mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-08-29 05:28:00 +00:00
Code Issues Releases Wiki Activity

parallelize most system tests

Browse Source
This commit is contained in:
Evan Hunt 2018-02-20 15:43:27 -08:00
parent 0217cc8bb2
commit c032c54dda
621 changed files with 7697 additions and 7749 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
bin/tests/system/Makefile.in
View File

@ -46,7 +46,26 @@ feature-test@EXEEXT@: feature-test.@O@
# Define the tests that can be run in parallel. This should be identical to
# the definition of PARALLELDIRS in conf.sh.
PARALLEL = allow_query catz rpzrecurse serve-stale
PARALLEL = acl additional addzone allow_query auth autosign \
builtin cacheclean case catz cds chain \
checkconf checknames checkzone \
@CHECKDS@ @COVERAGE@ @KEYMGR@ \
cookie database digdelv dlv dlz dlzexternal \
dns64 dnssec @DNSTAP@ dscp dsdigest dyndb \
ednscompliance emptyzones \
fetchlimit filter-aaaa formerr forward \
geoip glue inline integrity ixfr keepalive \
legacy limits logfileconfig \
masterfile masterformat metadata mkeys \
names notify nslookup nsupdate nzd2nzf \
padding pending pipelined \
reclimit redirect resolver rndc rpz rpzrecurse \
rrchecker rrl rrsetorder rsabigexponent runtime \
serve-stale sfcache smartsign sortlist \
spf staticstub statistics statschannel stub synthfromdnssec \
tcp tools tsig tsiggss \
unknown upforwd verify views wildcard \
xfer xferquota zero zonechecks
# Produce intermediate makefile that assigns unique port numbers to each
# parallel test. The start port number of 5,000 is arbitrary - it must just
@ -56,11 +75,13 @@ PARALLEL = allow_query catz rpzrecurse serve-stale
# underscores in target names and requires explicit differentiation
# between a target name and a directory name (.PHONY is not supported).
.PHONY: parallel.mk
parallel.mk:
@PARALLEL_SANITIZED=`echo $(PARALLEL) | sed "s|\([^ ][^ ]*\)|test-\1|g;" | tr _ -` ; \
PARALLEL_SANITIZED=`echo $(PARALLEL) | sed "s|\([^ ][^ ]*\)|test-\1|g;" | tr _ -` ; \
echo ".PHONY: $$PARALLEL_SANITIZED" > $@ ; \
echo "" >> $@ ; \
echo "check: $$PARALLEL_SANITIZED" >> $@ ; \
echo "test check: $$PARALLEL_SANITIZED" >> $@ ; \
port=$${STARTPORT:-5000} ; \
for directory in $(PARALLEL) ; do \
echo "" >> $@ ; \

2
bin/tests/system/README
View File

@ -334,7 +334,7 @@ are:
PORT Number to be used for the query port.
CONTROLPORT Number to be used as the RNDC control port.
EXTRAPORT1 - EXTRAPORT8 Eight port numbers that can be use as needed.
EXTRAPORT1 - EXTRAPORT8 Eight port numbers that can be used as needed.
Two other environment variables are defined:

3
bin/tests/system/acl/clean.sh
View File

@ -11,7 +11,8 @@
#
rm -f dig.out.*
rm -f ns2/example.db ns2/tsigzone.db ns2/example.db.jnl ns2/named.conf
rm -f ns2/example.db ns2/tsigzone.db ns2/example.db.jnl
rm -f */named.conf
rm -f */named.memstats
rm -f */named.run
rm -f ns*/named.lock

13
bin/tests/system/acl/ns2/named1.conf → bin/tests/system/acl/ns2/named1.conf.in
View File

@ -6,15 +6,20 @@
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
*/
/* $Id: named1.conf,v 1.2 2008/01/10 01:10:01 marka Exp $ */
key rndc_key {
secret "1234abcd8765";
algorithm hmac-sha256;
};
controls { /* empty */ };
controls {
inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; };
};
options {
query-source address 10.53.0.2;
notify-source 10.53.0.2;
transfer-source 10.53.0.2;
port 5300;
port @PORT@;
pid-file "named.pid";
listen-on { 10.53.0.2; };
listen-on-v6 { none; };
@ -24,8 +29,6 @@ options {
check-integrity no;
};
include "../../common/controls.conf";
key one {
algorithm hmac-md5;
secret "1234abcd8765";

13
bin/tests/system/acl/ns2/named2.conf → bin/tests/system/acl/ns2/named2.conf.in
View File

@ -6,15 +6,20 @@
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
*/
/* $Id: named2.conf,v 1.3 2008/01/21 20:38:54 each Exp $ */
key rndc_key {
secret "1234abcd8765";
algorithm hmac-sha256;
};
controls { /* empty */ };
controls {
inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; };
};
options {
query-source address 10.53.0.2;
notify-source 10.53.0.2;
transfer-source 10.53.0.2;
port 5300;
port @PORT@;
pid-file "named.pid";
listen-on { 10.53.0.2; };
listen-on-v6 { none; };
@ -24,8 +29,6 @@ options {
check-integrity no;
};
include "../../common/controls.conf";
key one {
algorithm hmac-md5;
secret "1234abcd8765";

13
bin/tests/system/acl/ns2/named3.conf → bin/tests/system/acl/ns2/named3.conf.in
View File

@ -6,15 +6,20 @@
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
*/
/* $Id: named3.conf,v 1.2 2008/01/10 01:10:01 marka Exp $ */
key rndc_key {
secret "1234abcd8765";
algorithm hmac-sha256;
};
controls { /* empty */ };
controls {
inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; };
};
options {
query-source address 10.53.0.2;
notify-source 10.53.0.2;
transfer-source 10.53.0.2;
port 5300;
port @PORT@;
pid-file "named.pid";
listen-on { 10.53.0.2; };
listen-on-v6 { none; };
@ -24,8 +29,6 @@ options {
check-integrity no;
};
include "../../common/controls.conf";
key one {
algorithm hmac-md5;
secret "1234abcd8765";

13
bin/tests/system/acl/ns2/named4.conf → bin/tests/system/acl/ns2/named4.conf.in
View File

@ -6,15 +6,20 @@
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
*/
/* $Id: named4.conf,v 1.2 2008/01/10 01:10:01 marka Exp $ */
key rndc_key {
secret "1234abcd8765";
algorithm hmac-sha256;
};
controls { /* empty */ };
controls {
inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; };
};
options {
query-source address 10.53.0.2;
notify-source 10.53.0.2;
transfer-source 10.53.0.2;
port 5300;
port @PORT@;
pid-file "named.pid";
listen-on { 10.53.0.2; };
listen-on-v6 { none; };
@ -24,8 +29,6 @@ options {
check-integrity no;
};
include "../../common/controls.conf";
key one {
algorithm hmac-md5;
secret "1234abcd8765";

13
bin/tests/system/acl/ns2/named5.conf → bin/tests/system/acl/ns2/named5.conf.in
View File

@ -6,15 +6,20 @@
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
*/
/* $Id: named1.conf,v 1.2 2008/01/10 01:10:01 marka Exp $ */
key rndc_key {
secret "1234abcd8765";
algorithm hmac-sha256;
};
controls { /* empty */ };
controls {
inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; };
};
options {
query-source address 10.53.0.2;
notify-source 10.53.0.2;
transfer-source 10.53.0.2;
port 5300;
port @PORT@;
pid-file "named.pid";
listen-on { 10.53.0.2; };
listen-on-v6 { none; };
@ -25,8 +30,6 @@ options {
allow-query-on { 10.53.0.2; };
};
include "../../common/controls.conf";
key one {
algorithm hmac-md5;
secret "1234abcd8765";

13
bin/tests/system/acl/ns2/named6.conf → bin/tests/system/acl/ns2/named6.conf.in
View File

@ -6,13 +6,20 @@
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
*/
controls { /* empty */ };
key rndc_key {
secret "1234abcd8765";
algorithm hmac-sha256;
};
controls {
inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; };
};
options {
query-source address 10.53.0.2;
notify-source 10.53.0.2;
transfer-source 10.53.0.2;
port 5300;
port @PORT@;
pid-file "named.pid";
listen-on { 10.53.0.2; };
listen-on-v6 { none; };
@ -23,8 +30,6 @@ options {
allow-query-on { 10.53.0.2; };
};
include "../../common/controls.conf";
zone "." {
type hint;
file "../../common/root.hint";

13
bin/tests/system/acl/ns2/named7.conf → bin/tests/system/acl/ns2/named7.conf.in
View File

@ -6,13 +6,20 @@
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
*/
controls { /* empty */ };
key rndc_key {
secret "1234abcd8765";
algorithm hmac-sha256;
};
controls {
inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; };
};
options {
query-source address 10.53.0.2;
notify-source 10.53.0.2;
transfer-source 10.53.0.2;
port 5300;
port @PORT@;
pid-file "named.pid";
listen-on { 10.53.0.2; };
listen-on-v6 { none; };
@ -23,8 +30,6 @@ options {
allow-query-on { 10.53.0.2; };
};
include "../../common/controls.conf";
view one {
match-clients { ecs 192.0.2/24; };

4
bin/tests/system/acl/ns3/named.conf → bin/tests/system/acl/ns3/named.conf.in
View File

@ -10,7 +10,7 @@ options {
query-source address 10.53.0.3;
notify-source 10.53.0.3;
transfer-source 10.53.0.3;
port 5300;
port @PORT@;
pid-file "named.pid";
listen-on { 10.53.0.3; };
listen-on-v6 { none; };
@ -21,7 +21,7 @@ options {
};
controls {
inet 10.53.0.3 port 9953 allow { any; } keys { rndc_key; };
inet 10.53.0.3 port @CONTROLPORT@ allow { any; } keys { rndc_key; };
};
key rndc_key {

4
bin/tests/system/acl/ns4/named.conf → bin/tests/system/acl/ns4/named.conf.in
View File

@ -10,7 +10,7 @@ options {
query-source address 10.53.0.4;
notify-source 10.53.0.4;
transfer-source 10.53.0.4;
port 5300;
port @PORT@;
pid-file "named.pid";
listen-on { 10.53.0.4; };
listen-on-v6 { none; };
@ -21,7 +21,7 @@ options {
};
controls {
inet 10.53.0.4 port 9953 allow { any; } keys { rndc_key; };
inet 10.53.0.4 port @CONTROLPORT@ allow { any; } keys { rndc_key; };
};
key rndc_key {

5
bin/tests/system/acl/setup.sh
View File

@ -9,6 +9,9 @@
SYSTEMTESTTOP=..
. $SYSTEMTESTTOP/conf.sh
$SHELL clean.sh
$SHELL ../genzone.sh 2 3 >ns2/example.db
$SHELL ../genzone.sh 2 3 >ns2/tsigzone.db
cp -f ns2/named1.conf ns2/named.conf
copy_setports ns2/named1.conf.in ns2/named.conf
copy_setports ns3/named.conf.in ns3/named.conf
copy_setports ns4/named.conf.in ns4/named.conf

191
bin/tests/system/acl/tests.sh
View File

@ -6,231 +6,228 @@
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
# $Id: tests.sh,v 1.4 2008/07/19 00:02:14 each Exp $
SYSTEMTESTTOP=..
. $SYSTEMTESTTOP/conf.sh
DIGOPTS="+tcp +noadd +nosea +nostat +noquest +nocomm +nocmd"
DIGOPTS="+tcp +noadd +nosea +nostat +noquest +nocomm +nocmd -p ${PORT}"
RNDCCMD="$RNDC -c $SYSTEMTESTTOP/common/rndc.conf -p ${CONTROLPORT} -s"
status=0
t=0
echo "I:testing basic ACL processing"
echo_i "testing basic ACL processing"
# key "one" should fail
t=`expr $t + 1`
$DIG $DIGOPTS tsigzone. \
@10.53.0.2 -b 10.53.0.1 axfr -y one:1234abcd8765 -p 5300 > dig.out.${t}
grep "^;" dig.out.${t} > /dev/null 2>&1 || { echo "I:test $t failed" ; status=1; }
@10.53.0.2 -b 10.53.0.1 axfr -y one:1234abcd8765 > dig.out.${t}
grep "^;" dig.out.${t} > /dev/null 2>&1 || { echo_i "test $t failed" ; status=1; }
# any other key should be fine
t=`expr $t + 1`
$DIG $DIGOPTS tsigzone. \
@10.53.0.2 -b 10.53.0.1 axfr -y two:1234abcd8765 -p 5300 > dig.out.${t}
grep "^;" dig.out.${t} > /dev/null 2>&1 && { echo "I:test $t failed" ; status=1; }
@10.53.0.2 -b 10.53.0.1 axfr -y two:1234abcd8765 > dig.out.${t}
grep "^;" dig.out.${t} > /dev/null 2>&1 && { echo_i "test $t failed" ; status=1; }
cp -f ns2/named2.conf ns2/named.conf
$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 reload 2>&1 | sed 's/^/I:ns2 /'
copy_setports ns2/named2.conf.in ns2/named.conf
$RNDCCMD 10.53.0.2 reload 2>&1 | sed 's/^/ns2 /' | cat_i
sleep 5
# prefix 10/8 should fail
t=`expr $t + 1`
$DIG $DIGOPTS tsigzone. \
@10.53.0.2 -b 10.53.0.1 axfr -y one:1234abcd8765 -p 5300 > dig.out.${t}
grep "^;" dig.out.${t} > /dev/null 2>&1 || { echo "I:test $t failed" ; status=1; }
@10.53.0.2 -b 10.53.0.1 axfr -y one:1234abcd8765 > dig.out.${t}
grep "^;" dig.out.${t} > /dev/null 2>&1 || { echo_i "test $t failed" ; status=1; }
# any other address should work, as long as it sends key "one"
t=`expr $t + 1`
$DIG $DIGOPTS tsigzone. \
@10.53.0.2 -b 127.0.0.1 axfr -y two:1234abcd8765 -p 5300 > dig.out.${t}
grep "^;" dig.out.${t} > /dev/null 2>&1 || { echo "I:test $t failed" ; status=1; }
@10.53.0.2 -b 127.0.0.1 axfr -y two:1234abcd8765 > dig.out.${t}
grep "^;" dig.out.${t} > /dev/null 2>&1 || { echo_i "test $t failed" ; status=1; }
t=`expr $t + 1`
$DIG $DIGOPTS tsigzone. \
@10.53.0.2 -b 127.0.0.1 axfr -y one:1234abcd8765 -p 5300 > dig.out.${t}
grep "^;" dig.out.${t} > /dev/null 2>&1 && { echo "I:test $t failed" ; status=1; }
@10.53.0.2 -b 127.0.0.1 axfr -y one:1234abcd8765 > dig.out.${t}
grep "^;" dig.out.${t} > /dev/null 2>&1 && { echo_i "test $t failed" ; status=1; }
echo "I:testing nested ACL processing"
echo_i "testing nested ACL processing"
# all combinations of 10.53.0.{1|2} with key {one|two}, should succeed
cp -f ns2/named3.conf ns2/named.conf
$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 reload 2>&1 | sed 's/^/I:ns2 /'
copy_setports ns2/named3.conf.in ns2/named.conf
$RNDCCMD 10.53.0.2 reload 2>&1 | sed 's/^/ns2 /' | cat_i
sleep 5
# should succeed
t=`expr $t + 1`
$DIG $DIGOPTS tsigzone. \
@10.53.0.2 -b 10.53.0.2 axfr -y two:1234abcd8765 -p 5300 > dig.out.${t}
grep "^;" dig.out.${t} > /dev/null 2>&1 && { echo "I:test $t failed" ; status=1; }
@10.53.0.2 -b 10.53.0.2 axfr -y two:1234abcd8765 > dig.out.${t}
grep "^;" dig.out.${t} > /dev/null 2>&1 && { echo_i "test $t failed" ; status=1; }
# should succeed
t=`expr $t + 1`
$DIG $DIGOPTS tsigzone. \
@10.53.0.2 -b 10.53.0.2 axfr -y one:1234abcd8765 -p 5300 > dig.out.${t}
grep "^;" dig.out.${t} > /dev/null 2>&1 && { echo "I:test $t failed" ; status=1; }
@10.53.0.2 -b 10.53.0.2 axfr -y one:1234abcd8765 > dig.out.${t}
grep "^;" dig.out.${t} > /dev/null 2>&1 && { echo_i "test $t failed" ; status=1; }
# should succeed
t=`expr $t + 1`
$DIG $DIGOPTS tsigzone. \
@10.53.0.2 -b 10.53.0.1 axfr -y two:1234abcd8765 -p 5300 > dig.out.${t}
grep "^;" dig.out.${t} > /dev/null 2>&1 && { echo "I:test $t failed" ; status=1; }
@10.53.0.2 -b 10.53.0.1 axfr -y two:1234abcd8765 > dig.out.${t}
grep "^;" dig.out.${t} > /dev/null 2>&1 && { echo_i "test $t failed" ; status=1; }
# should succeed
t=`expr $t + 1`
$DIG $DIGOPTS tsigzone. \
@10.53.0.2 -b 10.53.0.1 axfr -y two:1234abcd8765 -p 5300 > dig.out.${t}
grep "^;" dig.out.${t} > /dev/null 2>&1 && { echo "I:test $t failed" ; status=1; }
@10.53.0.2 -b 10.53.0.1 axfr -y two:1234abcd8765 > dig.out.${t}
grep "^;" dig.out.${t} > /dev/null 2>&1 && { echo_i "test $t failed" ; status=1; }
# but only one or the other should fail
t=`expr $t + 1`
$DIG $DIGOPTS tsigzone. \
@10.53.0.2 -b 127.0.0.1 axfr -y one:1234abcd8765 -p 5300 > dig.out.${t}
grep "^;" dig.out.${t} > /dev/null 2>&1 || { echo "I:test $t failed" ; status=1; }
@10.53.0.2 -b 127.0.0.1 axfr -y one:1234abcd8765 > dig.out.${t}
grep "^;" dig.out.${t} > /dev/null 2>&1 || { echo_i "test $t failed" ; status=1; }
t=`expr $t + 1`
$DIG $DIGOPTS tsigzone. \
@10.53.0.2 -b 10.53.0.2 axfr -p 5300 > dig.out.${t}
grep "^;" dig.out.${t} > /dev/null 2>&1 || { echo "I:test $tt failed" ; status=1; }
@10.53.0.2 -b 10.53.0.2 axfr > dig.out.${t}
grep "^;" dig.out.${t} > /dev/null 2>&1 || { echo_i "test $tt failed" ; status=1; }
# and other values? right out
t=`expr $t + 1`
$DIG $DIGOPTS tsigzone. \
@10.53.0.2 -b 127.0.0.1 axfr -y three:1234abcd8765 -p 5300 > dig.out.${t}
grep "^;" dig.out.${t} > /dev/null 2>&1 || { echo "I:test $t failed" ; status=1; }
@10.53.0.2 -b 127.0.0.1 axfr -y three:1234abcd8765 > dig.out.${t}
grep "^;" dig.out.${t} > /dev/null 2>&1 || { echo_i "test $t failed" ; status=1; }
# now we only allow 10.53.0.1 *and* key one, or 10.53.0.2 *and* key two
cp -f ns2/named4.conf ns2/named.conf
$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 reload 2>&1 | sed 's/^/I:ns2 /'
copy_setports ns2/named4.conf.in ns2/named.conf
$RNDCCMD 10.53.0.2 reload 2>&1 | sed 's/^/ns2 /' | cat_i
sleep 5
# should succeed
t=`expr $t + 1`
$DIG $DIGOPTS tsigzone. \
@10.53.0.2 -b 10.53.0.2 axfr -y two:1234abcd8765 -p 5300 > dig.out.${t}
grep "^;" dig.out.${t} > /dev/null 2>&1 && { echo "I:test $t failed" ; status=1; }
@10.53.0.2 -b 10.53.0.2 axfr -y two:1234abcd8765 > dig.out.${t}
grep "^;" dig.out.${t} > /dev/null 2>&1 && { echo_i "test $t failed" ; status=1; }
# should succeed
t=`expr $t + 1`
$DIG $DIGOPTS tsigzone. \
@10.53.0.2 -b 10.53.0.1 axfr -y one:1234abcd8765 -p 5300 > dig.out.${t}
grep "^;" dig.out.${t} > /dev/null 2>&1 && { echo "I:test $t failed" ; status=1; }
@10.53.0.2 -b 10.53.0.1 axfr -y one:1234abcd8765 > dig.out.${t}
grep "^;" dig.out.${t} > /dev/null 2>&1 && { echo_i "test $t failed" ; status=1; }
# should fail
t=`expr $t + 1`
$DIG $DIGOPTS tsigzone. \
@10.53.0.2 -b 10.53.0.2 axfr -y one:1234abcd8765 -p 5300 > dig.out.${t}
grep "^;" dig.out.${t} > /dev/null 2>&1 || { echo "I:test $t failed" ; status=1; }
@10.53.0.2 -b 10.53.0.2 axfr -y one:1234abcd8765 > dig.out.${t}
grep "^;" dig.out.${t} > /dev/null 2>&1 || { echo_i "test $t failed" ; status=1; }
# should fail
t=`expr $t + 1`
$DIG $DIGOPTS tsigzone. \
@10.53.0.2 -b 10.53.0.1 axfr -y two:1234abcd8765 -p 5300 > dig.out.${t}
grep "^;" dig.out.${t} > /dev/null 2>&1 || { echo "I:test $t failed" ; status=1; }
@10.53.0.2 -b 10.53.0.1 axfr -y two:1234abcd8765 > dig.out.${t}
grep "^;" dig.out.${t} > /dev/null 2>&1 || { echo_i "test $t failed" ; status=1; }
# should fail
t=`expr $t + 1`
$DIG $DIGOPTS tsigzone. \
@10.53.0.2 -b 10.53.0.3 axfr -y one:1234abcd8765 -p 5300 > dig.out.${t}
grep "^;" dig.out.${t} > /dev/null 2>&1 || { echo "I:test $t failed" ; status=1; }
@10.53.0.2 -b 10.53.0.3 axfr -y one:1234abcd8765 > dig.out.${t}
grep "^;" dig.out.${t} > /dev/null 2>&1 || { echo_i "test $t failed" ; status=1; }
echo "I:testing allow-query-on ACL processing"
cp -f ns2/named5.conf ns2/named.conf
$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 reload 2>&1 | sed 's/^/I:ns2 /'
echo_i "testing allow-query-on ACL processing"
copy_setports ns2/named5.conf.in ns2/named.conf
$RNDCCMD 10.53.0.2 reload 2>&1 | sed 's/^/ns2 /' | cat_i
sleep 5
t=`expr $t + 1`
$DIG +tcp soa example. \
@10.53.0.2 -b 10.53.0.3 -p 5300 > dig.out.${t}
grep "status: NOERROR" dig.out.${t} > /dev/null 2>&1 || { echo "I:test $t failed" ; status=1; }
$DIG -p ${PORT} +tcp soa example. \
@10.53.0.2 -b 10.53.0.3 > dig.out.${t}
grep "status: NOERROR" dig.out.${t} > /dev/null 2>&1 || { echo_i "test $t failed" ; status=1; }
echo "I:testing EDNS client-subnet ACL processing"
cp -f ns2/named6.conf ns2/named.conf
$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 reload 2>&1 | sed 's/^/I:ns2 /'
echo_i "testing EDNS client-subnet ACL processing"
copy_setports ns2/named6.conf.in ns2/named.conf
$RNDCCMD 10.53.0.2 reload 2>&1 | sed 's/^/ns2 /' | cat_i
sleep 5
# should fail
t=`expr $t + 1`
$DIG $DIGOPTS tsigzone. \
@10.53.0.2 -b 10.53.0.2 axfr -p 5300 > dig.out.${t}
grep "^;" dig.out.${t} > /dev/null 2>&1 || { echo "I:test $t failed" ; status=1; }
@10.53.0.2 -b 10.53.0.2 axfr > dig.out.${t}
grep "^;" dig.out.${t} > /dev/null 2>&1 || { echo_i "test $t failed" ; status=1; }
# should succeed
t=`expr $t + 1`
$DIG $DIGOPTS tsigzone. \
@10.53.0.2 -b 10.53.0.2 +subnet="10.53.0/24" axfr -p 5300 > dig.out.${t}
grep "^;" dig.out.${t} > /dev/null 2>&1 && { echo "I:test $t failed" ; status=1; }
@10.53.0.2 -b 10.53.0.2 +subnet="10.53.0/24" axfr > dig.out.${t}
grep "^;" dig.out.${t} > /dev/null 2>&1 && { echo_i "test $t failed" ; status=1; }
echo "I:testing EDNS client-subnet response scope"
cp -f ns2/named7.conf ns2/named.conf
$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 reload 2>&1 | sed 's/^/I:ns2 /'
echo_i "testing EDNS client-subnet response scope"
copy_setports ns2/named7.conf.in ns2/named.conf
$RNDCCMD 10.53.0.2 reload 2>&1 | sed 's/^/ns2 /' | cat_i
sleep 5
t=`expr $t + 1`
$DIG example. soa @10.53.0.2 +subnet="10.53.0.1/32" -p 5300 > dig.out.${t}
grep "CLIENT-SUBNET.*10.53.0.1/32/0" dig.out.${t} > /dev/null || { echo "I:test $t failed" ; status=1; }
$DIG -p ${PORT} example. soa @10.53.0.2 +subnet="10.53.0.1/32" > dig.out.${t}
grep "CLIENT-SUBNET.*10.53.0.1/32/0" dig.out.${t} > /dev/null || { echo_i "test $t failed" ; status=1; }
t=`expr $t + 1`
$DIG example. soa @10.53.0.2 +subnet="192.0.2.128/32" -p 5300 > dig.out.${t}
grep "CLIENT-SUBNET.*192.0.2.128/32/24" dig.out.${t} > /dev/null || { echo "I:test $t failed" ; status=1; }
$DIG -p ${PORT} example. soa @10.53.0.2 +subnet="192.0.2.128/32" > dig.out.${t}
grep "CLIENT-SUBNET.*192.0.2.128/32/24" dig.out.${t} > /dev/null || { echo_i "test $t failed" ; status=1; }
# AXFR tests against ns3
echo "I:testing allow-transfer ACLs against ns3 (no existing zones)"
echo "I:calling addzone example.com on ns3"
$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 addzone 'example.com {type master; file "example.db"; }; '
echo_i "testing allow-transfer ACLs against ns3 (no existing zones)"
echo_i "calling addzone example.com on ns3"
$RNDCCMD 10.53.0.3 addzone 'example.com {type master; file "example.db"; }; '
sleep 1
t=`expr $t + 1`
ret=0
echo "I:checking AXFR of example.com from ns3 with ACL allow-transfer { none; }; (${t})"
$DIG @10.53.0.3 -p 5300 example.com axfr > dig.out.${t} 2>&1
echo_i "checking AXFR of example.com from ns3 with ACL allow-transfer { none; }; (${t})"
$DIG -p ${PORT} @10.53.0.3 example.com axfr > dig.out.${t} 2>&1
grep "Transfer failed." dig.out.${t} >/dev/null 2>&1 || ret=1
[ $ret -eq 0 ] || echo "I:failed"
[ $ret -eq 0 ] || echo_i "failed"
status=`expr $status + $ret`
echo "I:calling rndc reconfig"
$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 reconfig
echo_i "calling rndc reconfig"
$RNDCCMD 10.53.0.3 reconfig 2>&1 | sed 's/^/ns3 /' | cat_i
sleep 1
t=`expr $t + 1`
ret=0
echo "I:re-checking AXFR of example.com from ns3 with ACL allow-transfer { none; }; (${t})"
$DIG @10.53.0.3 -p 5300 example.com axfr > dig.out.${t} 2>&1
echo_i "re-checking AXFR of example.com from ns3 with ACL allow-transfer { none; }; (${t})"
$DIG -p ${PORT} @10.53.0.3 example.com axfr > dig.out.${t} 2>&1
grep "Transfer failed." dig.out.${t} >/dev/null 2>&1 || ret=1
[ $ret -eq 0 ] || echo "I:failed"
[ $ret -eq 0 ] || echo_i "failed"
status=`expr $status + $ret`
# AXFR tests against ns4
echo "I:testing allow-transfer ACLs against ns4 (1 pre-existing zone)"
echo_i "testing allow-transfer ACLs against ns4 (1 pre-existing zone)"
echo "I:calling addzone example.com on ns4"
$RNDC -c ../common/rndc.conf -s 10.53.0.4 -p 9953 addzone 'example.com {type master; file "example.db"; }; '
echo_i "calling addzone example.com on ns4"
$RNDCCMD 10.53.0.4 addzone 'example.com {type master; file "example.db"; }; '
sleep 1
t=`expr $t + 1`
ret=0
echo_i "checking AXFR of example.com from ns4 with ACL allow-transfer { none; }; (${t})"
$DIG -p ${PORT} @10.53.0.4 example.com axfr > dig.out.${t} 2>&1
grep "Transfer failed." dig.out.${t} >/dev/null 2>&1 || ret=1
[ $ret -eq 0 ] || echo_i "failed"
status=`expr $status + $ret`
echo_i "calling rndc reconfig"
$RNDCCMD 10.53.0.4 reconfig 2>&1 | sed 's/^/ns4 /' | cat_i
sleep 1
t=`expr $t + 1`
ret=0
echo "I:checking AXFR of example.com from ns4 with ACL allow-transfer { none; }; (${t})"
$DIG @10.53.0.4 -p 5300 example.com axfr > dig.out.${t} 2>&1
echo_i "re-checking AXFR of example.com from ns4 with ACL allow-transfer { none; }; (${t})"
$DIG -p ${PORT} @10.53.0.4 example.com axfr > dig.out.${t} 2>&1
grep "Transfer failed." dig.out.${t} >/dev/null 2>&1 || ret=1
[ $ret -eq 0 ] || echo "I:failed"
[ $ret -eq 0 ] || echo_i "failed"
status=`expr $status + $ret`
echo "I:calling rndc reconfig"
$RNDC -c ../common/rndc.conf -s 10.53.0.4 -p 9953 reconfig
sleep 1
t=`expr $t + 1`
ret=0
echo "I:re-checking AXFR of example.com from ns4 with ACL allow-transfer { none; }; (${t})"
$DIG @10.53.0.4 -p 5300 example.com axfr > dig.out.${t} 2>&1
grep "Transfer failed." dig.out.${t} >/dev/null 2>&1 || ret=1
[ $ret -eq 0 ] || echo "I:failed"
status=`expr $status + $ret`
echo "I:exit status: $status"
echo_i "exit status: $status"
[ $status -eq 0 ] || exit 1

