diff --git a/bin/tests/system/digdelv/clean.sh b/bin/tests/system/digdelv/clean.sh index 04c65ad46b..d8c360f620 100644 --- a/bin/tests/system/digdelv/clean.sh +++ b/bin/tests/system/digdelv/clean.sh @@ -9,14 +9,17 @@ # See the COPYRIGHT file distributed with this work for additional # information regarding copyright ownership. -rm -f */named.memstats -rm -f */named.run -rm -f */named.conf -rm -f delv.out.test* -rm -f dig.out.*test* -rm -f dig.out.mm.* -rm -f dig.out.mn.* -rm -f dig.out.nm.* -rm -f dig.out.nn.* -rm -f ns*/named.lock -rm -f ns*/managed-keys.bind* +set -e + +rm -f ./*/named.memstats +rm -f ./*/named.run +rm -f ./*/named.conf +rm -f ./delv.out.test* +rm -f ./dig.out.*test* +rm -f ./dig.out.mm.* +rm -f ./dig.out.mn.* +rm -f ./dig.out.nm.* +rm -f ./dig.out.nn.* +rm -f ./ns*/named.lock +rm -f ./ns*/managed-keys.bind* +rm -f ./ns2/example.db ./ns2/K* ./ns2/keyid ./ns2/keydata diff --git a/bin/tests/system/digdelv/ns2/example.db b/bin/tests/system/digdelv/ns2/example.db.in similarity index 70% rename from bin/tests/system/digdelv/ns2/example.db rename to bin/tests/system/digdelv/ns2/example.db.in index f4e30f51e5..3d4e460ea9 100644 --- a/bin/tests/system/digdelv/ns2/example.db +++ b/bin/tests/system/digdelv/ns2/example.db.in @@ -35,16 +35,6 @@ foo TXT "testing" foo A 10.0.1.0 foo SSHFP 2 1 123456789abcdef67890123456789abcdef67890 -;; -;; we are not testing DNSSEC behavior, so we don't care about the semantics -;; of the following records. -dnskey 300 DNSKEY 256 3 1 ( - AQPTpWyReB/e9Ii6mVGnakS8hX2zkh/iUYAg - +Ge4noWROpTWOIBvm76zeJPWs4Zfqa1IsswD - Ix5Mqeg0zwclz59uecKsKyx5w9IhtZ8plc4R - b9VIE5x7KNHAYTvTO5d4S8M= - ) - ; TTL of 3 weeks weeks 1814400 A 10.53.0.2 ; TTL of 3 days diff --git a/bin/tests/system/digdelv/ns2/sign.sh b/bin/tests/system/digdelv/ns2/sign.sh new file mode 100644 index 0000000000..e54f5019bc --- /dev/null +++ b/bin/tests/system/digdelv/ns2/sign.sh @@ -0,0 +1,24 @@ +#!/bin/sh -e +# +# Copyright (C) Internet Systems Consortium, Inc. ("ISC") +# +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. +# +# See the COPYRIGHT file distributed with this work for additional +# information regarding copyright ownership. + +# shellcheck source=conf.sh +. "$SYSTEMTESTTOP/conf.sh" + +set -e + +keyname=$("$KEYGEN" -q -a "$DEFAULT_ALGORITHM" -b "$DEFAULT_BITS" -n zone "dnskey.example.") + +cp example.db.in example.db + +cat "$keyname.key" >> example.db + +echo "$keyname" | sed -e 's/.*[+]//' -e 's/^0*//' > keyid +< "$keyname.key" grep -Ev '^;' | cut -f 7- -d ' ' > keydata diff --git a/bin/tests/system/digdelv/prereq.sh b/bin/tests/system/digdelv/prereq.sh index de147a4c2a..3db8235fde 100644 --- a/bin/tests/system/digdelv/prereq.sh +++ b/bin/tests/system/digdelv/prereq.sh @@ -9,8 +9,10 @@ # See the COPYRIGHT file distributed with this work for additional # information regarding copyright ownership. -SYSTEMTESTTOP=.. -. $SYSTEMTESTTOP/conf.sh +# shellcheck source=conf.sh +. "$SYSTEMTESTTOP/conf.sh" + +set -e if $PERL -e 'use Net::DNS;' 2>/dev/null then diff --git a/bin/tests/system/digdelv/setup.sh b/bin/tests/system/digdelv/setup.sh index c9f645b29e..413b8c6a1f 100644 --- a/bin/tests/system/digdelv/setup.sh +++ b/bin/tests/system/digdelv/setup.sh @@ -9,10 +9,14 @@ # See the COPYRIGHT file distributed with this work for additional # information regarding copyright ownership. -SYSTEMTESTTOP=.. -. $SYSTEMTESTTOP/conf.sh +# shellcheck source=conf.sh +. "$SYSTEMTESTTOP/conf.sh" + +set -e $SHELL clean.sh copy_setports ns1/named.conf.in ns1/named.conf copy_setports ns2/named.conf.in ns2/named.conf copy_setports ns3/named.conf.in ns3/named.conf + +cd ns2 && $SHELL sign.sh diff --git a/bin/tests/system/digdelv/tests.sh b/bin/tests/system/digdelv/tests.sh index f917f5490a..11408b4d7b 100644 --- a/bin/tests/system/digdelv/tests.sh +++ b/bin/tests/system/digdelv/tests.sh @@ -1,3 +1,5 @@ +#!/bin/sh +# # Copyright (C) Internet Systems Consortium, Inc. ("ISC") # # This Source Code Form is subject to the terms of the Mozilla Public @@ -7,315 +9,335 @@ # See the COPYRIGHT file distributed with this work for additional # information regarding copyright ownership. -SYSTEMTESTTOP=.. -. $SYSTEMTESTTOP/conf.sh +# shellcheck source=conf.sh +. "$SYSTEMTESTTOP/conf.sh" + +set -e status=0 n=0 -DIGOPTS="-p ${PORT}" -SENDCMD="$PERL $SYSTEMTESTTOP/send.pl 10.53.0.4 ${EXTRAPORT1}" -if [ -x ${DIG} ] ; then - n=`expr $n + 1` +sendcmd() { + "$PERL" "$SYSTEMTESTTOP/send.pl" 10.53.0.4 "$EXTRAPORT1" +} + +dig_with_opts() { + "$DIG" -p "$PORT" "$@" +} + +mdig_with_opts() { + "$MDIG" -p "$PORT" "$@" +} + +# using delv insecure mode as not testing dnssec here +delv_with_opts() { + "$DELV" -i -p "$PORT" "$@" +} + +KEYID="$(cat ns2/keyid)" +KEYDATA="$(< ns2/keydata sed -e 's/\+/[+]/g')" +NOSPLIT="$(< ns2/keydata sed -e 's/\+/[+]/g' -e 's/ //g')" + +if [ -x "$DIG" ] ; then + n=$((n+1)) echo_i "checking dig short form works ($n)" ret=0 - $DIG $DIGOPTS @10.53.0.3 +short a a.example > dig.out.test$n || ret=1 - if test `wc -l < dig.out.test$n` != 1 ; then ret=1 ; fi - if [ $ret != 0 ]; then echo_i "failed"; fi - status=`expr $status + $ret` + dig_with_opts @10.53.0.3 +short a a.example > dig.out.test$n || ret=1 + test "$(wc -l < dig.out.test$n)" -eq 1 || ret=1 + if [ $ret -ne 0 ]; then echo_i "failed"; fi + status=$((status+ret)) - n=`expr $n + 1` + n=$((n+1)) echo_i "checking dig split width works ($n)" ret=0 - $DIG $DIGOPTS @10.53.0.3 +split=4 -t sshfp foo.example > dig.out.test$n || ret=1 + dig_with_opts @10.53.0.3 +split=4 -t sshfp foo.example > dig.out.test$n || ret=1 grep " 9ABC DEF6 7890 " < dig.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo_i "failed"; fi - status=`expr $status + $ret` + if [ $ret -ne 0 ]; then echo_i "failed"; fi + status=$((status+ret)) - n=`expr $n + 1` + n=$((n+1)) echo_i "checking dig +unknownformat works ($n)" ret=0 - $DIG $DIGOPTS @10.53.0.3 +unknownformat a a.example > dig.out.test$n || ret=1 + dig_with_opts @10.53.0.3 +unknownformat a a.example > dig.out.test$n || ret=1 grep "CLASS1[ ][ ]*TYPE1[ ][ ]*\\\\# 4 0A000001" < dig.