From c032c54dda2d75c0ec68017e1331bc9880c03ae1 Mon Sep 17 00:00:00 2001 From: Evan Hunt Date: Tue, 20 Feb 2018 15:43:27 -0800 Subject: [PATCH] parallelize most system tests --- bin/tests/system/Makefile.in | 27 +- bin/tests/system/README | 2 +- bin/tests/system/acl/clean.sh | 3 +- .../acl/ns2/{named1.conf => named1.conf.in} | 13 +- .../acl/ns2/{named2.conf => named2.conf.in} | 13 +- .../acl/ns2/{named3.conf => named3.conf.in} | 13 +- .../acl/ns2/{named4.conf => named4.conf.in} | 13 +- .../acl/ns2/{named5.conf => named5.conf.in} | 13 +- .../acl/ns2/{named6.conf => named6.conf.in} | 13 +- .../acl/ns2/{named7.conf => named7.conf.in} | 13 +- .../acl/ns3/{named.conf => named.conf.in} | 4 +- .../acl/ns4/{named.conf => named.conf.in} | 4 +- bin/tests/system/acl/setup.sh | 5 +- bin/tests/system/acl/tests.sh | 191 ++- bin/tests/system/additional/clean.sh | 2 +- .../ns1/{named1.conf => named1.conf.in} | 6 +- .../ns1/{named2.conf => named2.conf.in} | 6 +- .../ns1/{named3.conf => named3.conf.in} | 4 +- .../ns1/{named4.conf => named4.conf.in} | 4 +- .../ns3/{named.conf => named.conf.in} | 2 +- bin/tests/system/additional/setup.sh | 7 +- bin/tests/system/additional/tests.sh | 171 +-- bin/tests/system/addzone/clean.sh | 2 +- .../addzone/ns1/{named.conf => named.conf.in} | 4 +- .../ns2/{named1.conf => named1.conf.in} | 12 +- .../ns2/{named2.conf => named2.conf.in} | 9 +- .../ns2/{named3.conf => named3.conf.in} | 8 +- .../ns3/{named1.conf => named1.conf.in} | 9 +- .../ns3/{named2.conf => named2.conf.in} | 9 +- bin/tests/system/addzone/setup.sh | 7 +- bin/tests/system/addzone/tests.sh | 410 +++--- bin/tests/system/allow_query/setup.sh | 2 - bin/tests/system/ans.pl | 20 +- bin/tests/system/auth/clean.sh | 1 + .../auth/ns1/{named.conf => named.conf.in} | 4 +- .../auth/ns2/{named.conf => named.conf.in} | 4 +- bin/tests/system/auth/setup.sh | 14 + bin/tests/system/auth/tests.sh | 58 +- bin/tests/system/autosign/clean.sh | 1 + .../ns1/{named.conf => named.conf.in} | 8 +- .../ns2/{named.conf => named.conf.in} | 8 +- .../ns3/{named.conf => named.conf.in} | 4 +- .../ns4/{named.conf => named.conf.in} | 4 +- .../ns5/{named.conf => named.conf.in} | 6 +- bin/tests/system/autosign/setup.sh | 6 + bin/tests/system/autosign/tests.sh | 481 +++--- bin/tests/system/builtin/clean.sh | 1 + .../builtin/ns1/{named.conf => named.conf.in} | 8 +- .../builtin/ns2/{named.conf => named.conf.in} | 8 +- .../builtin/ns3/{named.conf => named.conf.in} | 8 +- bin/tests/system/builtin/setup.sh | 15 + bin/tests/system/builtin/tests.sh | 85 +- bin/tests/system/cacheclean/clean.sh | 1 + .../ns1/{named.conf => named.conf.in} | 4 +- .../ns2/{named.conf => named.conf.in} | 6 +- bin/tests/system/cacheclean/setup.sh | 14 + bin/tests/system/cacheclean/tests.sh | 78 +- bin/tests/system/case/clean.sh | 1 + .../case/ns1/{named.conf => named.conf.in} | 4 +- .../case/ns2/{named.conf => named.conf.in} | 4 +- bin/tests/system/case/setup.sh | 9 +- bin/tests/system/case/tests.sh | 66 +- bin/tests/system/catz/tests.sh | 2 +- bin/tests/system/cds/tests.sh | 6 +- bin/tests/system/chain/ans3/ans.pl | 5 +- bin/tests/system/chain/ans4/README.anspy | 5 +- bin/tests/system/chain/ans4/ans.py | 19 +- bin/tests/system/chain/clean.sh | 1 + .../chain/ns1/{named.conf => named.conf.in} | 4 +- .../chain/ns2/{named.conf => named.conf.in} | 4 +- .../chain/ns5/{named.conf => named.conf.in} | 4 +- .../chain/ns7/{named.conf => named.conf.in} | 6 +- bin/tests/system/chain/prereq.sh | 10 +- bin/tests/system/chain/setup.sh | 5 + bin/tests/system/chain/tests.sh | 145 +- bin/tests/system/checkconf/tests.sh | 166 +-- bin/tests/system/checkds/tests.sh | 70 +- bin/tests/system/checknames/clean.sh | 3 +- .../ns1/{named.conf => named.conf.in} | 6 +- .../ns2/{named.conf => named.conf.in} | 6 +- .../ns3/{named.conf => named.conf.in} | 6 +- .../ns4/{named.conf => named.conf.in} | 6 +- bin/tests/system/checknames/setup.sh | 10 +- bin/tests/system/checknames/tests.sh | 54 +- bin/tests/system/checkzone/tests.sh | 58 +- bin/tests/system/cleanall.sh | 2 + bin/tests/system/conf.sh.in | 55 +- bin/tests/system/cookie/clean.sh | 1 + .../cookie/ns1/{named.conf => named.conf.in} | 4 +- .../cookie/ns2/{named.conf => named.conf.in} | 4 +- .../cookie/ns3/{named.conf => named.conf.in} | 4 +- .../cookie/ns4/{named.conf => named.conf.in} | 4 +- .../cookie/ns5/{named.conf => named.conf.in} | 4 +- .../cookie/ns6/{named.conf => named.conf.in} | 4 +- bin/tests/system/cookie/setup.sh | 18 + bin/tests/system/cookie/tests.sh | 125 +- bin/tests/system/coverage/prereq.sh | 2 +- bin/tests/system/coverage/tests.sh | 8 +- bin/tests/system/database/clean.sh | 2 - .../ns1/{named.conf1 => named1.conf.in} | 6 +- .../ns1/{named.conf2 => named2.conf.in} | 6 +- bin/tests/system/database/setup.sh | 6 +- bin/tests/system/database/tests.sh | 18 +- bin/tests/system/digdelv/clean.sh | 1 + .../digdelv/ns1/{named.conf => named.conf.in} | 5 +- .../digdelv/ns2/{named.conf => named.conf.in} | 4 +- .../digdelv/ns3/{named.conf => named.conf.in} | 4 +- bin/tests/system/digdelv/setup.sh | 15 + bin/tests/system/digdelv/tests.sh | 306 ++-- bin/tests/system/dlv/clean.sh | 1 + .../dlv/ns1/{named.conf => named.conf.in} | 6 +- bin/tests/system/dlv/ns1/sign.sh | 4 +- .../dlv/ns2/{named.conf => named.conf.in} | 6 +- bin/tests/system/dlv/ns2/sign.sh | 4 +- .../dlv/ns3/{named.conf => named.conf.in} | 6 +- bin/tests/system/dlv/ns3/sign.sh | 36 +- .../dlv/ns4/{named.conf => named.conf.in} | 6 +- bin/tests/system/dlv/ns5/named.conf | 58 - bin/tests/system/dlv/ns5/named.conf.in | 27 + .../dlv/ns6/{named.conf => named.conf.in} | 6 +- bin/tests/system/dlv/ns6/sign.sh | 34 +- bin/tests/system/dlv/setup.sh | 7 + bin/tests/system/dlv/tests.sh | 22 +- bin/tests/system/dlz/clean.sh | 3 +- .../dlz/ns1/{named.conf => named.conf.in} | 6 +- bin/tests/system/dlz/prereq.sh.in | 7 +- bin/tests/system/dlz/setup.sh | 13 + bin/tests/system/dlz/tests.sh | 26 +- bin/tests/system/dlzexternal/clean.sh | 1 + bin/tests/system/dlzexternal/ns1/.gitignore | 1 + bin/tests/system/dlzexternal/ns1/dlzs.conf.in | 30 + .../system/dlzexternal/ns1/named.conf.in | 31 +- bin/tests/system/dlzexternal/prereq.sh | 2 +- bin/tests/system/dlzexternal/setup.sh | 2 + bin/tests/system/dlzexternal/tests.sh | 79 +- bin/tests/system/dns64/clean.sh | 1 + .../dns64/ns1/{named.conf => named.conf.in} | 6 +- .../dns64/ns2/{named.conf => named.conf.in} | 6 +- bin/tests/system/dns64/setup.sh | 3 + bin/tests/system/dns64/tests.sh | 598 ++++---- bin/tests/system/dnssec/clean.sh | 3 +- bin/tests/system/dnssec/dnssec_update_test.pl | 12 +- .../dnssec/ns1/{named.conf => named.conf.in} | 4 +- .../dnssec/ns2/{named.conf => named.conf.in} | 4 +- .../dnssec/ns3/{named.conf => named.conf.in} | 6 +- .../ns4/{named1.conf => named1.conf.in} | 6 +- .../ns4/{named2.conf => named2.conf.in} | 6 +- .../ns4/{named3.conf => named3.conf.in} | 6 +- .../ns4/{named4.conf => named4.conf.in} | 6 +- .../ns5/{named1.conf => named1.conf.in} | 6 +- .../ns5/{named2.conf => named2.conf.in} | 6 +- .../dnssec/ns6/{named.conf => named.conf.in} | 6 +- .../dnssec/ns7/{named.conf => named.conf.in} | 6 +- bin/tests/system/dnssec/prereq.sh | 2 +- bin/tests/system/dnssec/setup.sh | 26 +- bin/tests/system/dnssec/tests.sh | 1302 +++++++++-------- bin/tests/system/dnstap/clean.sh | 1 + .../dnstap/ns1/{named.conf => named.conf.in} | 6 +- .../dnstap/ns2/{named.conf => named.conf.in} | 13 +- .../dnstap/ns3/{named.conf => named.conf.in} | 6 +- .../dnstap/ns4/{named.conf => named.conf.in} | 6 +- bin/tests/system/dnstap/setup.sh | 16 + bin/tests/system/dnstap/tests.sh | 309 ++-- bin/tests/system/dnstap/ydump.py | 2 +- bin/tests/system/dscp/clean.sh | 1 + .../dscp/ns1/{named.conf => named.conf.in} | 4 +- .../dscp/ns2/{named.conf => named.conf.in} | 4 +- .../dscp/ns3/{named.conf => named.conf.in} | 4 +- .../dscp/ns4/{named.conf => named.conf.in} | 4 +- .../dscp/ns5/{named.conf => named.conf.in} | 4 +- .../dscp/ns6/{named.conf => named.conf.in} | 4 +- .../dscp/ns7/{named.conf => named.conf.in} | 4 +- bin/tests/system/dscp/setup.sh | 19 + bin/tests/system/dscp/tests.sh | 10 +- bin/tests/system/dsdigest/clean.sh | 1 + .../ns1/{named.conf => named.conf.in} | 4 +- .../ns2/{named.conf => named.conf.in} | 4 +- .../ns3/{named.conf => named.conf.in} | 4 +- .../ns4/{named.conf => named.conf.in} | 4 +- bin/tests/system/dsdigest/prereq.sh | 2 +- bin/tests/system/dsdigest/setup.sh | 5 + bin/tests/system/dsdigest/tests.sh | 18 +- bin/tests/system/dyndb/clean.sh | 2 + .../dyndb/ns1/{named.conf => named.conf.in} | 4 +- bin/tests/system/dyndb/prereq.sh | 2 +- bin/tests/system/dyndb/setup.sh | 13 + bin/tests/system/dyndb/tests.sh | 33 +- bin/tests/system/ednscompliance/clean.sh | 1 + .../ns1/{named.conf => named.conf.in} | 5 +- bin/tests/system/ednscompliance/setup.sh | 13 + bin/tests/system/ednscompliance/tests.sh | 58 +- .../ns1/{named1.conf => named1.conf.in} | 6 +- .../ns1/{named2.conf => named2.conf.in} | 6 +- bin/tests/system/emptyzones/setup.sh | 6 +- bin/tests/system/emptyzones/tests.sh | 25 +- bin/tests/system/fetchlimit/ans4/ans.pl | 5 +- bin/tests/system/fetchlimit/clean.sh | 4 +- .../ns1/{named.conf => named.conf.in} | 4 +- .../ns2/{named.conf => named.conf.in} | 14 +- .../ns3/{named1.conf => named1.conf.in} | 4 +- .../ns3/{named2.conf => named2.conf.in} | 6 +- .../ns3/{named3.conf => named3.conf.in} | 6 +- bin/tests/system/fetchlimit/setup.sh | 4 +- bin/tests/system/fetchlimit/tests.sh | 71 +- bin/tests/system/filter-aaaa/clean.sh | 12 +- .../ns1/{named1.conf => named1.conf.in} | 8 +- .../ns1/{named2.conf => named2.conf.in} | 8 +- bin/tests/system/filter-aaaa/ns1/sign.sh | 4 +- .../ns2/{named1.conf => named1.conf.in} | 8 +- .../ns2/{named2.conf => named2.conf.in} | 8 +- .../ns3/{named1.conf => named1.conf.in} | 8 +- .../ns3/{named2.conf => named2.conf.in} | 8 +- .../ns4/{named1.conf => named1.conf.in} | 8 +- .../ns4/{named2.conf => named2.conf.in} | 8 +- bin/tests/system/filter-aaaa/ns4/sign.sh | 4 +- bin/tests/system/filter-aaaa/setup.sh | 10 +- bin/tests/system/filter-aaaa/tests.sh | 597 ++++---- bin/tests/system/formerr/clean.sh | 1 + .../formerr/ns1/{named.conf => named.conf.in} | 7 +- bin/tests/system/formerr/setup.sh | 13 + bin/tests/system/formerr/tests.sh | 20 +- bin/tests/system/forward/clean.sh | 3 +- .../forward/ns1/{named.conf => named.conf.in} | 6 +- .../forward/ns2/{named.conf => named.conf.in} | 6 +- .../forward/ns3/{named.conf => named.conf.in} | 7 +- .../forward/ns4/{named.conf => named.conf.in} | 6 +- .../forward/ns5/{named.conf => named.conf.in} | 6 +- bin/tests/system/forward/setup.sh | 17 + bin/tests/system/forward/tests.sh | 106 +- .../geoip/ns2/{named1.conf => named1.conf.in} | 6 +- .../ns2/{named10.conf => named10.conf.in} | 6 +- .../ns2/{named11.conf => named11.conf.in} | 6 +- .../ns2/{named12.conf => named12.conf.in} | 6 +- .../ns2/{named13.conf => named13.conf.in} | 6 +- .../ns2/{named14.conf => named14.conf.in} | 6 +- .../ns2/{named15.conf => named15.conf.in} | 6 +- .../geoip/ns2/{named2.conf => named2.conf.in} | 6 +- .../geoip/ns2/{named3.conf => named3.conf.in} | 6 +- .../geoip/ns2/{named4.conf => named4.conf.in} | 6 +- .../geoip/ns2/{named5.conf => named5.conf.in} | 6 +- .../geoip/ns2/{named6.conf => named6.conf.in} | 6 +- .../geoip/ns2/{named7.conf => named7.conf.in} | 6 +- .../geoip/ns2/{named8.conf => named8.conf.in} | 6 +- .../geoip/ns2/{named9.conf => named9.conf.in} | 6 +- bin/tests/system/geoip/prereq.sh | 2 +- bin/tests/system/geoip/setup.sh | 2 +- bin/tests/system/geoip/tests.sh | 221 +-- bin/tests/system/glue/clean.sh | 3 +- .../glue/ns1/{named.conf => named.conf.in} | 6 +- bin/tests/system/glue/setup.sh | 6 +- bin/tests/system/glue/tests.sh | 14 +- bin/tests/system/inline/clean.sh | 2 +- .../inline/ns1/{named.conf => named.conf.in} | 4 +- .../inline/ns2/{named.conf => named.conf.in} | 8 +- .../inline/ns3/{named.conf => named.conf.in} | 8 +- .../inline/ns4/{named.conf => named.conf.in} | 8 +- bin/tests/system/inline/ns5/named.conf.post | 8 +- bin/tests/system/inline/ns5/named.conf.pre | 8 +- .../inline/ns6/{named.conf => named.conf.in} | 8 +- .../inline/ns7/{named.conf => named.conf.in} | 6 +- bin/tests/system/inline/setup.sh | 8 +- bin/tests/system/inline/tests.sh | 544 +++---- bin/tests/system/integrity/clean.sh | 3 + .../ns1/{named.conf => named.conf.in} | 6 +- bin/tests/system/integrity/setup.sh | 13 + bin/tests/system/integrity/tests.sh | 76 +- bin/tests/system/ixfr/clean.sh | 5 +- .../ixfr/ns3/{named.conf => named.conf.in} | 6 +- .../ixfr/ns4/{named.conf => named.conf.in} | 6 +- bin/tests/system/ixfr/prereq.sh | 2 +- bin/tests/system/ixfr/setup.sh | 7 +- bin/tests/system/ixfr/tests.sh | 99 +- bin/tests/system/keepalive/clean.sh | 1 + .../ns1/named.conf.in} | 6 +- .../ns2/{named.conf => named.conf.in} | 4 +- .../ns3/{named.conf => named.conf.in} | 6 +- bin/tests/system/keepalive/setup.sh | 4 + bin/tests/system/keepalive/tests.sh | 51 +- bin/tests/system/keymgr/prereq.sh | 2 +- bin/tests/system/keymgr/setup.sh | 34 +- bin/tests/system/keymgr/tests.sh | 12 +- bin/tests/system/legacy/clean.sh | 2 +- .../ns1/{named1.conf => named1.conf.in} | 4 +- .../ns1/{named2.conf => named2.conf.in} | 4 +- .../legacy/ns2/{named.conf => named.conf.in} | 4 +- .../legacy/ns3/{named.conf => named.conf.in} | 4 +- .../legacy/ns4/{named.conf => named.conf.in} | 4 +- .../legacy/ns5/{named.conf => named.conf.in} | 4 +- .../legacy/ns6/{named.conf => named.conf.in} | 4 +- bin/tests/system/legacy/ns6/sign.sh | 2 +- .../legacy/ns7/{named.conf => named.conf.in} | 4 +- bin/tests/system/legacy/ns7/sign.sh | 2 +- bin/tests/system/legacy/setup.sh | 13 +- bin/tests/system/legacy/tests.sh | 115 +- bin/tests/system/limits/clean.sh | 3 +- .../limits/ns1/{named.conf => named.conf.in} | 4 +- bin/tests/system/limits/setup.sh | 13 + bin/tests/system/limits/tests.sh | 42 +- bin/tests/system/logfileconfig/clean.sh | 4 +- .../system/logfileconfig/ns1/controls.conf.in | 13 + .../system/logfileconfig/ns1/named.dirconf | 14 +- .../system/logfileconfig/ns1/named.iso8601 | 12 +- .../logfileconfig/ns1/named.iso8601-utc | 12 +- .../system/logfileconfig/ns1/named.pipeconf | 14 +- .../system/logfileconfig/ns1/named.plain | 14 +- .../system/logfileconfig/ns1/named.plainconf | 12 +- .../system/logfileconfig/ns1/named.symconf | 14 +- .../system/logfileconfig/ns1/named.tsconf | 12 +- .../system/logfileconfig/ns1/named.unlimited | 12 +- .../system/logfileconfig/ns1/named.versconf | 12 +- .../ns1/{rndc.conf => rndc.conf.in} | 2 +- bin/tests/system/logfileconfig/setup.sh | 4 +- bin/tests/system/logfileconfig/tests.sh | 206 +-- bin/tests/system/masterfile/clean.sh | 3 +- .../ns1/{named.conf => named.conf.in} | 6 +- .../ns2/{named.conf => named.conf.in} | 7 +- bin/tests/system/masterfile/setup.sh | 14 + bin/tests/system/masterfile/tests.sh | 36 +- bin/tests/system/masterformat/clean.sh | 1 + .../ns1/{named.conf => named.conf.in} | 8 +- .../ns2/{named.conf => named.conf.in} | 6 +- .../ns3/{named.conf => named.conf.in} | 11 +- bin/tests/system/masterformat/setup.sh | 4 + bin/tests/system/masterformat/tests.sh | 107 +- bin/tests/system/metadata/setup.sh | 2 +- bin/tests/system/metadata/tests.sh | 78 +- bin/tests/system/mkeys/clean.sh | 2 +- .../mkeys/ns1/{named1.conf => named1.conf.in} | 6 +- .../mkeys/ns1/{named2.conf => named2.conf.in} | 7 +- .../mkeys/ns1/{named3.conf => named3.conf.in} | 6 +- .../mkeys/ns2/{named.conf => named.conf.in} | 6 +- .../mkeys/ns3/{named.conf => named.conf.in} | 7 +- .../mkeys/ns4/{named.conf => named.conf.in} | 6 +- .../mkeys/ns5/{named.conf => named.conf.in} | 4 +- bin/tests/system/mkeys/setup.sh | 8 +- bin/tests/system/mkeys/tests.sh | 195 +-- bin/tests/system/names/clean.sh | 1 + .../names/ns1/{named.conf => named.conf.in} | 4 +- bin/tests/system/names/setup.sh | 7 +- bin/tests/system/names/tests.sh | 22 +- bin/tests/system/notify/clean.sh | 2 + .../named.conf => notify/ns1/named.conf.in} | 6 +- .../notify/ns2/{named.conf => named.conf.in} | 15 +- .../notify/ns3/{named.conf => named.conf.in} | 8 +- .../notify/ns4/{named.conf => named.conf.in} | 8 +- bin/tests/system/notify/ns4/named.port | 1 - bin/tests/system/notify/ns4/named.port.in | 1 + .../notify/ns5/{named.conf => named.conf.in} | 6 +- bin/tests/system/notify/setup.sh | 13 +- bin/tests/system/notify/tests.sh | 100 +- bin/tests/system/nslookup/clean.sh | 1 + .../ns1/{named.conf => named.conf.in} | 4 +- bin/tests/system/nslookup/setup.sh | 4 + bin/tests/system/nslookup/tests.sh | 44 +- bin/tests/system/nsupdate/ans4/ans.pl | 9 +- bin/tests/system/nsupdate/clean.sh | 2 + .../ns1/{named.conf => named.conf.in} | 10 +- .../ns2/{named.conf => named.conf.in} | 6 +- .../ns3/{named.conf => named.conf.in} | 15 +- .../ns5/{named.conf => named.conf.in} | 6 +- bin/tests/system/nsupdate/prereq.sh | 2 +- bin/tests/system/nsupdate/setup.sh | 8 + bin/tests/system/nsupdate/tests.sh | 555 +++---- bin/tests/system/nsupdate/update_test.pl | 12 +- .../nsupdate/{verylarge => verylarge.in} | 2 +- bin/tests/system/nzd2nzf/clean.sh | 4 +- .../nzd2nzf/ns1/{named.conf => named.conf.in} | 4 +- bin/tests/system/nzd2nzf/prereq.sh | 2 +- bin/tests/system/nzd2nzf/setup.sh | 2 + bin/tests/system/nzd2nzf/tests.sh | 44 +- bin/tests/system/padding/clean.sh | 1 + .../named.conf => padding/ns1/named.conf.in} | 6 +- .../padding/ns2/{named.conf => named.conf.in} | 4 +- .../padding/ns3/{named.conf => named.conf.in} | 6 +- .../padding/ns4/{named.conf => named.conf.in} | 6 +- bin/tests/system/padding/setup.sh | 5 + bin/tests/system/padding/tests.sh | 77 +- bin/tests/system/pending/clean.sh | 1 + .../pending/ns1/{named.conf => named.conf.in} | 7 +- .../pending/ns2/{named.conf => named.conf.in} | 6 +- .../pending/ns3/{named.conf => named.conf.in} | 6 +- .../pending/ns4/{named.conf => named.conf.in} | 6 +- bin/tests/system/pending/setup.sh | 5 + bin/tests/system/pending/tests.sh | 76 +- bin/tests/system/pipelined/clean.sh | 1 + .../ns1/{named.conf => named.conf.in} | 6 +- .../ns2/{named.conf => named.conf.in} | 6 +- .../ns3/{named.conf => named.conf.in} | 6 +- .../ns4/{named.conf => named.conf.in} | 6 +- bin/tests/system/pipelined/pipequeries.c | 42 +- bin/tests/system/pipelined/setup.sh | 5 + bin/tests/system/pipelined/tests.sh | 51 +- bin/tests/system/reclimit/ans2/ans.pl | 5 +- bin/tests/system/reclimit/ans7/ans.pl | 3 +- bin/tests/system/reclimit/clean.sh | 2 +- .../ns1/{named.conf => named.conf.in} | 4 +- .../ns3/{named1.conf => named1.conf.in} | 6 +- .../ns3/{named2.conf => named2.conf.in} | 6 +- .../ns3/{named3.conf => named3.conf.in} | 6 +- .../ns3/{named4.conf => named4.conf.in} | 6 +- bin/tests/system/reclimit/prereq.sh | 6 +- bin/tests/system/reclimit/setup.sh | 4 +- bin/tests/system/reclimit/tests.sh | 82 +- bin/tests/system/redirect/clean.sh | 1 + .../ns1/{named.conf => named.conf.in} | 6 +- .../ns2/{named.conf => named.conf.in} | 6 +- .../ns3/{named.conf => named.conf.in} | 4 +- .../ns4/{named.conf => named.conf.in} | 6 +- bin/tests/system/redirect/setup.sh | 5 + bin/tests/system/redirect/tests.sh | 219 ++- bin/tests/system/resolver/ans2/ans.pl | 7 +- bin/tests/system/resolver/ans3/ans.pl | 7 +- bin/tests/system/resolver/ans8/ans.pl | 14 +- bin/tests/system/resolver/clean.sh | 3 +- .../ns1/{named.conf => named.conf.in} | 6 +- .../ns4/{named.conf => named.conf.in} | 8 +- .../ns5/{named.conf => named.conf.in} | 6 +- .../ns6/{named.conf => named.conf.in} | 6 +- .../ns7/{named1.conf => named1.conf.in} | 10 +- .../ns7/{named2.conf => named2.conf.in} | 12 +- bin/tests/system/resolver/prereq.sh | 4 +- bin/tests/system/resolver/setup.sh | 8 +- bin/tests/system/resolver/tests.sh | 511 +++---- bin/tests/system/rndc/clean.sh | 4 +- .../rndc/ns2/{named.conf => named.conf.in} | 8 +- .../rndc/ns3/{named.conf => named.conf.in} | 8 +- bin/tests/system/rndc/ns4/named.conf.in | 4 +- .../rndc/ns5/{named.conf => named.conf.in} | 6 +- bin/tests/system/rndc/ns6/named.conf.in | 6 +- bin/tests/system/rndc/setup.sh | 21 +- bin/tests/system/rndc/tests.sh | 368 +++-- bin/tests/system/rpz/clean.sh | 3 + .../rpz/{dnsrpzd.conf => dnsrpzd.conf.in} | 36 +- .../rpz/ns1/{named.conf => named.conf.in} | 5 +- .../rpz/ns2/{named.conf => named.conf.in} | 7 +- .../rpz/ns3/{named.conf => named.conf.in} | 6 +- .../rpz/ns4/{named.conf => named.conf.in} | 5 +- .../rpz/ns5/{named.conf => named.conf.in} | 5 +- .../rpz/ns6/{named.conf => named.conf.in} | 6 +- .../rpz/ns7/{named.conf => named.conf.in} | 6 +- bin/tests/system/rpz/setup.sh | 10 + bin/tests/system/rpz/test1 | 2 +- bin/tests/system/rpz/test2 | 2 +- bin/tests/system/rpz/test3 | 2 +- bin/tests/system/rpz/test4 | 2 +- bin/tests/system/rpz/test4a | 2 +- bin/tests/system/rpz/test5 | 2 +- bin/tests/system/rpz/test6 | 2 +- bin/tests/system/rpz/tests.sh | 137 +- .../rpzrecurse/ans5/{ans.pl.in => ans.pl} | 5 +- bin/tests/system/rpzrecurse/clean.sh | 2 - bin/tests/system/rpzrecurse/setup.sh | 2 - bin/tests/system/rrchecker/tests.sh | 32 +- bin/tests/system/rrl/clean.sh | 3 +- .../rrl/ns1/{named.conf => named.conf.in} | 5 +- .../rrl/ns2/{named.conf => named.conf.in} | 7 +- .../rrl/ns3/{named.conf => named.conf.in} | 5 +- .../rrl/ns4/{named.conf => named.conf.in} | 7 +- bin/tests/system/rrl/setup.sh | 8 +- bin/tests/system/rrl/tests.sh | 60 +- bin/tests/system/rrsetorder/clean.sh | 1 + .../ns1/{named.conf => named.conf.in} | 6 +- .../ns2/{named.conf => named.conf.in} | 6 +- .../ns3/{named.conf => named.conf.in} | 7 +- .../ns4/{named.conf => named.conf.in} | 6 +- bin/tests/system/rrsetorder/setup.sh | 16 + bin/tests/system/rrsetorder/tests.sh | 137 +- bin/tests/system/rsabigexponent/clean.sh | 1 + .../ns1/{named.conf => named.conf.in} | 6 +- .../ns2/{named.conf => named.conf.in} | 6 +- .../ns3/{named.conf => named.conf.in} | 6 +- bin/tests/system/rsabigexponent/prereq.sh | 4 +- bin/tests/system/rsabigexponent/setup.sh | 4 + bin/tests/system/rsabigexponent/tests.sh | 22 +- bin/tests/system/run.sh | 1 - bin/tests/system/runtime/clean.sh | 2 +- .../{named-alt1.conf => named-alt1.conf.in} | 4 +- .../{named-alt2.conf => named-alt2.conf.in} | 4 +- .../{named-alt3.conf => named-alt3.conf.in} | 4 +- .../{named-alt4.conf => named-alt4.conf.in} | 2 +- .../{named-alt5.conf => named-alt5.conf.in} | 2 +- .../{named-alt6.conf => named-alt6.conf.in} | 2 +- .../ns2/{named1.conf => named1.conf.in} | 7 +- bin/tests/system/runtime/setup.sh | 6 +- bin/tests/system/runtime/tests.sh | 52 +- .../serve-stale/ans2/{ans.pl.in => ans.pl} | 5 +- bin/tests/system/serve-stale/clean.sh | 2 +- bin/tests/system/serve-stale/setup.sh | 1 - bin/tests/system/sfcache/clean.sh | 1 + .../sfcache/ns1/{named.conf => named.conf.in} | 4 +- .../sfcache/ns2/{named.conf => named.conf.in} | 6 +- .../sfcache/ns5/{named.conf => named.conf.in} | 6 +- bin/tests/system/sfcache/setup.sh | 4 + bin/tests/system/sfcache/tests.sh | 41 +- bin/tests/system/smartsign/tests.sh | 144 +- bin/tests/system/sortlist/clean.sh | 3 +- .../ns1/{named.conf => named.conf.in} | 6 +- bin/tests/system/sortlist/setup.sh | 13 + bin/tests/system/sortlist/tests.sh | 25 +- bin/tests/system/spf/clean.sh | 1 + .../spf/ns1/{named.conf => named.conf.in} | 4 +- bin/tests/system/spf/setup.sh | 13 + bin/tests/system/spf/tests.sh | 6 +- bin/tests/system/staticstub/clean.sh | 4 +- .../ns1/{named.conf => named.conf.in} | 6 +- bin/tests/system/staticstub/ns2/named.conf.in | 25 +- bin/tests/system/staticstub/ns3/named.conf.in | 20 +- bin/tests/system/staticstub/ns4/named.conf | 57 - bin/tests/system/staticstub/ns4/named.conf.in | 39 + bin/tests/system/staticstub/setup.sh | 11 +- bin/tests/system/staticstub/tests.sh | 134 +- bin/tests/system/statistics/ans4/ans.pl | 7 +- bin/tests/system/statistics/clean.sh | 3 +- .../ns1/{named.conf => named.conf.in} | 6 +- .../ns2/{named.conf => named.conf.in} | 18 +- .../ns3/{named.conf => named.conf.in} | 12 +- bin/tests/system/statistics/prereq.sh | 4 +- bin/tests/system/statistics/setup.sh | 15 + bin/tests/system/statistics/tests.sh | 74 +- bin/tests/system/statschannel/clean.sh | 1 + .../ns2/{named.conf => named.conf.in} | 15 +- bin/tests/system/statschannel/prereq.sh | 2 +- bin/tests/system/statschannel/setup.sh | 14 + bin/tests/system/statschannel/tests.sh | 71 +- bin/tests/system/stub/clean.sh | 3 +- .../stub/ns1/{named.conf => named.conf.in} | 4 +- .../stub/ns2/{named.conf => named.conf.in} | 4 +- .../stub/ns3/{named.conf => named.conf.in} | 4 +- bin/tests/system/stub/setup.sh | 16 + bin/tests/system/stub/tests.sh | 36 +- bin/tests/system/synthfromdnssec/clean.sh | 1 + .../ns1/{named.conf => named.conf.in} | 4 +- .../ns2/{named.conf => named.conf.in} | 4 +- .../ns3/{named.conf => named.conf.in} | 4 +- .../ns4/{named.conf => named.conf.in} | 4 +- .../ns5/{named.conf => named.conf.in} | 4 +- bin/tests/system/synthfromdnssec/setup.sh | 6 + bin/tests/system/synthfromdnssec/tests.sh | 50 +- bin/tests/system/tcp/clean.sh | 1 + .../tcp/ns1/{named.conf => named.conf.in} | 6 +- .../tcp/ns2/{named.conf => named.conf.in} | 14 +- .../tcp/ns3/{named.conf => named.conf.in} | 6 +- .../tcp/ns4/{named.conf => named.conf.in} | 6 +- bin/tests/system/tcp/setup.sh | 17 + bin/tests/system/tcp/tests.sh | 19 +- bin/tests/system/tools/tests.sh | 34 +- bin/tests/system/tsig/clean.sh | 1 + .../tsig/ns1/{named.conf => named.conf.in} | 6 +- bin/tests/system/tsig/setup.sh | 4 +- bin/tests/system/tsig/tests.sh | 159 +- bin/tests/system/tsiggss/authsock.pl | 2 - bin/tests/system/tsiggss/clean.sh | 1 + .../tsiggss/ns1/{named.conf => named.conf.in} | 8 +- bin/tests/system/tsiggss/prereq.sh | 2 +- bin/tests/system/tsiggss/setup.sh | 4 +- bin/tests/system/tsiggss/tests.sh | 6 +- bin/tests/system/unknown/clean.sh | 3 +- .../unknown/ns1/{named.conf => named.conf.in} | 6 +- .../unknown/ns2/{named.conf => named.conf.in} | 6 +- .../unknown/ns3/{named.conf => named.conf.in} | 6 +- bin/tests/system/unknown/setup.sh | 4 + bin/tests/system/unknown/tests.sh | 90 +- bin/tests/system/upforwd/ans4/ans.pl | 11 +- bin/tests/system/upforwd/clean.sh | 3 +- .../upforwd/ns1/{named.conf => named.conf.in} | 6 +- .../upforwd/ns2/{named.conf => named.conf.in} | 6 +- .../upforwd/ns3/{named.conf => named.conf.in} | 6 +- bin/tests/system/upforwd/prereq.sh | 2 +- bin/tests/system/upforwd/setup.sh | 9 +- bin/tests/system/upforwd/tests.sh | 137 +- bin/tests/system/verify/tests.sh | 14 +- bin/tests/system/verify/zones/genzones.sh | 4 +- bin/tests/system/views/clean.sh | 7 +- .../named.conf => views/ns1/named.conf.in} | 6 +- .../views/ns2/{named1.conf => named1.conf.in} | 16 +- .../views/ns2/{named2.conf => named2.conf.in} | 15 +- .../views/ns3/{named1.conf => named1.conf.in} | 8 +- .../views/ns3/{named2.conf => named2.conf.in} | 10 +- .../views/ns5/{named.conf => named.conf.in} | 8 +- bin/tests/system/views/setup.sh | 17 +- bin/tests/system/views/tests.sh | 105 +- bin/tests/system/wildcard/clean.sh | 1 + .../ns1/{named.conf => named.conf.in} | 6 +- bin/tests/system/wildcard/ns1/sign.sh | 14 +- .../ns2/{named.conf => named.conf.in} | 6 +- .../ns3/{named.conf => named.conf.in} | 6 +- .../ns4/{named.conf => named.conf.in} | 6 +- .../ns5/{named.conf => named.conf.in} | 6 +- bin/tests/system/wildcard/setup.sh | 8 + bin/tests/system/wildcard/tests.sh | 62 +- bin/tests/system/xfer/clean.sh | 7 +- .../xfer/ns1/{named.conf => named.conf.in} | 6 +- .../xfer/ns2/{named.conf => named.conf.in} | 15 +- .../xfer/ns3/{named.conf => named.conf.in} | 8 +- bin/tests/system/xfer/ns4/named.conf.base | 6 +- .../xfer/ns6/{named.conf => named.conf.in} | 6 +- .../xfer/ns7/{named.conf => named.conf.in} | 6 +- .../xfer/ns8/{named.conf => named.conf.in} | 4 +- bin/tests/system/xfer/prereq.sh | 4 +- bin/tests/system/xfer/setup.sh | 10 +- bin/tests/system/xfer/tests.sh | 208 ++- bin/tests/system/xferquota/clean.sh | 3 +- .../ns1/{named.conf => named.conf.in} | 8 +- .../ns2/{named.conf => named.conf.in} | 6 +- bin/tests/system/xferquota/setup.sh | 10 +- bin/tests/system/xferquota/tests.sh | 28 +- bin/tests/system/zero/ans5/ans.pl | 5 +- bin/tests/system/zero/clean.sh | 1 + .../zero/ns1/{named.conf => named.conf.in} | 7 +- .../zero/ns2/{named.conf => named.conf.in} | 6 +- .../zero/ns3/{named.conf => named.conf.in} | 7 +- .../zero/ns4/{named.conf => named.conf.in} | 6 +- bin/tests/system/zero/setup.sh | 7 + bin/tests/system/zero/tests.sh | 60 +- bin/tests/system/zonechecks/clean.sh | 1 + .../ns1/{named.conf => named.conf.in} | 6 +- .../ns2/{named.conf => named.conf.in} | 9 +- bin/tests/system/zonechecks/setup.sh | 3 + bin/tests/system/zonechecks/tests.sh | 105 +- configure | 4 +- configure.in | 2 +- 621 files changed, 7697 insertions(+), 7749 deletions(-) rename bin/tests/system/acl/ns2/{named1.conf => named1.conf.in} (84%) rename bin/tests/system/acl/ns2/{named2.conf => named2.conf.in} (86%) rename bin/tests/system/acl/ns2/{named3.conf => named3.conf.in} (86%) rename bin/tests/system/acl/ns2/{named4.conf => named4.conf.in} (86%) rename bin/tests/system/acl/ns2/{named5.conf => named5.conf.in} (84%) rename bin/tests/system/acl/ns2/{named6.conf => named6.conf.in} (82%) rename bin/tests/system/acl/ns2/{named7.conf => named7.conf.in} (84%) rename bin/tests/system/acl/ns3/{named.conf => named.conf.in} (87%) rename bin/tests/system/acl/ns4/{named.conf => named.conf.in} (88%) rename bin/tests/system/additional/ns1/{named1.conf => named1.conf.in} (86%) rename bin/tests/system/additional/ns1/{named2.conf => named2.conf.in} (86%) rename bin/tests/system/additional/ns1/{named3.conf => named3.conf.in} (91%) rename bin/tests/system/additional/ns1/{named4.conf => named4.conf.in} (91%) rename bin/tests/system/additional/ns3/{named.conf => named.conf.in} (97%) rename bin/tests/system/addzone/ns1/{named.conf => named.conf.in} (89%) rename bin/tests/system/addzone/ns2/{named1.conf => named1.conf.in} (81%) rename bin/tests/system/addzone/ns2/{named2.conf => named2.conf.in} (89%) rename bin/tests/system/addzone/ns2/{named3.conf => named3.conf.in} (90%) rename bin/tests/system/addzone/ns3/{named1.conf => named1.conf.in} (79%) rename bin/tests/system/addzone/ns3/{named2.conf => named2.conf.in} (76%) rename bin/tests/system/auth/ns1/{named.conf => named.conf.in} (93%) rename bin/tests/system/auth/ns2/{named.conf => named.conf.in} (94%) create mode 100644 bin/tests/system/auth/setup.sh rename bin/tests/system/autosign/ns1/{named.conf => named.conf.in} (83%) rename bin/tests/system/autosign/ns2/{named.conf => named.conf.in} (91%) rename bin/tests/system/autosign/ns3/{named.conf => named.conf.in} (98%) rename bin/tests/system/autosign/ns4/{named.conf => named.conf.in} (94%) rename bin/tests/system/autosign/ns5/{named.conf => named.conf.in} (86%) rename bin/tests/system/builtin/ns1/{named.conf => named.conf.in} (78%) rename bin/tests/system/builtin/ns2/{named.conf => named.conf.in} (78%) rename bin/tests/system/builtin/ns3/{named.conf => named.conf.in} (81%) create mode 100644 bin/tests/system/builtin/setup.sh rename bin/tests/system/cacheclean/ns1/{named.conf => named.conf.in} (95%) rename bin/tests/system/cacheclean/ns2/{named.conf => named.conf.in} (89%) create mode 100644 bin/tests/system/cacheclean/setup.sh rename bin/tests/system/case/ns1/{named.conf => named.conf.in} (95%) rename bin/tests/system/case/ns2/{named.conf => named.conf.in} (95%) rename bin/tests/system/chain/ns1/{named.conf => named.conf.in} (93%) rename bin/tests/system/chain/ns2/{named.conf => named.conf.in} (97%) rename bin/tests/system/chain/ns5/{named.conf => named.conf.in} (94%) rename bin/tests/system/chain/ns7/{named.conf => named.conf.in} (86%) rename bin/tests/system/checknames/ns1/{named.conf => named.conf.in} (92%) rename bin/tests/system/checknames/ns2/{named.conf => named.conf.in} (85%) rename bin/tests/system/checknames/ns3/{named.conf => named.conf.in} (85%) rename bin/tests/system/checknames/ns4/{named.conf => named.conf.in} (87%) rename bin/tests/system/cookie/ns1/{named.conf => named.conf.in} (92%) rename bin/tests/system/cookie/ns2/{named.conf => named.conf.in} (93%) rename bin/tests/system/cookie/ns3/{named.conf => named.conf.in} (92%) rename bin/tests/system/cookie/ns4/{named.conf => named.conf.in} (89%) rename bin/tests/system/cookie/ns5/{named.conf => named.conf.in} (90%) rename bin/tests/system/cookie/ns6/{named.conf => named.conf.in} (89%) create mode 100644 bin/tests/system/cookie/setup.sh rename bin/tests/system/database/ns1/{named.conf1 => named1.conf.in} (84%) rename bin/tests/system/database/ns1/{named.conf2 => named2.conf.in} (84%) rename bin/tests/system/digdelv/ns1/{named.conf => named.conf.in} (93%) rename bin/tests/system/digdelv/ns2/{named.conf => named.conf.in} (93%) rename bin/tests/system/digdelv/ns3/{named.conf => named.conf.in} (93%) create mode 100644 bin/tests/system/digdelv/setup.sh rename bin/tests/system/dlv/ns1/{named.conf => named.conf.in} (86%) rename bin/tests/system/dlv/ns2/{named.conf => named.conf.in} (86%) rename bin/tests/system/dlv/ns3/{named.conf => named.conf.in} (94%) rename bin/tests/system/dlv/ns4/{named.conf => named.conf.in} (86%) delete mode 100644 bin/tests/system/dlv/ns5/named.conf create mode 100644 bin/tests/system/dlv/ns5/named.conf.in rename bin/tests/system/dlv/ns6/{named.conf => named.conf.in} (94%) rename bin/tests/system/dlz/ns1/{named.conf => named.conf.in} (84%) create mode 100644 bin/tests/system/dlz/setup.sh create mode 100644 bin/tests/system/dlzexternal/ns1/dlzs.conf.in rename bin/tests/system/dns64/ns1/{named.conf => named.conf.in} (90%) rename bin/tests/system/dns64/ns2/{named.conf => named.conf.in} (93%) rename bin/tests/system/dnssec/ns1/{named.conf => named.conf.in} (94%) rename bin/tests/system/dnssec/ns2/{named.conf => named.conf.in} (98%) rename bin/tests/system/dnssec/ns3/{named.conf => named.conf.in} (98%) rename bin/tests/system/dnssec/ns4/{named1.conf => named1.conf.in} (92%) rename bin/tests/system/dnssec/ns4/{named2.conf => named2.conf.in} (88%) rename bin/tests/system/dnssec/ns4/{named3.conf => named3.conf.in} (88%) rename bin/tests/system/dnssec/ns4/{named4.conf => named4.conf.in} (92%) rename bin/tests/system/dnssec/ns5/{named1.conf => named1.conf.in} (87%) rename bin/tests/system/dnssec/ns5/{named2.conf => named2.conf.in} (89%) rename bin/tests/system/dnssec/ns6/{named.conf => named.conf.in} (88%) rename bin/tests/system/dnssec/ns7/{named.conf => named.conf.in} (93%) rename bin/tests/system/dnstap/ns1/{named.conf => named.conf.in} (89%) rename bin/tests/system/dnstap/ns2/{named.conf => named.conf.in} (83%) rename bin/tests/system/dnstap/ns3/{named.conf => named.conf.in} (89%) rename bin/tests/system/dnstap/ns4/{named.conf => named.conf.in} (89%) create mode 100644 bin/tests/system/dnstap/setup.sh rename bin/tests/system/dscp/ns1/{named.conf => named.conf.in} (93%) rename bin/tests/system/dscp/ns2/{named.conf => named.conf.in} (93%) rename bin/tests/system/dscp/ns3/{named.conf => named.conf.in} (93%) rename bin/tests/system/dscp/ns4/{named.conf => named.conf.in} (93%) rename bin/tests/system/dscp/ns5/{named.conf => named.conf.in} (94%) rename bin/tests/system/dscp/ns6/{named.conf => named.conf.in} (93%) rename bin/tests/system/dscp/ns7/{named.conf => named.conf.in} (95%) create mode 100644 bin/tests/system/dscp/setup.sh rename bin/tests/system/dsdigest/ns1/{named.conf => named.conf.in} (96%) rename bin/tests/system/dsdigest/ns2/{named.conf => named.conf.in} (96%) rename bin/tests/system/dsdigest/ns3/{named.conf => named.conf.in} (96%) rename bin/tests/system/dsdigest/ns4/{named.conf => named.conf.in} (96%) rename bin/tests/system/dyndb/ns1/{named.conf => named.conf.in} (90%) create mode 100644 bin/tests/system/dyndb/setup.sh rename bin/tests/system/ednscompliance/ns1/{named.conf => named.conf.in} (92%) create mode 100644 bin/tests/system/ednscompliance/setup.sh rename bin/tests/system/emptyzones/ns1/{named1.conf => named1.conf.in} (87%) rename bin/tests/system/emptyzones/ns1/{named2.conf => named2.conf.in} (87%) rename bin/tests/system/fetchlimit/ns1/{named.conf => named.conf.in} (93%) rename bin/tests/system/fetchlimit/ns2/{named.conf => named.conf.in} (77%) rename bin/tests/system/fetchlimit/ns3/{named1.conf => named1.conf.in} (89%) rename bin/tests/system/fetchlimit/ns3/{named2.conf => named2.conf.in} (86%) rename bin/tests/system/fetchlimit/ns3/{named3.conf => named3.conf.in} (86%) rename bin/tests/system/filter-aaaa/ns1/{named1.conf => named1.conf.in} (83%) rename bin/tests/system/filter-aaaa/ns1/{named2.conf => named2.conf.in} (83%) rename bin/tests/system/filter-aaaa/ns2/{named1.conf => named1.conf.in} (81%) rename bin/tests/system/filter-aaaa/ns2/{named2.conf => named2.conf.in} (81%) rename bin/tests/system/filter-aaaa/ns3/{named1.conf => named1.conf.in} (81%) rename bin/tests/system/filter-aaaa/ns3/{named2.conf => named2.conf.in} (81%) rename bin/tests/system/filter-aaaa/ns4/{named1.conf => named1.conf.in} (83%) rename bin/tests/system/filter-aaaa/ns4/{named2.conf => named2.conf.in} (83%) rename bin/tests/system/formerr/ns1/{named.conf => named.conf.in} (83%) create mode 100644 bin/tests/system/formerr/setup.sh rename bin/tests/system/forward/ns1/{named.conf => named.conf.in} (90%) rename bin/tests/system/forward/ns2/{named.conf => named.conf.in} (90%) rename bin/tests/system/forward/ns3/{named.conf => named.conf.in} (88%) rename bin/tests/system/forward/ns4/{named.conf => named.conf.in} (90%) rename bin/tests/system/forward/ns5/{named.conf => named.conf.in} (84%) create mode 100644 bin/tests/system/forward/setup.sh rename bin/tests/system/geoip/ns2/{named1.conf => named1.conf.in} (94%) rename bin/tests/system/geoip/ns2/{named10.conf => named10.conf.in} (93%) rename bin/tests/system/geoip/ns2/{named11.conf => named11.conf.in} (93%) rename bin/tests/system/geoip/ns2/{named12.conf => named12.conf.in} (92%) rename bin/tests/system/geoip/ns2/{named13.conf => named13.conf.in} (86%) rename bin/tests/system/geoip/ns2/{named14.conf => named14.conf.in} (94%) rename bin/tests/system/geoip/ns2/{named15.conf => named15.conf.in} (88%) rename bin/tests/system/geoip/ns2/{named2.conf => named2.conf.in} (94%) rename bin/tests/system/geoip/ns2/{named3.conf => named3.conf.in} (94%) rename bin/tests/system/geoip/ns2/{named4.conf => named4.conf.in} (93%) rename bin/tests/system/geoip/ns2/{named5.conf => named5.conf.in} (94%) rename bin/tests/system/geoip/ns2/{named6.conf => named6.conf.in} (93%) rename bin/tests/system/geoip/ns2/{named7.conf => named7.conf.in} (94%) rename bin/tests/system/geoip/ns2/{named8.conf => named8.conf.in} (94%) rename bin/tests/system/geoip/ns2/{named9.conf => named9.conf.in} (94%) rename bin/tests/system/glue/ns1/{named.conf => named.conf.in} (88%) rename bin/tests/system/inline/ns1/{named.conf => named.conf.in} (89%) rename bin/tests/system/inline/ns2/{named.conf => named.conf.in} (88%) rename bin/tests/system/inline/ns3/{named.conf => named.conf.in} (93%) rename bin/tests/system/inline/ns4/{named.conf => named.conf.in} (84%) rename bin/tests/system/inline/ns6/{named.conf => named.conf.in} (81%) rename bin/tests/system/inline/ns7/{named.conf => named.conf.in} (93%) rename bin/tests/system/integrity/ns1/{named.conf => named.conf.in} (96%) create mode 100644 bin/tests/system/integrity/setup.sh rename bin/tests/system/ixfr/ns3/{named.conf => named.conf.in} (86%) rename bin/tests/system/ixfr/ns4/{named.conf => named.conf.in} (86%) rename bin/tests/system/{padding/ns1/named.conf => keepalive/ns1/named.conf.in} (85%) rename bin/tests/system/keepalive/ns2/{named.conf => named.conf.in} (89%) rename bin/tests/system/keepalive/ns3/{named.conf => named.conf.in} (87%) rename bin/tests/system/legacy/ns1/{named1.conf => named1.conf.in} (93%) rename bin/tests/system/legacy/ns1/{named2.conf => named2.conf.in} (93%) rename bin/tests/system/legacy/ns2/{named.conf => named.conf.in} (93%) rename bin/tests/system/legacy/ns3/{named.conf => named.conf.in} (93%) rename bin/tests/system/legacy/ns4/{named.conf => named.conf.in} (93%) rename bin/tests/system/legacy/ns5/{named.conf => named.conf.in} (93%) rename bin/tests/system/legacy/ns6/{named.conf => named.conf.in} (93%) rename bin/tests/system/legacy/ns7/{named.conf => named.conf.in} (93%) rename bin/tests/system/limits/ns1/{named.conf => named.conf.in} (94%) create mode 100644 bin/tests/system/limits/setup.sh create mode 100644 bin/tests/system/logfileconfig/ns1/controls.conf.in rename bin/tests/system/logfileconfig/ns1/{rndc.conf => rndc.conf.in} (90%) rename bin/tests/system/masterfile/ns1/{named.conf => named.conf.in} (86%) rename bin/tests/system/masterfile/ns2/{named.conf => named.conf.in} (87%) create mode 100644 bin/tests/system/masterfile/setup.sh rename bin/tests/system/masterformat/ns1/{named.conf => named.conf.in} (90%) rename bin/tests/system/masterformat/ns2/{named.conf => named.conf.in} (93%) rename bin/tests/system/masterformat/ns3/{named.conf => named.conf.in} (77%) rename bin/tests/system/mkeys/ns1/{named1.conf => named1.conf.in} (88%) rename bin/tests/system/mkeys/ns1/{named2.conf => named2.conf.in} (87%) rename bin/tests/system/mkeys/ns1/{named3.conf => named3.conf.in} (86%) rename bin/tests/system/mkeys/ns2/{named.conf => named.conf.in} (87%) rename bin/tests/system/mkeys/ns3/{named.conf => named.conf.in} (90%) rename bin/tests/system/mkeys/ns4/{named.conf => named.conf.in} (88%) rename bin/tests/system/mkeys/ns5/{named.conf => named.conf.in} (89%) rename bin/tests/system/names/ns1/{named.conf => named.conf.in} (95%) rename bin/tests/system/{views/ns1/named.conf => notify/ns1/named.conf.in} (84%) rename bin/tests/system/notify/ns2/{named.conf => named.conf.in} (91%) rename bin/tests/system/notify/ns3/{named.conf => named.conf.in} (86%) rename bin/tests/system/notify/ns4/{named.conf => named.conf.in} (81%) delete mode 100644 bin/tests/system/notify/ns4/named.port create mode 100644 bin/tests/system/notify/ns4/named.port.in rename bin/tests/system/notify/ns5/{named.conf => named.conf.in} (92%) rename bin/tests/system/nslookup/ns1/{named.conf => named.conf.in} (93%) rename bin/tests/system/nsupdate/ns1/{named.conf => named.conf.in} (94%) rename bin/tests/system/nsupdate/ns2/{named.conf => named.conf.in} (92%) rename bin/tests/system/nsupdate/ns3/{named.conf => named.conf.in} (86%) rename bin/tests/system/nsupdate/ns5/{named.conf => named.conf.in} (87%) rename bin/tests/system/nsupdate/{verylarge => verylarge.in} (99%) rename bin/tests/system/nzd2nzf/ns1/{named.conf => named.conf.in} (85%) rename bin/tests/system/{keepalive/ns1/named.conf => padding/ns1/named.conf.in} (85%) rename bin/tests/system/padding/ns2/{named.conf => named.conf.in} (90%) rename bin/tests/system/padding/ns3/{named.conf => named.conf.in} (87%) rename bin/tests/system/padding/ns4/{named.conf => named.conf.in} (87%) rename bin/tests/system/pending/ns1/{named.conf => named.conf.in} (84%) rename bin/tests/system/pending/ns2/{named.conf => named.conf.in} (89%) rename bin/tests/system/pending/ns3/{named.conf => named.conf.in} (88%) rename bin/tests/system/pending/ns4/{named.conf => named.conf.in} (84%) rename bin/tests/system/pipelined/ns1/{named.conf => named.conf.in} (85%) rename bin/tests/system/pipelined/ns2/{named.conf => named.conf.in} (87%) rename bin/tests/system/pipelined/ns3/{named.conf => named.conf.in} (87%) rename bin/tests/system/pipelined/ns4/{named.conf => named.conf.in} (87%) rename bin/tests/system/reclimit/ns1/{named.conf => named.conf.in} (93%) rename bin/tests/system/reclimit/ns3/{named1.conf => named1.conf.in} (86%) rename bin/tests/system/reclimit/ns3/{named2.conf => named2.conf.in} (86%) rename bin/tests/system/reclimit/ns3/{named3.conf => named3.conf.in} (87%) rename bin/tests/system/reclimit/ns3/{named4.conf => named4.conf.in} (87%) rename bin/tests/system/redirect/ns1/{named.conf => named.conf.in} (90%) rename bin/tests/system/redirect/ns2/{named.conf => named.conf.in} (87%) rename bin/tests/system/redirect/ns3/{named.conf => named.conf.in} (95%) rename bin/tests/system/redirect/ns4/{named.conf => named.conf.in} (86%) rename bin/tests/system/resolver/ns1/{named.conf => named.conf.in} (93%) rename bin/tests/system/resolver/ns4/{named.conf => named.conf.in} (85%) rename bin/tests/system/resolver/ns5/{named.conf => named.conf.in} (89%) rename bin/tests/system/resolver/ns6/{named.conf => named.conf.in} (92%) rename bin/tests/system/resolver/ns7/{named1.conf => named1.conf.in} (85%) rename bin/tests/system/resolver/ns7/{named2.conf => named2.conf.in} (80%) rename bin/tests/system/rndc/ns2/{named.conf => named.conf.in} (84%) rename bin/tests/system/rndc/ns3/{named.conf => named.conf.in} (81%) rename bin/tests/system/rndc/ns5/{named.conf => named.conf.in} (82%) rename bin/tests/system/rpz/{dnsrpzd.conf => dnsrpzd.conf.in} (56%) rename bin/tests/system/rpz/ns1/{named.conf => named.conf.in} (93%) rename bin/tests/system/rpz/ns2/{named.conf => named.conf.in} (92%) rename bin/tests/system/rpz/ns3/{named.conf => named.conf.in} (95%) rename bin/tests/system/rpz/ns4/{named.conf => named.conf.in} (95%) rename bin/tests/system/rpz/ns5/{named.conf => named.conf.in} (96%) rename bin/tests/system/rpz/ns6/{named.conf => named.conf.in} (88%) rename bin/tests/system/rpz/ns7/{named.conf => named.conf.in} (88%) rename bin/tests/system/rpzrecurse/ans5/{ans.pl.in => ans.pl} (92%) rename bin/tests/system/rrl/ns1/{named.conf => named.conf.in} (93%) rename bin/tests/system/rrl/ns2/{named.conf => named.conf.in} (92%) rename bin/tests/system/rrl/ns3/{named.conf => named.conf.in} (96%) rename bin/tests/system/rrl/ns4/{named.conf => named.conf.in} (92%) rename bin/tests/system/rrsetorder/ns1/{named.conf => named.conf.in} (88%) rename bin/tests/system/rrsetorder/ns2/{named.conf => named.conf.in} (88%) rename bin/tests/system/rrsetorder/ns3/{named.conf => named.conf.in} (87%) rename bin/tests/system/rrsetorder/ns4/{named.conf => named.conf.in} (86%) create mode 100644 bin/tests/system/rrsetorder/setup.sh rename bin/tests/system/rsabigexponent/ns1/{named.conf => named.conf.in} (92%) rename bin/tests/system/rsabigexponent/ns2/{named.conf => named.conf.in} (92%) rename bin/tests/system/rsabigexponent/ns3/{named.conf => named.conf.in} (92%) rename bin/tests/system/runtime/ns2/{named-alt1.conf => named-alt1.conf.in} (92%) rename bin/tests/system/runtime/ns2/{named-alt2.conf => named-alt2.conf.in} (92%) rename bin/tests/system/runtime/ns2/{named-alt3.conf => named-alt3.conf.in} (93%) rename bin/tests/system/runtime/ns2/{named-alt4.conf => named-alt4.conf.in} (96%) rename bin/tests/system/runtime/ns2/{named-alt5.conf => named-alt5.conf.in} (96%) rename bin/tests/system/runtime/ns2/{named-alt6.conf => named-alt6.conf.in} (96%) rename bin/tests/system/runtime/ns2/{named1.conf => named1.conf.in} (85%) rename bin/tests/system/serve-stale/ans2/{ans.pl.in => ans.pl} (97%) rename bin/tests/system/sfcache/ns1/{named.conf => named.conf.in} (94%) rename bin/tests/system/sfcache/ns2/{named.conf => named.conf.in} (88%) rename bin/tests/system/sfcache/ns5/{named.conf => named.conf.in} (87%) rename bin/tests/system/sortlist/ns1/{named.conf => named.conf.in} (90%) create mode 100644 bin/tests/system/sortlist/setup.sh rename bin/tests/system/spf/ns1/{named.conf => named.conf.in} (94%) create mode 100644 bin/tests/system/spf/setup.sh rename bin/tests/system/staticstub/ns1/{named.conf => named.conf.in} (82%) delete mode 100644 bin/tests/system/staticstub/ns4/named.conf create mode 100644 bin/tests/system/staticstub/ns4/named.conf.in rename bin/tests/system/statistics/ns1/{named.conf => named.conf.in} (89%) rename bin/tests/system/statistics/ns2/{named.conf => named.conf.in} (75%) rename bin/tests/system/statistics/ns3/{named.conf => named.conf.in} (82%) create mode 100644 bin/tests/system/statistics/setup.sh rename bin/tests/system/statschannel/ns2/{named.conf => named.conf.in} (73%) create mode 100644 bin/tests/system/statschannel/setup.sh rename bin/tests/system/stub/ns1/{named.conf => named.conf.in} (93%) rename bin/tests/system/stub/ns2/{named.conf => named.conf.in} (94%) rename bin/tests/system/stub/ns3/{named.conf => named.conf.in} (94%) create mode 100644 bin/tests/system/stub/setup.sh rename bin/tests/system/synthfromdnssec/ns1/{named.conf => named.conf.in} (94%) rename bin/tests/system/synthfromdnssec/ns2/{named.conf => named.conf.in} (94%) rename bin/tests/system/synthfromdnssec/ns3/{named.conf => named.conf.in} (94%) rename bin/tests/system/synthfromdnssec/ns4/{named.conf => named.conf.in} (94%) rename bin/tests/system/synthfromdnssec/ns5/{named.conf => named.conf.in} (94%) rename bin/tests/system/tcp/ns1/{named.conf => named.conf.in} (86%) rename bin/tests/system/tcp/ns2/{named.conf => named.conf.in} (80%) rename bin/tests/system/tcp/ns3/{named.conf => named.conf.in} (87%) rename bin/tests/system/tcp/ns4/{named.conf => named.conf.in} (87%) create mode 100644 bin/tests/system/tcp/setup.sh rename bin/tests/system/tsig/ns1/{named.conf => named.conf.in} (94%) rename bin/tests/system/tsiggss/ns1/{named.conf => named.conf.in} (87%) rename bin/tests/system/unknown/ns1/{named.conf => named.conf.in} (91%) rename bin/tests/system/unknown/ns2/{named.conf => named.conf.in} (85%) rename bin/tests/system/unknown/ns3/{named.conf => named.conf.in} (86%) rename bin/tests/system/upforwd/ns1/{named.conf => named.conf.in} (89%) rename bin/tests/system/upforwd/ns2/{named.conf => named.conf.in} (87%) rename bin/tests/system/upforwd/ns3/{named.conf => named.conf.in} (89%) rename bin/tests/system/{notify/ns1/named.conf => views/ns1/named.conf.in} (84%) rename bin/tests/system/views/ns2/{named1.conf => named1.conf.in} (79%) rename bin/tests/system/views/ns2/{named2.conf => named2.conf.in} (90%) rename bin/tests/system/views/ns3/{named1.conf => named1.conf.in} (83%) rename bin/tests/system/views/ns3/{named2.conf => named2.conf.in} (81%) rename bin/tests/system/views/ns5/{named.conf => named.conf.in} (81%) rename bin/tests/system/wildcard/ns1/{named.conf => named.conf.in} (90%) rename bin/tests/system/wildcard/ns2/{named.conf => named.conf.in} (83%) rename bin/tests/system/wildcard/ns3/{named.conf => named.conf.in} (84%) rename bin/tests/system/wildcard/ns4/{named.conf => named.conf.in} (85%) rename bin/tests/system/wildcard/ns5/{named.conf => named.conf.in} (85%) rename bin/tests/system/xfer/ns1/{named.conf => named.conf.in} (86%) rename bin/tests/system/xfer/ns2/{named.conf => named.conf.in} (86%) rename bin/tests/system/xfer/ns3/{named.conf => named.conf.in} (87%) rename bin/tests/system/xfer/ns6/{named.conf => named.conf.in} (89%) rename bin/tests/system/xfer/ns7/{named.conf => named.conf.in} (86%) rename bin/tests/system/xfer/ns8/{named.conf => named.conf.in} (89%) rename bin/tests/system/xferquota/ns1/{named.conf => named.conf.in} (81%) rename bin/tests/system/xferquota/ns2/{named.conf => named.conf.in} (87%) rename bin/tests/system/zero/ns1/{named.conf => named.conf.in} (83%) rename bin/tests/system/zero/ns2/{named.conf => named.conf.in} (85%) rename bin/tests/system/zero/ns3/{named.conf => named.conf.in} (83%) rename bin/tests/system/zero/ns4/{named.conf => named.conf.in} (85%) rename bin/tests/system/zonechecks/ns1/{named.conf => named.conf.in} (91%) rename bin/tests/system/zonechecks/ns2/{named.conf => named.conf.in} (81%) diff --git a/bin/tests/system/Makefile.in b/bin/tests/system/Makefile.in index 2ab0d3c586..ed3b31f146 100644 --- a/bin/tests/system/Makefile.in +++ b/bin/tests/system/Makefile.in @@ -46,7 +46,26 @@ feature-test@EXEEXT@: feature-test.@O@ # Define the tests that can be run in parallel. This should be identical to # the definition of PARALLELDIRS in conf.sh. -PARALLEL = allow_query catz rpzrecurse serve-stale +PARALLEL = acl additional addzone allow_query auth autosign \ + builtin cacheclean case catz cds chain \ + checkconf checknames checkzone \ + @CHECKDS@ @COVERAGE@ @KEYMGR@ \ + cookie database digdelv dlv dlz dlzexternal \ + dns64 dnssec @DNSTAP@ dscp dsdigest dyndb \ + ednscompliance emptyzones \ + fetchlimit filter-aaaa formerr forward \ + geoip glue inline integrity ixfr keepalive \ + legacy limits logfileconfig \ + masterfile masterformat metadata mkeys \ + names notify nslookup nsupdate nzd2nzf \ + padding pending pipelined \ + reclimit redirect resolver rndc rpz rpzrecurse \ + rrchecker rrl rrsetorder rsabigexponent runtime \ + serve-stale sfcache smartsign sortlist \ + spf staticstub statistics statschannel stub synthfromdnssec \ + tcp tools tsig tsiggss \ + unknown upforwd verify views wildcard \ + xfer xferquota zero zonechecks # Produce intermediate makefile that assigns unique port numbers to each # parallel test. The start port number of 5,000 is arbitrary - it must just @@ -56,11 +75,13 @@ PARALLEL = allow_query catz rpzrecurse serve-stale # underscores in target names and requires explicit differentiation # between a target name and a directory name (.PHONY is not supported). +.PHONY: parallel.mk + parallel.mk: - @PARALLEL_SANITIZED=`echo $(PARALLEL) | sed "s|\([^ ][^ ]*\)|test-\1|g;" | tr _ -` ; \ + PARALLEL_SANITIZED=`echo $(PARALLEL) | sed "s|\([^ ][^ ]*\)|test-\1|g;" | tr _ -` ; \ echo ".PHONY: $$PARALLEL_SANITIZED" > $@ ; \ echo "" >> $@ ; \ - echo "check: $$PARALLEL_SANITIZED" >> $@ ; \ + echo "test check: $$PARALLEL_SANITIZED" >> $@ ; \ port=$${STARTPORT:-5000} ; \ for directory in $(PARALLEL) ; do \ echo "" >> $@ ; \ diff --git a/bin/tests/system/README b/bin/tests/system/README index 4e59cf5aa5..29ad047ea8 100644 --- a/bin/tests/system/README +++ b/bin/tests/system/README @@ -334,7 +334,7 @@ are: PORT Number to be used for the query port. CONTROLPORT Number to be used as the RNDC control port. - EXTRAPORT1 - EXTRAPORT8 Eight port numbers that can be use as needed. + EXTRAPORT1 - EXTRAPORT8 Eight port numbers that can be used as needed. Two other environment variables are defined: diff --git a/bin/tests/system/acl/clean.sh b/bin/tests/system/acl/clean.sh index 508b807061..6164174ea8 100644 --- a/bin/tests/system/acl/clean.sh +++ b/bin/tests/system/acl/clean.sh @@ -11,7 +11,8 @@ # rm -f dig.out.* -rm -f ns2/example.db ns2/tsigzone.db ns2/example.db.jnl ns2/named.conf +rm -f ns2/example.db ns2/tsigzone.db ns2/example.db.jnl +rm -f */named.conf rm -f */named.memstats rm -f */named.run rm -f ns*/named.lock diff --git a/bin/tests/system/acl/ns2/named1.conf b/bin/tests/system/acl/ns2/named1.conf.in similarity index 84% rename from bin/tests/system/acl/ns2/named1.conf rename to bin/tests/system/acl/ns2/named1.conf.in index 9c28c996b9..dd67c39714 100644 --- a/bin/tests/system/acl/ns2/named1.conf +++ b/bin/tests/system/acl/ns2/named1.conf.in @@ -6,15 +6,20 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named1.conf,v 1.2 2008/01/10 01:10:01 marka Exp $ */ +key rndc_key { + secret "1234abcd8765"; + algorithm hmac-sha256; +}; -controls { /* empty */ }; +controls { + inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; +}; options { query-source address 10.53.0.2; notify-source 10.53.0.2; transfer-source 10.53.0.2; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.2; }; listen-on-v6 { none; }; @@ -24,8 +29,6 @@ options { check-integrity no; }; -include "../../common/controls.conf"; - key one { algorithm hmac-md5; secret "1234abcd8765"; diff --git a/bin/tests/system/acl/ns2/named2.conf b/bin/tests/system/acl/ns2/named2.conf.in similarity index 86% rename from bin/tests/system/acl/ns2/named2.conf rename to bin/tests/system/acl/ns2/named2.conf.in index 842f16c845..982b056a61 100644 --- a/bin/tests/system/acl/ns2/named2.conf +++ b/bin/tests/system/acl/ns2/named2.conf.in @@ -6,15 +6,20 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named2.conf,v 1.3 2008/01/21 20:38:54 each Exp $ */ +key rndc_key { + secret "1234abcd8765"; + algorithm hmac-sha256; +}; -controls { /* empty */ }; +controls { + inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; +}; options { query-source address 10.53.0.2; notify-source 10.53.0.2; transfer-source 10.53.0.2; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.2; }; listen-on-v6 { none; }; @@ -24,8 +29,6 @@ options { check-integrity no; }; -include "../../common/controls.conf"; - key one { algorithm hmac-md5; secret "1234abcd8765"; diff --git a/bin/tests/system/acl/ns2/named3.conf b/bin/tests/system/acl/ns2/named3.conf.in similarity index 86% rename from bin/tests/system/acl/ns2/named3.conf rename to bin/tests/system/acl/ns2/named3.conf.in index 3504687232..4eb8516491 100644 --- a/bin/tests/system/acl/ns2/named3.conf +++ b/bin/tests/system/acl/ns2/named3.conf.in @@ -6,15 +6,20 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named3.conf,v 1.2 2008/01/10 01:10:01 marka Exp $ */ +key rndc_key { + secret "1234abcd8765"; + algorithm hmac-sha256; +}; -controls { /* empty */ }; +controls { + inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; +}; options { query-source address 10.53.0.2; notify-source 10.53.0.2; transfer-source 10.53.0.2; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.2; }; listen-on-v6 { none; }; @@ -24,8 +29,6 @@ options { check-integrity no; }; -include "../../common/controls.conf"; - key one { algorithm hmac-md5; secret "1234abcd8765"; diff --git a/bin/tests/system/acl/ns2/named4.conf b/bin/tests/system/acl/ns2/named4.conf.in similarity index 86% rename from bin/tests/system/acl/ns2/named4.conf rename to bin/tests/system/acl/ns2/named4.conf.in index d16d9ebef9..a7f20de6f9 100644 --- a/bin/tests/system/acl/ns2/named4.conf +++ b/bin/tests/system/acl/ns2/named4.conf.in @@ -6,15 +6,20 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named4.conf,v 1.2 2008/01/10 01:10:01 marka Exp $ */ +key rndc_key { + secret "1234abcd8765"; + algorithm hmac-sha256; +}; -controls { /* empty */ }; +controls { + inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; +}; options { query-source address 10.53.0.2; notify-source 10.53.0.2; transfer-source 10.53.0.2; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.2; }; listen-on-v6 { none; }; @@ -24,8 +29,6 @@ options { check-integrity no; }; -include "../../common/controls.conf"; - key one { algorithm hmac-md5; secret "1234abcd8765"; diff --git a/bin/tests/system/acl/ns2/named5.conf b/bin/tests/system/acl/ns2/named5.conf.in similarity index 84% rename from bin/tests/system/acl/ns2/named5.conf rename to bin/tests/system/acl/ns2/named5.conf.in index 828ceb7b44..b8e82505f2 100644 --- a/bin/tests/system/acl/ns2/named5.conf +++ b/bin/tests/system/acl/ns2/named5.conf.in @@ -6,15 +6,20 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named1.conf,v 1.2 2008/01/10 01:10:01 marka Exp $ */ +key rndc_key { + secret "1234abcd8765"; + algorithm hmac-sha256; +}; -controls { /* empty */ }; +controls { + inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; +}; options { query-source address 10.53.0.2; notify-source 10.53.0.2; transfer-source 10.53.0.2; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.2; }; listen-on-v6 { none; }; @@ -25,8 +30,6 @@ options { allow-query-on { 10.53.0.2; }; }; -include "../../common/controls.conf"; - key one { algorithm hmac-md5; secret "1234abcd8765"; diff --git a/bin/tests/system/acl/ns2/named6.conf b/bin/tests/system/acl/ns2/named6.conf.in similarity index 82% rename from bin/tests/system/acl/ns2/named6.conf rename to bin/tests/system/acl/ns2/named6.conf.in index c2ac78b62d..f78b4be7ee 100644 --- a/bin/tests/system/acl/ns2/named6.conf +++ b/bin/tests/system/acl/ns2/named6.conf.in @@ -6,13 +6,20 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -controls { /* empty */ }; +key rndc_key { + secret "1234abcd8765"; + algorithm hmac-sha256; +}; + +controls { + inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; +}; options { query-source address 10.53.0.2; notify-source 10.53.0.2; transfer-source 10.53.0.2; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.2; }; listen-on-v6 { none; }; @@ -23,8 +30,6 @@ options { allow-query-on { 10.53.0.2; }; }; -include "../../common/controls.conf"; - zone "." { type hint; file "../../common/root.hint"; diff --git a/bin/tests/system/acl/ns2/named7.conf b/bin/tests/system/acl/ns2/named7.conf.in similarity index 84% rename from bin/tests/system/acl/ns2/named7.conf rename to bin/tests/system/acl/ns2/named7.conf.in index eb58d4c925..5f6e1276ad 100644 --- a/bin/tests/system/acl/ns2/named7.conf +++ b/bin/tests/system/acl/ns2/named7.conf.in @@ -6,13 +6,20 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -controls { /* empty */ }; +key rndc_key { + secret "1234abcd8765"; + algorithm hmac-sha256; +}; + +controls { + inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; +}; options { query-source address 10.53.0.2; notify-source 10.53.0.2; transfer-source 10.53.0.2; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.2; }; listen-on-v6 { none; }; @@ -23,8 +30,6 @@ options { allow-query-on { 10.53.0.2; }; }; -include "../../common/controls.conf"; - view one { match-clients { ecs 192.0.2/24; }; diff --git a/bin/tests/system/acl/ns3/named.conf b/bin/tests/system/acl/ns3/named.conf.in similarity index 87% rename from bin/tests/system/acl/ns3/named.conf rename to bin/tests/system/acl/ns3/named.conf.in index a1531386ec..8260f3c5fe 100644 --- a/bin/tests/system/acl/ns3/named.conf +++ b/bin/tests/system/acl/ns3/named.conf.in @@ -10,7 +10,7 @@ options { query-source address 10.53.0.3; notify-source 10.53.0.3; transfer-source 10.53.0.3; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.3; }; listen-on-v6 { none; }; @@ -21,7 +21,7 @@ options { }; controls { - inet 10.53.0.3 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.3 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; key rndc_key { diff --git a/bin/tests/system/acl/ns4/named.conf b/bin/tests/system/acl/ns4/named.conf.in similarity index 88% rename from bin/tests/system/acl/ns4/named.conf rename to bin/tests/system/acl/ns4/named.conf.in index 9bc07ab06b..2453701570 100644 --- a/bin/tests/system/acl/ns4/named.conf +++ b/bin/tests/system/acl/ns4/named.conf.in @@ -10,7 +10,7 @@ options { query-source address 10.53.0.4; notify-source 10.53.0.4; transfer-source 10.53.0.4; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.4; }; listen-on-v6 { none; }; @@ -21,7 +21,7 @@ options { }; controls { - inet 10.53.0.4 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.4 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; key rndc_key { diff --git a/bin/tests/system/acl/setup.sh b/bin/tests/system/acl/setup.sh index 13a0996875..4bb9a1f385 100644 --- a/bin/tests/system/acl/setup.sh +++ b/bin/tests/system/acl/setup.sh @@ -9,6 +9,9 @@ SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh +$SHELL clean.sh $SHELL ../genzone.sh 2 3 >ns2/example.db $SHELL ../genzone.sh 2 3 >ns2/tsigzone.db -cp -f ns2/named1.conf ns2/named.conf +copy_setports ns2/named1.conf.in ns2/named.conf +copy_setports ns3/named.conf.in ns3/named.conf +copy_setports ns4/named.conf.in ns4/named.conf diff --git a/bin/tests/system/acl/tests.sh b/bin/tests/system/acl/tests.sh index 18ee1ebe84..0954fdd55e 100644 --- a/bin/tests/system/acl/tests.sh +++ b/bin/tests/system/acl/tests.sh @@ -6,231 +6,228 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -# $Id: tests.sh,v 1.4 2008/07/19 00:02:14 each Exp $ - SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh -DIGOPTS="+tcp +noadd +nosea +nostat +noquest +nocomm +nocmd" +DIGOPTS="+tcp +noadd +nosea +nostat +noquest +nocomm +nocmd -p ${PORT}" +RNDCCMD="$RNDC -c $SYSTEMTESTTOP/common/rndc.conf -p ${CONTROLPORT} -s" status=0 t=0 -echo "I:testing basic ACL processing" +echo_i "testing basic ACL processing" # key "one" should fail t=`expr $t + 1` $DIG $DIGOPTS tsigzone. \ - @10.53.0.2 -b 10.53.0.1 axfr -y one:1234abcd8765 -p 5300 > dig.out.${t} -grep "^;" dig.out.${t} > /dev/null 2>&1 || { echo "I:test $t failed" ; status=1; } + @10.53.0.2 -b 10.53.0.1 axfr -y one:1234abcd8765 > dig.out.${t} +grep "^;" dig.out.${t} > /dev/null 2>&1 || { echo_i "test $t failed" ; status=1; } # any other key should be fine t=`expr $t + 1` $DIG $DIGOPTS tsigzone. \ - @10.53.0.2 -b 10.53.0.1 axfr -y two:1234abcd8765 -p 5300 > dig.out.${t} -grep "^;" dig.out.${t} > /dev/null 2>&1 && { echo "I:test $t failed" ; status=1; } + @10.53.0.2 -b 10.53.0.1 axfr -y two:1234abcd8765 > dig.out.${t} +grep "^;" dig.out.${t} > /dev/null 2>&1 && { echo_i "test $t failed" ; status=1; } -cp -f ns2/named2.conf ns2/named.conf -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 reload 2>&1 | sed 's/^/I:ns2 /' +copy_setports ns2/named2.conf.in ns2/named.conf +$RNDCCMD 10.53.0.2 reload 2>&1 | sed 's/^/ns2 /' | cat_i sleep 5 # prefix 10/8 should fail t=`expr $t + 1` $DIG $DIGOPTS tsigzone. \ - @10.53.0.2 -b 10.53.0.1 axfr -y one:1234abcd8765 -p 5300 > dig.out.${t} -grep "^;" dig.out.${t} > /dev/null 2>&1 || { echo "I:test $t failed" ; status=1; } + @10.53.0.2 -b 10.53.0.1 axfr -y one:1234abcd8765 > dig.out.${t} +grep "^;" dig.out.${t} > /dev/null 2>&1 || { echo_i "test $t failed" ; status=1; } # any other address should work, as long as it sends key "one" t=`expr $t + 1` $DIG $DIGOPTS tsigzone. \ - @10.53.0.2 -b 127.0.0.1 axfr -y two:1234abcd8765 -p 5300 > dig.out.${t} -grep "^;" dig.out.${t} > /dev/null 2>&1 || { echo "I:test $t failed" ; status=1; } + @10.53.0.2 -b 127.0.0.1 axfr -y two:1234abcd8765 > dig.out.${t} +grep "^;" dig.out.${t} > /dev/null 2>&1 || { echo_i "test $t failed" ; status=1; } t=`expr $t + 1` $DIG $DIGOPTS tsigzone. \ - @10.53.0.2 -b 127.0.0.1 axfr -y one:1234abcd8765 -p 5300 > dig.out.${t} -grep "^;" dig.out.${t} > /dev/null 2>&1 && { echo "I:test $t failed" ; status=1; } + @10.53.0.2 -b 127.0.0.1 axfr -y one:1234abcd8765 > dig.out.${t} +grep "^;" dig.out.${t} > /dev/null 2>&1 && { echo_i "test $t failed" ; status=1; } -echo "I:testing nested ACL processing" +echo_i "testing nested ACL processing" # all combinations of 10.53.0.{1|2} with key {one|two}, should succeed -cp -f ns2/named3.conf ns2/named.conf -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 reload 2>&1 | sed 's/^/I:ns2 /' +copy_setports ns2/named3.conf.in ns2/named.conf +$RNDCCMD 10.53.0.2 reload 2>&1 | sed 's/^/ns2 /' | cat_i sleep 5 # should succeed t=`expr $t + 1` $DIG $DIGOPTS tsigzone. \ - @10.53.0.2 -b 10.53.0.2 axfr -y two:1234abcd8765 -p 5300 > dig.out.${t} -grep "^;" dig.out.${t} > /dev/null 2>&1 && { echo "I:test $t failed" ; status=1; } + @10.53.0.2 -b 10.53.0.2 axfr -y two:1234abcd8765 > dig.out.${t} +grep "^;" dig.out.${t} > /dev/null 2>&1 && { echo_i "test $t failed" ; status=1; } # should succeed t=`expr $t + 1` $DIG $DIGOPTS tsigzone. \ - @10.53.0.2 -b 10.53.0.2 axfr -y one:1234abcd8765 -p 5300 > dig.out.${t} -grep "^;" dig.out.${t} > /dev/null 2>&1 && { echo "I:test $t failed" ; status=1; } + @10.53.0.2 -b 10.53.0.2 axfr -y one:1234abcd8765 > dig.out.${t} +grep "^;" dig.out.${t} > /dev/null 2>&1 && { echo_i "test $t failed" ; status=1; } # should succeed t=`expr $t + 1` $DIG $DIGOPTS tsigzone. \ - @10.53.0.2 -b 10.53.0.1 axfr -y two:1234abcd8765 -p 5300 > dig.out.${t} -grep "^;" dig.out.${t} > /dev/null 2>&1 && { echo "I:test $t failed" ; status=1; } + @10.53.0.2 -b 10.53.0.1 axfr -y two:1234abcd8765 > dig.out.${t} +grep "^;" dig.out.${t} > /dev/null 2>&1 && { echo_i "test $t failed" ; status=1; } # should succeed t=`expr $t + 1` $DIG $DIGOPTS tsigzone. \ - @10.53.0.2 -b 10.53.0.1 axfr -y two:1234abcd8765 -p 5300 > dig.out.${t} -grep "^;" dig.out.${t} > /dev/null 2>&1 && { echo "I:test $t failed" ; status=1; } + @10.53.0.2 -b 10.53.0.1 axfr -y two:1234abcd8765 > dig.out.${t} +grep "^;" dig.out.${t} > /dev/null 2>&1 && { echo_i "test $t failed" ; status=1; } # but only one or the other should fail t=`expr $t + 1` $DIG $DIGOPTS tsigzone. \ - @10.53.0.2 -b 127.0.0.1 axfr -y one:1234abcd8765 -p 5300 > dig.out.${t} -grep "^;" dig.out.${t} > /dev/null 2>&1 || { echo "I:test $t failed" ; status=1; } + @10.53.0.2 -b 127.0.0.1 axfr -y one:1234abcd8765 > dig.out.${t} +grep "^;" dig.out.${t} > /dev/null 2>&1 || { echo_i "test $t failed" ; status=1; } t=`expr $t + 1` $DIG $DIGOPTS tsigzone. \ - @10.53.0.2 -b 10.53.0.2 axfr -p 5300 > dig.out.${t} -grep "^;" dig.out.${t} > /dev/null 2>&1 || { echo "I:test $tt failed" ; status=1; } + @10.53.0.2 -b 10.53.0.2 axfr > dig.out.${t} +grep "^;" dig.out.${t} > /dev/null 2>&1 || { echo_i "test $tt failed" ; status=1; } # and other values? right out t=`expr $t + 1` $DIG $DIGOPTS tsigzone. \ - @10.53.0.2 -b 127.0.0.1 axfr -y three:1234abcd8765 -p 5300 > dig.out.${t} -grep "^;" dig.out.${t} > /dev/null 2>&1 || { echo "I:test $t failed" ; status=1; } + @10.53.0.2 -b 127.0.0.1 axfr -y three:1234abcd8765 > dig.out.${t} +grep "^;" dig.out.${t} > /dev/null 2>&1 || { echo_i "test $t failed" ; status=1; } # now we only allow 10.53.0.1 *and* key one, or 10.53.0.2 *and* key two -cp -f ns2/named4.conf ns2/named.conf -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 reload 2>&1 | sed 's/^/I:ns2 /' +copy_setports ns2/named4.conf.in ns2/named.conf +$RNDCCMD 10.53.0.2 reload 2>&1 | sed 's/^/ns2 /' | cat_i sleep 5 # should succeed t=`expr $t + 1` $DIG $DIGOPTS tsigzone. \ - @10.53.0.2 -b 10.53.0.2 axfr -y two:1234abcd8765 -p 5300 > dig.out.${t} -grep "^;" dig.out.${t} > /dev/null 2>&1 && { echo "I:test $t failed" ; status=1; } + @10.53.0.2 -b 10.53.0.2 axfr -y two:1234abcd8765 > dig.out.${t} +grep "^;" dig.out.${t} > /dev/null 2>&1 && { echo_i "test $t failed" ; status=1; } # should succeed t=`expr $t + 1` $DIG $DIGOPTS tsigzone. \ - @10.53.0.2 -b 10.53.0.1 axfr -y one:1234abcd8765 -p 5300 > dig.out.${t} -grep "^;" dig.out.${t} > /dev/null 2>&1 && { echo "I:test $t failed" ; status=1; } + @10.53.0.2 -b 10.53.0.1 axfr -y one:1234abcd8765 > dig.out.${t} +grep "^;" dig.out.${t} > /dev/null 2>&1 && { echo_i "test $t failed" ; status=1; } # should fail t=`expr $t + 1` $DIG $DIGOPTS tsigzone. \ - @10.53.0.2 -b 10.53.0.2 axfr -y one:1234abcd8765 -p 5300 > dig.out.${t} -grep "^;" dig.out.${t} > /dev/null 2>&1 || { echo "I:test $t failed" ; status=1; } + @10.53.0.2 -b 10.53.0.2 axfr -y one:1234abcd8765 > dig.out.${t} +grep "^;" dig.out.${t} > /dev/null 2>&1 || { echo_i "test $t failed" ; status=1; } # should fail t=`expr $t + 1` $DIG $DIGOPTS tsigzone. \ - @10.53.0.2 -b 10.53.0.1 axfr -y two:1234abcd8765 -p 5300 > dig.out.${t} -grep "^;" dig.out.${t} > /dev/null 2>&1 || { echo "I:test $t failed" ; status=1; } + @10.53.0.2 -b 10.53.0.1 axfr -y two:1234abcd8765 > dig.out.${t} +grep "^;" dig.out.${t} > /dev/null 2>&1 || { echo_i "test $t failed" ; status=1; } # should fail t=`expr $t + 1` $DIG $DIGOPTS tsigzone. \ - @10.53.0.2 -b 10.53.0.3 axfr -y one:1234abcd8765 -p 5300 > dig.out.${t} -grep "^;" dig.out.${t} > /dev/null 2>&1 || { echo "I:test $t failed" ; status=1; } + @10.53.0.2 -b 10.53.0.3 axfr -y one:1234abcd8765 > dig.out.${t} +grep "^;" dig.out.${t} > /dev/null 2>&1 || { echo_i "test $t failed" ; status=1; } -echo "I:testing allow-query-on ACL processing" -cp -f ns2/named5.conf ns2/named.conf -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 reload 2>&1 | sed 's/^/I:ns2 /' +echo_i "testing allow-query-on ACL processing" +copy_setports ns2/named5.conf.in ns2/named.conf +$RNDCCMD 10.53.0.2 reload 2>&1 | sed 's/^/ns2 /' | cat_i sleep 5 t=`expr $t + 1` -$DIG +tcp soa example. \ - @10.53.0.2 -b 10.53.0.3 -p 5300 > dig.out.${t} -grep "status: NOERROR" dig.out.${t} > /dev/null 2>&1 || { echo "I:test $t failed" ; status=1; } +$DIG -p ${PORT} +tcp soa example. \ + @10.53.0.2 -b 10.53.0.3 > dig.out.${t} +grep "status: NOERROR" dig.out.${t} > /dev/null 2>&1 || { echo_i "test $t failed" ; status=1; } -echo "I:testing EDNS client-subnet ACL processing" -cp -f ns2/named6.conf ns2/named.conf -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 reload 2>&1 | sed 's/^/I:ns2 /' +echo_i "testing EDNS client-subnet ACL processing" +copy_setports ns2/named6.conf.in ns2/named.conf +$RNDCCMD 10.53.0.2 reload 2>&1 | sed 's/^/ns2 /' | cat_i sleep 5 # should fail t=`expr $t + 1` $DIG $DIGOPTS tsigzone. \ - @10.53.0.2 -b 10.53.0.2 axfr -p 5300 > dig.out.${t} -grep "^;" dig.out.${t} > /dev/null 2>&1 || { echo "I:test $t failed" ; status=1; } + @10.53.0.2 -b 10.53.0.2 axfr > dig.out.${t} +grep "^;" dig.out.${t} > /dev/null 2>&1 || { echo_i "test $t failed" ; status=1; } # should succeed t=`expr $t + 1` $DIG $DIGOPTS tsigzone. \ - @10.53.0.2 -b 10.53.0.2 +subnet="10.53.0/24" axfr -p 5300 > dig.out.${t} -grep "^;" dig.out.${t} > /dev/null 2>&1 && { echo "I:test $t failed" ; status=1; } + @10.53.0.2 -b 10.53.0.2 +subnet="10.53.0/24" axfr > dig.out.${t} +grep "^;" dig.out.${t} > /dev/null 2>&1 && { echo_i "test $t failed" ; status=1; } -echo "I:testing EDNS client-subnet response scope" -cp -f ns2/named7.conf ns2/named.conf -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 reload 2>&1 | sed 's/^/I:ns2 /' +echo_i "testing EDNS client-subnet response scope" +copy_setports ns2/named7.conf.in ns2/named.conf +$RNDCCMD 10.53.0.2 reload 2>&1 | sed 's/^/ns2 /' | cat_i sleep 5 t=`expr $t + 1` -$DIG example. soa @10.53.0.2 +subnet="10.53.0.1/32" -p 5300 > dig.out.${t} -grep "CLIENT-SUBNET.*10.53.0.1/32/0" dig.out.${t} > /dev/null || { echo "I:test $t failed" ; status=1; } +$DIG -p ${PORT} example. soa @10.53.0.2 +subnet="10.53.0.1/32" > dig.out.${t} +grep "CLIENT-SUBNET.*10.53.0.1/32/0" dig.out.${t} > /dev/null || { echo_i "test $t failed" ; status=1; } t=`expr $t + 1` -$DIG example. soa @10.53.0.2 +subnet="192.0.2.128/32" -p 5300 > dig.out.${t} -grep "CLIENT-SUBNET.*192.0.2.128/32/24" dig.out.${t} > /dev/null || { echo "I:test $t failed" ; status=1; } +$DIG -p ${PORT} example. soa @10.53.0.2 +subnet="192.0.2.128/32" > dig.out.${t} +grep "CLIENT-SUBNET.*192.0.2.128/32/24" dig.out.${t} > /dev/null || { echo_i "test $t failed" ; status=1; } # AXFR tests against ns3 -echo "I:testing allow-transfer ACLs against ns3 (no existing zones)" - -echo "I:calling addzone example.com on ns3" -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 addzone 'example.com {type master; file "example.db"; }; ' +echo_i "testing allow-transfer ACLs against ns3 (no existing zones)" +echo_i "calling addzone example.com on ns3" +$RNDCCMD 10.53.0.3 addzone 'example.com {type master; file "example.db"; }; ' sleep 1 t=`expr $t + 1` ret=0 -echo "I:checking AXFR of example.com from ns3 with ACL allow-transfer { none; }; (${t})" -$DIG @10.53.0.3 -p 5300 example.com axfr > dig.out.${t} 2>&1 +echo_i "checking AXFR of example.com from ns3 with ACL allow-transfer { none; }; (${t})" +$DIG -p ${PORT} @10.53.0.3 example.com axfr > dig.out.${t} 2>&1 grep "Transfer failed." dig.out.${t} >/dev/null 2>&1 || ret=1 -[ $ret -eq 0 ] || echo "I:failed" +[ $ret -eq 0 ] || echo_i "failed" status=`expr $status + $ret` -echo "I:calling rndc reconfig" -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 reconfig +echo_i "calling rndc reconfig" +$RNDCCMD 10.53.0.3 reconfig 2>&1 | sed 's/^/ns3 /' | cat_i sleep 1 t=`expr $t + 1` ret=0 -echo "I:re-checking AXFR of example.com from ns3 with ACL allow-transfer { none; }; (${t})" -$DIG @10.53.0.3 -p 5300 example.com axfr > dig.out.${t} 2>&1 +echo_i "re-checking AXFR of example.com from ns3 with ACL allow-transfer { none; }; (${t})" +$DIG -p ${PORT} @10.53.0.3 example.com axfr > dig.out.${t} 2>&1 grep "Transfer failed." dig.out.${t} >/dev/null 2>&1 || ret=1 -[ $ret -eq 0 ] || echo "I:failed" +[ $ret -eq 0 ] || echo_i "failed" status=`expr $status + $ret` # AXFR tests against ns4 -echo "I:testing allow-transfer ACLs against ns4 (1 pre-existing zone)" +echo_i "testing allow-transfer ACLs against ns4 (1 pre-existing zone)" -echo "I:calling addzone example.com on ns4" -$RNDC -c ../common/rndc.conf -s 10.53.0.4 -p 9953 addzone 'example.com {type master; file "example.db"; }; ' +echo_i "calling addzone example.com on ns4" +$RNDCCMD 10.53.0.4 addzone 'example.com {type master; file "example.db"; }; ' +sleep 1 + +t=`expr $t + 1` +ret=0 +echo_i "checking AXFR of example.com from ns4 with ACL allow-transfer { none; }; (${t})" +$DIG -p ${PORT} @10.53.0.4 example.com axfr > dig.out.${t} 2>&1 +grep "Transfer failed." dig.out.${t} >/dev/null 2>&1 || ret=1 +[ $ret -eq 0 ] || echo_i "failed" +status=`expr $status + $ret` + +echo_i "calling rndc reconfig" +$RNDCCMD 10.53.0.4 reconfig 2>&1 | sed 's/^/ns4 /' | cat_i sleep 1 t=`expr $t + 1` ret=0 -echo "I:checking AXFR of example.com from ns4 with ACL allow-transfer { none; }; (${t})" -$DIG @10.53.0.4 -p 5300 example.com axfr > dig.out.${t} 2>&1 +echo_i "re-checking AXFR of example.com from ns4 with ACL allow-transfer { none; }; (${t})" +$DIG -p ${PORT} @10.53.0.4 example.com axfr > dig.out.${t} 2>&1 grep "Transfer failed." dig.out.${t} >/dev/null 2>&1 || ret=1 -[ $ret -eq 0 ] || echo "I:failed" +[ $ret -eq 0 ] || echo_i "failed" status=`expr $status + $ret` -echo "I:calling rndc reconfig" -$RNDC -c ../common/rndc.conf -s 10.53.0.4 -p 9953 reconfig - -sleep 1 - -t=`expr $t + 1` -ret=0 -echo "I:re-checking AXFR of example.com from ns4 with ACL allow-transfer { none; }; (${t})" -$DIG @10.53.0.4 -p 5300 example.com axfr > dig.out.${t} 2>&1 -grep "Transfer failed." dig.out.${t} >/dev/null 2>&1 || ret=1 -[ $ret -eq 0 ] || echo "I:failed" -status=`expr $status + $ret` - -echo "I:exit status: $status" +echo_i "exit status: $status" [ $status -eq 0 ] || exit 1 diff --git a/bin/tests/system/additional/clean.sh b/bin/tests/system/additional/clean.sh index 235b730608..1d08ac14fe 100644 --- a/bin/tests/system/additional/clean.sh +++ b/bin/tests/system/additional/clean.sh @@ -12,6 +12,6 @@ rm -f dig.out.* rm -f */named.memstats -rm -f ns1/named.conf +rm -f */named.conf rm -f */named.run rm -f ns*/named.lock diff --git a/bin/tests/system/additional/ns1/named1.conf b/bin/tests/system/additional/ns1/named1.conf.in similarity index 86% rename from bin/tests/system/additional/ns1/named1.conf rename to bin/tests/system/additional/ns1/named1.conf.in index e1fcc5760f..6ee1f63609 100644 --- a/bin/tests/system/additional/ns1/named1.conf +++ b/bin/tests/system/additional/ns1/named1.conf.in @@ -6,14 +6,12 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.5 2007/06/19 23:47:06 tbox Exp $ */ - options { query-source address 10.53.0.1; notify-source 10.53.0.1; transfer-source 10.53.0.1; recursion no; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.1; }; listen-on-v6 { none; }; @@ -24,7 +22,7 @@ options { include "../../common/rndc.key"; controls { - inet 10.53.0.1 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.1 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; zone "rt.example" { diff --git a/bin/tests/system/additional/ns1/named2.conf b/bin/tests/system/additional/ns1/named2.conf.in similarity index 86% rename from bin/tests/system/additional/ns1/named2.conf rename to bin/tests/system/additional/ns1/named2.conf.in index c9e84d417a..64377702ea 100644 --- a/bin/tests/system/additional/ns1/named2.conf +++ b/bin/tests/system/additional/ns1/named2.conf.in @@ -6,14 +6,12 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.5 2007/06/19 23:47:06 tbox Exp $ */ - options { query-source address 10.53.0.1; notify-source 10.53.0.1; transfer-source 10.53.0.1; recursion no; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.1; }; listen-on-v6 { none; }; @@ -24,7 +22,7 @@ options { include "../../common/rndc.key"; controls { - inet 10.53.0.1 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.1 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; zone "rt.example" { diff --git a/bin/tests/system/additional/ns1/named3.conf b/bin/tests/system/additional/ns1/named3.conf.in similarity index 91% rename from bin/tests/system/additional/ns1/named3.conf rename to bin/tests/system/additional/ns1/named3.conf.in index 2fd39b8809..c6142ef993 100644 --- a/bin/tests/system/additional/ns1/named3.conf +++ b/bin/tests/system/additional/ns1/named3.conf.in @@ -11,7 +11,7 @@ options { notify-source 10.53.0.1; transfer-source 10.53.0.1; recursion no; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.1; }; listen-on-v6 { none; }; @@ -23,7 +23,7 @@ options { include "../../common/rndc.key"; controls { - inet 10.53.0.1 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.1 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; zone "rt.example" { diff --git a/bin/tests/system/additional/ns1/named4.conf b/bin/tests/system/additional/ns1/named4.conf.in similarity index 91% rename from bin/tests/system/additional/ns1/named4.conf rename to bin/tests/system/additional/ns1/named4.conf.in index 3cad480694..115447c652 100644 --- a/bin/tests/system/additional/ns1/named4.conf +++ b/bin/tests/system/additional/ns1/named4.conf.in @@ -11,7 +11,7 @@ options { notify-source 10.53.0.1; transfer-source 10.53.0.1; recursion no; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.1; }; listen-on-v6 { none; }; @@ -22,7 +22,7 @@ options { include "../../common/rndc.key"; controls { - inet 10.53.0.1 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.1 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; zone "mx.example" { diff --git a/bin/tests/system/additional/ns3/named.conf b/bin/tests/system/additional/ns3/named.conf.in similarity index 97% rename from bin/tests/system/additional/ns3/named.conf rename to bin/tests/system/additional/ns3/named.conf.in index d367b48412..1019865853 100644 --- a/bin/tests/system/additional/ns3/named.conf +++ b/bin/tests/system/additional/ns3/named.conf.in @@ -12,7 +12,7 @@ options { query-source address 10.53.0.3; notify-source 10.53.0.3; transfer-source 10.53.0.3; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.3; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/additional/setup.sh b/bin/tests/system/additional/setup.sh index e81257571c..5de1d35bfd 100644 --- a/bin/tests/system/additional/setup.sh +++ b/bin/tests/system/additional/setup.sh @@ -6,4 +6,9 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -cp -f ns1/named1.conf ns1/named.conf +SYSTEMTESTTOP=.. +. $SYSTEMTESTTOP/conf.sh + +$SHELL clean.sh +copy_setports ns1/named1.conf.in ns1/named.conf +copy_setports ns3/named.conf.in ns3/named.conf diff --git a/bin/tests/system/additional/tests.sh b/bin/tests/system/additional/tests.sh index ecae72a2f8..20a7688cd9 100644 --- a/bin/tests/system/additional/tests.sh +++ b/bin/tests/system/additional/tests.sh @@ -6,51 +6,52 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -# $Id: tests.sh,v 1.7 2011/11/06 23:46:40 tbox Exp $ - SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh +DIGOPTS="-p ${PORT}" +RNDCCMD="$RNDC -c $SYSTEMTESTTOP/common/rndc.conf -p ${CONTROLPORT} -s" + status=0 n=0 dotests() { n=`expr $n + 1` - echo "I:test with RT, single zone (+rec) ($n)" + echo_i "test with RT, single zone (+rec) ($n)" ret=0 - $DIG +rec -t RT rt.rt.example @10.53.0.1 -p 5300 > dig.out.$n || ret=1 + $DIG $DIGOPTS +rec -t RT rt.rt.example @10.53.0.1 > dig.out.$n || ret=1 if [ $ret -eq 1 ] ; then - echo "I: failed"; status=1 + echo_i " failed"; status=1 fi n=`expr $n + 1` - echo "I:test with RT, two zones (+rec) ($n)" + echo_i "test with RT, two zones (+rec) ($n)" ret=0 - $DIG +rec -t RT rt.rt2.example @10.53.0.1 -p 5300 > dig.out.$n || ret=1 + $DIG $DIGOPTS +rec -t RT rt.rt2.example @10.53.0.1 > dig.out.$n || ret=1 if [ $ret -eq 1 ] ; then - echo "I: failed"; status=1 + echo_i " failed"; status=1 fi n=`expr $n + 1` - echo "I:test with NAPTR, single zone (+rec) ($n)" + echo_i "test with NAPTR, single zone (+rec) ($n)" ret=0 - $DIG +rec -t NAPTR nap.naptr.example @10.53.0.1 -p 5300 > dig.out.$n || ret=1 + $DIG $DIGOPTS +rec -t NAPTR nap.naptr.example @10.53.0.1 > dig.out.$n || ret=1 if [ $ret -eq 1 ] ; then - echo "I: failed"; status=1 + echo_i " failed"; status=1 fi n=`expr $n + 1` - echo "I:test with NAPTR, two zones (+rec) ($n)" + echo_i "test with NAPTR, two zones (+rec) ($n)" ret=0 - $DIG +rec -t NAPTR nap.hang3b.example @10.53.0.1 -p 5300 > dig.out.$n || ret=1 + $DIG $DIGOPTS +rec -t NAPTR nap.hang3b.example @10.53.0.1 > dig.out.$n || ret=1 if [ $ret -eq 1 ] ; then - echo "I: failed"; status=1 + echo_i " failed"; status=1 fi n=`expr $n + 1` - echo "I:test with LP (+rec) ($n)" + echo_i "test with LP (+rec) ($n)" ret=0 - $DIG +rec -t LP nid2.nid.example @10.53.0.1 -p 5300 > dig.out.$n || ret=1 + $DIG $DIGOPTS +rec -t LP nid2.nid.example @10.53.0.1 > dig.out.$n || ret=1 case $minimal in no) grep -w "NS" dig.out.$n > /dev/null || ret=1 @@ -74,13 +75,13 @@ dotests() { ;; esac if [ $ret -eq 1 ] ; then - echo "I: failed"; status=1 + echo_i " failed"; status=1 fi n=`expr $n + 1` - echo "I:test with NID (+rec) ($n)" + echo_i "test with NID (+rec) ($n)" ret=0 - $DIG +rec -t NID ns1.nid.example @10.53.0.1 -p 5300 > dig.out.$n || ret=1 + $DIG $DIGOPTS +rec -t NID ns1.nid.example @10.53.0.1 > dig.out.$n || ret=1 if [ $minimal = no ] ; then # change && to || when we support NID additional processing grep -w "L64" dig.out.$n > /dev/null && ret=1 @@ -90,13 +91,13 @@ dotests() { grep -w "L32" dig.out.$n > /dev/null && ret=1 fi if [ $ret -eq 1 ] ; then - echo "I: failed"; status=1 + echo_i " failed"; status=1 fi n=`expr $n + 1` - echo "I:test with NID + LP (+rec) ($n)" + echo_i "test with NID + LP (+rec) ($n)" ret=0 - $DIG +rec -t NID nid2.nid.example @10.53.0.1 -p 5300 > dig.out.$n || ret=1 + $DIG $DIGOPTS +rec -t NID nid2.nid.example @10.53.0.1 > dig.out.$n || ret=1 if [ $minimal = no ] ; then # change && to || when we support NID additional processing grep -w "LP" dig.out.$n > /dev/null && ret=1 @@ -108,45 +109,45 @@ dotests() { grep -w "L32" dig.out.$n > /dev/null && ret=1 fi if [ $ret -eq 1 ] ; then - echo "I: failed"; status=1 + echo_i " failed"; status=1 fi n=`expr $n + 1` - echo "I:test with RT, single zone (+norec) ($n)" + echo_i "test with RT, single zone (+norec) ($n)" ret=0 - $DIG +norec -t RT rt.rt.example @10.53.0.1 -p 5300 > dig.out.$n || ret=1 + $DIG $DIGOPTS +norec -t RT rt.rt.example @10.53.0.1 > dig.out.$n || ret=1 if [ $ret -eq 1 ] ; then - echo "I: failed"; status=1 + echo_i " failed"; status=1 fi n=`expr $n + 1` - echo "I:test with RT, two zones (+norec) ($n)" + echo_i "test with RT, two zones (+norec) ($n)" ret=0 - $DIG +norec -t RT rt.rt2.example @10.53.0.1 -p 5300 > dig.out.$n || ret=1 + $DIG $DIGOPTS +norec -t RT rt.rt2.example @10.53.0.1 > dig.out.$n || ret=1 if [ $ret -eq 1 ] ; then - echo "I: failed"; status=1 + echo_i " failed"; status=1 fi n=`expr $n + 1` - echo "I:test with NAPTR, single zone (+norec) ($n)" + echo_i "test with NAPTR, single zone (+norec) ($n)" ret=0 - $DIG +norec -t NAPTR nap.naptr.example @10.53.0.1 -p 5300 > dig.out.$n || ret=1 + $DIG $DIGOPTS +norec -t NAPTR nap.naptr.example @10.53.0.1 > dig.out.$n || ret=1 if [ $ret -eq 1 ] ; then - echo "I: failed"; status=1 + echo_i " failed"; status=1 fi n=`expr $n + 1` - echo "I:test with NAPTR, two zones (+norec) ($n)" + echo_i "test with NAPTR, two zones (+norec) ($n)" ret=0 - $DIG +norec -t NAPTR nap.hang3b.example @10.53.0.1 -p 5300 > dig.out.$n || ret=1 + $DIG $DIGOPTS +norec -t NAPTR nap.hang3b.example @10.53.0.1 > dig.out.$n || ret=1 if [ $ret -eq 1 ] ; then - echo "I: failed"; status=1 + echo_i " failed"; status=1 fi n=`expr $n + 1` - echo "I:test with LP (+norec) ($n)" + echo_i "test with LP (+norec) ($n)" ret=0 - $DIG +norec -t LP nid2.nid.example @10.53.0.1 -p 5300 > dig.out.$n || ret=1 + $DIG $DIGOPTS +norec -t LP nid2.nid.example @10.53.0.1 > dig.out.$n || ret=1 case $minimal in no) grep -w "NS" dig.out.$n > /dev/null || ret=1 @@ -170,13 +171,13 @@ dotests() { ;; esac if [ $ret -eq 1 ] ; then - echo "I: failed"; status=1 + echo_i " failed"; status=1 fi n=`expr $n + 1` - echo "I:test with NID (+norec) ($n)" + echo_i "test with NID (+norec) ($n)" ret=0 - $DIG +norec -t NID ns1.nid.example @10.53.0.1 -p 5300 > dig.out.$n || ret=1 + $DIG $DIGOPTS +norec -t NID ns1.nid.example @10.53.0.1 > dig.out.$n || ret=1 if [ $minimal = no ] ; then # change && to || when we support NID additional processing grep -w "L64" dig.out.$n > /dev/null && ret=1 @@ -186,13 +187,13 @@ dotests() { grep -w "L32" dig.out.$n > /dev/null && ret=1 fi if [ $ret -eq 1 ] ; then - echo "I: failed"; status=1 + echo_i " failed"; status=1 fi n=`expr $n + 1` - echo "I:test with NID + LP (+norec) ($n)" + echo_i "test with NID + LP (+norec) ($n)" ret=0 - $DIG +norec -t NID nid2.nid.example @10.53.0.1 -p 5300 > dig.out.$n || ret=1 + $DIG $DIGOPTS +norec -t NID nid2.nid.example @10.53.0.1 > dig.out.$n || ret=1 if [ $minimal = no ] ; then # change && to || when we support NID additional processing grep -w "LP" dig.out.$n > /dev/null && ret=1 @@ -204,123 +205,123 @@ dotests() { grep -w "L32" dig.out.$n > /dev/null && ret=1 fi if [ $ret -eq 1 ] ; then - echo "I: failed"; status=1 + echo_i " failed"; status=1 fi } -echo "I:testing with 'minimal-responses yes;'" +echo_i "testing with 'minimal-responses yes;'" minimal=yes dotests -echo "I:reconfiguring server: minimal-responses no" -cp ns1/named2.conf ns1/named.conf -$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 reconfig 2>&1 | sed 's/^/I:ns1 /' +echo_i "reconfiguring server: minimal-responses no" +copy_setports ns1/named2.conf.in ns1/named.conf +$RNDCCMD 10.53.0.1 reconfig 2>&1 | sed 's/^/ns1 /' | cat_i sleep 2 -echo "I:testing with 'minimal-responses no;'" +echo_i "testing with 'minimal-responses no;'" minimal=no dotests n=`expr $n + 1` -echo "I:testing with 'minimal-any no;' ($n)" +echo_i "testing with 'minimal-any no;' ($n)" ret=0 -$DIG -t ANY www.rt.example @10.53.0.1 -p 5300 > dig.out.$n || ret=1 +$DIG $DIGOPTS -t ANY www.rt.example @10.53.0.1 > dig.out.$n || ret=1 grep "ANSWER: 3, AUTHORITY: 1, ADDITIONAL: 2" dig.out.$n > /dev/null || ret=1 if [ $ret -eq 1 ] ; then - echo "I: failed"; status=1 + echo_i " failed"; status=1 fi -echo "I:reconfiguring server: minimal-any yes" -cp ns1/named3.conf ns1/named.conf -$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 reconfig 2>&1 | sed 's/^/I:ns1 /' +echo_i "reconfiguring server: minimal-any yes" +copy_setports ns1/named3.conf.in ns1/named.conf +$RNDCCMD 10.53.0.1 reconfig 2>&1 | sed 's/^/ns1 /' | cat_i sleep 2 n=`expr $n + 1` -echo "I:testing with 'minimal-any yes;' over UDP ($n)" +echo_i "testing with 'minimal-any yes;' over UDP ($n)" ret=0 -$DIG -t ANY +notcp www.rt.example @10.53.0.1 -p 5300 > dig.out.$n || ret=1 +$DIG $DIGOPTS -t ANY +notcp www.rt.example @10.53.0.1 > dig.out.$n || ret=1 grep "ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1" dig.out.$n > /dev/null || ret=1 if [ $ret -eq 1 ] ; then - echo "I: failed"; status=1 + echo_i " failed"; status=1 fi n=`expr $n + 1` -echo "I:testing with 'minimal-any yes;' over TCP ($n)" +echo_i "testing with 'minimal-any yes;' over TCP ($n)" ret=0 -$DIG -t ANY +tcp www.rt.example @10.53.0.1 -p 5300 > dig.out.$n || ret=1 +$DIG $DIGOPTS -t ANY +tcp www.rt.example @10.53.0.1 > dig.out.$n || ret=1 grep "ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1" dig.out.$n > /dev/null || ret=1 if [ $ret -eq 1 ] ; then - echo "I: failed"; status=1 + echo_i " failed"; status=1 fi n=`expr $n + 1` -echo "I:testing with 'minimal-any yes;' over UDP ($n)" +echo_i "testing with 'minimal-any yes;' over UDP ($n)" ret=0 -$DIG -t ANY +notcp www.rt.example @10.53.0.1 -p 5300 > dig.out.$n || ret=1 +$DIG $DIGOPTS -t ANY +notcp www.rt.example @10.53.0.1 > dig.out.$n || ret=1 grep "ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1" dig.out.$n > /dev/null || ret=1 if [ $ret -eq 1 ] ; then - echo "I: failed"; status=1 + echo_i " failed"; status=1 fi -echo "I:testing with 'minimal-responses no-auth;'" +echo_i "testing with 'minimal-responses no-auth;'" minimal=no-auth dotests -echo "I:reconfiguring server: minimal-responses no-auth-recursive" -cp ns1/named4.conf ns1/named.conf -$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 reconfig 2>&1 | sed 's/^/I:ns1 /' +echo_i "reconfiguring server: minimal-responses no-auth-recursive" +copy_setports ns1/named4.conf.in ns1/named.conf +$RNDCCMD 10.53.0.1 reconfig 2>&1 | sed 's/^/ns1 /' | cat_i sleep 2 -echo "I:testing with 'minimal-responses no-auth-recursive;'" +echo_i "testing with 'minimal-responses no-auth-recursive;'" minimal=no-auth-recursive dotests n=`expr $n + 1` -echo "I:testing returning TLSA records with MX query ($n)" +echo_i "testing returning TLSA records with MX query ($n)" ret=0 -$DIG -t mx mx.example @10.53.0.1 -p 5300 > dig.out.$n || ret=1 +$DIG $DIGOPTS -t mx mx.example @10.53.0.1 > dig.out.$n || ret=1 grep "mx\.example\..*MX.0 mail\.mx\.example" dig.out.$n > /dev/null || ret=1 grep "mail\.mx\.example\..*A.1\.2\.3\.4" dig.out.$n > /dev/null || ret=1 grep "_25\._tcp\.mail\.mx\.example\..*TLSA.3 0 1 5B30F9602297D558EB719162C225088184FAA32CA45E1ED15DE58A21 D9FCE383" dig.out.$n > /dev/null || ret=1 if [ $ret -eq 1 ] ; then - echo "I: failed"; status=1 + echo_i " failed"; status=1 fi n=`expr $n + 1` -echo "I:testing returning TLSA records with SRV query ($n)" +echo_i "testing returning TLSA records with SRV query ($n)" ret=0 -$DIG -t srv _xmpp-client._tcp.srv.example @10.53.0.1 -p 5300 > dig.out.$n || ret=1 +$DIG $DIGOPTS -t srv _xmpp-client._tcp.srv.example @10.53.0.1 > dig.out.$n || ret=1 grep "_xmpp-client\._tcp\.srv\.example\..*SRV.1 0 5222 server\.srv\.example" dig.out.$n > /dev/null || ret=1 grep "server\.srv\.example\..*A.1\.2\.3\.4" dig.out.$n > /dev/null || ret=1 grep "_5222\._tcp\.server\.srv\.example\..*TLSA.3 0 1 5B30F9602297D558EB719162C225088184FAA32CA45E1ED15DE58A21 D9FCE383" dig.out.$n > /dev/null || ret=1 if [ $ret -eq 1 ] ; then - echo "I: failed"; status=1 + echo_i " failed"; status=1 fi -echo "I:reconfiguring server: minimal-responses no" -cp ns1/named2.conf ns1/named.conf -$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 reconfig 2>&1 | sed 's/^/I:ns1 /' +echo_i "reconfiguring server: minimal-responses no" +copy_setports ns1/named2.conf.in ns1/named.conf +$RNDCCMD 10.53.0.1 reconfig 2>&1 | sed 's/^/ns1 /' | cat_i sleep 2 n=`expr $n + 1` -echo "I:testing NS handling in ANY responses (authoritative) ($n)" +echo_i "testing NS handling in ANY responses (authoritative) ($n)" ret=0 -$DIG -t ANY rt.example @10.53.0.1 -p 5300 > dig.out.$n || ret=1 +$DIG $DIGOPTS -t ANY rt.example @10.53.0.1 > dig.out.$n || ret=1 grep "AUTHORITY: 0" dig.out.$n > /dev/null || ret=1 grep "NS[ ]*ns" dig.out.$n > /dev/null || ret=1 if [ $ret -eq 1 ] ; then - echo "I: failed"; status=1 + echo_i " failed"; status=1 fi n=`expr $n + 1` -echo "I:testing NS handling in ANY responses (recursive) ($n)" +echo_i "testing NS handling in ANY responses (recursive) ($n)" ret=0 -$DIG -t ANY rt.example @10.53.0.3 -p 5300 > dig.out.$n || ret=1 +$DIG $DIGOPTS -t ANY rt.example @10.53.0.3 > dig.out.$n || ret=1 grep "AUTHORITY: 0" dig.out.$n > /dev/null || ret=1 grep "NS[ ]*ns" dig.out.$n > /dev/null || ret=1 if [ $ret -eq 1 ] ; then - echo "I: failed"; status=1 + echo_i " failed"; status=1 fi -echo "I:exit status: $status" +echo_i "exit status: $status" [ $status -eq 0 ] || exit 1 diff --git a/bin/tests/system/addzone/clean.sh b/bin/tests/system/addzone/clean.sh index 074da01769..f3b4d31373 100644 --- a/bin/tests/system/addzone/clean.sh +++ b/bin/tests/system/addzone/clean.sh @@ -10,7 +10,7 @@ rm -f dig.out.* rm -f rndc.out* rm -f showzone.out* rm -f zonestatus.out* -rm -f ns2/named.conf +rm -f */named.conf rm -f */named.memstats rm -f ns1/*.nzf ns1/*.nzf~ rm -f ns1/*.nzd ns1/*.nzd-lock diff --git a/bin/tests/system/addzone/ns1/named.conf b/bin/tests/system/addzone/ns1/named.conf.in similarity index 89% rename from bin/tests/system/addzone/ns1/named.conf rename to bin/tests/system/addzone/ns1/named.conf.in index 04aeafcd98..e30fbcbb67 100644 --- a/bin/tests/system/addzone/ns1/named.conf +++ b/bin/tests/system/addzone/ns1/named.conf.in @@ -12,11 +12,11 @@ key rndc_key { }; controls { - inet 10.53.0.1 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.1 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; options { - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.1; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/addzone/ns2/named1.conf b/bin/tests/system/addzone/ns2/named1.conf.in similarity index 81% rename from bin/tests/system/addzone/ns2/named1.conf rename to bin/tests/system/addzone/ns2/named1.conf.in index 5bf42acb53..6e969dd714 100644 --- a/bin/tests/system/addzone/ns2/named1.conf +++ b/bin/tests/system/addzone/ns2/named1.conf.in @@ -6,12 +6,8 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named1.conf,v 1.2 2010/08/11 18:14:19 each Exp $ */ - -controls { /* empty */ }; - options { - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.2; }; listen-on-v6 { none; }; @@ -20,7 +16,11 @@ options { allow-new-zones yes; }; -include "../../common/controls.conf"; +include "../../common/rndc.key"; + +controls { + inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; +}; zone "." { type hint; diff --git a/bin/tests/system/addzone/ns2/named2.conf b/bin/tests/system/addzone/ns2/named2.conf.in similarity index 89% rename from bin/tests/system/addzone/ns2/named2.conf rename to bin/tests/system/addzone/ns2/named2.conf.in index 437b1b4616..d156b552c3 100644 --- a/bin/tests/system/addzone/ns2/named2.conf +++ b/bin/tests/system/addzone/ns2/named2.conf.in @@ -6,12 +6,15 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -controls { /* empty */ }; +include "../../common/rndc.key"; + +controls { + inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; +}; -include "../../common/controls.conf"; options { - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.2; 10.53.0.4; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/addzone/ns2/named3.conf b/bin/tests/system/addzone/ns2/named3.conf.in similarity index 90% rename from bin/tests/system/addzone/ns2/named3.conf rename to bin/tests/system/addzone/ns2/named3.conf.in index 2bb92f53f4..df32280ecb 100644 --- a/bin/tests/system/addzone/ns2/named3.conf +++ b/bin/tests/system/addzone/ns2/named3.conf.in @@ -6,12 +6,14 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -controls { /* empty */ }; +include "../../common/rndc.key"; -include "../../common/controls.conf"; +controls { + inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; +}; options { - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.2; 10.53.0.4; 10.53.0.5; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/addzone/ns3/named1.conf b/bin/tests/system/addzone/ns3/named1.conf.in similarity index 79% rename from bin/tests/system/addzone/ns3/named1.conf rename to bin/tests/system/addzone/ns3/named1.conf.in index 14ea730050..9c08ad07da 100644 --- a/bin/tests/system/addzone/ns3/named1.conf +++ b/bin/tests/system/addzone/ns3/named1.conf.in @@ -6,17 +6,14 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -key rndc_key { - secret "1234abcd8765"; - algorithm hmac-sha256; -}; +include "../../common/rndc.key"; controls { - inet 10.53.0.3 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.3 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; options { - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.3; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/addzone/ns3/named2.conf b/bin/tests/system/addzone/ns3/named2.conf.in similarity index 76% rename from bin/tests/system/addzone/ns3/named2.conf rename to bin/tests/system/addzone/ns3/named2.conf.in index 0b2684ec4c..9b5ff25115 100644 --- a/bin/tests/system/addzone/ns3/named2.conf +++ b/bin/tests/system/addzone/ns3/named2.conf.in @@ -6,17 +6,14 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -key rndc_key { - secret "1234abcd8765"; - algorithm hmac-sha256; -}; +include "../../common/rndc.key"; controls { - inet 10.53.0.3 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.3 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; options { - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.3; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/addzone/setup.sh b/bin/tests/system/addzone/setup.sh index 9128078fc0..1c7ae52e26 100644 --- a/bin/tests/system/addzone/setup.sh +++ b/bin/tests/system/addzone/setup.sh @@ -14,9 +14,12 @@ $SHELL clean.sh cp -f ns1/redirect.db.1 ns1/redirect.db cp -f ns2/redirect.db.1 ns2/redirect.db cp -f ns3/redirect.db.1 ns3/redirect.db -cp -f ns2/named1.conf ns2/named.conf + +copy_setports ns1/named.conf.in ns1/named.conf +copy_setports ns2/named1.conf.in ns2/named.conf +copy_setports ns3/named1.conf.in ns3/named.conf + cp -f ns2/default.nzf.in ns2/3bf305731dd26307.nzf -cp -f ns3/named1.conf ns3/named.conf rm -f ns3/*.nzf ns3/*.nzf~ rm -f ns3/*.nzd ns3/*.nzd-lock rm -f ns3/inlineslave.db diff --git a/bin/tests/system/addzone/tests.sh b/bin/tests/system/addzone/tests.sh index 4692abaec5..8b61adbd2b 100755 --- a/bin/tests/system/addzone/tests.sh +++ b/bin/tests/system/addzone/tests.sh @@ -9,227 +9,229 @@ SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh -DIGOPTS="+tcp +nosea +nostat +nocmd +norec +noques +noauth +noadd +nostats +dnssec -p 5300" +DIGOPTS="+tcp +nosea +nostat +nocmd +norec +noques +noauth +noadd +nostats +dnssec -p ${PORT}" +RNDCCMD="$RNDC -c $SYSTEMTESTTOP/common/rndc.conf -p ${CONTROLPORT} -s" + status=0 n=0 -echo "I:checking normally loaded zone ($n)" +echo_i "checking normally loaded zone ($n)" ret=0 $DIG $DIGOPTS @10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret=1 grep 'status: NOERROR' dig.out.ns2.$n > /dev/null || ret=1 grep '^a.normal.example' dig.out.ns2.$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` # When LMDB support is compiled in, this tests that migration from # NZF to NZD occurs during named startup -echo "I:checking previously added zone ($n)" +echo_i "checking previously added zone ($n)" ret=0 $DIG $DIGOPTS @10.53.0.2 a.previous.example a > dig.out.ns2.$n || ret=1 grep 'status: NOERROR' dig.out.ns2.$n > /dev/null || ret=1 grep '^a.previous.example' dig.out.ns2.$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` if [ -n "$NZD" ]; then - echo "I:checking that existing NZF file was renamed after migration ($n)" + echo_i "checking that existing NZF file was renamed after migration ($n)" [ -e ns2/3bf305731dd26307.nzf~ ] || ret=1 n=`expr $n + 1` - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` fi -echo "I:adding new zone ($n)" +echo_i "adding new zone ($n)" ret=0 -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 addzone 'added.example { type master; file "added.db"; };' 2>&1 | sed 's/^/I:ns2 /' +$RNDCCMD 10.53.0.2 addzone 'added.example { type master; file "added.db"; };' 2>&1 | sed 's/^/I:ns2 /' $DIG $DIGOPTS @10.53.0.2 a.added.example a > dig.out.ns2.$n || ret=1 grep 'status: NOERROR' dig.out.ns2.$n > /dev/null || ret=1 grep '^a.added.example' dig.out.ns2.$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking addzone errors are logged correctly" +echo_i "checking addzone errors are logged correctly" ret=0 -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 addzone bad.example '{ type mister; };' 2>&1 | grep 'unexpected token' > /dev/null 2>&1 || ret=1 +$RNDCCMD 10.53.0.2 addzone bad.example '{ type mister; };' 2>&1 | grep 'unexpected token' > /dev/null 2>&1 || ret=1 grep "addzone: 'mister' unexpected" ns2/named.run >/dev/null 2>&1 || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking modzone errors are logged correctly" +echo_i "checking modzone errors are logged correctly" ret=0 -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 modzone added.example '{ type mister; };' 2>&1 | grep 'unexpected token' > /dev/null 2>&1 || ret=1 +$RNDCCMD 10.53.0.2 modzone added.example '{ type mister; };' 2>&1 | grep 'unexpected token' > /dev/null 2>&1 || ret=1 grep "modzone: 'mister' unexpected" ns2/named.run >/dev/null 2>&1 || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:adding a zone that requires quotes ($n)" +echo_i "adding a zone that requires quotes ($n)" ret=0 -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 addzone '"32/1.0.0.127-in-addr.added.example" { check-names ignore; type master; file "added.db"; };' 2>&1 | sed 's/^/I:ns2 /' +$RNDCCMD 10.53.0.2 addzone '"32/1.0.0.127-in-addr.added.example" { check-names ignore; type master; file "added.db"; };' 2>&1 | sed 's/^/I:ns2 /' $DIG $DIGOPTS @10.53.0.2 "a.32/1.0.0.127-in-addr.added.example" a > dig.out.ns2.$n || ret=1 grep 'status: NOERROR' dig.out.ns2.$n > /dev/null || ret=1 grep '^a.32/1.0.0.127-in-addr.added.example' dig.out.ns2.$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:adding a zone with a quote in the name ($n)" +echo_i "adding a zone with a quote in the name ($n)" ret=0 -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 addzone '"foo\"bar.example" { check-names ignore; type master; file "added.db"; };' 2>&1 | sed 's/^/I:ns2 /' +$RNDCCMD 10.53.0.2 addzone '"foo\"bar.example" { check-names ignore; type master; file "added.db"; };' 2>&1 | sed 's/^/I:ns2 /' $DIG $DIGOPTS @10.53.0.2 "a.foo\"bar.example" a > dig.out.ns2.$n || ret=1 grep 'status: NOERROR' dig.out.ns2.$n > /dev/null || ret=1 grep '^a.foo\\"bar.example' dig.out.ns2.$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:adding new zone with missing master file ($n)" +echo_i "adding new zone with missing master file ($n)" ret=0 $DIG $DIGOPTS +all @10.53.0.2 a.missing.example a > dig.out.ns2.pre.$n || ret=1 grep "status: REFUSED" dig.out.ns2.pre.$n > /dev/null || ret=1 -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 addzone 'missing.example { type master; file "missing.db"; };' 2> rndc.out.ns2.$n +$RNDCCMD 10.53.0.2 addzone 'missing.example { type master; file "missing.db"; };' 2> rndc.out.ns2.$n grep "file not found" rndc.out.ns2.$n > /dev/null || ret=1 $DIG $DIGOPTS +all @10.53.0.2 a.missing.example a > dig.out.ns2.post.$n || ret=1 grep "status: REFUSED" dig.out.ns2.post.$n > /dev/null || ret=1 $PERL ../digcomp.pl dig.out.ns2.pre.$n dig.out.ns2.post.$n || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` if [ -z "$NZD" ]; then - echo "I:verifying no comments in NZF file ($n)" + echo_i "verifying no comments in NZF file ($n)" ret=0 hcount=`grep "^# New zone file for view: _default" ns2/3bf305731dd26307.nzf | wc -l` [ $hcount -eq 0 ] || ret=1 n=`expr $n + 1` - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` fi -echo "I:checking rndc showzone with previously added zone ($n)" +echo_i "checking rndc showzone with previously added zone ($n)" ret=0 -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 showzone previous.example > rndc.out.ns2.$n +$RNDCCMD 10.53.0.2 showzone previous.example > rndc.out.ns2.$n expected='zone "previous.example" { type master; file "previous.db"; };' [ "`cat rndc.out.ns2.$n`" = "$expected" ] || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` if [ -n "$NZD" ]; then - echo "I:checking zone is present in NZD ($n)" + echo_i "checking zone is present in NZD ($n)" ret=0 $NZD2NZF ns2/_default.nzd | grep previous.example > /dev/null || ret=1 - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` fi -echo "I:deleting previously added zone ($n)" +echo_i "deleting previously added zone ($n)" ret=0 -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 delzone previous.example 2>&1 | sed 's/^/I:ns2 /' +$RNDCCMD 10.53.0.2 delzone previous.example 2>&1 | sed 's/^/I:ns2 /' $DIG $DIGOPTS @10.53.0.2 a.previous.example a > dig.out.ns2.$n grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1 grep '^a.previous.example' dig.out.ns2.$n > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` if [ -n "$NZD" ]; then - echo "I:checking zone was deleted from NZD ($n)" + echo_i "checking zone was deleted from NZD ($n)" for i in 0 1 2 3 4 5 6 7 8 9; do ret=0 $NZD2NZF ns2/_default.nzd | grep previous.example > /dev/null && ret=1 [ $ret = 0 ] && break sleep 1 done - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` fi if [ -z "$NZD" ]; then - echo "I:checking NZF file now has comment ($n)" + echo_i "checking NZF file now has comment ($n)" ret=0 hcount=`grep "^# New zone file for view: _default" ns2/3bf305731dd26307.nzf | wc -l` [ $hcount -eq 1 ] || ret=1 n=`expr $n + 1` - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` fi -echo "I:deleting newly added zone added.example ($n)" +echo_i "deleting newly added zone added.example ($n)" ret=0 -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 delzone added.example 2>&1 | sed 's/^/I:ns2 /' +$RNDCCMD 10.53.0.2 delzone added.example 2>&1 | sed 's/^/I:ns2 /' $DIG $DIGOPTS @10.53.0.2 a.added.example a > dig.out.ns2.$n grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1 grep '^a.added.example' dig.out.ns2.$n > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:deleting newly added zone with escaped quote ($n)" +echo_i "deleting newly added zone with escaped quote ($n)" ret=0 -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 delzone "foo\\\"bar.example" 2>&1 | sed 's/^/I:ns2 /' +$RNDCCMD 10.53.0.2 delzone "foo\\\"bar.example" 2>&1 | sed 's/^/I:ns2 /' $DIG $DIGOPTS @10.53.0.2 "a.foo\"bar.example" a > dig.out.ns2.$n grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1 grep "^a.foo\"bar.example" dig.out.ns2.$n > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking rndc showzone with a normally-loaded zone ($n)" +echo_i "checking rndc showzone with a normally-loaded zone ($n)" ret=0 -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 showzone normal.example > rndc.out.ns2.$n +$RNDCCMD 10.53.0.2 showzone normal.example > rndc.out.ns2.$n expected='zone "normal.example" { type master; file "normal.db"; };' [ "`cat rndc.out.ns2.$n`" = "$expected" ] || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking rndc showzone with a normally-loaded zone with trailing dot ($n)" +echo_i "checking rndc showzone with a normally-loaded zone with trailing dot ($n)" ret=0 -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 showzone finaldot.example > rndc.out.ns2.$n +$RNDCCMD 10.53.0.2 showzone finaldot.example > rndc.out.ns2.$n expected='zone "finaldot.example." { type master; file "normal.db"; };' [ "`cat rndc.out.ns2.$n`" = "$expected" ] || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking rndc showzone with a normally-loaded redirect zone ($n)" +echo_i "checking rndc showzone with a normally-loaded redirect zone ($n)" ret=0 -$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 showzone -redirect > rndc.out.ns1.$n +$RNDCCMD 10.53.0.1 showzone -redirect > rndc.out.ns1.$n expected='zone "." { type redirect; file "redirect.db"; };' [ "`cat rndc.out.ns1.$n`" = "$expected" ] || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking rndc zonestatus with a normally-loaded redirect zone ($n)" +echo_i "checking rndc zonestatus with a normally-loaded redirect zone ($n)" ret=0 -$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 zonestatus -redirect > rndc.out.ns1.$n +$RNDCCMD 10.53.0.1 zonestatus -redirect > rndc.out.ns1.$n grep "type: redirect" rndc.out.ns1.$n > /dev/null || ret=1 grep "serial: 0" rndc.out.ns1.$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking rndc reload with a normally-loaded redirect zone ($n)" +echo_i "checking rndc reload with a normally-loaded redirect zone ($n)" ret=0 sleep 1 cp -f ns1/redirect.db.2 ns1/redirect.db -$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 reload -redirect > rndc.out.ns1.$n -$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 zonestatus -redirect > zonestatus.out.ns1.$n +$RNDCCMD 10.53.0.1 reload -redirect > rndc.out.ns1.$n +$RNDCCMD 10.53.0.1 zonestatus -redirect > zonestatus.out.ns1.$n grep "type: redirect" zonestatus.out.ns1.$n > /dev/null || ret=1 grep "serial: 1" zonestatus.out.ns1.$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:delete a normally-loaded zone ($n)" +echo_i "delete a normally-loaded zone ($n)" ret=0 -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 delzone normal.example > rndc.out.ns2.$n 2>&1 +$RNDCCMD 10.53.0.2 delzone normal.example > rndc.out.ns2.$n 2>&1 $DIG $DIGOPTS @10.53.0.2 a.normal.example a > dig.out.ns2.$n grep "is no longer active and will be deleted" rndc.out.ns2.$n > /dev/null || ret=1 grep "To keep it from returning when the server is restarted" rndc.out.ns2.$n > /dev/null || ret=1 @@ -237,11 +239,11 @@ grep "must also be removed from named.conf." rndc.out.ns2.$n > /dev/null || ret= grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:attempting to add master zone with inline signing ($n)" -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 addzone 'inline.example { type master; file "inline.db"; inline-signing yes; };' 2>&1 | sed 's/^/I:ns2 /' +echo_i "attempting to add master zone with inline signing ($n)" +$RNDCCMD 10.53.0.2 addzone 'inline.example { type master; file "inline.db"; inline-signing yes; };' 2>&1 | sed 's/^/I:ns2 /' for i in 1 2 3 4 5 do ret=0 @@ -252,19 +254,19 @@ grep '^a.inline.example' dig.out.ns2.$n > /dev/null || ret=1 sleep 1 done n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:attempting to add master zone with inline signing and missing master ($n)" +echo_i "attempting to add master zone with inline signing and missing master ($n)" ret=0 -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 addzone 'inlinemissing.example { type master; file "missing.db"; inline-signing yes; };' 2> rndc.out.ns2.$n +$RNDCCMD 10.53.0.2 addzone 'inlinemissing.example { type master; file "missing.db"; inline-signing yes; };' 2> rndc.out.ns2.$n grep "file not found" rndc.out.ns2.$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:attempting to add slave zone with inline signing ($n)" -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 addzone 'inlineslave.example { type slave; masters { 10.53.0.1; }; file "inlineslave.bk"; inline-signing yes; };' 2>&1 | sed 's/^/I:ns2 /' +echo_i "attempting to add slave zone with inline signing ($n)" +$RNDCCMD 10.53.0.2 addzone 'inlineslave.example { type slave; masters { 10.53.0.1; }; file "inlineslave.bk"; inline-signing yes; };' 2>&1 | sed 's/^/I:ns2 /' for i in 1 2 3 4 5 do ret=0 @@ -275,30 +277,30 @@ grep '^a.inlineslave.example' dig.out.ns2.$n > /dev/null || ret=1 sleep 1 done n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:attempting to delete slave zone with inline signing ($n)" +echo_i "attempting to delete slave zone with inline signing ($n)" ret=0 for i in 0 1 2 3 4 5 6 7 8 9 do test -f ns2/inlineslave.bk.signed -a -f ns2/inlineslave.bk && break sleep 1 done -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 delzone inlineslave.example 2>&1 > rndc.out2.test$n +$RNDCCMD 10.53.0.2 delzone inlineslave.example 2>&1 > rndc.out2.test$n test -f inlineslave.bk || grep '^inlineslave.bk$' rndc.out2.test$n > /dev/null || { - echo "I:failed to report inlineslave.bk"; ret=1; + echo_i "failed to report inlineslave.bk"; ret=1; } test ! -f inlineslave.bk.signed || grep '^inlineslave.bk.signed$' rndc.out2.test$n > /dev/null || { - echo "I:failed to report inlineslave.bk.signed"; ret=1; + echo_i "failed to report inlineslave.bk.signed"; ret=1; } n=`expr $n + 1` status=`expr $status + $ret` -echo "I:restoring slave zone with inline signing ($n)" -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 addzone 'inlineslave.example { type slave; masters { 10.53.0.1; }; file "inlineslave.bk"; inline-signing yes; };' 2>&1 | sed 's/^/I:ns2 /' +echo_i "restoring slave zone with inline signing ($n)" +$RNDCCMD 10.53.0.2 addzone 'inlineslave.example { type slave; masters { 10.53.0.1; }; file "inlineslave.bk"; inline-signing yes; };' 2>&1 | sed 's/^/I:ns2 /' for i in 1 2 3 4 5 do ret=0 @@ -309,17 +311,17 @@ grep '^a.inlineslave.example' dig.out.ns2.$n > /dev/null || ret=1 sleep 1 done n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:deleting slave zone with automatic zone file removal ($n)" +echo_i "deleting slave zone with automatic zone file removal ($n)" ret=0 for i in 0 1 2 3 4 5 6 7 8 9 do test -f ns2/inlineslave.bk.signed -a -f ns2/inlineslave.bk && break sleep 1 done -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 delzone -clean inlineslave.example 2>&1 > /dev/null +$RNDCCMD 10.53.0.2 delzone -clean inlineslave.example 2>&1 > /dev/null for i in 0 1 2 3 4 5 6 7 8 9 do ret=0 @@ -330,144 +332,144 @@ done n=`expr $n + 1` status=`expr $status + $ret` -echo "I:modifying zone configuration ($n)" +echo_i "modifying zone configuration ($n)" ret=0 -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 addzone 'mod.example { type master; file "added.db"; };' 2>&1 | sed 's/^/I:ns2 /' +$RNDCCMD 10.53.0.2 addzone 'mod.example { type master; file "added.db"; };' 2>&1 | sed 's/^/I:ns2 /' $DIG +norec $DIGOPTS @10.53.0.2 mod.example ns > dig.out.ns2.1.$n || ret=1 grep 'status: NOERROR' dig.out.ns2.1.$n > /dev/null || ret=1 -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 modzone 'mod.example { type master; file "added.db"; allow-query { none; }; };' 2>&1 | sed 's/^/I:ns2 /' +$RNDCCMD 10.53.0.2 modzone 'mod.example { type master; file "added.db"; allow-query { none; }; };' 2>&1 | sed 's/^/I:ns2 /' $DIG +norec $DIGOPTS @10.53.0.2 mod.example ns > dig.out.ns2.2.$n || ret=1 -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 showzone mod.example | grep 'allow-query { "none"; };' > /dev/null 2>&1 || ret=1 +$RNDCCMD 10.53.0.2 showzone mod.example | grep 'allow-query { "none"; };' > /dev/null 2>&1 || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:check that adding a 'stub' zone works ($n)" +echo_i "check that adding a 'stub' zone works ($n)" ret=0 -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 addzone 'stub.example { type stub; masters { 1.2.3.4; }; file "stub.example.bk"; };' > rndc.out.ns2.$n 2>&1 || ret=1 +$RNDCCMD 10.53.0.2 addzone 'stub.example { type stub; masters { 1.2.3.4; }; file "stub.example.bk"; };' > rndc.out.ns2.$n 2>&1 || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:check that adding a 'static-stub' zone works ($n)" +echo_i "check that adding a 'static-stub' zone works ($n)" ret=0 -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 addzone 'static-stub.example { type static-stub; server-addresses { 1.2.3.4; }; };' > rndc.out.ns2.$n 2>&1 || ret=1 +$RNDCCMD 10.53.0.2 addzone 'static-stub.example { type static-stub; server-addresses { 1.2.3.4; }; };' > rndc.out.ns2.$n 2>&1 || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:check that adding a 'master redirect' zone works ($n)" +echo_i "check that adding a 'master redirect' zone works ($n)" ret=0 -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 addzone '"." { type redirect; file "redirect.db"; };' > rndc.out.ns2.$n 2>&1 || ret=1 -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 showzone -redirect > showzone.out.ns2.$n 2>&1 || ret=1 +$RNDCCMD 10.53.0.2 addzone '"." { type redirect; file "redirect.db"; };' > rndc.out.ns2.$n 2>&1 || ret=1 +$RNDCCMD 10.53.0.2 showzone -redirect > showzone.out.ns2.$n 2>&1 || ret=1 grep "type redirect;" showzone.out.ns2.$n > /dev/null || ret=1 -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 zonestatus -redirect > zonestatus.out.ns2.$n 2>&1 || ret=1 +$RNDCCMD 10.53.0.2 zonestatus -redirect > zonestatus.out.ns2.$n 2>&1 || ret=1 grep "type: redirect" zonestatus.out.ns2.$n > /dev/null || ret=1 grep "serial: 0" zonestatus.out.ns2.$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi -echo "I:check that reloading a added 'master redirect' zone works ($n)" +echo_i "check that reloading a added 'master redirect' zone works ($n)" ret=0 sleep 1 cp -f ns2/redirect.db.2 ns2/redirect.db -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 reload -redirect > rndc.out.ns2.$n -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 zonestatus -redirect > zonestatus.out.ns2.$n 2>&1 || ret=1 +$RNDCCMD 10.53.0.2 reload -redirect > rndc.out.ns2.$n +$RNDCCMD 10.53.0.2 zonestatus -redirect > zonestatus.out.ns2.$n 2>&1 || ret=1 grep "type: redirect" zonestatus.out.ns2.$n > /dev/null || ret=1 grep "serial: 1" zonestatus.out.ns2.$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi -echo "I:check that retransfer of a added 'master redirect' zone fails ($n)" +echo_i "check that retransfer of a added 'master redirect' zone fails ($n)" ret=0 -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 retransfer -redirect > rndc.out.ns2.$n 2>&1 && ret=1 +$RNDCCMD 10.53.0.2 retransfer -redirect > rndc.out.ns2.$n 2>&1 && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi -echo "I:check that deleting a 'master redirect' zone works ($n)" +echo_i "check that deleting a 'master redirect' zone works ($n)" ret=0 -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 delzone -redirect > rndc.out.ns2.$n 2>&1 || ret=1 -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 showzone -redirect > showzone.out.ns2.$n 2>&1 +$RNDCCMD 10.53.0.2 delzone -redirect > rndc.out.ns2.$n 2>&1 || ret=1 +$RNDCCMD 10.53.0.2 showzone -redirect > showzone.out.ns2.$n 2>&1 grep 'not found' showzone.out.ns2.$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:check that adding a 'slave redirect' zone works ($n)" +echo_i "check that adding a 'slave redirect' zone works ($n)" ret=0 -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 addzone '"." { type redirect; masters { 10.53.0.3;}; file "redirect.bk"; };' > rndc.out.ns2.$n 2>&1 || ret=1 -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 showzone -redirect > showzone.out.ns2.$n 2>&1 || ret=1 +$RNDCCMD 10.53.0.2 addzone '"." { type redirect; masters { 10.53.0.3;}; file "redirect.bk"; };' > rndc.out.ns2.$n 2>&1 || ret=1 +$RNDCCMD 10.53.0.2 showzone -redirect > showzone.out.ns2.$n 2>&1 || ret=1 grep "type redirect;" showzone.out.ns2.$n > /dev/null || ret=1 sleep 1 -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 zonestatus -redirect > zonestatus.out.ns2.$n 2>&1 || ret=1 +$RNDCCMD 10.53.0.2 zonestatus -redirect > zonestatus.out.ns2.$n 2>&1 || ret=1 grep "type: redirect" zonestatus.out.ns2.$n > /dev/null || ret=1 grep "serial: 0" zonestatus.out.ns2.$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:check that retransfering a added 'slave redirect' zone works ($n)" +echo_i "check that retransfering a added 'slave redirect' zone works ($n)" ret=0 cp -f ns3/redirect.db.2 ns3/redirect.db -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 reload . > showzone.out.ns3.$n 2>&1 || ret=1 +$RNDCCMD 10.53.0.3 reload . > showzone.out.ns3.$n 2>&1 || ret=1 sleep 1 -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 retransfer -redirect > rndc.out.ns2.$n 2>&1 || ret=1 +$RNDCCMD 10.53.0.2 retransfer -redirect > rndc.out.ns2.$n 2>&1 || ret=1 sleep 1 -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 zonestatus -redirect > zonestatus.out.ns2.$n 2>&1 || ret=1 +$RNDCCMD 10.53.0.2 zonestatus -redirect > zonestatus.out.ns2.$n 2>&1 || ret=1 grep "type: redirect" zonestatus.out.ns2.$n > /dev/null || ret=1 grep "serial: 1" zonestatus.out.ns2.$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:check that deleting a 'slave redirect' zone works ($n)" +echo_i "check that deleting a 'slave redirect' zone works ($n)" ret=0 -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 delzone -redirect > rndc.out.ns2.$n 2>&1 || ret=1 -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 showzone -redirect > showzone.out.ns2.$n 2>&1 +$RNDCCMD 10.53.0.2 delzone -redirect > rndc.out.ns2.$n 2>&1 || ret=1 +$RNDCCMD 10.53.0.2 showzone -redirect > showzone.out.ns2.$n 2>&1 grep 'not found' showzone.out.ns2.$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:check that zone type 'hint' is properly rejected ($n)" +echo_i "check that zone type 'hint' is properly rejected ($n)" ret=0 -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 addzone '"." { type hint; file "hints.db"; };' > rndc.out.ns2.$n 2>&1 && ret=1 +$RNDCCMD 10.53.0.2 addzone '"." { type hint; file "hints.db"; };' > rndc.out.ns2.$n 2>&1 && ret=1 grep "zones not supported by addzone" rndc.out.ns2.$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:check that zone type 'forward' is properly rejected ($n)" +echo_i "check that zone type 'forward' is properly rejected ($n)" ret=0 -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 addzone 'forward.example { type forward; forwarders { 1.2.3.4; }; forward only; };' > rndc.out.ns2.$n 2>&1 && ret=1 +$RNDCCMD 10.53.0.2 addzone 'forward.example { type forward; forwarders { 1.2.3.4; }; forward only; };' > rndc.out.ns2.$n 2>&1 && ret=1 grep "zones not supported by addzone" rndc.out.ns2.$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:check that zone type 'delegation-only' is properly rejected ($n)" +echo_i "check that zone type 'delegation-only' is properly rejected ($n)" ret=0 -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 addzone 'delegation-only.example { type delegation-only; };' > rndc.out.ns2.$n 2>&1 && ret=1 +$RNDCCMD 10.53.0.2 addzone 'delegation-only.example { type delegation-only; };' > rndc.out.ns2.$n 2>&1 && ret=1 grep "zones not supported by addzone" rndc.out.ns2.$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:check that 'in-view' zones are properly rejected ($n)" +echo_i "check that 'in-view' zones are properly rejected ($n)" ret=0 -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 addzone 'in-view.example { in-view "_default"; };' > rndc.out.ns2.$n 2>&1 && ret=1 +$RNDCCMD 10.53.0.2 addzone 'in-view.example { in-view "_default"; };' > rndc.out.ns2.$n 2>&1 && ret=1 grep "zones not supported by addzone" rndc.out.ns2.$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:reconfiguring server with multiple views" +echo_i "reconfiguring server with multiple views" rm -f ns2/named.conf -cp -f ns2/named2.conf ns2/named.conf -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 reconfig 2>&1 | sed 's/^/I:ns2 /' +copy_setports ns2/named2.conf.in ns2/named.conf +$RNDCCMD 10.53.0.2 reconfig 2>&1 | sed 's/^/I:ns2 /' sleep 5 -echo "I:adding new zone to external view ($n)" +echo_i "adding new zone to external view ($n)" # NOTE: The internal view has "recursion yes" set, and so queries for # nonexistent zones should return NOERROR. The external view is # "recursion no", so queries for nonexistent zones should return @@ -479,53 +481,53 @@ $DIG +norec $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.added.example a > dig.out.ns2.int grep 'status: NOERROR' dig.out.ns2.intpre.$n > /dev/null || ret=1 $DIG +norec $DIGOPTS @10.53.0.4 -b 10.53.0.4 a.added.example a > dig.out.ns2.extpre.$n || ret=1 grep 'status: REFUSED' dig.out.ns2.extpre.$n > /dev/null || ret=1 -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 addzone 'added.example in external { type master; file "added.db"; };' 2>&1 | sed 's/^/I:ns2 /' +$RNDCCMD 10.53.0.2 addzone 'added.example in external { type master; file "added.db"; };' 2>&1 | sed 's/^/I:ns2 /' $DIG +norec $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.added.example a > dig.out.ns2.int.$n || ret=1 grep 'status: NOERROR' dig.out.ns2.int.$n > /dev/null || ret=1 $DIG +norec $DIGOPTS @10.53.0.4 -b 10.53.0.4 a.added.example a > dig.out.ns2.ext.$n || ret=1 grep 'status: NOERROR' dig.out.ns2.ext.$n > /dev/null || ret=1 grep '^a.added.example' dig.out.ns2.ext.$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` if [ -z "$NZD" ]; then - echo "I:checking new NZF file has comment ($n)" + echo_i "checking new NZF file has comment ($n)" ret=0 hcount=`grep "^# New zone file for view: external" ns2/external.nzf | wc -l` [ $hcount -eq 1 ] || ret=1 n=`expr $n + 1` - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` fi if [ -n "$NZD" ]; then - echo "I:verifying added.example in external view created an external.nzd DB ($n)" + echo_i "verifying added.example in external view created an external.nzd DB ($n)" ret=0 [ -e ns2/external.nzd ] || ret=1 n=`expr $n + 1` - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` fi -echo "I:checking rndc reload causes named to reload the external view's new zone config ($n)" +echo_i "checking rndc reload causes named to reload the external view's new zone config ($n)" ret=0 -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 reload 2>&1 | sed 's/^/I:ns2 /' +$RNDCCMD 10.53.0.2 reload 2>&1 | sed 's/^/I:ns2 /' $DIG +norec $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.added.example a > dig.out.ns2.int.$n || ret=1 grep 'status: NOERROR' dig.out.ns2.int.$n > /dev/null || ret=1 $DIG +norec $DIGOPTS @10.53.0.4 -b 10.53.0.4 a.added.example a > dig.out.ns2.ext.$n || ret=1 grep 'status: NOERROR' dig.out.ns2.ext.$n > /dev/null || ret=1 grep '^a.added.example' dig.out.ns2.ext.$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking rndc showzone with newly added zone ($n)" +echo_i "checking rndc showzone with newly added zone ($n)" # loop because showzone may complain if zones are still being # loaded from the NZDB at this point. for try in 0 1 2 3 4 5; do ret=0 - $RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 showzone added.example in external > rndc.out.ns2.$n 2>/dev/null +$RNDCCMD 10.53.0.2 showzone added.example in external > rndc.out.ns2.$n 2>/dev/null if [ -z "$NZD" ]; then expected='zone "added.example" in external { type master; file "added.db"; };' else @@ -536,79 +538,79 @@ for try in 0 1 2 3 4 5; do sleep 1 done n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:deleting newly added zone ($n)" +echo_i "deleting newly added zone ($n)" ret=0 -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 delzone 'added.example in external' 2>&1 | sed 's/^/I:ns2 /' +$RNDCCMD 10.53.0.2 delzone 'added.example in external' 2>&1 | sed 's/^/I:ns2 /' $DIG $DIGOPTS @10.53.0.4 -b 10.53.0.4 a.added.example a > dig.out.ns2.$n || ret=1 grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1 grep '^a.added.example' dig.out.ns2.$n > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:attempting to add zone to internal view ($n)" +echo_i "attempting to add zone to internal view ($n)" ret=0 $DIG +norec $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.added.example a > dig.out.ns2.pre.$n || ret=1 grep 'status: NOERROR' dig.out.ns2.pre.$n > /dev/null || ret=1 -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 addzone 'added.example in internal { type master; file "added.db"; };' 2> rndc.out.ns2.$n +$RNDCCMD 10.53.0.2 addzone 'added.example in internal { type master; file "added.db"; };' 2> rndc.out.ns2.$n grep "permission denied" rndc.out.ns2.$n > /dev/null || ret=1 $DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.added.example a > dig.out.ns2.int.$n || ret=1 grep 'status: NOERROR' dig.out.ns2.int.$n > /dev/null || ret=1 $DIG $DIGOPTS @10.53.0.4 -b 10.53.0.4 a.added.example a > dig.out.ns2.ext.$n || ret=1 grep 'status: REFUSED' dig.out.ns2.ext.$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:attempting to delete a policy zone ($n)" +echo_i "attempting to delete a policy zone ($n)" ret=0 -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 delzone 'policy in internal' 2> rndc.out.ns2.$n >&1 +$RNDCCMD 10.53.0.2 delzone 'policy in internal' 2> rndc.out.ns2.$n >&1 grep 'cannot be deleted' rndc.out.ns2.$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:adding new zone again to external view ($n)" +echo_i "adding new zone again to external view ($n)" ret=0 -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 addzone 'added.example in external { type master; file "added.db"; };' 2>&1 | sed 's/^/I:ns2 /' +$RNDCCMD 10.53.0.2 addzone 'added.example in external { type master; file "added.db"; };' 2>&1 | sed 's/^/I:ns2 /' $DIG +norec $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.added.example a > dig.out.ns2.int.$n || ret=1 grep 'status: NOERROR' dig.out.ns2.int.$n > /dev/null || ret=1 $DIG +norec $DIGOPTS @10.53.0.4 -b 10.53.0.4 a.added.example a > dig.out.ns2.ext.$n || ret=1 grep 'status: NOERROR' dig.out.ns2.ext.$n > /dev/null || ret=1 grep '^a.added.example' dig.out.ns2.ext.$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:reconfiguring server with multiple views and new-zones-directory" +echo_i "reconfiguring server with multiple views and new-zones-directory" rm -f ns2/named.conf -cp -f ns2/named3.conf ns2/named.conf -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 reconfig 2>&1 | sed 's/^/I:ns2 /' +copy_setports ns2/named3.conf.in ns2/named.conf +$RNDCCMD 10.53.0.2 reconfig 2>&1 | sed 's/^/I:ns2 /' sleep 5 -echo "I:checking new zone is still loaded after dir change ($n)" +echo_i "checking new zone is still loaded after dir change ($n)" ret=0 $DIG +norec $DIGOPTS @10.53.0.4 -b 10.53.0.4 a.added.example a > dig.out.ns2.ext.$n || ret=1 grep 'status: NOERROR' dig.out.ns2.ext.$n > /dev/null || ret=1 grep '^a.added.example' dig.out.ns2.ext.$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:deleting newly added zone from external ($n)" +echo_i "deleting newly added zone from external ($n)" ret=0 -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 delzone 'added.example in external' 2>&1 | sed 's/^/I:ns2 /' +$RNDCCMD 10.53.0.2 delzone 'added.example in external' 2>&1 | sed 's/^/I:ns2 /' $DIG $DIGOPTS @10.53.0.4 -b 10.53.0.4 a.added.example a > dig.out.ns2.$n || ret=1 grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1 grep '^a.added.example' dig.out.ns2.$n > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:adding new zone to directory view ($n)" +echo_i "adding new zone to directory view ($n)" ret=0 $DIG +norec $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.added.example a > dig.out.ns2.intpre.$n || ret=1 grep 'status: NOERROR' dig.out.ns2.intpre.$n > /dev/null || ret=1 @@ -616,7 +618,7 @@ $DIG +norec $DIGOPTS @10.53.0.4 -b 10.53.0.4 a.added.example a > dig.out.ns2.ext grep 'status: REFUSED' dig.out.ns2.extpre.$n > /dev/null || ret=1 $DIG +norec $DIGOPTS @10.53.0.5 -b 10.53.0.5 a.added.example a > dig.out.ns2.dirpre.$n || ret=1 grep 'status: REFUSED' dig.out.ns2.dirpre.$n > /dev/null || ret=1 -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 addzone 'added.example in directory { type master; file "added.db"; };' 2>&1 | sed 's/^/I:ns2 /' +$RNDCCMD 10.53.0.2 addzone 'added.example in directory { type master; file "added.db"; };' 2>&1 | sed 's/^/I:ns2 /' $DIG +norec $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.added.example a > dig.out.ns2.int.$n || ret=1 grep 'status: NOERROR' dig.out.ns2.int.$n > /dev/null || ret=1 $DIG +norec $DIGOPTS @10.53.0.4 -b 10.53.0.4 a.added.example a > dig.out.ns2.ext.$n || ret=1 @@ -625,78 +627,78 @@ $DIG +norec $DIGOPTS @10.53.0.5 -b 10.53.0.5 a.added.example a > dig.out.ns2.dir grep 'status: NOERROR' dig.out.ns2.dir.$n > /dev/null || ret=1 grep '^a.added.example' dig.out.ns2.dir.$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` if [ -n "$NZD" ]; then - echo "I:checking NZD file was created in new-zones-directory ($n)" + echo_i "checking NZD file was created in new-zones-directory ($n)" expect=ns2/new-zones/directory.nzd else - echo "I:checking NZF file was created in new-zones-directory ($n)" + echo_i "checking NZF file was created in new-zones-directory ($n)" expect=ns2/new-zones/directory.nzf fi -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 sync 'added.example IN directory' 2>&1 | sed 's/^/I:ns2 /' +$RNDCCMD 10.53.0.2 sync 'added.example IN directory' 2>&1 | sed 's/^/I:ns2 /' sleep 2 [ -e "$expect" ] || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:deleting newly added zone from directory ($n)" +echo_i "deleting newly added zone from directory ($n)" ret=0 -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 delzone 'added.example in directory' 2>&1 | sed 's/^/I:ns2 /' +$RNDCCMD 10.53.0.2 delzone 'added.example in directory' 2>&1 | sed 's/^/I:ns2 /' $DIG $DIGOPTS @10.53.0.5 -b 10.53.0.5 a.added.example a > dig.out.ns2.$n || ret=1 grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1 grep '^a.added.example' dig.out.ns2.$n > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:ensure the configuration context is cleaned up correctly ($n)" +echo_i "ensure the configuration context is cleaned up correctly ($n)" ret=0 -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 reconfig > /dev/null 2>&1 || ret=1 +$RNDCCMD 10.53.0.2 reconfig > /dev/null 2>&1 || ret=1 sleep 5 -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 status > /dev/null 2>&1 || ret=1 +$RNDCCMD 10.53.0.2 status > /dev/null 2>&1 || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:check delzone after reconfig failure ($n)" +echo_i "check delzone after reconfig failure ($n)" ret=0 -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 addzone 'inlineslave.example. IN { type slave; file "inlineslave.db"; masterfile-format text; masters { testmaster; }; };' > /dev/null 2>&1 || ret=1 -cp -f ns3/named2.conf ns3/named.conf -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 reconfig > /dev/null 2>&1 && ret=1 +$RNDCCMD 10.53.0.3 addzone 'inlineslave.example. IN { type slave; file "inlineslave.db"; masterfile-format text; masters { testmaster; }; };' > /dev/null 2>&1 || ret=1 +copy_setports ns3/named2.conf.in ns3/named.conf +$RNDCCMD 10.53.0.3 reconfig > /dev/null 2>&1 && ret=1 sleep 5 -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 delzone inlineslave.example > /dev/null 2>&1 || ret=1 +$RNDCCMD 10.53.0.3 delzone inlineslave.example > /dev/null 2>&1 || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` if ! $FEATURETEST --with-lmdb then - echo "I:check that addzone is fully reversed on failure (--with-lmdb=no) ($n)" + echo_i "check that addzone is fully reversed on failure (--with-lmdb=no) ($n)" ret=0 - $RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 addzone "test1.baz" '{ type master; file "e.db"; };' > /dev/null 2>&1 || ret=1 - $RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 addzone "test2.baz" '{ type master; file "dne.db"; };' > /dev/null 2>&1 && ret=1 - $RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 addzone "test3.baz" '{ type master; file "e.db"; };' > /dev/null 2>&1 || ret=1 - $RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 delzone "test3.baz" > /dev/null 2>&1 || ret=1 + $RNDCCMD 10.53.0.3 addzone "test1.baz" '{ type master; file "e.db"; };' > /dev/null 2>&1 || ret=1 + $RNDCCMD 10.53.0.3 addzone "test2.baz" '{ type master; file "dne.db"; };' > /dev/null 2>&1 && ret=1 + $RNDCCMD 10.53.0.3 addzone "test3.baz" '{ type master; file "e.db"; };' > /dev/null 2>&1 || ret=1 + $RNDCCMD 10.53.0.3 delzone "test3.baz" > /dev/null 2>&1 || ret=1 grep test2.baz ns3/_default.nzf > /dev/null && ret=1 n=`expr $n + 1` - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` fi -echo "I:check that named restarts with multiple added zones ($n)" +echo_i "check that named restarts with multiple added zones ($n)" ret=0 -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 addzone "test4.baz" '{ type master; file "e.db"; };' > /dev/null 2>&1 || ret=1 -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 addzone "test5.baz" '{ type master; file "e.db"; };' > /dev/null 2>&1 || ret=1 +$RNDCCMD 10.53.0.3 addzone "test4.baz" '{ type master; file "e.db"; };' > /dev/null 2>&1 || ret=1 +$RNDCCMD 10.53.0.3 addzone "test5.baz" '{ type master; file "e.db"; };' > /dev/null 2>&1 || ret=1 $PERL $SYSTEMTESTTOP/stop.pl . ns3 -$PERL $SYSTEMTESTTOP/start.pl --noclean --restart . ns3 || ret=1 -$DIG -p 5300 @10.53.0.3 version.bind txt ch > dig.out.test$n || ret=1 +$PERL $SYSTEMTESTTOP/start.pl --noclean --restart --port ${PORT} . ns3 || ret=1 +$DIG $DIGOPTS @10.53.0.3 version.bind txt ch > dig.out.test$n || ret=1 grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:exit status: $status" +echo_i "exit status: $status" [ $status -eq 0 ] || exit 1 diff --git a/bin/tests/system/allow_query/setup.sh b/bin/tests/system/allow_query/setup.sh index 696c27079e..accd4a80c6 100644 --- a/bin/tests/system/allow_query/setup.sh +++ b/bin/tests/system/allow_query/setup.sh @@ -6,8 +6,6 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -# $Id: setup.sh,v 1.2 2010/11/16 01:37:36 sar Exp $ - SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh diff --git a/bin/tests/system/ans.pl b/bin/tests/system/ans.pl index cb4fb59bbd..c240d63b99 100644 --- a/bin/tests/system/ans.pl +++ b/bin/tests/system/ans.pl @@ -6,14 +6,15 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -# $Id: ans.pl,v 1.6 2012/02/22 23:47:34 tbox Exp $ - # # This is the name server from hell. It provides canned # responses based on pattern matching the queries, and # can be reprogrammed on-the-fly over a TCP connection. # -# The server listens for control connections on port 5301. +# The server listens for queries on port 5300 (or PORT). +# +# The server listens for control connections on port 5301 (or EXTRAPORT1). +# # A control connection is a TCP stream of lines like # # /pattern/ @@ -80,17 +81,22 @@ if (@ARGV > 0) { $server_addr = @ARGV[0]; } +my $mainport = int($ENV{'PORT'}); +if (!$mainport) { $mainport = 5300; } +my $ctrlport = int($ENV{'EXTRAPORT1'}); +if (!$ctrlport) { $ctrlport = 5301; } + # XXX: we should also be able to set the port numbers to listen on. my $ctlsock = IO::Socket::INET->new(LocalAddr => "$server_addr", - LocalPort => 5301, Proto => "tcp", Listen => 5, Reuse => 1) or die "$!"; + LocalPort => $ctrlport, Proto => "tcp", Listen => 5, Reuse => 1) or die "$!"; my $udpsock = IO::Socket::INET->new(LocalAddr => "$server_addr", - LocalPort => 5300, Proto => "udp", Reuse => 1) or die "$!"; + LocalPort => $mainport, Proto => "udp", Reuse => 1) or die "$!"; my $tcpsock = IO::Socket::INET->new(LocalAddr => "$server_addr", - LocalPort => 5300, Proto => "tcp", Listen => 5, Reuse => 1) or die "$!"; + LocalPort => $mainport, Proto => "tcp", Listen => 5, Reuse => 1) or die "$!"; -print "listening on $server_addr:5300,5301.\n"; +print "listening on $server_addr:$mainport,$ctrlport.\n"; print "Using Net::DNS $Net::DNS::VERSION\n"; my $pidf = new IO::File "ans.pid", "w" or die "cannot open pid file: $!"; diff --git a/bin/tests/system/auth/clean.sh b/bin/tests/system/auth/clean.sh index b5fe2a3555..be74d1b385 100644 --- a/bin/tests/system/auth/clean.sh +++ b/bin/tests/system/auth/clean.sh @@ -6,6 +6,7 @@ rm -f */named.memstats rm -f */named.run +rm -f */named.conf rm -f dig.out.test* rm -f ns2/example.com.bk rm -f ns2/example.net.bk diff --git a/bin/tests/system/auth/ns1/named.conf b/bin/tests/system/auth/ns1/named.conf.in similarity index 93% rename from bin/tests/system/auth/ns1/named.conf rename to bin/tests/system/auth/ns1/named.conf.in index 10eae79f9c..7d2ec72757 100644 --- a/bin/tests/system/auth/ns1/named.conf +++ b/bin/tests/system/auth/ns1/named.conf.in @@ -6,13 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -controls { /* empty */ }; - options { query-source address 10.53.0.1; notify-source 10.53.0.1; transfer-source 10.53.0.1; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.1; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/auth/ns2/named.conf b/bin/tests/system/auth/ns2/named.conf.in similarity index 94% rename from bin/tests/system/auth/ns2/named.conf rename to bin/tests/system/auth/ns2/named.conf.in index 56baca9b1c..7b1f91fe5e 100644 --- a/bin/tests/system/auth/ns2/named.conf +++ b/bin/tests/system/auth/ns2/named.conf.in @@ -6,13 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -controls { /* empty */ }; - options { query-source address 10.53.0.2; notify-source 10.53.0.2; transfer-source 10.53.0.2; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.2; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/auth/setup.sh b/bin/tests/system/auth/setup.sh new file mode 100644 index 0000000000..d4f9dbc358 --- /dev/null +++ b/bin/tests/system/auth/setup.sh @@ -0,0 +1,14 @@ +#!/bin/sh +# +# Copyright (C) 2018 Internet Systems Consortium, Inc. ("ISC") +# +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +SYSTEMTESTTOP=.. +. $SYSTEMTESTTOP/conf.sh + +$SHELL clean.sh +copy_setports ns1/named.conf.in ns1/named.conf +copy_setports ns2/named.conf.in ns2/named.conf diff --git a/bin/tests/system/auth/tests.sh b/bin/tests/system/auth/tests.sh index e3013cf133..9e7d29f3fa 100644 --- a/bin/tests/system/auth/tests.sh +++ b/bin/tests/system/auth/tests.sh @@ -9,25 +9,25 @@ SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh -DIGOPTS="+tcp" +DIGOPTS="+tcp -p ${PORT}" status=0 n=0 n=`expr $n + 1` -echo "I:wait for zones to finish transfering to ns2 ($n)" +echo_i "wait for zones to finish transfering to ns2 ($n)" for i in 1 2 3 4 5 6 7 8 9 10 do ret=0 for zone in example.com example.net do - $DIG $DIGOPTS -p 5300 @10.53.0.2 soa $zone > dig.out.test$n || ret=1 + $DIG $DIGOPTS @10.53.0.2 soa $zone > dig.out.test$n || ret=1 grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 done [ $ret -eq 0 ] && break sleep 1 done -[ $ret -eq 0 ] || echo "I:failed" +[ $ret -eq 0 ] || echo_i "failed" status=`expr $status + $ret` # @@ -35,95 +35,95 @@ status=`expr $status + $ret` # should not be followed. If both requested and available, they should be. # n=`expr $n + 1` -echo "I:check that cross-zone CNAME record does not return target data (rd=0/ra=0) ($n)" +echo_i "check that cross-zone CNAME record does not return target data (rd=0/ra=0) ($n)" ret=0 -$DIG $DIGOPTS +norec -p 5300 @10.53.0.1 www.example.com > dig.out.test$n || ret=1 +$DIG $DIGOPTS +norec @10.53.0.1 www.example.com > dig.out.test$n || ret=1 grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 grep "flags: qr aa;" dig.out.test$n > /dev/null || ret=1 grep "www.example.com.*CNAME.*server.example.net" dig.out.test$n > /dev/null || ret=1 grep "server.example.net.*A.*10.53.0.100" dig.out.test$n > /dev/null && ret=1 -[ $ret -eq 0 ] || echo "I:failed" +[ $ret -eq 0 ] || echo_i "failed" status=`expr $status + $ret` n=`expr $n + 1` -echo "I:check that cross-zone CNAME record does not return target data (rd=1/ra=0) ($n)" +echo_i "check that cross-zone CNAME record does not return target data (rd=1/ra=0) ($n)" ret=0 -$DIG $DIGOPTS +rec -p 5300 @10.53.0.1 www.example.com > dig.out.test$n || ret=1 +$DIG $DIGOPTS +rec @10.53.0.1 www.example.com > dig.out.test$n || ret=1 grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 grep "flags: qr aa rd;" dig.out.test$n > /dev/null || ret=1 grep "www.example.com.*CNAME.*server.example.net" dig.out.test$n > /dev/null || ret=1 grep "server.example.net.*A.*10.53.0.100" dig.out.test$n > /dev/null && ret=1 -[ $ret -eq 0 ] || echo "I:failed" +[ $ret -eq 0 ] || echo_i "failed" status=`expr $status + $ret` n=`expr $n + 1` -echo "I:check that cross-zone CNAME record does not return target data (rd=0/ra=1) ($n)" +echo_i "check that cross-zone CNAME record does not return target data (rd=0/ra=1) ($n)" ret=0 -$DIG $DIGOPTS +norec -p 5300 @10.53.0.2 www.example.com > dig.out.test$n || ret=1 +$DIG $DIGOPTS +norec @10.53.0.2 www.example.com > dig.out.test$n || ret=1 grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 grep "flags: qr aa ra;" dig.out.test$n > /dev/null || ret=1 grep "www.example.com.*CNAME.*server.example.net" dig.out.test$n > /dev/null || ret=1 grep "server.example.net.*A.*10.53.0.100" dig.out.test$n > /dev/null && ret=1 -[ $ret -eq 0 ] || echo "I:failed" +[ $ret -eq 0 ] || echo_i "failed" status=`expr $status + $ret` n=`expr $n + 1` -echo "I:check that cross-zone CNAME records returns target data (rd=1/ra=1) ($n)" +echo_i "check that cross-zone CNAME records returns target data (rd=1/ra=1) ($n)" ret=0 -$DIG $DIGOPTS -p 5300 @10.53.0.2 www.example.com > dig.out.test$n || ret=1 +$DIG $DIGOPTS @10.53.0.2 www.example.com > dig.out.test$n || ret=1 grep "ANSWER: 2," dig.out.test$n > /dev/null || ret=1 grep "flags: qr aa rd ra;" dig.out.test$n > /dev/null || ret=1 grep "www.example.com.*CNAME.*server.example.net" dig.out.test$n > /dev/null || ret=1 grep "server.example.net.*A.