2
bin/tests/system/additional/clean.sh
View File

@ -12,6 +12,6 @@
rm -f dig.out.*
rm -f */named.memstats
rm -f ns1/named.conf
rm -f */named.conf
rm -f */named.run
rm -f ns*/named.lock

6
bin/tests/system/additional/ns1/named1.conf → bin/tests/system/additional/ns1/named1.conf.in
View File

@ -6,14 +6,12 @@
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
*/
/* $Id: named.conf,v 1.5 2007/06/19 23:47:06 tbox Exp $ */
options {
query-source address 10.53.0.1;
notify-source 10.53.0.1;
transfer-source 10.53.0.1;
recursion no;
port 5300;
port @PORT@;
pid-file "named.pid";
listen-on { 10.53.0.1; };
listen-on-v6 { none; };
@ -24,7 +22,7 @@ options {
include "../../common/rndc.key";
controls {
inet 10.53.0.1 port 9953 allow { any; } keys { rndc_key; };
inet 10.53.0.1 port @CONTROLPORT@ allow { any; } keys { rndc_key; };
};
zone "rt.example" {

6
bin/tests/system/additional/ns1/named2.conf → bin/tests/system/additional/ns1/named2.conf.in
View File

@ -6,14 +6,12 @@
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
*/
/* $Id: named.conf,v 1.5 2007/06/19 23:47:06 tbox Exp $ */
options {
query-source address 10.53.0.1;
notify-source 10.53.0.1;
transfer-source 10.53.0.1;
recursion no;
port 5300;
port @PORT@;
pid-file "named.pid";
listen-on { 10.53.0.1; };
listen-on-v6 { none; };
@ -24,7 +22,7 @@ options {
include "../../common/rndc.key";
controls {
inet 10.53.0.1 port 9953 allow { any; } keys { rndc_key; };
inet 10.53.0.1 port @CONTROLPORT@ allow { any; } keys { rndc_key; };
};
zone "rt.example" {

4
bin/tests/system/additional/ns1/named3.conf → bin/tests/system/additional/ns1/named3.conf.in
View File

@ -11,7 +11,7 @@ options {
notify-source 10.53.0.1;
transfer-source 10.53.0.1;
recursion no;
port 5300;
port @PORT@;
pid-file "named.pid";
listen-on { 10.53.0.1; };
listen-on-v6 { none; };
@ -23,7 +23,7 @@ options {
include "../../common/rndc.key";
controls {
inet 10.53.0.1 port 9953 allow { any; } keys { rndc_key; };
inet 10.53.0.1 port @CONTROLPORT@ allow { any; } keys { rndc_key; };
};
zone "rt.example" {

4
bin/tests/system/additional/ns1/named4.conf → bin/tests/system/additional/ns1/named4.conf.in
View File

@ -11,7 +11,7 @@ options {
notify-source 10.53.0.1;
transfer-source 10.53.0.1;
recursion no;
port 5300;
port @PORT@;
pid-file "named.pid";
listen-on { 10.53.0.1; };
listen-on-v6 { none; };
@ -22,7 +22,7 @@ options {
include "../../common/rndc.key";
controls {
inet 10.53.0.1 port 9953 allow { any; } keys { rndc_key; };
inet 10.53.0.1 port @CONTROLPORT@ allow { any; } keys { rndc_key; };
};
zone "mx.example" {

2
bin/tests/system/additional/ns3/named.conf → bin/tests/system/additional/ns3/named.conf.in
View File

@ -12,7 +12,7 @@ options {
query-source address 10.53.0.3;
notify-source 10.53.0.3;
transfer-source 10.53.0.3;
port 5300;
port @PORT@;
pid-file "named.pid";
listen-on { 10.53.0.3; };
listen-on-v6 { none; };

7
bin/tests/system/additional/setup.sh
View File

@ -6,4 +6,9 @@
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
cp -f ns1/named1.conf ns1/named.conf
SYSTEMTESTTOP=..
. $SYSTEMTESTTOP/conf.sh
$SHELL clean.sh
copy_setports ns1/named1.conf.in ns1/named.conf
copy_setports ns3/named.conf.in ns3/named.conf

171
bin/tests/system/additional/tests.sh
View File

@ -6,51 +6,52 @@
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
# $Id: tests.sh,v 1.7 2011/11/06 23:46:40 tbox Exp $
SYSTEMTESTTOP=..
. $SYSTEMTESTTOP/conf.sh
DIGOPTS="-p ${PORT}"
RNDCCMD="$RNDC -c $SYSTEMTESTTOP/common/rndc.conf -p ${CONTROLPORT} -s"
status=0
n=0
dotests() {
n=`expr $n + 1`
echo "I:test with RT, single zone (+rec) ($n)"
echo_i "test with RT, single zone (+rec) ($n)"
ret=0
$DIG +rec -t RT rt.rt.example @10.53.0.1 -p 5300 > dig.out.$n || ret=1
$DIG $DIGOPTS +rec -t RT rt.rt.example @10.53.0.1 > dig.out.$n || ret=1
if [ $ret -eq 1 ] ; then
echo "I: failed"; status=1
echo_i " failed"; status=1
fi
n=`expr $n + 1`
echo "I:test with RT, two zones (+rec) ($n)"
echo_i "test with RT, two zones (+rec) ($n)"
ret=0
$DIG +rec -t RT rt.rt2.example @10.53.0.1 -p 5300 > dig.out.$n || ret=1
$DIG $DIGOPTS +rec -t RT rt.rt2.example @10.53.0.1 > dig.out.$n || ret=1
if [ $ret -eq 1 ] ; then
echo "I: failed"; status=1
echo_i " failed"; status=1
fi
n=`expr $n + 1`
echo "I:test with NAPTR, single zone (+rec) ($n)"
echo_i "test with NAPTR, single zone (+rec) ($n)"
ret=0
$DIG +rec -t NAPTR nap.naptr.example @10.53.0.1 -p 5300 > dig.out.$n || ret=1
$DIG $DIGOPTS +rec -t NAPTR nap.naptr.example @10.53.0.1 > dig.out.$n || ret=1
if [ $ret -eq 1 ] ; then
echo "I: failed"; status=1
echo_i " failed"; status=1
fi
n=`expr $n + 1`
echo "I:test with NAPTR, two zones (+rec) ($n)"
echo_i "test with NAPTR, two zones (+rec) ($n)"
ret=0
$DIG +rec -t NAPTR nap.hang3b.example @10.53.0.1 -p 5300 > dig.out.$n || ret=1
$DIG $DIGOPTS +rec -t NAPTR nap.hang3b.example @10.53.0.1 > dig.out.$n || ret=1
if [ $ret -eq 1 ] ; then
echo "I: failed"; status=1
echo_i " failed"; status=1
fi
n=`expr $n + 1`
echo "I:test with LP (+rec) ($n)"
echo_i "test with LP (+rec) ($n)"
ret=0
$DIG +rec -t LP nid2.nid.example @10.53.0.1 -p 5300 > dig.out.$n || ret=1
$DIG $DIGOPTS +rec -t LP nid2.nid.example @10.53.0.1 > dig.out.$n || ret=1
case $minimal in
no)
grep -w "NS" dig.out.$n > /dev/null || ret=1
@ -74,13 +75,13 @@ dotests() {
;;
esac
if [ $ret -eq 1 ] ; then
echo "I: failed"; status=1
echo_i " failed"; status=1
fi
n=`expr $n + 1`
echo "I:test with NID (+rec) ($n)"
echo_i "test with NID (+rec) ($n)"
ret=0
$DIG +rec -t NID ns1.nid.example @10.53.0.1 -p 5300 > dig.out.$n || ret=1
$DIG $DIGOPTS +rec -t NID ns1.nid.example @10.53.0.1 > dig.out.$n || ret=1
if [ $minimal = no ] ; then
# change && to || when we support NID additional processing
grep -w "L64" dig.out.$n > /dev/null && ret=1
@ -90,13 +91,13 @@ dotests() {
grep -w "L32" dig.out.$n > /dev/null && ret=1
fi
if [ $ret -eq 1 ] ; then
echo "I: failed"; status=1
echo_i " failed"; status=1
fi
n=`expr $n + 1`
echo "I:test with NID + LP (+rec) ($n)"
echo_i "test with NID + LP (+rec) ($n)"
ret=0
$DIG +rec -t NID nid2.nid.example @10.53.0.1 -p 5300 > dig.out.$n || ret=1
$DIG $DIGOPTS +rec -t NID nid2.nid.example @10.53.0.1 > dig.out.$n || ret=1
if [ $minimal = no ] ; then
# change && to || when we support NID additional processing
grep -w "LP" dig.out.$n > /dev/null && ret=1
@ -108,45 +109,45 @@ dotests() {
grep -w "L32" dig.out.$n > /dev/null && ret=1
fi
if [ $ret -eq 1 ] ; then
echo "I: failed"; status=1
echo_i " failed"; status=1
fi
n=`expr $n + 1`
echo "I:test with RT, single zone (+norec) ($n)"
echo_i "test with RT, single zone (+norec) ($n)"
ret=0
$DIG +norec -t RT rt.rt.example @10.53.0.1 -p 5300 > dig.out.$n || ret=1
$DIG $DIGOPTS +norec -t RT rt.rt.example @10.53.0.1 > dig.out.$n || ret=1
if [ $ret -eq 1 ] ; then
echo "I: failed"; status=1
echo_i " failed"; status=1
fi
n=`expr $n + 1`
echo "I:test with RT, two zones (+norec) ($n)"
echo_i "test with RT, two zones (+norec) ($n)"
ret=0
$DIG +norec -t RT rt.rt2.example @10.53.0.1 -p 5300 > dig.out.$n || ret=1
$DIG $DIGOPTS +norec -t RT rt.rt2.example @10.53.0.1 > dig.out.$n || ret=1
if [ $ret -eq 1 ] ; then
echo "I: failed"; status=1
echo_i " failed"; status=1
fi
n=`expr $n + 1`
echo "I:test with NAPTR, single zone (+norec) ($n)"
echo_i "test with NAPTR, single zone (+norec) ($n)"
ret=0
$DIG +norec -t NAPTR nap.naptr.example @10.53.0.1 -p 5300 > dig.out.$n || ret=1
$DIG $DIGOPTS +norec -t NAPTR nap.naptr.example @10.53.0.1 > dig.out.$n || ret=1
if [ $ret -eq 1 ] ; then
echo "I: failed"; status=1
echo_i " failed"; status=1
fi
n=`expr $n + 1`
echo "I:test with NAPTR, two zones (+norec) ($n)"
echo_i "test with NAPTR, two zones (+norec) ($n)"
ret=0
$DIG +norec -t NAPTR nap.hang3b.example @10.53.0.1 -p 5300 > dig.out.$n || ret=1
$DIG $DIGOPTS +norec -t NAPTR nap.hang3b.example @10.53.0.1 > dig.out.$n || ret=1
if [ $ret -eq 1 ] ; then
echo "I: failed"; status=1
echo_i " failed"; status=1
fi
n=`expr $n + 1`
echo "I:test with LP (+norec) ($n)"
echo_i "test with LP (+norec) ($n)"
ret=0
$DIG +norec -t LP nid2.nid.example @10.53.0.1 -p 5300 > dig.out.$n || ret=1
$DIG $DIGOPTS +norec -t LP nid2.nid.example @10.53.0.1 > dig.out.$n || ret=1
case $minimal in
no)
grep -w "NS" dig.out.$n > /dev/null || ret=1
@ -170,13 +171,13 @@ dotests() {
;;
esac
if [ $ret -eq 1 ] ; then
echo "I: failed"; status=1
echo_i " failed"; status=1
fi
n=`expr $n + 1`
echo "I:test with NID (+norec) ($n)"
echo_i "test with NID (+norec) ($n)"
ret=0
$DIG +norec -t NID ns1.nid.example @10.53.0.1 -p 5300 > dig.out.$n || ret=1
$DIG $DIGOPTS +norec -t NID ns1.nid.example @10.53.0.1 > dig.out.$n || ret=1
if [ $minimal = no ] ; then
# change && to || when we support NID additional processing
grep -w "L64" dig.out.$n > /dev/null && ret=1
@ -186,13 +187,13 @@ dotests() {
grep -w "L32" dig.out.$n > /dev/null && ret=1
fi
if [ $ret -eq 1 ] ; then
echo "I: failed"; status=1
echo_i " failed"; status=1
fi
n=`expr $n + 1`
echo "I:test with NID + LP (+norec) ($n)"
echo_i "test with NID + LP (+norec) ($n)"
ret=0
$DIG +norec -t NID nid2.nid.example @10.53.0.1 -p 5300 > dig.out.$n || ret=1
$DIG $DIGOPTS +norec -t NID nid2.nid.example @10.53.0.1 > dig.out.$n || ret=1
if [ $minimal = no ] ; then
# change && to || when we support NID additional processing
grep -w "LP" dig.out.$n > /dev/null && ret=1
@ -204,123 +205,123 @@ dotests() {
grep -w "L32" dig.out.$n > /dev/null && ret=1
fi
if [ $ret -eq 1 ] ; then
echo "I: failed"; status=1
echo_i " failed"; status=1
fi
}
echo "I:testing with 'minimal-responses yes;'"
echo_i "testing with 'minimal-responses yes;'"
minimal=yes
dotests
echo "I:reconfiguring server: minimal-responses no"
cp ns1/named2.conf ns1/named.conf
$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 reconfig 2>&1 | sed 's/^/I:ns1 /'
echo_i "reconfiguring server: minimal-responses no"
copy_setports ns1/named2.conf.in ns1/named.conf
$RNDCCMD 10.53.0.1 reconfig 2>&1 | sed 's/^/ns1 /' | cat_i
sleep 2
echo "I:testing with 'minimal-responses no;'"
echo_i "testing with 'minimal-responses no;'"
minimal=no
dotests
n=`expr $n + 1`
echo "I:testing with 'minimal-any no;' ($n)"
echo_i "testing with 'minimal-any no;' ($n)"
ret=0
$DIG -t ANY www.rt.example @10.53.0.1 -p 5300 > dig.out.$n || ret=1
$DIG $DIGOPTS -t ANY www.rt.example @10.53.0.1 > dig.out.$n || ret=1
grep "ANSWER: 3, AUTHORITY: 1, ADDITIONAL: 2" dig.out.$n > /dev/null || ret=1
if [ $ret -eq 1 ] ; then
echo "I: failed"; status=1
echo_i " failed"; status=1
fi
echo "I:reconfiguring server: minimal-any yes"
cp ns1/named3.conf ns1/named.conf
$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 reconfig 2>&1 | sed 's/^/I:ns1 /'
echo_i "reconfiguring server: minimal-any yes"
copy_setports ns1/named3.conf.in ns1/named.conf
$RNDCCMD 10.53.0.1 reconfig 2>&1 | sed 's/^/ns1 /' | cat_i
sleep 2
n=`expr $n + 1`
echo "I:testing with 'minimal-any yes;' over UDP ($n)"
echo_i "testing with 'minimal-any yes;' over UDP ($n)"
ret=0
$DIG -t ANY +notcp www.rt.example @10.53.0.1 -p 5300 > dig.out.$n || ret=1
$DIG $DIGOPTS -t ANY +notcp www.rt.example @10.53.0.1 > dig.out.$n || ret=1
grep "ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1" dig.out.$n > /dev/null || ret=1
if [ $ret -eq 1 ] ; then
echo "I: failed"; status=1
echo_i " failed"; status=1
fi
n=`expr $n + 1`
echo "I:testing with 'minimal-any yes;' over TCP ($n)"
echo_i "testing with 'minimal-any yes;' over TCP ($n)"
ret=0
$DIG -t ANY +tcp www.rt.example @10.53.0.1 -p 5300 > dig.out.$n || ret=1
$DIG $DIGOPTS -t ANY +tcp www.rt.example @10.53.0.1 > dig.out.$n || ret=1
grep "ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1" dig.out.$n > /dev/null || ret=1
if [ $ret -eq 1 ] ; then
echo "I: failed"; status=1
echo_i " failed"; status=1
fi
n=`expr $n + 1`
echo "I:testing with 'minimal-any yes;' over UDP ($n)"
echo_i "testing with 'minimal-any yes;' over UDP ($n)"
ret=0
$DIG -t ANY +notcp www.rt.example @10.53.0.1 -p 5300 > dig.out.$n || ret=1
$DIG $DIGOPTS -t ANY +notcp www.rt.example @10.53.0.1 > dig.out.$n || ret=1
grep "ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1" dig.out.$n > /dev/null || ret=1
if [ $ret -eq 1 ] ; then
echo "I: failed"; status=1
echo_i " failed"; status=1
fi
echo "I:testing with 'minimal-responses no-auth;'"
echo_i "testing with 'minimal-responses no-auth;'"
minimal=no-auth
dotests
echo "I:reconfiguring server: minimal-responses no-auth-recursive"
cp ns1/named4.conf ns1/named.conf
$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 reconfig 2>&1 | sed 's/^/I:ns1 /'
echo_i "reconfiguring server: minimal-responses no-auth-recursive"
copy_setports ns1/named4.conf.in ns1/named.conf
$RNDCCMD 10.53.0.1 reconfig 2>&1 | sed 's/^/ns1 /' | cat_i
sleep 2
echo "I:testing with 'minimal-responses no-auth-recursive;'"
echo_i "testing with 'minimal-responses no-auth-recursive;'"
minimal=no-auth-recursive
dotests
n=`expr $n + 1`
echo "I:testing returning TLSA records with MX query ($n)"
echo_i "testing returning TLSA records with MX query ($n)"
ret=0
$DIG -t mx mx.example @10.53.0.1 -p 5300 > dig.out.$n || ret=1
$DIG $DIGOPTS -t mx mx.example @10.53.0.1 > dig.out.$n || ret=1
grep "mx\.example\..*MX.0 mail\.mx\.example" dig.out.$n > /dev/null || ret=1
grep "mail\.mx\.example\..*A.1\.2\.3\.4" dig.out.$n > /dev/null || ret=1
grep "_25\._tcp\.mail\.mx\.example\..*TLSA.3 0 1 5B30F9602297D558EB719162C225088184FAA32CA45E1ED15DE58A21 D9FCE383" dig.out.$n > /dev/null || ret=1
if [ $ret -eq 1 ] ; then
echo "I: failed"; status=1
echo_i " failed"; status=1
fi
n=`expr $n + 1`
echo "I:testing returning TLSA records with SRV query ($n)"
echo_i "testing returning TLSA records with SRV query ($n)"
ret=0
$DIG -t srv _xmpp-client._tcp.srv.example @10.53.0.1 -p 5300 > dig.out.$n || ret=1
$DIG $DIGOPTS -t srv _xmpp-client._tcp.srv.example @10.53.0.1 > dig.out.$n || ret=1
grep "_xmpp-client\._tcp\.srv\.example\..*SRV.1 0 5222 server\.srv\.example" dig.out.$n > /dev/null || ret=1
grep "server\.srv\.example\..*A.1\.2\.3\.4" dig.out.$n > /dev/null || ret=1
grep "_5222\._tcp\.server\.srv\.example\..*TLSA.3 0 1 5B30F9602297D558EB719162C225088184FAA32CA45E1ED15DE58A21 D9FCE383" dig.out.$n > /dev/null || ret=1
if [ $ret -eq 1 ] ; then
echo "I: failed"; status=1
echo_i " failed"; status=1
fi
echo "I:reconfiguring server: minimal-responses no"
cp ns1/named2.conf ns1/named.conf
$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 reconfig 2>&1 | sed 's/^/I:ns1 /'
echo_i "reconfiguring server: minimal-responses no"
copy_setports ns1/named2.conf.in ns1/named.conf
$RNDCCMD 10.53.0.1 reconfig 2>&1 | sed 's/^/ns1 /' | cat_i
sleep 2
n=`expr $n + 1`
echo "I:testing NS handling in ANY responses (authoritative) ($n)"
echo_i "testing NS handling in ANY responses (authoritative) ($n)"
ret=0
$DIG -t ANY rt.example @10.53.0.1 -p 5300 > dig.out.$n || ret=1
$DIG $DIGOPTS -t ANY rt.example @10.53.0.1 > dig.out.$n || ret=1
grep "AUTHORITY: 0" dig.out.$n > /dev/null || ret=1
grep "NS[ ]*ns" dig.out.$n > /dev/null || ret=1
if [ $ret -eq 1 ] ; then
echo "I: failed"; status=1
echo_i " failed"; status=1
fi
n=`expr $n + 1`
echo "I:testing NS handling in ANY responses (recursive) ($n)"
echo_i "testing NS handling in ANY responses (recursive) ($n)"
ret=0
$DIG -t ANY rt.example @10.53.0.3 -p 5300 > dig.out.$n || ret=1
$DIG $DIGOPTS -t ANY rt.example @10.53.0.3 > dig.out.$n || ret=1
grep "AUTHORITY: 0" dig.out.$n > /dev/null || ret=1
grep "NS[ ]*ns" dig.out.$n > /dev/null || ret=1
if [ $ret -eq 1 ] ; then
echo "I: failed"; status=1
echo_i " failed"; status=1
fi
echo "I:exit status: $status"
echo_i "exit status: $status"
[ $status -eq 0 ] || exit 1

2
bin/tests/system/addzone/clean.sh
View File

@ -10,7 +10,7 @@ rm -f dig.out.*
rm -f rndc.out*
rm -f showzone.out*
rm -f zonestatus.out*
rm -f ns2/named.conf
rm -f */named.conf
rm -f */named.memstats
rm -f ns1/*.nzf ns1/*.nzf~
rm -f ns1/*.nzd ns1/*.nzd-lock

4
bin/tests/system/addzone/ns1/named.conf → bin/tests/system/addzone/ns1/named.conf.in
View File

@ -12,11 +12,11 @@ key rndc_key {
};
controls {
inet 10.53.0.1 port 9953 allow { any; } keys { rndc_key; };
inet 10.53.0.1 port @CONTROLPORT@ allow { any; } keys { rndc_key; };
};
options {
port 5300;
port @PORT@;
pid-file "named.pid";
listen-on { 10.53.0.1; };
listen-on-v6 { none; };

12
bin/tests/system/addzone/ns2/named1.conf → bin/tests/system/addzone/ns2/named1.conf.in
View File

@ -6,12 +6,8 @@
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
*/
/* $Id: named1.conf,v 1.2 2010/08/11 18:14:19 each Exp $ */
controls { /* empty */ };
options {
port 5300;
port @PORT@;
pid-file "named.pid";
listen-on { 10.53.0.2; };
listen-on-v6 { none; };
@ -20,7 +16,11 @@ options {
allow-new-zones yes;
};
include "../../common/controls.conf";
include "../../common/rndc.key";
controls {
inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; };
};
zone "." {
type hint;

9
bin/tests/system/addzone/ns2/named2.conf → bin/tests/system/addzone/ns2/named2.conf.in
View File

@ -6,12 +6,15 @@
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
*/
controls { /* empty */ };
include "../../common/rndc.key";
controls {
inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; };
};
include "../../common/controls.conf";
options {
port 5300;
port @PORT@;
pid-file "named.pid";
listen-on { 10.53.0.2; 10.53.0.4; };
listen-on-v6 { none; };

8
bin/tests/system/addzone/ns2/named3.conf → bin/tests/system/addzone/ns2/named3.conf.in
View File

@ -6,12 +6,14 @@
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
*/
controls { /* empty */ };
include "../../common/rndc.key";
include "../../common/controls.conf";
controls {
inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; };
};
options {
port 5300;
port @PORT@;
pid-file "named.pid";
listen-on { 10.53.0.2; 10.53.0.4; 10.53.0.5; };
listen-on-v6 { none; };

9
bin/tests/system/addzone/ns3/named1.conf → bin/tests/system/addzone/ns3/named1.conf.in
View File

@ -6,17 +6,14 @@
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
*/
key rndc_key {
secret "1234abcd8765";
algorithm hmac-sha256;
};
include "../../common/rndc.key";
controls {
inet 10.53.0.3 port 9953 allow { any; } keys { rndc_key; };
inet 10.53.0.3 port @CONTROLPORT@ allow { any; } keys { rndc_key; };
};
options {
port 5300;
port @PORT@;
pid-file "named.pid";
listen-on { 10.53.0.3; };
listen-on-v6 { none; };

9
bin/tests/system/addzone/ns3/named2.conf → bin/tests/system/addzone/ns3/named2.conf.in
View File

@ -6,17 +6,14 @@
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
*/
key rndc_key {
secret "1234abcd8765";
algorithm hmac-sha256;
};
include "../../common/rndc.key";
controls {
inet 10.53.0.3 port 9953 allow { any; } keys { rndc_key; };
inet 10.53.0.3 port @CONTROLPORT@ allow { any; } keys { rndc_key; };
};
options {
port 5300;
port @PORT@;
pid-file "named.pid";
listen-on { 10.53.0.3; };
listen-on-v6 { none; };

7
bin/tests/system/addzone/setup.sh
View File

@ -14,9 +14,12 @@ $SHELL clean.sh
cp -f ns1/redirect.db.1 ns1/redirect.db
cp -f ns2/redirect.db.1 ns2/redirect.db
cp -f ns3/redirect.db.1 ns3/redirect.db
cp -f ns2/named1.conf ns2/named.conf
copy_setports ns1/named.conf.in ns1/named.conf
copy_setports ns2/named1.conf.in ns2/named.conf
copy_setports ns3/named1.conf.in ns3/named.conf
cp -f ns2/default.nzf.in ns2/3bf305731dd26307.nzf
cp -f ns3/named1.conf ns3/named.conf
rm -f ns3/*.nzf ns3/*.nzf~
rm -f ns3/*.nzd ns3/*.nzd-lock
rm -f ns3/inlineslave.db