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo_i "failed"; fi - status=`expr $status + $ret` + if [ $ret -ne 0 ]; then echo_i "failed"; fi + status=$((status+ret)) - n=`expr $n + 1` + n=$((n+1)) echo_i "checking dig with reverse lookup works ($n)" ret=0 - $DIG $DIGOPTS @10.53.0.3 -x 127.0.0.1 > dig.out.test$n 2>&1 || ret=1 + dig_with_opts @10.53.0.3 -x 127.0.0.1 > dig.out.test$n 2>&1 || ret=1 # doesn't matter if has answer - grep -i "127\.in-addr\.arpa\." < dig.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo_i "failed"; fi - status=`expr $status + $ret` + grep -i "127\\.in-addr\\.arpa\\." < dig.out.test$n > /dev/null || ret=1 + if [ $ret -ne 0 ]; then echo_i "failed"; fi + status=$((status+ret)) - n=`expr $n + 1` + n=$((n+1)) echo_i "checking dig over TCP works ($n)" ret=0 - $DIG $DIGOPTS +tcp @10.53.0.3 a a.example > dig.out.test$n || ret=1 - grep "10\.0\.0\.1$" < dig.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo_i "failed"; fi - status=`expr $status + $ret` + dig_with_opts +tcp @10.53.0.3 a a.example > dig.out.test$n || ret=1 + grep "10\\.0\\.0\\.1$" < dig.out.test$n > /dev/null || ret=1 + if [ $ret -ne 0 ]; then echo_i "failed"; fi + status=$((status+ret)) - n=`expr $n + 1` + n=$((n+1)) echo_i "checking dig +multi +norrcomments works for dnskey (when default is rrcomments)($n)" ret=0 - $DIG $DIGOPTS +tcp @10.53.0.3 +multi +norrcomments DNSKEY dnskey.example > dig.out.test$n || ret=1 - grep "; ZSK; alg = RSAMD5 ; key id = 30795" < dig.out.test$n > /dev/null && ret=1 - if [ $ret != 0 ]; then echo_i "failed"; fi - status=`expr $status + $ret` + dig_with_opts +tcp @10.53.0.3 +multi +norrcomments DNSKEY dnskey.example > dig.out.test$n || ret=1 + grep "; ZSK; alg = $DEFAULT_ALGORITHM ; key id = $KEYID" < dig.out.test$n > /dev/null && ret=1 + if [ $ret -ne 0 ]; then echo_i "failed"; fi + status=$((status+ret)) - n=`expr $n + 1` + n=$((n+1)) echo_i "checking dig +multi +norrcomments works for soa (when default is rrcomments)($n)" ret=0 - $DIG $DIGOPTS +tcp @10.53.0.3 +multi +norrcomments SOA example > dig.out.test$n || ret=1 - grep "; ZSK; alg = RSAMD5 ; key id = 30795" < dig.out.test$n > /dev/null && ret=1 - if [ $ret != 0 ]; then echo_i "failed"; fi - status=`expr $status + $ret` + dig_with_opts +tcp @10.53.0.3 +multi +norrcomments SOA example > dig.out.test$n || ret=1 + grep "; ZSK; alg = $DEFAULT_ALGORITHM ; key id = $KEYID" < dig.out.test$n > /dev/null && ret=1 + if [ $ret -ne 0 ]; then echo_i "failed"; fi + status=$((status+ret)) - n=`expr $n + 1` + n=$((n+1)) echo_i "checking dig +rrcomments works for DNSKEY($n)" ret=0 - $DIG $DIGOPTS +tcp @10.53.0.3 +rrcomments DNSKEY dnskey.example > dig.out.test$n || ret=1 - grep "; ZSK; alg = RSAMD5 ; key id = 30795" < dig.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo_i "failed"; fi - status=`expr $status + $ret` + dig_with_opts +tcp @10.53.0.3 +rrcomments DNSKEY dnskey.example > dig.out.test$n || ret=1 + grep "; ZSK; alg = $DEFAULT_ALGORITHM ; key id = $KEYID" < dig.out.test$n > /dev/null || ret=1 + if [ $ret -ne 0 ]; then echo_i "failed"; fi + status=$((status+ret)) - n=`expr $n + 1` + n=$((n+1)) echo_i "checking dig +short +rrcomments works for DNSKEY ($n)" ret=0 - $DIG $DIGOPTS +tcp @10.53.0.3 +short +rrcomments DNSKEY dnskey.example > dig.out.test$n || ret=1 - grep "; ZSK; alg = RSAMD5 ; key id = 30795" < dig.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo_i "failed"; fi - status=`expr $status + $ret` + dig_with_opts +tcp @10.53.0.3 +short +rrcomments DNSKEY dnskey.example > dig.out.test$n || ret=1 + grep "; ZSK; alg = $DEFAULT_ALGORITHM ; key id = $KEYID" < dig.out.test$n > /dev/null || ret=1 + if [ $ret -ne 0 ]; then echo_i "failed"; fi + status=$((status+ret)) - n=`expr $n + 1` + n=$((n+1)) echo_i "checking dig +short +nosplit works($n)" ret=0 - $DIG $DIGOPTS +tcp @10.53.0.3 +short +nosplit DNSKEY dnskey.example > dig.out.test$n || ret=1 - grep "Z8plc4Rb9VIE5x7KNHAYTvTO5d4S8M=$" < dig.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo_i "failed"; fi - status=`expr $status + $ret` + dig_with_opts +tcp @10.53.0.3 +short +nosplit DNSKEY dnskey.example > dig.out.test$n || ret=1 + grep "$NOSPLIT" < dig.out.test$n > /dev/null || ret=1 + if [ $ret -ne 0 ]; then echo_i "failed"; fi + status=$((status+ret)) - n=`expr $n + 1` + n=$((n+1)) echo_i "checking dig +short +rrcomments works($n)" ret=0 - $DIG $DIGOPTS +tcp @10.53.0.3 +short +rrcomments DNSKEY dnskey.example > dig.out.test$n || ret=1 - grep "S8M= ; ZSK; alg = RSAMD5 ; key id = 30795$" < dig.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo_i "failed"; fi - status=`expr $status + $ret` + dig_with_opts +tcp @10.53.0.3 +short +rrcomments DNSKEY dnskey.example > dig.out.test$n || ret=1 + grep -q "$KEYDATA ; ZSK; alg = $DEFAULT_ALGORITHM ; key id = $KEYID\$" < dig.out.test$n || ret=1 + if [ $ret -ne 0 ]; then echo_i "failed"; fi + status=$((status+ret)) - n=`expr $n + 1` + n=$((n+1)) echo_i "checking dig multi flag is local($n)" ret=0 - $DIG $DIGOPTS +tcp @10.53.0.3 -t DNSKEY dnskey.example +nomulti dnskey.example +nomulti > dig.out.nn.$n || ret=1 - $DIG $DIGOPTS +tcp @10.53.0.3 -t DNSKEY dnskey.example +multi dnskey.example +nomulti > dig.out.mn.$n || ret=1 - $DIG $DIGOPTS +tcp @10.53.0.3 -t DNSKEY dnskey.example +nomulti dnskey.example +multi > dig.out.nm.$n || ret=1 - $DIG $DIGOPTS +tcp @10.53.0.3 -t DNSKEY dnskey.example +multi dnskey.example +multi > dig.out.mm.$n || ret=1 - lcnn=`wc -l < dig.out.nn.$n` - lcmn=`wc -l < dig.out.mn.$n` - lcnm=`wc -l < dig.out.nm.$n` - lcmm=`wc -l < dig.out.mm.$n` - test $lcmm -ge $lcnm || ret=1 - test $lcmm -ge $lcmn || ret=1 - test $lcnm -ge $lcnn || ret=1 - test $lcmn -ge $lcnn || ret=1 - if [ $ret != 0 ]; then echo_i "failed"; fi - status=`expr $status + $ret` + dig_with_opts +tcp @10.53.0.3 -t DNSKEY dnskey.example +nomulti dnskey.example +nomulti > dig.out.nn.$n || ret=1 + dig_with_opts +tcp @10.53.0.3 -t DNSKEY dnskey.example +multi dnskey.example +nomulti > dig.out.mn.$n || ret=1 + dig_with_opts +tcp @10.53.0.3 -t DNSKEY dnskey.example +nomulti dnskey.example +multi > dig.out.nm.$n || ret=1 + dig_with_opts +tcp @10.53.0.3 -t DNSKEY dnskey.example +multi dnskey.example +multi > dig.out.mm.