*10.53.0.100" dig.out.test$n > /dev/null || ret=1 -[ $ret -eq 0 ] || echo "I:failed" +[ $ret -eq 0 ] || echo_i "failed" status=`expr $status + $ret` # # In-zone CNAME records should always be followed regardless of RD and RA. # n=`expr $n + 1` -echo "I:check that in-zone CNAME records returns target data (rd=0/ra=0) ($n)" +echo_i "check that in-zone CNAME records returns target data (rd=0/ra=0) ($n)" ret=0 -$DIG $DIGOPTS +norec -p 5300 @10.53.0.1 inzone.example.com > dig.out.test$n || ret=1 +$DIG $DIGOPTS +norec @10.53.0.1 inzone.example.com > dig.out.test$n || ret=1 grep "ANSWER: 2," dig.out.test$n > /dev/null || ret=1 grep "flags: qr aa;" dig.out.test$n > /dev/null || ret=1 grep "inzone.example.com.*CNAME.*a.example.com" dig.out.test$n > /dev/null || ret=1 grep "a.example.com.*A.*10.53.0.1" dig.out.test$n > /dev/null || ret=1 -[ $ret -eq 0 ] || echo "I:failed" +[ $ret -eq 0 ] || echo_i "failed" status=`expr $status + $ret` n=`expr $n + 1` -echo "I:check that in-zone CNAME records returns target data (rd=1/ra=0) ($n)" +echo_i "check that in-zone CNAME records returns target data (rd=1/ra=0) ($n)" ret=0 -$DIG $DIGOPTS +rec -p 5300 @10.53.0.1 inzone.example.com > dig.out.test$n || ret=1 +$DIG $DIGOPTS +rec @10.53.0.1 inzone.example.com > dig.out.test$n || ret=1 grep "ANSWER: 2," dig.out.test$n > /dev/null || ret=1 grep "flags: qr aa rd;" dig.out.test$n > /dev/null || ret=1 grep "inzone.example.com.*CNAME.*a.example.com" dig.out.test$n > /dev/null || ret=1 grep "a.example.com.*A.*10.53.0.1" dig.out.test$n > /dev/null || ret=1 -[ $ret -eq 0 ] || echo "I:failed" +[ $ret -eq 0 ] || echo_i "failed" status=`expr $status + $ret` n=`expr $n + 1` -echo "I:check that in-zone CNAME records returns target data (rd=0/ra=1) ($n)" +echo_i "check that in-zone CNAME records returns target data (rd=0/ra=1) ($n)" ret=0 -$DIG $DIGOPTS +norec -p 5300 @10.53.0.2 inzone.example.com > dig.out.test$n || ret=1 +$DIG $DIGOPTS +norec @10.53.0.2 inzone.example.com > dig.out.test$n || ret=1 grep "ANSWER: 2," dig.out.test$n > /dev/null || ret=1 grep "flags: qr aa ra;" dig.out.test$n > /dev/null || ret=1 grep "inzone.example.com.*CNAME.*a.example.com" dig.out.test$n > /dev/null || ret=1 grep "a.example.com.*A.*10.53.0.1" dig.out.test$n > /dev/null || ret=1 -[ $ret -eq 0 ] || echo "I:failed" +[ $ret -eq 0 ] || echo_i "failed" status=`expr $status + $ret` n=`expr $n + 1` -echo "I:check that in-zone CNAME records returns target data (rd=1/ra=1) ($n)" +echo_i "check that in-zone CNAME records returns target data (rd=1/ra=1) ($n)" ret=0 -$DIG $DIGOPTS -p 5300 @10.53.0.2 inzone.example.com > dig.out.test$n || ret=1 +$DIG $DIGOPTS @10.53.0.2 inzone.example.com > dig.out.test$n || ret=1 grep "ANSWER: 2," dig.out.test$n > /dev/null || ret=1 grep "flags: qr aa rd ra;" dig.out.test$n > /dev/null || ret=1 grep "inzone.example.com.*CNAME.*a.example.com" dig.out.test$n > /dev/null || ret=1 grep "a.example.com.*A.*10.53.0.1" dig.out.test$n > /dev/null || ret=1 -[ $ret -eq 0 ] || echo "I:failed" +[ $ret -eq 0 ] || echo_i "failed" status=`expr $status + $ret` -echo "I:exit status: $status" +echo_i "exit status: $status" [ $status -eq 0 ] || exit 1 diff --git a/bin/tests/system/autosign/clean.sh b/bin/tests/system/autosign/clean.sh index 59bde3d969..f84fc24881 100644 --- a/bin/tests/system/autosign/clean.sh +++ b/bin/tests/system/autosign/clean.sh @@ -11,6 +11,7 @@ rm -f */core rm -f */example.bk rm -f */named.memstats rm -f */named.run +rm -f */named.conf rm -f */trusted.conf */private.conf rm -f activate-now-publish-1day.key rm -f active.key inact.key del.key unpub.key standby.key rev.key diff --git a/bin/tests/system/autosign/ns1/named.conf b/bin/tests/system/autosign/ns1/named.conf.in similarity index 83% rename from bin/tests/system/autosign/ns1/named.conf rename to bin/tests/system/autosign/ns1/named.conf.in index d978dd93e1..f345c7a455 100644 --- a/bin/tests/system/autosign/ns1/named.conf +++ b/bin/tests/system/autosign/ns1/named.conf.in @@ -6,17 +6,13 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.3 2009/11/30 23:48:02 tbox Exp $ */ - // NS1 -controls { /* empty */ }; - options { query-source address 10.53.0.1; notify-source 10.53.0.1; transfer-source 10.53.0.1; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.1; }; listen-on-v6 { none; }; @@ -32,7 +28,7 @@ key rndc_key { }; controls { - inet 10.53.0.1 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.1 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; zone "." { diff --git a/bin/tests/system/autosign/ns2/named.conf b/bin/tests/system/autosign/ns2/named.conf.in similarity index 91% rename from bin/tests/system/autosign/ns2/named.conf rename to bin/tests/system/autosign/ns2/named.conf.in index f98318398b..d13c9c6275 100644 --- a/bin/tests/system/autosign/ns2/named.conf +++ b/bin/tests/system/autosign/ns2/named.conf.in @@ -6,17 +6,13 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.7 2011/04/29 23:47:17 tbox Exp $ */ - // NS2 -controls { /* empty */ }; - options { query-source address 10.53.0.2; notify-source 10.53.0.2; transfer-source 10.53.0.2; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.2; }; listen-on-v6 { none; }; @@ -33,7 +29,7 @@ key rndc_key { }; controls { - inet 10.53.0.2 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; zone "." { diff --git a/bin/tests/system/autosign/ns3/named.conf b/bin/tests/system/autosign/ns3/named.conf.in similarity index 98% rename from bin/tests/system/autosign/ns3/named.conf rename to bin/tests/system/autosign/ns3/named.conf.in index 8bbd2f23fb..06f404cc49 100644 --- a/bin/tests/system/autosign/ns3/named.conf +++ b/bin/tests/system/autosign/ns3/named.conf.in @@ -14,7 +14,7 @@ options { query-source address 10.53.0.3; notify-source 10.53.0.3; transfer-source 10.53.0.3; - port 5300; + port @PORT@; session-keyfile "session.key"; pid-file "named.pid"; listen-on { 10.53.0.3; }; @@ -33,7 +33,7 @@ key rndc_key { }; controls { - inet 10.53.0.3 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.3 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; zone "." { diff --git a/bin/tests/system/autosign/ns4/named.conf b/bin/tests/system/autosign/ns4/named.conf.in similarity index 94% rename from bin/tests/system/autosign/ns4/named.conf rename to bin/tests/system/autosign/ns4/named.conf.in index 9e593141d4..4353fd8298 100644 --- a/bin/tests/system/autosign/ns4/named.conf +++ b/bin/tests/system/autosign/ns4/named.conf.in @@ -8,13 +8,11 @@ // NS4 -controls { /* empty */ }; - options { query-source address 10.53.0.4; notify-source 10.53.0.4; transfer-source 10.53.0.4; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.4; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/autosign/ns5/named.conf b/bin/tests/system/autosign/ns5/named.conf.in similarity index 86% rename from bin/tests/system/autosign/ns5/named.conf rename to bin/tests/system/autosign/ns5/named.conf.in index e14415551b..3776961ce1 100644 --- a/bin/tests/system/autosign/ns5/named.conf +++ b/bin/tests/system/autosign/ns5/named.conf.in @@ -6,17 +6,13 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.3 2009/11/30 23:48:02 tbox Exp $ */ - // NS5 -controls { /* empty */ }; - options { query-source address 10.53.0.5; notify-source 10.53.0.5; transfer-source 10.53.0.5; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.5; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/autosign/setup.sh b/bin/tests/system/autosign/setup.sh index 819d224071..0a78c6ee1f 100644 --- a/bin/tests/system/autosign/setup.sh +++ b/bin/tests/system/autosign/setup.sh @@ -13,5 +13,11 @@ SYSTEMTESTTOP=.. test -r $RANDFILE || $GENRANDOM 800 $RANDFILE +copy_setports ns1/named.conf.in ns1/named.conf +copy_setports ns2/named.conf.in ns2/named.conf +copy_setports ns3/named.conf.in ns3/named.conf +copy_setports ns4/named.conf.in ns4/named.conf +copy_setports ns5/named.conf.in ns5/named.conf + echo "I:generating keys and preparing zones" cd ns1 && $SHELL keygen.sh diff --git a/bin/tests/system/autosign/tests.sh b/bin/tests/system/autosign/tests.sh index f25a00bbf1..1bc0c6f8c5 100755 --- a/bin/tests/system/autosign/tests.sh +++ b/bin/tests/system/autosign/tests.sh @@ -12,7 +12,8 @@ SYSTEMTESTTOP=.. status=0 n=0 -DIGOPTS="+tcp +noadd +nosea +nostat +nocmd +dnssec -p 5300" +DIGOPTS="+tcp +noadd +nosea +nostat +nocmd +dnssec -p ${PORT}" +RNDCCMD="$RNDC -c $SYSTEMTESTTOP/common/rndc.conf -p ${CONTROLPORT} -s" # convert private-type records to readable form showprivate () { @@ -42,7 +43,7 @@ checkprivate () { fi echo "$x" - echo "I:failed" + echo_i "failed" return 1 } @@ -52,7 +53,7 @@ checkprivate () { # NSEC records to appear before proceeding with a counter to prevent # infinite loops if there is a error. # -echo "I:waiting for autosign changes to take effect" +echo_i "waiting for autosign changes to take effect" i=0 while [ $i -lt 30 ] do @@ -80,19 +81,19 @@ do done i=`expr $i + 1` if [ $ret = 0 ]; then break; fi - echo "I:waiting ... ($i)" + echo_i "waiting ... ($i)" sleep 2 done n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; else echo "I:done"; fi +if [ $ret != 0 ]; then echo_i "done"; fi status=`expr $status + $ret` # # Check that DNSKEY is initially signed with a KSK and not a ZSK. # -echo "I:check that zone with active and inactive KSK and active ZSK is properly" -echo "I: resigned after the active KSK is deleted - stage 1: Verify that DNSKEY" -echo "I: is initially signed with a KSK and not a ZSK. ($n)" +echo_i "check that zone with active and inactive KSK and active ZSK is properly" +echo_i " resigned after the active KSK is deleted - stage 1: Verify that DNSKEY" +echo_i " is initially signed with a KSK and not a ZSK. ($n)" ret=0 $DIG $DIGOPTS @10.53.0.3 axfr inacksk3.example > dig.out.ns3.test$n @@ -118,18 +119,18 @@ awk='$4 == "RRSIG" && $5 == "DNSKEY" { printf "%05u\n", $11 }' id=`awk "${awk}" dig.out.ns3.test$n` $SETTIME -D now+5 ns3/Kinacksk3.example.+007+${id} -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 loadkeys inacksk3.example +$RNDCCMD 10.53.0.3 loadkeys inacksk3.example n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` # # Check that zone is initially signed with a ZSK and not a KSK. # -echo "I:check that zone with active and inactive ZSK and active KSK is properly" -echo "I: resigned after the active ZSK is deleted - stage 1: Verify that zone" -echo "I: is initially signed with a ZSK and not a KSK. ($n)" +echo_i "check that zone with active and inactive ZSK and active KSK is properly" +echo_i " resigned after the active ZSK is deleted - stage 1: Verify that zone" +echo_i " is initially signed with a ZSK and not a KSK. ($n)" ret=0 $DIG $DIGOPTS @10.53.0.3 axfr inaczsk3.example > dig.out.ns3.test$n kskid=`awk '$4 == "DNSKEY" && $5 == 257 { print }' dig.out.ns3.test$n | @@ -146,12 +147,12 @@ count=`awk 'BEGIN { count = 0 } test $count -eq 3 || ret=1 id=`awk '$4 == "RRSIG" && $5 == "CNAME" { printf "%05u\n", $11 }' dig.out.ns3.test$n` $SETTIME -D now+5 ns3/Kinaczsk3.example.+007+${id} -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 loadkeys inaczsk3.example +$RNDCCMD 10.53.0.3 loadkeys inaczsk3.example n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking NSEC->NSEC3 conversion prerequisites ($n)" +echo_i "checking NSEC->NSEC3 conversion prerequisites ($n)" ret=0 # these commands should result in an empty file: $DIG $DIGOPTS +noall +answer nsec3.example. nsec3param @10.53.0.3 > dig.out.ns3.1.test$n || ret=1 @@ -159,20 +160,20 @@ grep "NSEC3PARAM" dig.out.ns3.1.test$n > /dev/null && ret=1 $DIG $DIGOPTS +noall +answer autonsec3.example. nsec3param @10.53.0.3 > dig.out.ns3.2.test$n || ret=1 grep "NSEC3PARAM" dig.out.ns3.2.test$n > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking NSEC3->NSEC conversion prerequisites ($n)" +echo_i "checking NSEC3->NSEC conversion prerequisites ($n)" ret=0 $DIG $DIGOPTS +noall +answer nsec3-to-nsec.example. nsec3param @10.53.0.3 > dig.out.ns3.test$n || ret=1 grep "NSEC3PARAM" dig.out.ns3.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:converting zones from nsec to nsec3" +echo_i "converting zones from nsec to nsec3" $NSUPDATE > /dev/null 2>&1 < nsupdate.out 2>&1 < dig.out.ns3.test$n || ret=1 grep "NSEC3PARAM" dig.out.ns3.test$n > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking for nsec3param signing record ($n)" +echo_i "checking for nsec3param signing record ($n)" ret=0 -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 signing -list autonsec3.example. > signing.out.test$n 2>&1 +$RNDCCMD 10.53.0.3 signing -list autonsec3.example. > signing.out.test$n 2>&1 grep "Pending NSEC3 chain 1 0 20 DEAF" signing.out.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:resetting nsec3param via rndc signing ($n)" +echo_i "resetting nsec3param via rndc signing ($n)" ret=0 -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 signing -clear all autonsec3.example. > /dev/null 2>&1 -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 signing -nsec3param 1 1 10 beef autonsec3.example. > /dev/null 2>&1 +$RNDCCMD 10.53.0.3 signing -clear all autonsec3.example. > /dev/null 2>&1 +$RNDCCMD 10.53.0.3 signing -nsec3param 1 1 10 beef autonsec3.example. > /dev/null 2>&1 for i in 0 1 2 3 4 5 6 7 8 9; do ret=0 - $RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 signing -list autonsec3.example. > signing.out.test$n 2>&1 + $RNDCCMD 10.53.0.3 signing -list autonsec3.example. > signing.out.test$n 2>&1 grep "Pending NSEC3 chain 1 1 10 BEEF" signing.out.test$n > /dev/null || ret=1 num=`grep "Pending " signing.out.test$n | wc -l` [ $num -eq 1 ] || ret=1 [ $ret -eq 0 ] && break - echo "I:waiting ... ($i)" + echo_i "waiting ... ($i)" sleep 2 done n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:signing preset nsec3 zone" +echo_i "signing preset nsec3 zone" zsk=`cat autozsk.key` ksk=`cat autoksk.key` $SETTIME -K ns3 -P now -A now $zsk > /dev/null 2>&1 $SETTIME -K ns3 -P now -A now $ksk > /dev/null 2>&1 -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 loadkeys autonsec3.example. 2>&1 | sed 's/^/I:ns3 /' +$RNDCCMD 10.53.0.3 loadkeys autonsec3.example. 2>&1 | sed 's/^/I:ns3 /' -echo "I:waiting for changes to take effect" +echo_i "waiting for changes to take effect" sleep 3 -echo "I:converting zone from nsec3 to nsec" +echo_i "converting zone from nsec3 to nsec" $NSUPDATE > /dev/null 2>&1 << END || status=1 -server 10.53.0.3 5300 +server 10.53.0.3 ${PORT} zone nsec3-to-nsec.example. update delete nsec3-to-nsec.example. NSEC3PARAM send END -echo "I:waiting for change to take effect" +echo_i "waiting for change to take effect" sleep 3 -echo "I:checking that expired RRSIGs from missing key are not deleted ($n)" +echo_i "checking that expired RRSIGs from missing key are not deleted ($n)" ret=0 missing=`sed 's/^K.*+007+0*\([0-9]\)/\1/' < missingzsk.key` $JOURNALPRINT ns3/nozsk.example.db.jnl | \ awk '{if ($1 == "del" && $5 == "RRSIG" && $12 == id) {exit 1}} END {exit 0}' id=$missing || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking that expired RRSIGs from inactive key are not deleted ($n)" +echo_i "checking that expired RRSIGs from inactive key are not deleted ($n)" ret=0 inactive=`sed 's/^K.*+007+0*\([0-9]\)/\1/' < inactivezsk.key` $JOURNALPRINT ns3/inaczsk.example.db.jnl | \ awk '{if ($1 == "del" && $5 == "RRSIG" && $12 == id) {exit 1}} END {exit 0}' id=$inactive || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking that non-replaceable RRSIGs are logged only once (missing private key) ($n)" +echo_i "checking that non-replaceable RRSIGs are logged only once (missing private key) ($n)" ret=0 loglines=`grep "Key nozsk.example/NSEC3RSASHA1/$missing .* retaining signatures" ns3/named.run | wc -l` [ "$loglines" -eq 1 ] || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking that non-replaceable RRSIGs are logged only once (inactive private key) ($n)" +echo_i "checking that non-replaceable RRSIGs are logged only once (inactive private key) ($n)" ret=0 loglines=`grep "Key inaczsk.example/NSEC3RSASHA1/$inactive .* retaining signatures" ns3/named.run | wc -l` [ "$loglines" -eq 1 ] || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` # Send rndc sync command to ns1, ns2 and ns3, to force the dynamically # signed zones to be dumped to their zone files -echo "I:dumping zone files" -$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 sync 2>&1 | sed 's/^/I:ns1 /' -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 sync 2>&1 | sed 's/^/I:ns2 /' -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 sync 2>&1 | sed 's/^/I:ns3 /' +echo_i "dumping zone files" +$RNDCCMD 10.53.0.1 sync 2>&1 | sed 's/^/I:ns1 /' +$RNDCCMD 10.53.0.2 sync 2>&1 | sed 's/^/I:ns2 /' +$RNDCCMD 10.53.0.3 sync 2>&1 | sed 's/^/I:ns3 /' -echo "I:checking expired signatures were updated ($n)" +echo_i "checking expired signatures were updated ($n)" for i in 1 2 3 4 5 6 7 8 9 do ret=0 @@ -312,11 +313,11 @@ do [ $ret = 0 ] && break sleep 1 done -if [ $ret != 0 ]; then cat digcomp.out.test$n; echo "I:failed"; fi +if [ $ret != 0 ]; then cat digcomp.out.test$n; echo_i "failed"; fi n=`expr $n + 1` status=`expr $status + $ret` -echo "I:checking NSEC->NSEC3 conversion succeeded ($n)" +echo_i "checking NSEC->NSEC3 conversion succeeded ($n)" ret=0 $DIG $DIGOPTS nsec3.example. nsec3param @10.53.0.3 > dig.out.ns3.ok.test$n || ret=1 grep "status: NOERROR" dig.out.ns3.ok.test$n > /dev/null || ret=1 @@ -326,10 +327,10 @@ $PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1 grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1 grep "status: NXDOMAIN" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking direct NSEC3 autosigning succeeded ($n)" +echo_i "checking direct NSEC3 autosigning succeeded ($n)" ret=0 $DIG $DIGOPTS +noall +answer autonsec3.example. nsec3param @10.53.0.3 > dig.out.ns3.ok.test$n || ret=1 [ -s dig.out.ns3.ok.test$n ] || ret=1 @@ -340,17 +341,17 @@ $PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1 grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1 grep "status: NXDOMAIN" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking NSEC->NSEC3 conversion failed with NSEC-only key ($n)" +echo_i "checking NSEC->NSEC3 conversion failed with NSEC-only key ($n)" ret=0 grep "failed: REFUSED" nsupdate.out > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking NSEC3->NSEC conversion succeeded ($n)" +echo_i "checking NSEC3->NSEC conversion succeeded ($n)" ret=0 # this command should result in an empty file: $DIG $DIGOPTS +noall +answer nsec3-to-nsec.example. nsec3param @10.53.0.3 > dig.out.ns3.nx.test$n || ret=1 @@ -361,12 +362,12 @@ $PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1 grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1 grep "status: NXDOMAIN" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking NSEC3->NSEC conversion with 'rndc signing -nsec3param none' ($n)" +echo_i "checking NSEC3->NSEC conversion with 'rndc signing -nsec3param none' ($n)" ret=0 -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 signing -nsec3param none autonsec3.example. > /dev/null 2>&1 +$RNDCCMD 10.53.0.3 signing -nsec3param none autonsec3.example. > /dev/null 2>&1 sleep 2 # this command should result in an empty file: $DIG $DIGOPTS +noall +answer autonsec3.example. nsec3param @10.53.0.3 > dig.out.ns3.nx.test$n || ret=1 @@ -377,56 +378,56 @@ $PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1 grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1 grep "status: NXDOMAIN" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking TTLs of imported DNSKEYs (no default) ($n)" +echo_i "checking TTLs of imported DNSKEYs (no default) ($n)" ret=0 $DIG $DIGOPTS +tcp +noall +answer dnskey ttl1.example. @10.53.0.3 > dig.out.ns3.test$n || ret=1 [ -s dig.out.ns3.test$n ] || ret=1 awk 'BEGIN {r=0} $2 != 300 {r=1; print "I:found TTL " $2} END {exit r}' dig.out.ns3.test$n || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking TTLs of imported DNSKEYs (with default) ($n)" +echo_i "checking TTLs of imported DNSKEYs (with default) ($n)" ret=0 $DIG $DIGOPTS +tcp +noall +answer dnskey ttl2.example. @10.53.0.3 > dig.out.ns3.test$n || ret=1 [ -s dig.out.ns3.test$n ] || ret=1 awk 'BEGIN {r=0} $2 != 60 {r=1; print "I:found TTL " $2} END {exit r}' dig.out.ns3.test$n || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking TTLs of imported DNSKEYs (mismatched) ($n)" +echo_i "checking TTLs of imported DNSKEYs (mismatched) ($n)" ret=0 $DIG $DIGOPTS +tcp +noall +answer dnskey ttl3.example. @10.53.0.3 > dig.out.ns3.test$n || ret=1 [ -s dig.out.ns3.test$n ] || ret=1 awk 'BEGIN {r=0} $2 != 30 {r=1; print "I:found TTL " $2} END {exit r}' dig.out.ns3.test$n || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking TTLs of imported DNSKEYs (existing RRset) ($n)" +echo_i "checking TTLs of imported DNSKEYs (existing RRset) ($n)" ret=0 $DIG $DIGOPTS +tcp +noall +answer dnskey ttl4.example. @10.53.0.3 > dig.out.ns3.test$n || ret=1 [ -s dig.out.ns3.test$n ] || ret=1 awk 'BEGIN {r=0} $2 != 30 {r=1; print "I:found TTL " $2} END {exit r}' dig.out.ns3.test$n || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking positive validation NSEC ($n)" +echo_i "checking positive validation NSEC ($n)" ret=0 $DIG $DIGOPTS +noauth a.example. @10.53.0.2 a > dig.out.ns2.test$n || ret=1 $DIG $DIGOPTS +noauth a.example. @10.53.0.4 a > dig.out.ns4.test$n || ret=1 $PERL ../digcomp.pl dig.out.ns2.test$n dig.out.ns4.test$n || ret=1 grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking positive validation NSEC3 ($n)" +echo_i "checking positive validation NSEC3 ($n)" ret=0 $DIG $DIGOPTS +noauth a.nsec3.example. \ @10.53.0.3 a > dig.out.ns3.test$n || ret=1 @@ -435,10 +436,10 @@ $DIG $DIGOPTS +noauth a.nsec3.example. \ $PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1 grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking positive validation OPTOUT ($n)" +echo_i "checking positive validation OPTOUT ($n)" ret=0 $DIG $DIGOPTS +noauth a.optout.example. \ @10.53.0.3 a > dig.out.ns3.test$n || ret=1 @@ -447,10 +448,10 @@ $DIG $DIGOPTS +noauth a.optout.example. \ $PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1 grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking negative validation NXDOMAIN NSEC ($n)" +echo_i "checking negative validation NXDOMAIN NSEC ($n)" ret=0 $DIG $DIGOPTS +noauth q.example. @10.53.0.2 a > dig.out.ns2.test$n || ret=1 $DIG $DIGOPTS +noauth q.example. @10.53.0.4 a > dig.out.ns4.test$n || ret=1 @@ -458,10 +459,10 @@ $PERL ../digcomp.pl dig.out.ns2.test$n dig.out.ns4.test$n || ret=1 grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1 grep "status: NXDOMAIN" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking negative validation NXDOMAIN NSEC3 ($n)" +echo_i "checking negative validation NXDOMAIN NSEC3 ($n)" ret=0 $DIG $DIGOPTS +noauth q.nsec3.example. \ @10.53.0.3 a > dig.out.ns3.test$n || ret=1 @@ -471,10 +472,10 @@ $PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1 grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1 grep "status: NXDOMAIN" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking negative validation NXDOMAIN OPTOUT ($n)" +echo_i "checking negative validation NXDOMAIN OPTOUT ($n)" ret=0 $DIG $DIGOPTS +noauth q.optout.example. \ @10.53.0.3 a > dig.out.ns3.test$n || ret=1 @@ -485,10 +486,10 @@ grep "status: NXDOMAIN" dig.out.ns4.test$n > /dev/null || ret=1 # Note - this is looking for failure, hence the && grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking negative validation NODATA NSEC ($n)" +echo_i "checking negative validation NODATA NSEC ($n)" ret=0 $DIG $DIGOPTS +noauth a.example. @10.53.0.2 txt > dig.out.ns2.test$n || ret=1 $DIG $DIGOPTS +noauth a.example. @10.53.0.4 txt > dig.out.ns4.test$n || ret=1 @@ -497,10 +498,10 @@ grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1 grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 grep "ANSWER: 0" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking negative validation NODATA NSEC3 ($n)" +echo_i "checking negative validation NODATA NSEC3 ($n)" ret=0 $DIG $DIGOPTS +noauth a.nsec3.example. \ @10.53.0.3 txt > dig.out.ns3.test$n || ret=1 @@ -511,10 +512,10 @@ grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1 grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 grep "ANSWER: 0" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking negative validation NODATA OPTOUT ($n)" +echo_i "checking negative validation NODATA OPTOUT ($n)" ret=0 $DIG $DIGOPTS +noauth a.optout.example. \ @10.53.0.3 txt > dig.out.ns3.test$n || ret=1 @@ -525,12 +526,12 @@ grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1 grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 grep "ANSWER: 0" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` # Check the insecure.example domain -echo "I:checking 1-server insecurity proof NSEC ($n)" +echo_i "checking 1-server insecurity proof NSEC ($n)" ret=0 $DIG $DIGOPTS +noauth a.insecure.example. @10.53.0.3 a > dig.out.ns3.test$n || ret=1 $DIG $DIGOPTS +noauth a.insecure.example. @10.53.0.4 a > dig.out.ns4.test$n || ret=1 @@ -539,10 +540,10 @@ grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 # Note - this is looking for failure, hence the && grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking 1-server negative insecurity proof NSEC ($n)" +echo_i "checking 1-server negative insecurity proof NSEC ($n)" ret=0 $DIG $DIGOPTS q.insecure.example. a @10.53.0.3 \ > dig.out.ns3.test$n || ret=1 @@ -553,12 +554,12 @@ grep "status: NXDOMAIN" dig.out.ns4.test$n > /dev/null || ret=1 # Note - this is looking for failure, hence the && grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` # Check the secure.example domain -echo "I:checking multi-stage positive validation NSEC/NSEC ($n)" +echo_i "checking multi-stage positive validation NSEC/NSEC ($n)" ret=0 $DIG $DIGOPTS +noauth a.secure.example. \ @10.53.0.3 a > dig.out.ns3.test$n || ret=1 @@ -568,10 +569,10 @@ $PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1 grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking multi-stage positive validation NSEC/NSEC3 ($n)" +echo_i "checking multi-stage positive validation NSEC/NSEC3 ($n)" ret=0 $DIG $DIGOPTS +noauth a.nsec3.example. \ @10.53.0.3 a > dig.out.ns3.test$n || ret=1 @@ -581,10 +582,10 @@ $PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1 grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking multi-stage positive validation NSEC/OPTOUT ($n)" +echo_i "checking multi-stage positive validation NSEC/OPTOUT ($n)" ret=0 $DIG $DIGOPTS +noauth a.optout.example. \ @10.53.0.3 a > dig.out.ns3.test$n || ret=1 @@ -594,10 +595,10 @@ $PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1 grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking multi-stage positive validation NSEC3/NSEC ($n)" +echo_i "checking multi-stage positive validation NSEC3/NSEC ($n)" ret=0 $DIG $DIGOPTS +noauth a.secure.nsec3.example. \ @10.53.0.3 a > dig.out.ns3.test$n || ret=1 @@ -607,10 +608,10 @@ $PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1 grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking multi-stage positive validation NSEC3/NSEC3 ($n)" +echo_i "checking multi-stage positive validation NSEC3/NSEC3 ($n)" ret=0 $DIG $DIGOPTS +noauth a.nsec3.nsec3.example. \ @10.53.0.3 a > dig.out.ns3.test$n || ret=1 @@ -620,10 +621,10 @@ $PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1 grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking multi-stage positive validation NSEC3/OPTOUT ($n)" +echo_i "checking multi-stage positive validation NSEC3/OPTOUT ($n)" ret=0 $DIG $DIGOPTS +noauth a.optout.nsec3.example. \ @10.53.0.3 a > dig.out.ns3.test$n || ret=1 @@ -633,10 +634,10 @@ $PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1 grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking multi-stage positive validation OPTOUT/NSEC ($n)" +echo_i "checking multi-stage positive validation OPTOUT/NSEC ($n)" ret=0 $DIG $DIGOPTS +noauth a.secure.optout.example. \ @10.53.0.3 a > dig.out.ns3.test$n || ret=1 @@ -646,10 +647,10 @@ $PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1 grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking multi-stage positive validation OPTOUT/NSEC3 ($n)" +echo_i "checking multi-stage positive validation OPTOUT/NSEC3 ($n)" ret=0 $DIG $DIGOPTS +noauth a.nsec3.optout.example. \ @10.53.0.3 a > dig.out.ns3.test$n || ret=1 @@ -659,10 +660,10 @@ $PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1 grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking multi-stage positive validation OPTOUT/OPTOUT ($n)" +echo_i "checking multi-stage positive validation OPTOUT/OPTOUT ($n)" ret=0 $DIG $DIGOPTS +noauth a.optout.optout.example. \ @10.53.0.3 a > dig.out.ns3.test$n || ret=1 @@ -672,10 +673,10 @@ $PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1 grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking empty NODATA OPTOUT ($n)" +echo_i "checking empty NODATA OPTOUT ($n)" ret=0 $DIG $DIGOPTS +noauth empty.optout.example. \ @10.53.0.3 a > dig.out.ns3.test$n || ret=1 @@ -685,12 +686,12 @@ $PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1 grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 #grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` # Check the insecure.secure.example domain (insecurity proof) -echo "I:checking 2-server insecurity proof ($n)" +echo_i "checking 2-server insecurity proof ($n)" ret=0 $DIG $DIGOPTS +noauth a.insecure.secure.example. @10.53.0.2 a \ > dig.out.ns2.test$n || ret=1 @@ -701,12 +702,12 @@ grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 # Note - this is looking for failure, hence the && grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` # Check a negative response in insecure.secure.example -echo "I:checking 2-server insecurity proof with a negative answer ($n)" +echo_i "checking 2-server insecurity proof with a negative answer ($n)" ret=0 $DIG $DIGOPTS q.insecure.secure.example. @10.53.0.2 a > dig.out.ns2.test$n \ || ret=1 @@ -717,39 +718,39 @@ grep "status: NXDOMAIN" dig.out.ns4.test$n > /dev/null || ret=1 # Note - this is looking for failure, hence the && grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking security root query ($n)" +echo_i "checking security root query ($n)" ret=0 $DIG $DIGOPTS . @10.53.0.4 key > dig.out.ns4.test$n || ret=1 grep "NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking positive validation RSASHA256 NSEC ($n)" +echo_i "checking positive validation RSASHA256 NSEC ($n)" ret=0 $DIG $DIGOPTS +noauth a.rsasha256.example. @10.53.0.3 a > dig.out.ns3.test$n || ret=1 $DIG $DIGOPTS +noauth a.rsasha256.example. @10.53.0.4 a > dig.out.ns4.test$n || ret=1 $PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1 grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking positive validation RSASHA512 NSEC ($n)" +echo_i "checking positive validation RSASHA512 NSEC ($n)" ret=0 $DIG $DIGOPTS +noauth a.rsasha512.example. @10.53.0.3 a > dig.out.ns3.test$n || ret=1 $DIG $DIGOPTS +noauth a.rsasha512.example. @10.53.0.4 a > dig.out.ns4.test$n || ret=1 $PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1 grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking that positive validation in a privately secure zone works ($n)" +echo_i "checking that positive validation in a privately secure zone works ($n)" ret=0 $DIG $DIGOPTS +noauth a.private.secure.example. a @10.53.0.2 \ > dig.out.ns2.test$n || ret=1 @@ -759,10 +760,10 @@ $PERL ../digcomp.pl dig.out.ns2.test$n dig.out.ns4.test$n || ret=1 grep "NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking that negative validation in a privately secure zone works ($n)" +echo_i "checking that negative validation in a privately secure zone works ($n)" ret=0 $DIG $DIGOPTS +noauth q.private.secure.example. a @10.53.0.2 \ > dig.out.ns2.test$n || ret=1 @@ -773,91 +774,91 @@ grep "NXDOMAIN" dig.out.ns4.test$n > /dev/null || ret=1 # Note - this is looking for failure, hence the && grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking privately secure to nxdomain works ($n)" +echo_i "checking privately secure to nxdomain works ($n)" ret=0 $DIG $DIGOPTS +noauth private2secure-nxdomain.private.secure.example. SOA @10.53.0.4 > dig.out.ns4.test$n || ret=1 grep "NXDOMAIN" dig.out.ns4.test$n > /dev/null || ret=1 grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` # Try validating with a revoked trusted key. # This should fail. -echo "I:checking that validation returns insecure due to revoked trusted key ($n)" +echo_i "checking that validation returns insecure due to revoked trusted key ($n)" ret=0 $DIG $DIGOPTS example. soa @10.53.0.5 > dig.out.ns5.test$n || ret=1 grep "flags:.*; QUERY" dig.out.ns5.test$n > /dev/null || ret=1 grep "flags:.* ad.*; QUERY" dig.out.ns5.test$n > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking that revoked key is present ($n)" +echo_i "checking that revoked key is present ($n)" ret=0 id=`cat rev.key` $DIG $DIGOPTS +multi dnskey . @10.53.0.1 > dig.out.ns1.test$n || ret=1 grep '; key id = '"$id"'$' dig.out.ns1.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking that revoked key self-signs ($n)" +echo_i "checking that revoked key self-signs ($n)" ret=0 id=`cat rev.key` $DIG $DIGOPTS dnskey . @10.53.0.1 > dig.out.ns1.test$n || ret=1 grep 'RRSIG.*'" $id "'\. ' dig.out.ns1.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking for unpublished key ($n)" +echo_i "checking for unpublished key ($n)" ret=0 id=`sed 's/^K.+007+0*\([0-9]\)/\1/' < unpub.key` $DIG $DIGOPTS +multi dnskey . @10.53.0.1 > dig.out.ns1.test$n || ret=1 grep '; key id = '"$id"'$' dig.out.ns1.test$n > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking for activated but unpublished key ($n)" +echo_i "checking for activated but unpublished key ($n)" ret=0 id=`sed 's/^K.+007+0*\([0-9]\)/\1/' < activate-now-publish-1day.key` $DIG $DIGOPTS +multi dnskey . @10.53.0.1 > dig.out.ns1.test$n || ret=1 grep '; key id = '"$id"'$' dig.out.ns1.test$n > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking that standby key does not sign records ($n)" +echo_i "checking that standby key does not sign records ($n)" ret=0 id=`sed 's/^K.+007+0*\([0-9]\)/\1/' < standby.key` $DIG $DIGOPTS dnskey . @10.53.0.1 > dig.out.ns1.test$n || ret=1 grep 'RRSIG.*'" $id "'\. ' dig.out.ns1.test$n > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking that deactivated key does not sign records ($n)" +echo_i "checking that deactivated key does not sign records ($n)" ret=0 id=`sed 's/^K.+007+0*\([0-9]\)/\1/' < inact.key` $DIG $DIGOPTS dnskey . @10.53.0.1 > dig.out.ns1.test$n || ret=1 grep 'RRSIG.*'" $id "'\. ' dig.out.ns1.test$n > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking insertion of public-only key ($n)" +echo_i "checking insertion of public-only key ($n)" ret=0 id=`sed 's/^K.+007+0*\([0-9]\)/\1/' < nopriv.key` file="ns1/`cat nopriv.key`.key" keydata=`grep DNSKEY $file` $NSUPDATE > /dev/null 2>&1 < dig.out.ns1.test$n || ret=1 grep 'RRSIG.*'" $id "'\. ' dig.out.ns1.test$n > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking key deletion ($n)" +echo_i "checking key deletion ($n)" ret=0 id=`sed 's/^K.+007+0*\([0-9]\)/\1/' < del.key` $DIG $DIGOPTS +multi dnskey . @10.53.0.1 > dig.out.ns1.test$n || ret=1 grep '; key id = '"$id"'$' dig.out.ns1.test$n > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking secure-to-insecure transition, nsupdate ($n)" +echo_i "checking secure-to-insecure transition, nsupdate ($n)" ret=0 $NSUPDATE > /dev/null 2>&1 < dig.out.ns3.test$n || ret=1 egrep '(RRSIG|DNSKEY|NSEC)' dig.out.ns3.test$n > /dev/null && ret=1 [ $ret -eq 0 ] && break - echo "I:waiting ... ($i)" + echo_i "waiting ... ($i)" sleep 2 done n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking secure-to-insecure transition, scheduled ($n)" +echo_i "checking secure-to-insecure transition, scheduled ($n)" ret=0 file="ns3/`cat del1.key`.key" $SETTIME -I now -D now $file > /dev/null file="ns3/`cat del2.key`.key" $SETTIME -I now -D now $file > /dev/null -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 sign secure-to-insecure2.example. 2>&1 | sed 's/^/I:ns3 /' +$RNDCCMD 10.53.0.3 sign secure-to-insecure2.example. 2>&1 | sed 's/^/I:ns3 /' for i in 0 1 2 3 4 5 6 7 8 9; do ret=0 $DIG $DIGOPTS axfr secure-to-insecure2.example @10.53.0.3 > dig.out.ns3.test$n || ret=1 egrep '(RRSIG|DNSKEY|NSEC3)' dig.out.ns3.test$n > /dev/null && ret=1 [ $ret -eq 0 ] && break - echo "I:waiting ... ($i)" + echo_i "waiting ... ($i)" sleep 2 done n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking that serial number and RRSIGs are both updated (rt21045) ($n)" +echo_i "checking that serial number and RRSIGs are both updated (rt21045) ($n)" ret=0 oldserial=`$DIG $DIGOPTS +short soa prepub.example @10.53.0.3 | awk '$0 !~ /SOA/ {print $3}'` oldinception=`$DIG $DIGOPTS +short soa prepub.example @10.53.0.3 | awk '/SOA/ {print $6}' | sort -u` $KEYGEN -a rsasha1 -3 -q -r $RANDFILE -K ns3 -P 0 -A +6d -I +38d -D +45d prepub.example > /dev/null -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 sign prepub.example 2>&1 | sed 's/^/I:ns1 /' +$RNDCCMD 10.53.0.3 sign prepub.example 2>&1 | sed 's/^/I:ns1 /' newserial=$oldserial try=0 while [ $oldserial -eq $newserial -a $try -lt 42 ] @@ -942,15 +943,15 @@ newinception=`$DIG $DIGOPTS +short soa prepub.example @10.53.0.3 | awk '/SOA/ {p [ "$oldserial" = "$newserial" ] && ret=1 [ "$oldinception" = "$newinception" ] && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:preparing to test key change corner cases" -echo "I:removing a private key file" +echo_i "preparing to test key change corner cases" +echo_i "removing a private key file" file="ns1/`cat vanishing.key`.private" rm -f $file -echo "I:preparing ZSK roll" +echo_i "preparing ZSK roll" starttime=`$PERL -e 'print time(), "\n";'` oldfile=`cat active.key` oldid=`sed 's/^K.+007+0*\([0-9]\)/\1/' < active.key` @@ -962,35 +963,35 @@ $SETTIME -K ns1 -i 0 -S $oldfile $newfile > /dev/null # note previous zone serial number oldserial=`$DIG $DIGOPTS +short soa . @10.53.0.1 | awk '{print $3}'` -$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 loadkeys . 2>&1 | sed 's/^/I:ns1 /' +$RNDCCMD 10.53.0.1 loadkeys . 2>&1 | sed 's/^/I:ns1 /' sleep 4 -echo "I:revoking key to duplicated key ID" +echo_i "revoking key to duplicated key ID" $SETTIME -R now -K ns2 Kbar.+005+30676.key > /dev/null -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 loadkeys bar. 2>&1 | sed 's/^/I:ns2 /' +$RNDCCMD 10.53.0.2 loadkeys bar. 2>&1 | sed 's/^/I:ns2 /' -echo "I:waiting for changes to take effect" +echo_i "waiting for changes to take effect" sleep 5 -echo "I:checking former standby key is now active ($n)" +echo_i "checking former standby key is now active ($n)" ret=0 $DIG $DIGOPTS dnskey . @10.53.0.1 > dig.out.ns1.test$n || ret=1 grep 'RRSIG.*'" $newid "'\. ' dig.out.ns1.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking former standby key has only signed incrementally ($n)" +echo_i "checking former standby key has only signed incrementally ($n)" ret=0 $DIG $DIGOPTS txt . @10.53.0.1 > dig.out.ns1.test$n || ret=1 grep 'RRSIG.*'" $newid "'\. ' dig.out.ns1.test$n > /dev/null && ret=1 grep 'RRSIG.*'" $oldid "'\. ' dig.out.ns1.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking that signing records have been marked as complete ($n)" +echo_i "checking that signing records have been marked as complete ($n)" ret=0 checkprivate . 10.53.0.1 || ret=1 checkprivate bar 10.53.0.2 || ret=1 @@ -1020,29 +1021,29 @@ checkprivate ttl4.example 10.53.0.3 || ret=1 n=`expr $n + 1` status=`expr $status + $ret` -echo "I:forcing full sign" -$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 sign . 2>&1 | sed 's/^/I:ns1 /' +echo_i "forcing full sign" +$RNDCCMD 10.53.0.1 sign . 2>&1 | sed 's/^/I:ns1 /' -echo "I:waiting for change to take effect" +echo_i "waiting for change to take effect" sleep 5 -echo "I:checking former standby key has now signed fully ($n)" +echo_i "checking former standby key has now signed fully ($n)" ret=0 $DIG $DIGOPTS txt . @10.53.0.1 > dig.out.ns1.test$n || ret=1 grep 'RRSIG.*'" $newid "'\. ' dig.out.ns1.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking SOA serial number has been incremented ($n)" +echo_i "checking SOA serial number has been incremented ($n)" ret=0 newserial=`$DIG $DIGOPTS +short soa . @10.53.0.1 | awk '{print $3}'` [ "$newserial" != "$oldserial" ] || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking delayed key publication/activation ($n)" +echo_i "checking delayed key publication/activation ($n)" ret=0 zsk=`cat delayzsk.key` ksk=`cat delayksk.key` @@ -1053,16 +1054,16 @@ $DIG $DIGOPTS +noall +answer dnskey delay.example. @10.53.0.3 > dig.out.ns3.test # DNSKEY not expected: awk 'BEGIN {r=1} $4=="DNSKEY" {r=0} END {exit r}' dig.out.ns3.test$n && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking scheduled key publication, not activation ($n)" +echo_i "checking scheduled key publication, not activation ($n)" ret=0 $SETTIME -K ns3 -P now+3s -A none $zsk > /dev/null 2>&1 $SETTIME -K ns3 -P now+3s -A none $ksk > /dev/null 2>&1 -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 loadkeys delay.example. 2>&1 | sed 's/^/I:ns2 /' +$RNDCCMD 10.53.0.3 loadkeys delay.example. 2>&1 | sed 's/^/I:ns2 /' -echo "I:waiting for changes to take effect" +echo_i "waiting for changes to take effect" sleep 5 $DIG $DIGOPTS +noall +answer dnskey delay.example. @10.53.0.3 > dig.out.ns3.test$n || ret=1 @@ -1071,16 +1072,16 @@ awk 'BEGIN {r=1} $4=="DNSKEY" {r=0} END {exit r}' dig.out.ns3.test$n || ret=1 # RRSIG not expected: awk 'BEGIN {r=1} $4=="RRSIG" {r=0} END {exit r}' dig.out.ns3.test$n && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking scheduled key activation ($n)" +echo_i "checking scheduled key activation ($n)" ret=0 $SETTIME -K ns3 -A now+3s $zsk > /dev/null 2>&1 $SETTIME -K ns3 -A now+3s $ksk > /dev/null 2>&1 -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 loadkeys delay.example. 2>&1 | sed 's/^/I:ns2 /' +$RNDCCMD 10.53.0.3 loadkeys delay.example. 2>&1 | sed 's/^/I:ns2 /' -echo "I:waiting for changes to take effect" +echo_i "waiting for changes to take effect" sleep 5 $DIG $DIGOPTS +noall +answer dnskey delay.example. @10.53.0.3 > dig.out.ns3.1.test$n || ret=1 @@ -1094,10 +1095,10 @@ awk 'BEGIN {r=1} $4=="A" {r=0} END {exit r}' dig.out.ns3.2.test$n || ret=1 # RRSIG expected: awk 'BEGIN {r=1} $4=="RRSIG" {r=0} END {exit r}' dig.out.ns3.2.test$n || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking former active key was removed ($n)" +echo_i "checking former active key was removed ($n)" # # Work out how long we need to sleep. Allow 4 seconds for the records # to be removed. @@ -1106,25 +1107,25 @@ now=`$PERL -e 'print time(), "\n";'` sleep=`expr $starttime + 29 - $now` case $sleep in -*|0);; -*) echo "I:waiting for timer to have activated"; sleep $sleep;; +*) echo_i "waiting for timer to have activated"; sleep $sleep;; esac ret=0 $DIG $DIGOPTS +multi dnskey . @10.53.0.1 > dig.out.ns1.test$n || ret=1 grep '; key id = '"$oldid"'$' dig.out.ns1.test$n > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking private key file removal caused no immediate harm ($n)" +echo_i "checking private key file removal caused no immediate harm ($n)" ret=0 id=`sed 's/^K.+007+0*\([0-9]\)/\1/' < vanishing.key` $DIG $DIGOPTS dnskey . @10.53.0.1 > dig.out.ns1.test$n || ret=1 grep 'RRSIG.*'" $id "'\. ' dig.out.ns1.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking revoked key with duplicate key ID (failure expected) ($n)" +echo_i "checking revoked key with duplicate key ID (failure expected) ($n)" lret=0 id=30676 $DIG $DIGOPTS +multi dnskey bar @10.53.0.2 > dig.out.ns2.test$n || lret=1 @@ -1132,15 +1133,15 @@ grep '; key id = '"$id"'$' dig.out.ns2.test$n > /dev/null || lret=1 $DIG $DIGOPTS dnskey bar @10.53.0.4 > dig.out.ns4.test$n || lret=1 grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || lret=1 n=`expr $n + 1` -if [ $lret != 0 ]; then echo "I:not yet implemented"; fi +if [ $lret != 0 ]; then echo_i "not yet implemented"; fi -echo "I:checking key event timers are always set ($n)" +echo_i "checking key event timers are always set ($n)" # this is a regression test for a bug in which the next key event could # be scheduled for the present moment, and then never fire. check for # visible evidence of this error in the logs: awk '/next key event/ {if ($1 == $8 && $2 == $9) exit 1}' */named.run || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` # this confirms that key events are never scheduled more than @@ -1170,58 +1171,58 @@ check_interval () { return $? } -echo "I:checking automatic key reloading interval ($n)" +echo_i "checking automatic key reloading interval ($n)" ret=0 check_interval ns1 3600 || ret=1 check_interval ns2 1800 || ret=1 check_interval ns3 600 || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking for key reloading loops ($n)" +echo_i "checking for key reloading loops ($n)" ret=0 # every key event should schedule a successor, so these should be equal rekey_calls=`grep "reconfiguring zone keys" ns*/named.run | wc -l` rekey_events=`grep "next key event" ns*/named.run | wc -l` [ "$rekey_calls" = "$rekey_events" ] || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:forcing full sign with unreadable keys ($n)" +echo_i "forcing full sign with unreadable keys ($n)" ret=0 chmod 0 ns1/K.+*+*.key ns1/K.+*+*.private || ret=1 -$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 sign . 2>&1 | sed 's/^/I:ns1 /' +$RNDCCMD 10.53.0.1 sign . 2>&1 | sed 's/^/I:ns1 /' $DIG $DIGOPTS . @10.53.0.1 dnskey > dig.out.ns1.test$n || ret=1 grep "status: NOERROR" dig.out.ns1.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:test turning on auto-dnssec during reconfig ($n)" +echo_i "test turning on auto-dnssec during reconfig ($n)" ret=0 # first create a zone that doesn't have auto-dnssec -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 addzone reconf.example '{ type master; file "reconf.example.db"; };' 2>&1 | sed 's/^/I:ns3 /' +$RNDCCMD 10.53.0.3 addzone reconf.example '{ type master; file "reconf.example.db"; };' 2>&1 | sed 's/^/I:ns3 /' rekey_calls=`grep "zone reconf.example.*next key event" ns3/named.run | wc -l` [ "$rekey_calls" -eq 0 ] || ret=1 # ...then we add auto-dnssec and reconfigure -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 modzone reconf.example '{ type master; file "reconf.example.db"; allow-update { any; }; auto-dnssec maintain; };' 2>&1 | sed 's/^/I:ns3 /' -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 reconfig 2>&1 | sed 's/^/I:ns3 /' +$RNDCCMD 10.53.0.3 modzone reconf.example '{ type master; file "reconf.example.db"; allow-update { any; }; auto-dnssec maintain; };' 2>&1 | sed 's/^/I:ns3 /' +$RNDCCMD 10.53.0.3 reconfig 2>&1 | sed 's/^/I:ns3 /' for i in 0 1 2 3 4 5 6 7 8 9; do lret=0 rekey_calls=`grep "zone reconf.example.*next key event" ns3/named.run | wc -l` [ "$rekey_calls" -gt 0 ] || lret=1 if [ "$lret" -eq 0 ]; then break; fi - echo "I:waiting ... ($i)" + echo_i "waiting ... ($i)" sleep 1 done n=`expr $n + 1` if [ "$lret" != 0 ]; then ret=$lret; fi -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:test CDS and CDNSKEY auto generation ($n)" +echo_i "test CDS and CDNSKEY auto generation ($n)" ret=0 $DIG $DIGOPTS @10.53.0.3 sync.example cds > dig.out.ns3.cdstest$n $DIG $DIGOPTS @10.53.0.3 sync.example cdnskey > dig.out.ns3.cdnskeytest$n @@ -1229,10 +1230,10 @@ grep -i "sync.example.*in.cds.*[1-9][0-9]* " dig.out.ns3.cdstest$n > /dev/null | grep -i "sync.example.*in.cdnskey.*257 " dig.out.ns3.cdnskeytest$n > /dev/null || ret=1 n=`expr $n + 1` if [ "$lret" != 0 ]; then ret=$lret; fi -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:test 'dnssec-dnskey-kskonly no' affects DNSKEY/CDS/CDNSKEY ($n)" +echo_i "test 'dnssec-dnskey-kskonly no' affects DNSKEY/CDS/CDNSKEY ($n)" ret=0 $DIG $DIGOPTS @10.53.0.3 sync.example dnskey > dig.out.ns3.dnskeytest$n $DIG $DIGOPTS @10.53.0.3 sync.example cdnskey > dig.out.ns3.cdnskeytest$n @@ -1244,10 +1245,10 @@ test ${lines:-0} -eq 2 || ret=1 lines=`awk '$4 == "RRSIG" && $5 == "CDS" {print}' dig.out.ns3.cdstest$n | wc -l` test ${lines:-0} -eq 2 || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:test 'dnssec-dnskey-kskonly yes' affects DNSKEY/CDS/CDNSKEY ($n)" +echo_i "test 'dnssec-dnskey-kskonly yes' affects DNSKEY/CDS/CDNSKEY ($n)" ret=0 $DIG $DIGOPTS @10.53.0.3 kskonly.example dnskey > dig.out.ns3.dnskeytest$n $DIG $DIGOPTS @10.53.0.3 kskonly.example cdnskey > dig.out.ns3.cdnskeytest$n @@ -1259,16 +1260,16 @@ test ${lines:-0} -eq 1 || ret=1 lines=`awk '$4 == "RRSIG" && $5 == "CDS" {print}' dig.out.ns3.cdstest$n | wc -l` test ${lines:-0} -eq 1 || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:setting CDS and CDNSKEY deletion times and calling 'rndc loadkeys'" +echo_i "setting CDS and CDNSKEY deletion times and calling 'rndc loadkeys'" $SETTIME -D sync now+2 `cat sync.key` > /dev/null -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 loadkeys sync.example -echo "I:waiting for deletion to occur" +$RNDCCMD 10.53.0.3 loadkeys sync.example +echo_i "waiting for deletion to occur" sleep 3 -echo "I:checking that the CDS and CDNSKEY are deleted ($n)" +echo_i "checking that the CDS and CDNSKEY are deleted ($n)" ret=0 $DIG $DIGOPTS @10.53.0.3 sync.example cds > dig.out.ns3.cdstest$n $DIG $DIGOPTS @10.53.0.3 sync.example cdnskey > dig.out.ns3.cdnskeytest$n @@ -1276,28 +1277,28 @@ grep -i "sync.example.*in.cds.*[1-9][0-9]* " dig.out.ns3.cdstest$n > /dev/null & grep -i "sync.example.*in.cdnskey.*257 " dig.out.ns3.cdnskeytest$n > /dev/null && ret=1 n=`expr $n + 1` if [ "$lret" != 0 ]; then ret=$lret; fi -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:check that dnssec-settime -p Dsync works ($n)" +echo_i "check that dnssec-settime -p Dsync works ($n)" ret=0 $SETTIME -p Dsync `cat sync.key` > settime.out.$n|| ret=0 grep "SYNC Delete:" settime.out.$n >/dev/null || ret=0 n=`expr $n + 1` if [ "$lret" != 0 ]; then ret=$lret; fi -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:check that dnssec-settime -p Psync works ($n)" +echo_i "check that dnssec-settime -p Psync works ($n)" ret=0 $SETTIME -p Psync `cat sync.key` > settime.out.$n|| ret=0 grep "SYNC Publish:" settime.out.$n >/dev/null || ret=0 n=`expr $n + 1` if [ "$lret" != 0 ]; then ret=$lret; fi -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:check that zone with inactive KSK and active ZSK is properly autosigned ($n)" +echo_i "check that zone with inactive KSK and active ZSK is properly autosigned ($n)" ret=0 $DIG $DIGOPTS @10.53.0.3 axfr inacksk2.example > dig.out.ns3.test$n @@ -1312,23 +1313,23 @@ pattern="DNSKEY 7 2 [0-9]* [0-9]* [0-9]* ${kskid} " grep "${pattern}" dig.out.ns3.test$n > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:check that zone with inactive ZSK and active KSK is properly autosigned ($n)" +echo_i "check that zone with inactive ZSK and active KSK is properly autosigned ($n)" ret=0 $DIG $DIGOPTS @10.53.0.3 axfr inaczsk2.example > dig.out.ns3.test$n grep "SOA 7 2" dig.out.ns3.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` # # Check that DNSKEY is now signed with the ZSK. # -echo "I:check that zone with active and inactive KSK and active ZSK is properly" -echo "I: resigned after the active KSK is deleted - stage 2: Verify that DNSKEY" -echo "I: is now signed with the ZSK. ($n)" +echo_i "check that zone with active and inactive KSK and active ZSK is properly" +echo_i " resigned after the active KSK is deleted - stage 2: Verify that DNSKEY" +echo_i " is now signed with the ZSK. ($n)" ret=0 $DIG $DIGOPTS @10.53.0.3 axfr inacksk3.example > dig.out.ns3.test$n @@ -1349,15 +1350,15 @@ count=`awk 'BEGIN { count = 0 } test $count -eq 2 || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` # # Check that zone is now signed with the KSK. # -echo "I:check that zone with active and inactive ZSK and active KSK is properly" -echo "I: resigned after the active ZSK is deleted - stage 2: Verify that zone" -echo "I: is now signed with the KSK. ($n)" +echo_i "check that zone with active and inactive ZSK and active KSK is properly" +echo_i " resigned after the active ZSK is deleted - stage 2: Verify that zone" +echo_i " is now signed with the KSK. ($n)" ret=0 $DIG $DIGOPTS @10.53.0.3 axfr inaczsk3.example > dig.out.ns3.test$n kskid=`awk '$4 == "DNSKEY" && $5 == 257 { print }' dig.out.ns3.test$n | @@ -1372,8 +1373,8 @@ count=`awk 'BEGIN { count = 0 } END {print count}' dig.out.ns3.test$n` test $count -eq 2 || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:exit status: $status" +echo_i "exit status: $status" [ $status -eq 0 ] || exit 1 diff --git a/bin/tests/system/builtin/clean.sh b/bin/tests/system/builtin/clean.sh index 7422db75c2..89f20492fc 100644 --- a/bin/tests/system/builtin/clean.sh +++ b/bin/tests/system/builtin/clean.sh @@ -8,6 +8,7 @@ rm -f ns?/named.run rm -f ns?/named.memstats +rm -f ns?/named.conf rm -f rndc.status.ns* rm -f dig.out.ns* rm -f ns*/named.lock diff --git a/bin/tests/system/builtin/ns1/named.conf b/bin/tests/system/builtin/ns1/named.conf.in similarity index 78% rename from bin/tests/system/builtin/ns1/named.conf rename to bin/tests/system/builtin/ns1/named.conf.in index b548ec80c8..42820f0b33 100644 --- a/bin/tests/system/builtin/ns1/named.conf +++ b/bin/tests/system/builtin/ns1/named.conf.in @@ -6,17 +6,17 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.3 2011/08/09 04:12:25 tbox Exp $ */ - include "../../common/rndc.key"; -controls { inet 10.53.0.1 port 9953 allow { any; } keys { rndc_key; }; }; +controls { + inet 10.53.0.1 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; +}; options { query-source address 10.53.0.1; notify-source 10.53.0.1; transfer-source 10.53.0.1; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.1; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/builtin/ns2/named.conf b/bin/tests/system/builtin/ns2/named.conf.in similarity index 78% rename from bin/tests/system/builtin/ns2/named.conf rename to bin/tests/system/builtin/ns2/named.conf.in index 7042935b5c..a755fe32d8 100644 --- a/bin/tests/system/builtin/ns2/named.conf +++ b/bin/tests/system/builtin/ns2/named.conf.in @@ -6,17 +6,17 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.3 2011/08/09 04:12:25 tbox Exp $ */ - include "../../common/rndc.key"; -controls { inet 10.53.0.2 port 9953 allow { any; } keys { rndc_key; }; }; +controls { + inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; +}; options { query-source address 10.53.0.2; notify-source 10.53.0.2; transfer-source 10.53.0.2; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.2; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/builtin/ns3/named.conf b/bin/tests/system/builtin/ns3/named.conf.in similarity index 81% rename from bin/tests/system/builtin/ns3/named.conf rename to bin/tests/system/builtin/ns3/named.conf.in index 521092a713..cb744bbfa7 100644 --- a/bin/tests/system/builtin/ns3/named.conf +++ b/bin/tests/system/builtin/ns3/named.conf.in @@ -6,17 +6,17 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.3 2011/08/09 04:12:25 tbox Exp $ */ - include "../../common/rndc.key"; -controls { inet 10.53.0.3 port 9953 allow { any; } keys { rndc_key; }; }; +controls { + inet 10.53.0.3 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; +}; options { query-source address 10.53.0.3; notify-source 10.53.0.3; transfer-source 10.53.0.3; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.3; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/builtin/setup.sh b/bin/tests/system/builtin/setup.sh new file mode 100644 index 0000000000..08a9c49e8c --- /dev/null +++ b/bin/tests/system/builtin/setup.sh @@ -0,0 +1,15 @@ +#!/bin/sh +# +# Copyright (C) 2018 Internet Systems Consortium, Inc. ("ISC") +# +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +SYSTEMTESTTOP=.. +. $SYSTEMTESTTOP/conf.sh + +$SHELL clean.sh +copy_setports ns1/named.conf.in ns1/named.conf +copy_setports ns2/named.conf.in ns2/named.conf +copy_setports ns3/named.conf.in ns3/named.conf diff --git a/bin/tests/system/builtin/tests.sh b/bin/tests/system/builtin/tests.sh index 31180cdd49..98901df6c3 100644 --- a/bin/tests/system/builtin/tests.sh +++ b/bin/tests/system/builtin/tests.sh @@ -4,116 +4,117 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -# $Id: tests.sh,v 1.3 2011/08/09 04:12:25 tbox Exp $ - SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh +DIGOPTS="-p ${PORT}" +RNDCCMD="$RNDC -c $SYSTEMTESTTOP/common/rndc.conf -p ${CONTROLPORT} -s" + status=0 n=0 n=`expr $n + 1` -echo "I:Checking that reconfiguring empty zones is silent ($n)" -$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 reconfig +echo_i "Checking that reconfiguring empty zones is silent ($n)" +$RNDCCMD 10.53.0.1 reconfig ret=0 grep "automatic empty zone" ns1/named.run > /dev/null || ret=1 grep "received control channel command 'reconfig'" ns1/named.run > /dev/null || ret=1 grep "reloading configuration succeeded" ns1/named.run > /dev/null || ret=1 sleep 1 grep "zone serial (0) unchanged." ns1/named.run > /dev/null && ret=1 -if [ $ret != 0 ] ; then echo I:failed; status=`expr $status + $ret`; fi +if [ $ret != 0 ] ; then echo_i "failed; status=`expr $status + $ret`"; fi n=`expr $n + 1` -echo "I:Checking that reloading empty zones is silent ($n)" -$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 reload > /dev/null +echo_i "Checking that reloading empty zones is silent ($n)" +$RNDCCMD 10.53.0.1 reload > /dev/null ret=0 grep "automatic empty zone" ns1/named.run > /dev/null || ret=1 grep "received control channel command 'reload'" ns1/named.run > /dev/null || ret=1 grep "reloading configuration succeeded" ns1/named.run > /dev/null || ret=1 sleep 1 grep "zone serial (0) unchanged." ns1/named.run > /dev/null && ret=1 -if [ $ret != 0 ] ; then echo I:failed; status=`expr $status + $ret`; fi +if [ $ret != 0 ] ; then echo_i "failed; status=`expr $status + $ret`"; fi VERSION=`../../../../isc-config.sh --version | cut -d = -f 2` HOSTNAME=`$FEATURETEST --gethostname` n=`expr $n + 1` ret=0 -echo "I:Checking that default version works for rndc ($n)" -$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 status > rndc.status.ns1.$n 2>&1 +echo_i "Checking that default version works for rndc ($n)" +$RNDCCMD 10.53.0.1 status > rndc.status.ns1.$n 2>&1 grep "^version: BIND $VERSION " rndc.status.ns1.$n > /dev/null || ret=1 -if [ $ret != 0 ] ; then echo I:failed; status=`expr $status + $ret`; fi +if [ $ret != 0 ] ; then echo_i "failed; status=`expr $status + $ret`"; fi n=`expr $n + 1` ret=0 -echo "I:Checking that custom version works for rndc ($n)" -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 status > rndc.status.ns3.$n 2>&1 +echo_i "Checking that custom version works for rndc ($n)" +$RNDCCMD 10.53.0.3 status > rndc.status.ns3.$n 2>&1 grep "^version: BIND $VERSION ${DESCRIPTION}${DESCRIPTION:+ } (this is a test of version)" rndc.status.ns3.$n > /dev/null || ret=1 -if [ $ret != 0 ] ; then echo I:failed; status=`expr $status + $ret`; fi +if [ $ret != 0 ] ; then echo_i "failed; status=`expr $status + $ret`"; fi n=`expr $n + 1` ret=0 -echo "I:Checking that default version works for query ($n)" -$DIG +short version.bind txt ch @10.53.0.1 -p 5300 > dig.out.ns1.$n +echo_i "Checking that default version works for query ($n)" +$DIG $DIGOPTS +short version.bind txt ch @10.53.0.1 > dig.out.ns1.$n grep "^\"$VERSION\"$" dig.out.ns1.$n > /dev/null || ret=1 -if [ $ret != 0 ] ; then echo I:failed; status=`expr $status + $ret`; fi +if [ $ret != 0 ] ; then echo_i "failed; status=`expr $status + $ret`"; fi n=`expr $n + 1` ret=0 -echo "I:Checking that custom version works for query ($n)" -$DIG +short version.bind txt ch @10.53.0.3 -p 5300 > dig.out.ns3.$n +echo_i "Checking that custom version works for query ($n)" +$DIG $DIGOPTS +short version.bind txt ch @10.53.0.3 > dig.out.ns3.$n grep "^\"this is a test of version\"$" dig.out.ns3.$n > /dev/null || ret=1 -if [ $ret != 0 ] ; then echo I:failed; status=`expr $status + $ret`; fi +if [ $ret != 0 ] ; then echo_i "failed; status=`expr $status + $ret`"; fi n=`expr $n + 1` ret=0 -echo "I:Checking that default hostname works for query ($n)" -$DIG +short hostname.bind txt ch @10.53.0.1 -p 5300 > dig.out.ns1.$n +echo_i "Checking that default hostname works for query ($n)" +$DIG $DIGOPTS +short hostname.bind txt ch @10.53.0.1 > dig.out.ns1.$n grep "^\"$HOSTNAME\"$" dig.out.ns1.$n > /dev/null || ret=1 -if [ $ret != 0 ] ; then echo I:failed; status=`expr $status + $ret`; fi +if [ $ret != 0 ] ; then echo_i "failed; status=`expr $status + $ret`"; fi n=`expr $n + 1` ret=0 -echo "I:Checking that custom hostname works for query ($n)" -$DIG +short hostname.bind txt ch @10.53.0.3 -p 5300 > dig.out.ns3.$n +echo_i "Checking that custom hostname works for query ($n)" +$DIG $DIGOPTS +short hostname.bind txt ch @10.53.0.3 > dig.out.ns3.$n grep "^\"this.is.a.test.of.hostname\"$" dig.out.ns3.$n > /dev/null || ret=1 -if [ $ret != 0 ] ; then echo I:failed; status=`expr $status + $ret`; fi +if [ $ret != 0 ] ; then echo_i "failed; status=`expr $status + $ret`"; fi n=`expr $n + 1` ret=0 -echo "I:Checking that default server-id is none for query ($n)" -$DIG id.server txt ch @10.53.0.1 -p 5300 > dig.out.ns1.$n +echo_i "Checking that default server-id is none for query ($n)" +$DIG $DIGOPTS id.server txt ch @10.53.0.1 > dig.out.ns1.$n grep "status: NOERROR" dig.out.ns1.$n > /dev/null || ret=1 grep "ANSWER: 0" dig.out.ns1.$n > /dev/null || ret=1 -if [ $ret != 0 ] ; then echo I:failed; status=`expr $status + $ret`; fi +if [ $ret != 0 ] ; then echo_i "failed; status=`expr $status + $ret`"; fi n=`expr $n + 1` ret=0 -echo "I:Checking that server-id hostname works for query ($n)" -$DIG +short id.server txt ch @10.53.0.2 -p 5300 > dig.out.ns2.$n +echo_i "Checking that server-id hostname works for query ($n)" +$DIG $DIGOPTS +short id.server txt ch @10.53.0.2 > dig.out.ns2.$n grep "^\"$HOSTNAME\"$" dig.out.ns2.$n > /dev/null || ret=1 -if [ $ret != 0 ] ; then echo I:failed; status=`expr $status + $ret`; fi +if [ $ret != 0 ] ; then echo_i "failed; status=`expr $status + $ret`"; fi n=`expr $n + 1` ret=0 -echo "I:Checking that server-id hostname works for EDNS name server ID request ($n)" -$DIG +norec +nsid foo @10.53.0.2 -p 5300 > dig.out.ns2.$n +echo_i "Checking that server-id hostname works for EDNS name server ID request ($n)" +$DIG $DIGOPTS +norec +nsid foo @10.53.0.2 > dig.out.ns2.$n grep "^; NSID: .* (\"$HOSTNAME\")$" dig.out.ns2.$n > /dev/null || ret=1 -if [ $ret != 0 ] ; then echo I:failed; status=`expr $status + $ret`; fi +if [ $ret != 0 ] ; then echo_i "failed; status=`expr $status + $ret`"; fi n=`expr $n + 1` ret=0 -echo "I:Checking that custom server-id works for query ($n)" -$DIG +short id.server txt ch @10.53.0.3 -p 5300 > dig.out.ns3.$n +echo_i "Checking that custom server-id works for query ($n)" +$DIG $DIGOPTS +short id.server txt ch @10.53.0.3 > dig.out.ns3.$n grep "^\"this.is.a.test.of.server-id\"$" dig.out.ns3.$n > /dev/null || ret=1 -if [ $ret != 0 ] ; then echo I:failed; status=`expr $status + $ret`; fi +if [ $ret != 0 ] ; then echo_i "failed; status=`expr $status + $ret`"; fi n=`expr $n + 1` ret=0 -echo "I:Checking that custom server-id works for EDNS name server ID request ($n)" -$DIG +norec +nsid foo @10.53.0.3 -p 5300 > dig.out.ns3.$n +echo_i "Checking that custom server-id works for EDNS name server ID request ($n)" +$DIG $DIGOPTS +norec +nsid foo @10.53.0.3 > dig.out.ns3.$n grep "^; NSID: .* (\"this.is.a.test.of.server-id\")$" dig.out.ns3.$n > /dev/null || ret=1 -if [ $ret != 0 ] ; then echo I:failed; status=`expr $status + $ret`; fi +if [ $ret != 0 ] ; then echo_i "failed; status=`expr $status + $ret`"; fi -echo "I:exit status: $status" +echo_i "exit status: $status" [ $status -eq 0 ] || exit 1 diff --git a/bin/tests/system/cacheclean/clean.sh b/bin/tests/system/cacheclean/clean.sh index edb9a6e856..34f287e088 100644 --- a/bin/tests/system/cacheclean/clean.sh +++ b/bin/tests/system/cacheclean/clean.sh @@ -15,5 +15,6 @@ rm -f dig.out.expire rm -f sed.out.* rm -f */named.memstats rm -f */named.run +rm -f */named.conf rm -f ns2/named_dump.db.* rm -f ns*/named.lock diff --git a/bin/tests/system/cacheclean/ns1/named.conf b/bin/tests/system/cacheclean/ns1/named.conf.in similarity index 95% rename from bin/tests/system/cacheclean/ns1/named.conf rename to bin/tests/system/cacheclean/ns1/named.conf.in index 690111caa5..4f35511bca 100644 --- a/bin/tests/system/cacheclean/ns1/named.conf +++ b/bin/tests/system/cacheclean/ns1/named.conf.in @@ -6,13 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -controls { /* empty */ }; - options { query-source address 10.53.0.1; notify-source 10.53.0.1; transfer-source 10.53.0.1; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.1; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/cacheclean/ns2/named.conf b/bin/tests/system/cacheclean/ns2/named.conf.in similarity index 89% rename from bin/tests/system/cacheclean/ns2/named.conf rename to bin/tests/system/cacheclean/ns2/named.conf.in index d351e2f088..e36fdffbf0 100644 --- a/bin/tests/system/cacheclean/ns2/named.conf +++ b/bin/tests/system/cacheclean/ns2/named.conf.in @@ -8,13 +8,11 @@ /* $Id: named.conf,v 1.10 2011/08/02 23:47:52 tbox Exp $ */ -controls { /* empty */ }; - options { query-source address 10.53.0.2; notify-source 10.53.0.2; transfer-source 10.53.0.2; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.2; }; listen-on-v6 { none; }; @@ -29,7 +27,7 @@ key rndc_key { }; controls { - inet 10.53.0.2 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; zone "." { diff --git a/bin/tests/system/cacheclean/setup.sh b/bin/tests/system/cacheclean/setup.sh new file mode 100644 index 0000000000..d4f9dbc358 --- /dev/null +++ b/bin/tests/system/cacheclean/setup.sh @@ -0,0 +1,14 @@ +#!/bin/sh +# +# Copyright (C) 2018 Internet Systems Consortium, Inc. ("ISC") +# +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +SYSTEMTESTTOP=.. +. $SYSTEMTESTTOP/conf.sh + +$SHELL clean.sh +copy_setports ns1/named.conf.in ns1/named.conf +copy_setports ns2/named.conf.in ns2/named.conf diff --git a/bin/tests/system/cacheclean/tests.sh b/bin/tests/system/cacheclean/tests.sh index c68f97c86f..47ef63f8a6 100644 --- a/bin/tests/system/cacheclean/tests.sh +++ b/bin/tests/system/cacheclean/tests.sh @@ -12,9 +12,9 @@ SYSTEMTESTTOP=.. status=0 n=0 -RNDCOPTS="-c ../common/rndc.conf -s 10.53.0.2 -p 9953" +RNDCOPTS="-c ../common/rndc.conf -s 10.53.0.2 -p ${CONTROLPORT}" DIGOPTS="+nosea +nocomm +nocmd +noquest +noadd +noauth +nocomm \ - +nostat @10.53.0.2 -p 5300" + +nostat @10.53.0.2 -p ${PORT}" # fill the cache with nodes from flushtest.example zone load_cache () { @@ -79,40 +79,40 @@ in_cache () { } n=`expr $n + 1` -echo "I:check correctness of routine cache cleaning ($n)" +echo_i "check correctness of routine cache cleaning ($n)" $DIG $DIGOPTS +tcp +keepopen -b 10.53.0.7 -f dig.batch > dig.out.ns2 || status=1 grep ";" dig.out.ns2 $PERL ../digcomp.pl --lc dig.out.ns2 knowngood.dig.out || status=1 n=`expr $n + 1` -echo "I:only one tcp socket was used ($n)" +echo_i "only one tcp socket was used ($n)" tcpclients=`awk '$3 == "client" && $5 ~ /10.53.0.7#[0-9]*:/ {print $5}' ns2/named.run | sort | uniq -c | wc -l` -test $tcpclients -eq 1 || { status=1; echo "I:failed"; } +test $tcpclients -eq 1 || { status=1; echo_i "failed"; } n=`expr $n + 1` -echo "I:reset and check that records are correctly cached initially ($n)" +echo_i "reset and check that records are correctly cached initially ($n)" ret=0 load_cache dump_cache nrecords=`grep flushtest.example ns2/named_dump.db.$n | grep -v '^;' | egrep '(TXT|ANY)'| wc -l` -[ $nrecords -eq 17 ] || { ret=1; echo "I: found $nrecords records expected 17"; } -if [ $ret != 0 ]; then echo "I:failed"; fi +[ $nrecords -eq 17 ] || { ret=1; echo_i "found $nrecords records expected 17"; } +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:check flushing of the full cache ($n)" +echo_i "check flushing of the full cache ($n)" ret=0 clear_cache dump_cache nrecords=`grep flushtest.example ns2/named_dump.db.$n | grep -v '^;' | wc -l` [ $nrecords -eq 0 ] || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:check flushing of individual nodes (interior node) ($n)" +echo_i "check flushing of individual nodes (interior node) ($n)" ret=0 clear_cache load_cache @@ -120,21 +120,21 @@ load_cache in_cache txt top1.flushtest.example || ret=1 $RNDC $RNDCOPTS flushname top1.flushtest.example in_cache txt top1.flushtest.example && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:check flushing of individual nodes (leaf node, under the interior node) ($n)" +echo_i "check flushing of individual nodes (leaf node, under the interior node) ($n)" ret=0 # leaf node, under the interior node (should still exist) in_cache txt third2.second1.top1.flushtest.example || ret=1 $RNDC $RNDCOPTS flushname third2.second1.top1.flushtest.example in_cache txt third2.second1.top1.flushtest.example && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:check flushing of individual nodes (another leaf node, with both positive and negative cache entries) ($n)" +echo_i "check flushing of individual nodes (another leaf node, with both positive and negative cache entries) ($n)" ret=0 # another leaf node, with both positive and negative cache entries in_cache a third1.second1.top1.flushtest.example || ret=1 @@ -142,18 +142,18 @@ in_cache txt third1.second1.top1.flushtest.example || ret=1 $RNDC $RNDCOPTS flushname third1.second1.top1.flushtest.example in_cache a third1.second1.top1.flushtest.example && ret=1 in_cache txt third1.second1.top1.flushtest.example && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:check flushing a nonexistent name ($n)" +echo_i "check flushing a nonexistent name ($n)" ret=0 $RNDC $RNDCOPTS flushname fake.flushtest.example || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:check flushing of namespaces ($n)" +echo_i "check flushing of namespaces ($n)" ret=0 clear_cache load_cache @@ -176,45 +176,45 @@ $RNDC $RNDCOPTS flushtree top2.flushtest.example in_cache txt second1.top2.flushtest.example && ret=1 in_cache txt second2.top2.flushtest.example && ret=1 in_cache txt second3.top2.flushtest.example && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:check flushing a nonexistent namespace ($n)" +echo_i "check flushing a nonexistent namespace ($n)" ret=0 $RNDC $RNDCOPTS flushtree fake.flushtest.example || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:check the number of cached records remaining ($n)" +echo_i "check the number of cached records remaining ($n)" ret=0 dump_cache nrecords=`grep flushtest.example ns2/named_dump.db.$n | grep -v '^;' | egrep '(TXT|ANY)' | wc -l` -[ $nrecords -eq 17 ] || { ret=1; echo "I: found $nrecords records expected 17"; } -if [ $ret != 0 ]; then echo "I:failed"; fi +[ $nrecords -eq 17 ] || { ret=1; echo_i "found $nrecords records expected 17"; } +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:check the check that flushname of a partial match works ($n)" +echo_i "check the check that flushname of a partial match works ($n)" ret=0 in_cache txt second2.top1.flushtest.example || ret=1 $RNDC $RNDCOPTS flushtree example in_cache txt second2.top1.flushtest.example && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:check the number of cached records remaining ($n)" +echo_i "check the number of cached records remaining ($n)" ret=0 dump_cache nrecords=`grep flushtest.example ns2/named_dump.db.$n | grep -v '^;' | egrep '(TXT|ANY)' | wc -l` -[ $nrecords -eq 1 ] || { ret=1; echo "I: found $nrecords records expected 1"; } -if [ $ret != 0 ]; then echo "I:failed"; fi +[ $nrecords -eq 1 ] || { ret=1; echo_i "found $nrecords records expected 1"; } +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:check flushtree clears adb correctly ($n)" +echo_i "check flushtree clears adb correctly ($n)" ret=0 load_cache dump_cache @@ -232,24 +232,24 @@ sed -n '/plain success\/timeout/,/Unassociated entries/p' \ grep 'plain success/timeout' sed.out.$n.b > /dev/null 2>&1 || ret=1 grep 'Unassociated entries' sed.out.$n.b > /dev/null 2>&1 || ret=1 grep 'ns.flushtest.example' sed.out.$n.b > /dev/null 2>&1 && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:check expire option returned from master zone ($n)" +echo_i "check expire option returned from master zone ($n)" ret=0 -$DIG @10.53.0.1 -p 5300 +expire soa expire-test > dig.out.expire +$DIG @10.53.0.1 -p ${PORT} +expire soa expire-test > dig.out.expire grep EXPIRE: dig.out.expire > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:check expire option returned from slave zone ($n)" +echo_i "check expire option returned from slave zone ($n)" ret=0 -$DIG @10.53.0.2 -p 5300 +expire soa expire-test > dig.out.expire +$DIG @10.53.0.2 -p ${PORT} +expire soa expire-test > dig.out.expire grep EXPIRE: dig.out.expire > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:exit status: $status" +echo_i "exit status: $status" [ $status -eq 0 ] || exit 1 diff --git a/bin/tests/system/case/clean.sh b/bin/tests/system/case/clean.sh index 4297a8b10c..e98c7f9a22 100644 --- a/bin/tests/system/case/clean.sh +++ b/bin/tests/system/case/clean.sh @@ -7,6 +7,7 @@ # file, You can obtain one at http://mozilla.org/MPL/2.0/. rm -f dig.ns*.test* +rm -f ns*/named.conf rm -f ns*/named.lock rm -f ns*/named.memstats rm -f ns*/named.run diff --git a/bin/tests/system/case/ns1/named.conf b/bin/tests/system/case/ns1/named.conf.in similarity index 95% rename from bin/tests/system/case/ns1/named.conf rename to bin/tests/system/case/ns1/named.conf.in index 533cc7c1cd..9e988ac800 100644 --- a/bin/tests/system/case/ns1/named.conf +++ b/bin/tests/system/case/ns1/named.conf.in @@ -6,13 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -controls { /* empty */ }; - options { query-source address 10.53.0.1; notify-source 10.53.0.1; transfer-source 10.53.0.1; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.1; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/case/ns2/named.conf b/bin/tests/system/case/ns2/named.conf.in similarity index 95% rename from bin/tests/system/case/ns2/named.conf rename to bin/tests/system/case/ns2/named.conf.in index 9455d01ee7..5738ca07f5 100644 --- a/bin/tests/system/case/ns2/named.conf +++ b/bin/tests/system/case/ns2/named.conf.in @@ -6,13 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -controls { /* empty */ }; - options { query-source address 10.53.0.2; notify-source 10.53.0.2; transfer-source 10.53.0.2; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.2; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/case/setup.sh b/bin/tests/system/case/setup.sh index dc6068a8c6..bad7b34cfd 100644 --- a/bin/tests/system/case/setup.sh +++ b/bin/tests/system/case/setup.sh @@ -4,5 +4,10 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -sh clean.sh -cp ns1/dynamic.db.in ns1/dynamic.db +SYSTEMTESTTOP=.. +. $SYSTEMTESTTOP/conf.sh + +${SHELL} clean.sh +cp -f ns1/dynamic.db.in ns1/dynamic.db +copy_setports ns1/named.conf.in ns1/named.conf +copy_setports ns2/named.conf.in ns2/named.conf diff --git a/bin/tests/system/case/tests.sh b/bin/tests/system/case/tests.sh index 50f7aa612b..32c121a83d 100644 --- a/bin/tests/system/case/tests.sh +++ b/bin/tests/system/case/tests.sh @@ -9,127 +9,127 @@ SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh -DIGOPTS="+tcp +nosea +nostat +noquest +nocomm +nocmd" +DIGOPTS="+tcp +nosea +nostat +noquest +nocomm +nocmd -p ${PORT}" status=0 n=0 n=`expr $n + 1` -echo "I:waiting for zone transfer to complete ($n)" +echo_i "waiting for zone transfer to complete ($n)" ret=0 for i in 1 2 3 4 5 6 7 8 9 do - $DIG $DIGOPTS soa example. @10.53.0.2 -p 5300 > dig.ns2.test$n + $DIG $DIGOPTS soa example. @10.53.0.2 > dig.ns2.test$n grep SOA dig.ns2.test$n > /dev/null && break sleep 1 done for i in 1 2 3 4 5 6 7 8 9 do - $DIG $DIGOPTS soa dynamic. @10.53.0.2 -p 5300 > dig.ns2.test$n + $DIG $DIGOPTS soa dynamic. @10.53.0.2 > dig.ns2.test$n grep SOA dig.ns2.test$n > /dev/null && break sleep 1 done n=`expr $n + 1` -echo "I:testing case preserving responses - no acl ($n)" +echo_i "testing case preserving responses - no acl ($n)" ret=0 -$DIG $DIGOPTS mx example. @10.53.0.1 -p 5300 > dig.ns1.test$n +$DIG $DIGOPTS mx example. @10.53.0.1 > dig.ns1.test$n grep "0.mail.eXaMpLe" dig.ns1.test$n > /dev/null || ret=1 grep "mAiL.example" dig.ns1.test$n > /dev/null || ret=1 -test $ret -eq 0 || echo "I:failed" +test $ret -eq 0 || echo_i "failed" status=`expr $status + $ret` n=`expr $n + 1` -echo "I:testing no-case-compress acl '{ 10.53.0.2; }' ($n)" +echo_i "testing no-case-compress acl '{ 10.53.0.2; }' ($n)" ret=0 # check that we preserve zone case for non-matching query (10.53.0.1) -$DIG $DIGOPTS mx example. -b 10.53.0.1 @10.53.0.1 -p 5300 > dig.ns1.test$n +$DIG $DIGOPTS mx example. -b 10.53.0.1 @10.53.0.1 > dig.ns1.test$n grep "0.mail.eXaMpLe" dig.ns1.test$n > /dev/null || ret=1 grep "mAiL.example" dig.ns1.test$n > /dev/null || ret=1 # check that we don't preserve zone case for match (10.53.0.2) -$DIG $DIGOPTS mx example. -b 10.53.0.2 @10.53.0.2 -p 5300 > dig.ns2.test$n +$DIG $DIGOPTS mx example. -b 10.53.0.2 @10.53.0.2 > dig.ns2.test$n grep "0.mail.example" dig.ns2.test$n > /dev/null || ret=1 grep "mail.example" dig.ns2.test$n > /dev/null || ret=1 -test $ret -eq 0 || echo "I:failed" +test $ret -eq 0 || echo_i "failed" status=`expr $status + $ret` n=`expr $n + 1` -echo "I:testing load of dynamic zone with various \$ORIGIN values ($n)" +echo_i "testing load of dynamic zone with various \$ORIGIN values ($n)" ret=0 -$DIG axfr dynamic @10.53.0.1 -p 5300 > dig.ns1.test$n +$DIG $DIGOPTS axfr dynamic @10.53.0.1 > dig.ns1.test$n $PERL ../digcomp.pl dig.ns1.test$n dynamic.good || ret=1 -test $ret -eq 0 || echo "I:failed" +test $ret -eq 0 || echo_i "failed" status=`expr $status + $ret` n=`expr $n + 1` -echo "I:transfer of dynamic zone with various \$ORIGIN values ($n)" +echo_i "transfer of dynamic zone with various \$ORIGIN values ($n)" ret=0 -$DIG axfr dynamic @10.53.0.2 -p 5300 > dig.ns2.test$n +$DIG $DIGOPTS axfr dynamic @10.53.0.2 > dig.ns2.test$n $PERL ../digcomp.pl dig.ns2.test$n dynamic.good || ret=1 -test $ret -eq 0 || echo "I:failed" +test $ret -eq 0 || echo_i "failed" status=`expr $status + $ret` n=`expr $n + 1` -echo "I:change SOA owner case via update ($n)" +echo_i "change SOA owner case via update ($n)" $NSUPDATE << EOF -server 10.53.0.1 5300 +server 10.53.0.1 ${PORT} zone dynamic update add dYNAMIc 0 SOA mname1. . 2000042408 20 20 1814400 3600 send EOF -$DIG axfr dynamic @10.53.0.1 -p 5300 > dig.ns1.test$n +$DIG $DIGOPTS axfr dynamic @10.53.0.1 > dig.ns1.test$n $PERL ../digcomp.pl dig.ns1.test$n postupdate.good || ret=1 -test $ret -eq 0 || echo "I:failed" +test $ret -eq 0 || echo_i "failed" status=`expr $status + $ret` for i in 1 2 3 4 5 6 7 8 9 do - $DIG soa dynamic @10.53.0.2 -p 5300 | grep 2000042408 > /dev/null && break + $DIG $DIGOPTS soa dynamic @10.53.0.2 | grep 2000042408 > /dev/null && break sleep 1 done n=`expr $n + 1` -echo "I:check SOA owner case is transfered to slave ($n)" +echo_i "check SOA owner case is transfered to slave ($n)" ret=0 -$DIG axfr dynamic @10.53.0.2 -p 5300 > dig.ns2.test$n +$DIG $DIGOPTS axfr dynamic @10.53.0.2 > dig.ns2.test$n $PERL ../digcomp.pl dig.ns2.test$n postupdate.good || ret=1 -test $ret -eq 0 || echo "I:failed" +test $ret -eq 0 || echo_i "failed" status=`expr $status + $ret` #update delete Ns1.DyNaMIC. 300 IN A 10.53.0.1 n=`expr $n + 1` -echo "I:change A record owner case via update ($n)" +echo_i "change A record owner case via update ($n)" $NSUPDATE << EOF -server 10.53.0.1 5300 +server 10.53.0.1 ${PORT} zone dynamic update add Ns1.DyNaMIC. 300 IN A 10.53.0.1 send EOF -$DIG axfr dynamic @10.53.0.1 -p 5300 > dig.ns1.test$n +$DIG $DIGOPTS axfr dynamic @10.53.0.1 > dig.ns1.test$n $PERL ../digcomp.pl dig.ns1.test$n postns1.good || ret=1 -test $ret -eq 0 || echo "I:failed" +test $ret -eq 0 || echo_i "failed" status=`expr $status + $ret` for i in 1 2 3 4 5 6 7 8 9 do - $DIG soa dynamic @10.53.0.2 -p 5300 | grep 2000042409 > /dev/null && break + $DIG $DIGOPTS soa dynamic @10.53.0.2 | grep 2000042409 > /dev/null && break sleep 1 done n=`expr $n + 1` -echo "I:check A owner case is transfered to slave ($n)" +echo_i "check A owner case is transfered to slave ($n)" ret=0 -$DIG axfr dynamic @10.53.0.2 -p 5300 > dig.ns2.test$n +$DIG $DIGOPTS axfr dynamic @10.53.0.2 > dig.ns2.test$n $PERL ../digcomp.pl dig.ns2.test$n postns1.good || ret=1 status=`expr $status + $ret` -echo "I:exit status: $status" +echo_i "exit status: $status" [ $status -eq 0 ] || exit 1 diff --git a/bin/tests/system/catz/tests.sh b/bin/tests/system/catz/tests.sh index 5a02c2a879..d3af71285b 100644 --- a/bin/tests/system/catz/tests.sh +++ b/bin/tests/system/catz/tests.sh @@ -1480,7 +1480,7 @@ ret=0 cat ns2/named.conf.in | sed -e "s/^#T2//" > ns2/named.conf.tmp copy_setports ns2/named.conf.tmp ns2/named.conf $RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 reconfig > /dev/null 2>&1 && ret=1 -if [ $ret != 0 ]; then echo_ "I: failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` diff --git a/bin/tests/system/cds/tests.sh b/bin/tests/system/cds/tests.sh index 5e54cbaaaf..a4098ce895 100644 --- a/bin/tests/system/cds/tests.sh +++ b/bin/tests/system/cds/tests.sh @@ -12,7 +12,7 @@ SYSTEMTESTTOP=.. status=0 n=0 fail() { - echo "I:failed" + echo_i "failed" status=`expr $status + 1` } @@ -23,7 +23,7 @@ runcmd() { testcase() { n=`expr $n + 1` - echo "I:$name ($n)" + echo_i "$name ($n)" expect=$1 shift result=`runcmd "$@"` @@ -234,5 +234,5 @@ name='prefer CDNSKEY' out=DS.2-2 testcase 0 $CDS -D -s -7200 -f sig.cds.cdnskey.2 -d DS.1 $Z -echo "I:exit status: $status" +echo_i "exit status: $status" [ $status -eq 0 ] || exit 1 diff --git a/bin/tests/system/chain/ans3/ans.pl b/bin/tests/system/chain/ans3/ans.pl index 65beae82b7..7eb3a84d57 100644 --- a/bin/tests/system/chain/ans3/ans.pl +++ b/bin/tests/system/chain/ans3/ans.pl @@ -22,7 +22,10 @@ $SIG{INT} = \&rmpid; $SIG{TERM} = \&rmpid; my $localaddr = "10.53.0.3"; -my $localport = 5300; + +my $localport = int($ENV{'PORT'}); +if (!$localport) { $localport = 5300; } + my $verbose = 0; my $ttl = 60; my $zone = "example.broken"; diff --git a/bin/tests/system/chain/ans4/README.anspy b/bin/tests/system/chain/ans4/README.anspy index 1ac6658da0..67bd237dc6 100644 --- a/bin/tests/system/chain/ans4/README.anspy +++ b/bin/tests/system/chain/ans4/README.anspy @@ -9,8 +9,9 @@ ans.py requires at least dnspython 1.12.0. "ans.py" is a fairly simple Python script that will respond as an authoritative server to DNS queries. It opens a UDP socket on 10.53.0.4 -and fd92:7065:b8e:ffff::8, port 5300 (these are for DNS queries) and a TCP -socket addresses on 10.53.0.4 at port 5301 (this is the control channel). +and fd92:7065:b8e:ffff::8, port 5300 (or PORT) (these are for DNS queries) +and a TCP socket addresses on 10.53.0.4 at port 5301 (or EXTRAPORT1) +(this is the control channel). Please note that all functionality and formatting are subject to change as we determine what features the tool will need. diff --git a/bin/tests/system/chain/ans4/ans.py b/bin/tests/system/chain/ans4/ans.py index b2733f04b7..42ff4adb21 100755 --- a/bin/tests/system/chain/ans4/ans.py +++ b/bin/tests/system/chain/ans4/ans.py @@ -266,16 +266,21 @@ def sigterm(signum, frame): ############################################################################ ip4 = "10.53.0.4" ip6 = "fd92:7065:b8e:ffff::4" -sock = 5300 + +try: port=int(os.environ['PORT']) +except: port=5300 + +try: ctrlport=int(os.environ['EXTRAPORT1']) +except: ctrlport=5300 query4_socket = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) -query4_socket.bind((ip4, sock)) +query4_socket.bind((ip4, port)) havev6 = True try: query6_socket = socket.socket(socket.AF_INET6, socket.SOCK_DGRAM) try: - query6_socket.bind((ip6, sock)) + query6_socket.bind((ip6, port)) except: query6_socket.close() havev6 = False @@ -283,7 +288,7 @@ except: havev6 = False ctrl_socket = socket.socket(socket.AF_INET, socket.SOCK_STREAM) -ctrl_socket.bind((ip4, sock + 1)) +ctrl_socket.bind((ip4, ctrlport)) ctrl_socket.listen(5) signal.signal(signal.SIGTERM, sigterm) @@ -295,10 +300,10 @@ f.close() running = True -print ("Listening on %s port %d" % (ip4, sock)) +print ("Listening on %s port %d" % (ip4, port)) if havev6: - print ("Listening on %s port %d" % (ip6, sock)) -print ("Control channel on %s port %d" % (ip4, sock + 1)) + print ("Listening on %s port %d" % (ip6, port)) +print ("Control channel on %s port %d" % (ip4, ctrlport)) print ("Ctrl-c to quit") if havev6: diff --git a/bin/tests/system/chain/clean.sh b/bin/tests/system/chain/clean.sh index de3c22d476..8b6ba8f115 100755 --- a/bin/tests/system/chain/clean.sh +++ b/bin/tests/system/chain/clean.sh @@ -7,5 +7,6 @@ # file, You can obtain one at http://mozilla.org/MPL/2.0/. rm -f dig.out.* named*.pid +rm -f ns*/named.conf rm -f */named.memstats */named.recursing */named.lock */named.run */ans.run rm -f ns2/K* ns2/dsset-* ns2/example.db.signed diff --git a/bin/tests/system/chain/ns1/named.conf b/bin/tests/system/chain/ns1/named.conf.in similarity index 93% rename from bin/tests/system/chain/ns1/named.conf rename to bin/tests/system/chain/ns1/named.conf.in index 83a8afdff6..7942c90c09 100644 --- a/bin/tests/system/chain/ns1/named.conf +++ b/bin/tests/system/chain/ns1/named.conf.in @@ -6,13 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -controls { /* empty */ }; - options { query-source address 10.53.0.1; notify-source 10.53.0.1; transfer-source 10.53.0.1; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.1; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/chain/ns2/named.conf b/bin/tests/system/chain/ns2/named.conf.in similarity index 97% rename from bin/tests/system/chain/ns2/named.conf rename to bin/tests/system/chain/ns2/named.conf.in index 07d2401cc0..c284a7de3c 100644 --- a/bin/tests/system/chain/ns2/named.conf +++ b/bin/tests/system/chain/ns2/named.conf.in @@ -8,13 +8,11 @@ // NS2 -controls { /* empty */ }; - options { query-source address 10.53.0.2; notify-source 10.53.0.2; transfer-source 10.53.0.2; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.2; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/chain/ns5/named.conf b/bin/tests/system/chain/ns5/named.conf.in similarity index 94% rename from bin/tests/system/chain/ns5/named.conf rename to bin/tests/system/chain/ns5/named.conf.in index 70cb8ed65b..f20e4eeeaf 100644 --- a/bin/tests/system/chain/ns5/named.conf +++ b/bin/tests/system/chain/ns5/named.conf.in @@ -8,13 +8,11 @@ // NS2 -controls { /* empty */ }; - options { query-source address 10.53.0.5; notify-source 10.53.0.5; transfer-source 10.53.0.5; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.5; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/chain/ns7/named.conf b/bin/tests/system/chain/ns7/named.conf.in similarity index 86% rename from bin/tests/system/chain/ns7/named.conf rename to bin/tests/system/chain/ns7/named.conf.in index f0ba85159d..3982449154 100644 --- a/bin/tests/system/chain/ns7/named.conf +++ b/bin/tests/system/chain/ns7/named.conf.in @@ -6,14 +6,12 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -controls { /* empty */ }; - options { directory "."; query-source address 10.53.0.7; notify-source 10.53.0.7; transfer-source 10.53.0.7; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.7; }; listen-on-v6 { fd92:7065:b8e:ffff::7; }; @@ -27,7 +25,7 @@ key rndc_key { }; controls { - inet 10.53.0.7 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.7 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; zone "." { diff --git a/bin/tests/system/chain/prereq.sh b/bin/tests/system/chain/prereq.sh index 8d767357f9..eba0165cd7 100644 --- a/bin/tests/system/chain/prereq.sh +++ b/bin/tests/system/chain/prereq.sh @@ -17,11 +17,11 @@ then then : else - echo "I:This test requires the dnspython module." >&2 + echo_i "This test requires the dnspython module." >&2 exit 1 fi else - echo "I:This test requires Python and the dnspython module." >&2 + echo_i "This test requires Python and the dnspython module." >&2 exit 1 fi @@ -31,17 +31,17 @@ then then : else - echo "I:Net::DNS versions 0.69 to 0.74 have bugs that cause this test to fail: please update." >&2 + echo_i "Net::DNS versions 0.69 to 0.74 have bugs that cause this test to fail: please update." >&2 exit 1 fi else - echo "I:This test requires the perl Net::DNS library." >&2 + echo_i "This test requires the perl Net::DNS library." >&2 exit 1 fi if $PERL -e 'use Net::DNS::Nameserver;' 2>/dev/null then : else - echo "I:This test requires the Net::DNS::Nameserver library." >&2 + echo_i "This test requires the Net::DNS::Nameserver library." >&2 exit 1 fi diff --git a/bin/tests/system/chain/setup.sh b/bin/tests/system/chain/setup.sh index ff2ce9c816..f33324da45 100644 --- a/bin/tests/system/chain/setup.sh +++ b/bin/tests/system/chain/setup.sh @@ -13,5 +13,10 @@ $SHELL clean.sh test -r $RANDFILE || $GENRANDOM 400 $RANDFILE +copy_setports ns1/named.conf.in ns1/named.conf +copy_setports ns2/named.conf.in ns2/named.conf +copy_setports ns5/named.conf.in ns5/named.conf +copy_setports ns7/named.conf.in ns7/named.conf + cd ns2 $SHELL sign.sh diff --git a/bin/tests/system/chain/tests.sh b/bin/tests/system/chain/tests.sh index 8577d9624b..5307171dee 100644 --- a/bin/tests/system/chain/tests.sh +++ b/bin/tests/system/chain/tests.sh @@ -7,242 +7,243 @@ SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh -DIGOPTS="-p 5300 " -SEND="$PERL $SYSTEMTESTTOP/send.pl 10.53.0.4 5301" +DIGOPTS="-p ${PORT}" +RNDCCMD="$RNDC -c $SYSTEMTESTTOP/common/rndc.conf -p ${CONTROLPORT} -s" +SEND="$PERL $SYSTEMTESTTOP/send.pl 10.53.0.4 ${EXTRAPORT1}" status=0 n=0 n=`expr $n + 1` -echo "I:checking short DNAME from authoritative ($n)" +echo_i "checking short DNAME from authoritative ($n)" ret=0 -$DIG a.short-dname.example @10.53.0.2 a -p 5300 > dig.out.ns2.short || ret=1 +$DIG $DIGOPTS a.short-dname.example @10.53.0.2 a > dig.out.ns2.short || ret=1 grep "status: NOERROR" dig.out.ns2.short > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking short DNAME from recursive ($n)" +echo_i "checking short DNAME from recursive ($n)" ret=0 -$DIG a.short-dname.example @10.53.0.7 a -p 5300 > dig.out.ns4.short || ret=1 +$DIG $DIGOPTS a.short-dname.example @10.53.0.7 a > dig.out.ns4.short || ret=1 grep "status: NOERROR" dig.out.ns4.short > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking long DNAME from authoritative ($n)" +echo_i "checking long DNAME from authoritative ($n)" ret=0 -$DIG a.long-dname.example @10.53.0.2 a -p 5300 > dig.out.ns2.long || ret=1 +$DIG $DIGOPTS a.long-dname.example @10.53.0.2 a > dig.out.ns2.long || ret=1 grep "status: NOERROR" dig.out.ns2.long > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking long DNAME from recursive ($n)" +echo_i "checking long DNAME from recursive ($n)" ret=0 -$DIG a.long-dname.example @10.53.0.7 a -p 5300 > dig.out.ns4.long || ret=1 +$DIG $DIGOPTS a.long-dname.example @10.53.0.7 a > dig.out.ns4.long || ret=1 grep "status: NOERROR" dig.out.ns4.long > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking (too) long DNAME from authoritative ($n)" +echo_i "checking (too) long DNAME from authoritative ($n)" ret=0 -$DIG 01234567890123456789012345678901234567890123456789.longlonglonglonglonglonglonglonglonglonglonglonglonglonglong.longlonglonglonglonglonglonglonglonglonglonglonglonglonglong.longlonglonglonglonglonglonglonglonglonglonglonglonglonglong.long-dname.example @10.53.0.2 a -p 5300 > dig.out.ns2.toolong || ret=1 +$DIG $DIGOPTS 01234567890123456789012345678901234567890123456789.longlonglonglonglonglonglonglonglonglonglonglonglonglonglong.longlonglonglonglonglonglonglonglonglonglonglonglonglonglong.longlonglonglonglonglonglonglonglonglonglonglonglonglonglong.long-dname.example @10.53.0.2 a > dig.out.ns2.toolong || ret=1 grep "status: YXDOMAIN" dig.out.ns2.toolong > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking (too) long DNAME from recursive with cached DNAME ($n)" +echo_i "checking (too) long DNAME from recursive with cached DNAME ($n)" ret=0 -$DIG 01234567890123456789012345678901234567890123456789.longlonglonglonglonglonglonglonglonglonglonglonglonglonglong.longlonglonglonglonglonglonglonglonglonglonglonglonglonglong.longlonglonglonglonglonglonglonglonglonglonglonglonglonglong.long-dname.example @10.53.0.7 a -p 5300 > dig.out.ns4.cachedtoolong || ret=1 +$DIG $DIGOPTS 01234567890123456789012345678901234567890123456789.longlonglonglonglonglonglonglonglonglonglonglonglonglonglong.longlonglonglonglonglonglonglonglonglonglonglonglonglonglong.longlonglonglonglonglonglonglonglonglonglonglonglonglonglong.long-dname.example @10.53.0.7 a > dig.out.ns4.cachedtoolong || ret=1 grep "status: YXDOMAIN" dig.out.ns4.cachedtoolong > /dev/null || ret=1 grep '^long-dname\.example\..*DNAME.*long' dig.out.ns4.cachedtoolong > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking (too) long DNAME from recursive without cached DNAME ($n)" +echo_i "checking (too) long DNAME from recursive without cached DNAME ($n)" ret=0 -$DIG 01234567890123456789012345678901234567890123456789.longlonglonglonglonglonglonglonglonglonglonglonglonglonglong.longlonglonglonglonglonglonglonglonglonglonglonglonglonglong.longlonglonglonglonglonglonglonglonglonglonglonglonglong.toolong-dname.example @10.53.0.7 a -p 5300 > dig.out.ns4.uncachedtoolong || ret=1 +$DIG $DIGOPTS 01234567890123456789012345678901234567890123456789.longlonglonglonglonglonglonglonglonglonglonglonglonglonglong.longlonglonglonglonglonglonglonglonglonglonglonglonglonglong.longlonglonglonglonglonglonglonglonglonglonglonglonglong.toolong-dname.example @10.53.0.7 a > dig.out.ns4.uncachedtoolong || ret=1 grep "status: YXDOMAIN" dig.out.ns4.uncachedtoolong > /dev/null || ret=1 grep '^toolong-dname\.example\..*DNAME.*long' dig.out.ns4.uncachedtoolong > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking CNAME to DNAME from authoritative ($n)" +echo_i "checking CNAME to DNAME from authoritative ($n)" ret=0 -$DIG cname.example @10.53.0.2 a -p 5300 > dig.out.ns2.cname +$DIG $DIGOPTS cname.example @10.53.0.2 a > dig.out.ns2.cname grep "status: NOERROR" dig.out.ns2.cname > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking CNAME to DNAME from recursive" +echo_i "checking CNAME to DNAME from recursive" ret=0 -$DIG cname.example @10.53.0.7 a -p 5300 > dig.out.ns4.cname +$DIG $DIGOPTS cname.example @10.53.0.7 a > dig.out.ns4.cname grep "status: NOERROR" dig.out.ns4.cname > /dev/null || ret=1 grep '^cname.example.' dig.out.ns4.cname > /dev/null || ret=1 grep '^cnamedname.example.' dig.out.ns4.cname > /dev/null || ret=1 grep '^a.cnamedname.example.' dig.out.ns4.cname > /dev/null || ret=1 grep '^a.target.example.' dig.out.ns4.cname > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking DNAME is returned with synthesized CNAME before DNAME ($n)" +echo_i "checking DNAME is returned with synthesized CNAME before DNAME ($n)" ret=0 -$DIG @10.53.0.7 -p 5300 name.synth-then-dname.example.broken A > dig.out.test$n +$DIG $DIGOPTS @10.53.0.7 name.synth-then-dname.example.broken A > dig.out.test$n grep "status: NXDOMAIN" dig.out.test$n > /dev/null || ret=1 grep '^name.synth-then-dname\.example\.broken\..*CNAME.*name.$' dig.out.test$n > /dev/null || ret=1 grep '^synth-then-dname\.example\.broken\..*DNAME.*\.$' dig.out.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking DNAME is returned with CNAME to synthesized CNAME before DNAME ($n)" +echo_i "checking DNAME is returned with CNAME to synthesized CNAME before DNAME ($n)" ret=0 -$DIG @10.53.0.7 -p 5300 cname-to-synth2-then-dname.example.broken A > dig.out.test$n +$DIG $DIGOPTS @10.53.0.7 cname-to-synth2-then-dname.example.broken A > dig.out.test$n grep "status: NXDOMAIN" dig.out.test$n > /dev/null || ret=1 grep '^cname-to-synth2-then-dname\.example\.broken\..*CNAME.*name\.synth2-then-dname\.example\.broken.$' dig.out.test$n > /dev/null || ret=1 grep '^name\.synth2-then-dname\.example\.broken\..*CNAME.*name.$' dig.out.test$n > /dev/null || ret=1 grep '^synth2-then-dname\.example\.broken\..*DNAME.*\.$' dig.out.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking CNAME loops are detected ($n)" +echo_i "checking CNAME loops are detected ($n)" ret=0 -$DIG @10.53.0.7 -p 5300 loop.example > dig.out.test$n +$DIG $DIGOPTS @10.53.0.7 loop.example > dig.out.test$n grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 grep "ANSWER: 17" dig.out.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking CNAME to external delegated zones is handled ($n)" +echo_i "checking CNAME to external delegated zones is handled ($n)" ret=0 -$DIG @10.53.0.7 -p 5300 a.example > dig.out.test$n +$DIG $DIGOPTS @10.53.0.7 a.example > dig.out.test$n grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 grep "ANSWER: 2" dig.out.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking CNAME to internal delegated zones is handled ($n)" +echo_i "checking CNAME to internal delegated zones is handled ($n)" ret=0 -$DIG @10.53.0.7 -p 5300 b.example > dig.out.test$n +$DIG $DIGOPTS @10.53.0.7 b.example > dig.out.test$n grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 grep "ANSWER: 2" dig.out.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking CNAME to signed external delgation is handled ($n)" +echo_i "checking CNAME to signed external delgation is handled ($n)" ret=0 -$DIG $DIGOPTS @10.53.0.7 -p 5300 c.example > dig.out.$n +$DIG $DIGOPTS @10.53.0.7 c.example > dig.out.$n grep "status: NOERROR" dig.out.$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I: failed"; fi +if [ $ret != 0 ]; then echo_i " failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking CNAME to signed internal delgation is handled ($n)" +echo_i "checking CNAME to signed internal delgation is handled ($n)" ret=0 -$DIG $DIGOPTS @10.53.0.7 -p 5300 d.example > dig.out.$n +$DIG $DIGOPTS @10.53.0.7 d.example > dig.out.$n grep "status: NOERROR" dig.out.$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I: failed"; fi +if [ $ret != 0 ]; then echo_i " failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking CNAME chains in various orders ($n)" +echo_i "checking CNAME chains in various orders ($n)" ret=0 echo "cname,cname,cname|1,2,3,4,s1,s2,s3,s4" | $SEND $DIG $DIGOPTS @10.53.0.7 test.domain.nil > dig.out.1.$n 2>&1 grep 'status: NOERROR' dig.out.1.$n > /dev/null 2>&1 || ret=1 grep 'ANSWER: 2' dig.out.1.$n > /dev/null 2>&1 || ret=1 -$RNDC -c ../common/rndc.conf -s 10.53.0.7 -p 9953 flush 2>&1 | sed 's/^/I:ns7 /' +$RNDCCMD 10.53.0.7 flush 2>&1 | sed 's/^/ns7 /' | cat_i echo "cname,cname,cname|1,1,2,2,3,4,s4,s3,s1" | $SEND $DIG $DIGOPTS @10.53.0.7 test.domain.nil > dig.out.2.$n 2>&1 grep 'status: NOERROR' dig.out.2.$n > /dev/null 2>&1 || ret=1 grep 'ANSWER: 2' dig.out.2.$n > /dev/null 2>&1 || ret=1 -$RNDC -c ../common/rndc.conf -s 10.53.0.7 -p 9953 flush 2>&1 | sed 's/^/I:ns7 /' +$RNDCCMD 10.53.0.7 flush 2>&1 | sed 's/^/ns7 /' | cat_i echo "cname,cname,cname|2,1,3,4,s3,s1,s2,s4" | $SEND $DIG $DIGOPTS @10.53.0.7 test.domain.nil > dig.out.3.$n 2>&1 grep 'status: NOERROR' dig.out.3.$n > /dev/null 2>&1 || ret=1 grep 'ANSWER: 2' dig.out.3.$n > /dev/null 2>&1 || ret=1 -$RNDC -c ../common/rndc.conf -s 10.53.0.7 -p 9953 flush 2>&1 | sed 's/^/I:ns7 /' +$RNDCCMD 10.53.0.7 flush 2>&1 | sed 's/^/ns7 /' | cat_i echo "cname,cname,cname|4,3,2,1,s4,s3,s2,s1" | $SEND $DIG $DIGOPTS @10.53.0.7 test.domain.nil > dig.out.4.$n 2>&1 grep 'status: NOERROR' dig.out.4.$n > /dev/null 2>&1 || ret=1 grep 'ANSWER: 2' dig.out.4.$n > /dev/null 2>&1 || ret=1 echo "cname,cname,cname|4,3,2,1,s4,s3,s2,s1" | $SEND -$RNDC -c ../common/rndc.conf -s 10.53.0.7 -p 9953 flush 2>&1 | sed 's/^/I:ns7 /' +$RNDCCMD 10.53.0.7 flush 2>&1 | sed 's/^/ns7 /' | cat_i $DIG $DIGOPTS @10.53.0.7 test.domain.nil > dig.out.5.$n 2>&1 grep 'status: NOERROR' dig.out.5.$n > /dev/null 2>&1 || ret=1 grep 'ANSWER: 2' dig.out.5.$n > /dev/null 2>&1 || ret=1 -$RNDC -c ../common/rndc.conf -s 10.53.0.7 -p 9953 flush 2>&1 | sed 's/^/I:ns7 /' +$RNDCCMD 10.53.0.7 flush 2>&1 | sed 's/^/ns7 /' | cat_i echo "cname,cname,cname|4,3,3,3,s1,s1,1,3,4" | $SEND $DIG $DIGOPTS @10.53.0.7 test.domain.nil > dig.out.6.$n 2>&1 grep 'status: NOERROR' dig.out.6.$n > /dev/null 2>&1 || ret=1 grep 'ANSWER: 2' dig.out.6.$n > /dev/null 2>&1 || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that only the initial CNAME is cached ($n)" +echo_i "checking that only the initial CNAME is cached ($n)" ret=0 -$RNDC -c ../common/rndc.conf -s 10.53.0.7 -p 9953 flush 2>&1 | sed 's/^/I:ns7 /' +$RNDCCMD 10.53.0.7 flush 2>&1 | sed 's/^/ns7 /' | cat_i echo "cname,cname,cname|1,2,3,4,s1,s2,s3,s4" | $SEND $DIG $DIGOPTS @10.53.0.7 test.domain.nil > dig.out.1.$n 2>&1 sleep 1 $DIG $DIGOPTS +noall +answer @10.53.0.7 cname1.domain.nil > dig.out.2.$n 2>&1 ttl=`awk '{print $2}' dig.out.2.$n` [ "$ttl" -eq 86400 ] || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking DNAME chains in various orders ($n)" +echo_i "checking DNAME chains in various orders ($n)" ret=0 -$RNDC -c ../common/rndc.conf -s 10.53.0.7 -p 9953 flush 2>&1 | sed 's/^/I:ns7 /' +$RNDCCMD 10.53.0.7 flush 2>&1 | sed 's/^/ns7 /' | cat_i echo "dname,dname|5,4,3,2,1,s5,s4,s3,s2,s1" | $SEND $DIG $DIGOPTS @10.53.0.7 test.domain.nil > dig.out.1.$n 2>&1 grep 'status: NOERROR' dig.out.1.$n > /dev/null 2>&1 || ret=1 grep 'ANSWER: 3' dig.out.1.$n > /dev/null 2>&1 || ret=1 -$RNDC -c ../common/rndc.conf -s 10.53.0.7 -p 9953 flush 2>&1 | sed 's/^/I:ns7 /' +$RNDCCMD 10.53.0.7 flush 2>&1 | sed 's/^/ns7 /' | cat_i echo "dname,dname|5,4,3,2,1,s5,s4,s3,s2,s1" | $SEND $DIG $DIGOPTS @10.53.0.7 test.domain.nil > dig.out.2.$n 2>&1 grep 'status: NOERROR' dig.out.2.$n > /dev/null 2>&1 || ret=1 grep 'ANSWER: 3' dig.out.2.$n > /dev/null 2>&1 || ret=1 -$RNDC -c ../common/rndc.conf -s 10.53.0.7 -p 9953 flush 2>&1 | sed 's/^/I:ns7 /' +$RNDCCMD 10.53.0.7 flush 2>&1 | sed 's/^/ns7 /' | cat_i echo "dname,dname|2,3,s1,s2,s3,s4,1" | $SEND $DIG $DIGOPTS @10.53.0.7 test.domain.nil > dig.out.3.$n 2>&1 grep 'status: NOERROR' dig.out.3.$n > /dev/null 2>&1 || ret=1 grep 'ANSWER: 3' dig.out.3.$n > /dev/null 2>&1 || ret=1 -$RNDC -c ../common/rndc.conf -s 10.53.0.7 -p 9953 flush 2>&1 | sed 's/^/I:ns7 /' -if [ $ret != 0 ]; then echo "I:failed"; fi +$RNDCCMD 10.53.0.7 flush 2>&1 | sed 's/^/ns7 /' | cat_i +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking external CNAME/DNAME chains in various orders ($n)" +echo_i "checking external CNAME/DNAME chains in various orders ($n)" ret=0 echo "xname,dname|1,2,3,4,s1,s2,s3,s4" | $SEND $DIG $DIGOPTS @10.53.0.7 test.domain.nil > dig.out.1.$n 2>&1 grep 'status: NOERROR' dig.out.1.$n > /dev/null 2>&1 || ret=1 grep 'ANSWER: 2' dig.out.1.$n > /dev/null 2>&1 || ret=1 -$RNDC -c ../common/rndc.conf -s 10.53.0.7 -p 9953 flush 2>&1 | sed 's/^/I:ns7 /' +$RNDCCMD 10.53.0.7 flush 2>&1 | sed 's/^/ns7 /' | cat_i echo "xname,dname|s2,2,s1,1,4,s4,3" | $SEND $DIG $DIGOPTS @10.53.0.7 test.domain.nil > dig.out.2.$n 2>&1 grep 'status: NOERROR' dig.out.2.$n > /dev/null 2>&1 || ret=1 grep 'ANSWER: 2' dig.out.2.$n > /dev/null 2>&1 || ret=1 -$RNDC -c ../common/rndc.conf -s 10.53.0.7 -p 9953 flush 2>&1 | sed 's/^/I:ns7 /' +$RNDCCMD 10.53.0.7 flush 2>&1 | sed 's/^/ns7 /' | cat_i echo "xname,dname|s2,2,2,2" | $SEND $DIG $DIGOPTS @10.53.0.7 test.domain.nil > dig.out.3.$n 2>&1 grep 'status: SERVFAIL' dig.out.3.$n > /dev/null 2>&1 || ret=1 -$RNDC -c ../common/rndc.conf -s 10.53.0.7 -p 9953 flush 2>&1 | sed 's/^/I:ns7 /' -if [ $ret != 0 ]; then echo "I:failed"; fi +$RNDCCMD 10.53.0.7 flush 2>&1 | sed 's/^/ns7 /' | cat_i +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:exit status: $status" +echo_i "exit status: $status" [ $status -eq 0 ] || exit 1 diff --git a/bin/tests/system/checkconf/tests.sh b/bin/tests/system/checkconf/tests.sh index c7d4867a1a..78c3a5e3d7 100644 --- a/bin/tests/system/checkconf/tests.sh +++ b/bin/tests/system/checkconf/tests.sh @@ -11,37 +11,37 @@ status=0 n=0 n=`expr $n + 1` -echo "I: checking that named-checkconf handles a known good config ($n)" +echo_i "checking that named-checkconf handles a known good config ($n)" ret=0 $CHECKCONF good.conf > /dev/null 2>&1 || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I: checking that named-checkconf prints a known good config ($n)" +echo_i "checking that named-checkconf prints a known good config ($n)" ret=0 awk 'BEGIN { ok = 0; } /cut here/ { ok = 1; getline } ok == 1 { print }' good.conf > good.conf.in [ -s good.conf.in ] || ret=1 $CHECKCONF -p good.conf.in | grep -v '^good.conf.in:' > good.conf.out 2>&1 || ret=1 cmp good.conf.in good.conf.out || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I: checking that named-checkconf -x removes secrets ($n)" +echo_i "checking that named-checkconf -x removes secrets ($n)" ret=0 # ensure there is a secret and that it is not the check string. grep 'secret "' good.conf.in > /dev/null || ret=1 grep 'secret "????????????????"' good.conf.in > /dev/null 2>&1 && ret=1 $CHECKCONF -p -x good.conf.in | grep -v '^good.conf.in:' > good.conf.out 2>&1 || ret=1 grep 'secret "????????????????"' good.conf.out > /dev/null 2>&1 || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` for bad in bad-*.conf do n=`expr $n + 1` - echo "I: checking that named-checkconf detects error in $bad ($n)" + echo_i "checking that named-checkconf detects error in $bad ($n)" ret=0 $CHECKCONF $bad > checkconf.out 2>&1 if [ $? != 1 ]; then ret=1; fi @@ -56,45 +56,45 @@ do grep "$pat" checkconf.out > /dev/null || ret=1 ;; esac - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` done for good in good-*.conf do n=`expr $n + 1` - echo "I: checking that named-checkconf detects no error in $good ($n)" + echo_i "checking that named-checkconf detects no error in $good ($n)" ret=0 $CHECKCONF $good > /dev/null 2>&1 - if [ $? != 0 ]; then echo "I:failed"; ret=1; fi + if [ $? != 0 ]; then echo_i "failed"; ret=1; fi status=`expr $status + $ret` done n=`expr $n + 1` -echo "I: checking that named-checkconf -z catches missing hint file ($n)" +echo_i "checking that named-checkconf -z catches missing hint file ($n)" ret=0 $CHECKCONF -z hint-nofile.conf > hint-nofile.out 2>&1 && ret=1 grep "could not configure root hints from 'nonexistent.db': file not found" hint-nofile.out > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I: checking that named-checkconf catches range errors ($n)" +echo_i "checking that named-checkconf catches range errors ($n)" ret=0 $CHECKCONF range.conf > /dev/null 2>&1 && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I: checking that named-checkconf warns of notify inconsistencies ($n)" +echo_i "checking that named-checkconf warns of notify inconsistencies ($n)" ret=0 warnings=`$CHECKCONF notify.conf 2>&1 | grep "'notify' is disabled" | wc -l` [ $warnings -eq 3 ] || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I: checking named-checkconf dnssec warnings ($n)" +echo_i "checking named-checkconf dnssec warnings ($n)" ret=0 $CHECKCONF dnssec.1 2>&1 | grep 'validation yes.*enable no' > /dev/null || ret=1 $CHECKCONF dnssec.2 2>&1 | grep 'auto-dnssec may only be ' > /dev/null || ret=1 @@ -102,11 +102,11 @@ $CHECKCONF dnssec.2 2>&1 | grep 'validation auto.*enable no' > /dev/null || ret= $CHECKCONF dnssec.2 2>&1 | grep 'validation yes.*enable no' > /dev/null || ret=1 # this one should have no warnings $CHECKCONF dnssec.3 2>&1 | grep '.*' && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I: range checking fields that do not allow zero ($n)" +echo_i "range checking fields that do not allow zero ($n)" ret=0 for field in max-retry-time min-retry-time max-refresh-time min-refresh-time; do cat > badzero.conf << EOF @@ -115,14 +115,14 @@ options { }; EOF $CHECKCONF badzero.conf > /dev/null 2>&1 - [ $? -eq 1 ] || { echo "I: options $field failed" ; ret=1; } + [ $? -eq 1 ] || { echo_i "options $field failed" ; ret=1; } cat > badzero.conf << EOF view dummy { $field 0; }; EOF $CHECKCONF badzero.conf > /dev/null 2>&1 - [ $? -eq 1 ] || { echo "I: view $field failed" ; ret=1; } + [ $? -eq 1 ] || { echo_i "view $field failed" ; ret=1; } cat > badzero.conf << EOF options { $field 0; @@ -131,7 +131,7 @@ view dummy { }; EOF $CHECKCONF badzero.conf > /dev/null 2>&1 - [ $? -eq 1 ] || { echo "I: options + view $field failed" ; ret=1; } + [ $? -eq 1 ] || { echo_i "options + view $field failed" ; ret=1; } cat > badzero.conf << EOF zone dummy { type slave; @@ -140,13 +140,13 @@ zone dummy { }; EOF $CHECKCONF badzero.conf > /dev/null 2>&1 - [ $? -eq 1 ] || { echo "I: zone $field failed" ; ret=1; } + [ $? -eq 1 ] || { echo_i "zone $field failed" ; ret=1; } done -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I: checking options allowed in inline-signing slaves ($n)" +echo_i "checking options allowed in inline-signing slaves ($n)" ret=0 l=`$CHECKCONF bad-dnssec.conf 2>&1 | grep "dnssec-dnskey-kskonly.*requires inline" | wc -l` [ $l -eq 1 ] || ret=1 @@ -154,29 +154,29 @@ l=`$CHECKCONF bad-dnssec.conf 2>&1 | grep "dnssec-loadkeys-interval.*requires in [ $l -eq 1 ] || ret=1 l=`$CHECKCONF bad-dnssec.conf 2>&1 | grep "update-check-ksk.*requires inline" | wc -l` [ $l -eq 1 ] || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I: check file + inline-signing for slave zones ($n)" +echo_i "check file + inline-signing for slave zones ($n)" l=`$CHECKCONF inline-no.conf 2>&1 | grep "missing 'file' entry" | wc -l` [ $l -eq 0 ] || ret=1 l=`$CHECKCONF inline-good.conf 2>&1 | grep "missing 'file' entry" | wc -l` [ $l -eq 0 ] || ret=1 l=`$CHECKCONF inline-bad.conf 2>&1 | grep "missing 'file' entry" | wc -l` [ $l -eq 1 ] || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I: checking named-checkconf DLZ warnings ($n)" +echo_i "checking named-checkconf DLZ warnings ($n)" ret=0 $CHECKCONF dlz-bad.conf 2>&1 | grep "'dlz' and 'database'" > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I: checking for missing key directory warning ($n)" +echo_i "checking for missing key directory warning ($n)" ret=0 rm -rf test.keydir l=`$CHECKCONF warn-keydir.conf 2>&1 | grep "'test.keydir' does not exist" | wc -l` @@ -189,209 +189,209 @@ mkdir test.keydir l=`$CHECKCONF warn-keydir.conf 2>&1 | grep "key-directory" | wc -l` [ $l -eq 0 ] || ret=1 rm -rf test.keydir -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi n=`expr $n + 1` -echo "I: checking that named-checkconf -z catches conflicting ttl with max-ttl ($n)" +echo_i "checking that named-checkconf -z catches conflicting ttl with max-ttl ($n)" ret=0 $CHECKCONF -z max-ttl.conf > check.out 2>&1 grep 'TTL 900 exceeds configured max-zone-ttl 600' check.out > /dev/null 2>&1 || ret=1 grep 'TTL 900 exceeds configured max-zone-ttl 600' check.out > /dev/null 2>&1 || ret=1 grep 'TTL 900 exceeds configured max-zone-ttl 600' check.out > /dev/null 2>&1 || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; ret=1; fi +if [ $ret != 0 ]; then echo_i "failed"; ret=1; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I: checking that named-checkconf -z catches invalid max-ttl ($n)" +echo_i "checking that named-checkconf -z catches invalid max-ttl ($n)" ret=0 $CHECKCONF -z max-ttl-bad.conf > /dev/null 2>&1 && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; ret=1; fi +if [ $ret != 0 ]; then echo_i "failed"; ret=1; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I: checking that named-checkconf -z skips zone check with alternate databases ($n)" +echo_i "checking that named-checkconf -z skips zone check with alternate databases ($n)" ret=0 $CHECKCONF -z altdb.conf > /dev/null 2>&1 || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; ret=1; fi +if [ $ret != 0 ]; then echo_i "failed"; ret=1; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I: checking that named-checkconf -z skips zone check with DLZ ($n)" +echo_i "checking that named-checkconf -z skips zone check with DLZ ($n)" ret=0 $CHECKCONF -z altdlz.conf > /dev/null 2>&1 || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; ret=1; fi +if [ $ret != 0 ]; then echo_i "failed"; ret=1; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I: checking that named-checkconf -z fails on view with ANY class ($n)" +echo_i "checking that named-checkconf -z fails on view with ANY class ($n)" ret=0 $CHECKCONF -z view-class-any1.conf > /dev/null 2>&1 && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; ret=1; fi +if [ $ret != 0 ]; then echo_i "failed"; ret=1; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I: checking that named-checkconf -z fails on view with CLASS255 class ($n)" +echo_i "checking that named-checkconf -z fails on view with CLASS255 class ($n)" ret=0 $CHECKCONF -z view-class-any2.conf > /dev/null 2>&1 && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; ret=1; fi +if [ $ret != 0 ]; then echo_i "failed"; ret=1; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I: checking that named-checkconf -z passes on view with IN class ($n)" +echo_i "checking that named-checkconf -z passes on view with IN class ($n)" ret=0 $CHECKCONF -z view-class-in1.conf > /dev/null 2>&1 || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; ret=1; fi +if [ $ret != 0 ]; then echo_i "failed"; ret=1; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I: checking that named-checkconf -z passes on view with CLASS1 class ($n)" +echo_i "checking that named-checkconf -z passes on view with CLASS1 class ($n)" ret=0 $CHECKCONF -z view-class-in2.conf > /dev/null 2>&1 || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; ret=1; fi +if [ $ret != 0 ]; then echo_i "failed"; ret=1; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I: check that check-names fails as configured ($n)" +echo_i "check that check-names fails as configured ($n)" ret=0 $CHECKCONF -z check-names-fail.conf > checkconf.out$n 2>&1 && ret=1 grep "near '_underscore': bad name (check-names)" checkconf.out$n > /dev/null || ret=1 grep "zone check-names/IN: loaded serial" < checkconf.out$n > /dev/null && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; ret=1; fi +if [ $ret != 0 ]; then echo_i "failed"; ret=1; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I: check that check-mx fails as configured ($n)" +echo_i "check that check-mx fails as configured ($n)" ret=0 $CHECKCONF -z check-mx-fail.conf > checkconf.out$n 2>&1 && ret=1 grep "near '10.0.0.1': MX is an address" checkconf.out$n > /dev/null || ret=1 grep "zone check-mx/IN: loaded serial" < checkconf.out$n > /dev/null && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; ret=1; fi +if [ $ret != 0 ]; then echo_i "failed"; ret=1; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I: check that check-dup-records fails as configured ($n)" +echo_i "check that check-dup-records fails as configured ($n)" ret=0 $CHECKCONF -z check-dup-records-fail.conf > checkconf.out$n 2>&1 && ret=1 grep "has semantically identical records" checkconf.out$n > /dev/null || ret=1 grep "zone check-dup-records/IN: loaded serial" < checkconf.out$n > /dev/null && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; ret=1; fi +if [ $ret != 0 ]; then echo_i "failed"; ret=1; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I: check that check-mx fails as configured ($n)" +echo_i "check that check-mx fails as configured ($n)" ret=0 $CHECKCONF -z check-mx-fail.conf > checkconf.out$n 2>&1 && ret=1 grep "failed: MX is an address" checkconf.out$n > /dev/null || ret=1 grep "zone check-mx/IN: loaded serial" < checkconf.out$n > /dev/null && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; ret=1; fi +if [ $ret != 0 ]; then echo_i "failed"; ret=1; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I: check that check-mx-cname fails as configured ($n)" +echo_i "check that check-mx-cname fails as configured ($n)" ret=0 $CHECKCONF -z check-mx-cname-fail.conf > checkconf.out$n 2>&1 && ret=1 grep "MX.* is a CNAME (illegal)" checkconf.out$n > /dev/null || ret=1 grep "zone check-mx-cname/IN: loaded serial" < checkconf.out$n > /dev/null && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; ret=1; fi +if [ $ret != 0 ]; then echo_i "failed"; ret=1; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I: check that check-srv-cname fails as configured ($n)" +echo_i "check that check-srv-cname fails as configured ($n)" ret=0 $CHECKCONF -z check-srv-cname-fail.conf > checkconf.out$n 2>&1 && ret=1 grep "SRV.* is a CNAME (illegal)" checkconf.out$n > /dev/null || ret=1 grep "zone check-mx-cname/IN: loaded serial" < checkconf.out$n > /dev/null && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; ret=1; fi +if [ $ret != 0 ]; then echo_i "failed"; ret=1; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I: check that named-checkconf -p properly print a port range ($n)" +echo_i "check that named-checkconf -p properly print a port range ($n)" ret=0 $CHECKCONF -p portrange-good.conf > checkconf.out$n 2>&1 || ret=1 grep "range 8610 8614;" checkconf.out$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; ret=1; fi +if [ $ret != 0 ]; then echo_i "failed"; ret=1; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I: check that named-checkconf -z handles in-view ($n)" +echo_i "check that named-checkconf -z handles in-view ($n)" ret=0 $CHECKCONF -z in-view-good.conf > checkconf.out$n 2>&1 || ret=1 grep "zone shared.example/IN: loaded serial" < checkconf.out$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; ret=1; fi +if [ $ret != 0 ]; then echo_i "failed"; ret=1; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I: check that named-checkconf prints max-cache-size correctly ($n)" +echo_i "check that named-checkconf prints max-cache-size correctly ($n)" ret=0 $CHECKCONF -p max-cache-size-good.conf > checkconf.out$n 2>&1 || ret=1 grep "max-cache-size 60%;" checkconf.out$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; ret=1; fi +if [ $ret != 0 ]; then echo_i "failed"; ret=1; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I: check that named-checkconf -l print out the zone list ($n)" +echo_i "check that named-checkconf -l print out the zone list ($n)" ret=0 $CHECKCONF -l good.conf | grep -v "is not implemented" | grep -v "is obsolete" > checkconf.out$n || ret=1 diff good.zonelist checkconf.out$n > diff.out$n || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; ret=1; fi +if [ $ret != 0 ]; then echo_i "failed"; ret=1; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I: check that 'dnssec-lookaside auto;' generates a warning ($n)" +echo_i "check that 'dnssec-lookaside auto;' generates a warning ($n)" ret=0 $CHECKCONF warn-dlv-auto.conf > checkconf.out$n 2>/dev/null || ret=1 grep "dnssec-lookaside 'auto' is no longer supported" checkconf.out$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; ret=1; fi +if [ $ret != 0 ]; then echo_i "failed"; ret=1; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I: check that 'dnssec-lookaside . trust-anchor dlv.isc.org;' generates a warning ($n)" +echo_i "check that 'dnssec-lookaside . trust-anchor dlv.isc.org;' generates a warning ($n)" ret=0 $CHECKCONF warn-dlv-dlv.isc.org.conf > checkconf.out$n 2>/dev/null || ret=1 grep "dlv.isc.org has been shut down" checkconf.out$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; ret=1; fi +if [ $ret != 0 ]; then echo_i "failed"; ret=1; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I: check that 'dnssec-lookaside . trust-anchor dlv.example.com;' doesn't generates a warning ($n)" +echo_i "check that 'dnssec-lookaside . trust-anchor dlv.example.com;' doesn't generates a warning ($n)" ret=0 $CHECKCONF good-dlv-dlv.example.com.conf > checkconf.out$n 2>/dev/null || ret=1 [ -s checkconf.out$n ] && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; ret=1; fi +if [ $ret != 0 ]; then echo_i "failed"; ret=1; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I: check that the 2010 ICANN ROOT KSK without the 2017 ICANN ROOT KSK generates a warning ($n)" +echo_i "check that the 2010 ICANN ROOT KSK without the 2017 ICANN ROOT KSK generates a warning ($n)" ret=0 $CHECKCONF check-root-ksk-2010.conf > checkconf.out$n 2>/dev/null || ret=1 [ -s checkconf.out$n ] || ret=1 grep "trusted-key for root from 2010 without updated" checkconf.out$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; ret=1; fi +if [ $ret != 0 ]; then echo_i "failed"; ret=1; fi status=`expr $status + $ret` -echo "I: check that the 2010 ICANN ROOT KSK with the 2017 ICANN ROOT KSK does not warning ($n)" +echo_i "check that the 2010 ICANN ROOT KSK with the 2017 ICANN ROOT KSK does not warning ($n)" ret=0 $CHECKCONF check-root-ksk-both.conf > checkconf.out$n 2>/dev/null || ret=1 [ -s checkconf.out$n ] && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; ret=1; fi +if [ $ret != 0 ]; then echo_i "failed"; ret=1; fi status=`expr $status + $ret` -echo "I: check that the 2017 ICANN ROOT KSK alone does not warning ($n)" +echo_i "check that the 2017 ICANN ROOT KSK alone does not warning ($n)" ret=0 $CHECKCONF check-root-ksk-2017.conf > checkconf.out$n 2>/dev/null || ret=1 [ -s checkconf.out$n ] && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; ret=1; fi +if [ $ret != 0 ]; then echo_i "failed"; ret=1; fi status=`expr $status + $ret` -echo "I: check that the dlv.isc.org KSK generates a warning ($n)" +echo_i "check that the dlv.isc.org KSK generates a warning ($n)" ret=0 $CHECKCONF check-dlv-ksk-key.conf > checkconf.out$n 2>/dev/null || ret=1 [ -s checkconf.out$n ] || ret=1 grep "trusted-key for dlv.isc.org still present" checkconf.out$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; ret=1; fi +if [ $ret != 0 ]; then echo_i "failed"; ret=1; fi status=`expr $status + $ret` -echo "I:exit status: $status" +echo_i "exit status: $status" [ $status -eq 0 ] || exit 1 diff --git a/bin/tests/system/checkds/tests.sh b/bin/tests/system/checkds/tests.sh index 06343e0ee0..eb5d4c9f19 100644 --- a/bin/tests/system/checkds/tests.sh +++ b/bin/tests/system/checkds/tests.sh @@ -22,80 +22,80 @@ chmod +x $DIG status=0 n=1 -echo "I:checking for correct DS, looking up key via 'dig' ($n)" +echo_i "checking for correct DS, looking up key via 'dig' ($n)" ret=0 $CHECKDS ok.example > checkds.out.$n 2>&1 || ret=1 grep 'SHA-1' checkds.out.$n > /dev/null 2>&1 || ret=1 grep 'SHA-256' checkds.out.$n > /dev/null 2>&1 || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking for correct DS, obtaining key from file ($n)" +echo_i "checking for correct DS, obtaining key from file ($n)" ret=0 $CHECKDS -f ok.example.dnskey.db ok.example > checkds.out.$n || ret=1 grep 'SHA-1' checkds.out.$n > /dev/null 2>&1 || ret=1 grep 'SHA-256' checkds.out.$n > /dev/null 2>&1 || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking for correct DLV, looking up key via 'dig' ($n)" +echo_i "checking for correct DLV, looking up key via 'dig' ($n)" ret=0 $CHECKDS -l dlv.example ok.example > checkds.out.$n || ret=1 grep 'SHA-1' checkds.out.$n > /dev/null 2>&1 || ret=1 grep 'SHA-256' checkds.out.$n > /dev/null 2>&1 || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking for correct DLV, obtaining key from file ($n)" +echo_i "checking for correct DLV, obtaining key from file ($n)" ret=0 $CHECKDS -l dlv.example -f ok.example.dnskey.db ok.example > checkds.out.$n || ret=1 grep 'SHA-1' checkds.out.$n > /dev/null 2>&1 || ret=1 grep 'SHA-256' checkds.out.$n > /dev/null 2>&1 || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking for incorrect DS, lowronging up key via 'dig' ($n)" +echo_i "checking for incorrect DS, lowronging up key via 'dig' ($n)" ret=0 $CHECKDS wrong.example > checkds.out.$n || ret=1 grep 'SHA-1' checkds.out.$n > /dev/null 2>&1 || ret=1 grep 'SHA-256' checkds.out.$n > /dev/null 2>&1 || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking for incorrect DS, obtaining key from file ($n)" +echo_i "checking for incorrect DS, obtaining key from file ($n)" ret=0 $CHECKDS -f wrong.example.dnskey.db wrong.example > checkds.out.$n || ret=1 grep 'SHA-1' checkds.out.$n > /dev/null 2>&1 || ret=1 grep 'SHA-256' checkds.out.$n > /dev/null 2>&1 || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking for incorrect DLV, lowronging up key via 'dig' ($n)" +echo_i "checking for incorrect DLV, lowronging up key via 'dig' ($n)" ret=0 $CHECKDS -l dlv.example wrong.example > checkds.out.$n || ret=1 grep 'SHA-1' checkds.out.$n > /dev/null 2>&1 || ret=1 grep 'SHA-256' checkds.out.$n > /dev/null 2>&1 || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking for incorrect DLV, obtaining key from file ($n)" +echo_i "checking for incorrect DLV, obtaining key from file ($n)" ret=0 $CHECKDS -l dlv.example -f wrong.example.dnskey.db wrong.example > checkds.out.$n || ret=1 grep 'SHA-1' checkds.out.$n > /dev/null 2>&1 || ret=1 grep 'SHA-256' checkds.out.$n > /dev/null 2>&1 || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking for partially missing DS, looking up key via 'dig' ($n)" +echo_i "checking for partially missing DS, looking up key via 'dig' ($n)" ret=0 $CHECKDS missing.example > checkds.out.$n || ret=1 grep 'SHA-1.*found' checkds.out.$n > /dev/null 2>&1 || ret=1 @@ -103,10 +103,10 @@ grep 'SHA-256.*found' checkds.out.$n > /dev/null 2>&1 || ret=1 grep 'SHA-1.*missing' checkds.out.$n > /dev/null 2>&1 || ret=1 grep 'SHA-256.*missing' checkds.out.$n > /dev/null 2>&1 || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking for partially missing DS, obtaining key from file ($n)" +echo_i "checking for partially missing DS, obtaining key from file ($n)" ret=0 $CHECKDS -f missing.example.dnskey.db missing.example > checkds.out.$n || ret=1 grep 'SHA-1.*found' checkds.out.$n > /dev/null 2>&1 || ret=1 @@ -114,10 +114,10 @@ grep 'SHA-256.*found' checkds.out.$n > /dev/null 2>&1 || ret=1 grep 'SHA-1.*missing' checkds.out.$n > /dev/null 2>&1 || ret=1 grep 'SHA-256.*missing' checkds.out.$n > /dev/null 2>&1 || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking for partially missing DLV, looking up key via 'dig' ($n)" +echo_i "checking for partially missing DLV, looking up key via 'dig' ($n)" ret=0 $CHECKDS -l dlv.example missing.example > checkds.out.$n || ret=1 grep 'SHA-1.*found' checkds.out.$n > /dev/null 2>&1 || ret=1 @@ -125,10 +125,10 @@ grep 'SHA-256.*found' checkds.out.$n > /dev/null 2>&1 || ret=1 grep 'SHA-1.*missing' checkds.out.$n > /dev/null 2>&1 || ret=1 grep 'SHA-256.*missing' checkds.out.$n > /dev/null 2>&1 || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking for partially missing DLV, obtaining key from file ($n)" +echo_i "checking for partially missing DLV, obtaining key from file ($n)" ret=0 $CHECKDS -l dlv.example -f missing.example.dnskey.db missing.example > checkds.out.$n || ret=1 grep 'SHA-1.*found' checkds.out.$n > /dev/null 2>&1 || ret=1 @@ -136,50 +136,50 @@ grep 'SHA-256.*found' checkds.out.$n > /dev/null 2>&1 || ret=1 grep 'SHA-1.*missing' checkds.out.$n > /dev/null 2>&1 || ret=1 grep 'SHA-256.*missing' checkds.out.$n > /dev/null 2>&1 || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking for entirely missing DS, looking up key via 'dig' ($n)" +echo_i "checking for entirely missing DS, looking up key via 'dig' ($n)" ret=0 $CHECKDS none.example > checkds.out.$n && ret=1 grep 'No DS' checkds.out.$n > /dev/null 2>&1 || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking for entirely missing DS, obtaining key from file ($n)" +echo_i "checking for entirely missing DS, obtaining key from file ($n)" ret=0 $CHECKDS -f none.example.dnskey.db none.example > checkds.out.$n && ret=1 grep 'No DS' checkds.out.$n > /dev/null 2>&1 || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking for entirely missing DLV, looking up key via 'dig' ($n)" +echo_i "checking for entirely missing DLV, looking up key via 'dig' ($n)" ret=0 $CHECKDS -l dlv.example none.example > checkds.out.$n && ret=1 grep 'No DLV' checkds.out.$n > /dev/null 2>&1 || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking for entirely missing DLV, obtaining key from file ($n)" +echo_i "checking for entirely missing DLV, obtaining key from file ($n)" ret=0 $CHECKDS -l dlv.example -f none.example.dnskey.db none.example > checkds.out.$n && ret=1 grep 'No DLV' checkds.out.$n > /dev/null 2>&1 || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking with prepared dsset file ($n)" +echo_i "checking with prepared dsset file ($n)" ret=0 $CHECKDS -f prep.example.db -s prep.example.ds.db prep.example > checkds.out.$n || ret=1 grep 'SHA-1.*found' checkds.out.$n > /dev/null 2>&1 || ret=1 grep 'SHA-256.*found' checkds.out.$n > /dev/null 2>&1 || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` if [ $status = 0 ]; then $SHELL clean.sh; fi -echo "I:exit status: $status" +echo_i "exit status: $status" [ $status -eq 0 ] || exit 1 diff --git a/bin/tests/system/checknames/clean.sh b/bin/tests/system/checknames/clean.sh index 870b181165..5927eae8e8 100644 --- a/bin/tests/system/checknames/clean.sh +++ b/bin/tests/system/checknames/clean.sh @@ -6,8 +6,7 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -# $Id: clean.sh,v 1.6 2007/09/26 03:22:43 marka Exp $ - +rm -f ns*/named.conf rm -f dig.out.ns?.test* rm -f nsupdate.out.test* rm -f ns1/*.example.db diff --git a/bin/tests/system/checknames/ns1/named.conf b/bin/tests/system/checknames/ns1/named.conf.in similarity index 92% rename from bin/tests/system/checknames/ns1/named.conf rename to bin/tests/system/checknames/ns1/named.conf.in index 1d2c08caa7..a244c0f104 100644 --- a/bin/tests/system/checknames/ns1/named.conf +++ b/bin/tests/system/checknames/ns1/named.conf.in @@ -6,15 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.9 2007/06/19 23:47:01 tbox Exp $ */ - -controls { /* empty */ }; - options { query-source address 10.53.0.1; notify-source 10.53.0.1; transfer-source 10.53.0.1; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.1; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/checknames/ns2/named.conf b/bin/tests/system/checknames/ns2/named.conf.in similarity index 85% rename from bin/tests/system/checknames/ns2/named.conf rename to bin/tests/system/checknames/ns2/named.conf.in index 7088242b9e..cc0f4f7fdf 100644 --- a/bin/tests/system/checknames/ns2/named.conf +++ b/bin/tests/system/checknames/ns2/named.conf.in @@ -6,15 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.7 2007/06/18 23:47:27 tbox Exp $ */ - -controls { /* empty */ }; - options { query-source address 10.53.0.2; notify-source 10.53.0.2; transfer-source 10.53.0.2; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.2; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/checknames/ns3/named.conf b/bin/tests/system/checknames/ns3/named.conf.in similarity index 85% rename from bin/tests/system/checknames/ns3/named.conf rename to bin/tests/system/checknames/ns3/named.conf.in index 3eb532430c..6f3cf14baa 100644 --- a/bin/tests/system/checknames/ns3/named.conf +++ b/bin/tests/system/checknames/ns3/named.conf.in @@ -6,15 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.7 2007/06/18 23:47:27 tbox Exp $ */ - -controls { /* empty */ }; - options { query-source address 10.53.0.3; notify-source 10.53.0.3; transfer-source 10.53.0.3; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.3; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/checknames/ns4/named.conf b/bin/tests/system/checknames/ns4/named.conf.in similarity index 87% rename from bin/tests/system/checknames/ns4/named.conf rename to bin/tests/system/checknames/ns4/named.conf.in index 04415f9ed0..3394d08735 100644 --- a/bin/tests/system/checknames/ns4/named.conf +++ b/bin/tests/system/checknames/ns4/named.conf.in @@ -6,15 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.7 2007/06/18 23:47:27 tbox Exp $ */ - -controls { /* empty */ }; - options { query-source address 10.53.0.4; notify-source 10.53.0.4; transfer-source 10.53.0.4; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.4; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/checknames/setup.sh b/bin/tests/system/checknames/setup.sh index 326cb38547..8d65cd2bf3 100644 --- a/bin/tests/system/checknames/setup.sh +++ b/bin/tests/system/checknames/setup.sh @@ -4,7 +4,15 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -# $Id: setup.sh,v 1.5 2007/06/19 23:47:01 tbox Exp $ +SYSTEMTESTTOP=.. +. $SYSTEMTESTTOP/conf.sh + +$SHELL clean.sh + +copy_setports ns1/named.conf.in ns1/named.conf +copy_setports ns2/named.conf.in ns2/named.conf +copy_setports ns3/named.conf.in ns3/named.conf +copy_setports ns4/named.conf.in ns4/named.conf cp ns1/ignore.example.db.in ns1/ignore.example.db cp ns1/warn.example.db.in ns1/warn.example.db diff --git a/bin/tests/system/checknames/tests.sh b/bin/tests/system/checknames/tests.sh index 3fce045e1a..e304d0a617 100644 --- a/bin/tests/system/checknames/tests.sh +++ b/bin/tests/system/checknames/tests.sh @@ -6,83 +6,81 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -# $Id: tests.sh,v 1.5 2007/06/19 23:47:01 tbox Exp $ - SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh status=0 n=1 -DIGOPTS="+tcp +noadd +nosea +nostat +nocmd -p 5300" +DIGOPTS="+tcp +noadd +nosea +nostat +nocmd -p ${PORT}" # Entry should exist. -echo "I: check for failure from on zone load for 'check-names fail;' ($n)" +echo_i "check for failure from on zone load for 'check-names fail;' ($n)" ret=0 $DIG $DIGOPTS fail.example. @10.53.0.1 a > dig.out.ns1.test$n || ret=1 grep SERVFAIL dig.out.ns1.test$n > /dev/null || ret=1 grep 'xx_xx.fail.example: bad owner name (check-names)' ns1/named.run > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` # Entry should exist. -echo "I: check for warnings from on zone load for 'check-names warn;' ($n)" +echo_i "check for warnings from on zone load for 'check-names warn;' ($n)" ret=0 grep 'xx_xx.warn.example: bad owner name (check-names)' ns1/named.run > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` # Entry should not exist. -echo "I: check for warnings from on zone load for 'check-names ignore;' ($n)" +echo_i "check for warnings from on zone load for 'check-names ignore;' ($n)" ret=1 grep 'yy_yy.ignore.example: bad owner name (check-names)' ns1/named.run || ret=0 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` # Entry should exist -echo "I: check that 'check-names response warn;' works ($n)" +echo_i "check that 'check-names response warn;' works ($n)" ret=0 $DIG $DIGOPTS +noauth yy_yy.ignore.example. @10.53.0.1 a > dig.out.ns1.test$n || ret=1 $DIG $DIGOPTS +noauth yy_yy.ignore.example. @10.53.0.2 a > dig.out.ns2.test$n || ret=1 $PERL ../digcomp.pl dig.out.ns1.test$n dig.out.ns2.test$n || ret=1 grep "check-names warning yy_yy.ignore.example/A/IN" ns2/named.run > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` # Entry should exist -echo "I: check that 'check-names response (owner) fails;' works ($n)" +echo_i "check that 'check-names response (owner) fails;' works ($n)" ret=0 $DIG $DIGOPTS yy_yy.ignore.example. @10.53.0.1 a > dig.out.ns1.test$n || ret=1 $DIG $DIGOPTS yy_yy.ignore.example. @10.53.0.3 a > dig.out.ns3.test$n || ret=1 grep NOERROR dig.out.ns1.test$n > /dev/null || ret=1 grep REFUSED dig.out.ns3.test$n > /dev/null || ret=1 grep "check-names failure yy_yy.ignore.example/A/IN" ns3/named.run > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` # Entry should exist -echo "I: check that 'check-names response (rdata) fails;' works ($n)" +echo_i "check that 'check-names response (rdata) fails;' works ($n)" ret=0 $DIG $DIGOPTS mx.ignore.example. @10.53.0.1 MX > dig.out.ns1.test$n || ret=1 $DIG $DIGOPTS mx.ignore.example. @10.53.0.3 MX > dig.out.ns3.test$n || ret=1 grep NOERROR dig.out.ns1.test$n > /dev/null || ret=1 grep SERVFAIL dig.out.ns3.test$n > /dev/null || ret=1 grep "check-names failure mx.ignore.example/MX/IN" ns3/named.run > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I: check that updates to 'check-names fail;' are rejected ($n)" +echo_i "check that updates to 'check-names fail;' are rejected ($n)" ret=0 not=1 $NSUPDATE -d < nsupdate.out.test$n 2>&1 || not=0 check-names off -server 10.53.0.1 5300 +server 10.53.0.1 ${PORT} update add xxx_xxx.fail.update. 600 A 10.10.10.1 send END @@ -90,31 +88,31 @@ if [ $not != 0 ]; then ret=1; fi $DIG $DIGOPTS xxx_xxx.fail.update @10.53.0.1 A > dig.out.ns1.test$n || ret=1 grep "xxx_xxx.fail.update/A: bad owner name (check-names)" ns1/named.run > /dev/null || ret=1 grep NXDOMAIN dig.out.ns1.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I: check that updates to 'check-names warn;' succeed and are logged ($n)" +echo_i "check that updates to 'check-names warn;' succeed and are logged ($n)" ret=0 $NSUPDATE -d < nsupdate.out.test$n 2>&1|| ret=1 check-names off -server 10.53.0.1 5300 +server 10.53.0.1 ${PORT} update add xxx_xxx.warn.update. 600 A 10.10.10.1 send END $DIG $DIGOPTS xxx_xxx.warn.update @10.53.0.1 A > dig.out.ns1.test$n || ret=1 grep "xxx_xxx.warn.update/A: bad owner name (check-names)" ns1/named.run > /dev/null || ret=1 grep NOERROR dig.out.ns1.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I: check that updates to 'check-names ignore;' succeed and are not logged ($n)" +echo_i "check that updates to 'check-names ignore;' succeed and are not logged ($n)" ret=0 not=1 $NSUPDATE -d < nsupdate.out.test$n 2>&1 || ret=1 check-names off -server 10.53.0.1 5300 +server 10.53.0.1 ${PORT} update add xxx_xxx.ignore.update. 600 A 10.10.10.1 send END @@ -122,16 +120,16 @@ grep "xxx_xxx.ignore.update/A.*(check-names)" ns1/named.run > /dev/null || not=0 if [ $not != 0 ]; then ret=1; fi $DIG $DIGOPTS xxx_xxx.ignore.update @10.53.0.1 A > dig.out.ns1.test$n || ret=1 grep NOERROR dig.out.ns1.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I: check that updates to 'check-names master ignore;' succeed and are not logged ($n)" +echo_i "check that updates to 'check-names master ignore;' succeed and are not logged ($n)" ret=0 not=1 $NSUPDATE -d < nsupdate.out.test$n 2>&1 || ret=1 check-names off -server 10.53.0.4 5300 +server 10.53.0.4 ${PORT} update add xxx_xxx.master-ignore.update. 600 A 10.10.10.1 send END @@ -139,9 +137,9 @@ grep "xxx_xxx.master-ignore.update/A.*(check-names)" ns1/named.run > /dev/null | if [ $not != 0 ]; then ret=1; fi $DIG $DIGOPTS xxx_xxx.master-ignore.update @10.53.0.4 A > dig.out.ns4.test$n || ret=1 grep NOERROR dig.out.ns4.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:exit status: $status" +echo_i "exit status: $status" [ $status -eq 0 ] || exit 1 diff --git a/bin/tests/system/checkzone/tests.sh b/bin/tests/system/checkzone/tests.sh index feeba3318f..03c88358da 100644 --- a/bin/tests/system/checkzone/tests.sh +++ b/bin/tests/system/checkzone/tests.sh @@ -12,7 +12,7 @@ n=1 for db in zones/good*.db do - echo "I:checking $db ($n)" + echo_i "checking $db ($n)" ret=0 case $db in zones/good-gc-msdcs.db) @@ -26,13 +26,13 @@ do ;; esac n=`expr $n + 1` - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` done for db in zones/bad*.db do - echo "I:checking $db ($n)" + echo_i "checking $db ($n)" ret=0 case $db in zones/bad-dns-sd-reverse.db) @@ -43,11 +43,11 @@ do ;; esac n=`expr $n + 1` - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` done -echo "I:checking with journal file ($n)" +echo_i "checking with journal file ($n)" ret=0 $CHECKZONE -D -o test.orig.db test zones/test1.db > /dev/null 2>&1 || ret=1 $CHECKZONE -D -o test.changed.db test zones/test2.db > /dev/null 2>&1 || ret=1 @@ -60,10 +60,10 @@ mv -f test.orig.db.jnl test.journal $CHECKZONE -D -J test.journal -o test.out2.db test test.orig.db > /dev/null 2>&1 || ret=1 cmp -s test.changed.db test.out2.db || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking with spf warnings ($n)" +echo_i "checking with spf warnings ($n)" ret=0 $CHECKZONE example zones/spf.db > test.out1.$n 2>&1 || ret=1 $CHECKZONE -T ignore example zones/spf.db > test.out2.$n 2>&1 || ret=1 @@ -74,66 +74,66 @@ grep "'x.example' found type SPF" test.out2.$n > /dev/null && ret=1 grep "'y.example' found type SPF" test.out2.$n > /dev/null && ret=1 grep "'example' found type SPF" test.out2.$n > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking with max ttl (text) ($n)" +echo_i "checking with max ttl (text) ($n)" ret=0 $CHECKZONE -l 300 example zones/good1.db > test.out1.$n 2>&1 && ret=1 $CHECKZONE -l 600 example zones/good1.db > test.out2.$n 2>&1 || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking with max ttl (raw) ($n)" +echo_i "checking with max ttl (raw) ($n)" ret=0 $CHECKZONE -f raw -l 300 example good1.db.raw > test.out1.$n 2>&1 && ret=1 $CHECKZONE -f raw -l 600 example good1.db.raw > test.out2.$n 2>&1 || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking with max ttl (map) ($n)" +echo_i "checking with max ttl (map) ($n)" ret=0 $CHECKZONE -f map -l 300 example good1.db.map > test.out1.$n 2>&1 && ret=1 $CHECKZONE -f map -l 600 example good1.db.map > test.out2.$n 2>&1 || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking for no 'inherited owner' warning on '\$INCLUDE file' with no new \$ORIGIN ($n)" +echo_i "checking for no 'inherited owner' warning on '\$INCLUDE file' with no new \$ORIGIN ($n)" ret=0 $CHECKZONE example zones/nowarn.inherited.owner.db > test.out1.$n 2>&1 || ret=1 grep "inherited.owner" test.out1.$n > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking for 'inherited owner' warning on '\$ORIGIN + \$INCLUDE file' ($n)" +echo_i "checking for 'inherited owner' warning on '\$ORIGIN + \$INCLUDE file' ($n)" ret=0 $CHECKZONE example zones/warn.inherit.origin.db > test.out1.$n 2>&1 || ret=1 grep "inherited.owner" test.out1.$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking for 'inherited owner' warning on '\$INCLUDE file origin' ($n)" +echo_i "checking for 'inherited owner' warning on '\$INCLUDE file origin' ($n)" ret=0 $CHECKZONE example zones/warn.inherited.owner.db > test.out1.$n 2>&1 || ret=1 grep "inherited.owner" test.out1.$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking that raw zone with bad class is handled ($n)" +echo_i "checking that raw zone with bad class is handled ($n)" ret=0 $CHECKZONE -f raw example zones/bad-badclass.raw > test.out.$n 2>&1 && ret=1 grep "failed: bad class" test.out.$n >/dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking that expirations that loop using serial arithmetic are handled ($n)" +echo_i "checking that expirations that loop using serial arithmetic are handled ($n)" ret=0 q=-q test $ret -eq 1 || $CHECKZONE $q dyn.example.net zones/crashzone.db || ret=1 @@ -159,24 +159,24 @@ test $ret -eq 1 || $CHECKZONE $q dyn.example.net zones/crashzone.db || ret=1 test $ret -eq 1 || $CHECKZONE $q dyn.example.net zones/crashzone.db || ret=1 test $ret -eq 1 || $CHECKZONE $q dyn.example.net zones/crashzone.db || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking that nameserver below DNAME is reported even with occulted address record present ($n)" +echo_i "checking that nameserver below DNAME is reported even with occulted address record present ($n)" ret=0 $CHECKZONE example.com zones/ns-address-below-dname.db > test.out.$n 2>&1 && ret=1 grep "is below a DNAME" test.out.$n >/dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking that delegating nameserver below DNAME is reported even with occulted address record present ($n)" +echo_i "checking that delegating nameserver below DNAME is reported even with occulted address record present ($n)" ret=0 $CHECKZONE example.com zones/delegating-ns-address-below-dname.db > test.out.$n 2>&1 || ret=1 grep "is below a DNAME" test.out.$n >/dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:exit status: $status" +echo_i "exit status: $status" [ $status -eq 0 ] || exit 1 diff --git a/bin/tests/system/cleanall.sh b/bin/tests/system/cleanall.sh index cc56c21368..6920734c1e 100644 --- a/bin/tests/system/cleanall.sh +++ b/bin/tests/system/cleanall.sh @@ -22,6 +22,8 @@ find . -type f \( \ status=0 +rm -f $SYSTEMTESTTOP/random.data + for d in $SUBDIRS do test ! -f $d/clean.sh || ( cd $d && $SHELL clean.sh ) diff --git a/bin/tests/system/conf.sh.in b/bin/tests/system/conf.sh.in index 1d0d55fbe1..0047b552cc 100644 --- a/bin/tests/system/conf.sh.in +++ b/bin/tests/system/conf.sh.in @@ -71,31 +71,38 @@ KRB5_CONFIG=/dev/null # The "stress" test is not run by default since it creates enough # load on the machine to make it unusable to other users. -# v6synth +# The "dialup" and "delzone" tests are also not run by default because +# they take a very long time to complete. # -# List of tests that use ports 5300 and 9953. For this reason, these must -# be run sequentially. -SEQUENTIALDIRS="acl additional addzone auth autosign builtin \ - cacheclean case cds chain \ - checkconf @CHECKDS@ checknames checkzone cookie @COVERAGE@ \ - database digdelv dlv dlz dlzexternal \ - dns64 dnssec @DNSTAP@ dscp dsdigest dyndb ecdsa eddsa \ - emptyzones fetchlimit filter-aaaa formerr geoip glue gost \ - inline integrity ixfr keepalive @KEYMGR@ legacy limits \ - logfileconfig masterfile masterformat metadata mkeys \ - names notify nslookup nsupdate nzd2nzf padding pending \ - pipelined @PKCS11_TEST@ reclimit redirect resolver rndc \ - rpz rrchecker rrl rrsetorder rsabigexponent \ - runtime sfcache smartsign sortlist spf staticstub \ - statistics statschannel stub synthfromdnssec tcp tkey tools \ - tsig tsiggss unknown upforwd verify views wildcard xfer \ - xferquota zero zonechecks" +# List of tests hard-coded to use ports 5300 and 9953. For this +# reason, these must be run sequentially. +SEQUENTIALDIRS="ecdsa eddsa gost @PKCS11_TEST@ tkey" -# List of tests that use unique ports (other than 5300 and 9953). These -# tests can be run in parallel. +# List of tests that use ports assigned by caller (other than 5300 +# and 9953). Because separate blocks of ports can be used for teach +# test, these tests can be run in parallel. # # This symbol must be kept in step with the PARALLEL macro in Makefile.in -PARALLELDIRS="allow_query catz rpzrecurse serve-stale" +PARALLELDIRS="acl additional addzone allow_query auth autosign \ + builtin cacheclean case catz cds chain \ + checkconf checknames checkzone \ + @CHECKDS@ @COVERAGE@ @KEYMGR@ \ + cookie database digdelv dlv dlz dlzexternal \ + dns64 dnssec @DNSTAP@ dscp dsdigest dyndb \ + ednscompliance emptyzones \ + fetchlimit filter-aaaa formerr forward \ + geoip glue inline integrity ixfr keepalive \ + legacy limits logfileconfig \ + masterfile masterformat metadata mkeys \ + names notify nslookup nsupdate nzd2nzf \ + padding pending pipelined \ + reclimit redirect resolver rndc rpz rpzrecurse \ + rrchecker rrlrrsetorder rsabigexponent runtime \ + serve-stale sfcache smartsign sortlist \ + spf staticstub statistics statschannel stub synthfromdnssec \ + tcp tools tsig tsiggss \ + unknown upforwd verify views wildcard \ + xfer xferquota zero zonechecks" SUBDIRS="$SEQUENTIALDIRS $PARALLELDIRS" @@ -224,6 +231,12 @@ echo_i() { done } +cat_i() { + while read LINE ; do + echoinfo "I:$SYSTESTDIR:$LINE" + done +} + # # Useful functions in test scripts # diff --git a/bin/tests/system/cookie/clean.sh b/bin/tests/system/cookie/clean.sh index 3f0e4c7709..02019605da 100644 --- a/bin/tests/system/cookie/clean.sh +++ b/bin/tests/system/cookie/clean.sh @@ -4,6 +4,7 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. +rm -f ns*/named.conf rm -f dig.out.