410
bin/tests/system/addzone/tests.sh
View File

@ -9,227 +9,229 @@
SYSTEMTESTTOP=..
. $SYSTEMTESTTOP/conf.sh
DIGOPTS="+tcp +nosea +nostat +nocmd +norec +noques +noauth +noadd +nostats +dnssec -p 5300"
DIGOPTS="+tcp +nosea +nostat +nocmd +norec +noques +noauth +noadd +nostats +dnssec -p ${PORT}"
RNDCCMD="$RNDC -c $SYSTEMTESTTOP/common/rndc.conf -p ${CONTROLPORT} -s"
status=0
n=0
echo "I:checking normally loaded zone ($n)"
echo_i "checking normally loaded zone ($n)"
ret=0
$DIG $DIGOPTS @10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret=1
grep 'status: NOERROR' dig.out.ns2.$n > /dev/null || ret=1
grep '^a.normal.example' dig.out.ns2.$n > /dev/null || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
# When LMDB support is compiled in, this tests that migration from
# NZF to NZD occurs during named startup
echo "I:checking previously added zone ($n)"
echo_i "checking previously added zone ($n)"
ret=0
$DIG $DIGOPTS @10.53.0.2 a.previous.example a > dig.out.ns2.$n || ret=1
grep 'status: NOERROR' dig.out.ns2.$n > /dev/null || ret=1
grep '^a.previous.example' dig.out.ns2.$n > /dev/null || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
if [ -n "$NZD" ]; then
echo "I:checking that existing NZF file was renamed after migration ($n)"
echo_i "checking that existing NZF file was renamed after migration ($n)"
[ -e ns2/3bf305731dd26307.nzf~ ] || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
fi
echo "I:adding new zone ($n)"
echo_i "adding new zone ($n)"
ret=0
$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 addzone 'added.example { type master; file "added.db"; };' 2>&1 | sed 's/^/I:ns2 /'
$RNDCCMD 10.53.0.2 addzone 'added.example { type master; file "added.db"; };' 2>&1 | sed 's/^/I:ns2 /'
$DIG $DIGOPTS @10.53.0.2 a.added.example a > dig.out.ns2.$n || ret=1
grep 'status: NOERROR' dig.out.ns2.$n > /dev/null || ret=1
grep '^a.added.example' dig.out.ns2.$n > /dev/null || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
echo "I:checking addzone errors are logged correctly"
echo_i "checking addzone errors are logged correctly"
ret=0
$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 addzone bad.example '{ type mister; };' 2>&1 | grep 'unexpected token' > /dev/null 2>&1 || ret=1
$RNDCCMD 10.53.0.2 addzone bad.example '{ type mister; };' 2>&1 | grep 'unexpected token' > /dev/null 2>&1 || ret=1
grep "addzone: 'mister' unexpected" ns2/named.run >/dev/null 2>&1 || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
echo "I:checking modzone errors are logged correctly"
echo_i "checking modzone errors are logged correctly"
ret=0
$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 modzone added.example '{ type mister; };' 2>&1 | grep 'unexpected token' > /dev/null 2>&1 || ret=1
$RNDCCMD 10.53.0.2 modzone added.example '{ type mister; };' 2>&1 | grep 'unexpected token' > /dev/null 2>&1 || ret=1
grep "modzone: 'mister' unexpected" ns2/named.run >/dev/null 2>&1 || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
echo "I:adding a zone that requires quotes ($n)"
echo_i "adding a zone that requires quotes ($n)"
ret=0
$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 addzone '"32/1.0.0.127-in-addr.added.example" { check-names ignore; type master; file "added.db"; };' 2>&1 | sed 's/^/I:ns2 /'
$RNDCCMD 10.53.0.2 addzone '"32/1.0.0.127-in-addr.added.example" { check-names ignore; type master; file "added.db"; };' 2>&1 | sed 's/^/I:ns2 /'
$DIG $DIGOPTS @10.53.0.2 "a.32/1.0.0.127-in-addr.added.example" a > dig.out.ns2.$n || ret=1
grep 'status: NOERROR' dig.out.ns2.$n > /dev/null || ret=1
grep '^a.32/1.0.0.127-in-addr.added.example' dig.out.ns2.$n > /dev/null || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
echo "I:adding a zone with a quote in the name ($n)"
echo_i "adding a zone with a quote in the name ($n)"
ret=0
$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 addzone '"foo\"bar.example" { check-names ignore; type master; file "added.db"; };' 2>&1 | sed 's/^/I:ns2 /'
$RNDCCMD 10.53.0.2 addzone '"foo\"bar.example" { check-names ignore; type master; file "added.db"; };' 2>&1 | sed 's/^/I:ns2 /'
$DIG $DIGOPTS @10.53.0.2 "a.foo\"bar.example" a > dig.out.ns2.$n || ret=1
grep 'status: NOERROR' dig.out.ns2.$n > /dev/null || ret=1
grep '^a.foo\\"bar.example' dig.out.ns2.$n > /dev/null || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
echo "I:adding new zone with missing master file ($n)"
echo_i "adding new zone with missing master file ($n)"
ret=0
$DIG $DIGOPTS +all @10.53.0.2 a.missing.example a > dig.out.ns2.pre.$n || ret=1
grep "status: REFUSED" dig.out.ns2.pre.$n > /dev/null || ret=1
$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 addzone 'missing.example { type master; file "missing.db"; };' 2> rndc.out.ns2.$n
$RNDCCMD 10.53.0.2 addzone 'missing.example { type master; file "missing.db"; };' 2> rndc.out.ns2.$n
grep "file not found" rndc.out.ns2.$n > /dev/null || ret=1
$DIG $DIGOPTS +all @10.53.0.2 a.missing.example a > dig.out.ns2.post.$n || ret=1
grep "status: REFUSED" dig.out.ns2.post.$n > /dev/null || ret=1
$PERL ../digcomp.pl dig.out.ns2.pre.$n dig.out.ns2.post.$n || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
if [ -z "$NZD" ]; then
echo "I:verifying no comments in NZF file ($n)"
echo_i "verifying no comments in NZF file ($n)"
ret=0
hcount=`grep "^# New zone file for view: _default" ns2/3bf305731dd26307.nzf | wc -l`
[ $hcount -eq 0 ] || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
fi
echo "I:checking rndc showzone with previously added zone ($n)"
echo_i "checking rndc showzone with previously added zone ($n)"
ret=0
$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 showzone previous.example > rndc.out.ns2.$n
$RNDCCMD 10.53.0.2 showzone previous.example > rndc.out.ns2.$n
expected='zone "previous.example" { type master; file "previous.db"; };'
[ "`cat rndc.out.ns2.$n`" = "$expected" ] || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
if [ -n "$NZD" ]; then
echo "I:checking zone is present in NZD ($n)"
echo_i "checking zone is present in NZD ($n)"
ret=0
$NZD2NZF ns2/_default.nzd | grep previous.example > /dev/null || ret=1
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
fi
echo "I:deleting previously added zone ($n)"
echo_i "deleting previously added zone ($n)"
ret=0
$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 delzone previous.example 2>&1 | sed 's/^/I:ns2 /'
$RNDCCMD 10.53.0.2 delzone previous.example 2>&1 | sed 's/^/I:ns2 /'
$DIG $DIGOPTS @10.53.0.2 a.previous.example a > dig.out.ns2.$n
grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1
grep '^a.previous.example' dig.out.ns2.$n > /dev/null && ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
if [ -n "$NZD" ]; then
echo "I:checking zone was deleted from NZD ($n)"
echo_i "checking zone was deleted from NZD ($n)"
for i in 0 1 2 3 4 5 6 7 8 9; do
ret=0
$NZD2NZF ns2/_default.nzd | grep previous.example > /dev/null && ret=1
[ $ret = 0 ] && break
sleep 1
done
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
fi
if [ -z "$NZD" ]; then
echo "I:checking NZF file now has comment ($n)"
echo_i "checking NZF file now has comment ($n)"
ret=0
hcount=`grep "^# New zone file for view: _default" ns2/3bf305731dd26307.nzf | wc -l`
[ $hcount -eq 1 ] || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
fi
echo "I:deleting newly added zone added.example ($n)"
echo_i "deleting newly added zone added.example ($n)"
ret=0
$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 delzone added.example 2>&1 | sed 's/^/I:ns2 /'
$RNDCCMD 10.53.0.2 delzone added.example 2>&1 | sed 's/^/I:ns2 /'
$DIG $DIGOPTS @10.53.0.2 a.added.example a > dig.out.ns2.$n
grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1
grep '^a.added.example' dig.out.ns2.$n > /dev/null && ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
echo "I:deleting newly added zone with escaped quote ($n)"
echo_i "deleting newly added zone with escaped quote ($n)"
ret=0
$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 delzone "foo\\\"bar.example" 2>&1 | sed 's/^/I:ns2 /'
$RNDCCMD 10.53.0.2 delzone "foo\\\"bar.example" 2>&1 | sed 's/^/I:ns2 /'
$DIG $DIGOPTS @10.53.0.2 "a.foo\"bar.example" a > dig.out.ns2.$n
grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1
grep "^a.foo\"bar.example" dig.out.ns2.$n > /dev/null && ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
echo "I:checking rndc showzone with a normally-loaded zone ($n)"
echo_i "checking rndc showzone with a normally-loaded zone ($n)"
ret=0
$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 showzone normal.example > rndc.out.ns2.$n
$RNDCCMD 10.53.0.2 showzone normal.example > rndc.out.ns2.$n
expected='zone "normal.example" { type master; file "normal.db"; };'
[ "`cat rndc.out.ns2.$n`" = "$expected" ] || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
echo "I:checking rndc showzone with a normally-loaded zone with trailing dot ($n)"
echo_i "checking rndc showzone with a normally-loaded zone with trailing dot ($n)"
ret=0
$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 showzone finaldot.example > rndc.out.ns2.$n
$RNDCCMD 10.53.0.2 showzone finaldot.example > rndc.out.ns2.$n
expected='zone "finaldot.example." { type master; file "normal.db"; };'
[ "`cat rndc.out.ns2.$n`" = "$expected" ] || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
echo "I:checking rndc showzone with a normally-loaded redirect zone ($n)"
echo_i "checking rndc showzone with a normally-loaded redirect zone ($n)"
ret=0
$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 showzone -redirect > rndc.out.ns1.$n
$RNDCCMD 10.53.0.1 showzone -redirect > rndc.out.ns1.$n
expected='zone "." { type redirect; file "redirect.db"; };'
[ "`cat rndc.out.ns1.$n`" = "$expected" ] || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
echo "I:checking rndc zonestatus with a normally-loaded redirect zone ($n)"
echo_i "checking rndc zonestatus with a normally-loaded redirect zone ($n)"
ret=0
$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 zonestatus -redirect > rndc.out.ns1.$n
$RNDCCMD 10.53.0.1 zonestatus -redirect > rndc.out.ns1.$n
grep "type: redirect" rndc.out.ns1.$n > /dev/null || ret=1
grep "serial: 0" rndc.out.ns1.$n > /dev/null || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
echo "I:checking rndc reload with a normally-loaded redirect zone ($n)"
echo_i "checking rndc reload with a normally-loaded redirect zone ($n)"
ret=0
sleep 1
cp -f ns1/redirect.db.2 ns1/redirect.db
$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 reload -redirect > rndc.out.ns1.$n
$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 zonestatus -redirect > zonestatus.out.ns1.$n
$RNDCCMD 10.53.0.1 reload -redirect > rndc.out.ns1.$n
$RNDCCMD 10.53.0.1 zonestatus -redirect > zonestatus.out.ns1.$n
grep "type: redirect" zonestatus.out.ns1.$n > /dev/null || ret=1
grep "serial: 1" zonestatus.out.ns1.$n > /dev/null || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
echo "I:delete a normally-loaded zone ($n)"
echo_i "delete a normally-loaded zone ($n)"
ret=0
$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 delzone normal.example > rndc.out.ns2.$n 2>&1
$RNDCCMD 10.53.0.2 delzone normal.example > rndc.out.ns2.$n 2>&1
$DIG $DIGOPTS @10.53.0.2 a.normal.example a > dig.out.ns2.$n
grep "is no longer active and will be deleted" rndc.out.ns2.$n > /dev/null || ret=1
grep "To keep it from returning when the server is restarted" rndc.out.ns2.$n > /dev/null || ret=1
@ -237,11 +239,11 @@ grep "must also be removed from named.conf." rndc.out.ns2.$n > /dev/null || ret=
grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
echo "I:attempting to add master zone with inline signing ($n)"
$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 addzone 'inline.example { type master; file "inline.db"; inline-signing yes; };' 2>&1 | sed 's/^/I:ns2 /'
echo_i "attempting to add master zone with inline signing ($n)"
$RNDCCMD 10.53.0.2 addzone 'inline.example { type master; file "inline.db"; inline-signing yes; };' 2>&1 | sed 's/^/I:ns2 /'
for i in 1 2 3 4 5
do
ret=0
@ -252,19 +254,19 @@ grep '^a.inline.example' dig.out.ns2.$n > /dev/null || ret=1
sleep 1
done
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
echo "I:attempting to add master zone with inline signing and missing master ($n)"
echo_i "attempting to add master zone with inline signing and missing master ($n)"
ret=0
$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 addzone 'inlinemissing.example { type master; file "missing.db"; inline-signing yes; };' 2> rndc.out.ns2.$n
$RNDCCMD 10.53.0.2 addzone 'inlinemissing.example { type master; file "missing.db"; inline-signing yes; };' 2> rndc.out.ns2.$n
grep "file not found" rndc.out.ns2.$n > /dev/null || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
echo "I:attempting to add slave zone with inline signing ($n)"
$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 addzone 'inlineslave.example { type slave; masters { 10.53.0.1; }; file "inlineslave.bk"; inline-signing yes; };' 2>&1 | sed 's/^/I:ns2 /'
echo_i "attempting to add slave zone with inline signing ($n)"
$RNDCCMD 10.53.0.2 addzone 'inlineslave.example { type slave; masters { 10.53.0.1; }; file "inlineslave.bk"; inline-signing yes; };' 2>&1 | sed 's/^/I:ns2 /'
for i in 1 2 3 4 5
do
ret=0
@ -275,30 +277,30 @@ grep '^a.inlineslave.example' dig.out.ns2.$n > /dev/null || ret=1
sleep 1
done
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
echo "I:attempting to delete slave zone with inline signing ($n)"
echo_i "attempting to delete slave zone with inline signing ($n)"
ret=0
for i in 0 1 2 3 4 5 6 7 8 9
do
test -f ns2/inlineslave.bk.signed -a -f ns2/inlineslave.bk && break
sleep 1
done
$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 delzone inlineslave.example 2>&1 > rndc.out2.test$n
$RNDCCMD 10.53.0.2 delzone inlineslave.example 2>&1 > rndc.out2.test$n
test -f inlineslave.bk ||
grep '^inlineslave.bk$' rndc.out2.test$n > /dev/null || {
echo "I:failed to report inlineslave.bk"; ret=1;
echo_i "failed to report inlineslave.bk"; ret=1;
}
test ! -f inlineslave.bk.signed ||
grep '^inlineslave.bk.signed$' rndc.out2.test$n > /dev/null || {
echo "I:failed to report inlineslave.bk.signed"; ret=1;
echo_i "failed to report inlineslave.bk.signed"; ret=1;
}
n=`expr $n + 1`
status=`expr $status + $ret`
echo "I:restoring slave zone with inline signing ($n)"
$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 addzone 'inlineslave.example { type slave; masters { 10.53.0.1; }; file "inlineslave.bk"; inline-signing yes; };' 2>&1 | sed 's/^/I:ns2 /'
echo_i "restoring slave zone with inline signing ($n)"
$RNDCCMD 10.53.0.2 addzone 'inlineslave.example { type slave; masters { 10.53.0.1; }; file "inlineslave.bk"; inline-signing yes; };' 2>&1 | sed 's/^/I:ns2 /'
for i in 1 2 3 4 5
do
ret=0
@ -309,17 +311,17 @@ grep '^a.inlineslave.example' dig.out.ns2.$n > /dev/null || ret=1
sleep 1
done
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
echo "I:deleting slave zone with automatic zone file removal ($n)"
echo_i "deleting slave zone with automatic zone file removal ($n)"
ret=0
for i in 0 1 2 3 4 5 6 7 8 9
do
test -f ns2/inlineslave.bk.signed -a -f ns2/inlineslave.bk && break
sleep 1
done
$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 delzone -clean inlineslave.example 2>&1 > /dev/null
$RNDCCMD 10.53.0.2 delzone -clean inlineslave.example 2>&1 > /dev/null
for i in 0 1 2 3 4 5 6 7 8 9
do
ret=0
@ -330,144 +332,144 @@ done
n=`expr $n + 1`
status=`expr $status + $ret`
echo "I:modifying zone configuration ($n)"
echo_i "modifying zone configuration ($n)"
ret=0
$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 addzone 'mod.example { type master; file "added.db"; };' 2>&1 | sed 's/^/I:ns2 /'
$RNDCCMD 10.53.0.2 addzone 'mod.example { type master; file "added.db"; };' 2>&1 | sed 's/^/I:ns2 /'
$DIG +norec $DIGOPTS @10.53.0.2 mod.example ns > dig.out.ns2.1.$n || ret=1
grep 'status: NOERROR' dig.out.ns2.1.$n > /dev/null || ret=1
$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 modzone 'mod.example { type master; file "added.db"; allow-query { none; }; };' 2>&1 | sed 's/^/I:ns2 /'
$RNDCCMD 10.53.0.2 modzone 'mod.example { type master; file "added.db"; allow-query { none; }; };' 2>&1 | sed 's/^/I:ns2 /'
$DIG +norec $DIGOPTS @10.53.0.2 mod.example ns > dig.out.ns2.2.$n || ret=1
$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 showzone mod.example | grep 'allow-query { "none"; };' > /dev/null 2>&1 || ret=1
$RNDCCMD 10.53.0.2 showzone mod.example | grep 'allow-query { "none"; };' > /dev/null 2>&1 || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
echo "I:check that adding a 'stub' zone works ($n)"
echo_i "check that adding a 'stub' zone works ($n)"
ret=0
$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 addzone 'stub.example { type stub; masters { 1.2.3.4; }; file "stub.example.bk"; };' > rndc.out.ns2.$n 2>&1 || ret=1
$RNDCCMD 10.53.0.2 addzone 'stub.example { type stub; masters { 1.2.3.4; }; file "stub.example.bk"; };' > rndc.out.ns2.$n 2>&1 || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
echo "I:check that adding a 'static-stub' zone works ($n)"
echo_i "check that adding a 'static-stub' zone works ($n)"
ret=0
$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 addzone 'static-stub.example { type static-stub; server-addresses { 1.2.3.4; }; };' > rndc.out.ns2.$n 2>&1 || ret=1
$RNDCCMD 10.53.0.2 addzone 'static-stub.example { type static-stub; server-addresses { 1.2.3.4; }; };' > rndc.out.ns2.$n 2>&1 || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
echo "I:check that adding a 'master redirect' zone works ($n)"
echo_i "check that adding a 'master redirect' zone works ($n)"
ret=0
$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 addzone '"." { type redirect; file "redirect.db"; };' > rndc.out.ns2.$n 2>&1 || ret=1
$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 showzone -redirect > showzone.out.ns2.$n 2>&1 || ret=1
$RNDCCMD 10.53.0.2 addzone '"." { type redirect; file "redirect.db"; };' > rndc.out.ns2.$n 2>&1 || ret=1
$RNDCCMD 10.53.0.2 showzone -redirect > showzone.out.ns2.$n 2>&1 || ret=1
grep "type redirect;" showzone.out.ns2.$n > /dev/null || ret=1
$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 zonestatus -redirect > zonestatus.out.ns2.$n 2>&1 || ret=1
$RNDCCMD 10.53.0.2 zonestatus -redirect > zonestatus.out.ns2.$n 2>&1 || ret=1
grep "type: redirect" zonestatus.out.ns2.$n > /dev/null || ret=1
grep "serial: 0" zonestatus.out.ns2.$n > /dev/null || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
echo "I:check that reloading a added 'master redirect' zone works ($n)"
echo_i "check that reloading a added 'master redirect' zone works ($n)"
ret=0
sleep 1
cp -f ns2/redirect.db.2 ns2/redirect.db
$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 reload -redirect > rndc.out.ns2.$n
$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 zonestatus -redirect > zonestatus.out.ns2.$n 2>&1 || ret=1
$RNDCCMD 10.53.0.2 reload -redirect > rndc.out.ns2.$n
$RNDCCMD 10.53.0.2 zonestatus -redirect > zonestatus.out.ns2.$n 2>&1 || ret=1
grep "type: redirect" zonestatus.out.ns2.$n > /dev/null || ret=1
grep "serial: 1" zonestatus.out.ns2.$n > /dev/null || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
echo "I:check that retransfer of a added 'master redirect' zone fails ($n)"
echo_i "check that retransfer of a added 'master redirect' zone fails ($n)"
ret=0
$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 retransfer -redirect > rndc.out.ns2.$n 2>&1 && ret=1
$RNDCCMD 10.53.0.2 retransfer -redirect > rndc.out.ns2.$n 2>&1 && ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
echo "I:check that deleting a 'master redirect' zone works ($n)"
echo_i "check that deleting a 'master redirect' zone works ($n)"
ret=0
$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 delzone -redirect > rndc.out.ns2.$n 2>&1 || ret=1
$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 showzone -redirect > showzone.out.ns2.$n 2>&1
$RNDCCMD 10.53.0.2 delzone -redirect > rndc.out.ns2.$n 2>&1 || ret=1
$RNDCCMD 10.53.0.2 showzone -redirect > showzone.out.ns2.$n 2>&1
grep 'not found' showzone.out.ns2.$n > /dev/null || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
echo "I:check that adding a 'slave redirect' zone works ($n)"
echo_i "check that adding a 'slave redirect' zone works ($n)"
ret=0
$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 addzone '"." { type redirect; masters { 10.53.0.3;}; file "redirect.bk"; };' > rndc.out.ns2.$n 2>&1 || ret=1
$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 showzone -redirect > showzone.out.ns2.$n 2>&1 || ret=1
$RNDCCMD 10.53.0.2 addzone '"." { type redirect; masters { 10.53.0.3;}; file "redirect.bk"; };' > rndc.out.ns2.$n 2>&1 || ret=1
$RNDCCMD 10.53.0.2 showzone -redirect > showzone.out.ns2.$n 2>&1 || ret=1
grep "type redirect;" showzone.out.ns2.$n > /dev/null || ret=1
sleep 1
$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 zonestatus -redirect > zonestatus.out.ns2.$n 2>&1 || ret=1
$RNDCCMD 10.53.0.2 zonestatus -redirect > zonestatus.out.ns2.$n 2>&1 || ret=1
grep "type: redirect" zonestatus.out.ns2.$n > /dev/null || ret=1
grep "serial: 0" zonestatus.out.ns2.$n > /dev/null || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
echo "I:check that retransfering a added 'slave redirect' zone works ($n)"
echo_i "check that retransfering a added 'slave redirect' zone works ($n)"
ret=0
cp -f ns3/redirect.db.2 ns3/redirect.db
$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 reload . > showzone.out.ns3.$n 2>&1 || ret=1
$RNDCCMD 10.53.0.3 reload . > showzone.out.ns3.$n 2>&1 || ret=1
sleep 1
$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 retransfer -redirect > rndc.out.ns2.$n 2>&1 || ret=1
$RNDCCMD 10.53.0.2 retransfer -redirect > rndc.out.ns2.$n 2>&1 || ret=1
sleep 1
$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 zonestatus -redirect > zonestatus.out.ns2.$n 2>&1 || ret=1
$RNDCCMD 10.53.0.2 zonestatus -redirect > zonestatus.out.ns2.$n 2>&1 || ret=1
grep "type: redirect" zonestatus.out.ns2.$n > /dev/null || ret=1
grep "serial: 1" zonestatus.out.ns2.$n > /dev/null || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
echo "I:check that deleting a 'slave redirect' zone works ($n)"
echo_i "check that deleting a 'slave redirect' zone works ($n)"
ret=0
$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 delzone -redirect > rndc.out.ns2.$n 2>&1 || ret=1
$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 showzone -redirect > showzone.out.ns2.$n 2>&1
$RNDCCMD 10.53.0.2 delzone -redirect > rndc.out.ns2.$n 2>&1 || ret=1
$RNDCCMD 10.53.0.2 showzone -redirect > showzone.out.ns2.$n 2>&1
grep 'not found' showzone.out.ns2.$n > /dev/null || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
echo "I:check that zone type 'hint' is properly rejected ($n)"
echo_i "check that zone type 'hint' is properly rejected ($n)"
ret=0
$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 addzone '"." { type hint; file "hints.db"; };' > rndc.out.ns2.$n 2>&1 && ret=1
$RNDCCMD 10.53.0.2 addzone '"." { type hint; file "hints.db"; };' > rndc.out.ns2.$n 2>&1 && ret=1
grep "zones not supported by addzone" rndc.out.ns2.$n > /dev/null || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
echo "I:check that zone type 'forward' is properly rejected ($n)"
echo_i "check that zone type 'forward' is properly rejected ($n)"
ret=0
$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 addzone 'forward.example { type forward; forwarders { 1.2.3.4; }; forward only; };' > rndc.out.ns2.$n 2>&1 && ret=1
$RNDCCMD 10.53.0.2 addzone 'forward.example { type forward; forwarders { 1.2.3.4; }; forward only; };' > rndc.out.ns2.$n 2>&1 && ret=1
grep "zones not supported by addzone" rndc.out.ns2.$n > /dev/null || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
echo "I:check that zone type 'delegation-only' is properly rejected ($n)"
echo_i "check that zone type 'delegation-only' is properly rejected ($n)"
ret=0
$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 addzone 'delegation-only.example { type delegation-only; };' > rndc.out.ns2.$n 2>&1 && ret=1
$RNDCCMD 10.53.0.2 addzone 'delegation-only.example { type delegation-only; };' > rndc.out.ns2.$n 2>&1 && ret=1
grep "zones not supported by addzone" rndc.out.ns2.$n > /dev/null || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
echo "I:check that 'in-view' zones are properly rejected ($n)"
echo_i "check that 'in-view' zones are properly rejected ($n)"
ret=0
$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 addzone 'in-view.example { in-view "_default"; };' > rndc.out.ns2.$n 2>&1 && ret=1
$RNDCCMD 10.53.0.2 addzone 'in-view.example { in-view "_default"; };' > rndc.out.ns2.$n 2>&1 && ret=1
grep "zones not supported by addzone" rndc.out.ns2.$n > /dev/null || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
echo "I:reconfiguring server with multiple views"
echo_i "reconfiguring server with multiple views"
rm -f ns2/named.conf
cp -f ns2/named2.conf ns2/named.conf
$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 reconfig 2>&1 | sed 's/^/I:ns2 /'
copy_setports ns2/named2.conf.in ns2/named.conf
$RNDCCMD 10.53.0.2 reconfig 2>&1 | sed 's/^/I:ns2 /'
sleep 5
echo "I:adding new zone to external view ($n)"
echo_i "adding new zone to external view ($n)"
# NOTE: The internal view has "recursion yes" set, and so queries for
# nonexistent zones should return NOERROR. The external view is
# "recursion no", so queries for nonexistent zones should return
@ -479,53 +481,53 @@ $DIG +norec $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.added.example a > dig.out.ns2.int
grep 'status: NOERROR' dig.out.ns2.intpre.$n > /dev/null || ret=1
$DIG +norec $DIGOPTS @10.53.0.4 -b 10.53.0.4 a.added.example a > dig.out.ns2.extpre.$n || ret=1
grep 'status: REFUSED' dig.out.ns2.extpre.$n > /dev/null || ret=1
$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 addzone 'added.example in external { type master; file "added.db"; };' 2>&1 | sed 's/^/I:ns2 /'
$RNDCCMD 10.53.0.2 addzone 'added.example in external { type master; file "added.db"; };' 2>&1 | sed 's/^/I:ns2 /'
$DIG +norec $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.added.example a > dig.out.ns2.int.$n || ret=1
grep 'status: NOERROR' dig.out.ns2.int.$n > /dev/null || ret=1
$DIG +norec $DIGOPTS @10.53.0.4 -b 10.53.0.4 a.added.example a > dig.out.ns2.ext.$n || ret=1
grep 'status: NOERROR' dig.out.ns2.ext.$n > /dev/null || ret=1
grep '^a.added.example' dig.out.ns2.ext.$n > /dev/null || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
if [ -z "$NZD" ]; then
echo "I:checking new NZF file has comment ($n)"
echo_i "checking new NZF file has comment ($n)"
ret=0
hcount=`grep "^# New zone file for view: external" ns2/external.nzf | wc -l`
[ $hcount -eq 1 ] || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
fi
if [ -n "$NZD" ]; then
echo "I:verifying added.example in external view created an external.nzd DB ($n)"
echo_i "verifying added.example in external view created an external.nzd DB ($n)"
ret=0
[ -e ns2/external.nzd ] || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
fi
echo "I:checking rndc reload causes named to reload the external view's new zone config ($n)"
echo_i "checking rndc reload causes named to reload the external view's new zone config ($n)"
ret=0
$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 reload 2>&1 | sed 's/^/I:ns2 /'
$RNDCCMD 10.53.0.2 reload 2>&1 | sed 's/^/I:ns2 /'
$DIG +norec $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.added.example a > dig.out.ns2.int.$n || ret=1
grep 'status: NOERROR' dig.out.ns2.int.$n > /dev/null || ret=1
$DIG +norec $DIGOPTS @10.53.0.4 -b 10.53.0.4 a.added.example a > dig.out.ns2.ext.$n || ret=1
grep 'status: NOERROR' dig.out.ns2.ext.$n > /dev/null || ret=1
grep '^a.added.example' dig.out.ns2.ext.$n > /dev/null || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
echo "I:checking rndc showzone with newly added zone ($n)"
echo_i "checking rndc showzone with newly added zone ($n)"
# loop because showzone may complain if zones are still being
# loaded from the NZDB at this point.
for try in 0 1 2 3 4 5; do
ret=0
$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 showzone added.example in external > rndc.out.ns2.$n 2>/dev/null
$RNDCCMD 10.53.0.2 showzone added.example in external > rndc.out.ns2.$n 2>/dev/null
if [ -z "$NZD" ]; then
expected='zone "added.example" in external { type master; file "added.db"; };'
else
@ -536,79 +538,79 @@ for try in 0 1 2 3 4 5; do
sleep 1
done
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
echo "I:deleting newly added zone ($n)"
echo_i "deleting newly added zone ($n)"
ret=0
$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 delzone 'added.example in external' 2>&1 | sed 's/^/I:ns2 /'
$RNDCCMD 10.53.0.2 delzone 'added.example in external' 2>&1 | sed 's/^/I:ns2 /'
$DIG $DIGOPTS @10.53.0.4 -b 10.53.0.4 a.added.example a > dig.out.ns2.$n || ret=1
grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1
grep '^a.added.example' dig.out.ns2.$n > /dev/null && ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
echo "I:attempting to add zone to internal view ($n)"
echo_i "attempting to add zone to internal view ($n)"
ret=0
$DIG +norec $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.added.example a > dig.out.ns2.pre.$n || ret=1
grep 'status: NOERROR' dig.out.ns2.pre.$n > /dev/null || ret=1
$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 addzone 'added.example in internal { type master; file "added.db"; };' 2> rndc.out.ns2.$n
$RNDCCMD 10.53.0.2 addzone 'added.example in internal { type master; file "added.db"; };' 2> rndc.out.ns2.$n
grep "permission denied" rndc.out.ns2.$n > /dev/null || ret=1
$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.added.example a > dig.out.ns2.int.$n || ret=1
grep 'status: NOERROR' dig.out.ns2.int.$n > /dev/null || ret=1
$DIG $DIGOPTS @10.53.0.4 -b 10.53.0.4 a.added.example a > dig.out.ns2.ext.$n || ret=1
grep 'status: REFUSED' dig.out.ns2.ext.$n > /dev/null || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
echo "I:attempting to delete a policy zone ($n)"
echo_i "attempting to delete a policy zone ($n)"
ret=0
$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 delzone 'policy in internal' 2> rndc.out.ns2.$n >&1
$RNDCCMD 10.53.0.2 delzone 'policy in internal' 2> rndc.out.ns2.$n >&1
grep 'cannot be deleted' rndc.out.ns2.$n > /dev/null || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
echo "I:adding new zone again to external view ($n)"
echo_i "adding new zone again to external view ($n)"
ret=0
$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 addzone 'added.example in external { type master; file "added.db"; };' 2>&1 | sed 's/^/I:ns2 /'
$RNDCCMD 10.53.0.2 addzone 'added.example in external { type master; file "added.db"; };' 2>&1 | sed 's/^/I:ns2 /'
$DIG +norec $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.added.example a > dig.out.ns2.int.$n || ret=1
grep 'status: NOERROR' dig.out.ns2.int.$n > /dev/null || ret=1
$DIG +norec $DIGOPTS @10.53.0.4 -b 10.53.0.4 a.added.example a > dig.out.ns2.ext.$n || ret=1
grep 'status: NOERROR' dig.out.ns2.ext.$n > /dev/null || ret=1
grep '^a.added.example' dig.out.ns2.ext.$n > /dev/null || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
echo "I:reconfiguring server with multiple views and new-zones-directory"
echo_i "reconfiguring server with multiple views and new-zones-directory"
rm -f ns2/named.conf
cp -f ns2/named3.conf ns2/named.conf
$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 reconfig 2>&1 | sed 's/^/I:ns2 /'
copy_setports ns2/named3.conf.in ns2/named.conf
$RNDCCMD 10.53.0.2 reconfig 2>&1 | sed 's/^/I:ns2 /'
sleep 5
echo "I:checking new zone is still loaded after dir change ($n)"
echo_i "checking new zone is still loaded after dir change ($n)"
ret=0
$DIG +norec $DIGOPTS @10.53.0.4 -b 10.53.0.4 a.added.example a > dig.out.ns2.ext.$n || ret=1
grep 'status: NOERROR' dig.out.ns2.ext.$n > /dev/null || ret=1
grep '^a.added.example' dig.out.ns2.ext.$n > /dev/null || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
echo "I:deleting newly added zone from external ($n)"
echo_i "deleting newly added zone from external ($n)"
ret=0
$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 delzone 'added.example in external' 2>&1 | sed 's/^/I:ns2 /'
$RNDCCMD 10.53.0.2 delzone 'added.example in external' 2>&1 | sed 's/^/I:ns2 /'
$DIG $DIGOPTS @10.53.0.4 -b 10.53.0.4 a.added.example a > dig.out.ns2.$n || ret=1
grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1
grep '^a.added.example' dig.out.ns2.$n > /dev/null && ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
echo "I:adding new zone to directory view ($n)"
echo_i "adding new zone to directory view ($n)"
ret=0
$DIG +norec $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.added.example a > dig.out.ns2.intpre.$n || ret=1
grep 'status: NOERROR' dig.out.ns2.intpre.$n > /dev/null || ret=1
@ -616,7 +618,7 @@ $DIG +norec $DIGOPTS @10.53.0.4 -b 10.53.0.4 a.added.example a > dig.out.ns2.ext
grep 'status: REFUSED' dig.out.ns2.extpre.$n > /dev/null || ret=1
$DIG +norec $DIGOPTS @10.53.0.5 -b 10.53.0.5 a.added.example a > dig.out.ns2.dirpre.$n || ret=1
grep 'status: REFUSED' dig.out.ns2.dirpre.$n > /dev/null || ret=1
$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 addzone 'added.example in directory { type master; file "added.db"; };' 2>&1 | sed 's/^/I:ns2 /'
$RNDCCMD 10.53.0.2 addzone 'added.example in directory { type master; file "added.db"; };' 2>&1 | sed 's/^/I:ns2 /'
$DIG +norec $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.added.example a > dig.out.ns2.int.$n || ret=1
grep 'status: NOERROR' dig.out.ns2.int.$n > /dev/null || ret=1
$DIG +norec $DIGOPTS @10.53.0.4 -b 10.53.0.4 a.added.example a > dig.out.ns2.ext.$n || ret=1
@ -625,78 +627,78 @@ $DIG +norec $DIGOPTS @10.53.0.5 -b 10.53.0.5 a.added.example a > dig.out.ns2.dir
grep 'status: NOERROR' dig.out.ns2.dir.$n > /dev/null || ret=1
grep '^a.added.example' dig.out.ns2.dir.$n > /dev/null || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
if [ -n "$NZD" ]; then
echo "I:checking NZD file was created in new-zones-directory ($n)"
echo_i "checking NZD file was created in new-zones-directory ($n)"
expect=ns2/new-zones/directory.nzd
else
echo "I:checking NZF file was created in new-zones-directory ($n)"
echo_i "checking NZF file was created in new-zones-directory ($n)"
expect=ns2/new-zones/directory.nzf
fi
$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 sync 'added.example IN directory' 2>&1 | sed 's/^/I:ns2 /'
$RNDCCMD 10.53.0.2 sync 'added.example IN directory' 2>&1 | sed 's/^/I:ns2 /'
sleep 2
[ -e "$expect" ] || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
echo "I:deleting newly added zone from directory ($n)"
echo_i "deleting newly added zone from directory ($n)"
ret=0
$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 delzone 'added.example in directory' 2>&1 | sed 's/^/I:ns2 /'
$RNDCCMD 10.53.0.2 delzone 'added.example in directory' 2>&1 | sed 's/^/I:ns2 /'
$DIG $DIGOPTS @10.53.0.5 -b 10.53.0.5 a.added.example a > dig.out.ns2.$n || ret=1
grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1
grep '^a.added.example' dig.out.ns2.$n > /dev/null && ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
echo "I:ensure the configuration context is cleaned up correctly ($n)"
echo_i "ensure the configuration context is cleaned up correctly ($n)"
ret=0
$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 reconfig > /dev/null 2>&1 || ret=1
$RNDCCMD 10.53.0.2 reconfig > /dev/null 2>&1 || ret=1
sleep 5
$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 status > /dev/null 2>&1 || ret=1
$RNDCCMD 10.53.0.2 status > /dev/null 2>&1 || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
echo "I:check delzone after reconfig failure ($n)"
echo_i "check delzone after reconfig failure ($n)"
ret=0
$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 addzone 'inlineslave.example. IN { type slave; file "inlineslave.db"; masterfile-format text; masters { testmaster; }; };' > /dev/null 2>&1 || ret=1
cp -f ns3/named2.conf ns3/named.conf
$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 reconfig > /dev/null 2>&1 && ret=1
$RNDCCMD 10.53.0.3 addzone 'inlineslave.example. IN { type slave; file "inlineslave.db"; masterfile-format text; masters { testmaster; }; };' > /dev/null 2>&1 || ret=1
copy_setports ns3/named2.conf.in ns3/named.conf
$RNDCCMD 10.53.0.3 reconfig > /dev/null 2>&1 && ret=1
sleep 5
$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 delzone inlineslave.example > /dev/null 2>&1 || ret=1
$RNDCCMD 10.53.0.3 delzone inlineslave.example > /dev/null 2>&1 || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
if ! $FEATURETEST --with-lmdb
then
echo "I:check that addzone is fully reversed on failure (--with-lmdb=no) ($n)"
echo_i "check that addzone is fully reversed on failure (--with-lmdb=no) ($n)"
ret=0
$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 addzone "test1.baz" '{ type master; file "e.db"; };' > /dev/null 2>&1 || ret=1
$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 addzone "test2.baz" '{ type master; file "dne.db"; };' > /dev/null 2>&1 && ret=1
$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 addzone "test3.baz" '{ type master; file "e.db"; };' > /dev/null 2>&1 || ret=1
$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 delzone "test3.baz" > /dev/null 2>&1 || ret=1
$RNDCCMD 10.53.0.3 addzone "test1.baz" '{ type master; file "e.db"; };' > /dev/null 2>&1 || ret=1
$RNDCCMD 10.53.0.3 addzone "test2.baz" '{ type master; file "dne.db"; };' > /dev/null 2>&1 && ret=1
$RNDCCMD 10.53.0.3 addzone "test3.baz" '{ type master; file "e.db"; };' > /dev/null 2>&1 || ret=1
$RNDCCMD 10.53.0.3 delzone "test3.baz" > /dev/null 2>&1 || ret=1
grep test2.baz ns3/_default.nzf > /dev/null && ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
fi
echo "I:check that named restarts with multiple added zones ($n)"
echo_i "check that named restarts with multiple added zones ($n)"
ret=0
$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 addzone "test4.baz" '{ type master; file "e.db"; };' > /dev/null 2>&1 || ret=1
$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 addzone "test5.baz" '{ type master; file "e.db"; };' > /dev/null 2>&1 || ret=1
$RNDCCMD 10.53.0.3 addzone "test4.baz" '{ type master; file "e.db"; };' > /dev/null 2>&1 || ret=1
$RNDCCMD 10.53.0.3 addzone "test5.baz" '{ type master; file "e.db"; };' > /dev/null 2>&1 || ret=1
$PERL $SYSTEMTESTTOP/stop.pl . ns3
$PERL $SYSTEMTESTTOP/start.pl --noclean --restart . ns3 || ret=1
$DIG -p 5300 @10.53.0.3 version.bind txt ch > dig.out.test$n || ret=1
$PERL $SYSTEMTESTTOP/start.pl --noclean --restart --port ${PORT} . ns3 || ret=1
$DIG $DIGOPTS @10.53.0.3 version.bind txt ch > dig.out.test$n || ret=1
grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
echo "I:exit status: $status"
echo_i "exit status: $status"
[ $status -eq 0 ] || exit 1