$n || ret=1 + lcnn=$(wc -l < dig.out.nn.$n) + lcmn=$(wc -l < dig.out.mn.$n) + lcnm=$(wc -l < dig.out.nm.$n) + lcmm=$(wc -l < dig.out.mm.$n) + test "$lcmm" -ge "$lcnm" || ret=1 + test "$lcmm" -ge "$lcmn" || ret=1 + test "$lcnm" -ge "$lcnn" || ret=1 + test "$lcmn" -ge "$lcnn" || ret=1 + if [ $ret -ne 0 ]; then echo_i "failed"; fi + status=$((status+ret)) - n=`expr $n + 1` + n=$((n+1)) echo_i "checking dig +noheader-only works ($n)" ret=0 - $DIG $DIGOPTS +tcp @10.53.0.3 +noheader-only A example > dig.out.test$n || ret=1 + dig_with_opts +tcp @10.53.0.3 +noheader-only A example > dig.out.test$n || ret=1 grep "Got answer:" < dig.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo_i "failed"; fi - status=`expr $status + $ret` + if [ $ret -ne 0 ]; then echo_i "failed"; fi + status=$((status+ret)) - n=`expr $n + 1` + n=$((n+1)) echo_i "checking dig +short +rrcomments works($n)" ret=0 - $DIG $DIGOPTS +tcp @10.53.0.3 +short +rrcomments DNSKEY dnskey.example > dig.out.test$n || ret=1 - grep "S8M= ; ZSK; alg = RSAMD5 ; key id = 30795$" < dig.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo_i "failed"; fi - status=`expr $status + $ret` + dig_with_opts +tcp @10.53.0.3 +short +rrcomments DNSKEY dnskey.example > dig.out.test$n || ret=1 + grep -q "$KEYDATA ; ZSK; alg = $DEFAULT_ALGORITHM ; key id = $KEYID\$" < dig.out.test$n || ret=1 + if [ $ret -ne 0 ]; then echo_i "failed"; fi + status=$((status+ret)) - n=`expr $n + 1` + n=$((n+1)) echo_i "checking dig +header-only works ($n)" ret=0 - $DIG $DIGOPTS +tcp @10.53.0.3 +header-only example > dig.out.test$n || ret=1 + dig_with_opts +tcp @10.53.0.3 +header-only example > dig.out.test$n || ret=1 grep "^;; flags: qr rd; QUERY: 0, ANSWER: 0," < dig.out.test$n > /dev/null || ret=1 grep "^;; QUESTION SECTION:" < dig.out.test$n > /dev/null && ret=1 - if [ $ret != 0 ]; then echo_i "failed"; fi - status=`expr $status + $ret` + if [ $ret -ne 0 ]; then echo_i "failed"; fi + status=$((status+ret)) - n=`expr $n + 1` + n=$((n+1)) echo_i "checking dig +raflag works ($n)" ret=0 - $DIG $DIGOPTS +tcp @10.53.0.3 +raflag +qr example > dig.out.test$n || ret=1 + dig_with_opts +tcp @10.53.0.3 +raflag +qr example > dig.out.test$n || ret=1 grep "^;; flags: rd ra ad; QUERY: 1, ANSWER: 0," < dig.out.test$n > /dev/null || ret=1 grep "^;; flags: qr rd ra; QUERY: 1, ANSWER: 0," < dig.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo_i "failed"; fi - status=`expr $status + $ret` + if [ $ret -ne 0 ]; then echo_i "failed"; fi + status=$((status+ret)) - n=`expr $n + 1` + n=$((n+1)) echo_i "checking dig +tcflag works ($n)" ret=0 - $DIG $DIGOPTS +tcp @10.53.0.3 +tcflag +qr example > dig.out.test$n || ret=1 + dig_with_opts +tcp @10.53.0.3 +tcflag +qr example > dig.out.test$n || ret=1 grep "^;; flags: tc rd ad; QUERY: 1, ANSWER: 0" < dig.out.test$n > /dev/null || ret=1 grep "^;; flags: qr rd ra; QUERY: 1, ANSWER: 0," < dig.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo_i "failed"; fi - status=`expr $status + $ret` + if [ $ret -ne 0 ]; then echo_i "failed"; fi + status=$((status+ret)) - n=`expr $n + 1` + n=$((n+1)) echo_i "checking dig +header-only works (with class and type set) ($n)" ret=0 - $DIG $DIGOPTS +tcp @10.53.0.3 +header-only -c IN -t A example > dig.out.test$n || ret=1 + dig_with_opts +tcp @10.53.0.3 +header-only -c IN -t A example > dig.out.test$n || ret=1 grep "^;; flags: qr rd; QUERY: 0, ANSWER: 0," < dig.out.test$n > /dev/null || ret=1 grep "^;; QUESTION SECTION:" < dig.out.test$n > /dev/null && ret=1 - if [ $ret != 0 ]; then echo_i "failed"; fi - status=`expr $status + $ret` + if [ $ret -ne 0 ]; then echo_i "failed"; fi + status=$((status+ret)) - n=`expr $n + 1` + n=$((n+1)) echo_i "checking dig +zflag works, and that BIND properly ignores it ($n)" ret=0 - $DIG $DIGOPTS +tcp @10.53.0.3 +zflag +qr A example > dig.out.test$n || ret=1 + dig_with_opts +tcp @10.53.0.3 +zflag +qr A example > dig.out.test$n || ret=1 sed -n '/Sending:/,/Got answer:/p' dig.out.test$n | grep "^;; flags: rd ad; MBZ: 0x4;" > /dev/null || ret=1 sed -n '/Got answer:/,/AUTHORITY SECTION:/p' dig.out.test$n | grep "^;; flags: qr rd ra; QUERY: 1" > /dev/null || ret=1 - if [ $ret != 0 ]; then echo_i "failed"; fi - status=`expr $status + $ret` + if [ $ret -ne 0 ]; then echo_i "failed"; fi + status=$((status+ret)) - n=`expr $n + 1` + n=$((n+1)) echo_i "checking dig +qr +ednsopt=08 does not cause an INSIST failure ($n)" ret=0 - $DIG $DIGOPTS @10.53.0.3 +ednsopt=08 +qr a a.example > dig.out.test$n || ret=1 + dig_with_opts @10.53.0.3 +ednsopt=08 +qr a a.example > dig.out.test$n || ret=1 grep "INSIST" < dig.out.test$n > /dev/null && ret=1 grep "FORMERR" < dig.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo_i "failed"; fi - status=`expr $status + $ret` + if [ $ret -ne 0 ]; then echo_i "failed"; fi + status=$((status+ret)) echo_i "checking dig +ttlunits works ($n)" ret=0 - $DIG $DIGOPTS +tcp @10.53.0.2 +ttlunits A weeks.example > dig.out.test$n || ret=1 + dig_with_opts +tcp @10.53.0.2 +ttlunits A weeks.example > dig.out.test$n || ret=1 grep "^weeks.example. 3w" < dig.out.test$n > /dev/null || ret=1 - $DIG $DIGOPTS +tcp @10.53.0.2 +ttlunits A days.example > dig.out.test$n || ret=1 + dig_with_opts +tcp @10.53.0.2 +ttlunits A days.example > dig.out.test$n || ret=1 grep "^days.example. 3d" < dig.out.test$n > /dev/null || ret=1 - $DIG $DIGOPTS +tcp @10.53.0.2 +ttlunits A hours.example > dig.out.test$n || ret=1 + dig_with_opts +tcp @10.53.0.2 +ttlunits A hours.example > dig.out.test$n || ret=1 grep "^hours.example. 3h" < dig.out.test$n > /dev/null || ret=1 - $DIG $DIGOPTS +tcp @10.53.0.2 +ttlunits A minutes.example > dig.out.test$n || ret=1 + dig_with_opts +tcp @10.53.0.2 +ttlunits A minutes.example > dig.out.test$n || ret=1 grep "^minutes.example. 45m" < dig.out.test$n > /dev/null || ret=1 - $DIG $DIGOPTS +tcp @10.53.0.2 +ttlunits A seconds.example > dig.out.test$n || ret=1 + dig_with_opts +tcp @10.53.0.2 +ttlunits A seconds.example > dig.out.test$n || ret=1 grep "^seconds.example. 45s" < dig.