* rm -f ns1/named_dump.db rm -f ns*/named.memstats diff --git a/bin/tests/system/cookie/ns1/named.conf b/bin/tests/system/cookie/ns1/named.conf.in similarity index 92% rename from bin/tests/system/cookie/ns1/named.conf rename to bin/tests/system/cookie/ns1/named.conf.in index 8b6f4db7fd..9919349817 100644 --- a/bin/tests/system/cookie/ns1/named.conf +++ b/bin/tests/system/cookie/ns1/named.conf.in @@ -12,14 +12,14 @@ key rndc_key { }; controls { - inet 10.53.0.1 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.1 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; options { query-source address 10.53.0.1 dscp 1; notify-source 10.53.0.1 dscp 2; transfer-source 10.53.0.1 dscp 3; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.1; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/cookie/ns2/named.conf b/bin/tests/system/cookie/ns2/named.conf.in similarity index 93% rename from bin/tests/system/cookie/ns2/named.conf rename to bin/tests/system/cookie/ns2/named.conf.in index 17e52c4053..bb7c830c28 100644 --- a/bin/tests/system/cookie/ns2/named.conf +++ b/bin/tests/system/cookie/ns2/named.conf.in @@ -6,13 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -controls { /* empty */ }; - options { query-source address 10.53.0.2 dscp 1; notify-source 10.53.0.2 dscp 2; transfer-source 10.53.0.2 dscp 3; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.2; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/cookie/ns3/named.conf b/bin/tests/system/cookie/ns3/named.conf.in similarity index 92% rename from bin/tests/system/cookie/ns3/named.conf rename to bin/tests/system/cookie/ns3/named.conf.in index 9f20f977f5..196565dee4 100644 --- a/bin/tests/system/cookie/ns3/named.conf +++ b/bin/tests/system/cookie/ns3/named.conf.in @@ -12,14 +12,14 @@ key rndc_key { }; controls { - inet 10.53.0.3 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.3 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; options { query-source address 10.53.0.3 dscp 1; notify-source 10.53.0.3 dscp 2; transfer-source 10.53.0.3 dscp 3; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.3; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/cookie/ns4/named.conf b/bin/tests/system/cookie/ns4/named.conf.in similarity index 89% rename from bin/tests/system/cookie/ns4/named.conf rename to bin/tests/system/cookie/ns4/named.conf.in index 439117bb6d..3d1d1e7305 100644 --- a/bin/tests/system/cookie/ns4/named.conf +++ b/bin/tests/system/cookie/ns4/named.conf.in @@ -12,14 +12,14 @@ key rndc_key { }; controls { - inet 10.53.0.4 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.4 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; options { query-source address 10.53.0.4; notify-source 10.53.0.4; transfer-source 10.53.0.4; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.4; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/cookie/ns5/named.conf b/bin/tests/system/cookie/ns5/named.conf.in similarity index 90% rename from bin/tests/system/cookie/ns5/named.conf rename to bin/tests/system/cookie/ns5/named.conf.in index 7c8fc90025..93de7fe56b 100644 --- a/bin/tests/system/cookie/ns5/named.conf +++ b/bin/tests/system/cookie/ns5/named.conf.in @@ -12,14 +12,14 @@ key rndc_key { }; controls { - inet 10.53.0.5 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.5 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; options { query-source address 10.53.0.5; notify-source 10.53.0.5; transfer-source 10.53.0.5; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.5; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/cookie/ns6/named.conf b/bin/tests/system/cookie/ns6/named.conf.in similarity index 89% rename from bin/tests/system/cookie/ns6/named.conf rename to bin/tests/system/cookie/ns6/named.conf.in index 9c9750da4c..d1f220039f 100644 --- a/bin/tests/system/cookie/ns6/named.conf +++ b/bin/tests/system/cookie/ns6/named.conf.in @@ -12,14 +12,14 @@ key rndc_key { }; controls { - inet 10.53.0.6 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.6 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; options { query-source address 10.53.0.6; notify-source 10.53.0.6; transfer-source 10.53.0.6; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.6; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/cookie/setup.sh b/bin/tests/system/cookie/setup.sh new file mode 100644 index 0000000000..c5c0abaf60 --- /dev/null +++ b/bin/tests/system/cookie/setup.sh @@ -0,0 +1,18 @@ +#!/bin/sh +# +# Copyright (C) 2018 Internet Systems Consortium, Inc. ("ISC") +# +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +SYSTEMTESTTOP=.. +. $SYSTEMTESTTOP/conf.sh + +$SHELL clean.sh +copy_setports ns1/named.conf.in ns1/named.conf +copy_setports ns2/named.conf.in ns2/named.conf +copy_setports ns3/named.conf.in ns3/named.conf +copy_setports ns4/named.conf.in ns4/named.conf +copy_setports ns5/named.conf.in ns5/named.conf +copy_setports ns6/named.conf.in ns6/named.conf diff --git a/bin/tests/system/cookie/tests.sh b/bin/tests/system/cookie/tests.sh index 833539dd3a..a0af7e0e03 100755 --- a/bin/tests/system/cookie/tests.sh +++ b/bin/tests/system/cookie/tests.sh @@ -6,11 +6,12 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -# $Id: tests.sh,v 1.22 2012/02/09 23:47:18 tbox Exp $ - SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh +DIGOPTS="-p ${PORT}" +RNDCCMD="$RNDC -c $SYSTEMTESTTOP/common/rndc.conf -p ${CONTROLPORT} -s" + status=0 n=0 @@ -33,109 +34,109 @@ havetc() { for bad in bad*.conf do n=`expr $n + 1` - echo "I:checking that named-checkconf detects error in $bad ($n)" + echo_i "checking that named-checkconf detects error in $bad ($n)" ret=0 $CHECKCONF $bad > /dev/null 2>&1 && ret=1 - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` done for good in good*.conf do n=`expr $n + 1` - echo "I:checking that named-checkconf detects accepts $good ($n)" + echo_i "checking that named-checkconf detects accepts $good ($n)" ret=0 $CHECKCONF $good > /dev/null 2>&1 || ret=1 - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` done n=`expr $n + 1` -echo "I:checking COOKIE token returned to empty COOKIE option ($n)" +echo_i "checking COOKIE token returned to empty COOKIE option ($n)" ret=0 -$DIG +qr +cookie version.bind txt ch @10.53.0.1 -p 5300 > dig.out.test$n +$DIG $DIGOPTS +qr +cookie version.bind txt ch @10.53.0.1 > dig.out.test$n grep COOKIE: dig.out.test$n > /dev/null || ret=1 grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking response size without COOKIE ($n)" +echo_i "checking response size without COOKIE ($n)" ret=0 -$DIG large.example txt @10.53.0.1 -p 5300 +ignore > dig.out.test$n +$DIG $DIGOPTS large.example txt @10.53.0.1 +ignore > dig.out.test$n havetc dig.out.test$n || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking response size without valid COOKIE ($n)" +echo_i "checking response size without valid COOKIE ($n)" ret=0 -$DIG +cookie large.example txt @10.53.0.1 -p 5300 +ignore > dig.out.test$n +$DIG $DIGOPTS +cookie large.example txt @10.53.0.1 +ignore > dig.out.test$n havetc dig.out.test$n || ret=1 grep "; COOKIE:.*(good)" dig.out.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking response size with COOKIE ($n)" +echo_i "checking response size with COOKIE ($n)" ret=0 -$DIG +cookie large.example txt @10.53.0.1 -p 5300 > dig.out.test$n.l +$DIG $DIGOPTS +cookie large.example txt @10.53.0.1 > dig.out.test$n.l cookie=`getcookie dig.out.test$n.l` -$DIG +qr +cookie=$cookie large.example txt @10.53.0.1 -p 5300 +ignore > dig.out.test$n +$DIG $DIGOPTS +qr +cookie=$cookie large.example txt @10.53.0.1 +ignore > dig.out.test$n havetc dig.out.test$n && ret=1 grep "; COOKIE:.*(good)" dig.out.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking response size with COOKIE recursive ($n)" +echo_i "checking response size with COOKIE recursive ($n)" ret=0 -$DIG +qr +cookie=$cookie large.xxx txt @10.53.0.1 -p 5300 +ignore > dig.out.test$n +$DIG $DIGOPTS +qr +cookie=$cookie large.xxx txt @10.53.0.1 +ignore > dig.out.test$n havetc dig.out.test$n && ret=1 grep "; COOKIE:.*(good)" dig.out.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking COOKIE is learnt for TCP retry ($n)" +echo_i "checking COOKIE is learnt for TCP retry ($n)" ret=0 -$DIG +qr +cookie large.example txt @10.53.0.1 -p 5300 > dig.out.test$n +$DIG $DIGOPTS +qr +cookie large.example txt @10.53.0.1 > dig.out.test$n linecount=`getcookie dig.out.test$n | wc -l` if [ $linecount != 3 ]; then ret=1; fi checkfull=`getcookie dig.out.test$n | fullcookie` if [ $checkfull != 1 ]; then ret=1; fi -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking for COOKIE value in adb ($n)" +echo_i "checking for COOKIE value in adb ($n)" ret=0 -$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 dumpdb +$RNDCCMD 10.53.0.1 dumpdb sleep 1 grep "10.53.0.2.*\[cookie=" ns1/named_dump.db > /dev/null|| ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking require-server-cookie default (no) ($n)" +echo_i "checking require-server-cookie default (no) ($n)" ret=0 -$DIG +qr +cookie +nobadcookie soa @10.53.0.1 -p 5300 > dig.out.test$n +$DIG $DIGOPTS +qr +cookie +nobadcookie soa @10.53.0.1 > dig.out.test$n grep BADCOOKIE dig.out.test$n > /dev/null && ret=1 linecount=`getcookie dig.out.test$n | wc -l` if [ $linecount != 2 ]; then ret=1; fi -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking require-server-cookie yes ($n)" +echo_i "checking require-server-cookie yes ($n)" ret=0 -$DIG +qr +cookie +nobadcookie soa @10.53.0.3 -p 5300 > dig.out.test$n +$DIG $DIGOPTS +qr +cookie +nobadcookie soa @10.53.0.3 > dig.out.test$n grep "flags: qr[^;]* aa[ ;]" dig.out.test$n > /dev/null && ret=1 grep "flags: qr[^;]* ad[ ;]" dig.out.test$n > /dev/null && ret=1 grep BADCOOKIE dig.out.test$n > /dev/null || ret=1 linecount=`getcookie dig.out.test$n | wc -l` if [ $linecount != 2 ]; then ret=1; fi -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` # @@ -156,87 +157,87 @@ status=`expr $status + $ret` # n=`expr $n + 1` -echo "I:get NS4 cookie for cross server checking ($n)" +echo_i "get NS4 cookie for cross server checking ($n)" ret=0 -$DIG +cookie -b 10.53.0.4 soa . @10.53.0.4 -p 5300 > dig.out.test$n +$DIG $DIGOPTS +cookie -b 10.53.0.4 soa . @10.53.0.4 > dig.out.test$n grep "; COOKIE:.*(good)" dig.out.test$n > /dev/null || ret=1 ns4cookie=`getcookie dig.out.test$n` test -n "$ns4cookie" || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:get NS5 cookie for cross server checking ($n)" +echo_i "get NS5 cookie for cross server checking ($n)" ret=0 -$DIG +cookie -b 10.53.0.4 soa . @10.53.0.5 -p 5300 > dig.out.test$n +$DIG $DIGOPTS +cookie -b 10.53.0.4 soa . @10.53.0.5 > dig.out.test$n grep "; COOKIE:.*(good)" dig.out.test$n > /dev/null || ret=1 ns5cookie=`getcookie dig.out.test$n` test -n "$ns5cookie" || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:get NS6 cookie for cross server checking ($n)" +echo_i "get NS6 cookie for cross server checking ($n)" ret=0 -$DIG +cookie -b 10.53.0.4 soa . @10.53.0.6 -p 5300 > dig.out.test$n +$DIG $DIGOPTS +cookie -b 10.53.0.4 soa . @10.53.0.6 > dig.out.test$n grep "; COOKIE:.*(good)" dig.out.test$n > /dev/null || ret=1 ns6cookie=`getcookie dig.out.test$n` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:test NS4 cookie on NS5 (expect success) ($n)" +echo_i "test NS4 cookie on NS5 (expect success) ($n)" ret=0 -$DIG +cookie=$ns4cookie -b 10.53.0.4 +nobadcookie soa . @10.53.0.5 -p 5300 > dig.out.test$n +$DIG $DIGOPTS +cookie=$ns4cookie -b 10.53.0.4 +nobadcookie soa . @10.53.0.5 > dig.out.test$n grep "; COOKIE:.*(good)" dig.out.test$n > /dev/null || ret=1 grep "status: NOERROR," dig.out.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:test NS4 cookie on NS6 (expect badcookie) ($n)" +echo_i "test NS4 cookie on NS6 (expect badcookie) ($n)" ret=0 -$DIG +cookie=$ns4cookie -b 10.53.0.4 +nobadcookie soa . @10.53.0.6 -p 5300 > dig.out.test$n +$DIG $DIGOPTS +cookie=$ns4cookie -b 10.53.0.4 +nobadcookie soa . @10.53.0.6 > dig.out.test$n grep "; COOKIE:.*(good)" dig.out.test$n > /dev/null || ret=1 grep "status: BADCOOKIE," dig.out.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:test NS5 cookie on NS4 (expect success) ($n)" +echo_i "test NS5 cookie on NS4 (expect success) ($n)" ret=0 -$DIG +cookie=$ns5cookie -b 10.53.0.4 +nobadcookie soa . @10.53.0.4 -p 5300 > dig.out.test$n +$DIG $DIGOPTS +cookie=$ns5cookie -b 10.53.0.4 +nobadcookie soa . @10.53.0.4 > dig.out.test$n grep "; COOKIE:.*(good)" dig.out.test$n > /dev/null || ret=1 grep "status: NOERROR," dig.out.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:test NS5 cookie on NS6 (expect badcookie) ($n)" +echo_i "test NS5 cookie on NS6 (expect badcookie) ($n)" ret=0 -$DIG +cookie=$ns5cookie -b 10.53.0.4 +nobadcookie soa . @10.53.0.6 -p 5300 > dig.out.test$n +$DIG $DIGOPTS +cookie=$ns5cookie -b 10.53.0.4 +nobadcookie soa . @10.53.0.6 > dig.out.test$n grep "; COOKIE:.*(good)" dig.out.test$n > /dev/null || ret=1 grep "status: BADCOOKIE," dig.out.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:test NS6 cookie on NS4 (expect badcookie) ($n)" +echo_i "test NS6 cookie on NS4 (expect badcookie) ($n)" ret=0 -$DIG +cookie=$ns6cookie -b 10.53.0.4 +nobadcookie soa . @10.53.0.4 -p 5300 > dig.out.test$n +$DIG $DIGOPTS +cookie=$ns6cookie -b 10.53.0.4 +nobadcookie soa . @10.53.0.4 > dig.out.test$n grep "; COOKIE:.*(good)" dig.out.test$n > /dev/null || ret=1 grep "status: BADCOOKIE," dig.out.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:test NS6 cookie on NS5 (expect success) ($n)" +echo_i "test NS6 cookie on NS5 (expect success) ($n)" ret=0 -$DIG +cookie=$ns6cookie -b 10.53.0.4 +nobadcookie soa . @10.53.0.5 -p 5300 > dig.out.test$n +$DIG $DIGOPTS +cookie=$ns6cookie -b 10.53.0.4 +nobadcookie soa . @10.53.0.5 > dig.out.test$n grep "; COOKIE:.*(good)" dig.out.test$n > /dev/null || ret=1 grep "status: NOERROR," dig.out.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:exit status: $status" +echo_i "exit status: $status" [ $status -eq 0 ] || exit 1 diff --git a/bin/tests/system/coverage/prereq.sh b/bin/tests/system/coverage/prereq.sh index 0eacf1db84..673708b806 100644 --- a/bin/tests/system/coverage/prereq.sh +++ b/bin/tests/system/coverage/prereq.sh @@ -1,6 +1,6 @@ #!/bin/sh # -# Copyright (C) 2014, 2016 Internet Systems Consortium, Inc. ("ISC") +# Copyright (C) 2018 Internet Systems Consortium, Inc. ("ISC") # # This Source Code Form is subject to the terms of the Mozilla Public # License, v. 2.0. If a copy of the MPL was not distributed with this diff --git a/bin/tests/system/coverage/tests.sh b/bin/tests/system/coverage/tests.sh index 295c2ab358..6ef1ff1fc0 100644 --- a/bin/tests/system/coverage/tests.sh +++ b/bin/tests/system/coverage/tests.sh @@ -24,11 +24,11 @@ matchall () { done } -echo "I:checking for DNSSEC key coverage issues" +echo_i "checking for DNSSEC key coverage issues" ret=0 for dir in [0-9][0-9]-*; do ret=0 - echo "I:$dir" + echo_i "$dir" args= warn= error= ok= retcode= match= . $dir/expect $COVERAGE $args -K $dir example.com > coverage.$n 2>&1 @@ -68,9 +68,9 @@ for dir in [0-9][0-9]-*; do fi n=`expr $n + 1` - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` done -echo "I:exit status: $status" +echo_i "exit status: $status" [ $status -eq 0 ] || exit 1 diff --git a/bin/tests/system/database/clean.sh b/bin/tests/system/database/clean.sh index feda9aaae2..c99245a962 100644 --- a/bin/tests/system/database/clean.sh +++ b/bin/tests/system/database/clean.sh @@ -6,8 +6,6 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -# $Id: clean.sh,v 1.3 2011/03/01 23:48:05 tbox Exp $ - rm -f ns1/named.conf ns1/named.run ns1/named.memstats rm -f dig.out.* rm -f ns*/named.lock diff --git a/bin/tests/system/database/ns1/named.conf1 b/bin/tests/system/database/ns1/named1.conf.in similarity index 84% rename from bin/tests/system/database/ns1/named.conf1 rename to bin/tests/system/database/ns1/named1.conf.in index f883a67e5b..965eed4a0d 100644 --- a/bin/tests/system/database/ns1/named.conf1 +++ b/bin/tests/system/database/ns1/named1.conf.in @@ -6,8 +6,6 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf1,v 1.3 2011/03/01 23:48:06 tbox Exp $ */ - // NS1 key rndc_key { @@ -16,14 +14,14 @@ key rndc_key { }; controls { - inet 10.53.0.1 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.1 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; options { query-source address 10.53.0.1; notify-source 10.53.0.1; transfer-source 10.53.0.1; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.1; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/database/ns1/named.conf2 b/bin/tests/system/database/ns1/named2.conf.in similarity index 84% rename from bin/tests/system/database/ns1/named.conf2 rename to bin/tests/system/database/ns1/named2.conf.in index fd4fc1b776..347870c52e 100644 --- a/bin/tests/system/database/ns1/named.conf2 +++ b/bin/tests/system/database/ns1/named2.conf.in @@ -6,8 +6,6 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf2,v 1.3 2011/03/01 23:48:06 tbox Exp $ */ - // NS1 key rndc_key { @@ -16,14 +14,14 @@ key rndc_key { }; controls { - inet 10.53.0.1 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.1 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; options { query-source address 10.53.0.1; notify-source 10.53.0.1; transfer-source 10.53.0.1; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.1; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/database/setup.sh b/bin/tests/system/database/setup.sh index 90686d6d95..f6b933c053 100644 --- a/bin/tests/system/database/setup.sh +++ b/bin/tests/system/database/setup.sh @@ -6,6 +6,8 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -# $Id: setup.sh,v 1.3 2011/03/01 23:48:05 tbox Exp $ +SYSTEMTESTTOP=.. +. $SYSTEMTESTTOP/conf.sh -cp ns1/named.conf1 ns1/named.conf +$SHELL clean.sh +copy_setports ns1/named1.conf.in ns1/named.conf diff --git a/bin/tests/system/database/tests.sh b/bin/tests/system/database/tests.sh index b9972db0f3..53586ad433 100644 --- a/bin/tests/system/database/tests.sh +++ b/bin/tests/system/database/tests.sh @@ -6,8 +6,6 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -# $Id: tests.sh,v 1.3 2011/03/01 23:48:05 tbox Exp $ - SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh @@ -16,23 +14,23 @@ n=0 rm -f dig.out.* -DIGOPTS="+tcp +noadd +nosea +nostat +nocmd +dnssec -p 5300" -RNDCCMD="$RNDC -s 10.53.0.1 -p 9953 -c ../common/rndc.conf" +DIGOPTS="+tcp +noadd +nosea +nostat +nocmd +dnssec -p ${PORT}" +RNDCCMD="$RNDC -s 10.53.0.1 -p ${CONTROLPORT} -c ../common/rndc.conf" # Check the example. domain -echo "I:checking pre reload zone ($n)" +echo_i "checking pre reload zone ($n)" ret=0 $DIG $DIGOPTS soa database. @10.53.0.1 > dig.out.ns1.test$n || ret=1 grep "hostmaster\.isc\.org" dig.out.ns1.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -cp ns1/named.conf2 ns1/named.conf +copy_setports ns1/named2.conf.in ns1/named.conf $RNDCCMD reload 2>&1 >/dev/null -echo "I:checking post reload zone ($n)" +echo_i "checking post reload zone ($n)" ret=1 try=0 while test $try -lt 6 @@ -45,8 +43,8 @@ do test $ret -eq 0 && break done n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:exit status: $status" +echo_i "exit status: $status" [ $status -eq 0 ] || exit 1 diff --git a/bin/tests/system/digdelv/clean.sh b/bin/tests/system/digdelv/clean.sh index f016c0c13c..e18e36f025 100644 --- a/bin/tests/system/digdelv/clean.sh +++ b/bin/tests/system/digdelv/clean.sh @@ -8,6 +8,7 @@ rm -f */named.memstats rm -f */named.run +rm -f */named.conf rm -f delv.out.test* rm -f dig.out.*test* rm -f dig.out.mm.* diff --git a/bin/tests/system/digdelv/ns1/named.conf b/bin/tests/system/digdelv/ns1/named.conf.in similarity index 93% rename from bin/tests/system/digdelv/ns1/named.conf rename to bin/tests/system/digdelv/ns1/named.conf.in index 31168c2ea2..be23c92491 100644 --- a/bin/tests/system/digdelv/ns1/named.conf +++ b/bin/tests/system/digdelv/ns1/named.conf.in @@ -8,11 +8,9 @@ // NS1 -controls { /* empty */ }; - options { query-source address 10.53.0.1; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.1; }; listen-on-v6 { fd92:7065:b8e:ffff::1; }; @@ -26,4 +24,3 @@ zone "." { type master; file "root.db"; }; - diff --git a/bin/tests/system/digdelv/ns2/named.conf b/bin/tests/system/digdelv/ns2/named.conf.in similarity index 93% rename from bin/tests/system/digdelv/ns2/named.conf rename to bin/tests/system/digdelv/ns2/named.conf.in index 674d22a0f4..f21f4cbb86 100644 --- a/bin/tests/system/digdelv/ns2/named.conf +++ b/bin/tests/system/digdelv/ns2/named.conf.in @@ -8,11 +8,9 @@ // NS2 -controls { /* empty */ }; - options { query-source address 10.53.0.2; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.2; }; listen-on-v6 { fd92:7065:b8e:ffff::2; }; diff --git a/bin/tests/system/digdelv/ns3/named.conf b/bin/tests/system/digdelv/ns3/named.conf.in similarity index 93% rename from bin/tests/system/digdelv/ns3/named.conf rename to bin/tests/system/digdelv/ns3/named.conf.in index 8f20f222de..d39c45bd19 100644 --- a/bin/tests/system/digdelv/ns3/named.conf +++ b/bin/tests/system/digdelv/ns3/named.conf.in @@ -6,11 +6,9 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -controls { /* empty */ }; - options { query-source address 10.53.0.3 dscp 1; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.3; }; listen-on-v6 { fd92:7065:b8e:ffff::3; }; diff --git a/bin/tests/system/digdelv/setup.sh b/bin/tests/system/digdelv/setup.sh new file mode 100644 index 0000000000..e877403d82 --- /dev/null +++ b/bin/tests/system/digdelv/setup.sh @@ -0,0 +1,15 @@ +#!/bin/sh +# +# Copyright (C) 2018 Internet Systems Consortium, Inc. ("ISC") +# +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +SYSTEMTESTTOP=.. +. $SYSTEMTESTTOP/conf.sh + +$SHELL clean.sh +copy_setports ns1/named.conf.in ns1/named.conf +copy_setports ns2/named.conf.in ns2/named.conf +copy_setports ns3/named.conf.in ns3/named.conf diff --git a/bin/tests/system/digdelv/tests.sh b/bin/tests/system/digdelv/tests.sh index e02c82ad92..3fe130585e 100644 --- a/bin/tests/system/digdelv/tests.sh +++ b/bin/tests/system/digdelv/tests.sh @@ -10,101 +10,101 @@ SYSTEMTESTTOP=.. status=0 n=0 # using dig insecure mode as not testing dnssec here -DIGOPTS="-i -p 5300" -SENDCMD="$PERL $SYSTEMTESTTOP/send.pl 10.53.0.4 5301" +DIGOPTS="-i -p ${PORT}" +SENDCMD="$PERL $SYSTEMTESTTOP/send.pl 10.53.0.4 ${EXTRAPORT1}" if [ -x ${DIG} ] ; then n=`expr $n + 1` - echo "I:checking dig short form works ($n)" + echo_i "checking dig short form works ($n)" ret=0 $DIG $DIGOPTS @10.53.0.3 +short a a.example > dig.out.test$n || ret=1 if test `wc -l < dig.out.test$n` != 1 ; then ret=1 ; fi - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` - echo "I:checking dig split width works ($n)" + echo_i "checking dig split width works ($n)" ret=0 $DIG $DIGOPTS @10.53.0.3 +split=4 -t sshfp foo.example > dig.out.test$n || ret=1 grep " 9ABC DEF6 7890 " < dig.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` - echo "I:checking dig +unknownformat works ($n)" + echo_i "checking dig +unknownformat works ($n)" ret=0 $DIG $DIGOPTS @10.53.0.3 +unknownformat a a.example > dig.out.test$n || ret=1 grep "CLASS1[ ][ ]*TYPE1[ ][ ]*\\\\# 4 0A000001" < dig.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` - echo "I:checking dig with reverse lookup works ($n)" + echo_i "checking dig with reverse lookup works ($n)" ret=0 $DIG $DIGOPTS @10.53.0.3 -x 127.0.0.1 > dig.out.test$n 2>&1 || ret=1 # doesn't matter if has answer grep -i "127\.in-addr\.arpa\." < dig.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` - echo "I:checking dig over TCP works ($n)" + echo_i "checking dig over TCP works ($n)" ret=0 $DIG $DIGOPTS +tcp @10.53.0.3 a a.example > dig.out.test$n || ret=1 grep "10\.0\.0\.1$" < dig.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` - echo "I:checking dig +multi +norrcomments works for dnskey (when default is rrcomments)($n)" + echo_i "checking dig +multi +norrcomments works for dnskey (when default is rrcomments)($n)" ret=0 $DIG $DIGOPTS +tcp @10.53.0.3 +multi +norrcomments DNSKEY dnskey.example > dig.out.test$n || ret=1 grep "; ZSK; alg = RSAMD5 ; key id = 30795" < dig.out.test$n > /dev/null && ret=1 - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` - echo "I:checking dig +multi +norrcomments works for soa (when default is rrcomments)($n)" + echo_i "checking dig +multi +norrcomments works for soa (when default is rrcomments)($n)" ret=0 $DIG $DIGOPTS +tcp @10.53.0.3 +multi +norrcomments SOA example > dig.out.test$n || ret=1 grep "; ZSK; alg = RSAMD5 ; key id = 30795" < dig.out.test$n > /dev/null && ret=1 - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` - echo "I:checking dig +rrcomments works for DNSKEY($n)" + echo_i "checking dig +rrcomments works for DNSKEY($n)" ret=0 $DIG $DIGOPTS +tcp @10.53.0.3 +rrcomments DNSKEY dnskey.example > dig.out.test$n || ret=1 grep "; ZSK; alg = RSAMD5 ; key id = 30795" < dig.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` - echo "I:checking dig +short +rrcomments works for DNSKEY ($n)" + echo_i "checking dig +short +rrcomments works for DNSKEY ($n)" ret=0 $DIG $DIGOPTS +tcp @10.53.0.3 +short +rrcomments DNSKEY dnskey.example > dig.out.test$n || ret=1 grep "; ZSK; alg = RSAMD5 ; key id = 30795" < dig.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` - echo "I:checking dig +short +nosplit works($n)" + echo_i "checking dig +short +nosplit works($n)" ret=0 $DIG $DIGOPTS +tcp @10.53.0.3 +short +nosplit DNSKEY dnskey.example > dig.out.test$n || ret=1 grep "Z8plc4Rb9VIE5x7KNHAYTvTO5d4S8M=$" < dig.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` - echo "I:checking dig +short +rrcomments works($n)" + echo_i "checking dig +short +rrcomments works($n)" ret=0 $DIG $DIGOPTS +tcp @10.53.0.3 +short +rrcomments DNSKEY dnskey.example > dig.out.test$n || ret=1 grep "S8M= ; ZSK; alg = RSAMD5 ; key id = 30795$" < dig.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` - echo "I:checking dig multi flag is local($n)" + echo_i "checking dig multi flag is local($n)" ret=0 $DIG $DIGOPTS +tcp @10.53.0.3 -t DNSKEY dnskey.example +nomulti dnskey.example +nomulti > dig.out.nn.$n || ret=1 $DIG $DIGOPTS +tcp @10.53.0.3 -t DNSKEY dnskey.example +multi dnskey.example +nomulti > dig.out.mn.$n || ret=1 @@ -118,61 +118,61 @@ if [ -x ${DIG} ] ; then test $lcmm -ge $lcmn || ret=1 test $lcnm -ge $lcnn || ret=1 test $lcmn -ge $lcnn || ret=1 - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` - echo "I:checking dig +noheader-only works ($n)" + echo_i "checking dig +noheader-only works ($n)" ret=0 $DIG $DIGOPTS +tcp @10.53.0.3 +noheader-only A example > dig.out.test$n || ret=1 grep "Got answer:" < dig.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` - echo "I:checking dig +short +rrcomments works($n)" + echo_i "checking dig +short +rrcomments works($n)" ret=0 $DIG $DIGOPTS +tcp @10.53.0.3 +short +rrcomments DNSKEY dnskey.example > dig.out.test$n || ret=1 grep "S8M= ; ZSK; alg = RSAMD5 ; key id = 30795$" < dig.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` - echo "I:checking dig +header-only works ($n)" + echo_i "checking dig +header-only works ($n)" ret=0 $DIG $DIGOPTS +tcp @10.53.0.3 +header-only example > dig.out.test$n || ret=1 grep "^;; flags: qr rd; QUERY: 0, ANSWER: 0," < dig.out.test$n > /dev/null || ret=1 grep "^;; QUESTION SECTION:" < dig.out.test$n > /dev/null && ret=1 - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` - echo "I:checking dig +header-only works (with class and type set) ($n)" + echo_i "checking dig +header-only works (with class and type set) ($n)" ret=0 $DIG $DIGOPTS +tcp @10.53.0.3 +header-only -c IN -t A example > dig.out.test$n || ret=1 grep "^;; flags: qr rd; QUERY: 0, ANSWER: 0," < dig.out.test$n > /dev/null || ret=1 grep "^;; QUESTION SECTION:" < dig.out.test$n > /dev/null && ret=1 - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` - echo "I:checking dig +zflag works, and that BIND properly ignores it ($n)" + echo_i "checking dig +zflag works, and that BIND properly ignores it ($n)" ret=0 $DIG $DIGOPTS +tcp @10.53.0.3 +zflag +qr A example > dig.out.test$n || ret=1 sed -n '/Sending:/,/Got answer:/p' dig.out.test$n | grep "^;; flags: rd ad; MBZ: 0x4;" > /dev/null || ret=1 sed -n '/Got answer:/,/AUTHORITY SECTION:/p' dig.out.test$n | grep "^;; flags: qr rd ra; QUERY: 1" > /dev/null || ret=1 - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` - echo "I:checking dig +qr +ednsopt=08 does not cause an INSIST failure ($n)" + echo_i "checking dig +qr +ednsopt=08 does not cause an INSIST failure ($n)" ret=0 $DIG $DIGOPTS @10.53.0.3 +ednsopt=08 +qr a a.example > dig.out.test$n || ret=1 grep "INSIST" < dig.out.test$n > /dev/null && ret=1 grep "FORMERR" < dig.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` - echo "I:checking dig +ttlunits works ($n)" + echo_i "checking dig +ttlunits works ($n)" ret=0 $DIG $DIGOPTS +tcp @10.53.0.2 +ttlunits A weeks.example > dig.out.test$n || ret=1 grep "^weeks.example. 3w" < dig.out.test$n > /dev/null || ret=1 @@ -184,11 +184,11 @@ if [ -x ${DIG} ] ; then grep "^minutes.example. 45m" < dig.out.test$n > /dev/null || ret=1 $DIG $DIGOPTS +tcp @10.53.0.2 +ttlunits A seconds.example > dig.out.test$n || ret=1 grep "^seconds.example. 45s" < dig.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` - echo "I:checking dig respects precedence of options with +ttlunits ($n)" + echo_i "checking dig respects precedence of options with +ttlunits ($n)" ret=0 $DIG $DIGOPTS +tcp @10.53.0.2 +ttlunits +nottlid A weeks.example > dig.out.test$n || ret=1 grep "^weeks.example. IN" < dig.out.test$n > /dev/null || ret=1 @@ -196,11 +196,11 @@ if [ -x ${DIG} ] ; then grep "^weeks.example. 3w" < dig.out.test$n > /dev/null || ret=1 $DIG $DIGOPTS +tcp @10.53.0.2 +nottlid +nottlunits A weeks.example > dig.out.test$n || ret=1 grep "^weeks.example. 1814400" < dig.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` - + n=`expr $n + 1` - echo "I:checking dig preserves origin on TCP retries ($n)" + echo_i "checking dig preserves origin on TCP retries ($n)" ret=0 # Ask ans4 to still accept TCP connections, but not respond to queries echo "//" | $SENDCMD @@ -208,90 +208,90 @@ if [ -x ${DIG} ] ; then l=`grep "trying origin bar" dig.out.test$n | wc -l` [ ${l:-0} -eq 2 ] || ret=1 grep "using root origin" < dig.out.test$n > /dev/null && ret=1 - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` - echo "I:checking dig -6 -4 ($n)" + echo_i "checking dig -6 -4 ($n)" ret=0 $DIG $DIGOPTS +tcp @10.53.0.2 -4 -6 A a.example > dig.out.test$n 2>&1 && ret=1 grep "only one of -4 and -6 allowed" < dig.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` - + n=`expr $n + 1` - echo "I:checking dig @IPv6addr -4 A a.example ($n)" + echo_i "checking dig @IPv6addr -4 A a.example ($n)" if $TESTSOCK6 fd92:7065:b8e:ffff::2 2>/dev/null then ret=0 $DIG $DIGOPTS +tcp @fd92:7065:b8e:ffff::2 -4 A a.example > dig.out.test$n 2>&1 && ret=1 grep "address family not supported" < dig.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` else - echo "I:IPv6 unavailable; skipping" + echo_i "IPv6 unavailable; skipping" fi - + n=`expr $n + 1` - echo "I:checking dig @IPv4addr -6 +mapped A a.example ($n)" + echo_i "checking dig @IPv4addr -6 +mapped A a.example ($n)" if $TESTSOCK6 fd92:7065:b8e:ffff::2 2>/dev/null && [ `uname -s` != "OpenBSD" ] then ret=0 ret=0 $DIG $DIGOPTS +tcp @10.53.0.2 -6 +mapped A a.example > dig.out.test$n 2>&1 || ret=1 - grep "SERVER: ::ffff:10.53.0.2#5300" < dig.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo "I:failed"; fi + grep "SERVER: ::ffff:10.53.0.2#${PORT}" < dig.out.test$n > /dev/null || ret=1 + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` else - echo "I:IPv6 or IPv4-to-IPv6 mapping unavailable; skipping" + echo_i "IPv6 or IPv4-to-IPv6 mapping unavailable; skipping" fi n=`expr $n + 1` - echo "I:checking dig +tcp @IPv4addr -6 +nomapped A a.example ($n)" + echo_i "checking dig +tcp @IPv4addr -6 +nomapped A a.example ($n)" if $TESTSOCK6 fd92:7065:b8e:ffff::2 2>/dev/null then ret=0 ret=0 $DIG $DIGOPTS +tcp @10.53.0.2 -6 +nomapped A a.example > dig.out.test$n 2>&1 || ret=1 - grep "SERVER: ::ffff:10.53.0.2#5300" < dig.out.test$n > /dev/null && ret=1 - if [ $ret != 0 ]; then echo "I:failed"; fi + grep "SERVER: ::ffff:10.53.0.2#${PORT}" < dig.out.test$n > /dev/null && ret=1 + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` else - echo "I:IPv6 unavailable; skipping" + echo_i "IPv6 unavailable; skipping" fi n=`expr $n + 1` - echo "I:checking dig +notcp @IPv4addr -6 +nomapped A a.example ($n)" + echo_i "checking dig +notcp @IPv4addr -6 +nomapped A a.example ($n)" if $TESTSOCK6 fd92:7065:b8e:ffff::2 2>/dev/null then ret=0 ret=0 $DIG $DIGOPTS +notcp @10.53.0.2 -6 +nomapped A a.example > dig.out.test$n 2>&1 || ret=1 - grep "SERVER: ::ffff:10.53.0.2#5300" < dig.out.test$n > /dev/null && ret=1 - if [ $ret != 0 ]; then echo "I:failed"; fi + grep "SERVER: ::ffff:10.53.0.2#${PORT}" < dig.out.test$n > /dev/null && ret=1 + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` else - echo "I:IPv6 unavailable; skipping" + echo_i "IPv6 unavailable; skipping" fi - + n=`expr $n + 1` - echo "I:checking dig +subnet ($n)" + echo_i "checking dig +subnet ($n)" ret=0 $DIG $DIGOPTS +tcp @10.53.0.2 +subnet=127.0.0.1 A a.example > dig.out.test$n 2>&1 || ret=1 grep "CLIENT-SUBNET: 127.0.0.1/32/0" < dig.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` - echo "I:checking dig +subnet +subnet ($n)" + echo_i "checking dig +subnet +subnet ($n)" ret=0 $DIG $DIGOPTS +tcp @10.53.0.2 +subnet=127.0.0.0 +subnet=127.0.0.1 A a.example > dig.out.test$n 2>&1 || ret=1 grep "CLIENT-SUBNET: 127.0.0.1/32/0" < dig.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` - echo "I:checking dig +subnet with various prefix lengths ($n)" + echo_i "checking dig +subnet with various prefix lengths ($n)" ret=0 for i in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24; do $DIG $DIGOPTS +tcp @10.53.0.2 +subnet=255.255.255.255/$i A a.example > dig.out.$i.test$n 2>&1 || ret=1 @@ -313,118 +313,118 @@ if [ -x ${DIG} ] ; then grep "FORMERR" < dig.out.$i.test$n > /dev/null && ret=1 grep "CLIENT-SUBNET: $addr/$i/0" < dig.out.$i.test$n > /dev/null || ret=1 done - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` - echo "I:checking dig +subnet=0/0 ($n)" + echo_i "checking dig +subnet=0/0 ($n)" ret=0 $DIG $DIGOPTS +tcp @10.53.0.2 +subnet=0/0 A a.example > dig.out.test$n 2>&1 || ret=1 grep "status: NOERROR" < dig.out.test$n > /dev/null || ret=1 grep "CLIENT-SUBNET: 0.0.0.0/0/0" < dig.out.test$n > /dev/null || ret=1 grep "10.0.0.1" < dig.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` - echo "I:checking dig +subnet=0 ($n)" + echo_i "checking dig +subnet=0 ($n)" ret=0 $DIG $DIGOPTS +tcp @10.53.0.2 +subnet=0 A a.example > dig.out.test$n 2>&1 || ret=1 grep "status: NOERROR" < dig.out.test$n > /dev/null || ret=1 grep "CLIENT-SUBNET: 0.0.0.0/0/0" < dig.out.test$n > /dev/null || ret=1 grep "10.0.0.1" < dig.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` - echo "I:checking dig +subnet=::/0 ($n)" + echo_i "checking dig +subnet=::/0 ($n)" ret=0 $DIG $DIGOPTS +tcp @10.53.0.2 +subnet=::/0 A a.example > dig.out.test$n 2>&1 || ret=1 grep "status: NOERROR" < dig.out.test$n > /dev/null || ret=1 grep "CLIENT-SUBNET: ::/0/0" < dig.out.test$n > /dev/null || ret=1 grep "10.0.0.1" < dig.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` - echo "I:checking dig +ednsopt=8:00000000 (family=0, source=0, scope=0) ($n)" + echo_i "checking dig +ednsopt=8:00000000 (family=0, source=0, scope=0) ($n)" ret=0 $DIG $DIGOPTS +tcp @10.53.0.2 +ednsopt=8:00000000 A a.example > dig.out.test$n 2>&1 || ret=1 grep "status: NOERROR" < dig.out.test$n > /dev/null || ret=1 grep "CLIENT-SUBNET: 0/0/0" < dig.out.test$n > /dev/null || ret=1 grep "10.0.0.1" < dig.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` - echo "I:checking dig +ednsopt=8:00030000 (family=3, source=0, scope=0) ($n)" + echo_i "checking dig +ednsopt=8:00030000 (family=3, source=0, scope=0) ($n)" ret=0 $DIG $DIGOPTS +qr +tcp @10.53.0.2 +ednsopt=8:00030000 A a.example > dig.out.test$n 2>&1 || ret=1 grep "status: FORMERR" < dig.out.test$n > /dev/null || ret=1 grep "CLIENT-SUBNET: 00 03 00 00" < dig.out.test$n > /dev/null || ret=1 lines=`grep "CLIENT-SUBNET: 00 03 00 00" dig.out.test$n | wc -l` [ ${lines:-0} -eq 1 ] || ret=1 - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` - echo "I:checking dig +subnet with prefix lengths between byte boundaries ($n)" + echo_i "checking dig +subnet with prefix lengths between byte boundaries ($n)" ret=0 for p in 9 10 11 12 13 14 15; do $DIG $DIGOPTS +tcp @10.53.0.2 +subnet=10.53/$p A a.example > dig.out.test.$p.$n 2>&1 || ret=1 grep "FORMERR" < dig.out.test.$p.$n > /dev/null && ret=1 grep "CLIENT-SUBNET.*/$p/0" < dig.out.test.$p.$n > /dev/null || ret=1 done - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` - + n=`expr $n + 1` - echo "I:checking dig +sp works as an abbreviated form of split ($n)" + echo_i "checking dig +sp works as an abbreviated form of split ($n)" ret=0 $DIG $DIGOPTS @10.53.0.3 +sp=4 -t sshfp foo.example > dig.out.test$n || ret=1 grep " 9ABC DEF6 7890 " < dig.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` - echo "I:checking dig -c works ($n)" + echo_i "checking dig -c works ($n)" ret=0 $DIG $DIGOPTS @10.53.0.3 -c CHAOS -t txt version.bind > dig.out.test$n || ret=1 grep "version.bind. 0 CH TXT" < dig.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` - echo "I:checking dig +dscp ($n)" + echo_i "checking dig +dscp ($n)" ret=0 $DIG $DIGOPTS @10.53.0.3 +dscp=32 a a.example > /dev/null 2>&1 || ret=1 $DIG $DIGOPTS @10.53.0.3 +dscp=-1 a a.example > /dev/null 2>&1 && ret=1 $DIG $DIGOPTS @10.53.0.3 +dscp=64 a a.example > /dev/null 2>&1 && ret=1 #TODO add a check to make sure dig is actually setting the dscp on the query #we might have to add better logging to named for this - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` - echo "I:checking dig +ednsopt with option number ($n)" + echo_i "checking dig +ednsopt with option number ($n)" ret=0 $DIG $DIGOPTS @10.53.0.3 +ednsopt=3 a.example > dig.out.test$n 2>&1 || ret=1 grep 'NSID: .* ("ns3")' dig.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` - echo "I:checking dig +ednsopt with option name ($n)" + echo_i "checking dig +ednsopt with option name ($n)" ret=0 $DIG $DIGOPTS @10.53.0.3 +ednsopt=nsid a.example > dig.out.test$n 2>&1 || ret=1 grep 'NSID: .* ("ns3")' dig.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` if $FEATURETEST --with-idn then - echo "I:checking dig +idnout ($n)" + echo_i "checking dig +idnout ($n)" ret=0 $DIG $DIGOPTS @10.53.0.3 +noidnout xn--caf-dma.example. > dig.out.1.test$n 2>&1 || ret=1 $DIG $DIGOPTS @10.53.0.3 +idnout xn--caf-dma.example. > dig.out.2.test$n 2>&1 || ret=1 @@ -432,47 +432,47 @@ if [ -x ${DIG} ] ; then grep "^xn--caf-dma.example" dig.out.2.test$n > /dev/null && ret=1 grep 10.1.2.3 dig.out.1.test$n > /dev/null || ret=1 grep 10.1.2.3 dig.out.2.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` else - echo "I:skipping 'dig +idnout' as IDN support is not enabled ($n)" + echo_i "skipping 'dig +idnout' as IDN support is not enabled ($n)" fi n=`expr $n + 1` - echo "I:checking that dig warns about .local queries ($n)" + echo_i "checking that dig warns about .local queries ($n)" ret=0 $DIG $DIGOPTS @10.53.0.3 local soa > dig.out.test$n 2>&1 || ret=1 grep ";; WARNING: .local is reserved for Multicast DNS" dig.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` - echo "I:check that dig processes +ednsopt=key-tag and FORMERR is returned ($n)" + echo_i "check that dig processes +ednsopt=key-tag and FORMERR is returned ($n)" $DIG $DIGOPTS @10.53.0.3 +ednsopt=key-tag a.example +qr > dig.out.test$n 2>&1 || ret=1 grep "; KEY-TAG$" dig.out.test$n > /dev/null || ret=1 grep "status: FORMERR" dig.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` - echo "I:check that dig processes +ednsopt=key-tag: ($n)" + echo_i "check that dig processes +ednsopt=key-tag: ($n)" $DIG $DIGOPTS @10.53.0.3 +ednsopt=key-tag:00010002 a.example +qr > dig.out.test$n 2>&1 || ret=1 grep "; KEY-TAG: 1, 2$" dig.out.test$n > /dev/null || ret=1 grep "status: FORMERR" dig.out.test$n > /dev/null && ret=1 - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` - echo "I:check that dig processes +ednsopt=key-tag: and FORMERR is returned ($n)" + echo_i "check that dig processes +ednsopt=key-tag: and FORMERR is returned ($n)" ret=0 $DIG $DIGOPTS @10.53.0.3 +ednsopt=key-tag:0001000201 a.example +qr > dig.out.test$n 2>&1 || ret=1 grep "; KEY-TAG: 00 01 00 02 01" dig.out.test$n > /dev/null || ret=1 grep "status: FORMERR" dig.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` - echo "I:check that dig gracefully handles bad escape in domain name ($n)" + echo_i "check that dig gracefully handles bad escape in domain name ($n)" ret=0 $DIG $DIGOPTS @10.53.0.3 '\0.' > dig.out.test$n 2>&1 digstatus=$? @@ -480,51 +480,51 @@ if [ -x ${DIG} ] ; then test $digstatus -eq 10 || ret=1 grep REQUIRE dig.out.test$n > /dev/null && ret=1 grep "is not a legal name (bad escape)" dig.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` else - echo "$DIG is needed, so skipping these dig tests" + echo_i "$DIG is needed, so skipping these dig tests" fi # using delv insecure mode as not testing dnssec here -DELVOPTS="-i -p 5300" +DELVOPTS="-i -p ${PORT}" if [ -x ${DELV} ] ; then n=`expr $n + 1` - echo "I:checking delv short form works ($n)" + echo_i "checking delv short form works ($n)" ret=0 $DELV $DELVOPTS @10.53.0.3 +short a a.example > delv.out.test$n || ret=1 if test `wc -l < delv.out.test$n` != 1 ; then ret=1 ; fi - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` - echo "I:checking delv split width works ($n)" + echo_i "checking delv split width works ($n)" ret=0 $DELV $DELVOPTS @10.53.0.3 +split=4 -t sshfp foo.example > delv.out.test$n || ret=1 grep " 9ABC DEF6 7890 " < delv.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` - echo "I:checking delv +unknownformat works ($n)" + echo_i "checking delv +unknownformat works ($n)" ret=0 $DELV $DELVOPTS @10.53.0.3 +unknownformat a a.example > delv.out.test$n || ret=1 grep "CLASS1[ ][ ]*TYPE1[ ][ ]*\\\\# 4 0A000001" < delv.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` - echo "I:checking delv -4 -6 ($n)" + echo_i "checking delv -4 -6 ($n)" ret=0 $DELV $DELVOPTS @10.53.0.3 -4 -6 A a.example > delv.out.test$n 2>&1 && ret=1 grep "only one of -4 and -6 allowed" < delv.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` - echo "I:checking delv with IPv6 on IPv4 does not work ($n)" + echo_i "checking delv with IPv6 on IPv4 does not work ($n)" if $TESTSOCK6 fd92:7065:b8e:ffff::3 2>/dev/null then ret=0 @@ -535,14 +535,14 @@ if [ -x ${DELV} ] ; then # it should have no results but error output grep "testing" < delv.out.test$n > /dev/null && ret=1 grep "Use of IPv4 disabled by -6" delv.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` else - echo "I:IPv6 unavailable; skipping" + echo_i "IPv6 unavailable; skipping" fi n=`expr $n + 1` - echo "I:checking delv with IPv4 on IPv6 does not work ($n)" + echo_i "checking delv with IPv4 on IPv6 does not work ($n)" if $TESTSOCK6 fd92:7065:b8e:ffff::3 2>/dev/null then ret=0 @@ -553,125 +553,125 @@ if [ -x ${DELV} ] ; then # it should have no results but error output grep "testing" delv.out.test$n > /dev/null && ret=1 grep "Use of IPv6 disabled by -4" delv.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` else - echo "I:IPv6 unavailable; skipping" + echo_i "IPv6 unavailable; skipping" fi n=`expr $n + 1` - echo "I:checking delv with reverse lookup works ($n)" + echo_i "checking delv with reverse lookup works ($n)" ret=0 $DELV $DELVOPTS @10.53.0.3 -x 127.0.0.1 > delv.out.test$n 2>&1 || ret=1 # doesn't matter if has answer grep -i "127\.in-addr\.arpa\." < delv.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` - echo "I:checking delv over TCP works ($n)" + echo_i "checking delv over TCP works ($n)" ret=0 $DELV $DELVOPTS +tcp @10.53.0.3 a a.example > delv.out.test$n || ret=1 grep "10\.0\.0\.1$" < delv.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` - echo "I:checking delv +multi +norrcomments works for dnskey (when default is rrcomments)($n)" + echo_i "checking delv +multi +norrcomments works for dnskey (when default is rrcomments)($n)" ret=0 $DELV $DELVOPTS +tcp @10.53.0.3 +multi +norrcomments DNSKEY dnskey.example > delv.out.test$n || ret=1 grep "; ZSK; alg = RSAMD5 ; key id = 30795" < delv.out.test$n > /dev/null && ret=1 - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` - echo "I:checking delv +multi +norrcomments works for soa (when default is rrcomments)($n)" + echo_i "checking delv +multi +norrcomments works for soa (when default is rrcomments)($n)" ret=0 $DELV $DELVOPTS +tcp @10.53.0.3 +multi +norrcomments SOA example > delv.out.test$n || ret=1 grep "; ZSK; alg = RSAMD5 ; key id = 30795" < delv.out.test$n > /dev/null && ret=1 - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` - echo "I:checking delv +rrcomments works for DNSKEY($n)" + echo_i "checking delv +rrcomments works for DNSKEY($n)" ret=0 $DELV $DELVOPTS +tcp @10.53.0.3 +rrcomments DNSKEY dnskey.example > delv.out.test$n || ret=1 grep "; ZSK; alg = RSAMD5 ; key id = 30795" < delv.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` - echo "I:checking delv +short +rrcomments works for DNSKEY ($n)" + echo_i "checking delv +short +rrcomments works for DNSKEY ($n)" ret=0 $DELV $DELVOPTS +tcp @10.53.0.3 +short +rrcomments DNSKEY dnskey.example > delv.out.test$n || ret=1 grep "; ZSK; alg = RSAMD5 ; key id = 30795" < delv.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` - echo "I:checking delv +short +rrcomments works ($n)" + echo_i "checking delv +short +rrcomments works ($n)" ret=0 $DELV $DELVOPTS +tcp @10.53.0.3 +short +rrcomments DNSKEY dnskey.example > delv.out.test$n || ret=1 grep "S8M= ; ZSK; alg = RSAMD5 ; key id = 30795$" < delv.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` - echo "I:checking delv +short +nosplit works ($n)" + echo_i "checking delv +short +nosplit works ($n)" ret=0 $DELV $DELVOPTS +tcp @10.53.0.3 +short +nosplit DNSKEY dnskey.example > delv.out.test$n || ret=1 grep "Z8plc4Rb9VIE5x7KNHAYTvTO5d4S8M=" < delv.out.test$n > /dev/null || ret=1 if test `wc -l < delv.out.test$n` != 1 ; then ret=1 ; fi f=`awk '{print NF}' < delv.out.test$n` test "${f:-0}" -eq 14 || ret=1 - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` - echo "I:checking delv +short +nosplit +norrcomments works ($n)" + echo_i "checking delv +short +nosplit +norrcomments works ($n)" ret=0 $DELV $DELVOPTS +tcp @10.53.0.3 +short +nosplit +norrcomments DNSKEY dnskey.example > delv.out.test$n || ret=1 grep "Z8plc4Rb9VIE5x7KNHAYTvTO5d4S8M=$" < delv.out.test$n > /dev/null || ret=1 if test `wc -l < delv.out.test$n` != 1 ; then ret=1 ; fi f=`awk '{print NF}' < delv.out.test$n` test "${f:-0}" -eq 4 || ret=1 - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` - + n=`expr $n + 1` - echo "I:checking delv +sp works as an abbriviated form of split ($n)" + echo_i "checking delv +sp works as an abbriviated form of split ($n)" ret=0 $DELV $DELVOPTS @10.53.0.3 +sp=4 -t sshfp foo.example > delv.out.test$n || ret=1 grep " 9ABC DEF6 7890 " < delv.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` - + n=`expr $n + 1` - echo "I:checking delv +sh works as an abbriviated form of short ($n)" + echo_i "checking delv +sh works as an abbriviated form of short ($n)" ret=0 $DELV $DELVOPTS @10.53.0.3 +sh a a.example > delv.out.test$n || ret=1 if test `wc -l < delv.out.test$n` != 1 ; then ret=1 ; fi - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` - echo "I:checking delv -c IN works ($n)" + echo_i "checking delv -c IN works ($n)" ret=0 $DELV $DELVOPTS @10.53.0.3 -c IN -t a a.example > delv.out.test$n || ret=1 grep "a.example." < delv.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` - echo "I:checking delv -c CH is ignored, and treated like IN ($n)" + echo_i "checking delv -c CH is ignored, and treated like IN ($n)" ret=0 $DELV $DELVOPTS @10.53.0.3 -c CH -t a a.example > delv.out.test$n || ret=1 grep "a.example." < delv.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` else - echo "$DELV is needed, so skipping these delv tests" + echo_i "$DELV is needed, so skipping these delv tests" fi -echo "I:exit status: $status" +echo_i "exit status: $status" [ $status -eq 0 ] || exit 1 diff --git a/bin/tests/system/dlv/clean.sh b/bin/tests/system/dlv/clean.sh index 584c52e854..8f1413236a 100644 --- a/bin/tests/system/dlv/clean.sh +++ b/bin/tests/system/dlv/clean.sh @@ -7,6 +7,7 @@ # file, You can obtain one at http://mozilla.org/MPL/2.0/. rm -f ns*/named.run +rm -f ns*/named.conf rm -f ns1/K* rm -f ns1/dsset-* rm -f ns1/*.signed diff --git a/bin/tests/system/dlv/ns1/named.conf b/bin/tests/system/dlv/ns1/named.conf.in similarity index 86% rename from bin/tests/system/dlv/ns1/named.conf rename to bin/tests/system/dlv/ns1/named.conf.in index 299b4e844d..b4b22c7ddc 100644 --- a/bin/tests/system/dlv/ns1/named.conf +++ b/bin/tests/system/dlv/ns1/named.conf.in @@ -6,15 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.6 2011/05/26 23:47:28 tbox Exp $ */ - -controls { /* empty */ }; - options { query-source address 10.53.0.1; notify-source 10.53.0.1; transfer-source 10.53.0.1; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.1; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/dlv/ns1/sign.sh b/bin/tests/system/dlv/ns1/sign.sh index d69ebac124..36af850d08 100755 --- a/bin/tests/system/dlv/ns1/sign.sh +++ b/bin/tests/system/dlv/ns1/sign.sh @@ -11,7 +11,7 @@ SYSTEMTESTTOP=../.. (cd ../ns2 && $SHELL -e ./sign.sh || exit 1) -echo "I:dlv/ns1/sign.sh" +echo_i "dlv/ns1/sign.sh" zone=. infile=root.db.in @@ -25,7 +25,7 @@ cat $infile $keyname1.key $keyname2.key >$zonefile $SIGNER -r $RANDFILE -g -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err -echo "I: signed $zone" +echo_i "signed $zone" grep -v '^;' $keyname2.key | $PERL -n -e ' local ($dn, $class, $type, $flags, $proto, $alg, @rest) = split; diff --git a/bin/tests/system/dlv/ns2/named.conf b/bin/tests/system/dlv/ns2/named.conf.in similarity index 86% rename from bin/tests/system/dlv/ns2/named.conf rename to bin/tests/system/dlv/ns2/named.conf.in index 303a13d0d8..ece497ba0b 100644 --- a/bin/tests/system/dlv/ns2/named.conf +++ b/bin/tests/system/dlv/ns2/named.conf.in @@ -6,15 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.6 2011/05/26 23:47:28 tbox Exp $ */ - -controls { /* empty */ }; - options { query-source address 10.53.0.2; notify-source 10.53.0.2; transfer-source 10.53.0.2; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.2; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/dlv/ns2/sign.sh b/bin/tests/system/dlv/ns2/sign.sh index 91d3aa1676..764465a04f 100755 --- a/bin/tests/system/dlv/ns2/sign.sh +++ b/bin/tests/system/dlv/ns2/sign.sh @@ -11,7 +11,7 @@ SYSTEMTESTTOP=../.. (cd ../ns3 && $SHELL -e ./sign.sh || exit 1) -echo "I:dlv/ns2/sign.sh" +echo_i "dlv/ns2/sign.sh" zone=druz. infile=druz.db.in @@ -29,4 +29,4 @@ $SIGNER -r $RANDFILE -l $dlvzone -g -o $zone -f $outfile $zonefile > /dev/null 2 $CHECKZONE -q -D -i none druz druz.pre | sed '/IN DNSKEY/s/\([a-z0-9A-Z/]\{10\}\)[a-z0-9A-Z/]\{16\}/\1XXXXXXXXXXXXXXXX/'> druz.signed -echo "I: signed $zone" +echo_i "signed $zone" diff --git a/bin/tests/system/dlv/ns3/named.conf b/bin/tests/system/dlv/ns3/named.conf.in similarity index 94% rename from bin/tests/system/dlv/ns3/named.conf rename to bin/tests/system/dlv/ns3/named.conf.in index 9c5a19e542..c400d7c50a 100644 --- a/bin/tests/system/dlv/ns3/named.conf +++ b/bin/tests/system/dlv/ns3/named.conf.in @@ -6,15 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.6 2011/05/26 23:47:28 tbox Exp $ */ - -controls { /* empty */ }; - options { query-source address 10.53.0.3; notify-source 10.53.0.3; transfer-source 10.53.0.3; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.3; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/dlv/ns3/sign.sh b/bin/tests/system/dlv/ns3/sign.sh index ea7b73f63d..ba408e98f4 100755 --- a/bin/tests/system/dlv/ns3/sign.sh +++ b/bin/tests/system/dlv/ns3/sign.sh @@ -11,7 +11,7 @@ SYSTEMTESTTOP=../.. (cd ../ns6 && $SHELL -e ./sign.sh) -echo "I:dlv/ns3/sign.sh" +echo_i "dlv/ns3/sign.sh" dlvzone=dlv.utld. dlvsets= @@ -30,7 +30,7 @@ dsfilename=../ns6/dsset-grand.`echo $zone |sed -e "s/\.$//g"`$TP cat $infile $keyname1.key $keyname2.key $dsfilename >$zonefile $SIGNER -r $RANDFILE -l $dlvzone -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err -echo "I: signed $zone" +echo_i "signed $zone" zone=child3.utld. @@ -46,7 +46,7 @@ dsfilename=../ns6/dsset-grand.`echo $zone |sed -e "s/\.$//g"`$TP cat $infile $keyname1.key $keyname2.key $dsfilename >$zonefile $SIGNER -r $RANDFILE -l $dlvzone -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err -echo "I: signed $zone" +echo_i "signed $zone" zone=child4.utld. @@ -61,7 +61,7 @@ keyname2=`$KEYGEN -f KSK -r $RANDFILE -a DSA -b 768 -n zone $zone 2> /dev/null` cat $infile $keyname1.key $keyname2.key >$zonefile $SIGNER -r $RANDFILE -l $dlvzone -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err -echo "I: signed $zone" +echo_i "signed $zone" zone=child5.utld. @@ -77,7 +77,7 @@ dsfilename=../ns6/dsset-grand.`echo $zone |sed -e "s/\.$//g"`$TP cat $infile $keyname1.key $keyname2.key $dsfilename >$zonefile $SIGNER -r $RANDFILE -l $dlvzone -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err -echo "I: signed $zone" +echo_i "signed $zone" zone=child7.utld. @@ -92,7 +92,7 @@ dsfilename=../ns6/dsset-grand.`echo $zone |sed -e "s/\.$//g"`$TP cat $infile $keyname1.key $keyname2.key $dsfilename >$zonefile $SIGNER -r $RANDFILE -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err -echo "I: signed $zone" +echo_i "signed $zone" zone=child8.utld. @@ -106,7 +106,7 @@ keyname2=`$KEYGEN -f KSK -r $RANDFILE -a DSA -b 768 -n zone $zone 2> /dev/null` cat $infile $keyname1.key $keyname2.key >$zonefile $SIGNER -r $RANDFILE -l $dlvzone -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err -echo "I: signed $zone" +echo_i "signed $zone" zone=child9.utld. @@ -121,7 +121,7 @@ keyname2=`$KEYGEN -f KSK -r $RANDFILE -a DSA -b 768 -n zone $zone 2> /dev/null` cat $infile $keyname1.key $keyname2.key >$zonefile $SIGNER -r $RANDFILE -l $dlvzone -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err -echo "I: signed $zone" +echo_i "signed $zone" zone=child10.utld. infile=child.db.in @@ -135,7 +135,7 @@ keyname2=`$KEYGEN -f KSK -r $RANDFILE -a DSA -b 768 -n zone $zone 2> /dev/null` cat $infile $keyname1.key $keyname2.key >$zonefile $SIGNER -r $RANDFILE -l $dlvzone -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err -echo "I: signed $zone" +echo_i "signed $zone" zone=child1.druz. infile=child.db.in @@ -151,7 +151,7 @@ dsfilename=../ns6/dsset-grand.`echo $zone |sed -e "s/\.$//g"`$TP cat $infile $keyname1.key $keyname2.key $dsfilename >$zonefile $SIGNER -r $RANDFILE -l $dlvzone -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err -echo "I: signed $zone" +echo_i "signed $zone" zone=child3.druz. @@ -168,7 +168,7 @@ dsfilename=../ns6/dsset-grand.`echo $zone |sed -e "s/\.$//g"`$TP cat $infile $keyname1.key $keyname2.key $dsfilename >$zonefile $SIGNER -r $RANDFILE -l $dlvzone -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err -echo "I: signed $zone" +echo_i "signed $zone" zone=child4.druz. @@ -184,7 +184,7 @@ keyname2=`$KEYGEN -f KSK -r $RANDFILE -a DSA -b 768 -n zone $zone 2> /dev/null` cat $infile $keyname1.key $keyname2.key >$zonefile $SIGNER -r $RANDFILE -l $dlvzone -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err -echo "I: signed $zone" +echo_i "signed $zone" zone=child5.druz. @@ -201,7 +201,7 @@ dsfilename=../ns6/dsset-grand.`echo $zone |sed -e "s/\.$//g"`$TP cat $infile $keyname1.key $keyname2.key $dsfilename >$zonefile $SIGNER -r $RANDFILE -l $dlvzone -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err -echo "I: signed $zone" +echo_i "signed $zone" zone=child7.druz. @@ -217,7 +217,7 @@ dsfilename=../ns6/dsset-grand.`echo $zone |sed -e "s/\.$//g"`$TP cat $infile $keyname1.key $keyname2.key $dsfilename >$zonefile $SIGNER -r $RANDFILE -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err -echo "I: signed $zone" +echo_i "signed $zone" zone=child8.druz. @@ -231,7 +231,7 @@ keyname2=`$KEYGEN -f KSK -r $RANDFILE -a DSA -b 768 -n zone $zone 2> /dev/null` cat $infile $keyname1.key $keyname2.key >$zonefile $SIGNER -r $RANDFILE -l $dlvzone -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err -echo "I: signed $zone" +echo_i "signed $zone" zone=child9.druz. @@ -246,7 +246,7 @@ keyname2=`$KEYGEN -f KSK -r $RANDFILE -a DSA -b 768 -n zone $zone 2> /dev/null` cat $infile $keyname1.key $keyname2.key >$zonefile $SIGNER -r $RANDFILE -l $dlvzone -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err -echo "I: signed $zone" +echo_i "signed $zone" zone=child10.druz. infile=child.db.in @@ -261,7 +261,7 @@ keyname2=`$KEYGEN -f KSK -r $RANDFILE -a DSA -b 768 -n zone $zone 2> /dev/null` cat $infile $keyname1.key $keyname2.key >$zonefile $SIGNER -r $RANDFILE -l $dlvzone -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err -echo "I: signed $zone" +echo_i "signed $zone" zone=dlv.utld. @@ -275,7 +275,7 @@ keyname2=`$KEYGEN -f KSK -r $RANDFILE -a DSA -b 768 -n zone $zone 2> /dev/null` cat $infile $dlvsets $keyname1.key $keyname2.key >$zonefile $SIGNER -r $RANDFILE -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err -echo "I: signed $zone" +echo_i "signed $zone" grep -v '^;' $keyname2.key | $PERL -n -e ' diff --git a/bin/tests/system/dlv/ns4/named.conf b/bin/tests/system/dlv/ns4/named.conf.in similarity index 86% rename from bin/tests/system/dlv/ns4/named.conf rename to bin/tests/system/dlv/ns4/named.conf.in index e5c0a59a94..cdeb761593 100644 --- a/bin/tests/system/dlv/ns4/named.conf +++ b/bin/tests/system/dlv/ns4/named.conf.in @@ -6,15 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.4 2007/06/19 23:47:02 tbox Exp $ */ - -controls { /* empty */ }; - options { query-source address 10.53.0.4; notify-source 10.53.0.4; transfer-source 10.53.0.4; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.4; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/dlv/ns5/named.conf b/bin/tests/system/dlv/ns5/named.conf deleted file mode 100644 index 5090ee3a58..0000000000 --- a/bin/tests/system/dlv/ns5/named.conf +++ /dev/null @@ -1,58 +0,0 @@ -/* - * Copyright (C) 2004, 2006, 2007, 2011, 2013, 2016, 2017 Internet Systems Consortium, Inc. ("ISC") - * - * This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. - */ - -/* $Id: named.conf,v 1.10 2011/05/26 23:47:28 tbox Exp $ */ - -/* - * Choose a keyname that is unlikely to clash with any real key names. - * This allows it to be added to the system's rndc.conf with minimal - * likelyhood of collision. - * - * e.g. - * key "cc64b3d1db63fc88d7cb5d2f9f57d258" { - * algorithm hmac-sha256; - * secret "34f88008d07deabbe65bd01f1d233d47"; - * }; - * - * server "10.53.0.5" { - * key cc64b3d1db63fc88d7cb5d2f9f57d258; - * port 5353; - * }; - * - * rndc -s 10.53.0.5 - */ - -key "cc64b3d1db63fc88d7cb5d2f9f57d258" { - algorithm hmac-sha256; - secret "34f88008d07deabbe65bd01f1d233d47"; -}; - -controls { - inet 10.53.0.5 port 5353 allow { any; } - keys { cc64b3d1db63fc88d7cb5d2f9f57d258; }; -}; - -include "trusted.conf"; -include "trusted-dlv.conf"; - -options { - query-source address 10.53.0.5; - notify-source 10.53.0.5; - transfer-source 10.53.0.5; - port 5300; - pid-file "named.pid"; - listen-on { 10.53.0.5; }; - listen-on-v6 { none; }; - recursion yes; - notify yes; - dnssec-enable yes; - dnssec-validation yes; - dnssec-lookaside "." trust-anchor "dlv.utld"; -}; - -zone "." { type hint; file "hints"; }; diff --git a/bin/tests/system/dlv/ns5/named.conf.in b/bin/tests/system/dlv/ns5/named.conf.in new file mode 100644 index 0000000000..defe25a826 --- /dev/null +++ b/bin/tests/system/dlv/ns5/named.conf.in @@ -0,0 +1,27 @@ +/* + * Copyright (C) 2004, 2006, 2007, 2011, 2013, 2016, 2017 Internet Systems Consortium, Inc. ("ISC") + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. + */ + +include "trusted.conf"; +include "trusted-dlv.conf"; + +options { + query-source address 10.53.0.5; + notify-source 10.53.0.5; + transfer-source 10.53.0.5; + port @PORT@; + pid-file "named.pid"; + listen-on { 10.53.0.5; }; + listen-on-v6 { none; }; + recursion yes; + notify yes; + dnssec-enable yes; + dnssec-validation yes; + dnssec-lookaside "." trust-anchor "dlv.utld"; +}; + +zone "." { type hint; file "hints"; }; diff --git a/bin/tests/system/dlv/ns6/named.conf b/bin/tests/system/dlv/ns6/named.conf.in similarity index 94% rename from bin/tests/system/dlv/ns6/named.conf rename to bin/tests/system/dlv/ns6/named.conf.in index ae617b89a6..d98699a0cd 100644 --- a/bin/tests/system/dlv/ns6/named.conf +++ b/bin/tests/system/dlv/ns6/named.conf.in @@ -6,15 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.6 2011/05/26 23:47:28 tbox Exp $ */ - -controls { /* empty */ }; - options { query-source address 10.53.0.6; notify-source 10.53.0.6; transfer-source 10.53.0.6; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.6; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/dlv/ns6/sign.sh b/bin/tests/system/dlv/ns6/sign.sh index 533cd5987c..165b59c17a 100755 --- a/bin/tests/system/dlv/ns6/sign.sh +++ b/bin/tests/system/dlv/ns6/sign.sh @@ -9,7 +9,7 @@ SYSTEMTESTTOP=../.. . $SYSTEMTESTTOP/conf.sh -echo "I:dlv/ns6/sign.sh" +echo_i "dlv/ns6/sign.sh" zone=grand.child1.utld. infile=child.db.in @@ -22,7 +22,7 @@ keyname2=`$KEYGEN -f KSK -r $RANDFILE -a DSA -b 768 -n zone $zone 2> /dev/null` cat $infile $keyname1.key $keyname2.key >$zonefile $SIGNER -g -r $RANDFILE -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err -echo "I: signed $zone" +echo_i "signed $zone" zone=grand.child3.utld. @@ -37,7 +37,7 @@ keyname2=`$KEYGEN -f KSK -r $RANDFILE -a DSA -b 768 -n zone $zone 2> /dev/null` cat $infile $keyname1.key $keyname2.key >$zonefile $SIGNER -g -r $RANDFILE -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err -echo "I: signed $zone" +echo_i "signed $zone" zone=grand.child4.utld. @@ -52,7 +52,7 @@ keyname2=`$KEYGEN -f KSK -r $RANDFILE -a DSA -b 768 -n zone $zone 2> /dev/null` cat $infile $keyname1.key $keyname2.key >$zonefile $SIGNER -g -r $RANDFILE -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err -echo "I: signed $zone" +echo_i "signed $zone" zone=grand.child5.utld. @@ -67,7 +67,7 @@ keyname2=`$KEYGEN -f KSK -r $RANDFILE -a DSA -b 768 -n zone $zone 2> /dev/null` cat $infile $keyname1.key $keyname2.key >$zonefile $SIGNER -g -r $RANDFILE -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err -echo "I: signed $zone" +echo_i "signed $zone" zone=grand.child7.utld. @@ -82,7 +82,7 @@ keyname2=`$KEYGEN -f KSK -r $RANDFILE -a DSA -b 768 -n zone $zone 2> /dev/null` cat $infile $keyname1.key $keyname2.key >$zonefile $SIGNER -g -r $RANDFILE -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err -echo "I: signed $zone" +echo_i "signed $zone" zone=grand.child8.utld. @@ -97,7 +97,7 @@ keyname2=`$KEYGEN -f KSK -r $RANDFILE -a DSA -b 768 -n zone $zone 2> /dev/null` cat $infile $keyname1.key $keyname2.key >$zonefile $SIGNER -g -r $RANDFILE -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err -echo "I: signed $zone" +echo_i "signed $zone" zone=grand.child9.utld. @@ -112,7 +112,7 @@ keyname2=`$KEYGEN -f KSK -r $RANDFILE -a DSA -b 768 -n zone $zone 2> /dev/null` cat $infile $keyname1.key $keyname2.key >$zonefile $SIGNER -g -r $RANDFILE -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err -echo "I: signed $zone" +echo_i "signed $zone" zone=grand.child10.utld. infile=child.db.in @@ -126,7 +126,7 @@ keyname2=`$KEYGEN -f KSK -r $RANDFILE -a DSA -b 768 -n zone $zone 2> /dev/null` cat $infile $keyname1.key $keyname2.key >$zonefile $SIGNER -g -r $RANDFILE -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err -echo "I: signed $zone" +echo_i "signed $zone" zone=grand.child1.druz. infile=child.db.in @@ -139,7 +139,7 @@ keyname2=`$KEYGEN -f KSK -r $RANDFILE -a DSA -b 768 -n zone $zone 2> /dev/null` cat $infile $keyname1.key $keyname2.key >$zonefile $SIGNER -g -r $RANDFILE -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err -echo "I: signed $zone" +echo_i "signed $zone" zone=grand.child3.druz. @@ -154,7 +154,7 @@ keyname2=`$KEYGEN -f KSK -r $RANDFILE -a DSA -b 768 -n zone $zone 2> /dev/null` cat $infile $keyname1.key $keyname2.key >$zonefile $SIGNER -g -r $RANDFILE -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err -echo "I: signed $zone" +echo_i "signed $zone" zone=grand.child4.druz. @@ -169,7 +169,7 @@ keyname2=`$KEYGEN -f KSK -r $RANDFILE -a DSA -b 768 -n zone $zone 2> /dev/null` cat $infile $keyname1.key $keyname2.key >$zonefile $SIGNER -g -r $RANDFILE -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err -echo "I: signed $zone" +echo_i "signed $zone" zone=grand.child5.druz. @@ -184,7 +184,7 @@ keyname2=`$KEYGEN -f KSK -r $RANDFILE -a DSA -b 768 -n zone $zone 2> /dev/null` cat $infile $keyname1.key $keyname2.key >$zonefile $SIGNER -g -r $RANDFILE -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err -echo "I: signed $zone" +echo_i "signed $zone" zone=grand.child7.druz. @@ -199,7 +199,7 @@ keyname2=`$KEYGEN -f KSK -r $RANDFILE -a DSA -b 768 -n zone $zone 2> /dev/null` cat $infile $keyname1.key $keyname2.key >$zonefile $SIGNER -g -r $RANDFILE -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err -echo "I: signed $zone" +echo_i "signed $zone" zone=grand.child8.druz. @@ -214,7 +214,7 @@ keyname2=`$KEYGEN -f KSK -r $RANDFILE -a DSA -b 768 -n zone $zone 2> /dev/null` cat $infile $keyname1.key $keyname2.key >$zonefile $SIGNER -g -r $RANDFILE -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err -echo "I: signed $zone" +echo_i "signed $zone" zone=grand.child9.druz. @@ -229,7 +229,7 @@ keyname2=`$KEYGEN -f KSK -r $RANDFILE -a DSA -b 768 -n zone $zone 2> /dev/null` cat $infile $keyname1.key $keyname2.key >$zonefile $SIGNER -g -r $RANDFILE -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err -echo "I: signed $zone" +echo_i "signed $zone" zone=grand.child10.druz. infile=child.db.in @@ -243,4 +243,4 @@ keyname2=`$KEYGEN -f KSK -r $RANDFILE -a DSA -b 768 -n zone $zone 2> /dev/null` cat $infile $keyname1.key $keyname2.key >$zonefile $SIGNER -g -r $RANDFILE -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err -echo "I: signed $zone" +echo_i "signed $zone" diff --git a/bin/tests/system/dlv/setup.sh b/bin/tests/system/dlv/setup.sh index 1f31316168..6608b8ab09 100644 --- a/bin/tests/system/dlv/setup.sh +++ b/bin/tests/system/dlv/setup.sh @@ -11,4 +11,11 @@ SYSTEMTESTTOP=.. test -r $RANDFILE || $GENRANDOM 800 $RANDFILE +copy_setports ns1/named.conf.in ns1/named.conf +copy_setports ns2/named.conf.in ns2/named.conf +copy_setports ns3/named.conf.in ns3/named.conf +copy_setports ns4/named.conf.in ns4/named.conf +copy_setports ns5/named.conf.in ns5/named.conf +copy_setports ns6/named.conf.in ns6/named.conf + (cd ns1 && $SHELL -e sign.sh) diff --git a/bin/tests/system/dlv/tests.sh b/bin/tests/system/dlv/tests.sh index da4fb1ef44..d5684fcf0a 100644 --- a/bin/tests/system/dlv/tests.sh +++ b/bin/tests/system/dlv/tests.sh @@ -6,8 +6,6 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -# $Id: tests.sh,v 1.8 2011/05/26 23:47:28 tbox Exp $ - SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh @@ -16,39 +14,39 @@ n=0 rm -f dig.out.* -DIGOPTS="+tcp +noadd +nosea +nostat +nocmd +dnssec -p 5300" +DIGOPTS="+tcp +noadd +nosea +nostat +nocmd +dnssec -p ${PORT}" -echo "I:checking that DNSKEY reference by DLV validates as secure ($n)" +echo_i "checking that DNSKEY reference by DLV validates as secure ($n)" ret=0 $DIG $DIGOPTS child1.utld dnskey @10.53.0.5 > dig.out.ns5.test$n || ret=1 grep "flags:.*ad.*QUERY" dig.out.ns5.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking that child DNSKEY reference by DLV validates as secure ($n)" +echo_i "checking that child DNSKEY reference by DLV validates as secure ($n)" ret=0 $DIG $DIGOPTS grand.child1.utld dnskey @10.53.0.5 > dig.out.ns5.test$n || ret=1 grep "flags:.*ad.*QUERY" dig.out.ns5.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking that SOA reference by DLV in a DRUZ with DS validates as secure ($n)" +echo_i "checking that SOA reference by DLV in a DRUZ with DS validates as secure ($n)" ret=0 $DIG $DIGOPTS child1.druz soa @10.53.0.5 > dig.out.ns5.test$n || ret=1 grep "flags:.*ad.*QUERY" dig.out.ns5.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking that child SOA reference by DLV in a DRUZ with DS validates as secure ($n)" +echo_i "checking that child SOA reference by DLV in a DRUZ with DS validates as secure ($n)" ret=0 $DIG $DIGOPTS grand.child1.druz soa @10.53.0.5 > dig.out.ns5.test$n || ret=1 grep "flags:.*ad.*QUERY" dig.out.ns5.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:exit status: $status" +echo_i "exit status: $status" [ $status -eq 0 ] || exit 1 diff --git a/bin/tests/system/dlz/clean.sh b/bin/tests/system/dlz/clean.sh index 3bc18af032..4f55ac2b51 100644 --- a/bin/tests/system/dlz/clean.sh +++ b/bin/tests/system/dlz/clean.sh @@ -6,8 +6,7 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -# $Id: clean.sh,v 1.2 2010/08/16 04:46:15 marka Exp $ - +rm -f ns*/named.conf rm -f dig.out.* rm -f */named.memstats rm -f */named.run diff --git a/bin/tests/system/dlz/ns1/named.conf b/bin/tests/system/dlz/ns1/named.conf.in similarity index 84% rename from bin/tests/system/dlz/ns1/named.conf rename to bin/tests/system/dlz/ns1/named.conf.in index f18cdae31b..45a4a7c74c 100644 --- a/bin/tests/system/dlz/ns1/named.conf +++ b/bin/tests/system/dlz/ns1/named.conf.in @@ -6,15 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.2 2010/08/16 04:46:15 marka Exp $ */ - -controls { /* empty */ }; - options { query-source address 10.53.0.1; notify-source 10.53.0.1; transfer-source 10.53.0.1; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.1; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/dlz/prereq.sh.in b/bin/tests/system/dlz/prereq.sh.in index 9e7a68b42d..398d00c743 100644 --- a/bin/tests/system/dlz/prereq.sh.in +++ b/bin/tests/system/dlz/prereq.sh.in @@ -6,12 +6,11 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -# $Id: prereq.sh.in,v 1.2 2011/04/19 22:30:52 each Exp $ - -TOP=${SYSTEMTESTTOP:=.}/../../../.. +SYSTEMTESTTOP=.. +. $SYSTEMTESTTOP/conf.sh if [ "@DLZ_SYSTEM_TEST@" != "filesystem" ]; then - echo "I:DLZ filesystem driver not supported" + echo_i "DLZ filesystem driver not supported" exit 255 fi exit 0 diff --git a/bin/tests/system/dlz/setup.sh b/bin/tests/system/dlz/setup.sh new file mode 100644 index 0000000000..c69f051dbc --- /dev/null +++ b/bin/tests/system/dlz/setup.sh @@ -0,0 +1,13 @@ +#!/bin/sh +# +# Copyright (C) 2018 Internet Systems Consortium, Inc. ("ISC") +# +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +SYSTEMTESTTOP=.. +. $SYSTEMTESTTOP/conf.sh + +$SHELL clean.sh +copy_setports ns1/named.conf.in ns1/named.conf diff --git a/bin/tests/system/dlz/tests.sh b/bin/tests/system/dlz/tests.sh index b1a46582cf..0b155526ea 100644 --- a/bin/tests/system/dlz/tests.sh +++ b/bin/tests/system/dlz/tests.sh @@ -6,8 +6,6 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -# $Id: tests.sh,v 1.4 2011/04/19 23:47:52 tbox Exp $ - SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh @@ -16,11 +14,11 @@ n=0 rm -f dig.out.* -DIGOPTS="+tcp +noadd +nosea +nostat +nocmd +dnssec -p 5300" +DIGOPTS="+tcp +noadd +nosea +nostat +nocmd +dnssec -p ${PORT}" # Check the example.com. domain -echo "I:checking DNAME at apex works ($n)" +echo_i "checking DNAME at apex works ($n)" ret=0 $DIG $DIGOPTS +norec foo.example.com. \ @10.53.0.1 a > dig.out.ns1.test$n || ret=1 @@ -29,46 +27,46 @@ grep "example.com..*DNAME.*example.net." dig.out.ns1.test$n > /dev/null || ret=1 grep "foo.example.com..*CNAME.*foo.example.net." dig.out.ns1.test$n > /dev/null || ret=1 grep "flags:[^;]* aa[ ;]" dig.out.ns1.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking DLZ IXFR=2010062899 (less than serial) ($n)" +echo_i "checking DLZ IXFR=2010062899 (less than serial) ($n)" ret=0 $DIG $DIGOPTS ixfr=2010062899 example.com @10.53.0.1 +all > dig.out.ns1.test$n grep "example.com..*IN.IXFR" dig.out.ns1.test$n > /dev/null || ret=1 grep "example.com..*10.IN.DNAME.example.net." dig.out.ns1.test$n > /dev/null || ret=1 grep "example.com..*10.IN.NS.example.com." dig.out.ns1.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking DLZ IXFR=2010062900 (equal serial) ($n)" +echo_i "checking DLZ IXFR=2010062900 (equal serial) ($n)" ret=0 $DIG $DIGOPTS ixfr=2010062900 example.com @10.53.0.1 +all > dig.out.ns1.test$n grep "example.com..*IN.IXFR" dig.out.ns1.test$n > /dev/null || ret=1 grep "example.com..*10.IN.DNAME.example.net." dig.out.ns1.test$n > /dev/null && ret=1 grep "example.com..*10.IN.NS.example.com." dig.out.ns1.test$n > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking DLZ IXFR=2010062901 (greater than serial) ($n)" +echo_i "checking DLZ IXFR=2010062901 (greater than serial) ($n)" ret=0 $DIG $DIGOPTS ixfr=2010062901 example.com @10.53.0.1 +all > dig.out.ns1.test$n grep "example.com..*IN.IXFR" dig.out.ns1.test$n > /dev/null || ret=1 grep "example.com..*10.IN.DNAME.example.net." dig.out.ns1.test$n > /dev/null && ret=1 grep "example.com..*10.IN.NS.example.com." dig.out.ns1.test$n > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking DLZ with a malformed SOA record" +echo_i "checking DLZ with a malformed SOA record" ret=0 $DIG $DIGOPTS broken.com type600 @10.53.0.1 > dig.out.ns1.test$n grep status: dig.out.ns1.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:exit status: $status" +echo_i "exit status: $status" [ $status -eq 0 ] || exit 1 diff --git a/bin/tests/system/dlzexternal/clean.sh b/bin/tests/system/dlzexternal/clean.sh index cad3f4710d..cce160363a 100644 --- a/bin/tests/system/dlzexternal/clean.sh +++ b/bin/tests/system/dlzexternal/clean.sh @@ -12,6 +12,7 @@ rm -f ns1/update.txt rm -f */named.memstats +rm -f */named.conf rm -f */named.run rm -f ns1/ddns.key rm -f dig.out* diff --git a/bin/tests/system/dlzexternal/ns1/.gitignore b/bin/tests/system/dlzexternal/ns1/.gitignore index 58e5c9282d..40cc821d6c 100644 --- a/bin/tests/system/dlzexternal/ns1/.gitignore +++ b/bin/tests/system/dlzexternal/ns1/.gitignore @@ -1 +1,2 @@ named.conf +dlzs.conf diff --git a/bin/tests/system/dlzexternal/ns1/dlzs.conf.in b/bin/tests/system/dlzexternal/ns1/dlzs.conf.in new file mode 100644 index 0000000000..128352b53c --- /dev/null +++ b/bin/tests/system/dlzexternal/ns1/dlzs.conf.in @@ -0,0 +1,30 @@ +/* + * Copyright (C) 2011-2014, 2016 Internet Systems Consortium, Inc. ("ISC") + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. + */ + +dlz "example one" { + database "dlopen ../driver.@SO@ example.nil"; +}; + +dlz "example two" { + database "dlopen ../driver.@SO@ alternate.nil"; +}; + +dlz "unsearched1" { + database "dlopen ../driver.@SO@ other.nil"; + search no; +}; + +dlz "unsearched2" { + database "dlopen ../driver.@SO@ zone.nil"; + search no; +}; + +dlz redzone { + database "dlopen ../driver.@SO@ ."; + search no; +}; diff --git a/bin/tests/system/dlzexternal/ns1/named.conf.in b/bin/tests/system/dlzexternal/ns1/named.conf.in index 9083d2abd1..5f650db0f2 100644 --- a/bin/tests/system/dlzexternal/ns1/named.conf.in +++ b/bin/tests/system/dlzexternal/ns1/named.conf.in @@ -6,15 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf.in,v 1.3 2011/03/10 23:47:50 tbox Exp $ */ - -controls { }; - options { query-source address 10.53.0.1; notify-source 10.53.0.1; transfer-source 10.53.0.1; - port 5300; + port @PORT@; pid-file "named.pid"; session-keyfile "session.key"; listen-on { 10.53.0.1; 127.0.0.1; }; @@ -31,31 +27,10 @@ key rndc_key { include "ddns.key"; controls { - inet 10.53.0.1 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.1 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; -dlz "example one" { - database "dlopen ../driver.@SO@ example.nil"; -}; - -dlz "example two" { - database "dlopen ../driver.@SO@ alternate.nil"; -}; - -dlz "unsearched1" { - database "dlopen ../driver.@SO@ other.nil"; - search no; -}; - -dlz "unsearched2" { - database "dlopen ../driver.@SO@ zone.nil"; - search no; -}; - -dlz redzone { - database "dlopen ../driver.@SO@ ."; - search no; -}; +include "dlzs.conf"; zone zone.nil { type master; diff --git a/bin/tests/system/dlzexternal/prereq.sh b/bin/tests/system/dlzexternal/prereq.sh index e016e66e53..8f0c601b26 100644 --- a/bin/tests/system/dlzexternal/prereq.sh +++ b/bin/tests/system/dlzexternal/prereq.sh @@ -10,7 +10,7 @@ SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh $FEATURETEST --have-dlopen || { - echo "I:dlopen() not supported - skipping dlzexternal test" + echo_i "dlopen() not supported - skipping dlzexternal test" exit 255 } exit 0 diff --git a/bin/tests/system/dlzexternal/setup.sh b/bin/tests/system/dlzexternal/setup.sh index c0cf30a34e..9af5067ecd 100644 --- a/bin/tests/system/dlzexternal/setup.sh +++ b/bin/tests/system/dlzexternal/setup.sh @@ -12,3 +12,5 @@ SYSTEMTESTTOP=.. test -r $RANDFILE || $GENRANDOM 800 $RANDFILE $DDNSCONFGEN -q -r $RANDFILE -z example.nil > ns1/ddns.key + +copy_setports ns1/named.conf.in ns1/named.conf diff --git a/bin/tests/system/dlzexternal/tests.sh b/bin/tests/system/dlzexternal/tests.sh index cf0713575f..b0d7415edf 100644 --- a/bin/tests/system/dlzexternal/tests.sh +++ b/bin/tests/system/dlzexternal/tests.sh @@ -12,11 +12,12 @@ SYSTEMTESTTOP=.. status=0 n=0 -DIGOPTS="@10.53.0.1 -p 5300 +nocookie" +DIGOPTS="@10.53.0.1 -p ${PORT} +nocookie" +RNDCCMD="$RNDC -c $SYSTEMTESTTOP/common/rndc.conf -p ${CONTROLPORT} -s" newtest() { n=`expr $n + 1` - echo "${1} (${n})" + echo_i "${1} (${n})" ret=0 } @@ -28,15 +29,15 @@ test_update() { should_fail="$5" cat < ns1/update.txt -server 10.53.0.1 5300 +server 10.53.0.1 ${PORT} update add $host $cmd send EOF - newtest "I:testing update for $host $type $cmd${comment:+ }$comment" + newtest "testing update for $host $type $cmd${comment:+ }$comment" $NSUPDATE -k ns1/ddns.key ns1/update.txt > /dev/null 2>&1 || { [ "$should_fail" ] || \ - echo "I:update failed for $host $type $cmd" + echo_i "update failed for $host $type $cmd" return 1 } @@ -44,7 +45,7 @@ EOF lines=`echo "$out" | grep "$digout" | wc -l` [ $lines -eq 1 ] || { [ "$should_fail" ] || \ - echo "I:dig output incorrect for $host $type $cmd: $out" + echo_i "dig output incorrect for $host $type $cmd: $out" return 1 } return 0 @@ -62,15 +63,15 @@ status=`expr $status + $ret` test_update deny.example.nil. TXT "86400 TXT helloworld" "helloworld" should_fail && ret=1 status=`expr $status + $ret` -newtest "I:testing nxrrset" +newtest "testing nxrrset" $DIG $DIGOPTS testdc1.example.nil AAAA > dig.out.$n grep "status: NOERROR" dig.out.$n > /dev/null || ret=1 grep "ANSWER: 0" dig.out.$n > /dev/null || ret=1 status=`expr $status + $ret` -newtest "I:testing prerequisites are checked correctly" +newtest "testing prerequisites are checked correctly" cat > ns1/update.txt << EOF -server 10.53.0.1 5300 +server 10.53.0.1 ${PORT} prereq nxdomain testdc3.example.nil update add testdc3.example.nil 86500 in a 10.53.0.12 send @@ -78,70 +79,70 @@ EOF $NSUPDATE -k ns1/ddns.key ns1/update.txt > /dev/null 2>&1 && ret=1 out=`$DIG $DIGOPTS +short a testdc3.example.nil` [ "$out" = "10.53.0.12" ] && ret=1 -[ "$ret" -eq 0 ] || echo "I:failed" +[ "$ret" -eq 0 ] || echo_i "failed" status=`expr $status + $ret` -newtest "I:testing passing client info into DLZ driver" +newtest "testing passing client info into DLZ driver" out=`$DIG $DIGOPTS +short -t txt -q source-addr.example.nil | grep -v '^;'` addr=`eval echo "$out" | cut -f1 -d'#'` [ "$addr" = "10.53.0.1" ] || ret=1 -[ "$ret" -eq 0 ] || echo "I:failed" +[ "$ret" -eq 0 ] || echo_i "failed" status=`expr $status + $ret` -newtest "I:testing DLZ driver is cleaned up on reload" -$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 reload 2>&1 | sed 's/^/I:ns1 /' +newtest "testing DLZ driver is cleaned up on reload" +$RNDCCMD 10.53.0.1 reload 2>&1 | sed 's/^/ns1 /' | cat_i for i in 0 1 2 3 4 5 6 7 8 9; do ret=0 grep 'dlz_example: shutting down zone example.nil' ns1/named.run > /dev/null 2>&1 || ret=1 [ "$ret" -eq 0 ] && break sleep 1 done -[ "$ret" -eq 0 ] || echo "I:failed" +[ "$ret" -eq 0 ] || echo_i "failed" status=`expr $status + $ret` -newtest "I:testing multiple DLZ drivers" +newtest "testing multiple DLZ drivers" test_update testdc1.alternate.nil. A "86400 A 10.53.0.10" "10.53.0.10" || ret=1 status=`expr $status + $ret` -newtest "I:testing AXFR from DLZ drivers" +newtest "testing AXFR from DLZ drivers" $DIG $DIGOPTS +noall +answer axfr example.nil > dig.out.ns1.test$n lines=`cat dig.out.ns1.test$n | wc -l` [ ${lines:-0} -eq 4 ] || ret=1 $DIG $DIGOPTS +noall +answer axfr alternate.nil > dig.out.ns1.test$n lines=`cat dig.out.ns1.test$n | wc -l` [ ${lines:-0} -eq 5 ] || ret=1 -[ "$ret" -eq 0 ] || echo "I:failed" +[ "$ret" -eq 0 ] || echo_i "failed" status=`expr $status + $ret` -newtest "I:testing unsearched/unregistered DLZ zone is not found" +newtest "testing unsearched/unregistered DLZ zone is not found" $DIG $DIGOPTS +noall +answer ns other.nil > dig.out.ns1.test$n grep "3600.IN.NS.other.nil." dig.out.ns1.test$n > /dev/null && ret=1 -[ "$ret" -eq 0 ] || echo "I:failed" +[ "$ret" -eq 0 ] || echo_i "failed" status=`expr $status + $ret` -newtest "I:testing unsearched/registered DLZ zone is found" +newtest "testing unsearched/registered DLZ zone is found" $DIG $DIGOPTS +noall +answer ns zone.nil > dig.out.ns1.test$n grep "3600.IN.NS.zone.nil." dig.out.ns1.test$n > /dev/null || ret=1 -[ "$ret" -eq 0 ] || echo "I:failed" +[ "$ret" -eq 0 ] || echo_i "failed" status=`expr $status + $ret` -newtest "I:testing unsearched/registered DLZ zone is found" +newtest "testing unsearched/registered DLZ zone is found" $DIG $DIGOPTS +noall +answer ns zone.nil > dig.out.ns1.test$n grep "3600.IN.NS.zone.nil." dig.out.ns1.test$n > /dev/null || ret=1 -[ "$ret" -eq 0 ] || echo "I:failed" +[ "$ret" -eq 0 ] || echo_i "failed" status=`expr $status + $ret` -newtest "I:testing correct behavior with findzone returning ISC_R_NOMORE" +newtest "testing correct behavior with findzone returning ISC_R_NOMORE" $DIG $DIGOPTS +noall a test.example.com > /dev/null 2>&1 || ret=1 # we should only find one logged lookup per searched DLZ database lines=`grep "dlz_findzonedb.*test\.example\.com.*example.nil" ns1/named.run | wc -l` [ $lines -eq 1 ] || ret=1 lines=`grep "dlz_findzonedb.*test\.example\.com.*alternate.nil" ns1/named.run | wc -l` [ $lines -eq 1 ] || ret=1 -[ "$ret" -eq 0 ] || echo "I:failed" +[ "$ret" -eq 0 ] || echo_i "failed" status=`expr $status + $ret` -newtest "I:testing findzone can return different results per client" +newtest "testing findzone can return different results per client" $DIG $DIGOPTS -b 10.53.0.1 +noall a test.example.net > /dev/null 2>&1 || ret=1 # we should only find one logged lookup per searched DLZ database lines=`grep "dlz_findzonedb.*example\.net.*example.nil" ns1/named.run | wc -l` @@ -154,45 +155,45 @@ lines=`grep "dlz_findzonedb.*example\.net.*example.nil" ns1/named.run | wc -l` [ $lines -gt 2 ] || ret=1 lines=`grep "dlz_findzonedb.*example\.net.*alternate.nil" ns1/named.run | wc -l` [ $lines -gt 2 ] || ret=1 -[ "$ret" -eq 0 ] || echo "I:failed" +[ "$ret" -eq 0 ] || echo_i "failed" status=`expr $status + $ret` -newtest "I:testing zone returning oversized data" +newtest "testing zone returning oversized data" $DIG $DIGOPTS txt too-long.example.nil > dig.out.ns1.test$n 2>&1 || ret=1 grep "status: SERVFAIL" dig.out.ns1.test$n > /dev/null || ret=1 -[ "$ret" -eq 0 ] || echo "I:failed" +[ "$ret" -eq 0 ] || echo_i "failed" status=`expr $status + $ret` -newtest "I:testing zone returning oversized data at zone origin" +newtest "testing zone returning oversized data at zone origin" $DIG $DIGOPTS txt bigcname.domain > dig.out.ns1.test$n 2>&1 || ret=1 grep "status: SERVFAIL" dig.out.ns1.test$n > /dev/null || ret=1 -[ "$ret" -eq 0 ] || echo "I:failed" +[ "$ret" -eq 0 ] || echo_i "failed" status=`expr $status + $ret` -newtest "I:checking redirected lookup for nonexistent name" +newtest "checking redirected lookup for nonexistent name" $DIG $DIGOPTS @10.53.0.1 unexists a > dig.out.ns1.test$n || ret=1 grep "status: NOERROR" dig.out.ns1.test$n > /dev/null || ret=1 grep "^unexists.*A.*100.100.100.2" dig.out.ns1.test$n > /dev/null || ret=1 grep "flags:[^;]* aa[ ;]" dig.out.ns1.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -newtest "I:checking no redirected lookup for nonexistent type" +newtest "checking no redirected lookup for nonexistent type" $DIG $DIGOPTS @10.53.0.1 exists aaaa > dig.out.ns1.test$n || ret=1 grep "status: NOERROR" dig.out.ns1.test$n > /dev/null || ret=1 grep "ANSWER: 0" dig.out.ns1.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -newtest "I:checking redirected lookup for a long nonexistent name" +newtest "checking redirected lookup for a long nonexistent name" $DIG $DIGOPTS @10.53.0.1 long.name.is.not.there a > dig.out.ns1.test$n || ret=1 grep "status: NOERROR" dig.out.ns1.test$n > /dev/null || ret=1 grep "^long.name.*A.*100.100.100.3" dig.out.ns1.test$n > /dev/null || ret=1 grep "flags:[^;]* aa[ ;]" dig.out.ns1.test$n > /dev/null || ret=1 lookups=`grep "lookup #.*\.not\.there" ns1/named.run | wc -l` [ "$lookups" -eq 1 ] || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:exit status: $status" +echo_i "exit status: $status" [ $status -eq 0 ] || exit 1 diff --git a/bin/tests/system/dns64/clean.sh b/bin/tests/system/dns64/clean.sh index 13ac11d606..4bb91c6897 100644 --- a/bin/tests/system/dns64/clean.sh +++ b/bin/tests/system/dns64/clean.sh @@ -6,6 +6,7 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. +rm -f ns*/named.conf rm -f ns1/K* rm -f ns1/signed.db* rm -f ns1/dsset-signed. diff --git a/bin/tests/system/dns64/ns1/named.conf b/bin/tests/system/dns64/ns1/named.conf.in similarity index 90% rename from bin/tests/system/dns64/ns1/named.conf rename to bin/tests/system/dns64/ns1/named.conf.in index 9a1c5c2015..5b024893ea 100644 --- a/bin/tests/system/dns64/ns1/named.conf +++ b/bin/tests/system/dns64/ns1/named.conf.in @@ -6,19 +6,15 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.3 2010/12/08 23:51:56 tbox Exp $ */ - // NS1 -controls { /* empty */ }; - acl rfc1918 { 10/8; 192.168/16; 172.16/12; }; options { query-source address 10.53.0.1; notify-source 10.53.0.1; transfer-source 10.53.0.1; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.1; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/dns64/ns2/named.conf b/bin/tests/system/dns64/ns2/named.conf.in similarity index 93% rename from bin/tests/system/dns64/ns2/named.conf rename to bin/tests/system/dns64/ns2/named.conf.in index 6c8f2d0da5..91f3b3b422 100644 --- a/bin/tests/system/dns64/ns2/named.conf +++ b/bin/tests/system/dns64/ns2/named.conf.in @@ -6,19 +6,15 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.4 2011/01/07 23:47:07 tbox Exp $ */ - // NS2 -controls { /* empty */ }; - acl rfc1918 { 10/8; 192.168/16; 172.16/12; }; options { query-source address 10.53.0.2; notify-source 10.53.0.2; transfer-source 10.53.0.2; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.2; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/dns64/setup.sh b/bin/tests/system/dns64/setup.sh index 103031153c..f907636639 100644 --- a/bin/tests/system/dns64/setup.sh +++ b/bin/tests/system/dns64/setup.sh @@ -13,4 +13,7 @@ $SHELL clean.sh test -r $RANDFILE || $GENRANDOM 800 $RANDFILE +copy_setports ns1/named.conf.in ns1/named.conf +copy_setports ns2/named.conf.in ns2/named.conf + cd ns1 && $SHELL sign.sh diff --git a/bin/tests/system/dns64/tests.sh b/bin/tests/system/dns64/tests.sh index 05c43e6c38..5be5dd48e1 100644 --- a/bin/tests/system/dns64/tests.sh +++ b/bin/tests/system/dns64/tests.sh @@ -6,8 +6,6 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -# $Id: tests.sh,v 1.5 2011/02/03 07:35:55 marka Exp $ - SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh @@ -16,76 +14,76 @@ n=0 rm -f dig.out.* -DIGOPTS="+tcp +noadd +nosea +nostat +nocmd -p 5300" +DIGOPTS="+tcp +noadd +nosea +nostat +nocmd -p ${PORT}" for conf in conf/good*.conf do - echo "I:checking that $conf is accepted ($n)" + echo_i "checking that $conf is accepted ($n)" ret=0 $CHECKCONF "$conf" || ret=1 n=`expr $n + 1` - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` done for conf in conf/bad*.conf do - echo "I:checking that $conf is rejected ($n)" + echo_i "checking that $conf is rejected ($n)" ret=0 $CHECKCONF "$conf" >/dev/null && ret=1 n=`expr $n + 1` - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` done # Check the example. domain -echo "I: checking non-excluded AAAA lookup works ($n)" +echo_i "checking non-excluded AAAA lookup works ($n)" ret=0 $DIG $DIGOPTS aaaa-only.example. @10.53.0.2 -b 10.53.0.2 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "2001::2" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking excluded only AAAA lookup works ($n)" +echo_i "checking excluded only AAAA lookup works ($n)" ret=0 $DIG $DIGOPTS excluded-only.example. @10.53.0.2 -b 10.53.0.2 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "ANSWER: 0," dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking excluded AAAA and non-mapped A lookup works ($n)" +echo_i "checking excluded AAAA and non-mapped A lookup works ($n)" ret=0 $DIG $DIGOPTS excluded-bad-a.example. @10.53.0.2 -b 10.53.0.2 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "ANSWER: 0," dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking excluded only AAAA and mapped A lookup works ($n)" +echo_i "checking excluded only AAAA and mapped A lookup works ($n)" ret=0 $DIG $DIGOPTS excluded-good-a.example. @10.53.0.2 -b 10.53.0.2 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "2001:aaaa::1.2.3.4" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking default exclude acl ignores mapped A records (all mapped) ($n)" +echo_i "checking default exclude acl ignores mapped A records (all mapped) ($n)" ret=0 $DIG $DIGOPTS a-and-mapped.example. @10.53.0.2 -b 10.53.0.4 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "2001:bbbb::1.2.3.5" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking default exclude acl ignores mapped A records (some mapped) ($n)" +echo_i "checking default exclude acl ignores mapped A records (some mapped) ($n)" ret=0 $DIG $DIGOPTS a-and-aaaa-and-mapped.example. @10.53.0.2 -b 10.53.0.4 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 @@ -93,457 +91,457 @@ grep "2001:eeee::4" dig.out.ns2.test$n > /dev/null || ret=1 grep "::ffff:1.2.3.4" dig.out.ns2.test$n > /dev/null && ret=1 grep "::ffff:1.2.3.5" dig.out.ns2.test$n > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking default exclude acl works with AAAA only ($n)" +echo_i "checking default exclude acl works with AAAA only ($n)" ret=0 $DIG $DIGOPTS aaaa-only.example. @10.53.0.2 -b 10.53.0.4 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "2001::2" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking default exclude acl A only lookup works ($n)" +echo_i "checking default exclude acl A only lookup works ($n)" ret=0 $DIG $DIGOPTS a-only.example. @10.53.0.2 -b 10.53.0.4 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "2001:bbbb::102:305" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking partially excluded only AAAA lookup works ($n)" +echo_i "checking partially excluded only AAAA lookup works ($n)" ret=0 $DIG $DIGOPTS partially-excluded-only.example. @10.53.0.2 -b 10.53.0.2 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "ANSWER: 1," dig.out.ns2.test$n > /dev/null || ret=1 grep "2001::3" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking partially-excluded AAAA and non-mapped A lookup works ($n)" +echo_i "checking partially-excluded AAAA and non-mapped A lookup works ($n)" ret=0 $DIG $DIGOPTS partially-excluded-bad-a.example. @10.53.0.2 -b 10.53.0.2 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "ANSWER: 1," dig.out.ns2.test$n > /dev/null || ret=1 grep "2001::2" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking partially-excluded only AAAA and mapped A lookup works ($n)" +echo_i "checking partially-excluded only AAAA and mapped A lookup works ($n)" ret=0 $DIG $DIGOPTS partially-excluded-good-a.example. @10.53.0.2 -b 10.53.0.2 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "ANSWER: 1," dig.out.ns2.test$n > /dev/null || ret=1 grep "2001::1" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking AAAA only lookup works ($n)" +echo_i "checking AAAA only lookup works ($n)" ret=0 $DIG $DIGOPTS aaaa-only.example. @10.53.0.2 -b 10.53.0.2 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "2001::2" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking A only lookup works ($n)" +echo_i "checking A only lookup works ($n)" ret=0 $DIG $DIGOPTS a-only.example. @10.53.0.2 -b 10.53.0.2 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "2001:aaaa::102:305" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking A and AAAA lookup works ($n)" +echo_i "checking A and AAAA lookup works ($n)" ret=0 $DIG $DIGOPTS a-and-aaaa.example. @10.53.0.2 -b 10.53.0.2 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "2001::1" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking non-mapped A lookup works ($n)" +echo_i "checking non-mapped A lookup works ($n)" ret=0 $DIG $DIGOPTS a-not-mapped.example. @10.53.0.2 -b 10.53.0.2 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "ANSWER: 0" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking NODATA AAAA lookup works ($n)" +echo_i "checking NODATA AAAA lookup works ($n)" ret=0 $DIG $DIGOPTS mx-only.example. @10.53.0.2 -b 10.53.0.2 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "ANSWER: 0" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking non-existent AAAA lookup works ($n)" +echo_i "checking non-existent AAAA lookup works ($n)" ret=0 $DIG $DIGOPTS non-existent.example. @10.53.0.2 -b 10.53.0.2 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NXDOMAIN" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking non-excluded AAAA via CNAME lookup works ($n)" +echo_i "checking non-excluded AAAA via CNAME lookup works ($n)" ret=0 $DIG $DIGOPTS cname-aaaa-only.example. @10.53.0.2 -b 10.53.0.2 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "2001::2" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking excluded only AAAA via CNAME lookup works ($n)" +echo_i "checking excluded only AAAA via CNAME lookup works ($n)" ret=0 $DIG $DIGOPTS cname-excluded-only.example. @10.53.0.2 -b 10.53.0.2 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "ANSWER: 1," dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking excluded AAAA and non-mapped A via CNAME lookup works ($n)" +echo_i "checking excluded AAAA and non-mapped A via CNAME lookup works ($n)" ret=0 $DIG $DIGOPTS cname-excluded-bad-a.example. @10.53.0.2 -b 10.53.0.2 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "ANSWER: 1," dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking excluded only AAAA and mapped A via CNAME lookup works ($n)" +echo_i "checking excluded only AAAA and mapped A via CNAME lookup works ($n)" ret=0 $DIG $DIGOPTS cname-excluded-good-a.example. @10.53.0.2 -b 10.53.0.2 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "2001:aaaa::1.2.3.4" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking AAAA only via CNAME lookup works ($n)" +echo_i "checking AAAA only via CNAME lookup works ($n)" ret=0 $DIG $DIGOPTS cname-aaaa-only.example. @10.53.0.2 -b 10.53.0.2 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "2001::2" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking A only via CNAME lookup works ($n)" +echo_i "checking A only via CNAME lookup works ($n)" ret=0 $DIG $DIGOPTS cname-a-only.example. @10.53.0.2 -b 10.53.0.2 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "2001:aaaa::102:305" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking A and AAAA via CNAME lookup works ($n)" +echo_i "checking A and AAAA via CNAME lookup works ($n)" ret=0 $DIG $DIGOPTS cname-a-and-aaaa.example. @10.53.0.2 -b 10.53.0.2 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "2001::1" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking non-mapped A via CNAME lookup works ($n)" +echo_i "checking non-mapped A via CNAME lookup works ($n)" ret=0 $DIG $DIGOPTS cname-a-not-mapped.example. @10.53.0.2 -b 10.53.0.2 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "ANSWER: 1," dig.out.ns2.test$n > /dev/null || ret=1 grep "CNAME a-not-mapped.example." dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking NODATA AAAA via CNAME lookup works ($n)" +echo_i "checking NODATA AAAA via CNAME lookup works ($n)" ret=0 $DIG $DIGOPTS cname-mx-only.example. @10.53.0.2 -b 10.53.0.2 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "ANSWER: 1," dig.out.ns2.test$n > /dev/null || ret=1 grep "CNAME mx-only.example." dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking non-existent AAAA via CNAME lookup works ($n)" +echo_i "checking non-existent AAAA via CNAME lookup works ($n)" ret=0 $DIG $DIGOPTS cname-non-existent.example. @10.53.0.2 -b 10.53.0.2 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NXDOMAIN" dig.out.ns2.test$n > /dev/null || ret=1 grep "ANSWER: 1," dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` # Check the example. domain recursive only -echo "I: checking non-excluded AAAA lookup works, recursive only ($n)" +echo_i "checking non-excluded AAAA lookup works, recursive only ($n)" ret=0 $DIG $DIGOPTS aaaa-only.example. @10.53.0.1 -b 10.53.0.1 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "2001::2" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking excluded only AAAA lookup works, recursive only ($n)" +echo_i "checking excluded only AAAA lookup works, recursive only ($n)" ret=0 $DIG $DIGOPTS excluded-only.example. @10.53.0.1 -b 10.53.0.1 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "ANSWER: 0," dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking excluded AAAA and non-mapped A lookup works, recursive only ($n)" +echo_i "checking excluded AAAA and non-mapped A lookup works, recursive only ($n)" ret=0 $DIG $DIGOPTS excluded-bad-a.example. @10.53.0.1 -b 10.53.0.1 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "ANSWER: 0," dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking excluded only AAAA and mapped A lookup works, recursive only ($n)" +echo_i "checking excluded only AAAA and mapped A lookup works, recursive only ($n)" ret=0 $DIG $DIGOPTS excluded-good-a.example. @10.53.0.1 -b 10.53.0.1 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "2001:bbbb::1.2.3.4" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking partially excluded only AAAA lookup works, recursive only ($n)" +echo_i "checking partially excluded only AAAA lookup works, recursive only ($n)" ret=0 $DIG $DIGOPTS partially-excluded-only.example. @10.53.0.1 -b 10.53.0.1 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "ANSWER: 1," dig.out.ns2.test$n > /dev/null || ret=1 grep "2001::3" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking partially-excluded AAAA and non-mapped A lookup works, recursive only ($n)" +echo_i "checking partially-excluded AAAA and non-mapped A lookup works, recursive only ($n)" ret=0 $DIG $DIGOPTS partially-excluded-bad-a.example. @10.53.0.1 -b 10.53.0.1 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "ANSWER: 1," dig.out.ns2.test$n > /dev/null || ret=1 grep "2001::2" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking partially-excluded only AAAA and mapped A lookup works, recursive only ($n)" +echo_i "checking partially-excluded only AAAA and mapped A lookup works, recursive only ($n)" ret=0 $DIG $DIGOPTS partially-excluded-good-a.example. @10.53.0.1 -b 10.53.0.1 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "ANSWER: 1," dig.out.ns2.test$n > /dev/null || ret=1 grep "2001::1" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking AAAA only lookup works, recursive only ($n)" +echo_i "checking AAAA only lookup works, recursive only ($n)" ret=0 $DIG $DIGOPTS aaaa-only.example. @10.53.0.1 -b 10.53.0.1 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "2001::2" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking A only lookup works, recursive only ($n)" +echo_i "checking A only lookup works, recursive only ($n)" ret=0 $DIG $DIGOPTS a-only.example. @10.53.0.1 -b 10.53.0.1 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "2001:bbbb::102:305" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking A and AAAA lookup works, recursive only ($n)" +echo_i "checking A and AAAA lookup works, recursive only ($n)" ret=0 $DIG $DIGOPTS a-and-aaaa.example. @10.53.0.1 -b 10.53.0.1 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "2001::1" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking non-mapped A lookup works, recursive only ($n)" +echo_i "checking non-mapped A lookup works, recursive only ($n)" ret=0 $DIG $DIGOPTS a-not-mapped.example. @10.53.0.1 -b 10.53.0.1 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "ANSWER: 0" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking NODATA AAAA lookup works, recursive only ($n)" +echo_i "checking NODATA AAAA lookup works, recursive only ($n)" ret=0 $DIG $DIGOPTS mx-only.example. @10.53.0.1 -b 10.53.0.1 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "ANSWER: 0" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking non-existent AAAA lookup works, recursive only ($n)" +echo_i "checking non-existent AAAA lookup works, recursive only ($n)" ret=0 $DIG $DIGOPTS non-existent.example. @10.53.0.1 -b 10.53.0.1 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NXDOMAIN" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking non-excluded AAAA via CNAME lookup works, recursive only ($n)" +echo_i "checking non-excluded AAAA via CNAME lookup works, recursive only ($n)" ret=0 $DIG $DIGOPTS cname-aaaa-only.example. @10.53.0.1 -b 10.53.0.1 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "2001::2" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking excluded only AAAA via CNAME lookup works, recursive only ($n)" +echo_i "checking excluded only AAAA via CNAME lookup works, recursive only ($n)" ret=0 $DIG $DIGOPTS cname-excluded-only.example. @10.53.0.1 -b 10.53.0.1 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "ANSWER: 1," dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking excluded AAAA and non-mapped A via CNAME lookup works, recursive only ($n)" +echo_i "checking excluded AAAA and non-mapped A via CNAME lookup works, recursive only ($n)" ret=0 $DIG $DIGOPTS cname-excluded-bad-a.example. @10.53.0.1 -b 10.53.0.1 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "ANSWER: 1," dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking excluded only AAAA and mapped A via CNAME lookup works, recursive only ($n)" +echo_i "checking excluded only AAAA and mapped A via CNAME lookup works, recursive only ($n)" ret=0 $DIG $DIGOPTS cname-excluded-good-a.example. @10.53.0.1 -b 10.53.0.1 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "ANSWER: 2," dig.out.ns2.test$n > /dev/null || ret=1 grep "2001:bbbb::102:304" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking AAAA only via CNAME lookup works, recursive only ($n)" +echo_i "checking AAAA only via CNAME lookup works, recursive only ($n)" ret=0 $DIG $DIGOPTS cname-aaaa-only.example. @10.53.0.1 -b 10.53.0.1 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "2001::2" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking A only via CNAME lookup works, recursive only ($n)" +echo_i "checking A only via CNAME lookup works, recursive only ($n)" ret=0 $DIG $DIGOPTS cname-a-only.example. @10.53.0.1 -b 10.53.0.1 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "2001:bbbb::102:305" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking A and AAAA via CNAME lookup works, recursive only ($n)" +echo_i "checking A and AAAA via CNAME lookup works, recursive only ($n)" ret=0 $DIG $DIGOPTS cname-a-and-aaaa.example. @10.53.0.1 -b 10.53.0.1 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "2001::1" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking non-mapped A via CNAME lookup works, recursive only ($n)" +echo_i "checking non-mapped A via CNAME lookup works, recursive only ($n)" ret=0 $DIG $DIGOPTS cname-a-not-mapped.example. @10.53.0.1 -b 10.53.0.1 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "ANSWER: 1," dig.out.ns2.test$n > /dev/null || ret=1 grep "CNAME a-not-mapped.example." dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking NODATA AAAA via CNAME lookup works, recursive only ($n)" +echo_i "checking NODATA AAAA via CNAME lookup works, recursive only ($n)" ret=0 $DIG $DIGOPTS cname-mx-only.example. @10.53.0.1 -b 10.53.0.1 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "ANSWER: 1," dig.out.ns2.test$n > /dev/null || ret=1 grep "CNAME mx-only.example." dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking non-existent AAAA via CNAME lookup works, recursive only ($n)" +echo_i "checking non-existent AAAA via CNAME lookup works, recursive only ($n)" ret=0 $DIG $DIGOPTS cname-non-existent.example. @10.53.0.1 -b 10.53.0.1 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NXDOMAIN" dig.out.ns2.test$n > /dev/null || ret=1 grep "ANSWER: 1," dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` # Check the example. domain recursive only w/o recursion -echo "I: checking non-excluded AAAA lookup works, recursive only +norec ($n)" +echo_i "checking non-excluded AAAA lookup works, recursive only +norec ($n)" ret=0 $DIG $DIGOPTS +norec aaaa-only.example. @10.53.0.1 -b 10.53.0.1 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "2001::2" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking excluded only AAAA lookup works, recursive only +norec ($n)" +echo_i "checking excluded only AAAA lookup works, recursive only +norec ($n)" ret=0 $DIG $DIGOPTS +norec excluded-only.example. @10.53.0.1 -b 10.53.0.1 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "ANSWER: 1," dig.out.ns2.test$n > /dev/null || ret=1 grep "2001:eeee::3" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking excluded AAAA and non-mapped A lookup works, recursive only +norec ($n)" +echo_i "checking excluded AAAA and non-mapped A lookup works, recursive only +norec ($n)" ret=0 $DIG $DIGOPTS +norec excluded-bad-a.example. @10.53.0.1 -b 10.53.0.1 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "ANSWER: 1," dig.out.ns2.test$n > /dev/null || ret=1 grep "2001:eeee::2" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking excluded only AAAA and mapped A lookup works, recursive only +norec ($n)" +echo_i "checking excluded only AAAA and mapped A lookup works, recursive only +norec ($n)" ret=0 $DIG $DIGOPTS +norec excluded-good-a.example. @10.53.0.1 -b 10.53.0.1 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "2001:eeee::1" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking partially excluded only AAAA lookup works, recursive only +norec ($n)" +echo_i "checking partially excluded only AAAA lookup works, recursive only +norec ($n)" ret=0 $DIG $DIGOPTS +norec partially-excluded-only.example. @10.53.0.1 -b 10.53.0.1 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 @@ -551,10 +549,10 @@ grep "ANSWER: 2," dig.out.ns2.test$n > /dev/null || ret=1 grep "2001:eeee:" dig.out.ns2.test$n > /dev/null || ret=1 grep "2001::3" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking partially-excluded AAAA and non-mapped A lookup works, recursive only +norec ($n)" +echo_i "checking partially-excluded AAAA and non-mapped A lookup works, recursive only +norec ($n)" ret=0 $DIG $DIGOPTS +norec partially-excluded-bad-a.example. @10.53.0.1 -b 10.53.0.1 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 @@ -562,10 +560,10 @@ grep "ANSWER: 2," dig.out.ns2.test$n > /dev/null || ret=1 grep "2001:eeee:" dig.out.ns2.test$n > /dev/null || ret=1 grep "2001::2" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking partially-excluded only AAAA and mapped A lookup works, recursive only +norec ($n)" +echo_i "checking partially-excluded only AAAA and mapped A lookup works, recursive only +norec ($n)" ret=0 $DIG $DIGOPTS +norec partially-excluded-good-a.example. @10.53.0.1 -b 10.53.0.1 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 @@ -573,724 +571,724 @@ grep "ANSWER: 2," dig.out.ns2.test$n > /dev/null || ret=1 grep "2001:eeee:" dig.out.ns2.test$n > /dev/null || ret=1 grep "2001::1" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking AAAA only lookup works, recursive only +norec ($n)" +echo_i "checking AAAA only lookup works, recursive only +norec ($n)" ret=0 $DIG $DIGOPTS +norec aaaa-only.example. @10.53.0.1 -b 10.53.0.1 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "2001::2" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking A only lookup works, recursive only +norec ($n)" +echo_i "checking A only lookup works, recursive only +norec ($n)" ret=0 $DIG $DIGOPTS +norec a-only.example. @10.53.0.1 -b 10.53.0.1 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "ANSWER: 0," dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking A and AAAA lookup works, recursive only +norec ($n)" +echo_i "checking A and AAAA lookup works, recursive only +norec ($n)" ret=0 $DIG $DIGOPTS +norec a-and-aaaa.example. @10.53.0.1 -b 10.53.0.1 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "2001::1" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking non-mapped A lookup works, recursive only +norec ($n)" +echo_i "checking non-mapped A lookup works, recursive only +norec ($n)" ret=0 $DIG $DIGOPTS +norec a-not-mapped.example. @10.53.0.1 -b 10.53.0.1 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "ANSWER: 0" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking NODATA AAAA lookup works, recursive only +norec ($n)" +echo_i "checking NODATA AAAA lookup works, recursive only +norec ($n)" ret=0 $DIG $DIGOPTS +norec mx-only.example. @10.53.0.1 -b 10.53.0.1 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "ANSWER: 0" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking non-existent AAAA lookup works, recursive only +norec ($n)" +echo_i "checking non-existent AAAA lookup works, recursive only +norec ($n)" ret=0 $DIG $DIGOPTS +norec non-existent.example. @10.53.0.1 -b 10.53.0.1 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NXDOMAIN" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking non-excluded AAAA via CNAME lookup works, recursive only +norec ($n)" +echo_i "checking non-excluded AAAA via CNAME lookup works, recursive only +norec ($n)" ret=0 $DIG $DIGOPTS +norec cname-aaaa-only.example. @10.53.0.1 -b 10.53.0.1 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "2001::2" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking excluded only AAAA via CNAME lookup works, recursive only +norec ($n)" +echo_i "checking excluded only AAAA via CNAME lookup works, recursive only +norec ($n)" ret=0 $DIG $DIGOPTS +norec cname-excluded-only.example. @10.53.0.1 -b 10.53.0.1 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "ANSWER: 2," dig.out.ns2.test$n > /dev/null || ret=1 grep "2001:eeee::3" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking excluded AAAA and non-mapped A via CNAME lookup works, recursive only +norec ($n)" +echo_i "checking excluded AAAA and non-mapped A via CNAME lookup works, recursive only +norec ($n)" ret=0 $DIG $DIGOPTS +norec cname-excluded-bad-a.example. @10.53.0.1 -b 10.53.0.1 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "ANSWER: 2," dig.out.ns2.test$n > /dev/null || ret=1 grep "2001:eeee::2" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking excluded only AAAA and mapped A via CNAME lookup works, recursive only +norec ($n)" +echo_i "checking excluded only AAAA and mapped A via CNAME lookup works, recursive only +norec ($n)" ret=0 $DIG $DIGOPTS +norec cname-excluded-good-a.example. @10.53.0.1 -b 10.53.0.1 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "ANSWER: 2," dig.out.ns2.test$n > /dev/null || ret=1 grep "2001:eeee::1" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking AAAA only via CNAME lookup works, recursive only +norec ($n)" +echo_i "checking AAAA only via CNAME lookup works, recursive only +norec ($n)" ret=0 $DIG $DIGOPTS +norec cname-aaaa-only.example. @10.53.0.1 -b 10.53.0.1 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "2001::2" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking A only via CNAME lookup works, recursive only +norec ($n)" +echo_i "checking A only via CNAME lookup works, recursive only +norec ($n)" ret=0 $DIG $DIGOPTS +norec cname-a-only.example. @10.53.0.1 -b 10.53.0.1 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "ANSWER: 1," dig.out.ns2.test$n > /dev/null || ret=1 grep "CNAME a-only.example." dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking A and AAAA via CNAME lookup works, recursive only +norec ($n)" +echo_i "checking A and AAAA via CNAME lookup works, recursive only +norec ($n)" ret=0 $DIG $DIGOPTS +norec cname-a-and-aaaa.example. @10.53.0.1 -b 10.53.0.1 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "2001::1" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking non-mapped A via CNAME lookup works, recursive only +norec ($n)" +echo_i "checking non-mapped A via CNAME lookup works, recursive only +norec ($n)" ret=0 $DIG $DIGOPTS +norec cname-a-not-mapped.example. @10.53.0.1 -b 10.53.0.1 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "ANSWER: 1," dig.out.ns2.test$n > /dev/null || ret=1 grep "CNAME a-not-mapped.example." dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking NODATA AAAA via CNAME lookup works, recursive only +norec ($n)" +echo_i "checking NODATA AAAA via CNAME lookup works, recursive only +norec ($n)" ret=0 $DIG $DIGOPTS +norec cname-mx-only.example. @10.53.0.1 -b 10.53.0.1 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "ANSWER: 1," dig.out.ns2.test$n > /dev/null || ret=1 grep "CNAME mx-only.example." dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking non-existent AAAA via CNAME lookup works, recursive only +norec ($n)" +echo_i "checking non-existent AAAA via CNAME lookup works, recursive only +norec ($n)" ret=0 $DIG $DIGOPTS +norec cname-non-existent.example. @10.53.0.1 -b 10.53.0.1 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NXDOMAIN" dig.out.ns2.test$n > /dev/null || ret=1 grep "ANSWER: 1," dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` # Check the example. domain from non client -echo "I: checking non-excluded AAAA from non-client lookup works ($n)" +echo_i "checking non-excluded AAAA from non-client lookup works ($n)" ret=0 $DIG $DIGOPTS aaaa-only.example. @10.53.0.2 -b 10.53.0.3 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "2001::2" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking excluded only AAAA from non-client lookup works ($n)" +echo_i "checking excluded only AAAA from non-client lookup works ($n)" ret=0 $DIG $DIGOPTS excluded-only.example. @10.53.0.2 -b 10.53.0.3 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "2001:eeee::3" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking excluded AAAA and non-mapped A from non-client lookup works ($n)" +echo_i "checking excluded AAAA and non-mapped A from non-client lookup works ($n)" ret=0 $DIG $DIGOPTS excluded-bad-a.example. @10.53.0.2 -b 10.53.0.3 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "2001:eeee::2" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking excluded only AAAA and mapped A from non-client lookup works ($n)" +echo_i "checking excluded only AAAA and mapped A from non-client lookup works ($n)" ret=0 $DIG $DIGOPTS excluded-good-a.example. @10.53.0.2 -b 10.53.0.3 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "2001:eeee::1" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking AAAA only from non-client lookup works ($n)" +echo_i "checking AAAA only from non-client lookup works ($n)" ret=0 $DIG $DIGOPTS aaaa-only.example. @10.53.0.2 -b 10.53.0.3 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "2001::2" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking A only from non-client lookup works ($n)" +echo_i "checking A only from non-client lookup works ($n)" ret=0 $DIG $DIGOPTS a-only.example. @10.53.0.2 -b 10.53.0.3 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "ANSWER: 0" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking A and AAAA from non-client lookup works ($n)" +echo_i "checking A and AAAA from non-client lookup works ($n)" ret=0 $DIG $DIGOPTS a-and-aaaa.example. @10.53.0.2 -b 10.53.0.3 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "2001::1" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking non-mapped A from non-client lookup works ($n)" +echo_i "checking non-mapped A from non-client lookup works ($n)" ret=0 $DIG $DIGOPTS a-not-mapped.example. @10.53.0.2 -b 10.53.0.3 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "ANSWER: 0" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking NODATA AAAA from non-client lookup works ($n)" +echo_i "checking NODATA AAAA from non-client lookup works ($n)" ret=0 $DIG $DIGOPTS mx-only.example. @10.53.0.2 -b 10.53.0.3 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "ANSWER: 0" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking non-existent AAAA from non-client lookup works ($n)" +echo_i "checking non-existent AAAA from non-client lookup works ($n)" ret=0 $DIG $DIGOPTS non-existent.example. @10.53.0.2 -b 10.53.0.3 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NXDOMAIN" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking non-excluded AAAA via CNAME from non-client lookup works ($n)" +echo_i "checking non-excluded AAAA via CNAME from non-client lookup works ($n)" ret=0 $DIG $DIGOPTS cname-aaaa-only.example. @10.53.0.2 -b 10.53.0.3 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "2001::2" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking excluded only AAAA via CNAME from non-client lookup works ($n)" +echo_i "checking excluded only AAAA via CNAME from non-client lookup works ($n)" ret=0 $DIG $DIGOPTS cname-excluded-only.example. @10.53.0.2 -b 10.53.0.3 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "2001:eeee::3" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking excluded AAAA and non-mapped A via CNAME from non-client lookup works ($n)" +echo_i "checking excluded AAAA and non-mapped A via CNAME from non-client lookup works ($n)" ret=0 $DIG $DIGOPTS cname-excluded-bad-a.example. @10.53.0.2 -b 10.53.0.3 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "2001:eeee::2" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking excluded only AAAA and mapped A via CNAME from non-client lookup works ($n)" +echo_i "checking excluded only AAAA and mapped A via CNAME from non-client lookup works ($n)" ret=0 $DIG $DIGOPTS cname-excluded-good-a.example. @10.53.0.2 -b 10.53.0.3 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "2001:eeee::1" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking AAAA only via CNAME from non-client lookup works ($n)" +echo_i "checking AAAA only via CNAME from non-client lookup works ($n)" ret=0 $DIG $DIGOPTS cname-aaaa-only.example. @10.53.0.2 -b 10.53.0.3 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "2001::2" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking A only via CNAME from non-client lookup works ($n)" +echo_i "checking A only via CNAME from non-client lookup works ($n)" ret=0 $DIG $DIGOPTS cname-a-only.example. @10.53.0.2 -b 10.53.0.3 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "ANSWER: 1," dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking A and AAAA via CNAME from non-client lookup works ($n)" +echo_i "checking A and AAAA via CNAME from non-client lookup works ($n)" ret=0 $DIG $DIGOPTS cname-a-and-aaaa.example. @10.53.0.2 -b 10.53.0.3 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "2001::1" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking non-mapped A via CNAME from non-client lookup works ($n)" +echo_i "checking non-mapped A via CNAME from non-client lookup works ($n)" ret=0 $DIG $DIGOPTS cname-a-not-mapped.example. @10.53.0.2 -b 10.53.0.3 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "ANSWER: 1," dig.out.ns2.test$n > /dev/null || ret=1 grep "CNAME a-not-mapped.example." dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking NODATA AAAA via CNAME from non-client lookup works ($n)" +echo_i "checking NODATA AAAA via CNAME from non-client lookup works ($n)" ret=0 $DIG $DIGOPTS cname-mx-only.example. @10.53.0.2 -b 10.53.0.3 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "ANSWER: 1," dig.out.ns2.test$n > /dev/null || ret=1 grep "CNAME mx-only.example." dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking non-existent AAAA via CNAME from non-client lookup works ($n)" +echo_i "checking non-existent AAAA via CNAME from non-client lookup works ($n)" ret=0 $DIG $DIGOPTS cname-non-existent.example. @10.53.0.2 -b 10.53.0.3 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NXDOMAIN" dig.out.ns2.test$n > /dev/null || ret=1 grep "ANSWER: 1," dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` # Check the signed. domain -echo "I: checking non-excluded AAAA lookup is signed zone works ($n)" +echo_i "checking non-excluded AAAA lookup is signed zone works ($n)" ret=0 $DIG $DIGOPTS aaaa-only.signed. @10.53.0.2 -b 10.53.0.2 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "2001::2" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking excluded only AAAA lookup is signed zone works ($n)" +echo_i "checking excluded only AAAA lookup is signed zone works ($n)" ret=0 $DIG $DIGOPTS excluded-only.signed. @10.53.0.2 -b 10.53.0.2 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "ANSWER: 0," dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking excluded AAAA and non-mapped A lookup is signed zone works ($n)" +echo_i "checking excluded AAAA and non-mapped A lookup is signed zone works ($n)" ret=0 $DIG $DIGOPTS excluded-bad-a.signed. @10.53.0.2 -b 10.53.0.2 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "ANSWER: 0," dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking excluded only AAAA and mapped A lookup is signed zone works ($n)" +echo_i "checking excluded only AAAA and mapped A lookup is signed zone works ($n)" ret=0 $DIG $DIGOPTS excluded-good-a.signed. @10.53.0.2 -b 10.53.0.2 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "2001:aaaa::102:304" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking AAAA only lookup is signed zone works ($n)" +echo_i "checking AAAA only lookup is signed zone works ($n)" ret=0 $DIG $DIGOPTS aaaa-only.signed. @10.53.0.2 -b 10.53.0.2 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "2001::2" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking A only lookup is signed zone works ($n)" +echo_i "checking A only lookup is signed zone works ($n)" ret=0 $DIG $DIGOPTS a-only.signed. @10.53.0.2 -b 10.53.0.2 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "2001:aaaa::102:305" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking A and AAAA lookup is signed zone works ($n)" +echo_i "checking A and AAAA lookup is signed zone works ($n)" ret=0 $DIG $DIGOPTS a-and-aaaa.signed. @10.53.0.2 -b 10.53.0.2 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "2001::1" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking non-mapped A lookup is signed zone works ($n)" +echo_i "checking non-mapped A lookup is signed zone works ($n)" ret=0 $DIG $DIGOPTS a-not-mapped.signed. @10.53.0.2 -b 10.53.0.2 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "ANSWER: 0" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking NODATA AAAA lookup is signed zone works ($n)" +echo_i "checking NODATA AAAA lookup is signed zone works ($n)" ret=0 $DIG $DIGOPTS mx-only.signed. @10.53.0.2 -b 10.53.0.2 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "ANSWER: 0" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking non-existent AAAA lookup is signed zone works ($n)" +echo_i "checking non-existent AAAA lookup is signed zone works ($n)" ret=0 $DIG $DIGOPTS non-existent.signed. @10.53.0.2 -b 10.53.0.2 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NXDOMAIN" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking non-excluded AAAA via CNAME lookup is signed zone works ($n)" +echo_i "checking non-excluded AAAA via CNAME lookup is signed zone works ($n)" ret=0 $DIG $DIGOPTS cname-aaaa-only.signed. @10.53.0.2 -b 10.53.0.2 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "2001::2" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking excluded only AAAA via CNAME lookup is signed zone works ($n)" +echo_i "checking excluded only AAAA via CNAME lookup is signed zone works ($n)" ret=0 $DIG $DIGOPTS cname-excluded-only.signed. @10.53.0.2 -b 10.53.0.2 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "ANSWER: 1," dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking excluded AAAA and non-mapped A via CNAME lookup is signed zone works ($n)" +echo_i "checking excluded AAAA and non-mapped A via CNAME lookup is signed zone works ($n)" ret=0 $DIG $DIGOPTS cname-excluded-bad-a.signed. @10.53.0.2 -b 10.53.0.2 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "ANSWER: 1," dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking excluded only AAAA and mapped A via CNAME lookup is signed zone works ($n)" +echo_i "checking excluded only AAAA and mapped A via CNAME lookup is signed zone works ($n)" ret=0 $DIG $DIGOPTS cname-excluded-good-a.signed. @10.53.0.2 -b 10.53.0.2 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "2001:aaaa::102:304" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking AAAA only via CNAME lookup is signed zone works ($n)" +echo_i "checking AAAA only via CNAME lookup is signed zone works ($n)" ret=0 $DIG $DIGOPTS cname-aaaa-only.signed. @10.53.0.2 -b 10.53.0.2 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "2001::2" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking A only via CNAME lookup is signed zone works ($n)" +echo_i "checking A only via CNAME lookup is signed zone works ($n)" ret=0 $DIG $DIGOPTS cname-a-only.signed. @10.53.0.2 -b 10.53.0.2 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "2001:aaaa::102:305" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking A and AAAA via CNAME lookup is signed zone works ($n)" +echo_i "checking A and AAAA via CNAME lookup is signed zone works ($n)" ret=0 $DIG $DIGOPTS cname-a-and-aaaa.signed. @10.53.0.2 -b 10.53.0.2 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "2001::1" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking non-mapped A via CNAME lookup is signed zone works ($n)" +echo_i "checking non-mapped A via CNAME lookup is signed zone works ($n)" ret=0 $DIG $DIGOPTS cname-a-not-mapped.signed. @10.53.0.2 -b 10.53.0.2 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "ANSWER: 1," dig.out.ns2.test$n > /dev/null || ret=1 grep "CNAME a-not-mapped.signed." dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking NODATA AAAA via CNAME lookup is signed zone works ($n)" +echo_i "checking NODATA AAAA via CNAME lookup is signed zone works ($n)" ret=0 $DIG $DIGOPTS cname-mx-only.signed. @10.53.0.2 -b 10.53.0.2 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "ANSWER: 1," dig.out.ns2.test$n > /dev/null || ret=1 grep "CNAME mx-only.signed." dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking non-existent AAAA via CNAME lookup is signed zone works ($n)" +echo_i "checking non-existent AAAA via CNAME lookup is signed zone works ($n)" ret=0 $DIG $DIGOPTS cname-non-existent.signed. @10.53.0.2 -b 10.53.0.2 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NXDOMAIN" dig.out.ns2.test$n > /dev/null || ret=1 grep "ANSWER: 1," dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` # Check the signed. domain -echo "I: checking non-excluded AAAA lookup is signed zone works with +dnssec ($n)" +echo_i "checking non-excluded AAAA lookup is signed zone works with +dnssec ($n)" ret=0 $DIG $DIGOPTS +dnssec aaaa-only.signed. @10.53.0.2 -b 10.53.0.2 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "2001::2" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking excluded only AAAA lookup is signed zone works with +dnssec ($n)" +echo_i "checking excluded only AAAA lookup is signed zone works with +dnssec ($n)" ret=0 $DIG $DIGOPTS +dnssec excluded-only.signed. @10.53.0.2 -b 10.53.0.2 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "2001:eeee::3" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking excluded AAAA and non-mapped A lookup is signed zone works with +dnssec ($n)" +echo_i "checking excluded AAAA and non-mapped A lookup is signed zone works with +dnssec ($n)" ret=0 $DIG $DIGOPTS +dnssec excluded-bad-a.signed. @10.53.0.2 -b 10.53.0.2 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "2001:eeee::2" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking excluded only AAAA and mapped A lookup is signed zone works with +dnssec ($n)" +echo_i "checking excluded only AAAA and mapped A lookup is signed zone works with +dnssec ($n)" ret=0 $DIG $DIGOPTS +dnssec excluded-good-a.signed. @10.53.0.2 -b 10.53.0.2 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "2001:eeee::1" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking AAAA only lookup is signed zone works with +dnssec ($n)" +echo_i "checking AAAA only lookup is signed zone works with +dnssec ($n)" ret=0 $DIG $DIGOPTS +dnssec aaaa-only.signed. @10.53.0.2 -b 10.53.0.2 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "2001::2" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking A only lookup is signed zone works with +dnssec ($n)" +echo_i "checking A only lookup is signed zone works with +dnssec ($n)" ret=0 $DIG $DIGOPTS +dnssec a-only.signed. @10.53.0.2 -b 10.53.0.2 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "ANSWER: 0," dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking A and AAAA lookup is signed zone works with +dnssec ($n)" +echo_i "checking A and AAAA lookup is signed zone works with +dnssec ($n)" ret=0 $DIG $DIGOPTS +dnssec a-and-aaaa.signed. @10.53.0.2 -b 10.53.0.2 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "2001::1" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking non-mapped A lookup is signed zone works with +dnssec ($n)" +echo_i "checking non-mapped A lookup is signed zone works with +dnssec ($n)" ret=0 $DIG $DIGOPTS +dnssec a-not-mapped.signed. @10.53.0.2 -b 10.53.0.2 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "ANSWER: 0" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking NODATA AAAA lookup is signed zone works with +dnssec ($n)" +echo_i "checking NODATA AAAA lookup is signed zone works with +dnssec ($n)" ret=0 $DIG $DIGOPTS +dnssec mx-only.signed. @10.53.0.2 -b 10.53.0.2 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "ANSWER: 0" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking non-existent AAAA lookup is signed zone works with +dnssec ($n)" +echo_i "checking non-existent AAAA lookup is signed zone works with +dnssec ($n)" ret=0 $DIG $DIGOPTS +dnssec non-existent.signed. @10.53.0.2 -b 10.53.0.2 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NXDOMAIN" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking non-excluded AAAA via CNAME lookup is signed zone works with +dnssec ($n)" +echo_i "checking non-excluded AAAA via CNAME lookup is signed zone works with +dnssec ($n)" ret=0 $DIG $DIGOPTS +dnssec cname-aaaa-only.signed. @10.53.0.2 -b 10.53.0.2 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "2001::2" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking excluded only AAAA via CNAME lookup is signed zone works with +dnssec ($n)" +echo_i "checking excluded only AAAA via CNAME lookup is signed zone works with +dnssec ($n)" ret=0 $DIG $DIGOPTS +dnssec cname-excluded-only.signed. @10.53.0.2 -b 10.53.0.2 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "2001:eeee::3" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking excluded AAAA and non-mapped A via CNAME lookup is signed zone works with +dnssec ($n)" +echo_i "checking excluded AAAA and non-mapped A via CNAME lookup is signed zone works with +dnssec ($n)" ret=0 $DIG $DIGOPTS +dnssec cname-excluded-bad-a.signed. @10.53.0.2 -b 10.53.0.2 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "2001:eeee::2" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking excluded only AAAA and mapped A via CNAME lookup is signed zone works with +dnssec ($n)" +echo_i "checking excluded only AAAA and mapped A via CNAME lookup is signed zone works with +dnssec ($n)" ret=0 $DIG $DIGOPTS +dnssec cname-excluded-good-a.signed. @10.53.0.2 -b 10.53.0.2 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "2001:eeee::1" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking AAAA only via CNAME lookup is signed zone works with +dnssec ($n)" +echo_i "checking AAAA only via CNAME lookup is signed zone works with +dnssec ($n)" ret=0 $DIG $DIGOPTS +dnssec cname-aaaa-only.signed. @10.53.0.2 -b 10.53.0.2 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "2001::2" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking A only via CNAME lookup is signed zone works with +dnssec ($n)" +echo_i "checking A only via CNAME lookup is signed zone works with +dnssec ($n)" ret=0 $DIG $DIGOPTS +dnssec cname-a-only.signed. @10.53.0.2 -b 10.53.0.2 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "ANSWER: 2," dig.out.ns2.test$n > /dev/null || ret=1 grep "2001:aaaa::102:305" dig.out.ns2.test$n > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking A and AAAA via CNAME lookup is signed zone works with +dnssec ($n)" +echo_i "checking A and AAAA via CNAME lookup is signed zone works with +dnssec ($n)" ret=0 $DIG $DIGOPTS +dnssec cname-a-and-aaaa.signed. @10.53.0.2 -b 10.53.0.2 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "2001::1" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking non-mapped A via CNAME lookup is signed zone works with +dnssec ($n)" +echo_i "checking non-mapped A via CNAME lookup is signed zone works with +dnssec ($n)" ret=0 $DIG $DIGOPTS +dnssec cname-a-not-mapped.signed. @10.53.0.2 -b 10.53.0.2 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "ANSWER: 2" dig.out.ns2.test$n > /dev/null || ret=1 grep "CNAME a-not-mapped.signed." dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking NODATA AAAA via CNAME lookup is signed zone works with +dnssec ($n)" +echo_i "checking NODATA AAAA via CNAME lookup is signed zone works with +dnssec ($n)" ret=0 $DIG $DIGOPTS +dnssec cname-mx-only.signed. @10.53.0.2 -b 10.53.0.2 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "ANSWER: 2," dig.out.ns2.test$n > /dev/null || ret=1 grep "CNAME mx-only.signed." dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking non-existent AAAA via CNAME lookup is signed zone works with +dnssec ($n)" +echo_i "checking non-existent AAAA via CNAME lookup is signed zone works with +dnssec ($n)" ret=0 $DIG $DIGOPTS +dnssec cname-non-existent.signed. @10.53.0.2 -b 10.53.0.2 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NXDOMAIN" dig.out.ns2.test$n > /dev/null || ret=1 grep "ANSWER: 2," dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking reverse mapping ($n)" +echo_i "checking reverse mapping ($n)" ret=0 $DIG $DIGOPTS -x 2001:aaaa::10.0.0.1 @10.53.0.2 > dig.out.ns2.test$n || ret=1 grep -i "CNAME.1.0.0.10.IN-ADDR.ARPA.$" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` list=`$DIG $DIGOPTS -b 10.53.0.6 @10.53.0.2 +short aaaa a-only.example | sort` for a in $list do ret=0 - echo "I: checking reverse mapping of $a ($n)" + echo_i "checking reverse mapping of $a ($n)" $DIG $DIGOPTS -x $a @10.53.0.2 > dig.out.ns2.test$n || ret=1 grep -i "CNAME.5.3.2.1.IN-ADDR.ARPA." dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` done @@ -1301,103 +1299,103 @@ fin=`expr "${rev}" : "............${regex}"` while test "${rev}" != "${fin}" do ret=0 - echo "I: checking $rev ($n)" + echo_i "checking $rev ($n)" $DIG $DIGOPTS $rev ptr @10.53.0.2 > dig.out.ns2.test$n || ret=1 grep -i "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep -i "ANSWER: 0," dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` rev=`expr "${rev}" : "${regex}"` done -echo "I: checking dns64-server and dns64-contact ($n)" +echo_i "checking dns64-server and dns64-contact ($n)" ret=0 $DIG $DIGOPTS soa 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.a.a.a.a.1.0.0.2.ip6.arpa @10.53.0.2 > dig.out.ns2.test$n || ret=1 grep "SOA.dns64.example.net..hostmaster.example.net." dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking TTL less than 600 from zone ($n)" +echo_i "checking TTL less than 600 from zone ($n)" ret=0 #expect 500 $DIG $DIGOPTS aaaa ttl-less-than-600.example +rec @10.53.0.1 > dig.out.ns1.test$n || ret=1 grep -i "ttl-less-than-600.example..500.IN.AAAA" dig.out.ns1.test$n >/dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking TTL more than 600 from zone ($n)" +echo_i "checking TTL more than 600 from zone ($n)" ret=0 #expect 700 $DIG $DIGOPTS aaaa ttl-more-than-600.example +rec @10.53.0.1 > dig.out.ns1.test$n || ret=1 grep -i "ttl-more-than-600.example..700.IN.AAAA" dig.out.ns1.test$n >/dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking TTL less than minimum from zone ($n)" +echo_i "checking TTL less than minimum from zone ($n)" ret=0 #expect 1100 $DIG $DIGOPTS aaaa ttl-less-than-minimum.example +rec @10.53.0.1 > dig.out.ns1.test$n || ret=1 grep -i "ttl-less-than-minimum.example..1100.IN.AAAA" dig.out.ns1.test$n >/dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking TTL limited to minimum from zone ($n)" +echo_i "checking TTL limited to minimum from zone ($n)" ret=0 #expect 1200 $DIG $DIGOPTS aaaa ttl-more-than-minimum.example +rec @10.53.0.1 > dig.out.ns1.test$n || ret=1 grep -i "ttl-more-than-minimum.example..1200.IN.AAAA" dig.out.ns1.test$n >/dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking TTL less than 600 via cache ($n)" +echo_i "checking TTL less than 600 via cache ($n)" ret=0 #expect 500 $DIG $DIGOPTS aaaa ttl-less-than-600.example +rec -b 10.53.0.2 @10.53.0.2 > dig.out.ns1.test$n || ret=1 grep -i "ttl-less-than-600.example..500.IN.AAAA" dig.out.ns1.test$n >/dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking TTL more than 600 via cache ($n)" +echo_i "checking TTL more than 600 via cache ($n)" ret=0 #expect 700 $DIG $DIGOPTS aaaa ttl-more-than-600.example +rec -b 10.53.0.2 @10.53.0.2 > dig.out.ns2.test$n || ret=1 grep -i "ttl-more-than-600.example..700.IN.AAAA" dig.out.ns2.test$n >/dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking TTL less than minimum via cache ($n)" +echo_i "checking TTL less than minimum via cache ($n)" ret=0 #expect 1100 $DIG $DIGOPTS aaaa ttl-less-than-minimum.example +rec -b 10.53.0.2 @10.53.0.2 > dig.out.ns2.test$n || ret=1 grep -i "ttl-less-than-minimum.example..1100.IN.AAAA" dig.out.ns2.test$n >/dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking TTL limited to minimum via cache ($n)" +echo_i "checking TTL limited to minimum via cache ($n)" ret=0 #expect 1200 $DIG $DIGOPTS aaaa ttl-more-than-minimum.example +rec -b 10.53.0.2 @10.53.0.2 > dig.out.ns2.test$n || ret=1 grep -i "ttl-more-than-minimum.example..1200.IN.AAAA" dig.out.ns2.test$n >/dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking synthesis of AAAA from RPZ-remapped A ($n)" +echo_i "checking synthesis of AAAA from RPZ-remapped A ($n)" ret=0 $DIG $DIGOPTS aaaa rpz.example +rec -b 10.53.0.7 @10.53.0.2 > dig.out.ns2.test$n || ret=1 grep -i 'rpz.example.*IN.AAAA.2001:96::a0a:a0a' dig.out.ns2.test$n >/dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:exit status: $status" +echo_i "exit status: $status" [ $status -eq 0 ] || exit 1 diff --git a/bin/tests/system/dnssec/clean.sh b/bin/tests/system/dnssec/clean.sh index 5abf6250b3..05c5d9dff0 100644 --- a/bin/tests/system/dnssec/clean.sh +++ b/bin/tests/system/dnssec/clean.sh @@ -10,6 +10,7 @@ rm -f */K* */keyset-* */dsset-* */dlvset-* */signedkey-* */*.signed rm -f */example.bk rm -f */named.memstats rm -f */named.run +rm -f */named.conf rm -f */named.secroots rm -f */tmp* */*.jnl */*.bk */*.jbk rm -f */trusted.conf */managed.conf */revoked.conf @@ -75,8 +76,6 @@ rm -f ns3/ttlpatch.example.db ns3/ttlpatch.example.db.signed rm -f ns3/ttlpatch.example.db.patched rm -f ns3/unsecure.example.db ns3/bogus.example.db ns3/keyless.example.db rm -f ns4/managed-keys.bind* -rm -f ns4/named.conf -rm -f ns4/named.conf ns5/named.conf rm -f ns4/named_dump.db rm -f ns6/optout-tld.db rm -f ns7/multiple.example.bk ns7/nsec3.example.bk ns7/optout.example.bk diff --git a/bin/tests/system/dnssec/dnssec_update_test.pl b/bin/tests/system/dnssec/dnssec_update_test.pl index 721f8b8973..a9e988d94b 100644 --- a/bin/tests/system/dnssec/dnssec_update_test.pl +++ b/bin/tests/system/dnssec/dnssec_update_test.pl @@ -23,8 +23,6 @@ # # perl -MCPAN -e "install Net::DNS" # -# $Id: dnssec_update_test.pl,v 1.7 2010/08/13 23:47:03 tbox Exp $ -# use Getopt::Std; use Net::DNS; @@ -51,7 +49,7 @@ my $failures = 0; sub assert { my ($cond, $explanation) = @_; if (!$cond) { - print "I:Test Failed: $explanation ***\n"; + print "Test Failed: $explanation ***\n"; $failures++ } } @@ -72,13 +70,13 @@ sub test { my $rcode = $reply->header->rcode; assert($rcode eq $expected, "expected $expected, got $rcode"); } else { - print "I:Update failed: ", $res->errorstring, "\n"; + print "Update failed: ", $res->errorstring, "\n"; } } sub section { my ($msg) = @_; - print "I:$msg\n"; + print "$msg\n"; } section("Add a name"); @@ -88,9 +86,9 @@ section("Delete the name"); test("NOERROR", ["update", rr_del("a.$zone")]); if ($failures) { - print "I:$failures update tests failed.\n"; + print "$failures update tests failed.\n"; } else { - print "I:All update tests successful.\n"; + print "All update tests successful.