2
bin/tests/system/allow_query/setup.sh
View File

@ -6,8 +6,6 @@
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
# $Id: setup.sh,v 1.2 2010/11/16 01:37:36 sar Exp $
SYSTEMTESTTOP=..
. $SYSTEMTESTTOP/conf.sh

20
bin/tests/system/ans.pl
View File

@ -6,14 +6,15 @@
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
# $Id: ans.pl,v 1.6 2012/02/22 23:47:34 tbox Exp $
#
# This is the name server from hell. It provides canned
# responses based on pattern matching the queries, and
# can be reprogrammed on-the-fly over a TCP connection.
#
# The server listens for control connections on port 5301.
# The server listens for queries on port 5300 (or PORT).
#
# The server listens for control connections on port 5301 (or EXTRAPORT1).
#
# A control connection is a TCP stream of lines like
#
# /pattern/
@ -80,17 +81,22 @@ if (@ARGV > 0) {
$server_addr = @ARGV[0];
}
my $mainport = int($ENV{'PORT'});
if (!$mainport) { $mainport = 5300; }
my $ctrlport = int($ENV{'EXTRAPORT1'});
if (!$ctrlport) { $ctrlport = 5301; }
# XXX: we should also be able to set the port numbers to listen on.
my $ctlsock = IO::Socket::INET->new(LocalAddr => "$server_addr",
LocalPort => 5301, Proto => "tcp", Listen => 5, Reuse => 1) or die "$!";
LocalPort => $ctrlport, Proto => "tcp", Listen => 5, Reuse => 1) or die "$!";
my $udpsock = IO::Socket::INET->new(LocalAddr => "$server_addr",
LocalPort => 5300, Proto => "udp", Reuse => 1) or die "$!";
LocalPort => $mainport, Proto => "udp", Reuse => 1) or die "$!";
my $tcpsock = IO::Socket::INET->new(LocalAddr => "$server_addr",
LocalPort => 5300, Proto => "tcp", Listen => 5, Reuse => 1) or die "$!";
LocalPort => $mainport, Proto => "tcp", Listen => 5, Reuse => 1) or die "$!";
print "listening on $server_addr:5300,5301.\n";
print "listening on $server_addr:$mainport,$ctrlport.\n";
print "Using Net::DNS $Net::DNS::VERSION\n";
my $pidf = new IO::File "ans.pid", "w" or die "cannot open pid file: $!";

1
bin/tests/system/auth/clean.sh
View File

@ -6,6 +6,7 @@
rm -f */named.memstats
rm -f */named.run
rm -f */named.conf
rm -f dig.out.test*
rm -f ns2/example.com.bk
rm -f ns2/example.net.bk

4
bin/tests/system/auth/ns1/named.conf → bin/tests/system/auth/ns1/named.conf.in
View File

@ -6,13 +6,11 @@
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
*/
controls { /* empty */ };
options {
query-source address 10.53.0.1;
notify-source 10.53.0.1;
transfer-source 10.53.0.1;
port 5300;
port @PORT@;
pid-file "named.pid";
listen-on { 10.53.0.1; };
listen-on-v6 { none; };

4
bin/tests/system/auth/ns2/named.conf → bin/tests/system/auth/ns2/named.conf.in
View File

@ -6,13 +6,11 @@
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
*/
controls { /* empty */ };
options {
query-source address 10.53.0.2;
notify-source 10.53.0.2;
transfer-source 10.53.0.2;
port 5300;
port @PORT@;
pid-file "named.pid";
listen-on { 10.53.0.2; };
listen-on-v6 { none; };

14
bin/tests/system/auth/setup.sh Normal file
View File

@ -0,0 +1,14 @@
#!/bin/sh
#
# Copyright (C) 2018 Internet Systems Consortium, Inc. ("ISC")
#
# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
SYSTEMTESTTOP=..
. $SYSTEMTESTTOP/conf.sh
$SHELL clean.sh
copy_setports ns1/named.conf.in ns1/named.conf
copy_setports ns2/named.conf.in ns2/named.conf

58
bin/tests/system/auth/tests.sh
View File

@ -9,25 +9,25 @@
SYSTEMTESTTOP=..
. $SYSTEMTESTTOP/conf.sh
DIGOPTS="+tcp"
DIGOPTS="+tcp -p ${PORT}"
status=0
n=0
n=`expr $n + 1`
echo "I:wait for zones to finish transfering to ns2 ($n)"
echo_i "wait for zones to finish transfering to ns2 ($n)"
for i in 1 2 3 4 5 6 7 8 9 10
do
ret=0
for zone in example.com example.net
do
$DIG $DIGOPTS -p 5300 @10.53.0.2 soa $zone > dig.out.test$n || ret=1
$DIG $DIGOPTS @10.53.0.2 soa $zone > dig.out.test$n || ret=1
grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1
done
[ $ret -eq 0 ] && break
sleep 1
done
[ $ret -eq 0 ] || echo "I:failed"
[ $ret -eq 0 ] || echo_i "failed"
status=`expr $status + $ret`
#
@ -35,95 +35,95 @@ status=`expr $status + $ret`
# should not be followed. If both requested and available, they should be.
#
n=`expr $n + 1`
echo "I:check that cross-zone CNAME record does not return target data (rd=0/ra=0) ($n)"
echo_i "check that cross-zone CNAME record does not return target data (rd=0/ra=0) ($n)"
ret=0
$DIG $DIGOPTS +norec -p 5300 @10.53.0.1 www.example.com > dig.out.test$n || ret=1
$DIG $DIGOPTS +norec @10.53.0.1 www.example.com > dig.out.test$n || ret=1
grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1
grep "flags: qr aa;" dig.out.test$n > /dev/null || ret=1
grep "www.example.com.*CNAME.*server.example.net" dig.out.test$n > /dev/null || ret=1
grep "server.example.net.*A.*10.53.0.100" dig.out.test$n > /dev/null && ret=1
[ $ret -eq 0 ] || echo "I:failed"
[ $ret -eq 0 ] || echo_i "failed"
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I:check that cross-zone CNAME record does not return target data (rd=1/ra=0) ($n)"
echo_i "check that cross-zone CNAME record does not return target data (rd=1/ra=0) ($n)"
ret=0
$DIG $DIGOPTS +rec -p 5300 @10.53.0.1 www.example.com > dig.out.test$n || ret=1
$DIG $DIGOPTS +rec @10.53.0.1 www.example.com > dig.out.test$n || ret=1
grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1
grep "flags: qr aa rd;" dig.out.test$n > /dev/null || ret=1
grep "www.example.com.*CNAME.*server.example.net" dig.out.test$n > /dev/null || ret=1
grep "server.example.net.*A.*10.53.0.100" dig.out.test$n > /dev/null && ret=1
[ $ret -eq 0 ] || echo "I:failed"
[ $ret -eq 0 ] || echo_i "failed"
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I:check that cross-zone CNAME record does not return target data (rd=0/ra=1) ($n)"
echo_i "check that cross-zone CNAME record does not return target data (rd=0/ra=1) ($n)"
ret=0
$DIG $DIGOPTS +norec -p 5300 @10.53.0.2 www.example.com > dig.out.test$n || ret=1
$DIG $DIGOPTS +norec @10.53.0.2 www.example.com > dig.out.test$n || ret=1
grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1
grep "flags: qr aa ra;" dig.out.test$n > /dev/null || ret=1
grep "www.example.com.*CNAME.*server.example.net" dig.out.test$n > /dev/null || ret=1
grep "server.example.net.*A.*10.53.0.100" dig.out.test$n > /dev/null && ret=1
[ $ret -eq 0 ] || echo "I:failed"
[ $ret -eq 0 ] || echo_i "failed"
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I:check that cross-zone CNAME records returns target data (rd=1/ra=1) ($n)"
echo_i "check that cross-zone CNAME records returns target data (rd=1/ra=1) ($n)"
ret=0
$DIG $DIGOPTS -p 5300 @10.53.0.2 www.example.com > dig.out.test$n || ret=1
$DIG $DIGOPTS @10.53.0.2 www.example.com > dig.out.test$n || ret=1
grep "ANSWER: 2," dig.out.test$n > /dev/null || ret=1
grep "flags: qr aa rd ra;" dig.out.test$n > /dev/null || ret=1
grep "www.example.com.*CNAME.*server.example.net" dig.out.test$n > /dev/null || ret=1
grep "server.example.net.*A.*10.53.0.100" dig.out.test$n > /dev/null || ret=1
[ $ret -eq 0 ] || echo "I:failed"
[ $ret -eq 0 ] || echo_i "failed"
status=`expr $status + $ret`
#
# In-zone CNAME records should always be followed regardless of RD and RA.
#
n=`expr $n + 1`
echo "I:check that in-zone CNAME records returns target data (rd=0/ra=0) ($n)"
echo_i "check that in-zone CNAME records returns target data (rd=0/ra=0) ($n)"
ret=0
$DIG $DIGOPTS +norec -p 5300 @10.53.0.1 inzone.example.com > dig.out.test$n || ret=1
$DIG $DIGOPTS +norec @10.53.0.1 inzone.example.com > dig.out.test$n || ret=1
grep "ANSWER: 2," dig.out.test$n > /dev/null || ret=1
grep "flags: qr aa;" dig.out.test$n > /dev/null || ret=1
grep "inzone.example.com.*CNAME.*a.example.com" dig.out.test$n > /dev/null || ret=1
grep "a.example.com.*A.*10.53.0.1" dig.out.test$n > /dev/null || ret=1
[ $ret -eq 0 ] || echo "I:failed"
[ $ret -eq 0 ] || echo_i "failed"
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I:check that in-zone CNAME records returns target data (rd=1/ra=0) ($n)"
echo_i "check that in-zone CNAME records returns target data (rd=1/ra=0) ($n)"
ret=0
$DIG $DIGOPTS +rec -p 5300 @10.53.0.1 inzone.example.com > dig.out.test$n || ret=1
$DIG $DIGOPTS +rec @10.53.0.1 inzone.example.com > dig.out.test$n || ret=1
grep "ANSWER: 2," dig.out.test$n > /dev/null || ret=1
grep "flags: qr aa rd;" dig.out.test$n > /dev/null || ret=1
grep "inzone.example.com.*CNAME.*a.example.com" dig.out.test$n > /dev/null || ret=1
grep "a.example.com.*A.*10.53.0.1" dig.out.test$n > /dev/null || ret=1
[ $ret -eq 0 ] || echo "I:failed"
[ $ret -eq 0 ] || echo_i "failed"
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I:check that in-zone CNAME records returns target data (rd=0/ra=1) ($n)"
echo_i "check that in-zone CNAME records returns target data (rd=0/ra=1) ($n)"
ret=0
$DIG $DIGOPTS +norec -p 5300 @10.53.0.2 inzone.example.com > dig.out.test$n || ret=1
$DIG $DIGOPTS +norec @10.53.0.2 inzone.example.com > dig.out.test$n || ret=1
grep "ANSWER: 2," dig.out.test$n > /dev/null || ret=1
grep "flags: qr aa ra;" dig.out.test$n > /dev/null || ret=1
grep "inzone.example.com.*CNAME.*a.example.com" dig.out.test$n > /dev/null || ret=1
grep "a.example.com.*A.*10.53.0.1" dig.out.test$n > /dev/null || ret=1
[ $ret -eq 0 ] || echo "I:failed"
[ $ret -eq 0 ] || echo_i "failed"
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I:check that in-zone CNAME records returns target data (rd=1/ra=1) ($n)"
echo_i "check that in-zone CNAME records returns target data (rd=1/ra=1) ($n)"
ret=0
$DIG $DIGOPTS -p 5300 @10.53.0.2 inzone.example.com > dig.out.test$n || ret=1
$DIG $DIGOPTS @10.53.0.2 inzone.example.com > dig.out.test$n || ret=1
grep "ANSWER: 2," dig.out.test$n > /dev/null || ret=1
grep "flags: qr aa rd ra;" dig.out.test$n > /dev/null || ret=1
grep "inzone.example.com.*CNAME.*a.example.com" dig.out.test$n > /dev/null || ret=1
grep "a.example.com.*A.*10.53.0.1" dig.out.test$n > /dev/null || ret=1
[ $ret -eq 0 ] || echo "I:failed"
[ $ret -eq 0 ] || echo_i "failed"
status=`expr $status + $ret`
echo "I:exit status: $status"
echo_i "exit status: $status"
[ $status -eq 0 ] || exit 1

1
bin/tests/system/autosign/clean.sh
View File

@ -11,6 +11,7 @@ rm -f */core
rm -f */example.bk
rm -f */named.memstats
rm -f */named.run
rm -f */named.conf
rm -f */trusted.conf */private.conf
rm -f activate-now-publish-1day.key
rm -f active.key inact.key del.key unpub.key standby.key rev.key

8
bin/tests/system/autosign/ns1/named.conf → bin/tests/system/autosign/ns1/named.conf.in
View File

@ -6,17 +6,13 @@
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
*/
/* $Id: named.conf,v 1.3 2009/11/30 23:48:02 tbox Exp $ */
// NS1
controls { /* empty */ };
options {
query-source address 10.53.0.1;
notify-source 10.53.0.1;
transfer-source 10.53.0.1;
port 5300;
port @PORT@;
pid-file "named.pid";
listen-on { 10.53.0.1; };
listen-on-v6 { none; };
@ -32,7 +28,7 @@ key rndc_key {
};
controls {
inet 10.53.0.1 port 9953 allow { any; } keys { rndc_key; };
inet 10.53.0.1 port @CONTROLPORT@ allow { any; } keys { rndc_key; };
};
zone "." {

8
bin/tests/system/autosign/ns2/named.conf → bin/tests/system/autosign/ns2/named.conf.in
View File

@ -6,17 +6,13 @@
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
*/
/* $Id: named.conf,v 1.7 2011/04/29 23:47:17 tbox Exp $ */
// NS2
controls { /* empty */ };
options {
query-source address 10.53.0.2;
notify-source 10.53.0.2;
transfer-source 10.53.0.2;
port 5300;
port @PORT@;
pid-file "named.pid";
listen-on { 10.53.0.2; };
listen-on-v6 { none; };
@ -33,7 +29,7 @@ key rndc_key {
};
controls {
inet 10.53.0.2 port 9953 allow { any; } keys { rndc_key; };
inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; };
};
zone "." {

4
bin/tests/system/autosign/ns3/named.conf → bin/tests/system/autosign/ns3/named.conf.in
View File

@ -14,7 +14,7 @@ options {
query-source address 10.53.0.3;
notify-source 10.53.0.3;
transfer-source 10.53.0.3;
port 5300;
port @PORT@;
session-keyfile "session.key";
pid-file "named.pid";
listen-on { 10.53.0.3; };
@ -33,7 +33,7 @@ key rndc_key {
};
controls {
inet 10.53.0.3 port 9953 allow { any; } keys { rndc_key; };
inet 10.53.0.3 port @CONTROLPORT@ allow { any; } keys { rndc_key; };
};
zone "." {

4
bin/tests/system/autosign/ns4/named.conf → bin/tests/system/autosign/ns4/named.conf.in
View File

@ -8,13 +8,11 @@
// NS4
controls { /* empty */ };
options {
query-source address 10.53.0.4;
notify-source 10.53.0.4;
transfer-source 10.53.0.4;
port 5300;
port @PORT@;
pid-file "named.pid";
listen-on { 10.53.0.4; };
listen-on-v6 { none; };

6
bin/tests/system/autosign/ns5/named.conf → bin/tests/system/autosign/ns5/named.conf.in
View File

@ -6,17 +6,13 @@
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
*/
/* $Id: named.conf,v 1.3 2009/11/30 23:48:02 tbox Exp $ */
// NS5
controls { /* empty */ };
options {
query-source address 10.53.0.5;
notify-source 10.53.0.5;
transfer-source 10.53.0.5;
port 5300;
port @PORT@;
pid-file "named.pid";
listen-on { 10.53.0.5; };
listen-on-v6 { none; };

6
bin/tests/system/autosign/setup.sh
View File

@ -13,5 +13,11 @@ SYSTEMTESTTOP=..
test -r $RANDFILE || $GENRANDOM 800 $RANDFILE
copy_setports ns1/named.conf.in ns1/named.conf
copy_setports ns2/named.conf.in ns2/named.conf
copy_setports ns3/named.conf.in ns3/named.conf
copy_setports ns4/named.conf.in ns4/named.conf
copy_setports ns5/named.conf.in ns5/named.conf
echo "I:generating keys and preparing zones"
cd ns1 && $SHELL keygen.sh

481
bin/tests/system/autosign/tests.sh
View File

File diff suppressed because it is too large Load Diff

1
bin/tests/system/builtin/clean.sh
View File

@ -8,6 +8,7 @@
rm -f ns?/named.run
rm -f ns?/named.memstats
rm -f ns?/named.conf
rm -f rndc.status.ns*
rm -f dig.out.ns*
rm -f ns*/named.lock

8
bin/tests/system/builtin/ns1/named.conf → bin/tests/system/builtin/ns1/named.conf.in
View File

@ -6,17 +6,17 @@
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
*/
/* $Id: named.conf,v 1.3 2011/08/09 04:12:25 tbox Exp $ */
include "../../common/rndc.key";
controls { inet 10.53.0.1 port 9953 allow { any; } keys { rndc_key; }; };
controls {
inet 10.53.0.1 port @CONTROLPORT@ allow { any; } keys { rndc_key; };
};
options {
query-source address 10.53.0.1;
notify-source 10.53.0.1;
transfer-source 10.53.0.1;
port 5300;
port @PORT@;
pid-file "named.pid";
listen-on { 10.53.0.1; };
listen-on-v6 { none; };

8
bin/tests/system/builtin/ns2/named.conf → bin/tests/system/builtin/ns2/named.conf.in
View File

@ -6,17 +6,17 @@
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
*/
/* $Id: named.conf,v 1.3 2011/08/09 04:12:25 tbox Exp $ */
include "../../common/rndc.key";
controls { inet 10.53.0.2 port 9953 allow { any; } keys { rndc_key; }; };
controls {
inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; };
};
options {
query-source address 10.53.0.2;
notify-source 10.53.0.2;
transfer-source 10.53.0.2;
port 5300;
port @PORT@;
pid-file "named.pid";
listen-on { 10.53.0.2; };
listen-on-v6 { none; };

8
bin/tests/system/builtin/ns3/named.conf → bin/tests/system/builtin/ns3/named.conf.in
View File

@ -6,17 +6,17 @@
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
*/
/* $Id: named.conf,v 1.3 2011/08/09 04:12:25 tbox Exp $ */
include "../../common/rndc.key";
controls { inet 10.53.0.3 port 9953 allow { any; } keys { rndc_key; }; };
controls {
inet 10.53.0.3 port @CONTROLPORT@ allow { any; } keys { rndc_key; };
};
options {
query-source address 10.53.0.3;
notify-source 10.53.0.3;
transfer-source 10.53.0.3;
port 5300;
port @PORT@;
pid-file "named.pid";
listen-on { 10.53.0.3; };
listen-on-v6 { none; };

15
bin/tests/system/builtin/setup.sh Normal file
View File

@ -0,0 +1,15 @@
#!/bin/sh
#
# Copyright (C) 2018 Internet Systems Consortium, Inc. ("ISC")
#
# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
SYSTEMTESTTOP=..
. $SYSTEMTESTTOP/conf.sh
$SHELL clean.sh
copy_setports ns1/named.conf.in ns1/named.conf
copy_setports ns2/named.conf.in ns2/named.conf
copy_setports ns3/named.conf.in ns3/named.conf