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo_i "failed"; fi - status=`expr $status + $ret` + if [ $ret -ne 0 ]; then echo_i "failed"; fi + status=$((status+ret)) - n=`expr $n + 1` + n=$((n+1)) echo_i "checking dig respects precedence of options with +ttlunits ($n)" ret=0 - $DIG $DIGOPTS +tcp @10.53.0.2 +ttlunits +nottlid A weeks.example > dig.out.test$n || ret=1 + dig_with_opts +tcp @10.53.0.2 +ttlunits +nottlid A weeks.example > dig.out.test$n || ret=1 grep "^weeks.example. IN" < dig.out.test$n > /dev/null || ret=1 - $DIG $DIGOPTS +tcp @10.53.0.2 +nottlid +ttlunits A weeks.example > dig.out.test$n || ret=1 + dig_with_opts +tcp @10.53.0.2 +nottlid +ttlunits A weeks.example > dig.out.test$n || ret=1 grep "^weeks.example. 3w" < dig.out.test$n > /dev/null || ret=1 - $DIG $DIGOPTS +tcp @10.53.0.2 +nottlid +nottlunits A weeks.example > dig.out.test$n || ret=1 + dig_with_opts +tcp @10.53.0.2 +nottlid +nottlunits A weeks.example > dig.out.test$n || ret=1 grep "^weeks.example. 1814400" < dig.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo_i "failed"; fi - status=`expr $status + $ret` + if [ $ret -ne 0 ]; then echo_i "failed"; fi + status=$((status+ret)) - n=`expr $n + 1` + n=$((n+1)) echo_i "checking dig preserves origin on TCP retries ($n)" ret=0 # Ask ans4 to still accept TCP connections, but not respond to queries - echo "//" | $SENDCMD - $DIG $DIGOPTS -d +tcp @10.53.0.4 +retry=1 +time=1 +domain=bar foo > dig.out.test$n 2>&1 && ret=1 - l=`grep "trying origin bar" dig.out.test$n | wc -l` - [ ${l:-0} -eq 2 ] || ret=1 + echo "//" | sendcmd + dig_with_opts -d +tcp @10.53.0.4 +retry=1 +time=1 +domain=bar foo > dig.out.test$n 2>&1 && ret=1 + test "$(grep -c "trying origin bar" dig.out.test$n)" -eq 2 || ret=1 grep "using root origin" < dig.out.test$n > /dev/null && ret=1 - if [ $ret != 0 ]; then echo_i "failed"; fi - status=`expr $status + $ret` + if [ $ret -ne 0 ]; then echo_i "failed"; fi + status=$((status+ret)) - n=`expr $n + 1` + n=$((n+1)) echo_i "checking dig -6 -4 ($n)" ret=0 - $DIG $DIGOPTS +tcp @10.53.0.2 -4 -6 A a.example > dig.out.test$n 2>&1 && ret=1 + dig_with_opts +tcp @10.53.0.2 -4 -6 A a.example > dig.out.test$n 2>&1 && ret=1 grep "only one of -4 and -6 allowed" < dig.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo_i "failed"; fi - status=`expr $status + $ret` + if [ $ret -ne 0 ]; then echo_i "failed"; fi + status=$((status+ret)) - n=`expr $n + 1` + n=$((n+1)) echo_i "checking dig @IPv6addr -4 A a.example ($n)" if $TESTSOCK6 fd92:7065:b8e:ffff::2 2>/dev/null then ret=0 - $DIG $DIGOPTS +tcp @fd92:7065:b8e:ffff::2 -4 A a.example > dig.out.test$n 2>&1 && ret=1 + dig_with_opts +tcp @fd92:7065:b8e:ffff::2 -4 A a.example > dig.out.test$n 2>&1 && ret=1 grep "address family not supported" < dig.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo_i "failed"; fi - status=`expr $status + $ret` + if [ $ret -ne 0 ]; then echo_i "failed"; fi + status=$((status+ret)) else echo_i "IPv6 unavailable; skipping" fi - n=`expr $n + 1` + n=$((n+1)) echo_i "checking dig @IPv4addr -6 +mapped A a.example ($n)" - if $TESTSOCK6 fd92:7065:b8e:ffff::2 2>/dev/null && [ `uname -s` != "OpenBSD" ] + if "$TESTSOCK6" fd92:7065:b8e:ffff::2 2>/dev/null && [ "$(uname -s)" != "OpenBSD" ] then ret=0 ret=0 - $DIG $DIGOPTS +tcp @10.53.0.2 -6 +mapped A a.example > dig.out.test$n 2>&1 || ret=1 - grep "SERVER: ::ffff:10.53.0.2#${PORT}" < dig.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo_i "failed"; fi - status=`expr $status + $ret` + dig_with_opts +tcp @10.53.0.2 -6 +mapped A a.example > dig.out.test$n 2>&1 || ret=1 + grep "SERVER: ::ffff:10.53.0.2#$PORT" < dig.out.test$n > /dev/null || ret=1 + if [ $ret -ne 0 ]; then echo_i "failed"; fi + status=$((status+ret)) else echo_i "IPv6 or IPv4-to-IPv6 mapping unavailable; skipping" fi - n=`expr $n + 1` + n=$((n+1)) echo_i "checking dig +tcp @IPv4addr -6 +nomapped A a.example ($n)" if $TESTSOCK6 fd92:7065:b8e:ffff::2 2>/dev/null then ret=0 ret=0 - $DIG $DIGOPTS +tcp @10.53.0.2 -6 +nomapped A a.example > dig.out.test$n 2>&1 || ret=1 - grep "SERVER: ::ffff:10.53.0.2#${PORT}" < dig.out.test$n > /dev/null && ret=1 - if [ $ret != 0 ]; then echo_i "failed"; fi - status=`expr $status + $ret` + dig_with_opts +tcp @10.53.0.2 -6 +nomapped A a.example > dig.out.test$n 2>&1 || ret=1 + grep "SERVER: ::ffff:10.53.0.2#$PORT" < dig.out.test$n > /dev/null && ret=1 + if [ $ret -ne 0 ]; then echo_i "failed"; fi + status=$((status+ret)) else echo_i "IPv6 unavailable; skipping" fi - n=`expr $n + 1` + n=$((n+1)) echo_i "checking dig +notcp @IPv4addr -6 +nomapped A a.example ($n)" if $TESTSOCK6 fd92:7065:b8e:ffff::2 2>/dev/null then ret=0 ret=0 - $DIG $DIGOPTS +notcp @10.53.0.2 -6 +nomapped A a.example > dig.out.test$n 2>&1 || ret=1 - grep "SERVER: ::ffff:10.53.0.2#${PORT}" < dig.out.test$n > /dev/null && ret=1 - if [ $ret != 0 ]; then echo_i "failed"; fi - status=`expr $status + $ret` + dig_with_opts +notcp @10.53.0.2 -6 +nomapped A a.example > dig.out.test$n 2>&1 || ret=1 + grep "SERVER: ::ffff:10.53.0.2#$PORT" < dig.out.test$n > /dev/null && ret=1 + if [ $ret -ne 0 ]; then echo_i "failed"; fi + status=$((status+ret)) else echo_i "IPv6 unavailable; skipping" fi - n=`expr $n + 1` + n=$((n+1)) echo_i "checking dig +subnet ($n)" ret=0 - $DIG $DIGOPTS +tcp @10.53.0.2 +subnet=127.0.0.1 A a.example > dig.out.test$n 2>&1 || ret=1 + dig_with_opts +tcp @10.53.0.2 +subnet=127.0.0.1 A a.example > dig.out.test$n 2>&1 || ret=1 grep "CLIENT-SUBNET: 127.0.0.1/32/0" < dig.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo_i "failed"; fi - status=`expr $status + $ret` + if [ $ret -ne 0 ]; then echo_i "failed"; fi + status=$((status+ret)) - n=`expr $n + 1` + n=$((n+1)) echo_i "checking dig +subnet +subnet ($n)" ret=0 - $DIG $DIGOPTS +tcp @10.53.0.2 +subnet=127.0.0.0 +subnet=127.0.0.1 A a.example > dig.out.test$n 2>&1 || ret=1 + dig_with_opts +tcp @10.53.0.2 +subnet=127.0.0.0 +subnet=127.0.0.1 A a.example > dig.out.test$n 2>&1 || ret=1 grep "CLIENT-SUBNET: 127.0.0.1/32/0" < dig.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo_i "failed"; fi - status=`expr $status + $ret` + if [ $ret -ne 0 ]; then echo_i "failed"; fi + status=$((status+ret)) - n=`expr $n + 1` + n=$((n+1)) echo_i "checking dig +subnet with various prefix lengths ($n)" ret=0 for i in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24; do - $DIG $DIGOPTS +tcp @10.53.0.2 +subnet=255.255.255.255/$i A a.example > dig.out.