\n"; } exit $failures; diff --git a/bin/tests/system/dnssec/ns1/named.conf b/bin/tests/system/dnssec/ns1/named.conf.in similarity index 94% rename from bin/tests/system/dnssec/ns1/named.conf rename to bin/tests/system/dnssec/ns1/named.conf.in index d2d754b4eb..479b63a259 100644 --- a/bin/tests/system/dnssec/ns1/named.conf +++ b/bin/tests/system/dnssec/ns1/named.conf.in @@ -8,13 +8,11 @@ // NS1 -controls { /* empty */ }; - options { query-source address 10.53.0.1; notify-source 10.53.0.1; transfer-source 10.53.0.1; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.1; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/dnssec/ns2/named.conf b/bin/tests/system/dnssec/ns2/named.conf.in similarity index 98% rename from bin/tests/system/dnssec/ns2/named.conf rename to bin/tests/system/dnssec/ns2/named.conf.in index 3a22345d88..d4d8812dde 100644 --- a/bin/tests/system/dnssec/ns2/named.conf +++ b/bin/tests/system/dnssec/ns2/named.conf.in @@ -8,13 +8,11 @@ // NS2 -controls { /* empty */ }; - options { query-source address 10.53.0.2; notify-source 10.53.0.2; transfer-source 10.53.0.2; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.2; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/dnssec/ns3/named.conf b/bin/tests/system/dnssec/ns3/named.conf.in similarity index 98% rename from bin/tests/system/dnssec/ns3/named.conf rename to bin/tests/system/dnssec/ns3/named.conf.in index f330359211..637f0005d5 100644 --- a/bin/tests/system/dnssec/ns3/named.conf +++ b/bin/tests/system/dnssec/ns3/named.conf.in @@ -8,13 +8,11 @@ // NS3 -controls { /* empty */ }; - options { query-source address 10.53.0.3; notify-source 10.53.0.3; transfer-source 10.53.0.3; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.3; }; listen-on-v6 { none; }; @@ -32,7 +30,7 @@ key rndc_key { }; controls { - inet 10.53.0.3 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.3 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; zone "." { diff --git a/bin/tests/system/dnssec/ns4/named1.conf b/bin/tests/system/dnssec/ns4/named1.conf.in similarity index 92% rename from bin/tests/system/dnssec/ns4/named1.conf rename to bin/tests/system/dnssec/ns4/named1.conf.in index 6caaff7baa..7635cd7e19 100644 --- a/bin/tests/system/dnssec/ns4/named1.conf +++ b/bin/tests/system/dnssec/ns4/named1.conf.in @@ -8,13 +8,11 @@ // NS4 -controls { /* empty */ }; - options { query-source address 10.53.0.4 dscp 1; notify-source 10.53.0.4 dscp 2; transfer-source 10.53.0.4 dscp 3; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.4; }; listen-on-v6 { none; }; @@ -41,7 +39,7 @@ key rndc_key { }; controls { - inet 10.53.0.4 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.4 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; zone "." { diff --git a/bin/tests/system/dnssec/ns4/named2.conf b/bin/tests/system/dnssec/ns4/named2.conf.in similarity index 88% rename from bin/tests/system/dnssec/ns4/named2.conf rename to bin/tests/system/dnssec/ns4/named2.conf.in index 88db76c29c..4a6bd41ea2 100644 --- a/bin/tests/system/dnssec/ns4/named2.conf +++ b/bin/tests/system/dnssec/ns4/named2.conf.in @@ -8,14 +8,12 @@ // NS4 -controls { /* empty */ }; - options { query-source address 10.53.0.4 dscp 4; notify-source 10.53.0.4 dscp 5; transfer-source 10.53.0.4 dscp 6; dscp 16; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.4; }; listen-on-v6 { none; }; @@ -32,7 +30,7 @@ key rndc_key { }; controls { - inet 10.53.0.4 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.4 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; zone "." { diff --git a/bin/tests/system/dnssec/ns4/named3.conf b/bin/tests/system/dnssec/ns4/named3.conf.in similarity index 88% rename from bin/tests/system/dnssec/ns4/named3.conf rename to bin/tests/system/dnssec/ns4/named3.conf.in index 9798976912..0df51edaac 100644 --- a/bin/tests/system/dnssec/ns4/named3.conf +++ b/bin/tests/system/dnssec/ns4/named3.conf.in @@ -8,13 +8,11 @@ // NS4 -controls { /* empty */ }; - options { query-source address 10.53.0.4; notify-source 10.53.0.4; transfer-source 10.53.0.4; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.4; }; listen-on-v6 { none; }; @@ -32,7 +30,7 @@ key rndc_key { }; controls { - inet 10.53.0.4 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.4 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; zone "." { diff --git a/bin/tests/system/dnssec/ns4/named4.conf b/bin/tests/system/dnssec/ns4/named4.conf.in similarity index 92% rename from bin/tests/system/dnssec/ns4/named4.conf rename to bin/tests/system/dnssec/ns4/named4.conf.in index 79d8bc9f65..ee99f6b48d 100644 --- a/bin/tests/system/dnssec/ns4/named4.conf +++ b/bin/tests/system/dnssec/ns4/named4.conf.in @@ -8,13 +8,11 @@ // NS4 -controls { /* empty */ }; - options { query-source address 10.53.0.4; notify-source 10.53.0.4; transfer-source 10.53.0.4; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.4; }; listen-on-v6 { none; }; @@ -26,7 +24,7 @@ key rndc_key { }; controls { - inet 10.53.0.4 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.4 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; key auth { diff --git a/bin/tests/system/dnssec/ns5/named1.conf b/bin/tests/system/dnssec/ns5/named1.conf.in similarity index 87% rename from bin/tests/system/dnssec/ns5/named1.conf rename to bin/tests/system/dnssec/ns5/named1.conf.in index eaa0edfa3d..a22f6559f8 100644 --- a/bin/tests/system/dnssec/ns5/named1.conf +++ b/bin/tests/system/dnssec/ns5/named1.conf.in @@ -8,13 +8,11 @@ // NS5 -controls { /* empty */ }; - options { query-source address 10.53.0.5; notify-source 10.53.0.5; transfer-source 10.53.0.5; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.5; }; listen-on-v6 { none; }; @@ -29,7 +27,7 @@ key rndc_key { }; controls { - inet 10.53.0.5 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.5 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; diff --git a/bin/tests/system/dnssec/ns5/named2.conf b/bin/tests/system/dnssec/ns5/named2.conf.in similarity index 89% rename from bin/tests/system/dnssec/ns5/named2.conf rename to bin/tests/system/dnssec/ns5/named2.conf.in index 57d4db31f5..db6b530d0b 100644 --- a/bin/tests/system/dnssec/ns5/named2.conf +++ b/bin/tests/system/dnssec/ns5/named2.conf.in @@ -8,22 +8,20 @@ // NS5 -controls { /* empty */ }; - key rndc_key { secret "1234abcd8765"; algorithm hmac-sha256; }; controls { - inet 10.53.0.5 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.5 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; options { query-source address 10.53.0.5; notify-source 10.53.0.5; transfer-source 10.53.0.5; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.5; 127.0.0.1; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/dnssec/ns6/named.conf b/bin/tests/system/dnssec/ns6/named.conf.in similarity index 88% rename from bin/tests/system/dnssec/ns6/named.conf rename to bin/tests/system/dnssec/ns6/named.conf.in index 2e453ce7f1..50b4286568 100644 --- a/bin/tests/system/dnssec/ns6/named.conf +++ b/bin/tests/system/dnssec/ns6/named.conf.in @@ -6,17 +6,13 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.12 2007/06/18 23:47:28 tbox Exp $ */ - // NS6 -controls { /* empty */ }; - options { query-source address 10.53.0.6; notify-source 10.53.0.6; transfer-source 10.53.0.6; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.6; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/dnssec/ns7/named.conf b/bin/tests/system/dnssec/ns7/named.conf.in similarity index 93% rename from bin/tests/system/dnssec/ns7/named.conf rename to bin/tests/system/dnssec/ns7/named.conf.in index 7af270c100..66142b5ce5 100644 --- a/bin/tests/system/dnssec/ns7/named.conf +++ b/bin/tests/system/dnssec/ns7/named.conf.in @@ -6,17 +6,13 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.5 2010/06/26 23:46:49 tbox Exp $ */ - // NS3 -controls { /* empty */ }; - options { query-source address 10.53.0.7; notify-source 10.53.0.7; transfer-source 10.53.0.7; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.7; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/dnssec/prereq.sh b/bin/tests/system/dnssec/prereq.sh index 019e984b71..c46ed2dfc4 100644 --- a/bin/tests/system/dnssec/prereq.sh +++ b/bin/tests/system/dnssec/prereq.sh @@ -15,7 +15,7 @@ then then : else - echo "I:Net::DNS versions 0.69 to 0.70 have bugs that cause this test to fail: please update." >&2 + echo_i "Net::DNS versions 0.69 to 0.70 have bugs that cause this test to fail: please update." >&2 exit 1 fi fi diff --git a/bin/tests/system/dnssec/setup.sh b/bin/tests/system/dnssec/setup.sh index 5c3215f645..908112db3d 100644 --- a/bin/tests/system/dnssec/setup.sh +++ b/bin/tests/system/dnssec/setup.sh @@ -13,16 +13,26 @@ $SHELL clean.sh test -r $RANDFILE || $GENRANDOM 800 $RANDFILE -cd ns1 && $SHELL sign.sh +copy_setports ns1/named.conf.in ns1/named.conf +copy_setports ns2/named.conf.in ns2/named.conf +copy_setports ns3/named.conf.in ns3/named.conf + +copy_setports ns4/named1.conf.in ns4/named.conf +copy_setports ns5/named1.conf.in ns5/named.conf + +copy_setports ns6/named.conf.in ns6/named.conf +copy_setports ns7/named.conf.in ns7/named.conf + +cd ns1 +$SHELL sign.sh echo "a.bogus.example. A 10.0.0.22" >>../ns3/bogus.example.db.signed echo "b.bogus.example. A 10.0.0.23" >>../ns3/bogus.example.db.signed echo "c.bogus.example. A 10.0.0.23" >>../ns3/bogus.example.db.signed -cd ../ns3 && cp -f siginterval1.conf siginterval.conf -cd ../ns4 && cp -f named1.conf named.conf -cd ../ns5 && { - cp -f trusted.conf.bad trusted.conf - cp -f named1.conf named.conf - $SHELL sign.sh -} +cd ../ns3 +cp -f siginterval1.conf siginterval.conf + +cd ../ns5 +cp -f trusted.conf.bad trusted.conf +$SHELL sign.sh diff --git a/bin/tests/system/dnssec/tests.sh b/bin/tests/system/dnssec/tests.sh index c76045a278..2fa779e7dd 100644 --- a/bin/tests/system/dnssec/tests.sh +++ b/bin/tests/system/dnssec/tests.sh @@ -14,8 +14,10 @@ n=1 rm -f dig.out.* -DIGOPTS="+tcp +noadd +nosea +nostat +nocmd +dnssec -p 5300" -DELVOPTS="-a ns1/trusted.conf -p 5300" +DIGOPTS="+tcp +noadd +nosea +nostat +nocmd +dnssec -p ${PORT}" +ANSWEROPTS="+noall +answer +dnssec -p ${PORT}" +DELVOPTS="-a ns1/trusted.conf -p ${PORT}" +RNDCCMD="$RNDC -c $SYSTEMTESTTOP/common/rndc.conf -p ${CONTROLPORT} -s" # convert private-type records to readable form showprivate () { @@ -40,7 +42,7 @@ checkprivate () { echo $x | grep incomplete >&- 2>&- && ret=1 [ $ret = 1 ] && { echo "$x" - echo "I:failed" + echo_i "failed" } return $ret } @@ -70,7 +72,7 @@ stripns () { # Check the example. domain -echo "I:checking that zone transfer worked ($n)" +echo_i "checking that zone transfer worked ($n)" for i in 1 2 3 4 5 6 7 8 9 do ret=0 @@ -82,63 +84,63 @@ do done $PERL ../digcomp.pl dig.out.ns2.test$n dig.out.ns3.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` # test AD bit: # - dig +adflag asks for authentication (ad in response) -echo "I:checking AD bit asking for validation ($n)" +echo_i "checking AD bit asking for validation ($n)" ret=0 $DIG $DIGOPTS +noauth +noadd +nodnssec +adflag a.example. @10.53.0.2 a > dig.out.ns2.test$n || ret=1 $DIG $DIGOPTS +noauth +noadd +nodnssec +adflag a.example. @10.53.0.4 a > dig.out.ns4.test$n || ret=1 $PERL ../digcomp.pl dig.out.ns2.test$n dig.out.ns4.test$n || ret=1 grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` # test AD bit: -# - dig +noadflag -echo "I:checking that AD is not set without +adflag or +dnssec ($n)" +# - dig +noadflag +echo_i "checking that AD is not set without +adflag or +dnssec ($n)" ret=0 $DIG $DIGOPTS +noauth +noadd +nodnssec +noadflag a.example. @10.53.0.2 a > dig.out.ns2.test$n || ret=1 $DIG $DIGOPTS +noauth +noadd +nodnssec +noadflag a.example. @10.53.0.4 a > dig.out.ns4.test$n || ret=1 $PERL ../digcomp.pl dig.out.ns2.test$n dig.out.ns4.test$n || ret=1 grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking for AD in authoritative answer ($n)" +echo_i "checking for AD in authoritative answer ($n)" ret=0 $DIG $DIGOPTS a.example. @10.53.0.2 a > dig.out.ns2.test$n || ret=1 grep "flags:.*ad.*QUERY" dig.out.ns2.test$n > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking positive validation NSEC ($n)" +echo_i "checking positive validation NSEC ($n)" ret=0 $DIG $DIGOPTS +noauth a.example. @10.53.0.2 a > dig.out.ns2.test$n || ret=1 $DIG $DIGOPTS +noauth a.example. @10.53.0.4 a > dig.out.ns4.test$n || ret=1 $PERL ../digcomp.pl dig.out.ns2.test$n dig.out.ns4.test$n || ret=1 grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` if [ -x ${DELV} ] ; then ret=0 - echo "I:checking postive validation NSEC using dns_client ($n)" + echo_i "checking postive validation NSEC using dns_client ($n)" $DELV $DELVOPTS @10.53.0.4 a a.example > delv.out$n || ret=1 grep "a.example..*10.0.0.1" delv.out$n > /dev/null || ret=1 grep "a.example..*.RRSIG.A 3 2 300 .*" delv.out$n > /dev/null || ret=1 n=`expr $n + 1` - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` fi -echo "I:checking positive validation NSEC3 ($n)" +echo_i "checking positive validation NSEC3 ($n)" ret=0 $DIG $DIGOPTS +noauth a.nsec3.example. \ @10.53.0.3 a > dig.out.ns3.test$n || ret=1 @@ -147,21 +149,21 @@ $DIG $DIGOPTS +noauth a.nsec3.example. \ $PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1 grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` if [ -x ${DELV} ] ; then ret=0 - echo "I:checking positive validation NSEC3 using dns_client ($n)" + echo_i "checking positive validation NSEC3 using dns_client ($n)" $DELV $DELVOPTS @10.53.0.4 a a.nsec3.example > delv.out$n || ret=1 grep "a.nsec3.example..*10.0.0.1" delv.out$n > /dev/null || ret=1 grep "a.nsec3.example..*RRSIG.A 7 3 300.*" delv.out$n > /dev/null || ret=1 n=`expr $n + 1` - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` fi -echo "I:checking positive validation OPTOUT ($n)" +echo_i "checking positive validation OPTOUT ($n)" ret=0 $DIG $DIGOPTS +noauth a.optout.example. \ @10.53.0.3 a > dig.out.ns3.test$n || ret=1 @@ -170,21 +172,21 @@ $DIG $DIGOPTS +noauth a.optout.example. \ $PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1 grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` if [ -x ${DELV} ] ; then ret=0 - echo "I:checking positive validation OPTOUT using dns_client ($n)" + echo_i "checking positive validation OPTOUT using dns_client ($n)" $DELV $DELVOPTS @10.53.0.4 a a.optout.example > delv.out$n || ret=1 grep "a.optout.example..*10.0.0.1" delv.out$n > /dev/null || ret=1 grep "a.optout.example..*RRSIG.A 7 3 300.*" delv.out$n > /dev/null || ret=1 n=`expr $n + 1` - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` fi -echo "I:checking positive wildcard validation NSEC ($n)" +echo_i "checking positive wildcard validation NSEC ($n)" ret=0 $DIG $DIGOPTS a.wild.example. @10.53.0.3 a > dig.out.ns3.test$n || ret=1 $DIG $DIGOPTS a.wild.example. @10.53.0.4 a > dig.out.ns4.test$n || ret=1 @@ -196,39 +198,39 @@ grep "\*\.wild\.example\..*NSEC z\.example" dig.out.ns4.test$n > /dev/null || re grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1 grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` if [ -x ${DELV} ] ; then ret=0 - echo "I:checking positive wildcard validation NSEC using dns_client ($n)" + echo_i "checking positive wildcard validation NSEC using dns_client ($n)" $DELV $DELVOPTS @10.53.0.4 a a.wild.example > delv.out$n || ret=1 grep "a.wild.example..*10.0.0.27" delv.out$n > /dev/null || ret=1 grep "a.wild.example..*RRSIG.A 3 2 300.*" delv.out$n > /dev/null || ret=1 n=`expr $n + 1` - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` fi -echo "I:checking positive wildcard answer NSEC3 ($n)" +echo_i "checking positive wildcard answer NSEC3 ($n)" ret=0 $DIG $DIGOPTS a.wild.nsec3.example. @10.53.0.3 a > dig.out.ns3.test$n || ret=1 grep "AUTHORITY: 4," dig.out.ns3.test$n > /dev/null || ret=1 grep "status: NOERROR" dig.out.ns3.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking positive wildcard answer NSEC3 ($n)" +echo_i "checking positive wildcard answer NSEC3 ($n)" ret=0 $DIG $DIGOPTS a.wild.nsec3.example. @10.53.0.4 a > dig.out.ns4.test$n || ret=1 grep "AUTHORITY: 4," dig.out.ns4.test$n > /dev/null || ret=1 grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking positive wildcard validation NSEC3 ($n)" +echo_i "checking positive wildcard validation NSEC3 ($n)" ret=0 $DIG $DIGOPTS a.wild.nsec3.example. @10.53.0.3 a > dig.out.ns3.test$n || ret=1 $DIG $DIGOPTS a.wild.nsec3.example. @10.53.0.4 a > dig.out.ns4.test$n || ret=1 @@ -238,21 +240,21 @@ $PERL ../digcomp.pl dig.out.ns3.stripped.test$n dig.out.ns4.stripped.test$n || r grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1 grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` if [ -x ${DELV} ] ; then ret=0 - echo "I:checking positive wildcard validation NSEC3 using dns_client ($n)" + echo_i "checking positive wildcard validation NSEC3 using dns_client ($n)" $DELV $DELVOPTS @10.53.0.4 a a.wild.nsec3.example > delv.out$n || ret=1 grep "a.wild.nsec3.example..*10.0.0.6" delv.out$n > /dev/null || ret=1 grep "a.wild.nsec3.example..*RRSIG.A 7 3 300.*" delv.out$n > /dev/null || ret=1 n=`expr $n + 1` - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` fi -echo "I:checking positive wildcard validation OPTOUT ($n)" +echo_i "checking positive wildcard validation OPTOUT ($n)" ret=0 $DIG $DIGOPTS a.wild.optout.example. \ @10.53.0.3 a > dig.out.ns3.test$n || ret=1 @@ -264,21 +266,21 @@ $PERL ../digcomp.pl dig.out.ns3.stripped.test$n dig.out.ns4.stripped.test$n || r grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null && ret=1 grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` if [ -x ${DELV} ] ; then ret=0 - echo "I:checking positive wildcard validation OPTOUT using dns_client ($n)" + echo_i "checking positive wildcard validation OPTOUT using dns_client ($n)" $DELV $DELVOPTS @10.53.0.4 a a.wild.optout.example > delv.out$n || ret=1 grep "a.wild.optout.example..*10.0.0.6" delv.out$n > /dev/null || ret=1 grep "a.wild.optout.example..*RRSIG.A 7 3 300.*" delv.out$n > /dev/null || ret=1 n=`expr $n + 1` - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` fi -echo "I:checking negative validation NXDOMAIN NSEC ($n)" +echo_i "checking negative validation NXDOMAIN NSEC ($n)" ret=0 $DIG $DIGOPTS +noauth q.example. @10.53.0.2 a > dig.out.ns2.test$n || ret=1 $DIG $DIGOPTS +noauth q.example. @10.53.0.4 a > dig.out.ns4.test$n || ret=1 @@ -286,20 +288,20 @@ $PERL ../digcomp.pl dig.out.ns2.test$n dig.out.ns4.test$n || ret=1 grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1 grep "status: NXDOMAIN" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` if [ -x ${DELV} ] ; then ret=0 - echo "I:checking negative validation NXDOMAIN NSEC using dns_client ($n)" + echo_i "checking negative validation NXDOMAIN NSEC using dns_client ($n)" $DELV $DELVOPTS @10.53.0.4 a q.example > delv.out$n 2>&1 || ret=1 grep "resolution failed: ncache nxdomain" delv.out$n > /dev/null || ret=1 n=`expr $n + 1` - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` fi -echo "I:checking negative validation NXDOMAIN NSEC3 ($n)" +echo_i "checking negative validation NXDOMAIN NSEC3 ($n)" ret=0 $DIG $DIGOPTS +noauth q.nsec3.example. \ @10.53.0.3 a > dig.out.ns3.test$n || ret=1 @@ -309,20 +311,20 @@ $PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1 grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1 grep "status: NXDOMAIN" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` if [ -x ${DELV} ] ; then ret=0 - echo "I:checking negative validation NXDOMAIN NSEC3 using dns_client ($n)" + echo_i "checking negative validation NXDOMAIN NSEC3 using dns_client ($n)" $DELV $DELVOPTS @10.53.0.4 a q.nsec3.example > delv.out$n 2>&1 || ret=1 grep "resolution failed: ncache nxdomain" delv.out$n > /dev/null || ret=1 n=`expr $n + 1` - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` fi -echo "I:checking negative validation NXDOMAIN OPTOUT ($n)" +echo_i "checking negative validation NXDOMAIN OPTOUT ($n)" ret=0 $DIG $DIGOPTS +noauth q.optout.example. \ @10.53.0.3 a > dig.out.ns3.test$n || ret=1 @@ -333,20 +335,20 @@ grep "status: NXDOMAIN" dig.out.ns4.test$n > /dev/null || ret=1 # Note - this is looking for failure, hence the && grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` if [ -x ${DELV} ] ; then ret=0 - echo "I:checking negative validation NXDOMAIN OPTOUT using dns_client ($n)" + echo_i "checking negative validation NXDOMAIN OPTOUT using dns_client ($n)" $DELV $DELVOPTS @10.53.0.4 a q.optout.example > delv.out$n 2>&1 || ret=1 grep "resolution failed: ncache nxdomain" delv.out$n > /dev/null || ret=1 n=`expr $n + 1` - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` fi -echo "I:checking negative validation NODATA NSEC ($n)" +echo_i "checking negative validation NODATA NSEC ($n)" ret=0 $DIG $DIGOPTS +noauth a.example. @10.53.0.2 txt > dig.out.ns2.test$n || ret=1 $DIG $DIGOPTS +noauth a.example. @10.53.0.4 txt > dig.out.ns4.test$n || ret=1 @@ -355,20 +357,20 @@ grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1 grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 grep "ANSWER: 0" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` if [ -x ${DELV} ] ; then ret=0 - echo "I:checking negative validation NODATA OPTOUT using dns_client ($n)" + echo_i "checking negative validation NODATA OPTOUT using dns_client ($n)" $DELV $DELVOPTS @10.53.0.4 txt a.example > delv.out$n 2>&1 || ret=1 grep "resolution failed: ncache nxrrset" delv.out$n > /dev/null || ret=1 n=`expr $n + 1` - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` fi -echo "I:checking negative validation NODATA NSEC3 ($n)" +echo_i "checking negative validation NODATA NSEC3 ($n)" ret=0 $DIG $DIGOPTS +noauth a.nsec3.example. \ @10.53.0.3 txt > dig.out.ns3.test$n || ret=1 @@ -379,20 +381,20 @@ grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1 grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 grep "ANSWER: 0" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` if [ -x ${DELV} ] ; then ret=0 - echo "I:checking negative validation NODATA NSEC3 using dns_client ($n)" + echo_i "checking negative validation NODATA NSEC3 using dns_client ($n)" $DELV $DELVOPTS @10.53.0.4 txt a.nsec3.example > delv.out$n 2>&1 || ret=1 grep "resolution failed: ncache nxrrset" delv.out$n > /dev/null || ret=1 n=`expr $n + 1` - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` fi -echo "I:checking negative validation NODATA OPTOUT ($n)" +echo_i "checking negative validation NODATA OPTOUT ($n)" ret=0 $DIG $DIGOPTS +noauth a.optout.example. \ @10.53.0.3 txt > dig.out.ns3.test$n || ret=1 @@ -403,20 +405,20 @@ grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1 grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 grep "ANSWER: 0" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` if [ -x ${DELV} ] ; then ret=0 - echo "I:checking negative validation NODATA OPTOUT using dns_client ($n)" + echo_i "checking negative validation NODATA OPTOUT using dns_client ($n)" $DELV $DELVOPTS @10.53.0.4 txt a.optout.example > delv.out$n 2>&1 || ret=1 grep "resolution failed: ncache nxrrset" delv.out$n > /dev/null || ret=1 n=`expr $n + 1` - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` fi -echo "I:checking negative wildcard validation NSEC ($n)" +echo_i "checking negative wildcard validation NSEC ($n)" ret=0 $DIG $DIGOPTS b.wild.example. @10.53.0.2 txt > dig.out.ns2.test$n || ret=1 $DIG $DIGOPTS b.wild.example. @10.53.0.4 txt > dig.out.ns4.test$n || ret=1 @@ -424,40 +426,40 @@ $PERL ../digcomp.pl dig.out.ns2.test$n dig.out.ns4.test$n || ret=1 grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1 grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` if [ -x ${DELV} ] ; then ret=0 - echo "I:checking negative wildcard validation NSEC using dns_client ($n)" + echo_i "checking negative wildcard validation NSEC using dns_client ($n)" $DELV $DELVOPTS @10.53.0.4 txt b.wild.example > delv.out$n 2>&1 || ret=1 grep "resolution failed: ncache nxrrset" delv.out$n > /dev/null || ret=1 n=`expr $n + 1` - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` fi -echo "I:checking negative wildcard validation NSEC3 ($n)" +echo_i "checking negative wildcard validation NSEC3 ($n)" ret=0 $DIG $DIGOPTS b.wild.nsec3.example. @10.53.0.3 txt > dig.out.ns3.test$n || ret=1 $DIG $DIGOPTS b.wild.nsec3.example. @10.53.0.4 txt > dig.out.ns4.test$n || ret=1 $PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1 grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` if [ -x ${DELV} ] ; then ret=0 - echo "I:checking negative wildcard validation NSEC3 using dns_client ($n)" + echo_i "checking negative wildcard validation NSEC3 using dns_client ($n)" $DELV $DELVOPTS @10.53.0.4 txt b.wild.nsec3.example > delv.out$n 2>&1 || ret=1 grep "resolution failed: ncache nxrrset" delv.out$n > /dev/null || ret=1 n=`expr $n + 1` - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` fi -echo "I:checking negative wildcard validation OPTOUT ($n)" +echo_i "checking negative wildcard validation OPTOUT ($n)" ret=0 $DIG $DIGOPTS b.wild.optout.example. \ @10.53.0.3 txt > dig.out.ns3.test$n || ret=1 @@ -468,22 +470,22 @@ grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 # Note - this is looking for failure, hence the && grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` if [ -x ${DELV} ] ; then ret=0 - echo "I:checking negative wildcard validation OPTOUT using dns_client ($n)" + echo_i "checking negative wildcard validation OPTOUT using dns_client ($n)" $DELV $DELVOPTS @10.53.0.4 txt b.optout.nsec3.example > delv.out$n 2>&1 || ret=1 grep "resolution failed: ncache nxrrset" delv.out$n > /dev/null || ret=1 n=`expr $n + 1` - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` fi # Check the insecure.example domain -echo "I:checking 1-server insecurity proof NSEC ($n)" +echo_i "checking 1-server insecurity proof NSEC ($n)" ret=0 $DIG $DIGOPTS +noauth a.insecure.example. @10.53.0.3 a > dig.out.ns3.test$n || ret=1 $DIG $DIGOPTS +noauth a.insecure.example. @10.53.0.4 a > dig.out.ns4.test$n || ret=1 @@ -492,20 +494,20 @@ grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 # Note - this is looking for failure, hence the && grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` if [ -x ${DELV} ] ; then ret=0 - echo "I:checking 1-server insecurity proof NSEC using dns_client ($n)" + echo_i "checking 1-server insecurity proof NSEC using dns_client ($n)" $DELV $DELVOPTS @10.53.0.4 a a.insecure.example > delv.out$n || ret=1 grep "a.insecure.example..*10.0.0.1" delv.out$n > /dev/null || ret=1 n=`expr $n + 1` - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` fi -echo "I:checking 1-server insecurity proof NSEC3 ($n)" +echo_i "checking 1-server insecurity proof NSEC3 ($n)" ret=0 $DIG $DIGOPTS +noauth a.insecure.nsec3.example. @10.53.0.3 a > dig.out.ns3.test$n || ret=1 $DIG $DIGOPTS +noauth a.insecure.nsec3.example. @10.53.0.4 a > dig.out.ns4.test$n || ret=1 @@ -514,20 +516,20 @@ grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 # Note - this is looking for failure, hence the && grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` if [ -x ${DELV} ] ; then ret=0 - echo "I:checking 1-server insecurity proof NSEC3 using dns_client ($n)" + echo_i "checking 1-server insecurity proof NSEC3 using dns_client ($n)" $DELV $DELVOPTS @10.53.0.4 a a.insecure.nsec3.example > delv.out$n || ret=1 grep "a.insecure.nsec3.example..*10.0.0.1" delv.out$n > /dev/null || ret=1 n=`expr $n + 1` - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` fi -echo "I:checking 1-server insecurity proof OPTOUT ($n)" +echo_i "checking 1-server insecurity proof OPTOUT ($n)" ret=0 $DIG $DIGOPTS +noauth a.insecure.optout.example. @10.53.0.3 a > dig.out.ns3.test$n || ret=1 $DIG $DIGOPTS +noauth a.insecure.optout.example. @10.53.0.4 a > dig.out.ns4.test$n || ret=1 @@ -536,20 +538,20 @@ grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 # Note - this is looking for failure, hence the && grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` if [ -x ${DELV} ] ; then ret=0 - echo "I:checking 1-server insecurity proof OPTOUT using dns_client ($n)" + echo_i "checking 1-server insecurity proof OPTOUT using dns_client ($n)" $DELV $DELVOPTS @10.53.0.4 a a.insecure.optout.example > delv.out$n || ret=1 grep "a.insecure.optout.example..*10.0.0.1" delv.out$n > /dev/null || ret=1 n=`expr $n + 1` - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` fi -echo "I:checking 1-server negative insecurity proof NSEC ($n)" +echo_i "checking 1-server negative insecurity proof NSEC ($n)" ret=0 $DIG $DIGOPTS q.insecure.example. a @10.53.0.3 \ > dig.out.ns3.test$n || ret=1 @@ -560,20 +562,20 @@ grep "status: NXDOMAIN" dig.out.ns4.test$n > /dev/null || ret=1 # Note - this is looking for failure, hence the && grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` if [ -x ${DELV} ] ; then ret=0 - echo "I:checking 1-server negative insecurity proof NSEC using dns_client ($n)" + echo_i "checking 1-server negative insecurity proof NSEC using dns_client ($n)" $DELV $DELVOPTS @10.53.0.4 a q.insecure.example > delv.out$n 2>&1 || ret=1 grep "resolution failed: ncache nxdomain" delv.out$n > /dev/null || ret=1 n=`expr $n + 1` - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` fi -echo "I:checking 1-server negative insecurity proof NSEC3 ($n)" +echo_i "checking 1-server negative insecurity proof NSEC3 ($n)" ret=0 $DIG $DIGOPTS q.insecure.nsec3.example. a @10.53.0.3 \ > dig.out.ns3.test$n || ret=1 @@ -584,20 +586,20 @@ grep "status: NXDOMAIN" dig.out.ns4.test$n > /dev/null || ret=1 # Note - this is looking for failure, hence the && grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` if [ -x ${DELV} ] ; then ret=0 - echo "I:checking 1-server negative insecurity proof NSEC3 using dns_client ($n)" + echo_i "checking 1-server negative insecurity proof NSEC3 using dns_client ($n)" $DELV $DELVOPTS @10.53.0.4 a q.insecure.nsec3.example > delv.out$n 2>&1 || ret=1 grep "resolution failed: ncache nxdomain" delv.out$n > /dev/null || ret=1 n=`expr $n + 1` - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` fi -echo "I:checking 1-server negative insecurity proof OPTOUT ($n)" +echo_i "checking 1-server negative insecurity proof OPTOUT ($n)" ret=0 $DIG $DIGOPTS q.insecure.optout.example. a @10.53.0.3 \ > dig.out.ns3.test$n || ret=1 @@ -608,20 +610,20 @@ grep "status: NXDOMAIN" dig.out.ns4.test$n > /dev/null || ret=1 # Note - this is looking for failure, hence the && grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` if [ -x ${DELV} ] ; then ret=0 - echo "I:checking 1-server negative insecurity proof OPTOUT using dns_client ($n)" + echo_i "checking 1-server negative insecurity proof OPTOUT using dns_client ($n)" $DELV $DELVOPTS @10.53.0.4 a q.insecure.optout.example > delv.out$n 2>&1 || ret=1 grep "resolution failed: ncache nxdomain" delv.out$n > /dev/null || ret=1 n=`expr $n + 1` - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` fi -echo "I:checking 1-server negative insecurity proof with SOA hack NSEC ($n)" +echo_i "checking 1-server negative insecurity proof with SOA hack NSEC ($n)" ret=0 $DIG $DIGOPTS r.insecure.example. soa @10.53.0.3 \ > dig.out.ns3.test$n || ret=1 @@ -633,10 +635,10 @@ grep "0 IN SOA" dig.out.ns4.test$n > /dev/null || ret=1 # Note - this is looking for failure, hence the && grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking 1-server negative insecurity proof with SOA hack NSEC3 ($n)" +echo_i "checking 1-server negative insecurity proof with SOA hack NSEC3 ($n)" ret=0 $DIG $DIGOPTS r.insecure.nsec3.example. soa @10.53.0.3 \ > dig.out.ns3.test$n || ret=1 @@ -648,10 +650,10 @@ grep "0 IN SOA" dig.out.ns4.test$n > /dev/null || ret=1 # Note - this is looking for failure, hence the && grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking 1-server negative insecurity proof with SOA hack OPTOUT ($n)" +echo_i "checking 1-server negative insecurity proof with SOA hack OPTOUT ($n)" ret=0 $DIG $DIGOPTS r.insecure.optout.example. soa @10.53.0.3 \ > dig.out.ns3.test$n || ret=1 @@ -663,12 +665,12 @@ grep "0 IN SOA" dig.out.ns4.test$n > /dev/null || ret=1 # Note - this is looking for failure, hence the && grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` # Check the secure.example domain -echo "I:checking multi-stage positive validation NSEC/NSEC ($n)" +echo_i "checking multi-stage positive validation NSEC/NSEC ($n)" ret=0 $DIG $DIGOPTS +noauth a.secure.example. \ @10.53.0.3 a > dig.out.ns3.test$n || ret=1 @@ -678,10 +680,10 @@ $PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1 grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking multi-stage positive validation NSEC/NSEC3 ($n)" +echo_i "checking multi-stage positive validation NSEC/NSEC3 ($n)" ret=0 $DIG $DIGOPTS +noauth a.nsec3.example. \ @10.53.0.3 a > dig.out.ns3.test$n || ret=1 @@ -691,10 +693,10 @@ $PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1 grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking multi-stage positive validation NSEC/OPTOUT ($n)" +echo_i "checking multi-stage positive validation NSEC/OPTOUT ($n)" ret=0 $DIG $DIGOPTS +noauth a.optout.example. \ @10.53.0.3 a > dig.out.ns3.test$n || ret=1 @@ -704,10 +706,10 @@ $PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1 grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking multi-stage positive validation NSEC3/NSEC ($n)" +echo_i "checking multi-stage positive validation NSEC3/NSEC ($n)" ret=0 $DIG $DIGOPTS +noauth a.secure.nsec3.example. \ @10.53.0.3 a > dig.out.ns3.test$n || ret=1 @@ -717,10 +719,10 @@ $PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1 grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking multi-stage positive validation NSEC3/NSEC3 ($n)" +echo_i "checking multi-stage positive validation NSEC3/NSEC3 ($n)" ret=0 $DIG $DIGOPTS +noauth a.nsec3.nsec3.example. \ @10.53.0.3 a > dig.out.ns3.test$n || ret=1 @@ -730,10 +732,10 @@ $PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1 grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking multi-stage positive validation NSEC3/OPTOUT ($n)" +echo_i "checking multi-stage positive validation NSEC3/OPTOUT ($n)" ret=0 $DIG $DIGOPTS +noauth a.optout.nsec3.example. \ @10.53.0.3 a > dig.out.ns3.test$n || ret=1 @@ -743,10 +745,10 @@ $PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1 grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking multi-stage positive validation OPTOUT/NSEC ($n)" +echo_i "checking multi-stage positive validation OPTOUT/NSEC ($n)" ret=0 $DIG $DIGOPTS +noauth a.secure.optout.example. \ @10.53.0.3 a > dig.out.ns3.test$n || ret=1 @@ -756,10 +758,10 @@ $PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1 grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking multi-stage positive validation OPTOUT/NSEC3 ($n)" +echo_i "checking multi-stage positive validation OPTOUT/NSEC3 ($n)" ret=0 $DIG $DIGOPTS +noauth a.nsec3.optout.example. \ @10.53.0.3 a > dig.out.ns3.test$n || ret=1 @@ -769,10 +771,10 @@ $PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1 grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking multi-stage positive validation OPTOUT/OPTOUT ($n)" +echo_i "checking multi-stage positive validation OPTOUT/OPTOUT ($n)" ret=0 $DIG $DIGOPTS +noauth a.optout.optout.example. \ @10.53.0.3 a > dig.out.ns3.test$n || ret=1 @@ -782,10 +784,10 @@ $PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1 grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking empty NODATA OPTOUT ($n)" +echo_i "checking empty NODATA OPTOUT ($n)" ret=0 $DIG $DIGOPTS +noauth empty.optout.example. \ @10.53.0.3 a > dig.out.ns3.test$n || ret=1 @@ -795,94 +797,94 @@ $PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1 grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 #grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` # Check the bogus domain -echo "I:checking failed validation ($n)" +echo_i "checking failed validation ($n)" ret=0 $DIG $DIGOPTS a.bogus.example. @10.53.0.4 a > dig.out.ns4.test$n || ret=1 grep "SERVFAIL" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` if [ -x ${DELV} ] ; then ret=0 - echo "I:checking failed validation using dns_client ($n)" + echo_i "checking failed validation using dns_client ($n)" $DELV $DELVOPTS +cd @10.53.0.4 a a.bogus.example > delv.out$n 2>&1 || ret=1 grep "resolution failed: RRSIG failed to verify" delv.out$n > /dev/null || ret=1 n=`expr $n + 1` - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` fi # Try validating with a bad trusted key. # This should fail. -echo "I:checking that validation fails with a misconfigured trusted key ($n)" +echo_i "checking that validation fails with a misconfigured trusted key ($n)" ret=0 $DIG $DIGOPTS example. soa @10.53.0.5 > dig.out.ns5.test$n || ret=1 grep "SERVFAIL" dig.out.ns5.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking that negative validation fails with a misconfigured trusted key ($n)" +echo_i "checking that negative validation fails with a misconfigured trusted key ($n)" ret=0 $DIG $DIGOPTS example. ptr @10.53.0.5 > dig.out.ns5.test$n || ret=1 grep "SERVFAIL" dig.out.ns5.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking that insecurity proofs fail with a misconfigured trusted key ($n)" +echo_i "checking that insecurity proofs fail with a misconfigured trusted key ($n)" ret=0 $DIG $DIGOPTS a.insecure.example. a @10.53.0.5 > dig.out.ns5.test$n || ret=1 grep "SERVFAIL" dig.out.ns5.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking that validation fails when key record is missing ($n)" +echo_i "checking that validation fails when key record is missing ($n)" ret=0 $DIG $DIGOPTS a.b.keyless.example. a @10.53.0.4 > dig.out.ns4.test$n || ret=1 grep "SERVFAIL" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` if [ -x ${DELV} ] ; then ret=0 - echo "I:checking that validation fails when key record is missing using dns_client ($n)" + echo_i "checking that validation fails when key record is missing using dns_client ($n)" $DELV $DELVOPTS +cd @10.53.0.4 a a.b.keyless.example > delv.out$n 2>&1 || ret=1 grep "resolution failed: broken trust chain" delv.out$n > /dev/null || ret=1 n=`expr $n + 1` - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` fi -echo "I:checking that validation succeeds when a revoked key is encountered ($n)" +echo_i "checking that validation succeeds when a revoked key is encountered ($n)" ret=0 $DIG $DIGOPTS revkey.example soa @10.53.0.4 > dig.out.ns4.test$n || ret=1 grep "NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 grep "flags: .* ad" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` if [ -x ${DELV} ] ; then ret=0 - echo "I:checking that validation succeeds when a revoked key is encountered using dns_client ($n)" + echo_i "checking that validation succeeds when a revoked key is encountered using dns_client ($n)" $DELV $DELVOPTS +cd @10.53.0.4 soa revkey.example > delv.out$n 2>&1 || ret=1 grep "fully validated" delv.out$n > /dev/null || ret=1 n=`expr $n + 1` - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` fi -echo "I:Checking that a bad CNAME signature is caught after a +CD query ($n)" +echo_i "Checking that a bad CNAME signature is caught after a +CD query ($n)" ret=0 #prime $DIG $DIGOPTS +cd bad-cname.example. @10.53.0.4 > dig.out.ns4.prime$n || ret=1 @@ -891,15 +893,15 @@ expect="a.example. 10.0.0.1" ans=`$DIG $DIGOPTS +cd +nodnssec +short bad-cname.example. @10.53.0.4` || ret=1 test "$ans" = "$expect" || ret=1 -test $ret = 0 || echo I:failed, got "'""$ans""'", expected "'""$expect""'" +test $ret = 0 || echo_i "failed, got '$ans', expected '$expect'" #check: requery without +CD. bogus cached data should be rejected. $DIG $DIGOPTS +nodnssec bad-cname.example. @10.53.0.4 > dig.out.ns4.test$n || ret=1 grep "SERVFAIL" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:Checking that a bad DNAME signature is caught after a +CD query ($n)" +echo_i "Checking that a bad DNAME signature is caught after a +CD query ($n)" ret=0 #prime $DIG $DIGOPTS +cd a.bad-dname.example. @10.53.0.4 > dig.out.ns4.prime$n || ret=1 @@ -909,17 +911,17 @@ a.example. 10.0.0.1" ans=`$DIG $DIGOPTS +cd +nodnssec +short a.bad-dname.example. @10.53.0.4` || ret=1 test "$ans" = "$expect" || ret=1 -test $ret = 0 || echo I:failed, got "'""$ans""'", expected "'""$expect""'" +test $ret = 0 || echo_i "failed, got '$ans', expected '$expect'" #check: requery without +CD. bogus cached data should be rejected. $DIG $DIGOPTS +nodnssec a.bad-dname.example. @10.53.0.4 > dig.out.ns4.test$n || ret=1 grep "SERVFAIL" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` # Check the insecure.secure.example domain (insecurity proof) -echo "I:checking 2-server insecurity proof ($n)" +echo_i "checking 2-server insecurity proof ($n)" ret=0 $DIG $DIGOPTS +noauth a.insecure.secure.example. @10.53.0.2 a \ > dig.out.ns2.test$n || ret=1 @@ -930,12 +932,12 @@ grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 # Note - this is looking for failure, hence the && grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` # Check a negative response in insecure.secure.example -echo "I:checking 2-server insecurity proof with a negative answer ($n)" +echo_i "checking 2-server insecurity proof with a negative answer ($n)" ret=0 $DIG $DIGOPTS q.insecure.secure.example. @10.53.0.2 a > dig.out.ns2.test$n \ || ret=1 @@ -946,10 +948,10 @@ grep "status: NXDOMAIN" dig.out.ns4.test$n > /dev/null || ret=1 # Note - this is looking for failure, hence the && grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking 2-server insecurity proof with a negative answer and SOA hack ($n)" +echo_i "checking 2-server insecurity proof with a negative answer and SOA hack ($n)" ret=0 $DIG $DIGOPTS r.insecure.secure.example. @10.53.0.2 soa > dig.out.ns2.test$n \ || ret=1 @@ -960,23 +962,23 @@ grep "status: NXDOMAIN" dig.out.ns4.test$n > /dev/null || ret=1 # Note - this is looking for failure, hence the && grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` # Check that the query for a security root is successful and has ad set -echo "I:checking security root query ($n)" +echo_i "checking security root query ($n)" ret=0 $DIG $DIGOPTS . @10.53.0.4 key > dig.out.ns4.test$n || ret=1 grep "NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` # Check that the setting the cd bit works -echo "I:checking cd bit on a positive answer ($n)" +echo_i "checking cd bit on a positive answer ($n)" ret=0 $DIG $DIGOPTS +noauth example. soa @10.53.0.4 \ > dig.out.ns4.test$n || ret=1 @@ -987,10 +989,10 @@ grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1 # Note - this is looking for failure, hence the && grep "flags:.*ad.*QUERY" dig.out.ns5.test$n > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking cd bit on a negative answer ($n)" +echo_i "checking cd bit on a negative answer ($n)" ret=0 $DIG $DIGOPTS q.example. soa @10.53.0.4 > dig.out.ns4.test$n || ret=1 $DIG $DIGOPTS +cdflag q.example. soa @10.53.0.5 > dig.out.ns5.test$n || ret=1 @@ -999,40 +1001,40 @@ grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1 # Note - this is looking for failure, hence the && grep "flags:.*ad.*QUERY" dig.out.ns5.test$n > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking positive validation RSASHA256 NSEC ($n)" +echo_i "checking positive validation RSASHA256 NSEC ($n)" ret=0 $DIG $DIGOPTS +noauth a.rsasha256.example. @10.53.0.3 a > dig.out.ns3.test$n || ret=1 $DIG $DIGOPTS +noauth a.rsasha256.example. @10.53.0.4 a > dig.out.ns4.test$n || ret=1 $PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1 grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking positive validation RSASHA512 NSEC ($n)" +echo_i "checking positive validation RSASHA512 NSEC ($n)" ret=0 $DIG $DIGOPTS +noauth a.rsasha512.example. @10.53.0.3 a > dig.out.ns3.test$n || ret=1 $DIG $DIGOPTS +noauth a.rsasha512.example. @10.53.0.4 a > dig.out.ns4.test$n || ret=1 $PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1 grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking positive validation with KSK-only DNSKEY signature ($n)" +echo_i "checking positive validation with KSK-only DNSKEY signature ($n)" ret=0 $DIG $DIGOPTS +noauth a.kskonly.example. @10.53.0.3 a > dig.out.ns3.test$n || ret=1 $DIG $DIGOPTS +noauth a.kskonly.example. @10.53.0.4 a > dig.out.ns4.test$n || ret=1 $PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1 grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking cd bit on a query that should fail ($n)" +echo_i "checking cd bit on a query that should fail ($n)" ret=0 $DIG $DIGOPTS a.bogus.example. soa @10.53.0.4 \ > dig.out.ns4.test$n || ret=1 @@ -1043,10 +1045,10 @@ grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1 # Note - this is looking for failure, hence the && grep "flags:.*ad.*QUERY" dig.out.ns5.test$n > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking cd bit on an insecurity proof ($n)" +echo_i "checking cd bit on an insecurity proof ($n)" ret=0 $DIG $DIGOPTS +noauth a.insecure.example. soa @10.53.0.4 \ > dig.out.ns4.test$n || ret=1 @@ -1058,10 +1060,10 @@ grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null && ret=1 grep "flags:.*ad.*QUERY" dig.out.ns5.test$n > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking cd bit on a negative insecurity proof ($n)" +echo_i "checking cd bit on a negative insecurity proof ($n)" ret=0 $DIG $DIGOPTS q.insecure.example. a @10.53.0.4 \ > dig.out.ns4.test$n || ret=1 @@ -1073,10 +1075,10 @@ grep "status: NXDOMAIN" dig.out.ns4.test$n > /dev/null || ret=1 grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null && ret=1 grep "flags:.*ad.*QUERY" dig.out.ns5.test$n > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking that validation of an ANY query works ($n)" +echo_i "checking that validation of an ANY query works ($n)" ret=0 $DIG $DIGOPTS +noauth foo.example. any @10.53.0.2 > dig.out.ns2.test$n || ret=1 $DIG $DIGOPTS +noauth foo.example. any @10.53.0.4 > dig.out.ns4.test$n || ret=1 @@ -1085,10 +1087,10 @@ grep "NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 # 2 records in the zone, 1 NXT, 3 SIGs grep "ANSWER: 6" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking that validation of a query returning a CNAME works ($n)" +echo_i "checking that validation of a query returning a CNAME works ($n)" ret=0 $DIG $DIGOPTS +noauth cname1.example. txt @10.53.0.2 \ > dig.out.ns2.test$n || ret=1 @@ -1099,10 +1101,10 @@ grep "NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 # the CNAME & its sig, the TXT and its SIG grep "ANSWER: 4" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking that validation of a query returning a DNAME works ($n)" +echo_i "checking that validation of a query returning a DNAME works ($n)" ret=0 $DIG $DIGOPTS +noauth foo.dname1.example. txt @10.53.0.2 \ > dig.out.ns2.test$n || ret=1 @@ -1115,10 +1117,10 @@ grep "NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 # recursive server and not cached, but I don't know how. grep "ANSWER: 5" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking that validation of an ANY query returning a CNAME works ($n)" +echo_i "checking that validation of an ANY query returning a CNAME works ($n)" ret=0 $DIG $DIGOPTS +noauth cname2.example. any @10.53.0.2 \ > dig.out.ns2.test$n || ret=1 @@ -1129,10 +1131,10 @@ grep "NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 # The CNAME, NXT, and their SIGs grep "ANSWER: 4" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking that validation of an ANY query returning a DNAME works ($n)" +echo_i "checking that validation of an ANY query returning a DNAME works ($n)" ret=0 $DIG $DIGOPTS +noauth foo.dname2.example. any @10.53.0.2 \ > dig.out.ns2.test$n || ret=1 @@ -1141,10 +1143,10 @@ $DIG $DIGOPTS +noauth foo.dname2.example. any @10.53.0.4 \ $PERL ../digcomp.pl dig.out.ns2.test$n dig.out.ns4.test$n || ret=1 grep "NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking that positive validation in a privately secure zone works ($n)" +echo_i "checking that positive validation in a privately secure zone works ($n)" ret=0 $DIG $DIGOPTS +noauth a.private.secure.example. a @10.53.0.2 \ > dig.out.ns2.test$n || ret=1 @@ -1155,10 +1157,10 @@ grep "NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 # Note - this is looking for failure, hence the && grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking that negative validation in a privately secure zone works ($n)" +echo_i "checking that negative validation in a privately secure zone works ($n)" ret=0 $DIG $DIGOPTS +noauth q.private.secure.example. a @10.53.0.2 \ > dig.out.ns2.test$n || ret=1 @@ -1169,10 +1171,10 @@ grep "NXDOMAIN" dig.out.ns4.test$n > /dev/null || ret=1 # Note - this is looking for failure, hence the && grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking that lookups succeed after disabling a algorithm works ($n)" +echo_i "checking that lookups succeed after disabling a algorithm works ($n)" ret=0 $DIG $DIGOPTS +noauth example. SOA @10.53.0.2 \ > dig.out.ns2.test$n || ret=1 @@ -1182,10 +1184,10 @@ $PERL ../digcomp.pl dig.out.ns2.test$n dig.out.ns6.test$n || ret=1 # Note - this is looking for failure, hence the && grep "flags:.*ad.*QUERY" dig.out.ns6.test$n > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking privately secure to nxdomain works ($n)" +echo_i "checking privately secure to nxdomain works ($n)" ret=0 $DIG $DIGOPTS +noauth private2secure-nxdomain.private.secure.example. SOA @10.53.0.4 \ > dig.out.ns4.test$n || ret=1 @@ -1193,10 +1195,10 @@ grep "NXDOMAIN" dig.out.ns4.test$n > /dev/null || ret=1 # Note - this is looking for failure, hence the && grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking privately secure wildcard to nxdomain works ($n)" +echo_i "checking privately secure wildcard to nxdomain works ($n)" ret=0 $DIG $DIGOPTS +noauth a.wild.private.secure.example. SOA @10.53.0.4 \ > dig.out.ns4.test$n || ret=1 @@ -1204,10 +1206,10 @@ grep "NXDOMAIN" dig.out.ns4.test$n > /dev/null || ret=1 # Note - this is looking for failure, hence the && grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking a non-cachable NODATA works ($n)" +echo_i "checking a non-cachable NODATA works ($n)" ret=0 $DIG $DIGOPTS +noauth a.nosoa.secure.example. txt @10.53.0.7 \ > dig.out.ns7.test$n || ret=1 @@ -1216,10 +1218,10 @@ $DIG $DIGOPTS +noauth a.nosoa.secure.example. txt @10.53.0.4 \ > dig.out.ns4.test$n || ret=1 grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking a non-cachable NXDOMAIN works ($n)" +echo_i "checking a non-cachable NXDOMAIN works ($n)" ret=0 $DIG $DIGOPTS +noauth b.nosoa.secure.example. txt @10.53.0.7 \ > dig.out.ns7.test$n || ret=1 @@ -1228,7 +1230,7 @@ $DIG $DIGOPTS +noauth b.nosoa.secure.example. txt @10.53.0.4 \ > dig.out.ns4.test$n || ret=1 grep "status: NXDOMAIN" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` # @@ -1237,34 +1239,34 @@ status=`expr $status + $ret` # to private.secure.example. In addition secure.example is using a # algorithm which the validation does not support. # -echo "I:checking dnssec-lookaside-validation works ($n)" +echo_i "checking dnssec-lookaside-validation works ($n)" ret=0 $DIG $DIGOPTS private.secure.example. SOA @10.53.0.6 \ > dig.out.ns6.test$n || ret=1 grep "flags:.*ad.*QUERY" dig.out.ns6.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking that we can load a rfc2535 signed zone ($n)" +echo_i "checking that we can load a rfc2535 signed zone ($n)" ret=0 $DIG $DIGOPTS rfc2535.example. SOA @10.53.0.2 \ > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking that we can transfer a rfc2535 signed zone ($n)" +echo_i "checking that we can transfer a rfc2535 signed zone ($n)" ret=0 $DIG $DIGOPTS rfc2535.example. SOA @10.53.0.3 \ > dig.out.ns3.test$n || ret=1 grep "status: NOERROR" dig.out.ns3.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking that we can sign a zone with out-of-zone records ($n)" +echo_i "checking that we can sign a zone with out-of-zone records ($n)" ret=0 zone=example key1=`$KEYGEN -K signer -q -r $RANDFILE -a NSEC3RSASHA1 -b 1024 -n zone $zone` @@ -1275,10 +1277,10 @@ cat example.db.in $key1.key $key2.key > example.db $SIGNER -o example -f example.db example.db > /dev/null 2>&1 ) || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking that we can sign a zone (NSEC3) with out-of-zone records ($n)" +echo_i "checking that we can sign a zone (NSEC3) with out-of-zone records ($n)" ret=0 zone=example key1=`$KEYGEN -K signer -q -r $RANDFILE -a NSEC3RSASHA1 -b 1024 -n zone $zone` @@ -1292,18 +1294,18 @@ awk '/^IQF9LQTLK/ { while (!index($0, ")")) { if (getline <= 0) break; - printf (" %s", $0); + printf (" %s", $0); } printf("\n"); }' example.db | sed 's/[ ][ ]*/ /g' > nsec3param.out -grep "IQF9LQTLKKNFK0KVIFELRAK4IC4QLTMG.example. 0 IN NSEC3 1 0 10 - ( IQF9LQTLKKNFK0KVIFELRAK4IC4QLTMG A NS SOA RRSIG DNSKEY NSEC3PARAM )" nsec3param.out > /dev/null +grep "IQF9LQTLKKNFK0KVIFELRAK4IC4QLTMG.example. 0 IN NSEC3 1 0 10 - ( IQF9LQTLKKNFK0KVIFELRAK4IC4QLTMG A NS SOA RRSIG DNSKEY NSEC3PARAM )" nsec3param.out > /dev/null ) || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking NSEC3 signing with empty nonterminals above a delegation ($n)" +echo_i "checking NSEC3 signing with empty nonterminals above a delegation ($n)" ret=0 zone=example key1=`$KEYGEN -K signer -q -r $RANDFILE -a NSEC3RSASHA1 -b 1024 -n zone $zone` @@ -1318,7 +1320,7 @@ awk '/^IQF9LQTLK/ { while (!index($0, ")")) { if (getline <= 0) break; - printf (" %s", $0); + printf (" %s", $0); } printf("\n"); }' example.db | sed 's/[ ][ ]*/ /g' > nsec3param.out @@ -1326,10 +1328,10 @@ awk '/^IQF9LQTLK/ { grep "IQF9LQTLKKNFK0KVIFELRAK4IC4QLTMG.example. 0 IN NSEC3 1 0 10 - ( IQF9LQTLKKNFK0KVIFELRAK4IC4QLTMG A NS SOA RRSIG DNSKEY NSEC3PARAM )" nsec3param.out > /dev/null ) || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking that dnsssec-signzone updates originalttl on ttl changes ($n)" +echo_i "checking that dnsssec-signzone updates originalttl on ttl changes ($n)" ret=0 zone=example key1=`$KEYGEN -K signer -q -r $RANDFILE -a RSASHA1 -b 1024 -n zone $zone` @@ -1343,10 +1345,10 @@ $SIGNER -o example -f example.db.after example.db.changed > /dev/null 2>&1 ) grep "SOA 5 1 50" signer/example.db.after > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking dnssec-signzone keeps valid signatures from removed keys ($n)" +echo_i "checking dnssec-signzone keeps valid signatures from removed keys ($n)" ret=0 zone=example key1=`$KEYGEN -K signer -q -r $RANDFILE -f KSK -a RSASHA1 -b 1024 -n zone $zone` @@ -1367,10 +1369,10 @@ $SIGNER -D -o example example.db > /dev/null 2>&1 grep " $keyid2 " signer/example.db.signed > /dev/null 2>&1 || ret=1 grep " $keyid3 " signer/example.db.signed > /dev/null 2>&1 || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking dnssec-signzone -R purges signatures from removed keys ($n)" +echo_i "checking dnssec-signzone -R purges signatures from removed keys ($n)" ret=0 ( cd signer @@ -1379,10 +1381,10 @@ $SIGNER -RD -o example example.db > /dev/null 2>&1 grep " $keyid2 " signer/example.db.signed > /dev/null 2>&1 && ret=1 grep " $keyid3 " signer/example.db.signed > /dev/null 2>&1 || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking dnssec-signzone keeps valid signatures from inactive keys ($n)" +echo_i "checking dnssec-signzone keeps valid signatures from inactive keys ($n)" ret=0 zone=example ( @@ -1397,10 +1399,10 @@ $SIGNER -SD -o example example.db > /dev/null 2>&1 grep " $keyid2 " signer/example.db.signed > /dev/null 2>&1 || ret=1 grep " $keyid3 " signer/example.db.signed > /dev/null 2>&1 || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking dnssec-signzone -Q purges signatures from inactive keys ($n)" +echo_i "checking dnssec-signzone -Q purges signatures from inactive keys ($n)" ret=0 ( cd signer @@ -1409,10 +1411,10 @@ $SIGNER -SDQ -o example example.db > /dev/null 2>&1 grep " $keyid2 " signer/example.db.signed > /dev/null 2>&1 && ret=1 grep " $keyid3 " signer/example.db.signed > /dev/null 2>&1 || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking dnssec-signzone retains unexpired signatures ($n)" +echo_i "checking dnssec-signzone retains unexpired signatures ($n)" ret=0 ( cd signer @@ -1429,10 +1431,10 @@ drop2=`awk '/dropped/ {print $3}' signer/signer.out.2` [ "$gen2" -eq 0 ] || ret=1 [ "$drop2" -eq 0 ] || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking dnssec-signzone purges RRSIGs from formerly-owned glue (nsec) ($n)" +echo_i "checking dnssec-signzone purges RRSIGs from formerly-owned glue (nsec) ($n)" ret=0 ( cd signer @@ -1464,10 +1466,10 @@ $SIGNER -DS -O full -f example2.db.signed -o example example2.db > /dev/null 2>& grep "^sub1\.example\..*RRSIG[ ]A[ ]" signer/example2.db.signed > /dev/null 2>&1 && ret=1 grep "^ns\.sub2\.example\..*RRSIG[ ]A[ ]" signer/example2.db.signed > /dev/null 2>&1 && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking dnssec-signzone purges RRSIGs from formerly-owned glue (nsec3) ($n)" +echo_i "checking dnssec-signzone purges RRSIGs from formerly-owned glue (nsec3) ($n)" ret=0 ( cd signer @@ -1498,10 +1500,10 @@ $SIGNER -DS -3 feedabee -O full -f example2.db.signed -o example example2.db > / grep "^sub1\.example\..*RRSIG[ ]A[ ]" signer/example2.db.signed > /dev/null 2>&1 && ret=1 grep "^ns\.sub2\.example\..*RRSIG[ ]A[ ]" signer/example2.db.signed > /dev/null 2>&1 && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking dnssec-signzone output format ($n)" +echo_i "checking dnssec-signzone output format ($n)" ret=0 ( cd signer @@ -1517,10 +1519,10 @@ israw1 signer/signer.out.5 || ret=1 israw0 signer/signer.out.6 || ret=1 israw1 signer/signer.out.7 || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking TTLs are capped by dnssec-signzone -M ($n)" +echo_i "checking TTLs are capped by dnssec-signzone -M ($n)" ret=0 ( cd signer @@ -1528,10 +1530,10 @@ $SIGNER -O full -f signer.out.8 -S -M 30 -o example example.db > /dev/null 2>&1 ) || ret=1 awk '/^;/ { next; } $2 > 30 { exit 1; }' signer/signer.out.8 || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking dnssec-signzone -N date ($n)" +echo_i "checking dnssec-signzone -N date ($n)" ret=0 ( cd signer @@ -1541,10 +1543,10 @@ now=`$PERL -e '@lt=localtime(); printf "%.4d%0.2d%0.2d00\n",$lt[5]+1900,$lt[4]+1 serial=`awk '/^;/ { next; } $4 == "SOA" { print $7 }' signer/signer.out.9` [ "$now" -eq "$serial" ] || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking validated data are not cached longer than originalttl ($n)" +echo_i "checking validated data are not cached longer than originalttl ($n)" ret=0 $DIG $DIGOPTS +ttl +noauth a.ttlpatch.example. @10.53.0.3 a > dig.out.ns3.test$n || ret=1 $DIG $DIGOPTS +ttl +noauth a.ttlpatch.example. @10.53.0.4 a > dig.out.ns4.test$n || ret=1 @@ -1553,13 +1555,13 @@ grep "300.IN" dig.out.ns3.test$n > /dev/null && ret=1 grep "300.IN" dig.out.ns4.test$n > /dev/null || ret=1 grep "3600.IN" dig.out.ns4.test$n > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` # Test that "rndc secroots" is able to dump trusted keys -echo "I:checking rndc secroots ($n)" +echo_i "checking rndc secroots ($n)" ret=0 -$RNDC -c ../common/rndc.conf -s 10.53.0.4 -p 9953 secroots 2>&1 | sed 's/^/I:ns1 /' +$RNDCCMD 10.53.0.4 secroots 2>&1 | sed 's/^/ns4 /' | cat_i keyid=`cat ns1/managed.key.id` cp ns4/named.secroots named.secroots.test$n linecount=`grep "./RSAMD5/$keyid ; trusted" named.secroots.test$n | wc -l` @@ -1567,13 +1569,13 @@ linecount=`grep "./RSAMD5/$keyid ; trusted" named.secroots.test$n | wc -l` linecount=`cat named.secroots.test$n | wc -l` [ "$linecount" -eq 10 ] || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` # Check direct query for RRSIG. If we first ask for normal (non RRSIG) # record, the corresponding RRSIG should be cached and subsequent query # for RRSIG will be returned with the cached record. -echo "I:checking RRSIG query from cache ($n)" +echo_i "checking RRSIG query from cache ($n)" ret=0 $DIG $DIGOPTS normalthenrrsig.secure.example. @10.53.0.4 a > /dev/null || ret=1 ans=`$DIG $DIGOPTS +short normalthenrrsig.secure.example. @10.53.0.4 rrsig` || ret=1 @@ -1583,12 +1585,12 @@ test "$ans" = "$expect" || ret=1 $DIG $DIGOPTS normalthenrrsig.secure.example. @10.53.0.4 rrsig > dig.out.ns4.test$n || ret=1 grep "flags:.*ra.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` # Check direct query for RRSIG: If it's not cached with other records, # it should result in an empty response. -echo "I:checking RRSIG query not in cache ($n)" +echo_i "checking RRSIG query not in cache ($n)" ret=0 ans=`$DIG $DIGOPTS +short rrsigonly.secure.example. @10.53.0.4 rrsig` || ret=1 test -z "$ans" || ret=1 @@ -1596,60 +1598,60 @@ test -z "$ans" || ret=1 $DIG $DIGOPTS rrsigonly.secure.example. @10.53.0.4 rrsig > dig.out.ns4.test$n || ret=1 grep "flags:.*ra.*QUERY" dig.out.ns4.test$n > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` # # RT21868 regression test. # -echo "I:checking NSEC3 zone with mismatched NSEC3PARAM / NSEC parameters ($n)" +echo_i "checking NSEC3 zone with mismatched NSEC3PARAM / NSEC parameters ($n)" ret=0 $DIG $DIGOPTS non-exist.badparam. @10.53.0.2 a > dig.out.ns2.test$n || ret=1 grep "status: NXDOMAIN" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` # # RT22007 regression test. # -echo "I:checking optout NSEC3 referral with only insecure delegations ($n)" +echo_i "checking optout NSEC3 referral with only insecure delegations ($n)" ret=0 $DIG $DIGOPTS +norec delegation.single-nsec3. @10.53.0.2 a > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "3KL3NK1HKQ4IUEEHBEF12VGFKUETNBAN.*NSEC3 1 1 1 - 3KL3NK1HKQ4IUEEHBEF12VGFKUETNBAN" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking optout NSEC3 NXDOMAIN with only insecure delegations ($n)" +echo_i "checking optout NSEC3 NXDOMAIN with only insecure delegations ($n)" ret=0 $DIG $DIGOPTS +norec nonexist.single-nsec3. @10.53.0.2 a > dig.out.ns2.test$n || ret=1 grep "status: NXDOMAIN" dig.out.ns2.test$n > /dev/null || ret=1 grep "3KL3NK1HKQ4IUEEHBEF12VGFKUETNBAN.*NSEC3 1 1 1 - 3KL3NK1HKQ4IUEEHBEF12VGFKUETNBAN" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking optout NSEC3 nodata with only insecure delegations ($n)" +echo_i "checking optout NSEC3 nodata with only insecure delegations ($n)" ret=0 $DIG $DIGOPTS +norec single-nsec3. @10.53.0.2 a > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "3KL3NK1HKQ4IUEEHBEF12VGFKUETNBAN.*NSEC3 1 1 1 - 3KL3NK1HKQ4IUEEHBEF12VGFKUETNBAN" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking that a zone finishing the transition from RSASHA1 to RSASHA256 validates secure ($n)" +echo_i "checking that a zone finishing the transition from RSASHA1 to RSASHA256 validates secure ($n)" ret=0 $DIG $DIGOPTS ns algroll. @10.53.0.4 > dig.out.ns4.test$n || ret=1 grep "NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 grep "flags:[^;]* ad[^;]*;" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking positive and negative validation with negative trust anchors ($n)" +echo_i "checking positive and negative validation with negative trust anchors ($n)" ret=0 # @@ -1663,28 +1665,30 @@ $DIG $DIGOPTS a.secure.example. a @10.53.0.4 > dig.out.ns4.test$n.3 || ret=1 grep "status: SERVFAIL" dig.out.ns4.test$n.3 > /dev/null && ret=1 grep "flags:[^;]* ad[^;]*;" dig.out.ns4.test$n.3 > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed - checking initial state"; fi +if [ $ret != 0 ]; then echo_i "failed - checking initial state"; fi status=`expr $status + $ret` ret=0 # # add negative trust anchors # -$RNDC -c ../common/rndc.conf -s 10.53.0.4 -p 9953 nta -f -l 20s bogus.example 2>&1 | sed 's/^/I:ns4 /' -$RNDC -c ../common/rndc.conf -s 10.53.0.4 -p 9953 nta badds.example 2>&1 | sed 's/^/I:ns4 /' -$RNDC -c ../common/rndc.conf -s 10.53.0.4 -p 9953 reconfig # reconfig should maintain NTAs -$RNDC -c ../common/rndc.conf -s 10.53.0.4 -p 9953 nta -d > rndc.out.ns4.test$n.1 +$RNDCCMD 10.53.0.4 nta -f -l 20s bogus.example 2>&1 | sed 's/^/ns4 /' | cat_i +$RNDCCMD 10.53.0.4 nta badds.example 2>&1 | sed 's/^/ns4 /' | cat_i +# reconfig should maintain NTAs +$RNDCCMD 10.53.0.4 reconfig 2>&1 | sed 's/^/ns4 /' | cat_i +$RNDCCMD 10.53.0.4 nta -d > rndc.out.ns4.test$n.1 lines=`wc -l < rndc.out.ns4.test$n.1` [ "$lines" -eq 2 ] || ret=1 -$RNDC -c ../common/rndc.conf -s 10.53.0.4 -p 9953 nta secure.example 2>&1 | sed 's/^/I:ns4 /' -$RNDC -c ../common/rndc.conf -s 10.53.0.4 -p 9953 nta fakenode.secure.example 2>&1 | sed 's/^/I:ns4 /' -$RNDC -c ../common/rndc.conf -s 10.53.0.4 -p 9953 reload # reload should maintain NTAs -$RNDC -c ../common/rndc.conf -s 10.53.0.4 -p 9953 nta -d > rndc.out.ns4.test$n.2 +$RNDCCMD 10.53.0.4 nta secure.example 2>&1 | sed 's/^/ns4 /' | cat_i +$RNDCCMD 10.53.0.4 nta fakenode.secure.example 2>&1 | sed 's/^/ns4 /' | cat_i +# reload should maintain NTAs +$RNDCCMD 10.53.0.4 reload 2>&1 | sed 's/^/ns4 /' | cat_i +$RNDCCMD 10.53.0.4 nta -d > rndc.out.ns4.test$n.2 lines=`wc -l < rndc.out.ns4.test$n.2` [ "$lines" -eq 4 ] || ret=1 start=`$PERL -e 'print time()."\n";'` -if [ $ret != 0 ]; then echo "I:failed - adding NTA's failed"; fi +if [ $ret != 0 ]; then echo_i "failed - adding NTA's failed"; fi status=`expr $status + $ret` ret=0 @@ -1702,18 +1706,18 @@ grep "status: SERVFAIL" dig.out.ns4.test$n.6 > /dev/null && ret=1 grep "flags:[^;]* ad[^;]*;" dig.out.ns4.test$n.6 > /dev/null && ret=1 $DIG $DIGOPTS a.fakenode.secure.example. a @10.53.0.4 > dig.out.ns4.test$n.7 || ret=1 grep "flags:[^;]* ad[^;]*;" dig.out.ns4.test$n.7 > /dev/null && ret=1 -echo "I: dumping secroots" -$RNDC -c ../common/rndc.conf -s 10.53.0.4 -p 9953 secroots | sed 's/^/I:ns4 /' +echo_i "dumping secroots" +$RNDCCMD 10.53.0.4 secroots | sed 's/^/ns4 /' | cat_i grep "bogus.example: expiry" ns4/named.secroots > /dev/null || ret=1 grep "badds.example: expiry" ns4/named.secroots > /dev/null || ret=1 grep "secure.example: expiry" ns4/named.secroots > /dev/null || ret=1 grep "fakenode.secure.example: expiry" ns4/named.secroots > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed - with NTA's in place failed"; fi +if [ $ret != 0 ]; then echo_i "failed - with NTA's in place failed"; fi status=`expr $status + $ret` ret=0 -echo "I: waiting for NTA rechecks/expirations" +echo_i "waiting for NTA rechecks/expirations" # # secure.example and badds.example used default nta-duration @@ -1733,7 +1737,7 @@ $DIG $DIGOPTS badds.example. soa @10.53.0.4 > dig.out.ns4.test$n.10 || ret=1 grep "status: SERVFAIL" dig.out.ns4.test$n.10 > /dev/null && ret=1 grep "flags:[^;]* ad[^;]*;" dig.out.ns4.test$n.10 > /dev/null && ret=1 -if [ $ret != 0 ]; then echo "I:failed - checking that default nta's were lifted due to recheck"; fi +if [ $ret != 0 ]; then echo_i "failed - checking that default nta's were lifted due to recheck"; fi status=`expr $status + $ret` ret=0 @@ -1744,7 +1748,7 @@ ret=0 # $PERL -e 'my $delay = '$start' + 13 - time(); select(undef, undef, undef, $delay) if ($delay > 0);' # check nta table -$RNDC -c ../common/rndc.conf -s 10.53.0.4 -p 9953 nta -d > rndc.out.ns4.test$n._11 +$RNDCCMD 10.53.0.4 nta -d > rndc.out.ns4.test$n._11 lines=`grep " expiry " rndc.out.ns4.test$n._11 | wc -l` [ "$lines" -le 2 ] || ret=1 grep "bogus.example: expiry" rndc.out.ns4.test$n._11 > /dev/null || ret=1 @@ -1758,7 +1762,7 @@ $DIG $DIGOPTS c.secure.example. a @10.53.0.4 > dig.out.ns4.test$n.13 || ret=1 grep "status: SERVFAIL" dig.out.ns4.test$n.13 > /dev/null && ret=1 grep "flags:[^;]* ad[^;]*;" dig.out.ns4.test$n.13 > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed - checking that default nta's were lifted due to lifetime"; fi +if [ $ret != 0 ]; then echo_i "failed - checking that default nta's were lifted due to lifetime"; fi status=`expr $status + $ret` ret=0 @@ -1773,60 +1777,60 @@ grep "flags:[^;]* ad[^;]*;" dig.out.ns4.test$n.14 > /dev/null || ret=1 $DIG $DIGOPTS c.bogus.example. a @10.53.0.4 > dig.out.ns4.test$n.15 || ret=1 grep "status: SERVFAIL" dig.out.ns4.test$n.15 > /dev/null || ret=1 # check nta table has been cleaned up now -$RNDC -c ../common/rndc.conf -s 10.53.0.4 -p 9953 nta -d > rndc.out.ns4.test$n.3 +$RNDCCMD 10.53.0.4 nta -d > rndc.out.ns4.test$n.3 lines=`grep " expiry " rndc.out.ns4.test$n.3 | wc -l` [ "$lines" -eq 0 ] || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed - checking that all nta's have been lifted"; fi +if [ $ret != 0 ]; then echo_i "failed - checking that all nta's have been lifted"; fi status=`expr $status + $ret` ret=0 -echo "I: testing NTA removals ($n)" -$RNDC -c ../common/rndc.conf -s 10.53.0.4 -p 9953 nta badds.example 2>&1 | sed 's/^/I:ns4 /' -$RNDC -c ../common/rndc.conf -s 10.53.0.4 -p 9953 nta -d > rndc.out.ns4.test$n.1 +echo_i "testing NTA removals ($n)" +$RNDCCMD 10.53.0.4 nta badds.example 2>&1 | sed 's/^/ns4 /' | cat_i +$RNDCCMD 10.53.0.4 nta -d > rndc.out.ns4.test$n.1 grep "badds.example: expiry" rndc.out.ns4.test$n.1 > /dev/null || ret=1 $DIG $DIGOPTS a.badds.example. a @10.53.0.4 > dig.out.ns4.test$n.1 || ret=1 grep "status: SERVFAIL" dig.out.ns4.test$n.1 > /dev/null && ret=1 grep "^a.badds.example." dig.out.ns4.test$n.1 > /dev/null || ret=1 -$RNDC -c ../common/rndc.conf -s 10.53.0.4 -p 9953 nta -remove badds.example > rndc.out.ns4.test$n.2 +$RNDCCMD 10.53.0.4 nta -remove badds.example > rndc.out.ns4.test$n.2 grep "Negative trust anchor removed: badds.example/_default" rndc.out.ns4.test$n.2 > /dev/null || ret=1 -$RNDC -c ../common/rndc.conf -s 10.53.0.4 -p 9953 nta -d > rndc.out.ns4.test$n.3 +$RNDCCMD 10.53.0.4 nta -d > rndc.out.ns4.test$n.3 grep "badds.example: expiry" rndc.out.ns4.test$n.3 > /dev/null && ret=1 $DIG $DIGOPTS a.badds.example. a @10.53.0.4 > dig.out.ns4.test$n.2 || ret=1 grep "status: SERVFAIL" dig.out.ns4.test$n.2 > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` ret=0 -echo "I: remove non-existent NTA three times" -$RNDC -c ../common/rndc.conf -s 10.53.0.4 -p 9953 nta -r foo > rndc.out.ns4.test$n.4 2>&1 -$RNDC -c ../common/rndc.conf -s 10.53.0.4 -p 9953 nta -remove foo > rndc.out.ns4.test$n.5 2>&1 -$RNDC -c ../common/rndc.conf -s 10.53.0.4 -p 9953 nta -r foo > rndc.out.ns4.test$n.6 2>&1 +echo_i "remove non-existent NTA three times" +$RNDCCMD 10.53.0.4 nta -r foo > rndc.out.ns4.test$n.4 2>&1 +$RNDCCMD 10.53.0.4 nta -remove foo > rndc.out.ns4.test$n.5 2>&1 +$RNDCCMD 10.53.0.4 nta -r foo > rndc.out.ns4.test$n.6 2>&1 grep "'nta' failed: not found" rndc.out.ns4.test$n.6 > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` ret=0 n=`expr $n + 1` -echo "I: testing NTA with bogus lifetimes ($n)" -echo "I:check with no nta lifetime specified" -$RNDC -c ../common/rndc.conf -s 10.53.0.4 -p 9953 nta -l "" foo > rndc.out.ns4.test$n.1 2>&1 +echo_i "testing NTA with bogus lifetimes ($n)" +echo_i "check with no nta lifetime specified" +$RNDCCMD 10.53.0.4 nta -l "" foo > rndc.out.ns4.test$n.1 2>&1 grep "'nta' failed: bad ttl" rndc.out.ns4.test$n.1 > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` ret=0 -echo "I:check with bad nta lifetime" -$RNDC -c ../common/rndc.conf -s 10.53.0.4 -p 9953 nta -l garbage foo > rndc.out.ns4.test$n.2 2>&1 +echo_i "check with bad nta lifetime" +$RNDCCMD 10.53.0.4 nta -l garbage foo > rndc.out.ns4.test$n.2 2>&1 grep "'nta' failed: bad ttl" rndc.out.ns4.test$n.2 > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` ret=0 -echo "I:check with too long nta lifetime" -$RNDC -c ../common/rndc.conf -s 10.53.0.4 -p 9953 nta -l 7d1h foo > rndc.out.ns4.test$n.3 2>&1 +echo_i "check with too long nta lifetime" +$RNDCCMD 10.53.0.4 nta -l 7d1h foo > rndc.out.ns4.test$n.3 2>&1 grep "'nta' failed: out of range" rndc.out.ns4.test$n.3 > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` ret=0 @@ -1834,22 +1838,22 @@ ret=0 # check NTA persistence across restarts # n=`expr $n + 1` -echo "I: testing NTA persistence across restarts ($n)" -$RNDC -c ../common/rndc.conf -s 10.53.0.4 -p 9953 nta -d > rndc.out.ns4.test$n.1 +echo_i "testing NTA persistence across restarts ($n)" +$RNDCCMD 10.53.0.4 nta -d > rndc.out.ns4.test$n.1 lines=`grep " expiry " rndc.out.ns4.test$n.1 | wc -l` [ "$lines" -eq 0 ] || ret=1 -$RNDC -c ../common/rndc.conf -s 10.53.0.4 -p 9953 nta -f -l 30s bogus.example 2>&1 | sed 's/^/I:ns4 /' -$RNDC -c ../common/rndc.conf -s 10.53.0.4 -p 9953 nta -f -l 10s badds.example 2>&1 | sed 's/^/I:ns4 /' -$RNDC -c ../common/rndc.conf -s 10.53.0.4 -p 9953 nta -d > rndc.out.ns4.test$n.2 +$RNDCCMD 10.53.0.4 nta -f -l 30s bogus.example 2>&1 | sed 's/^/ns4 /' | cat_i +$RNDCCMD 10.53.0.4 nta -f -l 10s badds.example 2>&1 | sed 's/^/ns4 /' | cat_i +$RNDCCMD 10.53.0.4 nta -d > rndc.out.ns4.test$n.2 lines=`grep " expiry " rndc.out.ns4.test$n.2 | wc -l` [ "$lines" -eq 2 ] || ret=1 start=`$PERL -e 'print time()."\n";'` -if [ $ret != 0 ]; then echo "I:failed - NTA persistence: adding NTA's failed"; fi +if [ $ret != 0 ]; then echo_i "failed - NTA persistence: adding NTA's failed"; fi status=`expr $status + $ret` ret=0 -echo "I:killing ns4 with SIGTERM" +echo_i "killing ns4 with SIGTERM" cd ns4 $KILL -TERM `cat named.pid` rm -f named.pid @@ -1859,19 +1863,19 @@ cd .. # ns4 has now shutdown. wait until t=14 when badds.example's NTA # (lifetime=10s) would have expired, and then restart ns4. # -echo "I:waiting till 14s have passed since NTAs were added before restarting ns4" +echo_i "waiting till 14s have passed since NTAs were added before restarting ns4" $PERL -e 'my $delay = '$start' + 14 - time(); select(undef, undef, undef, $delay) if ($delay > 0);' if - $PERL $SYSTEMTESTTOP/start.pl --noclean --restart . ns4 + $PERL $SYSTEMTESTTOP/start.pl --noclean --restart --port ${PORT} . ns4 then - echo "I:restarted server ns4" + echo_i "restarted server ns4" else - echo "I:could not restart server ns4" + echo_i "could not restart server ns4" exit 1 fi -echo "I:sleeping for an additional 4 seconds for ns4 to fully startup" +echo_i "sleeping for an additional 4 seconds for ns4 to fully startup" sleep 4 # @@ -1880,7 +1884,7 @@ sleep 4 # startup (as it had already expired), the fact that it's ignored should # be logged. # -$RNDC -c ../common/rndc.conf -s 10.53.0.4 -p 9953 nta -d > rndc.out.ns4.test$n.3 +$RNDCCMD 10.53.0.4 nta -d > rndc.out.ns4.test$n.3 lines=`wc -l < rndc.out.ns4.test$n.3` [ "$lines" -eq 1 ] || ret=1 grep "bogus.example: expiry" rndc.out.ns4.test$n.3 > /dev/null || ret=1 @@ -1892,9 +1896,9 @@ grep "status: SERVFAIL" dig.out.ns4.test$n.5 > /dev/null || ret=1 grep "ignoring expired NTA at badds.example" ns4/named.run > /dev/null || ret=1 # cleanup -$RNDC -c ../common/rndc.conf -s 10.53.0.4 -p 9953 nta -remove bogus.example > rndc.out.ns4.test$n.6 +$RNDCCMD 10.53.0.4 nta -remove bogus.example > rndc.out.ns4.test$n.6 -if [ $ret != 0 ]; then echo "I:failed - NTA persistence: restoring NTA failed"; fi +if [ $ret != 0 ]; then echo_i "failed - NTA persistence: restoring NTA failed"; fi status=`expr $status + $ret` ret=0 @@ -1903,8 +1907,8 @@ ret=0 # startup. # n=`expr $n + 1` -echo "I: testing loading regular attribute from NTA file ($n)" -$RNDC -c ../common/rndc.conf -s 10.53.0.4 -p 9953 nta -d > rndc.out.ns4.test$n.1 2>/dev/null +echo_i "testing loading regular attribute from NTA file ($n)" +$RNDCCMD 10.53.0.4 nta -d > rndc.out.ns4.test$n.1 2>/dev/null lines=`wc -l < rndc.out.ns4.test$n.1` [ "$lines" -eq 0 ] || ret=1 # initially, secure.example. validates with AD=1 @@ -1912,13 +1916,13 @@ $DIG $DIGOPTS a.secure.example. a @10.53.0.4 > dig.out.ns4.test$n.2 || ret=1 grep "status: SERVFAIL" dig.out.ns4.test$n.2 > /dev/null && ret=1 grep "flags:[^;]* ad[^;]*;" dig.out.ns4.test$n.2 > /dev/null || ret=1 -echo "I:killing ns4 with SIGTERM" +echo_i "killing ns4 with SIGTERM" cd ns4 $KILL -TERM `cat named.pid` rm -f named.pid cd .. -echo "I:sleeping for an additional 4 seconds for ns4 to fully shutdown" +echo_i "sleeping for an additional 4 seconds for ns4 to fully shutdown" sleep 4 # @@ -1931,17 +1935,17 @@ echo "secure.example. regular $future" > ns4/_default.nta start=`$PERL -e 'print time()."\n";'` if - $PERL $SYSTEMTESTTOP/start.pl --noclean --restart . ns4 + $PERL $SYSTEMTESTTOP/start.pl --noclean --restart --port ${PORT} . ns4 then - echo "I:restarted server ns4" + echo_i "restarted server ns4" else - echo "I:could not restart server ns4" + echo_i "could not restart server ns4" exit 1 fi # nta-recheck is configured as 7s, so at t=10 the NTAs for # secure.example. should be lifted as it is not a forced NTA. -echo "I:waiting till 10s have passed after ns4 was restarted" +echo_i "waiting till 10s have passed after ns4 was restarted" $PERL -e 'my $delay = '$start' + 10 - time(); select(undef, undef, undef, $delay) if ($delay > 0);' # secure.example. should now return an AD=1 answer (still validates) as @@ -1951,9 +1955,9 @@ grep "status: SERVFAIL" dig.out.ns4.test$n.3 > /dev/null && ret=1 grep "flags:[^;]* ad[^;]*;" dig.out.ns4.test$n.3 > /dev/null || ret=1 # cleanup -$RNDC -c ../common/rndc.conf -s 10.53.0.4 -p 9953 nta -remove secure.example > rndc.out.ns4.test$n.4 2>/dev/null +$RNDCCMD 10.53.0.4 nta -remove secure.example > rndc.out.ns4.test$n.4 2>/dev/null -if [ $ret != 0 ]; then echo "I:failed - NTA persistence: loading regular NTAs failed"; fi +if [ $ret != 0 ]; then echo_i "failed - NTA persistence: loading regular NTAs failed"; fi status=`expr $status + $ret` ret=0 @@ -1962,8 +1966,8 @@ ret=0 # startup. # n=`expr $n + 1` -echo "I: testing loading forced attribute from NTA file ($n)" -$RNDC -c ../common/rndc.conf -s 10.53.0.4 -p 9953 nta -d > rndc.out.ns4.test$n.1 2>/dev/null +echo_i "testing loading forced attribute from NTA file ($n)" +$RNDCCMD 10.53.0.4 nta -d > rndc.out.ns4.test$n.1 2>/dev/null lines=`wc -l < rndc.out.ns4.test$n.1` [ "$lines" -eq 0 ] || ret=1 # initially, secure.example. validates with AD=1 @@ -1971,13 +1975,13 @@ $DIG $DIGOPTS a.secure.example. a @10.53.0.4 > dig.out.ns4.test$n.2 || ret=1 grep "status: SERVFAIL" dig.out.ns4.test$n.2 > /dev/null && ret=1 grep "flags:[^;]* ad[^;]*;" dig.out.ns4.test$n.2 > /dev/null || ret=1 -echo "I:killing ns4 with SIGTERM" +echo_i "killing ns4 with SIGTERM" cd ns4 $KILL -TERM `cat named.pid` rm -f named.pid cd .. -echo "I:sleeping for an additional 4 seconds for ns4 to fully shutdown" +echo_i "sleeping for an additional 4 seconds for ns4 to fully shutdown" sleep 4 # @@ -1988,17 +1992,17 @@ echo "secure.example. forced $future" > ns4/_default.nta start=`$PERL -e 'print time()."\n";'` if - $PERL $SYSTEMTESTTOP/start.pl --noclean --restart . ns4 + $PERL $SYSTEMTESTTOP/start.pl --noclean --restart --port ${PORT} . ns4 then - echo "I:restarted server ns4" + echo_i "restarted server ns4" else - echo "I:could not restart server ns4" + echo_i "could not restart server ns4" exit 1 fi # nta-recheck is configured as 7s, but even at t=10 the NTAs for # secure.example. should not be lifted as it is a forced NTA. -echo "I:waiting till 10s have passed after ns4 was restarted" +echo_i "waiting till 10s have passed after ns4 was restarted" $PERL -e 'my $delay = '$start' + 10 - time(); select(undef, undef, undef, $delay) if ($delay > 0);' # secure.example. should now return an AD=0 answer (non-authenticated) @@ -2008,9 +2012,9 @@ grep "status: SERVFAIL" dig.out.ns4.test$n.3 > /dev/null && ret=1 grep "flags:[^;]* ad[^;]*;" dig.out.ns4.test$n.3 > /dev/null && ret=1 # cleanup -$RNDC -c ../common/rndc.conf -s 10.53.0.4 -p 9953 nta -remove secure.example > rndc.out.ns4.test$n.4 2>/dev/null +$RNDCCMD 10.53.0.4 nta -remove secure.example > rndc.out.ns4.test$n.4 2>/dev/null -if [ $ret != 0 ]; then echo "I:failed - NTA persistence: loading forced NTAs failed"; fi +if [ $ret != 0 ]; then echo_i "failed - NTA persistence: loading forced NTAs failed"; fi status=`expr $status + $ret` ret=0 @@ -2018,15 +2022,15 @@ ret=0 # check that NTA lifetime read from file is clamped to 1 week. # n=`expr $n + 1` -echo "I: testing loading out of bounds lifetime from NTA file ($n)" +echo_i "testing loading out of bounds lifetime from NTA file ($n)" -echo "I:killing ns4 with SIGTERM" +echo_i "killing ns4 with SIGTERM" cd ns4 $KILL -TERM `cat named.pid` rm -f named.pid cd .. -echo "I:sleeping for an additional 4 seconds for ns4 to fully shutdown" +echo_i "sleeping for an additional 4 seconds for ns4 to fully shutdown" sleep 4 # @@ -2037,19 +2041,19 @@ echo "secure.example. forced $future" > ns4/_default.nta added=`$PERL -e 'print time()."\n";'` if - $PERL $SYSTEMTESTTOP/start.pl --noclean --restart . ns4 + $PERL $SYSTEMTESTTOP/start.pl --noclean --restart --port ${PORT} . ns4 then - echo "I:restarted server ns4" + echo_i "restarted server ns4" else - echo "I:could not restart server ns4" + echo_i "could not restart server ns4" exit 1 fi -echo "I:sleeping for an additional 4 seconds for ns4 to fully startup" +echo_i "sleeping for an additional 4 seconds for ns4 to fully startup" sleep 4 # dump the NTA to a file -$RNDC -c ../common/rndc.conf -s 10.53.0.4 -p 9953 nta -d > rndc.out.ns4.test$n.1 2>/dev/null +$RNDCCMD 10.53.0.4 nta -d > rndc.out.ns4.test$n.1 2>/dev/null lines=`wc -l < rndc.out.ns4.test$n.1` [ "$lines" -eq 1 ] || ret=1 ts=`awk '{print $3" "$4}' < rndc.out.ns4.test$n.1` @@ -2067,62 +2071,66 @@ then # less than a few seconds (handle daylight saving changes by adding 3600). [ $d -lt 3610 ] || ret=1 else - echo "I: skipped ntadiff test; install PERL module Time::Piece" + echo_i "skipped ntadiff test; install PERL module Time::Piece" fi # cleanup -$RNDC -c ../common/rndc.conf -s 10.53.0.4 -p 9953 nta -remove secure.example > rndc.out.ns4.test$n.3 2>/dev/null +$RNDCCMD 10.53.0.4 nta -remove secure.example > rndc.out.ns4.test$n.3 2>/dev/null -if [ $ret != 0 ]; then echo "I:failed - NTA lifetime clamping failed"; fi +if [ $ret != 0 ]; then echo_i "failed - NTA lifetime clamping failed"; fi status=`expr $status + $ret` ret=0 -echo "I:completed NTA tests" +echo_i "completed NTA tests" # Run a minimal update test if possible. This is really just # a regression test for RT #2399; more tests should be added. if $PERL -e 'use Net::DNS;' 2>/dev/null then - echo "I:running DNSSEC update test" - $PERL dnssec_update_test.pl -s 10.53.0.3 -p 5300 dynamic.example. || status=1 + echo_i "running DNSSEC update test" + ret=0 + { + $PERL dnssec_update_test.pl -s 10.53.0.3 -p ${PORT} dynamic.example. || ret=1 + } | cat_i + [ $ret -eq 1 ] && status=1 else - echo "I:The DNSSEC update test requires the Net::DNS library." >&2 + echo_i "The DNSSEC update test requires the Net::DNS library." >&2 fi n=`expr $n + 1` -echo "I:checking managed key maintenance has not started yet ($n)" +echo_i "checking managed key maintenance has not started yet ($n)" ret=0 [ -f "ns4/managed-keys.bind.jnl" ] && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` # Reconfigure caching server to use "dnssec-validation auto", and repeat # some of the DNSSEC validation tests to ensure that it works correctly. -echo "I:switching to automatic root key configuration" -cp ns4/named2.conf ns4/named.conf -$RNDC -c ../common/rndc.conf -s 10.53.0.4 -p 9953 reconfig 2>&1 | sed 's/^/I:ns4 /' +echo_i "switching to automatic root key configuration" +copy_setports ns4/named2.conf.in ns4/named.conf +$RNDCCMD 10.53.0.4 reconfig 2>&1 | sed 's/^/ns4 /' | cat_i sleep 5 -echo "I:checking managed key maintenance timer has now started ($n)" +echo_i "checking managed key maintenance timer has now started ($n)" ret=0 [ -f "ns4/managed-keys.bind.jnl" ] || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking positive validation NSEC ($n)" +echo_i "checking positive validation NSEC ($n)" ret=0 $DIG $DIGOPTS +noauth a.example. @10.53.0.2 a > dig.out.ns2.test$n || ret=1 $DIG $DIGOPTS +noauth a.example. @10.53.0.4 a > dig.out.ns4.test$n || ret=1 $PERL ../digcomp.pl dig.out.ns2.test$n dig.out.ns4.test$n || ret=1 grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking positive validation NSEC3 ($n)" +echo_i "checking positive validation NSEC3 ($n)" ret=0 $DIG $DIGOPTS +noauth a.nsec3.example. \ @10.53.0.3 a > dig.out.ns3.test$n || ret=1 @@ -2131,10 +2139,10 @@ $DIG $DIGOPTS +noauth a.nsec3.example. \ $PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1 grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking positive validation OPTOUT ($n)" +echo_i "checking positive validation OPTOUT ($n)" ret=0 $DIG $DIGOPTS +noauth a.optout.example. \ @10.53.0.3 a > dig.out.ns3.test$n || ret=1 @@ -2143,10 +2151,10 @@ $DIG $DIGOPTS +noauth a.optout.example. \ $PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1 grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking negative validation ($n)" +echo_i "checking negative validation ($n)" ret=0 $DIG $DIGOPTS +noauth q.example. @10.53.0.2 a > dig.out.ns2.test$n || ret=1 $DIG $DIGOPTS +noauth q.example. @10.53.0.4 a > dig.out.ns4.test$n || ret=1 @@ -2154,10 +2162,10 @@ $PERL ../digcomp.pl dig.out.ns2.test$n dig.out.ns4.test$n || ret=1 grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1 grep "status: NXDOMAIN" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking that root DS queries validate ($n)" +echo_i "checking that root DS queries validate ($n)" ret=0 $DIG $DIGOPTS +noauth . @10.53.0.1 ds > dig.out.ns1.test$n || ret=1 $DIG $DIGOPTS +noauth . @10.53.0.4 ds > dig.out.ns4.test$n || ret=1 @@ -2165,45 +2173,45 @@ $PERL ../digcomp.pl dig.out.ns1.test$n dig.out.ns4.test$n || ret=1 grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1 grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking that DS at a RFC 1918 empty zone lookup succeeds ($n)" +echo_i "checking that DS at a RFC 1918 empty zone lookup succeeds ($n)" ret=0 $DIG $DIGOPTS +noauth 10.in-addr.arpa ds @10.53.0.2 >dig.out.ns2.test$n || ret=1 $DIG $DIGOPTS +noauth 10.in-addr.arpa ds @10.53.0.6 >dig.out.ns6.test$n || ret=1 $PERL ../digcomp.pl dig.out.ns2.test$n dig.out.ns6.test$n || ret=1 grep "status: NOERROR" dig.out.ns6.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking expired signatures remain with "'"allow-update { none; };"'" and no keys available ($n)" +echo_i "checking expired signatures remain with "'"allow-update { none; };"'" and no keys available ($n)" ret=0 $DIG $DIGOPTS +noauth expired.example. +dnssec @10.53.0.3 soa > dig.out.ns3.test$n || ret=1 grep "RRSIG.SOA" dig.out.ns3.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking expired signatures do not validate ($n)" +echo_i "checking expired signatures do not validate ($n)" ret=0 $DIG $DIGOPTS +noauth expired.example. +dnssec @10.53.0.4 soa > dig.out.ns4.test$n || ret=1 grep "SERVFAIL" dig.out.ns4.test$n > /dev/null || ret=1 grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null && ret=1 grep "expired.example/.*: RRSIG has expired" ns4/named.run > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking that the NSEC3 record for the apex is properly signed when a DNSKEY is added via UPDATE ($n)" +echo_i "checking that the NSEC3 record for the apex is properly signed when a DNSKEY is added via UPDATE ($n)" ret=0 ( cd ns3 kskname=`$KEYGEN -q -3 -a RSASHA1 -r $RANDFILE -fk update-nsec3.example` ( echo zone update-nsec3.example -echo server 10.53.0.3 5300 +echo server 10.53.0.3 ${PORT} grep DNSKEY ${kskname}.key | sed -e 's/^/update add /' -e 's/IN/300 IN/' echo send ) | $NSUPDATE @@ -2213,30 +2221,30 @@ grep "NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 grep "flags:.* ad[ ;]" dig.out.ns4.test$n > /dev/null || ret=1 grep "NSEC3 .* TYPE65534" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking that the NSEC record is properly generated when DNSKEY are added via auto-dnssec ($n)" +echo_i "checking that the NSEC record is properly generated when DNSKEY are added via auto-dnssec ($n)" ret=0 $DIG $DIGOPTS +dnssec a auto-nsec.example. @10.53.0.4 > dig.out.ns4.test$n || ret=1 grep "NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 grep "flags:.* ad[ ;]" dig.out.ns4.test$n > /dev/null || ret=1 grep "IN.NSEC[^3].* DNSKEY" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking that the NSEC3 record is properly generated when DNSKEY are added via auto-dnssec ($n)" +echo_i "checking that the NSEC3 record is properly generated when DNSKEY are added via auto-dnssec ($n)" ret=0 $DIG $DIGOPTS +dnssec a auto-nsec3.example. @10.53.0.4 > dig.out.ns4.test$n || ret=1 grep "NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 grep "flags:.* ad[ ;]" dig.out.ns4.test$n > /dev/null || ret=1 grep "IN.NSEC3 .* DNSKEY" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking that signing records have been marked as complete ($n)" +echo_i "checking that signing records have been marked as complete ($n)" ret=0 checkprivate dynamic.example 10.53.0.3 || ret=1 checkprivate update-nsec3.example 10.53.0.3 || ret=1 @@ -2244,206 +2252,206 @@ checkprivate auto-nsec3.example 10.53.0.3 || ret=1 checkprivate expiring.example 10.53.0.3 || ret=1 checkprivate auto-nsec.example 10.53.0.3 || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:check that 'rndc signing' without arguments is handled ($n)" +echo_i "check that 'rndc signing' without arguments is handled ($n)" ret=0 -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 signing > /dev/null 2>&1 && ret=1 -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 status > /dev/null || ret=1 +$RNDCCMD 10.53.0.3 signing > /dev/null 2>&1 && ret=1 +$RNDCCMD 10.53.0.3 status > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:check that 'rndc signing -list' without zone is handled ($n)" +echo_i "check that 'rndc signing -list' without zone is handled ($n)" ret=0 -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 signing -list > /dev/null 2>&1 && ret=1 -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 status > /dev/null || ret=1 +$RNDCCMD 10.53.0.3 signing -list > /dev/null 2>&1 && ret=1 +$RNDCCMD 10.53.0.3 status > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:check that 'rndc signing -clear' without additional arguments is handled ($n)" +echo_i "check that 'rndc signing -clear' without additional arguments is handled ($n)" ret=0 -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 signing -clear > /dev/null 2>&1 && ret=1 -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 status > /dev/null || ret=1 +$RNDCCMD 10.53.0.3 signing -clear > /dev/null 2>&1 && ret=1 +$RNDCCMD 10.53.0.3 status > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:check that 'rndc signing -clear all' without zone is handled ($n)" +echo_i "check that 'rndc signing -clear all' without zone is handled ($n)" ret=0 -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 signing -clear all > /dev/null 2>&1 && ret=1 -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 status > /dev/null || ret=1 +$RNDCCMD 10.53.0.3 signing -clear all > /dev/null 2>&1 && ret=1 +$RNDCCMD 10.53.0.3 status > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:check that 'rndc signing -nsec3param' without additional arguments is handled ($n)" +echo_i "check that 'rndc signing -nsec3param' without additional arguments is handled ($n)" ret=0 -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 signing -nsec3param > /dev/null 2>&1 && ret=1 -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 status > /dev/null || ret=1 +$RNDCCMD 10.53.0.3 signing -nsec3param > /dev/null 2>&1 && ret=1 +$RNDCCMD 10.53.0.3 status > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:check that 'rndc signing -nsec3param none' without zone is handled ($n)" +echo_i "check that 'rndc signing -nsec3param none' without zone is handled ($n)" ret=0 -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 signing -nsec3param none > /dev/null 2>&1 && ret=1 -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 status > /dev/null || ret=1 +$RNDCCMD 10.53.0.3 signing -nsec3param none > /dev/null 2>&1 && ret=1 +$RNDCCMD 10.53.0.3 status > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:check that 'rndc signing -nsec3param 1' without additional arguments is handled ($n)" +echo_i "check that 'rndc signing -nsec3param 1' without additional arguments is handled ($n)" ret=0 -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 signing -nsec3param 1 > /dev/null 2>&1 && ret=1 -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 status > /dev/null || ret=1 +$RNDCCMD 10.53.0.3 signing -nsec3param 1 > /dev/null 2>&1 && ret=1 +$RNDCCMD 10.53.0.3 status > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:check that 'rndc signing -nsec3param 1 0' without additional arguments is handled ($n)" +echo_i "check that 'rndc signing -nsec3param 1 0' without additional arguments is handled ($n)" ret=0 -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 signing -nsec3param 1 0 > /dev/null 2>&1 && ret=1 -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 status > /dev/null || ret=1 +$RNDCCMD 10.53.0.3 signing -nsec3param 1 0 > /dev/null 2>&1 && ret=1 +$RNDCCMD 10.53.0.3 status > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:check that 'rndc signing -nsec3param 1 0 0' without additional arguments is handled ($n)" +echo_i "check that 'rndc signing -nsec3param 1 0 0' without additional arguments is handled ($n)" ret=0 -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 signing -nsec3param 1 0 0 > /dev/null 2>&1 && ret=1 -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 status > /dev/null || ret=1 +$RNDCCMD 10.53.0.3 signing -nsec3param 1 0 0 > /dev/null 2>&1 && ret=1 +$RNDCCMD 10.53.0.3 status > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:check that 'rndc signing -nsec3param 1 0 0 -' without zone is handled ($n)" +echo_i "check that 'rndc signing -nsec3param 1 0 0 -' without zone is handled ($n)" ret=0 -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 signing -nsec3param 1 0 0 - > /dev/null 2>&1 && ret=1 -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 status > /dev/null || ret=1 +$RNDCCMD 10.53.0.3 signing -nsec3param 1 0 0 - > /dev/null 2>&1 && ret=1 +$RNDCCMD 10.53.0.3 status > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:check that 'rndc signing -nsec3param' works with salt ($n)" +echo_i "check that 'rndc signing -nsec3param' works with salt ($n)" ret=0 -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 signing -nsec3param 1 0 0 ffff inline.example > /dev/null 2>&1 || ret=1 -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 status > /dev/null || ret=1 +$RNDCCMD 10.53.0.3 signing -nsec3param 1 0 0 ffff inline.example > /dev/null 2>&1 || ret=1 +$RNDCCMD 10.53.0.3 status > /dev/null || ret=1 for i in 1 2 3 4 5 6 7 8 9 10 ; do salt=`$DIG $DIGOPTS +nodnssec +short nsec3param inline.example. @10.53.0.3 | awk '{print $4}'` if [ "$salt" = "FFFF" ]; then break; fi - echo "I:sleeping ...." + echo_i "sleeping ...." sleep 1 done; [ "$salt" = "FFFF" ] || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:check that 'rndc signing -nsec3param' works without salt ($n)" +echo_i "check that 'rndc signing -nsec3param' works without salt ($n)" ret=0 -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 signing -nsec3param 1 0 0 - inline.example > /dev/null 2>&1 || ret=1 -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 status > /dev/null || ret=1 +$RNDCCMD 10.53.0.3 signing -nsec3param 1 0 0 - inline.example > /dev/null 2>&1 || ret=1 +$RNDCCMD 10.53.0.3 status > /dev/null || ret=1 for i in 1 2 3 4 5 6 7 8 9 10 ; do salt=`$DIG $DIGOPTS +nodnssec +short nsec3param inline.example. @10.53.0.3 | awk '{print $4}'` if [ "$salt" = "-" ]; then break; fi - echo "I:sleeping ...." + echo_i "sleeping ...." sleep 1 done; [ "$salt" = "-" ] || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:check that 'rndc signing -nsec3param' works with 'auto' as salt ($n)" +echo_i "check that 'rndc signing -nsec3param' works with 'auto' as salt ($n)" ret=0 -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 signing -nsec3param 1 0 0 auto inline.example > /dev/null 2>&1 || ret=1 -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 status > /dev/null || ret=1 +$RNDCCMD 10.53.0.3 signing -nsec3param 1 0 0 auto inline.example > /dev/null 2>&1 || ret=1 +$RNDCCMD 10.53.0.3 status > /dev/null || ret=1 for i in 1 2 3 4 5 6 7 8 9 10 ; do salt=`$DIG $DIGOPTS +nodnssec +short nsec3param inline.example. @10.53.0.3 | awk '{print $4}'` [ -n "$salt" -a "$salt" != "-" ] && break - echo "I:sleeping ...." + echo_i "sleeping ...." sleep 1 done; [ "$salt" != "-" ] || ret=1 [ `expr "${salt}" : ".*"` -eq 16 ] || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:check that 'rndc signing -nsec3param' with 'auto' as salt again generates a different salt ($n)" +echo_i "check that 'rndc signing -nsec3param' with 'auto' as salt again generates a different salt ($n)" ret=0 oldsalt=$salt -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 signing -nsec3param 1 0 0 auto inline.example > /dev/null 2>&1 || ret=1 -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 status > /dev/null || ret=1 +$RNDCCMD 10.53.0.3 signing -nsec3param 1 0 0 auto inline.example > /dev/null 2>&1 || ret=1 +$RNDCCMD 10.53.0.3 status > /dev/null || ret=1 for i in 1 2 3 4 5 6 7 8 9 10 ; do salt=`$DIG $DIGOPTS +nodnssec +short nsec3param inline.example. @10.53.0.3 | awk '{print $4}'` [ -n "$salt" -a "$salt" != "$oldsalt" ] && break - echo "I:sleeping ...." + echo_i "sleeping ...." sleep 1 done; [ "$salt" != "$oldsalt" ] || ret=1 [ `expr "$salt" : ".*"` -eq 16 ] || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:check rndc signing -list output ($n)" +echo_i "check rndc signing -list output ($n)" ret=0 -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 signing -list dynamic.example 2>&1 > signing.out +$RNDCCMD 10.53.0.3 signing -list dynamic.example 2>&1 > signing.out grep "No signing records found" signing.out > /dev/null 2>&1 || { ret=1 - sed 's/^/I:ns3 /' signing.out + sed 's/^/ns3 /' signing.out | cat_i } -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 signing -list update-nsec3.example 2>&1 > signing.out +$RNDCCMD 10.53.0.3 signing -list update-nsec3.example 2>&1 > signing.out grep "Done signing with key .*/NSEC3RSASHA1" signing.out > /dev/null 2>&1 || { ret=1 - sed 's/^/I:ns3 /' signing.out + sed 's/^/ns3 /' signing.out | cat_i } n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:clear signing records ($n)" -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 signing -clear all update-nsec3.example > /dev/null || ret=1 +echo_i "clear signing records ($n)" +$RNDCCMD 10.53.0.3 signing -clear all update-nsec3.example > /dev/null || ret=1 sleep 1 -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 signing -list update-nsec3.example 2>&1 > signing.out +$RNDCCMD 10.53.0.3 signing -list update-nsec3.example 2>&1 > signing.out grep "No signing records found" signing.out > /dev/null 2>&1 || { ret=1 - sed 's/^/I:ns3 /' signing.out + sed 's/^/ns3 /' signing.out | cat_i } n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking that a insecure zone beneath a cname resolves ($n)" +echo_i "checking that a insecure zone beneath a cname resolves ($n)" ret=0 $DIG $DIGOPTS soa insecure.below-cname.example. @10.53.0.4 > dig.out.ns4.test$n || ret=1 grep "NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 grep "ANSWER: 1," dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking that a secure zone beneath a cname resolves ($n)" +echo_i "checking that a secure zone beneath a cname resolves ($n)" ret=0 $DIG $DIGOPTS soa secure.below-cname.example. @10.53.0.4 > dig.out.ns4.test$n || ret=1 grep "NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 grep "ANSWER: 2," dig.out.ns4.test$n > /dev/null || ret=1 grep "flags:.* ad[ ;]" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking dnskey query with no data still gets put in cache ($n)" +echo_i "checking dnskey query with no data still gets put in cache ($n)" ret=0 -myDIGOPTS="+noadd +nosea +nostat +noquest +nocomm +nocmd -p 5300 @10.53.0.4" +myDIGOPTS="+noadd +nosea +nostat +noquest +nocomm +nocmd -p ${PORT} @10.53.0.4" firstVal=`$DIG $myDIGOPTS insecure.example. dnskey| awk '$1 != ";;" { print $2 }'` sleep 1 secondVal=`$DIG $myDIGOPTS insecure.example. dnskey| awk '$1 != ";;" { print $2 }'` @@ -2453,39 +2461,39 @@ then thirdVal=`$DIG $myDIGOPTS insecure.example. dnskey|awk '$1 != ";;" { print $2 }'` if [ ${firstVal:-0} -eq ${thirdVal:-0} ] then - echo "I: cannot confirm query answer still in cache" + echo_i "cannot confirm query answer still in cache" ret=1 fi fi n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:check that a split dnssec dnssec-signzone work ($n)" +echo_i "check that a split dnssec dnssec-signzone work ($n)" ret=0 $DIG $DIGOPTS soa split-dnssec.example. @10.53.0.4 > dig.out.ns4.test$n || ret=1 grep "NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 grep "ANSWER: 2," dig.out.ns4.test$n > /dev/null || ret=1 grep "flags:.* ad[ ;]" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:check that a smart split dnssec dnssec-signzone work ($n)" +echo_i "check that a smart split dnssec dnssec-signzone work ($n)" ret=0 $DIG $DIGOPTS soa split-smart.example. @10.53.0.4 > dig.out.ns4.test$n || ret=1 grep "NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 grep "ANSWER: 2," dig.out.ns4.test$n > /dev/null || ret=1 grep "flags:.* ad[ ;]" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:check that NOTIFY is sent at the end of NSEC3 chain generation ($n)" +echo_i "check that NOTIFY is sent at the end of NSEC3 chain generation ($n)" ret=0 ( echo zone nsec3chain-test -echo server 10.53.0.2 5300 +echo server 10.53.0.2 ${PORT} echo update add nsec3chain-test. 0 nsec3param 1 0 1 123456 echo send ) | $NSUPDATE @@ -2496,11 +2504,11 @@ do then break; fi - echo "I:sleeping ...." + echo_i "sleeping ...." sleep 3 done; grep "ANSWER: 3," dig.out.ns2.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:nsec3 chain generation not complete"; fi +if [ $ret != 0 ]; then echo_i "nsec3 chain generation not complete"; fi $DIG $DIGOPTS +noauth +nodnssec soa nsec3chain-test @10.53.0.2 > dig.out.ns2.test$n || ret=1 s2=`awk '$4 == "SOA" { print $7}' dig.out.ns2.test$n` for i in 1 2 3 4 5 6 7 8 9 10 @@ -2512,10 +2520,10 @@ do done $PERL ../digcomp.pl dig.out.ns2.test$n dig.out.ns3.test$n || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:check dnssec-dsfromkey from stdin ($n)" +echo_i "check dnssec-dsfromkey from stdin ($n)" ret=0 $DIG $DIGOPTS dnskey algroll. @10.53.0.2 | \ $DSFROMKEY -f - algroll. > dig.out.ns2.test$n || ret=1 @@ -2534,95 +2542,95 @@ awk '{ }' < ns1/dsset-algroll$TP > canonical2.$n || ret=1 diff -b canonical1.$n canonical2.$n > /dev/null 2>&1 || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` # Intentionally strip ".key" from keyfile name to ensure the error message # includes it anyway to avoid confusion (RT #21731) -echo "I:check dnssec-dsfromkey error message when keyfile is not found ($n)" +echo_i "check dnssec-dsfromkey error message when keyfile is not found ($n)" ret=0 key=`$KEYGEN -a RSASHA1 -q -r $RANDFILE example.` || ret=1 mv $key.key $key $DSFROMKEY $key > dsfromkey.out.$n 2>&1 && ret=1 grep "$key.key: file not found" dsfromkey.out.$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:testing soon-to-expire RRSIGs without a replacement private key ($n)" +echo_i "testing soon-to-expire RRSIGs without a replacement private key ($n)" ret=0 -$DIG +noall +answer +dnssec +nottlid -p 5300 expiring.example ns @10.53.0.3 | grep RRSIG > dig.out.ns3.test$n 2>&1 +$DIG $ANSWEROPTS +nottlid expiring.example ns @10.53.0.3 | grep RRSIG > dig.out.ns3.test$n 2>&1 # there must be a signature here [ -s dig.out.ns3.test$n ] || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:testing new records are signed with 'no-resign' ($n)" +echo_i "testing new records are signed with 'no-resign' ($n)" ret=0 ( echo zone nosign.example -echo server 10.53.0.3 5300 +echo server 10.53.0.3 ${PORT} echo update add new.nosign.example 300 in txt "hi there" echo send ) | $NSUPDATE sleep 1 -$DIG +noall +answer +dnssec -p 5300 txt new.nosign.example @10.53.0.3 \ +$DIG $ANSWEROPTS +nottlid txt new.nosign.example @10.53.0.3 \ > dig.out.ns3.test$n 2>&1 grep RRSIG dig.out.ns3.test$n > /dev/null 2>&1 || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:testing expiring records aren't resigned with 'no-resign' ($n)" +echo_i "testing expiring records aren't resigned with 'no-resign' ($n)" ret=0 -$DIG +noall +answer +dnssec +nottlid -p 5300 nosign.example ns @10.53.0.3 | \ +$DIG $ANSWEROPTS +nottlid nosign.example ns @10.53.0.3 | \ grep RRSIG | sed 's/[ ][ ]*/ /g' > dig.out.ns3.test$n 2>&1 # the NS RRSIG should not be changed cmp -s nosign.before dig.out.ns3.test$n || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:testing updates fail with no private key ($n)" +echo_i "testing updates fail with no private key ($n)" ret=0 rm -f ns3/Knosign.example.*.private ( echo zone nosign.example -echo server 10.53.0.3 5300 +echo server 10.53.0.3 ${PORT} echo update add fail.nosign.example 300 in txt "reject me" echo send ) | $NSUPDATE > /dev/null 2>&1 && ret=1 -$DIG +tcp +noall +answer +dnssec -p 5300 fail.nosign.example txt @10.53.0.3 \ +$DIG $ANSWEROPTS +nottlid fail.nosign.example txt @10.53.0.3 \ > dig.out.ns3.test$n 2>&1 [ -s dig.out.ns3.test$n ] && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:testing legacy upper case signer name validation ($n)" +echo_i "testing legacy upper case signer name validation ($n)" ret=0 -$DIG +tcp +dnssec -p 5300 +noadd +noauth soa upper.example @10.53.0.4 \ +$DIG +tcp +noadd +noauth +dnssec -p ${PORT} soa upper.example @10.53.0.4 \ > dig.out.ns4.test$n 2>&1 grep 'flags:.* ad;' dig.out.ns4.test$n > /dev/null || ret=1 grep 'RRSIG.*SOA.* UPPER\.EXAMPLE\. ' dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:testing that we lower case signer name ($n)" +echo_i "testing that we lower case signer name ($n)" ret=0 -$DIG +tcp +dnssec -p 5300 +noadd +noauth soa LOWER.EXAMPLE @10.53.0.4 \ +$DIG +tcp +noadd +noauth +dnssec -p ${PORT} soa LOWER.EXAMPLE @10.53.0.4 \ > dig.out.ns4.test$n 2>&1 grep 'flags:.* ad;' dig.out.ns4.test$n > /dev/null || ret=1 grep 'RRSIG.*SOA.* lower\.example\. ' dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:testing TTL is capped at RRSIG expiry time ($n)" +echo_i "testing TTL is capped at RRSIG expiry time ($n)" ret=0 -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 freeze expiring.example 2>&1 | sed 's/^/I:ns3 /' +$RNDCCMD 10.53.0.3 freeze expiring.example 2>&1 | sed 's/^/ns3 /' | cat_i ( cd ns3 for file in K*.moved; do @@ -2630,11 +2638,11 @@ for file in K*.moved; do done $SIGNER -S -r $RANDFILE -N increment -e now+1mi -o expiring.example expiring.example.db > /dev/null 2>&1 ) || ret=1 -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 reload expiring.example 2>&1 | sed 's/^/I:ns3 /' +$RNDCCMD 10.53.0.3 reload expiring.example 2>&1 | sed 's/^/ns3 /' | cat_i -$RNDC -c ../common/rndc.conf -s 10.53.0.4 -p 9953 flush -$DIG +noall +answer +dnssec +cd -p 5300 expiring.example soa @10.53.0.4 > dig.out.ns4.1.$n -$DIG +noall +answer +dnssec -p 5300 expiring.example soa @10.53.0.4 > dig.out.ns4.2.$n +$RNDCCMD 10.53.0.4 flush 2>&1 | sed 's/^/ns4 /' | cat_i +$DIG $ANSWEROPTS +cd expiring.example soa @10.53.0.4 > dig.out.ns4.1.$n +$DIG $ANSWEROPTS expiring.example soa @10.53.0.4 > dig.out.ns4.2.$n ttls=`awk '$1 != ";;" {print $2}' dig.out.ns4.1.$n` ttls2=`awk '$1 != ";;" {print $2}' dig.out.ns4.2.$n` for ttl in ${ttls:-0}; do @@ -2644,15 +2652,15 @@ for ttl in ${ttls2:-0}; do [ ${ttl:-0} -le 60 ] || ret=1 done n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:testing TTL is capped at RRSIG expiry time for records in the additional section ($n)" +echo_i "testing TTL is capped at RRSIG expiry time for records in the additional section ($n)" ret=0 -$RNDC -c ../common/rndc.conf -s 10.53.0.4 -p 9953 flush +$RNDCCMD 10.53.0.4 flush 2>&1 | sed 's/^/ns4 /' | cat_i sleep 1 -$DIG +noall +additional +dnssec +cd -p 5300 expiring.example mx @10.53.0.4 > dig.out.ns4.1.$n -$DIG +noall +additional +dnssec -p 5300 expiring.example mx @10.53.0.4 > dig.out.ns4.2.$n +$DIG $ANSWEROPTS +cd expiring.example mx @10.53.0.4 > dig.out.ns4.1.$n +$DIG $ANSWEROPTS expiring.example mx @10.53.0.4 > dig.out.ns4.2.$n ttls=`awk '$1 != ";;" {print $2}' dig.out.ns4.1.$n` ttls2=`awk '$1 != ";;" {print $2}' dig.out.ns4.2.$n` for ttl in ${ttls:-300}; do @@ -2662,18 +2670,18 @@ for ttl in ${ttls2:-0}; do [ ${ttl:-0} -le 60 ] || ret=1 done n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -cp ns4/named3.conf ns4/named.conf -$RNDC -c ../common/rndc.conf -s 10.53.0.4 -p 9953 reconfig 2>&1 | sed 's/^/I:ns4 /' +copy_setports ns4/named3.conf.in ns4/named.conf +$RNDCCMD 10.53.0.4 reconfig 2>&1 | sed 's/^/ns4 /' | cat_i sleep 3 -echo "I:testing TTL of about to expire RRsets with dnssec-accept-expired yes; ($n)" +echo_i "testing TTL of about to expire RRsets with dnssec-accept-expired yes; ($n)" ret=0 -$RNDC -c ../common/rndc.conf -s 10.53.0.4 -p 9953 flush -$DIG +noall +answer +dnssec +cd -p 5300 expiring.example soa @10.53.0.4 > dig.out.ns4.1.$n -$DIG +noall +answer +dnssec -p 5300 expiring.example soa @10.53.0.4 > dig.out.ns4.2.$n +$RNDCCMD 10.53.0.4 flush 2>&1 | sed 's/^/ns4 /' | cat_i +$DIG $ANSWEROPTS +cd expiring.example soa @10.53.0.4 > dig.out.ns4.1.$n +$DIG $ANSWEROPTS expiring.example soa @10.53.0.4 > dig.out.ns4.2.$n ttls=`awk '$1 != ";;" {print $2}' dig.out.ns4.1.$n` ttls2=`awk '$1 != ";;" {print $2}' dig.out.ns4.2.$n` for ttl in ${ttls:-0}; do @@ -2683,13 +2691,13 @@ for ttl in ${ttls2:-0}; do [ $ttl -le 120 -a $ttl -gt 60 ] || ret=1 done n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:testing TTL of expired RRsets with dnssec-accept-expired yes; ($n)" +echo_i "testing TTL of expired RRsets with dnssec-accept-expired yes; ($n)" ret=0 -$DIG +noall +answer +dnssec +cd -p 5300 expired.example soa @10.53.0.4 > dig.out.ns4.1.$n -$DIG +noall +answer +dnssec -p 5300 expired.example soa @10.53.0.4 > dig.out.ns4.2.$n +$DIG $ANSWEROPTS +cd expired.example soa @10.53.0.4 > dig.out.ns4.1.$n +$DIG $ANSWEROPTS expired.example soa @10.53.0.4 > dig.out.ns4.2.$n ttls=`awk '$1 != ";;" {print $2}' dig.out.ns4.1.$n` ttls2=`awk '$1 != ";;" {print $2}' dig.out.ns4.2.$n` for ttl in ${ttls:-0}; do @@ -2699,14 +2707,14 @@ for ttl in ${ttls2:-0}; do [ $ttl -le 120 -a $ttl -gt 60 ] || ret=1 done n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:testing TTL is capped at RRSIG expiry time for records in the additional section with dnssec-accept-expired yes; ($n)" +echo_i "testing TTL is capped at RRSIG expiry time for records in the additional section with dnssec-accept-expired yes; ($n)" ret=0 -$RNDC -c ../common/rndc.conf -s 10.53.0.4 -p 9953 flush -$DIG +noall +additional +dnssec +cd -p 5300 expiring.example mx @10.53.0.4 > dig.out.ns4.1.$n -$DIG +noall +additional +dnssec -p 5300 expiring.example mx @10.53.0.4 > dig.out.ns4.2.$n +$RNDCCMD 10.53.0.4 flush 2>&1 | sed 's/^/ns4 /' | cat_i +$DIG $ANSWEROPTS +cd expiring.example mx @10.53.0.4 > dig.out.ns4.1.$n +$DIG $ANSWEROPTS expiring.example mx @10.53.0.4 > dig.out.ns4.2.$n ttls=`awk '$1 != ";;" {print $2}' dig.out.ns4.1.$n` ttls2=`awk '$1 != ";;" {print $2}' dig.out.ns4.2.$n` for ttl in ${ttls:-300}; do @@ -2716,10 +2724,10 @@ for ttl in ${ttls2:-0}; do [ $ttl -le 120 -a $ttl -gt 60 ] || ret=1 done n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:testing DNSKEY lookup via CNAME ($n)" +echo_i "testing DNSKEY lookup via CNAME ($n)" ret=0 $DIG $DIGOPTS +noauth cnameandkey.secure.example. \ @10.53.0.3 dnskey > dig.out.ns3.test$n || ret=1 @@ -2729,10 +2737,10 @@ $PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1 grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1 grep "CNAME" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:testing KEY lookup at CNAME (present) ($n)" +echo_i "testing KEY lookup at CNAME (present) ($n)" ret=0 $DIG $DIGOPTS +noauth cnameandkey.secure.example. \ @10.53.0.3 key > dig.out.ns3.test$n || ret=1 @@ -2742,10 +2750,10 @@ $PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1 grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1 grep "CNAME" dig.out.ns4.test$n > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:testing KEY lookup at CNAME (not present) ($n)" +echo_i "testing KEY lookup at CNAME (not present) ($n)" ret=0 $DIG $DIGOPTS +noauth cnamenokey.secure.example. \ @10.53.0.3 key > dig.out.ns3.test$n || ret=1 @@ -2755,10 +2763,10 @@ $PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1 grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1 grep "CNAME" dig.out.ns4.test$n > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:testing DNSKEY lookup via DNAME ($n)" +echo_i "testing DNSKEY lookup via DNAME ($n)" ret=0 $DIG $DIGOPTS a.dnameandkey.secure.example. \ @10.53.0.3 dnskey > dig.out.ns3.test$n || ret=1 @@ -2769,10 +2777,10 @@ grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1 grep "CNAME" dig.out.ns4.test$n > /dev/null || ret=1 grep "DNAME" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:testing KEY lookup via DNAME ($n)" +echo_i "testing KEY lookup via DNAME ($n)" ret=0 $DIG $DIGOPTS b.dnameandkey.secure.example. \ @10.53.0.3 key > dig.out.ns3.test$n || ret=1 @@ -2782,18 +2790,18 @@ $PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1 grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1 grep "DNAME" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:check that named doesn't loop when all private keys are not available ($n)" +echo_i "check that named doesn't loop when all private keys are not available ($n)" ret=0 lines=`grep "reading private key file expiring.example" ns3/named.run | wc -l` test ${lines:-1000} -lt 15 || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:check against against missing nearest provable proof ($n)" +echo_i "check against against missing nearest provable proof ($n)" $DIG $DIGOPTS +norec b.c.d.optout-tld. \ @10.53.0.6 ds > dig.out.ds.ns6.test$n || ret=1 nsec3=`grep "IN.NSEC3" dig.out.ds.ns6.test$n | wc -l` @@ -2810,21 +2818,21 @@ $DIG $DIGOPTS b.c.d.optout-tld. \ grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:check that key id are logged when dumping the cache ($n)" +echo_i "check that key id are logged when dumping the cache ($n)" ret=0 -$RNDC -c ../common/rndc.conf -s 10.53.0.4 -p 9953 dumpdb 2>&1 | sed 's/^/I:ns1 /' +$RNDCCMD 10.53.0.4 dumpdb 2>&1 | sed 's/^/ns4 /' | cat_i sleep 1 grep "; key id = " ns4/named_dump.db > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:check KEYDATA records are printed in human readable form in key zone ($n)" +echo_i "check KEYDATA records are printed in human readable form in key zone ($n)" # force the managed-keys zone to be written out -$RNDC -c ../common/rndc.conf -s 10.53.0.4 -p 9953 managed-keys sync 2>&1 | sed 's/^/I:ns4 /' +$RNDCCMD 10.53.0.4 managed-keys sync 2>&1 | sed 's/^/ns4 /' | cat_i for i in 1 2 3 4 5 6 7 8 9 do ret=0 @@ -2838,10 +2846,10 @@ do sleep 1 done n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:check dig's +nocrypto flag ($n)" +echo_i "check dig's +nocrypto flag ($n)" ret=0 $DIG $DIGOPTS +norec +nocrypto DNSKEY . \ @10.53.0.1 > dig.out.dnskey.ns1.test$n || ret=1 @@ -2851,10 +2859,10 @@ $DIG $DIGOPTS +norec +nocrypto DS example \ @10.53.0.1 > dig.out.ds.ns1.test$n || ret=1 grep 'DS.* 3 [12] \[omitted]' dig.out.ds.ns1.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:check simultaneous inactivation and publishing of dnskeys removes inactive signature ($n)" +echo_i "check simultaneous inactivation and publishing of dnskeys removes inactive signature ($n)" ret=0 cnt=0 while : @@ -2871,29 +2879,29 @@ sigs=`grep RRSIG dig.out.ns3.test$n | wc -l` sigs=`expr $sigs + 0` n=`expr $n + 1` test $sigs -eq 2 || ret=1 -if test $ret != 0 ; then echo "I:failed"; fi +if test $ret != 0 ; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:check that increasing the sig-validity-interval resigning triggers re-signing ($n)" +echo_i "check that increasing the sig-validity-interval resigning triggers re-signing ($n)" ret=0 -before=`$DIG axfr siginterval.example -p 5300 @10.53.0.3 | grep RRSIG.SOA` +before=`$DIG axfr siginterval.example -p ${PORT} @10.53.0.3 | grep RRSIG.SOA` cp ns3/siginterval2.conf ns3/siginterval.conf -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 reconfig 2>&1 | sed 's/^/I:ns3 /' +$RNDCCMD 10.53.0.3 reconfig 2>&1 | sed 's/^/ns3 /' | cat_i for i in 1 2 3 4 5 6 7 8 9 0 do -after=`$DIG axfr siginterval.example -p 5300 @10.53.0.3 | grep RRSIG.SOA` +after=`$DIG axfr siginterval.example -p ${PORT} @10.53.0.3 | grep RRSIG.SOA` test "$before" != "$after" && break sleep 1 done n=`expr $n + 1` -if test "$before" = "$after" ; then echo "I:failed"; ret=1; fi +if test "$before" = "$after" ; then echo_i "failed"; ret=1; fi status=`expr $status + $ret` -cp ns4/named4.conf ns4/named.conf -$RNDC -c ../common/rndc.conf -s 10.53.0.4 -p 9953 reconfig 2>&1 | sed 's/^/I:ns4 /' +copy_setports ns4/named4.conf.in ns4/named.conf +$RNDCCMD 10.53.0.4 reconfig 2>&1 | sed 's/^/ns4 /' | cat_i sleep 3 -echo "I:check insecure delegation between static-stub zones ($n)" +echo_i "check insecure delegation between static-stub zones ($n)" ret=0 $DIG $DIGOPTS ns insecure.secure.example \ @10.53.0.4 > dig.out.ns4.1.test$n || ret=1 @@ -2902,10 +2910,10 @@ $DIG $DIGOPTS ns secure.example \ @10.53.0.4 > dig.out.ns4.2.test$n || ret=1 grep "SERVFAIL" dig.out.ns4.2.test$n > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:check the acceptance of seconds as inception and expiration times ($n)" +echo_i "check the acceptance of seconds as inception and expiration times ($n)" ret=0 in="NSEC 8 0 86400 1390003200 1389394800 33655 . NYWjZYBV1b+h4j0yu/SmPOOylR8P4IXKDzHX3NwEmU1SUp27aJ91dP+i+UBcnPmBib0hck4DrFVvpflCEpCnVQd2DexcN0GX+3PM7XobxhtDlmnU X1L47zJlbdHNwTqHuPaMM6Xy9HGMXps7O5JVyfggVhTz2C+G5OVxBdb2rOo=" @@ -2914,12 +2922,12 @@ exp="NSEC 8 0 86400 20140118000000 20140110230000 33655 . NYWjZYBV1b+h4j0yu/SmPO out=`echo "IN RRSIG $in" | $RRCHECKER -p | sed 's/^IN.RRSIG.//'` [ "$out" = "$exp" ] || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:check the correct resigning time is reported in zonestatus ($n)" +echo_i "check the correct resigning time is reported in zonestatus ($n)" ret=0 -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 \ +$RNDCCMD 10.53.0.3 \ zonestatus secure.example > rndc.out.ns3.test$n # next resign node: secure.example/DNSKEY name=`awk '/next resign node:/ { print $4 }' rndc.out.ns3.test$n | sed 's;/; ;'` @@ -2929,23 +2937,23 @@ time=`awk 'BEGIN { m["Jan"] = "01"; m["Feb"] = "02"; m["Mar"] = "03"; m["Jul"] = "07"; m["Aug"] = "08"; m["Sep"] = "09"; m["Oct"] = "10"; m["Nov"] = "11"; m["Dec"] = "12";} /next resign time:/ { printf "%d%s%02d%s\n", $7, m[$6], $5, $8 }' rndc.out.ns3.test$n | sed 's/://g'` -$DIG $DIGOPTS +noall +answer $name @10.53.0.3 -p 5300 > dig.out.test$n +$DIG $DIGOPTS +noall +answer $name @10.53.0.3 > dig.out.test$n expire=`awk '$4 == "RRSIG" { print $9 }' dig.out.test$n` inception=`awk '$4 == "RRSIG" { print $10 }' dig.out.test$n` $PERL -e 'exit(0) if ("'"$time"'" lt "'"$expire"'" && "'"$time"'" gt "'"$inception"'"); exit(1);' || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:check that split rrsigs are handled ($n)" +echo_i "check that split rrsigs are handled ($n)" ret=0 $DIG $DIGOPTS split-rrsig soa @10.53.0.7 > dig.out.test$n || ret=1 -awk 'BEGIN { ok=0; } $4 == "SOA" { if ($7 > 1) ok=1; } END { if (!ok) exit(1); }' dig.out.test$n || ret=1 +awk 'BEGIN { ok=0; } $4 == "SOA" { if ($7 > 1) ok=1; } END { if (!ok) exit(1); }' dig.out.test$n || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:check that 'dnssec-keygen -S' works for all supported algorithms ($n)" +echo_i "check that 'dnssec-keygen -S' works for all supported algorithms ($n)" ret=0 alg=1 until test $alg = 256 @@ -2981,7 +2989,7 @@ do fi if test -z "$key1" then - echo "I: '$KEYGEN -a $alg': failed" + echo_i "'$KEYGEN -a $alg': failed" cat keygen.err ret=1 alg=`expr $alg + 1` @@ -2991,58 +2999,58 @@ do key2=`$KEYGEN -v 10 -r $RANDFILE -i 3d -S $key1.private 2> /dev/null` test -f $key2.key -a -f $key2.private || { ret=1 - echo "I: 'dnssec-keygen -S' failed for algorithm: $alg" + echo_i "'dnssec-keygen -S' failed for algorithm: $alg" } alg=`expr $alg + 1` done n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:check that CDS records are signed using KSK by dnssec-signzone ($n)" +echo_i "check that CDS records are signed using KSK by dnssec-signzone ($n)" ret=0 $DIG $DIGOPTS +noall +answer @10.53.0.2 cds cds.secure > dig.out.test$n lines=`awk '$4 == "RRSIG" && $5 == "CDS" {print}' dig.out.test$n | wc -l` test ${lines:-0} -eq 2 || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:check that CDS records are not signed using ZSK by dnssec-signzone -x ($n)" +echo_i "check that CDS records are not signed using ZSK by dnssec-signzone -x ($n)" ret=0 $DIG $DIGOPTS +noall +answer @10.53.0.2 cds cds-x.secure > dig.out.test$n lines=`awk '$4 == "RRSIG" && $5 == "CDS" {print}' dig.out.test$n | wc -l` test ${lines:-0} -eq 1 || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking that positive unknown NSEC3 hash algorithm does validate ($n)" +echo_i "checking that positive unknown NSEC3 hash algorithm does validate ($n)" ret=0 -$DIG $DIGOPTS +noauth +noadd +nodnssec +adflag -p 5300 @10.53.0.3 nsec3-unknown.example SOA > dig.out.ns3.test$n -$DIG $DIGOPTS +noauth +noadd +nodnssec +adflag -p 5300 @10.53.0.4 nsec3-unknown.example SOA > dig.out.ns4.test$n +$DIG $DIGOPTS +noauth +noadd +nodnssec +adflag @10.53.0.3 nsec3-unknown.example SOA > dig.out.ns3.test$n +$DIG $DIGOPTS +noauth +noadd +nodnssec +adflag @10.53.0.4 nsec3-unknown.example SOA > dig.out.ns4.test$n grep "status: NOERROR," dig.out.ns3.test$n > /dev/null || ret=1 grep "status: NOERROR," dig.out.ns4.test$n > /dev/null || ret=1 grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1 grep "ANSWER: 1," dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:check that CDS records are signed using KSK by with dnssec-auto ($n)" +echo_i "check that CDS records are signed using KSK by with dnssec-auto ($n)" ret=0 $DIG $DIGOPTS +noall +answer @10.53.0.2 cds cds-auto.secure > dig.out.test$n lines=`awk '$4 == "RRSIG" && $5 == "CDS" {print}' dig.out.test$n | wc -l` test ${lines:-0} -eq 2 || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:check that a lone non matching CDS record is rejected ($n)" +echo_i "check that a lone non matching CDS record is rejected ($n)" ret=0 ( echo zone cds-update.secure -echo server 10.53.0.2 5300 +echo server 10.53.0.2 ${PORT} echo update delete cds-update.secure CDS $DIG $DIGOPTS +noall +answer @10.53.0.2 dnskey cds-update.secure | grep "DNSKEY.257" | sed 's/DNSKEY.257/DNSKEY 258/' | @@ -3055,14 +3063,14 @@ $DIG $DIGOPTS +noall +answer @10.53.0.2 cds cds-update.secure > dig.out.test$n lines=`awk '$4 == "CDS" {print}' dig.out.test$n | wc -l` test ${lines:-10} -eq 0 || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:check that CDS records are signed using KSK when added by nsupdate ($n)" +echo_i "check that CDS records are signed using KSK when added by nsupdate ($n)" ret=0 ( echo zone cds-update.secure -echo server 10.53.0.2 5300 +echo server 10.53.0.2 ${PORT} echo update delete cds-update.secure CDS echo send $DIG $DIGOPTS +noall +answer @10.53.0.2 dnskey cds-update.secure | @@ -3077,15 +3085,15 @@ test ${lines:-0} -eq 2 || ret=1 lines=`awk '$4 == "CDS" {print}' dig.out.test$n | wc -l` test ${lines:-0} -eq 2 || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:check that CDS records are signed only using KSK when added by" -echo "I: nsupdate when dnssec-dnskey-kskonly is yes ($n)" +echo_i "check that CDS records are signed only using KSK when added by" +echo_i " nsupdate when dnssec-dnskey-kskonly is yes ($n)" ret=0 ( echo zone cds-kskonly.secure -echo server 10.53.0.2 5300 +echo server 10.53.0.2 ${PORT} echo update delete cds-kskonly.secure CDS echo send $DIG $DIGOPTS +noall +answer @10.53.0.2 dnskey cds-kskonly.secure | @@ -3100,26 +3108,26 @@ test ${lines:-0} -eq 1 || ret=1 lines=`awk '$4 == "CDS" {print}' dig.out.test$n | wc -l` test ${lines:-0} -eq 2 || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking that positive unknown NSEC3 hash algorithm with OPTOUT does validate ($n)" +echo_i "checking that positive unknown NSEC3 hash algorithm with OPTOUT does validate ($n)" ret=0 -$DIG $DIGOPTS +noauth +noadd +nodnssec +adflag -p 5300 @10.53.0.3 optout-unknown.example SOA > dig.out.ns3.test$n -$DIG $DIGOPTS +noauth +noadd +nodnssec +adflag -p 5300 @10.53.0.4 optout-unknown.example SOA > dig.out.ns4.test$n +$DIG $DIGOPTS +noauth +noadd +nodnssec +adflag @10.53.0.3 optout-unknown.example SOA > dig.out.ns3.test$n +$DIG $DIGOPTS +noauth +noadd +nodnssec +adflag @10.53.0.4 optout-unknown.example SOA > dig.out.ns4.test$n grep "status: NOERROR," dig.out.ns3.test$n > /dev/null || ret=1 grep "status: NOERROR," dig.out.ns4.test$n > /dev/null || ret=1 grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1 grep "ANSWER: 1," dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:check that a non matching CDS record is accepted with a matching CDS record ($n)" +echo_i "check that a non matching CDS record is accepted with a matching CDS record ($n)" ret=0 ( echo zone cds-update.secure -echo server 10.53.0.2 5300 +echo server 10.53.0.2 ${PORT} echo update delete cds-update.secure CDS echo send $DIG $DIGOPTS +noall +answer @10.53.0.2 dnskey cds-update.secure | @@ -3138,72 +3146,72 @@ test ${lines:-0} -eq 2 || ret=1 lines=`awk '$4 == "CDS" {print}' dig.out.test$n | wc -l` test ${lines:-0} -eq 4 || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking that negative unknown NSEC3 hash algorithm does not validate ($n)" +echo_i "checking that negative unknown NSEC3 hash algorithm does not validate ($n)" ret=0 -$DIG $DIGOPTS +noauth +noadd +nodnssec +adflag -p 5300 @10.53.0.3 nsec3-unknown.example A > dig.out.ns3.test$n -$DIG $DIGOPTS +noauth +noadd +nodnssec +adflag -p 5300 @10.53.0.4 nsec3-unknown.example A > dig.out.ns4.test$n +$DIG $DIGOPTS +noauth +noadd +nodnssec +adflag @10.53.0.3 nsec3-unknown.example A > dig.out.ns3.test$n +$DIG $DIGOPTS +noauth +noadd +nodnssec +adflag @10.53.0.4 nsec3-unknown.example A > dig.out.ns4.test$n grep "status: NOERROR," dig.out.ns3.test$n > /dev/null || ret=1 grep "status: SERVFAIL," dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:check that CDNSKEY records are signed using KSK by dnssec-signzone ($n)" +echo_i "check that CDNSKEY records are signed using KSK by dnssec-signzone ($n)" ret=0 $DIG $DIGOPTS +noall +answer @10.53.0.2 cdnskey cdnskey.secure > dig.out.test$n lines=`awk '$4 == "RRSIG" && $5 == "CDNSKEY" {print}' dig.out.test$n | wc -l` test ${lines:-0} -eq 2 || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:check that CDNSKEY records are not signed using ZSK by dnssec-signzone -x ($n)" +echo_i "check that CDNSKEY records are not signed using ZSK by dnssec-signzone -x ($n)" ret=0 $DIG $DIGOPTS +noall +answer @10.53.0.2 cdnskey cdnskey-x.secure > dig.out.test$n lines=`awk '$4 == "RRSIG" && $5 == "CDNSKEY" {print}' dig.out.test$n | wc -l` test ${lines:-0} -eq 1 || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking that negative unknown NSEC3 hash algorithm with OPTOUT does not validate ($n)" +echo_i "checking that negative unknown NSEC3 hash algorithm with OPTOUT does not validate ($n)" ret=0 -$DIG $DIGOPTS +noauth +noadd +nodnssec +adflag -p 5300 @10.53.0.3 optout-unknown.example A > dig.out.ns3.test$n -$DIG $DIGOPTS +noauth +noadd +nodnssec +adflag -p 5300 @10.53.0.4 optout-unknown.example A > dig.out.ns4.test$n +$DIG $DIGOPTS +noauth +noadd +nodnssec +adflag @10.53.0.3 optout-unknown.example A > dig.out.ns3.test$n +$DIG $DIGOPTS +noauth +noadd +nodnssec +adflag @10.53.0.4 optout-unknown.example A > dig.out.ns4.test$n grep "status: NOERROR," dig.out.ns3.test$n > /dev/null || ret=1 grep "status: SERVFAIL," dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:check that CDNSKEY records are signed using KSK by with dnssec-auto ($n)" +echo_i "check that CDNSKEY records are signed using KSK by with dnssec-auto ($n)" ret=0 $DIG $DIGOPTS +noall +answer @10.53.0.2 cdnskey cdnskey-auto.secure > dig.out.test$n lines=`awk '$4 == "RRSIG" && $5 == "CDNSKEY" {print}' dig.out.test$n | wc -l` test ${lines:-0} -eq 2 || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking that unknown DNSKEY algorithm validates as insecure ($n)" +echo_i "checking that unknown DNSKEY algorithm validates as insecure ($n)" ret=0 -$DIG $DIGOPTS +noauth +noadd +nodnssec +adflag -p 5300 @10.53.0.3 dnskey-unknown.example A > dig.out.ns3.test$n -$DIG $DIGOPTS +noauth +noadd +nodnssec +adflag -p 5300 @10.53.0.4 dnskey-unknown.example A > dig.out.ns4.test$n +$DIG $DIGOPTS +noauth +noadd +nodnssec +adflag @10.53.0.3 dnskey-unknown.example A > dig.out.ns3.test$n +$DIG $DIGOPTS +noauth +noadd +nodnssec +adflag @10.53.0.4 dnskey-unknown.example A > dig.out.ns4.test$n grep "status: NOERROR," dig.out.ns3.test$n > /dev/null || ret=1 grep "status: NOERROR," dig.out.ns4.test$n > /dev/null || ret=1 grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:check that a lone non matching CDNSKEY record is rejected ($n)" +echo_i "check that a lone non matching CDNSKEY record is rejected ($n)" ret=0 ( echo zone cdnskey-update.secure -echo server 10.53.0.2 5300 +echo server 10.53.0.2 ${PORT} echo update delete cdnskey-update.secure CDNSKEY echo send $DIG $DIGOPTS +noall +answer @10.53.0.2 dnskey cdnskey-update.secure | @@ -3215,25 +3223,25 @@ $DIG $DIGOPTS +noall +answer @10.53.0.2 cdnskey cdnskey-update.secure > dig.out. lines=`awk '$4 == "CDNSKEY" {print}' dig.out.test$n | wc -l` test ${lines:-10} -eq 0 || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking that unknown DNSKEY algorithm + unknown NSEC3 has algorithm validates as insecure ($n)" +echo_i "checking that unknown DNSKEY algorithm + unknown NSEC3 has algorithm validates as insecure ($n)" ret=0 -$DIG $DIGOPTS +noauth +noadd +nodnssec +adflag -p 5300 @10.53.0.3 dnskey-nsec3-unknown.example A > dig.out.ns3.test$n -$DIG $DIGOPTS +noauth +noadd +nodnssec +adflag -p 5300 @10.53.0.4 dnskey-nsec3-unknown.example A > dig.out.ns4.test$n +$DIG $DIGOPTS +noauth +noadd +nodnssec +adflag @10.53.0.3 dnskey-nsec3-unknown.example A > dig.out.ns3.test$n +$DIG $DIGOPTS +noauth +noadd +nodnssec +adflag @10.53.0.4 dnskey-nsec3-unknown.example A > dig.out.ns4.test$n grep "status: NOERROR," dig.out.ns3.test$n > /dev/null || ret=1 grep "status: NOERROR," dig.out.ns4.test$n > /dev/null || ret=1 grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:check that CDNSKEY records are signed using KSK when added by nsupdate ($n)" +echo_i "check that CDNSKEY records are signed using KSK when added by nsupdate ($n)" ret=0 ( echo zone cdnskey-update.secure -echo server 10.53.0.2 5300 +echo server 10.53.0.2 ${PORT} echo update delete cdnskey-update.secure CDNSKEY $DIG $DIGOPTS +noall +answer @10.53.0.2 dnskey cdnskey-update.secure | sed -n -e "s/^/update add /" -e 's/DNSKEY.257/CDNSKEY 257/p' @@ -3245,15 +3253,15 @@ test ${lines:-0} -eq 2 || ret=1 lines=`awk '$4 == "CDNSKEY" {print}' dig.out.test$n | wc -l` test ${lines:-0} -eq 1 || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:check that CDNSKEY records are signed only using KSK when added by" -echo "I: nsupdate when dnssec-dnskey-kskonly is yes ($n)" +echo_i "check that CDNSKEY records are signed only using KSK when added by" +echo_i " nsupdate when dnssec-dnskey-kskonly is yes ($n)" ret=0 ( echo zone cdnskey-kskonly.secure -echo server 10.53.0.2 5300 +echo server 10.53.0.2 ${PORT} echo update delete cdnskey-kskonly.secure CDNSKEY $DIG $DIGOPTS +noall +answer @10.53.0.2 dnskey cdnskey-kskonly.secure | sed -n -e "s/^/update add /" -e 's/DNSKEY.257/CDNSKEY 257/p' @@ -3265,25 +3273,25 @@ test ${lines:-0} -eq 1 || ret=1 lines=`awk '$4 == "CDNSKEY" {print}' dig.out.test$n | wc -l` test ${lines:-0} -eq 1 || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking initialization with a revoked managed key ($n)" +echo_i "checking initialization with a revoked managed key ($n)" ret=0 -cp ns5/named2.conf ns5/named.conf -$RNDC -c ../common/rndc.conf -s 10.53.0.5 -p 9953 reconfig 2>&1 | sed 's/^/I:ns5 /' +copy_setports ns5/named2.conf.in ns5/named.conf +$RNDCCMD 10.53.0.5 reconfig 2>&1 | sed 's/^/ns5 /' | cat_i sleep 3 -$DIG $DIGOPTS +dnssec -p 5300 @10.53.0.5 SOA . > dig.out.ns5.test$n +$DIG $DIGOPTS +dnssec @10.53.0.5 SOA . > dig.out.ns5.test$n grep "status: SERVFAIL" dig.out.ns5.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:check that a non matching CDNSKEY record is accepted with a matching CDNSKEY record ($n)" +echo_i "check that a non matching CDNSKEY record is accepted with a matching CDNSKEY record ($n)" ret=0 ( echo zone cdnskey-update.secure -echo server 10.53.0.2 5300 +echo server 10.53.0.2 ${PORT} echo update delete cdnskey-update.secure CDNSKEY $DIG $DIGOPTS +noall +answer @10.53.0.2 dnskey cdnskey-update.secure | sed -n -e "s/^/update add /" -e 's/DNSKEY.257/CDNSKEY 257/p' @@ -3297,10 +3305,10 @@ test ${lines:-0} -eq 2 || ret=1 lines=`awk '$4 == "CDNSKEY" {print}' dig.out.test$n | wc -l` test ${lines:-0} -eq 2 || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:check that RRSIGs are correctly removed from apex when RRset is removed NSEC ($n)" +echo_i "check that RRSIGs are correctly removed from apex when RRset is removed NSEC ($n)" ret=0 # generate signed zone with MX and AAAA records at apex. ( @@ -3322,10 +3330,10 @@ grep "RRSIG MX" signer/remove.db.signed > /dev/null && { ret=1 ; cp signer/remove.db.signed signer/remove.db.signed.post$n; } n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:check that RRSIGs are correctly removed from apex when RRset is removed NSEC3 ($n)" +echo_i "check that RRSIGs are correctly removed from apex when RRset is removed NSEC3 ($n)" ret=0 # generate signed zone with MX and AAAA records at apex. ( @@ -3345,53 +3353,53 @@ grep "RRSIG MX" signer/remove.db.signed > /dev/null && { ret=1 ; cp signer/remove.db.signed signer/remove.db.signed.post$n; } n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:check that a named managed zone that was signed 'in-the-future' is re-signed when loaded ($n)" +echo_i "check that a named managed zone that was signed 'in-the-future' is re-signed when loaded ($n)" ret=0 $DIG $DIGOPTS managed-future.example. @10.53.0.4 a > dig.out.ns4.test$n || ret=1 grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1 grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:check that trust-anchor-telemetry queries are logged ($n)" +echo_i "check that trust-anchor-telemetry queries are logged ($n)" ret=0 grep "sending trust-anchor-telemetry query '_ta-[0-9a-f]*/NULL" ns6/named.run > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:check that _ta-XXXX trust-anchor-telemetry queries are logged ($n)" +echo_i "check that _ta-XXXX trust-anchor-telemetry queries are logged ($n)" ret=0 grep "trust-anchor-telemetry '_ta-[0-9a-f]*/IN' from" ns1/named.run > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:check that _ta-AAAA trust-anchor-telemetry are not sent when disabled ($n)" +echo_i "check that _ta-AAAA trust-anchor-telemetry are not sent when disabled ($n)" ret=0 grep "sending trust-anchor-telemetry query '_ta-[0-9a-f]*/IN" ns1/named.run > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:check that KEY-TAG trust-anchor-telemetry queries are logged ($n)" +echo_i "check that KEY-TAG trust-anchor-telemetry queries are logged ($n)" ret=0 $DIG $DIGOPTS . dnskey +ednsopt=KEY-TAG:ffff @10.53.0.1 > dig.out.ns4.test$n || ret=1 grep "trust-anchor-telemetry './IN' from .* 65535" ns1/named.run > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:check that the view is logged in messages from the validator when using views ($n)" +echo_i "check that the view is logged in messages from the validator when using views ($n)" ret=0 grep "view rec: *validat" ns4/named.run > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:exit status: $status" +echo_i "exit status: $status" [ $status -eq 0 ] || exit 1 diff --git a/bin/tests/system/dnstap/clean.sh b/bin/tests/system/dnstap/clean.sh index 37e490b188..b579126ea0 100644 --- a/bin/tests/system/dnstap/clean.sh +++ b/bin/tests/system/dnstap/clean.sh @@ -6,6 +6,7 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. +rm -f */named.conf rm -f */named.memstats rm -f */named.run rm -f */named.stats diff --git a/bin/tests/system/dnstap/ns1/named.conf b/bin/tests/system/dnstap/ns1/named.conf.in similarity index 89% rename from bin/tests/system/dnstap/ns1/named.conf rename to bin/tests/system/dnstap/ns1/named.conf.in index 95152977fd..ad0568f86b 100644 --- a/bin/tests/system/dnstap/ns1/named.conf +++ b/bin/tests/system/dnstap/ns1/named.conf.in @@ -6,13 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -controls { /* empty */ }; - options { query-source address 10.53.0.1; notify-source 10.53.0.1; transfer-source 10.53.0.1; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.1; }; listen-on-v6 { none; }; @@ -33,7 +31,7 @@ key rndc_key { }; controls { - inet 10.53.0.1 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.1 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; zone "." { diff --git a/bin/tests/system/dnstap/ns2/named.conf b/bin/tests/system/dnstap/ns2/named.conf.in similarity index 83% rename from bin/tests/system/dnstap/ns2/named.conf rename to bin/tests/system/dnstap/ns2/named.conf.in index 8fd5f26129..3b9761e6fc 100644 --- a/bin/tests/system/dnstap/ns2/named.conf +++ b/bin/tests/system/dnstap/ns2/named.conf.in @@ -6,13 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -controls { /* empty */ }; - options { query-source address 10.53.0.2; notify-source 10.53.0.2; transfer-source 10.53.0.2; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.2; }; listen-on-v6 { none; }; @@ -27,7 +25,14 @@ options { require-server-cookie no; }; -include "../../common/controls.conf"; +key rndc_key { + secret "1234abcd8765"; + algorithm hmac-sha256; +}; + +controls { + inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; +}; zone "." { type hint; diff --git a/bin/tests/system/dnstap/ns3/named.conf b/bin/tests/system/dnstap/ns3/named.conf.in similarity index 89% rename from bin/tests/system/dnstap/ns3/named.conf rename to bin/tests/system/dnstap/ns3/named.conf.in index 9764c093e6..ab7beec1e3 100644 --- a/bin/tests/system/dnstap/ns3/named.conf +++ b/bin/tests/system/dnstap/ns3/named.conf.in @@ -6,13 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -controls { /* empty */ }; - options { query-source address 10.53.0.3; notify-source 10.53.0.3; transfer-source 10.53.0.3; - port 5300; + port @PORT@; directory "."; pid-file "named.pid"; listen-on { 10.53.0.3; }; @@ -36,7 +34,7 @@ key rndc_key { }; controls { - inet 10.53.0.3 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.3 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; zone "." { diff --git a/bin/tests/system/dnstap/ns4/named.conf b/bin/tests/system/dnstap/ns4/named.conf.in similarity index 89% rename from bin/tests/system/dnstap/ns4/named.conf rename to bin/tests/system/dnstap/ns4/named.conf.in index eece1b98c5..b03004dd52 100644 --- a/bin/tests/system/dnstap/ns4/named.conf +++ b/bin/tests/system/dnstap/ns4/named.conf.in @@ -6,13 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -controls { /* empty */ }; - options { query-source address 10.53.0.4; notify-source 10.53.0.4; transfer-source 10.53.0.4; - port 5300; + port @PORT@; directory "."; pid-file "named.pid"; listen-on { 10.53.0.4; }; @@ -35,7 +33,7 @@ key rndc_key { }; controls { - inet 10.53.0.4 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.4 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; zone "." { diff --git a/bin/tests/system/dnstap/setup.sh b/bin/tests/system/dnstap/setup.sh new file mode 100644 index 0000000000..a3303c3117 --- /dev/null +++ b/bin/tests/system/dnstap/setup.sh @@ -0,0 +1,16 @@ +#!/bin/sh +# +# Copyright (C) 2018 Internet Systems Consortium, Inc. ("ISC") +# +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +SYSTEMTESTTOP=.. +. $SYSTEMTESTTOP/conf.sh + +$SHELL clean.sh +copy_setports ns1/named.conf.in ns1/named.conf +copy_setports ns2/named.conf.in ns2/named.conf +copy_setports ns3/named.conf.in ns3/named.conf +copy_setports ns4/named.conf.in ns4/named.conf diff --git a/bin/tests/system/dnstap/tests.sh b/bin/tests/system/dnstap/tests.sh index 1d84dd1a57..ce38a77d29 100644 --- a/bin/tests/system/dnstap/tests.sh +++ b/bin/tests/system/dnstap/tests.sh @@ -9,29 +9,30 @@ SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh -RNDCCMD="$RNDC -p 9953 -c ../common/rndc.conf" +DIGOPTS="+short -p ${PORT}" +RNDCCMD="$RNDC -p ${CONTROLPORT} -c ../common/rndc.conf" status=0 for bad in bad-*.conf do ret=0 - echo "I: checking that named-checkconf detects error in $bad" + echo_i "checking that named-checkconf detects error in $bad" $CHECKCONF $bad > /dev/null 2>&1 - if [ $? != 1 ]; then echo "I:failed"; ret=1; fi + if [ $? != 1 ]; then echo_i "failed"; ret=1; fi status=`expr $status + $ret` done for good in good-*.conf do ret=0 - echo "I: checking that named-checkconf detects no error in $good" + echo_i "checking that named-checkconf detects no error in $good" $CHECKCONF $good > /dev/null 2>&1 - if [ $? != 0 ]; then echo "I:failed"; ret=1; fi + if [ $? != 0 ]; then echo_i "failed"; ret=1; fi status=`expr $status + $ret` done -$DIG +short @10.53.0.3 -p 5300 a.example > dig.out +$DIG $DIGOPTS @10.53.0.3 a.example > dig.out # check three different dnstap reopen/roll methods: # ns1: dnstap-reopen; ns2: dnstap -reopen; ns3: dnstap -roll @@ -44,24 +45,24 @@ if [ -n "$FSTRM_CAPTURE" ] ; then fstrm_capture_pid=$! fi -$RNDCCMD -s 10.53.0.1 dnstap-reopen | sed 's/^/I:ns1 /' -$RNDCCMD -s 10.53.0.2 dnstap -reopen | sed 's/^/I:ns2 /' -$RNDCCMD -s 10.53.0.3 dnstap -roll | sed 's/^/I:ns3 /' -$RNDCCMD -s 10.53.0.4 dnstap -reopen | sed 's/^/I:ns4 /' +$RNDCCMD -s 10.53.0.1 dnstap-reopen | sed 's/^/ns1 /' | cat_i +$RNDCCMD -s 10.53.0.2 dnstap -reopen | sed 's/^/ns2 /' | cat_i +$RNDCCMD -s 10.53.0.3 dnstap -roll | sed 's/^/ns3 /' | cat_i +$RNDCCMD -s 10.53.0.4 dnstap -reopen | sed 's/^/ns4 /' | cat_i -$DIG +short @10.53.0.3 -p 5300 a.example > dig.out +$DIG $DIGOPTS @10.53.0.3 a.example > dig.out # XXX: file output should be flushed once a second according # to the libfstrm source, but it doesn't seem to happen until # enough data has accumulated. to get all the output, we stop # the name servers, forcing a flush on shutdown. it would be # nice to find a better way to do this. -$RNDCCMD -s 10.53.0.1 stop | sed 's/^/I:ns1 /' -$RNDCCMD -s 10.53.0.2 stop | sed 's/^/I:ns2 /' -$RNDCCMD -s 10.53.0.3 stop | sed 's/^/I:ns3 /' +$RNDCCMD -s 10.53.0.1 stop | sed 's/^/ns1 /' | cat_i +$RNDCCMD -s 10.53.0.2 stop | sed 's/^/ns2 /' | cat_i +$RNDCCMD -s 10.53.0.3 stop | sed 's/^/ns3 /' | cat_i sleep 1 -echo "I:checking initial message counts" +echo_i "checking initial message counts" udp1=`$DNSTAPREAD ns1/dnstap.out.save | grep "UDP " | wc -l` tcp1=`$DNSTAPREAD ns1/dnstap.out.save | grep "TCP " | wc -l` @@ -91,143 +92,143 @@ cr3=`$DNSTAPREAD ns3/dnstap.out.save | grep "CR " | wc -l` rq3=`$DNSTAPREAD ns3/dnstap.out.save | grep "RQ " | wc -l` rr3=`$DNSTAPREAD ns3/dnstap.out.save | grep "RR " | wc -l` -echo "I: checking UDP message counts" +echo_i "checking UDP message counts" ret=0 [ $udp1 -eq 0 ] || { - echo "I:ns1 $udp1 expected 0" + echo_i "ns1 $udp1 expected 0" ret=1 } [ $udp2 -eq 2 ] || { - echo "I:ns2 $udp2 expected 2" + echo_i "ns2 $udp2 expected 2" ret=1 } [ $udp3 -eq 4 ] || { - echo "I:ns3 $udp3 expected 4" + echo_i "ns3 $udp3 expected 4" ret=1 } -if [ $ret != 0 ]; then echo "I: failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking TCP message counts" +echo_i "checking TCP message counts" ret=0 [ $tcp1 -eq 6 ] || { - echo "I:ns1 $tcp1 expected 6" + echo_i "ns1 $tcp1 expected 6" ret=1 } [ $tcp2 -eq 2 ] || { - echo "I:ns2 $tcp2 expected 2" + echo_i "ns2 $tcp2 expected 2" ret=1 } [ $tcp3 -eq 6 ] || { - echo "I:ns3 $tcp3 expected 6" + echo_i "ns3 $tcp3 expected 6" ret=1 } -if [ $ret != 0 ]; then echo "I: failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking AUTH_QUERY message counts" +echo_i "checking AUTH_QUERY message counts" ret=0 [ $aq1 -eq 2 ] || { - echo "I:ns1 $aq1 exepcted 2" + echo_i "ns1 $aq1 exepcted 2" ret=1 } [ $aq2 -eq 1 ] || { - echo "I:ns2 $aq2 expected 1" + echo_i "ns2 $aq2 expected 1" ret=1 } [ $aq3 -eq 0 ] || { - echo "I:ns3 $aq3 expected 0" + echo_i "ns3 $aq3 expected 0" ret=1 } -if [ $ret != 0 ]; then echo "I: failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking AUTH_RESPONSE message counts" +echo_i "checking AUTH_RESPONSE message counts" ret=0 [ $ar1 -eq 2 ] || { - echo "I:ns1 $ar1 expected 2" + echo_i "ns1 $ar1 expected 2" ret=1 } [ $ar2 -eq 1 ] || { - echo "I:ns2 $ar2 expected 1" + echo_i "ns2 $ar2 expected 1" ret=1 } [ $ar3 -eq 0 ] || { - echo "I:ns3 $ar3 expected 0" + echo_i "ns3 $ar3 expected 0" ret=1 } -if [ $ret != 0 ]; then echo "I: failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking CLIENT_QUERY message counts" +echo_i "checking CLIENT_QUERY message counts" ret=0 [ $cq1 -eq 1 ] || { - echo "I:ns1 $cq1 expected 1" + echo_i "ns1 $cq1 expected 1" ret=1 } [ $cq2 -eq 1 ] || { - echo "I:ns2 $cq2 expected 1" + echo_i "ns2 $cq2 expected 1" ret=1 } [ $cq3 -eq 2 ] || { - echo "I:ns3 $cq3 expected 2" + echo_i "ns3 $cq3 expected 2" ret=1 } -if [ $ret != 0 ]; then echo "I: failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking CLIENT_RESPONSE message counts" +echo_i "checking CLIENT_RESPONSE message counts" ret=0 [ $cr1 -eq 1 ] || { - echo "I:ns1 $cr1 expected 1" + echo_i "ns1 $cr1 expected 1" ret=1 } [ $cr2 -eq 1 ] || { - echo "I:ns2 $cr2 expected 1" + echo_i "ns2 $cr2 expected 1" ret=1 } [ $cr3 -eq 2 ] || { - echo "I:ns3 $cr3 expected 2" + echo_i "ns3 $cr3 expected 2" ret=1 } -if [ $ret != 0 ]; then echo "I: failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking RESOLVER_QUERY message counts" +echo_i "checking RESOLVER_QUERY message counts" ret=0 [ $rq1 -eq 0 ] || { - echo "I:ns1 $rq1 expected 0" + echo_i "ns1 $rq1 expected 0" ret=1 } [ $rq2 -eq 0 ] || { - echo "I:ns2 $rq2 expected 0" + echo_i "ns2 $rq2 expected 0" ret=1 } [ $rq3 -eq 3 ] || { - echo "I:ns3 $rq3 expected 3" + echo_i "ns3 $rq3 expected 3" ret=1 } -if [ $ret != 0 ]; then echo "I: failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking RESOLVER_RESPONSE message counts" +echo_i "checking RESOLVER_RESPONSE message counts" ret=0 [ $rr1 -eq 0 ] || { - echo "I:ns1 $rr1 expected 0" + echo_i "ns1 $rr1 expected 0" ret=1 } [ $rr2 -eq 0 ] || { - echo "I:ns2 $rr2 expected 0" + echo_i "ns2 $rr2 expected 0" ret=1 } [ $rr3 -eq 3 ] || { - echo "I:ns3 $rr3 expected 3" + echo_i "ns3 $rr3 expected 3" ret=1 } -if [ $ret != 0 ]; then echo "I: failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking reopened message counts" +echo_i "checking reopened message counts" udp1=`$DNSTAPREAD ns1/dnstap.out | grep "UDP " | wc -l` tcp1=`$DNSTAPREAD ns1/dnstap.out | grep "TCP " | wc -l` @@ -256,140 +257,140 @@ cr3=`$DNSTAPREAD ns3/dnstap.out | grep "CR " | wc -l` rq3=`$DNSTAPREAD ns3/dnstap.out | grep "RQ " | wc -l` rr3=`$DNSTAPREAD ns3/dnstap.out | grep "RR " | wc -l` -echo "I: checking UDP message counts" +echo_i "checking UDP message counts" ret=0 [ $udp1 -eq 0 ] || { - echo "I:ns1 $udp1 expected 0" + echo_i "ns1 $udp1 expected 0" ret=1 } [ $udp2 -eq 0 ] || { - echo "I:ns2 $udp2 expected 0" + echo_i "ns2 $udp2 expected 0" ret=1 } [ $udp3 -eq 2 ] || { - echo "I:ns3 $udp3 expected 2" + echo_i "ns3 $udp3 expected 2" ret=1 } -if [ $ret != 0 ]; then echo "I: failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking TCP message counts" +echo_i "checking TCP message counts" ret=0 [ $tcp1 -eq 0 ] || { - echo "I:ns1 $tcp1 expected 0" + echo_i "ns1 $tcp1 expected 0" ret=1 } [ $tcp2 -eq 0 ] || { - echo "I:ns2 $tcp2 expected 0" + echo_i "ns2 $tcp2 expected 0" ret=1 } [ $tcp3 -eq 0 ] || { - echo "I:ns3 $tcp3 expected 0" + echo_i "ns3 $tcp3 expected 0" ret=1 } -if [ $ret != 0 ]; then echo "I: failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking AUTH_QUERY message counts" +echo_i "checking AUTH_QUERY message counts" ret=0 [ $aq1 -eq 0 ] || { - echo "I:ns1 $aq1 exepcted 0" + echo_i "ns1 $aq1 exepcted 0" ret=1 } [ $aq2 -eq 0 ] || { - echo "I:ns2 $aq2 expected 0" + echo_i "ns2 $aq2 expected 0" ret=1 } [ $aq3 -eq 0 ] || { - echo "I:ns3 $aq3 expected 0" + echo_i "ns3 $aq3 expected 0" ret=1 } -if [ $ret != 0 ]; then echo "I: failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking AUTH_RESPONSE message counts" +echo_i "checking AUTH_RESPONSE message counts" ret=0 [ $ar1 -eq 0 ] || { - echo "I:ns1 $ar1 expected 0" + echo_i "ns1 $ar1 expected 0" ret=1 } [ $ar2 -eq 0 ] || { - echo "I:ns2 $ar2 expected 0" + echo_i "ns2 $ar2 expected 0" ret=1 } [ $ar3 -eq 0 ] || { - echo "I:ns3 $ar3 expected 0" + echo_i "ns3 $ar3 expected 0" ret=1 } -if [ $ret != 0 ]; then echo "I: failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking CLIENT_QUERY message counts" +echo_i "checking CLIENT_QUERY message counts" ret=0 [ $cq1 -eq 0 ] || { - echo "I:ns1 $cq1 expected 0" + echo_i "ns1 $cq1 expected 0" ret=1 } [ $cq2 -eq 0 ] || { - echo "I:ns2 $cq2 expected 0" + echo_i "ns2 $cq2 expected 0" ret=1 } [ $cq3 -eq 1 ] || { - echo "I:ns3 $cq3 expected 1" + echo_i "ns3 $cq3 expected 1" ret=1 } -if [ $ret != 0 ]; then echo "I: failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking CLIENT_RESPONSE message counts" +echo_i "checking CLIENT_RESPONSE message counts" ret=0 [ $cr1 -eq 0 ] || { - echo "I:ns1 $cr1 expected 0" + echo_i "ns1 $cr1 expected 0" ret=1 } [ $cr2 -eq 0 ] || { - echo "I:ns2 $cr2 expected 0" + echo_i "ns2 $cr2 expected 0" ret=1 } [ $cr3 -eq 1 ] || { - echo "I:ns3 $cr3 expected 1" + echo_i "ns3 $cr3 expected 1" ret=1 } -if [ $ret != 0 ]; then echo "I: failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking RESOLVER_QUERY message counts" +echo_i "checking RESOLVER_QUERY message counts" ret=0 [ $rq1 -eq 0 ] || { - echo "I:ns1 $rq1 expected 0" + echo_i "ns1 $rq1 expected 0" ret=1 } [ $rq2 -eq 0 ] || { - echo "I:ns2 $rq2 expected 0" + echo_i "ns2 $rq2 expected 0" ret=1 } [ $rq3 -eq 0 ] || { - echo "I:ns3 $rq3 expected 0" + echo_i "ns3 $rq3 expected 0" ret=1 } -if [ $ret != 0 ]; then echo "I: failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking RESOLVER_RESPONSE message counts" +echo_i "checking RESOLVER_RESPONSE message counts" ret=0 [ $rr1 -eq 0 ] || { - echo "I:ns1 $rr1 expected 0" + echo_i "ns1 $rr1 expected 0" ret=1 } [ $rr2 -eq 0 ] || { - echo "I:ns2 $rr2 expected 0" + echo_i "ns2 $rr2 expected 0" ret=1 } [ $rr3 -eq 0 ] || { - echo "I:ns3 $rr3 expected 0" + echo_i "ns3 $rr3 expected 0" ret=1 } -if [ $ret != 0 ]; then echo "I: failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` HAS_PYYAML=0 @@ -398,26 +399,28 @@ if [ -n "$PYTHON" ] ; then fi if [ $HAS_PYYAML -ne 0 ] ; then - echo "I:checking dnstap-read YAML output" + echo_i "checking dnstap-read YAML output" ret=0 - $PYTHON ydump.py "$DNSTAPREAD" "ns3/dnstap.out.save" > ydump.out || ret=1 - if [ $ret != 0 ]; then echo "I: failed"; fi + { + $PYTHON ydump.py "$DNSTAPREAD" "ns3/dnstap.out.save" > ydump.out || ret=1 + } | cat_i + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` fi -echo "I:checking dnstap-read hex output" +echo_i "checking dnstap-read hex output" ret=0 hex=`$DNSTAPREAD -x ns3/dnstap.out | tail -1` echo $hex | $WIRETEST > dnstap.hex grep 'status: NOERROR' dnstap.hex > /dev/null 2>&1 || ret=1 grep 'ANSWER: 3, AUTHORITY: 1' dnstap.hex > /dev/null 2>&1 || ret=1 -if [ $ret != 0 ]; then echo "I: failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` if [ -n "$FSTRM_CAPTURE" ] ; then - $DIG +short @10.53.0.4 -p 5300 a.example > dig.out + $DIG $DIGOPTS @10.53.0.4 a.example > dig.out - echo "I:checking unix socket message counts" + echo_i "checking unix socket message counts" sleep 2 kill $fstrm_capture_pid wait @@ -430,83 +433,83 @@ if [ -n "$FSTRM_CAPTURE" ] ; then rq4=`$DNSTAPREAD dnstap.out | grep "RQ " | wc -l` rr4=`$DNSTAPREAD dnstap.out | grep "RR " | wc -l` - echo "I: checking UDP message counts" + echo_i "checking UDP message counts" ret=0 [ $udp4 -eq 2 ] || { - echo "I:ns4 $udp4 expected 2" + echo_i "ns4 $udp4 expected 2" ret=1 } - if [ $ret != 0 ]; then echo "I: failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` - echo "I: checking TCP message counts" + echo_i "checking TCP message counts" ret=0 [ $tcp4 -eq 0 ] || { - echo "I:ns4 $tcp4 expected 0" + echo_i "ns4 $tcp4 expected 0" ret=1 } - if [ $ret != 0 ]; then echo "I: failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` - echo "I: checking AUTH_QUERY message counts" + echo_i "checking AUTH_QUERY message counts" ret=0 [ $aq4 -eq 0 ] || { - echo "I:ns4 $aq4 expected 0" + echo_i "ns4 $aq4 expected 0" ret=1 } - if [ $ret != 0 ]; then echo "I: failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` - echo "I: checking AUTH_RESPONSE message counts" + echo_i "checking AUTH_RESPONSE message counts" ret=0 [ $ar4 -eq 0 ] || { - echo "I:ns4 $ar4 expected 0" + echo_i "ns4 $ar4 expected 0" ret=1 } - if [ $ret != 0 ]; then echo "I: failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` - echo "I: checking CLIENT_QUERY message counts" + echo_i "checking CLIENT_QUERY message counts" ret=0 [ $cq4 -eq 1 ] || { - echo "I:ns4 $cq4 expected 1" + echo_i "ns4 $cq4 expected 1" ret=1 } - if [ $ret != 0 ]; then echo "I: failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` - echo "I: checking CLIENT_RESPONSE message counts" + echo_i "checking CLIENT_RESPONSE message counts" ret=0 [ $cr4 -eq 1 ] || { - echo "I:ns4 $cr4 expected 1" + echo_i "ns4 $cr4 expected 1" ret=1 } - if [ $ret != 0 ]; then echo "I: failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` - echo "I: checking RESOLVER_QUERY message counts" + echo_i "checking RESOLVER_QUERY message counts" ret=0 [ $rq4 -eq 0 ] || { - echo "I:ns4 $rq4 expected 0" + echo_i "ns4 $rq4 expected 0" ret=1 } - if [ $ret != 0 ]; then echo "I: failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` - echo "I: checking RESOLVER_RESPONSE message counts" + echo_i "checking RESOLVER_RESPONSE message counts" ret=0 [ $rr4 -eq 0 ] || { - echo "I:ns4 $rr4 expected 0" + echo_i "ns4 $rr4 expected 0" ret=1 } mv dnstap.out dnstap.out.save $FSTRM_CAPTURE -t protobuf:dnstap.Dnstap -u ns4/dnstap.out \ -w dnstap.out > fstrm_capture.out 2>&1 & fstrm_capture_pid=$! - $RNDCCMD -s 10.53.0.4 dnstap -reopen | sed 's/^/I:ns4 /' - $DIG +short @10.53.0.4 -p 5300 a.example > dig.out + $RNDCCMD -s 10.53.0.4 dnstap -reopen | sed 's/^/ns4 /' | cat_i + $DIG $DIGOPTS @10.53.0.4 a.example > dig.out - echo "I:checking reopened unix socket message counts" + echo_i "checking reopened unix socket message counts" sleep 2 kill $fstrm_capture_pid wait @@ -519,76 +522,76 @@ if [ -n "$FSTRM_CAPTURE" ] ; then rq4=`$DNSTAPREAD dnstap.out | grep "RQ " | wc -l` rr4=`$DNSTAPREAD dnstap.out | grep "RR " | wc -l` - echo "I: checking UDP message counts" + echo_i "checking UDP message counts" ret=0 [ $udp4 -eq 2 ] || { - echo "I:ns4 $udp4 expected 2" + echo_i "ns4 $udp4 expected 2" ret=1 } - if [ $ret != 0 ]; then echo "I: failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` - echo "I: checking TCP message counts" + echo_i "checking TCP message counts" ret=0 [ $tcp4 -eq 0 ] || { - echo "I:ns4 $tcp4 expected 0" + echo_i "ns4 $tcp4 expected 0" ret=1 } - if [ $ret != 0 ]; then echo "I: failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` - echo "I: checking AUTH_QUERY message counts" + echo_i "checking AUTH_QUERY message counts" ret=0 [ $aq4 -eq 0 ] || { - echo "I:ns4 $aq4 expected 0" + echo_i "ns4 $aq4 expected 0" ret=1 } - if [ $ret != 0 ]; then echo "I: failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` - echo "I: checking AUTH_RESPONSE message counts" + echo_i "checking AUTH_RESPONSE message counts" ret=0 [ $ar4 -eq 0 ] || { - echo "I:ns4 $ar4 expected 0" + echo_i "ns4 $ar4 expected 0" ret=1 } - if [ $ret != 0 ]; then echo "I: failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` - echo "I: checking CLIENT_QUERY message counts" + echo_i "checking CLIENT_QUERY message counts" ret=0 [ $cq4 -eq 1 ] || { - echo "I:ns4 $cq4 expected 1" + echo_i "ns4 $cq4 expected 1" ret=1 } - if [ $ret != 0 ]; then echo "I: failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` - echo "I: checking CLIENT_RESPONSE message counts" + echo_i "checking CLIENT_RESPONSE message counts" ret=0 [ $cr4 -eq 1 ] || { - echo "I:ns4 $cr4 expected 1" + echo_i "ns4 $cr4 expected 1" ret=1 } - if [ $ret != 0 ]; then echo "I: failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` - echo "I: checking RESOLVER_QUERY message counts" + echo_i "checking RESOLVER_QUERY message counts" ret=0 [ $rq4 -eq 0 ] || { - echo "I:ns4 $rq4 expected 0" + echo_i "ns4 $rq4 expected 0" ret=1 } - if [ $ret != 0 ]; then echo "I: failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` - echo "I: checking RESOLVER_RESPONSE message counts" + echo_i "checking RESOLVER_RESPONSE message counts" ret=0 [ $rr4 -eq 0 ] || { - echo "I:ns4 $rr4 expected 0" + echo_i "ns4 $rr4 expected 0" ret=1 } fi -echo "I:exit status: $status" +echo_i "exit status: $status" [ $status -eq 0 ] || exit 1 diff --git a/bin/tests/system/dnstap/ydump.py b/bin/tests/system/dnstap/ydump.py index 4cfb2f6334..781e2e6ce8 100644 --- a/bin/tests/system/dnstap/ydump.py +++ b/bin/tests/system/dnstap/ydump.py @@ -9,7 +9,7 @@ try: import yaml except: - print("I: No python yaml module, skipping") + print("No python yaml module, skipping") exit(1) import subprocess diff --git a/bin/tests/system/dscp/clean.sh b/bin/tests/system/dscp/clean.sh index 341e347dec..dad74f90f7 100644 --- a/bin/tests/system/dscp/clean.sh +++ b/bin/tests/system/dscp/clean.sh @@ -8,4 +8,5 @@ rm -f */root.bk rm -f dig.out.10.53.0.? rm -f */named.memstats rm -f */named.run +rm -f */named.conf rm -f ns*/named.lock diff --git a/bin/tests/system/dscp/ns1/named.conf b/bin/tests/system/dscp/ns1/named.conf.in similarity index 93% rename from bin/tests/system/dscp/ns1/named.conf rename to bin/tests/system/dscp/ns1/named.conf.in index 5e4796f46d..a78070c822 100644 --- a/bin/tests/system/dscp/ns1/named.conf +++ b/bin/tests/system/dscp/ns1/named.conf.in @@ -6,14 +6,12 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -controls { /* empty */ }; - options { dscp 46; query-source address 10.53.0.1; notify-source 10.53.0.1; transfer-source 10.53.0.1; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.1; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/dscp/ns2/named.conf b/bin/tests/system/dscp/ns2/named.conf.in similarity index 93% rename from bin/tests/system/dscp/ns2/named.conf rename to bin/tests/system/dscp/ns2/named.conf.in index 5d7f0b46fb..f251d1ddaa 100644 --- a/bin/tests/system/dscp/ns2/named.conf +++ b/bin/tests/system/dscp/ns2/named.conf.in @@ -6,14 +6,12 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -controls { /* empty */ }; - options { dscp 46; query-source address 10.53.0.2; notify-source 10.53.0.2; transfer-source 10.53.0.2; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.2; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/dscp/ns3/named.conf b/bin/tests/system/dscp/ns3/named.conf.in similarity index 93% rename from bin/tests/system/dscp/ns3/named.conf rename to bin/tests/system/dscp/ns3/named.conf.in index 1782cf2a31..18d1c4ef12 100644 --- a/bin/tests/system/dscp/ns3/named.conf +++ b/bin/tests/system/dscp/ns3/named.conf.in @@ -6,14 +6,12 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -controls { /* empty */ }; - options { dscp 46; query-source address 10.53.0.3; notify-source 10.53.0.3; transfer-source 10.53.0.3; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.3; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/dscp/ns4/named.conf b/bin/tests/system/dscp/ns4/named.conf.in similarity index 93% rename from bin/tests/system/dscp/ns4/named.conf rename to bin/tests/system/dscp/ns4/named.conf.in index 65be5c662f..9e4272ee08 100644 --- a/bin/tests/system/dscp/ns4/named.conf +++ b/bin/tests/system/dscp/ns4/named.conf.in @@ -6,14 +6,12 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -controls { /* empty */ }; - options { dscp 47; query-source dscp 46 address 10.53.0.4; notify-source 10.53.0.4 dscp 46; transfer-source 10.53.0.4 dscp 46; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on dscp 46 { 10.53.0.4; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/dscp/ns5/named.conf b/bin/tests/system/dscp/ns5/named.conf.in similarity index 94% rename from bin/tests/system/dscp/ns5/named.conf rename to bin/tests/system/dscp/ns5/named.conf.in index 79c509f40a..c9c8eaff7f 100644 --- a/bin/tests/system/dscp/ns5/named.conf +++ b/bin/tests/system/dscp/ns5/named.conf.in @@ -6,15 +6,13 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -controls { /* empty */ }; - options { dscp 47; query-source dscp 46 address 10.53.0.5; notify-source 10.53.0.5 dscp 46; transfer-source 10.53.0.5 dscp 46; alt-transfer-source 10.53.0.5 dscp 46; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on dscp 46 { 10.53.0.5; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/dscp/ns6/named.conf b/bin/tests/system/dscp/ns6/named.conf.in similarity index 93% rename from bin/tests/system/dscp/ns6/named.conf rename to bin/tests/system/dscp/ns6/named.conf.in index 84d192e308..85802568ba 100644 --- a/bin/tests/system/dscp/ns6/named.conf +++ b/bin/tests/system/dscp/ns6/named.conf.in @@ -6,14 +6,12 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -controls { /* empty */ }; - options { dscp 47; query-source dscp 46 address 10.53.0.6; notify-source 10.53.0.6 dscp 46; transfer-source 10.53.0.6 dscp 46; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on dscp 46 { 10.53.0.6; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/dscp/ns7/named.conf b/bin/tests/system/dscp/ns7/named.conf.in similarity index 95% rename from bin/tests/system/dscp/ns7/named.conf rename to bin/tests/system/dscp/ns7/named.conf.in index cec4de9108..9827dabb2b 100644 --- a/bin/tests/system/dscp/ns7/named.conf +++ b/bin/tests/system/dscp/ns7/named.conf.in @@ -6,15 +6,13 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -controls { /* empty */ }; - options { dscp 47; query-source dscp 46 address 10.53.0.7; notify-source 10.53.0.7 dscp 47; transfer-source 10.53.0.7 dscp 47; alt-transfer-source 10.53.0.7 dscp 47; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on dscp 46 { 10.53.0.7; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/dscp/setup.sh b/bin/tests/system/dscp/setup.sh new file mode 100644 index 0000000000..b457ad1176 --- /dev/null +++ b/bin/tests/system/dscp/setup.sh @@ -0,0 +1,19 @@ +#!