85
bin/tests/system/builtin/tests.sh
View File

@ -4,116 +4,117 @@
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
# $Id: tests.sh,v 1.3 2011/08/09 04:12:25 tbox Exp $
SYSTEMTESTTOP=..
. $SYSTEMTESTTOP/conf.sh
DIGOPTS="-p ${PORT}"
RNDCCMD="$RNDC -c $SYSTEMTESTTOP/common/rndc.conf -p ${CONTROLPORT} -s"
status=0
n=0
n=`expr $n + 1`
echo "I:Checking that reconfiguring empty zones is silent ($n)"
$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 reconfig
echo_i "Checking that reconfiguring empty zones is silent ($n)"
$RNDCCMD 10.53.0.1 reconfig
ret=0
grep "automatic empty zone" ns1/named.run > /dev/null || ret=1
grep "received control channel command 'reconfig'" ns1/named.run > /dev/null || ret=1
grep "reloading configuration succeeded" ns1/named.run > /dev/null || ret=1
sleep 1
grep "zone serial (0) unchanged." ns1/named.run > /dev/null && ret=1
if [ $ret != 0 ] ; then echo I:failed; status=`expr $status + $ret`; fi
if [ $ret != 0 ] ; then echo_i "failed; status=`expr $status + $ret`"; fi
n=`expr $n + 1`
echo "I:Checking that reloading empty zones is silent ($n)"
$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 reload > /dev/null
echo_i "Checking that reloading empty zones is silent ($n)"
$RNDCCMD 10.53.0.1 reload > /dev/null
ret=0
grep "automatic empty zone" ns1/named.run > /dev/null || ret=1
grep "received control channel command 'reload'" ns1/named.run > /dev/null || ret=1
grep "reloading configuration succeeded" ns1/named.run > /dev/null || ret=1
sleep 1
grep "zone serial (0) unchanged." ns1/named.run > /dev/null && ret=1
if [ $ret != 0 ] ; then echo I:failed; status=`expr $status + $ret`; fi
if [ $ret != 0 ] ; then echo_i "failed; status=`expr $status + $ret`"; fi
VERSION=`../../../../isc-config.sh --version | cut -d = -f 2`
HOSTNAME=`$FEATURETEST --gethostname`
n=`expr $n + 1`
ret=0
echo "I:Checking that default version works for rndc ($n)"
$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 status > rndc.status.ns1.$n 2>&1
echo_i "Checking that default version works for rndc ($n)"
$RNDCCMD 10.53.0.1 status > rndc.status.ns1.$n 2>&1
grep "^version: BIND $VERSION " rndc.status.ns1.$n > /dev/null || ret=1
if [ $ret != 0 ] ; then echo I:failed; status=`expr $status + $ret`; fi
if [ $ret != 0 ] ; then echo_i "failed; status=`expr $status + $ret`"; fi
n=`expr $n + 1`
ret=0
echo "I:Checking that custom version works for rndc ($n)"
$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 status > rndc.status.ns3.$n 2>&1
echo_i "Checking that custom version works for rndc ($n)"
$RNDCCMD 10.53.0.3 status > rndc.status.ns3.$n 2>&1
grep "^version: BIND $VERSION ${DESCRIPTION}${DESCRIPTION:+ }<id:........*> (this is a test of version)" rndc.status.ns3.$n > /dev/null || ret=1
if [ $ret != 0 ] ; then echo I:failed; status=`expr $status + $ret`; fi
if [ $ret != 0 ] ; then echo_i "failed; status=`expr $status + $ret`"; fi
n=`expr $n + 1`
ret=0
echo "I:Checking that default version works for query ($n)"
$DIG +short version.bind txt ch @10.53.0.1 -p 5300 > dig.out.ns1.$n
echo_i "Checking that default version works for query ($n)"
$DIG $DIGOPTS +short version.bind txt ch @10.53.0.1 > dig.out.ns1.$n
grep "^\"$VERSION\"$" dig.out.ns1.$n > /dev/null || ret=1
if [ $ret != 0 ] ; then echo I:failed; status=`expr $status + $ret`; fi
if [ $ret != 0 ] ; then echo_i "failed; status=`expr $status + $ret`"; fi
n=`expr $n + 1`
ret=0
echo "I:Checking that custom version works for query ($n)"
$DIG +short version.bind txt ch @10.53.0.3 -p 5300 > dig.out.ns3.$n
echo_i "Checking that custom version works for query ($n)"
$DIG $DIGOPTS +short version.bind txt ch @10.53.0.3 > dig.out.ns3.$n
grep "^\"this is a test of version\"$" dig.out.ns3.$n > /dev/null || ret=1
if [ $ret != 0 ] ; then echo I:failed; status=`expr $status + $ret`; fi
if [ $ret != 0 ] ; then echo_i "failed; status=`expr $status + $ret`"; fi
n=`expr $n + 1`
ret=0
echo "I:Checking that default hostname works for query ($n)"
$DIG +short hostname.bind txt ch @10.53.0.1 -p 5300 > dig.out.ns1.$n
echo_i "Checking that default hostname works for query ($n)"
$DIG $DIGOPTS +short hostname.bind txt ch @10.53.0.1 > dig.out.ns1.$n
grep "^\"$HOSTNAME\"$" dig.out.ns1.$n > /dev/null || ret=1
if [ $ret != 0 ] ; then echo I:failed; status=`expr $status + $ret`; fi
if [ $ret != 0 ] ; then echo_i "failed; status=`expr $status + $ret`"; fi
n=`expr $n + 1`
ret=0
echo "I:Checking that custom hostname works for query ($n)"
$DIG +short hostname.bind txt ch @10.53.0.3 -p 5300 > dig.out.ns3.$n
echo_i "Checking that custom hostname works for query ($n)"
$DIG $DIGOPTS +short hostname.bind txt ch @10.53.0.3 > dig.out.ns3.$n
grep "^\"this.is.a.test.of.hostname\"$" dig.out.ns3.$n > /dev/null || ret=1
if [ $ret != 0 ] ; then echo I:failed; status=`expr $status + $ret`; fi
if [ $ret != 0 ] ; then echo_i "failed; status=`expr $status + $ret`"; fi
n=`expr $n + 1`
ret=0
echo "I:Checking that default server-id is none for query ($n)"
$DIG id.server txt ch @10.53.0.1 -p 5300 > dig.out.ns1.$n
echo_i "Checking that default server-id is none for query ($n)"
$DIG $DIGOPTS id.server txt ch @10.53.0.1 > dig.out.ns1.$n
grep "status: NOERROR" dig.out.ns1.$n > /dev/null || ret=1
grep "ANSWER: 0" dig.out.ns1.$n > /dev/null || ret=1
if [ $ret != 0 ] ; then echo I:failed; status=`expr $status + $ret`; fi
if [ $ret != 0 ] ; then echo_i "failed; status=`expr $status + $ret`"; fi
n=`expr $n + 1`
ret=0
echo "I:Checking that server-id hostname works for query ($n)"
$DIG +short id.server txt ch @10.53.0.2 -p 5300 > dig.out.ns2.$n
echo_i "Checking that server-id hostname works for query ($n)"
$DIG $DIGOPTS +short id.server txt ch @10.53.0.2 > dig.out.ns2.$n
grep "^\"$HOSTNAME\"$" dig.out.ns2.$n > /dev/null || ret=1
if [ $ret != 0 ] ; then echo I:failed; status=`expr $status + $ret`; fi
if [ $ret != 0 ] ; then echo_i "failed; status=`expr $status + $ret`"; fi
n=`expr $n + 1`
ret=0
echo "I:Checking that server-id hostname works for EDNS name server ID request ($n)"
$DIG +norec +nsid foo @10.53.0.2 -p 5300 > dig.out.ns2.$n
echo_i "Checking that server-id hostname works for EDNS name server ID request ($n)"
$DIG $DIGOPTS +norec +nsid foo @10.53.0.2 > dig.out.ns2.$n
grep "^; NSID: .* (\"$HOSTNAME\")$" dig.out.ns2.$n > /dev/null || ret=1
if [ $ret != 0 ] ; then echo I:failed; status=`expr $status + $ret`; fi
if [ $ret != 0 ] ; then echo_i "failed; status=`expr $status + $ret`"; fi
n=`expr $n + 1`
ret=0
echo "I:Checking that custom server-id works for query ($n)"
$DIG +short id.server txt ch @10.53.0.3 -p 5300 > dig.out.ns3.$n
echo_i "Checking that custom server-id works for query ($n)"
$DIG $DIGOPTS +short id.server txt ch @10.53.0.3 > dig.out.ns3.$n
grep "^\"this.is.a.test.of.server-id\"$" dig.out.ns3.$n > /dev/null || ret=1
if [ $ret != 0 ] ; then echo I:failed; status=`expr $status + $ret`; fi
if [ $ret != 0 ] ; then echo_i "failed; status=`expr $status + $ret`"; fi
n=`expr $n + 1`
ret=0
echo "I:Checking that custom server-id works for EDNS name server ID request ($n)"
$DIG +norec +nsid foo @10.53.0.3 -p 5300 > dig.out.ns3.$n
echo_i "Checking that custom server-id works for EDNS name server ID request ($n)"
$DIG $DIGOPTS +norec +nsid foo @10.53.0.3 > dig.out.ns3.$n
grep "^; NSID: .* (\"this.is.a.test.of.server-id\")$" dig.out.ns3.$n > /dev/null || ret=1
if [ $ret != 0 ] ; then echo I:failed; status=`expr $status + $ret`; fi
if [ $ret != 0 ] ; then echo_i "failed; status=`expr $status + $ret`"; fi
echo "I:exit status: $status"
echo_i "exit status: $status"
[ $status -eq 0 ] || exit 1

1
bin/tests/system/cacheclean/clean.sh
View File

@ -15,5 +15,6 @@ rm -f dig.out.expire
rm -f sed.out.*
rm -f */named.memstats
rm -f */named.run
rm -f */named.conf
rm -f ns2/named_dump.db.*
rm -f ns*/named.lock

4
bin/tests/system/cacheclean/ns1/named.conf → bin/tests/system/cacheclean/ns1/named.conf.in
View File

@ -6,13 +6,11 @@
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
*/
controls { /* empty */ };
options {
query-source address 10.53.0.1;
notify-source 10.53.0.1;
transfer-source 10.53.0.1;
port 5300;
port @PORT@;
pid-file "named.pid";
listen-on { 10.53.0.1; };
listen-on-v6 { none; };

6
bin/tests/system/cacheclean/ns2/named.conf → bin/tests/system/cacheclean/ns2/named.conf.in
View File

@ -8,13 +8,11 @@
/* $Id: named.conf,v 1.10 2011/08/02 23:47:52 tbox Exp $ */
controls { /* empty */ };
options {
query-source address 10.53.0.2;
notify-source 10.53.0.2;
transfer-source 10.53.0.2;
port 5300;
port @PORT@;
pid-file "named.pid";
listen-on { 10.53.0.2; };
listen-on-v6 { none; };
@ -29,7 +27,7 @@ key rndc_key {
};
controls {
inet 10.53.0.2 port 9953 allow { any; } keys { rndc_key; };
inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; };
};
zone "." {

14
bin/tests/system/cacheclean/setup.sh Normal file
View File

@ -0,0 +1,14 @@
#!/bin/sh
#
# Copyright (C) 2018 Internet Systems Consortium, Inc. ("ISC")
#
# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
SYSTEMTESTTOP=..
. $SYSTEMTESTTOP/conf.sh
$SHELL clean.sh
copy_setports ns1/named.conf.in ns1/named.conf
copy_setports ns2/named.conf.in ns2/named.conf

78
bin/tests/system/cacheclean/tests.sh
View File

@ -12,9 +12,9 @@ SYSTEMTESTTOP=..
status=0
n=0
RNDCOPTS="-c ../common/rndc.conf -s 10.53.0.2 -p 9953"
RNDCOPTS="-c ../common/rndc.conf -s 10.53.0.2 -p ${CONTROLPORT}"
DIGOPTS="+nosea +nocomm +nocmd +noquest +noadd +noauth +nocomm \
+nostat @10.53.0.2 -p 5300"
+nostat @10.53.0.2 -p ${PORT}"
# fill the cache with nodes from flushtest.example zone
load_cache () {
@ -79,40 +79,40 @@ in_cache () {
}
n=`expr $n + 1`
echo "I:check correctness of routine cache cleaning ($n)"
echo_i "check correctness of routine cache cleaning ($n)"
$DIG $DIGOPTS +tcp +keepopen -b 10.53.0.7 -f dig.batch > dig.out.ns2 || status=1
grep ";" dig.out.ns2
$PERL ../digcomp.pl --lc dig.out.ns2 knowngood.dig.out || status=1
n=`expr $n + 1`
echo "I:only one tcp socket was used ($n)"
echo_i "only one tcp socket was used ($n)"
tcpclients=`awk '$3 == "client" && $5 ~ /10.53.0.7#[0-9]*:/ {print $5}' ns2/named.run | sort | uniq -c | wc -l`
test $tcpclients -eq 1 || { status=1; echo "I:failed"; }
test $tcpclients -eq 1 || { status=1; echo_i "failed"; }
n=`expr $n + 1`
echo "I:reset and check that records are correctly cached initially ($n)"
echo_i "reset and check that records are correctly cached initially ($n)"
ret=0
load_cache
dump_cache
nrecords=`grep flushtest.example ns2/named_dump.db.$n | grep -v '^;' | egrep '(TXT|ANY)'| wc -l`
[ $nrecords -eq 17 ] || { ret=1; echo "I: found $nrecords records expected 17"; }
if [ $ret != 0 ]; then echo "I:failed"; fi
[ $nrecords -eq 17 ] || { ret=1; echo_i "found $nrecords records expected 17"; }
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I:check flushing of the full cache ($n)"
echo_i "check flushing of the full cache ($n)"
ret=0
clear_cache
dump_cache
nrecords=`grep flushtest.example ns2/named_dump.db.$n | grep -v '^;' | wc -l`
[ $nrecords -eq 0 ] || ret=1
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I:check flushing of individual nodes (interior node) ($n)"
echo_i "check flushing of individual nodes (interior node) ($n)"
ret=0
clear_cache
load_cache
@ -120,21 +120,21 @@ load_cache
in_cache txt top1.flushtest.example || ret=1
$RNDC $RNDCOPTS flushname top1.flushtest.example
in_cache txt top1.flushtest.example && ret=1
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I:check flushing of individual nodes (leaf node, under the interior node) ($n)"
echo_i "check flushing of individual nodes (leaf node, under the interior node) ($n)"
ret=0
# leaf node, under the interior node (should still exist)
in_cache txt third2.second1.top1.flushtest.example || ret=1
$RNDC $RNDCOPTS flushname third2.second1.top1.flushtest.example
in_cache txt third2.second1.top1.flushtest.example && ret=1
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I:check flushing of individual nodes (another leaf node, with both positive and negative cache entries) ($n)"
echo_i "check flushing of individual nodes (another leaf node, with both positive and negative cache entries) ($n)"
ret=0
# another leaf node, with both positive and negative cache entries
in_cache a third1.second1.top1.flushtest.example || ret=1
@ -142,18 +142,18 @@ in_cache txt third1.second1.top1.flushtest.example || ret=1
$RNDC $RNDCOPTS flushname third1.second1.top1.flushtest.example
in_cache a third1.second1.top1.flushtest.example && ret=1
in_cache txt third1.second1.top1.flushtest.example && ret=1
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I:check flushing a nonexistent name ($n)"
echo_i "check flushing a nonexistent name ($n)"
ret=0
$RNDC $RNDCOPTS flushname fake.flushtest.example || ret=1
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I:check flushing of namespaces ($n)"
echo_i "check flushing of namespaces ($n)"
ret=0
clear_cache
load_cache
@ -176,45 +176,45 @@ $RNDC $RNDCOPTS flushtree top2.flushtest.example
in_cache txt second1.top2.flushtest.example && ret=1
in_cache txt second2.top2.flushtest.example && ret=1
in_cache txt second3.top2.flushtest.example && ret=1
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I:check flushing a nonexistent namespace ($n)"
echo_i "check flushing a nonexistent namespace ($n)"
ret=0
$RNDC $RNDCOPTS flushtree fake.flushtest.example || ret=1
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I:check the number of cached records remaining ($n)"
echo_i "check the number of cached records remaining ($n)"
ret=0
dump_cache
nrecords=`grep flushtest.example ns2/named_dump.db.$n | grep -v '^;' | egrep '(TXT|ANY)' | wc -l`
[ $nrecords -eq 17 ] || { ret=1; echo "I: found $nrecords records expected 17"; }
if [ $ret != 0 ]; then echo "I:failed"; fi
[ $nrecords -eq 17 ] || { ret=1; echo_i "found $nrecords records expected 17"; }
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I:check the check that flushname of a partial match works ($n)"
echo_i "check the check that flushname of a partial match works ($n)"
ret=0
in_cache txt second2.top1.flushtest.example || ret=1
$RNDC $RNDCOPTS flushtree example
in_cache txt second2.top1.flushtest.example && ret=1
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I:check the number of cached records remaining ($n)"
echo_i "check the number of cached records remaining ($n)"
ret=0
dump_cache
nrecords=`grep flushtest.example ns2/named_dump.db.$n | grep -v '^;' | egrep '(TXT|ANY)' | wc -l`
[ $nrecords -eq 1 ] || { ret=1; echo "I: found $nrecords records expected 1"; }
if [ $ret != 0 ]; then echo "I:failed"; fi
[ $nrecords -eq 1 ] || { ret=1; echo_i "found $nrecords records expected 1"; }
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I:check flushtree clears adb correctly ($n)"
echo_i "check flushtree clears adb correctly ($n)"
ret=0
load_cache
dump_cache
@ -232,24 +232,24 @@ sed -n '/plain success\/timeout/,/Unassociated entries/p' \
grep 'plain success/timeout' sed.out.$n.b > /dev/null 2>&1 || ret=1
grep 'Unassociated entries' sed.out.$n.b > /dev/null 2>&1 || ret=1
grep 'ns.flushtest.example' sed.out.$n.b > /dev/null 2>&1 && ret=1
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I:check expire option returned from master zone ($n)"
echo_i "check expire option returned from master zone ($n)"
ret=0
$DIG @10.53.0.1 -p 5300 +expire soa expire-test > dig.out.expire
$DIG @10.53.0.1 -p ${PORT} +expire soa expire-test > dig.out.expire
grep EXPIRE: dig.out.expire > /dev/null || ret=1
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I:check expire option returned from slave zone ($n)"
echo_i "check expire option returned from slave zone ($n)"
ret=0
$DIG @10.53.0.2 -p 5300 +expire soa expire-test > dig.out.expire
$DIG @10.53.0.2 -p ${PORT} +expire soa expire-test > dig.out.expire
grep EXPIRE: dig.out.expire > /dev/null || ret=1
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
echo "I:exit status: $status"
echo_i "exit status: $status"
[ $status -eq 0 ] || exit 1

1
bin/tests/system/case/clean.sh
View File

@ -7,6 +7,7 @@
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
rm -f dig.ns*.test*
rm -f ns*/named.conf
rm -f ns*/named.lock
rm -f ns*/named.memstats
rm -f ns*/named.run

4
bin/tests/system/case/ns1/named.conf → bin/tests/system/case/ns1/named.conf.in
View File

@ -6,13 +6,11 @@
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
*/
controls { /* empty */ };
options {
query-source address 10.53.0.1;
notify-source 10.53.0.1;
transfer-source 10.53.0.1;
port 5300;
port @PORT@;
pid-file "named.pid";
listen-on { 10.53.0.1; };
listen-on-v6 { none; };

4
bin/tests/system/case/ns2/named.conf → bin/tests/system/case/ns2/named.conf.in
View File

@ -6,13 +6,11 @@
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
*/
controls { /* empty */ };
options {
query-source address 10.53.0.2;
notify-source 10.53.0.2;
transfer-source 10.53.0.2;
port 5300;
port @PORT@;
pid-file "named.pid";
listen-on { 10.53.0.2; };
listen-on-v6 { none; };

9
bin/tests/system/case/setup.sh
View File

@ -4,5 +4,10 @@
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
sh clean.sh
cp ns1/dynamic.db.in ns1/dynamic.db
SYSTEMTESTTOP=..
. $SYSTEMTESTTOP/conf.sh
${SHELL} clean.sh
cp -f ns1/dynamic.db.in ns1/dynamic.db
copy_setports ns1/named.conf.in ns1/named.conf
copy_setports ns2/named.conf.in ns2/named.conf

66
bin/tests/system/case/tests.sh
View File

@ -9,127 +9,127 @@
SYSTEMTESTTOP=..
. $SYSTEMTESTTOP/conf.sh
DIGOPTS="+tcp +nosea +nostat +noquest +nocomm +nocmd"
DIGOPTS="+tcp +nosea +nostat +noquest +nocomm +nocmd -p ${PORT}"
status=0
n=0
n=`expr $n + 1`
echo "I:waiting for zone transfer to complete ($n)"
echo_i "waiting for zone transfer to complete ($n)"
ret=0
for i in 1 2 3 4 5 6 7 8 9
do
$DIG $DIGOPTS soa example. @10.53.0.2 -p 5300 > dig.ns2.test$n
$DIG $DIGOPTS soa example. @10.53.0.2 > dig.ns2.test$n
grep SOA dig.ns2.test$n > /dev/null && break
sleep 1
done
for i in 1 2 3 4 5 6 7 8 9
do
$DIG $DIGOPTS soa dynamic. @10.53.0.2 -p 5300 > dig.ns2.test$n
$DIG $DIGOPTS soa dynamic. @10.53.0.2 > dig.ns2.test$n
grep SOA dig.ns2.test$n > /dev/null && break
sleep 1
done
n=`expr $n + 1`
echo "I:testing case preserving responses - no acl ($n)"
echo_i "testing case preserving responses - no acl ($n)"
ret=0
$DIG $DIGOPTS mx example. @10.53.0.1 -p 5300 > dig.ns1.test$n
$DIG $DIGOPTS mx example. @10.53.0.1 > dig.ns1.test$n
grep "0.mail.eXaMpLe" dig.ns1.test$n > /dev/null || ret=1
grep "mAiL.example" dig.ns1.test$n > /dev/null || ret=1
test $ret -eq 0 || echo "I:failed"
test $ret -eq 0 || echo_i "failed"
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I:testing no-case-compress acl '{ 10.53.0.2; }' ($n)"
echo_i "testing no-case-compress acl '{ 10.53.0.2; }' ($n)"
ret=0
# check that we preserve zone case for non-matching query (10.53.0.1)
$DIG $DIGOPTS mx example. -b 10.53.0.1 @10.53.0.1 -p 5300 > dig.ns1.test$n
$DIG $DIGOPTS mx example. -b 10.53.0.1 @10.53.0.1 > dig.ns1.test$n
grep "0.mail.eXaMpLe" dig.ns1.test$n > /dev/null || ret=1
grep "mAiL.example" dig.ns1.test$n > /dev/null || ret=1
# check that we don't preserve zone case for match (10.53.0.2)
$DIG $DIGOPTS mx example. -b 10.53.0.2 @10.53.0.2 -p 5300 > dig.ns2.test$n
$DIG $DIGOPTS mx example. -b 10.53.0.2 @10.53.0.2 > dig.ns2.test$n
grep "0.mail.example" dig.ns2.test$n > /dev/null || ret=1
grep "mail.example" dig.ns2.test$n > /dev/null || ret=1
test $ret -eq 0 || echo "I:failed"
test $ret -eq 0 || echo_i "failed"
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I:testing load of dynamic zone with various \$ORIGIN values ($n)"
echo_i "testing load of dynamic zone with various \$ORIGIN values ($n)"
ret=0
$DIG axfr dynamic @10.53.0.1 -p 5300 > dig.ns1.test$n
$DIG $DIGOPTS axfr dynamic @10.53.0.1 > dig.ns1.test$n
$PERL ../digcomp.pl dig.ns1.test$n dynamic.good || ret=1
test $ret -eq 0 || echo "I:failed"
test $ret -eq 0 || echo_i "failed"
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I:transfer of dynamic zone with various \$ORIGIN values ($n)"
echo_i "transfer of dynamic zone with various \$ORIGIN values ($n)"
ret=0
$DIG axfr dynamic @10.53.0.2 -p 5300 > dig.ns2.test$n
$DIG $DIGOPTS axfr dynamic @10.53.0.2 > dig.ns2.test$n
$PERL ../digcomp.pl dig.ns2.test$n dynamic.good || ret=1
test $ret -eq 0 || echo "I:failed"
test $ret -eq 0 || echo_i "failed"
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I:change SOA owner case via update ($n)"
echo_i "change SOA owner case via update ($n)"
$NSUPDATE << EOF
server 10.53.0.1 5300
server 10.53.0.1 ${PORT}
zone dynamic
update add dYNAMIc 0 SOA mname1. . 2000042408 20 20 1814400 3600
send
EOF
$DIG axfr dynamic @10.53.0.1 -p 5300 > dig.ns1.test$n
$DIG $DIGOPTS axfr dynamic @10.53.0.1 > dig.ns1.test$n
$PERL ../digcomp.pl dig.ns1.test$n postupdate.good || ret=1
test $ret -eq 0 || echo "I:failed"
test $ret -eq 0 || echo_i "failed"
status=`expr $status + $ret`
for i in 1 2 3 4 5 6 7 8 9
do
$DIG soa dynamic @10.53.0.2 -p 5300 | grep 2000042408 > /dev/null && break
$DIG $DIGOPTS soa dynamic @10.53.0.2 | grep 2000042408 > /dev/null && break
sleep 1
done
n=`expr $n + 1`
echo "I:check SOA owner case is transfered to slave ($n)"
echo_i "check SOA owner case is transfered to slave ($n)"
ret=0
$DIG axfr dynamic @10.53.0.2 -p 5300 > dig.ns2.test$n
$DIG $DIGOPTS axfr dynamic @10.53.0.2 > dig.ns2.test$n
$PERL ../digcomp.pl dig.ns2.test$n postupdate.good || ret=1
test $ret -eq 0 || echo "I:failed"
test $ret -eq 0 || echo_i "failed"
status=`expr $status + $ret`
#update delete Ns1.DyNaMIC. 300 IN A 10.53.0.1
n=`expr $n + 1`
echo "I:change A record owner case via update ($n)"
echo_i "change A record owner case via update ($n)"
$NSUPDATE << EOF
server 10.53.0.1 5300
server 10.53.0.1 ${PORT}
zone dynamic
update add Ns1.DyNaMIC. 300 IN A 10.53.0.1
send
EOF
$DIG axfr dynamic @10.53.0.1 -p 5300 > dig.ns1.test$n
$DIG $DIGOPTS axfr dynamic @10.53.0.1 > dig.ns1.test$n
$PERL ../digcomp.pl dig.ns1.test$n postns1.good || ret=1
test $ret -eq 0 || echo "I:failed"
test $ret -eq 0 || echo_i "failed"
status=`expr $status + $ret`
for i in 1 2 3 4 5 6 7 8 9
do
$DIG soa dynamic @10.53.0.2 -p 5300 | grep 2000042409 > /dev/null && break
$DIG $DIGOPTS soa dynamic @10.53.0.2 | grep 2000042409 > /dev/null && break
sleep 1
done
n=`expr $n + 1`
echo "I:check A owner case is transfered to slave ($n)"
echo_i "check A owner case is transfered to slave ($n)"
ret=0
$DIG axfr dynamic @10.53.0.2 -p 5300 > dig.ns2.test$n
$DIG $DIGOPTS axfr dynamic @10.53.0.2 > dig.ns2.test$n
$PERL ../digcomp.pl dig.ns2.test$n postns1.good || ret=1
status=`expr $status + $ret`
echo "I:exit status: $status"
echo_i "exit status: $status"
[ $status -eq 0 ] || exit 1

2
bin/tests/system/catz/tests.sh
View File

@ -1480,7 +1480,7 @@ ret=0
cat ns2/named.conf.in | sed -e "s/^#T2//" > ns2/named.conf.tmp
copy_setports ns2/named.conf.tmp ns2/named.conf
$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 reconfig > /dev/null 2>&1 && ret=1
if [ $ret != 0 ]; then echo_ "I: failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
n=`expr $n + 1`

6
bin/tests/system/cds/tests.sh
View File

@ -12,7 +12,7 @@ SYSTEMTESTTOP=..
status=0
n=0
fail() {
echo "I:failed"
echo_i "failed"
status=`expr $status + 1`
}
@ -23,7 +23,7 @@ runcmd() {
testcase() {
n=`expr $n + 1`
echo "I:$name ($n)"
echo_i "$name ($n)"
expect=$1
shift
result=`runcmd "$@"`
@ -234,5 +234,5 @@ name='prefer CDNSKEY'
out=DS.2-2
testcase 0 $CDS -D -s -7200 -f sig.cds.cdnskey.2 -d DS.1 $Z
echo "I:exit status: $status"
echo_i "exit status: $status"
[ $status -eq 0 ] || exit 1

5
bin/tests/system/chain/ans3/ans.pl
View File

@ -22,7 +22,10 @@ $SIG{INT} = \&rmpid;
$SIG{TERM} = \&rmpid;
my $localaddr = "10.53.0.3";
my $localport = 5300;
my $localport = int($ENV{'PORT'});
if (!$localport) { $localport = 5300; }
my $verbose = 0;
my $ttl = 60;
my $zone = "example.broken";

5
bin/tests/system/chain/ans4/README.anspy
View File

@ -9,8 +9,9 @@ ans.py requires at least dnspython 1.12.0.
"ans.py" is a fairly simple Python script that will respond as an
authoritative server to DNS queries. It opens a UDP socket on 10.53.0.4
and fd92:7065:b8e:ffff::8, port 5300 (these are for DNS queries) and a TCP
socket addresses on 10.53.0.4 at port 5301 (this is the control channel).
and fd92:7065:b8e:ffff::8, port 5300 (or PORT) (these are for DNS queries)
and a TCP socket addresses on 10.53.0.4 at port 5301 (or EXTRAPORT1)
(this is the control channel).
Please note that all functionality and formatting are subject to change as
we determine what features the tool will need.