$i.test$n 2>&1 || ret=1 + dig_with_opts +tcp @10.53.0.2 +subnet=255.255.255.255/$i A a.example > dig.out.$i.test$n 2>&1 || ret=1 case $i in 1|9|17) octet=128 ;; 2|10|18) octet=192 ;; @@ -334,229 +356,224 @@ if [ -x ${DIG} ] ; then grep "FORMERR" < dig.out.$i.test$n > /dev/null && ret=1 grep "CLIENT-SUBNET: $addr/$i/0" < dig.out.$i.test$n > /dev/null || ret=1 done - if [ $ret != 0 ]; then echo_i "failed"; fi - status=`expr $status + $ret` + if [ $ret -ne 0 ]; then echo_i "failed"; fi + status=$((status+ret)) - n=`expr $n + 1` + n=$((n+1)) echo_i "checking dig +subnet=0/0 ($n)" ret=0 - $DIG $DIGOPTS +tcp @10.53.0.2 +subnet=0/0 A a.example > dig.out.test$n 2>&1 || ret=1 + dig_with_opts +tcp @10.53.0.2 +subnet=0/0 A a.example > dig.out.test$n 2>&1 || ret=1 grep "status: NOERROR" < dig.out.test$n > /dev/null || ret=1 grep "CLIENT-SUBNET: 0.0.0.0/0/0" < dig.out.test$n > /dev/null || ret=1 grep "10.0.0.1" < dig.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo_i "failed"; fi - status=`expr $status + $ret` + if [ $ret -ne 0 ]; then echo_i "failed"; fi + status=$((status+ret)) - n=`expr $n + 1` + n=$((n+1)) echo_i "checking dig +subnet=0 ($n)" ret=0 - $DIG $DIGOPTS +tcp @10.53.0.2 +subnet=0 A a.example > dig.out.test$n 2>&1 || ret=1 + dig_with_opts +tcp @10.53.0.2 +subnet=0 A a.example > dig.out.test$n 2>&1 || ret=1 grep "status: NOERROR" < dig.out.test$n > /dev/null || ret=1 grep "CLIENT-SUBNET: 0.0.0.0/0/0" < dig.out.test$n > /dev/null || ret=1 grep "10.0.0.1" < dig.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo_i "failed"; fi - status=`expr $status + $ret` + if [ $ret -ne 0 ]; then echo_i "failed"; fi + status=$((status+ret)) - n=`expr $n + 1` + n=$((n+1)) echo_i "checking dig +subnet=::/0 ($n)" ret=0 - $DIG $DIGOPTS +tcp @10.53.0.2 +subnet=::/0 A a.example > dig.out.test$n 2>&1 || ret=1 + dig_with_opts +tcp @10.53.0.2 +subnet=::/0 A a.example > dig.out.test$n 2>&1 || ret=1 grep "status: NOERROR" < dig.out.test$n > /dev/null || ret=1 grep "CLIENT-SUBNET: ::/0/0" < dig.out.test$n > /dev/null || ret=1 grep "10.0.0.1" < dig.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo_i "failed"; fi - status=`expr $status + $ret` + if [ $ret -ne 0 ]; then echo_i "failed"; fi + status=$((status+ret)) - n=`expr $n + 1` + n=$((n+1)) echo_i "checking dig +ednsopt=8:00000000 (family=0, source=0, scope=0) ($n)" ret=0 - $DIG $DIGOPTS +tcp @10.53.0.2 +ednsopt=8:00000000 A a.example > dig.out.test$n 2>&1 || ret=1 + dig_with_opts +tcp @10.53.0.2 +ednsopt=8:00000000 A a.example > dig.out.test$n 2>&1 || ret=1 grep "status: NOERROR" < dig.out.test$n > /dev/null || ret=1 grep "CLIENT-SUBNET: 0/0/0" < dig.out.test$n > /dev/null || ret=1 grep "10.0.0.1" < dig.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo_i "failed"; fi - status=`expr $status + $ret` + if [ $ret -ne 0 ]; then echo_i "failed"; fi + status=$((status+ret)) - n=`expr $n + 1` + n=$((n+1)) echo_i "checking dig +ednsopt=8:00030000 (family=3, source=0, scope=0) ($n)" ret=0 - $DIG $DIGOPTS +qr +tcp @10.53.0.2 +ednsopt=8:00030000 A a.example > dig.out.test$n 2>&1 || ret=1 + dig_with_opts +qr +tcp @10.53.0.2 +ednsopt=8:00030000 A a.example > dig.out.test$n 2>&1 || ret=1 grep "status: FORMERR" < dig.out.test$n > /dev/null || ret=1 grep "CLIENT-SUBNET: 00 03 00 00" < dig.out.test$n > /dev/null || ret=1 - lines=`grep "CLIENT-SUBNET: 00 03 00 00" dig.out.test$n | wc -l` - [ ${lines:-0} -eq 1 ] || ret=1 - if [ $ret != 0 ]; then echo_i "failed"; fi - status=`expr $status + $ret` + test "$(grep -c "CLIENT-SUBNET: 00 03 00 00" dig.out.test$n)" -eq 1 || ret=1 + if [ $ret -ne 0 ]; then echo_i "failed"; fi + status=$((status+ret)) - n=`expr $n + 1` + n=$((n+1)) echo_i "checking dig +subnet with prefix lengths between byte boundaries ($n)" ret=0 for p in 9 10 11 12 13 14 15; do - $DIG $DIGOPTS +tcp @10.53.0.2 +subnet=10.53/$p A a.example > dig.out.test.$p.$n 2>&1 || ret=1 + dig_with_opts +tcp @10.53.0.2 +subnet=10.53/$p A a.example > dig.out.test.$p.$n 2>&1 || ret=1 grep "FORMERR" < dig.out.test.$p.$n > /dev/null && ret=1 grep "CLIENT-SUBNET.*/$p/0" < dig.out.test.$p.$n > /dev/null || ret=1 done - if [ $ret != 0 ]; then echo_i "failed"; fi - status=`expr $status + $ret` + if [ $ret -ne 0 ]; then echo_i "failed"; fi + status=$((status+ret)) - n=`expr $n + 1` + n=$((n+1)) echo_i "checking dig +sp works as an abbreviated form of split ($n)" ret=0 - $DIG $DIGOPTS @10.53.0.3 +sp=4 -t sshfp foo.example > dig.out.test$n || ret=1 + dig_with_opts @10.53.0.3 +sp=4 -t sshfp foo.example > dig.out.test$n || ret=1 grep " 9ABC DEF6 7890 " < dig.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo_i "failed"; fi - status=`expr $status + $ret` + if [ $ret -ne 0 ]; then echo_i "failed"; fi + status=$((status+ret)) - n=`expr $n + 1` + n=$((n+1)) echo_i "checking dig -c works ($n)" ret=0 - $DIG $DIGOPTS @10.53.0.3 -c CHAOS -t txt version.bind > dig.out.test$n || ret=1 + dig_with_opts @10.53.0.3 -c CHAOS -t txt version.bind > dig.out.test$n || ret=1 grep "version.bind. 0 CH TXT" < dig.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo_i "failed"; fi - status=`expr $status + $ret` + if [ $ret -ne 0 ]; then echo_i "failed"; fi + status=$((status+ret)) - n=`expr $n + 1` + n=$((n+1)) echo_i "checking dig +dscp ($n)" ret=0 - $DIG $DIGOPTS @10.53.0.3 +dscp=32 a a.example > /dev/null 2>&1 || ret=1 - $DIG $DIGOPTS @10.53.0.3 +dscp=-1 a a.example > /dev/null 2>&1 && ret=1 - $DIG $DIGOPTS @10.53.0.3 +dscp=64 a a.example > /dev/null 2>&1 && ret=1 + dig_with_opts @10.53.0.3 +dscp=32 a a.example > /dev/null 2>&1 || ret=1 + dig_with_opts @10.53.0.3 +dscp=-1 a a.example > /dev/null 2>&1 && ret=1 + dig_with_opts @10.53.0.3 +dscp=64 a a.example > /dev/null 2>&1 && ret=1 #TODO add a check to make sure dig is actually setting the dscp on the query #we might have to add better logging to named for this - if [ $ret != 0 ]; then echo_i "failed"; fi - status=`expr $status + $ret` + if [ $ret -ne 0 ]; then echo_i "failed"; fi + status=$((status+ret)) - n=`expr $n + 1` + n=$((n+1)) echo_i "checking dig +ednsopt with option number ($n)" ret=0 - $DIG $DIGOPTS @10.53.0.3 +ednsopt=3 a.example > dig.out.test$n 2>&1 || ret=1 + dig_with_opts @10.53.0.3 +ednsopt=3 a.example > dig.out.test$n 2>&1 || ret=1 grep 'NSID: .