/bin/sh +# +# Copyright (C) 2018 Internet Systems Consortium, Inc. ("ISC") +# +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +SYSTEMTESTTOP=.. +. $SYSTEMTESTTOP/conf.sh + +$SHELL clean.sh +copy_setports ns1/named.conf.in ns1/named.conf +copy_setports ns2/named.conf.in ns2/named.conf +copy_setports ns3/named.conf.in ns3/named.conf +copy_setports ns4/named.conf.in ns4/named.conf +copy_setports ns5/named.conf.in ns5/named.conf +copy_setports ns6/named.conf.in ns6/named.conf +copy_setports ns7/named.conf.in ns7/named.conf diff --git a/bin/tests/system/dscp/tests.sh b/bin/tests/system/dscp/tests.sh index 20c43a5f40..b61181fad6 100644 --- a/bin/tests/system/dscp/tests.sh +++ b/bin/tests/system/dscp/tests.sh @@ -7,7 +7,7 @@ SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh -DIGOPTS="+tcp +noadd +nosea +nostat +noquest" +DIGOPTS="+tcp +noadd +nosea +nostat +noquest -p ${PORT}" status=0 @@ -19,17 +19,17 @@ status=0 for server in 10.53.0.1 10.53.0.2 10.53.0.3 10.53.0.4 10.53.0.5 \ 10.53.0.6 10.53.0.7 do - echo "I:testing root SOA lookup at $server" + echo_i "testing root SOA lookup at $server" for i in 0 1 2 3 4 5 6 7 8 9 do ret=0 - $DIG -p 5300 @$server $DIGOPTS soa . > dig.out.$server + $DIG $DIGOPTS @$server soa . > dig.out.$server grep "status: NOERROR" dig.out.$server > /dev/null || ret=1 test $ret = 0 && break sleep 1 done - test $ret = 0 || { echo "I:failed"; status=`expr $status + $ret`; } + test $ret = 0 || { echo_i "failed"; status=`expr $status + $ret`; } done -echo "I:exit status: $status" +echo_i "exit status: $status" [ $status -eq 0 ] || exit 1 diff --git a/bin/tests/system/dsdigest/clean.sh b/bin/tests/system/dsdigest/clean.sh index f906bbbc6e..a2db72cb0d 100644 --- a/bin/tests/system/dsdigest/clean.sh +++ b/bin/tests/system/dsdigest/clean.sh @@ -12,6 +12,7 @@ rm -f ns1/root.db rm -f ns1/signer.err rm -f ns2/good.db ns2/bad.db rm -f dig.out* +rm -f */named.conf rm -f */named.run rm -f */named.memstats rm -f ns*/named.lock diff --git a/bin/tests/system/dsdigest/ns1/named.conf b/bin/tests/system/dsdigest/ns1/named.conf.in similarity index 96% rename from bin/tests/system/dsdigest/ns1/named.conf rename to bin/tests/system/dsdigest/ns1/named.conf.in index 9374ce43ef..b62812b28b 100644 --- a/bin/tests/system/dsdigest/ns1/named.conf +++ b/bin/tests/system/dsdigest/ns1/named.conf.in @@ -6,8 +6,6 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id$ */ - // NS1 controls { /* empty */ }; @@ -16,7 +14,7 @@ options { query-source address 10.53.0.1; notify-source 10.53.0.1; transfer-source 10.53.0.1; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.1; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/dsdigest/ns2/named.conf b/bin/tests/system/dsdigest/ns2/named.conf.in similarity index 96% rename from bin/tests/system/dsdigest/ns2/named.conf rename to bin/tests/system/dsdigest/ns2/named.conf.in index b8240ac1ee..4e6d7c9ff9 100644 --- a/bin/tests/system/dsdigest/ns2/named.conf +++ b/bin/tests/system/dsdigest/ns2/named.conf.in @@ -6,8 +6,6 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id$ */ - // NS2 controls { /* empty */ }; @@ -16,7 +14,7 @@ options { query-source address 10.53.0.2; notify-source 10.53.0.2; transfer-source 10.53.0.2; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.2; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/dsdigest/ns3/named.conf b/bin/tests/system/dsdigest/ns3/named.conf.in similarity index 96% rename from bin/tests/system/dsdigest/ns3/named.conf rename to bin/tests/system/dsdigest/ns3/named.conf.in index af70cfa3cb..5c43bf07eb 100644 --- a/bin/tests/system/dsdigest/ns3/named.conf +++ b/bin/tests/system/dsdigest/ns3/named.conf.in @@ -6,8 +6,6 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id$ */ - // NS3 controls { /* empty */ }; @@ -16,7 +14,7 @@ options { query-source address 10.53.0.3; notify-source 10.53.0.3; transfer-source 10.53.0.3; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.3; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/dsdigest/ns4/named.conf b/bin/tests/system/dsdigest/ns4/named.conf.in similarity index 96% rename from bin/tests/system/dsdigest/ns4/named.conf rename to bin/tests/system/dsdigest/ns4/named.conf.in index febbf60931..894f287ac4 100644 --- a/bin/tests/system/dsdigest/ns4/named.conf +++ b/bin/tests/system/dsdigest/ns4/named.conf.in @@ -6,8 +6,6 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id$ */ - // NS3 controls { /* empty */ }; @@ -16,7 +14,7 @@ options { query-source address 10.53.0.4; notify-source 10.53.0.4; transfer-source 10.53.0.4; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.4; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/dsdigest/prereq.sh b/bin/tests/system/dsdigest/prereq.sh index f64ef4c6ec..f726d1f390 100644 --- a/bin/tests/system/dsdigest/prereq.sh +++ b/bin/tests/system/dsdigest/prereq.sh @@ -16,7 +16,7 @@ $SHELL ../testcrypto.sh -q ecdsa || ecdsafail=1 if [ $gostfail = 0 -a $ecdsafail = 0 ]; then echo both > supported elif [ $gostfail = 1 -a $ecdsafail = 1 ]; then - echo "I:This test requires support for ECDSA or GOST cryptography." >&2 + echo_i "This test requires support for ECDSA or GOST cryptography." >&2 exit 255 elif [ $gostfail = 0 ]; then echo gost > supported diff --git a/bin/tests/system/dsdigest/setup.sh b/bin/tests/system/dsdigest/setup.sh index 740b724543..ea9e25c181 100644 --- a/bin/tests/system/dsdigest/setup.sh +++ b/bin/tests/system/dsdigest/setup.sh @@ -11,4 +11,9 @@ SYSTEMTESTTOP=.. test -r $RANDFILE || $GENRANDOM 800 $RANDFILE +copy_setports ns1/named.conf.in ns1/named.conf +copy_setports ns2/named.conf.in ns2/named.conf +copy_setports ns3/named.conf.in ns3/named.conf +copy_setports ns4/named.conf.in ns4/named.conf + cd ns1 && $SHELL sign.sh diff --git a/bin/tests/system/dsdigest/tests.sh b/bin/tests/system/dsdigest/tests.sh index 3f2a0c50d7..3e911cd6c8 100644 --- a/bin/tests/system/dsdigest/tests.sh +++ b/bin/tests/system/dsdigest/tests.sh @@ -6,8 +6,6 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -# $Id$ - SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh @@ -15,28 +13,28 @@ status=0 rm -f dig.out.* -DIGOPTS="+tcp +noadd +nosea +nostat +nocmd +dnssec -p 5300" +DIGOPTS="+tcp +noadd +nosea +nostat +nocmd +dnssec -p ${PORT}" # Check the good. domain -echo "I:checking that validation with enabled digest types works" +echo_i "checking that validation with enabled digest types works" ret=0 $DIG $DIGOPTS a.good. @10.53.0.3 a > dig.out.good || ret=1 grep "status: NOERROR" dig.out.good > /dev/null || ret=1 grep "flags:[^;]* ad[ ;]" dig.out.good > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` # Check the bad. domain -echo "I:checking that validation with no supported digest types and must-be-secure results in SERVFAIL" +echo_i "checking that validation with no supported digest types and must-be-secure results in SERVFAIL" ret=0 $DIG $DIGOPTS a.bad. @10.53.0.3 a > dig.out.bad || ret=1 grep "SERVFAIL" dig.out.bad > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking that validation with no supported digest algorithms results in insecure" +echo_i "checking that validation with no supported digest algorithms results in insecure" ret=0 $DIG $DIGOPTS bad. @10.53.0.4 ds > dig.out.ds || ret=1 grep "NOERROR" dig.out.ds > /dev/null || ret=1 @@ -44,8 +42,8 @@ grep "flags:[^;]* ad[ ;]" dig.out.ds > /dev/null || ret=1 $DIG $DIGOPTS a.bad. @10.53.0.4 a > dig.out.insecure || ret=1 grep "NOERROR" dig.out.insecure > /dev/null || ret=1 grep "flags:[^;]* ad[ ;]" dig.out.insecure > /dev/null && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:exit status: $status" +echo_i "exit status: $status" [ $status -eq 0 ] || exit 1 diff --git a/bin/tests/system/dyndb/clean.sh b/bin/tests/system/dyndb/clean.sh index c7195d88ca..5738bd1ab6 100644 --- a/bin/tests/system/dyndb/clean.sh +++ b/bin/tests/system/dyndb/clean.sh @@ -9,6 +9,8 @@ # # Clean up after dyndb tests. # +rm -f */named.conf +rm -f */named.run rm -f ns1/named.memstats rm -f ns1/update.txt rm -f added.a.out.* diff --git a/bin/tests/system/dyndb/ns1/named.conf b/bin/tests/system/dyndb/ns1/named.conf.in similarity index 90% rename from bin/tests/system/dyndb/ns1/named.conf rename to bin/tests/system/dyndb/ns1/named.conf.in index 60ab401b05..a6cbe9f6c1 100644 --- a/bin/tests/system/dyndb/ns1/named.conf +++ b/bin/tests/system/dyndb/ns1/named.conf.in @@ -12,7 +12,7 @@ options { query-source address 10.53.0.1; notify-source 10.53.0.1; transfer-source 10.53.0.1; - port 5300; + port @PORT@; pid-file "named.pid"; session-keyfile "session.key"; listen-on { 10.53.0.1; 127.0.0.1; }; @@ -27,7 +27,7 @@ key rndc_key { }; controls { - inet 10.53.0.1 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.1 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; dyndb sample "../driver/lib/sample.so" { ipv4.example.nil. in-addr.arpa. }; diff --git a/bin/tests/system/dyndb/prereq.sh b/bin/tests/system/dyndb/prereq.sh index 4f39e220d2..4ec63799a4 100644 --- a/bin/tests/system/dyndb/prereq.sh +++ b/bin/tests/system/dyndb/prereq.sh @@ -10,7 +10,7 @@ SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh $FEATURETEST --have-dlopen || { - echo "I:dlopen() not supported - skipping dyndb test" + echo_i "dlopen() not supported - skipping dyndb test" exit 255 } exit 0 diff --git a/bin/tests/system/dyndb/setup.sh b/bin/tests/system/dyndb/setup.sh new file mode 100644 index 0000000000..c69f051dbc --- /dev/null +++ b/bin/tests/system/dyndb/setup.sh @@ -0,0 +1,13 @@ +#!/bin/sh +# +# Copyright (C) 2018 Internet Systems Consortium, Inc. ("ISC") +# +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +SYSTEMTESTTOP=.. +. $SYSTEMTESTTOP/conf.sh + +$SHELL clean.sh +copy_setports ns1/named.conf.in ns1/named.conf diff --git a/bin/tests/system/dyndb/tests.sh b/bin/tests/system/dyndb/tests.sh index f9f7c29d65..9a4850ddf6 100644 --- a/bin/tests/system/dyndb/tests.sh +++ b/bin/tests/system/dyndb/tests.sh @@ -12,11 +12,12 @@ SYSTEMTESTTOP=.. status=0 n=0 -DIGOPTS="@10.53.0.1 -p 5300" +DIGOPTS="@10.53.0.1 -p ${PORT}" +RNDCCMD="$RNDC -c $SYSTEMTESTTOP/common/rndc.conf -p ${CONTROLPORT} -s" newtest() { n=`expr $n + 1` - echo "${1} (${n})" + echo_i "${1} (${n})" ret=0 } @@ -26,16 +27,16 @@ test_add() { ip="$3" cat < ns1/update.txt -server 10.53.0.1 5300 +server 10.53.0.1 ${PORT} ttl 86400 update add $host $type $ip send EOF - newtest "I:adding $host $type $ip" + newtest "adding $host $type $ip" $NSUPDATE ns1/update.txt > /dev/null 2>&1 || { [ "$should_fail" ] || \ - echo "I:update failed for $host $type $ip" + echo_i "update failed for $host $type $ip" return 1 } @@ -44,7 +45,7 @@ EOF lines=`echo "$out" | grep "$ip" | wc -l` [ $lines -eq 1 ] || { [ "$should_fail" ] || \ - echo "I:dig output incorrect for $host $type $cmd: $out" + echo_i "dig output incorrect for $host $type $cmd: $out" return 1 } @@ -53,7 +54,7 @@ EOF lines=`echo "$out" | grep "$host" | wc -l` [ $lines -eq 1 ] || { [ "$should_fail" ] || \ - echo "I:dig reverse output incorrect for $host $type $cmd: $out" + echo_i "dig reverse output incorrect for $host $type $cmd: $out" return 1 } @@ -67,15 +68,15 @@ test_del() { ip=`$DIG $DIGOPTS +short $host $type` cat < ns1/update.txt -server 10.53.0.1 5300 +server 10.53.0.1 ${PORT} update del $host $type send EOF - newtest "I:deleting $host $type (was $ip)" + newtest "deleting $host $type (was $ip)" $NSUPDATE ns1/update.txt > /dev/null 2>&1 || { [ "$should_fail" ] || \ - echo "I:update failed deleting $host $type" + echo_i "update failed deleting $host $type" return 1 } @@ -84,7 +85,7 @@ EOF lines=`echo "$out" | grep "$ip" | wc -l` [ $lines -eq 0 ] || { [ "$should_fail" ] || \ - echo "I:dig output incorrect for $host $type $cmd: $out" + echo_i "dig output incorrect for $host $type $cmd: $out" return 1 } @@ -93,7 +94,7 @@ EOF lines=`echo "$out" | grep "$host" | wc -l` [ $lines -eq 0 ] || { [ "$should_fail" ] || \ - echo "I:dig reverse output incorrect for $host $type $cmd: $out" + echo_i "dig reverse output incorrect for $host $type $cmd: $out" return 1 } @@ -124,13 +125,13 @@ status=`expr $status + $ret` test_del test4.ipv6.example.nil. AAAA || ret=1 status=`expr $status + $ret` -newtest "I:checking parameter logging" +newtest "checking parameter logging" grep "loading params for dyndb 'sample' from .*named.conf:33" ns1/named.run > /dev/null || ret=1 grep "loading params for dyndb 'sample2' from .*named.conf:34" ns1/named.run > /dev/null || ret=1 status=`expr $status + $ret` -echo "I:checking dyndb still works after reload" -$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 reload 2>&1 | sed 's/^/I:ns1 /' +echo_i "checking dyndb still works after reload" +$RNDCCMD 10.53.0.1 reload 2>&1 | sed 's/^/ns1 /' | cat_i test_add test5.ipv4.example.nil. A "10.53.0.10" || ret=1 status=`expr $status + $ret` @@ -144,5 +145,5 @@ status=`expr $status + $ret` test_del test6.ipv6.example.nil. AAAA || ret=1 status=`expr $status + $ret` -echo "I:exit status: $status" +echo_i "exit status: $status" [ $status -eq 0 ] || exit 1 diff --git a/bin/tests/system/ednscompliance/clean.sh b/bin/tests/system/ednscompliance/clean.sh index a9332d420a..7d8953b3bf 100644 --- a/bin/tests/system/ednscompliance/clean.sh +++ b/bin/tests/system/ednscompliance/clean.sh @@ -8,5 +8,6 @@ rm -f dig.out* rm -f ns*/named.lock +rm -f ns*/named.conf rm -f ns*/named.run rm -f ns*/named.memstats diff --git a/bin/tests/system/ednscompliance/ns1/named.conf b/bin/tests/system/ednscompliance/ns1/named.conf.in similarity index 92% rename from bin/tests/system/ednscompliance/ns1/named.conf rename to bin/tests/system/ednscompliance/ns1/named.conf.in index b9e8122e9d..8acb655f20 100644 --- a/bin/tests/system/ednscompliance/ns1/named.conf +++ b/bin/tests/system/ednscompliance/ns1/named.conf.in @@ -6,13 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -controls { /* empty */ }; - options { query-source address 10.53.0.1; notify-source 10.53.0.1; transfer-source 10.53.0.1; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.1; }; listen-on-v6 { none; }; @@ -23,4 +21,3 @@ zone "." { type master; file "root.db"; }; - diff --git a/bin/tests/system/ednscompliance/setup.sh b/bin/tests/system/ednscompliance/setup.sh new file mode 100644 index 0000000000..c69f051dbc --- /dev/null +++ b/bin/tests/system/ednscompliance/setup.sh @@ -0,0 +1,13 @@ +#!/bin/sh +# +# Copyright (C) 2018 Internet Systems Consortium, Inc. ("ISC") +# +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +SYSTEMTESTTOP=.. +. $SYSTEMTESTTOP/conf.sh + +$SHELL clean.sh +copy_setports ns1/named.conf.in ns1/named.conf diff --git a/bin/tests/system/ednscompliance/tests.sh b/bin/tests/system/ednscompliance/tests.sh index 98e5a66ebb..fbff953bfd 100644 --- a/bin/tests/system/ednscompliance/tests.sh +++ b/bin/tests/system/ednscompliance/tests.sh @@ -9,98 +9,100 @@ SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh +DIGOPTS="+norec -p ${PORT}" + status=0 n=0 zone=. n=`expr $n + 1` -echo "I:check +edns=100 sets version 100 ($n)" +echo_i "check +edns=100 sets version 100 ($n)" ret=0 reason= -$DIG -p 5300 @10.53.0.1 +qr +norec +edns=100 soa $zone > dig.out$n +$DIG $DIGOPTS @10.53.0.1 +qr +edns=100 soa $zone > dig.out$n grep "EDNS: version: 100," dig.out$n > /dev/null || { ret=1; reason="version"; } -if [ $ret != 0 ]; then echo "I:failed $reason"; fi +if [ $ret != 0 ]; then echo_i "failed $reason"; fi status=`expr $status + $ret` n=`expr $n + 1` ret=0 reason= -echo "I:check +ednsopt=100 adds option 100 ($n)" -$DIG -p 5300 @10.53.0.1 +qr +norec +ednsopt=100 soa $zone > dig.out$n +echo_i "check +ednsopt=100 adds option 100 ($n)" +$DIG $DIGOPTS @10.53.0.1 +qr +ednsopt=100 soa $zone > dig.out$n grep "; OPT=100" dig.out$n > /dev/null || { ret=1; reason="option"; } -if [ $ret != 0 ]; then echo "I:failed $reason"; fi +if [ $ret != 0 ]; then echo_i "failed $reason"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:check +ednsflags=0x80 sets flags to 0x0080 ($n)" +echo_i "check +ednsflags=0x80 sets flags to 0x0080 ($n)" ret=0 reason= -$DIG -p 5300 @10.53.0.1 +qr +norec +ednsflags=0x80 soa $zone > dig.out$n +$DIG $DIGOPTS @10.53.0.1 +qr +ednsflags=0x80 soa $zone > dig.out$n grep "MBZ: 0x0080," dig.out$n > /dev/null || { ret=1; reason="flags"; } -if [ $ret != 0 ]; then echo "I:failed $reason"; fi +if [ $ret != 0 ]; then echo_i "failed $reason"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:Unknown EDNS version ($n)" +echo_i "Unknown EDNS version ($n)" ret=0 reason= -$DIG -p 5300 @10.53.0.1 +norec +edns=100 +noednsnegotiation soa $zone > dig.out$n +$DIG $DIGOPTS @10.53.0.1 +edns=100 +noednsnegotiation soa $zone > dig.out$n grep "status: BADVERS," dig.out$n > /dev/null || { ret=1; reason="status"; } grep "EDNS: version: 0," dig.out$n > /dev/null || { ret=1; reason="version"; } grep "IN.SOA." dig.out$n > /dev/null && { ret=1; reaons="soa"; } -if [ $ret != 0 ]; then echo "I:failed $reason"; fi +if [ $ret != 0 ]; then echo_i "failed $reason"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:Unknown EDNS option ($n)" +echo_i "Unknown EDNS option ($n)" ret=0 reason= -$DIG -p 5300 @10.53.0.1 +norec +ednsopt=100 soa $zone > dig.out$n +$DIG $DIGOPTS @10.53.0.1 +ednsopt=100 soa $zone > dig.out$n grep "status: NOERROR," dig.out$n > /dev/null || { ret=1; reason="status"; } grep "EDNS: version: 0," dig.out$n > /dev/null || { ret=1; reason="version"; } grep "; OPT=100" dig.out$n > /dev/null && { ret=1; reason="option"; } grep "IN.SOA." dig.out$n > /dev/null || { ret=1; reason="nosoa"; } -if [ $ret != 0 ]; then echo "I:failed $reason"; fi +if [ $ret != 0 ]; then echo_i "failed $reason"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:Unknown EDNS version + option ($n)" +echo_i "Unknown EDNS version + option ($n)" ret=0 reason= -$DIG -p 5300 @10.53.0.1 +norec +edns=100 +noednsneg +ednsopt=100 soa $zone > dig.out$n +$DIG $DIGOPTS @10.53.0.1 +edns=100 +noednsneg +ednsopt=100 soa $zone > dig.out$n grep "status: BADVERS," dig.out$n > /dev/null || { ret=1; reason="status"; } grep "EDNS: version: 0," dig.out$n > /dev/null || { ret=1; reason="version"; } grep "; OPT=100" dig.out$n > /dev/null && { ret=1; reason="option"; } grep "IN.SOA." dig.out$n > /dev/null && { ret=1; reason="soa"; } -if [ $ret != 0 ]; then echo "I:failed: $reason"; fi +if [ $ret != 0 ]; then echo_i "failed: $reason"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:Unknown EDNS flag ($n)" +echo_i "Unknown EDNS flag ($n)" ret=0 reason= -$DIG -p 5300 @10.53.0.1 +norec +ednsflags=0x80 soa $zone > dig.out$n +$DIG $DIGOPTS @10.53.0.1 +ednsflags=0x80 soa $zone > dig.out$n grep "status: NOERROR," dig.out$n > /dev/null || { ret=1; reason="status"; } grep "EDNS: version: 0," dig.out$n > /dev/null || { ret=1; reason="version"; } grep "EDNS:.*MBZ" dig.out$n > /dev/null > /dev/null && { ret=1; reason="mbz"; } grep ".IN.SOA." dig.out$n > /dev/null || { ret=1; reason="nosoa"; } -if [ $ret != 0 ]; then echo "I:failed $reason"; fi +if [ $ret != 0 ]; then echo_i "failed $reason"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:Unknown EDNS version + flag ($n)" +echo_i "Unknown EDNS version + flag ($n)" ret=0 reason= -$DIG -p 5300 @10.53.0.1 +norec +edns=100 +noednsneg +ednsflags=0x80 soa $zone > dig.out$n +$DIG $DIGOPTS @10.53.0.1 +edns=100 +noednsneg +ednsflags=0x80 soa $zone > dig.out$n grep "status: BADVERS," dig.out$n > /dev/null || { ret=1; reason="status"; } grep "EDNS: version: 0," dig.out$n > /dev/null || { ret=1; reason="version"; } grep "EDNS:.*MBZ" dig.out$n > /dev/null > /dev/null && { ret=1; reason="mbz"; } grep "IN.SOA." dig.out$n > /dev/null && { ret=1; reason="soa"; } -if [ $ret != 0 ]; then echo "I:failed $reason"; fi +if [ $ret != 0 ]; then echo_i "failed $reason"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:DiG's EDNS negotiation ($n)" +echo_i "DiG's EDNS negotiation ($n)" ret=0 reason= -$DIG -p 5300 @10.53.0.1 +norec +edns=100 soa $zone > dig.out$n +$DIG $DIGOPTS @10.53.0.1 +edns=100 soa $zone > dig.out$n grep "status: NOERROR," dig.out$n > /dev/null || { ret=1; reason="status"; } grep "EDNS: version: 0," dig.out$n > /dev/null || { ret=1; reason="version"; } grep "IN.SOA." dig.out$n > /dev/null || { ret=1; reason="soa"; } -if [ $ret != 0 ]; then echo "I:failed $reason"; fi +if [ $ret != 0 ]; then echo_i "failed $reason"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:exit status: $status" +echo_i "exit status: $status" [ $status -eq 0 ] || exit 1 diff --git a/bin/tests/system/emptyzones/ns1/named1.conf b/bin/tests/system/emptyzones/ns1/named1.conf.in similarity index 87% rename from bin/tests/system/emptyzones/ns1/named1.conf rename to bin/tests/system/emptyzones/ns1/named1.conf.in index 008ada3577..08a3391725 100644 --- a/bin/tests/system/emptyzones/ns1/named1.conf +++ b/bin/tests/system/emptyzones/ns1/named1.conf.in @@ -6,22 +6,20 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.15 2009/05/29 23:47:49 tbox Exp $ */ - key rndc_key { algorithm hmac-sha256; secret "1234abcd8765"; }; controls { - inet 10.53.0.1 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.1 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; options { query-source address 10.53.0.1 dscp 1; notify-source 10.53.0.1 dscp 2; transfer-source 10.53.0.1 dscp 3; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.1; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/emptyzones/ns1/named2.conf b/bin/tests/system/emptyzones/ns1/named2.conf.in similarity index 87% rename from bin/tests/system/emptyzones/ns1/named2.conf rename to bin/tests/system/emptyzones/ns1/named2.conf.in index 2d6db54f87..4e447e81e1 100644 --- a/bin/tests/system/emptyzones/ns1/named2.conf +++ b/bin/tests/system/emptyzones/ns1/named2.conf.in @@ -6,22 +6,20 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.15 2009/05/29 23:47:49 tbox Exp $ */ - key rndc_key { algorithm hmac-sha256; secret "1234abcd8765"; }; controls { - inet 10.53.0.1 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.1 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; options { query-source address 10.53.0.1 dscp 1; notify-source 10.53.0.1 dscp 2; transfer-source 10.53.0.1 dscp 3; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.1; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/emptyzones/setup.sh b/bin/tests/system/emptyzones/setup.sh index 36c65fde93..369ecfb8f6 100644 --- a/bin/tests/system/emptyzones/setup.sh +++ b/bin/tests/system/emptyzones/setup.sh @@ -4,4 +4,8 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -cp -f ns1/named1.conf ns1/named.conf +SYSTEMTESTTOP=.. +. $SYSTEMTESTTOP/conf.sh + +$SHELL clean.sh +copy_setports ns1/named1.conf.in ns1/named.conf diff --git a/bin/tests/system/emptyzones/tests.sh b/bin/tests/system/emptyzones/tests.sh index 1f78bed1bf..5afea2f970 100644 --- a/bin/tests/system/emptyzones/tests.sh +++ b/bin/tests/system/emptyzones/tests.sh @@ -9,28 +9,33 @@ SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh +DIGOPTS="-p ${PORT}" +RNDCCMD="$RNDC -c $SYSTEMTESTTOP/common/rndc.conf -p ${CONTROLPORT} -s" + status=0 n=0 n=`expr $n + 1` -echo "I:check that switching to automatic empty zones works ($n)" +echo_i "check that switching to automatic empty zones works ($n)" ret=0 -$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 reload > /dev/null || ret=1 +$RNDCCMD 10.53.0.1 reload > /dev/null || ret=1 sleep 5 -cp ns1/named2.conf ns1/named.conf -$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 reload > /dev/null || ret=1 + +copy_setports ns1/named2.conf.in ns1/named.conf +$RNDCCMD 10.53.0.1 reload > /dev/null || ret=1 sleep 5 -$DIG +vc version.bind txt ch @10.53.0.1 -p 5300 > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi + +$DIG $DIGOPTS +vc version.bind txt ch @10.53.0.1 > /dev/null || ret=1 +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:check that allow-transfer { none; } works ($n)" +echo_i "check that allow-transfer { none; } works ($n)" ret=0 -$DIG axfr 10.in-addr.arpa @10.53.0.1 -p 5300 +all > dig.out.test$n || ret=1 +$DIG $DIGOPTS axfr 10.in-addr.arpa @10.53.0.1 +all > dig.out.test$n || ret=1 grep "status: REFUSED" dig.out.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:exit status: $status" +echo_i "exit status: $status" [ $status -eq 0 ] || exit 1 diff --git a/bin/tests/system/fetchlimit/ans4/ans.pl b/bin/tests/system/fetchlimit/ans4/ans.pl index c0da4d54e7..0ca46a7da4 100644 --- a/bin/tests/system/fetchlimit/ans4/ans.pl +++ b/bin/tests/system/fetchlimit/ans4/ans.pl @@ -16,8 +16,11 @@ use IO::Socket; use Net::DNS; use Net::DNS::Packet; +my $localport = int($ENV{'PORT'}); +if (!$localport) { $localport = 5300; } + my $sock = IO::Socket::INET->new(LocalAddr => "10.53.0.4", - LocalPort => 5300, Proto => "udp") or die "$!"; + LocalPort => $localport, Proto => "udp") or die "$!"; my $pidf = new IO::File "ans.pid", "w" or die "cannot open pid file: $!"; print $pidf "$$\n" or die "cannot write pid file: $!"; diff --git a/bin/tests/system/fetchlimit/clean.sh b/bin/tests/system/fetchlimit/clean.sh index f9404ebf71..28eb3b0fad 100644 --- a/bin/tests/system/fetchlimit/clean.sh +++ b/bin/tests/system/fetchlimit/clean.sh @@ -6,8 +6,8 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -rm -f */named.memstats */ans.run */named.recursing */named.run +rm -f */named.conf */named.memstats */ans.run */named.recursing */named.run rm -f dig.out* rm -f ans4/norespond -rm -f ns3/named.conf ns3/named.stats ns3/named_dump.db +rm -f ns3/named.stats ns3/named_dump.db rm -f burst.input.* diff --git a/bin/tests/system/fetchlimit/ns1/named.conf b/bin/tests/system/fetchlimit/ns1/named.conf.in similarity index 93% rename from bin/tests/system/fetchlimit/ns1/named.conf rename to bin/tests/system/fetchlimit/ns1/named.conf.in index 8a358042e4..dde59939b9 100644 --- a/bin/tests/system/fetchlimit/ns1/named.conf +++ b/bin/tests/system/fetchlimit/ns1/named.conf.in @@ -6,13 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -controls { /* empty */ }; - options { query-source address 10.53.0.1; notify-source 10.53.0.1; transfer-source 10.53.0.1; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.1; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/fetchlimit/ns2/named.conf b/bin/tests/system/fetchlimit/ns2/named.conf.in similarity index 77% rename from bin/tests/system/fetchlimit/ns2/named.conf rename to bin/tests/system/fetchlimit/ns2/named.conf.in index f9c91a3364..f5392a622c 100644 --- a/bin/tests/system/fetchlimit/ns2/named.conf +++ b/bin/tests/system/fetchlimit/ns2/named.conf.in @@ -6,13 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -controls { /* empty */ }; - options { query-source address 10.53.0.2; notify-source 10.53.0.2; transfer-source 10.53.0.2; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.2; }; listen-on-v6 { none; }; @@ -20,7 +18,15 @@ options { notify yes; }; -include "../../common/controls.conf"; +key rndc_key { + secret "1234abcd8765"; + algorithm hmac-sha256; +}; + +controls { + inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; +}; + zone "example" { type master; diff --git a/bin/tests/system/fetchlimit/ns3/named1.conf b/bin/tests/system/fetchlimit/ns3/named1.conf.in similarity index 89% rename from bin/tests/system/fetchlimit/ns3/named1.conf rename to bin/tests/system/fetchlimit/ns3/named1.conf.in index 6e90bbeb8e..aee7ae0e67 100644 --- a/bin/tests/system/fetchlimit/ns3/named1.conf +++ b/bin/tests/system/fetchlimit/ns3/named1.conf.in @@ -12,7 +12,7 @@ options { query-source address 10.53.0.3; notify-source 10.53.0.3; transfer-source 10.53.0.3; - port 5300; + port @PORT@; directory "."; pid-file "named.pid"; listen-on { 10.53.0.3; }; @@ -28,7 +28,7 @@ key rndc_key { }; controls { - inet 10.53.0.3 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.3 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; zone "." { diff --git a/bin/tests/system/fetchlimit/ns3/named2.conf b/bin/tests/system/fetchlimit/ns3/named2.conf.in similarity index 86% rename from bin/tests/system/fetchlimit/ns3/named2.conf rename to bin/tests/system/fetchlimit/ns3/named2.conf.in index 8e4eec58b0..7895ae971e 100644 --- a/bin/tests/system/fetchlimit/ns3/named2.conf +++ b/bin/tests/system/fetchlimit/ns3/named2.conf.in @@ -6,13 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -controls { /* empty */ }; - options { query-source address 10.53.0.3; notify-source 10.53.0.3; transfer-source 10.53.0.3; - port 5300; + port @PORT@; directory "."; pid-file "named.pid"; listen-on { 10.53.0.3; }; @@ -28,7 +26,7 @@ key rndc_key { }; controls { - inet 10.53.0.3 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.3 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; zone "." { diff --git a/bin/tests/system/fetchlimit/ns3/named3.conf b/bin/tests/system/fetchlimit/ns3/named3.conf.in similarity index 86% rename from bin/tests/system/fetchlimit/ns3/named3.conf rename to bin/tests/system/fetchlimit/ns3/named3.conf.in index 1307bfa434..8769ba4f4f 100644 --- a/bin/tests/system/fetchlimit/ns3/named3.conf +++ b/bin/tests/system/fetchlimit/ns3/named3.conf.in @@ -6,13 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -controls { /* empty */ }; - options { query-source address 10.53.0.3; notify-source 10.53.0.3; transfer-source 10.53.0.3; - port 5300; + port @PORT@; directory "."; pid-file "named.pid"; listen-on { 10.53.0.3; }; @@ -28,7 +26,7 @@ key rndc_key { }; controls { - inet 10.53.0.3 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.3 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; zone "." { diff --git a/bin/tests/system/fetchlimit/setup.sh b/bin/tests/system/fetchlimit/setup.sh index 8ce6d618f7..52f8f9a92e 100644 --- a/bin/tests/system/fetchlimit/setup.sh +++ b/bin/tests/system/fetchlimit/setup.sh @@ -11,4 +11,6 @@ SYSTEMTESTTOP=.. $SHELL clean.sh -cp -f ns3/named1.conf ns3/named.conf +copy_setports ns1/named.conf.in ns1/named.conf +copy_setports ns2/named.conf.in ns2/named.conf +copy_setports ns3/named1.conf.in ns3/named.conf diff --git a/bin/tests/system/fetchlimit/tests.sh b/bin/tests/system/fetchlimit/tests.sh index 15788136bd..d5eccbf369 100644 --- a/bin/tests/system/fetchlimit/tests.sh +++ b/bin/tests/system/fetchlimit/tests.sh @@ -9,8 +9,8 @@ SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh -DIGCMD="$DIG @10.53.0.3 -p 5300 +tries=1 +time=1" -RNDCCMD="$RNDC -p 9953 -s 10.53.0.3 -c ../common/rndc.conf" +DIGCMD="$DIG @10.53.0.3 -p ${PORT} +tries=1 +time=1" +RNDCCMD="$RNDC -p ${CONTROLPORT} -s 10.53.0.3 -c ../common/rndc.conf" burst() { num=${3:-20} @@ -19,21 +19,21 @@ burst() { num=`expr $num - 1` echo "${num}${1}${2}.lamesub.example A" >> burst.input.$$ done - $PERL ../ditch.pl -p 5300 -s 10.53.0.3 burst.input.$$ + $PERL ../ditch.pl -p ${PORT} -s 10.53.0.3 burst.input.$$ rm -f burst.input.$$ } stat() { clients=`$RNDCCMD status | grep "recursive clients" | sed 's;.*: \([^/][^/]*\)/.*;\1;'` - echo "I: clients: $clients" + echo_i "clients: $clients" [ "$clients" = "" ] && return 1 [ "$clients" -le $1 ] } status=0 -echo "I: checking recursing clients are dropped at the per-server limit" +echo_i "checking recursing clients are dropped at the per-server limit" ret=0 # make the server lame and restart $RNDCCMD flush @@ -47,18 +47,19 @@ for try in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20; do [ $ret -eq 1 ] && break sleep 1 done -if [ $ret != 0 ]; then echo "I: failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: dumping ADB data" +echo_i "dumping ADB data" $RNDCCMD dumpdb -adb -info=`grep '10.53.0.4' ns3/named_dump.db | sed 's/.*\(atr [.0-9]*\).*\(quota [0-9]*\).*/I: \1 \2/'` -echo $info +info=`grep '10.53.0.4' ns3/named_dump.db | sed 's/.*\(atr [.0-9]*\).*\(quota [0-9]*\).*/\1 \2/'` +echo_i $info set -- $info quota=$5 [ ${5:-200} -lt 200 ] || ret=1 -echo "I: checking servfail statistics" +echo_i "checking servfail statistics" +ret=0 rm -f ns3/named.stats $RNDCCMD stats for try in 1 2 3 4 5; do @@ -70,10 +71,10 @@ sspill=`grep 'spilled due to server' ns3/named.stats | sed 's/\([0-9][0-9]*\) sp fails=`grep 'queries resulted in SERVFAIL' ns3/named.stats | sed 's/\([0-9][0-9]*\) queries.*/\1/'` [ -z "$fails" ] && fails=0 [ "$fails" -ge "$sspill" ] || ret=1 -if [ $ret != 0 ]; then echo "I: failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking lame server recovery" +echo_i "checking lame server recovery" ret=0 rm -f ans4/norespond for try in 1 2 3 4 5; do @@ -83,10 +84,10 @@ for try in 1 2 3 4 5; do sleep 1 done -echo "I: dumping ADB data" +echo_i "dumping ADB data" $RNDCCMD dumpdb -adb -info=`grep '10.53.0.4' ns3/named_dump.db | sed 's/.*\(atr [.0-9]*\).*\(quota [0-9]*\).*/I: \1 \2/'` -echo $info +info=`grep '10.53.0.4' ns3/named_dump.db | sed 's/.*\(atr [.0-9]*\).*\(quota [0-9]*\).*/\1 \2/'` +echo_i $info set -- $info [ ${5:-${quota}} -lt $quota ] || ret=1 quota=$5 @@ -98,23 +99,23 @@ for try in 1 2 3 4 5 6 7 8 9 10; do sleep 1 done -echo "I: dumping ADB data" +echo_i "dumping ADB data" $RNDCCMD dumpdb -adb -info=`grep '10.53.0.4' ns3/named_dump.db | sed 's/.*\(atr [.0-9]*\).*\(quota [0-9]*\).*/I: \1 \2/'` -echo $info +info=`grep '10.53.0.4' ns3/named_dump.db | sed 's/.*\(atr [.0-9]*\).*\(quota [0-9]*\).*/\1 \2/'` +echo_i $info set -- $info [ ${5:-${quota}} -gt $quota ] || ret=1 quota=$5 -if [ $ret != 0 ]; then echo "I: failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -if [ $ret != 0 ]; then echo "I: failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -cp -f ns3/named2.conf ns3/named.conf -$RNDCCMD reconfig 2>&1 | sed 's/^/I:ns3 /' +copy_setports ns3/named2.conf.in ns3/named.conf +$RNDCCMD reconfig 2>&1 | sed 's/^/ns3 /' | cat_i -echo "I: checking lame server clients are dropped at the per-domain limit" +echo_i "checking lame server clients are dropped at the per-domain limit" ret=0 fail=0 success=0 @@ -128,14 +129,14 @@ for try in 1 2 3 4 5; do fail=`expr $fail + 1` stat 50 || ret=1 [ $ret -eq 1 ] && break - $RNDCCMD recursing 2>&1 | sed 's/^/I:ns3 /' + $RNDCCMD recursing 2>&1 | sed 's/^/ns3 /' | cat_i sleep 1 done -echo "I: $success successful valid queries, $fail SERVFAIL" -if [ $ret != 0 ]; then echo "I: failed"; fi +echo_i "$success successful valid queries, $fail SERVFAIL" +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking drop statistics" +echo_i "checking drop statistics" rm -f ns3/named.stats $RNDCCMD stats for try in 1 2 3 4 5; do @@ -147,20 +148,20 @@ zspill=`grep 'spilled due to zone' ns3/named.stats | sed 's/\([0-9][0-9]*\) spil drops=`grep 'queries dropped' ns3/named.stats | sed 's/\([0-9][0-9]*\) queries.*/\1/'` [ -z "$drops" ] && drops=0 [ "$drops" -ge "$zspill" ] || ret=1 -if [ $ret != 0 ]; then echo "I: failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -cp -f ns3/named3.conf ns3/named.conf -$RNDCCMD reconfig 2>&1 | sed 's/^/I:ns3 /' +copy_setports ns3/named3.conf.in ns3/named.conf +$RNDCCMD reconfig 2>&1 | sed 's/^/ns3 /' | cat_i -echo "I: checking lame server clients are dropped at the soft limit" +echo_i "checking lame server clients are dropped at the soft limit" ret=0 fail=0 success=0 touch ans4/norespond for try in 1 2 3 4 5; do burst b $try 400 - $DIG @10.53.0.3 -p 5300 a ${try}.example > dig.out.ns3.$try + $DIG @10.53.0.3 -p ${PORT} a ${try}.example > dig.out.ns3.$try stat 360 || ret=1 grep "status: NOERROR" dig.out.ns3.$try > /dev/null 2>&1 && \ success=`expr $success + 1` @@ -169,10 +170,10 @@ for try in 1 2 3 4 5; do [ $ret -eq 1 ] && break sleep 1 done -echo "I: $success successful valid queries, $fail SERVFAIL" +echo_i "$success successful valid queries, $fail SERVFAIL" [ "$success" -eq 5 ] || ret=1 -if [ $ret != 0 ]; then echo "I: failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:exit status: $status" +echo_i "exit status: $status" [ $status -eq 0 ] || exit 1 diff --git a/bin/tests/system/filter-aaaa/clean.sh b/bin/tests/system/filter-aaaa/clean.sh index fb17916379..75ef1e7daf 100644 --- a/bin/tests/system/filter-aaaa/clean.sh +++ b/bin/tests/system/filter-aaaa/clean.sh @@ -10,21 +10,15 @@ rm -f ns1/K* rm -f ns1/*.signed rm -f ns1/signer.err rm -f ns1/dsset-* -rm -f ns1/named.run ns1/named.conf -rm -f ns1/named.memstats -rm -f ns2/named.run ns2/named.conf -rm -f ns2/named.memstats - -rm -f ns3/named.run ns3/named.conf -rm -f ns3/named.memstats +rm -f */named.run +rm -f */named.conf +rm -f */named.memstats rm -f ns4/K* rm -f ns4/*.signed rm -f ns4/signer.err rm -f ns4/dsset-* -rm -f ns4/named.run ns4/named.conf -rm -f ns4/named.memstats rm -f dig.out.* rm -f ns*/named.lock diff --git a/bin/tests/system/filter-aaaa/ns1/named1.conf b/bin/tests/system/filter-aaaa/ns1/named1.conf.in similarity index 83% rename from bin/tests/system/filter-aaaa/ns1/named1.conf rename to bin/tests/system/filter-aaaa/ns1/named1.conf.in index 272459c1ed..9adeabcd86 100644 --- a/bin/tests/system/filter-aaaa/ns1/named1.conf +++ b/bin/tests/system/filter-aaaa/ns1/named1.conf.in @@ -6,15 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named1.conf,v 1.1.2.1 2012/01/07 03:32:15 each Exp $ */ - -controls { /* empty */ }; - options { query-source address 10.53.0.1; notify-source 10.53.0.1; transfer-source 10.53.0.1; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.1; }; listen-on-v6 { fd92:7065:b8e:ffff::1; }; @@ -31,7 +27,7 @@ key rndc_key { }; controls { - inet 10.53.0.1 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.1 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; diff --git a/bin/tests/system/filter-aaaa/ns1/named2.conf b/bin/tests/system/filter-aaaa/ns1/named2.conf.in similarity index 83% rename from bin/tests/system/filter-aaaa/ns1/named2.conf rename to bin/tests/system/filter-aaaa/ns1/named2.conf.in index 411bd830cc..c9ba163dcf 100644 --- a/bin/tests/system/filter-aaaa/ns1/named2.conf +++ b/bin/tests/system/filter-aaaa/ns1/named2.conf.in @@ -6,15 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named2.conf,v 1.1.2.1 2012/01/07 03:32:15 each Exp $ */ - -controls { /* empty */ }; - options { query-source address 10.53.0.1; notify-source 10.53.0.1; transfer-source 10.53.0.1; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.1; }; listen-on-v6 { fd92:7065:b8e:ffff::1; }; @@ -31,7 +27,7 @@ key rndc_key { }; controls { - inet 10.53.0.1 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.1 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; zone "." { type master; file "root.db"; }; diff --git a/bin/tests/system/filter-aaaa/ns1/sign.sh b/bin/tests/system/filter-aaaa/ns1/sign.sh index 1fec719260..8ade43ab90 100755 --- a/bin/tests/system/filter-aaaa/ns1/sign.sh +++ b/bin/tests/system/filter-aaaa/ns1/sign.sh @@ -6,8 +6,6 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -# $Id: sign.sh,v 1.2 2010/06/22 03:58:37 marka Exp $ - SYSTEMTESTTOP=../.. . $SYSTEMTESTTOP/conf.sh @@ -24,4 +22,4 @@ keyname2=`$KEYGEN -f KSK -r $RANDFILE -a DSA -b 768 -n zone $zone 2> /dev/null` cat $infile $keyname1.key $keyname2.key >$zonefile $SIGNER -r $RANDFILE -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err -echo "I: signed $zone" +echo_i "signed $zone" diff --git a/bin/tests/system/filter-aaaa/ns2/named1.conf b/bin/tests/system/filter-aaaa/ns2/named1.conf.in similarity index 81% rename from bin/tests/system/filter-aaaa/ns2/named1.conf rename to bin/tests/system/filter-aaaa/ns2/named1.conf.in index 634b46177c..1bfec19477 100644 --- a/bin/tests/system/filter-aaaa/ns2/named1.conf +++ b/bin/tests/system/filter-aaaa/ns2/named1.conf.in @@ -6,15 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named1.conf,v 1.1.2.1 2012/01/07 03:32:16 each Exp $ */ - -controls { /* empty */ }; - options { query-source address 10.53.0.2; notify-source 10.53.0.2; transfer-source 10.53.0.2; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.2; }; listen-on-v6 { fd92:7065:b8e:ffff::2; }; @@ -31,7 +27,7 @@ key rndc_key { }; controls { - inet 10.53.0.2 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; zone "." { type hint; file "hints"; }; diff --git a/bin/tests/system/filter-aaaa/ns2/named2.conf b/bin/tests/system/filter-aaaa/ns2/named2.conf.in similarity index 81% rename from bin/tests/system/filter-aaaa/ns2/named2.conf rename to bin/tests/system/filter-aaaa/ns2/named2.conf.in index f6e8308298..a92bfa8649 100644 --- a/bin/tests/system/filter-aaaa/ns2/named2.conf +++ b/bin/tests/system/filter-aaaa/ns2/named2.conf.in @@ -6,15 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named2.conf,v 1.1.2.1 2012/01/07 03:32:16 each Exp $ */ - -controls { /* empty */ }; - options { query-source address 10.53.0.2; notify-source 10.53.0.2; transfer-source 10.53.0.2; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.2; }; listen-on-v6 { fd92:7065:b8e:ffff::2; }; @@ -31,7 +27,7 @@ key rndc_key { }; controls { - inet 10.53.0.2 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; zone "." { type hint; file "hints"; }; diff --git a/bin/tests/system/filter-aaaa/ns3/named1.conf b/bin/tests/system/filter-aaaa/ns3/named1.conf.in similarity index 81% rename from bin/tests/system/filter-aaaa/ns3/named1.conf rename to bin/tests/system/filter-aaaa/ns3/named1.conf.in index 3038d6edc7..fc959ee8f3 100644 --- a/bin/tests/system/filter-aaaa/ns3/named1.conf +++ b/bin/tests/system/filter-aaaa/ns3/named1.conf.in @@ -6,15 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named1.conf,v 1.1.2.1 2012/01/07 03:32:16 each Exp $ */ - -controls { /* empty */ }; - options { query-source address 10.53.0.3; notify-source 10.53.0.3; transfer-source 10.53.0.3; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.3; }; listen-on-v6 { fd92:7065:b8e:ffff::3; }; @@ -31,7 +27,7 @@ key rndc_key { }; controls { - inet 10.53.0.3 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.3 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; zone "." { type hint; file "hints"; }; diff --git a/bin/tests/system/filter-aaaa/ns3/named2.conf b/bin/tests/system/filter-aaaa/ns3/named2.conf.in similarity index 81% rename from bin/tests/system/filter-aaaa/ns3/named2.conf rename to bin/tests/system/filter-aaaa/ns3/named2.conf.in index ab5912b39b..17e952f7d7 100644 --- a/bin/tests/system/filter-aaaa/ns3/named2.conf +++ b/bin/tests/system/filter-aaaa/ns3/named2.conf.in @@ -6,15 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named2.conf,v 1.1.2.1 2012/01/07 03:32:16 each Exp $ */ - -controls { /* empty */ }; - options { query-source address 10.53.0.3; notify-source 10.53.0.3; transfer-source 10.53.0.3; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.3; }; listen-on-v6 { fd92:7065:b8e:ffff::3; }; @@ -31,7 +27,7 @@ key rndc_key { }; controls { - inet 10.53.0.3 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.3 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; zone "." { type hint; file "hints"; }; diff --git a/bin/tests/system/filter-aaaa/ns4/named1.conf b/bin/tests/system/filter-aaaa/ns4/named1.conf.in similarity index 83% rename from bin/tests/system/filter-aaaa/ns4/named1.conf rename to bin/tests/system/filter-aaaa/ns4/named1.conf.in index 0a11384e30..b5b8b9a797 100644 --- a/bin/tests/system/filter-aaaa/ns4/named1.conf +++ b/bin/tests/system/filter-aaaa/ns4/named1.conf.in @@ -6,15 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named1.conf,v 1.1.2.1 2012/01/07 03:32:16 each Exp $ */ - -controls { /* empty */ }; - options { query-source address 10.53.0.4; notify-source 10.53.0.4; transfer-source 10.53.0.4; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.4; }; listen-on-v6 { fd92:7065:b8e:ffff::4; }; @@ -31,7 +27,7 @@ key rndc_key { }; controls { - inet 10.53.0.4 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.4 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; zone "." { type master; file "root.db"; }; diff --git a/bin/tests/system/filter-aaaa/ns4/named2.conf b/bin/tests/system/filter-aaaa/ns4/named2.conf.in similarity index 83% rename from bin/tests/system/filter-aaaa/ns4/named2.conf rename to bin/tests/system/filter-aaaa/ns4/named2.conf.in index 2c8e411cea..2703bfd9ad 100644 --- a/bin/tests/system/filter-aaaa/ns4/named2.conf +++ b/bin/tests/system/filter-aaaa/ns4/named2.conf.in @@ -6,15 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named2.conf,v 1.1.2.1 2012/01/07 03:32:16 each Exp $ */ - -controls { /* empty */ }; - options { query-source address 10.53.0.4; notify-source 10.53.0.4; transfer-source 10.53.0.4; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.4; }; listen-on-v6 { fd92:7065:b8e:ffff::4; }; @@ -31,7 +27,7 @@ key rndc_key { }; controls { - inet 10.53.0.4 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.4 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; zone "." { type master; file "root.db"; }; diff --git a/bin/tests/system/filter-aaaa/ns4/sign.sh b/bin/tests/system/filter-aaaa/ns4/sign.sh index ebb14d0917..8ade43ab90 100755 --- a/bin/tests/system/filter-aaaa/ns4/sign.sh +++ b/bin/tests/system/filter-aaaa/ns4/sign.sh @@ -6,8 +6,6 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -# $Id: sign.sh,v 1.2 2010/06/22 03:58:38 marka Exp $ - SYSTEMTESTTOP=../.. . $SYSTEMTESTTOP/conf.sh @@ -24,4 +22,4 @@ keyname2=`$KEYGEN -f KSK -r $RANDFILE -a DSA -b 768 -n zone $zone 2> /dev/null` cat $infile $keyname1.key $keyname2.key >$zonefile $SIGNER -r $RANDFILE -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err -echo "I: signed $zone" +echo_i "signed $zone" diff --git a/bin/tests/system/filter-aaaa/setup.sh b/bin/tests/system/filter-aaaa/setup.sh index 959fd0ce47..96a1205774 100644 --- a/bin/tests/system/filter-aaaa/setup.sh +++ b/bin/tests/system/filter-aaaa/setup.sh @@ -13,17 +13,17 @@ $SHELL clean.sh test -r $RANDFILE || $GENRANDOM 800 $RANDFILE -cp ns1/named1.conf ns1/named.conf -cp ns2/named1.conf ns2/named.conf -cp ns3/named1.conf ns3/named.conf -cp ns4/named1.conf ns4/named.conf +copy_setports ns1/named1.conf.in ns1/named.conf +copy_setports ns2/named1.conf.in ns2/named.conf +copy_setports ns3/named1.conf.in ns3/named.conf +copy_setports ns4/named1.conf.in ns4/named.conf if $SHELL ../testcrypto.sh -q then (cd ns1 && $SHELL -e sign.sh) (cd ns4 && $SHELL -e sign.sh) else - echo "I:using pre-signed zones" + echo_i "using pre-signed zones" cp -f ns1/signed.db.presigned ns1/signed.db.signed cp -f ns4/signed.db.presigned ns4/signed.db.signed fi diff --git a/bin/tests/system/filter-aaaa/tests.sh b/bin/tests/system/filter-aaaa/tests.sh index b5df42ef5d..dfc3f332fd 100644 --- a/bin/tests/system/filter-aaaa/tests.sh +++ b/bin/tests/system/filter-aaaa/tests.sh @@ -6,8 +6,6 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -# $Id: tests.sh,v 1.4 2012/01/31 23:47:31 tbox Exp $ - SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh @@ -16,25 +14,26 @@ n=0 rm -f dig.out.* -DIGOPTS="+tcp +noadd +nosea +nostat +nocmd -p 5300" +DIGOPTS="+tcp +noadd +nosea +nostat +nocmd -p ${PORT}" +RNDCCMD="$RNDC -c $SYSTEMTESTTOP/common/rndc.conf -p ${CONTROLPORT} -s" for conf in conf/good*.conf do n=`expr $n + 1` - echo "I:checking that $conf is accepted ($n)" + echo_i "checking that $conf is accepted ($n)" ret=0 $CHECKCONF "$conf" || ret=1 - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` done for conf in conf/bad*.conf do n=`expr $n + 1` - echo "I:checking that $conf is rejected ($n)" + echo_i "checking that $conf is rejected ($n)" ret=0 $CHECKCONF "$conf" >/dev/null && ret=1 - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` done @@ -44,180 +43,180 @@ done # filter-aaaa { 10.53.0.1; }; # n=`expr $n + 1` -echo "I:checking that AAAA is returned when only AAAA record exists, signed ($n)" +echo_i "checking that AAAA is returned when only AAAA record exists, signed ($n)" ret=0 $DIG $DIGOPTS aaaa aaaa-only.signed -b 10.53.0.1 @10.53.0.1 > dig.out.ns1.test$n || ret=1 grep "AUTHORITY: 1," dig.out.ns1.test$n > /dev/null || ret=1 grep ::2 dig.out.ns1.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that AAAA is returned when only AAAA record exists, unsigned ($n)" +echo_i "checking that AAAA is returned when only AAAA record exists, unsigned ($n)" ret=0 $DIG $DIGOPTS aaaa aaaa-only.unsigned -b 10.53.0.1 @10.53.0.1 > dig.out.ns1.test$n || ret=1 grep "AUTHORITY: 1," dig.out.ns1.test$n > /dev/null || ret=1 grep ::5 dig.out.ns1.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that NODATA/NOERROR is returned when both AAAA and A records exist, signed ($n)" +echo_i "checking that NODATA/NOERROR is returned when both AAAA and A records exist, signed ($n)" ret=0 $DIG $DIGOPTS aaaa dual.signed -b 10.53.0.1 @10.53.0.1 > dig.out.ns1.test$n || ret=1 grep "ANSWER: 0" dig.out.ns1.test$n > /dev/null || ret=1 grep "AUTHORITY: 0" dig.out.ns1.test$n > /dev/null || ret=1 grep "status: NOERROR" dig.out.ns1.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that NODATA/NOERROR is returned when both AAAA and A records exist, unsigned ($n)" +echo_i "checking that NODATA/NOERROR is returned when both AAAA and A records exist, unsigned ($n)" ret=0 $DIG $DIGOPTS aaaa dual.unsigned -b 10.53.0.1 @10.53.0.1 > dig.out.ns1.test$n || ret=1 grep "ANSWER: 0" dig.out.ns1.test$n > /dev/null || ret=1 grep "AUTHORITY: 0" dig.out.ns1.test$n > /dev/null || ret=1 grep "status: NOERROR" dig.out.ns1.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that AAAA is returned when both AAAA and A records exist, signed and DO set ($n)" +echo_i "checking that AAAA is returned when both AAAA and A records exist, signed and DO set ($n)" ret=0 $DIG $DIGOPTS aaaa dual.signed +dnssec -b 10.53.0.1 @10.53.0.1 > dig.out.ns1.test$n || ret=1 grep "AUTHORITY: 2," dig.out.ns1.test$n > /dev/null || ret=1 grep ::3 dig.out.ns1.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that NODATA/NOERROR is returned when both AAAA and A records exist, unsigned and DO set ($n)" +echo_i "checking that NODATA/NOERROR is returned when both AAAA and A records exist, unsigned and DO set ($n)" ret=0 $DIG $DIGOPTS aaaa dual.unsigned -b 10.53.0.1 @10.53.0.1 > dig.out.ns1.test$n || ret=1 grep "ANSWER: 0" dig.out.ns1.test$n > /dev/null || ret=1 grep "AUTHORITY: 0," dig.out.ns1.test$n > /dev/null || ret=1 grep "status: NOERROR" dig.out.ns1.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that AAAA is returned when both AAAA and A records exist and query source does not match acl ($n)" +echo_i "checking that AAAA is returned when both AAAA and A records exist and query source does not match acl ($n)" ret=0 $DIG $DIGOPTS aaaa dual.unsigned -b 10.53.0.2 @10.53.0.1 > dig.out.ns1.test$n || ret=1 grep "status: NOERROR" dig.out.ns1.test$n > /dev/null || ret=1 grep "AUTHORITY: 1," dig.out.ns1.test$n > /dev/null || ret=1 grep ::6 dig.out.ns1.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that A and not AAAA is returned when both AAAA and A records exist, signed and qtype=ANY ($n)" +echo_i "checking that A and not AAAA is returned when both AAAA and A records exist, signed and qtype=ANY ($n)" ret=0 $DIG $DIGOPTS any dual.signed -b 10.53.0.1 @10.53.0.1 > dig.out.ns1.test$n || ret=1 grep "status: NOERROR" dig.out.ns1.test$n > /dev/null || ret=1 grep "AUTHORITY: 0," dig.out.ns1.test$n > /dev/null || ret=1 grep "1.0.0.3" dig.out.ns1.test$n > /dev/null || ret=1 grep "::3" dig.out.ns1.test$n > /dev/null && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that A and not AAAA is returned when both AAAA and A records exist, unsigned and qtype=ANY ($n)" +echo_i "checking that A and not AAAA is returned when both AAAA and A records exist, unsigned and qtype=ANY ($n)" ret=0 $DIG $DIGOPTS any dual.unsigned -b 10.53.0.1 @10.53.0.1 > dig.out.ns1.test$n || ret=1 grep "status: NOERROR" dig.out.ns1.test$n > /dev/null || ret=1 grep "AUTHORITY: 0," dig.out.ns1.test$n > /dev/null || ret=1 grep "1.0.0.6" dig.out.ns1.test$n > /dev/null || ret=1 grep "::6" dig.out.ns1.test$n > /dev/null && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that both A and AAAA are returned when both AAAA and A records exist, signed, qtype=ANY and DO is set ($n)" +echo_i "checking that both A and AAAA are returned when both AAAA and A records exist, signed, qtype=ANY and DO is set ($n)" ret=0 $DIG $DIGOPTS any dual.signed +dnssec -b 10.53.0.1 @10.53.0.1 > dig.out.ns1.test$n || ret=1 grep "status: NOERROR" dig.out.ns1.test$n > /dev/null || ret=1 grep "AUTHORITY: 2," dig.out.ns1.test$n > /dev/null || ret=1 grep ::3 dig.out.ns1.test$n > /dev/null || ret=1 grep "1.0.0.3" dig.out.ns1.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that A and not AAAA is returned when both AAAA and A records exist, unsigned, qtype=ANY and DO is set ($n)" +echo_i "checking that A and not AAAA is returned when both AAAA and A records exist, unsigned, qtype=ANY and DO is set ($n)" ret=0 $DIG $DIGOPTS any dual.unsigned +dnssec -b 10.53.0.1 @10.53.0.1 > dig.out.ns1.test$n || ret=1 grep "status: NOERROR" dig.out.ns1.test$n > /dev/null || ret=1 grep "AUTHORITY: 0," dig.out.ns1.test$n > /dev/null || ret=1 grep "1.0.0.6" dig.out.ns1.test$n > /dev/null || ret=1 grep "::6" dig.out.ns1.test$n > /dev/null && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that both A and AAAA are returned when both AAAA and A records exist, qtype=ANY and query source does not match acl ($n)" +echo_i "checking that both A and AAAA are returned when both AAAA and A records exist, qtype=ANY and query source does not match acl ($n)" ret=0 $DIG $DIGOPTS any dual.unsigned -b 10.53.0.2 @10.53.0.1 > dig.out.ns1.test$n || ret=1 grep "status: NOERROR" dig.out.ns1.test$n > /dev/null || ret=1 grep "AUTHORITY: 1," dig.out.ns1.test$n > /dev/null || ret=1 grep 1.0.0.6 dig.out.ns1.test$n > /dev/null || ret=1 grep ::6 dig.out.ns1.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that AAAA is returned when both AAAA and A record exists, unsigned over IPv6 ($n)" +echo_i "checking that AAAA is returned when both AAAA and A record exists, unsigned over IPv6 ($n)" if $TESTSOCK6 fd92:7065:b8e:ffff::1 then ret=0 $DIG $DIGOPTS aaaa dual.unsigned -b fd92:7065:b8e:ffff::1 @fd92:7065:b8e:ffff::1 > dig.out.ns1.test$n || ret=1 grep 2001:db8::6 dig.out.ns1.test$n > /dev/null || ret=1 grep "AUTHORITY: 1," dig.out.ns1.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` else -echo "I: skipped." +echo_i "skipped." fi n=`expr $n + 1` -echo "I:checking that AAAA is omitted from additional section, qtype=NS ($n)" +echo_i "checking that AAAA is omitted from additional section, qtype=NS ($n)" ret=0 $DIG $DIGOPTS +add ns unsigned -b 10.53.0.1 @10.53.0.1 > dig.out.ns1.test$n || ret=1 grep AAAA dig.out.ns1.test$n > /dev/null 2>&1 && ret=1 grep "ANSWER: 1," dig.out.ns1.test$n > /dev/null || ret=1 grep "ADDITIONAL: 2" dig.out.ns1.test$n > /dev/null 2>&1 || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that AAAA is omitted from additional section, qtype=MX, unsigned ($n)" +echo_i "checking that AAAA is omitted from additional section, qtype=MX, unsigned ($n)" ret=0 $DIG $DIGOPTS +add +dnssec mx unsigned -b 10.53.0.1 @10.53.0.1 > dig.out.ns1.test$n || ret=1 grep "^mx.unsigned.*AAAA" dig.out.ns1.test$n > /dev/null 2>&1 && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that AAAA is included in additional section, qtype=MX, signed ($n)" +echo_i "checking that AAAA is included in additional section, qtype=MX, signed ($n)" ret=0 $DIG $DIGOPTS +add +dnssec mx signed -b 10.53.0.1 @10.53.0.1 > dig.out.ns1.test$n || ret=1 grep "^mx.signed.*AAAA" dig.out.ns1.test$n > /dev/null 2>&1 || ret=1 grep "AUTHORITY: 2," dig.out.ns1.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that AAAA is included in additional section, qtype=MX, unsigned, over IPv6 ($n)" +echo_i "checking that AAAA is included in additional section, qtype=MX, unsigned, over IPv6 ($n)" if $TESTSOCK6 fd92:7065:b8e:ffff::1 then ret=0 $DIG $DIGOPTS +add +dnssec mx unsigned -b fd92:7065:b8e:ffff::1 @fd92:7065:b8e:ffff::1 > dig.out.ns1.test$n || ret=1 grep "^mx.unsigned.*AAAA" dig.out.ns1.test$n > /dev/null 2>&1 || ret=1 grep "AUTHORITY: 1," dig.out.ns1.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` else -echo "I: skipped." +echo_i "skipped." fi @@ -227,168 +226,168 @@ fi # filter-aaaa { 10.53.0.4; }; # n=`expr $n + 1` -echo "I:checking that AAAA is returned when only AAAA record exists, signed with break-dnssec ($n)" +echo_i "checking that AAAA is returned when only AAAA record exists, signed with break-dnssec ($n)" ret=0 $DIG $DIGOPTS aaaa aaaa-only.signed -b 10.53.0.4 @10.53.0.4 > dig.out.ns4.test$n || ret=1 grep "AUTHORITY: 1," dig.out.ns4.test$n > /dev/null || ret=1 grep ::2 dig.out.ns4.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that AAAA is returned when only AAAA record exists, unsigned with break-dnssec ($n)" +echo_i "checking that AAAA is returned when only AAAA record exists, unsigned with break-dnssec ($n)" ret=0 $DIG $DIGOPTS aaaa aaaa-only.unsigned -b 10.53.0.4 @10.53.0.4 > dig.out.ns4.test$n || ret=1 grep "AUTHORITY: 1," dig.out.ns4.test$n > /dev/null || ret=1 grep ::5 dig.out.ns4.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that NODATA/NOERROR is returned when both AAAA and A records exist, signed with break-dnssec ($n)" +echo_i "checking that NODATA/NOERROR is returned when both AAAA and A records exist, signed with break-dnssec ($n)" ret=0 $DIG $DIGOPTS aaaa dual.signed -b 10.53.0.4 @10.53.0.4 > dig.out.ns4.test$n || ret=1 grep "ANSWER: 0" dig.out.ns4.test$n > /dev/null || ret=1 grep "AUTHORITY: 0," dig.out.ns4.test$n > /dev/null || ret=1 grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that NODATA/NOERROR is returned when both AAAA and A records exist, unsigned with break-dnssec ($n)" +echo_i "checking that NODATA/NOERROR is returned when both AAAA and A records exist, unsigned with break-dnssec ($n)" ret=0 $DIG $DIGOPTS aaaa dual.unsigned -b 10.53.0.4 @10.53.0.4 > dig.out.ns4.test$n || ret=1 grep "ANSWER: 0" dig.out.ns4.test$n > /dev/null || ret=1 grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that NODATA/NOERROR is returned when both AAAA and A records exist, signed and DO set with break-dnssec ($n)" +echo_i "checking that NODATA/NOERROR is returned when both AAAA and A records exist, signed and DO set with break-dnssec ($n)" ret=0 $DIG $DIGOPTS aaaa dual.signed +dnssec -b 10.53.0.4 @10.53.0.4 > dig.out.ns4.test$n || ret=1 grep "ANSWER: 0" dig.out.ns4.test$n > /dev/null || ret=1 grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that NODATA/NOERROR is returned when both AAAA and A records exist, unsigned and DO set with break-dnssec ($n)" +echo_i "checking that NODATA/NOERROR is returned when both AAAA and A records exist, unsigned and DO set with break-dnssec ($n)" ret=0 $DIG $DIGOPTS aaaa dual.unsigned -b 10.53.0.4 @10.53.0.4 > dig.out.ns4.test$n || ret=1 grep "ANSWER: 0" dig.out.ns4.test$n > /dev/null || ret=1 grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that AAAA is returned when both AAAA and A records exist and query source does not match acl with break-dnssec ($n)" +echo_i "checking that AAAA is returned when both AAAA and A records exist and query source does not match acl with break-dnssec ($n)" ret=0 $DIG $DIGOPTS aaaa dual.unsigned -b 10.53.0.2 @10.53.0.4 > dig.out.ns4.test$n || ret=1 grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 grep ::6 dig.out.ns4.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that A and not AAAA is returned when both AAAA and A records exist, signed and qtype=ANY with break-dnssec ($n)" +echo_i "checking that A and not AAAA is returned when both AAAA and A records exist, signed and qtype=ANY with break-dnssec ($n)" ret=0 $DIG $DIGOPTS any dual.signed -b 10.53.0.4 @10.53.0.4 > dig.out.ns4.test$n || ret=1 grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 grep "1.0.0.3" dig.out.ns4.test$n > /dev/null || ret=1 grep "::3" dig.out.ns4.test$n > /dev/null && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that A and not AAAA is returned when both AAAA and A records exist, unsigned and qtype=ANY with break-dnssec ($n)" +echo_i "checking that A and not AAAA is returned when both AAAA and A records exist, unsigned and qtype=ANY with break-dnssec ($n)" ret=0 $DIG $DIGOPTS any dual.unsigned -b 10.53.0.4 @10.53.0.4 > dig.out.ns4.test$n || ret=1 grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 grep "1.0.0.6" dig.out.ns4.test$n > /dev/null || ret=1 grep "::6" dig.out.ns4.test$n > /dev/null && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that A and not AAAA is returned when both AAAA and A records exist, signed, qtype=ANY and DO is set with break-dnssec ($n)" +echo_i "checking that A and not AAAA is returned when both AAAA and A records exist, signed, qtype=ANY and DO is set with break-dnssec ($n)" ret=0 $DIG $DIGOPTS any dual.signed +dnssec -b 10.53.0.4 @10.53.0.4 > dig.out.ns4.test$n || ret=1 grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 grep "1.0.0.3" dig.out.ns4.test$n > /dev/null || ret=1 grep ::3 dig.out.ns4.test$n > /dev/null && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that A and not AAAA is returned when both AAAA and A records exist, unsigned, qtype=ANY and DO is set with break-dnssec ($n)" +echo_i "checking that A and not AAAA is returned when both AAAA and A records exist, unsigned, qtype=ANY and DO is set with break-dnssec ($n)" ret=0 $DIG $DIGOPTS any dual.unsigned +dnssec -b 10.53.0.4 @10.53.0.4 > dig.out.ns4.test$n || ret=1 grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 grep "1.0.0.6" dig.out.ns4.test$n > /dev/null || ret=1 grep "::6" dig.out.ns4.test$n > /dev/null && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that both A and AAAA are returned when both AAAA and A records exist, qtype=ANY and query source does not match acl with break-dnssec ($n)" +echo_i "checking that both A and AAAA are returned when both AAAA and A records exist, qtype=ANY and query source does not match acl with break-dnssec ($n)" ret=0 $DIG $DIGOPTS any dual.unsigned -b 10.53.0.2 @10.53.0.4 > dig.out.ns4.test$n || ret=1 grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 grep 1.0.0.6 dig.out.ns4.test$n > /dev/null || ret=1 grep ::6 dig.out.ns4.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that AAAA is returned when both AAAA and A record exists, unsigned over IPv6 with break-dnssec ($n)" +echo_i "checking that AAAA is returned when both AAAA and A record exists, unsigned over IPv6 with break-dnssec ($n)" if $TESTSOCK6 fd92:7065:b8e:ffff::4 then ret=0 $DIG $DIGOPTS aaaa dual.unsigned -b fd92:7065:b8e:ffff::4 @fd92:7065:b8e:ffff::4 > dig.out.ns4.test$n || ret=1 grep 2001:db8::6 dig.out.ns4.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` else -echo "I: skipped." +echo_i "skipped." fi n=`expr $n + 1` -echo "I:checking that AAAA is omitted from additional section, qtype=NS, with break-dnssec ($n)" +echo_i "checking that AAAA is omitted from additional section, qtype=NS, with break-dnssec ($n)" ret=0 $DIG $DIGOPTS +add ns unsigned -b 10.53.0.4 @10.53.0.4 > dig.out.ns4.test$n || ret=1 grep AAAA dig.out.ns4.test$n > /dev/null 2>&1 && ret=1 grep "ADDITIONAL: 2" dig.out.ns4.test$n > /dev/null 2>&1 || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that AAAA is omitted from additional section, qtype=MX, unsigned, with break-dnssec ($n)" +echo_i "checking that AAAA is omitted from additional section, qtype=MX, unsigned, with break-dnssec ($n)" ret=0 $DIG $DIGOPTS +add +dnssec mx unsigned -b 10.53.0.4 @10.53.0.4 > dig.out.ns4.test$n || ret=1 grep "^mx.unsigned.*AAAA" dig.out.ns4.test$n > /dev/null 2>&1 && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that AAAA is omitted from additional section, qtype=MX, signed, with break-dnssec ($n)" +echo_i "checking that AAAA is omitted from additional section, qtype=MX, signed, with break-dnssec ($n)" ret=0 $DIG $DIGOPTS +add +dnssec mx signed -b 10.53.0.4 @10.53.0.4 > dig.out.ns4.test$n || ret=1 grep "^mx.signed.*AAAA" dig.out.ns4.test$n > /dev/null 2>&1 && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that AAAA is included in additional section, qtype=MX, unsigned, over IPv6, with break-dnssec ($n)" +echo_i "checking that AAAA is included in additional section, qtype=MX, unsigned, over IPv6, with break-dnssec ($n)" if $TESTSOCK6 fd92:7065:b8e:ffff::4 then ret=0 $DIG $DIGOPTS +add +dnssec mx unsigned -b fd92:7065:b8e:ffff::4 @fd92:7065:b8e:ffff::4 > dig.out.ns4.test$n || ret=1 grep "^mx.unsigned.*AAAA" dig.out.ns4.test$n > /dev/null 2>&1 || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` else -echo "I: skipped." +echo_i "skipped." fi @@ -398,164 +397,164 @@ fi # filter-aaaa { 10.53.0.2; }; # n=`expr $n + 1` -echo "I:checking that AAAA is returned when only AAAA record exists, signed, recursive ($n)" +echo_i "checking that AAAA is returned when only AAAA record exists, signed, recursive ($n)" ret=0 $DIG $DIGOPTS aaaa aaaa-only.signed -b 10.53.0.2 @10.53.0.2 > dig.out.ns2.test$n || ret=1 grep ::2 dig.out.ns2.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that AAAA is returned when only AAAA record exists, unsigned, recursive ($n)" +echo_i "checking that AAAA is returned when only AAAA record exists, unsigned, recursive ($n)" ret=0 $DIG $DIGOPTS aaaa aaaa-only.unsigned -b 10.53.0.2 @10.53.0.2 > dig.out.ns2.test$n || ret=1 grep ::5 dig.out.ns2.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that NODATA/NOERROR is returned when both AAAA and A records exist, signed, recursive ($n)" +echo_i "checking that NODATA/NOERROR is returned when both AAAA and A records exist, signed, recursive ($n)" ret=0 $DIG $DIGOPTS aaaa dual.signed -b 10.53.0.2 @10.53.0.2 > dig.out.ns2.test$n || ret=1 grep "ANSWER: 0" dig.out.ns2.test$n > /dev/null || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that NODATA/NOERROR is returned when both AAAA and A records exist, unsigned, recursive ($n)" +echo_i "checking that NODATA/NOERROR is returned when both AAAA and A records exist, unsigned, recursive ($n)" ret=0 $DIG $DIGOPTS aaaa dual.unsigned -b 10.53.0.2 @10.53.0.2 > dig.out.ns2.test$n || ret=1 grep "ANSWER: 0" dig.out.ns2.test$n > /dev/null || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that AAAA is returned when both AAAA and A records exist, signed and DO set, recursive ($n)" +echo_i "checking that AAAA is returned when both AAAA and A records exist, signed and DO set, recursive ($n)" ret=0 $DIG $DIGOPTS aaaa dual.signed +dnssec -b 10.53.0.2 @10.53.0.2 > dig.out.ns2.test$n || ret=1 grep ::3 dig.out.ns2.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that NODATA/NOERROR is returned when both AAAA and A records exist, unsigned and DO set, recursive ($n)" +echo_i "checking that NODATA/NOERROR is returned when both AAAA and A records exist, unsigned and DO set, recursive ($n)" ret=0 $DIG $DIGOPTS aaaa dual.unsigned +dnssec -b 10.53.0.2 @10.53.0.2 > dig.out.ns2.test$n || ret=1 grep "ANSWER: 0" dig.out.ns2.test$n > /dev/null || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that AAAA is returned when both AAAA and A records exist and query source does not match acl, recursive ($n)" +echo_i "checking that AAAA is returned when both AAAA and A records exist and query source does not match acl, recursive ($n)" ret=0 $DIG $DIGOPTS aaaa dual.unsigned -b 10.53.0.1 @10.53.0.2 > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep ::6 dig.out.ns2.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that A and not AAAA is returned when both AAAA and A records exist, signed and qtype=ANY recursive ($n)" +echo_i "checking that A and not AAAA is returned when both AAAA and A records exist, signed and qtype=ANY recursive ($n)" ret=0 $DIG $DIGOPTS any dual.signed -b 10.53.0.2 @10.53.0.2 > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "1.0.0.3" dig.out.ns2.test$n > /dev/null || ret=1 grep "::3" dig.out.ns2.test$n > /dev/null && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that A and not AAAA is returned when both AAAA and A records exist, unsigned and qtype=ANY recursive ($n)" +echo_i "checking that A and not AAAA is returned when both AAAA and A records exist, unsigned and qtype=ANY recursive ($n)" ret=0 $DIG $DIGOPTS any dual.unsigned -b 10.53.0.2 @10.53.0.2 > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "1.0.0.6" dig.out.ns2.test$n > /dev/null || ret=1 grep "::6" dig.out.ns2.test$n > /dev/null && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that both A and AAAA are returned when both AAAA and A records exist, signed, qtype=ANY and DO is set, recursive ($n)" +echo_i "checking that both A and AAAA are returned when both AAAA and A records exist, signed, qtype=ANY and DO is set, recursive ($n)" ret=0 $DIG $DIGOPTS any dual.signed +dnssec -b 10.53.0.2 @10.53.0.2 > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep ::3 dig.out.ns2.test$n > /dev/null || ret=1 grep "1.0.0.3" dig.out.ns2.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that A and not AAAA is returned when both AAAA and A records exist, unsigned, qtype=ANY and DO is set, recursive ($n)" +echo_i "checking that A and not AAAA is returned when both AAAA and A records exist, unsigned, qtype=ANY and DO is set, recursive ($n)" ret=0 $DIG $DIGOPTS any dual.unsigned +dnssec -b 10.53.0.2 @10.53.0.2 > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "1.0.0.6" dig.out.ns2.test$n > /dev/null || ret=1 grep "::6" dig.out.ns2.test$n > /dev/null && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that both A and AAAA are returned when both AAAA and A records exist, qtype=ANY and query source does not match acl, recursive ($n)" +echo_i "checking that both A and AAAA are returned when both AAAA and A records exist, qtype=ANY and query source does not match acl, recursive ($n)" ret=0 $DIG $DIGOPTS any dual.unsigned -b 10.53.0.1 @10.53.0.2 > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep 1.0.0.6 dig.out.ns2.test$n > /dev/null || ret=1 grep ::6 dig.out.ns2.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that AAAA is returned when both AAAA and A record exists, unsigned over IPv6, recursive ($n)" +echo_i "checking that AAAA is returned when both AAAA and A record exists, unsigned over IPv6, recursive ($n)" if $TESTSOCK6 fd92:7065:b8e:ffff::2 then ret=0 $DIG $DIGOPTS aaaa dual.unsigned -b fd92:7065:b8e:ffff::2 @fd92:7065:b8e:ffff::2 > dig.out.ns2.test$n || ret=1 grep 2001:db8::6 dig.out.ns2.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` else -echo "I: skipped." +echo_i "skipped." fi n=`expr $n + 1` -echo "I:checking that AAAA is omitted from additional section, qtype=NS ($n)" +echo_i "checking that AAAA is omitted from additional section, qtype=NS ($n)" ret=0 $DIG $DIGOPTS +add ns unsigned -b 10.53.0.2 @10.53.0.2 > dig.out.ns2.test$n || ret=1 grep AAAA dig.out.ns2.test$n > /dev/null 2>&1 && ret=1 grep "ADDITIONAL: 2" dig.out.ns2.test$n > /dev/null 2>&1 || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that AAAA is omitted from additional section, qtype=MX, unsigned ($n)" +echo_i "checking that AAAA is omitted from additional section, qtype=MX, unsigned ($n)" ret=0 $DIG $DIGOPTS +add +dnssec mx unsigned -b 10.53.0.2 @10.53.0.2 > dig.out.ns2.test$n || ret=1 grep "^mx.unsigned.*AAAA" dig.out.ns2.test$n > /dev/null 2>&1 && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that AAAA is included in additional section, qtype=MX, signed ($n)" +echo_i "checking that AAAA is included in additional section, qtype=MX, signed ($n)" ret=0 $DIG $DIGOPTS +add +dnssec mx signed -b 10.53.0.2 @10.53.0.2 > dig.out.ns2.test$n || ret=1 grep "^mx.signed.*AAAA" dig.out.ns2.test$n > /dev/null 2>&1 || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that AAAA is included in additional section, qtype=MX, unsigned, over IPv6 ($n)" +echo_i "checking that AAAA is included in additional section, qtype=MX, unsigned, over IPv6 ($n)" if $TESTSOCK6 fd92:7065:b8e:ffff::2 then ret=0 $DIG $DIGOPTS +add +dnssec mx unsigned -b fd92:7065:b8e:ffff::2 @fd92:7065:b8e:ffff::2 > dig.out.ns2.test$n || ret=1 grep "^mx.unsigned.*AAAA" dig.out.ns2.test$n > /dev/null 2>&1 || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` else -echo "I: skipped." +echo_i "skipped." fi @@ -565,182 +564,182 @@ fi # filter-aaaa { 10.53.0.3; }; # n=`expr $n + 1` -echo "I:checking that AAAA is returned when only AAAA record exists, signed, recursive with break-dnssec ($n)" +echo_i "checking that AAAA is returned when only AAAA record exists, signed, recursive with break-dnssec ($n)" ret=0 $DIG $DIGOPTS aaaa aaaa-only.signed -b 10.53.0.3 @10.53.0.3 > dig.out.ns3.test$n || ret=1 grep ::2 dig.out.ns3.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that AAAA is returned when only AAAA record exists, unsigned, recursive with break-dnssec ($n)" +echo_i "checking that AAAA is returned when only AAAA record exists, unsigned, recursive with break-dnssec ($n)" ret=0 $DIG $DIGOPTS aaaa aaaa-only.unsigned -b 10.53.0.3 @10.53.0.3 > dig.out.ns3.test$n || ret=1 grep ::5 dig.out.ns3.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that NODATA/NOERROR is returned when both AAAA and A records exist, signed, recursive with break-dnssec ($n)" +echo_i "checking that NODATA/NOERROR is returned when both AAAA and A records exist, signed, recursive with break-dnssec ($n)" ret=0 $DIG $DIGOPTS aaaa dual.signed -b 10.53.0.3 @10.53.0.3 > dig.out.ns3.test$n || ret=1 grep "ANSWER: 0" dig.out.ns3.test$n > /dev/null || ret=1 grep "status: NOERROR" dig.out.ns3.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that NODATA/NOERROR is returned when both AAAA and A records exist, unsigned, recursive with break-dnssec ($n)" +echo_i "checking that NODATA/NOERROR is returned when both AAAA and A records exist, unsigned, recursive with break-dnssec ($n)" ret=0 $DIG $DIGOPTS aaaa dual.unsigned -b 10.53.0.3 @10.53.0.3 > dig.out.ns3.test$n || ret=1 grep "ANSWER: 0" dig.out.ns3.test$n > /dev/null || ret=1 grep "status: NOERROR" dig.out.ns3.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that NODATA/NOERROR is returned when both AAAA and A records exist, signed and DO set, recursive with break-dnssec ($n)" +echo_i "checking that NODATA/NOERROR is returned when both AAAA and A records exist, signed and DO set, recursive with break-dnssec ($n)" ret=0 $DIG $DIGOPTS aaaa dual.signed +dnssec -b 10.53.0.3 @10.53.0.3 > dig.out.ns3.test$n || ret=1 grep "ANSWER: 0" dig.out.ns3.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that NODATA/NOERROR is returned when both AAAA and A records exist, unsigned and DO set, recursive with break-dnssec ($n)" +echo_i "checking that NODATA/NOERROR is returned when both AAAA and A records exist, unsigned and DO set, recursive with break-dnssec ($n)" ret=0 $DIG $DIGOPTS aaaa dual.unsigned +dnssec -b 10.53.0.3 @10.53.0.3 > dig.out.ns3.test$n || ret=1 grep "ANSWER: 0" dig.out.ns3.test$n > /dev/null || ret=1 grep "status: NOERROR" dig.out.ns3.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that AAAA is returned when both AAAA and A records exist and query source does not match acl, recursive with break-dnssec ($n)" +echo_i "checking that AAAA is returned when both AAAA and A records exist and query source does not match acl, recursive with break-dnssec ($n)" ret=0 $DIG $DIGOPTS aaaa dual.unsigned -b 10.53.0.1 @10.53.0.3 > dig.out.ns3.test$n || ret=1 grep "status: NOERROR" dig.out.ns3.test$n > /dev/null || ret=1 grep ::6 dig.out.ns3.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that A and not AAAA is returned when both AAAA and A records exist, signed and qtype=ANY with break-dnssec ($n)" +echo_i "checking that A and not AAAA is returned when both AAAA and A records exist, signed and qtype=ANY with break-dnssec ($n)" ret=0 $DIG $DIGOPTS any dual.signed -b 10.53.0.3 @10.53.0.3 > dig.out.ns3.test$n || ret=1 grep "status: NOERROR" dig.out.ns3.test$n > /dev/null || ret=1 grep "1.0.0.3" dig.out.ns3.test$n > /dev/null || ret=1 grep "::3" dig.out.ns3.test$n > /dev/null && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that A and not AAAA is returned when both AAAA and A records exist, unsigned and qtype=ANY with break-dnssec ($n)" +echo_i "checking that A and not AAAA is returned when both AAAA and A records exist, unsigned and qtype=ANY with break-dnssec ($n)" ret=0 $DIG $DIGOPTS any dual.unsigned -b 10.53.0.3 @10.53.0.3 > dig.out.ns3.test$n || ret=1 grep "status: NOERROR" dig.out.ns3.test$n > /dev/null || ret=1 grep "1.0.0.6" dig.out.ns3.test$n > /dev/null || ret=1 grep "::6" dig.out.ns3.test$n > /dev/null && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that A and not AAAA is returned when both AAAA and A records exist, signed, qtype=ANY and DO is set with break-dnssec ($n)" +echo_i "checking that A and not AAAA is returned when both AAAA and A records exist, signed, qtype=ANY and DO is set with break-dnssec ($n)" ret=0 $DIG $DIGOPTS any dual.signed +dnssec -b 10.53.0.3 @10.53.0.3 > dig.out.ns3.test$n || ret=1 grep "status: NOERROR" dig.out.ns3.test$n > /dev/null || ret=1 grep "1.0.0.3" dig.out.ns3.test$n > /dev/null || ret=1 grep ::3 dig.out.ns3.test$n > /dev/null && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that A and not AAAA is returned when both AAAA and A records exist, unsigned, qtype=ANY and DO is set with break-dnssec ($n)" +echo_i "checking that A and not AAAA is returned when both AAAA and A records exist, unsigned, qtype=ANY and DO is set with break-dnssec ($n)" ret=0 $DIG $DIGOPTS any dual.unsigned +dnssec -b 10.53.0.3 @10.53.0.3 > dig.out.ns3.test$n || ret=1 grep "status: NOERROR" dig.out.ns3.test$n > /dev/null || ret=1 grep "1.0.0.6" dig.out.ns3.test$n > /dev/null || ret=1 grep "::6" dig.out.ns3.test$n > /dev/null && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that both A and AAAA are returned when both AAAA and A records exist, qtype=ANY and query source does not match acl, recursive with break-dnssec ($n)" +echo_i "checking that both A and AAAA are returned when both AAAA and A records exist, qtype=ANY and query source does not match acl, recursive with break-dnssec ($n)" ret=0 $DIG $DIGOPTS any dual.unsigned -b 10.53.0.1 @10.53.0.3 > dig.out.ns3.test$n || ret=1 grep "status: NOERROR" dig.out.ns3.test$n > /dev/null || ret=1 grep 1.0.0.6 dig.out.ns3.test$n > /dev/null || ret=1 grep ::6 dig.out.ns3.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that AAAA is returned when both AAAA and A record exists, unsigned over IPv6, recursive with break-dnssec ($n)" +echo_i "checking that AAAA is returned when both AAAA and A record exists, unsigned over IPv6, recursive with break-dnssec ($n)" if $TESTSOCK6 fd92:7065:b8e:ffff::3 then ret=0 $DIG $DIGOPTS aaaa dual.unsigned -b fd92:7065:b8e:ffff::3 @fd92:7065:b8e:ffff::3 > dig.out.ns3.test$n || ret=1 grep 2001:db8::6 dig.out.ns3.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` else -echo "I: skipped." +echo_i "skipped." fi n=`expr $n + 1` -echo "I:checking that AAAA is omitted from additional section, qtype=NS, recursive with break-dnssec ($n)" +echo_i "checking that AAAA is omitted from additional section, qtype=NS, recursive with break-dnssec ($n)" ret=0 $DIG $DIGOPTS +add ns unsigned -b 10.53.0.3 @10.53.0.3 > dig.out.ns3.test$n || ret=1 grep AAAA dig.out.ns3.test$n > /dev/null 2>&1 && ret=1 grep "ADDITIONAL: 2" dig.out.ns3.test$n > /dev/null 2>&1 || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that AAAA is omitted from additional section, qtype=MX, unsigned, recursive with break-dnssec ($n)" +echo_i "checking that AAAA is omitted from additional section, qtype=MX, unsigned, recursive with break-dnssec ($n)" ret=0 $DIG $DIGOPTS +add +dnssec mx unsigned -b 10.53.0.3 @10.53.0.3 > dig.out.ns3.test$n || ret=1 grep "^mx.unsigned.*AAAA" dig.out.ns3.test$n > /dev/null 2>&1 && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that AAAA is omitted from additional section, qtype=MX, signed, recursive with break-dnssec ($n)" +echo_i "checking that AAAA is omitted from additional section, qtype=MX, signed, recursive with break-dnssec ($n)" ret=0 $DIG $DIGOPTS +add +dnssec mx signed -b 10.53.0.3 @10.53.0.3 > dig.out.ns3.test$n || ret=1 grep "^mx.signed.*AAAA" dig.out.ns3.test$n > /dev/null 2>&1 && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that AAAA is included in additional section, qtype=MX, unsigned, over IPv6, recursive with break-dnssec ($n)" +echo_i "checking that AAAA is included in additional section, qtype=MX, unsigned, over IPv6, recursive with break-dnssec ($n)" if $TESTSOCK6 fd92:7065:b8e:ffff::3 then ret=0 $DIG $DIGOPTS +add +dnssec mx unsigned -b fd92:7065:b8e:ffff::3 @fd92:7065:b8e:ffff::3 > dig.out.ns3.test$n || ret=1 grep "^mx.unsigned.*AAAA" dig.out.ns3.test$n > /dev/null 2>&1 || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` else -echo "I: skipped." +echo_i "skipped." fi $TESTSOCK6 fd92:7065:b8e:ffff::1 || { - echo "I:IPv6 address not configured; skipping IPv6 query tests" - echo "I:exit status: $status" + echo_i "IPv6 address not configured; skipping IPv6 query tests" + echo_i "exit status: $status" exit $status } # Reconfiguring for IPv6 tests -echo "I:reconfiguring servers" -cp -f ns1/named2.conf ns1/named.conf -$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 reconfig 2>&1 | sed 's/^/I:ns1 /' -cp -f ns2/named2.conf ns2/named.conf -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 reconfig 2>&1 | sed 's/^/I:ns2 /' -cp -f ns3/named2.conf ns3/named.conf -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 reconfig 2>&1 | sed 's/^/I:ns3 /' -cp -f ns4/named2.conf ns4/named.conf -$RNDC -c ../common/rndc.conf -s 10.53.0.4 -p 9953 reconfig 2>&1 | sed 's/^/I:ns4 /' +echo_i "reconfiguring servers" +copy_setports ns1/named2.conf.in ns1/named.conf +$RNDCCMD 10.53.0.1 reconfig 2>&1 | sed 's/^/ns1 /' | cat_i +copy_setports ns2/named2.conf.in ns2/named.conf +$RNDCCMD 10.53.0.2 reconfig 2>&1 | sed 's/^/ns2 /' | cat_i +copy_setports ns3/named2.conf.in ns3/named.conf +$RNDCCMD 10.53.0.3 reconfig 2>&1 | sed 's/^/ns3 /' | cat_i +copy_setports ns4/named2.conf.in ns4/named.conf +$RNDCCMD 10.53.0.4 reconfig 2>&1 | sed 's/^/ns4 /' | cat_i # BEGIN IPv6 TESTS @@ -750,154 +749,154 @@ $RNDC -c ../common/rndc.conf -s 10.53.0.4 -p 9953 reconfig 2>&1 | sed 's/^/I:ns4 # filter-aaaa { fd92:7065:b8e:ffff::1; }; # n=`expr $n + 1` -echo "I:checking that AAAA is returned when only AAAA record exists, signed ($n)" +echo_i "checking that AAAA is returned when only AAAA record exists, signed ($n)" ret=0 $DIG $DIGOPTS aaaa aaaa-only.signed -b fd92:7065:b8e:ffff::1 @fd92:7065:b8e:ffff::1 > dig.out.ns1.test$n || ret=1 grep ::2 dig.out.ns1.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that AAAA is returned when only AAAA record exists, unsigned ($n)" +echo_i "checking that AAAA is returned when only AAAA record exists, unsigned ($n)" ret=0 $DIG $DIGOPTS aaaa aaaa-only.unsigned -b fd92:7065:b8e:ffff::1 @fd92:7065:b8e:ffff::1 > dig.out.ns1.test$n || ret=1 grep ::5 dig.out.ns1.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that NODATA/NOERROR is returned when both AAAA and A records exist, signed ($n)" +echo_i "checking that NODATA/NOERROR is returned when both AAAA and A records exist, signed ($n)" ret=0 $DIG $DIGOPTS aaaa dual.signed -b fd92:7065:b8e:ffff::1 @fd92:7065:b8e:ffff::1 > dig.out.ns1.test$n || ret=1 grep "ANSWER: 0" dig.out.ns1.test$n > /dev/null || ret=1 grep "status: NOERROR" dig.out.ns1.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that NODATA/NOERROR is returned when both AAAA and A records exist, unsigned ($n)" +echo_i "checking that NODATA/NOERROR is returned when both AAAA and A records exist, unsigned ($n)" ret=0 $DIG $DIGOPTS aaaa dual.unsigned -b fd92:7065:b8e:ffff::1 @fd92:7065:b8e:ffff::1 > dig.out.ns1.test$n || ret=1 grep "ANSWER: 0" dig.out.ns1.test$n > /dev/null || ret=1 grep "status: NOERROR" dig.out.ns1.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that AAAA is returned when both AAAA and A records exist, signed and DO set ($n)" +echo_i "checking that AAAA is returned when both AAAA and A records exist, signed and DO set ($n)" ret=0 $DIG $DIGOPTS aaaa dual.signed +dnssec -b fd92:7065:b8e:ffff::1 @fd92:7065:b8e:ffff::1 > dig.out.ns1.test$n || ret=1 grep ::3 dig.out.ns1.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that NODATA/NOERROR is returned when both AAAA and A records exist, unsigned and DO set ($n)" +echo_i "checking that NODATA/NOERROR is returned when both AAAA and A records exist, unsigned and DO set ($n)" ret=0 $DIG $DIGOPTS aaaa dual.unsigned -b fd92:7065:b8e:ffff::1 @fd92:7065:b8e:ffff::1 > dig.out.ns1.test$n || ret=1 grep "ANSWER: 0" dig.out.ns1.test$n > /dev/null || ret=1 grep "status: NOERROR" dig.out.ns1.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that AAAA is returned when both AAAA and A records exist and query source does not match acl ($n)" +echo_i "checking that AAAA is returned when both AAAA and A records exist and query source does not match acl ($n)" ret=0 $DIG $DIGOPTS aaaa dual.unsigned -b fd92:7065:b8e:ffff::2 @fd92:7065:b8e:ffff::1 > dig.out.ns1.test$n || ret=1 grep "status: NOERROR" dig.out.ns1.test$n > /dev/null || ret=1 grep ::6 dig.out.ns1.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that A and not AAAA is returned when both AAAA and A records exist, signed and qtype=ANY ($n)" +echo_i "checking that A and not AAAA is returned when both AAAA and A records exist, signed and qtype=ANY ($n)" ret=0 $DIG $DIGOPTS any dual.signed -b fd92:7065:b8e:ffff::1 @fd92:7065:b8e:ffff::1 > dig.out.ns1.test$n || ret=1 grep "status: NOERROR" dig.out.ns1.test$n > /dev/null || ret=1 grep "1.0.0.3" dig.out.ns1.test$n > /dev/null || ret=1 grep "::3" dig.out.ns1.test$n > /dev/null && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that A and not AAAA is returned when both AAAA and A records exist, unsigned and qtype=ANY ($n)" +echo_i "checking that A and not AAAA is returned when both AAAA and A records exist, unsigned and qtype=ANY ($n)" ret=0 $DIG $DIGOPTS any dual.unsigned -b fd92:7065:b8e:ffff::1 @fd92:7065:b8e:ffff::1 > dig.out.ns1.test$n || ret=1 grep "status: NOERROR" dig.out.ns1.test$n > /dev/null || ret=1 grep "1.0.0.6" dig.out.ns1.test$n > /dev/null || ret=1 grep "::6" dig.out.ns1.test$n > /dev/null && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that both A and AAAA are returned when both AAAA and A records exist, signed, qtype=ANY and DO is set ($n)" +echo_i "checking that both A and AAAA are returned when both AAAA and A records exist, signed, qtype=ANY and DO is set ($n)" ret=0 $DIG $DIGOPTS any dual.signed +dnssec -b fd92:7065:b8e:ffff::1 @fd92:7065:b8e:ffff::1 > dig.out.ns1.test$n || ret=1 grep "status: NOERROR" dig.out.ns1.test$n > /dev/null || ret=1 grep ::3 dig.out.ns1.test$n > /dev/null || ret=1 grep "1.0.0.3" dig.out.ns1.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that A and not AAAA is returned when both AAAA and A records exist, unsigned, qtype=ANY and DO is set ($n)" +echo_i "checking that A and not AAAA is returned when both AAAA and A records exist, unsigned, qtype=ANY and DO is set ($n)" ret=0 $DIG $DIGOPTS any dual.unsigned +dnssec -b fd92:7065:b8e:ffff::1 @fd92:7065:b8e:ffff::1 > dig.out.ns1.test$n || ret=1 grep "status: NOERROR" dig.out.ns1.test$n > /dev/null || ret=1 grep "1.0.0.6" dig.out.ns1.test$n > /dev/null || ret=1 grep "::6" dig.out.ns1.test$n > /dev/null && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that both A and AAAA are returned when both AAAA and A records exist, qtype=ANY and query source does not match acl ($n)" +echo_i "checking that both A and AAAA are returned when both AAAA and A records exist, qtype=ANY and query source does not match acl ($n)" ret=0 $DIG $DIGOPTS any dual.unsigned -b fd92:7065:b8e:ffff::2 @fd92:7065:b8e:ffff::1 > dig.out.ns1.test$n || ret=1 grep "status: NOERROR" dig.out.ns1.test$n > /dev/null || ret=1 grep 1.0.0.6 dig.out.ns1.test$n > /dev/null || ret=1 grep ::6 dig.out.ns1.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that AAAA is returned when both AAAA and A record exists, unsigned over IPv4 ($n)" +echo_i "checking that AAAA is returned when both AAAA and A record exists, unsigned over IPv4 ($n)" ret=0 $DIG $DIGOPTS aaaa dual.unsigned -b 10.53.0.1 @10.53.0.1 > dig.out.ns1.test$n || ret=1 grep 2001:db8::6 dig.out.ns1.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that AAAA is omitted from additional section, qtype=NS ($n)" +echo_i "checking that AAAA is omitted from additional section, qtype=NS ($n)" ret=0 $DIG $DIGOPTS +add +dnssec ns unsigned -b fd92:7065:b8e:ffff::1 @fd92:7065:b8e:ffff::1 > dig.out.ns1.test$n || ret=1 grep AAAA dig.out.ns1.test$n > /dev/null 2>&1 && ret=1 grep "ADDITIONAL: 2" dig.out.ns1.test$n > /dev/null 2>&1 || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that AAAA is omitted from additional section, qtype=MX, unsigned ($n)" +echo_i "checking that AAAA is omitted from additional section, qtype=MX, unsigned ($n)" ret=0 $DIG $DIGOPTS +add +dnssec mx unsigned -b fd92:7065:b8e:ffff::1 @fd92:7065:b8e:ffff::1 > dig.out.ns1.test$n || ret=1 grep "^mx.unsigned.*AAAA" dig.out.ns1.test$n > /dev/null 2>&1 && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that AAAA is included in additional section, qtype=MX, signed ($n)" +echo_i "checking that AAAA is included in additional section, qtype=MX, signed ($n)" ret=0 $DIG $DIGOPTS +add +dnssec mx signed -b fd92:7065:b8e:ffff::1 @fd92:7065:b8e:ffff::1 > dig.out.ns1.test$n || ret=1 grep "^mx.signed.*AAAA" dig.out.ns1.test$n > /dev/null 2>&1 || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that AAAA is included in additional section, qtype=MX, unsigned, over IPv4 ($n)" +echo_i "checking that AAAA is included in additional section, qtype=MX, unsigned, over IPv4 ($n)" ret=0 $DIG $DIGOPTS +add +dnssec mx unsigned -b 10.53.0.1 @10.53.0.1 > dig.out.ns1.test$n || ret=1 grep "^mx.unsigned.*AAAA" dig.out.ns1.test$n > /dev/null 2>&1 || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` @@ -907,155 +906,155 @@ status=`expr $status + $ret` # filter-aaaa { fd92:7065:b8e:ffff::4; }; # n=`expr $n + 1` -echo "I:checking that AAAA is returned when only AAAA record exists, signed with break-dnssec ($n)" +echo_i "checking that AAAA is returned when only AAAA record exists, signed with break-dnssec ($n)" ret=0 $DIG $DIGOPTS aaaa aaaa-only.signed -b fd92:7065:b8e:ffff::4 @fd92:7065:b8e:ffff::4 > dig.out.ns4.test$n || ret=1 grep ::2 dig.out.ns4.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that AAAA is returned when only AAAA record exists, unsigned with break-dnssec ($n)" +echo_i "checking that AAAA is returned when only AAAA record exists, unsigned with break-dnssec ($n)" ret=0 $DIG $DIGOPTS aaaa aaaa-only.unsigned -b fd92:7065:b8e:ffff::4 @fd92:7065:b8e:ffff::4 > dig.out.ns4.test$n || ret=1 grep ::5 dig.out.ns4.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that NODATA/NOERROR is returned when both AAAA and A records exist, signed with break-dnssec ($n)" +echo_i "checking that NODATA/NOERROR is returned when both AAAA and A records exist, signed with break-dnssec ($n)" ret=0 $DIG $DIGOPTS aaaa dual.signed -b fd92:7065:b8e:ffff::4 @fd92:7065:b8e:ffff::4 > dig.out.ns4.test$n || ret=1 grep "ANSWER: 0" dig.out.ns4.test$n > /dev/null || ret=1 grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that NODATA/NOERROR is returned when both AAAA and A records exist, unsigned with break-dnssec ($n)" +echo_i "checking that NODATA/NOERROR is returned when both AAAA and A records exist, unsigned with break-dnssec ($n)" ret=0 $DIG $DIGOPTS aaaa dual.unsigned -b fd92:7065:b8e:ffff::4 @fd92:7065:b8e:ffff::4 > dig.out.ns4.test$n || ret=1 grep "ANSWER: 0" dig.out.ns4.test$n > /dev/null || ret=1 grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that NODATA/NOERROR is returned when both AAAA and A records exist, signed and DO set with break-dnssec ($n)" +echo_i "checking that NODATA/NOERROR is returned when both AAAA and A records exist, signed and DO set with break-dnssec ($n)" ret=0 $DIG $DIGOPTS aaaa dual.signed +dnssec -b fd92:7065:b8e:ffff::4 @fd92:7065:b8e:ffff::4 > dig.out.ns4.test$n || ret=1 grep "ANSWER: 0" dig.out.ns4.test$n > /dev/null || ret=1 grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that NODATA/NOERROR is returned when both AAAA and A records exist, unsigned and DO set with break-dnssec ($n)" +echo_i "checking that NODATA/NOERROR is returned when both AAAA and A records exist, unsigned and DO set with break-dnssec ($n)" ret=0 $DIG $DIGOPTS aaaa dual.unsigned -b fd92:7065:b8e:ffff::4 @fd92:7065:b8e:ffff::4 > dig.out.ns4.test$n || ret=1 grep "ANSWER: 0" dig.out.ns4.test$n > /dev/null || ret=1 grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that AAAA is returned when both AAAA and A records exist and query source does not match acl with break-dnssec ($n)" +echo_i "checking that AAAA is returned when both AAAA and A records exist and query source does not match acl with break-dnssec ($n)" ret=0 $DIG $DIGOPTS aaaa dual.unsigned -b fd92:7065:b8e:ffff::2 @fd92:7065:b8e:ffff::4 > dig.out.ns4.test$n || ret=1 grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 grep ::6 dig.out.ns4.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that A and not AAAA is returned when both AAAA and A records exist, signed and qtype=ANY with break-dnssec ($n)" +echo_i "checking that A and not AAAA is returned when both AAAA and A records exist, signed and qtype=ANY with break-dnssec ($n)" ret=0 $DIG $DIGOPTS any dual.signed -b fd92:7065:b8e:ffff::4 @fd92:7065:b8e:ffff::4 > dig.out.ns4.test$n || ret=1 grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 grep "1.0.0.3" dig.out.ns4.test$n > /dev/null || ret=1 grep "::3" dig.out.ns4.test$n > /dev/null && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that A and not AAAA is returned when both AAAA and A records exist, unsigned and qtype=ANY with break-dnssec ($n)" +echo_i "checking that A and not AAAA is returned when both AAAA and A records exist, unsigned and qtype=ANY with break-dnssec ($n)" ret=0 $DIG $DIGOPTS any dual.unsigned -b fd92:7065:b8e:ffff::4 @fd92:7065:b8e:ffff::4 > dig.out.ns4.test$n || ret=1 grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 grep "1.0.0.6" dig.out.ns4.test$n > /dev/null || ret=1 grep "::6" dig.out.ns4.test$n > /dev/null && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that A and not AAAA is returned when both AAAA and A records exist, signed, qtype=ANY and DO is set with break-dnssec ($n)" +echo_i "checking that A and not AAAA is returned when both AAAA and A records exist, signed, qtype=ANY and DO is set with break-dnssec ($n)" ret=0 $DIG $DIGOPTS any dual.signed +dnssec -b fd92:7065:b8e:ffff::4 @fd92:7065:b8e:ffff::4 > dig.out.ns4.test$n || ret=1 grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 grep "1.0.0.3" dig.out.ns4.test$n > /dev/null || ret=1 grep ::3 dig.out.ns4.test$n > /dev/null && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that A and not AAAA is returned when both AAAA and A records exist, unsigned, qtype=ANY and DO is set with break-dnssec ($n)" +echo_i "checking that A and not AAAA is returned when both AAAA and A records exist, unsigned, qtype=ANY and DO is set with break-dnssec ($n)" ret=0 $DIG $DIGOPTS any dual.unsigned +dnssec -b fd92:7065:b8e:ffff::4 @fd92:7065:b8e:ffff::4 > dig.out.ns4.test$n || ret=1 grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 grep "1.0.0.6" dig.out.ns4.test$n > /dev/null || ret=1 grep "::6" dig.out.ns4.test$n > /dev/null && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that both A and AAAA are returned when both AAAA and A records exist, qtype=ANY and query source does not match acl with break-dnssec ($n)" +echo_i "checking that both A and AAAA are returned when both AAAA and A records exist, qtype=ANY and query source does not match acl with break-dnssec ($n)" ret=0 $DIG $DIGOPTS any dual.unsigned -b fd92:7065:b8e:ffff::2 @fd92:7065:b8e:ffff::4 > dig.out.ns4.test$n || ret=1 grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 grep 1.0.0.6 dig.out.ns4.test$n > /dev/null || ret=1 grep ::6 dig.out.ns4.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that AAAA is returned when both AAAA and A record exists, unsigned over IPv4 with break-dnssec ($n)" +echo_i "checking that AAAA is returned when both AAAA and A record exists, unsigned over IPv4 with break-dnssec ($n)" ret=0 $DIG $DIGOPTS aaaa dual.unsigned -b 10.53.0.4 @10.53.0.4 > dig.out.ns4.test$n || ret=1 grep 2001:db8::6 dig.out.ns4.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that AAAA is omitted from additional section, qtype=NS, with break-dnssec ($n)" +echo_i "checking that AAAA is omitted from additional section, qtype=NS, with break-dnssec ($n)" ret=0 $DIG $DIGOPTS +add +dnssec ns unsigned -b fd92:7065:b8e:ffff::4 @fd92:7065:b8e:ffff::4 > dig.out.ns4.test$n || ret=1 grep AAAA dig.out.ns4.test$n > /dev/null 2>&1 && ret=1 grep "ADDITIONAL: 2" dig.out.ns4.test$n > /dev/null 2>&1 || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that AAAA is omitted from additional section, qtype=MX, unsigned, with break-dnssec ($n)" +echo_i "checking that AAAA is omitted from additional section, qtype=MX, unsigned, with break-dnssec ($n)" ret=0 $DIG $DIGOPTS +add +dnssec mx unsigned -b fd92:7065:b8e:ffff::4 @fd92:7065:b8e:ffff::4 > dig.out.ns4.test$n || ret=1 grep "^mx.unsigned.*AAAA" dig.out.ns4.test$n > /dev/null 2>&1 && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that AAAA is omitted from additional section, qtype=MX, signed, with break-dnssec ($n)" +echo_i "checking that AAAA is omitted from additional section, qtype=MX, signed, with break-dnssec ($n)" ret=0 $DIG $DIGOPTS +add +dnssec mx signed -b fd92:7065:b8e:ffff::4 @fd92:7065:b8e:ffff::4 > dig.out.ns4.test$n || ret=1 grep "^mx.signed.*AAAA" dig.out.ns4.test$n > /dev/null 2>&1 && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that AAAA is included in additional section, qtype=MX, unsigned, over IPv4, with break-dnssec ($n)" +echo_i "checking that AAAA is included in additional section, qtype=MX, unsigned, over IPv4, with break-dnssec ($n)" ret=0 $DIG $DIGOPTS +add +dnssec mx unsigned -b 10.53.0.4 @10.53.0.4 > dig.out.ns4.test$n || ret=1 grep "^mx.unsigned.*AAAA" dig.out.ns4.test$n > /dev/null 2>&1 || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` @@ -1065,154 +1064,154 @@ status=`expr $status + $ret` # filter-aaaa { fd92:7065:b8e:ffff::2; }; # n=`expr $n + 1` -echo "I:checking that AAAA is returned when only AAAA record exists, signed, recursive ($n)" +echo_i "checking that AAAA is returned when only AAAA record exists, signed, recursive ($n)" ret=0 $DIG $DIGOPTS aaaa aaaa-only.signed -b fd92:7065:b8e:ffff::2 @fd92:7065:b8e:ffff::2 > dig.out.ns2.test$n || ret=1 grep ::2 dig.out.ns2.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that AAAA is returned when only AAAA record exists, unsigned, recursive ($n)" +echo_i "checking that AAAA is returned when only AAAA record exists, unsigned, recursive ($n)" ret=0 $DIG $DIGOPTS aaaa aaaa-only.unsigned -b fd92:7065:b8e:ffff::2 @fd92:7065:b8e:ffff::2 > dig.out.ns2.test$n || ret=1 grep ::5 dig.out.ns2.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that NODATA/NOERROR is returned when both AAAA and A records exist, signed, recursive ($n)" +echo_i "checking that NODATA/NOERROR is returned when both AAAA and A records exist, signed, recursive ($n)" ret=0 $DIG $DIGOPTS aaaa dual.signed -b fd92:7065:b8e:ffff::2 @fd92:7065:b8e:ffff::2 > dig.out.ns2.test$n || ret=1 grep "ANSWER: 0" dig.out.ns2.test$n > /dev/null || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that NODATA/NOERROR is returned when both AAAA and A records exist, unsigned, recursive ($n)" +echo_i "checking that NODATA/NOERROR is returned when both AAAA and A records exist, unsigned, recursive ($n)" ret=0 $DIG $DIGOPTS aaaa dual.unsigned -b fd92:7065:b8e:ffff::2 @fd92:7065:b8e:ffff::2 > dig.out.ns2.test$n || ret=1 grep "ANSWER: 0" dig.out.ns2.test$n > /dev/null || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that AAAA is returned when both AAAA and A records exist, signed and DO set, recursive ($n)" +echo_i "checking that AAAA is returned when both AAAA and A records exist, signed and DO set, recursive ($n)" ret=0 $DIG $DIGOPTS aaaa dual.signed +dnssec -b fd92:7065:b8e:ffff::2 @fd92:7065:b8e:ffff::2 > dig.out.ns2.test$n || ret=1 grep ::3 dig.out.ns2.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that NODATA/NOERROR is returned when both AAAA and A records exist, unsigned and DO set, recursive ($n)" +echo_i "checking that NODATA/NOERROR is returned when both AAAA and A records exist, unsigned and DO set, recursive ($n)" ret=0 $DIG $DIGOPTS aaaa dual.unsigned +dnssec -b fd92:7065:b8e:ffff::2 @fd92:7065:b8e:ffff::2 > dig.out.ns2.test$n || ret=1 grep "ANSWER: 0" dig.out.ns2.test$n > /dev/null || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that AAAA is returned when both AAAA and A records exist and query source does not match acl, recursive ($n)" +echo_i "checking that AAAA is returned when both AAAA and A records exist and query source does not match acl, recursive ($n)" ret=0 $DIG $DIGOPTS aaaa dual.unsigned -b fd92:7065:b8e:ffff::1 @fd92:7065:b8e:ffff::2 > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep ::6 dig.out.ns2.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that A and not AAAA is returned when both AAAA and A records exist, signed and qtype=ANY recursive ($n)" +echo_i "checking that A and not AAAA is returned when both AAAA and A records exist, signed and qtype=ANY recursive ($n)" ret=0 $DIG $DIGOPTS any dual.signed -b fd92:7065:b8e:ffff::2 @fd92:7065:b8e:ffff::2 > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "1.0.0.3" dig.out.ns2.test$n > /dev/null || ret=1 grep "::3" dig.out.ns2.test$n > /dev/null && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that A and not AAAA is returned when both AAAA and A records exist, unsigned and qtype=ANY recursive ($n)" +echo_i "checking that A and not AAAA is returned when both AAAA and A records exist, unsigned and qtype=ANY recursive ($n)" ret=0 $DIG $DIGOPTS any dual.unsigned -b fd92:7065:b8e:ffff::2 @fd92:7065:b8e:ffff::2 > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "1.0.0.6" dig.out.ns2.test$n > /dev/null || ret=1 grep "::6" dig.out.ns2.test$n > /dev/null && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that both A and AAAA are returned when both AAAA and A records exist, signed, qtype=ANY and DO is set, recursive ($n)" +echo_i "checking that both A and AAAA are returned when both AAAA and A records exist, signed, qtype=ANY and DO is set, recursive ($n)" ret=0 $DIG $DIGOPTS any dual.signed +dnssec -b fd92:7065:b8e:ffff::2 @fd92:7065:b8e:ffff::2 > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep ::3 dig.out.ns2.test$n > /dev/null || ret=1 grep "1.0.0.3" dig.out.ns2.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that A and not AAAA is returned when both AAAA and A records exist, unsigned, qtype=ANY and DO is set, recursive ($n)" +echo_i "checking that A and not AAAA is returned when both AAAA and A records exist, unsigned, qtype=ANY and DO is set, recursive ($n)" ret=0 $DIG $DIGOPTS any dual.unsigned +dnssec -b fd92:7065:b8e:ffff::2 @fd92:7065:b8e:ffff::2 > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "1.0.0.6" dig.out.ns2.test$n > /dev/null || ret=1 grep "::6" dig.out.ns2.test$n > /dev/null && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that both A and AAAA are returned when both AAAA and A records exist, qtype=ANY and query source does not match acl, recursive ($n)" +echo_i "checking that both A and AAAA are returned when both AAAA and A records exist, qtype=ANY and query source does not match acl, recursive ($n)" ret=0 $DIG $DIGOPTS any dual.unsigned -b fd92:7065:b8e:ffff::1 @fd92:7065:b8e:ffff::2 > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep 1.0.0.6 dig.out.ns2.test$n > /dev/null || ret=1 grep ::6 dig.out.ns2.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that AAAA is returned when both AAAA and A record exists, unsigned over IPv4, recursive ($n)" +echo_i "checking that AAAA is returned when both AAAA and A record exists, unsigned over IPv4, recursive ($n)" ret=0 $DIG $DIGOPTS aaaa dual.unsigned -b 10.53.0.2 @10.53.0.2 > dig.out.ns2.test$n || ret=1 grep 2001:db8::6 dig.out.ns2.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that AAAA is omitted from additional section, qtype=NS ($n)" +echo_i "checking that AAAA is omitted from additional section, qtype=NS ($n)" ret=0 $DIG $DIGOPTS +add +dnssec ns unsigned -b fd92:7065:b8e:ffff::2 @fd92:7065:b8e:ffff::2 > dig.out.ns2.test$n || ret=1 grep AAAA dig.out.ns2.test$n > /dev/null 2>&1 && ret=1 grep "ADDITIONAL: 2" dig.out.ns2.test$n > /dev/null 2>&1 || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that AAAA is omitted from additional section, qtype=MX, unsigned ($n)" +echo_i "checking that AAAA is omitted from additional section, qtype=MX, unsigned ($n)" ret=0 $DIG $DIGOPTS +add +dnssec mx unsigned -b fd92:7065:b8e:ffff::2 @fd92:7065:b8e:ffff::2 > dig.out.ns2.test$n || ret=1 grep "^mx.unsigned.*AAAA" dig.out.ns2.test$n > /dev/null 2>&1 && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that AAAA is included in additional section, qtype=MX, signed ($n)" +echo_i "checking that AAAA is included in additional section, qtype=MX, signed ($n)" ret=0 $DIG $DIGOPTS +add +dnssec mx signed -b fd92:7065:b8e:ffff::2 @fd92:7065:b8e:ffff::2 > dig.out.ns2.test$n || ret=1 grep "^mx.signed.*AAAA" dig.out.ns2.test$n > /dev/null 2>&1 || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that AAAA is included in additional section, qtype=MX, unsigned, over IPv4 ($n)" +echo_i "checking that AAAA is included in additional section, qtype=MX, unsigned, over IPv4 ($n)" ret=0 $DIG $DIGOPTS +add +dnssec mx unsigned -b 10.53.0.2 @10.53.0.2 > dig.out.ns2.test$n || ret=1 grep "^mx.unsigned.*AAAA" dig.out.ns2.test$n > /dev/null 2>&1 || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` @@ -1222,155 +1221,155 @@ status=`expr $status + $ret` # filter-aaaa { fd92:7065:b8e:ffff::3; }; # n=`expr $n + 1` -echo "I:checking that AAAA is returned when only AAAA record exists, signed, recursive with break-dnssec ($n)" +echo_i "checking that AAAA is returned when only AAAA record exists, signed, recursive with break-dnssec ($n)" ret=0 $DIG $DIGOPTS aaaa aaaa-only.signed -b fd92:7065:b8e:ffff::3 @fd92:7065:b8e:ffff::3 > dig.out.ns3.test$n || ret=1 grep ::2 dig.out.ns3.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that AAAA is returned when only AAAA record exists, unsigned, recursive with break-dnssec ($n)" +echo_i "checking that AAAA is returned when only AAAA record exists, unsigned, recursive with break-dnssec ($n)" ret=0 $DIG $DIGOPTS aaaa aaaa-only.unsigned -b fd92:7065:b8e:ffff::3 @fd92:7065:b8e:ffff::3 > dig.out.ns3.test$n || ret=1 grep ::5 dig.out.ns3.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that NODATA/NOERROR is returned when both AAAA and A records exist, signed, recursive with break-dnssec ($n)" +echo_i "checking that NODATA/NOERROR is returned when both AAAA and A records exist, signed, recursive with break-dnssec ($n)" ret=0 $DIG $DIGOPTS aaaa dual.signed -b fd92:7065:b8e:ffff::3 @fd92:7065:b8e:ffff::3 > dig.out.ns3.test$n || ret=1 grep "ANSWER: 0" dig.out.ns3.test$n > /dev/null || ret=1 grep "status: NOERROR" dig.out.ns3.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that NODATA/NOERROR is returned when both AAAA and A records exist, unsigned, recursive with break-dnssec ($n)" +echo_i "checking that NODATA/NOERROR is returned when both AAAA and A records exist, unsigned, recursive with break-dnssec ($n)" ret=0 $DIG $DIGOPTS aaaa dual.unsigned -b fd92:7065:b8e:ffff::3 @fd92:7065:b8e:ffff::3 > dig.out.ns3.test$n || ret=1 grep "ANSWER: 0" dig.out.ns3.test$n > /dev/null || ret=1 grep "status: NOERROR" dig.out.ns3.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that NODATA/NOERROR is returned when both AAAA and A records exist, signed and DO set, recursive with break-dnssec ($n)" +echo_i "checking that NODATA/NOERROR is returned when both AAAA and A records exist, signed and DO set, recursive with break-dnssec ($n)" ret=0 $DIG $DIGOPTS aaaa dual.signed +dnssec -b fd92:7065:b8e:ffff::3 @fd92:7065:b8e:ffff::3 > dig.out.ns3.test$n || ret=1 grep "ANSWER: 0" dig.out.ns3.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that NODATA/NOERROR is returned when both AAAA and A records exist, unsigned and DO set, recursive with break-dnssec ($n)" +echo_i "checking that NODATA/NOERROR is returned when both AAAA and A records exist, unsigned and DO set, recursive with break-dnssec ($n)" ret=0 $DIG $DIGOPTS aaaa dual.unsigned +dnssec -b fd92:7065:b8e:ffff::3 @fd92:7065:b8e:ffff::3 > dig.out.ns3.test$n || ret=1 grep "ANSWER: 0" dig.out.ns3.test$n > /dev/null || ret=1 grep "status: NOERROR" dig.out.ns3.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that AAAA is returned when both AAAA and A records exist and query source does not match acl, recursive with break-dnssec ($n)" +echo_i "checking that AAAA is returned when both AAAA and A records exist and query source does not match acl, recursive with break-dnssec ($n)" ret=0 $DIG $DIGOPTS aaaa dual.unsigned -b fd92:7065:b8e:ffff::1 @fd92:7065:b8e:ffff::3 > dig.out.ns3.test$n || ret=1 grep "status: NOERROR" dig.out.ns3.test$n > /dev/null || ret=1 grep ::6 dig.out.ns3.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that A and not AAAA is returned when both AAAA and A records exist, signed and qtype=ANY with break-dnssec ($n)" +echo_i "checking that A and not AAAA is returned when both AAAA and A records exist, signed and qtype=ANY with break-dnssec ($n)" ret=0 $DIG $DIGOPTS any dual.signed -b fd92:7065:b8e:ffff::3 @fd92:7065:b8e:ffff::3 > dig.out.ns3.test$n || ret=1 grep "status: NOERROR" dig.out.ns3.test$n > /dev/null || ret=1 grep "1.0.0.3" dig.out.ns3.test$n > /dev/null || ret=1 grep "::3" dig.out.ns3.test$n > /dev/null && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that A and not AAAA is returned when both AAAA and A records exist, unsigned and qtype=ANY with break-dnssec ($n)" +echo_i "checking that A and not AAAA is returned when both AAAA and A records exist, unsigned and qtype=ANY with break-dnssec ($n)" ret=0 $DIG $DIGOPTS any dual.unsigned -b fd92:7065:b8e:ffff::3 @fd92:7065:b8e:ffff::3 > dig.out.ns3.test$n || ret=1 grep "status: NOERROR" dig.out.ns3.test$n > /dev/null || ret=1 grep "1.0.0.6" dig.out.ns3.test$n > /dev/null || ret=1 grep "::6" dig.out.ns3.test$n > /dev/null && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that A and not AAAA is returned when both AAAA and A records exist, signed, qtype=ANY and DO is set with break-dnssec ($n)" +echo_i "checking that A and not AAAA is returned when both AAAA and A records exist, signed, qtype=ANY and DO is set with break-dnssec ($n)" ret=0 $DIG $DIGOPTS any dual.signed +dnssec -b fd92:7065:b8e:ffff::3 @fd92:7065:b8e:ffff::3 > dig.out.ns3.test$n || ret=1 grep "status: NOERROR" dig.out.ns3.test$n > /dev/null || ret=1 grep "1.0.0.3" dig.out.ns3.test$n > /dev/null || ret=1 grep ::3 dig.out.ns3.test$n > /dev/null && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that A and not AAAA is returned when both AAAA and A records exist, unsigned, qtype=ANY and DO is set with break-dnssec ($n)" +echo_i "checking that A and not AAAA is returned when both AAAA and A records exist, unsigned, qtype=ANY and DO is set with break-dnssec ($n)" ret=0 $DIG $DIGOPTS any dual.unsigned +dnssec -b fd92:7065:b8e:ffff::3 @fd92:7065:b8e:ffff::3 > dig.out.ns3.test$n || ret=1 grep "status: NOERROR" dig.out.ns3.test$n > /dev/null || ret=1 grep "1.0.0.6" dig.out.ns3.test$n > /dev/null || ret=1 grep "::6" dig.out.ns3.test$n > /dev/null && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that both A and AAAA are returned when both AAAA and A records exist, qtype=ANY and query source does not match acl, recursive with break-dnssec ($n)" +echo_i "checking that both A and AAAA are returned when both AAAA and A records exist, qtype=ANY and query source does not match acl, recursive with break-dnssec ($n)" ret=0 $DIG $DIGOPTS any dual.unsigned -b fd92:7065:b8e:ffff::1 @fd92:7065:b8e:ffff::3 > dig.out.ns3.test$n || ret=1 grep "status: NOERROR" dig.out.ns3.test$n > /dev/null || ret=1 grep 1.0.0.6 dig.out.ns3.test$n > /dev/null || ret=1 grep ::6 dig.out.ns3.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that AAAA is returned when both AAAA and A record exists, unsigned over IPv4, recursive with break-dnssec ($n)" +echo_i "checking that AAAA is returned when both AAAA and A record exists, unsigned over IPv4, recursive with break-dnssec ($n)" ret=0 $DIG $DIGOPTS aaaa dual.unsigned -b 10.53.0.3 @10.53.0.3 > dig.out.ns3.test$n || ret=1 grep 2001:db8::6 dig.out.ns3.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that AAAA is omitted from additional section, qtype=NS, recursive with break-dnssec ($n)" +echo_i "checking that AAAA is omitted from additional section, qtype=NS, recursive with break-dnssec ($n)" ret=0 $DIG $DIGOPTS +add +dnssec ns unsigned -b fd92:7065:b8e:ffff::3 @fd92:7065:b8e:ffff::3 > dig.out.ns3.test$n || ret=1 grep AAAA dig.out.ns3.test$n > /dev/null 2>&1 && ret=1 grep "ADDITIONAL: 2" dig.out.ns3.test$n > /dev/null 2>&1 || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that AAAA is omitted from additional section, qtype=MX, unsigned, recursive with break-dnssec ($n)" +echo_i "checking that AAAA is omitted from additional section, qtype=MX, unsigned, recursive with break-dnssec ($n)" ret=0 $DIG $DIGOPTS +add +dnssec mx unsigned -b fd92:7065:b8e:ffff::3 @fd92:7065:b8e:ffff::3 > dig.out.ns3.test$n || ret=1 grep "^mx.unsigned.*AAAA" dig.out.ns3.test$n > /dev/null 2>&1 && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that AAAA is omitted from additional section, qtype=MX, signed, recursive with break-dnssec ($n)" +echo_i "checking that AAAA is omitted from additional section, qtype=MX, signed, recursive with break-dnssec ($n)" ret=0 $DIG $DIGOPTS +add +dnssec mx signed -b fd92:7065:b8e:ffff::3 @fd92:7065:b8e:ffff::3 > dig.out.ns3.test$n || ret=1 grep "^mx.signed.*AAAA" dig.out.ns3.test$n > /dev/null 2>&1 && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that AAAA is included in additional section, qtype=MX, unsigned, over IPv4, recursive with break-dnssec ($n)" +echo_i "checking that AAAA is included in additional section, qtype=MX, unsigned, over IPv4, recursive with break-dnssec ($n)" ret=0 $DIG $DIGOPTS +add +dnssec mx unsigned -b 10.53.0.3 @10.53.0.3 > dig.out.ns3.test$n || ret=1 grep "^mx.unsigned.*AAAA" dig.out.ns3.test$n > /dev/null 2>&1 || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:exit status: $status" +echo_i "exit status: $status" [ $status -eq 0 ] || exit 1 diff --git a/bin/tests/system/formerr/clean.sh b/bin/tests/system/formerr/clean.sh index 8294485454..f863283998 100644 --- a/bin/tests/system/formerr/clean.sh +++ b/bin/tests/system/formerr/clean.sh @@ -7,6 +7,7 @@ rm -f nametoolong.out rm -f twoquestions.out rm -f noquestions.out +rm -f ns*/named.conf rm -f ns*/named.lock rm -f ns*/named.run rm -f ns*/named.memstats diff --git a/bin/tests/system/formerr/ns1/named.conf b/bin/tests/system/formerr/ns1/named.conf.in similarity index 83% rename from bin/tests/system/formerr/ns1/named.conf rename to bin/tests/system/formerr/ns1/named.conf.in index 62cd0c44d9..14b80cf29d 100644 --- a/bin/tests/system/formerr/ns1/named.conf +++ b/bin/tests/system/formerr/ns1/named.conf.in @@ -6,15 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.15 2009/05/29 23:47:49 tbox Exp $ */ - -controls { /* empty */ }; - options { query-source address 10.53.0.1; notify-source 10.53.0.1; transfer-source 10.53.0.1; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.1; }; listen-on-v6 { none; }; @@ -25,4 +21,3 @@ zone "." { type master; file "root.db"; }; - diff --git a/bin/tests/system/formerr/setup.sh b/bin/tests/system/formerr/setup.sh new file mode 100644 index 0000000000..c69f051dbc --- /dev/null +++ b/bin/tests/system/formerr/setup.sh @@ -0,0 +1,13 @@ +#!/bin/sh +# +# Copyright (C) 2018 Internet Systems Consortium, Inc. ("ISC") +# +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +SYSTEMTESTTOP=.. +. $SYSTEMTESTTOP/conf.sh + +$SHELL clean.sh +copy_setports ns1/named.conf.in ns1/named.conf diff --git a/bin/tests/system/formerr/tests.sh b/bin/tests/system/formerr/tests.sh index 3e7e14c607..fc30f152e3 100644 --- a/bin/tests/system/formerr/tests.sh +++ b/bin/tests/system/formerr/tests.sh @@ -11,31 +11,31 @@ SYSTEMTESTTOP=.. status=0 -echo "I:test name to long" -$PERL formerr.pl -a 10.53.0.1 -p 5300 nametoolong > nametoolong.out +echo_i "test name to long" +$PERL formerr.pl -a 10.53.0.1 -p ${PORT} nametoolong > nametoolong.out ans=`grep got: nametoolong.out` if [ "${ans}" != "got: 000080010000000000000000" ]; then - echo "I:failed"; status=`expr $status + 1`; + echo_i "failed"; status=`expr $status + 1`; fi -echo "I:two questions" -$PERL formerr.pl -a 10.53.0.1 -p 5300 twoquestions > twoquestions.out +echo_i "two questions" +$PERL formerr.pl -a 10.53.0.1 -p ${PORT} twoquestions > twoquestions.out ans=`grep got: twoquestions.out` if [ "${ans}" != "got: 000080010000000000000000" ]; then - echo "I:failed"; status=`expr $status + 1`; + echo_i "failed"; status=`expr $status + 1`; fi # this one is now NOERROR -echo "I:no questions" -$PERL formerr.pl -a 10.53.0.1 -p 5300 noquestions > noquestions.out +echo_i "no questions" +$PERL formerr.pl -a 10.53.0.1 -p ${PORT} noquestions > noquestions.out ans=`grep got: noquestions.out` if [ "${ans}" != "got: 000080000000000000000000" ]; then - echo "I:failed"; status=`expr $status + 1`; + echo_i "failed"; status=`expr $status + 1`; fi -echo "I:exit status: $status" +echo_i "exit status: $status" [ $status -eq 0 ] || exit 1 diff --git a/bin/tests/system/forward/clean.sh b/bin/tests/system/forward/clean.sh index f9dab05039..768f0cba83 100644 --- a/bin/tests/system/forward/clean.sh +++ b/bin/tests/system/forward/clean.sh @@ -4,12 +4,11 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -# $Id: clean.sh,v 1.6 2007/09/26 03:22:43 marka Exp $ - # # Clean up after forward tests. # rm -f dig.out.* +rm -f */named.conf rm -f */named.memstats rm -f */named.run rm -f ns*/named.lock diff --git a/bin/tests/system/forward/ns1/named.conf b/bin/tests/system/forward/ns1/named.conf.in similarity index 90% rename from bin/tests/system/forward/ns1/named.conf rename to bin/tests/system/forward/ns1/named.conf.in index ba0a1425e4..66fc17f044 100644 --- a/bin/tests/system/forward/ns1/named.conf +++ b/bin/tests/system/forward/ns1/named.conf.in @@ -6,15 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.11 2007/06/19 23:47:03 tbox Exp $ */ - -controls { /* empty */ }; - options { query-source address 10.53.0.1; notify-source 10.53.0.1; transfer-source 10.53.0.1; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.1; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/forward/ns2/named.conf b/bin/tests/system/forward/ns2/named.conf.in similarity index 90% rename from bin/tests/system/forward/ns2/named.conf rename to bin/tests/system/forward/ns2/named.conf.in index 4dd1e34ab5..987da8e868 100644 --- a/bin/tests/system/forward/ns2/named.conf +++ b/bin/tests/system/forward/ns2/named.conf.in @@ -6,15 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.11 2007/06/19 23:47:03 tbox Exp $ */ - -controls { /* empty */ }; - options { query-source address 10.53.0.2; notify-source 10.53.0.2; transfer-source 10.53.0.2; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.2; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/forward/ns3/named.conf b/bin/tests/system/forward/ns3/named.conf.in similarity index 88% rename from bin/tests/system/forward/ns3/named.conf rename to bin/tests/system/forward/ns3/named.conf.in index 18061f5392..b0e579130b 100644 --- a/bin/tests/system/forward/ns3/named.conf +++ b/bin/tests/system/forward/ns3/named.conf.in @@ -6,15 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.11 2007/06/19 23:47:03 tbox Exp $ */ - -controls { /* empty */ }; - options { query-source address 10.53.0.3; notify-source 10.53.0.3; transfer-source 10.53.0.3; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.3; }; listen-on-v6 { none; }; @@ -44,4 +40,3 @@ zone "example3." { forward only; forwarders { }; }; - diff --git a/bin/tests/system/forward/ns4/named.conf b/bin/tests/system/forward/ns4/named.conf.in similarity index 90% rename from bin/tests/system/forward/ns4/named.conf rename to bin/tests/system/forward/ns4/named.conf.in index b95ffab18b..e23503c11a 100644 --- a/bin/tests/system/forward/ns4/named.conf +++ b/bin/tests/system/forward/ns4/named.conf.in @@ -6,15 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.11 2007/06/19 23:47:03 tbox Exp $ */ - -controls { /* empty */ }; - options { query-source address 10.53.0.4; notify-source 10.53.0.4; transfer-source 10.53.0.4; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.4; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/forward/ns5/named.conf b/bin/tests/system/forward/ns5/named.conf.in similarity index 84% rename from bin/tests/system/forward/ns5/named.conf rename to bin/tests/system/forward/ns5/named.conf.in index 5c79fdfb5f..5e37f0fec2 100644 --- a/bin/tests/system/forward/ns5/named.conf +++ b/bin/tests/system/forward/ns5/named.conf.in @@ -6,15 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.3 2011/10/13 22:48:23 tbox Exp $ */ - -controls { /* empty */ }; - options { query-source address 10.53.0.5; notify-source 10.53.0.5; transfer-source 10.53.0.5; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.5; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/forward/setup.sh b/bin/tests/system/forward/setup.sh new file mode 100644 index 0000000000..01a86be617 --- /dev/null +++ b/bin/tests/system/forward/setup.sh @@ -0,0 +1,17 @@ +#!/bin/sh +# +# Copyright (C) 2018 Internet Systems Consortium, Inc. ("ISC") +# +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +SYSTEMTESTTOP=.. +. $SYSTEMTESTTOP/conf.sh + +$SHELL clean.sh +copy_setports ns1/named.conf.in ns1/named.conf +copy_setports ns2/named.conf.in ns2/named.conf +copy_setports ns3/named.conf.in ns3/named.conf +copy_setports ns4/named.conf.in ns4/named.conf +copy_setports ns5/named.conf.in ns5/named.conf diff --git a/bin/tests/system/forward/tests.sh b/bin/tests/system/forward/tests.sh index 9be989354f..bf24c881b5 100644 --- a/bin/tests/system/forward/tests.sh +++ b/bin/tests/system/forward/tests.sh @@ -4,11 +4,11 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -# $Id: tests.sh,v 1.9 2011/10/13 22:48:23 tbox Exp $ - SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh +DIGOPTS="-p ${PORT}" + root=10.53.0.1 hidden=10.53.0.2 f1=10.53.0.3 @@ -16,117 +16,117 @@ f2=10.53.0.4 status=0 -echo "I:checking that a forward zone overrides global forwarders" +echo_i "checking that a forward zone overrides global forwarders" ret=0 -$DIG +noadd +noauth txt.example1. txt @$hidden -p 5300 > dig.out.hidden || ret=1 -$DIG +noadd +noauth txt.example1. txt @$f1 -p 5300 > dig.out.f1 || ret=1 +$DIG $DIGOPTS +noadd +noauth txt.example1. txt @$hidden > dig.out.hidden || ret=1 +$DIG $DIGOPTS +noadd +noauth txt.example1. txt @$f1 > dig.out.f1 || ret=1 $PERL ../digcomp.pl dig.out.hidden dig.out.f1 || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking that a forward first zone no forwarders recurses" +echo_i "checking that a forward first zone no forwarders recurses" ret=0 -$DIG +noadd +noauth txt.example2. txt @$root -p 5300 > dig.out.root || ret=1 -$DIG +noadd +noauth txt.example2. txt @$f1 -p 5300 > dig.out.f1 || ret=1 +$DIG $DIGOPTS +noadd +noauth txt.example2. txt @$root > dig.out.root || ret=1 +$DIG $DIGOPTS +noadd +noauth txt.example2. txt @$f1 > dig.out.f1 || ret=1 $PERL ../digcomp.pl dig.out.root dig.out.f1 || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking that a forward only zone no forwarders fails" +echo_i "checking that a forward only zone no forwarders fails" ret=0 -$DIG +noadd +noauth txt.example2. txt @$root -p 5300 > dig.out.root || ret=1 -$DIG +noadd +noauth txt.example2. txt @$f1 -p 5300 > dig.out.f1 || ret=1 +$DIG $DIGOPTS +noadd +noauth txt.example2. txt @$root > dig.out.root || ret=1 +$DIG $DIGOPTS +noadd +noauth txt.example2. txt @$f1 > dig.out.f1 || ret=1 $PERL ../digcomp.pl dig.out.root dig.out.f1 || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking that global forwarders work" +echo_i "checking that global forwarders work" ret=0 -$DIG +noadd +noauth txt.example4. txt @$hidden -p 5300 > dig.out.hidden || ret=1 -$DIG +noadd +noauth txt.example4. txt @$f1 -p 5300 > dig.out.f1 || ret=1 +$DIG $DIGOPTS +noadd +noauth txt.example4. txt @$hidden > dig.out.hidden || ret=1 +$DIG $DIGOPTS +noadd +noauth txt.example4. txt @$f1 > dig.out.f1 || ret=1 $PERL ../digcomp.pl dig.out.hidden dig.out.f1 || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking that a forward zone works" +echo_i "checking that a forward zone works" ret=0 -$DIG +noadd +noauth txt.example1. txt @$hidden -p 5300 > dig.out.hidden || ret=1 -$DIG +noadd +noauth txt.example1. txt @$f2 -p 5300 > dig.out.f2 || ret=1 +$DIG $DIGOPTS +noadd +noauth txt.example1. txt @$hidden > dig.out.hidden || ret=1 +$DIG $DIGOPTS +noadd +noauth txt.example1. txt @$f2 > dig.out.f2 || ret=1 $PERL ../digcomp.pl dig.out.hidden dig.out.f2 || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking that forwarding doesn't spontaneously happen" +echo_i "checking that forwarding doesn't spontaneously happen" ret=0 -$DIG +noadd +noauth txt.example2. txt @$root -p 5300 > dig.out.root || ret=1 -$DIG +noadd +noauth txt.example2. txt @$f2 -p 5300 > dig.out.f2 || ret=1 +$DIG $DIGOPTS +noadd +noauth txt.example2. txt @$root > dig.out.root || ret=1 +$DIG $DIGOPTS +noadd +noauth txt.example2. txt @$f2 > dig.out.f2 || ret=1 $PERL ../digcomp.pl dig.out.root dig.out.f2 || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking that a forward zone with no specified policy works" +echo_i "checking that a forward zone with no specified policy works" ret=0 -$DIG +noadd +noauth txt.example3. txt @$hidden -p 5300 > dig.out.hidden || ret=1 -$DIG +noadd +noauth txt.example3. txt @$f2 -p 5300 > dig.out.f2 || ret=1 +$DIG $DIGOPTS +noadd +noauth txt.example3. txt @$hidden > dig.out.hidden || ret=1 +$DIG $DIGOPTS +noadd +noauth txt.example3. txt @$f2 > dig.out.f2 || ret=1 $PERL ../digcomp.pl dig.out.hidden dig.out.f2 || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking that a forward only doesn't recurse" +echo_i "checking that a forward only doesn't recurse" ret=0 -$DIG txt.example5. txt @$f2 -p 5300 > dig.out.f2 || ret=1 +$DIG $DIGOPTS txt.example5. txt @$f2 > dig.out.f2 || ret=1 grep "SERVFAIL" dig.out.f2 > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking for negative caching of forwarder response" +echo_i "checking for negative caching of forwarder response" # prime the cache, shutdown the forwarder then check that we can # get the answer from the cache. restart forwarder. ret=0 -$DIG nonexist. txt @10.53.0.5 -p 5300 > dig.out.f2 || ret=1 +$DIG $DIGOPTS nonexist. txt @10.53.0.5 > dig.out.f2 || ret=1 grep "status: NXDOMAIN" dig.out.f2 > /dev/null || ret=1 $PERL ../stop.pl . ns4 || ret=1 -$DIG nonexist. txt @10.53.0.5 -p 5300 > dig.out.f2 || ret=1 +$DIG $DIGOPTS nonexist. txt @10.53.0.5 > dig.out.f2 || ret=1 grep "status: NXDOMAIN" dig.out.f2 > /dev/null || ret=1 -$PERL ../start.pl --restart --noclean . ns4 || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +$PERL ../start.pl --restart --noclean --port ${PORT} . ns4 || ret=1 +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking that forward only zone overrides empty zone" +echo_i "checking that forward only zone overrides empty zone" ret=0 -$DIG 1.0.10.in-addr.arpa TXT @10.53.0.4 -p 5300 > dig.out.f2 +$DIG $DIGOPTS 1.0.10.in-addr.arpa TXT @10.53.0.4 > dig.out.f2 grep "status: NOERROR" dig.out.f2 > /dev/null || ret=1 -$DIG 2.0.10.in-addr.arpa TXT @10.53.0.4 -p 5300 > dig.out.f2 +$DIG $DIGOPTS 2.0.10.in-addr.arpa TXT @10.53.0.4 > dig.out.f2 grep "status: NXDOMAIN" dig.out.f2 > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking that DS lookups for grafting forward zones are isolated" +echo_i "checking that DS lookups for grafting forward zones are isolated" ret=0 -$DIG grafted A @10.53.0.4 -p 5300 > dig.out.q1 -$DIG grafted DS @10.53.0.4 -p 5300 > dig.out.q2 -$DIG grafted A @10.53.0.4 -p 5300 > dig.out.q3 -$DIG grafted AAAA @10.53.0.4 -p 5300 > dig.out.q4 +$DIG $DIGOPTS grafted A @10.53.0.4 > dig.out.q1 +$DIG $DIGOPTS grafted DS @10.53.0.4 > dig.out.q2 +$DIG $DIGOPTS grafted A @10.53.0.4 > dig.out.q3 +$DIG $DIGOPTS grafted AAAA @10.53.0.4 > dig.out.q4 grep "status: NOERROR" dig.out.q1 > /dev/null || ret=1 grep "status: NXDOMAIN" dig.out.q2 > /dev/null || ret=1 grep "status: NOERROR" dig.out.q3 > /dev/null || ret=1 grep "status: NOERROR" dig.out.q4 > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking that rfc1918 inherited 'forward first;' zones are warned about" +echo_i "checking that rfc1918 inherited 'forward first;' zones are warned about" ret=0 $CHECKCONF rfc1918-inherited.conf | grep "forward first;" >/dev/null || ret=1 $CHECKCONF rfc1918-notinherited.conf | grep "forward first;" >/dev/null && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking that ULA inherited 'forward first;' zones are warned about" +echo_i "checking that ULA inherited 'forward first;' zones are warned about" ret=0 $CHECKCONF ula-inherited.conf | grep "forward first;" >/dev/null || ret=1 $CHECKCONF ula-notinherited.conf | grep "forward first;" >/dev/null && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:exit status: $status" +echo_i "exit status: $status" [ $status -eq 0 ] || exit 1 diff --git a/bin/tests/system/geoip/ns2/named1.conf b/bin/tests/system/geoip/ns2/named1.conf.in similarity index 94% rename from bin/tests/system/geoip/ns2/named1.conf rename to bin/tests/system/geoip/ns2/named1.conf.in index 41c4d0576d..95e3a5f19e 100644 --- a/bin/tests/system/geoip/ns2/named1.conf +++ b/bin/tests/system/geoip/ns2/named1.conf.in @@ -8,13 +8,11 @@ // NS2 -controls { /* empty */ }; - options { query-source address 10.53.0.2; notify-source 10.53.0.2; transfer-source 10.53.0.2; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.2; }; listen-on-v6 { none; }; @@ -28,7 +26,7 @@ key rndc_key { }; controls { - inet 10.53.0.2 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; view one { diff --git a/bin/tests/system/geoip/ns2/named10.conf b/bin/tests/system/geoip/ns2/named10.conf.in similarity index 93% rename from bin/tests/system/geoip/ns2/named10.conf rename to bin/tests/system/geoip/ns2/named10.conf.in index 497d8081e4..c27dd1e857 100644 --- a/bin/tests/system/geoip/ns2/named10.conf +++ b/bin/tests/system/geoip/ns2/named10.conf.in @@ -8,13 +8,11 @@ // NS2 -controls { /* empty */ }; - options { query-source address 10.53.0.2; notify-source 10.53.0.2; transfer-source 10.53.0.2; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.2; }; listen-on-v6 { none; }; @@ -28,7 +26,7 @@ key rndc_key { }; controls { - inet 10.53.0.2 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; view one { diff --git a/bin/tests/system/geoip/ns2/named11.conf b/bin/tests/system/geoip/ns2/named11.conf.in similarity index 93% rename from bin/tests/system/geoip/ns2/named11.conf rename to bin/tests/system/geoip/ns2/named11.conf.in index ba235d259a..fe883bbd6d 100644 --- a/bin/tests/system/geoip/ns2/named11.conf +++ b/bin/tests/system/geoip/ns2/named11.conf.in @@ -8,13 +8,11 @@ // NS2 -controls { /* empty */ }; - options { query-source address 10.53.0.2; notify-source 10.53.0.2; transfer-source 10.53.0.2; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.2; }; listen-on-v6 { none; }; @@ -28,7 +26,7 @@ key rndc_key { }; controls { - inet 10.53.0.2 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; view one { diff --git a/bin/tests/system/geoip/ns2/named12.conf b/bin/tests/system/geoip/ns2/named12.conf.in similarity index 92% rename from bin/tests/system/geoip/ns2/named12.conf rename to bin/tests/system/geoip/ns2/named12.conf.in index 4be861a2d2..fc22b18a65 100644 --- a/bin/tests/system/geoip/ns2/named12.conf +++ b/bin/tests/system/geoip/ns2/named12.conf.in @@ -8,13 +8,11 @@ // NS2 -controls { /* empty */ }; - options { query-source address 10.53.0.2; notify-source 10.53.0.2; transfer-source 10.53.0.2; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.2; }; listen-on-v6 { none; }; @@ -28,7 +26,7 @@ key rndc_key { }; controls { - inet 10.53.0.2 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; view one { diff --git a/bin/tests/system/geoip/ns2/named13.conf b/bin/tests/system/geoip/ns2/named13.conf.in similarity index 86% rename from bin/tests/system/geoip/ns2/named13.conf rename to bin/tests/system/geoip/ns2/named13.conf.in index 19bab1e10f..561c103fed 100644 --- a/bin/tests/system/geoip/ns2/named13.conf +++ b/bin/tests/system/geoip/ns2/named13.conf.in @@ -8,8 +8,6 @@ // NS2 -controls { /* empty */ }; - acl blocking { geoip db country country AU; }; @@ -18,7 +16,7 @@ options { query-source address 10.53.0.2; notify-source 10.53.0.2; transfer-source 10.53.0.2; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.2; }; listen-on-v6 { none; }; @@ -33,5 +31,5 @@ key rndc_key { }; controls { - inet 10.53.0.2 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; diff --git a/bin/tests/system/geoip/ns2/named14.conf b/bin/tests/system/geoip/ns2/named14.conf.in similarity index 94% rename from bin/tests/system/geoip/ns2/named14.conf rename to bin/tests/system/geoip/ns2/named14.conf.in index 8ab2541a9b..1d4c8cb96d 100644 --- a/bin/tests/system/geoip/ns2/named14.conf +++ b/bin/tests/system/geoip/ns2/named14.conf.in @@ -8,13 +8,11 @@ // NS2 -controls { /* empty */ }; - options { query-source address 10.53.0.2; notify-source 10.53.0.2; transfer-source 10.53.0.2; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 127.0.0.1; 10.53.0.2; }; listen-on-v6 { none; }; @@ -29,7 +27,7 @@ key rndc_key { }; controls { - inet 10.53.0.2 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; acl gAU { geoip db country country AU; }; diff --git a/bin/tests/system/geoip/ns2/named15.conf b/bin/tests/system/geoip/ns2/named15.conf.in similarity index 88% rename from bin/tests/system/geoip/ns2/named15.conf rename to bin/tests/system/geoip/ns2/named15.conf.in index b7db78e984..3e86d7dae0 100644 --- a/bin/tests/system/geoip/ns2/named15.conf +++ b/bin/tests/system/geoip/ns2/named15.conf.in @@ -8,13 +8,11 @@ // NS2 -controls { /* empty */ }; - options { query-source address 10.53.0.2; notify-source 10.53.0.2; transfer-source 10.53.0.2; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.2; }; listen-on-v6 { fd92:7065:b8e:ffff::2; }; @@ -28,7 +26,7 @@ key rndc_key { }; controls { - inet 10.53.0.2 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; view two { diff --git a/bin/tests/system/geoip/ns2/named2.conf b/bin/tests/system/geoip/ns2/named2.conf.in similarity index 94% rename from bin/tests/system/geoip/ns2/named2.conf rename to bin/tests/system/geoip/ns2/named2.conf.in index f208ee3e20..0fe7589c60 100644 --- a/bin/tests/system/geoip/ns2/named2.conf +++ b/bin/tests/system/geoip/ns2/named2.conf.in @@ -8,13 +8,11 @@ // NS2 -controls { /* empty */ }; - options { query-source address 10.53.0.2; notify-source 10.53.0.2; transfer-source 10.53.0.2; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.2; }; listen-on-v6 { none; }; @@ -28,7 +26,7 @@ key rndc_key { }; controls { - inet 10.53.0.2 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; view one { diff --git a/bin/tests/system/geoip/ns2/named3.conf b/bin/tests/system/geoip/ns2/named3.conf.in similarity index 94% rename from bin/tests/system/geoip/ns2/named3.conf rename to bin/tests/system/geoip/ns2/named3.conf.in index 866e7d3033..1a131508a4 100644 --- a/bin/tests/system/geoip/ns2/named3.conf +++ b/bin/tests/system/geoip/ns2/named3.conf.in @@ -8,13 +8,11 @@ // NS2 -controls { /* empty */ }; - options { query-source address 10.53.0.2; notify-source 10.53.0.2; transfer-source 10.53.0.2; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.2; }; listen-on-v6 { none; }; @@ -28,7 +26,7 @@ key rndc_key { }; controls { - inet 10.53.0.2 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; view one { diff --git a/bin/tests/system/geoip/ns2/named4.conf b/bin/tests/system/geoip/ns2/named4.conf.in similarity index 93% rename from bin/tests/system/geoip/ns2/named4.conf rename to bin/tests/system/geoip/ns2/named4.conf.in index 01299cd01a..9fb4afc416 100644 --- a/bin/tests/system/geoip/ns2/named4.conf +++ b/bin/tests/system/geoip/ns2/named4.conf.in @@ -8,13 +8,11 @@ // NS2 -controls { /* empty */ }; - options { query-source address 10.53.0.2; notify-source 10.53.0.2; transfer-source 10.53.0.2; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.2; }; listen-on-v6 { none; }; @@ -28,7 +26,7 @@ key rndc_key { }; controls { - inet 10.53.0.2 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; view one { diff --git a/bin/tests/system/geoip/ns2/named5.conf b/bin/tests/system/geoip/ns2/named5.conf.in similarity index 94% rename from bin/tests/system/geoip/ns2/named5.conf rename to bin/tests/system/geoip/ns2/named5.conf.in index 8871682403..b6de81dbc4 100644 --- a/bin/tests/system/geoip/ns2/named5.conf +++ b/bin/tests/system/geoip/ns2/named5.conf.in @@ -8,13 +8,11 @@ // NS2 -controls { /* empty */ }; - options { query-source address 10.53.0.2; notify-source 10.53.0.2; transfer-source 10.53.0.2; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.2; }; listen-on-v6 { none; }; @@ -28,7 +26,7 @@ key rndc_key { }; controls { - inet 10.53.0.2 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; view one { diff --git a/bin/tests/system/geoip/ns2/named6.conf b/bin/tests/system/geoip/ns2/named6.conf.in similarity index 93% rename from bin/tests/system/geoip/ns2/named6.conf rename to bin/tests/system/geoip/ns2/named6.conf.in index 2311633af1..9e886c3820 100644 --- a/bin/tests/system/geoip/ns2/named6.conf +++ b/bin/tests/system/geoip/ns2/named6.conf.in @@ -8,13 +8,11 @@ // NS2 -controls { /* empty */ }; - options { query-source address 10.53.0.2; notify-source 10.53.0.2; transfer-source 10.53.0.2; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.2; }; listen-on-v6 { fd92:7065:b8e:ffff::1; }; @@ -28,7 +26,7 @@ key rndc_key { }; controls { - inet 10.53.0.2 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; view one { diff --git a/bin/tests/system/geoip/ns2/named7.conf b/bin/tests/system/geoip/ns2/named7.conf.in similarity index 94% rename from bin/tests/system/geoip/ns2/named7.conf rename to bin/tests/system/geoip/ns2/named7.conf.in index 0b97df90d5..0aa4e447b3 100644 --- a/bin/tests/system/geoip/ns2/named7.conf +++ b/bin/tests/system/geoip/ns2/named7.conf.in @@ -8,13 +8,11 @@ // NS2 -controls { /* empty */ }; - options { query-source address 10.53.0.2; notify-source 10.53.0.2; transfer-source 10.53.0.2; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.2; }; listen-on-v6 { none; }; @@ -28,7 +26,7 @@ key rndc_key { }; controls { - inet 10.53.0.2 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; view one { diff --git a/bin/tests/system/geoip/ns2/named8.conf b/bin/tests/system/geoip/ns2/named8.conf.in similarity index 94% rename from bin/tests/system/geoip/ns2/named8.conf rename to bin/tests/system/geoip/ns2/named8.conf.in index 1de5bd977c..4fefb8a26d 100644 --- a/bin/tests/system/geoip/ns2/named8.conf +++ b/bin/tests/system/geoip/ns2/named8.conf.in @@ -8,13 +8,11 @@ // NS2 -controls { /* empty */ }; - options { query-source address 10.53.0.2; notify-source 10.53.0.2; transfer-source 10.53.0.2; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.2; }; listen-on-v6 { none; }; @@ -28,7 +26,7 @@ key rndc_key { }; controls { - inet 10.53.0.2 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; view one { diff --git a/bin/tests/system/geoip/ns2/named9.conf b/bin/tests/system/geoip/ns2/named9.conf.in similarity index 94% rename from bin/tests/system/geoip/ns2/named9.conf rename to bin/tests/system/geoip/ns2/named9.conf.in index c98dffe849..7214b9ed47 100644 --- a/bin/tests/system/geoip/ns2/named9.conf +++ b/bin/tests/system/geoip/ns2/named9.conf.in @@ -8,13 +8,11 @@ // NS2 -controls { /* empty */ }; - options { query-source address 10.53.0.2; notify-source 10.53.0.2; transfer-source 10.53.0.2; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.2; }; listen-on-v6 { none; }; @@ -28,7 +26,7 @@ key rndc_key { }; controls { - inet 10.53.0.2 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; view one { diff --git a/bin/tests/system/geoip/prereq.sh b/bin/tests/system/geoip/prereq.sh index 41045d8a98..b84d57ad07 100644 --- a/bin/tests/system/geoip/prereq.sh +++ b/bin/tests/system/geoip/prereq.sh @@ -10,7 +10,7 @@ SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh $FEATURETEST --have-geoip || { - echo "I:This test requires GeoIP support." >&2 + echo_i "This test requires GeoIP support." >&2 exit 255 } exit 0 diff --git a/bin/tests/system/geoip/setup.sh b/bin/tests/system/geoip/setup.sh index eb3a3eed75..77218489e5 100644 --- a/bin/tests/system/geoip/setup.sh +++ b/bin/tests/system/geoip/setup.sh @@ -11,7 +11,7 @@ SYSTEMTESTTOP=.. $SHELL clean.sh -cp ns2/named1.conf ns2/named.conf +copy_setports ns2/named1.conf.in ns2/named.conf for i in 1 2 3 4 5 6 7 other bogus; do cp ns2/example.db.in ns2/example${i}.db diff --git a/bin/tests/system/geoip/tests.sh b/bin/tests/system/geoip/tests.sh index 8361e6bbd0..32cac888b5 100644 --- a/bin/tests/system/geoip/tests.sh +++ b/bin/tests/system/geoip/tests.sh @@ -14,11 +14,12 @@ n=0 rm -f dig.out.