19
bin/tests/system/chain/ans4/ans.py
View File

@ -266,16 +266,21 @@ def sigterm(signum, frame):
############################################################################
ip4 = "10.53.0.4"
ip6 = "fd92:7065:b8e:ffff::4"
sock = 5300
try: port=int(os.environ['PORT'])
except: port=5300
try: ctrlport=int(os.environ['EXTRAPORT1'])
except: ctrlport=5300
query4_socket = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
query4_socket.bind((ip4, sock))
query4_socket.bind((ip4, port))
havev6 = True
try:
query6_socket = socket.socket(socket.AF_INET6, socket.SOCK_DGRAM)
try:
query6_socket.bind((ip6, sock))
query6_socket.bind((ip6, port))
except:
query6_socket.close()
havev6 = False
@ -283,7 +288,7 @@ except:
havev6 = False
ctrl_socket = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
ctrl_socket.bind((ip4, sock + 1))
ctrl_socket.bind((ip4, ctrlport))
ctrl_socket.listen(5)
signal.signal(signal.SIGTERM, sigterm)
@ -295,10 +300,10 @@ f.close()
running = True
print ("Listening on %s port %d" % (ip4, sock))
print ("Listening on %s port %d" % (ip4, port))
if havev6:
print ("Listening on %s port %d" % (ip6, sock))
print ("Control channel on %s port %d" % (ip4, sock + 1))
print ("Listening on %s port %d" % (ip6, port))
print ("Control channel on %s port %d" % (ip4, ctrlport))
print ("Ctrl-c to quit")
if havev6:

1
bin/tests/system/chain/clean.sh
View File

@ -7,5 +7,6 @@
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
rm -f dig.out.* named*.pid
rm -f ns*/named.conf
rm -f */named.memstats */named.recursing */named.lock */named.run */ans.run
rm -f ns2/K* ns2/dsset-* ns2/example.db.signed

4
bin/tests/system/chain/ns1/named.conf → bin/tests/system/chain/ns1/named.conf.in
View File

@ -6,13 +6,11 @@
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
*/
controls { /* empty */ };
options {
query-source address 10.53.0.1;
notify-source 10.53.0.1;
transfer-source 10.53.0.1;
port 5300;
port @PORT@;
pid-file "named.pid";
listen-on { 10.53.0.1; };
listen-on-v6 { none; };

4
bin/tests/system/chain/ns2/named.conf → bin/tests/system/chain/ns2/named.conf.in
View File

@ -8,13 +8,11 @@
// NS2
controls { /* empty */ };
options {
query-source address 10.53.0.2;
notify-source 10.53.0.2;
transfer-source 10.53.0.2;
port 5300;
port @PORT@;
pid-file "named.pid";
listen-on { 10.53.0.2; };
listen-on-v6 { none; };

4
bin/tests/system/chain/ns5/named.conf → bin/tests/system/chain/ns5/named.conf.in
View File

@ -8,13 +8,11 @@
// NS2
controls { /* empty */ };
options {
query-source address 10.53.0.5;
notify-source 10.53.0.5;
transfer-source 10.53.0.5;
port 5300;
port @PORT@;
pid-file "named.pid";
listen-on { 10.53.0.5; };
listen-on-v6 { none; };

6
bin/tests/system/chain/ns7/named.conf → bin/tests/system/chain/ns7/named.conf.in
View File

@ -6,14 +6,12 @@
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
*/
controls { /* empty */ };
options {
directory ".";
query-source address 10.53.0.7;
notify-source 10.53.0.7;
transfer-source 10.53.0.7;
port 5300;
port @PORT@;
pid-file "named.pid";
listen-on { 10.53.0.7; };
listen-on-v6 { fd92:7065:b8e:ffff::7; };
@ -27,7 +25,7 @@ key rndc_key {
};
controls {
inet 10.53.0.7 port 9953 allow { any; } keys { rndc_key; };
inet 10.53.0.7 port @CONTROLPORT@ allow { any; } keys { rndc_key; };
};
zone "." {

10
bin/tests/system/chain/prereq.sh
View File

@ -17,11 +17,11 @@ then
then
:
else
echo "I:This test requires the dnspython module." >&2
echo_i "This test requires the dnspython module." >&2
exit 1
fi
else
echo "I:This test requires Python and the dnspython module." >&2
echo_i "This test requires Python and the dnspython module." >&2
exit 1
fi
@ -31,17 +31,17 @@ then
then
:
else
echo "I:Net::DNS versions 0.69 to 0.74 have bugs that cause this test to fail: please update." >&2
echo_i "Net::DNS versions 0.69 to 0.74 have bugs that cause this test to fail: please update." >&2
exit 1
fi
else
echo "I:This test requires the perl Net::DNS library." >&2
echo_i "This test requires the perl Net::DNS library." >&2
exit 1
fi
if $PERL -e 'use Net::DNS::Nameserver;' 2>/dev/null
then
:
else
echo "I:This test requires the Net::DNS::Nameserver library." >&2
echo_i "This test requires the Net::DNS::Nameserver library." >&2
exit 1
fi

5
bin/tests/system/chain/setup.sh
View File

@ -13,5 +13,10 @@ $SHELL clean.sh
test -r $RANDFILE || $GENRANDOM 400 $RANDFILE
copy_setports ns1/named.conf.in ns1/named.conf
copy_setports ns2/named.conf.in ns2/named.conf
copy_setports ns5/named.conf.in ns5/named.conf
copy_setports ns7/named.conf.in ns7/named.conf
cd ns2
$SHELL sign.sh

145
bin/tests/system/chain/tests.sh
View File

@ -7,242 +7,243 @@
SYSTEMTESTTOP=..
. $SYSTEMTESTTOP/conf.sh
DIGOPTS="-p 5300 "
SEND="$PERL $SYSTEMTESTTOP/send.pl 10.53.0.4 5301"
DIGOPTS="-p ${PORT}"
RNDCCMD="$RNDC -c $SYSTEMTESTTOP/common/rndc.conf -p ${CONTROLPORT} -s"
SEND="$PERL $SYSTEMTESTTOP/send.pl 10.53.0.4 ${EXTRAPORT1}"
status=0
n=0
n=`expr $n + 1`
echo "I:checking short DNAME from authoritative ($n)"
echo_i "checking short DNAME from authoritative ($n)"
ret=0
$DIG a.short-dname.example @10.53.0.2 a -p 5300 > dig.out.ns2.short || ret=1
$DIG $DIGOPTS a.short-dname.example @10.53.0.2 a > dig.out.ns2.short || ret=1
grep "status: NOERROR" dig.out.ns2.short > /dev/null || ret=1
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I:checking short DNAME from recursive ($n)"
echo_i "checking short DNAME from recursive ($n)"
ret=0
$DIG a.short-dname.example @10.53.0.7 a -p 5300 > dig.out.ns4.short || ret=1
$DIG $DIGOPTS a.short-dname.example @10.53.0.7 a > dig.out.ns4.short || ret=1
grep "status: NOERROR" dig.out.ns4.short > /dev/null || ret=1
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I:checking long DNAME from authoritative ($n)"
echo_i "checking long DNAME from authoritative ($n)"
ret=0
$DIG a.long-dname.example @10.53.0.2 a -p 5300 > dig.out.ns2.long || ret=1
$DIG $DIGOPTS a.long-dname.example @10.53.0.2 a > dig.out.ns2.long || ret=1
grep "status: NOERROR" dig.out.ns2.long > /dev/null || ret=1
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I:checking long DNAME from recursive ($n)"
echo_i "checking long DNAME from recursive ($n)"
ret=0
$DIG a.long-dname.example @10.53.0.7 a -p 5300 > dig.out.ns4.long || ret=1
$DIG $DIGOPTS a.long-dname.example @10.53.0.7 a > dig.out.ns4.long || ret=1
grep "status: NOERROR" dig.out.ns4.long > /dev/null || ret=1
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I:checking (too) long DNAME from authoritative ($n)"
echo_i "checking (too) long DNAME from authoritative ($n)"
ret=0
$DIG 01234567890123456789012345678901234567890123456789.longlonglonglonglonglonglonglonglonglonglonglonglonglonglong.longlonglonglonglonglonglonglonglonglonglonglonglonglonglong.longlonglonglonglonglonglonglonglonglonglonglonglonglonglong.long-dname.example @10.53.0.2 a -p 5300 > dig.out.ns2.toolong || ret=1
$DIG $DIGOPTS 01234567890123456789012345678901234567890123456789.longlonglonglonglonglonglonglonglonglonglonglonglonglonglong.longlonglonglonglonglonglonglonglonglonglonglonglonglonglong.longlonglonglonglonglonglonglonglonglonglonglonglonglonglong.long-dname.example @10.53.0.2 a > dig.out.ns2.toolong || ret=1
grep "status: YXDOMAIN" dig.out.ns2.toolong > /dev/null || ret=1
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I:checking (too) long DNAME from recursive with cached DNAME ($n)"
echo_i "checking (too) long DNAME from recursive with cached DNAME ($n)"
ret=0
$DIG 01234567890123456789012345678901234567890123456789.longlonglonglonglonglonglonglonglonglonglonglonglonglonglong.longlonglonglonglonglonglonglonglonglonglonglonglonglonglong.longlonglonglonglonglonglonglonglonglonglonglonglonglonglong.long-dname.example @10.53.0.7 a -p 5300 > dig.out.ns4.cachedtoolong || ret=1
$DIG $DIGOPTS 01234567890123456789012345678901234567890123456789.longlonglonglonglonglonglonglonglonglonglonglonglonglonglong.longlonglonglonglonglonglonglonglonglonglonglonglonglonglong.longlonglonglonglonglonglonglonglonglonglonglonglonglonglong.long-dname.example @10.53.0.7 a > dig.out.ns4.cachedtoolong || ret=1
grep "status: YXDOMAIN" dig.out.ns4.cachedtoolong > /dev/null || ret=1
grep '^long-dname\.example\..*DNAME.*long' dig.out.ns4.cachedtoolong > /dev/null || ret=1
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I:checking (too) long DNAME from recursive without cached DNAME ($n)"
echo_i "checking (too) long DNAME from recursive without cached DNAME ($n)"
ret=0
$DIG 01234567890123456789012345678901234567890123456789.longlonglonglonglonglonglonglonglonglonglonglonglonglonglong.longlonglonglonglonglonglonglonglonglonglonglonglonglonglong.longlonglonglonglonglonglonglonglonglonglonglonglonglong.toolong-dname.example @10.53.0.7 a -p 5300 > dig.out.ns4.uncachedtoolong || ret=1
$DIG $DIGOPTS 01234567890123456789012345678901234567890123456789.longlonglonglonglonglonglonglonglonglonglonglonglonglonglong.longlonglonglonglonglonglonglonglonglonglonglonglonglonglong.longlonglonglonglonglonglonglonglonglonglonglonglonglong.toolong-dname.example @10.53.0.7 a > dig.out.ns4.uncachedtoolong || ret=1
grep "status: YXDOMAIN" dig.out.ns4.uncachedtoolong > /dev/null || ret=1
grep '^toolong-dname\.example\..*DNAME.*long' dig.out.ns4.uncachedtoolong > /dev/null || ret=1
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I:checking CNAME to DNAME from authoritative ($n)"
echo_i "checking CNAME to DNAME from authoritative ($n)"
ret=0
$DIG cname.example @10.53.0.2 a -p 5300 > dig.out.ns2.cname
$DIG $DIGOPTS cname.example @10.53.0.2 a > dig.out.ns2.cname
grep "status: NOERROR" dig.out.ns2.cname > /dev/null || ret=1
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I:checking CNAME to DNAME from recursive"
echo_i "checking CNAME to DNAME from recursive"
ret=0
$DIG cname.example @10.53.0.7 a -p 5300 > dig.out.ns4.cname
$DIG $DIGOPTS cname.example @10.53.0.7 a > dig.out.ns4.cname
grep "status: NOERROR" dig.out.ns4.cname > /dev/null || ret=1
grep '^cname.example.' dig.out.ns4.cname > /dev/null || ret=1
grep '^cnamedname.example.' dig.out.ns4.cname > /dev/null || ret=1
grep '^a.cnamedname.example.' dig.out.ns4.cname > /dev/null || ret=1
grep '^a.target.example.' dig.out.ns4.cname > /dev/null || ret=1
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I:checking DNAME is returned with synthesized CNAME before DNAME ($n)"
echo_i "checking DNAME is returned with synthesized CNAME before DNAME ($n)"
ret=0
$DIG @10.53.0.7 -p 5300 name.synth-then-dname.example.broken A > dig.out.test$n
$DIG $DIGOPTS @10.53.0.7 name.synth-then-dname.example.broken A > dig.out.test$n
grep "status: NXDOMAIN" dig.out.test$n > /dev/null || ret=1
grep '^name.synth-then-dname\.example\.broken\..*CNAME.*name.$' dig.out.test$n > /dev/null || ret=1
grep '^synth-then-dname\.example\.broken\..*DNAME.*\.$' dig.out.test$n > /dev/null || ret=1
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I:checking DNAME is returned with CNAME to synthesized CNAME before DNAME ($n)"
echo_i "checking DNAME is returned with CNAME to synthesized CNAME before DNAME ($n)"
ret=0
$DIG @10.53.0.7 -p 5300 cname-to-synth2-then-dname.example.broken A > dig.out.test$n
$DIG $DIGOPTS @10.53.0.7 cname-to-synth2-then-dname.example.broken A > dig.out.test$n
grep "status: NXDOMAIN" dig.out.test$n > /dev/null || ret=1
grep '^cname-to-synth2-then-dname\.example\.broken\..*CNAME.*name\.synth2-then-dname\.example\.broken.$' dig.out.test$n > /dev/null || ret=1
grep '^name\.synth2-then-dname\.example\.broken\..*CNAME.*name.$' dig.out.test$n > /dev/null || ret=1
grep '^synth2-then-dname\.example\.broken\..*DNAME.*\.$' dig.out.test$n > /dev/null || ret=1
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I:checking CNAME loops are detected ($n)"
echo_i "checking CNAME loops are detected ($n)"
ret=0
$DIG @10.53.0.7 -p 5300 loop.example > dig.out.test$n
$DIG $DIGOPTS @10.53.0.7 loop.example > dig.out.test$n
grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1
grep "ANSWER: 17" dig.out.test$n > /dev/null || ret=1
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I:checking CNAME to external delegated zones is handled ($n)"
echo_i "checking CNAME to external delegated zones is handled ($n)"
ret=0
$DIG @10.53.0.7 -p 5300 a.example > dig.out.test$n
$DIG $DIGOPTS @10.53.0.7 a.example > dig.out.test$n
grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1
grep "ANSWER: 2" dig.out.test$n > /dev/null || ret=1
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I:checking CNAME to internal delegated zones is handled ($n)"
echo_i "checking CNAME to internal delegated zones is handled ($n)"
ret=0
$DIG @10.53.0.7 -p 5300 b.example > dig.out.test$n
$DIG $DIGOPTS @10.53.0.7 b.example > dig.out.test$n
grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1
grep "ANSWER: 2" dig.out.test$n > /dev/null || ret=1
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I:checking CNAME to signed external delgation is handled ($n)"
echo_i "checking CNAME to signed external delgation is handled ($n)"
ret=0
$DIG $DIGOPTS @10.53.0.7 -p 5300 c.example > dig.out.$n
$DIG $DIGOPTS @10.53.0.7 c.example > dig.out.$n
grep "status: NOERROR" dig.out.$n > /dev/null || ret=1
if [ $ret != 0 ]; then echo "I: failed"; fi
if [ $ret != 0 ]; then echo_i " failed"; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I:checking CNAME to signed internal delgation is handled ($n)"
echo_i "checking CNAME to signed internal delgation is handled ($n)"
ret=0
$DIG $DIGOPTS @10.53.0.7 -p 5300 d.example > dig.out.$n
$DIG $DIGOPTS @10.53.0.7 d.example > dig.out.$n
grep "status: NOERROR" dig.out.$n > /dev/null || ret=1
if [ $ret != 0 ]; then echo "I: failed"; fi
if [ $ret != 0 ]; then echo_i " failed"; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I:checking CNAME chains in various orders ($n)"
echo_i "checking CNAME chains in various orders ($n)"
ret=0
echo "cname,cname,cname|1,2,3,4,s1,s2,s3,s4" | $SEND
$DIG $DIGOPTS @10.53.0.7 test.domain.nil > dig.out.1.$n 2>&1
grep 'status: NOERROR' dig.out.1.$n > /dev/null 2>&1 || ret=1
grep 'ANSWER: 2' dig.out.1.$n > /dev/null 2>&1 || ret=1
$RNDC -c ../common/rndc.conf -s 10.53.0.7 -p 9953 flush 2>&1 | sed 's/^/I:ns7 /'
$RNDCCMD 10.53.0.7 flush 2>&1 | sed 's/^/ns7 /' | cat_i
echo "cname,cname,cname|1,1,2,2,3,4,s4,s3,s1" | $SEND
$DIG $DIGOPTS @10.53.0.7 test.domain.nil > dig.out.2.$n 2>&1
grep 'status: NOERROR' dig.out.2.$n > /dev/null 2>&1 || ret=1
grep 'ANSWER: 2' dig.out.2.$n > /dev/null 2>&1 || ret=1
$RNDC -c ../common/rndc.conf -s 10.53.0.7 -p 9953 flush 2>&1 | sed 's/^/I:ns7 /'
$RNDCCMD 10.53.0.7 flush 2>&1 | sed 's/^/ns7 /' | cat_i
echo "cname,cname,cname|2,1,3,4,s3,s1,s2,s4" | $SEND
$DIG $DIGOPTS @10.53.0.7 test.domain.nil > dig.out.3.$n 2>&1
grep 'status: NOERROR' dig.out.3.$n > /dev/null 2>&1 || ret=1
grep 'ANSWER: 2' dig.out.3.$n > /dev/null 2>&1 || ret=1
$RNDC -c ../common/rndc.conf -s 10.53.0.7 -p 9953 flush 2>&1 | sed 's/^/I:ns7 /'
$RNDCCMD 10.53.0.7 flush 2>&1 | sed 's/^/ns7 /' | cat_i
echo "cname,cname,cname|4,3,2,1,s4,s3,s2,s1" | $SEND
$DIG $DIGOPTS @10.53.0.7 test.domain.nil > dig.out.4.$n 2>&1
grep 'status: NOERROR' dig.out.4.$n > /dev/null 2>&1 || ret=1
grep 'ANSWER: 2' dig.out.4.$n > /dev/null 2>&1 || ret=1
echo "cname,cname,cname|4,3,2,1,s4,s3,s2,s1" | $SEND
$RNDC -c ../common/rndc.conf -s 10.53.0.7 -p 9953 flush 2>&1 | sed 's/^/I:ns7 /'
$RNDCCMD 10.53.0.7 flush 2>&1 | sed 's/^/ns7 /' | cat_i
$DIG $DIGOPTS @10.53.0.7 test.domain.nil > dig.out.5.$n 2>&1
grep 'status: NOERROR' dig.out.5.$n > /dev/null 2>&1 || ret=1
grep 'ANSWER: 2' dig.out.5.$n > /dev/null 2>&1 || ret=1
$RNDC -c ../common/rndc.conf -s 10.53.0.7 -p 9953 flush 2>&1 | sed 's/^/I:ns7 /'
$RNDCCMD 10.53.0.7 flush 2>&1 | sed 's/^/ns7 /' | cat_i
echo "cname,cname,cname|4,3,3,3,s1,s1,1,3,4" | $SEND
$DIG $DIGOPTS @10.53.0.7 test.domain.nil > dig.out.6.$n 2>&1
grep 'status: NOERROR' dig.out.6.$n > /dev/null 2>&1 || ret=1
grep 'ANSWER: 2' dig.out.6.$n > /dev/null 2>&1 || ret=1
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I:checking that only the initial CNAME is cached ($n)"
echo_i "checking that only the initial CNAME is cached ($n)"
ret=0
$RNDC -c ../common/rndc.conf -s 10.53.0.7 -p 9953 flush 2>&1 | sed 's/^/I:ns7 /'
$RNDCCMD 10.53.0.7 flush 2>&1 | sed 's/^/ns7 /' | cat_i
echo "cname,cname,cname|1,2,3,4,s1,s2,s3,s4" | $SEND
$DIG $DIGOPTS @10.53.0.7 test.domain.nil > dig.out.1.$n 2>&1
sleep 1
$DIG $DIGOPTS +noall +answer @10.53.0.7 cname1.domain.nil > dig.out.2.$n 2>&1
ttl=`awk '{print $2}' dig.out.2.$n`
[ "$ttl" -eq 86400 ] || ret=1
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I:checking DNAME chains in various orders ($n)"
echo_i "checking DNAME chains in various orders ($n)"
ret=0
$RNDC -c ../common/rndc.conf -s 10.53.0.7 -p 9953 flush 2>&1 | sed 's/^/I:ns7 /'
$RNDCCMD 10.53.0.7 flush 2>&1 | sed 's/^/ns7 /' | cat_i
echo "dname,dname|5,4,3,2,1,s5,s4,s3,s2,s1" | $SEND
$DIG $DIGOPTS @10.53.0.7 test.domain.nil > dig.out.1.$n 2>&1
grep 'status: NOERROR' dig.out.1.$n > /dev/null 2>&1 || ret=1
grep 'ANSWER: 3' dig.out.1.$n > /dev/null 2>&1 || ret=1
$RNDC -c ../common/rndc.conf -s 10.53.0.7 -p 9953 flush 2>&1 | sed 's/^/I:ns7 /'
$RNDCCMD 10.53.0.7 flush 2>&1 | sed 's/^/ns7 /' | cat_i
echo "dname,dname|5,4,3,2,1,s5,s4,s3,s2,s1" | $SEND
$DIG $DIGOPTS @10.53.0.7 test.domain.nil > dig.out.2.$n 2>&1
grep 'status: NOERROR' dig.out.2.$n > /dev/null 2>&1 || ret=1
grep 'ANSWER: 3' dig.out.2.$n > /dev/null 2>&1 || ret=1
$RNDC -c ../common/rndc.conf -s 10.53.0.7 -p 9953 flush 2>&1 | sed 's/^/I:ns7 /'
$RNDCCMD 10.53.0.7 flush 2>&1 | sed 's/^/ns7 /' | cat_i
echo "dname,dname|2,3,s1,s2,s3,s4,1" | $SEND
$DIG $DIGOPTS @10.53.0.7 test.domain.nil > dig.out.3.$n 2>&1
grep 'status: NOERROR' dig.out.3.$n > /dev/null 2>&1 || ret=1
grep 'ANSWER: 3' dig.out.3.$n > /dev/null 2>&1 || ret=1
$RNDC -c ../common/rndc.conf -s 10.53.0.7 -p 9953 flush 2>&1 | sed 's/^/I:ns7 /'
if [ $ret != 0 ]; then echo "I:failed"; fi
$RNDCCMD 10.53.0.7 flush 2>&1 | sed 's/^/ns7 /' | cat_i
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I:checking external CNAME/DNAME chains in various orders ($n)"
echo_i "checking external CNAME/DNAME chains in various orders ($n)"
ret=0
echo "xname,dname|1,2,3,4,s1,s2,s3,s4" | $SEND
$DIG $DIGOPTS @10.53.0.7 test.domain.nil > dig.out.1.$n 2>&1
grep 'status: NOERROR' dig.out.1.$n > /dev/null 2>&1 || ret=1
grep 'ANSWER: 2' dig.out.1.$n > /dev/null 2>&1 || ret=1
$RNDC -c ../common/rndc.conf -s 10.53.0.7 -p 9953 flush 2>&1 | sed 's/^/I:ns7 /'
$RNDCCMD 10.53.0.7 flush 2>&1 | sed 's/^/ns7 /' | cat_i
echo "xname,dname|s2,2,s1,1,4,s4,3" | $SEND
$DIG $DIGOPTS @10.53.0.7 test.domain.nil > dig.out.2.$n 2>&1
grep 'status: NOERROR' dig.out.2.$n > /dev/null 2>&1 || ret=1
grep 'ANSWER: 2' dig.out.2.$n > /dev/null 2>&1 || ret=1
$RNDC -c ../common/rndc.conf -s 10.53.0.7 -p 9953 flush 2>&1 | sed 's/^/I:ns7 /'
$RNDCCMD 10.53.0.7 flush 2>&1 | sed 's/^/ns7 /' | cat_i
echo "xname,dname|s2,2,2,2" | $SEND
$DIG $DIGOPTS @10.53.0.7 test.domain.nil > dig.out.3.$n 2>&1
grep 'status: SERVFAIL' dig.out.3.$n > /dev/null 2>&1 || ret=1
$RNDC -c ../common/rndc.conf -s 10.53.0.7 -p 9953 flush 2>&1 | sed 's/^/I:ns7 /'
if [ $ret != 0 ]; then echo "I:failed"; fi
$RNDCCMD 10.53.0.7 flush 2>&1 | sed 's/^/ns7 /' | cat_i
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
echo "I:exit status: $status"
echo_i "exit status: $status"
[ $status -eq 0 ] || exit 1