* ("ns3")' dig.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo_i "failed"; fi - status=`expr $status + $ret` + if [ $ret -ne 0 ]; then echo_i "failed"; fi + status=$((status+ret)) - n=`expr $n + 1` + n=$((n+1)) echo_i "checking dig +ednsopt with option name ($n)" ret=0 - $DIG $DIGOPTS @10.53.0.3 +ednsopt=nsid a.example > dig.out.test$n 2>&1 || ret=1 + dig_with_opts @10.53.0.3 +ednsopt=nsid a.example > dig.out.test$n 2>&1 || ret=1 grep 'NSID: .* ("ns3")' dig.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo_i "failed"; fi - status=`expr $status + $ret` + if [ $ret -ne 0 ]; then echo_i "failed"; fi + status=$((status+ret)) - n=`expr $n + 1` + n=$((n+1)) echo_i "checking that dig warns about .local queries ($n)" ret=0 - $DIG $DIGOPTS @10.53.0.3 local soa > dig.out.test$n 2>&1 || ret=1 + dig_with_opts @10.53.0.3 local soa > dig.out.test$n 2>&1 || ret=1 grep ";; WARNING: .local is reserved for Multicast DNS" dig.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo_i "failed"; fi - status=`expr $status + $ret` + if [ $ret -ne 0 ]; then echo_i "failed"; fi + status=$((status+ret)) - n=`expr $n + 1` + n=$((n+1)) echo_i "check that dig processes +ednsopt=key-tag and FORMERR is returned ($n)" - $DIG $DIGOPTS @10.53.0.3 +ednsopt=key-tag a.example +qr > dig.out.test$n 2>&1 || ret=1 + dig_with_opts @10.53.0.3 +ednsopt=key-tag a.example +qr > dig.out.test$n 2>&1 || ret=1 grep "; KEY-TAG$" dig.out.test$n > /dev/null || ret=1 grep "status: FORMERR" dig.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo_i "failed"; fi - status=`expr $status + $ret` + if [ $ret -ne 0 ]; then echo_i "failed"; fi + status=$((status+ret)) - n=`expr $n + 1` + n=$((n+1)) echo_i "check that dig processes +ednsopt=key-tag: ($n)" - $DIG $DIGOPTS @10.53.0.3 +ednsopt=key-tag:00010002 a.example +qr > dig.out.test$n 2>&1 || ret=1 + dig_with_opts @10.53.0.3 +ednsopt=key-tag:00010002 a.example +qr > dig.out.test$n 2>&1 || ret=1 grep "; KEY-TAG: 1, 2$" dig.out.test$n > /dev/null || ret=1 grep "status: FORMERR" dig.out.test$n > /dev/null && ret=1 - if [ $ret != 0 ]; then echo_i "failed"; fi - status=`expr $status + $ret` + if [ $ret -ne 0 ]; then echo_i "failed"; fi + status=$((status+ret)) - n=`expr $n + 1` + n=$((n+1)) echo_i "check that dig processes +ednsopt=key-tag: and FORMERR is returned ($n)" ret=0 - $DIG $DIGOPTS @10.53.0.3 +ednsopt=key-tag:0001000201 a.example +qr > dig.out.test$n 2>&1 || ret=1 + dig_with_opts @10.53.0.3 +ednsopt=key-tag:0001000201 a.example +qr > dig.out.test$n 2>&1 || ret=1 grep "; KEY-TAG: 00 01 00 02 01" dig.out.test$n > /dev/null || ret=1 grep "status: FORMERR" dig.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo_i "failed"; fi - status=`expr $status + $ret` + if [ $ret -ne 0 ]; then echo_i "failed"; fi + status=$((status+ret)) - n=`expr $n + 1` + n=$((n+1)) echo_i "check that dig handles malformed option '+ednsopt=:' gracefully ($n)" ret=0 - $DIG $DIGOPTS @10.53.0.3 +ednsopt=: a.example > dig.out.test$n 2>&1 && ret=1 + dig_with_opts @10.53.0.3 +ednsopt=: a.example > dig.out.test$n 2>&1 && ret=1 grep "ednsopt no code point specified" dig.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo_i "failed"; fi - status=`expr $status + $ret` + if [ $ret -ne 0 ]; then echo_i "failed"; fi + status=$((status+ret)) - n=`expr $n + 1` + n=$((n+1)) echo_i "check that dig gracefully handles bad escape in domain name ($n)" ret=0 - $DIG $DIGOPTS @10.53.0.3 '\0.' > dig.out.test$n 2>&1 - digstatus=$? + digstatus=0 + dig_with_opts @10.53.0.3 '\0.' > dig.out.test$n 2>&1 || digstatus=$? echo digstatus=$digstatus >> dig.out.test$n test $digstatus -eq 10 || ret=1 grep REQUIRE dig.out.test$n > /dev/null && ret=1 grep "is not a legal name (bad escape)" dig.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo_i "failed"; fi - status=`expr $status + $ret` + if [ $ret -ne 0 ]; then echo_i "failed"; fi + status=$((status+ret)) - n=`expr $n + 1` + n=$((n+1)) echo_i "check that dig -q -m works ($n)" ret=0 - $DIG $DIGOPTS @10.53.0.3 -q -m > dig.out.test$n 2>&1 + dig_with_opts @10.53.0.3 -q -m > dig.out.test$n 2>&1 grep '^;-m\..*IN.*A$' dig.out.test$n > /dev/null || ret=1 grep "Dump of all outstanding memory allocations" dig.out.test$n > /dev/null && ret=1 - if [ $ret != 0 ]; then echo_i "failed"; fi - status=`expr $status + $ret` + if [ $ret -ne 0 ]; then echo_i "failed"; fi + status=$((status+ret)) else echo_i "$DIG is needed, so skipping these dig tests" fi -MDIGOPTS="-p ${PORT}" -if [ -x ${MDIG} ] ; then - n=`expr $n + 1` +if [ -x "$MDIG" ] ; then + n=$((n+1)) echo_i "check that mdig handles malformed option '+ednsopt=:' gracefully ($n)" ret=0 - $MDIG $MDIGOPTS @10.53.0.3 +ednsopt=: a.example > dig.out.test$n 2>&1 && ret=1 + mdig_with_opts @10.53.0.3 +ednsopt=: a.example > dig.out.test$n 2>&1 && ret=1 grep "ednsopt no code point specified" dig.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo_i "failed"; fi - status=`expr $status + $ret` + if [ $ret -ne 0 ]; then echo_i "failed"; fi + status=$((status+ret)) else echo_i "$MDIG is needed, so skipping these mdig tests" fi -# using delv insecure mode as not testing dnssec here -DELVOPTS="-i -p ${PORT}" - -if [ -x ${DELV} ] ; then - n=`expr $n + 1` +if [ -x "$DELV" ] ; then + n=$((n+1)) echo_i "checking delv short form works ($n)" ret=0 - $DELV $DELVOPTS @10.53.0.3 +short a a.example > delv.out.test$n || ret=1 - if test `wc -l < delv.out.test$n` != 1 ; then ret=1 ; fi - if [ $ret != 0 ]; then echo_i "failed"; fi - status=`expr $status + $ret` + delv_with_opts @10.53.0.3 +short a a.example > delv.out.test$n || ret=1 + test "$(wc -l < delv.out.test$n)" -eq 1 || ret=1 + if [ $ret -ne 0 ]; then echo_i "failed"; fi + status=$((status+ret)) - n=`expr $n + 1` + n=$((n+1)) echo_i "checking delv split width works ($n)" ret=0 - $DELV $DELVOPTS @10.53.0.3 +split=4 -t sshfp foo.example > delv.out.test$n || ret=1 + delv_with_opts @10.53.0.3 +split=4 -t sshfp foo.example > delv.out.test$n || ret=1 grep " 9ABC DEF6 7890 " < delv.