tests/system/nsupdate/ns8/named.conf.in b/bin/tests/system/nsupdate/ns8/named.conf.in index f69d3adaca..3d9913fc1f 100644 --- a/bin/tests/system/nsupdate/ns8/named.conf.in +++ b/bin/tests/system/nsupdate/ns8/named.conf.in @@ -19,6 +19,7 @@ options { pid-file "named.pid"; session-keyfile "session.key"; listen-on { 10.53.0.8; }; + listen-on-v6 { none; }; recursion no; notify yes; minimal-responses no; diff --git a/bin/tests/system/nsupdate/ns9/named.conf.in b/bin/tests/system/nsupdate/ns9/named.conf.in index 2cdc6afa74..07e38d2d41 100644 --- a/bin/tests/system/nsupdate/ns9/named.conf.in +++ b/bin/tests/system/nsupdate/ns9/named.conf.in @@ -19,6 +19,7 @@ options { pid-file "named.pid"; session-keyfile "session.key"; listen-on { 10.53.0.9; }; + listen-on-v6 { none; }; recursion no; notify yes; minimal-responses no; diff --git a/bin/tests/system/nsupdate/tests.sh b/bin/tests/system/nsupdate/tests.sh index 6a1fb1b3cf..f3f9723667 100755 --- a/bin/tests/system/nsupdate/tests.sh +++ b/bin/tests/system/nsupdate/tests.sh @@ -801,6 +801,48 @@ if test $ret -ne 0; then status=1 fi +n=$((n + 1)) +ret=0 +echo_i "check that 'update-policy 6to4-self' refuses update of records via UDP over IPv6 ($n)" +REVERSE_NAME=7.0.0.0.5.3.a.0.2.0.0.2.ip6.arpa +$NSUPDATE >nsupdate.out.$n 2>&1 </dev/null 2>&1 || ret=1 +$DIG $DIGOPTS @fd92:7065:b8e:ffff::6 \ + +tcp +noadd +nosea +nostat +noquest +nocomm +nocmd \ + $REVERSE_NAME NS >dig.out.ns6.$n +grep localhost. dig.out.ns6.$n >/dev/null 2>&1 && ret=1 +if test $ret -ne 0; then + echo_i "failed" + status=1 +fi + +n=$((n + 1)) +echo_i "check that 'update-policy 6to4-self' permits update of records for the client's own address via TCP over IPv6 ($n)" +ret=0 +REVERSE_NAME=7.0.0.0.5.3.a.0.2.0.0.2.ip6.arpa +$NSUPDATE -v >nsupdate.out.$n 2>&1 </dev/null 2>&1 && ret=1 +$DIG $DIGOPTS @fd92:7065:b8e:ffff::6 \ + +tcp +noadd +nosea +nostat +noquest +nocomm +nocmd \ + $REVERSE_NAME NS >dig.out.ns6.$n || ret=1 +grep localhost. dig.out.ns6.$n >/dev/null 2>&1 || ret=1 +if test $ret -ne 0; then + echo_i "failed" + status=1 +fi + n=$((n + 1)) ret=0 echo_i "check that 'update-policy subdomain' is properly enforced ($n)" diff --git a/bin/tests/system/org.isc.bind.system b/bin/tests/system/org.isc.bind.system index df5c90b056..48a5756eaa 100644 --- a/bin/tests/system/org.isc.bind.system +++ b/bin/tests/system/org.isc.bind.system @@ -28,3 +28,4 @@ do ifup 2 00 $ns done /sbin/ifconfig lo0 inet6 fd92:7065:b8e:fffe::10.53.0.4 alias +/sbin/ifconfig lo0 inet6 2002:a35:7::1 alias