166
bin/tests/system/checkconf/tests.sh
View File

@ -11,37 +11,37 @@ status=0
n=0
n=`expr $n + 1`
echo "I: checking that named-checkconf handles a known good config ($n)"
echo_i "checking that named-checkconf handles a known good config ($n)"
ret=0
$CHECKCONF good.conf > /dev/null 2>&1 || ret=1
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I: checking that named-checkconf prints a known good config ($n)"
echo_i "checking that named-checkconf prints a known good config ($n)"
ret=0
awk 'BEGIN { ok = 0; } /cut here/ { ok = 1; getline } ok == 1 { print }' good.conf > good.conf.in
[ -s good.conf.in ] || ret=1
$CHECKCONF -p good.conf.in | grep -v '^good.conf.in:' > good.conf.out 2>&1 || ret=1
cmp good.conf.in good.conf.out || ret=1
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I: checking that named-checkconf -x removes secrets ($n)"
echo_i "checking that named-checkconf -x removes secrets ($n)"
ret=0
# ensure there is a secret and that it is not the check string.
grep 'secret "' good.conf.in > /dev/null || ret=1
grep 'secret "????????????????"' good.conf.in > /dev/null 2>&1 && ret=1
$CHECKCONF -p -x good.conf.in | grep -v '^good.conf.in:' > good.conf.out 2>&1 || ret=1
grep 'secret "????????????????"' good.conf.out > /dev/null 2>&1 || ret=1
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
for bad in bad-*.conf
do
n=`expr $n + 1`
echo "I: checking that named-checkconf detects error in $bad ($n)"
echo_i "checking that named-checkconf detects error in $bad ($n)"
ret=0
$CHECKCONF $bad > checkconf.out 2>&1
if [ $? != 1 ]; then ret=1; fi
@ -56,45 +56,45 @@ do
grep "$pat" checkconf.out > /dev/null || ret=1
;;
esac
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
done
for good in good-*.conf
do
n=`expr $n + 1`
echo "I: checking that named-checkconf detects no error in $good ($n)"
echo_i "checking that named-checkconf detects no error in $good ($n)"
ret=0
$CHECKCONF $good > /dev/null 2>&1
if [ $? != 0 ]; then echo "I:failed"; ret=1; fi
if [ $? != 0 ]; then echo_i "failed"; ret=1; fi
status=`expr $status + $ret`
done
n=`expr $n + 1`
echo "I: checking that named-checkconf -z catches missing hint file ($n)"
echo_i "checking that named-checkconf -z catches missing hint file ($n)"
ret=0
$CHECKCONF -z hint-nofile.conf > hint-nofile.out 2>&1 && ret=1
grep "could not configure root hints from 'nonexistent.db': file not found" hint-nofile.out > /dev/null || ret=1
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I: checking that named-checkconf catches range errors ($n)"
echo_i "checking that named-checkconf catches range errors ($n)"
ret=0
$CHECKCONF range.conf > /dev/null 2>&1 && ret=1
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I: checking that named-checkconf warns of notify inconsistencies ($n)"
echo_i "checking that named-checkconf warns of notify inconsistencies ($n)"
ret=0
warnings=`$CHECKCONF notify.conf 2>&1 | grep "'notify' is disabled" | wc -l`
[ $warnings -eq 3 ] || ret=1
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I: checking named-checkconf dnssec warnings ($n)"
echo_i "checking named-checkconf dnssec warnings ($n)"
ret=0
$CHECKCONF dnssec.1 2>&1 | grep 'validation yes.*enable no' > /dev/null || ret=1
$CHECKCONF dnssec.2 2>&1 | grep 'auto-dnssec may only be ' > /dev/null || ret=1
@ -102,11 +102,11 @@ $CHECKCONF dnssec.2 2>&1 | grep 'validation auto.*enable no' > /dev/null || ret=
$CHECKCONF dnssec.2 2>&1 | grep 'validation yes.*enable no' > /dev/null || ret=1
# this one should have no warnings
$CHECKCONF dnssec.3 2>&1 | grep '.*' && ret=1
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I: range checking fields that do not allow zero ($n)"
echo_i "range checking fields that do not allow zero ($n)"
ret=0
for field in max-retry-time min-retry-time max-refresh-time min-refresh-time; do
cat > badzero.conf << EOF
@ -115,14 +115,14 @@ options {
};
EOF
$CHECKCONF badzero.conf > /dev/null 2>&1
[ $? -eq 1 ] || { echo "I: options $field failed" ; ret=1; }
[ $? -eq 1 ] || { echo_i "options $field failed" ; ret=1; }
cat > badzero.conf << EOF
view dummy {
$field 0;
};
EOF
$CHECKCONF badzero.conf > /dev/null 2>&1
[ $? -eq 1 ] || { echo "I: view $field failed" ; ret=1; }
[ $? -eq 1 ] || { echo_i "view $field failed" ; ret=1; }
cat > badzero.conf << EOF
options {
$field 0;
@ -131,7 +131,7 @@ view dummy {
};
EOF
$CHECKCONF badzero.conf > /dev/null 2>&1
[ $? -eq 1 ] || { echo "I: options + view $field failed" ; ret=1; }
[ $? -eq 1 ] || { echo_i "options + view $field failed" ; ret=1; }
cat > badzero.conf << EOF
zone dummy {
type slave;
@ -140,13 +140,13 @@ zone dummy {
};
EOF
$CHECKCONF badzero.conf > /dev/null 2>&1
[ $? -eq 1 ] || { echo "I: zone $field failed" ; ret=1; }
[ $? -eq 1 ] || { echo_i "zone $field failed" ; ret=1; }
done
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I: checking options allowed in inline-signing slaves ($n)"
echo_i "checking options allowed in inline-signing slaves ($n)"
ret=0
l=`$CHECKCONF bad-dnssec.conf 2>&1 | grep "dnssec-dnskey-kskonly.*requires inline" | wc -l`
[ $l -eq 1 ] || ret=1
@ -154,29 +154,29 @@ l=`$CHECKCONF bad-dnssec.conf 2>&1 | grep "dnssec-loadkeys-interval.*requires in
[ $l -eq 1 ] || ret=1
l=`$CHECKCONF bad-dnssec.conf 2>&1 | grep "update-check-ksk.*requires inline" | wc -l`
[ $l -eq 1 ] || ret=1
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I: check file + inline-signing for slave zones ($n)"
echo_i "check file + inline-signing for slave zones ($n)"
l=`$CHECKCONF inline-no.conf 2>&1 | grep "missing 'file' entry" | wc -l`
[ $l -eq 0 ] || ret=1
l=`$CHECKCONF inline-good.conf 2>&1 | grep "missing 'file' entry" | wc -l`
[ $l -eq 0 ] || ret=1
l=`$CHECKCONF inline-bad.conf 2>&1 | grep "missing 'file' entry" | wc -l`
[ $l -eq 1 ] || ret=1
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I: checking named-checkconf DLZ warnings ($n)"
echo_i "checking named-checkconf DLZ warnings ($n)"
ret=0
$CHECKCONF dlz-bad.conf 2>&1 | grep "'dlz' and 'database'" > /dev/null || ret=1
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I: checking for missing key directory warning ($n)"
echo_i "checking for missing key directory warning ($n)"
ret=0
rm -rf test.keydir
l=`$CHECKCONF warn-keydir.conf 2>&1 | grep "'test.keydir' does not exist" | wc -l`
@ -189,209 +189,209 @@ mkdir test.keydir
l=`$CHECKCONF warn-keydir.conf 2>&1 | grep "key-directory" | wc -l`
[ $l -eq 0 ] || ret=1
rm -rf test.keydir
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
n=`expr $n + 1`
echo "I: checking that named-checkconf -z catches conflicting ttl with max-ttl ($n)"
echo_i "checking that named-checkconf -z catches conflicting ttl with max-ttl ($n)"
ret=0
$CHECKCONF -z max-ttl.conf > check.out 2>&1
grep 'TTL 900 exceeds configured max-zone-ttl 600' check.out > /dev/null 2>&1 || ret=1
grep 'TTL 900 exceeds configured max-zone-ttl 600' check.out > /dev/null 2>&1 || ret=1
grep 'TTL 900 exceeds configured max-zone-ttl 600' check.out > /dev/null 2>&1 || ret=1
if [ $ret != 0 ]; then echo "I:failed"; ret=1; fi
if [ $ret != 0 ]; then echo_i "failed"; ret=1; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I: checking that named-checkconf -z catches invalid max-ttl ($n)"
echo_i "checking that named-checkconf -z catches invalid max-ttl ($n)"
ret=0
$CHECKCONF -z max-ttl-bad.conf > /dev/null 2>&1 && ret=1
if [ $ret != 0 ]; then echo "I:failed"; ret=1; fi
if [ $ret != 0 ]; then echo_i "failed"; ret=1; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I: checking that named-checkconf -z skips zone check with alternate databases ($n)"
echo_i "checking that named-checkconf -z skips zone check with alternate databases ($n)"
ret=0
$CHECKCONF -z altdb.conf > /dev/null 2>&1 || ret=1
if [ $ret != 0 ]; then echo "I:failed"; ret=1; fi
if [ $ret != 0 ]; then echo_i "failed"; ret=1; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I: checking that named-checkconf -z skips zone check with DLZ ($n)"
echo_i "checking that named-checkconf -z skips zone check with DLZ ($n)"
ret=0
$CHECKCONF -z altdlz.conf > /dev/null 2>&1 || ret=1
if [ $ret != 0 ]; then echo "I:failed"; ret=1; fi
if [ $ret != 0 ]; then echo_i "failed"; ret=1; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I: checking that named-checkconf -z fails on view with ANY class ($n)"
echo_i "checking that named-checkconf -z fails on view with ANY class ($n)"
ret=0
$CHECKCONF -z view-class-any1.conf > /dev/null 2>&1 && ret=1
if [ $ret != 0 ]; then echo "I:failed"; ret=1; fi
if [ $ret != 0 ]; then echo_i "failed"; ret=1; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I: checking that named-checkconf -z fails on view with CLASS255 class ($n)"
echo_i "checking that named-checkconf -z fails on view with CLASS255 class ($n)"
ret=0
$CHECKCONF -z view-class-any2.conf > /dev/null 2>&1 && ret=1
if [ $ret != 0 ]; then echo "I:failed"; ret=1; fi
if [ $ret != 0 ]; then echo_i "failed"; ret=1; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I: checking that named-checkconf -z passes on view with IN class ($n)"
echo_i "checking that named-checkconf -z passes on view with IN class ($n)"
ret=0
$CHECKCONF -z view-class-in1.conf > /dev/null 2>&1 || ret=1
if [ $ret != 0 ]; then echo "I:failed"; ret=1; fi
if [ $ret != 0 ]; then echo_i "failed"; ret=1; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I: checking that named-checkconf -z passes on view with CLASS1 class ($n)"
echo_i "checking that named-checkconf -z passes on view with CLASS1 class ($n)"
ret=0
$CHECKCONF -z view-class-in2.conf > /dev/null 2>&1 || ret=1
if [ $ret != 0 ]; then echo "I:failed"; ret=1; fi
if [ $ret != 0 ]; then echo_i "failed"; ret=1; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I: check that check-names fails as configured ($n)"
echo_i "check that check-names fails as configured ($n)"
ret=0
$CHECKCONF -z check-names-fail.conf > checkconf.out$n 2>&1 && ret=1
grep "near '_underscore': bad name (check-names)" checkconf.out$n > /dev/null || ret=1
grep "zone check-names/IN: loaded serial" < checkconf.out$n > /dev/null && ret=1
if [ $ret != 0 ]; then echo "I:failed"; ret=1; fi
if [ $ret != 0 ]; then echo_i "failed"; ret=1; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I: check that check-mx fails as configured ($n)"
echo_i "check that check-mx fails as configured ($n)"
ret=0
$CHECKCONF -z check-mx-fail.conf > checkconf.out$n 2>&1 && ret=1
grep "near '10.0.0.1': MX is an address" checkconf.out$n > /dev/null || ret=1
grep "zone check-mx/IN: loaded serial" < checkconf.out$n > /dev/null && ret=1
if [ $ret != 0 ]; then echo "I:failed"; ret=1; fi
if [ $ret != 0 ]; then echo_i "failed"; ret=1; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I: check that check-dup-records fails as configured ($n)"
echo_i "check that check-dup-records fails as configured ($n)"
ret=0
$CHECKCONF -z check-dup-records-fail.conf > checkconf.out$n 2>&1 && ret=1
grep "has semantically identical records" checkconf.out$n > /dev/null || ret=1
grep "zone check-dup-records/IN: loaded serial" < checkconf.out$n > /dev/null && ret=1
if [ $ret != 0 ]; then echo "I:failed"; ret=1; fi
if [ $ret != 0 ]; then echo_i "failed"; ret=1; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I: check that check-mx fails as configured ($n)"
echo_i "check that check-mx fails as configured ($n)"
ret=0
$CHECKCONF -z check-mx-fail.conf > checkconf.out$n 2>&1 && ret=1
grep "failed: MX is an address" checkconf.out$n > /dev/null || ret=1
grep "zone check-mx/IN: loaded serial" < checkconf.out$n > /dev/null && ret=1
if [ $ret != 0 ]; then echo "I:failed"; ret=1; fi
if [ $ret != 0 ]; then echo_i "failed"; ret=1; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I: check that check-mx-cname fails as configured ($n)"
echo_i "check that check-mx-cname fails as configured ($n)"
ret=0
$CHECKCONF -z check-mx-cname-fail.conf > checkconf.out$n 2>&1 && ret=1
grep "MX.* is a CNAME (illegal)" checkconf.out$n > /dev/null || ret=1
grep "zone check-mx-cname/IN: loaded serial" < checkconf.out$n > /dev/null && ret=1
if [ $ret != 0 ]; then echo "I:failed"; ret=1; fi
if [ $ret != 0 ]; then echo_i "failed"; ret=1; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I: check that check-srv-cname fails as configured ($n)"
echo_i "check that check-srv-cname fails as configured ($n)"
ret=0
$CHECKCONF -z check-srv-cname-fail.conf > checkconf.out$n 2>&1 && ret=1
grep "SRV.* is a CNAME (illegal)" checkconf.out$n > /dev/null || ret=1
grep "zone check-mx-cname/IN: loaded serial" < checkconf.out$n > /dev/null && ret=1
if [ $ret != 0 ]; then echo "I:failed"; ret=1; fi
if [ $ret != 0 ]; then echo_i "failed"; ret=1; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I: check that named-checkconf -p properly print a port range ($n)"
echo_i "check that named-checkconf -p properly print a port range ($n)"
ret=0
$CHECKCONF -p portrange-good.conf > checkconf.out$n 2>&1 || ret=1
grep "range 8610 8614;" checkconf.out$n > /dev/null || ret=1
if [ $ret != 0 ]; then echo "I:failed"; ret=1; fi
if [ $ret != 0 ]; then echo_i "failed"; ret=1; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I: check that named-checkconf -z handles in-view ($n)"
echo_i "check that named-checkconf -z handles in-view ($n)"
ret=0
$CHECKCONF -z in-view-good.conf > checkconf.out$n 2>&1 || ret=1
grep "zone shared.example/IN: loaded serial" < checkconf.out$n > /dev/null || ret=1
if [ $ret != 0 ]; then echo "I:failed"; ret=1; fi
if [ $ret != 0 ]; then echo_i "failed"; ret=1; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I: check that named-checkconf prints max-cache-size <percentage> correctly ($n)"
echo_i "check that named-checkconf prints max-cache-size <percentage> correctly ($n)"
ret=0
$CHECKCONF -p max-cache-size-good.conf > checkconf.out$n 2>&1 || ret=1
grep "max-cache-size 60%;" checkconf.out$n > /dev/null || ret=1
if [ $ret != 0 ]; then echo "I:failed"; ret=1; fi
if [ $ret != 0 ]; then echo_i "failed"; ret=1; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I: check that named-checkconf -l print out the zone list ($n)"
echo_i "check that named-checkconf -l print out the zone list ($n)"
ret=0
$CHECKCONF -l good.conf |
grep -v "is not implemented" |
grep -v "is obsolete" > checkconf.out$n || ret=1
diff good.zonelist checkconf.out$n > diff.out$n || ret=1
if [ $ret != 0 ]; then echo "I:failed"; ret=1; fi
if [ $ret != 0 ]; then echo_i "failed"; ret=1; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I: check that 'dnssec-lookaside auto;' generates a warning ($n)"
echo_i "check that 'dnssec-lookaside auto;' generates a warning ($n)"
ret=0
$CHECKCONF warn-dlv-auto.conf > checkconf.out$n 2>/dev/null || ret=1
grep "dnssec-lookaside 'auto' is no longer supported" checkconf.out$n > /dev/null || ret=1
if [ $ret != 0 ]; then echo "I:failed"; ret=1; fi
if [ $ret != 0 ]; then echo_i "failed"; ret=1; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I: check that 'dnssec-lookaside . trust-anchor dlv.isc.org;' generates a warning ($n)"
echo_i "check that 'dnssec-lookaside . trust-anchor dlv.isc.org;' generates a warning ($n)"
ret=0
$CHECKCONF warn-dlv-dlv.isc.org.conf > checkconf.out$n 2>/dev/null || ret=1
grep "dlv.isc.org has been shut down" checkconf.out$n > /dev/null || ret=1
if [ $ret != 0 ]; then echo "I:failed"; ret=1; fi
if [ $ret != 0 ]; then echo_i "failed"; ret=1; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I: check that 'dnssec-lookaside . trust-anchor dlv.example.com;' doesn't generates a warning ($n)"
echo_i "check that 'dnssec-lookaside . trust-anchor dlv.example.com;' doesn't generates a warning ($n)"
ret=0
$CHECKCONF good-dlv-dlv.example.com.conf > checkconf.out$n 2>/dev/null || ret=1
[ -s checkconf.out$n ] && ret=1
if [ $ret != 0 ]; then echo "I:failed"; ret=1; fi
if [ $ret != 0 ]; then echo_i "failed"; ret=1; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I: check that the 2010 ICANN ROOT KSK without the 2017 ICANN ROOT KSK generates a warning ($n)"
echo_i "check that the 2010 ICANN ROOT KSK without the 2017 ICANN ROOT KSK generates a warning ($n)"
ret=0
$CHECKCONF check-root-ksk-2010.conf > checkconf.out$n 2>/dev/null || ret=1
[ -s checkconf.out$n ] || ret=1
grep "trusted-key for root from 2010 without updated" checkconf.out$n > /dev/null || ret=1
if [ $ret != 0 ]; then echo "I:failed"; ret=1; fi
if [ $ret != 0 ]; then echo_i "failed"; ret=1; fi
status=`expr $status + $ret`
echo "I: check that the 2010 ICANN ROOT KSK with the 2017 ICANN ROOT KSK does not warning ($n)"
echo_i "check that the 2010 ICANN ROOT KSK with the 2017 ICANN ROOT KSK does not warning ($n)"
ret=0
$CHECKCONF check-root-ksk-both.conf > checkconf.out$n 2>/dev/null || ret=1
[ -s checkconf.out$n ] && ret=1
if [ $ret != 0 ]; then echo "I:failed"; ret=1; fi
if [ $ret != 0 ]; then echo_i "failed"; ret=1; fi
status=`expr $status + $ret`
echo "I: check that the 2017 ICANN ROOT KSK alone does not warning ($n)"
echo_i "check that the 2017 ICANN ROOT KSK alone does not warning ($n)"
ret=0
$CHECKCONF check-root-ksk-2017.conf > checkconf.out$n 2>/dev/null || ret=1
[ -s checkconf.out$n ] && ret=1
if [ $ret != 0 ]; then echo "I:failed"; ret=1; fi
if [ $ret != 0 ]; then echo_i "failed"; ret=1; fi
status=`expr $status + $ret`
echo "I: check that the dlv.isc.org KSK generates a warning ($n)"
echo_i "check that the dlv.isc.org KSK generates a warning ($n)"
ret=0
$CHECKCONF check-dlv-ksk-key.conf > checkconf.out$n 2>/dev/null || ret=1
[ -s checkconf.out$n ] || ret=1
grep "trusted-key for dlv.isc.org still present" checkconf.out$n > /dev/null || ret=1
if [ $ret != 0 ]; then echo "I:failed"; ret=1; fi
if [ $ret != 0 ]; then echo_i "failed"; ret=1; fi
status=`expr $status + $ret`
echo "I:exit status: $status"
echo_i "exit status: $status"
[ $status -eq 0 ] || exit 1

70
bin/tests/system/checkds/tests.sh
View File

@ -22,80 +22,80 @@ chmod +x $DIG
status=0
n=1
echo "I:checking for correct DS, looking up key via 'dig' ($n)"
echo_i "checking for correct DS, looking up key via 'dig' ($n)"
ret=0
$CHECKDS ok.example > checkds.out.$n 2>&1 || ret=1
grep 'SHA-1' checkds.out.$n > /dev/null 2>&1 || ret=1
grep 'SHA-256' checkds.out.$n > /dev/null 2>&1 || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
echo "I:checking for correct DS, obtaining key from file ($n)"
echo_i "checking for correct DS, obtaining key from file ($n)"
ret=0
$CHECKDS -f ok.example.dnskey.db ok.example > checkds.out.$n || ret=1
grep 'SHA-1' checkds.out.$n > /dev/null 2>&1 || ret=1
grep 'SHA-256' checkds.out.$n > /dev/null 2>&1 || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
echo "I:checking for correct DLV, looking up key via 'dig' ($n)"
echo_i "checking for correct DLV, looking up key via 'dig' ($n)"
ret=0
$CHECKDS -l dlv.example ok.example > checkds.out.$n || ret=1
grep 'SHA-1' checkds.out.$n > /dev/null 2>&1 || ret=1
grep 'SHA-256' checkds.out.$n > /dev/null 2>&1 || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
echo "I:checking for correct DLV, obtaining key from file ($n)"
echo_i "checking for correct DLV, obtaining key from file ($n)"
ret=0
$CHECKDS -l dlv.example -f ok.example.dnskey.db ok.example > checkds.out.$n || ret=1
grep 'SHA-1' checkds.out.$n > /dev/null 2>&1 || ret=1
grep 'SHA-256' checkds.out.$n > /dev/null 2>&1 || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
echo "I:checking for incorrect DS, lowronging up key via 'dig' ($n)"
echo_i "checking for incorrect DS, lowronging up key via 'dig' ($n)"
ret=0
$CHECKDS wrong.example > checkds.out.$n || ret=1
grep 'SHA-1' checkds.out.$n > /dev/null 2>&1 || ret=1
grep 'SHA-256' checkds.out.$n > /dev/null 2>&1 || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
echo "I:checking for incorrect DS, obtaining key from file ($n)"
echo_i "checking for incorrect DS, obtaining key from file ($n)"
ret=0
$CHECKDS -f wrong.example.dnskey.db wrong.example > checkds.out.$n || ret=1
grep 'SHA-1' checkds.out.$n > /dev/null 2>&1 || ret=1
grep 'SHA-256' checkds.out.$n > /dev/null 2>&1 || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
echo "I:checking for incorrect DLV, lowronging up key via 'dig' ($n)"
echo_i "checking for incorrect DLV, lowronging up key via 'dig' ($n)"
ret=0
$CHECKDS -l dlv.example wrong.example > checkds.out.$n || ret=1
grep 'SHA-1' checkds.out.$n > /dev/null 2>&1 || ret=1
grep 'SHA-256' checkds.out.$n > /dev/null 2>&1 || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
echo "I:checking for incorrect DLV, obtaining key from file ($n)"
echo_i "checking for incorrect DLV, obtaining key from file ($n)"
ret=0
$CHECKDS -l dlv.example -f wrong.example.dnskey.db wrong.example > checkds.out.$n || ret=1
grep 'SHA-1' checkds.out.$n > /dev/null 2>&1 || ret=1
grep 'SHA-256' checkds.out.$n > /dev/null 2>&1 || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
echo "I:checking for partially missing DS, looking up key via 'dig' ($n)"
echo_i "checking for partially missing DS, looking up key via 'dig' ($n)"
ret=0
$CHECKDS missing.example > checkds.out.$n || ret=1
grep 'SHA-1.*found' checkds.out.$n > /dev/null 2>&1 || ret=1
@ -103,10 +103,10 @@ grep 'SHA-256.*found' checkds.out.$n > /dev/null 2>&1 || ret=1
grep 'SHA-1.*missing' checkds.out.$n > /dev/null 2>&1 || ret=1
grep 'SHA-256.*missing' checkds.out.$n > /dev/null 2>&1 || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
echo "I:checking for partially missing DS, obtaining key from file ($n)"
echo_i "checking for partially missing DS, obtaining key from file ($n)"
ret=0
$CHECKDS -f missing.example.dnskey.db missing.example > checkds.out.$n || ret=1
grep 'SHA-1.*found' checkds.out.$n > /dev/null 2>&1 || ret=1
@ -114,10 +114,10 @@ grep 'SHA-256.*found' checkds.out.$n > /dev/null 2>&1 || ret=1
grep 'SHA-1.*missing' checkds.out.$n > /dev/null 2>&1 || ret=1
grep 'SHA-256.*missing' checkds.out.$n > /dev/null 2>&1 || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
echo "I:checking for partially missing DLV, looking up key via 'dig' ($n)"
echo_i "checking for partially missing DLV, looking up key via 'dig' ($n)"
ret=0
$CHECKDS -l dlv.example missing.example > checkds.out.$n || ret=1
grep 'SHA-1.*found' checkds.out.$n > /dev/null 2>&1 || ret=1
@ -125,10 +125,10 @@ grep 'SHA-256.*found' checkds.out.$n > /dev/null 2>&1 || ret=1
grep 'SHA-1.*missing' checkds.out.$n > /dev/null 2>&1 || ret=1
grep 'SHA-256.*missing' checkds.out.$n > /dev/null 2>&1 || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
echo "I:checking for partially missing DLV, obtaining key from file ($n)"
echo_i "checking for partially missing DLV, obtaining key from file ($n)"
ret=0
$CHECKDS -l dlv.example -f missing.example.dnskey.db missing.example > checkds.out.$n || ret=1
grep 'SHA-1.*found' checkds.out.$n > /dev/null 2>&1 || ret=1
@ -136,50 +136,50 @@ grep 'SHA-256.*found' checkds.out.$n > /dev/null 2>&1 || ret=1
grep 'SHA-1.*missing' checkds.out.$n > /dev/null 2>&1 || ret=1
grep 'SHA-256.*missing' checkds.out.$n > /dev/null 2>&1 || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
echo "I:checking for entirely missing DS, looking up key via 'dig' ($n)"
echo_i "checking for entirely missing DS, looking up key via 'dig' ($n)"
ret=0
$CHECKDS none.example > checkds.out.$n && ret=1
grep 'No DS' checkds.out.$n > /dev/null 2>&1 || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
echo "I:checking for entirely missing DS, obtaining key from file ($n)"
echo_i "checking for entirely missing DS, obtaining key from file ($n)"
ret=0
$CHECKDS -f none.example.dnskey.db none.example > checkds.out.$n && ret=1
grep 'No DS' checkds.out.$n > /dev/null 2>&1 || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
echo "I:checking for entirely missing DLV, looking up key via 'dig' ($n)"
echo_i "checking for entirely missing DLV, looking up key via 'dig' ($n)"
ret=0
$CHECKDS -l dlv.example none.example > checkds.out.$n && ret=1
grep 'No DLV' checkds.out.$n > /dev/null 2>&1 || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
echo "I:checking for entirely missing DLV, obtaining key from file ($n)"
echo_i "checking for entirely missing DLV, obtaining key from file ($n)"
ret=0
$CHECKDS -l dlv.example -f none.example.dnskey.db none.example > checkds.out.$n && ret=1
grep 'No DLV' checkds.out.$n > /dev/null 2>&1 || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
echo "I:checking with prepared dsset file ($n)"
echo_i "checking with prepared dsset file ($n)"
ret=0
$CHECKDS -f prep.example.db -s prep.example.ds.db prep.example > checkds.out.$n || ret=1
grep 'SHA-1.*found' checkds.out.$n > /dev/null 2>&1 || ret=1
grep 'SHA-256.*found' checkds.out.$n > /dev/null 2>&1 || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
if [ $status = 0 ]; then $SHELL clean.sh; fi
echo "I:exit status: $status"
echo_i "exit status: $status"
[ $status -eq 0 ] || exit 1

3
bin/tests/system/checknames/clean.sh
View File

@ -6,8 +6,7 @@
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
# $Id: clean.sh,v 1.6 2007/09/26 03:22:43 marka Exp $
rm -f ns*/named.conf
rm -f dig.out.ns?.test*
rm -f nsupdate.out.test*
rm -f ns1/*.example.db

6
bin/tests/system/checknames/ns1/named.conf → bin/tests/system/checknames/ns1/named.conf.in
View File

@ -6,15 +6,11 @@
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
*/
/* $Id: named.conf,v 1.9 2007/06/19 23:47:01 tbox Exp $ */
controls { /* empty */ };
options {
query-source address 10.53.0.1;
notify-source 10.53.0.1;
transfer-source 10.53.0.1;
port 5300;
port @PORT@;
pid-file "named.pid";
listen-on { 10.53.0.1; };
listen-on-v6 { none; };

6
bin/tests/system/checknames/ns2/named.conf → bin/tests/system/checknames/ns2/named.conf.in
View File

@ -6,15 +6,11 @@
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
*/
/* $Id: named.conf,v 1.7 2007/06/18 23:47:27 tbox Exp $ */
controls { /* empty */ };
options {
query-source address 10.53.0.2;
notify-source 10.53.0.2;
transfer-source 10.53.0.2;
port 5300;
port @PORT@;
pid-file "named.pid";
listen-on { 10.53.0.2; };
listen-on-v6 { none; };

6
bin/tests/system/checknames/ns3/named.conf → bin/tests/system/checknames/ns3/named.conf.in
View File

@ -6,15 +6,11 @@
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
*/
/* $Id: named.conf,v 1.7 2007/06/18 23:47:27 tbox Exp $ */
controls { /* empty */ };
options {
query-source address 10.53.0.3;
notify-source 10.53.0.3;
transfer-source 10.53.0.3;
port 5300;
port @PORT@;
pid-file "named.pid";
listen-on { 10.53.0.3; };
listen-on-v6 { none; };

6
bin/tests/system/checknames/ns4/named.conf → bin/tests/system/checknames/ns4/named.conf.in
View File

@ -6,15 +6,11 @@
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
*/
/* $Id: named.conf,v 1.7 2007/06/18 23:47:27 tbox Exp $ */
controls { /* empty */ };
options {
query-source address 10.53.0.4;
notify-source 10.53.0.4;
transfer-source 10.53.0.4;
port 5300;
port @PORT@;
pid-file "named.pid";
listen-on { 10.53.0.4; };
listen-on-v6 { none; };

10
bin/tests/system/checknames/setup.sh
View File

@ -4,7 +4,15 @@
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
# $Id: setup.sh,v 1.5 2007/06/19 23:47:01 tbox Exp $
SYSTEMTESTTOP=..
. $SYSTEMTESTTOP/conf.sh
$SHELL clean.sh
copy_setports ns1/named.conf.in ns1/named.conf
copy_setports ns2/named.conf.in ns2/named.conf
copy_setports ns3/named.conf.in ns3/named.conf
copy_setports ns4/named.conf.in ns4/named.conf
cp ns1/ignore.example.db.in ns1/ignore.example.db
cp ns1/warn.example.db.in ns1/warn.example.db

54
bin/tests/system/checknames/tests.sh
View File

@ -6,83 +6,81 @@
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
# $Id: tests.sh,v 1.5 2007/06/19 23:47:01 tbox Exp $
SYSTEMTESTTOP=..
. $SYSTEMTESTTOP/conf.sh
status=0
n=1
DIGOPTS="+tcp +noadd +nosea +nostat +nocmd -p 5300"
DIGOPTS="+tcp +noadd +nosea +nostat +nocmd -p ${PORT}"
# Entry should exist.
echo "I: check for failure from on zone load for 'check-names fail;' ($n)"
echo_i "check for failure from on zone load for 'check-names fail;' ($n)"
ret=0
$DIG $DIGOPTS fail.example. @10.53.0.1 a > dig.out.ns1.test$n || ret=1
grep SERVFAIL dig.out.ns1.test$n > /dev/null || ret=1
grep 'xx_xx.fail.example: bad owner name (check-names)' ns1/named.run > /dev/null || ret=1
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
n=`expr $n + 1`
# Entry should exist.
echo "I: check for warnings from on zone load for 'check-names warn;' ($n)"
echo_i "check for warnings from on zone load for 'check-names warn;' ($n)"
ret=0
grep 'xx_xx.warn.example: bad owner name (check-names)' ns1/named.run > /dev/null || ret=1
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
n=`expr $n + 1`
# Entry should not exist.
echo "I: check for warnings from on zone load for 'check-names ignore;' ($n)"
echo_i "check for warnings from on zone load for 'check-names ignore;' ($n)"
ret=1
grep 'yy_yy.ignore.example: bad owner name (check-names)' ns1/named.run || ret=0
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
n=`expr $n + 1`
# Entry should exist
echo "I: check that 'check-names response warn;' works ($n)"
echo_i "check that 'check-names response warn;' works ($n)"
ret=0
$DIG $DIGOPTS +noauth yy_yy.ignore.example. @10.53.0.1 a > dig.out.ns1.test$n || ret=1
$DIG $DIGOPTS +noauth yy_yy.ignore.example. @10.53.0.2 a > dig.out.ns2.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns1.test$n dig.out.ns2.test$n || ret=1
grep "check-names warning yy_yy.ignore.example/A/IN" ns2/named.run > /dev/null || ret=1
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
n=`expr $n + 1`
# Entry should exist
echo "I: check that 'check-names response (owner) fails;' works ($n)"
echo_i "check that 'check-names response (owner) fails;' works ($n)"
ret=0
$DIG $DIGOPTS yy_yy.ignore.example. @10.53.0.1 a > dig.out.ns1.test$n || ret=1
$DIG $DIGOPTS yy_yy.ignore.example. @10.53.0.3 a > dig.out.ns3.test$n || ret=1
grep NOERROR dig.out.ns1.test$n > /dev/null || ret=1
grep REFUSED dig.out.ns3.test$n > /dev/null || ret=1
grep "check-names failure yy_yy.ignore.example/A/IN" ns3/named.run > /dev/null || ret=1
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
n=`expr $n + 1`
# Entry should exist
echo "I: check that 'check-names response (rdata) fails;' works ($n)"
echo_i "check that 'check-names response (rdata) fails;' works ($n)"
ret=0
$DIG $DIGOPTS mx.ignore.example. @10.53.0.1 MX > dig.out.ns1.test$n || ret=1
$DIG $DIGOPTS mx.ignore.example. @10.53.0.3 MX > dig.out.ns3.test$n || ret=1
grep NOERROR dig.out.ns1.test$n > /dev/null || ret=1
grep SERVFAIL dig.out.ns3.test$n > /dev/null || ret=1
grep "check-names failure mx.ignore.example/MX/IN" ns3/named.run > /dev/null || ret=1
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I: check that updates to 'check-names fail;' are rejected ($n)"
echo_i "check that updates to 'check-names fail;' are rejected ($n)"
ret=0
not=1
$NSUPDATE -d <<END > nsupdate.out.test$n 2>&1 || not=0
check-names off
server 10.53.0.1 5300
server 10.53.0.1 ${PORT}
update add xxx_xxx.fail.update. 600 A 10.10.10.1
send
END
@ -90,31 +88,31 @@ if [ $not != 0 ]; then ret=1; fi
$DIG $DIGOPTS xxx_xxx.fail.update @10.53.0.1 A > dig.out.ns1.test$n || ret=1
grep "xxx_xxx.fail.update/A: bad owner name (check-names)" ns1/named.run > /dev/null || ret=1
grep NXDOMAIN dig.out.ns1.test$n > /dev/null || ret=1
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I: check that updates to 'check-names warn;' succeed and are logged ($n)"
echo_i "check that updates to 'check-names warn;' succeed and are logged ($n)"
ret=0
$NSUPDATE -d <<END > nsupdate.out.test$n 2>&1|| ret=1
check-names off
server 10.53.0.1 5300
server 10.53.0.1 ${PORT}
update add xxx_xxx.warn.update. 600 A 10.10.10.1
send
END
$DIG $DIGOPTS xxx_xxx.warn.update @10.53.0.1 A > dig.out.ns1.test$n || ret=1
grep "xxx_xxx.warn.update/A: bad owner name (check-names)" ns1/named.run > /dev/null || ret=1
grep NOERROR dig.out.ns1.test$n > /dev/null || ret=1
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I: check that updates to 'check-names ignore;' succeed and are not logged ($n)"
echo_i "check that updates to 'check-names ignore;' succeed and are not logged ($n)"
ret=0
not=1
$NSUPDATE -d <<END > nsupdate.out.test$n 2>&1 || ret=1
check-names off
server 10.53.0.1 5300
server 10.53.0.1 ${PORT}
update add xxx_xxx.ignore.update. 600 A 10.10.10.1
send
END
@ -122,16 +120,16 @@ grep "xxx_xxx.ignore.update/A.*(check-names)" ns1/named.run > /dev/null || not=0
if [ $not != 0 ]; then ret=1; fi
$DIG $DIGOPTS xxx_xxx.ignore.update @10.53.0.1 A > dig.out.ns1.test$n || ret=1
grep NOERROR dig.out.ns1.test$n > /dev/null || ret=1
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I: check that updates to 'check-names master ignore;' succeed and are not logged ($n)"
echo_i "check that updates to 'check-names master ignore;' succeed and are not logged ($n)"
ret=0
not=1
$NSUPDATE -d <<END > nsupdate.out.test$n 2>&1 || ret=1
check-names off
server 10.53.0.4 5300
server 10.53.0.4 ${PORT}
update add xxx_xxx.master-ignore.update. 600 A 10.10.10.1
send
END
@ -139,9 +137,9 @@ grep "xxx_xxx.master-ignore.update/A.*(check-names)" ns1/named.run > /dev/null |
if [ $not != 0 ]; then ret=1; fi
$DIG $DIGOPTS xxx_xxx.master-ignore.update @10.53.0.4 A > dig.out.ns4.test$n || ret=1
grep NOERROR dig.out.ns4.test$n > /dev/null || ret=1
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I:exit status: $status"
echo_i "exit status: $status"
[ $status -eq 0 ] || exit 1