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo_i "failed"; fi - status=`expr $status + $ret` + if [ $ret -ne 0 ]; then echo_i "failed"; fi + status=$((status+ret)) - n=`expr $n + 1` + n=$((n+1)) echo_i "checking delv +unknownformat works ($n)" ret=0 - $DELV $DELVOPTS @10.53.0.3 +unknownformat a a.example > delv.out.test$n || ret=1 + delv_with_opts @10.53.0.3 +unknownformat a a.example > delv.out.test$n || ret=1 grep "CLASS1[ ][ ]*TYPE1[ ][ ]*\\\\# 4 0A000001" < delv.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo_i "failed"; fi - status=`expr $status + $ret` + if [ $ret -ne 0 ]; then echo_i "failed"; fi + status=$((status+ret)) - n=`expr $n + 1` + n=$((n+1)) echo_i "checking delv -4 -6 ($n)" ret=0 - $DELV $DELVOPTS @10.53.0.3 -4 -6 A a.example > delv.out.test$n 2>&1 && ret=1 + delv_with_opts @10.53.0.3 -4 -6 A a.example > delv.out.test$n 2>&1 && ret=1 grep "only one of -4 and -6 allowed" < delv.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo_i "failed"; fi - status=`expr $status + $ret` + if [ $ret -ne 0 ]; then echo_i "failed"; fi + status=$((status+ret)) - n=`expr $n + 1` + n=$((n+1)) echo_i "checking delv with IPv6 on IPv4 does not work ($n)" if $TESTSOCK6 fd92:7065:b8e:ffff::3 2>/dev/null then @@ -564,17 +581,17 @@ if [ -x ${DELV} ] ; then # following should fail because @IPv4 overrides earlier @IPv6 above # and -6 forces IPv6 so this should fail, with a message # "Use of IPv4 disabled by -6" - $DELV $DELVOPTS @fd92:7065:b8e:ffff::3 @10.53.0.3 -6 -t txt foo.example > delv.out.test$n 2>&1 + delv_with_opts @fd92:7065:b8e:ffff::3 @10.53.0.3 -6 -t txt foo.example > delv.out.test$n 2>&1 && ret=1 # it should have no results but error output grep "testing" < delv.out.test$n > /dev/null && ret=1 grep "Use of IPv4 disabled by -6" delv.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo_i "failed"; fi - status=`expr $status + $ret` + if [ $ret -ne 0 ]; then echo_i "failed"; fi + status=$((status+ret)) else echo_i "IPv6 unavailable; skipping" fi - n=`expr $n + 1` + n=$((n+1)) echo_i "checking delv with IPv4 on IPv6 does not work ($n)" if $TESTSOCK6 fd92:7065:b8e:ffff::3 2>/dev/null then @@ -582,144 +599,142 @@ if [ -x ${DELV} ] ; then # following should fail because @IPv6 overrides earlier @IPv4 above # and -4 forces IPv4 so this should fail, with a message # "Use of IPv6 disabled by -4" - $DELV $DELVOPTS @10.53.0.3 @fd92:7065:b8e:ffff::3 -4 -t txt foo.example > delv.out.test$n 2>&1 + delv_with_opts @10.53.0.3 @fd92:7065:b8e:ffff::3 -4 -t txt foo.example > delv.out.test$n 2>&1 && ret=1 # it should have no results but error output grep "testing" delv.out.test$n > /dev/null && ret=1 grep "Use of IPv6 disabled by -4" delv.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo_i "failed"; fi - status=`expr $status + $ret` + if [ $ret -ne 0 ]; then echo_i "failed"; fi + status=$((status+ret)) else echo_i "IPv6 unavailable; skipping" fi - n=`expr $n + 1` + n=$((n+1)) echo_i "checking delv with reverse lookup works ($n)" ret=0 - $DELV $DELVOPTS @10.53.0.3 -x 127.0.0.1 > delv.out.test$n 2>&1 || ret=1 + delv_with_opts @10.53.0.3 -x 127.0.0.1 > delv.out.test$n 2>&1 || ret=1 # doesn't matter if has answer - grep -i "127\.in-addr\.arpa\." < delv.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo_i "failed"; fi - status=`expr $status + $ret` + grep -i "127\\.in-addr\\.arpa\\." < delv.out.test$n > /dev/null || ret=1 + if [ $ret -ne 0 ]; then echo_i "failed"; fi + status=$((status+ret)) - n=`expr $n + 1` + n=$((n+1)) echo_i "checking delv over TCP works ($n)" ret=0 - $DELV $DELVOPTS +tcp @10.53.0.3 a a.example > delv.out.test$n || ret=1 - grep "10\.0\.0\.1$" < delv.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo_i "failed"; fi - status=`expr $status + $ret` + delv_with_opts +tcp @10.53.0.3 a a.example > delv.out.test$n || ret=1 + grep "10\\.0\\.0\\.1$" < delv.out.test$n > /dev/null || ret=1 + if [ $ret -ne 0 ]; then echo_i "failed"; fi + status=$((status+ret)) - n=`expr $n + 1` + n=$((n+1)) echo_i "checking delv +multi +norrcomments works for dnskey (when default is rrcomments)($n)" ret=0 - $DELV $DELVOPTS +tcp @10.53.0.3 +multi +norrcomments DNSKEY dnskey.example > delv.out.test$n || ret=1 - grep "; ZSK; alg = RSAMD5 ; key id = 30795" < delv.out.test$n > /dev/null && ret=1 - if [ $ret != 0 ]; then echo_i "failed"; fi - status=`expr $status + $ret` + delv_with_opts +tcp @10.53.0.3 +multi +norrcomments DNSKEY dnskey.example > delv.out.test$n || ret=1 + grep "; ZSK; alg = $DEFAULT_ALGORITHM ; key id = $KEYID" < delv.out.test$n > /dev/null && ret=1 + if [ $ret -ne 0 ]; then echo_i "failed"; fi + status=$((status+ret)) - n=`expr $n + 1` + n=$((n+1)) echo_i "checking delv +multi +norrcomments works for soa (when default is rrcomments)($n)" ret=0 - $DELV $DELVOPTS +tcp @10.53.0.3 +multi +norrcomments SOA example > delv.out.test$n || ret=1 - grep "; ZSK; alg = RSAMD5 ; key id = 30795" < delv.out.test$n > /dev/null && ret=1 - if [ $ret != 0 ]; then echo_i "failed"; fi - status=`expr $status + $ret` + delv_with_opts +tcp @10.53.0.3 +multi +norrcomments SOA example > delv.out.test$n || ret=1 + grep "; ZSK; alg = $DEFAULT_ALGORITHM ; key id = $KEYID" < delv.out.test$n > /dev/null && ret=1 + if [ $ret -ne 0 ]; then echo_i "failed"; fi + status=$((status+ret)) - n=`expr $n + 1` + n=$((n+1)) echo_i "checking delv +rrcomments works for DNSKEY($n)" ret=0 - $DELV $DELVOPTS +tcp @10.53.0.3 +rrcomments DNSKEY dnskey.example > delv.out.test$n || ret=1 - grep "; ZSK; alg = RSAMD5 ; key id = 30795" < delv.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo_i "failed"; fi - status=`expr $status + $ret` + delv_with_opts +tcp @10.53.0.3 +rrcomments DNSKEY dnskey.example > delv.out.test$n || ret=1 + grep "; ZSK; alg = $DEFAULT_ALGORITHM ; key id = $KEYID" < delv.out.test$n > /dev/null || ret=1 + if [ $ret -ne 0 ]; then echo_i "failed"; fi + status=$((status+ret)) - n=`expr $n + 1` + n=$((n+1)) echo_i "checking delv +short +rrcomments works for DNSKEY ($n)" ret=0 - $DELV $DELVOPTS +tcp @10.53.0.3 +short +rrcomments DNSKEY dnskey.example > delv.out.test$n || ret=1 - grep "; ZSK; alg = RSAMD5 ; key id = 30795" < delv.