* -DIGOPTS="+tcp +short -p 5300 @10.53.0.2" -DIGOPTS6="+tcp +short -p 5300 @fd92:7065:b8e:ffff::2" +DIGOPTS="+tcp +short -p ${PORT} @10.53.0.2" +DIGOPTS6="+tcp +short -p ${PORT} @fd92:7065:b8e:ffff::2" +RNDCCMD="$RNDC -c $SYSTEMTESTTOP/common/rndc.conf -p ${CONTROLPORT} -s" n=`expr $n + 1` -echo "I:checking GeoIP country database by code ($n)" +echo_i "checking GeoIP country database by code ($n)" ret=0 lret=0 for i in 1 2 3 4 5 6 7; do @@ -28,11 +29,11 @@ for i in 1 2 3 4 5 6 7; do [ $lret -eq 1 ] && break done [ $lret -eq 1 ] && ret=1 -[ $ret -eq 0 ] || echo "I:failed" +[ $ret -eq 0 ] || echo_i "failed" status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking GeoIP country database by code (using client subnet) ($n)" +echo_i "checking GeoIP country database by code (using client subnet) ($n)" ret=0 lret=0 for i in 1 2 3 4 5 6 7; do @@ -42,26 +43,26 @@ for i in 1 2 3 4 5 6 7; do [ $lret -eq 1 ] && break done [ $lret -eq 1 ] && ret=1 -[ $ret -eq 0 ] || echo "I:failed" +[ $ret -eq 0 ] || echo_i "failed" status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking response scope using client subnet ($n)" +echo_i "checking response scope using client subnet ($n)" ret=0 -$DIG +tcp -p5300 @10.53.0.2 txt example -b 127.0.0.1 +subnet="10.53.0.1/32" > dig.out.ns2.test$n.1 || ret=1 +$DIG +tcp -p ${PORT} @10.53.0.2 txt example -b 127.0.0.1 +subnet="10.53.0.1/32" > dig.out.ns2.test$n.1 || ret=1 grep 'CLIENT-SUBNET.*10.53.0.1/32/32' dig.out.ns2.test$n.1 > /dev/null || ret=1 -$DIG +tcp -p5300 @10.53.0.2 txt example -b 127.0.0.1 +subnet="192.0.2.64/32" > dig.out.ns2.test$n.2 || ret=1 +$DIG +tcp -p ${PORT} @10.53.0.2 txt example -b 127.0.0.1 +subnet="192.0.2.64/32" > dig.out.ns2.test$n.2 || ret=1 grep 'CLIENT-SUBNET.*192.0.2.64/32/24' dig.out.ns2.test$n.2 > /dev/null || ret=1 -[ $ret -eq 0 ] || echo "I:failed" +[ $ret -eq 0 ] || echo_i "failed" status=`expr $status + $ret` -echo "I:reloading server" -cp -f ns2/named2.conf ns2/named.conf -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 reload 2>&1 | sed 's/^/I:ns2 /' +echo_i "reloading server" +copy_setports ns2/named2.conf.in ns2/named.conf +$RNDCCMD 10.53.0.2 reload 2>&1 | sed 's/^/ns2 /' | cat_i sleep 3 n=`expr $n + 1` -echo "I:checking GeoIP country database by three-letter code ($n)" +echo_i "checking GeoIP country database by three-letter code ($n)" ret=0 lret=0 for i in 1 2 3 4 5 6 7; do @@ -71,16 +72,16 @@ for i in 1 2 3 4 5 6 7; do [ $lret -eq 1 ] && break done [ $lret -eq 1 ] && ret=1 -[ $ret -eq 0 ] || echo "I:failed" +[ $ret -eq 0 ] || echo_i "failed" status=`expr $status + $ret` -echo "I:reloading server" -cp -f ns2/named3.conf ns2/named.conf -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 reload 2>&1 | sed 's/^/I:ns2 /' +echo_i "reloading server" +copy_setports ns2/named3.conf.in ns2/named.conf +$RNDCCMD 10.53.0.2 reload 2>&1 | sed 's/^/ns2 /' | cat_i sleep 3 n=`expr $n + 1` -echo "I:checking GeoIP country database by name ($n)" +echo_i "checking GeoIP country database by name ($n)" ret=0 lret=0 for i in 1 2 3 4 5 6 7; do @@ -90,16 +91,16 @@ for i in 1 2 3 4 5 6 7; do [ $lret -eq 1 ] && break done [ $lret -eq 1 ] && ret=1 -[ $ret -eq 0 ] || echo "I:failed" +[ $ret -eq 0 ] || echo_i "failed" status=`expr $status + $ret` -echo "I:reloading server" -cp -f ns2/named4.conf ns2/named.conf -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 reload 2>&1 | sed 's/^/I:ns2 /' +echo_i "reloading server" +copy_setports ns2/named4.conf.in ns2/named.conf +$RNDCCMD 10.53.0.2 reload 2>&1 | sed 's/^/ns2 /' | cat_i sleep 3 n=`expr $n + 1` -echo "I:checking GeoIP region code, no specified database ($n)" +echo_i "checking GeoIP region code, no specified database ($n)" ret=0 lret=0 # skipping 2 on purpose here; it has the same region code as 1 @@ -110,16 +111,16 @@ for i in 1 3 4 5 6 7; do [ $lret -eq 1 ] && break done [ $lret -eq 1 ] && ret=1 -[ $ret -eq 0 ] || echo "I:failed" +[ $ret -eq 0 ] || echo_i "failed" status=`expr $status + $ret` -echo "I:reloading server" -cp -f ns2/named5.conf ns2/named.conf -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 reload 2>&1 | sed 's/^/I:ns2 /' +echo_i "reloading server" +copy_setports ns2/named5.conf.in ns2/named.conf +$RNDCCMD 10.53.0.2 reload 2>&1 | sed 's/^/ns2 /' | cat_i sleep 3 n=`expr $n + 1` -echo "I:checking GeoIP region database by region name and country code ($n)" +echo_i "checking GeoIP region database by region name and country code ($n)" ret=0 lret=0 for i in 1 2 3 4 5 6 7; do @@ -129,11 +130,11 @@ for i in 1 2 3 4 5 6 7; do [ $lret -eq 1 ] && break done [ $lret -eq 1 ] && ret=1 -[ $ret -eq 0 ] || echo "I:failed" +[ $ret -eq 0 ] || echo_i "failed" status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking GeoIP region database (using client subnet) ($n)" +echo_i "checking GeoIP region database (using client subnet) ($n)" ret=0 lret=0 for i in 1 2 3 4 5 6 7; do @@ -143,29 +144,29 @@ for i in 1 2 3 4 5 6 7; do [ $lret -eq 1 ] && break done [ $lret -eq 1 ] && ret=1 -[ $ret -eq 0 ] || echo "I:failed" +[ $ret -eq 0 ] || echo_i "failed" status=`expr $status + $ret` -echo "I:reloading server" -cp -f ns2/named6.conf ns2/named.conf -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 reload 2>&1 | sed 's/^/I:ns2 /' +echo_i "reloading server" +copy_setports ns2/named6.conf.in ns2/named.conf +$RNDCCMD 10.53.0.2 reload 2>&1 | sed 's/^/ns2 /' | cat_i sleep 3 if $TESTSOCK6 fd92:7065:b8e:ffff::3 then n=`expr $n + 1` - echo "I:checking GeoIP city database by city name using IPv6 ($n)" + echo_i "checking GeoIP city database by city name using IPv6 ($n)" ret=0 - $DIG +tcp +short -p 5300 @fd92:7065:b8e:ffff::1 -6 txt example -b fd92:7065:b8e:ffff::2 > dig.out.ns2.test$n || ret=1 - [ $ret -eq 0 ] || echo "I:failed" + $DIG +tcp +short -p ${PORT} @fd92:7065:b8e:ffff::1 -6 txt example -b fd92:7065:b8e:ffff::2 > dig.out.ns2.test$n || ret=1 + [ $ret -eq 0 ] || echo_i "failed" status=`expr $status + $ret` else - echo "I:IPv6 unavailable; skipping" + echo_i "IPv6 unavailable; skipping" fi n=`expr $n + 1` -echo "I:checking GeoIP city database by city name ($n)" +echo_i "checking GeoIP city database by city name ($n)" ret=0 lret=0 for i in 1 2 3 4 5 6 7; do @@ -175,11 +176,11 @@ for i in 1 2 3 4 5 6 7; do [ $lret -eq 1 ] && break done [ $lret -eq 1 ] && ret=1 -[ $ret -eq 0 ] || echo "I:failed" +[ $ret -eq 0 ] || echo_i "failed" status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking GeoIP city database (using client subnet) ($n)" +echo_i "checking GeoIP city database (using client subnet) ($n)" ret=0 lret=0 for i in 1 2 3 4 5 6 7; do @@ -189,16 +190,16 @@ for i in 1 2 3 4 5 6 7; do [ $lret -eq 1 ] && break done [ $lret -eq 1 ] && ret=1 -[ $ret -eq 0 ] || echo "I:failed" +[ $ret -eq 0 ] || echo_i "failed" status=`expr $status + $ret` -echo "I:reloading server" -cp -f ns2/named7.conf ns2/named.conf -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 reload 2>&1 | sed 's/^/I:ns2 /' +echo_i "reloading server" +copy_setports ns2/named7.conf.in ns2/named.conf +$RNDCCMD 10.53.0.2 reload 2>&1 | sed 's/^/ns2 /' | cat_i sleep 3 n=`expr $n + 1` -echo "I:checking GeoIP isp database ($n)" +echo_i "checking GeoIP isp database ($n)" ret=0 lret=0 for i in 1 2 3 4 5 6 7; do @@ -208,11 +209,11 @@ for i in 1 2 3 4 5 6 7; do [ $lret -eq 1 ] && break done [ $lret -eq 1 ] && ret=1 -[ $ret -eq 0 ] || echo "I:failed" +[ $ret -eq 0 ] || echo_i "failed" status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking GeoIP isp database (using client subnet) ($n)" +echo_i "checking GeoIP isp database (using client subnet) ($n)" ret=0 lret=0 for i in 1 2 3 4 5 6 7; do @@ -222,16 +223,16 @@ for i in 1 2 3 4 5 6 7; do [ $lret -eq 1 ] && break done [ $lret -eq 1 ] && ret=1 -[ $ret -eq 0 ] || echo "I:failed" +[ $ret -eq 0 ] || echo_i "failed" status=`expr $status + $ret` -echo "I:reloading server" -cp -f ns2/named8.conf ns2/named.conf -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 reload 2>&1 | sed 's/^/I:ns2 /' +echo_i "reloading server" +copy_setports ns2/named8.conf.in ns2/named.conf +$RNDCCMD 10.53.0.2 reload 2>&1 | sed 's/^/ns2 /' | cat_i sleep 3 n=`expr $n + 1` -echo "I:checking GeoIP org database ($n)" +echo_i "checking GeoIP org database ($n)" ret=0 lret=0 for i in 1 2 3 4 5 6 7; do @@ -241,11 +242,11 @@ for i in 1 2 3 4 5 6 7; do [ $lret -eq 1 ] && break done [ $lret -eq 1 ] && ret=1 -[ $ret -eq 0 ] || echo "I:failed" +[ $ret -eq 0 ] || echo_i "failed" status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking GeoIP org database (using client subnet) ($n)" +echo_i "checking GeoIP org database (using client subnet) ($n)" ret=0 lret=0 for i in 1 2 3 4 5 6 7; do @@ -255,16 +256,16 @@ for i in 1 2 3 4 5 6 7; do [ $lret -eq 1 ] && break done [ $lret -eq 1 ] && ret=1 -[ $ret -eq 0 ] || echo "I:failed" +[ $ret -eq 0 ] || echo_i "failed" status=`expr $status + $ret` -echo "I:reloading server" -cp -f ns2/named9.conf ns2/named.conf -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 reload 2>&1 | sed 's/^/I:ns2 /' +echo_i "reloading server" +copy_setports ns2/named9.conf.in ns2/named.conf +$RNDCCMD 10.53.0.2 reload 2>&1 | sed 's/^/ns2 /' | cat_i sleep 3 n=`expr $n + 1` -echo "I:checking GeoIP asnum database ($n)" +echo_i "checking GeoIP asnum database ($n)" ret=0 lret=0 for i in 1 2 3 4 5 6 7; do @@ -274,11 +275,11 @@ for i in 1 2 3 4 5 6 7; do [ $lret -eq 1 ] && break done [ $lret -eq 1 ] && ret=1 -[ $ret -eq 0 ] || echo "I:failed" +[ $ret -eq 0 ] || echo_i "failed" status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking GeoIP asnum database (using client subnet) ($n)" +echo_i "checking GeoIP asnum database (using client subnet) ($n)" ret=0 lret=0 for i in 1 2 3 4 5 6 7; do @@ -288,16 +289,16 @@ for i in 1 2 3 4 5 6 7; do [ $lret -eq 1 ] && break done [ $lret -eq 1 ] && ret=1 -[ $ret -eq 0 ] || echo "I:failed" +[ $ret -eq 0 ] || echo_i "failed" status=`expr $status + $ret` -echo "I:reloading server" -cp -f ns2/named10.conf ns2/named.conf -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 reload 2>&1 | sed 's/^/I:ns2 /' +echo_i "reloading server" +copy_setports ns2/named10.conf.in ns2/named.conf +$RNDCCMD 10.53.0.2 reload 2>&1 | sed 's/^/ns2 /' | cat_i sleep 3 n=`expr $n + 1` -echo "I:checking GeoIP asnum database - ASNNNN only ($n)" +echo_i "checking GeoIP asnum database - ASNNNN only ($n)" ret=0 lret=0 for i in 1 2 3 4 5 6 7; do @@ -307,11 +308,11 @@ for i in 1 2 3 4 5 6 7; do [ $lret -eq 1 ] && break done [ $lret -eq 1 ] && ret=1 -[ $ret -eq 0 ] || echo "I:failed" +[ $ret -eq 0 ] || echo_i "failed" status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking GeoIP asnum database - ASNNNN only (using client subnet) ($n)" +echo_i "checking GeoIP asnum database - ASNNNN only (using client subnet) ($n)" ret=0 lret=0 for i in 1 2 3 4 5 6 7; do @@ -321,16 +322,16 @@ for i in 1 2 3 4 5 6 7; do [ $lret -eq 1 ] && break done [ $lret -eq 1 ] && ret=1 -[ $ret -eq 0 ] || echo "I:failed" +[ $ret -eq 0 ] || echo_i "failed" status=`expr $status + $ret` -echo "I:reloading server" -cp -f ns2/named11.conf ns2/named.conf -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 reload 2>&1 | sed 's/^/I:ns2 /' +echo_i "reloading server" +copy_setports ns2/named11.conf.in ns2/named.conf +$RNDCCMD 10.53.0.2 reload 2>&1 | sed 's/^/ns2 /' | cat_i sleep 3 n=`expr $n + 1` -echo "I:checking GeoIP domain database ($n)" +echo_i "checking GeoIP domain database ($n)" ret=0 lret=0 for i in 1 2 3 4 5 6 7; do @@ -340,11 +341,11 @@ for i in 1 2 3 4 5 6 7; do [ $lret -eq 1 ] && break done [ $lret -eq 1 ] && ret=1 -[ $ret -eq 0 ] || echo "I:failed" +[ $ret -eq 0 ] || echo_i "failed" status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking GeoIP domain database (using client subnet) ($n)" +echo_i "checking GeoIP domain database (using client subnet) ($n)" ret=0 lret=0 for i in 1 2 3 4 5 6 7; do @@ -354,16 +355,16 @@ for i in 1 2 3 4 5 6 7; do [ $lret -eq 1 ] && break done [ $lret -eq 1 ] && ret=1 -[ $ret -eq 0 ] || echo "I:failed" +[ $ret -eq 0 ] || echo_i "failed" status=`expr $status + $ret` -echo "I:reloading server" -cp -f ns2/named12.conf ns2/named.conf -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 reload 2>&1 | sed 's/^/I:ns2 /' +echo_i "reloading server" +copy_setports ns2/named12.conf.in ns2/named.conf +$RNDCCMD 10.53.0.2 reload 2>&1 | sed 's/^/ns2 /' | cat_i sleep 3 n=`expr $n + 1` -echo "I:checking GeoIP netspeed database ($n)" +echo_i "checking GeoIP netspeed database ($n)" ret=0 lret=0 for i in 1 2 3 4; do @@ -373,11 +374,11 @@ for i in 1 2 3 4; do [ $lret -eq 1 ] && break done [ $lret -eq 1 ] && ret=1 -[ $ret -eq 0 ] || echo "I:failed" +[ $ret -eq 0 ] || echo_i "failed" status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking GeoIP netspeed database (using client subnet) ($n)" +echo_i "checking GeoIP netspeed database (using client subnet) ($n)" ret=0 lret=0 for i in 1 2 3 4; do @@ -387,29 +388,29 @@ for i in 1 2 3 4; do [ $lret -eq 1 ] && break done [ $lret -eq 1 ] && ret=1 -[ $ret -eq 0 ] || echo "I:failed" +[ $ret -eq 0 ] || echo_i "failed" status=`expr $status + $ret` -echo "I:reloading server" -cp -f ns2/named13.conf ns2/named.conf -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 reload 2>&1 | sed 's/^/I:ns2 /' +echo_i "reloading server" +copy_setports ns2/named13.conf.in ns2/named.conf +$RNDCCMD 10.53.0.2 reload 2>&1 | sed 's/^/ns2 /' | cat_i sleep 3 n=`expr $n + 1` -echo "I:checking GeoIP blackhole ACL ($n)" +echo_i "checking GeoIP blackhole ACL ($n)" ret=0 $DIG $DIGOPTS txt example -b 10.53.0.$i > dig.out.ns2.test$n || ret=1 -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 status 2>&1 > rndc.out.ns2.test$n || ret=1 -[ $ret -eq 0 ] || echo "I:failed" +$RNDCCMD 10.53.0.2 status 2>&1 > rndc.out.ns2.test$n || ret=1 +[ $ret -eq 0 ] || echo_i "failed" status=`expr $status + $ret` -echo "I:reloading server" -cp -f ns2/named14.conf ns2/named.conf -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 reload 2>&1 | sed 's/^/I:ns2 /' +echo_i "reloading server" +copy_setports ns2/named14.conf.in ns2/named.conf +$RNDCCMD 10.53.0.2 reload 2>&1 | sed 's/^/ns2 /' | cat_i sleep 3 n=`expr $n + 1` -echo "I:checking GeoIP country database by code (using nested ACLs) ($n)" +echo_i "checking GeoIP country database by code (using nested ACLs) ($n)" ret=0 lret=0 for i in 1 2 3 4 5 6 7; do @@ -419,16 +420,16 @@ for i in 1 2 3 4 5 6 7; do [ $lret -eq 1 ] && break done [ $lret -eq 1 ] && ret=1 -[ $ret -eq 0 ] || echo "I:failed" +[ $ret -eq 0 ] || echo_i "failed" status=`expr $status + $ret` -echo "I:reloading server" -cp -f ns2/named14.conf ns2/named.conf -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 reload 2>&1 | sed 's/^/I:ns2 /' +echo_i "reloading server" +copy_setports ns2/named14.conf.in ns2/named.conf +$RNDCCMD 10.53.0.2 reload 2>&1 | sed 's/^/ns2 /' | cat_i sleep 3 n=`expr $n + 1` -echo "I:checking geoip-use-ecs ($n)" +echo_i "checking geoip-use-ecs ($n)" ret=0 lret=0 for i in 1 2 3 4 5 6 7; do @@ -443,20 +444,20 @@ for i in 1 2 3 4 5 6 7; do [ $lret -eq 1 ] && break done [ $lret -eq 1 ] && ret=1 -[ $ret -eq 0 ] || echo "I:failed" +[ $ret -eq 0 ] || echo_i "failed" status=`expr $status + $ret` n=`expr $n + 1` -echo "I:reloading server with different geoip-directory ($n)" -cp -f ns2/named15.conf ns2/named.conf -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 reload 2>&1 | sed 's/^/I:ns2 /' +echo_i "reloading server with different geoip-directory ($n)" +copy_setports ns2/named15.conf.in ns2/named.conf +$RNDCCMD 10.53.0.2 reload 2>&1 | sed 's/^/ns2 /' | cat_i sleep 3 awk '/using "..\/data2" as GeoIP directory/ {m=1} ; { if (m>0) { print } }' ns2/named.run | grep "GeoIP City .* DB not available" > /dev/null || ret=1 -[ $ret -eq 0 ] || echo "I:failed" +[ $ret -eq 0 ] || echo_i "failed" status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking GeoIP v4/v6 when only IPv6 database is available ($n)" +echo_i "checking GeoIP v4/v6 when only IPv6 database is available ($n)" ret=0 $DIG $DIGOPTS -4 txt example -b 10.53.0.2 > dig.out.ns2.test$n.1 || ret=1 j=`cat dig.out.ns2.test$n.1 | tr -d '"'` @@ -466,15 +467,15 @@ if $TESTSOCK6 fd92:7065:b8e:ffff::2; then j=`cat dig.out.ns2.test$n.2 | tr -d '"'` [ "$j" = "2" ] || ret=1 fi -[ $ret -eq 0 ] || echo "I:failed" +[ $ret -eq 0 ] || echo_i "failed" status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking other GeoIP options are parsed correctly ($n)" +echo_i "checking other GeoIP options are parsed correctly ($n)" ret=0 $CHECKCONF options.conf || ret=1 -[ $ret -eq 0 ] || echo "I:failed" +[ $ret -eq 0 ] || echo_i "failed" status=`expr $status + $ret` -echo "I:exit status: $status" +echo_i "exit status: $status" [ $status -eq 0 ] || exit 1 diff --git a/bin/tests/system/glue/clean.sh b/bin/tests/system/glue/clean.sh index 6978f03e33..c547cb9326 100644 --- a/bin/tests/system/glue/clean.sh +++ b/bin/tests/system/glue/clean.sh @@ -6,13 +6,12 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -# $Id: clean.sh,v 1.9 2007/09/26 03:22:43 marka Exp $ - # # Clean up after glue tests. # rm -f dig.out ns1/cache +rm -f */named.conf rm -f */named.memstats rm -f */named.run rm -f ns*/named.lock diff --git a/bin/tests/system/glue/ns1/named.conf b/bin/tests/system/glue/ns1/named.conf.in similarity index 88% rename from bin/tests/system/glue/ns1/named.conf rename to bin/tests/system/glue/ns1/named.conf.in index 1494df76e2..e93db18f7e 100644 --- a/bin/tests/system/glue/ns1/named.conf +++ b/bin/tests/system/glue/ns1/named.conf.in @@ -6,15 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.17 2009/01/30 23:47:50 tbox Exp $ */ - -controls { /* empty */ }; - options { query-source address 10.53.0.1; notify-source 10.53.0.1; transfer-source 10.53.0.1; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.1; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/glue/setup.sh b/bin/tests/system/glue/setup.sh index a856261f15..9dfd4fb8f6 100644 --- a/bin/tests/system/glue/setup.sh +++ b/bin/tests/system/glue/setup.sh @@ -6,6 +6,10 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -# $Id: setup.sh,v 1.6 2007/06/19 23:47:03 tbox Exp $ +SYSTEMTESTTOP=.. +. $SYSTEMTESTTOP/conf.sh + +$SHELL clean.sh +copy_setports ns1/named.conf.in ns1/named.conf cd ns1 && cp -f cache.in cache diff --git a/bin/tests/system/glue/tests.sh b/bin/tests/system/glue/tests.sh index 4f8a753463..531793dfdb 100644 --- a/bin/tests/system/glue/tests.sh +++ b/bin/tests/system/glue/tests.sh @@ -6,8 +6,6 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -# $Id: tests.sh,v 1.9 2007/06/19 23:47:03 tbox Exp $ - SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh @@ -15,15 +13,17 @@ SYSTEMTESTTOP=.. # Do glue tests. # +DIGOPTS="+norec -p ${PORT}" + status=0 -echo "I:testing that a ccTLD referral gets a full glue set from the root zone" -$DIG +norec @10.53.0.1 -p 5300 foo.bar.fi. A >dig.out || status=1 +echo_i "testing that a ccTLD referral gets a full glue set from the root zone" +$DIG $DIGOPTS @10.53.0.1 foo.bar.fi. A >dig.out || status=1 $PERL ../digcomp.pl --lc fi.good dig.out || status=1 -echo "I:testing that we don't find out-of-zone glue" -$DIG +norec @10.53.0.1 -p 5300 example.net. a > dig.out || status=1 +echo_i "testing that we don't find out-of-zone glue" +$DIG $DIGOPTS @10.53.0.1 example.net. a > dig.out || status=1 $PERL ../digcomp.pl noglue.good dig.out || status=1 -echo "I:exit status: $status" +echo_i "exit status: $status" [ $status -eq 0 ] || exit 1 diff --git a/bin/tests/system/inline/clean.sh b/bin/tests/system/inline/clean.sh index 681c0dccf9..184191cc82 100644 --- a/bin/tests/system/inline/clean.sh +++ b/bin/tests/system/inline/clean.sh @@ -4,6 +4,7 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. +rm -f */named.conf rm -f */named.memstats rm -f */named.run rm -f */trusted.conf @@ -75,7 +76,6 @@ rm -f ns4/K* rm -f ns4/noixfr.db rm -f ns4/noixfr.db.jnl rm -f ns5/K* -rm -f ns5/named.conf rm -f ns5/bits.bk rm -f ns5/bits.bk.jnl rm -f ns5/bits.bk.signed diff --git a/bin/tests/system/inline/ns1/named.conf b/bin/tests/system/inline/ns1/named.conf.in similarity index 89% rename from bin/tests/system/inline/ns1/named.conf rename to bin/tests/system/inline/ns1/named.conf.in index 41474ea26b..2f3fffc3db 100644 --- a/bin/tests/system/inline/ns1/named.conf +++ b/bin/tests/system/inline/ns1/named.conf.in @@ -6,8 +6,6 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.3 2011/10/25 01:54:20 marka Exp $ */ - // NS1 controls { /* empty */ }; @@ -16,7 +14,7 @@ options { query-source address 10.53.0.1; notify-source 10.53.0.1; transfer-source 10.53.0.1; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.1; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/inline/ns2/named.conf b/bin/tests/system/inline/ns2/named.conf.in similarity index 88% rename from bin/tests/system/inline/ns2/named.conf rename to bin/tests/system/inline/ns2/named.conf.in index b63d8ead6a..391395c677 100644 --- a/bin/tests/system/inline/ns2/named.conf +++ b/bin/tests/system/inline/ns2/named.conf.in @@ -6,19 +6,19 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.4 2012/02/23 07:09:28 tbox Exp $ */ - // NS2 include "../../common/rndc.key"; -controls { inet 10.53.0.2 port 9953 allow { any; } keys { rndc_key; }; }; +controls { + inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; +}; options { query-source address 10.53.0.2; notify-source 10.53.0.2; transfer-source 10.53.0.2; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.2; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/inline/ns3/named.conf b/bin/tests/system/inline/ns3/named.conf.in similarity index 93% rename from bin/tests/system/inline/ns3/named.conf rename to bin/tests/system/inline/ns3/named.conf.in index 052fbe21ac..0a11511a3f 100644 --- a/bin/tests/system/inline/ns3/named.conf +++ b/bin/tests/system/inline/ns3/named.conf.in @@ -6,19 +6,19 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.8 2012/02/23 06:53:15 marka Exp $ */ - // NS3 include "../../common/rndc.key"; -controls { inet 10.53.0.3 port 9953 allow { any; } keys { rndc_key; }; }; +controls { + inet 10.53.0.3 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; +}; options { query-source address 10.53.0.3; notify-source 10.53.0.3; transfer-source 10.53.0.3; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.3; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/inline/ns4/named.conf b/bin/tests/system/inline/ns4/named.conf.in similarity index 84% rename from bin/tests/system/inline/ns4/named.conf rename to bin/tests/system/inline/ns4/named.conf.in index a5532a09cf..d30bda7b1a 100644 --- a/bin/tests/system/inline/ns4/named.conf +++ b/bin/tests/system/inline/ns4/named.conf.in @@ -6,17 +6,13 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.2 2011/08/30 23:46:52 tbox Exp $ */ - -// NS2 - -controls { /* empty */ }; +// NS4 options { query-source address 10.53.0.4; notify-source 10.53.0.4; transfer-source 10.53.0.4; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.4; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/inline/ns5/named.conf.post b/bin/tests/system/inline/ns5/named.conf.post index f66eeb88f0..7f6a8b9713 100644 --- a/bin/tests/system/inline/ns5/named.conf.post +++ b/bin/tests/system/inline/ns5/named.conf.post @@ -6,19 +6,19 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id$ */ - // NS5 include "../../common/rndc.key"; -controls { inet 10.53.0.5 port 9953 allow { any; } keys { rndc_key; }; }; +controls { + inet 10.53.0.5 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; +}; options { query-source address 10.53.0.5; notify-source 10.53.0.5; transfer-source 10.53.0.5; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.5; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/inline/ns5/named.conf.pre b/bin/tests/system/inline/ns5/named.conf.pre index c17d7694a1..94255fa3d8 100644 --- a/bin/tests/system/inline/ns5/named.conf.pre +++ b/bin/tests/system/inline/ns5/named.conf.pre @@ -6,19 +6,19 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf.pre,v 1.2 2011/10/12 00:10:20 marka Exp $ */ - // NS5 include "../../common/rndc.key"; -controls { inet 10.53.0.5 port 9953 allow { any; } keys { rndc_key; }; }; +controls { + inet 10.53.0.5 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; +}; options { query-source address 10.53.0.5; notify-source 10.53.0.5; transfer-source 10.53.0.5; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.5; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/inline/ns6/named.conf b/bin/tests/system/inline/ns6/named.conf.in similarity index 81% rename from bin/tests/system/inline/ns6/named.conf rename to bin/tests/system/inline/ns6/named.conf.in index 146f142035..20ad53002e 100644 --- a/bin/tests/system/inline/ns6/named.conf +++ b/bin/tests/system/inline/ns6/named.conf.in @@ -6,19 +6,19 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.2 2011/10/25 01:54:21 marka Exp $ */ - // NS6 include "../../common/rndc.key"; -controls { inet 10.53.0.6 port 9953 allow { any; } keys { rndc_key; }; }; +controls { + inet 10.53.0.6 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; +}; options { query-source address 10.53.0.6; notify-source 10.53.0.6; transfer-source 10.53.0.6; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.6; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/inline/ns7/named.conf b/bin/tests/system/inline/ns7/named.conf.in similarity index 93% rename from bin/tests/system/inline/ns7/named.conf rename to bin/tests/system/inline/ns7/named.conf.in index c92e9843ff..4540b9aed3 100644 --- a/bin/tests/system/inline/ns7/named.conf +++ b/bin/tests/system/inline/ns7/named.conf.in @@ -24,13 +24,15 @@ include "../../common/rndc.key"; -controls { inet 10.53.0.7 port 9953 allow { any; } keys { rndc_key; }; }; +controls { + inet 10.53.0.7 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; +}; options { query-source address 10.53.0.7; notify-source 10.53.0.7; transfer-source 10.53.0.7; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.7; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/inline/setup.sh b/bin/tests/system/inline/setup.sh index fd3badc59e..f53833fd3b 100644 --- a/bin/tests/system/inline/setup.sh +++ b/bin/tests/system/inline/setup.sh @@ -33,7 +33,13 @@ touch ns4/trusted.conf cp ns4/noixfr.db.in ns4/noixfr.db rm -f ns4/noixfr.db.jnl -cp ns5/named.conf.pre ns5/named.conf +copy_setports ns1/named.conf.in ns1/named.conf +copy_setports ns2/named.conf.in ns2/named.conf +copy_setports ns3/named.conf.in ns3/named.conf +copy_setports ns4/named.conf.in ns4/named.conf +copy_setports ns5/named.conf.pre ns5/named.conf +copy_setports ns6/named.conf.in ns6/named.conf +copy_setports ns7/named.conf.in ns7/named.conf (cd ns3; $SHELL -e sign.sh) (cd ns1; $SHELL -e sign.sh) diff --git a/bin/tests/system/inline/tests.sh b/bin/tests/system/inline/tests.sh index 587ae2eaaa..18342d66a0 100755 --- a/bin/tests/system/inline/tests.sh +++ b/bin/tests/system/inline/tests.sh @@ -9,16 +9,17 @@ SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh -DIGOPTS="+tcp +dnssec" +DIGOPTS="+tcp +dnssec -p ${PORT}" +RNDCCMD="$RNDC -c $SYSTEMTESTTOP/common/rndc.conf -p ${CONTROLPORT} -s" status=0 n=0 -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 signing -nsec3param 1 0 0 - nsec3 > /dev/null 2>&1 +$RNDCCMD 10.53.0.3 signing -nsec3param 1 0 0 - nsec3 > /dev/null 2>&1 for i in 1 2 3 4 5 6 7 8 9 0 do - nsec3param=`$DIG +short @10.53.0.3 -p 5300 nsec3param nsec3.` + nsec3param=`$DIG $DIGOPTS +nodnssec +short @10.53.0.3 nsec3param nsec3.` test "$nsec3param" = "1 0 0 -" && break sleep 1 done @@ -27,400 +28,400 @@ done for i in 1 2 3 4 5 6 7 8 9 0 do ans=0 - $RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 signing -nsec3param 1 0 0 - retransfer3 > /dev/null 2>&1 || ans=1 + $RNDCCMD 10.53.0.3 signing -nsec3param 1 0 0 - retransfer3 > /dev/null 2>&1 || ans=1 [ $ans = 0 ] && break + sleep 1 done for i in 1 2 3 4 5 6 7 8 9 0 do - nsec3param=`$DIG +short @10.53.0.3 -p 5300 nsec3param retransfer3.` + nsec3param=`$DIG $DIGOPTS +nodnssec +short @10.53.0.3 nsec3param retransfer3.` test "$nsec3param" = "1 0 0 -" && break sleep 1 done n=`expr $n + 1` -echo "I:checking that rrsigs are replaced with ksk only ($n)" +echo_i "checking that rrsigs are replaced with ksk only ($n)" ret=0 -$DIG @10.53.0.3 -p 5300 axfr nsec3. | +$DIG $DIGOPTS @10.53.0.3 axfr nsec3. | awk '/RRSIG NSEC3/ {a[$1]++} END { for (i in a) {if (a[i] != 1) exit (1)}}' || ret=1 -#$DIG @10.53.0.3 -p 5300 axfr nsec3. | grep -w NSEC | grep -v "IN.RRSIG.NSEC" -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that the zone is signed on initial transfer ($n)" +echo_i "checking that the zone is signed on initial transfer ($n)" ret=0 for i in 1 2 3 4 5 6 7 8 9 10 1 2 3 4 5 6 7 8 9 10 do ret=0 - $RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 signing -list bits > signing.out.test$n 2>&1 + $RNDCCMD 10.53.0.3 signing -list bits > signing.out.test$n 2>&1 keys=`grep '^Done signing' signing.out.test$n | wc -l` [ $keys = 2 ] || ret=1 if [ $ret = 0 ]; then break; fi sleep 1 done -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking expired signatures are updated on load ($n)" +echo_i "checking expired signatures are updated on load ($n)" ret=0 -$DIG $DIGOPTS @10.53.0.3 -p 5300 +noall +answer +dnssec expired SOA > dig.out.ns3.test$n +$DIG $DIGOPTS @10.53.0.3 +noall +answer +dnssec expired SOA > dig.out.ns3.test$n expiry=`awk '$4 == "RRSIG" { print $9 }' dig.out.ns3.test$n` [ "$expiry" = "20110101000000" ] && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking removal of private type record via 'rndc signing -clear' ($n)" +echo_i "checking removal of private type record via 'rndc signing -clear' ($n)" ret=0 -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 signing -list bits > signing.out.test$n 2>&1 +$RNDCCMD 10.53.0.3 signing -list bits > signing.out.test$n 2>&1 keys=`sed -n -e 's/Done signing with key \(.*\)$/\1/p' signing.out.test$n` for key in $keys; do - $RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 signing -clear ${key} bits > /dev/null || ret=1 + $RNDCCMD 10.53.0.3 signing -clear ${key} bits > /dev/null || ret=1 break; # We only want to remove 1 record for now. -done 2>&1 |sed 's/^/I:ns3 /' +done 2>&1 |sed 's/^/ns3 /' | cat_i for i in 1 2 3 4 5 6 7 8 9 10 do ans=0 - $RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 signing -list bits > signing.out.test$n 2>&1 + $RNDCCMD 10.53.0.3 signing -list bits > signing.out.test$n 2>&1 num=`grep "Done signing with" signing.out.test$n | wc -l` [ $num = 1 ] && break sleep 1 done [ $ans = 0 ] || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking private type was properly signed ($n)" +echo_i "checking private type was properly signed ($n)" ret=0 -$DIG $DIGOPTS @10.53.0.6 -p 5300 bits TYPE65534 > dig.out.ns6.test$n +$DIG $DIGOPTS @10.53.0.6 bits TYPE65534 > dig.out.ns6.test$n grep "ANSWER: 2," dig.out.ns6.test$n > /dev/null || ret=1 grep "flags:.* ad[ ;]" dig.out.ns6.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking removal of remaining private type record via 'rndc signing -clear all' ($n)" +echo_i "checking removal of remaining private type record via 'rndc signing -clear all' ($n)" ret=0 -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 signing -clear all bits > /dev/null || ret=1 +$RNDCCMD 10.53.0.3 signing -clear all bits > /dev/null || ret=1 for i in 1 2 3 4 5 6 7 8 9 10 do ans=0 - $RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 signing -list bits > signing.out.test$n 2>&1 + $RNDCCMD 10.53.0.3 signing -list bits > signing.out.test$n 2>&1 grep "No signing records found" signing.out.test$n > /dev/null || ans=1 [ $ans = 1 ] || break sleep 1 done [ $ans = 0 ] || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking negative private type response was properly signed ($n)" +echo_i "checking negative private type response was properly signed ($n)" ret=0 sleep 1 -$DIG $DIGOPTS @10.53.0.6 -p 5300 bits TYPE65534 > dig.out.ns6.test$n +$DIG $DIGOPTS @10.53.0.6 bits TYPE65534 > dig.out.ns6.test$n grep "status: NOERROR" dig.out.ns6.test$n > /dev/null || ret=1 grep "ANSWER: 0," dig.out.ns6.test$n > /dev/null || ret=1 grep "flags:.* ad[ ;]" dig.out.ns6.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` $NSUPDATE << EOF zone bits -server 10.53.0.2 5300 +server 10.53.0.2 ${PORT} update add added.bits 0 A 1.2.3.4 send EOF n=`expr $n + 1` -echo "I:checking that the record is added on the hidden master ($n)" +echo_i "checking that the record is added on the hidden master ($n)" ret=0 -$DIG $DIGOPTS @10.53.0.2 -p 5300 added.bits A > dig.out.ns2.test$n +$DIG $DIGOPTS @10.53.0.2 added.bits A > dig.out.ns2.test$n grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "ANSWER: 1," dig.out.ns2.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that update has been transfered and has been signed ($n)" +echo_i "checking that update has been transfered and has been signed ($n)" ret=0 for i in 1 2 3 4 5 6 7 8 9 10 do ret=0 - $DIG $DIGOPTS @10.53.0.3 -p 5300 added.bits A > dig.out.ns3.test$n + $DIG $DIGOPTS @10.53.0.3 added.bits A > dig.out.ns3.test$n grep "status: NOERROR" dig.out.ns3.test$n > /dev/null || ret=1 grep "ANSWER: 2," dig.out.ns3.test$n > /dev/null || ret=1 if [ $ret = 0 ]; then break; fi sleep 1 done -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` $NSUPDATE << EOF zone bits -server 10.53.0.2 5300 +server 10.53.0.2 ${PORT} update add bits 0 SOA ns2.bits. . 2011072400 20 20 1814400 3600 send EOF n=`expr $n + 1` -echo "I:checking YYYYMMDDVV (2011072400) serial on hidden master ($n)" +echo_i "checking YYYYMMDDVV (2011072400) serial on hidden master ($n)" ret=0 -$DIG $DIGOPTS @10.53.0.2 -p 5300 bits SOA > dig.out.ns2.test$n +$DIG $DIGOPTS @10.53.0.2 bits SOA > dig.out.ns2.test$n grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "ANSWER: 1," dig.out.ns2.test$n > /dev/null || ret=1 grep "2011072400" dig.out.ns2.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking YYYYMMDDVV (2011072400) serial in signed zone ($n)" +echo_i "checking YYYYMMDDVV (2011072400) serial in signed zone ($n)" for i in 1 2 3 4 5 6 7 8 9 10 do ret=0 - $DIG $DIGOPTS @10.53.0.3 -p 5300 bits SOA > dig.out.ns3.test$n + $DIG $DIGOPTS @10.53.0.3 bits SOA > dig.out.ns3.test$n grep "status: NOERROR" dig.out.ns3.test$n > /dev/null || ret=1 grep "ANSWER: 2," dig.out.ns3.test$n > /dev/null || ret=1 grep "2011072400" dig.out.ns3.test$n > /dev/null || ret=1 if [ $ret = 0 ]; then break; fi sleep 1 done -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that the zone is signed on initial transfer, noixfr ($n)" +echo_i "checking that the zone is signed on initial transfer, noixfr ($n)" ret=0 for i in 1 2 3 4 5 6 7 8 9 10 1 2 3 4 5 6 7 8 9 10 1 2 3 4 5 6 7 8 9 10 do ret=0 - $RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 signing -list noixfr > signing.out.test$n 2>&1 + $RNDCCMD 10.53.0.3 signing -list noixfr > signing.out.test$n 2>&1 keys=`grep '^Done signing' signing.out.test$n | wc -l` [ $keys = 2 ] || ret=1 if [ $ret = 0 ]; then break; fi sleep 1 done -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` $NSUPDATE << EOF zone noixfr -server 10.53.0.4 5300 +server 10.53.0.4 ${PORT} update add added.noixfr 0 A 1.2.3.4 send EOF n=`expr $n + 1` -echo "I:checking that the record is added on the hidden master, noixfr ($n)" +echo_i "checking that the record is added on the hidden master, noixfr ($n)" ret=0 -$DIG $DIGOPTS @10.53.0.4 -p 5300 added.noixfr A > dig.out.ns4.test$n +$DIG $DIGOPTS @10.53.0.4 added.noixfr A > dig.out.ns4.test$n grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 grep "ANSWER: 1," dig.out.ns4.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that update has been transfered and has been signed, noixfr ($n)" +echo_i "checking that update has been transfered and has been signed, noixfr ($n)" ret=0 for i in 1 2 3 4 5 6 7 8 9 10 1 2 3 4 5 6 7 8 9 10 1 2 3 4 5 6 7 8 9 10 do ret=0 - $DIG $DIGOPTS @10.53.0.3 -p 5300 added.noixfr A > dig.out.ns3.test$n + $DIG $DIGOPTS @10.53.0.3 added.noixfr A > dig.out.ns3.test$n grep "status: NOERROR" dig.out.ns3.test$n > /dev/null || ret=1 grep "ANSWER: 2," dig.out.ns3.test$n > /dev/null || ret=1 if [ $ret = 0 ]; then break; fi sleep 1 done -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` $NSUPDATE << EOF zone noixfr -server 10.53.0.4 5300 +server 10.53.0.4 ${PORT} update add noixfr 0 SOA ns4.noixfr. . 2011072400 20 20 1814400 3600 send EOF n=`expr $n + 1` -echo "I:checking YYYYMMDDVV (2011072400) serial on hidden master, noixfr ($n)" +echo_i "checking YYYYMMDDVV (2011072400) serial on hidden master, noixfr ($n)" ret=0 -$DIG $DIGOPTS @10.53.0.4 -p 5300 noixfr SOA > dig.out.ns4.test$n +$DIG $DIGOPTS @10.53.0.4 noixfr SOA > dig.out.ns4.test$n grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 grep "ANSWER: 1," dig.out.ns4.test$n > /dev/null || ret=1 grep "2011072400" dig.out.ns4.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking YYYYMMDDVV (2011072400) serial in signed zone, noixfr ($n)" +echo_i "checking YYYYMMDDVV (2011072400) serial in signed zone, noixfr ($n)" for i in 1 2 3 4 5 6 7 8 9 10 do ret=0 - $DIG $DIGOPTS @10.53.0.3 -p 5300 noixfr SOA > dig.out.ns3.test$n + $DIG $DIGOPTS @10.53.0.3 noixfr SOA > dig.out.ns3.test$n grep "status: NOERROR" dig.out.ns3.test$n > /dev/null || ret=1 grep "ANSWER: 2," dig.out.ns3.test$n > /dev/null || ret=1 grep "2011072400" dig.out.ns3.test$n > /dev/null || ret=1 if [ $ret = 0 ]; then break; fi sleep 1 done -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that the master zone signed on initial load ($n)" +echo_i "checking that the master zone signed on initial load ($n)" ret=0 for i in 1 2 3 4 5 6 7 8 9 10 do ret=0 - $RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 signing -list master > signing.out.test$n 2>&1 + $RNDCCMD 10.53.0.3 signing -list master > signing.out.test$n 2>&1 keys=`grep '^Done signing' signing.out.test$n | wc -l` [ $keys = 2 ] || ret=1 if [ $ret = 0 ]; then break; fi sleep 1 done -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking removal of private type record via 'rndc signing -clear' (master) ($n)" +echo_i "checking removal of private type record via 'rndc signing -clear' (master) ($n)" ret=0 -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 signing -list master > signing.out.test$n 2>&1 +$RNDCCMD 10.53.0.3 signing -list master > signing.out.test$n 2>&1 keys=`sed -n -e 's/Done signing with key \(.*\)$/\1/p' signing.out.test$n` for key in $keys; do - $RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 signing -clear ${key} master > /dev/null || ret=1 + $RNDCCMD 10.53.0.3 signing -clear ${key} master > /dev/null || ret=1 break; # We only want to remove 1 record for now. -done 2>&1 |sed 's/^/I:ns3 /' +done 2>&1 |sed 's/^/ns3 /' | cat_i for i in 1 2 3 4 5 6 7 8 9 do ans=0 - $RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 signing -list master > signing.out.test$n 2>&1 + $RNDCCMD 10.53.0.3 signing -list master > signing.out.test$n 2>&1 num=`grep "Done signing with" signing.out.test$n | wc -l` [ $num = 1 ] && break sleep 1 done [ $ans = 0 ] || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking private type was properly signed (master) ($n)" +echo_i "checking private type was properly signed (master) ($n)" ret=0 -$DIG $DIGOPTS @10.53.0.6 -p 5300 master TYPE65534 > dig.out.ns6.test$n +$DIG $DIGOPTS @10.53.0.6 master TYPE65534 > dig.out.ns6.test$n grep "ANSWER: 2," dig.out.ns6.test$n > /dev/null || ret=1 grep "flags:.* ad[ ;]" dig.out.ns6.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking removal of remaining private type record via 'rndc signing -clear' (master) ($n)" +echo_i "checking removal of remaining private type record via 'rndc signing -clear' (master) ($n)" ret=0 -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 signing -clear all master > /dev/null || ret=1 +$RNDCCMD 10.53.0.3 signing -clear all master > /dev/null || ret=1 for i in 1 2 3 4 5 6 7 8 9 10 do ans=0 - $RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 signing -list master > signing.out.test$n 2>&1 + $RNDCCMD 10.53.0.3 signing -list master > signing.out.test$n 2>&1 grep "No signing records found" signing.out.test$n > /dev/null || ans=1 [ $ans = 1 ] || break sleep 1 done [ $ans = 0 ] || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:check adding of record to unsigned master ($n)" +echo_i "check adding of record to unsigned master ($n)" ret=0 cp ns3/master2.db.in ns3/master.db -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 reload master || ret=1 +$RNDCCMD 10.53.0.3 reload master 2>&1 | sed 's/^/ns3 /' | cat_i for i in 1 2 3 4 5 6 7 8 9 do ans=0 - $DIG $DIGOPTS @10.53.0.3 -p 5300 e.master A > dig.out.ns3.test$n + $DIG $DIGOPTS @10.53.0.3 e.master A > dig.out.ns3.test$n grep "10.0.0.5" dig.out.ns3.test$n > /dev/null || ans=1 grep "ANSWER: 2," dig.out.ns3.test$n > /dev/null || ans=1 [ $ans = 1 ] || break sleep 1 done [ $ans = 0 ] || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:check adding record fails when SOA serial not changed ($n)" +echo_i "check adding record fails when SOA serial not changed ($n)" ret=0 echo "c A 10.0.0.3" >> ns3/master.db -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 reload || ret=1 +$RNDCCMD 10.53.0.3 reload 2>&1 | sed 's/^/ns3 /' | cat_i sleep 1 -$DIG $DIGOPTS @10.53.0.3 -p 5300 c.master A > dig.out.ns3.test$n +$DIG $DIGOPTS @10.53.0.3 c.master A > dig.out.ns3.test$n grep "NXDOMAIN" dig.out.ns3.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:check adding record works after updating SOA serial ($n)" +echo_i "check adding record works after updating SOA serial ($n)" ret=0 cp ns3/master3.db.in ns3/master.db -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 reload master || ret=1 +$RNDCCMD 10.53.0.3 reload master 2>&1 | sed 's/^/ns3 /' | cat_i for i in 1 2 3 4 5 6 7 8 9 do ans=0 - $DIG $DIGOPTS @10.53.0.3 -p 5300 c.master A > dig.out.ns3.test$n + $DIG $DIGOPTS @10.53.0.3 c.master A > dig.out.ns3.test$n grep "10.0.0.3" dig.out.ns3.test$n > /dev/null || ans=1 grep "ANSWER: 2," dig.out.ns3.test$n > /dev/null || ans=1 [ $ans = 1 ] || break sleep 1 done [ $ans = 0 ] || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:check the added record was properly signed ($n)" +echo_i "check the added record was properly signed ($n)" ret=0 -$DIG $DIGOPTS @10.53.0.3 -p 5300 e.master A > dig.out.ns6.test$n +$DIG $DIGOPTS @10.53.0.3 e.master A > dig.out.ns6.test$n grep "10.0.0.5" dig.out.ns6.test$n > /dev/null || ans=1 grep "ANSWER: 2," dig.out.ns6.test$n > /dev/null || ans=1 grep "flags:.* ad[ ;]" dig.out.ns6.test$n > /dev/null || ans=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that the dynamic master zone signed on initial load ($n)" +echo_i "checking that the dynamic master zone signed on initial load ($n)" ret=0 for i in 1 2 3 4 5 6 7 8 9 10 do ret=0 - $RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 signing -list dynamic > signing.out.test$n 2>&1 + $RNDCCMD 10.53.0.3 signing -list dynamic > signing.out.test$n 2>&1 keys=`grep '^Done signing' signing.out.test$n | wc -l` [ $keys = 2 ] || ret=1 if [ $ret = 0 ]; then break; fi sleep 1 done -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking master zone that was updated while offline is correct ($n)" +echo_i "checking master zone that was updated while offline is correct ($n)" ret=0 -serial=`$DIG $DIGOPTS +short @10.53.0.3 -p 5300 updated SOA | awk '{print $3}'` +serial=`$DIG $DIGOPTS +nodnssec +short @10.53.0.3 updated SOA | awk '{print $3}'` # serial should have changed [ "$serial" = "2000042407" ] && ret=1 # e.updated should exist and should be signed -$DIG $DIGOPTS @10.53.0.3 -p 5300 e.updated A > dig.out.ns3.test$n +$DIG $DIGOPTS @10.53.0.3 e.updated A > dig.out.ns3.test$n grep "status: NOERROR" dig.out.ns3.test$n > /dev/null || ret=1 grep "ANSWER: 2," dig.out.ns3.test$n > /dev/null || ret=1 # updated.db.signed.jnl should exist, should have the source serial @@ -431,398 +432,397 @@ serial=`$JOURNALPRINT ns3/updated.db.signed.jnl | head -1 | awk '{print $4}'` [ "$serial" = "2000042408" ] || ret=1 diffsize=`$JOURNALPRINT ns3/updated.db.signed.jnl | wc -l` [ "$diffsize" -le 13 ] || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking adding of record to unsigned master using UPDATE ($n)" +echo_i "checking adding of record to unsigned master using UPDATE ($n)" ret=0 -[ -f ns3/dynamic.db.jnl ] && { ret=1 ; echo "I:journal exists (pretest)" ; } +[ -f ns3/dynamic.db.jnl ] && { ret=1 ; echo_i "journal exists (pretest)" ; } $NSUPDATE << EOF zone dynamic -server 10.53.0.3 5300 +server 10.53.0.3 ${PORT} update add e.dynamic 0 A 1.2.3.4 send EOF -[ -f ns3/dynamic.db.jnl ] || { ret=1 ; echo "I:journal does not exist (posttest)" ; } +[ -f ns3/dynamic.db.jnl ] || { ret=1 ; echo_i "journal does not exist (posttest)" ; } for i in 1 2 3 4 5 6 7 8 9 10 do ans=0 - $DIG $DIGOPTS @10.53.0.3 -p 5300 e.dynamic > dig.out.ns3.test$n + $DIG $DIGOPTS @10.53.0.3 e.dynamic > dig.out.ns3.test$n grep "status: NOERROR" dig.out.ns3.test$n > /dev/null || ans=1 grep "ANSWER: 2," dig.out.ns3.test$n > /dev/null || ans=1 grep "1.2.3.4" dig.out.ns3.test$n > /dev/null || ans=1 [ $ans = 0 ] && break sleep 1 done -[ $ans = 0 ] || { ret=1; echo "I:signed record not found"; cat dig.out.ns3.test$n ; } +[ $ans = 0 ] || { ret=1; echo_i "signed record not found"; cat dig.out.ns3.test$n ; } -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:stop bump in the wire signer server ($n)" +echo_i "stop bump in the wire signer server ($n)" ret=0 $PERL ../stop.pl . ns3 || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:restart bump in the wire signer server ($n)" +echo_i "restart bump in the wire signer server ($n)" ret=0 -$PERL ../start.pl --noclean --restart . ns3 || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +$PERL ../start.pl --noclean --restart --port ${PORT} . ns3 || ret=1 +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` $NSUPDATE << EOF zone bits -server 10.53.0.2 5300 +server 10.53.0.2 ${PORT} update add bits 0 SOA ns2.bits. . 2011072450 20 20 1814400 3600 send EOF n=`expr $n + 1` -echo "I:checking YYYYMMDDVV (2011072450) serial on hidden master ($n)" +echo_i "checking YYYYMMDDVV (2011072450) serial on hidden master ($n)" ret=0 -$DIG $DIGOPTS @10.53.0.2 -p 5300 bits SOA > dig.out.ns2.test$n +$DIG $DIGOPTS @10.53.0.2 bits SOA > dig.out.ns2.test$n grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "ANSWER: 1," dig.out.ns2.test$n > /dev/null || ret=1 grep "2011072450" dig.out.ns2.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking YYYYMMDDVV (2011072450) serial in signed zone ($n)" +echo_i "checking YYYYMMDDVV (2011072450) serial in signed zone ($n)" for i in 1 2 3 4 5 6 7 8 9 10 do ret=0 - $DIG $DIGOPTS @10.53.0.3 -p 5300 bits SOA > dig.out.ns3.test$n + $DIG $DIGOPTS @10.53.0.3 bits SOA > dig.out.ns3.test$n grep "status: NOERROR" dig.out.ns3.test$n > /dev/null || ret=1 grep "ANSWER: 2," dig.out.ns3.test$n > /dev/null || ret=1 grep "2011072450" dig.out.ns3.test$n > /dev/null || ret=1 if [ $ret = 0 ]; then break; fi sleep 1 done -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` $NSUPDATE << EOF zone noixfr -server 10.53.0.4 5300 +server 10.53.0.4 ${PORT} update add noixfr 0 SOA ns4.noixfr. . 2011072450 20 20 1814400 3600 send EOF n=`expr $n + 1` -echo "I:checking YYYYMMDDVV (2011072450) serial on hidden master, noixfr ($n)" +echo_i "checking YYYYMMDDVV (2011072450) serial on hidden master, noixfr ($n)" ret=0 -$DIG $DIGOPTS @10.53.0.4 -p 5300 noixfr SOA > dig.out.ns4.test$n +$DIG $DIGOPTS @10.53.0.4 noixfr SOA > dig.out.ns4.test$n grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 grep "ANSWER: 1," dig.out.ns4.test$n > /dev/null || ret=1 grep "2011072450" dig.out.ns4.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking YYYYMMDDVV (2011072450) serial in signed zone, noixfr ($n)" +echo_i "checking YYYYMMDDVV (2011072450) serial in signed zone, noixfr ($n)" for i in 1 2 3 4 5 6 7 8 9 10 do ret=0 - $DIG $DIGOPTS @10.53.0.3 -p 5300 noixfr SOA > dig.out.ns3.test$n + $DIG $DIGOPTS @10.53.0.3 noixfr SOA > dig.out.ns3.test$n grep "status: NOERROR" dig.out.ns3.test$n > /dev/null || ret=1 grep "ANSWER: 2," dig.out.ns3.test$n > /dev/null || ret=1 grep "2011072450" dig.out.ns3.test$n > /dev/null || ret=1 if [ $ret = 0 ]; then break; fi sleep 1 done -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` $NSUPDATE << EOF zone bits -server 10.53.0.3 5300 +server 10.53.0.3 ${PORT} update add bits 0 SOA ns2.bits. . 2011072460 20 20 1814400 3600 send EOF n=`expr $n + 1` -echo "I:checking forwarded update on hidden master ($n)" +echo_i "checking forwarded update on hidden master ($n)" ret=0 -$DIG $DIGOPTS @10.53.0.2 -p 5300 bits SOA > dig.out.ns2.test$n +$DIG $DIGOPTS @10.53.0.2 bits SOA > dig.out.ns2.test$n grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "ANSWER: 1," dig.out.ns2.test$n > /dev/null || ret=1 grep "2011072460" dig.out.ns2.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking forwarded update on signed zone ($n)" +echo_i "checking forwarded update on signed zone ($n)" for i in 1 2 3 4 5 6 7 8 9 10 do ret=0 - $DIG $DIGOPTS @10.53.0.3 -p 5300 bits SOA > dig.out.ns3.test$n + $DIG $DIGOPTS @10.53.0.3 bits SOA > dig.out.ns3.test$n grep "status: NOERROR" dig.out.ns3.test$n > /dev/null || ret=1 grep "ANSWER: 2," dig.out.ns3.test$n > /dev/null || ret=1 grep "2011072460" dig.out.ns3.test$n > /dev/null || ret=1 if [ $ret = 0 ]; then break; fi sleep 1 done -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` $NSUPDATE << EOF zone noixfr -server 10.53.0.3 5300 +server 10.53.0.3 ${PORT} update add noixfr 0 SOA ns4.noixfr. . 2011072460 20 20 1814400 3600 send EOF n=`expr $n + 1` -echo "I:checking forwarded update on hidden master, noixfr ($n)" +echo_i "checking forwarded update on hidden master, noixfr ($n)" ret=0 -$DIG $DIGOPTS @10.53.0.4 -p 5300 noixfr SOA > dig.out.ns4.test$n +$DIG $DIGOPTS @10.53.0.4 noixfr SOA > dig.out.ns4.test$n grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 grep "ANSWER: 1," dig.out.ns4.test$n > /dev/null || ret=1 grep "2011072460" dig.out.ns4.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking forwarded update on signed zone, noixfr ($n)" +echo_i "checking forwarded update on signed zone, noixfr ($n)" for i in 1 2 3 4 5 6 7 8 9 10 do ret=0 - $DIG $DIGOPTS @10.53.0.3 -p 5300 noixfr SOA > dig.out.ns3.test$n + $DIG $DIGOPTS @10.53.0.3 noixfr SOA > dig.out.ns3.test$n grep "status: NOERROR" dig.out.ns3.test$n > /dev/null || ret=1 grep "ANSWER: 2," dig.out.ns3.test$n > /dev/null || ret=1 grep "2011072460" dig.out.ns3.test$n > /dev/null || ret=1 if [ $ret = 0 ]; then break; fi sleep 1 done -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` ret=0 n=`expr $n + 1` -echo "I:checking turning on of inline signing in a slave zone via reload ($n)" -$DIG $DIGOPTS @10.53.0.5 -p 5300 +dnssec bits SOA > dig.out.ns5.test$n +echo_i "checking turning on of inline signing in a slave zone via reload ($n)" +$DIG $DIGOPTS @10.53.0.5 +dnssec bits SOA > dig.out.ns5.test$n grep "status: NOERROR" dig.out.ns5.test$n > /dev/null || ret=1 grep "ANSWER: 1," dig.out.ns5.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:setup broken"; fi +if [ $ret != 0 ]; then echo_i "setup broken"; fi status=`expr $status + $ret` -cp ns5/named.conf.post ns5/named.conf +copy_setports ns5/named.conf.post ns5/named.conf (cd ns5; $KEYGEN -q -a rsasha256 -r $RANDFILE bits) > /dev/null 2>&1 (cd ns5; $KEYGEN -q -a rsasha256 -r $RANDFILE -f KSK bits) > /dev/null 2>&1 -$RNDC -c ../common/rndc.conf -s 10.53.0.5 -p 9953 reload 2>&1 | sed 's/^/I:ns5 /' +$RNDCCMD 10.53.0.5 reload 2>&1 | sed 's/^/ns5 /' | cat_i for i in 1 2 3 4 5 6 7 8 9 10 do ret=0 - $DIG $DIGOPTS @10.53.0.5 -p 5300 bits SOA > dig.out.ns5.test$n + $DIG $DIGOPTS @10.53.0.5 bits SOA > dig.out.ns5.test$n grep "status: NOERROR" dig.out.ns5.test$n > /dev/null || ret=1 grep "ANSWER: 2," dig.out.ns5.test$n > /dev/null || ret=1 if [ $ret = 0 ]; then break; fi sleep 1 done -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking rndc freeze/thaw of dynamic inline zone no change ($n)" +echo_i "checking rndc freeze/thaw of dynamic inline zone no change ($n)" ret=0 -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 freeze dynamic > freeze.test$n 2>&1 || { echo "I: rndc freeze dynamic failed" ; sed 's/^/I:/' < freeze.test$n ; ret=1; } +$RNDCCMD 10.53.0.3 freeze dynamic > freeze.test$n 2>&1 || { echo_i "/' < freeze.test$n"; ret=1; } sleep 1 -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 thaw dynamic > thaw.test$n 2>&1 || { echo "I: rndc thaw dynamic failed" ; ret=1; } +$RNDCCMD 10.53.0.3 thaw dynamic > thaw.test$n 2>&1 || { echo_i "rndc thaw dynamic failed" ; ret=1; } sleep 1 grep "zone dynamic/IN (unsigned): ixfr-from-differences: unchanged" ns3/named.run > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking rndc freeze/thaw of dynamic inline zone ($n)" +echo_i "checking rndc freeze/thaw of dynamic inline zone ($n)" ret=0 -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 freeze dynamic > freeze.test$n 2>&1 || ret=1 +$RNDCCMD 10.53.0.3 freeze dynamic > freeze.test$n 2>&1 || ret=1 sleep 1 awk '$2 == ";" && $3 == "serial" { printf("%d %s %s\n", $1 + 1, $2, $3); next; } { print; } END { print "freeze1.dynamic. 0 TXT freeze1"; } ' ns3/dynamic.db > ns3/dynamic.db.new mv ns3/dynamic.db.new ns3/dynamic.db -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 thaw dynamic > thaw.test$n 2>&1 || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +$RNDCCMD 10.53.0.3 thaw dynamic > thaw.test$n 2>&1 || ret=1 +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:check added record freeze1.dynamic ($n)" +echo_i "check added record freeze1.dynamic ($n)" for i in 1 2 3 4 5 6 7 8 9 do ret=0 - $DIG $DIGOPTS @10.53.0.3 -p 5300 freeze1.dynamic TXT > dig.out.ns3.test$n + $DIG $DIGOPTS @10.53.0.3 freeze1.dynamic TXT > dig.out.ns3.test$n grep "status: NOERROR" dig.out.ns3.test$n > /dev/null || ret=1 grep "ANSWER: 2," dig.out.ns3.test$n > /dev/null || ret=1 test $ret = 0 && break sleep 1 done -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` # allow 1 second so that file time stamps change sleep 1 n=`expr $n + 1` -echo "I:checking rndc freeze/thaw of server ($n)" +echo_i "checking rndc freeze/thaw of server ($n)" ret=0 -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 freeze > freeze.test$n 2>&1 || ret=1 +$RNDCCMD 10.53.0.3 freeze > freeze.test$n 2>&1 || ret=1 sleep 1 awk '$2 == ";" && $3 == "serial" { printf("%d %s %s\n", $1 + 1, $2, $3); next; } { print; } END { print "freeze2.dynamic. 0 TXT freeze2"; } ' ns3/dynamic.db > ns3/dynamic.db.new mv ns3/dynamic.db.new ns3/dynamic.db -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 thaw > thaw.test$n 2>&1 || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +$RNDCCMD 10.53.0.3 thaw > thaw.test$n 2>&1 || ret=1 +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:check added record freeze2.dynamic ($n)" +echo_i "check added record freeze2.dynamic ($n)" for i in 1 2 3 4 5 6 7 8 9 do ret=0 - $DIG $DIGOPTS @10.53.0.3 -p 5300 freeze2.dynamic TXT > dig.out.ns3.test$n + $DIG $DIGOPTS @10.53.0.3 freeze2.dynamic TXT > dig.out.ns3.test$n grep "status: NOERROR" dig.out.ns3.test$n > /dev/null || ret=1 grep "ANSWER: 2," dig.out.ns3.test$n > /dev/null || ret=1 test $ret = 0 && break sleep 1 done -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:check rndc reload allows reuse of inline-signing zones ($n)" +echo_i "check rndc reload allows reuse of inline-signing zones ($n)" ret=0 -{ $RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 reload 2>&1 || ret=1 ; } | -sed 's/^/I:ns3 /' +{ $RNDCCMD 10.53.0.3 reload 2>&1 || ret=1 ; } | sed 's/^/ns3 /' | cat_i grep "not reusable" ns3/named.run > /dev/null 2>&1 && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:check rndc sync removes both signed and unsigned journals ($n)" +echo_i "check rndc sync removes both signed and unsigned journals ($n)" ret=0 [ -f ns3/dynamic.db.jnl ] || ret=1 [ -f ns3/dynamic.db.signed.jnl ] || ret=1 -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 sync -clean dynamic 2>&1 || ret=1 +$RNDCCMD 10.53.0.3 sync -clean dynamic 2>&1 || ret=1 [ -f ns3/dynamic.db.jnl ] && ret=1 [ -f ns3/dynamic.db.signed.jnl ] && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` $NSUPDATE << EOF zone retransfer -server 10.53.0.2 5300 +server 10.53.0.2 ${PORT} update add added.retransfer 0 A 1.2.3.4 send EOF n=`expr $n + 1` -echo "I:checking that the retransfer record is added on the hidden master ($n)" +echo_i "checking that the retransfer record is added on the hidden master ($n)" ret=0 -$DIG $DIGOPTS @10.53.0.2 -p 5300 added.retransfer A > dig.out.ns2.test$n +$DIG $DIGOPTS @10.53.0.2 added.retransfer A > dig.out.ns2.test$n grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "ANSWER: 1," dig.out.ns2.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that the change has not been transfered due to notify ($n)" +echo_i "checking that the change has not been transfered due to notify ($n)" ret=0 for i in 0 1 2 3 4 5 6 7 8 9 do ans=0 - $DIG $DIGOPTS @10.53.0.3 -p 5300 added.retransfer A > dig.out.ns3.test$n + $DIG $DIGOPTS @10.53.0.3 added.retransfer A > dig.out.ns3.test$n grep "status: NOERROR" dig.out.ns3.test$n > /dev/null || ans=1 [ $ans = 0 ] && break sleep 1 done -if [ $ans != 1 ]; then echo "I:failed"; ret=1; fi +if [ $ans != 1 ]; then echo_i "failed"; ret=1; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:check rndc retransfer of a inline slave zone works ($n)" +echo_i "check rndc retransfer of a inline slave zone works ($n)" ret=0 -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 retransfer retransfer 2>&1 || ret=1 +$RNDCCMD 10.53.0.3 retransfer retransfer 2>&1 || ret=1 for i in 0 1 2 3 4 5 6 7 8 9 do ans=0 - $DIG $DIGOPTS @10.53.0.3 -p 5300 added.retransfer A > dig.out.ns3.test$n + $DIG $DIGOPTS @10.53.0.3 added.retransfer A > dig.out.ns3.test$n grep "status: NOERROR" dig.out.ns3.test$n > /dev/null || ans=1 grep "ANSWER: 2," dig.out.ns3.test$n > /dev/null || ans=1 [ $ans = 0 ] && break sleep 1 done [ $ans = 1 ] && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:check rndc retransfer of a inline nsec3 slave retains nsec3 ($n)" +echo_i "check rndc retransfer of a inline nsec3 slave retains nsec3 ($n)" ret=0 for i in 0 1 2 3 4 5 6 7 8 9 do ans=0 - $DIG $DIGOPTS @10.53.0.3 -p 5300 nonexist.retransfer3 A > dig.out.ns3.pre.test$n + $DIG $DIGOPTS @10.53.0.3 nonexist.retransfer3 A > dig.out.ns3.pre.test$n grep "status: NXDOMAIN" dig.out.ns3.pre.test$n > /dev/null || ans=1 grep "NSEC3" dig.out.ns3.pre.test$n > /dev/null || ans=1 [ $ans = 0 ] && break sleep 1 done -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 retransfer retransfer3 2>&1 || ret=1 +$RNDCCMD 10.53.0.3 retransfer retransfer3 2>&1 || ret=1 for i in 0 1 2 3 4 5 6 7 8 9 do ans=0 - $DIG $DIGOPTS @10.53.0.3 -p 5300 nonexist.retransfer3 A > dig.out.ns3.post.test$n + $DIG $DIGOPTS @10.53.0.3 nonexist.retransfer3 A > dig.out.ns3.post.test$n grep "status: NXDOMAIN" dig.out.ns3.post.test$n > /dev/null || ans=1 grep "NSEC3" dig.out.ns3.post.test$n > /dev/null || ans=1 [ $ans = 0 ] && break sleep 1 done [ $ans = 1 ] && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` # NOTE: The test below should be considered fragile. More details can be found # in the comment inside ns7/named.conf. n=`expr $n + 1` -echo "I:check rndc retransfer of a inline nsec3 slave does not trigger an infinite loop ($n)" +echo_i "check rndc retransfer of a inline nsec3 slave does not trigger an infinite loop ($n)" ret=0 zone=nsec3-loop # Add slave zone using rndc -$RNDC -c ../common/rndc.conf -s 10.53.0.7 -p 9953 addzone $zone \ +$RNDCCMD 10.53.0.7 addzone $zone \ '{ type slave; masters { 10.53.0.2; }; file "'$zone'.db"; inline-signing yes; auto-dnssec maintain; };' # Wait until slave zone is fully signed using NSEC for i in 1 2 3 4 5 6 7 8 9 0 do ret=1 - $RNDC -c ../common/rndc.conf -s 10.53.0.7 -p 9953 signing -list $zone > signing.out.test$n 2>&1 + $RNDCCMD 10.53.0.7 signing -list $zone > signing.out.test$n 2>&1 keys=`grep '^Done signing' signing.out.test$n | wc -l` [ $keys -eq 3 ] && ret=0 && break sleep 1 done # Switch slave zone to NSEC3 -$RNDC -c ../common/rndc.conf -s 10.53.0.7 -p 9953 signing -nsec3param 1 0 2 12345678 $zone > /dev/null 2>&1 +$RNDCCMD 10.53.0.7 signing -nsec3param 1 0 2 12345678 $zone > /dev/null 2>&1 # Wait until slave zone is fully signed using NSEC3 for i in 1 2 3 4 5 6 7 8 9 0 do ret=1 - nsec3param=`$DIG +short @10.53.0.7 -p 5300 nsec3param $zone` + nsec3param=`$DIG $DIGOPTS +nodnssec +short @10.53.0.7 nsec3param $zone` test "$nsec3param" = "1 0 2 12345678" && ret=0 && break sleep 1 done # Attempt to retransfer the slave zone from master -$RNDC -c ../common/rndc.conf -s 10.53.0.7 -p 9953 retransfer $zone +$RNDCCMD 10.53.0.7 retransfer $zone # Check whether the signer managed to fully sign the retransferred zone by # waiting for a specific SOA serial number to appear in the logs; if this # specific SOA serial number does not appear in the logs, it means the signer @@ -837,63 +837,63 @@ do [ $? -eq 0 ] && ret=0 && break sleep 1 done -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:stop bump in the wire signer server ($n)" +echo_i "stop bump in the wire signer server ($n)" ret=0 $PERL ../stop.pl . ns3 || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:update SOA record while stopped" +echo_i "update SOA record while stopped" cp ns3/master4.db.in ns3/master.db rm ns3/master.db.jnl n=`expr $n + 1` -echo "I:restart bump in the wire signer server ($n)" +echo_i "restart bump in the wire signer server ($n)" ret=0 -$PERL ../start.pl --noclean --restart . ns3 || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +$PERL ../start.pl --noclean --restart --port ${PORT} . ns3 || ret=1 +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:updates to SOA parameters other than serial while stopped are reflected in signed zone ($n)" +echo_i "updates to SOA parameters other than serial while stopped are reflected in signed zone ($n)" ret=0 for i in 1 2 3 4 5 6 7 8 9 do ans=0 - $DIG $DIGOPTS @10.53.0.3 -p 5300 master SOA > dig.out.ns3.test$n + $DIG $DIGOPTS @10.53.0.3 master SOA > dig.out.ns3.test$n grep "hostmaster" dig.out.ns3.test$n > /dev/null || ans=1 grep "ANSWER: 2," dig.out.ns3.test$n > /dev/null || ans=1 [ $ans = 1 ] || break sleep 1 done [ $ans = 0 ] || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:test add/del zone combinations ($n)" +echo_i "test add/del zone combinations ($n)" ret=0 for zone in a b c d e f g h i j k l m n o p q r s t u v w x y z do -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 addzone test-$zone \ +$RNDCCMD 10.53.0.2 addzone test-$zone \ '{ type master; file "bits.db.in"; allow-transfer { any; }; };' -$DIG $DIGOPTS @10.53.0.2 -p 5300 test-$zone SOA > dig.out.ns2.$zone.test$n +$DIG $DIGOPTS @10.53.0.2 test-$zone SOA > dig.out.ns2.$zone.test$n grep "status: NOERROR," dig.out.ns2.$zone.test$n > /dev/null || { ret=1; cat dig.out.ns2.$zone.test$n; } -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 addzone test-$zone \ +$RNDCCMD 10.53.0.3 addzone test-$zone \ '{ type slave; masters { 10.53.0.2; }; file "'test-$zone.bk'"; inline-signing yes; auto-dnssec maintain; allow-transfer { any; }; };' -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 delzone test-$zone > /dev/null 2>&1 +$RNDCCMD 10.53.0.3 delzone test-$zone > /dev/null 2>&1 done -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:testing adding external keys to a inline zone ($n)" +echo_i "testing adding external keys to a inline zone ($n)" ret=0 -$DIG $DIGOPTS @10.53.0.3 -p 5300 dnskey externalkey > dig.out.ns3.test$n +$DIG $DIGOPTS @10.53.0.3 dnskey externalkey > dig.out.ns3.test$n for alg in 3 7 12 13 do [ $alg = 3 -a ! -f checkdsa ] && continue; @@ -901,23 +901,23 @@ do [ $alg = 13 -a ! -f checkecdsa ] && continue; case $alg in - 3) echo "I: checking DSA";; - 7) echo "I: checking NSEC3RSASHA1";; - 12) echo "I: checking GOST";; - 13) echo "I: checking ECDSAP256SHA256";; - *) echo "I: checking $alg";; + 3) echo_i "checking DSA";; + 7) echo_i "checking NSEC3RSASHA1";; + 12) echo_i "checking GOST";; + 13) echo_i "checking ECDSAP256SHA256";; + *) echo_i "checking $alg";; esac dnskeys=`grep "IN.DNSKEY.25[67] [0-9]* $alg " dig.out.ns3.test$n | wc -l` rrsigs=`grep "RRSIG.DNSKEY $alg " dig.out.ns3.test$n | wc -l` - test ${dnskeys:-0} -eq 3 || { echo "I: failed $alg (dnskeys ${dnskeys:-0})"; ret=1; } - test ${rrsigs:-0} -eq 2 || { echo "I: failed $alg (rrsigs ${rrsigs:-0})"; ret=1; } + test ${dnskeys:-0} -eq 3 || { echo_i "failed $alg (dnskeys ${dnskeys:-0})"; ret=1; } + test ${rrsigs:-0} -eq 2 || { echo_i "failed $alg (rrsigs ${rrsigs:-0})"; ret=1; } done -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:testing imported key won't overwrite a private key ($n)" +echo_i "testing imported key won't overwrite a private key ($n)" ret=0 key=`$KEYGEN -r $RANDFILE -q -a rsasha256 import.example` cp ${key}.key import.key @@ -928,134 +928,134 @@ rm -f ${key}.private $IMPORTKEY -f import.key import.example > /dev/null 2>&1 || ret=1 # now that it's an external key, re-import should succeed $IMPORTKEY -f import.key import.example > /dev/null 2>&1 || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:testing updating inline secure serial via 'rndc signing -serial' ($n)" +echo_i "testing updating inline secure serial via 'rndc signing -serial' ($n)" ret=0 -$DIG nsec3. SOA -p 5300 @10.53.0.3 > dig.out.n3.pre.test$n +$DIG $DIGOPTS nsec3. SOA @10.53.0.3 > dig.out.n3.pre.test$n newserial=`$PERL -e 'while (<>) { chomp; my @field = split /\s+/; printf("%u\n", $field[6] + 10) if ($field[3] eq "SOA"); }' < dig.out.n3.pre.test$n` -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 signing -serial ${newserial:-0} nsec3 > /dev/null 2>&1 +$RNDCCMD 10.53.0.3 signing -serial ${newserial:-0} nsec3 > /dev/null 2>&1 sleep 1 -$DIG nsec3. SOA -p 5300 @10.53.0.3 > dig.out.ns3.post.test$n +$DIG $DIGOPTS nsec3. SOA @10.53.0.3 > dig.out.ns3.post.test$n serial=`awk '$4 == "SOA" { print $7 }' dig.out.ns3.post.test$n` [ ${newserial:-0} -eq ${serial:-1} ] || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:testing updating inline secure serial via 'rndc signing -serial' with negative change ($n)" +echo_i "testing updating inline secure serial via 'rndc signing -serial' with negative change ($n)" ret=0 -$DIG nsec3. SOA -p 5300 @10.53.0.3 > dig.out.n3.pre.test$n +$DIG $DIGOPTS nsec3. SOA @10.53.0.3 > dig.out.n3.pre.test$n oldserial=`awk '$4 == "SOA" { print $7 }' dig.out.n3.pre.test$n` newserial=`$PERL -e 'while (<>) { chomp; my @field = split /\s+/; printf("%u\n", $field[6] - 10) if ($field[3] eq "SOA"); }' < dig.out.n3.pre.test$n` -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 signing -serial ${newserial:-0} nsec3 > /dev/null 2>&1 +$RNDCCMD 10.53.0.3 signing -serial ${newserial:-0} nsec3 > /dev/null 2>&1 sleep 1 -$DIG nsec3. SOA -p 5300 @10.53.0.3 > dig.out.ns3.post.test$n +$DIG $DIGOPTS nsec3. SOA @10.53.0.3 > dig.out.ns3.post.test$n serial=`awk '$4 == "SOA" { print $7 }' dig.out.ns3.post.test$n` [ ${oldserial:-0} -eq ${serial:-1} ] || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` # # Freezing only operates on the raw zone. # n=`expr $n + 1` -echo "I:testing updating inline secure serial via 'rndc signing -serial' when frozen ($n)" +echo_i "testing updating inline secure serial via 'rndc signing -serial' when frozen ($n)" ret=0 -$DIG nsec3. SOA -p 5300 @10.53.0.3 > dig.out.n3.pre.test$n +$DIG $DIGOPTS nsec3. SOA @10.53.0.3 > dig.out.n3.pre.test$n oldserial=`awk '$4 == "SOA" { print $7 }' dig.out.n3.pre.test$n` newserial=`$PERL -e 'while (<>) { chomp; my @field = split /\s+/; printf("%u\n", $field[6] + 10) if ($field[3] eq "SOA"); }' < dig.out.n3.pre.test$n` -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 freeze nsec3 > /dev/null 2>&1 -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 signing -serial ${newserial:-0} nsec3 > /dev/null 2>&1 -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 thaw nsec3 > /dev/null 2>&1 +$RNDCCMD 10.53.0.3 freeze nsec3 > /dev/null 2>&1 +$RNDCCMD 10.53.0.3 signing -serial ${newserial:-0} nsec3 > /dev/null 2>&1 +$RNDCCMD 10.53.0.3 thaw nsec3 > /dev/null 2>&1 sleep 1 -$DIG nsec3. SOA -p 5300 @10.53.0.3 > dig.out.ns3.post.test$n +$DIG $DIGOPTS nsec3. SOA @10.53.0.3 > dig.out.ns3.post.test$n serial=`awk '$4 == "SOA" { print $7 }' dig.out.ns3.post.test$n` [ ${newserial:-0} -eq ${serial:-1} ] || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:testing updating dynamic serial via 'rndc signing -serial' ($n)" +echo_i "testing updating dynamic serial via 'rndc signing -serial' ($n)" ret=0 -$DIG bits. SOA -p 5300 @10.53.0.2 > dig.out.ns2.pre.test$n +$DIG $DIGOPTS bits. SOA @10.53.0.2 > dig.out.ns2.pre.test$n newserial=`$PERL -e 'while (<>) { chomp; my @field = split /\s+/; printf("%u\n", $field[6] + 10) if ($field[3] eq "SOA"); }' < dig.out.ns2.pre.test$n` -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 signing -serial ${newserial:-0} bits > /dev/null 2>&1 +$RNDCCMD 10.53.0.2 signing -serial ${newserial:-0} bits > /dev/null 2>&1 sleep 1 -$DIG bits. SOA -p 5300 @10.53.0.2 > dig.out.ns2.post.test$n +$DIG $DIGOPTS bits. SOA @10.53.0.2 > dig.out.ns2.post.test$n serial=`awk '$4 == "SOA" { print $7 }' dig.out.ns2.post.test$n` [ ${newserial:-0} -eq ${serial:-1} ] || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:testing updating dynamic serial via 'rndc signing -serial' with negative change ($n)" +echo_i "testing updating dynamic serial via 'rndc signing -serial' with negative change ($n)" ret=0 -$DIG bits. SOA -p 5300 @10.53.0.2 > dig.out.ns2.pre.test$n +$DIG $DIGOPTS bits. SOA @10.53.0.2 > dig.out.ns2.pre.test$n oldserial=`awk '$4 == "SOA" { print $7 }' dig.out.ns2.pre.test$n` newserial=`$PERL -e 'while (<>) { chomp; my @field = split /\s+/; printf("%u\n", $field[6] - 10) if ($field[3] eq "SOA"); }' < dig.out.ns2.pre.test$n` -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 signing -serial ${newserial:-0} bits > /dev/null 2>&1 +$RNDCCMD 10.53.0.2 signing -serial ${newserial:-0} bits > /dev/null 2>&1 sleep 1 -$DIG bits. SOA -p 5300 @10.53.0.2 > dig.out.ns2.post.test$n +$DIG $DIGOPTS bits. SOA @10.53.0.2 > dig.out.ns2.post.test$n serial=`awk '$4 == "SOA" { print $7 }' dig.out.ns2.post.test$n` [ ${oldserial:-0} -eq ${serial:-1} ] || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:testing updating dynamic serial via 'rndc signing -serial' when frozen ($n)" +echo_i "testing updating dynamic serial via 'rndc signing -serial' when frozen ($n)" ret=0 -$DIG bits. SOA -p 5300 @10.53.0.2 > dig.out.ns2.pre.test$n +$DIG $DIGOPTS bits. SOA @10.53.0.2 > dig.out.ns2.pre.test$n oldserial=`awk '$4 == "SOA" { print $7 }' dig.out.ns2.pre.test$n` newserial=`$PERL -e 'while (<>) { chomp; my @field = split /\s+/; printf("%u\n", $field[6] + 10) if ($field[3] eq "SOA"); }' < dig.out.ns2.pre.test$n` -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 freeze bits > /dev/null 2>&1 -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 signing -serial ${newserial:-0} bits > /dev/null 2>&1 -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 thaw bits > /dev/null 2>&1 +$RNDCCMD 10.53.0.2 freeze bits > /dev/null 2>&1 +$RNDCCMD 10.53.0.2 signing -serial ${newserial:-0} bits > /dev/null 2>&1 +$RNDCCMD 10.53.0.2 thaw bits > /dev/null 2>&1 sleep 1 -$DIG bits. SOA -p 5300 @10.53.0.2 > dig.out.ns2.post.test$n +$DIG $DIGOPTS bits. SOA @10.53.0.2 > dig.out.ns2.post.test$n serial=`awk '$4 == "SOA" { print $7 }' dig.out.ns2.post.test$n` [ ${oldserial:-0} -eq ${serial:-1} ] || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:testing that inline signing works with inactive ZSK and active KSK ($n)" +echo_i "testing that inline signing works with inactive ZSK and active KSK ($n)" ret=0 -$DIG $DIGOPTS @10.53.0.3 -p 5300 soa inactivezsk > dig.out.ns3.pre.test$n || ret=1 +$DIG $DIGOPTS @10.53.0.3 soa inactivezsk > dig.out.ns3.pre.test$n || ret=1 soa1=`awk '$4 == "SOA" { print $7 }' dig.out.ns3.pre.test$n` $NSUPDATE << EOF -server 10.53.0.2 5300 +server 10.53.0.2 ${PORT} update add added.inactivezsk 0 IN TXT added record send EOF for i in 1 2 3 4 5 6 7 8 9 10 do - $DIG $DIGOPTS @10.53.0.3 -p 5300 soa inactivezsk > dig.out.ns3.post.test$n || ret=1 + $DIG $DIGOPTS @10.53.0.3 soa inactivezsk > dig.out.ns3.post.test$n || ret=1 soa2=`awk '$4 == "SOA" { print $7 }' dig.out.ns3.post.test$n` test ${soa1:-0} -ne ${soa2:-0} && break sleep 1 done test ${soa1:-0} -ne ${soa2:-0} || ret=1 -$DIG $DIGOPTS @10.53.0.3 -p 5300 txt added.inactivezsk > dig.out.ns3.test$n || ret=1 +$DIG $DIGOPTS @10.53.0.3 txt added.inactivezsk > dig.out.ns3.test$n || ret=1 grep "ANSWER: 3," dig.out.ns3.test$n > /dev/null || ret=1 grep "RRSIG" dig.out.ns3.test$n > /dev/null || ret=1 grep "TXT 7 2" dig.out.ns3.test$n > /dev/null || ret=1 grep "TXT 8 2" dig.out.ns3.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:testing that inline signing works with inactive KSK and active ZSK ($n)" +echo_i "testing that inline signing works with inactive KSK and active ZSK ($n)" ret=0 -$DIG $DIGOPTS @10.53.0.3 -p 5300 axfr inactiveksk > dig.out.ns3.test$n +$DIG $DIGOPTS @10.53.0.3 axfr inactiveksk > dig.out.ns3.test$n # # check that DNSKEY is signed with ZSK for algorithm 7 @@ -1081,24 +1081,24 @@ kskid=`awk "${awk}" dig.out.ns3.test$n | $DSFROMKEY -2 -f - inactiveksk | awk '{ print $4}' ` grep "DNSKEY 8 1 [0-9]* [0-9]* [0-9]* ${kskid} " dig.out.ns3.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:check that zonestatus reports 'type: master' for a inline master zone ($n)" +echo_i "check that zonestatus reports 'type: master' for a inline master zone ($n)" ret=0 -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 zonestatus master > rndc.out.ns3.test$n +$RNDCCMD 10.53.0.3 zonestatus master > rndc.out.ns3.test$n grep "type: master" rndc.out.ns3.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:check that zonestatus reports 'type: slave' for a inline slave zone ($n)" +echo_i "check that zonestatus reports 'type: slave' for a inline slave zone ($n)" ret=0 -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 zonestatus bits > rndc.out.ns3.test$n +$RNDCCMD 10.53.0.3 zonestatus bits > rndc.out.ns3.test$n grep "type: slave" rndc.out.ns3.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:exit status: $status" +echo_i "exit status: $status" [ $status -eq 0 ] || exit 1 diff --git a/bin/tests/system/integrity/clean.sh b/bin/tests/system/integrity/clean.sh index 22c066fb22..409ea83ef5 100644 --- a/bin/tests/system/integrity/clean.sh +++ b/bin/tests/system/integrity/clean.sh @@ -7,3 +7,6 @@ # file, You can obtain one at http://mozilla.org/MPL/2.0/. rm -f dig.out.test* +rm -f */named.memstats +rm -f */named.conf +rm -f */named.run diff --git a/bin/tests/system/integrity/ns1/named.conf b/bin/tests/system/integrity/ns1/named.conf.in similarity index 96% rename from bin/tests/system/integrity/ns1/named.conf rename to bin/tests/system/integrity/ns1/named.conf.in index 136b5b6914..4076214bbd 100644 --- a/bin/tests/system/integrity/ns1/named.conf +++ b/bin/tests/system/integrity/ns1/named.conf.in @@ -6,13 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -controls { /* empty */ }; - options { query-source address 10.53.0.1; notify-source 10.53.0.1; transfer-source 10.53.0.1; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.1; }; listen-on-v6 { none; }; @@ -22,8 +20,6 @@ options { check-integrity no; }; -include "../../common/controls.conf"; - zone "." { type hint; file "../../common/root.hint"; diff --git a/bin/tests/system/integrity/setup.sh b/bin/tests/system/integrity/setup.sh new file mode 100644 index 0000000000..c69f051dbc --- /dev/null +++ b/bin/tests/system/integrity/setup.sh @@ -0,0 +1,13 @@ +#!/bin/sh +# +# Copyright (C) 2018 Internet Systems Consortium, Inc. ("ISC") +# +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +SYSTEMTESTTOP=.. +. $SYSTEMTESTTOP/conf.sh + +$SHELL clean.sh +copy_setports ns1/named.conf.in ns1/named.conf diff --git a/bin/tests/system/integrity/tests.sh b/bin/tests/system/integrity/tests.sh index 2c1e91c1a6..eac1f113de 100644 --- a/bin/tests/system/integrity/tests.sh +++ b/bin/tests/system/integrity/tests.sh @@ -9,116 +9,118 @@ SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh +DIGOPTS="-p ${PORT}" + status=0 n=1 -echo "I:check that 'check-integrity yes; check-mx-cname fail;' works ($n)" +echo_i "check that 'check-integrity yes; check-mx-cname fail;' works ($n)" ret=0 -$DIG -p 5300 @10.53.0.1 mx mx-cname-fail > dig.out.test$n || ret=1 +$DIG $DIGOPTS @10.53.0.1 mx mx-cname-fail > dig.out.test$n || ret=1 grep "status: SERVFAIL," dig.out.test$n > /dev/null || ret=1 grep "zone mx-cname-fail/IN: mx-cname-fail/MX 'cname.mx-cname-fail' is a CNAME (illegal)" ns1/named.run > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:check that 'check-integrity yes; check-mx-cname warn;' works ($n)" +echo_i "check that 'check-integrity yes; check-mx-cname warn;' works ($n)" ret=0 -$DIG -p 5300 @10.53.0.1 mx mx-cname-warn > dig.out.test$n || ret=1 +$DIG $DIGOPTS @10.53.0.1 mx mx-cname-warn > dig.out.test$n || ret=1 grep "status: NOERROR," dig.out.test$n > /dev/null || ret=1 grep "zone mx-cname-warn/IN: mx-cname-warn/MX 'cname.mx-cname-warn' is a CNAME (illegal)" ns1/named.run > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:check that 'check-integrity yes; check-mx-cname ignore;' works ($n)" +echo_i "check that 'check-integrity yes; check-mx-cname ignore;' works ($n)" ret=0 -$DIG -p 5300 @10.53.0.1 mx mx-cname-ignore > dig.out.test$n || ret=1 +$DIG $DIGOPTS @10.53.0.1 mx mx-cname-ignore > dig.out.test$n || ret=1 grep "status: NOERROR," dig.out.test$n > /dev/null || ret=1 grep "zone mx-cname-ignore/IN: mx-cname-ignore/MX 'cname.mx-cname-ignore' is a CNAME (illegal)" ns1/named.run > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:check that 'check-integrity no; check-mx-cname fail;' works ($n)" +echo_i "check that 'check-integrity no; check-mx-cname fail;' works ($n)" ret=0 -$DIG -p 5300 @10.53.0.1 mx no-mx-cname-fail > dig.out.test$n || ret=1 +$DIG $DIGOPTS @10.53.0.1 mx no-mx-cname-fail > dig.out.test$n || ret=1 grep "status: NOERROR," dig.out.test$n > /dev/null || ret=1 grep "zone no-mx-cname-fail/IN: no-mx-cname-fail/MX 'cname.no-mx-cname-fail' is a CNAME (illegal)" ns1/named.run > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:check that 'check-integrity no; check-mx-cname warn;' works ($n)" +echo_i "check that 'check-integrity no; check-mx-cname warn;' works ($n)" ret=0 -$DIG -p 5300 @10.53.0.1 mx no-mx-cname-warn > dig.out.test$n || ret=1 +$DIG $DIGOPTS @10.53.0.1 mx no-mx-cname-warn > dig.out.test$n || ret=1 grep "status: NOERROR," dig.out.test$n > /dev/null || ret=1 grep "zone no-mx-cname-warn/IN: no-mx-cname-warn/MX 'cname.no-mx-cname-warn' is a CNAME (illegal)" ns1/named.run > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:check that 'check-integrity no; check-mx-cname ignore;' works ($n)" +echo_i "check that 'check-integrity no; check-mx-cname ignore;' works ($n)" ret=0 -$DIG -p 5300 @10.53.0.1 mx no-mx-cname-ignore > dig.out.test$n || ret=1 +$DIG $DIGOPTS @10.53.0.1 mx no-mx-cname-ignore > dig.out.test$n || ret=1 grep "status: NOERROR," dig.out.test$n > /dev/null || ret=1 grep "zone no-mx-cname-ignore/IN: no-mx-cname-ignore/MX 'cname.no-mx-cname-ignore' is a CNAME (illegal)" ns1/named.run > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:check that 'check-integrity yes; check-srv-cname fail;' works ($n)" +echo_i "check that 'check-integrity yes; check-srv-cname fail;' works ($n)" ret=0 -$DIG -p 5300 @10.53.0.1 srv srv-cname-fail > dig.out.test$n || ret=1 +$DIG $DIGOPTS @10.53.0.1 srv srv-cname-fail > dig.out.test$n || ret=1 grep "status: SERVFAIL," dig.out.test$n > /dev/null || ret=1 grep "zone srv-cname-fail/IN: srv-cname-fail/SRV 'cname.srv-cname-fail' is a CNAME (illegal)" ns1/named.run > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:check that 'check-integrity yes; check-srv-cname warn;' works ($n)" +echo_i "check that 'check-integrity yes; check-srv-cname warn;' works ($n)" ret=0 -$DIG -p 5300 @10.53.0.1 srv srv-cname-warn > dig.out.test$n || ret=1 +$DIG $DIGOPTS @10.53.0.1 srv srv-cname-warn > dig.out.test$n || ret=1 grep "status: NOERROR," dig.out.test$n > /dev/null || ret=1 grep "zone srv-cname-warn/IN: srv-cname-warn/SRV 'cname.srv-cname-warn' is a CNAME (illegal)" ns1/named.run > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:check that 'check-integrity yes; check-srv-cname ignore;' works ($n)" +echo_i "check that 'check-integrity yes; check-srv-cname ignore;' works ($n)" ret=0 -$DIG -p 5300 @10.53.0.1 srv srv-cname-ignore > dig.out.test$n || ret=1 +$DIG $DIGOPTS @10.53.0.1 srv srv-cname-ignore > dig.out.test$n || ret=1 grep "status: NOERROR," dig.out.test$n > /dev/null || ret=1 grep "zone srv-cname-ignore/IN: srv-cname-ignore/SRV 'cname.srv-cname-ignore' is a CNAME (illegal)" ns1/named.run > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:check that 'check-integrity no; check-srv-cname fail;' works ($n)" +echo_i "check that 'check-integrity no; check-srv-cname fail;' works ($n)" ret=0 -$DIG -p 5300 @10.53.0.1 srv no-srv-cname-fail > dig.out.test$n || ret=1 +$DIG $DIGOPTS @10.53.0.1 srv no-srv-cname-fail > dig.out.test$n || ret=1 grep "status: NOERROR," dig.out.test$n > /dev/null || ret=1 grep "zone no-srv-cname-fail/IN: no-srv-cname-fail/SRV 'cname.no-srv-cname-fail' is a CNAME (illegal)" ns1/named.run > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:check that 'check-integrity no; check-srv-cname warn;' works ($n)" +echo_i "check that 'check-integrity no; check-srv-cname warn;' works ($n)" ret=0 -$DIG -p 5300 @10.53.0.1 srv no-srv-cname-warn > dig.out.test$n || ret=1 +$DIG $DIGOPTS @10.53.0.1 srv no-srv-cname-warn > dig.out.test$n || ret=1 grep "status: NOERROR," dig.out.test$n > /dev/null || ret=1 grep "zone no-srv-cname-warn/IN: no-srv-cname-warn/SRV 'cname.no-srv-cname-warn' is a CNAME (illegal)" ns1/named.run > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:check that 'check-integrity no; check-srv-cname ignore;' works ($n)" +echo_i "check that 'check-integrity no; check-srv-cname ignore;' works ($n)" ret=0 -$DIG -p 5300 @10.53.0.1 srv no-srv-cname-ignore > dig.out.test$n || ret=1 +$DIG $DIGOPTS @10.53.0.1 srv no-srv-cname-ignore > dig.out.test$n || ret=1 grep "status: NOERROR," dig.out.test$n > /dev/null || ret=1 grep "zone no-srv-cname-ignore/IN: no-srv-cname-ignore/SRV 'cname.no-srv-cname-ignore' is a CNAME (illegal)" ns1/named.run > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:exit status: $status" +echo_i "exit status: $status" test $status -eq 0 || exit 1 diff --git a/bin/tests/system/ixfr/clean.sh b/bin/tests/system/ixfr/clean.sh index 139a4596c8..d05798901e 100644 --- a/bin/tests/system/ixfr/clean.sh +++ b/bin/tests/system/ixfr/clean.sh @@ -6,12 +6,11 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -# $Id: clean.sh,v 1.10 2012/02/07 23:47:24 tbox Exp $ - -rm -f ns1/named.conf ns1/myftp.db +rm -f ns1/myftp.db rm -f ns3/*.jnl ns3/mytest.db ns3/subtest.db rm -f ns4/*.jnl ns4/*.db rm -f */named.memstats +rm -f */named.conf rm -f */named.run rm -f */ans.run rm -f dig.out dig.out1 dig.out2 dig.out3 diff --git a/bin/tests/system/ixfr/ns3/named.conf b/bin/tests/system/ixfr/ns3/named.conf.in similarity index 86% rename from bin/tests/system/ixfr/ns3/named.conf rename to bin/tests/system/ixfr/ns3/named.conf.in index c7fae8ced1..4dd73c3f27 100644 --- a/bin/tests/system/ixfr/ns3/named.conf +++ b/bin/tests/system/ixfr/ns3/named.conf.in @@ -6,14 +6,12 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.3 2011/09/07 23:46:27 tbox Exp $ */ - options { query-source address 10.53.0.3; notify-source 10.53.0.3; transfer-source 10.53.0.3; allow-transfer { any; }; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.3; }; listen-on-v6 { none; }; @@ -27,7 +25,7 @@ key rndc_key { }; controls { - inet 10.53.0.3 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.3 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; view "primary" { diff --git a/bin/tests/system/ixfr/ns4/named.conf b/bin/tests/system/ixfr/ns4/named.conf.in similarity index 86% rename from bin/tests/system/ixfr/ns4/named.conf rename to bin/tests/system/ixfr/ns4/named.conf.in index 7987fac810..848542c59e 100644 --- a/bin/tests/system/ixfr/ns4/named.conf +++ b/bin/tests/system/ixfr/ns4/named.conf.in @@ -6,13 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.3 2011/09/07 23:46:28 tbox Exp $ */ - options { query-source address 10.53.0.4; notify-source 10.53.0.4; transfer-source 10.53.0.4; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.4; }; listen-on-v6 { none; }; @@ -26,7 +24,7 @@ key rndc_key { }; controls { - inet 10.53.0.4 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.4 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; view "primary" { diff --git a/bin/tests/system/ixfr/prereq.sh b/bin/tests/system/ixfr/prereq.sh index 9610b33bf3..1091ea833d 100644 --- a/bin/tests/system/ixfr/prereq.sh +++ b/bin/tests/system/ixfr/prereq.sh @@ -10,6 +10,6 @@ if $PERL -e 'use Net::DNS;' 2>/dev/null then : else - echo "I:This test requires the Net::DNS library." >&2 + echo_i "This test requires the Net::DNS library." >&2 exit 1 fi diff --git a/bin/tests/system/ixfr/setup.sh b/bin/tests/system/ixfr/setup.sh index a6eb686899..44c0b53a7d 100644 --- a/bin/tests/system/ixfr/setup.sh +++ b/bin/tests/system/ixfr/setup.sh @@ -16,7 +16,7 @@ options { query-source address 10.53.0.1; notify-source 10.53.0.1; transfer-source 10.53.0.1; - port 5300; + port ${PORT}; pid-file "named.pid"; listen-on { 10.53.0.1; }; listen-on-v6 { none; }; @@ -30,10 +30,13 @@ key rndc_key { }; controls { - inet 10.53.0.1 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.1 port ${CONTROLPORT} allow { any; } keys { rndc_key; }; }; EOF +copy_setports ns3/named.conf.in ns3/named.conf +copy_setports ns4/named.conf.in ns4/named.conf + # Setup initial db files for ns3 cp ns3/mytest0.db ns3/mytest.db cp ns3/subtest0.db ns3/subtest.db diff --git a/bin/tests/system/ixfr/tests.sh b/bin/tests/system/ixfr/tests.sh index 0477f248d3..91dbc51b6a 100644 --- a/bin/tests/system/ixfr/tests.sh +++ b/bin/tests/system/ixfr/tests.sh @@ -6,8 +6,6 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -# $Id: tests.sh,v 1.11 2012/02/22 14:22:54 marka Exp $ - # WARNING: The test labelled "testing request-ixfr option in view vs zone" # is fragile because it depends upon counting instances of records @@ -19,12 +17,11 @@ SYSTEMTESTTOP=.. status=0 -DIGOPTS="+tcp +noadd +nosea +nostat +noquest +nocomm +nocmd" -DIGCMD="$DIG $DIGOPTS @10.53.0.1 -p 5300" -SENDCMD="$PERL ../send.pl 10.53.0.2 5301" -RNDCCMD="$RNDC -s 10.53.0.1 -p 9953 -c ../common/rndc.conf" +DIGOPTS="+tcp +noadd +nosea +nostat +noquest +nocomm +nocmd -p ${PORT}" +SENDCMD="$PERL ../send.pl 10.53.0.2 ${EXTRAPORT1}" +RNDCCMD="$RNDC -p ${CONTROLPORT} -c ../common/rndc.conf -s" -echo "I:testing initial AXFR" +echo_i "testing initial AXFR" $SENDCMD < dig.out + $DIG $DIGOPTS @10.53.0.1 nil. SOA > dig.out grep "SOA" dig.out > /dev/null && break sleep 1 done -$DIGCMD nil. TXT | grep 'initial AXFR' >/dev/null || { - echo "I:failed" +$DIG $DIGOPTS @10.53.0.1 nil. TXT | grep 'initial AXFR' >/dev/null || { + echo_i "failed" status=1 } -echo "I:testing successful IXFR" +echo_i "testing successful IXFR" # We change the IP address of a.nil., and the TXT record at the apex. # Then we do a SOA-only update. @@ -91,16 +88,16 @@ EOF sleep 1 -$RNDCCMD refresh nil +$RNDCCMD 10.53.0.1 refresh nil sleep 2 -$DIGCMD nil. TXT | grep 'successful IXFR' >/dev/null || { - echo "I:failed" +$DIG $DIGOPTS @10.53.0.1 nil. TXT | grep 'successful IXFR' >/dev/null || { + echo_i "failed" status=1 } -echo "I:testing AXFR fallback after IXFR failure" +echo_i "testing AXFR fallback after IXFR failure" # Provide a broken IXFR response and a working fallback AXFR response @@ -125,34 +122,34 @@ EOF sleep 1 -$RNDCCMD refresh nil +$RNDCCMD 10.53.0.1 refresh nil sleep 2 -$DIGCMD nil. TXT | grep 'fallback AXFR' >/dev/null || { - echo "I:failed" +$DIG $DIGOPTS @10.53.0.1 nil. TXT | grep 'fallback AXFR' >/dev/null || { + echo_i "failed" status=1 } -echo "I:testing ixfr-from-differences option" -# ns3 is master; ns4 is slave +echo_i "testing ixfr-from-differences option" +# ns3 is master; ns4 is slave $CHECKZONE test. ns3/mytest.db > /dev/null 2>&1 if [ $? -ne 0 ] then - echo "I:named-checkzone returned failure on ns3/mytest.db" + echo_i "named-checkzone returned failure on ns3/mytest.db" fi # modify the master -#echo "I: digging against master: " -#$DIG $DIGOPTS @10.53.0.3 -p 5300 a host1.test. -#echo "I: digging against slave: " -#$DIG $DIGOPTS @10.53.0.4 -p 5300 a host1.test. +#echo_i "digging against master: " +#$DIG $DIGOPTS @10.53.0.3 a host1.test. +#echo_i "digging against slave: " +#$DIG $DIGOPTS @10.53.0.4 a host1.test. cp ns3/mytest1.db ns3/mytest.db -$RNDC -s 10.53.0.3 -p 9953 -c ../common/rndc.conf reload +$RNDCCMD 10.53.0.3 reload for i in 0 1 2 3 4 5 6 7 8 9 do - $DIG +tcp -p 5300 @10.53.0.4 SOA test > dig.out + $DIG $DIGOPTS +tcp @10.53.0.4 SOA test > dig.out grep -i "hostmaster\.test\..2" dig.out > /dev/null && break sleep 1 done @@ -167,28 +164,28 @@ do done if [ $INCR -ne 1 ] then - echo "I:failed to get incremental response" + echo_i "failed to get incremental response" status=1 fi -echo "I:testing request-ixfr option in view vs zone" +echo_i "testing request-ixfr option in view vs zone" # There's a view with 2 zones. In the view, "request-ixfr yes" # but in the zone "sub.test", request-ixfr no" # we want to make sure that a change to sub.test results in AXFR, while # changes to test. result in IXFR -echo "I: this result should be AXFR" +echo_i " this result should be AXFR" cp ns3/subtest1.db ns3/subtest.db # change to sub.test zone, should be AXFR -$RNDC -s 10.53.0.3 -p 9953 -c ../common/rndc.conf reload +$RNDCCMD 10.53.0.3 reload for i in 0 1 2 3 4 5 6 7 8 9 do - $DIG +tcp -p 5300 @10.53.0.4 SOA sub.test > dig.out + $DIG $DIGOPTS +tcp @10.53.0.4 SOA sub.test > dig.out grep -i "hostmaster\.test\..3" dig.out > /dev/null && break sleep 1 done -echo "I: this result should be AXFR" +echo_i " this result should be AXFR" for i in 0 1 2 3 4 5 6 7 8 9 do NONINCR=`grep 'sub\.test/IN/primary' ns4/named.run|grep "got nonincremental" | wc -l` @@ -197,19 +194,19 @@ do done if [ $NONINCR -ne 2 ] then - echo "I:failed to get nonincremental response in 2nd AXFR test" + echo_i "failed to get nonincremental response in 2nd AXFR test" status=1 else - echo "I: success: AXFR it was" + echo_i " success: AXFR it was" fi -echo "I: this result should be IXFR" +echo_i " this result should be IXFR" cp ns3/mytest2.db ns3/mytest.db # change to test zone, should be IXFR -$RNDC -s 10.53.0.3 -p 9953 -c ../common/rndc.conf reload +$RNDCCMD 10.53.0.3 reload for i in 0 1 2 3 4 5 6 7 8 9 do - $DIG +tcp -p 5300 @10.53.0.4 SOA test > dig.out + $DIG $DIGOPTS +tcp @10.53.0.4 SOA test > dig.out grep -i "hostmaster\.test\..4" dig.out > /dev/null && break sleep 1 done @@ -222,39 +219,39 @@ do done if [ $INCR -ne 2 ] then - echo "I:failed to get incremental response in 2nd IXFR test" + echo_i "failed to get incremental response in 2nd IXFR test" status=1 else - echo "I: success: IXFR it was" + echo_i " success: IXFR it was" fi -echo "I:testing DiG's handling of a multi message AXFR style IXFR response" +echo_i "testing DiG's handling of a multi message AXFR style IXFR response" ( (sleep 10 && kill $$) 2>/dev/null & sub=$! -$DIG ixfr=0 large -p 5300 @10.53.0.3 > dig.out +$DIG -p ${PORT} ixfr=0 large @10.53.0.3 > dig.out kill $sub ) lines=`grep hostmaster.large dig.out | wc -l` -test ${lines:-0} -eq 2 || { echo "I:failed"; status=1; } +test ${lines:-0} -eq 2 || { echo_i "failed"; status=1; } messages=`sed -n 's/^;;.*messages \([0-9]*\),.*/\1/p' dig.out` -test ${messages:-0} -gt 1 || { echo "I:failed"; status=1; } +test ${messages:-0} -gt 1 || { echo_i "failed"; status=1; } -echo "I:test 'dig +notcp ixfr=' vs 'dig ixfr= +notcp' vs 'dig ixfr='" +echo_i "test 'dig +notcp ixfr=' vs 'dig ixfr= +notcp' vs 'dig ixfr='" ret=0 # Should be "switch to TCP" response -$DIG +notcp ixfr=1 test -p 5300 @10.53.0.4 > dig.out1 || ret=1 -$DIG ixfr=1 +notcp test -p 5300 @10.53.0.4 > dig.out2 || ret=1 +$DIG $DIGOPTS +notcp ixfr=1 test @10.53.0.4 > dig.out1 || ret=1 +$DIG $DIGOPTS ixfr=1 +notcp test @10.53.0.4 > dig.out2 || ret=1 $PERL ../digcomp.pl dig.out1 dig.out2 || ret=1 awk '$4 == "SOA" { soacnt++} END {if (soacnt == 1) exit(0); else exit(1);}' dig.out1 || ret=1 awk '$4 == "SOA" { if ($7 == 4) exit(0); else exit(1);}' dig.out1 || ret=1 # Should be incremental transfer. -$DIG ixfr=1 test -p 5300 @10.53.0.4 > dig.out3 || ret=1 +$DIG $DIGOPTS ixfr=1 test @10.53.0.4 > dig.out3 || ret=1 awk '$4 == "SOA" { soacnt++} END { if (soacnt == 6) exit(0); else exit(1);}' dig.out3 || ret=1 if [ ${ret} != 0 ]; then - echo "I:failed"; + echo_i "failed"; status=1; fi -echo "I:exit status: $status" +echo_i "exit status: $status" [ $status -eq 0 ] || exit 1 diff --git a/bin/tests/system/keepalive/clean.sh b/bin/tests/system/keepalive/clean.sh index 06637d06d9..86b1b38852 100644 --- a/bin/tests/system/keepalive/clean.sh +++ b/bin/tests/system/keepalive/clean.sh @@ -8,5 +8,6 @@ rm -f dig.out.* rm -f output rm -f ns*/named.memstats rm -f ns*/named.run +rm -f ns*/named.conf rm -f ns*/named.stats rm -f ns*/named.lock diff --git a/bin/tests/system/padding/ns1/named.conf b/bin/tests/system/keepalive/ns1/named.conf.in similarity index 85% rename from bin/tests/system/padding/ns1/named.conf rename to bin/tests/system/keepalive/ns1/named.conf.in index f1ba08caa7..3925fdba40 100644 --- a/bin/tests/system/padding/ns1/named.conf +++ b/bin/tests/system/keepalive/ns1/named.conf.in @@ -6,13 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -controls { /* empty */ }; - options { query-source address 10.53.0.1; notify-source 10.53.0.1; transfer-source 10.53.0.1; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.1; }; listen-on-v6 { none; }; @@ -26,7 +24,7 @@ key rndc_key { }; controls { - inet 10.53.0.1 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.1 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; zone "." { diff --git a/bin/tests/system/keepalive/ns2/named.conf b/bin/tests/system/keepalive/ns2/named.conf.in similarity index 89% rename from bin/tests/system/keepalive/ns2/named.conf rename to bin/tests/system/keepalive/ns2/named.conf.in index 5c2948a8ec..da8860bddb 100644 --- a/bin/tests/system/keepalive/ns2/named.conf +++ b/bin/tests/system/keepalive/ns2/named.conf.in @@ -12,14 +12,14 @@ key rndc_key { }; controls { - inet 10.53.0.2 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; options { query-source address 10.53.0.2; notify-source 10.53.0.2; transfer-source 10.53.0.2; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.2; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/keepalive/ns3/named.conf b/bin/tests/system/keepalive/ns3/named.conf.in similarity index 87% rename from bin/tests/system/keepalive/ns3/named.conf rename to bin/tests/system/keepalive/ns3/named.conf.in index 18283942db..4f0d80607b 100644 --- a/bin/tests/system/keepalive/ns3/named.conf +++ b/bin/tests/system/keepalive/ns3/named.conf.in @@ -6,13 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -controls { /* empty */ }; - options { query-source address 10.53.0.3; notify-source 10.53.0.3; transfer-source 10.53.0.3; - port 5300; + port @PORT@; directory "."; pid-file "named.pid"; listen-on { 10.53.0.3; }; @@ -32,7 +30,7 @@ key rndc_key { }; controls { - inet 10.53.0.3 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.3 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; zone "." { diff --git a/bin/tests/system/keepalive/setup.sh b/bin/tests/system/keepalive/setup.sh index 25cb9a6979..f8ef06b98b 100644 --- a/bin/tests/system/keepalive/setup.sh +++ b/bin/tests/system/keepalive/setup.sh @@ -11,4 +11,8 @@ SYSTEMTESTTOP=.. $SHELL clean.sh +copy_setports ns1/named.conf.in ns1/named.conf +copy_setports ns2/named.conf.in ns2/named.conf +copy_setports ns3/named.conf.in ns3/named.conf + test -r $RANDFILE || $GENRANDOM 800 $RANDFILE diff --git a/bin/tests/system/keepalive/tests.sh b/bin/tests/system/keepalive/tests.sh index cb9268235e..82299cef30 100644 --- a/bin/tests/system/keepalive/tests.sh +++ b/bin/tests/system/keepalive/tests.sh @@ -9,84 +9,85 @@ SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh -RNDCCMD="$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953" +DIGOPTS="-p ${PORT}" +RNDCCMD="$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p ${CONTROLPORT}" n=0 status=0 -echo "I:checking that dig handles TCP keepalive ($n)" +echo_i "checking that dig handles TCP keepalive ($n)" ret=0 n=`expr $n + 1` -$DIG +qr +keepalive foo.example @10.53.0.2 -p 5300 > dig.out.test$n +$DIG $DIGOPTS +qr +keepalive foo.example @10.53.0.2 > dig.out.test$n grep "; TCP KEEPALIVE" dig.out.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking that dig added TCP keepalive ($n)" +echo_i "checking that dig added TCP keepalive ($n)" ret=0 n=`expr $n + 1` $RNDCCMD stats grep "EDNS TCP keepalive option received" ns2/named.stats > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking that TCP keepalive is added for TCP responses ($n)" +echo_i "checking that TCP keepalive is added for TCP responses ($n)" ret=0 n=`expr $n + 1` -$DIG +vc +keepalive foo.example @10.53.0.2 -p 5300 > dig.out.test$n +$DIG $DIGOPTS +vc +keepalive foo.example @10.53.0.2 > dig.out.test$n grep "; TCP KEEPALIVE" dig.out.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking that TCP keepalive requires TCP ($n)" +echo_i "checking that TCP keepalive requires TCP ($n)" ret=0 n=`expr $n + 1` -$DIG +keepalive foo.example @10.53.0.2 -p 5300 > dig.out.test$n +$DIG $DIGOPTS +keepalive foo.example @10.53.0.2 > dig.out.test$n grep "; TCP KEEPALIVE" dig.out.test$n > /dev/null && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking default value ($n)" +echo_i "checking default value ($n)" ret=0 n=`expr $n + 1` -$DIG +vc +keepalive foo.example @10.53.0.3 -p 5300 > dig.out.test$n +$DIG $DIGOPTS +vc +keepalive foo.example @10.53.0.3 > dig.out.test$n grep "; TCP KEEPALIVE: 30.0 secs" dig.out.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking configured value ($n)" +echo_i "checking configured value ($n)" ret=0 n=`expr $n + 1` -$DIG +vc +keepalive foo.example @10.53.0.2 -p 5300 > dig.out.test$n +$DIG $DIGOPTS +vc +keepalive foo.example @10.53.0.2 > dig.out.test$n grep "; TCP KEEPALIVE: 15.0 secs" dig.out.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking re-configured value ($n)" +echo_i "checking re-configured value ($n)" ret=0 n=`expr $n + 1` $RNDCCMD tcp-timeouts 300 300 300 200 > output diff -b output expected || ret=1 -$DIG +vc +keepalive foo.example @10.53.0.2 -p 5300 > dig.out.test$n +$DIG $DIGOPTS +vc +keepalive foo.example @10.53.0.2 > dig.out.test$n grep "; TCP KEEPALIVE: 20.0 secs" dig.out.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking server config entry ($n)" +echo_i "checking server config entry ($n)" ret=0 n=`expr $n + 1` $RNDCCMD stats oka=`grep "EDNS TCP keepalive option received" ns2/named.stats | \ tail -1 | awk '{ print $1}'` -$DIG bar.example @10.53.0.3 -p 5300 > dig.out.test$n +$DIG $DIGOPTS bar.example @10.53.0.3 > dig.out.test$n $RNDCCMD stats nka=`grep "EDNS TCP keepalive option received" ns2/named.stats | \ tail -1 | awk '{ print $1}'` #echo oka ':' $oka #echo nka ':' $nka if [ "$oka" -eq "$nka" ]; then ret=1; fi -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:exit status: $status" +echo_i "exit status: $status" [ $status -eq 0 ] || exit 1 diff --git a/bin/tests/system/keymgr/prereq.sh b/bin/tests/system/keymgr/prereq.sh index dd6d92ef28..673708b806 100644 --- a/bin/tests/system/keymgr/prereq.sh +++ b/bin/tests/system/keymgr/prereq.sh @@ -1,6 +1,6 @@ #!/bin/sh # -# Copyright (C) 2016 Internet Systems Consortium, Inc. ("ISC") +# Copyright (C) 2018 Internet Systems Consortium, Inc. ("ISC") # # This Source Code Form is subject to the terms of the Mozilla Public # License, v. 2.0. If a copy of the MPL was not distributed with this diff --git a/bin/tests/system/keymgr/setup.sh b/bin/tests/system/keymgr/setup.sh index 32771046ae..2faa29a0db 100644 --- a/bin/tests/system/keymgr/setup.sh +++ b/bin/tests/system/keymgr/setup.sh @@ -15,7 +15,7 @@ $SHELL clean.sh # Test 1: KSK goes inactive before successor is active dir=01-ksk-inactive -echo I:set up $dir +echo_i "set up $dir" rm -f $dir/K*.key rm -f $dir/K*.private ksk1=`$KEYGEN -K $dir -a rsasha1 -3fk example.com` @@ -26,7 +26,7 @@ zsk1=`$KEYGEN -K $dir -a rsasha1 -3 example.com` # Test 2: ZSK goes inactive before successor is active dir=02-zsk-inactive -echo I:set up $dir +echo_i "set up $dir" rm -f $dir/K*.key rm -f $dir/K*.private zsk1=`$KEYGEN -K $dir -a rsasha1 -3 example.com` @@ -37,7 +37,7 @@ ksk1=`$KEYGEN -K $dir -a rsasha1 -3fk example.com` # Test 3: KSK is unpublished before its successor is published dir=03-ksk-unpublished -echo I:set up $dir +echo_i "set up $dir" rm -f $dir/K*.key rm -f $dir/K*.private ksk1=`$KEYGEN -K $dir -a rsasha1 -3fk example.com` @@ -48,7 +48,7 @@ zsk1=`$KEYGEN -K $dir -a rsasha1 -3 example.com` # Test 4: ZSK is unpublished before its successor is published dir=04-zsk-unpublished -echo I:set up $dir +echo_i "set up $dir" rm -f $dir/K*.key rm -f $dir/K*.private zsk1=`$KEYGEN -K $dir -a rsasha1 -3 example.com` @@ -60,7 +60,7 @@ ksk1=`$KEYGEN -K $dir -a rsasha1 -3fk example.com` # Test 5: KSK deleted and successor published before KSK is deactivated # and successor activated. dir=05-ksk-unpub-active -echo I:set up $dir +echo_i "set up $dir" rm -f $dir/K*.key rm -f $dir/K*.private ksk1=`$KEYGEN -K $dir -a rsasha1 -3fk example.com` @@ -71,7 +71,7 @@ zsk1=`$KEYGEN -K $dir -a rsasha1 -3 example.com` # Test 6: ZSK deleted and successor published before ZSK is deactivated # and successor activated. dir=06-zsk-unpub-active -echo I:set up $dir +echo_i "set up $dir" rm -f $dir/K*.key rm -f $dir/K*.private zsk1=`$KEYGEN -K $dir -a rsasha1 -3 example.com` @@ -81,7 +81,7 @@ ksk1=`$KEYGEN -K $dir -a rsasha1 -3fk example.com` # Test 7: KSK rolled with insufficient delay after prepublication. dir=07-ksk-ttl -echo I:set up $dir +echo_i "set up $dir" rm -f $dir/K*.key rm -f $dir/K*.private ksk1=`$KEYGEN -K $dir -a rsasha1 -3fk example.com` @@ -92,7 +92,7 @@ zsk1=`$KEYGEN -K $dir -a rsasha1 -3 example.com` # Test 8: ZSK rolled with insufficient delay after prepublication. dir=08-zsk-ttl -echo I:set up $dir +echo_i "set up $dir" rm -f $dir/K*.key rm -f $dir/K*.private zsk1=`$KEYGEN -K $dir -a rsasha1 -3 example.com` @@ -108,7 +108,7 @@ rm -f $dir/K*.private # Test 10: Valid key set, but rollover period has changed dir=10-change-roll -echo I:set up $dir +echo_i "set up $dir" rm -f $dir/K*.key rm -f $dir/K*.private ksk1=`$KEYGEN -K $dir -a rsasha1 -3fk example.com` @@ -118,7 +118,7 @@ zsk2=`$KEYGEN -K $dir -S $zsk1` # Test 11: Many keys all simultaneously scheduled to be active in the future dir=11-many-simul -echo I:set up $dir +echo_i "set up $dir" rm -f $dir/K*.key rm -f $dir/K*.private k1=`$KEYGEN -K $dir -a rsasha1 -q3fk -P now+1mo -A now+1mo example.com` @@ -129,7 +129,7 @@ z4=`$KEYGEN -K $dir -a rsasha1 -q3 -P now+1mo -A now+1mo example.com` # Test 12: Many keys all simultaneously scheduled to be active in the past dir=12-many-active -echo I:set up $dir +echo_i "set up $dir" rm -f $dir/K*.key rm -f $dir/K*.private k1=`$KEYGEN -K $dir -a rsasha1 -q3fk example.com` @@ -140,7 +140,7 @@ z4=`$KEYGEN -K $dir -a rsasha1 -q3 example.com` # Test 13: Multiple simultaneous keys with no configured roll period dir=13-noroll -echo I:set up $dir +echo_i "set up $dir" rm -f $dir/K*.key rm -f $dir/K*.private k1=`$KEYGEN -K $dir -a rsasha1 -q3fk example.com` @@ -150,7 +150,7 @@ z1=`$KEYGEN -K $dir -a rsasha1 -q3 example.com` # Test 14: Keys exist but have the wrong algorithm dir=14-wrongalg -echo I:set up $dir +echo_i "set up $dir" rm -f $dir/K*.key rm -f $dir/K*.private k1=`$KEYGEN -K $dir -a rsasha1 -qfk example.com` @@ -164,7 +164,7 @@ z4=`$KEYGEN -K $dir -q -S ${z3}.key` # Test 15: No zones specified; just search the directory for keys dir=15-unspec -echo I:set up $dir +echo_i "set up $dir" rm -f $dir/K*.key rm -f $dir/K*.private k1=`$KEYGEN -K $dir -a rsasha1 -q3fk example.com` @@ -179,7 +179,7 @@ z4=`$KEYGEN -K $dir -q -S ${z3}.key` # Test 16: No zones specified; search the directory for keys; # keys have the wrong algorithm for their policies dir=16-wrongalg-unspec -echo I:set up $dir +echo_i "set up $dir" rm -f $dir/K*.key rm -f $dir/K*.private k1=`$KEYGEN -K $dir -a rsasha1 -qfk example.com` @@ -194,7 +194,7 @@ z4=`$KEYGEN -K $dir -q -S ${z3}.key` # Test 17: Keys are simultaneously active but we run with no force # flag (this should fail) dir=17-noforce -echo I:set up $dir +echo_i "set up $dir" rm -f $dir/K*.key rm -f $dir/K*.private k1=`$KEYGEN -K $dir -a rsasha1 -q3fk example.com` @@ -205,7 +205,7 @@ z4=`$KEYGEN -K $dir -a rsasha1 -q3 example.com` # Test 18: Prepublication interval is set to a nonstandard value dir=18-nonstd-prepub -echo I:set up $dir +echo_i "set up $dir" rm -f $dir/K*.key rm -f $dir/K*.private ksk1=`$KEYGEN -K $dir -a rsasha1 -3fk example.com` diff --git a/bin/tests/system/keymgr/tests.sh b/bin/tests/system/keymgr/tests.sh index b15fc025b2..c5192a5628 100644 --- a/bin/tests/system/keymgr/tests.sh +++ b/bin/tests/system/keymgr/tests.sh @@ -22,11 +22,11 @@ matchall () { done } -echo "I:checking for DNSSEC key coverage issues" +echo_i "checking for DNSSEC key coverage issues" ret=0 for dir in [0-9][0-9]-*; do ret=0 - echo "I:$dir ($n)" + echo_i "$dir ($n)" kargs= cargs= kmatch= cmatch= kret= cret=0 warn= error= ok= . $dir/expect @@ -91,18 +91,18 @@ for dir in [0-9][0-9]-*; do fi n=`expr $n + 1` - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` done -echo "I:checking policy.conf parser ($n)" +echo_i "checking policy.conf parser ($n)" ret=0 ${PYTHON} testpolicy.py policy.sample > policy.out $DOS2UNIX policy.out > /dev/null cmp -s policy.good policy.out || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:exit status: $status" +echo_i "exit status: $status" [ $status -eq 0 ] || exit 1 diff --git a/bin/tests/system/legacy/clean.sh b/bin/tests/system/legacy/clean.sh index 59f40a34b3..a711c9b62a 100644 --- a/bin/tests/system/legacy/clean.sh +++ b/bin/tests/system/legacy/clean.sh @@ -5,7 +5,7 @@ # file, You can obtain one at http://mozilla.org/MPL/2.0/. rm -f dig.out.* -rm -f ns1/named.conf +rm -f ns?/named.conf rm -f ns?/named.memstats rm -f ns?/named.run rm -f ns*/named.lock diff --git a/bin/tests/system/legacy/ns1/named1.conf b/bin/tests/system/legacy/ns1/named1.conf.in similarity index 93% rename from bin/tests/system/legacy/ns1/named1.conf rename to bin/tests/system/legacy/ns1/named1.conf.in index 7ec5328057..6cf0e5f333 100644 --- a/bin/tests/system/legacy/ns1/named1.conf +++ b/bin/tests/system/legacy/ns1/named1.conf.in @@ -6,13 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -controls { /* empty */ }; - options { query-source address 10.53.0.1; notify-source 10.53.0.1; transfer-source 10.53.0.1; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.1; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/legacy/ns1/named2.conf b/bin/tests/system/legacy/ns1/named2.conf.in similarity index 93% rename from bin/tests/system/legacy/ns1/named2.conf rename to bin/tests/system/legacy/ns1/named2.conf.in index 3f1c9c96ac..8c150287ab 100644 --- a/bin/tests/system/legacy/ns1/named2.conf +++ b/bin/tests/system/legacy/ns1/named2.conf.in @@ -6,13 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -controls { /* empty */ }; - options { query-source address 10.53.0.1; notify-source 10.53.0.1; transfer-source 10.53.0.1; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.1; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/legacy/ns2/named.conf b/bin/tests/system/legacy/ns2/named.conf.in similarity index 93% rename from bin/tests/system/legacy/ns2/named.conf rename to bin/tests/system/legacy/ns2/named.conf.in index 9c983bbff5..a3823b0505 100644 --- a/bin/tests/system/legacy/ns2/named.conf +++ b/bin/tests/system/legacy/ns2/named.conf.in @@ -6,13 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -controls { /* empty */ }; - options { query-source address 10.53.0.2; notify-source 10.53.0.2; transfer-source 10.53.0.2; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.2; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/legacy/ns3/named.conf b/bin/tests/system/legacy/ns3/named.conf.in similarity index 93% rename from bin/tests/system/legacy/ns3/named.conf rename to bin/tests/system/legacy/ns3/named.conf.in index 16c436447e..cb319c3eff 100644 --- a/bin/tests/system/legacy/ns3/named.conf +++ b/bin/tests/system/legacy/ns3/named.conf.in @@ -6,13 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -controls { /* empty */ }; - options { query-source address 10.53.0.3; notify-source 10.53.0.3; transfer-source 10.53.0.3; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.3; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/legacy/ns4/named.conf b/bin/tests/system/legacy/ns4/named.conf.in similarity index 93% rename from bin/tests/system/legacy/ns4/named.conf rename to bin/tests/system/legacy/ns4/named.conf.in index 1c1c4c534c..8285ea033d 100644 --- a/bin/tests/system/legacy/ns4/named.conf +++ b/bin/tests/system/legacy/ns4/named.conf.in @@ -6,13 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -controls { /* empty */ }; - options { query-source address 10.53.0.4; notify-source 10.53.0.4; transfer-source 10.53.0.4; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.4; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/legacy/ns5/named.conf b/bin/tests/system/legacy/ns5/named.conf.in similarity index 93% rename from bin/tests/system/legacy/ns5/named.conf rename to bin/tests/system/legacy/ns5/named.conf.in index 3965f3a2c7..99d7b31704 100644 --- a/bin/tests/system/legacy/ns5/named.conf +++ b/bin/tests/system/legacy/ns5/named.conf.in @@ -6,13 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -controls { /* empty */ }; - options { query-source address 10.53.0.5; notify-source 10.53.0.5; transfer-source 10.53.0.5; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.5; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/legacy/ns6/named.conf b/bin/tests/system/legacy/ns6/named.conf.in similarity index 93% rename from bin/tests/system/legacy/ns6/named.conf rename to bin/tests/system/legacy/ns6/named.conf.in index 71e91b5793..7a095e3cc8 100644 --- a/bin/tests/system/legacy/ns6/named.conf +++ b/bin/tests/system/legacy/ns6/named.conf.in @@ -6,13 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -controls { /* empty */ }; - options { query-source address 10.53.0.6; notify-source 10.53.0.6; transfer-source 10.53.0.6; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.6; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/legacy/ns6/sign.sh b/bin/tests/system/legacy/ns6/sign.sh index f12b089fb7..212243b772 100755 --- a/bin/tests/system/legacy/ns6/sign.sh +++ b/bin/tests/system/legacy/ns6/sign.sh @@ -9,7 +9,7 @@ SYSTEMTESTTOP=../.. . $SYSTEMTESTTOP/conf.sh -echo "I:sign edns512" +echo_i "sign edns512" zone=edns512 infile=edns512.db.in diff --git a/bin/tests/system/legacy/ns7/named.conf b/bin/tests/system/legacy/ns7/named.conf.in similarity index 93% rename from bin/tests/system/legacy/ns7/named.conf rename to bin/tests/system/legacy/ns7/named.conf.in index bc9cd24acd..6c3b53d425 100644 --- a/bin/tests/system/legacy/ns7/named.conf +++ b/bin/tests/system/legacy/ns7/named.conf.in @@ -6,13 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -controls { /* empty */ }; - options { query-source address 10.53.0.7; notify-source 10.53.0.7; transfer-source 10.53.0.7; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.7; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/legacy/ns7/sign.sh b/bin/tests/system/legacy/ns7/sign.sh index e9635491ac..63507f2fac 100755 --- a/bin/tests/system/legacy/ns7/sign.sh +++ b/bin/tests/system/legacy/ns7/sign.sh @@ -9,7 +9,7 @@ SYSTEMTESTTOP=../.. . $SYSTEMTESTTOP/conf.sh -echo "I:sign edns512-notcp" +echo_i "sign edns512-notcp" zone=edns512-notcp infile=edns512-notcp.db.in diff --git a/bin/tests/system/legacy/setup.sh b/bin/tests/system/legacy/setup.sh index bf57e5c6d5..8a2c961f14 100644 --- a/bin/tests/system/legacy/setup.sh +++ b/bin/tests/system/legacy/setup.sh @@ -1,6 +1,6 @@ #!/bin/sh # -# Copyright (C) 2014, 2016 Internet Systems Consortium, Inc. ("ISC") +# Copyright (C) 2018 Internet Systems Consortium, Inc. ("ISC") # # This Source Code Form is subject to the terms of the Mozilla Public # License, v. 2.0. If a copy of the MPL was not distributed with this @@ -9,4 +9,13 @@ SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh -cp -f ns1/named1.conf ns1/named.conf +$SHELL clean.sh + +copy_setports ns1/named1.conf.in ns1/named.conf + +copy_setports ns2/named.conf.in ns2/named.conf +copy_setports ns3/named.conf.in ns3/named.conf +copy_setports ns4/named.conf.in ns4/named.conf +copy_setports ns5/named.conf.in ns5/named.conf +copy_setports ns6/named.conf.in ns6/named.conf +copy_setports ns7/named.conf.in ns7/named.conf diff --git a/bin/tests/system/legacy/tests.sh b/bin/tests/system/legacy/tests.sh index 3dd6bda79d..fa042ef48c 100755 --- a/bin/tests/system/legacy/tests.sh +++ b/bin/tests/system/legacy/tests.sh @@ -6,159 +6,158 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -# $Id$ - SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh +DIGOPTS="-p ${PORT}" + status=0 n=0 n=`expr $n + 1` -echo "I:checking drop edns server setup ($n)" +echo_i "checking drop edns server setup ($n)" ret=0 -$DIG +edns @10.53.0.2 -p 5300 dropedns soa > dig.out.1.test$n +$DIG $DIGOPTS +edns @10.53.0.2 dropedns soa > dig.out.1.test$n grep "connection timed out; no servers could be reached" dig.out.1.test$n > /dev/null || ret=1 -$DIG +noedns @10.53.0.2 -p 5300 dropedns soa > dig.out.2.test$n || ret=1 +$DIG $DIGOPTS +noedns @10.53.0.2 dropedns soa > dig.out.2.test$n || ret=1 grep "status: NOERROR" dig.out.2.test$n > /dev/null || ret=1 grep "EDNS: version:" dig.out.2.test$n > /dev/null && ret=1 -$DIG +noedns +tcp @10.53.0.2 -p 5300 dropedns soa > dig.out.3.test$n || ret=1 +$DIG $DIGOPTS +noedns +tcp @10.53.0.2 dropedns soa > dig.out.3.test$n || ret=1 grep "status: NOERROR" dig.out.3.test$n > /dev/null || ret=1 grep "EDNS: version:" dig.out.3.test$n > /dev/null && ret=1 -$DIG +edns +tcp @10.53.0.2 -p 5300 dropedns soa > dig.out.4.test$n +$DIG $DIGOPTS +edns +tcp @10.53.0.2 dropedns soa > dig.out.4.test$n grep "connection timed out; no servers could be reached" dig.out.4.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking recursive lookup to drop edns server succeeds ($n)" +echo_i "checking recursive lookup to drop edns server succeeds ($n)" ret=0 -$DIG +tcp @10.53.0.1 -p 5300 dropedns soa > dig.out.test$n || ret=1 +$DIG $DIGOPTS +tcp @10.53.0.1 dropedns soa > dig.out.test$n || ret=1 grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking drop edns + no tcp server setup ($n)" +echo_i "checking drop edns + no tcp server setup ($n)" ret=0 -$DIG +edns @10.53.0.3 -p 5300 dropedns-notcp soa > dig.out.1.test$n +$DIG $DIGOPTS +edns @10.53.0.3 dropedns-notcp soa > dig.out.1.test$n grep "connection timed out; no servers could be reached" dig.out.1.test$n > /dev/null || ret=1 -$DIG +noedns +tcp @10.53.0.3 -p 5300 dropedns-notcp soa > dig.out.2.test$n +$DIG $DIGOPTS +noedns +tcp @10.53.0.3 dropedns-notcp soa > dig.out.2.test$n grep "connection timed out; no servers could be reached" dig.out.2.test$n > /dev/null -$DIG +noedns @10.53.0.3 -p 5300 dropedns-notcp soa > dig.out.3.test$n || ret=1 +$DIG $DIGOPTS +noedns @10.53.0.3 dropedns-notcp soa > dig.out.3.test$n || ret=1 grep "status: NOERROR" dig.out.3.test$n > /dev/null || ret=1 grep "EDNS: version:" dig.out.3.test$n > /dev/null && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking recursive lookup to drop edns + no tcp server succeeds ($n)" +echo_i "checking recursive lookup to drop edns + no tcp server succeeds ($n)" ret=0 -$DIG +tcp @10.53.0.1 -p 5300 dropedns-notcp soa > dig.out.test$n || ret=1 +$DIG $DIGOPTS +tcp @10.53.0.1 dropedns-notcp soa > dig.out.test$n || ret=1 grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking plain dns server setup ($n)" +echo_i "checking plain dns server setup ($n)" ret=0 -$DIG +edns @10.53.0.4 -p 5300 plain soa > dig.out.1.test$n || ret=1 +$DIG $DIGOPTS +edns @10.53.0.4 plain soa > dig.out.1.test$n || ret=1 grep "status: NOERROR" dig.out.1.test$n > /dev/null || ret=1 grep "EDNS: version:" dig.out.1.test$n > /dev/null && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking recursive lookup to plain dns server succeeds ($n)" +echo_i "checking recursive lookup to plain dns server succeeds ($n)" ret=0 -$DIG +tcp @10.53.0.1 -p 5300 plain soa > dig.out.test$n || ret=1 +$DIG $DIGOPTS +tcp @10.53.0.1 plain soa > dig.out.test$n || ret=1 grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking plain dns + no tcp server setup ($n)" +echo_i "checking plain dns + no tcp server setup ($n)" ret=0 -$DIG +edns @10.53.0.5 -p 5300 plain-notcp soa > dig.out.1.test$n || ret=1 +$DIG $DIGOPTS +edns @10.53.0.5 plain-notcp soa > dig.out.1.test$n || ret=1 grep "status: NOERROR" dig.out.1.test$n > /dev/null || ret=1 grep "EDNS: version:" dig.out.1.test$n > /dev/null && ret=1 -$DIG +edns +tcp @10.53.0.5 -p 5300 plain-notcp soa > dig.out.2.test$n +$DIG $DIGOPTS +edns +tcp @10.53.0.5 plain-notcp soa > dig.out.2.test$n grep "connection timed out; no servers could be reached" dig.out.2.test$n > /dev/null -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking recursive lookup to plain dns + no tcp server succeeds ($n)" +echo_i "checking recursive lookup to plain dns + no tcp server succeeds ($n)" ret=0 -$DIG +tcp @10.53.0.1 -p 5300 plain-notcp soa > dig.out.test$n || ret=1 +$DIG $DIGOPTS +tcp @10.53.0.1 plain-notcp soa > dig.out.test$n || ret=1 grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking edns 512 server setup ($n)" +echo_i "checking edns 512 server setup ($n)" ret=0 -$DIG +edns @10.53.0.6 -p 5300 edns512 soa > dig.out.1.test$n || ret=1 +$DIG $DIGOPTS +edns @10.53.0.6 edns512 soa > dig.out.1.test$n || ret=1 grep "status: NOERROR" dig.out.1.test$n > /dev/null || ret=1 -$DIG +edns +tcp @10.53.0.6 -p 5300 edns512 soa > dig.out.2.test$n || ret=1 +$DIG $DIGOPTS +edns +tcp @10.53.0.6 edns512 soa > dig.out.2.test$n || ret=1 grep "status: NOERROR" dig.out.1.test$n > /dev/null || ret=1 -$DIG +edns @10.53.0.6 -p 5300 txt500.edns512 txt > dig.out.3.test$n +$DIG $DIGOPTS +edns @10.53.0.6 txt500.edns512 txt > dig.out.3.test$n grep "connection timed out; no servers could be reached" dig.out.3.test$n > /dev/null -$DIG +edns +bufsize=512 +ignor @10.53.0.6 -p 5300 txt500.edns512 txt > dig.out.4.test$n +$DIG $DIGOPTS +edns +bufsize=512 +ignor @10.53.0.6 txt500.edns512 txt > dig.out.4.test$n grep "status: NOERROR" dig.out.4.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking recursive lookup to edns 512 server succeeds ($n)" +echo_i "checking recursive lookup to edns 512 server succeeds ($n)" ret=0 -$DIG +tcp @10.53.0.1 -p 5300 txt500.edns512 txt > dig.out.test$n || ret=1 +$DIG $DIGOPTS +tcp @10.53.0.1 txt500.edns512 txt > dig.out.test$n || ret=1 grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking edns 512 + no tcp server setup ($n)" +echo_i "checking edns 512 + no tcp server setup ($n)" ret=0 -$DIG +noedns @10.53.0.7 -p 5300 edns512-notcp soa > dig.out.1.test$n || ret=1 +$DIG $DIGOPTS +noedns @10.53.0.7 edns512-notcp soa > dig.out.1.test$n || ret=1 grep "status: NOERROR" dig.out.1.test$n > /dev/null || ret=1 -$DIG +noedns +tcp @10.53.0.7 -p 5300 edns512-notcp soa > dig.out.2.test$n +$DIG $DIGOPTS +noedns +tcp @10.53.0.7 edns512-notcp soa > dig.out.2.test$n grep "connection timed out; no servers could be reached" dig.out.2.test$n > /dev/null -$DIG +edns @10.53.0.7 -p 5300 edns512-notcp soa > dig.out.3.test$n +$DIG $DIGOPTS +edns @10.53.0.7 edns512-notcp soa > dig.out.3.test$n grep "connection timed out; no servers could be reached" dig.out.3.test$n > /dev/null -$DIG +edns +bufsize=512 +ignor @10.53.0.7 -p 5300 edns512-notcp soa > dig.out.4.test$n +$DIG $DIGOPTS +edns +bufsize=512 +ignor @10.53.0.7 edns512-notcp soa > dig.out.4.test$n grep "status: NOERROR" dig.out.4.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking recursive lookup to edns 512 + no tcp server succeeds ($n)" +echo_i "checking recursive lookup to edns 512 + no tcp server succeeds ($n)" ret=0 -$DIG +tcp @10.53.0.1 -p 5300 edns512-notcp soa > dig.out.test$n || ret=1 +$DIG $DIGOPTS +tcp @10.53.0.1 edns512-notcp soa > dig.out.test$n || ret=1 grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` if $SHELL ../testcrypto.sh > /dev/null 2>&1 then $PERL $SYSTEMTESTTOP/stop.pl . ns1 - cp -f ns1/named2.conf ns1/named.conf + copy_setports ns1/named2.conf.in ns1/named.conf - $PERL $SYSTEMTESTTOP/start.pl --noclean --restart . ns1 + $PERL $SYSTEMTESTTOP/start.pl --noclean --restart --port ${PORT} . ns1 n=`expr $n + 1` - echo "I:checking recursive lookup to edns 512 + no tcp + trust anchor fails ($n)" + echo_i "checking recursive lookup to edns 512 + no tcp + trust anchor fails ($n)" ret=0 - $DIG +tcp @10.53.0.1 -p 5300 edns512-notcp soa > dig.out.test$n + $DIG $DIGOPTS +tcp @10.53.0.1 edns512-notcp soa > dig.out.test$n grep "status: SERVFAIL" dig.out.test$n > /dev/null || grep "connection timed out;" dig.out.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` else - echo "I:skipping checking recursive lookup to edns 512 + no tcp + trust anchor fails as crypto not enabled" + echo_i "skipping checking recursive lookup to edns 512 + no tcp + trust anchor fails as crypto not enabled" fi - -echo "I:exit status: $status" +echo_i "exit status: $status" [ $status -eq 0 ] || exit 1 diff --git a/bin/tests/system/limits/clean.sh b/bin/tests/system/limits/clean.sh index bc306a8783..0eeb38e794 100644 --- a/bin/tests/system/limits/clean.sh +++ b/bin/tests/system/limits/clean.sh @@ -6,12 +6,11 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -# $Id: clean.sh,v 1.11 2007/09/26 03:22:44 marka Exp $ - # # Clean up after limits tests. # rm -f dig.out.* rm -f */named.memstats +rm -f */named.conf rm -f */named.run rm -f ns*/named.lock diff --git a/bin/tests/system/limits/ns1/named.conf b/bin/tests/system/limits/ns1/named.conf.in similarity index 94% rename from bin/tests/system/limits/ns1/named.conf rename to bin/tests/system/limits/ns1/named.conf.in index d783741eea..ef88cd93db 100644 --- a/bin/tests/system/limits/ns1/named.conf +++ b/bin/tests/system/limits/ns1/named.conf.in @@ -6,13 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -controls { /* empty */ }; - options { query-source address 10.53.0.1; notify-source 10.53.0.1; transfer-source 10.53.0.1; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.1; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/limits/setup.sh b/bin/tests/system/limits/setup.sh new file mode 100644 index 0000000000..c69f051dbc --- /dev/null +++ b/bin/tests/system/limits/setup.sh @@ -0,0 +1,13 @@ +#!/bin/sh +# +# Copyright (C) 2018 Internet Systems Consortium, Inc. ("ISC") +# +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +SYSTEMTESTTOP=.. +. $SYSTEMTESTTOP/conf.sh + +$SHELL clean.sh +copy_setports ns1/named.conf.in ns1/named.conf diff --git a/bin/tests/system/limits/tests.sh b/bin/tests/system/limits/tests.sh index 0978cbad1f..14ed1c935a 100644 --- a/bin/tests/system/limits/tests.sh +++ b/bin/tests/system/limits/tests.sh @@ -6,46 +6,46 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -# $Id: tests.sh,v 1.19 2011/11/04 23:46:15 tbox Exp $ - SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh +DIGOPTS="-p ${PORT}" + status=0 -echo "I:1000 A records" -$DIG +tcp +norec 1000.example. @10.53.0.1 a -p 5300 > dig.out.1000 || status=1 -#dig 1000.example. @10.53.0.1 a -p 5300 > knowngood.dig.out.1000 +echo_i "1000 A records" +$DIG $DIGOPTS +tcp +norec 1000.example. @10.53.0.1 a > dig.out.1000 || status=1 +# $DIG $DIGOPTS 1000.example. @10.53.0.1 a > knowngood.dig.out.1000 $PERL ../digcomp.pl knowngood.dig.out.1000 dig.out.1000 || status=1 -echo "I:2000 A records" -$DIG +tcp +norec 2000.example. @10.53.0.1 a -p 5300 > dig.out.2000 || status=1 -#dig 2000.example. @10.53.0.1 a -p 5300 > knowngood.dig.out.2000 +echo_i "2000 A records" +$DIG $DIGOPTS +tcp +norec 2000.example. @10.53.0.1 a > dig.out.2000 || status=1 +# $DIG $DIGOPTS 2000.example. @10.53.0.1 a > knowngood.dig.out.2000 $PERL ../digcomp.pl knowngood.dig.out.2000 dig.out.2000 || status=1 -echo "I:3000 A records" -$DIG +tcp +norec 3000.example. @10.53.0.1 a -p 5300 > dig.out.3000 || status=1 -#dig 3000.example. @10.53.0.1 a -p 5300 > knowngood.dig.out.3000 +echo_i "3000 A records" +$DIG $DIGOPTS +tcp +norec 3000.example. @10.53.0.1 a > dig.out.3000 || status=1 +# $DIG $DIGOPTS 3000.example. @10.53.0.1 a > knowngood.dig.out.3000 $PERL ../digcomp.pl knowngood.dig.out.3000 dig.out.3000 || status=1 -echo "I:4000 A records" -$DIG +tcp +norec 4000.example. @10.53.0.1 a -p 5300 > dig.out.4000 || status=1 -#dig 4000.example. @10.53.0.1 a -p 5300 > knowngood.dig.out.4000 +echo_i "4000 A records" +$DIG $DIGOPTS +tcp +norec 4000.example. @10.53.0.1 a > dig.out.4000 || status=1 +# $DIG $DIGOPTS 4000.example. @10.53.0.1 a > knowngood.dig.out.4000 $PERL ../digcomp.pl knowngood.dig.out.4000 dig.out.4000 || status=1 -echo "I:exactly maximum rrset" -$DIG +tcp +norec +noedns a-maximum-rrset.example. @10.53.0.1 a -p 5300 > dig.out.a-maximum-rrset \ +echo_i "exactly maximum rrset" +$DIG $DIGOPTS +tcp +norec +noedns a-maximum-rrset.example. @10.53.0.1 a > dig.out.a-maximum-rrset \ || status=1 -#dig a-maximum-rrset.example. @10.53.0.1 a -p 5300 > knowngood.dig.out.a-maximum-rrset +# $DIG $DIGOPTS a-maximum-rrset.example. @10.53.0.1 a > knowngood.dig.out.a-maximum-rrset $PERL ../digcomp.pl knowngood.dig.out.a-maximum-rrset dig.out.a-maximum-rrset || status=1 -echo "I:exceed maximum rrset (5000 A records)" -$DIG +tcp +norec +noadd 5000.example. @10.53.0.1 a -p 5300 > dig.out.exceed || status=1 +echo_i "exceed maximum rrset (5000 A records)" +$DIG $DIGOPTS +tcp +norec +noadd 5000.example. @10.53.0.1 a > dig.out.exceed || status=1 # Look for truncation bit (tc). grep 'flags: .*tc.*;' dig.out.exceed > /dev/null || { - echo "I:TC bit was not set" + echo_i "TC bit was not set" status=1 } -echo "I:exit status: $status" +echo_i "exit status: $status" [ $status -eq 0 ] || exit 1 diff --git a/bin/tests/system/logfileconfig/clean.sh b/bin/tests/system/logfileconfig/clean.sh index 95f3370d7e..6cc8ffcbd8 100644 --- a/bin/tests/system/logfileconfig/clean.sh +++ b/bin/tests/system/logfileconfig/clean.sh @@ -9,10 +9,12 @@ # # Clean up after log file tests # +rm -f ns1/rndc.conf +rm -f ns1/controls.conf +rm -f ns1/named.conf rm -f ns1/named.pid ns1/named.run rm -f ns1/named.memstats ns1/dig.out rm -f ns1/named_log ns1/named_pipe ns1/named_sym -rm -f ns1/named.conf rm -rf ns1/named_dir rm -f ns1/named_deflog rm -f ns*/named.lock diff --git a/bin/tests/system/logfileconfig/ns1/controls.conf.in b/bin/tests/system/logfileconfig/ns1/controls.conf.in new file mode 100644 index 0000000000..bc5b110151 --- /dev/null +++ b/bin/tests/system/logfileconfig/ns1/controls.conf.in @@ -0,0 +1,13 @@ +/* + * Copyright (C) 2018 Internet Systems Consortium, Inc. ("ISC") + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. + */ + +controls { + inet 127.0.0.1 port @CONTROLPORT@ + allow { 127.0.0.1/32; ::1/128; } + keys { "rndc-key"; }; +}; diff --git a/bin/tests/system/logfileconfig/ns1/named.dirconf b/bin/tests/system/logfileconfig/ns1/named.dirconf index 1853f75fb7..6dc80df243 100644 --- a/bin/tests/system/logfileconfig/ns1/named.dirconf +++ b/bin/tests/system/logfileconfig/ns1/named.dirconf @@ -6,17 +6,13 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.dirconf,v 1.2 2011/03/04 14:43:57 smann Exp $ */ - options { query-source address 10.53.0.1; notify-source 10.53.0.1; transfer-source 10.53.0.1; - port 5300; + port @PORT@; pid-file "named.pid"; - listen-on port 5300 { - 10.53.0.1; - }; + listen-on { 10.53.0.1; }; listen-on-v6 { none; }; recursion no; notify yes; @@ -31,11 +27,7 @@ logging { category lame-servers { null; }; }; -controls { - inet 127.0.0.1 port 9593 allow { - 127.0.0.1/32; ::1/128; } - keys { "rndc-key"; }; -}; +include "controls.conf"; key "rndc-key" { algorithm hmac-sha256; diff --git a/bin/tests/system/logfileconfig/ns1/named.iso8601 b/bin/tests/system/logfileconfig/ns1/named.iso8601 index 3040855a81..555d87b2e7 100644 --- a/bin/tests/system/logfileconfig/ns1/named.iso8601 +++ b/bin/tests/system/logfileconfig/ns1/named.iso8601 @@ -10,11 +10,9 @@ options { query-source address 10.53.0.1; notify-source 10.53.0.1; transfer-source 10.53.0.1; - port 5300; + port @PORT@; pid-file "named.pid"; - listen-on port 5300 { - 10.53.0.1; - }; + listen-on { 10.53.0.1; }; listen-on-v6 { none; }; recursion no; notify yes; @@ -29,11 +27,7 @@ logging { category default { default_log; default_debug; }; }; -controls { - inet 127.0.0.1 port 9593 - allow { 127.0.0.1/32; ::1/128; } - keys { "rndc-key"; }; -}; +include "controls.conf"; key "rndc-key" { algorithm hmac-sha256; diff --git a/bin/tests/system/logfileconfig/ns1/named.iso8601-utc b/bin/tests/system/logfileconfig/ns1/named.iso8601-utc index 14241c7135..4d8e6782bb 100644 --- a/bin/tests/system/logfileconfig/ns1/named.iso8601-utc +++ b/bin/tests/system/logfileconfig/ns1/named.iso8601-utc @@ -10,11 +10,9 @@ options { query-source address 10.53.0.1; notify-source 10.53.0.1; transfer-source 10.53.0.1; - port 5300; + port @PORT@; pid-file "named.pid"; - listen-on port 5300 { - 10.53.0.1; - }; + listen-on { 10.53.0.1; }; listen-on-v6 { none; }; recursion no; notify yes; @@ -29,11 +27,7 @@ logging { category default { default_log; default_debug; }; }; -controls { - inet 127.0.0.1 port 9593 - allow { 127.0.0.1/32; ::1/128; } - keys { "rndc-key"; }; -}; +include "controls.conf"; key "rndc-key" { algorithm hmac-sha256; diff --git a/bin/tests/system/logfileconfig/ns1/named.pipeconf b/bin/tests/system/logfileconfig/ns1/named.pipeconf index 1207017a00..61258dc14d 100644 --- a/bin/tests/system/logfileconfig/ns1/named.pipeconf +++ b/bin/tests/system/logfileconfig/ns1/named.pipeconf @@ -6,17 +6,13 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.pipeconf,v 1.2 2011/03/04 14:43:57 smann Exp $ */ - options { query-source address 10.53.0.1; notify-source 10.53.0.1; transfer-source 10.53.0.1; - port 5300; + port @PORT@; pid-file "named.pid"; - listen-on port 5300 { - 10.53.0.1; - }; + listen-on { 10.53.0.1; }; listen-on-v6 { none; }; recursion no; notify yes; @@ -31,11 +27,7 @@ logging { category lame-servers { null; }; }; -controls { - inet 127.0.0.1 port 9593 allow { - 127.0.0.1/32; ::1/128; } - keys { "rndc-key"; }; -}; +include "controls.conf"; key "rndc-key" { algorithm hmac-sha256; diff --git a/bin/tests/system/logfileconfig/ns1/named.plain b/bin/tests/system/logfileconfig/ns1/named.plain index a8811984c4..4372788a5f 100644 --- a/bin/tests/system/logfileconfig/ns1/named.plain +++ b/bin/tests/system/logfileconfig/ns1/named.plain @@ -6,17 +6,13 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.plain,v 1.2 2011/03/04 14:43:57 smann Exp $ */ - options { query-source address 10.53.0.1; notify-source 10.53.0.1; transfer-source 10.53.0.1; - port 5300; + port @PORT@; pid-file "named.pid"; - listen-on port 5300 { - 10.53.0.1; - }; + listen-on { 10.53.0.1; }; listen-on-v6 { none; }; recursion no; notify yes; @@ -38,11 +34,7 @@ logging { category queries { query_log; }; }; -controls { - inet 127.0.0.1 port 9593 allow { - 127.0.0.1/32; ::1/128; } - keys { "rndc-key"; }; -}; +include "controls.conf"; key "rndc-key" { algorithm hmac-sha256; diff --git a/bin/tests/system/logfileconfig/ns1/named.plainconf b/bin/tests/system/logfileconfig/ns1/named.plainconf index dd524828a6..bafe9bf1a5 100644 --- a/bin/tests/system/logfileconfig/ns1/named.plainconf +++ b/bin/tests/system/logfileconfig/ns1/named.plainconf @@ -10,21 +10,15 @@ options { query-source address 10.53.0.1; notify-source 10.53.0.1; transfer-source 10.53.0.1; - port 5300; + port @PORT@; pid-file "named.pid"; - listen-on port 5300 { - 10.53.0.1; - }; + listen-on { 10.53.0.1; }; listen-on-v6 { none; }; recursion no; notify yes; }; -controls { - inet 127.0.0.1 port 9593 allow { - 127.0.0.1/32; ::1/128; } - keys { "rndc-key"; }; -}; +include "controls.conf"; key "rndc-key" { algorithm hmac-sha256; diff --git a/bin/tests/system/logfileconfig/ns1/named.symconf b/bin/tests/system/logfileconfig/ns1/named.symconf index f60be1e9b4..d13e33b397 100644 --- a/bin/tests/system/logfileconfig/ns1/named.symconf +++ b/bin/tests/system/logfileconfig/ns1/named.symconf @@ -6,17 +6,13 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.symconf,v 1.2 2011/03/04 14:43:57 smann Exp $ */ - options { query-source address 10.53.0.1; notify-source 10.53.0.1; transfer-source 10.53.0.1; - port 5300; + port @PORT@; pid-file "named.pid"; - listen-on port 5300 { - 10.53.0.1; - }; + listen-on { 10.53.0.1; }; listen-on-v6 { none; }; recursion no; notify yes; @@ -31,11 +27,7 @@ logging { category lame-servers { null; }; }; -controls { - inet 127.0.0.1 port 9593 allow { - 127.0.0.1/32; ::1/128; } - keys { "rndc-key"; }; -}; +include "controls.conf"; key "rndc-key" { algorithm hmac-sha256; diff --git a/bin/tests/system/logfileconfig/ns1/named.tsconf b/bin/tests/system/logfileconfig/ns1/named.tsconf index b578f2d1e0..b8b0dfabc0 100644 --- a/bin/tests/system/logfileconfig/ns1/named.tsconf +++ b/bin/tests/system/logfileconfig/ns1/named.tsconf @@ -10,11 +10,9 @@ options { query-source address 10.53.0.1; notify-source 10.53.0.1; transfer-source 10.53.0.1; - port 5300; + port @PORT@; pid-file "named.pid"; - listen-on port 5300 { - 10.53.0.1; - }; + listen-on { 10.53.0.1; }; listen-on-v6 { none; }; recursion no; notify yes; @@ -38,11 +36,7 @@ logging { category queries { query_log; }; }; -controls { - inet 127.0.0.1 port 9593 allow { - 127.0.0.1/32; ::1/128; } - keys { "rndc-key"; }; -}; +include "controls.conf"; key "rndc-key" { algorithm hmac-sha256; diff --git a/bin/tests/system/logfileconfig/ns1/named.unlimited b/bin/tests/system/logfileconfig/ns1/named.unlimited index 446caee041..4d6e007f18 100644 --- a/bin/tests/system/logfileconfig/ns1/named.unlimited +++ b/bin/tests/system/logfileconfig/ns1/named.unlimited @@ -10,11 +10,9 @@ options { query-source address 10.53.0.1; notify-source 10.53.0.1; transfer-source 10.53.0.1; - port 5300; + port @PORT@; pid-file "named.pid"; - listen-on port 5300 { - 10.53.0.1; - }; + listen-on { 10.53.0.1; }; listen-on-v6 { none; }; recursion no; notify yes; @@ -38,11 +36,7 @@ logging { category queries { query_log; }; }; -controls { - inet 127.0.0.1 port 9593 allow { - 127.0.0.1/32; ::1/128; } - keys { "rndc-key"; }; -}; +include "controls.conf"; key "rndc-key" { algorithm hmac-sha256; diff --git a/bin/tests/system/logfileconfig/ns1/named.versconf b/bin/tests/system/logfileconfig/ns1/named.versconf index b2547d5fd4..2fc040db97 100644 --- a/bin/tests/system/logfileconfig/ns1/named.versconf +++ b/bin/tests/system/logfileconfig/ns1/named.versconf @@ -10,11 +10,9 @@ options { query-source address 10.53.0.1; notify-source 10.53.0.1; transfer-source 10.53.0.1; - port 5300; + port @PORT@; pid-file "named.pid"; - listen-on port 5300 { - 10.53.0.1; - }; + listen-on { 10.53.0.1; }; listen-on-v6 { none; }; recursion no; notify yes; @@ -38,11 +36,7 @@ logging { category queries { query_log; }; }; -controls { - inet 127.0.0.1 port 9593 allow { - 127.0.0.1/32; ::1/128; } - keys { "rndc-key"; }; -}; +include "controls.conf"; key "rndc-key" { algorithm hmac-sha256; diff --git a/bin/tests/system/logfileconfig/ns1/rndc.conf b/bin/tests/system/logfileconfig/ns1/rndc.conf.in similarity index 90% rename from bin/tests/system/logfileconfig/ns1/rndc.conf rename to bin/tests/system/logfileconfig/ns1/rndc.conf.in index 4e427ddbab..0fa1909a01 100644 --- a/bin/tests/system/logfileconfig/ns1/rndc.conf +++ b/bin/tests/system/logfileconfig/ns1/rndc.conf.in @@ -12,7 +12,7 @@ options { server 127.0.0.1 { key "rndc-key"; - addresses { 127.0.0.1 port 9593; }; + addresses { 127.0.0.1 port @CONTROLPORT@; }; }; key "rndc-key" { diff --git a/bin/tests/system/logfileconfig/setup.sh b/bin/tests/system/logfileconfig/setup.sh index 42af44bf95..c115a219df 100644 --- a/bin/tests/system/logfileconfig/setup.sh +++ b/bin/tests/system/logfileconfig/setup.sh @@ -11,4 +11,6 @@ SYSTEMTESTTOP=.. $SHELL clean.sh -cp ns1/named.plain ns1/named.conf +copy_setports ns1/named.plain ns1/named.conf +copy_setports ns1/rndc.conf.in ns1/rndc.conf +copy_setports ns1/controls.conf.in ns1/controls.conf diff --git a/bin/tests/system/logfileconfig/tests.sh b/bin/tests/system/logfileconfig/tests.sh index a2672e471e..631c15af82 100644 --- a/bin/tests/system/logfileconfig/tests.sh +++ b/bin/tests/system/logfileconfig/tests.sh @@ -6,31 +6,31 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -# $Id: tests.sh,v 1.4 2011/03/22 16:51:50 smann Exp $ - SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh THISDIR=`pwd` CONFDIR="ns1" -DIRCONF="${THISDIR}/${CONFDIR}/named.dirconf" -PIPECONF="${THISDIR}/${CONFDIR}/named.pipeconf" -SYMCONF="${THISDIR}/${CONFDIR}/named.symconf" + PLAINCONF="${THISDIR}/${CONFDIR}/named.plainconf" -ISOCONF="${THISDIR}/${CONFDIR}/named.iso8601" -ISOCONFUTC="${THISDIR}/${CONFDIR}/named.iso8601-utc" -VERSCONF="${THISDIR}/${CONFDIR}/named.versconf" -TSCONF="${THISDIR}/${CONFDIR}/named.tsconf" -UNLIMITEDCONF="${THISDIR}/${CONFDIR}/named.unlimited" PLAINFILE="named_log" +DIRCONF="${THISDIR}/${CONFDIR}/named.dirconf" DIRFILE="named_dir" +PIPECONF="${THISDIR}/${CONFDIR}/named.pipeconf" PIPEFILE="named_pipe" +SYMCONF="${THISDIR}/${CONFDIR}/named.symconf" SYMFILE="named_sym" -DLFILE="named_deflog" -ISOFILE="named_iso8601" -ISOUTCFILE="named_iso8601_utc" +VERSCONF="${THISDIR}/${CONFDIR}/named.versconf" VERSFILE="named_vers" +TSCONF="${THISDIR}/${CONFDIR}/named.tsconf" TSFILE="named_ts" +UNLIMITEDCONF="${THISDIR}/${CONFDIR}/named.unlimited" UNLIMITEDFILE="named_unlimited" +ISOCONF="${THISDIR}/${CONFDIR}/named.iso8601" +ISOFILE="named_iso8601" +ISOCONFUTC="${THISDIR}/${CONFDIR}/named.iso8601-utc" +ISOUTCFILE="named_iso8601_utc" +DLFILE="named_deflog" + PIDFILE="${THISDIR}/${CONFDIR}/named.pid" myRNDC="$RNDC -c ${THISDIR}/${CONFDIR}/rndc.conf" myNAMED="$NAMED -c ${THISDIR}/${CONFDIR}/named.conf -m record,size,mctx -T clienttest -T nosyslog -d 99 -X named.lock -U 4" @@ -61,75 +61,75 @@ n=0 cd $CONFDIR -echo "I:testing log file validity (named -g + only plain files allowed)" +echo_i "testing log file validity (named -g + only plain files allowed)" n=`expr $n + 1` -echo "I: testing plain file (named -g) ($n)" +echo_i "testing plain file (named -g) ($n)" # First run with a known good config. echo > $PLAINFILE -cp $PLAINCONF named.conf +copy_setports $PLAINCONF named.conf $myRNDC reconfig > rndc.out.test$n 2>&1 grep "reloading configuration failed" named.run > /dev/null 2>&1 if [ $? -ne 0 ] then - echo "I: testing plain file succeeded" + echo_i "testing plain file succeeded" else - echo "I: testing plain file failed (unexpected)" - echo "I:exit status: 1" + echo_i "testing plain file failed (unexpected)" + echo_i "exit status: 1" exit 1 fi # Now try directory, expect failure n=`expr $n + 1` -echo "I: testing directory as log file (named -g) ($n)" +echo_i "testing directory as log file (named -g) ($n)" echo > named.run rm -rf $DIRFILE mkdir -p $DIRFILE >/dev/null 2>&1 if [ $? -eq 0 ] then - cp $DIRCONF named.conf + copy_setports $DIRCONF named.conf echo > named.run $myRNDC reconfig > rndc.out.test$n 2>&1 grep "checking logging configuration failed: invalid file" named.run > /dev/null 2>&1 if [ $? -ne 0 ] then - echo "I: testing directory as file succeeded (UNEXPECTED)" - echo "I:exit status: 1" + echo_i "testing directory as file succeeded (UNEXPECTED)" + echo_i "exit status: 1" exit 1 else - echo "I: testing directory as log file failed (expected)" + echo_i "testing directory as log file failed (expected)" fi else - echo "I: skipping directory test (unable to create directory)" + echo_i "skipping directory test (unable to create directory)" fi # Now try pipe file, expect failure n=`expr $n + 1` -echo "I: testing pipe file as log file (named -g) ($n)" +echo_i "testing pipe file as log file (named -g) ($n)" echo > named.run rm -f $PIPEFILE mkfifo $PIPEFILE >/dev/null 2>&1 if [ $? -eq 0 ] then - cp $PIPECONF named.conf + copy_setports $PIPECONF named.conf echo > named.run $myRNDC reconfig > rndc.out.test$n 2>&1 grep "checking logging configuration failed: invalid file" named.run > /dev/null 2>&1 if [ $? -ne 0 ] then - echo "I: testing pipe file as log file succeeded (UNEXPECTED)" - echo "I:exit status: 1" + echo_i "testing pipe file as log file succeeded (UNEXPECTED)" + echo_i "exit status: 1" exit 1 else - echo "I: testing pipe file as log file failed (expected)" + echo_i "testing pipe file as log file failed (expected)" fi else - echo "I: skipping pipe test (unable to create pipe)" + echo_i "skipping pipe test (unable to create pipe)" fi # Now try symlink file to plain file, expect success n=`expr $n + 1` -echo "I: testing symlink to plain file as log file (named -g) ($n)" +echo_i "testing symlink to plain file as log file (named -g) ($n)" # Assume success echo > named.run echo > $PLAINFILE @@ -137,20 +137,20 @@ rm -f $SYMFILE $SYMFILE ln -s $PLAINFILE $SYMFILE >/dev/null 2>&1 if [ $? -eq 0 ] then - cp $SYMCONF named.conf + copy_setports $SYMCONF named.conf $myRNDC reconfig > rndc.out.test$n 2>&1 echo > named.run grep "reloading configuration failed" named.run > /dev/null 2>&1 if [ $? -ne 0 ] then - echo "I: testing symlink to plain file succeeded" + echo_i "testing symlink to plain file succeeded" else - echo "I: testing symlink to plain file failed (unexpected)" - echo "I:exit status: 1" + echo_i "testing symlink to plain file failed (unexpected)" + echo_i "exit status: 1" exit 1 fi else - echo "I: skipping symlink test (unable to create symlink)" + echo_i "skipping symlink test (unable to create symlink)" fi # Stop the server and run through a series of tests with various config # files while controlling the stop/start of the server. @@ -162,82 +162,82 @@ $myNAMED > /dev/null 2>&1 if [ $? -ne 0 ] then - echo "I:failed to start $myNAMED" - echo "I:exit status: $status" + echo_i "failed to start $myNAMED" + echo_i "exit status: $status" exit $status fi status=0 -echo "I:testing log file validity (only plain files allowed)" +echo_i "testing log file validity (only plain files allowed)" n=`expr $n + 1` -echo "I: testing plain file (named -g) ($n)" +echo_i "testing plain file (named -g) ($n)" # First run with a known good config. echo > $PLAINFILE -cp $PLAINCONF named.conf +copy_setports $PLAINCONF named.conf $myRNDC reconfig > rndc.out.test$n 2>&1 grep "reloading configuration failed" named.run > /dev/null 2>&1 if [ $? -ne 0 ] then - echo "I: testing plain file succeeded" + echo_i "testing plain file succeeded" else - echo "I: testing plain file failed (unexpected)" - echo "I:exit status: 1" + echo_i "testing plain file failed (unexpected)" + echo_i "exit status: 1" exit 1 fi # Now try directory, expect failure n=`expr $n + 1` -echo "I: testing directory as log file ($n)" +echo_i "testing directory as log file ($n)" echo > named.run rm -rf $DIRFILE mkdir -p $DIRFILE >/dev/null 2>&1 if [ $? -eq 0 ] then - cp $DIRCONF named.conf + copy_setports $DIRCONF named.conf echo > named.run $myRNDC reconfig > rndc.out.test$n 2>&1 grep "configuring logging: invalid file" named.run > /dev/null 2>&1 if [ $? -ne 0 ] then - echo "I: testing directory as file succeeded (UNEXPECTED)" - echo "I:exit status: 1" + echo_i "testing directory as file succeeded (UNEXPECTED)" + echo_i "exit status: 1" exit 1 else - echo "I: testing directory as log file failed (expected)" + echo_i "testing directory as log file failed (expected)" fi else - echo "I: skipping directory test (unable to create directory)" + echo_i "skipping directory test (unable to create directory)" fi # Now try pipe file, expect failure n=`expr $n + 1` -echo "I: testing pipe file as log file ($n)" +echo_i "testing pipe file as log file ($n)" echo > named.run rm -f $PIPEFILE mkfifo $PIPEFILE >/dev/null 2>&1 if [ $? -eq 0 ] then - cp $PIPECONF named.conf + copy_setports $PIPECONF named.conf echo > named.run $myRNDC reconfig > rndc.out.test$n 2>&1 grep "configuring logging: invalid file" named.run > /dev/null 2>&1 if [ $? -ne 0 ] then - echo "I: testing pipe file as log file succeeded (UNEXPECTED)" - echo "I:exit status: 1" + echo_i "testing pipe file as log file succeeded (UNEXPECTED)" + echo_i "exit status: 1" exit 1 else - echo "I: testing pipe file as log file failed (expected)" + echo_i "testing pipe file as log file failed (expected)" fi else - echo "I: skipping pipe test (unable to create pipe)" + echo_i "skipping pipe test (unable to create pipe)" fi # Now try symlink file to plain file, expect success n=`expr $n + 1` -echo "I: testing symlink to plain file as log file ($n)" +echo_i "testing symlink to plain file as log file ($n)" # Assume success status=0 echo > named.run @@ -246,33 +246,33 @@ rm -f $SYMFILE ln -s $PLAINFILE $SYMFILE >/dev/null 2>&1 if [ $? -eq 0 ] then - cp $SYMCONF named.conf + copy_setports $SYMCONF named.conf $myRNDC reconfig > rndc.out.test$n 2>&1 echo > named.run grep "reloading configuration failed" named.run > /dev/null 2>&1 if [ $? -ne 0 ] then - echo "I: testing symlink to plain file succeeded" + echo_i "testing symlink to plain file succeeded" else - echo "I: testing symlink to plain file failed (unexpected)" - echo "I:exit status: 1" + echo_i "testing symlink to plain file failed (unexpected)" + echo_i "exit status: 1" exit 1 fi else - echo "I: skipping symlink test (unable to create symlink)" + echo_i "skipping symlink test (unable to create symlink)" fi n=`expr $n + 1` -echo "I:testing default logfile using named -L file ($n)" +echo_i "testing default logfile using named -L file ($n)" # Now stop the server again and test the -L option rm -f $DLFILE $PERL ../../stop.pl .. ns1 if ! test -f $PIDFILE; then - cp $PLAINCONF named.conf + copy_setports $PLAINCONF named.conf $myNAMED -L $DLFILE > /dev/null 2>&1 if [ $? -ne 0 ]; then - echo "I: failed to start $myNAMED" - echo "I:exit status: $status" + echo_i "failed to start $myNAMED" + echo_i "exit status: $status" exit $status fi @@ -280,134 +280,134 @@ if ! test -f $PIDFILE; then sleep 1 if [ -f "$DLFILE" ]; then - echo "I: testing default logfile using named -L succeeded" + echo_i "testing default logfile using named -L succeeded" else - echo "I: testing default logfile using named -L failed" - echo "I:exit status: 1" + echo_i "testing default logfile using named -L failed" + echo_i "exit status: 1" exit 1 fi else - echo "I: failed to cleanly stop $myNAMED" - echo "I:exit status: 1" + echo_i "failed to cleanly stop $myNAMED" + echo_i "exit status: 1" exit 1 fi -echo "I:testing logging functionality" +echo_i "testing logging functionality" n=`expr $n + 1` -echo "I: testing iso8601 timestamp ($n)" -cp $ISOCONF named.conf +echo_i "testing iso8601 timestamp ($n)" +copy_setports $ISOCONF named.conf $myRNDC reconfig > rndc.out.test$n 2>&1 if grep '^....