58
bin/tests/system/checkzone/tests.sh
View File

@ -12,7 +12,7 @@ n=1
for db in zones/good*.db
do
echo "I:checking $db ($n)"
echo_i "checking $db ($n)"
ret=0
case $db in
zones/good-gc-msdcs.db)
@ -26,13 +26,13 @@ do
;;
esac
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
done
for db in zones/bad*.db
do
echo "I:checking $db ($n)"
echo_i "checking $db ($n)"
ret=0
case $db in
zones/bad-dns-sd-reverse.db)
@ -43,11 +43,11 @@ do
;;
esac
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
done
echo "I:checking with journal file ($n)"
echo_i "checking with journal file ($n)"
ret=0
$CHECKZONE -D -o test.orig.db test zones/test1.db > /dev/null 2>&1 || ret=1
$CHECKZONE -D -o test.changed.db test zones/test2.db > /dev/null 2>&1 || ret=1
@ -60,10 +60,10 @@ mv -f test.orig.db.jnl test.journal
$CHECKZONE -D -J test.journal -o test.out2.db test test.orig.db > /dev/null 2>&1 || ret=1
cmp -s test.changed.db test.out2.db || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
echo "I:checking with spf warnings ($n)"
echo_i "checking with spf warnings ($n)"
ret=0
$CHECKZONE example zones/spf.db > test.out1.$n 2>&1 || ret=1
$CHECKZONE -T ignore example zones/spf.db > test.out2.$n 2>&1 || ret=1
@ -74,66 +74,66 @@ grep "'x.example' found type SPF" test.out2.$n > /dev/null && ret=1
grep "'y.example' found type SPF" test.out2.$n > /dev/null && ret=1
grep "'example' found type SPF" test.out2.$n > /dev/null && ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
echo "I:checking with max ttl (text) ($n)"
echo_i "checking with max ttl (text) ($n)"
ret=0
$CHECKZONE -l 300 example zones/good1.db > test.out1.$n 2>&1 && ret=1
$CHECKZONE -l 600 example zones/good1.db > test.out2.$n 2>&1 || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
echo "I:checking with max ttl (raw) ($n)"
echo_i "checking with max ttl (raw) ($n)"
ret=0
$CHECKZONE -f raw -l 300 example good1.db.raw > test.out1.$n 2>&1 && ret=1
$CHECKZONE -f raw -l 600 example good1.db.raw > test.out2.$n 2>&1 || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
echo "I:checking with max ttl (map) ($n)"
echo_i "checking with max ttl (map) ($n)"
ret=0
$CHECKZONE -f map -l 300 example good1.db.map > test.out1.$n 2>&1 && ret=1
$CHECKZONE -f map -l 600 example good1.db.map > test.out2.$n 2>&1 || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
echo "I:checking for no 'inherited owner' warning on '\$INCLUDE file' with no new \$ORIGIN ($n)"
echo_i "checking for no 'inherited owner' warning on '\$INCLUDE file' with no new \$ORIGIN ($n)"
ret=0
$CHECKZONE example zones/nowarn.inherited.owner.db > test.out1.$n 2>&1 || ret=1
grep "inherited.owner" test.out1.$n > /dev/null && ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
echo "I:checking for 'inherited owner' warning on '\$ORIGIN + \$INCLUDE file' ($n)"
echo_i "checking for 'inherited owner' warning on '\$ORIGIN + \$INCLUDE file' ($n)"
ret=0
$CHECKZONE example zones/warn.inherit.origin.db > test.out1.$n 2>&1 || ret=1
grep "inherited.owner" test.out1.$n > /dev/null || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
echo "I:checking for 'inherited owner' warning on '\$INCLUDE file origin' ($n)"
echo_i "checking for 'inherited owner' warning on '\$INCLUDE file origin' ($n)"
ret=0
$CHECKZONE example zones/warn.inherited.owner.db > test.out1.$n 2>&1 || ret=1
grep "inherited.owner" test.out1.$n > /dev/null || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
echo "I:checking that raw zone with bad class is handled ($n)"
echo_i "checking that raw zone with bad class is handled ($n)"
ret=0
$CHECKZONE -f raw example zones/bad-badclass.raw > test.out.$n 2>&1 && ret=1
grep "failed: bad class" test.out.$n >/dev/null || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
echo "I:checking that expirations that loop using serial arithmetic are handled ($n)"
echo_i "checking that expirations that loop using serial arithmetic are handled ($n)"
ret=0
q=-q
test $ret -eq 1 || $CHECKZONE $q dyn.example.net zones/crashzone.db || ret=1
@ -159,24 +159,24 @@ test $ret -eq 1 || $CHECKZONE $q dyn.example.net zones/crashzone.db || ret=1
test $ret -eq 1 || $CHECKZONE $q dyn.example.net zones/crashzone.db || ret=1
test $ret -eq 1 || $CHECKZONE $q dyn.example.net zones/crashzone.db || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
echo "I:checking that nameserver below DNAME is reported even with occulted address record present ($n)"
echo_i "checking that nameserver below DNAME is reported even with occulted address record present ($n)"
ret=0
$CHECKZONE example.com zones/ns-address-below-dname.db > test.out.$n 2>&1 && ret=1
grep "is below a DNAME" test.out.$n >/dev/null || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
echo "I:checking that delegating nameserver below DNAME is reported even with occulted address record present ($n)"
echo_i "checking that delegating nameserver below DNAME is reported even with occulted address record present ($n)"
ret=0
$CHECKZONE example.com zones/delegating-ns-address-below-dname.db > test.out.$n 2>&1 || ret=1
grep "is below a DNAME" test.out.$n >/dev/null || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
echo "I:exit status: $status"
echo_i "exit status: $status"
[ $status -eq 0 ] || exit 1

2
bin/tests/system/cleanall.sh
View File

@ -22,6 +22,8 @@ find . -type f \( \
status=0
rm -f $SYSTEMTESTTOP/random.data
for d in $SUBDIRS
do
test ! -f $d/clean.sh || ( cd $d && $SHELL clean.sh )

55
bin/tests/system/conf.sh.in
View File

@ -71,31 +71,38 @@ KRB5_CONFIG=/dev/null
# The "stress" test is not run by default since it creates enough
# load on the machine to make it unusable to other users.
# v6synth
# The "dialup" and "delzone" tests are also not run by default because
# they take a very long time to complete.
#
# List of tests that use ports 5300 and 9953. For this reason, these must
# be run sequentially.
SEQUENTIALDIRS="acl additional addzone auth autosign builtin \
cacheclean case cds chain \
checkconf @CHECKDS@ checknames checkzone cookie @COVERAGE@ \
database digdelv dlv dlz dlzexternal \
dns64 dnssec @DNSTAP@ dscp dsdigest dyndb ecdsa eddsa \
emptyzones fetchlimit filter-aaaa formerr geoip glue gost \
inline integrity ixfr keepalive @KEYMGR@ legacy limits \
logfileconfig masterfile masterformat metadata mkeys \
names notify nslookup nsupdate nzd2nzf padding pending \
pipelined @PKCS11_TEST@ reclimit redirect resolver rndc \
rpz rrchecker rrl rrsetorder rsabigexponent \
runtime sfcache smartsign sortlist spf staticstub \
statistics statschannel stub synthfromdnssec tcp tkey tools \
tsig tsiggss unknown upforwd verify views wildcard xfer \
xferquota zero zonechecks"
# List of tests hard-coded to use ports 5300 and 9953. For this
# reason, these must be run sequentially.
SEQUENTIALDIRS="ecdsa eddsa gost @PKCS11_TEST@ tkey"
# List of tests that use unique ports (other than 5300 and 9953). These
# tests can be run in parallel.
# List of tests that use ports assigned by caller (other than 5300
# and 9953). Because separate blocks of ports can be used for teach
# test, these tests can be run in parallel.
#
# This symbol must be kept in step with the PARALLEL macro in Makefile.in
PARALLELDIRS="allow_query catz rpzrecurse serve-stale"
PARALLELDIRS="acl additional addzone allow_query auth autosign \
builtin cacheclean case catz cds chain \
checkconf checknames checkzone \
@CHECKDS@ @COVERAGE@ @KEYMGR@ \
cookie database digdelv dlv dlz dlzexternal \
dns64 dnssec @DNSTAP@ dscp dsdigest dyndb \
ednscompliance emptyzones \
fetchlimit filter-aaaa formerr forward \
geoip glue inline integrity ixfr keepalive \
legacy limits logfileconfig \
masterfile masterformat metadata mkeys \
names notify nslookup nsupdate nzd2nzf \
padding pending pipelined \
reclimit redirect resolver rndc rpz rpzrecurse \
rrchecker rrlrrsetorder rsabigexponent runtime \
serve-stale sfcache smartsign sortlist \
spf staticstub statistics statschannel stub synthfromdnssec \
tcp tools tsig tsiggss \
unknown upforwd verify views wildcard \
xfer xferquota zero zonechecks"
SUBDIRS="$SEQUENTIALDIRS $PARALLELDIRS"
@ -224,6 +231,12 @@ echo_i() {
done
}
cat_i() {
while read LINE ; do
echoinfo "I:$SYSTESTDIR:$LINE"
done
}
#
# Useful functions in test scripts
#

1
bin/tests/system/cookie/clean.sh
View File

@ -4,6 +4,7 @@
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
rm -f ns*/named.conf
rm -f dig.out.*
rm -f ns1/named_dump.db
rm -f ns*/named.memstats

4
bin/tests/system/cookie/ns1/named.conf → bin/tests/system/cookie/ns1/named.conf.in
View File

@ -12,14 +12,14 @@ key rndc_key {
};
controls {
inet 10.53.0.1 port 9953 allow { any; } keys { rndc_key; };
inet 10.53.0.1 port @CONTROLPORT@ allow { any; } keys { rndc_key; };
};
options {
query-source address 10.53.0.1 dscp 1;
notify-source 10.53.0.1 dscp 2;
transfer-source 10.53.0.1 dscp 3;
port 5300;
port @PORT@;
pid-file "named.pid";
listen-on { 10.53.0.1; };
listen-on-v6 { none; };

4
bin/tests/system/cookie/ns2/named.conf → bin/tests/system/cookie/ns2/named.conf.in
View File

@ -6,13 +6,11 @@
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
*/
controls { /* empty */ };
options {
query-source address 10.53.0.2 dscp 1;
notify-source 10.53.0.2 dscp 2;
transfer-source 10.53.0.2 dscp 3;
port 5300;
port @PORT@;
pid-file "named.pid";
listen-on { 10.53.0.2; };
listen-on-v6 { none; };

4
bin/tests/system/cookie/ns3/named.conf → bin/tests/system/cookie/ns3/named.conf.in
View File

@ -12,14 +12,14 @@ key rndc_key {
};
controls {
inet 10.53.0.3 port 9953 allow { any; } keys { rndc_key; };
inet 10.53.0.3 port @CONTROLPORT@ allow { any; } keys { rndc_key; };
};
options {
query-source address 10.53.0.3 dscp 1;
notify-source 10.53.0.3 dscp 2;
transfer-source 10.53.0.3 dscp 3;
port 5300;
port @PORT@;
pid-file "named.pid";
listen-on { 10.53.0.3; };
listen-on-v6 { none; };

4
bin/tests/system/cookie/ns4/named.conf → bin/tests/system/cookie/ns4/named.conf.in
View File

@ -12,14 +12,14 @@ key rndc_key {
};
controls {
inet 10.53.0.4 port 9953 allow { any; } keys { rndc_key; };
inet 10.53.0.4 port @CONTROLPORT@ allow { any; } keys { rndc_key; };
};
options {
query-source address 10.53.0.4;
notify-source 10.53.0.4;
transfer-source 10.53.0.4;
port 5300;
port @PORT@;
pid-file "named.pid";
listen-on { 10.53.0.4; };
listen-on-v6 { none; };

4
bin/tests/system/cookie/ns5/named.conf → bin/tests/system/cookie/ns5/named.conf.in
View File

@ -12,14 +12,14 @@ key rndc_key {
};
controls {
inet 10.53.0.5 port 9953 allow { any; } keys { rndc_key; };
inet 10.53.0.5 port @CONTROLPORT@ allow { any; } keys { rndc_key; };
};
options {
query-source address 10.53.0.5;
notify-source 10.53.0.5;
transfer-source 10.53.0.5;
port 5300;
port @PORT@;
pid-file "named.pid";
listen-on { 10.53.0.5; };
listen-on-v6 { none; };

4
bin/tests/system/cookie/ns6/named.conf → bin/tests/system/cookie/ns6/named.conf.in
View File

@ -12,14 +12,14 @@ key rndc_key {
};
controls {
inet 10.53.0.6 port 9953 allow { any; } keys { rndc_key; };
inet 10.53.0.6 port @CONTROLPORT@ allow { any; } keys { rndc_key; };
};
options {
query-source address 10.53.0.6;
notify-source 10.53.0.6;
transfer-source 10.53.0.6;
port 5300;
port @PORT@;
pid-file "named.pid";
listen-on { 10.53.0.6; };
listen-on-v6 { none; };

18
bin/tests/system/cookie/setup.sh Normal file
View File

@ -0,0 +1,18 @@
#!/bin/sh
#
# Copyright (C) 2018 Internet Systems Consortium, Inc. ("ISC")
#
# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
SYSTEMTESTTOP=..
. $SYSTEMTESTTOP/conf.sh
$SHELL clean.sh
copy_setports ns1/named.conf.in ns1/named.conf
copy_setports ns2/named.conf.in ns2/named.conf
copy_setports ns3/named.conf.in ns3/named.conf
copy_setports ns4/named.conf.in ns4/named.conf
copy_setports ns5/named.conf.in ns5/named.conf
copy_setports ns6/named.conf.in ns6/named.conf

125
bin/tests/system/cookie/tests.sh
View File

@ -6,11 +6,12 @@
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
# $Id: tests.sh,v 1.22 2012/02/09 23:47:18 tbox Exp $
SYSTEMTESTTOP=..
. $SYSTEMTESTTOP/conf.sh
DIGOPTS="-p ${PORT}"
RNDCCMD="$RNDC -c $SYSTEMTESTTOP/common/rndc.conf -p ${CONTROLPORT} -s"
status=0
n=0
@ -33,109 +34,109 @@ havetc() {
for bad in bad*.conf
do
n=`expr $n + 1`
echo "I:checking that named-checkconf detects error in $bad ($n)"
echo_i "checking that named-checkconf detects error in $bad ($n)"
ret=0
$CHECKCONF $bad > /dev/null 2>&1 && ret=1
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
done
for good in good*.conf
do
n=`expr $n + 1`
echo "I:checking that named-checkconf detects accepts $good ($n)"
echo_i "checking that named-checkconf detects accepts $good ($n)"
ret=0
$CHECKCONF $good > /dev/null 2>&1 || ret=1
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
done
n=`expr $n + 1`
echo "I:checking COOKIE token returned to empty COOKIE option ($n)"
echo_i "checking COOKIE token returned to empty COOKIE option ($n)"
ret=0
$DIG +qr +cookie version.bind txt ch @10.53.0.1 -p 5300 > dig.out.test$n
$DIG $DIGOPTS +qr +cookie version.bind txt ch @10.53.0.1 > dig.out.test$n
grep COOKIE: dig.out.test$n > /dev/null || ret=1
grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I:checking response size without COOKIE ($n)"
echo_i "checking response size without COOKIE ($n)"
ret=0
$DIG large.example txt @10.53.0.1 -p 5300 +ignore > dig.out.test$n
$DIG $DIGOPTS large.example txt @10.53.0.1 +ignore > dig.out.test$n
havetc dig.out.test$n || ret=1
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I:checking response size without valid COOKIE ($n)"
echo_i "checking response size without valid COOKIE ($n)"
ret=0
$DIG +cookie large.example txt @10.53.0.1 -p 5300 +ignore > dig.out.test$n
$DIG $DIGOPTS +cookie large.example txt @10.53.0.1 +ignore > dig.out.test$n
havetc dig.out.test$n || ret=1
grep "; COOKIE:.*(good)" dig.out.test$n > /dev/null || ret=1
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I:checking response size with COOKIE ($n)"
echo_i "checking response size with COOKIE ($n)"
ret=0
$DIG +cookie large.example txt @10.53.0.1 -p 5300 > dig.out.test$n.l
$DIG $DIGOPTS +cookie large.example txt @10.53.0.1 > dig.out.test$n.l
cookie=`getcookie dig.out.test$n.l`
$DIG +qr +cookie=$cookie large.example txt @10.53.0.1 -p 5300 +ignore > dig.out.test$n
$DIG $DIGOPTS +qr +cookie=$cookie large.example txt @10.53.0.1 +ignore > dig.out.test$n
havetc dig.out.test$n && ret=1
grep "; COOKIE:.*(good)" dig.out.test$n > /dev/null || ret=1
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I:checking response size with COOKIE recursive ($n)"
echo_i "checking response size with COOKIE recursive ($n)"
ret=0
$DIG +qr +cookie=$cookie large.xxx txt @10.53.0.1 -p 5300 +ignore > dig.out.test$n
$DIG $DIGOPTS +qr +cookie=$cookie large.xxx txt @10.53.0.1 +ignore > dig.out.test$n
havetc dig.out.test$n && ret=1
grep "; COOKIE:.*(good)" dig.out.test$n > /dev/null || ret=1
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I:checking COOKIE is learnt for TCP retry ($n)"
echo_i "checking COOKIE is learnt for TCP retry ($n)"
ret=0
$DIG +qr +cookie large.example txt @10.53.0.1 -p 5300 > dig.out.test$n
$DIG $DIGOPTS +qr +cookie large.example txt @10.53.0.1 > dig.out.test$n
linecount=`getcookie dig.out.test$n | wc -l`
if [ $linecount != 3 ]; then ret=1; fi
checkfull=`getcookie dig.out.test$n | fullcookie`
if [ $checkfull != 1 ]; then ret=1; fi
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I:checking for COOKIE value in adb ($n)"
echo_i "checking for COOKIE value in adb ($n)"
ret=0
$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 dumpdb
$RNDCCMD 10.53.0.1 dumpdb
sleep 1
grep "10.53.0.2.*\[cookie=" ns1/named_dump.db > /dev/null|| ret=1
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I:checking require-server-cookie default (no) ($n)"
echo_i "checking require-server-cookie default (no) ($n)"
ret=0
$DIG +qr +cookie +nobadcookie soa @10.53.0.1 -p 5300 > dig.out.test$n
$DIG $DIGOPTS +qr +cookie +nobadcookie soa @10.53.0.1 > dig.out.test$n
grep BADCOOKIE dig.out.test$n > /dev/null && ret=1
linecount=`getcookie dig.out.test$n | wc -l`
if [ $linecount != 2 ]; then ret=1; fi
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I:checking require-server-cookie yes ($n)"
echo_i "checking require-server-cookie yes ($n)"
ret=0
$DIG +qr +cookie +nobadcookie soa @10.53.0.3 -p 5300 > dig.out.test$n
$DIG $DIGOPTS +qr +cookie +nobadcookie soa @10.53.0.3 > dig.out.test$n
grep "flags: qr[^;]* aa[ ;]" dig.out.test$n > /dev/null && ret=1
grep "flags: qr[^;]* ad[ ;]" dig.out.test$n > /dev/null && ret=1
grep BADCOOKIE dig.out.test$n > /dev/null || ret=1
linecount=`getcookie dig.out.test$n | wc -l`
if [ $linecount != 2 ]; then ret=1; fi
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
#
@ -156,87 +157,87 @@ status=`expr $status + $ret`
#
n=`expr $n + 1`
echo "I:get NS4 cookie for cross server checking ($n)"
echo_i "get NS4 cookie for cross server checking ($n)"
ret=0
$DIG +cookie -b 10.53.0.4 soa . @10.53.0.4 -p 5300 > dig.out.test$n
$DIG $DIGOPTS +cookie -b 10.53.0.4 soa . @10.53.0.4 > dig.out.test$n
grep "; COOKIE:.*(good)" dig.out.test$n > /dev/null || ret=1
ns4cookie=`getcookie dig.out.test$n`
test -n "$ns4cookie" || ret=1
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I:get NS5 cookie for cross server checking ($n)"
echo_i "get NS5 cookie for cross server checking ($n)"
ret=0
$DIG +cookie -b 10.53.0.4 soa . @10.53.0.5 -p 5300 > dig.out.test$n
$DIG $DIGOPTS +cookie -b 10.53.0.4 soa . @10.53.0.5 > dig.out.test$n
grep "; COOKIE:.*(good)" dig.out.test$n > /dev/null || ret=1
ns5cookie=`getcookie dig.out.test$n`
test -n "$ns5cookie" || ret=1
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I:get NS6 cookie for cross server checking ($n)"
echo_i "get NS6 cookie for cross server checking ($n)"
ret=0
$DIG +cookie -b 10.53.0.4 soa . @10.53.0.6 -p 5300 > dig.out.test$n
$DIG $DIGOPTS +cookie -b 10.53.0.4 soa . @10.53.0.6 > dig.out.test$n
grep "; COOKIE:.*(good)" dig.out.test$n > /dev/null || ret=1
ns6cookie=`getcookie dig.out.test$n`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I:test NS4 cookie on NS5 (expect success) ($n)"
echo_i "test NS4 cookie on NS5 (expect success) ($n)"
ret=0
$DIG +cookie=$ns4cookie -b 10.53.0.4 +nobadcookie soa . @10.53.0.5 -p 5300 > dig.out.test$n
$DIG $DIGOPTS +cookie=$ns4cookie -b 10.53.0.4 +nobadcookie soa . @10.53.0.5 > dig.out.test$n
grep "; COOKIE:.*(good)" dig.out.test$n > /dev/null || ret=1
grep "status: NOERROR," dig.out.test$n > /dev/null || ret=1
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I:test NS4 cookie on NS6 (expect badcookie) ($n)"
echo_i "test NS4 cookie on NS6 (expect badcookie) ($n)"
ret=0
$DIG +cookie=$ns4cookie -b 10.53.0.4 +nobadcookie soa . @10.53.0.6 -p 5300 > dig.out.test$n
$DIG $DIGOPTS +cookie=$ns4cookie -b 10.53.0.4 +nobadcookie soa . @10.53.0.6 > dig.out.test$n
grep "; COOKIE:.*(good)" dig.out.test$n > /dev/null || ret=1
grep "status: BADCOOKIE," dig.out.test$n > /dev/null || ret=1
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I:test NS5 cookie on NS4 (expect success) ($n)"
echo_i "test NS5 cookie on NS4 (expect success) ($n)"
ret=0
$DIG +cookie=$ns5cookie -b 10.53.0.4 +nobadcookie soa . @10.53.0.4 -p 5300 > dig.out.test$n
$DIG $DIGOPTS +cookie=$ns5cookie -b 10.53.0.4 +nobadcookie soa . @10.53.0.4 > dig.out.test$n
grep "; COOKIE:.*(good)" dig.out.test$n > /dev/null || ret=1
grep "status: NOERROR," dig.out.test$n > /dev/null || ret=1
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I:test NS5 cookie on NS6 (expect badcookie) ($n)"
echo_i "test NS5 cookie on NS6 (expect badcookie) ($n)"
ret=0
$DIG +cookie=$ns5cookie -b 10.53.0.4 +nobadcookie soa . @10.53.0.6 -p 5300 > dig.out.test$n
$DIG $DIGOPTS +cookie=$ns5cookie -b 10.53.0.4 +nobadcookie soa . @10.53.0.6 > dig.out.test$n
grep "; COOKIE:.*(good)" dig.out.test$n > /dev/null || ret=1
grep "status: BADCOOKIE," dig.out.test$n > /dev/null || ret=1
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I:test NS6 cookie on NS4 (expect badcookie) ($n)"
echo_i "test NS6 cookie on NS4 (expect badcookie) ($n)"
ret=0
$DIG +cookie=$ns6cookie -b 10.53.0.4 +nobadcookie soa . @10.53.0.4 -p 5300 > dig.out.test$n
$DIG $DIGOPTS +cookie=$ns6cookie -b 10.53.0.4 +nobadcookie soa . @10.53.0.4 > dig.out.test$n
grep "; COOKIE:.*(good)" dig.out.test$n > /dev/null || ret=1
grep "status: BADCOOKIE," dig.out.test$n > /dev/null || ret=1
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo "I:test NS6 cookie on NS5 (expect success) ($n)"
echo_i "test NS6 cookie on NS5 (expect success) ($n)"
ret=0
$DIG +cookie=$ns6cookie -b 10.53.0.4 +nobadcookie soa . @10.53.0.5 -p 5300 > dig.out.test$n
$DIG $DIGOPTS +cookie=$ns6cookie -b 10.53.0.4 +nobadcookie soa . @10.53.0.5 > dig.out.test$n
grep "; COOKIE:.*(good)" dig.out.test$n > /dev/null || ret=1
grep "status: NOERROR," dig.out.test$n > /dev/null || ret=1
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
echo "I:exit status: $status"
echo_i "exit status: $status"
[ $status -eq 0 ] || exit 1

2
bin/tests/system/coverage/prereq.sh
View File

@ -1,6 +1,6 @@
#!/bin/sh
#
# Copyright (C) 2014, 2016 Internet Systems Consortium, Inc. ("ISC")
# Copyright (C) 2018 Internet Systems Consortium, Inc. ("ISC")
#
# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this

8
bin/tests/system/coverage/tests.sh
View File

@ -24,11 +24,11 @@ matchall () {
done
}
echo "I:checking for DNSSEC key coverage issues"
echo_i "checking for DNSSEC key coverage issues"
ret=0
for dir in [0-9][0-9]-*; do
ret=0
echo "I:$dir"
echo_i "$dir"
args= warn= error= ok= retcode= match=
. $dir/expect
$COVERAGE $args -K $dir example.com > coverage.$n 2>&1
@ -68,9 +68,9 @@ for dir in [0-9][0-9]-*; do
fi
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
done
echo "I:exit status: $status"
echo_i "exit status: $status"
[ $status -eq 0 ] || exit 1

2
bin/tests/system/database/clean.sh
View File

@ -6,8 +6,6 @@
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
# $Id: clean.sh,v 1.3 2011/03/01 23:48:05 tbox Exp $
rm -f ns1/named.conf ns1/named.run ns1/named.memstats
rm -f dig.out.*
rm -f ns*/named.lock

6
bin/tests/system/database/ns1/named.conf1 → bin/tests/system/database/ns1/named1.conf.in
View File

@ -6,8 +6,6 @@
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
*/
/* $Id: named.conf1,v 1.3 2011/03/01 23:48:06 tbox Exp $ */
// NS1
key rndc_key {
@ -16,14 +14,14 @@ key rndc_key {
};
controls {
inet 10.53.0.1 port 9953 allow { any; } keys { rndc_key; };
inet 10.53.0.1 port @CONTROLPORT@ allow { any; } keys { rndc_key; };
};
options {
query-source address 10.53.0.1;
notify-source 10.53.0.1;
transfer-source 10.53.0.1;
port 5300;
port @PORT@;
pid-file "named.pid";
listen-on { 10.53.0.1; };
listen-on-v6 { none; };

Some files were not shown because too many files have changed in this diff Show More