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo_i "failed"; fi - status=`expr $status + $ret` + delv_with_opts +tcp @10.53.0.3 +short +rrcomments DNSKEY dnskey.example > delv.out.test$n || ret=1 + grep "; ZSK; alg = $DEFAULT_ALGORITHM ; key id = $KEYID" < delv.out.test$n > /dev/null || ret=1 + if [ $ret -ne 0 ]; then echo_i "failed"; fi + status=$((status+ret)) - n=`expr $n + 1` + n=$((n+1)) echo_i "checking delv +short +rrcomments works ($n)" ret=0 - $DELV $DELVOPTS +tcp @10.53.0.3 +short +rrcomments DNSKEY dnskey.example > delv.out.test$n || ret=1 - grep "S8M= ; ZSK; alg = RSAMD5 ; key id = 30795$" < delv.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo_i "failed"; fi - status=`expr $status + $ret` + delv_with_opts +tcp @10.53.0.3 +short +rrcomments DNSKEY dnskey.example > delv.out.test$n || ret=1 + grep -q "$KEYDATA ; ZSK; alg = $DEFAULT_ALGORITHM ; key id = $KEYID" < delv.out.test$n || ret=1 + if [ $ret -ne 0 ]; then echo_i "failed"; fi + status=$((status+ret)) - n=`expr $n + 1` + n=$((n+1)) echo_i "checking delv +short +nosplit works ($n)" ret=0 - $DELV $DELVOPTS +tcp @10.53.0.3 +short +nosplit DNSKEY dnskey.example > delv.out.test$n || ret=1 - grep "Z8plc4Rb9VIE5x7KNHAYTvTO5d4S8M=" < delv.out.test$n > /dev/null || ret=1 - if test `wc -l < delv.out.test$n` != 1 ; then ret=1 ; fi - f=`awk '{print NF}' < delv.out.test$n` - test "${f:-0}" -eq 14 || ret=1 - if [ $ret != 0 ]; then echo_i "failed"; fi - status=`expr $status + $ret` + delv_with_opts +tcp @10.53.0.3 +short +nosplit DNSKEY dnskey.example > delv.out.test$n || ret=1 + grep -q "$NOSPLIT" < delv.out.test$n || ret=1 + test "$(wc -l < delv.out.test$n)" -eq 1 || ret=1 + test "$(awk '{print NF}' < delv.out.test$n)" -eq 14 || ret=1 + if [ $ret -ne 0 ]; then echo_i "failed"; fi + status=$((status+ret)) - n=`expr $n + 1` + n=$((n+1)) echo_i "checking delv +short +nosplit +norrcomments works ($n)" ret=0 - $DELV $DELVOPTS +tcp @10.53.0.3 +short +nosplit +norrcomments DNSKEY dnskey.example > delv.out.test$n || ret=1 - grep "Z8plc4Rb9VIE5x7KNHAYTvTO5d4S8M=$" < delv.out.test$n > /dev/null || ret=1 - if test `wc -l < delv.out.test$n` != 1 ; then ret=1 ; fi - f=`awk '{print NF}' < delv.out.test$n` - test "${f:-0}" -eq 4 || ret=1 - if [ $ret != 0 ]; then echo_i "failed"; fi - status=`expr $status + $ret` + delv_with_opts +tcp @10.53.0.3 +short +nosplit +norrcomments DNSKEY dnskey.example > delv.out.test$n || ret=1 + grep -q "$NOSPLIT\$" < delv.out.test$n || ret=1 + test "$(wc -l < delv.out.test$n)" -eq 1 || ret=1 + test "$(awk '{print NF}' < delv.out.test$n)" -eq 4 || ret=1 + if [ $ret -ne 0 ]; then echo_i "failed"; fi + status=$((status+ret)) - n=`expr $n + 1` + n=$((n+1)) echo_i "checking delv +sp works as an abbriviated form of split ($n)" ret=0 - $DELV $DELVOPTS @10.53.0.3 +sp=4 -t sshfp foo.example > delv.out.test$n || ret=1 + delv_with_opts @10.53.0.3 +sp=4 -t sshfp foo.example > delv.out.test$n || ret=1 grep " 9ABC DEF6 7890 " < delv.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo_i "failed"; fi - status=`expr $status + $ret` + if [ $ret -ne 0 ]; then echo_i "failed"; fi + status=$((status+ret)) - n=`expr $n + 1` + n=$((n+1)) echo_i "checking delv +sh works as an abbriviated form of short ($n)" ret=0 - $DELV $DELVOPTS @10.53.0.3 +sh a a.example > delv.out.test$n || ret=1 - if test `wc -l < delv.out.test$n` != 1 ; then ret=1 ; fi - if [ $ret != 0 ]; then echo_i "failed"; fi - status=`expr $status + $ret` + delv_with_opts @10.53.0.3 +sh a a.example > delv.out.test$n || ret=1 + test "$(wc -l < delv.out.test$n)" -eq 1 || ret=1 + if [ $ret -ne 0 ]; then echo_i "failed"; fi + status=$((status+ret)) - n=`expr $n + 1` + n=$((n+1)) echo_i "checking delv -c IN works ($n)" ret=0 - $DELV $DELVOPTS @10.53.0.3 -c IN -t a a.example > delv.out.test$n || ret=1 + delv_with_opts @10.53.0.3 -c IN -t a a.example > delv.out.test$n || ret=1 grep "a.example." < delv.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo_i "failed"; fi - status=`expr $status + $ret` + if [ $ret -ne 0 ]; then echo_i "failed"; fi + status=$((status+ret)) - n=`expr $n + 1` + n=$((n+1)) echo_i "checking delv -c CH is ignored, and treated like IN ($n)" ret=0 - $DELV $DELVOPTS @10.53.0.3 -c CH -t a a.example > delv.out.test$n || ret=1 + delv_with_opts @10.53.0.3 -c CH -t a a.example > delv.out.test$n || ret=1 grep "a.example." < delv.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo_i "failed"; fi - status=`expr $status + $ret` + if [ $ret -ne 0 ]; then echo_i "failed"; fi + status=$((status+ret)) - n=`expr $n + 1` + n=$((n+1)) echo_i "checking delv H is ignored, and treated like IN ($n)" ret=0 - $DELV $DELVOPTS @10.53.0.3 -c CH -t a a.example > delv.out.test$n || ret=1 + delv_with_opts @10.53.0.3 -c CH -t a a.example > delv.out.test$n || ret=1 grep "a.example." < delv.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo_i "failed"; fi - status=`expr $status + $ret` + if [ $ret -ne 0 ]; then echo_i "failed"; fi + status=$((status+ret)) - n=`expr $n + 1` + n=$((n+1)) echo_i "check that delv -q -m works ($n)" ret=0 - $DELV $DELVOPTS @10.53.0.3 -q -m > delv.out.test$n 2>&1 + delv_with_opts @10.53.0.3 -q -m > delv.out.test$n 2>&1 grep '^; -m\..*[0-9]*.*IN.*ANY.*;' delv.out.test$n > /dev/null || ret=1 grep "^add " delv.out.test$n > /dev/null && ret=1 grep "^del " delv.out.test$n > /dev/null && ret=1 - if [ $ret != 0 ]; then echo_i "failed"; fi - status=`expr $status + $ret` + if [ $ret -ne 0 ]; then echo_i "failed"; fi + status=$((status+ret)) else echo_i "$DELV is needed, so skipping these delv tests" fi diff --git a/util/copyrights b/util/copyrights index 0c17dd9a71..353184561c 100644 --- a/util/copyrights +++ b/util/copyrights @@ -494,6 +494,7 @@ ./bin/tests/system/digcomp.pl PERL 2000,2001,2004,2007,2012,2013,2016,2018 ./bin/tests/system/digdelv/ans4/startme X 2017,2018 ./bin/tests/system/digdelv/clean.sh SH 2015,2016,2018 +./bin/tests/system/digdelv/ns2/sign.sh SH 2018 ./bin/tests/system/digdelv/prereq.sh SH 2018 ./bin/tests/system/digdelv/setup.sh SH 2018 ./bin/tests/system/digdelv/tests.sh SH 2015,2016,2017,2018