-..-..T..:..:..\.... ' $ISOFILE > /dev/null; then - echo "I: testing iso8601 timestamp succeeded" + echo_i "testing iso8601 timestamp succeeded" else - echo "I: testing iso8601 timestamp failed" + echo_i "testing iso8601 timestamp failed" status=`expr $status + 1` fi n=`expr $n + 1` -echo "I: testing iso8601-utc timestamp ($n)" -cp $ISOCONFUTC named.conf +echo_i "testing iso8601-utc timestamp ($n)" +copy_setports $ISOCONFUTC named.conf $myRNDC reconfig > rndc.out.test$n 2>&1 if grep '^....-..-..T..:..:..\....Z' $ISOUTCFILE > /dev/null; then - echo "I: testing iso8601-utc timestamp succeeded" + echo_i "testing iso8601-utc timestamp succeeded" else - echo "I: testing iso8601-utc timestamp failed" + echo_i "testing iso8601-utc timestamp failed" status=`expr $status + 1` fi n=`expr $n + 1` -echo "I: testing explicit versions ($n)" -cp $VERSCONF named.conf +echo_i "testing explicit versions ($n)" +copy_setports $VERSCONF named.conf # a seconds since epoch version number touch $VERSFILE.1480039317 t1=`$PERL -e 'print time()."\n";'` $myRNDC reconfig > rndc.out.test$n 2>&1 -$DIG version.bind txt ch @10.53.0.1 -p 5300 > dig.out.test$n +$DIG version.bind txt ch @10.53.0.1 -p ${PORT} > dig.out.test$n t2=`$PERL -e 'print time()."\n";'` t=`expr ${t2:-0} - ${t1:-0}` if test ${t:-1000} -gt 5 then - echo "I: testing explicit versions failed: cleanup of old entries took too long ($t secs)" + echo_i "testing explicit versions failed: cleanup of old entries took too long ($t secs)" status=`expr $status + 1` fi if ! grep "status: NOERROR" dig.out.test$n > /dev/null then - echo "I: testing explicit versions failed: DiG lookup failed" + echo_i "testing explicit versions failed: DiG lookup failed" status=`expr $status + 1` fi if test_with_retry -f $VERSFILE.1480039317 then - echo "I: testing explicit versions failed: $VERSFILE.1480039317 not removed" + echo_i "testing explicit versions failed: $VERSFILE.1480039317 not removed" status=`expr $status + 1` fi if test_with_retry -f $VERSFILE.5 then - echo "I: testing explicit versions failed: $VERSFILE.5 exists" + echo_i "testing explicit versions failed: $VERSFILE.5 exists" status=`expr $status + 1` fi if test_with_retry ! -f $VERSFILE.4 then - echo "I: testing explicit versions failed: $VERSFILE.4 does not exist" + echo_i "testing explicit versions failed: $VERSFILE.4 does not exist" status=`expr $status + 1` fi n=`expr $n + 1` -echo "I: testing timestamped versions ($n)" -cp $TSCONF named.conf +echo_i "testing timestamped versions ($n)" +copy_setports $TSCONF named.conf # a seconds since epoch version number touch $TSFILE.2015010112000012 t1=`$PERL -e 'print time()."\n";'` $myRNDC reconfig > rndc.out.test$n 2>&1 -$DIG version.bind txt ch @10.53.0.1 -p 5300 > dig.out.test$n +$DIG version.bind txt ch @10.53.0.1 -p ${PORT} > dig.out.test$n t2=`$PERL -e 'print time()."\n";'` t=`expr ${t2:-0} - ${t1:-0}` if test ${t:-1000} -gt 5 then - echo "I: testing timestamped versions failed: cleanup of old entries took too long ($t secs)" + echo_i "testing timestamped versions failed: cleanup of old entries took too long ($t secs)" status=`expr $status + 1` fi if ! grep "status: NOERROR" dig.out.test$n > /dev/null then - echo "I: testing timestamped versions failed: DiG lookup failed" + echo_i "testing timestamped versions failed: DiG lookup failed" status=`expr $status + 1` fi if test_with_retry -f $TSFILE.1480039317 then - echo "I: testing timestamped versions failed: $TSFILE.1480039317 not removed" + echo_i "testing timestamped versions failed: $TSFILE.1480039317 not removed" status=`expr $status + 1` fi n=`expr $n + 1` -echo "I: testing unlimited versions ($n)" -cp $UNLIMITEDCONF named.conf +echo_i "testing unlimited versions ($n)" +copy_setports $UNLIMITEDCONF named.conf # a seconds since epoch version number touch $UNLIMITEDFILE.1480039317 t1=`$PERL -e 'print time()."\n";'` $myRNDC reconfig > rndc.out.test$n 2>&1 -$DIG version.bind txt ch @10.53.0.1 -p 5300 > dig.out.test$n +$DIG version.bind txt ch @10.53.0.1 -p ${PORT} > dig.out.test$n t2=`$PERL -e 'print time()."\n";'` t=`expr ${t2:-0} - ${t1:-0}` if test ${t:-1000} -gt 5 then - echo "I: testing unlimited versions failed: took too long ($t secs)" + echo_i "testing unlimited versions failed: took too long ($t secs)" status=`expr $status + 1` fi if ! grep "status: NOERROR" dig.out.test$n > /dev/null then - echo "I: testing unlimited versions failed: DiG lookup failed" + echo_i "testing unlimited versions failed: DiG lookup failed" status=`expr $status + 1` fi if test_with_retry ! -f $UNLIMITEDFILE.1480039317 then - echo "I: testing unlimited versions failed: $UNLIMITEDFILE.1480039317 removed" + echo_i "testing unlimited versions failed: $UNLIMITEDFILE.1480039317 removed" status=`expr $status + 1` fi if test_with_retry ! -f $UNLIMITEDFILE.4 then - echo "I: testing unlimited versions failed: $UNLIMITEDFILE.4 does not exist" + echo_i "testing unlimited versions failed: $UNLIMITEDFILE.4 does not exist" status=`expr $status + 1` fi -echo "I:exit status: $status" +echo_i "exit status: $status" [ $status -eq 0 ] || exit 1 diff --git a/bin/tests/system/masterfile/clean.sh b/bin/tests/system/masterfile/clean.sh index 120aa2e620..00e4c6ee5a 100644 --- a/bin/tests/system/masterfile/clean.sh +++ b/bin/tests/system/masterfile/clean.sh @@ -6,10 +6,9 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -# $Id: clean.sh,v 1.7 2010/09/15 12:38:35 tbox Exp $ - rm -f dig.out.* rm -f */named.memstats +rm -f */named.conf rm -f */named.run rm -f ns*/named.lock rm -f checkzone.out* diff --git a/bin/tests/system/masterfile/ns1/named.conf b/bin/tests/system/masterfile/ns1/named.conf.in similarity index 86% rename from bin/tests/system/masterfile/ns1/named.conf rename to bin/tests/system/masterfile/ns1/named.conf.in index 8fcd0f4e1a..2b6d32b7e6 100644 --- a/bin/tests/system/masterfile/ns1/named.conf +++ b/bin/tests/system/masterfile/ns1/named.conf.in @@ -6,15 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.6 2007/06/19 23:47:04 tbox Exp $ */ - -controls { /* empty */ }; - options { query-source address 10.53.0.1; notify-source 10.53.0.1; transfer-source 10.53.0.1; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.1; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/masterfile/ns2/named.conf b/bin/tests/system/masterfile/ns2/named.conf.in similarity index 87% rename from bin/tests/system/masterfile/ns2/named.conf rename to bin/tests/system/masterfile/ns2/named.conf.in index 6c9bea729f..627f0ee586 100644 --- a/bin/tests/system/masterfile/ns2/named.conf +++ b/bin/tests/system/masterfile/ns2/named.conf.in @@ -6,17 +6,13 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.2 2010/09/15 03:32:34 marka Exp $ */ - // NS2 -controls { /* empty */ }; - options { query-source address 10.53.0.2; notify-source 10.53.0.2; transfer-source 10.53.0.2; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.2; }; listen-on-v6 { none; }; @@ -40,4 +36,3 @@ zone "missing" { type master; file "missing.db"; }; - diff --git a/bin/tests/system/masterfile/setup.sh b/bin/tests/system/masterfile/setup.sh new file mode 100644 index 0000000000..d4f9dbc358 --- /dev/null +++ b/bin/tests/system/masterfile/setup.sh @@ -0,0 +1,14 @@ +#!/bin/sh +# +# Copyright (C) 2018 Internet Systems Consortium, Inc. ("ISC") +# +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +SYSTEMTESTTOP=.. +. $SYSTEMTESTTOP/conf.sh + +$SHELL clean.sh +copy_setports ns1/named.conf.in ns1/named.conf +copy_setports ns2/named.conf.in ns2/named.conf diff --git a/bin/tests/system/masterfile/tests.sh b/bin/tests/system/masterfile/tests.sh index f0bfc8eb78..2cb625a484 100644 --- a/bin/tests/system/masterfile/tests.sh +++ b/bin/tests/system/masterfile/tests.sh @@ -6,52 +6,52 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -# $Id: tests.sh,v 1.7 2010/09/15 12:38:35 tbox Exp $ - SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh +DIGOPTS="-p ${PORT}" + status=0 n=0 ret=0 n=`expr $n + 1` -echo "I:test master file \$INCLUDE semantics ($n)" -$DIG +nostats +nocmd include. axfr @10.53.0.1 -p 5300 >dig.out.$n +echo_i "test master file \$INCLUDE semantics ($n)" +$DIG $DIGOPTS +nostats +nocmd include. axfr @10.53.0.1 >dig.out.$n -echo "I:test master file BIND 8 compatibility TTL and \$TTL semantics ($n)" -$DIG +nostats +nocmd ttl2. axfr @10.53.0.1 -p 5300 >>dig.out.$n +echo_i "test master file BIND 8 compatibility TTL and \$TTL semantics ($n)" +$DIG $DIGOPTS +nostats +nocmd ttl2. axfr @10.53.0.1 >>dig.out.$n -echo "I:test of master file RFC1035 TTL and \$TTL semantics ($n)" -$DIG +nostats +nocmd ttl2. axfr @10.53.0.1 -p 5300 >>dig.out.$n +echo_i "test of master file RFC1035 TTL and \$TTL semantics ($n)" +$DIG $DIGOPTS +nostats +nocmd ttl2. axfr @10.53.0.1 >>dig.out.$n $DIFF dig.out.$n knowngood.dig.out || status=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` ret=0 n=`expr $n + 1` -echo "I:test that the nameserver is running with a missing master file ($n)" -$DIG +tcp +noall +answer example soa @10.53.0.2 -p 5300 > dig.out.$n +echo_i "test that the nameserver is running with a missing master file ($n)" +$DIG $DIGOPTS +tcp +noall +answer example soa @10.53.0.2 > dig.out.$n grep SOA dig.out.$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` ret=0 n=`expr $n + 1` -echo "I:test that the nameserver returns SERVFAIL for a missing master file ($n)" -$DIG +tcp +all missing soa @10.53.0.2 -p 5300 > dig.out.$n +echo_i "test that the nameserver returns SERVFAIL for a missing master file ($n)" +$DIG $DIGOPTS +tcp +all missing soa @10.53.0.2 > dig.out.$n grep "status: SERVFAIL" dig.out.$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` ret=0 n=`expr $n + 1` -echo "I:test owner inheritence after "'$INCLUDE'" ($n)" +echo_i "test owner inheritence after "'$INCLUDE'" ($n)" $CHECKZONE -Dq example zone/inheritownerafterinclude.db > checkzone.out$n $DIFF checkzone.out$n zone/inheritownerafterinclude.good || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:exit status: $status" +echo_i "exit status: $status" [ $status -eq 0 ] || exit 1 diff --git a/bin/tests/system/masterformat/clean.sh b/bin/tests/system/masterformat/clean.sh index 147fadd289..dcefefe602 100755 --- a/bin/tests/system/masterformat/clean.sh +++ b/bin/tests/system/masterformat/clean.sh @@ -16,6 +16,7 @@ rm -f ns1/session.key rm -f dig.out.* rm -f dig.out rm -f */named.memstats +rm -f */named.conf rm -f */named.run rm -f ns2/example.db rm -f ns2/transfer.db.* diff --git a/bin/tests/system/masterformat/ns1/named.conf b/bin/tests/system/masterformat/ns1/named.conf.in similarity index 90% rename from bin/tests/system/masterformat/ns1/named.conf rename to bin/tests/system/masterformat/ns1/named.conf.in index 03141e41a2..ce8d638a6a 100644 --- a/bin/tests/system/masterformat/ns1/named.conf +++ b/bin/tests/system/masterformat/ns1/named.conf.in @@ -8,12 +8,10 @@ // NS1 -controls { /* empty */ }; - options { pid-file "named.pid"; - listen-on port 5300 { 10.53.0.1; }; - port 5300; + listen-on port @PORT@ { 10.53.0.1; }; + port @PORT@; listen-on-v6 { none; }; recursion no; notify no; @@ -28,7 +26,7 @@ key rndc_key { }; controls { - inet 10.53.0.1 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.1 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; zone "example" { diff --git a/bin/tests/system/masterformat/ns2/named.conf b/bin/tests/system/masterformat/ns2/named.conf.in similarity index 93% rename from bin/tests/system/masterformat/ns2/named.conf rename to bin/tests/system/masterformat/ns2/named.conf.in index 3fb9108be8..aa4dbe8a92 100644 --- a/bin/tests/system/masterformat/ns2/named.conf +++ b/bin/tests/system/masterformat/ns2/named.conf.in @@ -8,13 +8,11 @@ // NS2 -controls { /* empty */ }; - options { pid-file "named.pid"; - listen-on port 5300 { 10.53.0.2; }; + listen-on port @PORT@ { 10.53.0.2; }; listen-on-v6 { none; }; - port 5300; + port @PORT@; recursion no; notify no; dnssec-enable yes; diff --git a/bin/tests/system/masterformat/ns3/named.conf b/bin/tests/system/masterformat/ns3/named.conf.in similarity index 77% rename from bin/tests/system/masterformat/ns3/named.conf rename to bin/tests/system/masterformat/ns3/named.conf.in index 3a9d656fff..71dbc8edb8 100644 --- a/bin/tests/system/masterformat/ns3/named.conf +++ b/bin/tests/system/masterformat/ns3/named.conf.in @@ -6,16 +6,12 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.1.4.3 2012/02/07 23:53:43 each Exp $ */ - // NS3 -controls { /* empty */ }; - options { pid-file "named.pid"; - listen-on port 5300 { 10.53.0.3; }; - port 5300; + listen-on port @PORT@ { 10.53.0.3; }; + port @PORT@; listen-on-v6 { none; }; recursion no; notify no; @@ -28,7 +24,7 @@ key rndc_key { }; controls { - inet 10.53.0.3 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.3 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; zone "example" { @@ -43,4 +39,3 @@ zone "dynamic" { file "dynamic.db.map"; allow-update { any; }; }; - diff --git a/bin/tests/system/masterformat/setup.sh b/bin/tests/system/masterformat/setup.sh index 41513fc8a7..fa6045a41d 100755 --- a/bin/tests/system/masterformat/setup.sh +++ b/bin/tests/system/masterformat/setup.sh @@ -9,6 +9,10 @@ SYSTEMTESTTOP=.. test -r $RANDFILE || $GENRANDOM 800 $RANDFILE +copy_setports ns1/named.conf.in ns1/named.conf +copy_setports ns2/named.conf.in ns2/named.conf +copy_setports ns3/named.conf.in ns3/named.conf + rm -f named-compilezone ln -s $CHECKZONE named-compilezone diff --git a/bin/tests/system/masterformat/tests.sh b/bin/tests/system/masterformat/tests.sh index c644c984ae..a4be90ddf9 100755 --- a/bin/tests/system/masterformat/tests.sh +++ b/bin/tests/system/masterformat/tests.sh @@ -69,21 +69,22 @@ stomp () { restart () { sleep 1 - (cd ..; $PERL start.pl --noclean --restart masterformat ns3) + (cd ..; $PERL start.pl --noclean --restart --port ${PORT} masterformat ns3) } -DIGOPTS="+tcp +noauth +noadd +nosea +nostat +noquest +nocomm +nocmd" +DIGOPTS="+tcp +noauth +noadd +nosea +nostat +noquest +nocomm +nocmd -p ${PORT}" +RNDCCMD="$RNDC -c $SYSTEMTESTTOP/common/rndc.conf -p ${CONTROLPORT} -s" status=0 -echo "I:checking that master files in raw format loaded" +echo_i "checking that master files in raw format loaded" ret=0 set -- 1 2 3 for zone in example example-explicit example-compat; do for server in $*; do for name in ns mx a aaaa cname dname txt rrsig nsec \ dnskey ds cdnskey cds; do - $DIG $DIGOPTS $name.$zone. $name @10.53.0.$server -p 5300 + $DIG $DIGOPTS $name.$zone. $name @10.53.0.$server echo done > dig.out.$zone.$server done @@ -93,10 +94,10 @@ for zone in example example-explicit example-compat; do $PERL ../digcomp.pl dig.out.$zone.1 dig.out.$zone.3 || ret=1 fi done -[ $ret -eq 0 ] || echo "I:failed" +[ $ret -eq 0 ] || echo_i "failed" status=`expr $status + $ret` -echo "I:checking raw format versions" +echo_i "checking raw format versions" ret=0 israw ns1/example.db.raw || ret=1 israw ns1/example.db.raw1 || ret=1 @@ -106,43 +107,43 @@ ismap ns1/example.db.map || ret=1 [ "`rawversion ns1/example.db.raw1`" = 1 ] || ret=1 [ "`rawversion ns1/example.db.compat`" = 0 ] || ret=1 [ "`rawversion ns1/example.db.map`" = 1 ] || ret=1 -[ $ret -eq 0 ] || echo "I:failed" +[ $ret -eq 0 ] || echo_i "failed" status=`expr $status + $ret` -echo "I:checking source serial numbers" +echo_i "checking source serial numbers" ret=0 [ "`sourceserial ns1/example.db.raw`" = "UNSET" ] || ret=1 [ "`sourceserial ns1/example.db.serial.raw`" = "3333" ] || ret=1 -[ $ret -eq 0 ] || echo "I:failed" +[ $ret -eq 0 ] || echo_i "failed" status=`expr $status + $ret` -echo "I:waiting for transfers to complete" +echo_i "waiting for transfers to complete" for i in 0 1 2 3 4 5 6 7 8 9 do test -f ns2/transfer.db.raw -a -f ns2/transfer.db.txt && break sleep 1 done -echo "I:checking that slave was saved in raw format by default" +echo_i "checking that slave was saved in raw format by default" ret=0 israw ns2/transfer.db.raw || ret=1 -[ $ret -eq 0 ] || echo "I:failed" +[ $ret -eq 0 ] || echo_i "failed" status=`expr $status + $ret` -echo "I:checking that slave was saved in text format when configured" +echo_i "checking that slave was saved in text format when configured" ret=0 israw ns2/transfer.db.txt && ret=1 isfull ns2/transfer.db.txt && ret=1 -[ $ret -eq 0 ] || echo "I:failed" +[ $ret -eq 0 ] || echo_i "failed" status=`expr $status + $ret` -echo "I:checking that slave was saved in 'full' style when configured" +echo_i "checking that slave was saved in 'full' style when configured" ret=0 isfull ns2/transfer.db.full > /dev/null 2>&1 || ret=1 -[ $ret -eq 0 ] || echo "I:failed" +[ $ret -eq 0 ] || echo_i "failed" status=`expr $status + $ret` -echo "I:checking that slave formerly in text format is now raw" +echo_i "checking that slave formerly in text format is now raw" for i in 0 1 2 3 4 5 6 7 8 9 do ret=0 @@ -151,144 +152,144 @@ do [ $ret -eq 0 ] && break sleep 1 done -[ $ret -eq 0 ] || echo "I:failed" +[ $ret -eq 0 ] || echo_i "failed" status=`expr $status + $ret` -echo "I:checking that large rdatasets loaded" +echo_i "checking that large rdatasets loaded" for i in 0 1 2 3 4 5 6 7 8 9 do ret=0 for a in a b c do - $DIG +tcp txt ${a}.large @10.53.0.2 -p 5300 > dig.out + $DIG +tcp txt ${a}.large @10.53.0.2 -p ${PORT} > dig.out grep "status: NOERROR" dig.out > /dev/null || ret=1 done [ $ret -eq 0 ] && break sleep 1 done -echo "I:checking format transitions: text->raw->map->text" +echo_i "checking format transitions: text->raw->map->text" ret=0 ./named-compilezone -D -f text -F text -o baseline.txt example.nil ns1/example.db > /dev/null ./named-compilezone -D -f text -F raw -o raw.1 example.nil baseline.txt > /dev/null ./named-compilezone -D -f raw -F map -o map.1 example.nil raw.1 > /dev/null ./named-compilezone -D -f map -F text -o text.1 example.nil map.1 > /dev/null cmp -s baseline.txt text.1 || ret=0 -[ $ret -eq 0 ] || echo "I:failed" +[ $ret -eq 0 ] || echo_i "failed" status=`expr $status + $ret` -echo "I:checking format transitions: text->map->raw->text" +echo_i "checking format transitions: text->map->raw->text" ret=0 ./named-compilezone -D -f text -F map -o map.2 example.nil baseline.txt > /dev/null ./named-compilezone -D -f map -F raw -o raw.2 example.nil map.2 > /dev/null ./named-compilezone -D -f raw -F text -o text.2 example.nil raw.2 > /dev/null cmp -s baseline.txt text.2 || ret=0 -[ $ret -eq 0 ] || echo "I:failed" +[ $ret -eq 0 ] || echo_i "failed" status=`expr $status + $ret` -echo "I:checking map format loading with journal file rollforward" +echo_i "checking map format loading with journal file rollforward" ret=0 $NSUPDATE < /dev/null || status=1 -server 10.53.0.3 5300 +server 10.53.0.3 ${PORT} ttl 600 update add newtext.dynamic IN TXT "added text" update delete aaaa.dynamic send END -$DIG $DIGOPTS @10.53.0.3 -p 5300 newtext.dynamic txt > dig.out.dynamic.3.1 +$DIG $DIGOPTS @10.53.0.3 newtext.dynamic txt > dig.out.dynamic.3.1 grep "added text" dig.out.dynamic.3.1 > /dev/null 2>&1 || ret=1 -$DIG $DIGOPTS +comm @10.53.0.3 -p 5300 added.dynamic txt > dig.out.dynamic.3.2 +$DIG $DIGOPTS +comm @10.53.0.3 added.dynamic txt > dig.out.dynamic.3.2 grep "NXDOMAIN" dig.out.dynamic.3.2 > /dev/null 2>&1 || ret=1 # using "rndc halt" ensures that we don't dump the zone file -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 halt 2>&1 | sed 's/^/I:ns3 /' +$RNDCCMD 10.53.0.3 halt 2>&1 | sed 's/^/ns3 /' | cat_i restart for i in 0 1 2 3 4 5 6 7 8 9; do lret=0 - $DIG $DIGOPTS @10.53.0.3 -p 5300 newtext.dynamic txt > dig.out.dynamic.3.3 + $DIG $DIGOPTS @10.53.0.3 newtext.dynamic txt > dig.out.dynamic.3.3 grep "added text" dig.out.dynamic.3.3 > /dev/null 2>&1 || lret=1 [ $lret -eq 0 ] && break; done [ $lret -eq 1 ] && ret=1 -$DIG $DIGOPTS +comm @10.53.0.3 -p 5300 added.dynamic txt > dig.out.dynamic.3.4 +$DIG $DIGOPTS +comm @10.53.0.3 added.dynamic txt > dig.out.dynamic.3.4 grep "NXDOMAIN" dig.out.dynamic.3.4 > /dev/null 2>&1 || ret=1 -[ $ret -eq 0 ] || echo "I:failed" +[ $ret -eq 0 ] || echo_i "failed" status=`expr $status + $ret` -echo "I:checking map format file dumps correctly" +echo_i "checking map format file dumps correctly" ret=0 $NSUPDATE < /dev/null || status=1 -server 10.53.0.3 5300 +server 10.53.0.3 ${PORT} ttl 600 update add moretext.dynamic IN TXT "more text" send END -$DIG $DIGOPTS @10.53.0.3 -p 5300 moretext.dynamic txt > dig.out.dynamic.3.5 +$DIG $DIGOPTS @10.53.0.3 moretext.dynamic txt > dig.out.dynamic.3.5 grep "more text" dig.out.dynamic.3.5 > /dev/null 2>&1 || ret=1 # using "rndc stop" will cause the zone file to flush before shutdown -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 stop 2>&1 | sed 's/^/I:ns3 /' +$RNDCCMD 10.53.0.3 stop 2>&1 | sed 's/^/ns3 /' | cat_i rm ns3/*.jnl restart for i in 0 1 2 3 4 5 6 7 8 9; do lret=0 - $DIG $DIGOPTS +comm @10.53.0.3 -p 5300 moretext.dynamic txt > dig.out.dynamic.3.6 + $DIG $DIGOPTS +comm @10.53.0.3 moretext.dynamic txt > dig.out.dynamic.3.6 grep "more text" dig.out.dynamic.3.6 > /dev/null 2>&1 || lret=1 [ $lret -eq 0 ] && break; done [ $lret -eq 1 ] && ret=1 -[ $ret -eq 0 ] || echo "I:failed" +[ $ret -eq 0 ] || echo_i "failed" status=`expr $status + $ret` # stomp on the file header -echo "I:checking corrupt map files fail to load (bad file header)" +echo_i "checking corrupt map files fail to load (bad file header)" ret=0 ./named-compilezone -D -f text -F map -o map.5 example.nil baseline.txt > /dev/null cp map.5 badmap stomp badmap 0 32 99 ./named-compilezone -D -f map -F text -o text.5 example.nil badmap > /dev/null [ $? = 1 ] || ret=1 -[ $ret -eq 0 ] || echo "I:failed" +[ $ret -eq 0 ] || echo_i "failed" status=`expr $status + $ret` # stomp on the file data so it hashes differently. # these are small and subtle changes, so that the resulting file # would appear to be a legitimate map file and would not trigger an # assertion failure if loaded into memory, but should still fail to # load because of a SHA1 hash mismatch. -echo "I:checking corrupt map files fail to load (bad node header)" +echo_i "checking corrupt map files fail to load (bad node header)" ret=0 cp map.5 badmap stomp badmap 2754 2 99 ./named-compilezone -D -f map -F text -o text.5 example.nil badmap > /dev/null [ $? = 1 ] || ret=1 -[ $ret -eq 0 ] || echo "I:failed" +[ $ret -eq 0 ] || echo_i "failed" status=`expr $status + $ret` -echo "I:checking corrupt map files fail to load (bad node data)" +echo_i "checking corrupt map files fail to load (bad node data)" ret=0 cp map.5 badmap stomp badmap 2897 5 127 ./named-compilezone -D -f map -F text -o text.5 example.nil badmap > /dev/null [ $? = 1 ] || ret=1 -[ $ret -eq 0 ] || echo "I:failed" +[ $ret -eq 0 ] || echo_i "failed" status=`expr $status + $ret` -echo "I:checking map format zone is scheduled for resigning (compilezone)" +echo_i "checking map format zone is scheduled for resigning (compilezone)" ret=0 -$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 zonestatus signed > rndc.out 2>&1 || ret=1 +$RNDCCMD 10.53.0.1 zonestatus signed > rndc.out 2>&1 || ret=1 grep 'next resign' rndc.out > /dev/null 2>&1 || ret=1 -[ $ret -eq 0 ] || echo "I:failed" +[ $ret -eq 0 ] || echo_i "failed" status=`expr $status + $ret` -echo "I:checking map format zone is scheduled for resigning (signzone)" +echo_i "checking map format zone is scheduled for resigning (signzone)" ret=0 -$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 freeze signed > rndc.out 2>&1 || ret=1 +$RNDCCMD 10.53.0.1 freeze signed > rndc.out 2>&1 || ret=1 cd ns1 $SIGNER -S -O map -f signed.db.map -o signed signed.db > /dev/null 2>&1 cd .. -$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 reload signed > rndc.out 2>&1 || ret=1 -$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 zonestatus signed > rndc.out 2>&1 || ret=1 +$RNDCCMD 10.53.0.1 reload signed > rndc.out 2>&1 || ret=1 +$RNDCCMD 10.53.0.1 zonestatus signed > rndc.out 2>&1 || ret=1 grep 'next resign' rndc.out > /dev/null 2>&1 || ret=1 -[ $ret -eq 0 ] || echo "I:failed" +[ $ret -eq 0 ] || echo_i "failed" status=`expr $status + $ret` -echo "I:exit status: $status" +echo_i "exit status: $status" [ $status -eq 0 ] || exit 1 diff --git a/bin/tests/system/metadata/setup.sh b/bin/tests/system/metadata/setup.sh index 8b66b1780c..5c1435d76d 100644 --- a/bin/tests/system/metadata/setup.sh +++ b/bin/tests/system/metadata/setup.sh @@ -16,7 +16,7 @@ test -r $RANDFILE || $GENRANDOM 800 $RANDFILE pzone=parent.nil czone=child.parent.nil -echo "I:generating keys" +echo_i "generating keys" # active zsk zsk=`$KEYGEN -q -a rsasha1 -r $RANDFILE $czone` diff --git a/bin/tests/system/metadata/tests.sh b/bin/tests/system/metadata/tests.sh index 7a54f7e883..3008416e6c 100644 --- a/bin/tests/system/metadata/tests.sh +++ b/bin/tests/system/metadata/tests.sh @@ -6,8 +6,6 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -# $Id: tests.sh,v 1.9 2011/07/08 01:43:26 each Exp $ - SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh @@ -16,7 +14,7 @@ czone=child.parent.nil cfile=child.db status=0 n=1 -echo "I:setting key timers" +echo_i "setting key timers" $SETTIME -A now+15s `cat rolling.key` > /dev/null inact=`sed 's/^K'${czone}'.+005+0*\([0-9]\)/\1/' < inact.key` @@ -30,7 +28,7 @@ zsk=`sed 's/^K'${czone}'.+005+0*\([0-9]\)/\1/' < zsk.key` $GENRANDOM 800 $RANDFILE -echo "I:signing zones" +echo_i "signing zones" $SIGNER -Sg -o $czone $cfile > /dev/null 2>&1 $SIGNER -Sg -o $pzone $pfile > /dev/null 2>&1 @@ -51,81 +49,81 @@ awk '$2 ~ /DNSKEY/ { print flags, id; }' < ${cfile}.signed > keys -echo "I:checking that KSK signed DNSKEY only ($n)" +echo_i "checking that KSK signed DNSKEY only ($n)" ret=0 grep "DNSKEY $ksk"'$' sigs > /dev/null || ret=1 grep "SOA $ksk"'$' sigs > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking that ZSK signed ($n)" +echo_i "checking that ZSK signed ($n)" ret=0 grep "SOA $zsk"'$' sigs > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking that standby ZSK did not sign ($n)" +echo_i "checking that standby ZSK did not sign ($n)" ret=0 grep " $standby"'$' sigs > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking that inactive key did not sign ($n)" +echo_i "checking that inactive key did not sign ($n)" ret=0 grep " $inact"'$' sigs > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking that pending key was not published ($n)" +echo_i "checking that pending key was not published ($n)" ret=0 grep " $pending"'$' keys > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking that standby KSK did not sign but is delegated ($n)" +echo_i "checking that standby KSK did not sign but is delegated ($n)" ret=0 grep " $rolling"'$' sigs > /dev/null && ret=1 grep " $rolling"'$' keys > /dev/null || ret=1 egrep "DS[ ]*$rolling[ ]" ${pfile}.signed > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking that key was revoked ($n)" +echo_i "checking that key was revoked ($n)" ret=0 grep " $prerev"'$' keys > /dev/null && ret=1 grep " $postrev"'$' keys > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking that revoked key self-signed ($n)" +echo_i "checking that revoked key self-signed ($n)" ret=0 grep "DNSKEY $postrev"'$' sigs > /dev/null || ret=1 grep "SOA $postrev"'$' sigs > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:waiting 20 seconds for key changes to occur" +echo_i "waiting 20 seconds for key changes to occur" sleep 20 -echo "I:re-signing zone" +echo_i "re-signing zone" $SIGNER -Sg -o $czone -f ${cfile}.new ${cfile}.signed > /dev/null 2>&1 -echo "I:checking that standby KSK is now active ($n)" +echo_i "checking that standby KSK is now active ($n)" ret=0 grep "DNSKEY $rolling"'$' sigs > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking update of an old-style key ($n)" +echo_i "checking update of an old-style key ($n)" ret=0 # printing metadata should not work with an old-style key $SETTIME -pall `cat oldstyle.key` > /dev/null 2>&1 && ret=1 @@ -133,13 +131,13 @@ $SETTIME -f `cat oldstyle.key` > /dev/null 2>&1 || ret=1 # but now it should $SETTIME -pall `cat oldstyle.key` > /dev/null 2>&1 || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking warning about permissions change on key with dnssec-settime ($n)" +echo_i "checking warning about permissions change on key with dnssec-settime ($n)" uname=`uname -o 2> /dev/null` if [ Cygwin == "$uname" ]; then - echo "I: Cygwin detected, skipping" + echo_i "Cygwin detected, skipping" else ret=0 # settime should print a warning about changing the permissions @@ -149,38 +147,38 @@ else $SETTIME -P none `cat oldstyle.key` > settime2.test$n 2>&1 || ret=1 grep "warning: Permissions on the file.*have changed" settime2.test$n > /dev/null 2>&1 && ret=1 n=`expr $n + 1` - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` fi -echo "I:checking warning about delete date < inactive date with dnssec-settime ($n)" +echo_i "checking warning about delete date < inactive date with dnssec-settime ($n)" ret=0 # settime should print a warning about delete < inactive $SETTIME -I now+15s -D now `cat oldstyle.key` > tmp.out 2>&1 || ret=1 grep "warning" tmp.out > /dev/null 2>&1 || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking no warning about delete date < inactive date with dnssec-settime when delete date is unset ($n)" +echo_i "checking no warning about delete date < inactive date with dnssec-settime when delete date is unset ($n)" ret=0 $SETTIME -D none `cat oldstyle.key` > tmp.out 2>&1 || ret=1 $SETTIME -p all `cat oldstyle.key` > tmp.out 2>&1 || ret=1 grep "warning" tmp.out > /dev/null 2>&1 && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking warning about delete date < inactive date with dnssec-keygen ($n)" +echo_i "checking warning about delete date < inactive date with dnssec-keygen ($n)" ret=0 # keygen should print a warning about delete < inactive $KEYGEN -q -a rsasha1 -r $RANDFILE -I now+15s -D now $czone > tmp.out 2>&1 || ret=1 grep "warning" tmp.out > /dev/null 2>&1 || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking correct behavior setting activation without publication date ($n)" +echo_i "checking correct behavior setting activation without publication date ($n)" ret=0 key=`$KEYGEN -q -a rsasha1 -r $RANDFILE -A +1w $czone` pub=`$SETTIME -upP $key | awk '{print $2}'` @@ -194,10 +192,10 @@ key=`$KEYGEN -q -a rsasha1 -r $RANDFILE -A +1w -P never $czone` pub=`$SETTIME -upP $key | awk '{print $2}'` [ $pub = "UNSET" ] || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking calculation of dates for a successor key ($n)" +echo_i "checking calculation of dates for a successor key ($n)" ret=0 oldkey=`$KEYGEN -a RSASHA1 -q -r $RANDFILE $czone` newkey=`$KEYGEN -a RSASHA1 -q -r $RANDFILE $czone` @@ -205,8 +203,8 @@ $SETTIME -A -2d -I +2d $oldkey > settime1.test$n 2>&1 || ret=1 $SETTIME -i 1d -S $oldkey $newkey > settime2.test$n 2>&1 || ret=1 $SETTIME -pA $newkey | grep "1970" > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:exit status: $status" +echo_i "exit status: $status" [ $status -eq 0 ] || exit 1 diff --git a/bin/tests/system/mkeys/clean.sh b/bin/tests/system/mkeys/clean.sh index e4fc738039..b3242aca1f 100644 --- a/bin/tests/system/mkeys/clean.sh +++ b/bin/tests/system/mkeys/clean.sh @@ -14,6 +14,6 @@ rm -f */managed*.conf ns1/managed.key ns1/managed.key.id rm -f */named.memstats */named.run */named.run.prev rm -f dig.out* delv.out* rndc.out* signer.out* rm -f ns1/named.secroots ns1/root.db.signed* ns1/root.db.tmp -rm -f ns1/named.conf +rm -f */named.conf rm -rf ns4/nope rm -f ns5/named.args diff --git a/bin/tests/system/mkeys/ns1/named1.conf b/bin/tests/system/mkeys/ns1/named1.conf.in similarity index 88% rename from bin/tests/system/mkeys/ns1/named1.conf rename to bin/tests/system/mkeys/ns1/named1.conf.in index 5f9eeaf91e..28aafb82cf 100644 --- a/bin/tests/system/mkeys/ns1/named1.conf +++ b/bin/tests/system/mkeys/ns1/named1.conf.in @@ -8,8 +8,6 @@ // NS1 -controls { /* empty */ }; - acl allowed { ! 10.53.0.5; any; @@ -19,7 +17,7 @@ options { query-source address 10.53.0.1; notify-source 10.53.0.1; transfer-source 10.53.0.1; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.1; }; listen-on-v6 { none; }; @@ -36,7 +34,7 @@ key rndc_key { }; controls { - inet 10.53.0.1 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.1 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; zone "." { diff --git a/bin/tests/system/mkeys/ns1/named2.conf b/bin/tests/system/mkeys/ns1/named2.conf.in similarity index 87% rename from bin/tests/system/mkeys/ns1/named2.conf rename to bin/tests/system/mkeys/ns1/named2.conf.in index 42f6712859..dafdc62925 100644 --- a/bin/tests/system/mkeys/ns1/named2.conf +++ b/bin/tests/system/mkeys/ns1/named2.conf.in @@ -8,8 +8,6 @@ // NS1 -controls { /* empty */ }; - acl allowed { ! 10.53.0.5; any; @@ -19,7 +17,7 @@ options { query-source address 10.53.0.1; notify-source 10.53.0.1; transfer-source 10.53.0.1; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.1; }; listen-on-v6 { none; }; @@ -36,11 +34,10 @@ key rndc_key { }; controls { - inet 10.53.0.1 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.1 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; zone "." { type master; file "root.db.signed"; }; - diff --git a/bin/tests/system/mkeys/ns1/named3.conf b/bin/tests/system/mkeys/ns1/named3.conf.in similarity index 86% rename from bin/tests/system/mkeys/ns1/named3.conf rename to bin/tests/system/mkeys/ns1/named3.conf.in index 18c46b4220..39f7b7dcd0 100644 --- a/bin/tests/system/mkeys/ns1/named3.conf +++ b/bin/tests/system/mkeys/ns1/named3.conf.in @@ -8,13 +8,11 @@ // NS1 -controls { /* empty */ }; - options { query-source address 10.53.0.1; notify-source 10.53.0.1; transfer-source 10.53.0.1; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.1; }; listen-on-v6 { none; }; @@ -30,7 +28,7 @@ key rndc_key { }; controls { - inet 10.53.0.1 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.1 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; zone "." { diff --git a/bin/tests/system/mkeys/ns2/named.conf b/bin/tests/system/mkeys/ns2/named.conf.in similarity index 87% rename from bin/tests/system/mkeys/ns2/named.conf rename to bin/tests/system/mkeys/ns2/named.conf.in index aa2702b556..ab906aa43a 100644 --- a/bin/tests/system/mkeys/ns2/named.conf +++ b/bin/tests/system/mkeys/ns2/named.conf.in @@ -8,13 +8,11 @@ // NS2 -controls { /* empty */ }; - options { query-source address 10.53.0.2; notify-source 10.53.0.2; transfer-source 10.53.0.2; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.2; }; listen-on-v6 { none; }; @@ -32,7 +30,7 @@ key rndc_key { }; controls { - inet 10.53.0.2 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; zone "." { diff --git a/bin/tests/system/mkeys/ns3/named.conf b/bin/tests/system/mkeys/ns3/named.conf.in similarity index 90% rename from bin/tests/system/mkeys/ns3/named.conf rename to bin/tests/system/mkeys/ns3/named.conf.in index 5e95d515e2..d70374b9c2 100644 --- a/bin/tests/system/mkeys/ns3/named.conf +++ b/bin/tests/system/mkeys/ns3/named.conf.in @@ -8,13 +8,11 @@ // NS3 -controls { /* empty */ }; - options { query-source address 10.53.0.3; notify-source 10.53.0.3; transfer-source 10.53.0.3; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.3; }; listen-on-v6 { none; }; @@ -32,7 +30,7 @@ key rndc_key { }; controls { - inet 10.53.0.3 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.3 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; zone "." { @@ -44,4 +42,3 @@ zone "." { managed-keys { "." initial-key 257 3 5 "PURPOSELYBROKEN/xs9iVj7QekClcpzjCf0JrvXW1z07hNMqMm6Q2FtIXMbRgfvTtHF3/ZNvcewT9hpfczC+JACHsQSYYdr7UI8oe4nJfal9+2F3pz4a+HR6CqkgrR6WLWQI1Q=="; }; - diff --git a/bin/tests/system/mkeys/ns4/named.conf b/bin/tests/system/mkeys/ns4/named.conf.in similarity index 88% rename from bin/tests/system/mkeys/ns4/named.conf rename to bin/tests/system/mkeys/ns4/named.conf.in index ad3979d7a7..50bb8753e0 100644 --- a/bin/tests/system/mkeys/ns4/named.conf +++ b/bin/tests/system/mkeys/ns4/named.conf.in @@ -8,13 +8,11 @@ // NS4 -controls { /* empty */ }; - options { query-source address 10.53.0.4; notify-source 10.53.0.4; transfer-source 10.53.0.4; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.4; }; listen-on-v6 { none; }; @@ -32,7 +30,7 @@ key rndc_key { }; controls { - inet 10.53.0.4 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.4 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; zone "." { diff --git a/bin/tests/system/mkeys/ns5/named.conf b/bin/tests/system/mkeys/ns5/named.conf.in similarity index 89% rename from bin/tests/system/mkeys/ns5/named.conf rename to bin/tests/system/mkeys/ns5/named.conf.in index 98204929ad..502b0ad548 100644 --- a/bin/tests/system/mkeys/ns5/named.conf +++ b/bin/tests/system/mkeys/ns5/named.conf.in @@ -12,7 +12,7 @@ options { query-source address 10.53.0.5; notify-source 10.53.0.5; transfer-source 10.53.0.5; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.5; }; listen-on-v6 { none; }; @@ -29,7 +29,7 @@ key rndc_key { }; controls { - inet 10.53.0.5 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.5 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; zone "." { diff --git a/bin/tests/system/mkeys/setup.sh b/bin/tests/system/mkeys/setup.sh index 5636491072..f5c2dc6b7b 100644 --- a/bin/tests/system/mkeys/setup.sh +++ b/bin/tests/system/mkeys/setup.sh @@ -13,7 +13,13 @@ $SHELL clean.sh test -r $RANDFILE || $GENRANDOM 800 $RANDFILE -cp ns1/named1.conf ns1/named.conf + +copy_setports ns1/named1.conf.in ns1/named.conf +copy_setports ns2/named.conf.in ns2/named.conf +copy_setports ns3/named.conf.in ns3/named.conf +copy_setports ns4/named.conf.in ns4/named.conf +copy_setports ns5/named.conf.in ns5/named.conf + cp ns5/named1.args ns5/named.args ( cd ns1 && $SHELL sign.sh ) diff --git a/bin/tests/system/mkeys/tests.sh b/bin/tests/system/mkeys/tests.sh index 30860fbeee..ec4d57037a 100644 --- a/bin/tests/system/mkeys/tests.sh +++ b/bin/tests/system/mkeys/tests.sh @@ -9,6 +9,10 @@ SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh +DIGOPTS="+tcp +noadd +nosea +nostat +nocmd +dnssec -p ${PORT}" +DELVOPTS="-a ns1/trusted.conf -p ${PORT}" +RNDCCMD="$RNDC -c $SYSTEMTESTTOP/common/rndc.conf -p ${CONTROLPORT} -s" + wait_for_log() { msg=$1 file=$2 @@ -16,33 +20,33 @@ wait_for_log() { nextpart "$file" | grep "$msg" > /dev/null && return sleep 1 done - echo "I: exceeded time limit waiting for '$msg' in $file" + echo_i "exceeded time limit waiting for '$msg' in $file" ret=1 } mkeys_reconfig_on() { nsidx=$1 - $RNDC -c ../common/rndc.conf -s 10.53.0.${nsidx} -p 9953 reconfig . | sed "s/^/I: ns${nsidx} /" + $RNDCCMD 10.53.0.${nsidx} reconfig . | sed "s/^/ns${nsidx} /" | cat_i } mkeys_reload_on() { nsidx=$1 nextpart ns${nsidx}/named.run > /dev/null - $RNDC -c ../common/rndc.conf -s 10.53.0.${nsidx} -p 9953 reload . | sed "s/^/I: ns${nsidx} /" + $RNDCCMD 10.53.0.${nsidx} reload . | sed "s/^/ns${nsidx} /" | cat_i wait_for_log "loaded serial" ns${nsidx}/named.run } mkeys_loadkeys_on() { nsidx=$1 nextpart ns${nsidx}/named.run > /dev/null - $RNDC -c ../common/rndc.conf -s 10.53.0.${nsidx} -p 9953 loadkeys . | sed "s/^/I: ns${nsidx} /" + $RNDCCMD 10.53.0.${nsidx} loadkeys . | sed "s/^/ns${nsidx} /" | cat_i wait_for_log "next key event" ns${nsidx}/named.run } mkeys_refresh_on() { nsidx=$1 nextpart ns${nsidx}/named.run > /dev/null - $RNDC -c ../common/rndc.conf -s 10.53.0.${nsidx} -p 9953 managed-keys refresh | sed "s/^/I: ns${nsidx} /" + $RNDCCMD 10.53.0.${nsidx} managed-keys refresh | sed "s/^/ns${nsidx} /" | cat_i wait_for_log "Returned from key fetch in keyfetch_done()" ns${nsidx}/named.run } @@ -53,7 +57,7 @@ mkeys_sync_on() { # dns_zone_flush(), which also attempts to take that zone's lock nsidx=$1 nextpart ns${nsidx}/named.run > /dev/null - $RNDC -c ../common/rndc.conf -s 10.53.0.${nsidx} -p 9953 managed-keys sync | sed "s/^/I: ns${nsidx} /" + $RNDCCMD 10.53.0.${nsidx} managed-keys sync | sed "s/^/ns${nsidx} /" | cat_i wait_for_log "dump_done" ns${nsidx}/named.run } @@ -64,17 +68,17 @@ mkeys_status_on() { # mkey_status(), which in turn calls dns_zone_getrefreshkeytime(), # which also attempts to take that zone's lock nsidx=$1 - $RNDC -c ../common/rndc.conf -s 10.53.0.${nsidx} -p 9953 managed-keys status + $RNDCCMD 10.53.0.${nsidx} managed-keys status } mkeys_flush_on() { nsidx=$1 - $RNDC -c ../common/rndc.conf -s 10.53.0.${nsidx} -p 9953 flush | sed "s/^/I: ns${nsidx} /" + $RNDCCMD 10.53.0.${nsidx} flush | sed "s/^/ns${nsidx} /" | cat_i } mkeys_secroots_on() { nsidx=$1 - $RNDC -c ../common/rndc.conf -s 10.53.0.${nsidx} -p 9953 secroots | sed "s/^/I: ns${nsidx} /" + $RNDCCMD 10.53.0.${nsidx} secroots | sed "s/^/ns${nsidx} /" | cat_i } status=0 @@ -82,48 +86,45 @@ n=1 rm -f dig.out.* -DIGOPTS="+tcp +noadd +nosea +nostat +nocmd +dnssec -p 5300" -DELVOPTS="-a ns1/trusted.conf -p 5300" - -echo "I: check for signed record ($n)" +echo_i "check for signed record ($n)" ret=0 $DIG $DIGOPTS +norec example. @10.53.0.1 TXT > dig.out.ns1.test$n || ret=1 grep "^example\.[ ]*[0-9].*[ ]*IN[ ]*TXT[ ]*\"This is a test\.\"" dig.out.ns1.test$n > /dev/null || ret=1 grep "^example\.[ ]*[0-9].*[ ]*IN[ ]*RRSIG[ ]*TXT[ ]" dig.out.ns1.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I: check positive validation with valid trust anchor ($n)" +echo_i "check positive validation with valid trust anchor ($n)" ret=0 $DIG $DIGOPTS +noauth example. @10.53.0.2 txt > dig.out.ns2.test$n || ret=1 grep "flags:.*ad.*QUERY" dig.out.ns2.test$n > /dev/null || ret=1 grep "example..*.RRSIG..*TXT" dig.out.ns2.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` ret=0 -echo "I: check positive validation using delv ($n)" +echo_i "check positive validation using delv ($n)" $DELV $DELVOPTS @10.53.0.1 txt example > delv.out$n || ret=1 grep "; fully validated" delv.out$n > /dev/null || ret=1 # redundant grep "example..*TXT.*This is a test" delv.out$n > /dev/null || ret=1 grep "example..*.RRSIG..*TXT" delv.out$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I: check for failed validation due to wrong key in managed-keys ($n)" +echo_i "check for failed validation due to wrong key in managed-keys ($n)" ret=0 $DIG $DIGOPTS +noauth example. @10.53.0.3 txt > dig.out.ns3.test$n || ret=1 grep "flags:.*ad.*QUERY" dig.out.ns3.test$n > /dev/null && ret=1 grep "example..*.RRSIG..*TXT" dig.out.ns3.test$n > /dev/null && ret=1 grep "opcode: QUERY, status: SERVFAIL, id" dig.out.ns3.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I: check new trust anchor can be added ($n)" +echo_i "check new trust anchor can be added ($n)" ret=0 standby1=`$KEYGEN -a rsasha256 -qfk -r $RANDFILE -K ns1 .` mkeys_loadkeys_on 1 @@ -141,11 +142,11 @@ count=`grep -c "trusted since" rndc.out.$n` # one indicates pending trust count=`grep -c "trust pending" rndc.out.$n` [ "$count" -eq 1 ] || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I: check new trust anchor can't be added with bad initial key ($n)" +echo_i "check new trust anchor can't be added with bad initial key ($n)" ret=0 mkeys_refresh_on 3 mkeys_status_on 3 > rndc.out.$n 2>&1 @@ -158,11 +159,11 @@ count=`grep -c "trust" rndc.out.$n` # ... and the key is not trusted count=`grep -c "no trust" rndc.out.$n` [ "$count" -eq 1 ] || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I: remove untrusted standby key, check timer restarts ($n)" +echo_i "remove untrusted standby key, check timer restarts ($n)" ret=0 mkeys_sync_on 2 t1=`grep "trust pending" ns2/managed-keys.bind` @@ -179,12 +180,12 @@ t2=`grep "trust pending" ns2/managed-keys.bind` # trust pending date must be different [ -n "$t2" ] || ret=1 [ "$t1" = "$t2" ] && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` ret=0 -echo "I: restore untrusted standby key, revoke original key ($n)" +echo_i "restore untrusted standby key, revoke original key ($n)" t1=$t2 $SETTIME -D none -K ns1 $standby1 > /dev/null $SETTIME -R now -K ns1 `cat ns1/managed.key` > /dev/null @@ -216,12 +217,12 @@ count=`grep -c "trust pending" rndc.out.$n` t2=`grep "trust pending" ns2/managed-keys.bind` [ -n "$t2" ] || ret=1 [ "$t1" = "$t2" ] && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` ret=0 -echo "I: refresh managed-keys, ensure same result ($n)" +echo_i "refresh managed-keys, ensure same result ($n)" t1=$t2 # Less than a second may have passed since the last time ns2 received a # ./DNSKEY response from ns1. Ensure keys are refreshed at a different @@ -250,12 +251,12 @@ count=`grep -c "trust pending" rndc.out.$n` t2=`grep "trust pending" ns2/managed-keys.bind` [ -n "$t2" ] || ret=1 [ "$t1" = "$t2" ] && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` ret=0 -echo "I: restore revoked key, ensure same result ($n)" +echo_i "restore revoked key, ensure same result ($n)" t1=$t2 $SETTIME -R none -D now -K ns1 `cat ns1/managed.key` > /dev/null mkeys_loadkeys_on 1 @@ -288,11 +289,11 @@ count=`grep -c "trust pending" rndc.out.$n` t2=`grep "trust pending" ns2/managed-keys.bind` [ -n "$t2" ] || ret=1 [ "$t1" = "$t2" ] && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: reinitialize trust anchors, add second key to bind.keys" -$PERL $SYSTEMTESTTOP/stop.pl --use-rndc . ns2 +echo_i "reinitialize trust anchors, add second key to bind.keys" +$PERL $SYSTEMTESTTOP/stop.pl --use-rndc --port ${CONTROLPORT} . ns2 rm -f ns2/managed-keys.bind* cat ns1/$standby1.key | grep -v '^; ' | $PERL -n -e ' local ($dn, $class, $type, $flags, $proto, $alg, @rest) = split; @@ -306,26 +307,26 @@ managed-keys { EOF ' > ns2/managed.conf nextpart ns2/named.run > /dev/null -$PERL $SYSTEMTESTTOP/start.pl --noclean --restart . ns2 +$PERL $SYSTEMTESTTOP/start.pl --noclean --restart --port ${PORT} . ns2 n=`expr $n + 1` -echo "I: check that no key from bind.keys is marked as an initializing key ($n)" +echo_i "check that no key from bind.keys is marked as an initializing key ($n)" ret=0 wait_for_log "Returned from key fetch in keyfetch_done()" ns2/named.run mkeys_secroots_on 2 grep '; initializing' ns2/named.secroots > /dev/null 2>&1 && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: reinitialize trust anchors, revert to one key in bind.keys" -$PERL $SYSTEMTESTTOP/stop.pl --use-rndc . ns2 +echo_i "reinitialize trust anchors, revert to one key in bind.keys" +$PERL $SYSTEMTESTTOP/stop.pl --use-rndc --port ${CONTROLPORT} . ns2 rm -f ns2/managed-keys.bind* mv ns2/managed1.conf ns2/managed.conf nextpart ns2/named.run > /dev/null -$PERL $SYSTEMTESTTOP/start.pl --noclean --restart . ns2 +$PERL $SYSTEMTESTTOP/start.pl --noclean --restart --port ${PORT} . ns2 n=`expr $n + 1` -echo "I: check that standby key is now trusted ($n)" +echo_i "check that standby key is now trusted ($n)" ret=0 wait_for_log "Returned from key fetch in keyfetch_done()" ns2/named.run mkeys_status_on 2 > rndc.out.$n 2>&1 @@ -338,11 +339,11 @@ count=`grep -c "trust" rndc.out.$n` # both indicate current trust count=`grep -c "trusted since" rndc.out.$n` [ "$count" -eq 2 ] || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I: revoke original key, add new standby ($n)" +echo_i "revoke original key, add new standby ($n)" ret=0 standby2=`$KEYGEN -a rsasha256 -qfk -r $RANDFILE -K ns1 .` $SETTIME -R now -K ns1 `cat ns1/managed.key` > /dev/null @@ -370,11 +371,11 @@ count=`grep -c "trust pending" rndc.out.$n` # removal scheduled count=`grep -c "remove at" rndc.out.$n` [ "$count" -eq 1 ] || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I: revoke standby before it is trusted ($n)" +echo_i "revoke standby before it is trusted ($n)" ret=0 standby3=`$KEYGEN -a rsasha256 -qfk -r $RANDFILE -K ns1 .` mkeys_loadkeys_on 1 @@ -404,11 +405,11 @@ count=`grep -c "trust pending" rndc.out.b.$n` [ "$count" -eq 1 ] || { echo "trust pending count ($count) != 1"; ret=1; } $SETTIME -D now -K ns1 $standby3 > /dev/null mkeys_loadkeys_on 1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I: wait 20 seconds for key add/remove holddowns to expire ($n)" +echo_i "wait 20 seconds for key add/remove holddowns to expire ($n)" ret=0 sleep 20 mkeys_refresh_on 2 @@ -425,11 +426,11 @@ count=`grep -c "trust" rndc.out.$n` # both indicate current trust count=`grep -c "trusted since" rndc.out.$n` [ "$count" -eq 2 ] || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I: revoke all keys, confirm roll to insecure ($n)" +echo_i "revoke all keys, confirm roll to insecure ($n)" ret=0 $SETTIME -D now -K ns1 `cat ns1/managed.key` > /dev/null $SETTIME -R now -K ns1 $standby1 > /dev/null @@ -452,47 +453,47 @@ count=`grep -c "trust revoked" rndc.out.$n` # both have removal scheduled count=`grep -c "remove at" rndc.out.$n` [ "$count" -eq 2 ] || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I: check for insecure response ($n)" +echo_i "check for insecure response ($n)" ret=0 mkeys_refresh_on 2 $DIG $DIGOPTS +noauth example. @10.53.0.2 txt > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "flags:.*ad.*QUERY" dig.out.ns2.test$n > /dev/null && ret=1 grep "example..*.RRSIG..*TXT" dig.out.ns2.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: reset the root server" +echo_i "reset the root server" $SETTIME -D none -R none -K ns1 `cat ns1/managed.key` > /dev/null $SETTIME -D now -K ns1 $standby1 > /dev/null $SETTIME -D now -K ns1 $standby2 > /dev/null $SIGNER -Sg -K ns1 -N unixtime -r $RANDFILE -o . ns1/root.db > /dev/null 2>&- -cp ns1/named2.conf ns1/named.conf +copy_setports ns1/named2.conf.in ns1/named.conf rm -f ns1/root.db.signed.jnl mkeys_reconfig_on 1 -echo "I: reinitialize trust anchors" -$PERL $SYSTEMTESTTOP/stop.pl --use-rndc . ns2 +echo_i "reinitialize trust anchors" +$PERL $SYSTEMTESTTOP/stop.pl --use-rndc --port ${CONTROLPORT} . ns2 rm -f ns2/managed-keys.bind* nextpart ns2/named.run > /dev/null -$PERL $SYSTEMTESTTOP/start.pl --noclean --restart . ns2 +$PERL $SYSTEMTESTTOP/start.pl --noclean --restart --port ${PORT} . ns2 n=`expr $n + 1` -echo "I: check positive validation ($n)" +echo_i "check positive validation ($n)" ret=0 wait_for_log "Returned from key fetch in keyfetch_done()" ns2/named.run $DIG $DIGOPTS +noauth example. @10.53.0.2 txt > dig.out.ns2.test$n || ret=1 grep "flags:.*ad.*QUERY" dig.out.ns2.test$n > /dev/null || ret=1 grep "example..*.RRSIG..*TXT" dig.out.ns2.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I: revoke key with bad signature, check revocation is ignored ($n)" +echo_i "revoke key with bad signature, check revocation is ignored ($n)" ret=0 orig=`cat ns1/managed.key` keyid=`cat ns1/managed.key.id` @@ -531,20 +532,20 @@ count=`grep -c "trust" rndc.out.$n` [ "$count" -eq 1 ] || { echo "'trust' count != 1"; ret=1; } count=`grep -c "trusted since" rndc.out.$n` [ "$count" -eq 1 ] || { echo "'trusted since' count != 1"; ret=1; } -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I: check validation fails with bad DNSKEY rrset ($n)" +echo_i "check validation fails with bad DNSKEY rrset ($n)" ret=0 mkeys_flush_on 2 $DIG $DIGOPTS +noauth example. @10.53.0.2 txt > dig.out.ns2.test$n || ret=1 grep "status: SERVFAIL" dig.out.ns2.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I: restore DNSKEY rrset, check validation succeeds again ($n)" +echo_i "restore DNSKEY rrset, check validation succeeds again ($n)" ret=0 rm -f ${revoked}.key ${revoked}.private rm -f ns1/root.db.signed.jnl @@ -562,11 +563,11 @@ mkeys_flush_on 2 $DIG $DIGOPTS +noauth example. @10.53.0.2 txt > dig.out.ns2.test$n || ret=1 grep "flags:.*ad.*QUERY" dig.out.ns2.test$n > /dev/null || ret=1 grep "example..*.RRSIG..*TXT" dig.out.ns2.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I: reset the root server with no keys, check for minimal update ($n)" +echo_i "reset the root server with no keys, check for minimal update ($n)" ret=0 # Refresh keys first to prevent previous checks from influencing this one. # Note that we might still get occasional false negatives on some really slow @@ -577,11 +578,11 @@ ret=0 mkeys_refresh_on 2 mkeys_status_on 2 > rndc.out.$n 2>&1 t1=`grep 'next refresh:' rndc.out.$n` -$PERL $SYSTEMTESTTOP/stop.pl --use-rndc . ns1 +$PERL $SYSTEMTESTTOP/stop.pl --use-rndc --port ${CONTROLPORT} . ns1 rm -f ns1/root.db.signed.jnl cp ns1/root.db ns1/root.db.signed nextpart ns1/named.run > /dev/null -$PERL $SYSTEMTESTTOP/start.pl --noclean --restart . ns1 +$PERL $SYSTEMTESTTOP/start.pl --noclean --restart --port ${PORT} . ns1 wait_for_log "loaded serial" ns1/named.run mkeys_refresh_on 2 mkeys_status_on 2 > rndc.out.$n 2>&1 @@ -601,21 +602,21 @@ count=`grep -c "trusted since" rndc.out.$n` [ "$count" -eq 1 ] || ret=1 t2=`grep 'next refresh:' rndc.out.$n` [ "$t1" = "$t2" ] && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I: reset the root server with no signatures, check for minimal update ($n)" +echo_i "reset the root server with no signatures, check for minimal update ($n)" ret=0 # Refresh keys first to prevent previous checks from influencing this one mkeys_refresh_on 2 mkeys_status_on 2 > rndc.out.$n 2>&1 t1=`grep 'next refresh:' rndc.out.$n` -$PERL $SYSTEMTESTTOP/stop.pl --use-rndc . ns1 +$PERL $SYSTEMTESTTOP/stop.pl --use-rndc --port ${CONTROLPORT} . ns1 rm -f ns1/root.db.signed.jnl cat ns1/K*.key >> ns1/root.db.signed nextpart ns1/named.run > /dev/null -$PERL $SYSTEMTESTTOP/start.pl --noclean --restart . ns1 +$PERL $SYSTEMTESTTOP/start.pl --noclean --restart --port ${PORT} . ns1 wait_for_log "loaded serial" ns1/named.run # Less than a second may have passed since the last time ns2 received a # ./DNSKEY response from ns1. Ensure keys are refreshed at a different @@ -639,11 +640,11 @@ count=`grep -c "trusted since" rndc.out.$n` [ "$count" -eq 1 ] || ret=1 t2=`grep 'next refresh:' rndc.out.$n` [ "$t1" = "$t2" ] && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I: restore root server, check validation succeeds again ($n)" +echo_i "restore root server, check validation succeeds again ($n)" ret=0 rm -f ns1/root.db.signed.jnl $SIGNER -Sg -K ns1 -N unixtime -r $RANDFILE -o . ns1/root.db > /dev/null 2>&- @@ -653,59 +654,59 @@ mkeys_status_on 2 > rndc.out.$n 2>&1 $DIG $DIGOPTS +noauth example. @10.53.0.2 txt > dig.out.ns2.test$n || ret=1 grep "flags:.*ad.*QUERY" dig.out.ns2.test$n > /dev/null || ret=1 grep "example..*.RRSIG..*TXT" dig.out.ns2.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I: check that trust-anchor-telemetry queries are logged ($n)" +echo_i "check that trust-anchor-telemetry queries are logged ($n)" ret=0 grep "sending trust-anchor-telemetry query '_ta-[0-9a-f]*/NULL" ns2/named.run > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I: check that trust-anchor-telemetry queries are received ($n)" +echo_i "check that trust-anchor-telemetry queries are received ($n)" ret=0 grep "query '_ta-[0-9a-f][0-9a-f]*/NULL/IN' approved" ns1/named.run > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I: check 'rndc-managed-keys destroy' ($n)" +echo_i "check 'rndc-managed-keys destroy' ($n)" ret=0 -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 managed-keys destroy | sed 's/^/I: ns2 /' +$RNDCCMD 10.53.0.2 managed-keys destroy | sed 's/^/ns2 /' | cat_i mkeys_status_on 2 > rndc.out.$n 2>&1 grep "no views with managed keys" rndc.out.$n > /dev/null || ret=1 mkeys_reconfig_on 2 mkeys_status_on 2 > rndc.out.$n 2>&1 grep "name: \." rndc.out.$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I: check that trust-anchor-telemetry queries contain the correct key ($n)" +echo_i "check that trust-anchor-telemetry queries contain the correct key ($n)" ret=0 # convert the hexadecimal key from the TAT query into decimal and # compare against the known key. tathex=`grep "query '_ta-[0-9a-f][0-9a-f]*/NULL/IN' approved" ns1/named.run | awk '{print $6; exit 0}' | sed -e 's/(_ta-\([0-9a-f][0-9a-f]*\)):/\1/'` tatkey=`$PERL -e 'printf("%d\n", hex(@ARGV[0]));' $tathex` -realkey=`$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 secroots - | sed -n 's#.*SHA256/\([0-9][0-9]*\) ; .*managed.*#\1#p'` +realkey=`$RNDCCMD 10.53.0.2 secroots - | sed -n 's#.*SHA256/\([0-9][0-9]*\) ; .*managed.*#\1#p'` [ "$tatkey" -eq "$realkey" ] || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I: check initialization fails if managed-keys can't be created ($n)" +echo_i "check initialization fails if managed-keys can't be created ($n)" ret=0 mkeys_secroots_on 4 grep '; initializing managed' ns4/named.secroots > /dev/null 2>&1 || ret=1 grep '; managed' ns4/named.secroots > /dev/null 2>&1 && ret=1 grep '; trusted' ns4/named.secroots > /dev/null 2>&1 && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I: check failure to contact root servers does not prevent key refreshes after restart ($n)" +echo_i "check failure to contact root servers does not prevent key refreshes after restart ($n)" ret=0 # By the time we get here, ns5 should have attempted refreshing its managed # keys. These attempts should fail as ns1 is configured to REFUSE all queries @@ -713,28 +714,28 @@ ret=0 # ensure key refresh retry will be scheduled to one actual hour after the first # key refresh failure instead of just a few seconds, in order to prevent races # between the next scheduled key refresh time and startup time of restarted ns5. -$PERL $SYSTEMTESTTOP/stop.pl --use-rndc . ns5 +$PERL $SYSTEMTESTTOP/stop.pl --use-rndc --port ${CONTROLPORT} . ns5 nextpart ns5/named.run > /dev/null -$PERL $SYSTEMTESTTOP/start.pl --noclean --restart . ns5 +$PERL $SYSTEMTESTTOP/start.pl --noclean --restart --port ${PORT} . ns5 wait_for_log "Returned from key fetch in keyfetch_done()" ns5/named.run # ns5/named.run will contain logs from both the old instance and the new # instance. In order for the test to pass, both must attempt a fetch. count=`grep -c "Creating key fetch" ns5/named.run` [ $count -lt 2 ] && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I: check key refreshes are resumed after root servers become available ($n)" +echo_i "check key refreshes are resumed after root servers become available ($n)" ret=0 -$PERL $SYSTEMTESTTOP/stop.pl --use-rndc . ns5 +$PERL $SYSTEMTESTTOP/stop.pl --use-rndc --port ${CONTROLPORT} . ns5 # Prevent previous check from affecting this one rm -f ns5/managed-keys.bind* # named2.args adds "-T mkeytimers=2/20/40" to named1.args as we need to wait for # an "hour" until keys are refreshed again after initial failure cp ns5/named2.args ns5/named.args nextpart ns5/named.run > /dev/null -$PERL $SYSTEMTESTTOP/start.pl --noclean --restart . ns5 +$PERL $SYSTEMTESTTOP/start.pl --noclean --restart --port ${PORT} . ns5 wait_for_log "Returned from key fetch in keyfetch_done()" ns5/named.run mkeys_secroots_on 5 grep '; initializing managed' ns5/named.secroots > /dev/null 2>&1 || ret=1 @@ -744,7 +745,7 @@ grep "flags:.*ad.*QUERY" dig.out.ns5.a.test$n > /dev/null && ret=1 grep "example..*.RRSIG..*TXT" dig.out.ns5.a.test$n > /dev/null && ret=1 grep "status: SERVFAIL" dig.out.ns5.a.test$n > /dev/null || ret=1 # Allow queries from ns5 to ns1 -cp ns1/named3.conf ns1/named.conf +copy_setports ns1/named3.conf.in ns1/named.conf rm -f ns1/root.db.signed.jnl mkeys_reconfig_on 1 nextpart ns5/named.run > /dev/null @@ -757,8 +758,8 @@ $DIG $DIGOPTS +noauth example. @10.53.0.5 txt > dig.out.ns5.b.test$n || ret=1 grep "flags:.*ad.*QUERY" dig.out.ns5.b.test$n > /dev/null || ret=1 grep "example..*.RRSIG..*TXT" dig.out.ns5.b.test$n > /dev/null || ret=1 grep "status: NOERROR" dig.out.ns5.b.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:exit status: $status" +echo_i "exit status: $status" [ $status -eq 0 ] || exit 1 diff --git a/bin/tests/system/names/clean.sh b/bin/tests/system/names/clean.sh index c9f3de8eb4..3b2ed6e8ca 100644 --- a/bin/tests/system/names/clean.sh +++ b/bin/tests/system/names/clean.sh @@ -11,3 +11,4 @@ rm -f ns*/named.lock rm -f ns*/named.memstats rm -f ns*/named.run rm -f ns*/named.pid +rm -f ns*/named.conf diff --git a/bin/tests/system/names/ns1/named.conf b/bin/tests/system/names/ns1/named.conf.in similarity index 95% rename from bin/tests/system/names/ns1/named.conf rename to bin/tests/system/names/ns1/named.conf.in index 8082ba0bd8..4c240377d6 100644 --- a/bin/tests/system/names/ns1/named.conf +++ b/bin/tests/system/names/ns1/named.conf.in @@ -6,13 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -controls { /* empty */ }; - options { query-source address 10.53.0.1; notify-source 10.53.0.1; transfer-source 10.53.0.1; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.1; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/names/setup.sh b/bin/tests/system/names/setup.sh index 8f546567c5..18ad02b954 100644 --- a/bin/tests/system/names/setup.sh +++ b/bin/tests/system/names/setup.sh @@ -4,4 +4,9 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -sh clean.sh +SYSTEMTESTTOP=.. +. $SYSTEMTESTTOP/conf.sh + +$SHELL clean.sh + +copy_setports ns1/named.conf.in ns1/named.conf diff --git a/bin/tests/system/names/tests.sh b/bin/tests/system/names/tests.sh index 7134a8dc94..f4c2734689 100644 --- a/bin/tests/system/names/tests.sh +++ b/bin/tests/system/names/tests.sh @@ -9,35 +9,35 @@ SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh -DIGOPTS="+nosea +stat +noquest +nocomm +nocmd" +DIGOPTS="+nosea +stat +noquest +nocomm +nocmd -p ${PORT}" status=0 -echo "I:Getting message size with compression enabled" -$DIG $DIGOPTS -b 10.53.0.1 @10.53.0.1 -p 5300 mx example > dig.compen.test +echo_i "Getting message size with compression enabled" +$DIG $DIGOPTS -b 10.53.0.1 @10.53.0.1 mx example > dig.compen.test COMPEN=`grep ';; MSG SIZE' dig.compen.test |sed -e "s/.*: //g"` cat dig.compen.test |grep -v ';;' |sort > dig.compen.sorted.test -echo "I:Getting message size with compression disabled" -$DIG $DIGOPTS -b 10.53.0.2 @10.53.0.1 -p 5300 mx example > dig.compdis.test +echo_i "Getting message size with compression disabled" +$DIG $DIGOPTS -b 10.53.0.2 @10.53.0.1 mx example > dig.compdis.test COMPDIS=`grep ';; MSG SIZE' dig.compdis.test |sed -e "s/.*: //g"` cat dig.compdis.test |grep -v ';;' |sort > dig.compdis.sorted.test # the compression disabled message should be at least twice as large as with # compression disabled, but the content should be the same -echo "I:Checking if responses are identical other than in message size" +echo_i "Checking if responses are identical other than in message size" diff dig.compdis.sorted.test dig.compen.sorted.test >/dev/null ret=$? -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:Checking if message with compression disabled is significantly larger" -echo "I: Disabled $COMPDIS vs enabled $COMPEN" +echo_i "Checking if message with compression disabled is significantly larger" +echo_i "Disabled $COMPDIS vs enabled $COMPEN" val=`expr \( $COMPDIS \* 3 / 2 \) / $COMPEN` if [ $val -le 1 ]; then - echo "I:failed" + echo_i "failed" status=`expr $status + 1` fi; -echo "I:exit status: $status" +echo_i "exit status: $status" [ $status -eq 0 ] || exit 1 diff --git a/bin/tests/system/notify/clean.sh b/bin/tests/system/notify/clean.sh index 2e09a90db4..909076b984 100644 --- a/bin/tests/system/notify/clean.sh +++ b/bin/tests/system/notify/clean.sh @@ -12,6 +12,8 @@ rm -f */named.memstats rm -f */named.run +rm -f */named.conf +rm -f */named.port rm -f dig.out.?.ns5.test* rm -f dig.out.ns2.test* rm -f dig.out.ns3.test* diff --git a/bin/tests/system/views/ns1/named.conf b/bin/tests/system/notify/ns1/named.conf.in similarity index 84% rename from bin/tests/system/views/ns1/named.conf rename to bin/tests/system/notify/ns1/named.conf.in index 6edc868ad3..262fbe93d7 100644 --- a/bin/tests/system/views/ns1/named.conf +++ b/bin/tests/system/notify/ns1/named.conf.in @@ -6,15 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.17 2007/06/19 23:47:07 tbox Exp $ */ - -controls { /* empty */ }; - options { query-source address 10.53.0.1; notify-source 10.53.0.1; transfer-source 10.53.0.1; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.1; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/notify/ns2/named.conf b/bin/tests/system/notify/ns2/named.conf.in similarity index 91% rename from bin/tests/system/notify/ns2/named.conf rename to bin/tests/system/notify/ns2/named.conf.in index de163718ba..5f5b9f53b9 100644 --- a/bin/tests/system/notify/ns2/named.conf +++ b/bin/tests/system/notify/ns2/named.conf.in @@ -6,13 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -controls { /* empty */ }; - options { query-source address 10.53.0.2; notify-source 10.53.0.2; transfer-source 10.53.0.2; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.2; }; listen-on-v6 { none; }; @@ -21,7 +19,14 @@ options { startup-notify-rate 5; }; -include "../../common/controls.conf"; +key rndc_key { + secret "1234abcd8765"; + algorithm hmac-sha256; +}; + +controls { + inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; +}; zone "." { type hint; @@ -37,7 +42,7 @@ zone "example" { masters noport { 10.53.0.4; }; -masters x21 port 5301 { noport; }; +masters x21 port @EXTRAPORT1@ { noport; }; zone x1 { type master; file "generic.db"; also-notify { 10.53.0.3; }; }; zone x2 { type master; file "generic.db"; also-notify { 10.53.0.3; }; }; diff --git a/bin/tests/system/notify/ns3/named.conf b/bin/tests/system/notify/ns3/named.conf.in similarity index 86% rename from bin/tests/system/notify/ns3/named.conf rename to bin/tests/system/notify/ns3/named.conf.in index cd803551ee..ce2a749be3 100644 --- a/bin/tests/system/notify/ns3/named.conf +++ b/bin/tests/system/notify/ns3/named.conf.in @@ -6,15 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.24 2007/06/18 23:47:29 tbox Exp $ */ - -controls { /* empty */ }; - options { query-source address 10.53.0.3; notify-source 10.53.0.3; transfer-source 10.53.0.3; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.3; }; listen-on-v6 { none; }; @@ -32,5 +28,3 @@ zone "example" { masters { 10.53.0.2; }; file "example.bk"; }; - - diff --git a/bin/tests/system/notify/ns4/named.conf b/bin/tests/system/notify/ns4/named.conf.in similarity index 81% rename from bin/tests/system/notify/ns4/named.conf rename to bin/tests/system/notify/ns4/named.conf.in index 54047b0b3c..a22fbf37cb 100644 --- a/bin/tests/system/notify/ns4/named.conf +++ b/bin/tests/system/notify/ns4/named.conf.in @@ -6,15 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.24 2007/06/18 23:47:29 tbox Exp $ */ - -controls { /* empty */ }; - options { query-source address 10.53.0.4; notify-source 10.53.0.4; transfer-source 10.53.0.4; - port 5301; + port @EXTRAPORT1@; pid-file "named.pid"; listen-on { 10.53.0.4; }; listen-on-v6 { none; }; @@ -29,6 +25,6 @@ zone "." { zone "x21" { type slave; - masters { 10.53.0.2 port 5300; }; + masters { 10.53.0.2 port @PORT@; }; file "x21.bk"; }; diff --git a/bin/tests/system/notify/ns4/named.port b/bin/tests/system/notify/ns4/named.port deleted file mode 100644 index 3cda32bc25..0000000000 --- a/bin/tests/system/notify/ns4/named.port +++ /dev/null @@ -1 +0,0 @@ -5301 diff --git a/bin/tests/system/notify/ns4/named.port.in b/bin/tests/system/notify/ns4/named.port.in new file mode 100644 index 0000000000..8e94a3c628 --- /dev/null +++ b/bin/tests/system/notify/ns4/named.port.in @@ -0,0 +1 @@ +@EXTRAPORT1@ diff --git a/bin/tests/system/notify/ns5/named.conf b/bin/tests/system/notify/ns5/named.conf.in similarity index 92% rename from bin/tests/system/notify/ns5/named.conf rename to bin/tests/system/notify/ns5/named.conf.in index 096f199282..b659a47e4f 100644 --- a/bin/tests/system/notify/ns5/named.conf +++ b/bin/tests/system/notify/ns5/named.conf.in @@ -6,10 +6,6 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.24 2007/06/18 23:47:29 tbox Exp $ */ - -controls { /* empty */ }; - key "a" { algorithm "hmac-md5"; secret "aaaaaaaaaaaaaaaaaaaa"; @@ -29,7 +25,7 @@ options { query-source address 10.53.0.5; notify-source 10.53.0.5; transfer-source 10.53.0.5; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.5; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/notify/setup.sh b/bin/tests/system/notify/setup.sh index 231dc50666..1faf322006 100644 --- a/bin/tests/system/notify/setup.sh +++ b/bin/tests/system/notify/setup.sh @@ -6,7 +6,18 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -# $Id: setup.sh,v 1.10 2007/06/19 23:47:04 tbox Exp $ +SYSTEMTESTTOP=.. +. $SYSTEMTESTTOP/conf.sh + +$SHELL clean.sh + +copy_setports ns1/named.conf.in ns1/named.conf +copy_setports ns2/named.conf.in ns2/named.conf +copy_setports ns3/named.conf.in ns3/named.conf +copy_setports ns4/named.conf.in ns4/named.conf +copy_setports ns5/named.conf.in ns5/named.conf + +copy_setports ns4/named.port.in ns4/named.port cp -f ns2/example1.db ns2/example.db cp -f ns2/generic.db ns2/x21.db diff --git a/bin/tests/system/notify/tests.sh b/bin/tests/system/notify/tests.sh index c9faab49ee..3e7f3d31a1 100644 --- a/bin/tests/system/notify/tests.sh +++ b/bin/tests/system/notify/tests.sh @@ -9,6 +9,9 @@ SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh +DIGOPTS="+tcp +noadd +nosea +nostat +noquest +nocomm +nocmd -p ${PORT}" +RNDCCMD="$RNDC -c $SYSTEMTESTTOP/common/rndc.conf -p ${CONTROLPORT} -s" + status=0 n=0 @@ -18,10 +21,10 @@ n=0 for i in 1 2 3 4 5 6 7 8 9 10 do ret=0 - $DIG +tcp example @10.53.0.2 soa -p 5300 > dig.out.ns2.test$n || ret=1 + $DIG +tcp -p ${PORT} example @10.53.0.2 soa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "flags:.* aa[ ;]" dig.out.ns2.test$n > /dev/null || ret=1 - $DIG +tcp example @10.53.0.3 soa -p 5300 > dig.out.ns3.test$n || ret=1 + $DIG +tcp -p ${PORT} example @10.53.0.3 soa > dig.out.ns3.test$n || ret=1 grep "status: NOERROR" dig.out.ns3.test$n > /dev/null || ret=1 grep "flags:.* aa[ ;]" dig.out.ns3.test$n > /dev/null || ret=1 nr=`grep 'x[0-9].*sending notify to' ns2/named.run | wc -l` @@ -31,23 +34,21 @@ do done n=`expr $n + 1` -echo "I:checking initial status ($n)" +echo_i "checking initial status ($n)" ret=0 -$DIG +tcp +noadd +nosea +nostat +noquest +nocomm +nocmd a.example.\ - @10.53.0.2 a -p 5300 > dig.out.ns2.test$n || ret=1 +$DIG $DIGOPTS a.example. @10.53.0.2 a > dig.out.ns2.test$n || ret=1 grep "10.0.0.1" dig.out.ns2.test$n > /dev/null || ret=1 -$DIG +tcp +noadd +nosea +nostat +noquest +nocomm +nocmd a.example.\ - @10.53.0.3 a -p 5300 > dig.out.ns3.test$n || ret=1 +$DIG $DIGOPTS a.example. @10.53.0.3 a > dig.out.ns3.test$n || ret=1 grep "10.0.0.1" dig.out.ns3.test$n > /dev/null || ret=1 $PERL ../digcomp.pl dig.out.ns2.test$n dig.out.ns3.test$n || ret=1 -[ $ret = 0 ] || echo "I:failed" +[ $ret = 0 ] || echo_i "failed" status=`expr $ret + $status` n=`expr $n + 1` -echo "I:checking startup notify rate limit ($n)" +echo_i "checking startup notify rate limit ($n)" ret=0 grep 'x[0-9].*sending notify to' ns2/named.run | sed 's/.*:\([0-9][0-9]\)\..*/\1/' | uniq -c | awk '{print $1}' > log.out @@ -55,18 +56,18 @@ grep 'x[0-9].*sending notify to' ns2/named.run | wc -l log.out | awk '$1 < 4 { exit(1) }' || ret=1 # ... with no more than 5 in any one second awk '$1 > 5 { exit(1) }' log.out || ret=1 -[ $ret = 0 ] || echo "I:failed" +[ $ret = 0 ] || echo_i "failed" status=`expr $ret + $status` sleep 1 # make sure filesystem time stamp is newer for reload. rm -f ns2/example.db cp -f ns2/example2.db ns2/example.db if [ ! "$CYGWIN" ]; then - echo "I:reloading with example2 using HUP and waiting up to 45 seconds" + echo_i "reloading with example2 using HUP and waiting up to 45 seconds" $KILL -HUP `cat ns2/named.pid` else - echo "I:reloading with example2 using rndc and waiting up to 45 seconds" - $RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 reload 2>&1 | sed 's/^/I:ns2 /' + echo_i "reloading with example2 using rndc and waiting up to 45 seconds" + $RNDCCMD 10.53.0.2 reload 2>&1 | sed 's/^/I:ns2 /' fi try=0 while test $try -lt 45 @@ -77,45 +78,42 @@ do done n=`expr $n + 1` -echo "I:checking notify message was logged ($n)" +echo_i "checking notify message was logged ($n)" ret=0 grep 'notify from 10.53.0.2#[0-9][0-9]*: serial 2$' ns3/named.run > /dev/null || ret=1 -[ $ret = 0 ] || echo "I:failed" +[ $ret = 0 ] || echo_i "failed" status=`expr $ret + $status` n=`expr $n + 1` -echo "I:checking example2 loaded ($n)" +echo_i "checking example2 loaded ($n)" ret=0 -$DIG +tcp +noadd +nosea +nostat +noquest +nocomm +nocmd a.example.\ - @10.53.0.2 a -p 5300 > dig.out.ns2.test$n || ret=1 +$DIG $DIGOPTS a.example. @10.53.0.2 a > dig.out.ns2.test$n || ret=1 grep "10.0.0.2" dig.out.ns2.test$n > /dev/null || ret=1 -[ $ret = 0 ] || echo "I:failed" +[ $ret = 0 ] || echo_i "failed" status=`expr $ret + $status` n=`expr $n + 1` -echo "I:checking example2 contents have been transferred after HUP reload ($n)" +echo_i "checking example2 contents have been transferred after HUP reload ($n)" ret=0 -$DIG +tcp +noadd +nosea +nostat +noquest +nocomm +nocmd a.example.\ - @10.53.0.2 a -p 5300 > dig.out.ns2.test$n || ret=1 +$DIG $DIGOPTS a.example. @10.53.0.2 a > dig.out.ns2.test$n || ret=1 grep "10.0.0.2" dig.out.ns2.test$n > /dev/null || ret=1 -$DIG +tcp +noadd +nosea +nostat +noquest +nocomm +nocmd a.example.\ - @10.53.0.3 a -p 5300 > dig.out.ns3.test$n || ret=1 +$DIG $DIGOPTS a.example. @10.53.0.3 a > dig.out.ns3.test$n || ret=1 grep "10.0.0.2" dig.out.ns3.test$n > /dev/null || ret=1 $PERL ../digcomp.pl dig.out.ns2.test$n dig.out.ns3.test$n || ret=1 -[ $ret = 0 ] || echo "I:failed" +[ $ret = 0 ] || echo_i "failed" status=`expr $ret + $status` -echo "I:stopping master and restarting with example4 then waiting up to 45 seconds" +echo_i "stopping master and restarting with example4 then waiting up to 45 seconds" $PERL $SYSTEMTESTTOP/stop.pl . ns2 rm -f ns2/example.db cp -f ns2/example4.db ns2/example.db -$PERL $SYSTEMTESTTOP/start.pl --noclean --restart . ns2 +$PERL $SYSTEMTESTTOP/start.pl --noclean --restart --port ${PORT} . ns2 try=0 while test $try -lt 45 @@ -126,63 +124,59 @@ do done n=`expr $n + 1` -echo "I:checking notify message was logged ($n)" +echo_i "checking notify message was logged ($n)" ret=0 grep 'notify from 10.53.0.2#[0-9][0-9]*: serial 4$' ns3/named.run > /dev/null || ret=1 -[ $ret = 0 ] || echo "I:failed" +[ $ret = 0 ] || echo_i "failed" status=`expr $ret + $status` n=`expr $n + 1` -echo "I:checking example4 loaded ($n)" +echo_i "checking example4 loaded ($n)" ret=0 -$DIG +tcp +noadd +nosea +nostat +noquest +nocomm +nocmd a.example.\ - @10.53.0.2 a -p 5300 > dig.out.ns2.test$n || ret=1 +$DIG $DIGOPTS a.example. @10.53.0.2 a > dig.out.ns2.test$n || ret=1 grep "10.0.0.4" dig.out.ns2.test$n > /dev/null || ret=1 -[ $ret = 0 ] || echo "I:failed" +[ $ret = 0 ] || echo_i "failed" status=`expr $ret + $status` n=`expr $n + 1` -echo "I:checking example4 contents have been transfered after restart ($n)" +echo_i "checking example4 contents have been transfered after restart ($n)" ret=0 -$DIG +tcp +noadd +nosea +nostat +noquest +nocomm +nocmd a.example.\ - @10.53.0.2 a -p 5300 > dig.out.ns2.test$n || ret=1 +$DIG $DIGOPTS a.example. @10.53.0.2 a > dig.out.ns2.test$n || ret=1 grep "10.0.0.4" dig.out.ns2.test$n > /dev/null || ret=1 -$DIG +tcp +noadd +nosea +nostat +noquest +nocomm +nocmd a.example.\ - @10.53.0.3 a -p 5300 > dig.out.ns3.test$n || ret=1 +$DIG $DIGOPTS a.example. @10.53.0.3 a > dig.out.ns3.test$n || ret=1 grep "10.0.0.4" dig.out.ns3.test$n > /dev/null || ret=1 $PERL ../digcomp.pl dig.out.ns2.test$n dig.out.ns3.test$n || ret=1 -[ $ret = 0 ] || echo "I:failed" +[ $ret = 0 ] || echo_i "failed" status=`expr $ret + $status` n=`expr $n + 1` -echo "I:checking notify to alternate port with master inheritance" +echo_i "checking notify to alternate port with master inheritance ($n)" $NSUPDATE << EOF -server 10.53.0.2 5300 +server 10.53.0.2 ${PORT} zone x21 update add added.x21 0 in txt "test string" send EOF for i in 1 2 3 4 5 6 7 8 9 do - $DIG +tcp +noadd +nosea +nostat +noquest +nocomm +nocmd added.x21.\ - @10.53.0.4 txt -p 5301 > dig.out.ns4.test$n || ret=1 + $DIG $DIGOPTS added.x21. @10.53.0.4 txt -p $EXTRAPORT1 > dig.out.ns4.test$n || ret=1 grep "test string" dig.out.ns4.test$n > /dev/null && break sleep 1 done grep "test string" dig.out.ns4.test$n > /dev/null || ret=1 -[ $ret = 0 ] || echo "I:failed" +[ $ret = 0 ] || echo_i "failed" status=`expr $ret + $status` n=`expr $n + 1` -echo "I:checking notify to multiple views using tsig" +echo_i "checking notify to multiple views using tsig ($n)" ret=0 $NSUPDATE << EOF -server 10.53.0.5 5300 +server 10.53.0.5 ${PORT} zone x21 key a aaaaaaaaaaaaaaaaaaaa update add added.x21 0 in txt "test string" @@ -191,12 +185,10 @@ EOF for i in 1 2 3 4 5 6 7 8 9 do - $DIG +tcp +noadd +nosea +nostat +noquest +nocomm +nocmd added.x21.\ - -y b:bbbbbbbbbbbbbbbbbbbb @10.53.0.5 \ - txt -p 5300 > dig.out.b.ns5.test$n || ret=1 - $DIG +tcp +noadd +nosea +nostat +noquest +nocomm +nocmd added.x21.\ - -y c:cccccccccccccccccccc @10.53.0.5 \ - txt -p 5300 > dig.out.c.ns5.test$n || ret=1 + $DIG $DIGOPTS added.x21. -y b:bbbbbbbbbbbbbbbbbbbb @10.53.0.5 \ + txt > dig.out.b.ns5.test$n || ret=1 + $DIG $DIGOPTS added.x21. -y c:cccccccccccccccccccc @10.53.0.5 \ + txt > dig.out.c.ns5.test$n || ret=1 grep "test string" dig.out.b.ns5.test$n > /dev/null && grep "test string" dig.out.c.ns5.test$n > /dev/null && break @@ -205,8 +197,8 @@ done grep "test string" dig.out.b.ns5.test$n > /dev/null || ret=1 grep "test string" dig.out.c.ns5.test$n > /dev/null || ret=1 -[ $ret = 0 ] || echo "I:failed" +[ $ret = 0 ] || echo_i "failed" status=`expr $ret + $status` -echo "I:exit status: $status" +echo_i "exit status: $status" [ $status -eq 0 ] || exit 1 diff --git a/bin/tests/system/nslookup/clean.sh b/bin/tests/system/nslookup/clean.sh index 2fdba8bcc2..7cbe9ccc14 100644 --- a/bin/tests/system/nslookup/clean.sh +++ b/bin/tests/system/nslookup/clean.sh @@ -9,3 +9,4 @@ rm -f nslookup.out* rm -f ns*/named.lock rm -f ns*/named.memstats rm -f ns*/named.run +rm -f ns*/named.conf diff --git a/bin/tests/system/nslookup/ns1/named.conf b/bin/tests/system/nslookup/ns1/named.conf.in similarity index 93% rename from bin/tests/system/nslookup/ns1/named.conf rename to bin/tests/system/nslookup/ns1/named.conf.in index ddf4dabedc..6f8a295bba 100644 --- a/bin/tests/system/nslookup/ns1/named.conf +++ b/bin/tests/system/nslookup/ns1/named.conf.in @@ -6,13 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -controls { /* empty */ }; - options { query-source address 10.53.0.1; notify-source 10.53.0.1; transfer-source 10.53.0.1; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.1; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/nslookup/setup.sh b/bin/tests/system/nslookup/setup.sh index 437a862cf2..cac31d73cf 100644 --- a/bin/tests/system/nslookup/setup.sh +++ b/bin/tests/system/nslookup/setup.sh @@ -9,4 +9,8 @@ SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh +$SHELL clean.sh + $SHELL ../genzone.sh 1 >ns1/example.db + +copy_setports ns1/named.conf.in ns1/named.conf diff --git a/bin/tests/system/nslookup/tests.sh b/bin/tests/system/nslookup/tests.sh index f088dd8db2..770f2d4079 100644 --- a/bin/tests/system/nslookup/tests.sh +++ b/bin/tests/system/nslookup/tests.sh @@ -13,57 +13,57 @@ status=0 n=0 n=`expr $n + 1` -echo "Check that domain names that are too big when applying a search list entry are handled cleanly ($n)" +echo_i "Check that domain names that are too big when applying a search list entry are handled cleanly ($n)" ret=0 l=012345678901234567890123456789012345678901234567890123456789012 t=0123456789012345678901234567890123456789012345678901234567890 d=$l.$l.$l.$t -$NSLOOKUP -port=5300 -domain=$d -type=soa example 10.53.0.1 > nslookup.out${n} || ret=1 +$NSLOOKUP -port=${PORT} -domain=$d -type=soa example 10.53.0.1 > nslookup.out${n} || ret=1 grep "origin = ns1.example" nslookup.out${n} > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "Check A only lookup" +echo_i "Check A only lookup" ret=0 -$NSLOOKUP -port=5300 a-only.example.net 10.53.0.1 > nslookup.out${n} || ret=1 +$NSLOOKUP -port=${PORT} a-only.example.net 10.53.0.1 > nslookup.out${n} || ret=1 lines=`grep "Server:" nslookup.out${n} | wc -l` test $lines = 1 || ret=1 lines=`grep a-only.example.net nslookup.out${n} | wc -l` test $lines = 1 || ret=1 grep "1.2.3.4" nslookup.out${n} > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "Check AAAA only lookup" +echo_i "Check AAAA only lookup" ret=0 -$NSLOOKUP -port=5300 aaaa-only.example.net 10.53.0.1 > nslookup.out${n} || ret=1 +$NSLOOKUP -port=${PORT} aaaa-only.example.net 10.53.0.1 > nslookup.out${n} || ret=1 lines=`grep "Server:" nslookup.out${n} | wc -l` test $lines = 1 || ret=1 lines=`grep aaaa-only.example.net nslookup.out${n} | wc -l` test $lines = 1 || ret=1 grep "2001::ffff" nslookup.out${n} > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "Check dual A + AAAA lookup" +echo_i "Check dual A + AAAA lookup" ret=0 -$NSLOOKUP -port=5300 dual.example.net 10.53.0.1 > nslookup.out${n} || ret=1 +$NSLOOKUP -port=${PORT} dual.example.net 10.53.0.1 > nslookup.out${n} || ret=1 lines=`grep "Server:" nslookup.out${n} | wc -l` test $lines = 1 || ret=1 lines=`grep dual.example.net nslookup.out${n} | wc -l` test $lines = 2 || ret=1 grep "1.2.3.4" nslookup.out${n} > /dev/null || ret=1 grep "2001::ffff" nslookup.out${n} > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "Check CNAME to A only lookup" +echo_i "Check CNAME to A only lookup" ret=0 -$NSLOOKUP -port=5300 cname-a-only.example.net 10.53.0.1 > nslookup.out${n} || ret=1 +$NSLOOKUP -port=${PORT} cname-a-only.example.net 10.53.0.1 > nslookup.out${n} || ret=1 lines=`grep "Server:" nslookup.out${n} | wc -l` test $lines = 1 || ret=1 lines=`grep "canonical name" nslookup.out${n} | wc -l` @@ -71,13 +71,13 @@ test $lines = 1 || ret=1 lines=`grep a-only.example.net nslookup.out${n} | grep -v "canonical name" | wc -l` test $lines = 1 || ret=1 grep "1.2.3.4" nslookup.out${n} > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "Check CNAME to AAAA only lookup" +echo_i "Check CNAME to AAAA only lookup" ret=0 -$NSLOOKUP -port=5300 cname-aaaa-only.example.net 10.53.0.1 > nslookup.out${n} || ret=1 +$NSLOOKUP -port=${PORT} cname-aaaa-only.example.net 10.53.0.1 > nslookup.out${n} || ret=1 lines=`grep "Server:" nslookup.out${n} | wc -l` test $lines = 1 || ret=1 lines=`grep "canonical name" nslookup.out${n} | wc -l` @@ -85,13 +85,13 @@ test $lines = 1 || ret=1 lines=`grep aaaa-only.example.net nslookup.out${n} | grep -v "canonical name" |wc -l` test $lines = 1 || ret=1 grep "2001::ffff" nslookup.out${n} > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "Check CNAME to dual A + AAAA lookup" +echo_i "Check CNAME to dual A + AAAA lookup" ret=0 -$NSLOOKUP -port=5300 cname-dual.example.net 10.53.0.1 > nslookup.out${n} || ret=1 +$NSLOOKUP -port=${PORT} cname-dual.example.net 10.53.0.1 > nslookup.out${n} || ret=1 lines=`grep "Server:" nslookup.out${n} | wc -l` test $lines = 1 || ret=1 lines=`grep "canonical name" nslookup.out${n} | wc -l` @@ -100,8 +100,8 @@ lines=`grep dual.example.net nslookup.out${n} | grep -v "canonical name" | wc -l test $lines = 2 || ret=1 grep "1.2.3.4" nslookup.out${n} > /dev/null || ret=1 grep "2001::ffff" nslookup.out${n} > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:exit status: $status" +echo_i "exit status: $status" [ $status -eq 0 ] || exit 1 diff --git a/bin/tests/system/nsupdate/ans4/ans.pl b/bin/tests/system/nsupdate/ans4/ans.pl index 747f697de5..215d1295f6 100644 --- a/bin/tests/system/nsupdate/ans4/ans.pl +++ b/bin/tests/system/nsupdate/ans4/ans.pl @@ -21,10 +21,13 @@ if (@ARGV > 0) { $server_addr = @ARGV[0]; } -my $udpsock = IO::Socket::INET->new(LocalAddr => "$server_addr", - LocalPort => 5300, Proto => "udp", Reuse => 1) or die "$!"; +my $localport = int($ENV{'PORT'}); +if (!$localport) { $localport = 5300; } -print "listening on $server_addr:5300.\n"; +my $udpsock = IO::Socket::INET->new(LocalAddr => "$server_addr", + LocalPort => $localport, Proto => "udp", Reuse => 1) or die "$!"; + +print "listening on $server_addr:$localport.\n"; my $pidf = new IO::File "ans.pid", "w" or die "cannot open pid file: $!"; print $pidf "$$\n" or die "cannot write pid file: $!"; diff --git a/bin/tests/system/nsupdate/clean.sh b/bin/tests/system/nsupdate/clean.sh index 71721ec469..8ef818cb03 100644 --- a/bin/tests/system/nsupdate/clean.sh +++ b/bin/tests/system/nsupdate/clean.sh @@ -10,8 +10,10 @@ # Clean up after zone transfer tests. # +rm -f verylarge rm -f */named.memstats rm -f */named.run */ans.run +rm -f */named.conf rm -f Kxxx.* rm -f dig.out.* rm -f jp.out.ns3.* diff --git a/bin/tests/system/nsupdate/ns1/named.conf b/bin/tests/system/nsupdate/ns1/named.conf.in similarity index 94% rename from bin/tests/system/nsupdate/ns1/named.conf rename to bin/tests/system/nsupdate/ns1/named.conf.in index ed60246f4c..8d40557d72 100644 --- a/bin/tests/system/nsupdate/ns1/named.conf +++ b/bin/tests/system/nsupdate/ns1/named.conf.in @@ -6,13 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -controls { /* empty */ }; - options { query-source address 10.53.0.1 dscp 1; notify-source 10.53.0.1 dscp 22; transfer-source 10.53.0.1 dscp 3; - port 5300; + port @PORT@; pid-file "named.pid"; session-keyfile "session.key"; listen-on { 10.53.0.1; 127.0.0.1; }; @@ -28,7 +26,7 @@ key rndc_key { }; controls { - inet 10.53.0.1 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.1 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; key altkey { @@ -67,8 +65,8 @@ zone "other.nil" { }; masters othermasters { - 10.53.0.2 port 5300; - 10.53.0.2 port 5300 key altkey; + 10.53.0.2 port @PORT@; + 10.53.0.2 port @PORT@ key altkey; }; zone "update.nil" { diff --git a/bin/tests/system/nsupdate/ns2/named.conf b/bin/tests/system/nsupdate/ns2/named.conf.in similarity index 92% rename from bin/tests/system/nsupdate/ns2/named.conf rename to bin/tests/system/nsupdate/ns2/named.conf.in index 7ee1427d11..37e83eeea4 100644 --- a/bin/tests/system/nsupdate/ns2/named.conf +++ b/bin/tests/system/nsupdate/ns2/named.conf.in @@ -6,15 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.16 2011/05/06 23:47:29 tbox Exp $ */ - -controls { /* empty */ }; - options { query-source address 10.53.0.2 dscp 4; notify-source 10.53.0.2 dscp 5; transfer-source 10.53.0.2 dscp 6; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.2; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/nsupdate/ns3/named.conf b/bin/tests/system/nsupdate/ns3/named.conf.in similarity index 86% rename from bin/tests/system/nsupdate/ns3/named.conf rename to bin/tests/system/nsupdate/ns3/named.conf.in index 2db43de8ed..13b2e12256 100644 --- a/bin/tests/system/nsupdate/ns3/named.conf +++ b/bin/tests/system/nsupdate/ns3/named.conf.in @@ -6,17 +6,13 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.5 2011/02/03 12:18:11 tbox Exp $ */ - // NS3 -controls { /* empty */ }; - options { query-source address 10.53.0.3 dscp 7; notify-source 10.53.0.3 dscp 8; transfer-source 10.53.0.3 dscp 9; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.3; }; listen-on-v6 { none; }; @@ -26,15 +22,6 @@ options { dnssec-validation yes; }; -/* -zone "." { - type master; - file "root.db.signed"; -}; -*/ - -// include "trusted.conf"; - zone "example" { type master; allow-update { any; }; diff --git a/bin/tests/system/nsupdate/ns5/named.conf b/bin/tests/system/nsupdate/ns5/named.conf.in similarity index 87% rename from bin/tests/system/nsupdate/ns5/named.conf rename to bin/tests/system/nsupdate/ns5/named.conf.in index 3632c7cb99..2d8f13e6f7 100644 --- a/bin/tests/system/nsupdate/ns5/named.conf +++ b/bin/tests/system/nsupdate/ns5/named.conf.in @@ -6,13 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -controls { /* empty */ }; - options { query-source address 10.53.0.5; notify-source 10.53.0.5; transfer-source 10.53.0.5; - port 5300; + port @PORT@; pid-file "named.pid"; session-keyfile "session.key"; listen-on { 10.53.0.5; }; @@ -27,7 +25,7 @@ key rndc_key { }; controls { - inet 10.53.0.5 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.5 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; zone "local.nil" { diff --git a/bin/tests/system/nsupdate/prereq.sh b/bin/tests/system/nsupdate/prereq.sh index dd36070e25..15a1ecf350 100644 --- a/bin/tests/system/nsupdate/prereq.sh +++ b/bin/tests/system/nsupdate/prereq.sh @@ -15,7 +15,7 @@ then then : else - echo "I:Net::DNS versions 0.69 to 0.70 have bugs that cause this test to fail: please update." >&2 + echo_i "Net::DNS versions 0.69 to 0.70 have bugs that cause this test to fail: please update." >&2 exit 1 fi fi diff --git a/bin/tests/system/nsupdate/setup.sh b/bin/tests/system/nsupdate/setup.sh index 1e12a1ca5f..b6321a91a2 100644 --- a/bin/tests/system/nsupdate/setup.sh +++ b/bin/tests/system/nsupdate/setup.sh @@ -11,6 +11,14 @@ SYSTEMTESTTOP=.. test -r $RANDFILE || $GENRANDOM 800 $RANDFILE +$SHELL clean.sh +copy_setports ns1/named.conf.in ns1/named.conf +copy_setports ns2/named.conf.in ns2/named.conf +copy_setports ns3/named.conf.in ns3/named.conf +copy_setports ns5/named.conf.in ns5/named.conf + +copy_setports verylarge.in verylarge + # # jnl and database files MUST be removed before we start # diff --git a/bin/tests/system/nsupdate/tests.sh b/bin/tests/system/nsupdate/tests.sh index 48f58590ab..e0033589c0 100755 --- a/bin/tests/system/nsupdate/tests.sh +++ b/bin/tests/system/nsupdate/tests.sh @@ -9,6 +9,9 @@ SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh +DIGOPTS="-p ${PORT}" +RNDCCMD="$RNDC -c $SYSTEMTESTTOP/common/rndc.conf -p ${CONTROLPORT} -s" + status=0 n=0 @@ -24,103 +27,103 @@ while true; do then break else - echo "I:zones are not fully loaded, waiting..." + echo_i "zones are not fully loaded, waiting..." tries=`expr $tries + 1` sleep 1 fi done ret=0 -echo "I:fetching first copy of zone before update" -$DIG +tcp +noadd +nosea +nostat +noquest +nocomm +nocmd example.nil.\ - @10.53.0.1 axfr -p 5300 > dig.out.ns1 || ret=1 -[ $ret = 0 ] || { echo I:failed; status=1; } +echo_i "fetching first copy of zone before update" +$DIG $DIGOPTS +tcp +noadd +nosea +nostat +noquest +nocomm +nocmd example.nil.\ + @10.53.0.1 axfr > dig.out.ns1 || ret=1 +[ $ret = 0 ] || { echo_i "failed"; status=1; } ret=0 -echo "I:fetching second copy of zone before update" -$DIG +tcp +noadd +nosea +nostat +noquest +nocomm +nocmd example.nil.\ - @10.53.0.2 axfr -p 5300 > dig.out.ns2 || ret=1 -[ $ret = 0 ] || { echo I:failed; status=1; } +echo_i "fetching second copy of zone before update" +$DIG $DIGOPTS +tcp +noadd +nosea +nostat +noquest +nocomm +nocmd example.nil.\ + @10.53.0.2 axfr > dig.out.ns2 || ret=1 +[ $ret = 0 ] || { echo_i "failed"; status=1; } ret=0 -echo "I:comparing pre-update copies to known good data" +echo_i "comparing pre-update copies to known good data" $PERL ../digcomp.pl knowngood.ns1.before dig.out.ns1 || ret=1 $PERL ../digcomp.pl knowngood.ns1.before dig.out.ns2 || ret=1 -[ $ret = 0 ] || { echo I:failed; status=1; } +[ $ret = 0 ] || { echo_i "failed"; status=1; } ret=0 -echo "I:updating zone" +echo_i "updating zone" # nsupdate will print a ">" prompt to stdout as it gets each input line. $NSUPDATE -k ns1/ddns.key < /dev/null || ret=1 -server 10.53.0.1 5300 +server 10.53.0.1 ${PORT} update add updated.example.nil. 600 A 10.10.10.1 add updated.example.nil. 600 TXT Foo delete t.example.nil. END -[ $ret = 0 ] || { echo I:failed; status=1; } +[ $ret = 0 ] || { echo_i "failed"; status=1; } -echo "I:sleeping 5 seconds for server to incorporate changes" +echo_i "sleeping 5 seconds for server to incorporate changes" sleep 5 ret=0 -echo "I:fetching first copy of zone after update" -$DIG +tcp +noadd +nosea +nostat +noquest +nocomm +nocmd example.nil.\ - @10.53.0.1 axfr -p 5300 > dig.out.ns1 || ret=1 -[ $ret = 0 ] || { echo I:failed; status=1; } +echo_i "fetching first copy of zone after update" +$DIG $DIGOPTS +tcp +noadd +nosea +nostat +noquest +nocomm +nocmd example.nil.\ + @10.53.0.1 axfr > dig.out.ns1 || ret=1 +[ $ret = 0 ] || { echo_i "failed"; status=1; } ret=0 -echo "I:fetching second copy of zone after update" -$DIG +tcp +noadd +nosea +nostat +noquest +nocomm +nocmd example.nil.\ - @10.53.0.2 axfr -p 5300 > dig.out.ns2 || ret=1 -[ $ret = 0 ] || { echo I:failed; status=1; } +echo_i "fetching second copy of zone after update" +$DIG $DIGOPTS +tcp +noadd +nosea +nostat +noquest +nocomm +nocmd example.nil.\ + @10.53.0.2 axfr > dig.out.ns2 || ret=1 +[ $ret = 0 ] || { echo_i "failed"; status=1; } ret=0 -echo "I:comparing post-update copies to known good data" +echo_i "comparing post-update copies to known good data" $PERL ../digcomp.pl knowngood.ns1.after dig.out.ns1 || ret=1 $PERL ../digcomp.pl knowngood.ns1.after dig.out.ns2 || ret=1 -[ $ret = 0 ] || { echo I:failed; status=1; } +[ $ret = 0 ] || { echo_i "failed"; status=1; } ret=0 -echo "I:testing local update policy" -pre=`$DIG +short new.other.nil. @10.53.0.1 a -p 5300` || ret=1 +echo_i "testing local update policy" +pre=`$DIG $DIGOPTS +short new.other.nil. @10.53.0.1 a` || ret=1 [ -z "$pre" ] || ret=1 -[ $ret = 0 ] || { echo I:failed; status=1; } +[ $ret = 0 ] || { echo_i "failed"; status=1; } ret=0 -echo "I:updating zone" +echo_i "updating zone" # nsupdate will print a ">" prompt to stdout as it gets each input line. -$NSUPDATE -4 -l -p 5300 -k ns1/session.key > /dev/null < /dev/null < nsupdate.out 2>&1 << END && ret=1 +$NSUPDATE -4 -l -p ${PORT} -k ns1/session.key > nsupdate.out 2>&1 << END && ret=1 update add other.nil. 600 in ns ns3.other.nil. send END grep REFUSED nsupdate.out > /dev/null 2>&1 || ret=1 # ...but should work if an A record is inserted first: -$NSUPDATE -4 -l -p 5300 -k ns1/session.key > nsupdate.out 2>&1 << END || ret=1 +$NSUPDATE -4 -l -p ${PORT} -k ns1/session.key > nsupdate.out 2>&1 << END || ret=1 update add ns4.other.nil 600 in a 10.53.0.1 send update add other.nil. 600 in ns ns4.other.nil. @@ -128,7 +131,7 @@ send END grep REFUSED nsupdate.out > /dev/null 2>&1 && ret=1 # ...or if an AAAA record does: -$NSUPDATE -4 -l -p 5300 -k ns1/session.key > nsupdate.out 2>&1 << END || ret=1 +$NSUPDATE -4 -l -p ${PORT} -k ns1/session.key > nsupdate.out 2>&1 << END || ret=1 update add ns5.other.nil 600 in aaaa 2001:db8::1 send update add other.nil. 600 in ns ns5.other.nil. @@ -136,228 +139,232 @@ send END grep REFUSED nsupdate.out > /dev/null 2>&1 && ret=1 # ...or if the NS and A/AAAA are inserted together: -$NSUPDATE -4 -l -p 5300 -k ns1/session.key > nsupdate.out 2>&1 << END || ret=1 +$NSUPDATE -4 -l -p ${PORT} -k ns1/session.key > nsupdate.out 2>&1 << END || ret=1 update add other.nil. 600 in ns ns6.other.nil. update add ns6.other.nil 600 in a 10.53.0.1 send END grep REFUSED nsupdate.out > /dev/null 2>&1 && ret=1 -[ $ret = 0 ] || { echo I:failed; status=1; } +[ $ret = 0 ] || { echo_i "failed"; status=1; } -echo "I:sleeping 5 seconds for server to incorporate changes" +echo_i "sleeping 5 seconds for server to incorporate changes" sleep 5 ret=0 -echo "I:checking result of update" -$DIG +short @10.53.0.1 -p 5300 ns other.nil > dig.out.ns1 || ret=1 +echo_i "checking result of update" +$DIG $DIGOPTS +short @10.53.0.1 ns other.nil > dig.out.ns1 || ret=1 grep ns3.other.nil dig.out.ns1 > /dev/null 2>&1 && ret=1 grep ns4.other.nil dig.out.ns1 > /dev/null 2>&1 || ret=1 grep ns5.other.nil dig.out.ns1 > /dev/null 2>&1 || ret=1 grep ns6.other.nil dig.out.ns1 > /dev/null 2>&1 || ret=1 -[ $ret = 0 ] || { echo I:failed; status=1; } +[ $ret = 0 ] || { echo_i "failed"; status=1; } ret=0 -echo "I:check SIG(0) key is accepted" +echo_i "check SIG(0) key is accepted" key=`$KEYGEN -q -r $RANDFILE -a NSEC3RSASHA1 -b 1024 -T KEY -n ENTITY xxx` echo "" | $NSUPDATE -k ${key}.private > /dev/null 2>&1 || ret=1 -[ $ret = 0 ] || { echo I:failed; status=1; } +[ $ret = 0 ] || { echo_i "failed"; status=1; } n=`expr $n + 1` ret=0 -echo "I:check TYPE=0 update is rejected by nsupdate ($n)" +echo_i "check TYPE=0 update is rejected by nsupdate ($n)" $NSUPDATE < nsupdate.out 2>&1 && ret=1 - server 10.53.0.1 5300 + server 10.53.0.1 ${PORT} ttl 300 update add example.nil. in type0 "" send END grep "unknown class/type" nsupdate.out > /dev/null 2>&1 || ret=1 -[ $ret = 0 ] || { echo I:failed; status=1; } +[ $ret = 0 ] || { echo_i "failed"; status=1; } n=`expr $n + 1` ret=0 -echo "I:check TYPE=0 prerequisite is handled ($n)" +echo_i "check TYPE=0 prerequisite is handled ($n)" $NSUPDATE -k ns1/ddns.key < nsupdate.out 2>&1 || ret=1 - server 10.53.0.1 5300 + server 10.53.0.1 ${PORT} prereq nxrrset example.nil. type0 send END -$DIG +tcp version.bind txt ch @10.53.0.1 -p 5300 > dig.out.ns1.$n +$DIG $DIGOPTS +tcp version.bind txt ch @10.53.0.1 > dig.out.ns1.$n grep "status: NOERROR" dig.out.ns1.$n > /dev/null || ret=1 -[ $ret = 0 ] || { echo I:failed; status=1; } +[ $ret = 0 ] || { echo_i "failed"; status=1; } n=`expr $n + 1` ret=0 -echo "I:check that TYPE=0 update is handled ($n)" +echo_i "check that TYPE=0 update is handled ($n)" echo "a0e4280000010000000100000000060001c00c000000fe000000000000" | -$PERL ../packet.pl -a 10.53.0.1 -p 5300 -t tcp > /dev/null -$DIG +tcp version.bind txt ch @10.53.0.1 -p 5300 > dig.out.ns1.$n +$PERL ../packet.pl -a 10.53.0.1 -p ${PORT} -t tcp > /dev/null +$DIG $DIGOPTS +tcp version.bind txt ch @10.53.0.1 > dig.out.ns1.$n grep "status: NOERROR" dig.out.ns1.$n > /dev/null || ret=1 -[ $ret = 0 ] || { echo I:failed; status=1; } +[ $ret = 0 ] || { echo_i "failed"; status=1; } n=`expr $n + 1` ret=0 -echo "I:check that TYPE=0 additional data is handled ($n)" +echo_i "check that TYPE=0 additional data is handled ($n)" echo "a0e4280000010000000000010000060001c00c000000fe000000000000" | -$PERL ../packet.pl -a 10.53.0.1 -p 5300 -t tcp > /dev/null -$DIG +tcp version.bind txt ch @10.53.0.1 -p 5300 > dig.out.ns1.$n +$PERL ../packet.pl -a 10.53.0.1 -p ${PORT} -t tcp > /dev/null +$DIG $DIGOPTS +tcp version.bind txt ch @10.53.0.1 > dig.out.ns1.$n grep "status: NOERROR" dig.out.ns1.$n > /dev/null || ret=1 -[ $ret = 0 ] || { echo I:failed; status=1; } +[ $ret = 0 ] || { echo_i "failed"; status=1; } n=`expr $n + 1` ret=0 -echo "I:check that update to undefined class is handled ($n)" +echo_i "check that update to undefined class is handled ($n)" echo "a0e4280000010001000000000000060101c00c000000fe000000000000" | -$PERL ../packet.pl -a 10.53.0.1 -p 5300 -t tcp > /dev/null -$DIG +tcp version.bind txt ch @10.53.0.1 -p 5300 > dig.out.ns1.$n +$PERL ../packet.pl -a 10.53.0.1 -p ${PORT} -t tcp > /dev/null +$DIG $DIGOPTS +tcp version.bind txt ch @10.53.0.1 > dig.out.ns1.$n grep "status: NOERROR" dig.out.ns1.$n > /dev/null || ret=1 -[ $ret = 0 ] || { echo I:failed; status=1; } +[ $ret = 0 ] || { echo_i "failed"; status=1; } n=`expr $n + 1` ret=0 -echo "I:check that address family mismatch is handled ($n)" +echo_i "check that address family mismatch is handled ($n)" $NSUPDATE < /dev/null 2>&1 && ret=1 server ::1 local 127.0.0.1 update add 600 txt.example.nil in txt "test" send END -[ $ret = 0 ] || { echo I:failed; status=1; } +[ $ret = 0 ] || { echo_i "failed"; status=1; } n=`expr $n + 1` ret=0 -echo "I:check that unixtime serial number is correctly generated ($n)" -oldserial=`$DIG +short unixtime.nil. soa @10.53.0.1 -p 5300 | awk '{print $3}'` || ret=1 +echo_i "check that unixtime serial number is correctly generated ($n)" +oldserial=`$DIG $DIGOPTS +short unixtime.nil. soa @10.53.0.1 | awk '{print $3}'` || ret=1 $NSUPDATE < /dev/null 2>&1 || ret=1 - server 10.53.0.1 5300 + server 10.53.0.1 ${PORT} ttl 600 update add new.unixtime.nil in a 1.2.3.4 send END now=`$PERL -e 'print time()."\n";'` sleep 1 -serial=`$DIG +short unixtime.nil. soa @10.53.0.1 -p 5300 | awk '{print $3}'` || ret=1 +serial=`$DIG $DIGOPTS +short unixtime.nil. soa @10.53.0.1 | awk '{print $3}'` || ret=1 [ "$oldserial" -ne "$serial" ] || ret=1 # allow up to 2 seconds difference between the serial # number and the unix epoch date but no more $PERL -e 'exit 1 if abs($ARGV[1] - $ARGV[0]) > 2;' $now $serial || ret=1 -[ $ret = 0 ] || { echo I:failed; status=1; } +[ $ret = 0 ] || { echo_i "failed"; status=1; } +ret=0 if $PERL -e 'use Net::DNS;' 2>/dev/null then - echo "I:running update.pl test" - $PERL update_test.pl -s 10.53.0.1 -p 5300 update.nil. || status=1 + echo_i "running update.pl test" + { + $PERL update_test.pl -s 10.53.0.1 -p ${PORT} update.nil. || ret=1 + } | cat_i + [ $ret -eq 1 ] && { echo_i "failed"; status=1; } else - echo "I:The second part of this test requires the Net::DNS library." >&2 + echo_i "The second part of this test requires the Net::DNS library." >&2 fi ret=0 -echo "I:fetching first copy of test zone" -$DIG +tcp +noadd +nosea +nostat +noquest +nocomm +nocmd example.nil.\ - @10.53.0.1 axfr -p 5300 > dig.out.ns1 || ret=1 -[ $ret = 0 ] || { echo I:failed; status=1; } +echo_i "fetching first copy of test zone" +$DIG $DIGOPTS +tcp +noadd +nosea +nostat +noquest +nocomm +nocmd example.nil.\ + @10.53.0.1 axfr > dig.out.ns1 || ret=1 +[ $ret = 0 ] || { echo_i "failed"; status=1; } ret=0 -echo "I:fetching second copy of test zone" -$DIG +tcp +noadd +nosea +nostat +noquest +nocomm +nocmd example.nil.\ - @10.53.0.2 axfr -p 5300 > dig.out.ns2 || ret=1 -[ $ret = 0 ] || { echo I:failed; status=1; } +echo_i "fetching second copy of test zone" +$DIG $DIGOPTS +tcp +noadd +nosea +nostat +noquest +nocomm +nocmd example.nil.\ + @10.53.0.2 axfr > dig.out.ns2 || ret=1 +[ $ret = 0 ] || { echo_i "failed"; status=1; } ret=0 -echo "I:comparing zones" +echo_i "comparing zones" $PERL ../digcomp.pl dig.out.ns1 dig.out.ns2 || ret=1 -[ $ret = 0 ] || { echo I:failed; status=1; } +[ $ret = 0 ] || { echo_i "failed"; status=1; } -echo "I:SIGKILL and restart server ns1" +echo_i "SIGKILL and restart server ns1" cd ns1 $KILL -KILL `cat named.pid` rm named.pid cd .. sleep 10 if - $PERL $SYSTEMTESTTOP/start.pl --noclean --restart . ns1 + $PERL $SYSTEMTESTTOP/start.pl --noclean --restart --port ${PORT} . ns1 then - echo "I:restarted server ns1" + echo_i "restarted server ns1" else - echo "I:could not restart server ns1" + echo_i "could not restart server ns1" exit 1 fi sleep 10 ret=0 -echo "I:fetching ns1 after hard restart" -$DIG +tcp +noadd +nosea +nostat +noquest +nocomm +nocmd example.nil.\ - @10.53.0.1 axfr -p 5300 > dig.out.ns1.after || ret=1 -[ $ret = 0 ] || { echo I:failed; status=1; } +echo_i "fetching ns1 after hard restart" +$DIG $DIGOPTS +tcp +noadd +nosea +nostat +noquest +nocomm +nocmd example.nil.\ + @10.53.0.1 axfr > dig.out.ns1.after || ret=1 +[ $ret = 0 ] || { echo_i "failed"; status=1; } ret=0 -echo "I:comparing zones" +echo_i "comparing zones" $PERL ../digcomp.pl dig.out.ns1 dig.out.ns1.after || ret=1 -[ $ret = 0 ] || { echo I:failed; status=1; } +[ $ret = 0 ] || { echo_i "failed"; status=1; } -echo "I:begin RT #482 regression test" +echo_i "begin RT #482 regression test" ret=0 -echo "I:update master" +echo_i "update master" $NSUPDATE -k ns1/ddns.key < /dev/null || ret=1 -server 10.53.0.1 5300 +server 10.53.0.1 ${PORT} update add updated2.example.nil. 600 A 10.10.10.2 update add updated2.example.nil. 600 TXT Bar update delete c.example.nil. send END -[ $ret = 0 ] || { echo I:failed; status=1; } +[ $ret = 0 ] || { echo_i "failed"; status=1; } sleep 5 if [ ! "$CYGWIN" ]; then - echo "I:SIGHUP slave" + echo_i "SIGHUP slave" $KILL -HUP `cat ns2/named.pid` else - echo "I:reload slave" - $RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 reload > /dev/null 2>&1 + echo_i "reload slave" + $RNDCCMD 10.53.0.2 reload > /dev/null 2>&1 fi sleep 5 ret=0 -echo "I:update master again" +echo_i "update master again" $NSUPDATE -k ns1/ddns.key < /dev/null || ret=1 -server 10.53.0.1 5300 +server 10.53.0.1 ${PORT} update add updated3.example.nil. 600 A 10.10.10.3 update add updated3.example.nil. 600 TXT Zap del d.example.nil. send END -[ $ret = 0 ] || { echo I:failed; status=1; } +[ $ret = 0 ] || { echo_i "failed"; status=1; } sleep 5 if [ ! "$CYGWIN" ]; then - echo "I:SIGHUP slave again" + echo_i "SIGHUP slave again" $KILL -HUP `cat ns2/named.pid` else - echo "I:reload slave again" - $RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 reload > /dev/null 2>&1 + echo_i "reload slave again" + $RNDCCMD 10.53.0.2 reload > /dev/null 2>&1 fi sleep 5 -echo "I:check to 'out of sync' message" +echo_i "check to 'out of sync' message" if grep "out of sync" ns2/named.run then - echo "I: failed (found 'out of sync')" + echo_i "failed (found 'out of sync')" status=1 fi -echo "I:end RT #482 regression test" +echo_i "end RT #482 regression test" n=`expr $n + 1` ret=0 -echo "I:start NSEC3PARAM changes via UPDATE on a unsigned zone test ($n)" +echo_i "start NSEC3PARAM changes via UPDATE on a unsigned zone test ($n)" $NSUPDATE << EOF -server 10.53.0.3 5300 +server 10.53.0.3 ${PORT} update add example 3600 nsec3param 1 0 0 - send EOF @@ -366,53 +373,53 @@ sleep 1 # the zone is not signed. The nsec3param records should be removed. # this also proves that the server is still running. -$DIG +tcp +noadd +nosea +nostat +noquest +nocmd +norec example.\ - @10.53.0.3 nsec3param -p 5300 > dig.out.ns3.$n || ret=1 +$DIG $DIGOPTS +tcp +noadd +nosea +nostat +noquest +nocmd +norec example.\ + @10.53.0.3 nsec3param > dig.out.ns3.$n || ret=1 grep "ANSWER: 0" dig.out.ns3.$n > /dev/null || ret=1 grep "flags:[^;]* aa[ ;]" dig.out.ns3.$n > /dev/null || ret=1 -[ $ret = 0 ] || { echo I:failed; status=1; } +[ $ret = 0 ] || { echo_i "failed"; status=1; } n=`expr $n + 1` ret=0 -echo "I:change the NSEC3PARAM ttl via update ($n)" +echo_i "change the NSEC3PARAM ttl via update ($n)" $NSUPDATE << EOF -server 10.53.0.3 5300 +server 10.53.0.3 ${PORT} update add nsec3param.test 3600 NSEC3PARAM 1 0 1 - send EOF sleep 1 -$DIG +tcp +noadd +nosea +nostat +noquest +nocmd +norec nsec3param.test.\ - @10.53.0.3 nsec3param -p 5300 > dig.out.ns3.$n || ret=1 +$DIG $DIGOPTS +tcp +noadd +nosea +nostat +noquest +nocmd +norec nsec3param.test.\ + @10.53.0.3 nsec3param > dig.out.ns3.$n || ret=1 grep "ANSWER: 1" dig.out.ns3.$n > /dev/null || ret=1 grep "3600.*NSEC3PARAM" dig.out.ns3.$n > /dev/null || ret=1 grep "flags:[^;]* aa[ ;]" dig.out.ns3.$n > /dev/null || ret=1 -[ $ret = 0 ] || { echo I:failed; status=1; } +[ $ret = 0 ] || { echo_i "failed"; status=1; } n=`expr $n + 1` ret=0 -echo "I:add a new the NSEC3PARAM via update ($n)" +echo_i "add a new the NSEC3PARAM via update ($n)" $NSUPDATE << EOF -server 10.53.0.3 5300 +server 10.53.0.3 ${PORT} update add nsec3param.test 3600 NSEC3PARAM 1 0 4 - send EOF sleep 1 -$DIG +tcp +noadd +nosea +nostat +noquest +nocmd +norec nsec3param.test.\ - @10.53.0.3 nsec3param -p 5300 > dig.out.ns3.$n || ret=1 +$DIG $DIGOPTS +tcp +noadd +nosea +nostat +noquest +nocmd +norec nsec3param.test.\ + @10.53.0.3 nsec3param > dig.out.ns3.$n || ret=1 grep "ANSWER: 2" dig.out.ns3.$n > /dev/null || ret=1 grep "NSEC3PARAM 1 0 4 -" dig.out.ns3.$n > /dev/null || ret=1 grep "flags:[^;]* aa[ ;]" dig.out.ns3.$n > /dev/null || ret=1 -if [ $ret != 0 ] ; then echo "I: failed"; status=`expr $ret + $status`; fi +if [ $ret != 0 ] ; then echo_i "failed"; status=`expr $ret + $status`; fi n=`expr $n + 1` ret=0 -echo "I:add, delete and change the ttl of the NSEC3PARAM rrset via update ($n)" +echo_i "add, delete and change the ttl of the NSEC3PARAM rrset via update ($n)" $NSUPDATE << EOF -server 10.53.0.3 5300 +server 10.53.0.3 ${PORT} update delete nsec3param.test NSEC3PARAM update add nsec3param.test 7200 NSEC3PARAM 1 0 5 - send @@ -420,8 +427,8 @@ EOF sleep 1 -$DIG +tcp +noadd +nosea +nostat +noquest +nocmd +norec nsec3param.test.\ - @10.53.0.3 nsec3param -p 5300 > dig.out.ns3.$n || ret=1 +$DIG $DIGOPTS +tcp +noadd +nosea +nostat +noquest +nocmd +norec nsec3param.test.\ + @10.53.0.3 nsec3param > dig.out.ns3.$n || ret=1 grep "ANSWER: 1" dig.out.ns3.$n > /dev/null || ret=1 grep "7200.*NSEC3PARAM 1 0 5 -" dig.out.ns3.$n > /dev/null || ret=1 grep "flags:[^;]* aa[ ;]" dig.out.ns3.$n > /dev/null || ret=1 @@ -433,142 +440,142 @@ grep "add nsec3param.test. 7200 IN NSEC3PARAM 1 0 1 -" jp.out.ns3.$n > /dev/null grep "add nsec3param.test. 0 IN TYPE65534 .# 6 000180000500" jp.out.ns3.$n > /dev/null || ret=1 grep "add nsec3param.test. 0 IN TYPE65534 .# 6 000140000100" jp.out.ns3.$n > /dev/null || ret=1 grep "add nsec3param.test. 0 IN TYPE65534 .# 6 000140000400" jp.out.ns3.$n > /dev/null || ret=1 -if [ $ret != 0 ] ; then echo "I: failed"; status=`expr $ret + $status`; fi +if [ $ret != 0 ] ; then echo_i "failed"; status=`expr $ret + $status`; fi ret=0 -echo "I:testing that rndc stop updates the master file" +echo_i "testing that rndc stop updates the master file" $NSUPDATE -k ns1/ddns.key < /dev/null || ret=1 -server 10.53.0.1 5300 +server 10.53.0.1 ${PORT} update add updated4.example.nil. 600 A 10.10.10.3 send END -$PERL $SYSTEMTESTTOP/stop.pl --use-rndc . ns1 +$PERL $SYSTEMTESTTOP/stop.pl --use-rndc --port ${CONTROLPORT} . ns1 # Removing the journal file and restarting the server means # that the data served by the new server process are exactly # those dumped to the master file by "rndc stop". rm -f ns1/*jnl -$PERL $SYSTEMTESTTOP/start.pl --noclean --restart . ns1 -$DIG +tcp +noadd +nosea +nostat +noquest +nocomm +nocmd updated4.example.nil.\ - @10.53.0.1 a -p 5300 > dig.out.ns1 || status=1 +$PERL $SYSTEMTESTTOP/start.pl --noclean --restart --port ${PORT} . ns1 +$DIG $DIGOPTS +tcp +noadd +nosea +nostat +noquest +nocomm +nocmd updated4.example.nil.\ + @10.53.0.1 a > dig.out.ns1 || status=1 $PERL ../digcomp.pl knowngood.ns1.afterstop dig.out.ns1 || ret=1 -[ $ret = 0 ] || { echo I:failed; status=1; } +[ $ret = 0 ] || { echo_i "failed"; status=1; } ret=0 -echo "I:check that 'nsupdate -l' with a missing keyfile reports the missing file" -$NSUPDATE -4 -l -p 5300 -k ns1/nonexistant.key 2> nsupdate.out < /dev/null +echo_i "check that 'nsupdate -l' with a missing keyfile reports the missing file" +$NSUPDATE -4 -p ${PORT} -l -k ns1/nonexistant.key 2> nsupdate.out < /dev/null grep ns1/nonexistant.key nsupdate.out > /dev/null || ret=1 if test $ret -ne 0 then -echo "I:failed"; status=1 +echo_i "failed"; status=1 fi n=`expr $n + 1` ret=0 -echo "I:check that 'update-policy local' works from localhost address ($n)" -$NSUPDATE -p 5300 -k ns5/session.key > nsupdate.out.$n 2>&1 << END || ret=1 -server 10.53.0.5 5300 +echo_i "check that 'update-policy local' works from localhost address ($n)" +$NSUPDATE -k ns5/session.key > nsupdate.out.$n 2>&1 << END || ret=1 +server 10.53.0.5 ${PORT} local 127.0.0.1 update add fromlocal.local.nil. 600 A 1.2.3.4 send END grep REFUSED nsupdate.out.$n > /dev/null 2>&1 && ret=1 -$DIG @10.53.0.5 -p 5300 \ +$DIG $DIGOPTS @10.53.0.5 \ +tcp +noadd +nosea +nostat +noquest +nocomm +nocmd \ fromlocal.local.nil. > dig.out.ns5.$n || ret=1 grep fromlocal dig.out.ns5.$n > /dev/null 2>&1 || ret=1 if test $ret -ne 0 then -echo "I:failed"; status=1 +echo_i "failed"; status=1 fi n=`expr $n + 1` ret=0 -echo "I:check that 'update-policy local' fails from non-localhost address ($n)" +echo_i "check that 'update-policy local' fails from non-localhost address ($n)" grep 'match on session key not from localhost' ns5/named.run > /dev/null && ret=1 -$NSUPDATE -p 5300 -k ns5/session.key > nsupdate.out.$n 2>&1 << END && ret=1 -server 10.53.0.5 5300 +$NSUPDATE -k ns5/session.key > nsupdate.out.$n 2>&1 << END && ret=1 +server 10.53.0.5 ${PORT} local 10.53.0.1 update add nonlocal.local.nil. 600 A 4.3.2.1 send END grep REFUSED nsupdate.out.$n > /dev/null 2>&1 || ret=1 grep 'match on session key not from localhost' ns5/named.run > /dev/null || ret=1 -$DIG @10.53.0.5 -p 5300 \ +$DIG $DIGOPTS @10.53.0.5 \ +tcp +noadd +nosea +nostat +noquest +nocomm +nocmd \ nonlocal.local.nil. > dig.out.ns5.$n || ret=1 grep nonlocal dig.out.ns5.$n > /dev/null 2>&1 && ret=1 if test $ret -ne 0 then -echo "I:failed"; status=1 +echo_i "failed"; status=1 fi n=`expr $n + 1` ret=0 -echo "I:check that changes to the DNSKEY RRset TTL do not have side effects ($n)" -$DIG +tcp +noadd +nosea +nostat +noquest +nocomm +nocmd dnskey.test. \ - @10.53.0.3 -p 5300 dnskey | \ +echo_i "check that changes to the DNSKEY RRset TTL do not have side effects ($n)" +$DIG $DIGOPTS +tcp +noadd +nosea +nostat +noquest +nocomm +nocmd dnskey.test. \ + @10.53.0.3 dnskey | \ sed -n 's/\(.*\)10.IN/update add \1600 IN/p' | - (echo server 10.53.0.3 5300; cat - ; echo send ) | + (echo server 10.53.0.3 ${PORT}; cat - ; echo send ) | $NSUPDATE -$DIG +tcp +noadd +nosea +nostat +noquest +nocomm +nocmd dnskey.test. \ - @10.53.0.3 -p 5300 any > dig.out.ns3.$n +$DIG $DIGOPTS +tcp +noadd +nosea +nostat +noquest +nocomm +nocmd dnskey.test. \ + @10.53.0.3 any > dig.out.ns3.$n grep "600.*DNSKEY" dig.out.ns3.$n > /dev/null || ret=1 grep TYPE65534 dig.out.ns3.$n > /dev/null && ret=1 if test $ret -ne 0 then -echo "I:failed"; status=1 +echo_i "failed"; status=1 fi n=`expr $n + 1` ret=0 -echo "I:check notify with TSIG worked ($n)" +echo_i "check notify with TSIG worked ($n)" # if the alternate view received a notify--meaning, the notify was # validly signed by "altkey"--then the zonefile update.alt.bk will # will have been created. [ -f ns2/update.alt.bk ] || ret=1 if [ $ret -ne 0 ]; then - echo "I:failed" + echo_i "failed" status=1 fi n=`expr $n + 1` ret=0 -echo "I:check type list options ($n)" -$NSUPDATE -T > typelist.out.T.${n} || { ret=1; echo "I: nsupdate -T failed"; } -$NSUPDATE -P > typelist.out.P.${n} || { ret=1; echo "I: nsupdate -P failed"; } -$NSUPDATE -TP > typelist.out.TP.${n} || { ret=1; echo "I: nsupdate -TP failed"; } -grep ANY typelist.out.T.${n} > /dev/null && { ret=1; echo "I: failed: ANY found (-T)"; } -grep ANY typelist.out.P.${n} > /dev/null && { ret=1; echo "I: failed: ANY found (-P)"; } -grep ANY typelist.out.TP.${n} > /dev/null && { ret=1; echo "I: failed: ANY found (-TP)"; } -grep KEYDATA typelist.out.T.${n} > /dev/null && { ret=1; echo "I: failed: KEYDATA found (-T)"; } -grep KEYDATA typelist.out.P.${n} > /dev/null && { ret=1; echo "I: failed: KEYDATA found (-P)"; } -grep KEYDATA typelist.out.TP.${n} > /dev/null && { ret=1; echo "I: failed: KEYDATA found (-TP)"; } -grep AAAA typelist.out.T.${n} > /dev/null || { ret=1; echo "I: failed: AAAA not found (-T)"; } -grep AAAA typelist.out.P.${n} > /dev/null && { ret=1; echo "I: failed: AAAA found (-P)"; } -grep AAAA typelist.out.TP.${n} > /dev/null || { ret=1; echo "I: failed: AAAA not found (-TP)"; } +echo_i "check type list options ($n)" +$NSUPDATE -T > typelist.out.T.${n} || { ret=1; echo_i "nsupdate -T failed"; } +$NSUPDATE -P > typelist.out.P.${n} || { ret=1; echo_i "nsupdate -P failed"; } +$NSUPDATE -TP > typelist.out.TP.${n} || { ret=1; echo_i "nsupdate -TP failed"; } +grep ANY typelist.out.T.${n} > /dev/null && { ret=1; echo_i "failed: ANY found (-T)"; } +grep ANY typelist.out.P.${n} > /dev/null && { ret=1; echo_i "failed: ANY found (-P)"; } +grep ANY typelist.out.TP.${n} > /dev/null && { ret=1; echo_i "failed: ANY found (-TP)"; } +grep KEYDATA typelist.out.T.${n} > /dev/null && { ret=1; echo_i "failed: KEYDATA found (-T)"; } +grep KEYDATA typelist.out.P.${n} > /dev/null && { ret=1; echo_i "failed: KEYDATA found (-P)"; } +grep KEYDATA typelist.out.TP.${n} > /dev/null && { ret=1; echo_i "failed: KEYDATA found (-TP)"; } +grep AAAA typelist.out.T.${n} > /dev/null || { ret=1; echo_i "failed: AAAA not found (-T)"; } +grep AAAA typelist.out.P.${n} > /dev/null && { ret=1; echo_i "failed: AAAA found (-P)"; } +grep AAAA typelist.out.TP.${n} > /dev/null || { ret=1; echo_i "failed: AAAA not found (-TP)"; } if [ $ret -ne 0 ]; then - echo "I:failed" + echo_i "failed" status=1 fi n=`expr $n + 1` ret=0 -echo "I:check command list ($n)" +echo_i "check command list ($n)" ( while read cmd do echo "$cmd" | $NSUPDATE > /dev/null 2>&1 if test $? -gt 1 ; then - echo "I: failed ($cmd)" + echo_i "failed ($cmd)" ret=1 fi echo "$cmd " | $NSUPDATE > /dev/null 2>&1 if test $? -gt 1 ; then - echo "I: failed ($cmd)" + echo_i "failed ($cmd)" ret=1 fi done @@ -580,68 +587,68 @@ fi n=`expr $n + 1` ret=0 -echo "I:check TSIG key algorithms ($n)" +echo_i "check TSIG key algorithms ($n)" for alg in md5 sha1 sha224 sha256 sha384 sha512; do $NSUPDATE -k ns1/${alg}.key < /dev/null || ret=1 -server 10.53.0.1 5300 +server 10.53.0.1 ${PORT} update add ${alg}.keytests.nil. 600 A 10.10.10.3 send END done sleep 2 for alg in md5 sha1 sha224 sha256 sha384 sha512; do - $DIG +short @10.53.0.1 -p 5300 ${alg}.keytests.nil | grep 10.10.10.3 > /dev/null 2>&1 || ret=1 + $DIG $DIGOPTS +short @10.53.0.1 ${alg}.keytests.nil | grep 10.10.10.3 > /dev/null 2>&1 || ret=1 done if [ $ret -ne 0 ]; then - echo "I:failed" + echo_i "failed" status=1 fi n=`expr $n + 1` ret=0 -echo "I:check that ttl is capped by max-ttl ($n)" +echo_i "check that ttl is capped by max-ttl ($n)" $NSUPDATE < /dev/null || ret=1 -server 10.53.0.1 5300 +server 10.53.0.1 ${PORT} update add cap.max-ttl.nil. 600 A 10.10.10.3 update add nocap.max-ttl.nil. 150 A 10.10.10.3 send END sleep 2 -$DIG @10.53.0.1 -p 5300 cap.max-ttl.nil | grep "^cap.max-ttl.nil. 300" > /dev/null 2>&1 || ret=1 -$DIG @10.53.0.1 -p 5300 nocap.max-ttl.nil | grep "^nocap.max-ttl.nil. 150" > /dev/null 2>&1 || ret=1 +$DIG $DIGOPTS @10.53.0.1 cap.max-ttl.nil | grep "^cap.max-ttl.nil. 300" > /dev/null 2>&1 || ret=1 +$DIG $DIGOPTS @10.53.0.1 nocap.max-ttl.nil | grep "^nocap.max-ttl.nil. 150" > /dev/null 2>&1 || ret=1 if [ $ret -ne 0 ]; then - echo "I:failed" + echo_i "failed" status=1 fi n=`expr $n + 1` ret=0 -echo "I:add a record which is truncated when logged. ($n)" +echo_i "add a record which is truncated when logged. ($n)" $NSUPDATE verylarge || ret=1 -$DIG +tcp @10.53.0.1 -p 5300 txt txt.update.nil > dig.out.ns1.test$n +$DIG $DIGOPTS +tcp @10.53.0.1 txt txt.update.nil > dig.out.ns1.test$n grep "ANSWER: 1," dig.out.ns1.test$n > /dev/null || ret=1 grep "adding an RR at 'txt.update.nil' TXT .* \[TRUNCATED\]" ns1/named.run > /dev/null || ret=1 if [ $ret -ne 0 ]; then - echo "I:failed" + echo_i "failed" status=1 fi n=`expr $n + 1` ret=0 -echo "I:check that yyyymmddvv serial number is correctly generated ($n)" -oldserial=`$DIG +short yyyymmddvv.nil. soa @10.53.0.1 -p 5300 | awk '{print $3}'` || ret=1 +echo_i "check that yyyymmddvv serial number is correctly generated ($n)" +oldserial=`$DIG $DIGOPTS +short yyyymmddvv.nil. soa @10.53.0.1 | awk '{print $3}'` || ret=1 $NSUPDATE < /dev/null 2>&1 || ret=1 - server 10.53.0.1 5300 + server 10.53.0.1 ${PORT} ttl 600 update add new.yyyymmddvv.nil in a 1.2.3.4 send END now=`$PERL -e '@lt=localtime(); printf "%.4d%0.2d%0.2d00\n",$lt[5]+1900,$lt[4]+1,$lt[3];'` sleep 1 -serial=`$DIG +short yyyymmddvv.nil. soa @10.53.0.1 -p 5300 | awk '{print $3}'` || ret=1 +serial=`$DIG $DIGOPTS +short yyyymmddvv.nil. soa @10.53.0.1 | awk '{print $3}'` || ret=1 [ "$oldserial" -ne "$serial" ] || ret=1 [ "$serial" -eq "$now" ] || ret=1 -[ $ret = 0 ] || { echo I:failed; status=1; } +[ $ret = 0 ] || { echo_i "failed"; status=1; } # # Refactor to use perl to launch the parallel updates. @@ -649,7 +656,7 @@ serial=`$DIG +short yyyymmddvv.nil. soa @10.53.0.1 -p 5300 | awk '{print $3}'` | if false then n=`expr $n + 1` -echo "I:send many simultaneous updates via a update forwarder ($n)" +echo_i "send many simultaneous updates via a update forwarder ($n)" ret=0 for i in 0 1 2 3 4 5 6 7 do @@ -658,7 +665,7 @@ do do ( $NSUPDATE << EOF -server 10.53.0.3 5300 +server 10.53.0.3 ${PORT} zone many.test update add $i-$j.many.test 0 IN A 1.2.3.4 send @@ -669,19 +676,19 @@ EOF ) & done wait -dig axfr many.test @10.53.0.1 -p 5300 > dig.out.test$n +dig axfr many.test @10.53.0.1 > dig.out.test$n lines=`awk '$4 == "A" { l++ } END { print l }' dig.out.test$n` test ${lines:-0} -eq 64 || ret=1 -[ $ret = 0 ] || { echo I:failed; status=1; } +[ $ret = 0 ] || { echo_i "failed"; status=1; } fi n=`expr $n + 1` -echo "I:check max-journal-size limits ($n)" +echo_i "check max-journal-size limits ($n)" ret=0 rm -f nsupdate.out1-$n # add one record $NSUPDATE << EOF >> nsupdate.out1-$n 2>&1 -server 10.53.0.1 5300 +server 10.53.0.1 ${PORT} zone maxjournal.test update add z.maxjournal.test 300 IN A 10.20.30.40 send @@ -690,7 +697,7 @@ for i in 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20; do # repeatedly add and remove the same set of records to fill up # the journal file without changing the zone content $NSUPDATE << EOF >> nsupdate.out1-$n 2>&1 -server 10.53.0.1 5300 +server 10.53.0.1 ${PORT} zone maxjournal.test update add a.maxjournal.test 300 IN A 1.2.3.4 update add b.maxjournal.test 300 IN A 1.2.3.4 @@ -708,7 +715,7 @@ done size=`$PERL -e 'use File::stat; my $sb = stat(@ARGV[0]); printf("%s\n", $sb->size);' ns1/maxjournal.db.jnl` [ "$size" -gt 6000 ] || ret=1 sleep 1 -$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 sync maxjournal.test +$RNDCCMD 10.53.0.1 sync maxjournal.test for i in 1 2 3 4 5 6 do sleep 1 @@ -717,10 +724,10 @@ do done size=`$PERL -e 'use File::stat; my $sb = stat(@ARGV[0]); printf("%s\n", $sb->size);' ns1/maxjournal.db.jnl` [ "$size" -lt 5000 ] || ret=1 -[ $ret = 0 ] || { echo I:failed; status=1; } +[ $ret = 0 ] || { echo_i "failed"; status=1; } n=`expr $n + 1` -echo "I:check check-names processing ($n)" +echo_i "check check-names processing ($n)" ret=0 $NSUPDATE << EOF > nsupdate.out1-$n 2>&1 update add # 0 in a 1.2.3.4 @@ -744,159 +751,159 @@ update add . 0 in mx 0 # EOF grep "bad name" nsupdate.out4-$n > /dev/null && ret=1 -[ $ret = 0 ] || { echo I:failed; status=1; } +[ $ret = 0 ] || { echo_i "failed"; status=1; } n=`expr $n + 1` -echo "I:check adding of delegating NS records processing ($n)" +echo_i "check adding of delegating NS records processing ($n)" ret=0 $NSUPDATE -v << EOF > nsupdate.out-$n 2>&1 || ret=1 -server 10.53.0.3 5300 +server 10.53.0.3 ${PORT} zone delegation.test. update add child.delegation.test. 3600 NS foo.example.net. update add child.delegation.test. 3600 NS bar.example.net. send EOF -$DIG +tcp @10.53.0.3 -p 5300 ns child.delegation.test > dig.out.ns1.test$n +$DIG $DIGOPTS +tcp @10.53.0.3 ns child.delegation.test > dig.out.ns1.test$n grep "status: NOERROR" dig.out.ns1.test$n > /dev/null 2>&1 || ret=1 grep "AUTHORITY: 2" dig.out.ns1.test$n > /dev/null 2>&1 || ret=1 -[ $ret = 0 ] || { echo I:failed; status=1; } +[ $ret = 0 ] || { echo_i "failed"; status=1; } n=`expr $n + 1` -echo "I:check deleting of delegating NS records processing ($n)" +echo_i "check deleting of delegating NS records processing ($n)" ret=0 $NSUPDATE -v << EOF > nsupdate.out-$n 2>&1 || ret=1 -server 10.53.0.3 5300 +server 10.53.0.3 ${PORT} zone delegation.test. update del child.delegation.test. 3600 NS foo.example.net. update del child.delegation.test. 3600 NS bar.example.net. send EOF -$DIG +tcp @10.53.0.3 -p 5300 ns child.delegation.test > dig.out.ns1.test$n +$DIG $DIGOPTS +tcp @10.53.0.3 ns child.delegation.test > dig.out.ns1.test$n grep "status: NXDOMAIN" dig.out.ns1.test$n > /dev/null 2>&1 || ret=1 -[ $ret = 0 ] || { echo I:failed; status=1; } +[ $ret = 0 ] || { echo_i "failed"; status=1; } n=`expr $n + 1` -echo "I:check that adding too many records is blocked ($n)" +echo_i "check that adding too many records is blocked ($n)" ret=0 $NSUPDATE -v << EOF > nsupdate.out-$n 2>&1 && ret=1 -server 10.53.0.3 5300 +server 10.53.0.3 ${PORT} zone too-big.test. update add r1.too-big.test 3600 IN TXT r1.too-big.test send EOF grep "update failed: SERVFAIL" nsupdate.out-$n > /dev/null || ret=1 -$DIG +tcp @10.53.0.3 -p 5300 r1.too-big.test TXT > dig.out.ns3.test$n +$DIG $DIGOPTS +tcp @10.53.0.3 r1.too-big.test TXT > dig.out.ns3.test$n grep "status: NXDOMAIN" dig.out.ns3.test$n > /dev/null || ret=1 grep "records in zone (4) exceeds max-records (3)" ns3/named.run > /dev/null || ret=1 -[ $ret = 0 ] || { echo I:failed; status=1; } +[ $ret = 0 ] || { echo_i "failed"; status=1; } n=`expr $n + 1` ret=0 -echo "I:check whether valid addresses are used for master failover ($n)" +echo_i "check whether valid addresses are used for master failover ($n)" $NSUPDATE -t 1 < nsupdate.out-$n 2>&1 && ret=1 -server 10.53.0.4 5300 +server 10.53.0.4 ${PORT} zone unreachable. update add unreachable. 600 A 192.0.2.1 send END -grep "; Communication with 10.53.0.4#5300 failed: timed out" nsupdate.out-$n > /dev/null 2>&1 || ret=1 +grep "; Communication with 10.53.0.4#${PORT} failed: timed out" nsupdate.out-$n > /dev/null 2>&1 || ret=1 grep "not implemented" nsupdate.out-$n > /dev/null 2>&1 && ret=1 -[ $ret = 0 ] || { echo I:failed; status=1; } +[ $ret = 0 ] || { echo_i "failed"; status=1; } n=`expr $n + 1` ret=0 -echo "I:ensure bad owner name is fatal in non-interactive mode ($n)" +echo_i "ensure bad owner name is fatal in non-interactive mode ($n)" $NSUPDATE < nsupdate.out 2>&1 && ret=1 update add emptylabel..nil. 600 A 10.10.10.1 END grep "invalid owner name: empty label" nsupdate.out > /dev/null || ret=1 grep "syntax error" nsupdate.out > /dev/null || ret=1 -[ $ret = 0 ] || { echo I:failed; status=1; } +[ $ret = 0 ] || { echo_i "failed"; status=1; } n=`expr $n + 1` ret=0 -echo "I:ensure bad owner name is not fatal in interactive mode ($n)" +echo_i "ensure bad owner name is not fatal in interactive mode ($n)" $NSUPDATE -i < nsupdate.out 2>&1 || ret=1 update add emptylabel..nil. 600 A 10.10.10.1 END grep "invalid owner name: empty label" nsupdate.out > /dev/null || ret=1 -[ $ret = 0 ] || { echo I:failed; status=1; } +[ $ret = 0 ] || { echo_i "failed"; status=1; } n=`expr $n + 1` ret=0 -echo "I:ensure invalid key type is fatal in non-interactive mode ($n)" +echo_i "ensure invalid key type is fatal in non-interactive mode ($n)" $NSUPDATE < nsupdate.out 2>&1 && ret=1 key badkeytype:example abcd12345678 END grep "unknown key type 'badkeytype'" nsupdate.out > /dev/null || ret=1 grep "syntax error" nsupdate.out > /dev/null || ret=1 -[ $ret = 0 ] || { echo I:failed; status=1; } +[ $ret = 0 ] || { echo_i "failed"; status=1; } n=`expr $n + 1` ret=0 -echo "I:ensure invalid key type is not fatal in interactive mode ($n)" +echo_i "ensure invalid key type is not fatal in interactive mode ($n)" $NSUPDATE -i < nsupdate.out 2>&1 || ret=1 key badkeytype:example abcd12345678 END grep "unknown key type 'badkeytype'" nsupdate.out > /dev/null || ret=1 -[ $ret = 0 ] || { echo I:failed; status=1; } +[ $ret = 0 ] || { echo_i "failed"; status=1; } n=`expr $n + 1` ret=0 -echo "I:ensure unresolvable server name is fatal in non-interactive mode ($n)" +echo_i "ensure unresolvable server name is fatal in non-interactive mode ($n)" $NSUPDATE < nsupdate.out 2>&1 && ret=1 server unresolvable.. END grep "couldn't get address for 'unresolvable..': not found" nsupdate.out > /dev/null || ret=1 grep "syntax error" nsupdate.out > /dev/null || ret=1 -[ $ret = 0 ] || { echo I:failed; status=1; } +[ $ret = 0 ] || { echo_i "failed"; status=1; } n=`expr $n + 1` ret=0 -echo "I:ensure unresolvable server name is not fatal in interactive mode ($n)" +echo_i "ensure unresolvable server name is not fatal in interactive mode ($n)" $NSUPDATE -i < nsupdate.out 2>&1 || ret=1 server unresolvable.. END grep "couldn't get address for 'unresolvable..': not found" nsupdate.out > /dev/null || ret=1 -[ $ret = 0 ] || { echo I:failed; status=1; } +[ $ret = 0 ] || { echo_i "failed"; status=1; } n=`expr $n + 1` ret=0 -echo "I:check nsupdate -4 -6 ($n)" +echo_i "check nsupdate -4 -6 ($n)" $NSUPDATE -4 -6 < nsupdate.out-$n 2>&1 && ret=1 -server 10.53.0.3 5300 +server 10.53.0.3 ${PORT} zone delegation.test. update del child.delegation.test. 3600 NS foo.example.net. update del child.delegation.test. 3600 NS bar.example.net. send END grep "only one of -4 and -6 allowed" nsupdate.out-$n > /dev/null 2>&1 || ret=1 -[ $ret = 0 ] || { echo I:failed; status=1; } +[ $ret = 0 ] || { echo_i "failed"; status=1; } n=`expr $n + 1` ret=0 -echo "I:check nsupdate -4 with an IPv6 server address ($n)" +echo_i "check nsupdate -4 with an IPv6 server address ($n)" $NSUPDATE -4 < nsupdate.out-$n 2>&1 && ret=1 -server fd92:7065:b8e:ffff::2 5300 +server fd92:7065:b8e:ffff::2 ${PORT} zone delegation.test. update del child.delegation.test. 3600 NS foo.example.net. update del child.delegation.test. 3600 NS bar.example.net. send END grep "address family not supported" nsupdate.out-$n > /dev/null 2>&1 || ret=1 -[ $ret = 0 ] || { echo I:failed; status=1; } +[ $ret = 0 ] || { echo_i "failed"; status=1; } n=`expr $n + 1` ret=0 -echo "I:check that TKEY in a update is rejected ($n)" +echo_i "check that TKEY in a update is rejected ($n)" $NSUPDATE -d < nsupdate.out-$n 2>&1 && ret=1 -server 10.53.0.3 5300 +server 10.53.0.3 ${PORT} update add tkey.example 0 in tkey invalid.algorithm. 1516055980 1516140801 1 0 16 gRof8D2BFKvl/vrr9Lmnjw== 16 gRof8D2BFKvl/vrr9Lmnjw== send END grep "UPDATE, status: NOERROR" nsupdate.out-$n > /dev/null 2>&1 || ret=1 grep "UPDATE, status: FORMERR" nsupdate.out-$n > /dev/null 2>&1 || ret=1 -[ $ret = 0 ] || { echo I:failed; status=1; } +[ $ret = 0 ] || { echo_i "failed"; status=1; } # # Add client library tests here @@ -907,73 +914,73 @@ then n=`expr $n + 1` ret=0 - echo "I:check that dns_client_update handles prerequisite NXDOMAIN failure ($n)" - $SAMPLEUPDATE -P 5300 -a 10.53.0.1 -a 10.53.0.2 -p "nxdomain exists.sample" \ + echo_i "check that dns_client_update handles prerequisite NXDOMAIN failure ($n)" + $SAMPLEUPDATE -P ${PORT} -a 10.53.0.1 -a 10.53.0.2 -p "nxdomain exists.sample" \ add "nxdomain-exists.sample 0 in a 1.2.3.4" > update.out.test$n 2>&1 - $SAMPLEUPDATE -P 5300 -a 10.53.0.2 -p "nxdomain exists.sample" \ + $SAMPLEUPDATE -P ${PORT} -a 10.53.0.2 -p "nxdomain exists.sample" \ add "check-nxdomain-exists.sample 0 in a 1.2.3.4" > update.out.check$n 2>&1 - $DIG +tcp @10.53.0.1 -p 5300 a nxdomain-exists.sample > dig.out.ns1.test$n - $DIG +tcp @10.53.0.2 -p 5300 a nxdomain-exists.sample > dig.out.ns2.test$n - $DIG +tcp @10.53.0.2 -p 5300 a check-nxdomain-exists.sample > check.out.ns2.test$n + $DIG $DIGOPTS +tcp @10.53.0.1 a nxdomain-exists.sample > dig.out.ns1.test$n + $DIG $DIGOPTS +tcp @10.53.0.2 a nxdomain-exists.sample > dig.out.ns2.test$n + $DIG $DIGOPTS +tcp @10.53.0.2 a check-nxdomain-exists.sample > check.out.ns2.test$n grep "update failed: YXDOMAIN" update.out.test$n > /dev/null || ret=1 grep "update succeeded" update.out.check$n > /dev/null || ret=1 grep "status: NXDOMAIN" dig.out.ns1.test$n > /dev/null || ret=1 grep "status: NXDOMAIN" dig.out.ns2.test$n > /dev/null || ret=1 grep "status: NOERROR" check.out.ns2.test$n > /dev/null || ret=1 - [ $ret = 0 ] || { echo I:failed; status=1; } + [ $ret = 0 ] || { echo_i "failed"; status=1; } n=`expr $n + 1` ret=0 - echo "I:check that dns_client_update handles prerequisite YXDOMAIN failure ($n)" - $SAMPLEUPDATE -P 5300 -a 10.53.0.1 -a 10.53.0.2 -p "yxdomain nxdomain.sample" \ + echo_i "check that dns_client_update handles prerequisite YXDOMAIN failure ($n)" + $SAMPLEUPDATE -P ${PORT} -a 10.53.0.1 -a 10.53.0.2 -p "yxdomain nxdomain.sample" \ add "yxdomain-nxdomain.sample 0 in a 1.2.3.4" > update.out.test$n 2>&1 - $SAMPLEUPDATE -P 5300 -a 10.53.0.2 -p "yxdomain nxdomain.sample" \ + $SAMPLEUPDATE -P ${PORT} -a 10.53.0.2 -p "yxdomain nxdomain.sample" \ add "check-yxdomain-nxdomain.sample 0 in a 1.2.3.4" > update.out.check$n 2>&1 - $DIG +tcp @10.53.0.1 -p 5300 a nxdomain-exists.sample > dig.out.ns1.test$n - $DIG +tcp @10.53.0.2 -p 5300 a nxdomain-exists.sample > dig.out.ns2.test$n - $DIG +tcp @10.53.0.2 -p 5300 a check-nxdomain-exists.sample > check.out.ns2.test$n + $DIG $DIGOPTS +tcp @10.53.0.1 a nxdomain-exists.sample > dig.out.ns1.test$n + $DIG $DIGOPTS +tcp @10.53.0.2 a nxdomain-exists.sample > dig.out.ns2.test$n + $DIG $DIGOPTS +tcp @10.53.0.2 a check-nxdomain-exists.sample > check.out.ns2.test$n grep "update failed: NXDOMAIN" update.out.test$n > /dev/null || ret=1 grep "update succeeded" update.out.check$n > /dev/null || ret=1 grep "status: NXDOMAIN" dig.out.ns1.test$n > /dev/null || ret=1 grep "status: NXDOMAIN" dig.out.ns2.test$n > /dev/null || ret=1 grep "status: NOERROR" check.out.ns2.test$n > /dev/null || ret=1 - [ $ret = 0 ] || { echo I:failed; status=1; } + [ $ret = 0 ] || { echo_i "failed"; status=1; } n=`expr $n + 1` ret=0 - echo "I:check that dns_client_update handles prerequisite NXRRSET failure ($n)" - $SAMPLEUPDATE -P 5300 -a 10.53.0.1 -a 10.53.0.2 -p "nxrrset exists.sample TXT This RRset exists." \ + echo_i "check that dns_client_update handles prerequisite NXRRSET failure ($n)" + $SAMPLEUPDATE -P ${PORT} -a 10.53.0.1 -a 10.53.0.2 -p "nxrrset exists.sample TXT This RRset exists." \ add "nxrrset-exists.sample 0 in a 1.2.3.4" > update.out.test$n 2>&1 - $SAMPLEUPDATE -P 5300 -a 10.53.0.2 -p "nxrrset exists.sample TXT This RRset exists." \ + $SAMPLEUPDATE -P ${PORT} -a 10.53.0.2 -p "nxrrset exists.sample TXT This RRset exists." \ add "check-nxrrset-exists.sample 0 in a 1.2.3.4" > update.out.check$n 2>&1 - $DIG +tcp @10.53.0.1 -p 5300 a nxrrset-exists.sample > dig.out.ns1.test$n - $DIG +tcp @10.53.0.2 -p 5300 a nxrrset-exists.sample > dig.out.ns2.test$n - $DIG +tcp @10.53.0.2 -p 5300 a check-nxrrset-exists.sample > check.out.ns2.test$n + $DIG $DIGOPTS +tcp @10.53.0.1 a nxrrset-exists.sample > dig.out.ns1.test$n + $DIG $DIGOPTS +tcp @10.53.0.2 a nxrrset-exists.sample > dig.out.ns2.test$n + $DIG $DIGOPTS +tcp @10.53.0.2 a check-nxrrset-exists.sample > check.out.ns2.test$n grep "update failed: YXRRSET" update.out.test$n > /dev/null || ret=1 grep "update succeeded" update.out.check$n > /dev/null || ret=1 grep "status: NXDOMAIN" dig.out.ns1.test$n > /dev/null || ret=1 grep "status: NXDOMAIN" dig.out.ns2.test$n > /dev/null || ret=1 grep "status: NOERROR" check.out.ns2.test$n > /dev/null || ret=1 - [ $ret = 0 ] || { echo I:failed; status=1; } + [ $ret = 0 ] || { echo_i "failed"; status=1; } n=`expr $n + 1` ret=0 - echo "I:check that dns_client_update handles prerequisite YXRRSET failure ($n)" - $SAMPLEUPDATE -s -P 5300 -a 10.53.0.1 -a 10.53.0.2 \ + echo_i "check that dns_client_update handles prerequisite YXRRSET failure ($n)" + $SAMPLEUPDATE -s -P ${PORT} -a 10.53.0.1 -a 10.53.0.2 \ -p "yxrrset no-txt.sample TXT" \ add "yxrrset-nxrrset.sample 0 in a 1.2.3.4" > update.out.test$n 2>&1 - $SAMPLEUPDATE -P 5300 -a 10.53.0.2 -p "yxrrset no-txt.sample TXT" \ + $SAMPLEUPDATE -P ${PORT} -a 10.53.0.2 -p "yxrrset no-txt.sample TXT" \ add "check-yxrrset-nxrrset.sample 0 in a 1.2.3.4" > update.out.check$n 2>&1 - $DIG +tcp @10.53.0.1 -p 5300 a yxrrset-nxrrset.sample > dig.out.ns1.test$n - $DIG +tcp @10.53.0.2 -p 5300 a yxrrset-nxrrset.sample > dig.out.ns2.test$n - $DIG +tcp @10.53.0.2 -p 5300 a check-yxrrset-nxrrset.sample > check.out.ns2.test$n + $DIG $DIGOPTS +tcp @10.53.0.1 a yxrrset-nxrrset.sample > dig.out.ns1.test$n + $DIG $DIGOPTS +tcp @10.53.0.2 a yxrrset-nxrrset.sample > dig.out.ns2.test$n + $DIG $DIGOPTS +tcp @10.53.0.2 a check-yxrrset-nxrrset.sample > check.out.ns2.test$n grep "update failed: NXRRSET" update.out.test$n > /dev/null || ret=1 grep "update succeeded" update.out.check$n > /dev/null || ret=1 grep "status: NXDOMAIN" dig.out.ns1.test$n > /dev/null || ret=1 grep "status: NXDOMAIN" dig.out.ns2.test$n > /dev/null || ret=1 grep "status: NOERROR" check.out.ns2.test$n > /dev/null || ret=1 grep "2nd update failed: NXRRSET" update.out.test$n > /dev/null || ret=1 - [ $ret = 0 ] || { echo I:failed; status=1; } + [ $ret = 0 ] || { echo_i "failed"; status=1; } fi @@ -981,5 +988,5 @@ fi # End client library tests here # -echo "I:exit status: $status" +echo_i "exit status: $status" [ $status -eq 0 ] || exit 1 diff --git a/bin/tests/system/nsupdate/update_test.pl b/bin/tests/system/nsupdate/update_test.pl index 2290782584..cbbdeb20a6 100644 --- a/bin/tests/system/nsupdate/update_test.pl +++ b/bin/tests/system/nsupdate/update_test.pl @@ -28,8 +28,6 @@ # # perl -MCPAN -e "install Net::DNS" # -# $Id: update_test.pl,v 1.10 2007/06/19 23:47:04 tbox Exp $ -# use Getopt::Std; use Net::DNS; @@ -56,7 +54,7 @@ my $failures = 0; sub assert { my ($cond, $explanation) = @_; if (!$cond) { - print "I:Test Failed: $explanation ***\n"; + print "Test Failed: $explanation ***\n"; $failures++ } } @@ -77,13 +75,13 @@ sub test { my $rcode = $reply->header->rcode; assert($rcode eq $expected, "expected $expected, got $rcode"); } else { - print "I:Update failed: ", $res->errorstring, "\n"; + print "Update failed: ", $res->errorstring, "\n"; } } sub section { my ($msg) = @_; - print "I:$msg\n"; + print "$msg\n"; } section("Delete any leftovers from previous tests"); @@ -410,8 +408,8 @@ test("NOERROR", ["update", rr_add("u.$zone 300 NS ns.u.$zone")]); test("NOERROR", ["update", rr_del("u.$zone NS ns.u.$zone")]); if ($failures) { - print "I:$failures tests failed.\n"; + print "$failures tests failed.\n"; } else { - print "I:All tests successful.\n"; + print "All tests successful.\n"; } exit $failures; diff --git a/bin/tests/system/nsupdate/verylarge b/bin/tests/system/nsupdate/verylarge.in similarity index 99% rename from bin/tests/system/nsupdate/verylarge rename to bin/tests/system/nsupdate/verylarge.in index ee879392e2..2e662217ef 100644 --- a/bin/tests/system/nsupdate/verylarge +++ b/bin/tests/system/nsupdate/verylarge.in @@ -1,3 +1,3 @@ -server 10.53.0.1 5300 +server 10.53.0.1 @PORT@ update add txt.update.nil. 600 TXT 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 1234567890 send diff --git a/bin/tests/system/nzd2nzf/clean.sh b/bin/tests/system/nzd2nzf/clean.sh index 570ed69f06..7fcf80b211 100644 --- a/bin/tests/system/nzd2nzf/clean.sh +++ b/bin/tests/system/nzd2nzf/clean.sh @@ -6,8 +6,10 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. +rm -f */named.conf +rm -f */named.run +rm -f */named.memstats rm -f dig.out.* rm -f rndc.out* -rm -f */named.memstats rm -f ns*/*.nzf rm -f ns*/*.nzd ns*/*.nzd-lock diff --git a/bin/tests/system/nzd2nzf/ns1/named.conf b/bin/tests/system/nzd2nzf/ns1/named.conf.in similarity index 85% rename from bin/tests/system/nzd2nzf/ns1/named.conf rename to bin/tests/system/nzd2nzf/ns1/named.conf.in index 1cbf8b0c0a..a4ba6421f2 100644 --- a/bin/tests/system/nzd2nzf/ns1/named.conf +++ b/bin/tests/system/nzd2nzf/ns1/named.conf.in @@ -7,7 +7,7 @@ */ options { - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.1; }; listen-on-v6 { none; }; @@ -22,5 +22,5 @@ key rndc_key { }; controls { - inet 10.53.0.1 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.1 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; diff --git a/bin/tests/system/nzd2nzf/prereq.sh b/bin/tests/system/nzd2nzf/prereq.sh index 0a8fd5bd2b..22cf6f82ab 100644 --- a/bin/tests/system/nzd2nzf/prereq.sh +++ b/bin/tests/system/nzd2nzf/prereq.sh @@ -8,7 +8,7 @@ SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh if [ -z "$NZD" ]; then - echo "I:This test requires LMBD support (--with-lmdb)" + echo_i "This test requires LMDB support (--with-lmdb)" exit 255 fi diff --git a/bin/tests/system/nzd2nzf/setup.sh b/bin/tests/system/nzd2nzf/setup.sh index 4089384b36..158d59b33f 100644 --- a/bin/tests/system/nzd2nzf/setup.sh +++ b/bin/tests/system/nzd2nzf/setup.sh @@ -10,3 +10,5 @@ SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh $SHELL clean.sh + +copy_setports ns1/named.conf.in ns1/named.conf diff --git a/bin/tests/system/nzd2nzf/tests.sh b/bin/tests/system/nzd2nzf/tests.sh index d86fa4e586..7da1dbfa71 100644 --- a/bin/tests/system/nzd2nzf/tests.sh +++ b/bin/tests/system/nzd2nzf/tests.sh @@ -7,59 +7,63 @@ SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh +DIGOPTS="-p ${PORT}" +RNDCCMD="$RNDC -c $SYSTEMTESTTOP/common/rndc.conf -p ${CONTROLPORT} -s" + status=0 n=0 n=`expr $n + 1` -echo "I:querying for non-existing zone data ($n)" +echo_i "querying for non-existing zone data ($n)" ret=0 -$DIG $DIGOPTS @10.53.0.1 -p 5300 a.added.example a > dig.out.ns1.$n || ret=1 +$DIG $DIGOPTS @10.53.0.1 a.added.example a > dig.out.ns1.$n || ret=1 grep 'status: REFUSED' dig.out.ns1.$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:adding a new zone into default NZD using rndc addzone ($n)" -$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 addzone "added.example { type master; file \"added.db\"; };" 2>&1 | sed 's/^/I:ns1 /'; +echo_i "adding a new zone into default NZD using rndc addzone ($n)" +$RNDCCMD 10.53.0.1 addzone "added.example { type master; file \"added.db\"; +};" 2>&1 | sed 's/^/I:ns1 /' | cat_i sleep 2 n=`expr $n + 1` -echo "I:querying for existing zone data ($n)" +echo_i "querying for existing zone data ($n)" ret=0 -$DIG $DIGOPTS @10.53.0.1 -p 5300 a.added.example a > dig.out.ns1.$n || ret=1 +$DIG $DIGOPTS @10.53.0.1 a.added.example a > dig.out.ns1.$n || ret=1 grep 'status: NOERROR' dig.out.ns1.$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:stopping ns1" +echo_i "stopping ns1" $PERL $SYSTEMTESTTOP/stop.pl . ns1 n=`expr $n + 1` -echo "I:dumping _default.nzd to _default.nzf ($n)" +echo_i "dumping _default.nzd to _default.nzf ($n)" $NZD2NZF ns1/_default.nzd > ns1/_default.nzf || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that _default.nzf contains the expected content ($n)" +echo_i "checking that _default.nzf contains the expected content ($n)" grep 'zone "added.example" { type master; file "added.db"; };' ns1/_default.nzf > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:deleting _default.nzd database" +echo_i "deleting _default.nzd database" rm -f ns1/_default.nzd -echo "I:starting ns1 which should migrate the .nzf to .nzd" -$PERL $SYSTEMTESTTOP/start.pl --noclean --restart . ns1 +echo_i "starting ns1 which should migrate the .nzf to .nzd" +$PERL $SYSTEMTESTTOP/start.pl --noclean --restart --port ${PORT} . ns1 n=`expr $n + 1` -echo "I:querying for zone data from migrated zone config ($n)" +echo_i "querying for zone data from migrated zone config ($n)" ret=0 -$DIG $DIGOPTS @10.53.0.1 -p 5300 a.added.example a > dig.out.ns1.$n || ret=1 +$DIG $DIGOPTS @10.53.0.1 a.added.example a > dig.out.ns1.$n || ret=1 grep 'status: NOERROR' dig.out.ns1.$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:exit status: $status" +echo_i "exit status: $status" exit $status diff --git a/bin/tests/system/padding/clean.sh b/bin/tests/system/padding/clean.sh index c723293b1e..ed8a1e0b78 100644 --- a/bin/tests/system/padding/clean.sh +++ b/bin/tests/system/padding/clean.sh @@ -9,3 +9,4 @@ rm -f ns*/named.memstats rm -f ns*/named.run rm -f ns*/named.stats rm -f ns*/named.lock +rm -f ns*/named.conf diff --git a/bin/tests/system/keepalive/ns1/named.conf b/bin/tests/system/padding/ns1/named.conf.in similarity index 85% rename from bin/tests/system/keepalive/ns1/named.conf rename to bin/tests/system/padding/ns1/named.conf.in index f1ba08caa7..3925fdba40 100644 --- a/bin/tests/system/keepalive/ns1/named.conf +++ b/bin/tests/system/padding/ns1/named.conf.in @@ -6,13 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -controls { /* empty */ }; - options { query-source address 10.53.0.1; notify-source 10.53.0.1; transfer-source 10.53.0.1; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.1; }; listen-on-v6 { none; }; @@ -26,7 +24,7 @@ key rndc_key { }; controls { - inet 10.53.0.1 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.1 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; zone "." { diff --git a/bin/tests/system/padding/ns2/named.conf b/bin/tests/system/padding/ns2/named.conf.in similarity index 90% rename from bin/tests/system/padding/ns2/named.conf rename to bin/tests/system/padding/ns2/named.conf.in index ddb9c7c9b0..36d4fad763 100644 --- a/bin/tests/system/padding/ns2/named.conf +++ b/bin/tests/system/padding/ns2/named.conf.in @@ -12,14 +12,14 @@ key rndc_key { }; controls { - inet 10.53.0.2 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; options { query-source address 10.53.0.2; notify-source 10.53.0.2; transfer-source 10.53.0.2; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.2; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/padding/ns3/named.conf b/bin/tests/system/padding/ns3/named.conf.in similarity index 87% rename from bin/tests/system/padding/ns3/named.conf rename to bin/tests/system/padding/ns3/named.conf.in index dc8069de33..6134a1419e 100644 --- a/bin/tests/system/padding/ns3/named.conf +++ b/bin/tests/system/padding/ns3/named.conf.in @@ -6,13 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -controls { /* empty */ }; - options { query-source address 10.53.0.3; notify-source 10.53.0.3; transfer-source 10.53.0.3; - port 5300; + port @PORT@; directory "."; pid-file "named.pid"; listen-on { 10.53.0.3; }; @@ -32,7 +30,7 @@ key rndc_key { }; controls { - inet 10.53.0.3 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.3 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; zone "." { diff --git a/bin/tests/system/padding/ns4/named.conf b/bin/tests/system/padding/ns4/named.conf.in similarity index 87% rename from bin/tests/system/padding/ns4/named.conf rename to bin/tests/system/padding/ns4/named.conf.in index a6c44a8e90..3ffa3256d2 100644 --- a/bin/tests/system/padding/ns4/named.conf +++ b/bin/tests/system/padding/ns4/named.conf.in @@ -6,13 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -controls { /* empty */ }; - options { query-source address 10.53.0.4; notify-source 10.53.0.4; transfer-source 10.53.0.4; - port 5300; + port @PORT@; directory "."; pid-file "named.pid"; listen-on { 10.53.0.4; }; @@ -32,7 +30,7 @@ key rndc_key { }; controls { - inet 10.53.0.4 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.4 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; zone "." { diff --git a/bin/tests/system/padding/setup.sh b/bin/tests/system/padding/setup.sh index 25cb9a6979..7642dfbe14 100644 --- a/bin/tests/system/padding/setup.sh +++ b/bin/tests/system/padding/setup.sh @@ -12,3 +12,8 @@ SYSTEMTESTTOP=.. $SHELL clean.sh test -r $RANDFILE || $GENRANDOM 800 $RANDFILE + +copy_setports ns1/named.conf.in ns1/named.conf +copy_setports ns2/named.conf.in ns2/named.conf +copy_setports ns3/named.conf.in ns3/named.conf +copy_setports ns4/named.conf.in ns4/named.conf diff --git a/bin/tests/system/padding/tests.sh b/bin/tests/system/padding/tests.sh index bfd36d4fd3..5eba9478c2 100644 --- a/bin/tests/system/padding/tests.sh +++ b/bin/tests/system/padding/tests.sh @@ -12,110 +12,113 @@ SYSTEMTESTTOP=.. n=0 status=0 +DIGOPTS="-p ${PORT}" +RNDCCMD="$RNDC -c $SYSTEMTESTTOP/common/rndc.conf -p ${CONTROLPORT} -s" + getcookie() { awk '$2 == "COOKIE:" { print $3; }' < $1 } -echo "I:checking that dig handles padding ($n)" +echo_i "checking that dig handles padding ($n)" ret=0 n=`expr $n + 1` -$DIG +qr +padding=128 foo.example @10.53.0.2 -p 5300 > dig.out.test$n +$DIG $DIGOPTS +qr +padding=128 foo.example @10.53.0.2 > dig.out.test$n grep "; PAD" dig.out.test$n > /dev/null || ret=1 grep "; QUERY SIZE: 128" dig.out.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking that dig added padding ($n)" +echo_i "checking that dig added padding ($n)" ret=0 n=`expr $n + 1` -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 stats +$RNDCCMD 10.53.0.2 stats grep "EDNS padding option received" ns2/named.stats > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking that padding is added for TCP responses ($n)" +echo_i "checking that padding is added for TCP responses ($n)" ret=0 n=`expr $n + 1` -$DIG +vc +padding=128 foo.example @10.53.0.2 -p 5300 > dig.out.test$n +$DIG $DIGOPTS +vc +padding=128 foo.example @10.53.0.2 > dig.out.test$n grep "; PAD" dig.out.test$n > /dev/null || ret=1 grep "rcvd: 128" dig.out.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking that padding is added to valid cookie responses ($n)" +echo_i "checking that padding is added to valid cookie responses ($n)" ret=0 n=`expr $n + 1` -$DIG +cookie foo.example @10.53.0.2 -p 5300 > dig.out.testc +$DIG $DIGOPTS +cookie foo.example @10.53.0.2 > dig.out.testc cookie=`getcookie dig.out.testc` -$DIG +cookie=$cookie +padding=128 foo.example @10.53.0.2 -p 5300 > dig.out.test$n +$DIG $DIGOPTS +cookie=$cookie +padding=128 foo.example @10.53.0.2 > dig.out.test$n grep "; PAD" dig.out.test$n > /dev/null || ret=1 grep "rcvd: 128" dig.out.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking that padding must be requested (TCP) ($n)" +echo_i "checking that padding must be requested (TCP) ($n)" ret=0 n=`expr $n + 1` -$DIG +vc foo.example @10.53.0.2 -p 5300 > dig.out.test$n +$DIG $DIGOPTS +vc foo.example @10.53.0.2 > dig.out.test$n grep "; PAD" dig.out.test$n > /dev/null && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking that padding must be requested (valid cookie) ($n)" +echo_i "checking that padding must be requested (valid cookie) ($n)" ret=0 n=`expr $n + 1` -$DIG +cookie=$cookie foo.example @10.53.0.2 -p 5300 > dig.out.test$n +$DIG $DIGOPTS +cookie=$cookie foo.example @10.53.0.2 > dig.out.test$n grep "; PAD" dig.out.test$n > /dev/null && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking that padding can be filtered out ($n)" +echo_i "checking that padding can be filtered out ($n)" ret=0 n=`expr $n + 1` -$DIG +vc +padding=128 -b 10.53.0.8 foo.example @10.53.0.2 -p 5300 > dig.out.test$n +$DIG $DIGOPTS +vc +padding=128 -b 10.53.0.8 foo.example @10.53.0.2 > dig.out.test$n grep "; PAD" dig.out.test$n > /dev/null && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking that a TCP and padding server config enables padding ($n)" +echo_i "checking that a TCP and padding server config enables padding ($n)" ret=0 n=`expr $n + 1` -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 stats +$RNDCCMD 10.53.0.2 stats opad=`grep "EDNS padding option received" ns2/named.stats | \ tail -1 | awk '{ print $1}'` -$DIG foo.example @10.53.0.3 -p 5300 > dig.out.test$n -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 stats +$DIG $DIGOPTS foo.example @10.53.0.3 > dig.out.test$n +$RNDCCMD 10.53.0.2 stats npad=`grep "EDNS padding option received" ns2/named.stats | \ tail -1 | awk '{ print $1}'` if [ "$opad" -eq "$npad" ]; then ret=1; fi -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking that a padding server config should enforce TCP ($n)" +echo_i "checking that a padding server config should enforce TCP ($n)" ret=0 n=`expr $n + 1` -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 stats +$RNDCCMD 10.53.0.2 stats opad=`grep "EDNS padding option received" ns2/named.stats | \ tail -1 | awk '{ print $1}'` -$DIG foo.example @10.53.0.4 -p 5300 > dig.out.test$n -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 stats +$DIG $DIGOPTS foo.example @10.53.0.4 > dig.out.test$n +$RNDCCMD 10.53.0.2 stats npad=`grep "EDNS padding option received" ns2/named.stats | \ tail -1 | awk '{ print $1}'` if [ "$opad" -ne "$npad" ]; then ret=1; fi -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking that zero-length padding option has no effect ($n)" +echo_i "checking that zero-length padding option has no effect ($n)" ret=0 n=`expr $n + 1` -$DIG +qr +ednsopt=12 foo.example @10.53.0.2 -p 5300 > dig.out.test$n.1 +$DIG $DIGOPTS +qr +ednsopt=12 foo.example @10.53.0.2 > dig.out.test$n.1 grep "; PAD" dig.out.test$n.1 > /dev/null || ret=1 -$DIG +qr +ednsopt=12:00 foo.example @10.53.0.2 -p 5300 > dig.out.test$n.2 +$DIG $DIGOPTS +qr +ednsopt=12:00 foo.example @10.53.0.2 > dig.out.test$n.2 grep "; PAD" dig.out.test$n.2 > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:exit status: $status" +echo_i "exit status: $status" [ $status -eq 0 ] || exit 1 diff --git a/bin/tests/system/pending/clean.sh b/bin/tests/system/pending/clean.sh index c98dfbcd76..8317f26b5f 100644 --- a/bin/tests/system/pending/clean.sh +++ b/bin/tests/system/pending/clean.sh @@ -18,3 +18,4 @@ rm -rf ns2/example.db rm -rf ns2/example.com.db rm -rf nsupdate.out.test rm -f ns*/named.lock +rm -f ns*/named.conf diff --git a/bin/tests/system/pending/ns1/named.conf b/bin/tests/system/pending/ns1/named.conf.in similarity index 84% rename from bin/tests/system/pending/ns1/named.conf rename to bin/tests/system/pending/ns1/named.conf.in index b660520cf9..8b56c3873b 100644 --- a/bin/tests/system/pending/ns1/named.conf +++ b/bin/tests/system/pending/ns1/named.conf.in @@ -6,17 +6,13 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.2 2009/11/17 23:55:18 marka Exp $ */ - -controls { /* empty */ }; - include "trusted.conf"; options { query-source address 10.53.0.1; notify-source 10.53.0.1; transfer-source 10.53.0.1; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.1; }; listen-on-v6 { none; }; @@ -27,4 +23,3 @@ zone "." { type master; file "root.db.signed"; }; - diff --git a/bin/tests/system/pending/ns2/named.conf b/bin/tests/system/pending/ns2/named.conf.in similarity index 89% rename from bin/tests/system/pending/ns2/named.conf rename to bin/tests/system/pending/ns2/named.conf.in index a6ac98a6c1..54958d7875 100644 --- a/bin/tests/system/pending/ns2/named.conf +++ b/bin/tests/system/pending/ns2/named.conf.in @@ -6,19 +6,15 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.6 2010/01/07 23:48:53 tbox Exp $ */ - // NS2 -controls { /* empty */ }; - include "trusted.conf"; options { query-source address 10.53.0.2; notify-source 10.53.0.2; transfer-source 10.53.0.2; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.2; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/pending/ns3/named.conf b/bin/tests/system/pending/ns3/named.conf.in similarity index 88% rename from bin/tests/system/pending/ns3/named.conf rename to bin/tests/system/pending/ns3/named.conf.in index 367e59a3a7..d7e308384e 100644 --- a/bin/tests/system/pending/ns3/named.conf +++ b/bin/tests/system/pending/ns3/named.conf.in @@ -6,19 +6,15 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.3 2009/11/18 23:48:07 tbox Exp $ */ - // NS2 -controls { /* empty */ }; - include "trusted.conf"; options { query-source address 10.53.0.3; notify-source 10.53.0.3; transfer-source 10.53.0.3; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.3; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/pending/ns4/named.conf b/bin/tests/system/pending/ns4/named.conf.in similarity index 84% rename from bin/tests/system/pending/ns4/named.conf rename to bin/tests/system/pending/ns4/named.conf.in index 589e4ca8f9..e30c796184 100644 --- a/bin/tests/system/pending/ns4/named.conf +++ b/bin/tests/system/pending/ns4/named.conf.in @@ -6,17 +6,13 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.2 2009/11/17 23:55:18 marka Exp $ */ - -controls { /* empty */ }; - include "trusted.conf"; options { query-source address 10.53.0.4; notify-source 10.53.0.4; transfer-source 10.53.0.4; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.4; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/pending/setup.sh b/bin/tests/system/pending/setup.sh index dce846e20c..a4a6d5e49f 100644 --- a/bin/tests/system/pending/setup.sh +++ b/bin/tests/system/pending/setup.sh @@ -11,4 +11,9 @@ SYSTEMTESTTOP=.. test -r $RANDFILE || $GENRANDOM 800 $RANDFILE +copy_setports ns1/named.conf.in ns1/named.conf +copy_setports ns2/named.conf.in ns2/named.conf +copy_setports ns3/named.conf.in ns3/named.conf +copy_setports ns4/named.conf.in ns4/named.conf + cd ns1 && $SHELL -e sign.sh diff --git a/bin/tests/system/pending/tests.sh b/bin/tests/system/pending/tests.sh index a9e1a5d631..c359eb8a90 100644 --- a/bin/tests/system/pending/tests.sh +++ b/bin/tests/system/pending/tests.sh @@ -6,8 +6,6 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -# $Id: tests.sh,v 1.7 2010/01/18 19:19:31 each Exp $ - SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh @@ -15,7 +13,7 @@ SYSTEMTESTTOP=.. replace_data() { if [ $# -ne 4 ]; then - echo I:unexpected input for replace_data + echo_i "unexpected input for replace_data" return 1 fi @@ -26,14 +24,14 @@ replace_data() _ret=0 $NSUPDATE -d <> nsupdate.out.test 2>&1 || _ret=1 -server 10.53.0.2 5300 +server 10.53.0.2 ${PORT} update delete ${_dname} 30 ${_rr} ${_olddata} update add ${_dname} 30 ${_rr} ${_newdata} send END if [ $_ret != 0 ]; then - echo I:failed to update the test data + echo_i "failed to update the test data" return 1 fi @@ -43,154 +41,154 @@ END status=0 n=0 -DIGOPTS="+short +tcp -p 5300" +DIGOPTS="+short +tcp -p ${PORT}" DIGOPTS_CD="$DIGOPTS +cd" -echo I:Priming cache. +echo_i "Priming cache." ret=0 expect="10 mail.example." ans=`$DIG $DIGOPTS_CD @10.53.0.4 hostile MX` || ret=1 test "$ans" = "$expect" || ret=1 -test $ret = 0 || echo I:failed, got "'""$ans""'", expected "'""$expect""'" +test $ret = 0 || echo_i "failed, got '$ans', expected '$expect'" status=`expr $status + $ret` -echo I:Checking that bogus additional is not returned with +CD. +echo_i "Checking that bogus additional is not returned with +CD." ret=0 expect="10.0.0.2" ans=`$DIG $DIGOPTS_CD @10.53.0.4 mail.example A` || ret=1 test "$ans" = "$expect" || ret=1 -test $ret = 0 || echo I:failed, got "'""$ans""'", expected "'""$expect""'" +test $ret = 0 || echo_i "failed, got '$ans', expected '$expect'" status=`expr $status + $ret` # # Prime cache with pending additional records. These should not be promoted # to answer. # -echo "I:Priming cache (pending additional A and AAAA)" +echo_i "Priming cache (pending additional A and AAAA)" ret=0 expect="10 mail.example.com." ans=`$DIG $DIGOPTS @10.53.0.4 example.com MX` || ret=1 test "$ans" = "$expect" || ret=1 -test $ret = 0 || echo I:failed, got "'""$ans""'", expected "'""$expect""'" +test $ret = 0 || echo_i "failed, got '$ans', expected '$expect'" status=`expr $status + $ret` -echo "I:Replacing pending A" +echo_i "Replacing pending A" ret=0 replace_data mail.example.com. A 192.0.2.2 192.0.2.3 || ret=1 status=`expr $status + $ret` -echo "I:Replacing pending AAAA" +echo_i "Replacing pending AAAA" ret=0 replace_data mail.example.com. AAAA 2001:db8::2 2001:db8::3 || ret=1 status=`expr $status + $ret` -echo "I:Checking updated data to be returned (without CD)" +echo_i "Checking updated data to be returned (without CD)" ret=0 expect="192.0.2.3" ans=`$DIG $DIGOPTS @10.53.0.4 mail.example.com A` || ret=1 test "$ans" = "$expect" || ret=1 -test $ret = 0 || echo I:failed, got "'""$ans""'", expected "'""$expect""'" +test $ret = 0 || echo_i "failed, got '$ans', expected '$expect'" status=`expr $status + $ret` -echo "I:Checking updated data to be returned (with CD)" +echo_i "Checking updated data to be returned (with CD)" ret=0 expect="2001:db8::3" ans=`$DIG $DIGOPTS_CD @10.53.0.4 mail.example.com AAAA` || ret=1 test "$ans" = "$expect" || ret=1 -test $ret = 0 || echo I:failed, got "'""$ans""'", expected "'""$expect""'" +test $ret = 0 || echo_i "failed, got '$ans', expected '$expect'" status=`expr $status + $ret` # # Prime cache with a pending answer record. It can be returned (without # validation) with +CD. # -echo "I:Priming cache (pending answer)" +echo_i "Priming cache (pending answer)" ret=0 expect="192.0.2.2" ans=`$DIG $DIGOPTS_CD @10.53.0.4 pending-ok.example.com A` || ret=1 test "$ans" = "$expect" || ret=1 -test $ret = 0 || echo I:failed, got "'""$ans""'", expected "'""$expect""'" +test $ret = 0 || echo_i "failed, got '$ans', expected '$expect'" status=`expr $status + $ret` -echo I:Replacing pending data +echo_i "Replacing pending data" ret=0 replace_data pending-ok.example.com. A 192.0.2.2 192.0.2.3 || ret=1 status=`expr $status + $ret` -echo I:Confirming cached pending data to be returned with CD +echo_i "Confirming cached pending data to be returned with CD" ret=0 expect="192.0.2.2" ans=`$DIG $DIGOPTS_CD @10.53.0.4 pending-ok.example.com A` || ret=1 test "$ans" = "$expect" || ret=1 -test $ret = 0 || echo I:failed, got "'""$ans""'", expected "'""$expect""'" +test $ret = 0 || echo_i "failed, got '$ans', expected '$expect'" status=`expr $status + $ret` # # Prime cache with a pending answer record. It should not be returned # to no-DNSSEC clients. # -echo "I:Priming cache (pending answer)" +echo_i "Priming cache (pending answer)" ret=0 expect="192.0.2.102" ans=`$DIG $DIGOPTS_CD @10.53.0.4 pending-ng.example.com A` || ret=1 test "$ans" = "$expect" || ret=1 -test $ret = 0 || echo I:failed, got "'""$ans""'", expected "'""$expect""'" +test $ret = 0 || echo_i "failed, got '$ans', expected '$expect'" status=`expr $status + $ret` -echo I:Replacing pending data +echo_i "Replacing pending data" ret=0 replace_data pending-ng.example.com. A 192.0.2.102 192.0.2.103 || ret=1 status=`expr $status + $ret` -echo I:Confirming updated data returned, not the cached one, without CD +echo_i "Confirming updated data returned, not the cached one, without CD" ret=0 expect="192.0.2.103" ans=`$DIG $DIGOPTS @10.53.0.4 pending-ng.example.com A` || ret=1 test "$ans" = "$expect" || ret=1 -test $ret = 0 || echo I:failed, got "'""$ans""'", expected "'""$expect""'" +test $ret = 0 || echo_i "failed, got '$ans', expected '$expect'" status=`expr $status + $ret` # # Try to fool the resolver with an out-of-bailiwick CNAME # -echo I:Trying to Prime out-of-bailiwick pending answer with CD +echo_i "Trying to Prime out-of-bailiwick pending answer with CD" ret=0 expect="10.10.10.10" ans=`$DIG $DIGOPTS_CD @10.53.0.4 bad.example. A` || ret=1 ans=`echo $ans | awk '{print $NF}'` test "$ans" = "$expect" || ret=1 -test $ret = 0 || echo I:failed, got "'""$ans""'", expected "'""$expect""'" +test $ret = 0 || echo_i "failed, got '$ans', expected '$expect'" status=`expr $status + $ret` -echo I:Confirming the out-of-bailiwick answer is not cached or reused with CD +echo_i "Confirming the out-of-bailiwick answer is not cached or reused with CD" ret=0 expect="10.10.10.10" ans=`$DIG $DIGOPTS_CD @10.53.0.4 nice.good. A` || ret=1 ans=`echo $ans | awk '{print $NF}'` test "$ans" = "$expect" || ret=1 -test $ret = 0 || echo I:failed, got "'""$ans""'", expected "'""$expect""'" +test $ret = 0 || echo_i "failed, got '$ans', expected '$expect'" status=`expr $status + $ret` # # Make sure the resolver doesn't cache bogus NXDOMAIN # -echo I:Trying to Prime bogus NXDOMAIN +echo_i "Trying to Prime bogus NXDOMAIN" ret=0 expect="SERVFAIL" -ans=`$DIG +tcp -p 5300 @10.53.0.4 removed.example.com. A` || ret=1 +ans=`$DIG +tcp -p ${PORT} @10.53.0.4 removed.example.com. A` || ret=1 ans=`echo $ans | sed 's/^.*status: \([A-Z][A-Z]*\).*$/\1/'` test "$ans" = "$expect" || ret=1 -test $ret = 0 || echo I:failed, got "'""$ans""'", expected "'""$expect""'" +test $ret = 0 || echo_i "failed, got '$ans', expected '$expect'" status=`expr $status + $ret` -echo I:Confirming the bogus NXDOMAIN was not cached +echo_i "Confirming the bogus NXDOMAIN was not cached" ret=0 expect="SERVFAIL" -ans=`$DIG +tcp -p 5300 @10.53.0.4 removed.example.com. A` || ret=1 +ans=`$DIG +tcp -p ${PORT} @10.53.0.4 removed.example.com. A` || ret=1 ans=`echo $ans | sed 's/^.*status: \([A-Z][A-Z]*\).*$/\1/'` test "$ans" = "$expect" || ret=1 -test $ret = 0 || echo I:failed, got "'""$ans""'", expected "'""$expect""'" +test $ret = 0 || echo_i "failed, got '$ans', expected '$expect'" status=`expr $status + $ret` -echo "I:exit status: $status" +echo_i "exit status: $status" [ $status -eq 0 ] || exit 1 diff --git a/bin/tests/system/pipelined/clean.sh b/bin/tests/system/pipelined/clean.sh index 1e5dde5c9a..96d170b234 100644 --- a/bin/tests/system/pipelined/clean.sh +++ b/bin/tests/system/pipelined/clean.sh @@ -6,6 +6,7 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. +rm -f */named.conf rm -f */named.memstats rm -f */named.run rm -f raw* output* diff --git a/bin/tests/system/pipelined/ns1/named.conf b/bin/tests/system/pipelined/ns1/named.conf.in similarity index 85% rename from bin/tests/system/pipelined/ns1/named.conf rename to bin/tests/system/pipelined/ns1/named.conf.in index ac47387ffd..28b890eb7b 100644 --- a/bin/tests/system/pipelined/ns1/named.conf +++ b/bin/tests/system/pipelined/ns1/named.conf.in @@ -6,13 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -controls { /* empty */ }; - options { query-source address 10.53.0.1; notify-source 10.53.0.1; transfer-source 10.53.0.1; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.1; }; listen-on-v6 { none; }; @@ -26,7 +24,7 @@ key rndc_key { }; controls { - inet 10.53.0.1 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.1 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; zone "." { diff --git a/bin/tests/system/pipelined/ns2/named.conf b/bin/tests/system/pipelined/ns2/named.conf.in similarity index 87% rename from bin/tests/system/pipelined/ns2/named.conf rename to bin/tests/system/pipelined/ns2/named.conf.in index bbf4eb41e7..86f09fa744 100644 --- a/bin/tests/system/pipelined/ns2/named.conf +++ b/bin/tests/system/pipelined/ns2/named.conf.in @@ -6,13 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -controls { /* empty */ }; - options { query-source address 10.53.0.2; notify-source 10.53.0.2; transfer-source 10.53.0.2; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.2; }; listen-on-v6 { none; }; @@ -26,7 +24,7 @@ key rndc_key { }; controls { - inet 10.53.0.2 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; zone "." { diff --git a/bin/tests/system/pipelined/ns3/named.conf b/bin/tests/system/pipelined/ns3/named.conf.in similarity index 87% rename from bin/tests/system/pipelined/ns3/named.conf rename to bin/tests/system/pipelined/ns3/named.conf.in index b93f88b642..824afe60ab 100644 --- a/bin/tests/system/pipelined/ns3/named.conf +++ b/bin/tests/system/pipelined/ns3/named.conf.in @@ -6,13 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -controls { /* empty */ }; - options { query-source address 10.53.0.3; notify-source 10.53.0.3; transfer-source 10.53.0.3; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.3; }; listen-on-v6 { none; }; @@ -26,7 +24,7 @@ key rndc_key { }; controls { - inet 10.53.0.3 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.3 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; zone "." { diff --git a/bin/tests/system/pipelined/ns4/named.conf b/bin/tests/system/pipelined/ns4/named.conf.in similarity index 87% rename from bin/tests/system/pipelined/ns4/named.conf rename to bin/tests/system/pipelined/ns4/named.conf.in index 14175e3382..8a69a3e2f8 100644 --- a/bin/tests/system/pipelined/ns4/named.conf +++ b/bin/tests/system/pipelined/ns4/named.conf.in @@ -6,13 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -controls { /* empty */ }; - options { query-source address 10.53.0.4; notify-source 10.53.0.4; transfer-source 10.53.0.4; - port 5300; + port @PORT@; directory "."; pid-file "named.pid"; listen-on { 10.53.0.4; }; @@ -28,7 +26,7 @@ key rndc_key { }; controls { - inet 10.53.0.4 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.4 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; zone "." { diff --git a/bin/tests/system/pipelined/pipequeries.c b/bin/tests/system/pipelined/pipequeries.c index 508f0b549a..1fafe094b5 100644 --- a/bin/tests/system/pipelined/pipequeries.c +++ b/bin/tests/system/pipelined/pipequeries.c @@ -14,11 +14,13 @@ #include #include +#include #include #include #include #include #include +#include #include #include #include @@ -212,18 +214,40 @@ main(int argc, char *argv[]) { unsigned int attrs, attrmask; dns_dispatch_t *dispatchv4; dns_view_t *view; + isc_uint16_t port = PORT; + int c; RUNCHECK(isc_app_start()); - if ((argc == 2) || (argc == 4)) - have_src = ISC_TRUE; + isc_commandline_errprint = ISC_FALSE; + while ((c = isc_commandline_parse(argc, argv, "p:r:")) != -1) { + switch (c) { + case 'p': + result = isc_parse_uint16(&port, + isc_commandline_argument, 10); + if (result != ISC_R_SUCCESS) { + fprintf(stderr, "bad port '%s'\n", + isc_commandline_argument); + exit(1); + } + break; + case 'r': + randomfile = isc_commandline_argument; + break; + case '?': + fprintf(stderr, "%s: invalid argument '%c'", + argv[0], c); + break; + default: + break; + } + } - if ((argc > 2) && (strcmp(argv[1], "-r") == 0)) { - randomfile = argv[2]; - argv += 2; - argc -= 2; - POST(argv); - POST(argc); + argc -= isc_commandline_index; + argv += isc_commandline_index; + + if (argc > 0) { + have_src = ISC_TRUE; } dns_result_register(); @@ -238,7 +262,7 @@ main(int argc, char *argv[]) { result = ISC_R_FAILURE; if (inet_pton(AF_INET, "10.53.0.4", &inaddr) != 1) CHECK("inet_pton", result); - isc_sockaddr_fromin(&dstaddr, &inaddr, PORT); + isc_sockaddr_fromin(&dstaddr, &inaddr, port); mctx = NULL; RUNCHECK(isc_mem_create(0, 0, &mctx)); diff --git a/bin/tests/system/pipelined/setup.sh b/bin/tests/system/pipelined/setup.sh index 0b568e9614..84609a36f3 100644 --- a/bin/tests/system/pipelined/setup.sh +++ b/bin/tests/system/pipelined/setup.sh @@ -12,3 +12,8 @@ SYSTEMTESTTOP=.. $SHELL clean.sh test -r $RANDFILE || $GENRANDOM 800 $RANDFILE + +copy_setports ns1/named.conf.in ns1/named.conf +copy_setports ns2/named.conf.in ns2/named.conf +copy_setports ns3/named.conf.in ns3/named.conf +copy_setports ns4/named.conf.in ns4/named.conf diff --git a/bin/tests/system/pipelined/tests.sh b/bin/tests/system/pipelined/tests.sh index 58742f8657..b70f058290 100644 --- a/bin/tests/system/pipelined/tests.sh +++ b/bin/tests/system/pipelined/tests.sh @@ -9,61 +9,64 @@ SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh +MDIGOPTS="-p ${PORT}" +RNDCCMD="$RNDC -c $SYSTEMTESTTOP/common/rndc.conf -p ${CONTROLPORT} -s" + status=0 -echo "I:check pipelined TCP queries" +echo_i "check pipelined TCP queries" ret=0 -$PIPEQUERIES -r $RANDFILE < input > raw || ret=1 +$PIPEQUERIES -r $RANDFILE -p ${PORT} < input > raw || ret=1 awk '{ print $1 " " $5 }' < raw > output sort < output > output-sorted -diff ref output-sorted || { ret=1 ; echo "I: diff sorted failed"; } -diff ref output > /dev/null && { ret=1 ; echo "I: diff out of order failed"; } -if [ $ret != 0 ]; then echo "I:failed"; fi +diff ref output-sorted || { ret=1 ; echo_i "diff sorted failed"; } +diff ref output > /dev/null && { ret=1 ; echo_i "diff out of order failed"; } +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` # flush resolver so queries will be from others again -$RNDC -c ../common/rndc.conf -s 10.53.0.4 -p 9953 flush +$RNDCCMD 10.53.0.4 flush sleep 1 -echo "I:check pipelined TCP queries using mdig" +echo_i "check pipelined TCP queries using mdig" ret=0 -$MDIG +noall +answer +vc -f input -p 5300 -b 10.53.0.4 @10.53.0.4 > raw.mdig +$MDIG $MDIGOPTS +noall +answer +vc -f input -b 10.53.0.4 @10.53.0.4 > raw.mdig awk '{ print $1 " " $5 }' < raw.mdig > output.mdig sort < output.mdig > output-sorted.mdig -diff ref output-sorted.mdig || { ret=1 ; echo "I: diff sorted failed"; } -diff ref output.mdig > /dev/null && { ret=1 ; echo "I: diff out of order failed"; } -if [ $ret != 0 ]; then echo "I:failed"; fi +diff ref output-sorted.mdig || { ret=1 ; echo_i "diff sorted failed"; } +diff ref output.mdig > /dev/null && { ret=1 ; echo_i "diff out of order failed"; } +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:check keep-response-order" +echo_i "check keep-response-order" ret=0 -$PIPEQUERIES -r $RANDFILE ++ < inputb > rawb || ret=1 +$PIPEQUERIES -r $RANDFILE -p ${PORT} ++ < inputb > rawb || ret=1 awk '{ print $1 " " $5 }' < rawb > outputb diff refb outputb || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:check keep-response-order using mdig" +echo_i "check keep-response-order using mdig" ret=0 -$MDIG +noall +answer +vc -f inputb -p 5300 -b 10.53.0.7 @10.53.0.4 > rawb.mdig +$MDIG $MDIGOPTS +noall +answer +vc -f inputb -b 10.53.0.7 @10.53.0.4 > rawb.mdig awk '{ print $1 " " $5 }' < rawb.mdig > outputb.mdig diff refb outputb.mdig || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:check mdig -4 -6" +echo_i "check mdig -4 -6" ret=0 -$MDIG -4 -6 -f input @10.53.0.4 > output46.mdig 2>&1 && ret=1 +$MDIG $MDIGOPTS -4 -6 -f input @10.53.0.4 > output46.mdig 2>&1 && ret=1 grep "only one of -4 and -6 allowed" output46.mdig > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:check mdig -4 with an IPv6 server address" +echo_i "check mdig -4 with an IPv6 server address" ret=0 -$MDIG -4 -f input @fd92:7065:b8e:ffff::2 > output4.mdig 2>&1 && ret=1 +$MDIG $MDIGOPTS -4 -f input @fd92:7065:b8e:ffff::2 > output4.mdig 2>&1 && ret=1 grep "address family not supported" output4.mdig > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:exit status: $status" +echo_i "exit status: $status" [ $status -eq 0 ] || exit 1 diff --git a/bin/tests/system/reclimit/ans2/ans.pl b/bin/tests/system/reclimit/ans2/ans.pl index 9df508e9fc..af13dbaa2c 100644 --- a/bin/tests/system/reclimit/ans2/ans.pl +++ b/bin/tests/system/reclimit/ans2/ans.pl @@ -19,8 +19,11 @@ my $no_more_waiting = 0; my @delayed_response; my $timeout; +my $localport = int($ENV{'PORT'}); +if (!$localport) { $localport = 5300; } + my $udpsock = IO::Socket::INET->new(LocalAddr => "$localaddr", - LocalPort => 5300, Proto => "udp", Reuse => 1) or die "$!"; + LocalPort => $localport, Proto => "udp", Reuse => 1) or die "$!"; my $pidf = new IO::File "ans.pid", "w" or die "cannot open pid file: $!"; print $pidf "$$\n" or die "cannot write pid file: $!"; diff --git a/bin/tests/system/reclimit/ans7/ans.pl b/bin/tests/system/reclimit/ans7/ans.pl index 01612f3a63..1b7c661912 100644 --- a/bin/tests/system/reclimit/ans7/ans.pl +++ b/bin/tests/system/reclimit/ans7/ans.pl @@ -24,7 +24,8 @@ $SIG{TERM} = \&rmpid; my $count = 0; my $localaddr = "10.53.0.7"; -my $localport = 5300; +my $localport = int($ENV{'PORT'}); +if (!$localport) { $localport = 5300; } my $verbose = 0; sub reply_handler { diff --git a/bin/tests/system/reclimit/clean.sh b/bin/tests/system/reclimit/clean.sh index c667587803..12a5a44db3 100644 --- a/bin/tests/system/reclimit/clean.sh +++ b/bin/tests/system/reclimit/clean.sh @@ -11,5 +11,5 @@ rm -f ans?/ans.run rm -f ans2/ans.limit rm -f ns?/named.memstats rm -f ns?/named.run -rm -f ns3/named.conf +rm -f ns*/named.conf rm -f ns*/named.lock diff --git a/bin/tests/system/reclimit/ns1/named.conf b/bin/tests/system/reclimit/ns1/named.conf.in similarity index 93% rename from bin/tests/system/reclimit/ns1/named.conf rename to bin/tests/system/reclimit/ns1/named.conf.in index ae7fc831f7..bd9acc69e7 100644 --- a/bin/tests/system/reclimit/ns1/named.conf +++ b/bin/tests/system/reclimit/ns1/named.conf.in @@ -6,14 +6,12 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -controls { /* empty */ }; - options { directory "."; query-source address 10.53.0.1; notify-source 10.53.0.1; transfer-source 10.53.0.1; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.1; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/reclimit/ns3/named1.conf b/bin/tests/system/reclimit/ns3/named1.conf.in similarity index 86% rename from bin/tests/system/reclimit/ns3/named1.conf rename to bin/tests/system/reclimit/ns3/named1.conf.in index 911bd45d51..4751e12ec2 100644 --- a/bin/tests/system/reclimit/ns3/named1.conf +++ b/bin/tests/system/reclimit/ns3/named1.conf.in @@ -6,14 +6,12 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -controls { /* empty */ }; - options { directory "."; query-source address 10.53.0.3; notify-source 10.53.0.3; transfer-source 10.53.0.3; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.3; }; listen-on-v6 { none; }; @@ -27,7 +25,7 @@ key rndc_key { }; controls { - inet 10.53.0.3 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.3 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; zone "." { type hint; file "hints.db"; }; diff --git a/bin/tests/system/reclimit/ns3/named2.conf b/bin/tests/system/reclimit/ns3/named2.conf.in similarity index 86% rename from bin/tests/system/reclimit/ns3/named2.conf rename to bin/tests/system/reclimit/ns3/named2.conf.in index 6d56214c62..2521a6dd39 100644 --- a/bin/tests/system/reclimit/ns3/named2.conf +++ b/bin/tests/system/reclimit/ns3/named2.conf.in @@ -6,14 +6,12 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -controls { /* empty */ }; - options { directory "."; query-source address 10.53.0.3; notify-source 10.53.0.3; transfer-source 10.53.0.3; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.3; }; listen-on-v6 { none; }; @@ -27,7 +25,7 @@ key rndc_key { }; controls { - inet 10.53.0.3 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.3 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; zone "." { type hint; file "hints.db"; }; diff --git a/bin/tests/system/reclimit/ns3/named3.conf b/bin/tests/system/reclimit/ns3/named3.conf.in similarity index 87% rename from bin/tests/system/reclimit/ns3/named3.conf rename to bin/tests/system/reclimit/ns3/named3.conf.in index 2a51ae5790..96f6dacaf6 100644 --- a/bin/tests/system/reclimit/ns3/named3.conf +++ b/bin/tests/system/reclimit/ns3/named3.conf.in @@ -6,14 +6,12 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -controls { /* empty */ }; - options { directory "."; query-source address 10.53.0.3; notify-source 10.53.0.3; transfer-source 10.53.0.3; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.3; }; listen-on-v6 { none; }; @@ -28,7 +26,7 @@ key rndc_key { }; controls { - inet 10.53.0.3 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.3 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; zone "." { type hint; file "hints.db"; }; diff --git a/bin/tests/system/reclimit/ns3/named4.conf b/bin/tests/system/reclimit/ns3/named4.conf.in similarity index 87% rename from bin/tests/system/reclimit/ns3/named4.conf rename to bin/tests/system/reclimit/ns3/named4.conf.in index 1e7e8e5280..7cec43ea4f 100644 --- a/bin/tests/system/reclimit/ns3/named4.conf +++ b/bin/tests/system/reclimit/ns3/named4.conf.in @@ -6,14 +6,12 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -controls { /* empty */ }; - options { directory "."; query-source address 10.53.0.3; notify-source 10.53.0.3; transfer-source 10.53.0.3; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.3; }; listen-on-v6 { none; }; @@ -28,7 +26,7 @@ key rndc_key { }; controls { - inet 10.53.0.3 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.3 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; zone "." { type hint; file "hints.db"; }; diff --git a/bin/tests/system/reclimit/prereq.sh b/bin/tests/system/reclimit/prereq.sh index f36aec0119..1f1349616a 100644 --- a/bin/tests/system/reclimit/prereq.sh +++ b/bin/tests/system/reclimit/prereq.sh @@ -15,11 +15,11 @@ then then : else - echo "I:Net::DNS versions up to 0.78 have a bug that causes this test to fail: please update." >&2 + echo_i "Net::DNS versions up to 0.78 have a bug that causes this test to fail: please update." >&2 exit 1 fi else - echo "I:This test requires the Net::DNS library." >&2 + echo_i "This test requires the Net::DNS library." >&2 exit 1 fi @@ -27,6 +27,6 @@ if $PERL -e 'use Net::DNS::Nameserver;' 2>/dev/null then : else - echo "I:This test requires the Net::DNS::Nameserver library." >&2 + echo_i "This test requires the Net::DNS::Nameserver library." >&2 exit 1 fi diff --git a/bin/tests/system/reclimit/setup.sh b/bin/tests/system/reclimit/setup.sh index 7f31dcb9aa..7f2b859dec 100644 --- a/bin/tests/system/reclimit/setup.sh +++ b/bin/tests/system/reclimit/setup.sh @@ -9,4 +9,6 @@ SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh -cp -f ns3/named1.conf ns3/named.conf +$SHELL clean.sh +copy_setports ns1/named.conf.in ns1/named.conf +copy_setports ns3/named1.conf.in ns3/named.conf diff --git a/bin/tests/system/reclimit/tests.sh b/bin/tests/system/reclimit/tests.sh index a058c949f0..783b7c9f9e 100644 --- a/bin/tests/system/reclimit/tests.sh +++ b/bin/tests/system/reclimit/tests.sh @@ -9,15 +9,15 @@ SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh -DIGOPTS="-p 5300" +DIGOPTS="-p ${PORT}" status=0 n=0 ns3_reset() { - cp $1 ns3/named.conf - $RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 reconfig 2>&1 | sed 's/^/I:ns3 /' - $RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 flush | sed 's/^/I: ns3 /' + copy_setports $1 ns3/named.conf + $RNDC -c ../common/rndc.conf -s 10.53.0.3 -p ${CONTROLPORT} reconfig 2>&1 | sed 's/^/I:ns3 /' + $RNDC -c ../common/rndc.conf -s 10.53.0.3 -p ${CONTROLPORT} flush | sed 's/^/I:ns3 /' } ns3_sends_aaaa_queries() { @@ -45,15 +45,15 @@ check_query_count() { fi if [ $count -ne $expected_count ]; then - echo "I: count ($count) != $expected_count" + echo_i "count ($count) != $expected_count" ret=1 fi } -echo "I: set max-recursion-depth=12" +echo_i "set max-recursion-depth=12" n=`expr $n + 1` -echo "I: attempt excessive-depth lookup ($n)" +echo_i "attempt excessive-depth lookup ($n)" ret=0 echo "1000" > ans2/ans.limit $DIG $DIGOPTS @10.53.0.2 reset > /dev/null || ret=1 @@ -61,57 +61,57 @@ $DIG $DIGOPTS @10.53.0.3 indirect1.example.org > dig.out.1.test$n || ret=1 grep "status: SERVFAIL" dig.out.1.test$n > /dev/null || ret=1 $DIG $DIGOPTS +short @10.53.0.2 count txt > dig.out.2.test$n || ret=1 check_query_count dig.out.2.test$n 26 14 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I: attempt permissible lookup ($n)" +echo_i "attempt permissible lookup ($n)" ret=0 echo "12" > ans2/ans.limit -ns3_reset ns3/named1.conf +ns3_reset ns3/named1.conf.in $DIG $DIGOPTS @10.53.0.2 reset > /dev/null || ret=1 $DIG $DIGOPTS @10.53.0.3 indirect2.example.org > dig.out.1.test$n || ret=1 grep "status: NOERROR" dig.out.1.test$n > /dev/null || ret=1 $DIG $DIGOPTS +short @10.53.0.2 count txt > dig.out.2.test$n || ret=1 check_query_count dig.out.2.test$n 49 26 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: set max-recursion-depth=5" +echo_i "set max-recursion-depth=5" n=`expr $n + 1` -echo "I: attempt excessive-depth lookup ($n)" +echo_i "attempt excessive-depth lookup ($n)" ret=0 echo "12" > ans2/ans.limit -ns3_reset ns3/named2.conf +ns3_reset ns3/named2.conf.in $DIG $DIGOPTS @10.53.0.2 reset > /dev/null || ret=1 $DIG $DIGOPTS @10.53.0.3 indirect3.example.org > dig.out.1.test$n || ret=1 grep "status: SERVFAIL" dig.out.1.test$n > /dev/null || ret=1 $DIG $DIGOPTS +short @10.53.0.2 count txt > dig.out.2.test$n || ret=1 check_query_count dig.out.2.test$n 12 7 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I: attempt permissible lookup ($n)" +echo_i "attempt permissible lookup ($n)" ret=0 echo "5" > ans2/ans.limit -ns3_reset ns3/named2.conf +ns3_reset ns3/named2.conf.in $DIG $DIGOPTS @10.53.0.2 reset > /dev/null || ret=1 $DIG $DIGOPTS @10.53.0.3 indirect4.example.org > dig.out.1.test$n || ret=1 grep "status: NOERROR" dig.out.1.test$n > /dev/null || ret=1 $DIG $DIGOPTS +short @10.53.0.2 count txt > dig.out.2.test$n || ret=1 check_query_count dig.out.2.test$n 21 12 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: set max-recursion-depth=100, max-recursion-queries=50" +echo_i "set max-recursion-depth=100, max-recursion-queries=50" n=`expr $n + 1` -echo "I: attempt excessive-queries lookup ($n)" +echo_i "attempt excessive-queries lookup ($n)" ret=0 echo "13" > ans2/ans.limit -ns3_reset ns3/named3.conf +ns3_reset ns3/named3.conf.in $DIG $DIGOPTS @10.53.0.2 reset > /dev/null || ret=1 $DIG $DIGOPTS @10.53.0.3 indirect5.example.org > dig.out.1.test$n || ret=1 if ns3_sends_aaaa_queries; then @@ -119,31 +119,31 @@ if ns3_sends_aaaa_queries; then fi $DIG $DIGOPTS +short @10.53.0.2 count txt > dig.out.2.test$n || ret=1 eval count=`cat dig.out.2.test$n` -[ $count -le 50 ] || { ret=1; echo "I: count ($count) !<= 50"; } -if [ $ret != 0 ]; then echo "I:failed"; fi +[ $count -le 50 ] || { ret=1; echo_i "count ($count) !<= 50"; } +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I: attempt permissible lookup ($n)" +echo_i "attempt permissible lookup ($n)" ret=0 echo "12" > ans2/ans.limit -ns3_reset ns3/named3.conf +ns3_reset ns3/named3.conf.in $DIG $DIGOPTS @10.53.0.2 reset > /dev/null || ret=1 $DIG $DIGOPTS @10.53.0.3 indirect6.example.org > dig.out.1.test$n || ret=1 grep "status: NOERROR" dig.out.1.test$n > /dev/null || ret=1 $DIG $DIGOPTS +short @10.53.0.2 count txt > dig.out.2.test$n || ret=1 eval count=`cat dig.out.2.test$n` -[ $count -le 50 ] || { ret=1; echo "I: count ($count) !<= 50"; } -if [ $ret != 0 ]; then echo "I:failed"; fi +[ $count -le 50 ] || { ret=1; echo_i "count ($count) !<= 50"; } +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: set max-recursion-depth=100, max-recursion-queries=40" +echo_i "set max-recursion-depth=100, max-recursion-queries=40" n=`expr $n + 1` -echo "I: attempt excessive-queries lookup ($n)" +echo_i "attempt excessive-queries lookup ($n)" ret=0 echo "10" > ans2/ans.limit -ns3_reset ns3/named4.conf +ns3_reset ns3/named4.conf.in $DIG $DIGOPTS @10.53.0.2 reset > /dev/null || ret=1 $DIG $DIGOPTS @10.53.0.3 indirect7.example.org > dig.out.1.test$n || ret=1 if ns3_sends_aaaa_queries; then @@ -151,28 +151,28 @@ if ns3_sends_aaaa_queries; then fi $DIG $DIGOPTS +short @10.53.0.2 count txt > dig.out.2.test$n || ret=1 eval count=`cat dig.out.2.test$n` -[ $count -le 40 ] || { ret=1; echo "I: count ($count) !<= 40"; } -if [ $ret != 0 ]; then echo "I:failed"; fi +[ $count -le 40 ] || { ret=1; echo_i "count ($count) !<= 40"; } +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I: attempt permissible lookup ($n)" +echo_i "attempt permissible lookup ($n)" ret=0 echo "9" > ans2/ans.limit -ns3_reset ns3/named4.conf +ns3_reset ns3/named4.conf.in $DIG $DIGOPTS @10.53.0.2 reset > /dev/null || ret=1 $DIG $DIGOPTS @10.53.0.3 indirect8.example.org > dig.out.1.test$n || ret=1 grep "status: NOERROR" dig.out.1.test$n > /dev/null || ret=1 $DIG $DIGOPTS +short @10.53.0.2 count txt > dig.out.2.test$n || ret=1 eval count=`cat dig.out.2.test$n` -[ $count -le 40 ] || { ret=1; echo "I: count ($count) !<= 40"; } -if [ $ret != 0 ]; then echo "I:failed"; fi +[ $count -le 40 ] || { ret=1; echo_i "count ($count) !<= 40"; } +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I: attempting NS explosion ($n)" +echo_i "attempting NS explosion ($n)" ret=0 -ns3_reset ns3/named4.conf +ns3_reset ns3/named4.conf.in $DIG $DIGOPTS @10.53.0.2 reset > /dev/null || ret=1 $DIG $DIGOPTS +short @10.53.0.3 ns1.1.example.net > dig.out.1.test$n || ret=1 $DIG $DIGOPTS +short @10.53.0.2 count txt > dig.out.2.test$n || ret=1 @@ -180,9 +180,9 @@ eval count=`cat dig.out.2.test$n` [ $count -lt 50 ] || ret=1 $DIG $DIGOPTS +short @10.53.0.7 count txt > dig.out.3.test$n || ret=1 eval count=`cat dig.out.3.test$n` -[ $count -lt 50 ] || { ret=1; echo "I: count ($count) !<= 50"; } -if [ $ret != 0 ]; then echo "I:failed"; fi +[ $count -lt 50 ] || { ret=1; echo_i "count ($count) !<= 50"; } +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:exit status: $status" +echo_i "exit status: $status" [ $status -eq 0 ] || exit 1 diff --git a/bin/tests/system/redirect/clean.sh b/bin/tests/system/redirect/clean.sh index 02c2d59a47..3f419d5c14 100644 --- a/bin/tests/system/redirect/clean.sh +++ b/bin/tests/system/redirect/clean.sh @@ -6,6 +6,7 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. +rm -f */named.conf rm -f */named.memstats rm -f */named.run rm -f */named.stats diff --git a/bin/tests/system/redirect/ns1/named.conf b/bin/tests/system/redirect/ns1/named.conf.in similarity index 90% rename from bin/tests/system/redirect/ns1/named.conf rename to bin/tests/system/redirect/ns1/named.conf.in index ab2d80b37b..3acc77a170 100644 --- a/bin/tests/system/redirect/ns1/named.conf +++ b/bin/tests/system/redirect/ns1/named.conf.in @@ -6,19 +6,15 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.3 2011/03/01 23:48:06 tbox Exp $ */ - // NS1 -controls { /* empty */ }; - acl rfc1918 { 10/8; 192.168/16; 172.16/12; }; options { query-source address 10.53.0.1; notify-source 10.53.0.1; transfer-source 10.53.0.1; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.1; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/redirect/ns2/named.conf b/bin/tests/system/redirect/ns2/named.conf.in similarity index 87% rename from bin/tests/system/redirect/ns2/named.conf rename to bin/tests/system/redirect/ns2/named.conf.in index 1781600a9e..871e650af2 100644 --- a/bin/tests/system/redirect/ns2/named.conf +++ b/bin/tests/system/redirect/ns2/named.conf.in @@ -6,8 +6,6 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.3 2011/03/01 23:48:07 tbox Exp $ */ - // NS2 controls { /* empty */ }; @@ -18,7 +16,7 @@ options { query-source address 10.53.0.2; notify-source 10.53.0.2; transfer-source 10.53.0.2; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.2; }; listen-on-v6 { none; }; @@ -35,7 +33,7 @@ key rndc_key { }; controls { - inet 10.53.0.2 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; zone "." { diff --git a/bin/tests/system/redirect/ns3/named.conf b/bin/tests/system/redirect/ns3/named.conf.in similarity index 95% rename from bin/tests/system/redirect/ns3/named.conf rename to bin/tests/system/redirect/ns3/named.conf.in index fffeba6d9b..5ef9932d0f 100644 --- a/bin/tests/system/redirect/ns3/named.conf +++ b/bin/tests/system/redirect/ns3/named.conf.in @@ -6,15 +6,13 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -controls { /* empty */ }; - acl rfc1918 { 10/8; 192.168/16; 172.16/12; }; options { query-source address 10.53.0.3; notify-source 10.53.0.3; transfer-source 10.53.0.3; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.3; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/redirect/ns4/named.conf b/bin/tests/system/redirect/ns4/named.conf.in similarity index 86% rename from bin/tests/system/redirect/ns4/named.conf rename to bin/tests/system/redirect/ns4/named.conf.in index ae421d63ac..68a4ccdf82 100644 --- a/bin/tests/system/redirect/ns4/named.conf +++ b/bin/tests/system/redirect/ns4/named.conf.in @@ -6,8 +6,6 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.3 2011/03/01 23:48:07 tbox Exp $ */ - // NS2 controls { /* empty */ }; @@ -18,7 +16,7 @@ options { query-source address 10.53.0.2; /* note this is not 10.53.0.3 */ notify-source 10.53.0.4; transfer-source 10.53.0.4; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.4; }; listen-on-v6 { none; }; @@ -36,7 +34,7 @@ key rndc_key { }; controls { - inet 10.53.0.4 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.4 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; zone "." { diff --git a/bin/tests/system/redirect/setup.sh b/bin/tests/system/redirect/setup.sh index 2e21334797..6560c7f21f 100644 --- a/bin/tests/system/redirect/setup.sh +++ b/bin/tests/system/redirect/setup.sh @@ -13,6 +13,11 @@ $SHELL clean.sh test -r $RANDFILE || $GENRANDOM 800 $RANDFILE +copy_setports ns1/named.conf.in ns1/named.conf +copy_setports ns2/named.conf.in ns2/named.conf +copy_setports ns3/named.conf.in ns3/named.conf +copy_setports ns4/named.conf.in ns4/named.conf + cp ns2/redirect.db.in ns2/redirect.db cp ns2/example.db.in ns2/example.db ( cd ns1 && $SHELL sign.sh ) diff --git a/bin/tests/system/redirect/tests.sh b/bin/tests/system/redirect/tests.sh index 956260108d..56584024f4 100644 --- a/bin/tests/system/redirect/tests.sh +++ b/bin/tests/system/redirect/tests.sh @@ -6,8 +6,6 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -# $Id: tests.sh,v 1.3 2011/03/01 23:48:06 tbox Exp $ - SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh @@ -16,175 +14,176 @@ n=1 rm -f dig.out.* -DIGOPTS="+tcp +noadd +nosea +nostat +nocmd -p 5300" +DIGOPTS="+tcp +noadd +nosea +nostat +nocmd -p ${PORT}" +RNDCCMD="$RNDC -c $SYSTEMTESTTOP/common/rndc.conf -p ${CONTROLPORT} -s" for conf in conf/good*.conf do - echo "I:checking that $conf is accepted ($n)" + echo_i "checking that $conf is accepted ($n)" ret=0 $CHECKCONF "$conf" || ret=1 n=`expr $n + 1` - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` done for conf in conf/bad*.conf do - echo "I:checking that $conf is rejected ($n)" + echo_i "checking that $conf is rejected ($n)" ret=0 $CHECKCONF "$conf" >/dev/null && ret=1 n=`expr $n + 1` - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` done -echo "I:checking A zone redirect works for nonexist ($n)" +echo_i "checking A zone redirect works for nonexist ($n)" ret=0 $DIG $DIGOPTS nonexist. @10.53.0.2 -b 10.53.0.2 a > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "100.100.100.1" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking A zone redirect updates statistics ($n)" +echo_i "checking A zone redirect updates statistics ($n)" ret=0 rm ns2/named.stats 2>/dev/null -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 stats || ret=1 +$RNDCCMD 10.53.0.2 stats || ret=1 PRE=`sed -n -e "s/[ ]*\([0-9]*\).queries resulted in NXDOMAIN that were redirected$/\1/p" ns2/named.stats` $DIG $DIGOPTS nonexist. @10.53.0.2 -b 10.53.0.2 a > dig.out.ns2.test$n || ret=1 rm ns2/named.stats 2>/dev/null -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 stats || ret=1 +$RNDCCMD 10.53.0.2 stats || ret=1 POST=`sed -n -e "s/[ ]*\([0-9]*\).queries resulted in NXDOMAIN that were redirected$/\1/p" ns2/named.stats` if [ `expr $POST - $PRE` != 1 ]; then ret=1; fi n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking AAAA zone redirect works for nonexist ($n)" +echo_i "checking AAAA zone redirect works for nonexist ($n)" ret=0 $DIG $DIGOPTS nonexist. @10.53.0.2 -b 10.53.0.2 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "2001:ffff:ffff::6464:6401" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking ANY zone redirect works for nonexist ($n)" +echo_i "checking ANY zone redirect works for nonexist ($n)" ret=0 $DIG $DIGOPTS nonexist. @10.53.0.2 -b 10.53.0.2 any > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "100.100.100.1" dig.out.ns2.test$n > /dev/null || ret=1 grep "2001:ffff:ffff::6464:6401" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking A zone redirect doesn't work for acl miss ($n)" +echo_i "checking A zone redirect doesn't work for acl miss ($n)" ret=0 $DIG $DIGOPTS nonexist. @10.53.0.2 -b 10.53.0.4 a > dig.out.ns2.test$n || ret=1 grep "status: NXDOMAIN" dig.out.ns2.test$n > /dev/null || ret=1 grep "100.100.100.1" dig.out.ns2.test$n > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking AAAA zone redirect doesn't work for acl miss ($n)" +echo_i "checking AAAA zone redirect doesn't work for acl miss ($n)" ret=0 $DIG $DIGOPTS nonexist. @10.53.0.2 -b 10.53.0.4 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NXDOMAIN" dig.out.ns2.test$n > /dev/null || ret=1 grep "2001:ffff:ffff::6464:6401" dig.out.ns2.test$n > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking ANY zone redirect doesn't work for acl miss ($n)" +echo_i "checking ANY zone redirect doesn't work for acl miss ($n)" ret=0 $DIG $DIGOPTS nonexist. @10.53.0.2 -b 10.53.0.4 any > dig.out.ns2.test$n || ret=1 grep "status: NXDOMAIN" dig.out.ns2.test$n > /dev/null || ret=1 grep "100.100.100.1" dig.out.ns2.test$n > /dev/null && ret=1 grep "2001:ffff:ffff::6464:6401" dig.out.ns2.test$n > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking A zone redirect works for signed nonexist, DO=0 ($n)" +echo_i "checking A zone redirect works for signed nonexist, DO=0 ($n)" ret=0 $DIG $DIGOPTS nonexist.signed. @10.53.0.2 -b 10.53.0.2 a > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "100.100.100.1" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking AAAA zone redirect works for signed nonexist, DO=0 ($n)" +echo_i "checking AAAA zone redirect works for signed nonexist, DO=0 ($n)" ret=0 $DIG $DIGOPTS nonexist.signed. @10.53.0.2 -b 10.53.0.2 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "2001:ffff:ffff::6464:6401" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking ANY zone redirect works for signed nonexist, DO=0 ($n)" +echo_i "checking ANY zone redirect works for signed nonexist, DO=0 ($n)" ret=0 $DIG $DIGOPTS nonexist.signed. @10.53.0.2 -b 10.53.0.2 any > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 grep "100.100.100.1" dig.out.ns2.test$n > /dev/null || ret=1 grep "2001:ffff:ffff::6464:6401" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking A zone redirect fails for signed nonexist, DO=1 ($n)" +echo_i "checking A zone redirect fails for signed nonexist, DO=1 ($n)" ret=0 $DIG $DIGOPTS nonexist.signed. +dnssec @10.53.0.2 -b 10.53.0.2 a > dig.out.ns2.test$n || ret=1 grep "status: NXDOMAIN" dig.out.ns2.test$n > /dev/null || ret=1 grep "100.100.100.1" dig.out.ns2.test$n > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking AAAA zone redirect fails for signed nonexist, DO=1 ($n)" +echo_i "checking AAAA zone redirect fails for signed nonexist, DO=1 ($n)" ret=0 $DIG $DIGOPTS nonexist.signed. +dnssec @10.53.0.2 -b 10.53.0.2 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NXDOMAIN" dig.out.ns2.test$n > /dev/null || ret=1 grep "2001:ffff:ffff::6464:6401" dig.out.ns2.test$n > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking ANY zone redirect fails for signed nonexist, DO=1 ($n)" +echo_i "checking ANY zone redirect fails for signed nonexist, DO=1 ($n)" ret=0 $DIG $DIGOPTS nonexist.signed. +dnssec @10.53.0.2 -b 10.53.0.2 any > dig.out.ns2.test$n || ret=1 grep "status: NXDOMAIN" dig.out.ns2.test$n > /dev/null || ret=1 grep "100.100.100.1" dig.out.ns2.test$n > /dev/null && ret=1 grep "2001:ffff:ffff::6464:6401" dig.out.ns2.test$n > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking A zone redirect fails for nsec3 signed nonexist, DO=1 ($n)" +echo_i "checking A zone redirect fails for nsec3 signed nonexist, DO=1 ($n)" ret=0 $DIG $DIGOPTS nonexist.nsec3. +dnssec @10.53.0.2 -b 10.53.0.2 a > dig.out.ns2.test$n || ret=1 grep "status: NXDOMAIN" dig.out.ns2.test$n > /dev/null || ret=1 grep "100.100.100.1" dig.out.ns2.test$n > /dev/null && ret=1 grep "IN.NSEC3" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking AAAA zone redirect fails for nsec3 signed nonexist, DO=1 ($n)" +echo_i "checking AAAA zone redirect fails for nsec3 signed nonexist, DO=1 ($n)" ret=0 $DIG $DIGOPTS nonexist.nsec3. +dnssec @10.53.0.2 -b 10.53.0.2 aaaa > dig.out.ns2.test$n || ret=1 grep "status: NXDOMAIN" dig.out.ns2.test$n > /dev/null || ret=1 grep "2001:ffff:ffff::6464:6401" dig.out.ns2.test$n > /dev/null && ret=1 grep "IN.NSEC3" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking ANY zone redirect fails for nsec3 signed nonexist, DO=1 ($n)" +echo_i "checking ANY zone redirect fails for nsec3 signed nonexist, DO=1 ($n)" ret=0 $DIG $DIGOPTS nonexist.nsec3. +dnssec @10.53.0.2 -b 10.53.0.2 any > dig.out.ns2.test$n || ret=1 grep "status: NXDOMAIN" dig.out.ns2.test$n > /dev/null || ret=1 @@ -192,142 +191,142 @@ grep "100.100.100.1" dig.out.ns2.test$n > /dev/null && ret=1 grep "2001:ffff:ffff::6464:6401" dig.out.ns2.test$n > /dev/null && ret=1 grep "IN.NSEC3" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking A zone redirect works for nonexist authoritative ($n)" +echo_i "checking A zone redirect works for nonexist authoritative ($n)" ret=0 $DIG $DIGOPTS nonexist. @10.53.0.1 -b 10.53.0.1 a > dig.out.ns1.test$n || ret=1 grep "status: NOERROR" dig.out.ns1.test$n > /dev/null || ret=1 grep "100.100.100.2" dig.out.ns1.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking AAAA zone redirect works for nonexist authoritative ($n)" +echo_i "checking AAAA zone redirect works for nonexist authoritative ($n)" ret=0 $DIG $DIGOPTS nonexist. @10.53.0.1 -b 10.53.0.1 aaaa > dig.out.ns1.test$n || ret=1 grep "status: NOERROR" dig.out.ns1.test$n > /dev/null || ret=1 grep "2001:ffff:ffff::6464:6402" dig.out.ns1.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking ANY zone redirect works for nonexist authoritative ($n)" +echo_i "checking ANY zone redirect works for nonexist authoritative ($n)" ret=0 $DIG $DIGOPTS nonexist. @10.53.0.1 -b 10.53.0.1 any > dig.out.ns1.test$n || ret=1 grep "status: NOERROR" dig.out.ns1.test$n > /dev/null || ret=1 grep "100.100.100.2" dig.out.ns1.test$n > /dev/null || ret=1 grep "2001:ffff:ffff::6464:6402" dig.out.ns1.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking A zone redirect doesn't work for acl miss authoritative ($n)" +echo_i "checking A zone redirect doesn't work for acl miss authoritative ($n)" ret=0 $DIG $DIGOPTS nonexist. @10.53.0.1 -b 10.53.0.4 a > dig.out.ns1.test$n || ret=1 grep "status: NXDOMAIN" dig.out.ns1.test$n > /dev/null || ret=1 grep "100.100.100.2" dig.out.ns1.test$n > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking AAAA zone redirect doesn't work for acl miss authoritative ($n)" +echo_i "checking AAAA zone redirect doesn't work for acl miss authoritative ($n)" ret=0 $DIG $DIGOPTS nonexist. @10.53.0.1 -b 10.53.0.4 aaaa > dig.out.ns1.test$n || ret=1 grep "status: NXDOMAIN" dig.out.ns1.test$n > /dev/null || ret=1 grep "2001:ffff:ffff::6464:6402" dig.out.ns1.test$n > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking ANY zone redirect doesn't work for acl miss authoritative ($n)" +echo_i "checking ANY zone redirect doesn't work for acl miss authoritative ($n)" ret=0 $DIG $DIGOPTS nonexist. @10.53.0.1 -b 10.53.0.4 any > dig.out.ns1.test$n || ret=1 grep "status: NXDOMAIN" dig.out.ns1.test$n > /dev/null || ret=1 grep "100.100.100.2" dig.out.ns1.test$n > /dev/null && ret=1 grep "2001:ffff:ffff::6464:6402" dig.out.ns1.test$n > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking A zone redirect works for signed nonexist, DO=0 authoritative ($n)" +echo_i "checking A zone redirect works for signed nonexist, DO=0 authoritative ($n)" ret=0 $DIG $DIGOPTS nonexist.signed. @10.53.0.1 -b 10.53.0.1 a > dig.out.ns1.test$n || ret=1 grep "status: NOERROR" dig.out.ns1.test$n > /dev/null || ret=1 grep "100.100.100.2" dig.out.ns1.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking AAAA zone redirect works for signed nonexist, DO=0 authoritative ($n)" +echo_i "checking AAAA zone redirect works for signed nonexist, DO=0 authoritative ($n)" ret=0 $DIG $DIGOPTS nonexist.signed. @10.53.0.1 -b 10.53.0.1 aaaa > dig.out.ns1.test$n || ret=1 grep "status: NOERROR" dig.out.ns1.test$n > /dev/null || ret=1 grep "2001:ffff:ffff::6464:6402" dig.out.ns1.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking ANY zone redirect works for signed nonexist, DO=0 authoritative ($n)" +echo_i "checking ANY zone redirect works for signed nonexist, DO=0 authoritative ($n)" ret=0 $DIG $DIGOPTS nonexist.signed. @10.53.0.1 -b 10.53.0.1 any > dig.out.ns1.test$n || ret=1 grep "status: NOERROR" dig.out.ns1.test$n > /dev/null || ret=1 grep "100.100.100.2" dig.out.ns1.test$n > /dev/null || ret=1 grep "2001:ffff:ffff::6464:6402" dig.out.ns1.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking A zone redirect fails for signed nonexist, DO=1 authoritative ($n)" +echo_i "checking A zone redirect fails for signed nonexist, DO=1 authoritative ($n)" ret=0 $DIG $DIGOPTS nonexist.signed. +dnssec @10.53.0.1 -b 10.53.0.1 a > dig.out.ns1.test$n || ret=1 grep "status: NXDOMAIN" dig.out.ns1.test$n > /dev/null || ret=1 grep "100.100.100.2" dig.out.ns1.test$n > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking AAAA zone redirect fails for signed nonexist, DO=1 authoritative ($n)" +echo_i "checking AAAA zone redirect fails for signed nonexist, DO=1 authoritative ($n)" ret=0 $DIG $DIGOPTS nonexist.signed. +dnssec @10.53.0.1 -b 10.53.0.1 aaaa > dig.out.ns1.test$n || ret=1 grep "status: NXDOMAIN" dig.out.ns1.test$n > /dev/null || ret=1 grep "2001:ffff:ffff::6464:6402" dig.out.ns1.test$n > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking ANY zone redirect fails for signed nonexist, DO=1 authoritative ($n)" +echo_i "checking ANY zone redirect fails for signed nonexist, DO=1 authoritative ($n)" ret=0 $DIG $DIGOPTS nonexist.signed. +dnssec @10.53.0.1 -b 10.53.0.1 any > dig.out.ns1.test$n || ret=1 grep "status: NXDOMAIN" dig.out.ns1.test$n > /dev/null || ret=1 grep "100.100.100.2" dig.out.ns1.test$n > /dev/null && ret=1 grep "2001:ffff:ffff::6464:6402" dig.out.ns1.test$n > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking A zone redirect fails for nsec3 signed nonexist, DO=1 authoritative ($n)" +echo_i "checking A zone redirect fails for nsec3 signed nonexist, DO=1 authoritative ($n)" ret=0 $DIG $DIGOPTS nonexist.nsec3. +dnssec @10.53.0.1 -b 10.53.0.1 a > dig.out.ns1.test$n || ret=1 grep "status: NXDOMAIN" dig.out.ns1.test$n > /dev/null || ret=1 grep "100.100.100.2" dig.out.ns1.test$n > /dev/null && ret=1 grep "IN.NSEC3" dig.out.ns1.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking AAAA zone redirect fails for nsec3 signed nonexist, DO=1 authoritative ($n)" +echo_i "checking AAAA zone redirect fails for nsec3 signed nonexist, DO=1 authoritative ($n)" ret=0 $DIG $DIGOPTS nonexist.nsec3. +dnssec @10.53.0.1 -b 10.53.0.1 aaaa > dig.out.ns1.test$n || ret=1 grep "status: NXDOMAIN" dig.out.ns1.test$n > /dev/null || ret=1 grep "2001:ffff:ffff::6464:6402" dig.out.ns1.test$n > /dev/null && ret=1 grep "IN.NSEC3" dig.out.ns1.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking ANY zone redirect fails for nsec3 signed nonexist, DO=1 authoritative ($n)" +echo_i "checking ANY zone redirect fails for nsec3 signed nonexist, DO=1 authoritative ($n)" ret=0 $DIG $DIGOPTS nonexist.nsec3. +dnssec @10.53.0.1 -b 10.53.0.1 any > dig.out.ns1.test$n || ret=1 grep "status: NXDOMAIN" dig.out.ns1.test$n > /dev/null || ret=1 @@ -335,24 +334,24 @@ grep "100.100.100.2" dig.out.ns1.test$n > /dev/null && ret=1 grep "2001:ffff:ffff::6464:6402" dig.out.ns1.test$n > /dev/null && ret=1 grep "IN.NSEC3" dig.out.ns1.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking zone redirect works (with noerror) when qtype is not found ($n)" +echo_i "checking zone redirect works (with noerror) when qtype is not found ($n)" ret=0 $DIG $DIGOPTS nonexist. @10.53.0.2 -b 10.53.0.2 txt > dig.out.ns2.test$n || ret=1 grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking that redirect zones reload correctly" +echo_i "checking that redirect zones reload correctly" ret=0 sleep 1 # ensure file mtime will have changed sed -e 's/0 0 0 0 0/1 0 0 0 0/' < ns2/example.db.in > ns2/example.db sed -e 's/0 0 0 0 0/1 0 0 0 0/' -e 's/\.1$/.2/' < ns2/redirect.db.in > ns2/redirect.db -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 reload > rndc.out || ret=1 -sed 's/^/I:ns2 /' rndc.out +$RNDCCMD 10.53.0.2 reload > rndc.out || ret=1 +sed 's/^/ns2 /' rndc.out | cat_i for i in 1 2 3 4 5 6 7 8 9; do tmp=0 $DIG $DIGOPTS +short @10.53.0.2 soa example.nil > dig.out.ns1.test$n || tmp=1 @@ -366,130 +365,130 @@ for i in 1 2 3 4 5 6 7 8 9; do done [ $tmp -eq 1 ] && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking A nxdomain-redirect works for nonexist ($n)" +echo_i "checking A nxdomain-redirect works for nonexist ($n)" ret=0 $DIG $DIGOPTS nonexist. @10.53.0.4 -b 10.53.0.2 a > dig.out.ns4.test$n || ret=1 grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 grep "nonexist. .*100.100.100.1" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking AAAA nxdomain-redirect works for nonexist ($n)" +echo_i "checking AAAA nxdomain-redirect works for nonexist ($n)" ret=0 rm ns4/named.stats 2>/dev/null -$RNDC -c ../common/rndc.conf -s 10.53.0.4 -p 9953 stats || ret=1 +$RNDCCMD 10.53.0.4 stats || ret=1 PRE_RED=`sed -n -e "s/[ ]*\([0-9]*\).queries resulted in NXDOMAIN that were redirected$/\1/p" ns4/named.stats` PRE_SUC=`sed -n -e "s/[ ]*\([0-9]*\).queries resulted in NXDOMAIN that were redirected and resulted in a successful remote lookup$/\1/p" ns4/named.stats` $DIG $DIGOPTS nonexist. @10.53.0.4 -b 10.53.0.2 aaaa > dig.out.ns4.test$n || ret=1 grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 grep "nonexist. .*2001:ffff:ffff::6464:6401" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking AAAA nxdomain-redirect updates statistics ($n)" +echo_i "checking AAAA nxdomain-redirect updates statistics ($n)" ret=0 rm ns4/named.stats 2>/dev/null -$RNDC -c ../common/rndc.conf -s 10.53.0.4 -p 9953 stats || ret=1 +$RNDCCMD 10.53.0.4 stats || ret=1 POST_RED=`sed -n -e "s/[ ]*\([0-9]*\).queries resulted in NXDOMAIN that were redirected$/\1/p" ns4/named.stats` POST_SUC=`sed -n -e "s/[ ]*\([0-9]*\).queries resulted in NXDOMAIN that were redirected and resulted in a successful remote lookup$/\1/p" ns4/named.stats` if [ `expr $POST_RED - $PRE_RED` != 1 ]; then ret=1; fi if [ `expr $POST_SUC - $PRE_SUC` != 1 ]; then ret=1; fi n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking ANY nxdomain-redirect works for nonexist ($n)" +echo_i "checking ANY nxdomain-redirect works for nonexist ($n)" ret=0 $DIG $DIGOPTS nonexist. @10.53.0.4 -b 10.53.0.2 any > dig.out.ns4.test$n || ret=1 grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 grep "100.100.100.1" dig.out.ns4.test$n > /dev/null || ret=1 grep "2001:ffff:ffff::6464:6401" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking A nxdomain-redirect works for signed nonexist, DO=0 ($n)" +echo_i "checking A nxdomain-redirect works for signed nonexist, DO=0 ($n)" ret=0 $DIG $DIGOPTS nonexist.signed. @10.53.0.4 -b 10.53.0.2 a > dig.out.ns4.test$n || ret=1 grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 grep "100.100.100.1" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking AAAA nxdomain-redirect works for signed nonexist, DO=0 ($n)" +echo_i "checking AAAA nxdomain-redirect works for signed nonexist, DO=0 ($n)" ret=0 $DIG $DIGOPTS nonexist.signed. @10.53.0.4 -b 10.53.0.2 aaaa > dig.out.ns4.test$n || ret=1 grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 grep "2001:ffff:ffff::6464:6401" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking ANY nxdomain-redirect works for signed nonexist, DO=0 ($n)" +echo_i "checking ANY nxdomain-redirect works for signed nonexist, DO=0 ($n)" ret=0 $DIG $DIGOPTS nonexist.signed. @10.53.0.4 -b 10.53.0.2 any > dig.out.ns4.test$n || ret=1 grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 grep "100.100.100.1" dig.out.ns4.test$n > /dev/null || ret=1 grep "2001:ffff:ffff::6464:6401" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking A nxdomain-redirect fails for signed nonexist, DO=1 ($n)" +echo_i "checking A nxdomain-redirect fails for signed nonexist, DO=1 ($n)" ret=0 $DIG $DIGOPTS nonexist.signed. +dnssec @10.53.0.4 -b 10.53.0.2 a > dig.out.ns4.test$n || ret=1 grep "status: NXDOMAIN" dig.out.ns4.test$n > /dev/null || ret=1 grep "100.100.100.1" dig.out.ns4.test$n > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking AAAA nxdomain-redirect fails for signed nonexist, DO=1 ($n)" +echo_i "checking AAAA nxdomain-redirect fails for signed nonexist, DO=1 ($n)" ret=0 $DIG $DIGOPTS nonexist.signed. +dnssec @10.53.0.4 -b 10.53.0.2 aaaa > dig.out.ns4.test$n || ret=1 grep "status: NXDOMAIN" dig.out.ns4.test$n > /dev/null || ret=1 grep "2001:ffff:ffff::6464:6401" dig.out.ns4.test$n > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking ANY nxdomain-redirect fails for signed nonexist, DO=1 ($n)" +echo_i "checking ANY nxdomain-redirect fails for signed nonexist, DO=1 ($n)" ret=0 $DIG $DIGOPTS nonexist.signed. +dnssec @10.53.0.4 -b 10.53.0.2 any > dig.out.ns4.test$n || ret=1 grep "status: NXDOMAIN" dig.out.ns4.test$n > /dev/null || ret=1 grep "100.100.100.1" dig.out.ns4.test$n > /dev/null && ret=1 grep "2001:ffff:ffff::6464:6401" dig.out.ns4.test$n > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking A nxdomain-redirect fails for nsec3 signed nonexist, DO=1 ($n)" +echo_i "checking A nxdomain-redirect fails for nsec3 signed nonexist, DO=1 ($n)" ret=0 $DIG $DIGOPTS nonexist.nsec3. +dnssec @10.53.0.4 -b 10.53.0.2 a > dig.out.ns4.test$n || ret=1 grep "status: NXDOMAIN" dig.out.ns4.test$n > /dev/null || ret=1 grep "100.100.100.1" dig.out.ns4.test$n > /dev/null && ret=1 grep "IN.NSEC3" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking AAAA nxdomain-redirect fails for nsec3 signed nonexist, DO=1 ($n)" +echo_i "checking AAAA nxdomain-redirect fails for nsec3 signed nonexist, DO=1 ($n)" ret=0 $DIG $DIGOPTS nonexist.nsec3. +dnssec @10.53.0.4 -b 10.53.0.2 aaaa > dig.out.ns4.test$n || ret=1 grep "status: NXDOMAIN" dig.out.ns4.test$n > /dev/null || ret=1 grep "2001:ffff:ffff::6464:6401" dig.out.ns4.test$n > /dev/null && ret=1 grep "IN.NSEC3" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking ANY nxdomain-redirect fails for nsec3 signed nonexist, DO=1 ($n)" +echo_i "checking ANY nxdomain-redirect fails for nsec3 signed nonexist, DO=1 ($n)" ret=0 $DIG $DIGOPTS nonexist.nsec3. +dnssec @10.53.0.4 -b 10.53.0.2 any > dig.out.ns4.test$n || ret=1 grep "status: NXDOMAIN" dig.out.ns4.test$n > /dev/null || ret=1 @@ -497,24 +496,24 @@ grep "100.100.100.1" dig.out.ns4.test$n > /dev/null && ret=1 grep "2001:ffff:ffff::6464:6401" dig.out.ns4.test$n > /dev/null && ret=1 grep "IN.NSEC3" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking nxdomain-redirect works (with noerror) when qtype is not found ($n)" +echo_i "checking nxdomain-redirect works (with noerror) when qtype is not found ($n)" ret=0 $DIG $DIGOPTS nonexist. @10.53.0.4 -b 10.53.0.2 txt > dig.out.ns4.test$n || ret=1 grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking nxdomain-redirect against authoritative zone ($n)" +echo_i "checking nxdomain-redirect against authoritative zone ($n)" ret=0 $DIG $DIGOPTS nonexist.example @10.53.0.4 -b 10.53.0.2 a > dig.out.ns4.test$n || ret=1 grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:exit status: $status" +echo_i "exit status: $status" [ $status -eq 0 ] || exit 1 diff --git a/bin/tests/system/resolver/ans2/ans.pl b/bin/tests/system/resolver/ans2/ans.pl index 35b93d6aa3..aea3c8a22c 100644 --- a/bin/tests/system/resolver/ans2/ans.pl +++ b/bin/tests/system/resolver/ans2/ans.pl @@ -6,8 +6,6 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -# $Id: ans.pl,v 1.15 2010/05/19 09:33:50 tbox Exp $ - # # Ad hoc name server # @@ -17,8 +15,11 @@ use IO::Socket; use Net::DNS; use Net::DNS::Packet; +my $localport = int($ENV{'PORT'}); +if (!$localport) { $localport = 5300; } + my $sock = IO::Socket::INET->new(LocalAddr => "10.53.0.2", - LocalPort => 5300, Proto => "udp") or die "$!"; + LocalPort => $localport, Proto => "udp") or die "$!"; my $pidf = new IO::File "ans.pid", "w" or die "cannot open pid file: $!"; print $pidf "$$\n" or die "cannot write pid file: $!"; diff --git a/bin/tests/system/resolver/ans3/ans.pl b/bin/tests/system/resolver/ans3/ans.pl index 02a81ab2d5..47f3ddb556 100644 --- a/bin/tests/system/resolver/ans3/ans.pl +++ b/bin/tests/system/resolver/ans3/ans.pl @@ -6,8 +6,6 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -# $Id: ans.pl,v 1.12 2009/11/04 02:15:30 marka Exp $ - # # Ad hoc name server # @@ -17,8 +15,11 @@ use IO::Socket; use Net::DNS; use Net::DNS::Packet; +my $localport = int($ENV{'PORT'}); +if (!$localport) { $localport = 5300; } + my $sock = IO::Socket::INET->new(LocalAddr => "10.53.0.3", - LocalPort => 5300, Proto => "udp") or die "$!"; + LocalPort => $localport, Proto => "udp") or die "$!"; my $pidf = new IO::File "ans.pid", "w" or die "cannot open pid file: $!"; print $pidf "$$\n" or die "cannot write pid file: $!"; diff --git a/bin/tests/system/resolver/ans8/ans.pl b/bin/tests/system/resolver/ans8/ans.pl index 7758c0744f..26736fafb1 100644 --- a/bin/tests/system/resolver/ans8/ans.pl +++ b/bin/tests/system/resolver/ans8/ans.pl @@ -20,12 +20,16 @@ local $SIG{PIPE} = 'IGNORE'; local $| = 1; my $server_addr = "10.53.0.8"; -my $udpsock = IO::Socket::INET->new(LocalAddr => "$server_addr", - LocalPort => 5300, Proto => "udp", Reuse => 1) or die "$!"; -my $tcpsock = IO::Socket::INET->new(LocalAddr => "$server_addr", - LocalPort => 5300, Proto => "tcp", Listen => 5, Reuse => 1) or die "$!"; -print "listening on $server_addr:5300.\n"; +my $localport = int($ENV{'PORT'}); +if (!$localport) { $localport = 5300; } + +my $udpsock = IO::Socket::INET->new(LocalAddr => "$server_addr", + LocalPort => $localport, Proto => "udp", Reuse => 1) or die "$!"; +my $tcpsock = IO::Socket::INET->new(LocalAddr => "$server_addr", + LocalPort => $localport, Proto => "tcp", Listen => 5, Reuse => 1) or die "$!"; + +print "listening on $server_addr:$localport.\n"; my $pidf = new IO::File "ans.pid", "w" or die "cannot open pid file: $!"; print $pidf "$$\n" or die "cannot write pid file: $!"; diff --git a/bin/tests/system/resolver/clean.sh b/bin/tests/system/resolver/clean.sh index d67947a45f..edca602795 100644 --- a/bin/tests/system/resolver/clean.sh +++ b/bin/tests/system/resolver/clean.sh @@ -9,6 +9,7 @@ # # Clean up after resolver tests. # +rm -f */named.conf rm -f */named.memstats rm -f */named.run rm -f */ans.run @@ -25,7 +26,7 @@ rm -f ns6/ds.example.net.db.signed ns6/ds.example.net.db rm -f ns6/dsset-ds.example.net* rm -f ns6/dsset-example.net* ns6/example.net.db.signed.jnl rm -f ns6/to-be-removed.tld.db ns6/to-be-removed.tld.db.jnl -rm -f ns7/server.db ns7/server.db.jnl ns7/named.conf +rm -f ns7/server.db ns7/server.db.jnl rm -f resolve.out.*.test* rm -f .digrc rm -f ns*/named.lock diff --git a/bin/tests/system/resolver/ns1/named.conf b/bin/tests/system/resolver/ns1/named.conf.in similarity index 93% rename from bin/tests/system/resolver/ns1/named.conf rename to bin/tests/system/resolver/ns1/named.conf.in index ad1bbf9f6f..e5c53acde4 100644 --- a/bin/tests/system/resolver/ns1/named.conf +++ b/bin/tests/system/resolver/ns1/named.conf.in @@ -6,15 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.15 2009/05/29 23:47:49 tbox Exp $ */ - -controls { /* empty */ }; - options { query-source address 10.53.0.1 dscp 1; notify-source 10.53.0.1 dscp 2; transfer-source 10.53.0.1 dscp 3; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.1; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/resolver/ns4/named.conf b/bin/tests/system/resolver/ns4/named.conf.in similarity index 85% rename from bin/tests/system/resolver/ns4/named.conf rename to bin/tests/system/resolver/ns4/named.conf.in index a3daba4dd5..23329c2051 100644 --- a/bin/tests/system/resolver/ns4/named.conf +++ b/bin/tests/system/resolver/ns4/named.conf.in @@ -6,17 +6,13 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.6 2012/02/09 23:47:18 tbox Exp $ */ - // NS4 -controls { /* empty */ }; - options { query-source address 10.53.0.4 dscp 4; notify-source 10.53.0.4 dscp 5; transfer-source 10.53.0.4 dscp 6; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.4; }; listen-on-v6 { none; }; @@ -57,5 +53,5 @@ key rndc_key { }; controls { - inet 10.53.0.4 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.4 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; diff --git a/bin/tests/system/resolver/ns5/named.conf b/bin/tests/system/resolver/ns5/named.conf.in similarity index 89% rename from bin/tests/system/resolver/ns5/named.conf rename to bin/tests/system/resolver/ns5/named.conf.in index 179fa1eb4d..e900856834 100644 --- a/bin/tests/system/resolver/ns5/named.conf +++ b/bin/tests/system/resolver/ns5/named.conf.in @@ -6,17 +6,13 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.4 2011/03/13 23:47:36 tbox Exp $ */ - // NS5 -controls { /* empty */ }; - options { query-source address 10.53.0.5 dscp 7; notify-source 10.53.0.5 dscp 8; transfer-source 10.53.0.5 dscp 9; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.5; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/resolver/ns6/named.conf b/bin/tests/system/resolver/ns6/named.conf.in similarity index 92% rename from bin/tests/system/resolver/ns6/named.conf rename to bin/tests/system/resolver/ns6/named.conf.in index 5636fd79cb..f2b475d006 100644 --- a/bin/tests/system/resolver/ns6/named.conf +++ b/bin/tests/system/resolver/ns6/named.conf.in @@ -6,17 +6,13 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.4 2012/02/09 23:47:18 tbox Exp $ */ - // NS6 -controls { /* empty */ }; - options { query-source address 10.53.0.6 dscp 10; notify-source 10.53.0.6 dscp 11; transfer-source 10.53.0.6 dscp 12; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.6; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/resolver/ns7/named1.conf b/bin/tests/system/resolver/ns7/named1.conf.in similarity index 85% rename from bin/tests/system/resolver/ns7/named1.conf rename to bin/tests/system/resolver/ns7/named1.conf.in index bcba6f0906..a150b30e18 100644 --- a/bin/tests/system/resolver/ns7/named1.conf +++ b/bin/tests/system/resolver/ns7/named1.conf.in @@ -8,13 +8,11 @@ // NS7 -controls { /* empty */ }; - options { query-source address 10.53.0.7 dscp 13; notify-source 10.53.0.7 dscp 14; transfer-source 10.53.0.7 dscp 15; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.7; }; listen-on-v6 { none; }; @@ -22,8 +20,8 @@ options { empty-zones-enable yes; disable-empty-zone 20.172.in-addr.arpa; /* - * I: check prefetch disabled - * I: check zero ttl not returned + * check prefetch disabled + * check zero ttl not returned */ prefetch 0; querylog yes; @@ -35,7 +33,7 @@ key rndc_key { }; controls { - inet 10.53.0.7 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.7 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; zone "." { diff --git a/bin/tests/system/resolver/ns7/named2.conf b/bin/tests/system/resolver/ns7/named2.conf.in similarity index 80% rename from bin/tests/system/resolver/ns7/named2.conf rename to bin/tests/system/resolver/ns7/named2.conf.in index 005bdf73d3..bd5362fb5a 100644 --- a/bin/tests/system/resolver/ns7/named2.conf +++ b/bin/tests/system/resolver/ns7/named2.conf.in @@ -8,13 +8,11 @@ // NS7 -controls { /* empty */ }; - options { - query-source address 10.53.0.7 port 5300 dscp 13; + query-source address 10.53.0.7 port @PORT@ dscp 13; notify-source 10.53.0.7 dscp 14; transfer-source 10.53.0.7 dscp 15; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.7; }; listen-on-v6 { none; }; @@ -22,8 +20,8 @@ options { empty-zones-enable yes; disable-empty-zone 20.172.in-addr.arpa; /* - * I: check prefetch disabled - * I: check zero ttl not returned + * check prefetch disabled + * check zero ttl not returned */ prefetch 0; querylog yes; @@ -35,7 +33,7 @@ key rndc_key { }; controls { - inet 10.53.0.7 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.7 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; zone "." { diff --git a/bin/tests/system/resolver/prereq.sh b/bin/tests/system/resolver/prereq.sh index f140fc8caf..eb62107a66 100644 --- a/bin/tests/system/resolver/prereq.sh +++ b/bin/tests/system/resolver/prereq.sh @@ -15,11 +15,11 @@ then then : else - echo "I:Net::DNS version 0.76 and 0.77 have a bug that causes this test to fail: please update." >&2 + echo_i "Net::DNS version 0.76 and 0.77 have a bug that causes this test to fail: please update." >&2 exit 1 fi else - echo "I:This test requires the Net::DNS library." >&2 + echo_i "This test requires the Net::DNS library." >&2 exit 1 fi diff --git a/bin/tests/system/resolver/setup.sh b/bin/tests/system/resolver/setup.sh index 9b8ec12d37..249f160625 100644 --- a/bin/tests/system/resolver/setup.sh +++ b/bin/tests/system/resolver/setup.sh @@ -14,5 +14,11 @@ test -r $RANDFILE || $GENRANDOM 800 $RANDFILE cp ns4/tld1.db ns4/tld.db cp ns6/to-be-removed.tld.db.in ns6/to-be-removed.tld.db cp ns7/server.db.in ns7/server.db -cp ns7/named1.conf ns7/named.conf + +copy_setports ns1/named.conf.in ns1/named.conf +copy_setports ns4/named.conf.in ns4/named.conf +copy_setports ns5/named.conf.in ns5/named.conf +copy_setports ns6/named.conf.in ns6/named.conf +copy_setports ns7/named1.conf.in ns7/named.conf + (cd ns6 && $SHELL keygen.sh) diff --git a/bin/tests/system/resolver/tests.sh b/bin/tests/system/resolver/tests.sh index a31ed0b042..705589847b 100755 --- a/bin/tests/system/resolver/tests.sh +++ b/bin/tests/system/resolver/tests.sh @@ -8,398 +8,403 @@ SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh +echo . + +DIGOPTS="-p ${PORT}" +RESOLVOPTS="-p ${PORT}" +RNDCCMD="$RNDC -c $SYSTEMTESTTOP/common/rndc.conf -p ${CONTROLPORT} -s" status=0 n=0 n=`expr $n + 1` -echo "I:checking non-cachable NXDOMAIN response handling ($n)" +echo_i "checking non-cachable NXDOMAIN response handling ($n)" ret=0 -$DIG +tcp nxdomain.example.net @10.53.0.1 a -p 5300 > dig.out.ns1.test${n} || ret=1 +$DIG $DIGOPTS +tcp nxdomain.example.net @10.53.0.1 a > dig.out.ns1.test${n} || ret=1 grep "status: NXDOMAIN" dig.out.ns1.test${n} > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` if [ -x ${RESOLVE} ] ; then n=`expr $n + 1` - echo "I:checking non-cachable NXDOMAIN response handling using dns_client ($n)" + echo_i "checking non-cachable NXDOMAIN response handling using dns_client ($n)" ret=0 - ${RESOLVE} -p 5300 -t a -s 10.53.0.1 nxdomain.example.net 2> resolve.out.ns1.test${n} || ret=1 + $RESOLVE $RESOLVOPTS -t a -s 10.53.0.1 nxdomain.example.net 2> resolve.out.ns1.test${n} || ret=1 grep "resolution failed: ncache nxdomain" resolve.out.ns1.test${n} > /dev/null || ret=1 - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` fi if [ -x ${RESOLVE} ] ; then n=`expr $n + 1` - echo "I:checking that local bound address can be set (Can't query from a denied address) ($n)" + echo_i "checking that local bound address can be set (Can't query from a denied address) ($n)" ret=0 - ${RESOLVE} -b 10.53.0.8 -p 5300 -t a -s 10.53.0.1 www.example.org 2> resolve.out.ns1.test${n} || ret=1 + ${RESOLVE} -b 10.53.0.8 $RESOLVOPTS -t a -s 10.53.0.1 www.example.org 2> resolve.out.ns1.test${n} || ret=1 grep "resolution failed: SERVFAIL" resolve.out.ns1.test${n} > /dev/null || ret=1 - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` - echo "I:checking that local bound address can be set (Can query from an allowed address) ($n)" + echo_i "checking that local bound address can be set (Can query from an allowed address) ($n)" ret=0 - ${RESOLVE} -b 10.53.0.1 -p 5300 -t a -s 10.53.0.1 www.example.org > resolve.out.ns1.test${n} || ret=1 + ${RESOLVE} -b 10.53.0.1 $RESOLVOPTS -t a -s 10.53.0.1 www.example.org > resolve.out.ns1.test${n} || ret=1 grep "www.example.org..*.192.0.2.1" resolve.out.ns1.test${n} > /dev/null || ret=1 - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` fi n=`expr $n + 1` -echo "I:checking non-cachable NODATA response handling ($n)" +echo_i "checking non-cachable NODATA response handling ($n)" ret=0 -$DIG +tcp nodata.example.net @10.53.0.1 a -p 5300 > dig.out.ns1.test${n} || ret=1 +$DIG $DIGOPTS +tcp nodata.example.net @10.53.0.1 a > dig.out.ns1.test${n} || ret=1 grep "status: NOERROR" dig.out.ns1.test${n} > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` if [ -x ${RESOLVE} ] ; then n=`expr $n + 1` - echo "I:checking non-cachable NODATA response handling using dns_client ($n)" + echo_i "checking non-cachable NODATA response handling using dns_client ($n)" ret=0 - ${RESOLVE} -p 5300 -t a -s 10.53.0.1 nodata.example.net 2> resolve.out.ns1.test${n} || ret=1 + $RESOLVE $RESOLVOPTS -t a -s 10.53.0.1 nodata.example.net 2> resolve.out.ns1.test${n} || ret=1 grep "resolution failed: ncache nxrrset" resolve.out.ns1.test${n} > /dev/null || ret=1 - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` fi n=`expr $n + 1` -echo "I:checking handling of bogus referrals ($n)" +echo_i "checking handling of bogus referrals ($n)" # If the server has the "INSIST(!external)" bug, this query will kill it. -$DIG +tcp www.example.com. a @10.53.0.1 -p 5300 >/dev/null || { echo I:failed; status=`expr $status + 1`; } +$DIG $DIGOPTS +tcp www.example.com. a @10.53.0.1 >/dev/null || { echo_i "failed"; status=`expr $status + 1`; } if [ -x ${RESOLVE} ] ; then n=`expr $n + 1` - echo "I:checking handling of bogus referrals using dns_client ($n)" + echo_i "checking handling of bogus referrals using dns_client ($n)" ret=0 - ${RESOLVE} -p 5300 -t a -s 10.53.0.1 www.example.com 2> resolve.out.ns1.test${n} || ret=1 + $RESOLVE $RESOLVOPTS -t a -s 10.53.0.1 www.example.com 2> resolve.out.ns1.test${n} || ret=1 grep "resolution failed: SERVFAIL" resolve.out.ns1.test${n} > /dev/null || ret=1 - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` fi n=`expr $n + 1` -echo "I:check handling of cname + other data / 1 ($n)" -$DIG +tcp cname1.example.com. a @10.53.0.1 -p 5300 >/dev/null || { echo I:failed; status=`expr $status + 1`; } +echo_i "check handling of cname + other data / 1 ($n)" +$DIG $DIGOPTS +tcp cname1.example.com. a @10.53.0.1 >/dev/null || { echo_i "failed"; status=`expr $status + 1`; } n=`expr $n + 1` -echo "I:check handling of cname + other data / 2 ($n)" -$DIG +tcp cname2.example.com. a @10.53.0.1 -p 5300 >/dev/null || { echo I:failed; status=`expr $status + 1`; } +echo_i "check handling of cname + other data / 2 ($n)" +$DIG $DIGOPTS +tcp cname2.example.com. a @10.53.0.1 >/dev/null || { echo_i "failed"; status=`expr $status + 1`; } n=`expr $n + 1` -echo "I:check that server is still running ($n)" -$DIG +tcp www.example.com. a @10.53.0.1 -p 5300 >/dev/null || { echo I:failed; status=`expr $status + 1`; } +echo_i "check that server is still running ($n)" +$DIG $DIGOPTS +tcp www.example.com. a @10.53.0.1 >/dev/null || { echo_i "failed"; status=`expr $status + 1`; } n=`expr $n + 1` -echo "I:checking answer IPv4 address filtering (deny) ($n)" +echo_i "checking answer IPv4 address filtering (deny) ($n)" ret=0 -$DIG +tcp www.example.net @10.53.0.1 a -p 5300 > dig.out.ns1.test${n} || ret=1 +$DIG $DIGOPTS +tcp www.example.net @10.53.0.1 a > dig.out.ns1.test${n} || ret=1 grep "status: SERVFAIL" dig.out.ns1.test${n} > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking answer IPv6 address filtering (deny) ($n)" +echo_i "checking answer IPv6 address filtering (deny) ($n)" ret=0 -$DIG +tcp www.example.net @10.53.0.1 aaaa -p 5300 > dig.out.ns1.test${n} || ret=1 +$DIG $DIGOPTS +tcp www.example.net @10.53.0.1 aaaa > dig.out.ns1.test${n} || ret=1 grep "status: SERVFAIL" dig.out.ns1.test${n} > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking answer IPv4 address filtering (accept) ($n)" +echo_i "checking answer IPv4 address filtering (accept) ($n)" ret=0 -$DIG +tcp www.example.org @10.53.0.1 a -p 5300 > dig.out.ns1.test${n} || ret=1 +$DIG $DIGOPTS +tcp www.example.org @10.53.0.1 a > dig.out.ns1.test${n} || ret=1 grep "status: NOERROR" dig.out.ns1.test${n} > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` if [ -x ${RESOLVE} ] ; then n=`expr $n + 1` - echo "I:checking answer IPv4 address filtering using dns_client (accept) ($n)" + echo_i "checking answer IPv4 address filtering using dns_client (accept) ($n)" ret=0 - ${RESOLVE} -p 5300 -t a -s 10.53.0.1 www.example.org > resolve.out.ns1.test${n} || ret=1 + $RESOLVE $RESOLVOPTS -t a -s 10.53.0.1 www.example.org > resolve.out.ns1.test${n} || ret=1 grep "www.example.org..*.192.0.2.1" resolve.out.ns1.test${n} > /dev/null || ret=1 - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` fi n=`expr $n + 1` -echo "I:checking answer IPv6 address filtering (accept) ($n)" +echo_i "checking answer IPv6 address filtering (accept) ($n)" ret=0 -$DIG +tcp www.example.org @10.53.0.1 aaaa -p 5300 > dig.out.ns1.test${n} || ret=1 +$DIG $DIGOPTS +tcp www.example.org @10.53.0.1 aaaa > dig.out.ns1.test${n} || ret=1 grep "status: NOERROR" dig.out.ns1.test${n} > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` if [ -x ${RESOLVE} ] ; then n=`expr $n + 1` - echo "I:checking answer IPv6 address filtering using dns_client (accept) ($n)" + echo_i "checking answer IPv6 address filtering using dns_client (accept) ($n)" ret=0 - ${RESOLVE} -p 5300 -t aaaa -s 10.53.0.1 www.example.org > resolve.out.ns1.test${n} || ret=1 + $RESOLVE $RESOLVOPTS -t aaaa -s 10.53.0.1 www.example.org > resolve.out.ns1.test${n} || ret=1 grep "www.example.org..*.2001:db8:beef::1" resolve.out.ns1.test${n} > /dev/null || ret=1 - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` fi n=`expr $n + 1` -echo "I:checking CNAME target filtering (deny) ($n)" +echo_i "checking CNAME target filtering (deny) ($n)" ret=0 -$DIG +tcp badcname.example.net @10.53.0.1 a -p 5300 > dig.out.ns1.test${n} || ret=1 +$DIG $DIGOPTS +tcp badcname.example.net @10.53.0.1 a > dig.out.ns1.test${n} || ret=1 grep "status: SERVFAIL" dig.out.ns1.test${n} > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking CNAME target filtering (accept) ($n)" +echo_i "checking CNAME target filtering (accept) ($n)" ret=0 -$DIG +tcp goodcname.example.net @10.53.0.1 a -p 5300 > dig.out.ns1.test${n} || ret=1 +$DIG $DIGOPTS +tcp goodcname.example.net @10.53.0.1 a > dig.out.ns1.test${n} || ret=1 grep "status: NOERROR" dig.out.ns1.test${n} > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` if [ -x ${RESOLVE} ] ; then n=`expr $n + 1` - echo "I:checking CNAME target filtering using dns_client (accept) ($n)" + echo_i "checking CNAME target filtering using dns_client (accept) ($n)" ret=0 - ${RESOLVE} -p 5300 -t a -s 10.53.0.1 goodcname.example.net > resolve.out.ns1.test${n} || ret=1 + $RESOLVE $RESOLVOPTS -t a -s 10.53.0.1 goodcname.example.net > resolve.out.ns1.test${n} || ret=1 grep "goodcname.example.net..*.goodcname.example.org." resolve.out.ns1.test${n} > /dev/null || ret=1 grep "goodcname.example.org..*.192.0.2.1" resolve.out.ns1.test${n} > /dev/null || ret=1 - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` fi n=`expr $n + 1` -echo "I:checking CNAME target filtering (accept due to subdomain) ($n)" +echo_i "checking CNAME target filtering (accept due to subdomain) ($n)" ret=0 -$DIG +tcp cname.sub.example.org @10.53.0.1 a -p 5300 > dig.out.ns1.test${n} || ret=1 +$DIG $DIGOPTS +tcp cname.sub.example.org @10.53.0.1 a > dig.out.ns1.test${n} || ret=1 grep "status: NOERROR" dig.out.ns1.test${n} > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` if [ -x ${RESOLVE} ] ; then n=`expr $n + 1` - echo "I:checking CNAME target filtering using dns_client (accept due to subdomain) ($n)" + echo_i "checking CNAME target filtering using dns_client (accept due to subdomain) ($n)" ret=0 - ${RESOLVE} -p 5300 -t a -s 10.53.0.1 cname.sub.example.org > resolve.out.ns1.test${n} || ret=1 + $RESOLVE $RESOLVOPTS -t a -s 10.53.0.1 cname.sub.example.org > resolve.out.ns1.test${n} || ret=1 grep "cname.sub.example.org..*.ok.sub.example.org." resolve.out.ns1.test${n} > /dev/null || ret=1 grep "ok.sub.example.org..*.192.0.2.1" resolve.out.ns1.test${n} > /dev/null || ret=1 - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` fi n=`expr $n + 1` -echo "I:checking DNAME target filtering (deny) ($n)" +echo_i "checking DNAME target filtering (deny) ($n)" ret=0 -$DIG +tcp foo.baddname.example.net @10.53.0.1 a -p 5300 > dig.out.ns1.test${n} || ret=1 +$DIG $DIGOPTS +tcp foo.baddname.example.net @10.53.0.1 a > dig.out.ns1.test${n} || ret=1 grep "status: SERVFAIL" dig.out.ns1.test${n} > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking DNAME target filtering (accept) ($n)" +echo_i "checking DNAME target filtering (accept) ($n)" ret=0 -$DIG +tcp foo.gooddname.example.net @10.53.0.1 a -p 5300 > dig.out.ns1.test${n} || ret=1 +$DIG $DIGOPTS +tcp foo.gooddname.example.net @10.53.0.1 a > dig.out.ns1.test${n} || ret=1 grep "status: NOERROR" dig.out.ns1.test${n} > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` if [ -x ${RESOLVE} ] ; then n=`expr $n + 1` - echo "I:checking DNAME target filtering using dns_client (accept) ($n)" + echo_i "checking DNAME target filtering using dns_client (accept) ($n)" ret=0 - ${RESOLVE} -p 5300 -t a -s 10.53.0.1 foo.gooddname.example.net > resolve.out.ns1.test${n} || ret=1 + $RESOLVE $RESOLVOPTS -t a -s 10.53.0.1 foo.gooddname.example.net > resolve.out.ns1.test${n} || ret=1 grep "foo.gooddname.example.net..*.gooddname.example.org" resolve.out.ns1.test${n} > /dev/null || ret=1 grep "foo.gooddname.example.org..*.192.0.2.1" resolve.out.ns1.test${n} > /dev/null || ret=1 - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` fi n=`expr $n + 1` -echo "I:checking DNAME target filtering (accept due to subdomain) ($n)" +echo_i "checking DNAME target filtering (accept due to subdomain) ($n)" ret=0 -$DIG +tcp www.dname.sub.example.org @10.53.0.1 a -p 5300 > dig.out.ns1.test${n} || ret=1 +$DIG $DIGOPTS +tcp www.dname.sub.example.org @10.53.0.1 a > dig.out.ns1.test${n} || ret=1 grep "status: NOERROR" dig.out.ns1.test${n} > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` if [ -x ${RESOLVE} ] ; then n=`expr $n + 1` - echo "I:checking DNAME target filtering using dns_client (accept due to subdomain) ($n)" + echo_i "checking DNAME target filtering using dns_client (accept due to subdomain) ($n)" ret=0 - ${RESOLVE} -p 5300 -t a -s 10.53.0.1 www.dname.sub.example.org > resolve.out.ns1.test${n} || ret=1 + $RESOLVE $RESOLVOPTS -t a -s 10.53.0.1 www.dname.sub.example.org > resolve.out.ns1.test${n} || ret=1 grep "www.dname.sub.example.org..*.ok.sub.example.org." resolve.out.ns1.test${n} > /dev/null || ret=1 grep "www.ok.sub.example.org..*.192.0.2.1" resolve.out.ns1.test${n} > /dev/null || ret=1 - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` fi n=`expr $n + 1` -echo "I: RT21594 regression test check setup ($n)" +echo_i "RT21594 regression test check setup ($n)" ret=0 # Check that "aa" is not being set by the authoritative server. -$DIG +tcp . @10.53.0.4 soa -p 5300 > dig.ns4.out.${n} || ret=1 +$DIG $DIGOPTS +tcp . @10.53.0.4 soa > dig.ns4.out.${n} || ret=1 grep 'flags: qr rd;' dig.ns4.out.${n} > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I: RT21594 regression test positive answers ($n)" +echo_i "RT21594 regression test positive answers ($n)" ret=0 # Check that resolver accepts the non-authoritative positive answers. -$DIG +tcp . @10.53.0.5 soa -p 5300 > dig.ns5.out.${n} || ret=1 +$DIG $DIGOPTS +tcp . @10.53.0.5 soa > dig.ns5.out.${n} || ret=1 grep "status: NOERROR" dig.ns5.out.${n} > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I: RT21594 regression test NODATA answers ($n)" +echo_i "RT21594 regression test NODATA answers ($n)" ret=0 # Check that resolver accepts the non-authoritative nodata answers. -$DIG +tcp . @10.53.0.5 txt -p 5300 > dig.ns5.out.${n} || ret=1 +$DIG $DIGOPTS +tcp . @10.53.0.5 txt > dig.ns5.out.${n} || ret=1 grep "status: NOERROR" dig.ns5.out.${n} > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I: RT21594 regression test NXDOMAIN answers ($n)" +echo_i "RT21594 regression test NXDOMAIN answers ($n)" ret=0 # Check that resolver accepts the non-authoritative positive answers. -$DIG +tcp noexistant @10.53.0.5 txt -p 5300 > dig.ns5.out.${n} || ret=1 +$DIG $DIGOPTS +tcp noexistant @10.53.0.5 txt > dig.ns5.out.${n} || ret=1 grep "status: NXDOMAIN" dig.ns5.out.${n} > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:check that replacement of additional data by a negative cache no data entry clears the additional RRSIGs ($n)" +echo_i "check that replacement of additional data by a negative cache no data entry clears the additional RRSIGs ($n)" ret=0 -$DIG +tcp mx example.net @10.53.0.7 -p 5300 > dig.ns7.out.${n} || ret=1 +$DIG $DIGOPTS +tcp mx example.net @10.53.0.7 > dig.ns7.out.${n} || ret=1 grep "status: NOERROR" dig.ns7.out.${n} > /dev/null || ret=1 -if [ $ret = 1 ]; then echo "I:mx priming failed"; fi +if [ $ret = 1 ]; then echo_i "mx priming failed"; fi $NSUPDATE << EOF -server 10.53.0.6 5300 +server 10.53.0.6 ${PORT} zone example.net update delete mail.example.net A update add mail.example.net 0 AAAA ::1 send EOF -$DIG +tcp a mail.example.net @10.53.0.7 -p 5300 > dig.ns7.out.${n} || ret=2 +$DIG $DIGOPTS +tcp a mail.example.net @10.53.0.7 > dig.ns7.out.${n} || ret=2 grep "status: NOERROR" dig.ns7.out.${n} > /dev/null || ret=2 grep "ANSWER: 0" dig.ns7.out.${n} > /dev/null || ret=2 -if [ $ret = 2 ]; then echo "I:ncache priming failed"; fi -$DIG +tcp mx example.net @10.53.0.7 -p 5300 > dig.ns7.out.${n} || ret=3 +if [ $ret = 2 ]; then echo_i "ncache priming failed"; fi +$DIG $DIGOPTS +tcp mx example.net @10.53.0.7 > dig.ns7.out.${n} || ret=3 grep "status: NOERROR" dig.ns7.out.${n} > /dev/null || ret=3 -$DIG +tcp rrsig mail.example.net +norec @10.53.0.7 -p 5300 > dig.ns7.out.${n} || ret=4 +$DIG $DIGOPTS +tcp rrsig mail.example.net +norec @10.53.0.7 > dig.ns7.out.${n} || ret=4 grep "status: NOERROR" dig.ns7.out.${n} > /dev/null || ret=4 grep "ANSWER: 0" dig.ns7.out.${n} > /dev/null || ret=4 -if [ $ret != 0 ]; then echo "I:failed"; ret=1; fi +if [ $ret != 0 ]; then echo_i "failed"; ret=1; fi status=`expr $status + $ret` -if [ $ret != 0 ]; then echo "I:failed"; ret=1; fi +if [ $ret != 0 ]; then echo_i "failed"; ret=1; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that update a nameservers address has immediate effects ($n)" +echo_i "checking that update a nameservers address has immediate effects ($n)" ret=0 -$DIG +tcp TXT foo.moves @10.53.0.7 -p 5300 > dig.ns7.foo.${n} || ret=1 -grep "From NS 5" dig.ns7.foo.${n} > /dev/null || ret=1 +$DIG $DIGOPTS +tcp TXT foo.moves @10.53.0.7 > dig.ns7.foo.${n} || ret=1 +grep "From NS 5" dig.ns7.foo.${n} > /dev/null || ret=1 $NSUPDATE << EOF -server 10.53.0.7 5300 +server 10.53.0.7 ${PORT} zone server update delete ns.server A update add ns.server 300 A 10.53.0.4 send EOF sleep 1 -$DIG +tcp TXT bar.moves @10.53.0.7 -p 5300 > dig.ns7.bar.${n} || ret=1 +$DIG $DIGOPTS +tcp TXT bar.moves @10.53.0.7 > dig.ns7.bar.${n} || ret=1 grep "From NS 4" dig.ns7.bar.${n} > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; status=1; fi +if [ $ret != 0 ]; then echo_i "failed"; status=1; fi n=`expr $n + 1` -echo "I:checking that update a nameservers glue has immediate effects ($n)" +echo_i "checking that update a nameservers glue has immediate effects ($n)" ret=0 -$DIG +tcp TXT foo.child.server @10.53.0.7 -p 5300 > dig.ns7.foo.${n} || ret=1 -grep "From NS 5" dig.ns7.foo.${n} > /dev/null || ret=1 +$DIG $DIGOPTS +tcp TXT foo.child.server @10.53.0.7 > dig.ns7.foo.${n} || ret=1 +grep "From NS 5" dig.ns7.foo.${n} > /dev/null || ret=1 $NSUPDATE << EOF -server 10.53.0.7 5300 +server 10.53.0.7 ${PORT} zone server update delete ns.child.server A update add ns.child.server 300 A 10.53.0.4 send EOF sleep 1 -$DIG +tcp TXT bar.child.server @10.53.0.7 -p 5300 > dig.ns7.bar.${n} || ret=1 +$DIG $DIGOPTS +tcp TXT bar.child.server @10.53.0.7 > dig.ns7.bar.${n} || ret=1 grep "From NS 4" dig.ns7.bar.${n} > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; status=1; fi +if [ $ret != 0 ]; then echo_i "failed"; status=1; fi n=`expr $n + 1` -echo "I:checking empty RFC 1918 reverse zones ($n)" +echo_i "checking empty RFC 1918 reverse zones ($n)" ret=0 # Check that "aa" is being set by the resolver for RFC 1918 zones # except the one that has been deliberately disabled -$DIG @10.53.0.7 -p 5300 -x 10.1.1.1 > dig.ns4.out.1.${n} || ret=1 +$DIG $DIGOPTS @10.53.0.7 -x 10.1.1.1 > dig.ns4.out.1.${n} || ret=1 grep 'flags: qr aa rd ra;' dig.ns4.out.1.${n} > /dev/null || ret=1 -$DIG @10.53.0.7 -p 5300 -x 192.168.1.1 > dig.ns4.out.2.${n} || ret=1 +$DIG $DIGOPTS @10.53.0.7 -x 192.168.1.1 > dig.ns4.out.2.${n} || ret=1 grep 'flags: qr aa rd ra;' dig.ns4.out.2.${n} > /dev/null || ret=1 -$DIG @10.53.0.7 -p 5300 -x 172.16.1.1 > dig.ns4.out.3.${n} || ret=1 +$DIG $DIGOPTS @10.53.0.7 -x 172.16.1.1 > dig.ns4.out.3.${n} || ret=1 grep 'flags: qr aa rd ra;' dig.ns4.out.3.${n} > /dev/null || ret=1 -$DIG @10.53.0.7 -p 5300 -x 172.17.1.1 > dig.ns4.out.4.${n} || ret=1 +$DIG $DIGOPTS @10.53.0.7 -x 172.17.1.1 > dig.ns4.out.4.${n} || ret=1 grep 'flags: qr aa rd ra;' dig.ns4.out.4.${n} > /dev/null || ret=1 -$DIG @10.53.0.7 -p 5300 -x 172.18.1.1 > dig.ns4.out.5.${n} || ret=1 +$DIG $DIGOPTS @10.53.0.7 -x 172.18.1.1 > dig.ns4.out.5.${n} || ret=1 grep 'flags: qr aa rd ra;' dig.ns4.out.5.${n} > /dev/null || ret=1 -$DIG @10.53.0.7 -p 5300 -x 172.19.1.1 > dig.ns4.out.6.${n} || ret=1 +$DIG $DIGOPTS @10.53.0.7 -x 172.19.1.1 > dig.ns4.out.6.${n} || ret=1 grep 'flags: qr aa rd ra;' dig.ns4.out.6.${n} > /dev/null || ret=1 -$DIG @10.53.0.7 -p 5300 -x 172.21.1.1 > dig.ns4.out.7.${n} || ret=1 +$DIG $DIGOPTS @10.53.0.7 -x 172.21.1.1 > dig.ns4.out.7.${n} || ret=1 grep 'flags: qr aa rd ra;' dig.ns4.out.7.${n} > /dev/null || ret=1 -$DIG @10.53.0.7 -p 5300 -x 172.22.1.1 > dig.ns4.out.8.${n} || ret=1 +$DIG $DIGOPTS @10.53.0.7 -x 172.22.1.1 > dig.ns4.out.8.${n} || ret=1 grep 'flags: qr aa rd ra;' dig.ns4.out.8.${n} > /dev/null || ret=1 -$DIG @10.53.0.7 -p 5300 -x 172.23.1.1 > dig.ns4.out.9.${n} || ret=1 +$DIG $DIGOPTS @10.53.0.7 -x 172.23.1.1 > dig.ns4.out.9.${n} || ret=1 grep 'flags: qr aa rd ra;' dig.ns4.out.9.${n} > /dev/null || ret=1 -$DIG @10.53.0.7 -p 5300 -x 172.24.1.1 > dig.ns4.out.11.${n} || ret=1 +$DIG $DIGOPTS @10.53.0.7 -x 172.24.1.1 > dig.ns4.out.11.${n} || ret=1 grep 'flags: qr aa rd ra;' dig.ns4.out.11.${n} > /dev/null || ret=1 -$DIG @10.53.0.7 -p 5300 -x 172.25.1.1 > dig.ns4.out.12.${n} || ret=1 +$DIG $DIGOPTS @10.53.0.7 -x 172.25.1.1 > dig.ns4.out.12.${n} || ret=1 grep 'flags: qr aa rd ra;' dig.ns4.out.12.${n} > /dev/null || ret=1 -$DIG @10.53.0.7 -p 5300 -x 172.26.1.1 > dig.ns4.out.13.${n} || ret=1 +$DIG $DIGOPTS @10.53.0.7 -x 172.26.1.1 > dig.ns4.out.13.${n} || ret=1 grep 'flags: qr aa rd ra;' dig.ns4.out.13.${n} > /dev/null || ret=1 -$DIG @10.53.0.7 -p 5300 -x 172.27.1.1 > dig.ns4.out.14.${n} || ret=1 +$DIG $DIGOPTS @10.53.0.7 -x 172.27.1.1 > dig.ns4.out.14.${n} || ret=1 grep 'flags: qr aa rd ra;' dig.ns4.out.14.${n} > /dev/null || ret=1 -$DIG @10.53.0.7 -p 5300 -x 172.28.1.1 > dig.ns4.out.15.${n} || ret=1 +$DIG $DIGOPTS @10.53.0.7 -x 172.28.1.1 > dig.ns4.out.15.${n} || ret=1 grep 'flags: qr aa rd ra;' dig.ns4.out.15.${n} > /dev/null || ret=1 -$DIG @10.53.0.7 -p 5300 -x 172.29.1.1 > dig.ns4.out.16.${n} || ret=1 +$DIG $DIGOPTS @10.53.0.7 -x 172.29.1.1 > dig.ns4.out.16.${n} || ret=1 grep 'flags: qr aa rd ra;' dig.ns4.out.16.${n} > /dev/null || ret=1 -$DIG @10.53.0.7 -p 5300 -x 172.30.1.1 > dig.ns4.out.17.${n} || ret=1 +$DIG $DIGOPTS @10.53.0.7 -x 172.30.1.1 > dig.ns4.out.17.${n} || ret=1 grep 'flags: qr aa rd ra;' dig.ns4.out.17.${n} > /dev/null || ret=1 -$DIG @10.53.0.7 -p 5300 -x 172.31.1.1 > dig.ns4.out.18.${n} || ret=1 +$DIG $DIGOPTS @10.53.0.7 -x 172.31.1.1 > dig.ns4.out.18.${n} || ret=1 grep 'flags: qr aa rd ra;' dig.ns4.out.18.${n} > /dev/null || ret=1 # but this one should NOT be authoritative -$DIG @10.53.0.7 -p 5300 -x 172.20.1.1 > dig.ns4.out.19.${n} || ret=1 +$DIG $DIGOPTS @10.53.0.7 -x 172.20.1.1 > dig.ns4.out.19.${n} || ret=1 grep 'flags: qr rd ra;' dig.ns4.out.19.${n} > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; status=1; fi +if [ $ret != 0 ]; then echo_i "failed"; status=1; fi n=`expr $n + 1` -echo "I:checking that removal of a delegation is honoured ($n)" +echo_i "checking that removal of a delegation is honoured ($n)" ret=0 -$DIG -p 5300 @10.53.0.5 www.to-be-removed.tld A > dig.ns5.prime.${n} -grep "status: NOERROR" dig.ns5.prime.${n} > /dev/null || { ret=1; echo "I: priming failed"; } +$DIG $DIGOPTS @10.53.0.5 www.to-be-removed.tld A > dig.ns5.prime.${n} +grep "status: NOERROR" dig.ns5.prime.${n} > /dev/null || { ret=1; echo_i "priming failed"; } cp ns4/tld2.db ns4/tld.db -($RNDC -c ../common/rndc.conf -s 10.53.0.4 -p 9953 reload tld 2>&1 ) | -sed -e '/reload queued/d' -e 's/^/I:ns4 /' +($RNDCCMD 10.53.0.4 reload tld 2>&1 ) | +sed -e '/reload queued/d' -e 's/^/ns4 /' | cat_i old= for i in 0 1 2 3 4 5 6 7 8 9 do foo=0 - $DIG -p 5300 @10.53.0.5 ns$i.to-be-removed.tld A > /dev/null - $DIG -p 5300 @10.53.0.5 www.to-be-removed.tld A > dig.ns5.out.${n} + $DIG $DIGOPTS @10.53.0.5 ns$i.to-be-removed.tld A > /dev/null + $DIG $DIGOPTS @10.53.0.5 www.to-be-removed.tld A > dig.ns5.out.${n} grep "status: NXDOMAIN" dig.ns5.out.${n} > /dev/null || foo=1 [ $foo = 0 ] && break $NSUPDATE << EOF -server 10.53.0.6 5300 +server 10.53.0.6 ${PORT} zone to-be-removed.tld update add to-be-removed.tld 100 NS ns${i}.to-be-removed.tld update delete to-be-removed.tld NS ns${old}.to-be-removed.tld @@ -408,174 +413,174 @@ EOF old=$i sleep 1 done -[ $ret = 0 ] && ret=$foo; -if [ $ret != 0 ]; then echo "I:failed"; status=1; fi +[ $ret = 0 ] && ret=$foo; +if [ $ret != 0 ]; then echo_i "failed"; status=1; fi n=`expr $n + 1` -echo "I:check for improved error message with SOA mismatch ($n)" +echo_i "check for improved error message with SOA mismatch ($n)" ret=0 -$DIG @10.53.0.1 -p 5300 www.sub.broken aaaa > dig.out.ns1.test${n} || ret=1 +$DIG $DIGOPTS @10.53.0.1 www.sub.broken aaaa > dig.out.ns1.test${n} || ret=1 grep "not subdomain of zone" ns1/named.run > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -cp ns7/named2.conf ns7/named.conf -$RNDC -c ../common/rndc.conf -s 10.53.0.7 -p 9953 reconfig 2>&1 | sed 's/^/I:ns7 /' +copy_setports ns7/named2.conf.in ns7/named.conf +$RNDCCMD 10.53.0.7 reconfig 2>&1 | sed 's/^/ns7 /' | cat_i n=`expr $n + 1` -echo "I:check resolution on the listening port ($n)" +echo_i "check resolution on the listening port ($n)" ret=0 -$DIG +tcp +tries=2 +time=5 mx example.net @10.53.0.7 -p 5300 > dig.ns7.out.${n} || ret=2 +$DIG $DIGOPTS +tcp +tries=2 +time=5 mx example.net @10.53.0.7 > dig.ns7.out.${n} || ret=2 grep "status: NOERROR" dig.ns7.out.${n} > /dev/null || ret=1 grep "ANSWER: 1" dig.ns7.out.${n} > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; ret=1; fi +if [ $ret != 0 ]; then echo_i "failed"; ret=1; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:check prefetch (${n})" +echo_i "check prefetch (${n})" ret=0 -$DIG @10.53.0.5 -p 5300 fetch.tld txt > dig.out.1.${n} || ret=1 +$DIG $DIGOPTS @10.53.0.5 fetch.tld txt > dig.out.1.${n} || ret=1 ttl1=`awk '/"A" "short" "ttl"/ { print $2 - 2 }' dig.out.1.${n}` # sleep so we are in prefetch range sleep ${ttl1:-0} # trigger prefetch -$DIG @10.53.0.5 -p 5300 fetch.tld txt > dig.out.2.${n} || ret=1 +$DIG $DIGOPTS @10.53.0.5 fetch.tld txt > dig.out.2.${n} || ret=1 ttl2=`awk '/"A" "short" "ttl"/ { print $2 }' dig.out.2.${n}` sleep 1 # check that prefetch occured -$DIG @10.53.0.5 -p 5300 fetch.tld txt > dig.out.3.${n} || ret=1 +$DIG $DIGOPTS @10.53.0.5 fetch.tld txt > dig.out.3.${n} || ret=1 ttl=`awk '/"A" "short" "ttl"/ { print $2 }' dig.out.3.${n}` test ${ttl:-0} -gt ${ttl2:-1} || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:check prefetch of validated DS's RRSIG TTL is updated (${n})" +echo_i "check prefetch of validated DS's RRSIG TTL is updated (${n})" ret=0 -$DIG +dnssec @10.53.0.5 -p 5300 ds.example.net ds > dig.out.1.${n} || ret=1 +$DIG $DIGOPTS +dnssec @10.53.0.5 ds.example.net ds > dig.out.1.${n} || ret=1 ttl1=`awk '$4 == "DS" && $7 == "1" { print $2 - 2 }' dig.out.1.${n}` # sleep so we are in prefetch range sleep ${ttl1:-0} # trigger prefetch -$DIG @10.53.0.5 -p 5300 ds.example.net ds > dig.out.2.${n} || ret=1 +$DIG $DIGOPTS @10.53.0.5 ds.example.net ds > dig.out.2.${n} || ret=1 ttl1=`awk '$4 == "DS" && $7 == "1" { print $2 }' dig.out.2.${n}` sleep 1 # check that prefetch occured -$DIG @10.53.0.5 -p 5300 ds.example.net ds +dnssec > dig.out.3.${n} || ret=1 +$DIG $DIGOPTS @10.53.0.5 ds.example.net ds +dnssec > dig.out.3.${n} || ret=1 dsttl=`awk '$4 == "DS" && $7 == "1" { print $2 }' dig.out.3.${n}` sigttl=`awk '$4 == "RRSIG" && $5 == "DS" { print $2 }' dig.out.3.${n}` test ${dsttl:-0} -gt ${ttl2:-1} || ret=1 test ${sigttl:-0} -gt ${ttl2:-1} || ret=1 test ${dsttl:-0} -eq ${sigttl:-1} || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:check prefetch disabled (${n})" +echo_i "check prefetch disabled (${n})" ret=0 -$DIG @10.53.0.7 -p 5300 fetch.example.net txt > dig.out.1.${n} || ret=1 +$DIG $DIGOPTS @10.53.0.7 fetch.example.net txt > dig.out.1.${n} || ret=1 ttl1=`awk '/"A" "short" "ttl"/ { print $2 - 2 }' dig.out.1.${n}` # sleep so we are in expire range sleep ${ttl1:-0} # look for ttl = 1, allow for one miss at getting zero ttl zerotonine="0 1 2 3 4 5 6 7 8 9" for i in $zerotonine $zerotonine $zerotonine $zerotonine -do - $DIG @10.53.0.7 -p 5300 fetch.example.net txt > dig.out.2.${n} || ret=1 +do + $DIG $DIGOPTS @10.53.0.7 fetch.example.net txt > dig.out.2.${n} || ret=1 ttl2=`awk '/"A" "short" "ttl"/ { print $2 }' dig.out.2.${n}` test ${ttl2:-2} -eq 1 && break - $PERL -e 'select(undef, undef, undef, 0.05);' + $PERL -e 'select(undef, undef, undef, 0.05);' done test ${ttl2:-2} -eq 1 || ret=1 # delay so that any prefetched record will have a lower ttl than expected sleep 3 # check that prefetch has not occured -$DIG @10.53.0.7 -p 5300 fetch.example.net txt > dig.out.3.${n} || ret=1 +$DIG $DIGOPTS @10.53.0.7 fetch.example.net txt > dig.out.3.${n} || ret=1 ttl=`awk '/"A" "short" "ttl"/ { print $2 - 2 }' dig.out.3.${n}` test ${ttl:-0} -eq ${ttl1:-1} || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:check prefetch qtype * (${n})" +echo_i "check prefetch qtype * (${n})" ret=0 -$DIG @10.53.0.5 -p 5300 fetchall.tld any > dig.out.1.${n} || ret=1 +$DIG $DIGOPTS @10.53.0.5 fetchall.tld any > dig.out.1.${n} || ret=1 ttl1=`awk '/"A" "short" "ttl"/ { print $2 - 2 }' dig.out.1.${n}` # sleep so we are in prefetch range sleep ${ttl1:-0} # trigger prefetch -$DIG @10.53.0.5 -p 5300 fetchall.tld any > dig.out.2.${n} || ret=1 +$DIG $DIGOPTS @10.53.0.5 fetchall.tld any > dig.out.2.${n} || ret=1 ttl2=`awk '/"A" "short" "ttl"/ { print $2 }' dig.out.2.${n}` sleep 1 # check that the nameserver is still alive -$DIG @10.53.0.5 -p 5300 fetchall.tld any > dig.out.3.${n} || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +$DIG $DIGOPTS @10.53.0.5 fetchall.tld any > dig.out.3.${n} || ret=1 +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:check that E was logged on EDNS queries in the query log (${n})" +echo_i "check that E was logged on EDNS queries in the query log (${n})" ret=0 -$DIG @10.53.0.5 -p 5300 +edns edns.fetchall.tld any > dig.out.2.${n} || ret=1 +$DIG $DIGOPTS @10.53.0.5 +edns edns.fetchall.tld any > dig.out.2.${n} || ret=1 grep "query: edns.fetchall.tld IN ANY +E" ns5/named.run > /dev/null || ret=1 -$DIG @10.53.0.5 -p 5300 +noedns noedns.fetchall.tld any > dig.out.2.${n} || ret=1 +$DIG $DIGOPTS @10.53.0.5 +noedns noedns.fetchall.tld any > dig.out.2.${n} || ret=1 grep "query: noedns.fetchall.tld IN ANY" ns5/named.run > /dev/null || ret=1 grep "query: noedns.fetchall.tld IN ANY +E" ns5/named.run > /dev/null && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:check that '-t aaaa' in .digrc does not have unexpected side effects ($n)" +echo_i "check that '-t aaaa' in .digrc does not have unexpected side effects ($n)" ret=0 echo "-t aaaa" > .digrc -env HOME=`pwd` $DIG @10.53.0.4 -p 5300 . > dig.out.1.${n} || ret=1 -env HOME=`pwd` $DIG @10.53.0.4 -p 5300 . A > dig.out.2.${n} || ret=1 -env HOME=`pwd` $DIG @10.53.0.4 -p 5300 -x 127.0.0.1 > dig.out.3.${n} || ret=1 +env HOME=`pwd` $DIG $DIGOPTS @10.53.0.4 . > dig.out.1.${n} || ret=1 +env HOME=`pwd` $DIG $DIGOPTS @10.53.0.4 . A > dig.out.2.${n} || ret=1 +env HOME=`pwd` $DIG $DIGOPTS @10.53.0.4 -x 127.0.0.1 > dig.out.3.${n} || ret=1 grep ';\..*IN.*AAAA$' dig.out.1.${n} > /dev/null || ret=1 grep ';\..*IN.*A$' dig.out.2.${n} > /dev/null || ret=1 grep 'extra type option' dig.out.2.${n} > /dev/null && ret=1 grep ';1\.0\.0\.127\.in-addr\.arpa\..*IN.*PTR$' dig.out.3.${n} > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` edns=`$FEATURETEST --edns-version` n=`expr $n + 1` -echo "I:check that EDNS version is logged (${n})" +echo_i "check that EDNS version is logged (${n})" ret=0 -$DIG @10.53.0.5 -p 5300 +edns edns0.fetchall.tld any > dig.out.2.${n} || ret=1 +$DIG $DIGOPTS @10.53.0.5 +edns edns0.fetchall.tld any > dig.out.2.${n} || ret=1 grep "query: edns0.fetchall.tld IN ANY +E(0)" ns5/named.run > /dev/null || ret=1 if test ${edns:-0} != 0; then - $DIG @10.53.0.5 -p 5300 +edns=1 edns1.fetchall.tld any > dig.out.2.${n} || ret=1 + $DIG $DIGOPTS @10.53.0.5 +edns=1 edns1.fetchall.tld any > dig.out.2.${n} || ret=1 grep "query: edns1.fetchall.tld IN ANY +E(1)" ns5/named.run > /dev/null || ret=1 fi -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` if test ${edns:-0} != 0; then n=`expr $n + 1` - echo "I:check that edns-version is honoured (${n})" + echo_i "check that edns-version is honoured (${n})" ret=0 - $DIG @10.53.0.5 -p 5300 +edns no-edns-version.tld > dig.out.1.${n} || ret=1 + $DIG $DIGOPTS @10.53.0.5 +edns no-edns-version.tld > dig.out.1.${n} || ret=1 grep "query: no-edns-version.tld IN A -E(1)" ns6/named.run > /dev/null || ret=1 - $DIG @10.53.0.5 -p 5300 +edns edns-version.tld > dig.out.2.${n} || ret=1 + $DIG $DIGOPTS @10.53.0.5 +edns edns-version.tld > dig.out.2.${n} || ret=1 grep "query: edns-version.tld IN A -E(0)" ns7/named.run > /dev/null || ret=1 - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` fi n=`expr $n + 1` -echo "I:check that CNAME nameserver is logged correctly (${n})" +echo_i "check that CNAME nameserver is logged correctly (${n})" ret=0 -$DIG soa all-cnames @10.53.0.5 -p 5300 > dig.out.ns5.test${n} || ret=1 +$DIG $DIGOPTS soa all-cnames @10.53.0.5 > dig.out.ns5.test${n} || ret=1 grep "status: SERVFAIL" dig.out.ns5.test${n} > /dev/null || ret=1 grep "skipping nameserver 'cname.tld' because it is a CNAME, while resolving 'all-cnames/SOA'" ns5/named.run > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:check that unexpected opcodes are handled correctly (${n})" +echo_i "check that unexpected opcodes are handled correctly (${n})" ret=0 -$DIG soa all-cnames @10.53.0.5 -p 5300 +opcode=15 +cd +rec +ad +zflag > dig.out.ns5.test${n} || ret=1 +$DIG $DIGOPTS soa all-cnames @10.53.0.5 +opcode=15 +cd +rec +ad +zflag > dig.out.ns5.test${n} || ret=1 grep "status: NOTIMP" dig.out.ns5.test${n} > /dev/null || ret=1 grep "flags:[^;]* qr[; ]" dig.out.ns5.test${n} > /dev/null || ret=1 grep "flags:[^;]* ra[; ]" dig.out.ns5.test${n} > /dev/null && ret=1 @@ -583,129 +588,129 @@ grep "flags:[^;]* rd[; ]" dig.out.ns5.test${n} > /dev/null && ret=1 grep "flags:[^;]* cd[; ]" dig.out.ns5.test${n} > /dev/null && ret=1 grep "flags:[^;]* ad[; ]" dig.out.ns5.test${n} > /dev/null && ret=1 grep "flags:[^;]*; MBZ: " dig.out.ns5.test${n} > /dev/null && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:check that EDNS client subnet with non-zeroed bits is handled correctly (${n})" +echo_i "check that EDNS client subnet with non-zeroed bits is handled correctly (${n})" ret=0 # 0001 (IPv4) 1f (31 significant bits) 00 (0) ffffffff (255.255.255.255) -$DIG soa . @10.53.0.5 -p 5300 +ednsopt=8:00011f00ffffffff > dig.out.ns5.test${n} || ret=1 +$DIG $DIGOPTS soa . @10.53.0.5 +ednsopt=8:00011f00ffffffff > dig.out.ns5.test${n} || ret=1 grep "status: FORMERR" dig.out.ns5.test${n} > /dev/null || ret=1 grep "; EDNS: version:" dig.out.ns5.test${n} > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:check that dig +subnet zeros address bits correctly (${n})" +echo_i "check that dig +subnet zeros address bits correctly (${n})" ret=0 -$DIG soa . @10.53.0.5 -p 5300 +subnet=255.255.255.255/23 > dig.out.ns5.test${n} || ret=1 +$DIG $DIGOPTS soa . @10.53.0.5 +subnet=255.255.255.255/23 > dig.out.ns5.test${n} || ret=1 grep "status: NOERROR" dig.out.ns5.test${n} > /dev/null || ret=1 grep "CLIENT-SUBNET: 255.255.254.0/23/0" dig.out.ns5.test${n} > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:check that SOA query returns data for delegation-only apex (${n})" +echo_i "check that SOA query returns data for delegation-only apex (${n})" ret=0 -$DIG soa delegation-only @10.53.0.5 -p 5300 > dig.out.ns5.test${n} || ret=1 +$DIG $DIGOPTS soa delegation-only @10.53.0.5 > dig.out.ns5.test${n} || ret=1 grep "status: NOERROR" dig.out.ns5.test${n} > /dev/null || ret=1 grep "ANSWER: 1," dig.out.ns5.test${n} > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` n=`expr $n + 1` -echo "I:check that NS query returns data for delegation-only apex (${n})" +echo_i "check that NS query returns data for delegation-only apex (${n})" ret=0 -$DIG ns delegation-only @10.53.0.5 -p 5300 > dig.out.ns5.test${n} || ret=1 +$DIG $DIGOPTS ns delegation-only @10.53.0.5 > dig.out.ns5.test${n} || ret=1 grep "status: NOERROR" dig.out.ns5.test${n} > /dev/null || ret=1 grep "ANSWER: 1," dig.out.ns5.test${n} > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:check that A query returns data for delegation-only A apex (${n})" +echo_i "check that A query returns data for delegation-only A apex (${n})" ret=0 -$DIG a delegation-only @10.53.0.5 -p 5300 > dig.out.ns5.test${n} || ret=1 +$DIG $DIGOPTS a delegation-only @10.53.0.5 > dig.out.ns5.test${n} || ret=1 grep "status: NOERROR" dig.out.ns5.test${n} > /dev/null || ret=1 grep "ANSWER: 1," dig.out.ns5.test${n} > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:check that CDS query returns data for delegation-only apex (${n})" +echo_i "check that CDS query returns data for delegation-only apex (${n})" ret=0 -$DIG cds delegation-only @10.53.0.5 -p 5300 > dig.out.ns5.test${n} || ret=1 +$DIG $DIGOPTS cds delegation-only @10.53.0.5 > dig.out.ns5.test${n} || ret=1 grep "status: NOERROR" dig.out.ns5.test${n} > /dev/null || ret=1 grep "ANSWER: 1," dig.out.ns5.test${n} > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:check that AAAA query returns data for delegation-only AAAA apex (${n})" +echo_i "check that AAAA query returns data for delegation-only AAAA apex (${n})" ret=0 -$DIG a delegation-only @10.53.0.5 -p 5300 > dig.out.ns5.test${n} || ret=1 +$DIG $DIGOPTS a delegation-only @10.53.0.5 > dig.out.ns5.test${n} || ret=1 grep "status: NOERROR" dig.out.ns5.test${n} > /dev/null || ret=1 grep "ANSWER: 1," dig.out.ns5.test${n} > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:check that DNSKEY query returns data for delegation-only apex (${n})" +echo_i "check that DNSKEY query returns data for delegation-only apex (${n})" ret=0 -$DIG dnskey delegation-only @10.53.0.5 -p 5300 > dig.out.ns5.test${n} || ret=1 +$DIG $DIGOPTS dnskey delegation-only @10.53.0.5 > dig.out.ns5.test${n} || ret=1 grep "status: NOERROR" dig.out.ns5.test${n} > /dev/null || ret=1 grep "ANSWER: 1," dig.out.ns5.test${n} > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:check that CDNSKEY query returns data for delegation-only apex (${n})" +echo_i "check that CDNSKEY query returns data for delegation-only apex (${n})" ret=0 -$DIG cdnskey delegation-only @10.53.0.5 -p 5300 > dig.out.ns5.test${n} || ret=1 +$DIG $DIGOPTS cdnskey delegation-only @10.53.0.5 > dig.out.ns5.test${n} || ret=1 grep "status: NOERROR" dig.out.ns5.test${n} > /dev/null || ret=1 grep "ANSWER: 1," dig.out.ns5.test${n} > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:check that NXDOMAIN is returned for delegation-only non-apex A data (${n})" +echo_i "check that NXDOMAIN is returned for delegation-only non-apex A data (${n})" ret=0 -$DIG a a.delegation-only @10.53.0.5 -p 5300 > dig.out.ns5.test${n} || ret=1 +$DIG $DIGOPTS a a.delegation-only @10.53.0.5 > dig.out.ns5.test${n} || ret=1 grep "status: NXDOMAIN" dig.out.ns5.test${n} > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:check that NXDOMAIN is returned for delegation-only non-apex CDS data (${n})" +echo_i "check that NXDOMAIN is returned for delegation-only non-apex CDS data (${n})" ret=0 -$DIG cds cds.delegation-only @10.53.0.5 -p 5300 > dig.out.ns5.test${n} || ret=1 +$DIG $DIGOPTS cds cds.delegation-only @10.53.0.5 > dig.out.ns5.test${n} || ret=1 grep "status: NXDOMAIN" dig.out.ns5.test${n} > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:check that NXDOMAIN is returned for delegation-only non-apex AAAA data (${n})" +echo_i "check that NXDOMAIN is returned for delegation-only non-apex AAAA data (${n})" ret=0 -$DIG aaaa aaaa.delegation-only @10.53.0.5 -p 5300 > dig.out.ns5.test${n} || ret=1 +$DIG $DIGOPTS aaaa aaaa.delegation-only @10.53.0.5 > dig.out.ns5.test${n} || ret=1 grep "status: NXDOMAIN" dig.out.ns5.test${n} > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:check that NXDOMAIN is returned for delegation-only non-apex CDNSKEY data (${n})" +echo_i "check that NXDOMAIN is returned for delegation-only non-apex CDNSKEY data (${n})" ret=0 -$DIG cdnskey cdnskey.delegation-only @10.53.0.5 -p 5300 > dig.out.ns5.test${n} || ret=1 +$DIG $DIGOPTS cdnskey cdnskey.delegation-only @10.53.0.5 > dig.out.ns5.test${n} || ret=1 grep "status: NXDOMAIN" dig.out.ns5.test${n} > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:check zero ttl not returned for learnt non zero ttl records (${n})" +echo_i "check zero ttl not returned for learnt non zero ttl records (${n})" ret=0 # use prefetch disabled server -$DIG @10.53.0.7 -p 5300 non-zero.example.net txt > dig.out.1.${n} || ret=1 +$DIG $DIGOPTS @10.53.0.7 non-zero.example.net txt > dig.out.1.${n} || ret=1 ttl1=`awk '/"A" "short" "ttl"/ { print $2 - 2 }' dig.out.1.${n}` # sleep so we are in expire range sleep ${ttl1:-0} @@ -714,7 +719,7 @@ zerotonine="0 1 2 3 4 5 6 7 8 9" zerotonine="$zerotonine $zerotonine $zerotonine" for i in $zerotonine $zerotonine $zerotonine $zerotonine do - $DIG @10.53.0.7 -p 5300 non-zero.example.net txt > dig.out.2.${n} || ret=1 + $DIG $DIGOPTS @10.53.0.7 non-zero.example.net txt > dig.out.2.${n} || ret=1 ttl2=`awk '/"A" "short" "ttl"/ { print $2 }' dig.out.2.${n}` test ${ttl2:-1} -eq 0 && break test ${ttl2:-1} -ge ${ttl1:-0} && break @@ -722,53 +727,53 @@ do done test ${ttl2:-1} -eq 0 && ret=1 test ${ttl2:-1} -ge ${ttl1:-0} || break -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:check zero ttl is returned for learnt zero ttl records (${n})" +echo_i "check zero ttl is returned for learnt zero ttl records (${n})" ret=0 -$DIG @10.53.0.7 -p 5300 zero.example.net txt > dig.out.1.${n} || ret=1 +$DIG $DIGOPTS @10.53.0.7 zero.example.net txt > dig.out.1.${n} || ret=1 ttl=`awk '/"A" "zero" "ttl"/ { print $2 }' dig.out.1.${n}` test ${ttl:-1} -eq 0 || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:check that 'ad' in not returned in truncated answer with empty answer and authority sections to request with +ad (${n})" +echo_i "check that 'ad' in not returned in truncated answer with empty answer and authority sections to request with +ad (${n})" ret=0 -$DIG @10.53.0.6 -p 5300 dnskey ds.example.net +bufsize=512 +ad +nodnssec +ignore +norec > dig.out.$n +$DIG $DIGOPTS @10.53.0.6 dnskey ds.example.net +bufsize=512 +ad +nodnssec +ignore +norec > dig.out.$n grep "flags: qr aa tc; QUERY: 1, ANSWER: 0, AUTHORITY: 0" dig.out.$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:check that 'ad' in not returned in truncated answer with empty answer and authority sections to request with +dnssec (${n})" +echo_i "check that 'ad' in not returned in truncated answer with empty answer and authority sections to request with +dnssec (${n})" ret=0 -$DIG @10.53.0.6 -p 5300 dnskey ds.example.net +bufsize=512 +noad +dnssec +ignore +norec > dig.out.$n +$DIG $DIGOPTS @10.53.0.6 dnskey ds.example.net +bufsize=512 +noad +dnssec +ignore +norec > dig.out.$n grep "flags: qr aa tc; QUERY: 1, ANSWER: 0, AUTHORITY: 0" dig.out.$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I: check that the resolver accepts a reply with empty question section with TC=1 and retries over TCP ($n)" +echo_i "check that the resolver accepts a reply with empty question section with TC=1 and retries over TCP ($n)" ret=0 -$DIG @10.53.0.5 -p 5300 truncated.no-questions. a > dig.ns5.out.${n} || ret=1 +$DIG $DIGOPTS @10.53.0.5 truncated.no-questions. a > dig.ns5.out.${n} || ret=1 grep "status: NOERROR" dig.ns5.out.${n} > /dev/null || ret=1 grep "ANSWER: 1," dig.ns5.out.${n} > /dev/null || ret=1 grep "1.2.3.4" dig.ns5.out.${n} > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I: check that the resolver rejects a reply with empty question section with TC=0 ($n)" +echo_i "check that the resolver rejects a reply with empty question section with TC=0 ($n)" ret=0 -$DIG @10.53.0.5 -p 5300 not-truncated.no-questions. a > dig.ns5.out.${n} || ret=1 +$DIG $DIGOPTS @10.53.0.5 not-truncated.no-questions. a > dig.ns5.out.${n} || ret=1 grep "status: NOERROR" dig.ns5.out.${n} > /dev/null && ret=1 grep "ANSWER: 1," dig.ns5.out.${n} > /dev/null && ret=1 grep "1.2.3.4" dig.ns5.out.${n} > /dev/null && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:exit status: $status" +echo_i "exit status: $status" [ $status -eq 0 ] || exit 1 diff --git a/bin/tests/system/rndc/clean.sh b/bin/tests/system/rndc/clean.sh index fb812f75f3..9baf2e74cb 100644 --- a/bin/tests/system/rndc/clean.sh +++ b/bin/tests/system/rndc/clean.sh @@ -14,10 +14,10 @@ rm -f ns2/named.stats rm -f ns2/nil.db ns2/other.db ns2/static.db ns2/*.jnl rm -f ns2/session.key rm -f ns3/named_dump.db -rm -f ns4/*.conf rm -f ns4/*.nta +rm -f ns4/key?.conf rm -f ns6/huge.zone.db -rm -f ns6/named.conf +rm -f ns*/named.conf rm -f nsupdate.out.*.test* rm -f python.out.*.test* rm -f rndc.out.*.test* diff --git a/bin/tests/system/rndc/ns2/named.conf b/bin/tests/system/rndc/ns2/named.conf.in similarity index 84% rename from bin/tests/system/rndc/ns2/named.conf rename to bin/tests/system/rndc/ns2/named.conf.in index 7e865f9065..e36974f84b 100644 --- a/bin/tests/system/rndc/ns2/named.conf +++ b/bin/tests/system/rndc/ns2/named.conf.in @@ -6,12 +6,8 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.4 2011/06/10 01:32:37 each Exp $ */ - -controls { /* empty */ }; - options { - port 5300; + port @PORT@; pid-file "named.pid"; session-keyfile "session.key"; listen-on { 10.53.0.2; }; @@ -30,7 +26,7 @@ key secondkey { }; controls { - inet 10.53.0.2 port 9953 allow { any; } keys { rndc_key; secondkey; }; + inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; secondkey; }; }; diff --git a/bin/tests/system/rndc/ns3/named.conf b/bin/tests/system/rndc/ns3/named.conf.in similarity index 81% rename from bin/tests/system/rndc/ns3/named.conf rename to bin/tests/system/rndc/ns3/named.conf.in index abadb57323..b6e4fc5f7a 100644 --- a/bin/tests/system/rndc/ns3/named.conf +++ b/bin/tests/system/rndc/ns3/named.conf.in @@ -6,12 +6,8 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id$ */ - -controls { /* empty */ }; - options { - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.3; }; listen-on-v6 { none; }; @@ -29,7 +25,7 @@ key secondkey { }; controls { - inet 10.53.0.3 port 9953 allow { any; } keys { rndc_key; secondkey; } read-only no; + inet 10.53.0.3 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; diff --git a/bin/tests/system/rndc/ns4/named.conf.in b/bin/tests/system/rndc/ns4/named.conf.in index 99eefcc3b6..c8151c448c 100644 --- a/bin/tests/system/rndc/ns4/named.conf.in +++ b/bin/tests/system/rndc/ns4/named.conf.in @@ -6,10 +6,8 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -controls { /* empty */ }; - options { - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.4; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/rndc/ns5/named.conf b/bin/tests/system/rndc/ns5/named.conf.in similarity index 82% rename from bin/tests/system/rndc/ns5/named.conf rename to bin/tests/system/rndc/ns5/named.conf.in index 10f7b8aea6..4265e9360b 100644 --- a/bin/tests/system/rndc/ns5/named.conf +++ b/bin/tests/system/rndc/ns5/named.conf.in @@ -6,10 +6,8 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -controls { /* empty */ }; - options { - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.5; }; listen-on-v6 { none; }; @@ -22,7 +20,7 @@ key rndc_key { }; controls { - inet 10.53.0.5 port 9953 allow { any; } keys { rndc_key; } read-only yes; + inet 10.53.0.5 port @CONTROLPORT@ allow { any; } keys { rndc_key; } read-only yes; }; zone "." { diff --git a/bin/tests/system/rndc/ns6/named.conf.in b/bin/tests/system/rndc/ns6/named.conf.in index 5d24c4eda7..da25fc6fa5 100644 --- a/bin/tests/system/rndc/ns6/named.conf.in +++ b/bin/tests/system/rndc/ns6/named.conf.in @@ -6,10 +6,8 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -controls { /* empty */ }; - options { - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.6; }; listen-on-v6 { none; }; @@ -22,5 +20,5 @@ key rndc_key { }; controls { - inet 10.53.0.6 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.6 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; diff --git a/bin/tests/system/rndc/setup.sh b/bin/tests/system/rndc/setup.sh index 2df8564b59..45da888a5b 100644 --- a/bin/tests/system/rndc/setup.sh +++ b/bin/tests/system/rndc/setup.sh @@ -21,19 +21,22 @@ $SHELL ../genzone.sh 2 >ns6/huge.zone.db awk 'END { for (i = 1; i <= 1000000; i++) printf "host%d IN A 10.53.0.6\n", i; }' < /dev/null >> ns6/huge.zone.db -cat ns4/named.conf.in > ns4/named.conf -cat ns6/named.conf.in > ns6/named.conf +copy_setports ns2/named.conf.in ns2/named.conf +copy_setports ns3/named.conf.in ns3/named.conf +copy_setports ns4/named.conf.in ns4/named.conf +copy_setports ns5/named.conf.in ns5/named.conf +copy_setports ns6/named.conf.in ns6/named.conf make_key () { - $RNDCCONFGEN -r $RANDFILE -k key$1 -A $2 -s 10.53.0.4 -p 995${1} \ + $RNDCCONFGEN -r $RANDFILE -k key$1 -A $3 -s 10.53.0.4 -p $2 \ > ns4/key${1}.conf egrep -v '(^# Start|^# End|^# Use|^[^#])' ns4/key$1.conf | cut -c3- | \ sed 's/allow { 10.53.0.4/allow { any/' >> ns4/named.conf } -make_key 1 hmac-md5 -make_key 2 hmac-sha1 -make_key 3 hmac-sha224 -make_key 4 hmac-sha256 -make_key 5 hmac-sha384 -make_key 6 hmac-sha512 +make_key 1 ${EXTRAPORT1} hmac-md5 +make_key 2 ${EXTRAPORT2} hmac-sha1 +make_key 3 ${EXTRAPORT3} hmac-sha224 +make_key 4 ${EXTRAPORT4} hmac-sha256 +make_key 5 ${EXTRAPORT5} hmac-sha384 +make_key 6 ${EXTRAPORT6} hmac-sha512 diff --git a/bin/tests/system/rndc/tests.sh b/bin/tests/system/rndc/tests.sh index 7541fe3f7e..08ca6e6c71 100644 --- a/bin/tests/system/rndc/tests.sh +++ b/bin/tests/system/rndc/tests.sh @@ -6,22 +6,20 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -# $Id: tests.sh,v 1.4.154.1 2012/01/04 20:05:03 smann Exp $ - SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh DIGOPTS="+tcp +noadd +nosea +nostat +noquest +nocomm +nocmd" -DIGCMD="$DIG $DIGOPTS @10.53.0.2 -p 5300" -RNDCCMD="$RNDC -s 10.53.0.2 -p 9953 -c ../common/rndc.conf" +DIGCMD="$DIG $DIGOPTS @10.53.0.2 -p ${PORT}" +RNDCCMD="$RNDC -p ${CONTROLPORT} -c ../common/rndc.conf -s" status=0 n=0 n=`expr $n + 1` -echo "I:preparing ($n)" +echo_i "preparing ($n)" ret=0 -$NSUPDATE -p 5300 -k ns2/session.key > /dev/null 2>&1 < /dev/null 2>&1 < /dev/null 2>&1 || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking journal file is still present ($n)" +echo_i "checking journal file is still present ($n)" ret=0 [ -s ns2/nil.db.jnl ] || { - echo "I: 'test -s ns2/nil.db.jnl' failed when it shouldn't have"; ret=1; + echo_i "'test -s ns2/nil.db.jnl' failed when it shouldn't have"; ret=1; } -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking zone not writable ($n)" +echo_i "checking zone not writable ($n)" ret=0 -$NSUPDATE -p 5300 -k ns2/session.key > /dev/null 2>&1 < /dev/null 2>&1 < dig.out.1.test$n grep 'addition 2' dig.out.1.test$n >/dev/null && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:rndc thaw" -$RNDCCMD thaw | sed 's/^/I:ns2 /' +echo_i "rndc thaw" +$RNDCCMD 10.53.0.2 thaw | sed 's/^/ns2 /' | cat_i n=`expr $n + 1` -echo "I:checking zone now writable ($n)" +echo_i "checking zone now writable ($n)" ret=0 -$NSUPDATE -p 5300 -k ns2/session.key > nsupdate.out.1.test$n 2>&1 < nsupdate.out.1.test$n 2>&1 < dig.out.1.test$n grep 'addition 3' dig.out.1.test$n >/dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:rndc sync" +echo_i "rndc sync" ret=0 -$RNDCCMD sync nil | sed 's/^/I:ns2 /' +$RNDCCMD 10.53.0.2 sync nil | sed 's/^/ns2 /' | cat_i n=`expr $n + 1` -echo "I:checking zone was dumped ($n)" +echo_i "checking zone was dumped ($n)" ret=0 for i in 1 2 3 4 5 6 7 8 9 10 do @@ -108,22 +106,22 @@ do sleep 1 done grep "addition 3" ns2/nil.db > /dev/null 2>&1 || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking journal file is still present ($n)" +echo_i "checking journal file is still present ($n)" ret=0 [ -s ns2/nil.db.jnl ] || { - echo "I: 'test -s ns2/nil.db.jnl' failed when it shouldn't have"; ret=1; + echo_i "'test -s ns2/nil.db.jnl' failed when it shouldn't have"; ret=1; } -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking zone is still writable ($n)" +echo_i "checking zone is still writable ($n)" ret=0 -$NSUPDATE -p 5300 -k ns2/session.key > nsupdate.out.1.test$n 2>&1 < nsupdate.out.1.test$n 2>&1 < dig.out.1.test$n grep 'addition 4' dig.out.1.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:rndc sync -clean" +echo_i "rndc sync -clean" ret=0 -$RNDCCMD sync -clean nil | sed 's/^/I:ns2 /' +$RNDCCMD 10.53.0.2 sync -clean nil | sed 's/^/ns2 /' | cat_i n=`expr $n + 1` -echo "I:checking zone was dumped ($n)" +echo_i "checking zone was dumped ($n)" ret=0 for i in 1 2 3 4 5 6 7 8 9 10 do @@ -148,22 +146,22 @@ do sleep 1 done grep "addition 4" ns2/nil.db > /dev/null 2>&1 || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking journal file is deleted ($n)" +echo_i "checking journal file is deleted ($n)" ret=0 [ -s ns2/nil.db.jnl ] && { - echo "I: 'test -s ns2/nil.db.jnl' failed when it shouldn't have"; ret=1; + echo_i "'test -s ns2/nil.db.jnl' failed when it shouldn't have"; ret=1; } -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking zone is still writable ($n)" +echo_i "checking zone is still writable ($n)" ret=0 -$NSUPDATE -p 5300 -k ns2/session.key > /dev/null 2>&1 < /dev/null 2>&1 < dig.out.1.test$n grep 'addition 4' dig.out.1.test$n >/dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking other journal files not removed ($n)" +echo_i "checking other journal files not removed ($n)" ret=0 [ -s ns2/other.db.jnl ] || { - echo "I: 'test -s ns2/other.db.jnl' failed when it shouldn't have"; ret=1; + echo_i "'test -s ns2/other.db.jnl' failed when it shouldn't have"; ret=1; } -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:cleaning all zones ($n)" -$RNDCCMD sync -clean | sed 's/^/I:ns2 /' +echo_i "cleaning all zones ($n)" +$RNDCCMD 10.53.0.2 sync -clean | sed 's/^/ns2 /' | cat_i n=`expr $n + 1` -echo "I:checking all journals removed ($n)" +echo_i "checking all journals removed ($n)" ret=0 [ -s ns2/nil.db.jnl ] && { - echo "I: 'test -s ns2/nil.db.jnl' succeeded when it shouldn't have"; ret=1; + echo_i "'test -s ns2/nil.db.jnl' succeeded when it shouldn't have"; ret=1; } [ -s ns2/other.db.jnl ] && { - echo "I: 'test -s ns2/other.db.jnl' succeeded when it shouldn't have"; ret=1; + echo_i "'test -s ns2/other.db.jnl' succeeded when it shouldn't have"; ret=1; } -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that freezing static zones is not allowed ($n)" +echo_i "checking that freezing static zones is not allowed ($n)" ret=0 -$RNDCCMD freeze static > rndc.out.1.test$n 2>&1 +$RNDCCMD 10.53.0.2 freeze static > rndc.out.1.test$n 2>&1 grep 'not dynamic' rndc.out.1.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that journal is removed when serial is changed before thaw ($n)" +echo_i "checking that journal is removed when serial is changed before thaw ($n)" ret=0 sleep 1 -$NSUPDATE -p 5300 -k ns2/session.key > nsupdate.out.1.test$n 2>&1 < nsupdate.out.1.test$n 2>&1 <&1 | sed 's/^/I:ns2 /' +$RNDCCMD 10.53.0.2 freeze other 2>&1 | sed 's/^/ns2 /' | cat_i for i in 1 2 3 4 5 6 7 8 9 10 do grep "addition 6" ns2/other.db > /dev/null && break @@ -231,12 +229,12 @@ newserial=`expr $serial + 1` sed s/$serial/$newserial/ ns2/other.db > ns2/other.db.new echo 'frozen TXT "frozen addition"' >> ns2/other.db.new mv -f ns2/other.db.new ns2/other.db -$RNDCCMD thaw 2>&1 | sed 's/^/I:ns2 /' +$RNDCCMD 10.53.0.2 thaw 2>&1 | sed 's/^/ns2 /' | cat_i sleep 1 [ -f ns2/other.db.jnl ] && { - echo "I: 'test -f ns2/other.db.jnl' succeeded when it shouldn't have"; ret=1; + echo_i "'test -f ns2/other.db.jnl' succeeded when it shouldn't have"; ret=1; } -$NSUPDATE -p 5300 -k ns2/session.key > nsupdate.out.2.test$n 2>&1 < nsupdate.out.2.test$n 2>&1 < dig.out.2.test$n grep 'addition 7' dig.out.2.test$n >/dev/null || ret=1 $DIGCMD frozen.other. TXT > dig.out.3.test$n grep 'frozen addition' dig.out.3.test$n >/dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking that journal is kept when ixfr-from-differences is in use ($n)" +echo_i "checking that journal is kept when ixfr-from-differences is in use ($n)" ret=0 -$NSUPDATE -p 5300 -k ns2/session.key > nsupdate.out.1.test$n 2>&1 < nsupdate.out.1.test$n 2>&1 <&1 | sed 's/^/I:ns2 /' +$RNDCCMD 10.53.0.2 freeze nil 2>&1 | sed 's/^/ns2 /' | cat_i for i in 1 2 3 4 5 6 7 8 9 10 do grep "addition 6" ns2/nil.db > /dev/null && break @@ -274,12 +272,12 @@ newserial=`expr $serial + 1` sed s/$serial/$newserial/ ns2/nil.db > ns2/nil.db.new echo 'frozen TXT "frozen addition"' >> ns2/nil.db.new mv -f ns2/nil.db.new ns2/nil.db -$RNDCCMD thaw 2>&1 | sed 's/^/I:ns2 /' +$RNDCCMD 10.53.0.2 thaw 2>&1 | sed 's/^/ns2 /' | cat_i sleep 1 [ -s ns2/nil.db.jnl ] || { - echo "I: 'test -s ns2/nil.db.jnl' failed when it shouldn't have"; ret=1; + echo_i "'test -s ns2/nil.db.jnl' failed when it shouldn't have"; ret=1; } -$NSUPDATE -p 5300 -k ns2/session.key > nsupdate.out.2.test$n 2>&1 < nsupdate.out.2.test$n 2>&1 < dig.out.2.test$n grep 'addition 7' dig.out.2.test$n > /dev/null || ret=1 $DIGCMD frozen.nil. TXT > dig.out.3.test$n grep 'frozen addition' dig.out.3.test$n >/dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` # temp test -echo "I:dumping stats ($n)" -$RNDCCMD stats +echo_i "dumping stats ($n)" +$RNDCCMD 10.53.0.2 stats n=`expr $n + 1` -echo "I: verifying adb records in named.stats ($n)" +echo_i "verifying adb records in named.stats ($n)" grep "ADB stats" ns2/named.stats > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:test using second key ($n)" +echo_i "test using second key ($n)" ret=0 -$RNDC -s 10.53.0.2 -p 9953 -c ns2/secondkey.conf status > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +$RNDC -s 10.53.0.2 -p ${CONTROLPORT} -c ns2/secondkey.conf status > /dev/null || ret=1 +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:test 'rndc dumpdb' on a empty cache ($n)" +echo_i "test 'rndc dumpdb' on a empty cache ($n)" ret=0 -$RNDC -s 10.53.0.3 -p 9953 -c ../common/rndc.conf dumpdb > /dev/null || ret=1 +$RNDCCMD 10.53.0.3 dumpdb > /dev/null || ret=1 for i in 1 2 3 4 5 6 7 8 9 do tmp=0 @@ -322,16 +320,16 @@ do sleep 1 done [ $tmp -eq 1 ] && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:test 'rndc reload' on a zone with include files ($n)" +echo_i "test 'rndc reload' on a zone with include files ($n)" ret=0 grep "incl/IN: skipping load" ns2/named.run > /dev/null && ret=1 loads=`grep "incl/IN: starting load" ns2/named.run | wc -l` [ "$loads" -eq 1 ] || ret=1 -$RNDC -s 10.53.0.2 -p 9953 -c ../common/rndc.conf reload > /dev/null || ret=1 +$RNDCCMD 10.53.0.2 reload > /dev/null || ret=1 for i in 1 2 3 4 5 6 7 8 9 do tmp=0 @@ -341,7 +339,7 @@ do done [ $tmp -eq 1 ] && ret=1 touch ns2/static.db -$RNDC -s 10.53.0.2 -p 9953 -c ../common/rndc.conf reload > /dev/null || ret=1 +$RNDCCMD 10.53.0.2 reload > /dev/null || ret=1 for i in 1 2 3 4 5 6 7 8 9 do tmp=0 @@ -351,128 +349,128 @@ do sleep 1 done [ $tmp -eq 1 ] && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:testing rndc with hmac-md5 ($n)" +echo_i "testing rndc with hmac-md5 ($n)" ret=0 -$RNDC -s 10.53.0.4 -p 9951 -c ns4/key1.conf status > /dev/null 2>&1 || ret=1 +$RNDC -s 10.53.0.4 -p ${EXTRAPORT1} -c ns4/key1.conf status > /dev/null 2>&1 || ret=1 for i in 2 3 4 5 6 do - $RNDC -s 10.53.0.4 -p 9951 -c ns4/key${i}.conf status > /dev/null 2>&1 && ret=1 + $RNDC -s 10.53.0.4 -p ${EXTRAPORT1} -c ns4/key${i}.conf status > /dev/null 2>&1 && ret=1 done -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:testing rndc with hmac-sha1 ($n)" +echo_i "testing rndc with hmac-sha1 ($n)" ret=0 -$RNDC -s 10.53.0.4 -p 9952 -c ns4/key2.conf status > /dev/null 2>&1 || ret=1 +$RNDC -s 10.53.0.4 -p ${EXTRAPORT2} -c ns4/key2.conf status > /dev/null 2>&1 || ret=1 for i in 1 3 4 5 6 do - $RNDC -s 10.53.0.4 -p 9952 -c ns4/key${i}.conf status > /dev/null 2>&1 && ret=1 + $RNDC -s 10.53.0.4 -p ${EXTRAPORT2} -c ns4/key${i}.conf status > /dev/null 2>&1 && ret=1 done -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:testing rndc with hmac-sha224 ($n)" +echo_i "testing rndc with hmac-sha224 ($n)" ret=0 -$RNDC -s 10.53.0.4 -p 9953 -c ns4/key3.conf status > /dev/null 2>&1 || ret=1 +$RNDC -s 10.53.0.4 -p ${EXTRAPORT3} -c ns4/key3.conf status > /dev/null 2>&1 || ret=1 for i in 1 2 4 5 6 do - $RNDC -s 10.53.0.4 -p 9953 -c ns4/key${i}.conf status > /dev/null 2>&1 && ret=1 + $RNDC -s 10.53.0.4 -p ${EXTRAPORT3} -c ns4/key${i}.conf status > /dev/null 2>&1 && ret=1 done -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:testing rndc with hmac-sha256 ($n)" +echo_i "testing rndc with hmac-sha256 ($n)" ret=0 -$RNDC -s 10.53.0.4 -p 9954 -c ns4/key4.conf status > /dev/null 2>&1 || ret=1 +$RNDC -s 10.53.0.4 -p ${EXTRAPORT4} -c ns4/key4.conf status > /dev/null 2>&1 || ret=1 for i in 1 2 3 5 6 do - $RNDC -s 10.53.0.4 -p 9954 -c ns4/key${i}.conf status > /dev/null 2>&1 && ret=1 + $RNDC -s 10.53.0.4 -p ${EXTRAPORT4} -c ns4/key${i}.conf status > /dev/null 2>&1 && ret=1 done -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:testing rndc with hmac-sha384 ($n)" +echo_i "testing rndc with hmac-sha384 ($n)" ret=0 -$RNDC -s 10.53.0.4 -p 9955 -c ns4/key5.conf status > /dev/null 2>&1 || ret=1 +$RNDC -s 10.53.0.4 -p ${EXTRAPORT5} -c ns4/key5.conf status > /dev/null 2>&1 || ret=1 for i in 1 2 3 4 6 do - $RNDC -s 10.53.0.4 -p 9955 -c ns4/key${i}.conf status > /dev/null 2>&1 && ret=1 + $RNDC -s 10.53.0.4 -p ${EXTRAPORT5} -c ns4/key${i}.conf status > /dev/null 2>&1 && ret=1 done -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:testing rndc with hmac-sha512 ($n)" +echo_i "testing rndc with hmac-sha512 ($n)" ret=0 -$RNDC -s 10.53.0.4 -p 9956 -c ns4/key6.conf status > /dev/null 2>&1 || ret=1 +$RNDC -s 10.53.0.4 -p ${EXTRAPORT6} -c ns4/key6.conf status > /dev/null 2>&1 || ret=1 for i in 1 2 3 4 5 do - $RNDC -s 10.53.0.4 -p 9956 -c ns4/key${i}.conf status > /dev/null 2>&1 2>&1 && ret=1 + $RNDC -s 10.53.0.4 -p ${EXTRAPORT6} -c ns4/key${i}.conf status > /dev/null 2>&1 2>&1 && ret=1 done -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:testing automatic zones are reported ($n)" +echo_i "testing automatic zones are reported ($n)" ret=0 -$RNDC -s 10.53.0.4 -p 9956 -c ns4/key6.conf status > rndc.out.1.test$n || ret=1 +$RNDC -s 10.53.0.4 -p ${EXTRAPORT6} -c ns4/key6.conf status > rndc.out.1.test$n || ret=1 grep "number of zones: 198 (196 automatic)" rndc.out.1.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:testing rndc with null command ($n)" +echo_i "testing rndc with null command ($n)" ret=0 -$RNDC -s 10.53.0.4 -p 9956 -c ns4/key6.conf null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +$RNDC -s 10.53.0.4 -p ${EXTRAPORT6} -c ns4/key6.conf null || ret=1 +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:testing rndc with unknown control channel command ($n)" +echo_i "testing rndc with unknown control channel command ($n)" ret=0 -$RNDC -s 10.53.0.4 -p 9956 -c ns4/key6.conf obviouslynotacommand >/dev/null 2>&1 && ret=1 +$RNDC -s 10.53.0.4 -p ${EXTRAPORT6} -c ns4/key6.conf obviouslynotacommand >/dev/null 2>&1 && ret=1 # rndc: 'obviouslynotacommand' failed: unknown command -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:testing rndc with querylog command ($n)" +echo_i "testing rndc with querylog command ($n)" ret=0 # first enable it with querylog on option -$RNDC -s 10.53.0.4 -p 9956 -c ns4/key6.conf querylog on >/dev/null 2>&1 || ret=1 +$RNDC -s 10.53.0.4 -p ${EXTRAPORT6} -c ns4/key6.conf querylog on >/dev/null 2>&1 || ret=1 grep "query logging is now on" ns4/named.run > /dev/null || ret=1 # query for builtin and check if query was logged (without +subnet) -$DIG @10.53.0.4 -p 5300 -c ch -t txt foo12345.bind > /dev/null || ret=1 +$DIG @10.53.0.4 -p ${PORT} -c ch -t txt foo12345.bind > /dev/null || ret=1 grep "query: foo12345.bind CH TXT.*(.*)$" ns4/named.run > /dev/null || ret=1 # query for another builtin zone and check if query was logged (with +subnet=127.0.0.1) -$DIG +subnet=127.0.0.1 @10.53.0.4 -p 5300 -c ch -t txt foo12346.bind > /dev/null || ret=1 +$DIG +subnet=127.0.0.1 @10.53.0.4 -p ${PORT} -c ch -t txt foo12346.bind > /dev/null || ret=1 grep "query: foo12346.bind CH TXT.*\[ECS 127\.0\.0\.1\/32\/0]" ns4/named.run > /dev/null || ret=1 # query for another builtin zone and check if query was logged (with +subnet=127.0.0.1/24) -$DIG +subnet=127.0.0.1/24 @10.53.0.4 -p 5300 -c ch -t txt foo12347.bind > /dev/null || ret=1 +$DIG +subnet=127.0.0.1/24 @10.53.0.4 -p ${PORT} -c ch -t txt foo12347.bind > /dev/null || ret=1 grep "query: foo12347.bind CH TXT.*\[ECS 127\.0\.0\.0\/24\/0]" ns4/named.run > /dev/null || ret=1 # query for another builtin zone and check if query was logged (with +subnet=::1) -$DIG +subnet=::1 @10.53.0.4 -p 5300 -c ch -t txt foo12348.bind > /dev/null || ret=1 +$DIG +subnet=::1 @10.53.0.4 -p ${PORT} -c ch -t txt foo12348.bind > /dev/null || ret=1 grep "query: foo12348.bind CH TXT.*\[ECS \:\:1\/128\/0]" ns4/named.run > /dev/null || ret=1 # toggle query logging and check again -$RNDC -s 10.53.0.4 -p 9956 -c ns4/key6.conf querylog > /dev/null 2>&1 || ret=1 +$RNDC -s 10.53.0.4 -p ${EXTRAPORT6} -c ns4/key6.conf querylog > /dev/null 2>&1 || ret=1 grep "query logging is now off" ns4/named.run > /dev/null || ret=1 # query for another builtin zone and check if query was logged (without +subnet) -$DIG @10.53.0.4 -p 5300 -c ch -t txt foo9876.bind > /dev/null || ret=1 +$DIG @10.53.0.4 -p ${PORT} -c ch -t txt foo9876.bind > /dev/null || ret=1 grep "query: foo9876.bind CH TXT.*(.*)$" ns4/named.run > /dev/null && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -RNDCCMD4="$RNDC -s 10.53.0.4 -p 9956 -c ns4/key6.conf" +RNDCCMD4="$RNDC -s 10.53.0.4 -p ${EXTRAPORT6} -c ns4/key6.conf" n=`expr $n + 1` -echo "I:testing rndc nta time limits ($n)" +echo_i "testing rndc nta time limits ($n)" ret=0 $RNDCCMD4 nta -l 2h nta1.example > rndc.out.1.test$n 2>&1 grep "Negative trust anchor added" rndc.out.1.test$n > /dev/null || ret=1 @@ -482,15 +480,15 @@ $RNDCCMD4 nta -l 1w nta3.example > rndc.out.3.test$n 2>&1 grep "Negative trust anchor added" rndc.out.3.test$n > /dev/null || ret=1 $RNDCCMD4 nta -l 8d nta4.example > rndc.out.4.test$n 2>&1 grep "NTA lifetime cannot exceed one week" rndc.out.4.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` for i in 512 1024 2048 4096 8192 16384 32768 65536 131072 262144 524288 do n=`expr $n + 1` - echo "I:testing rndc buffer size limits (size=${i}) ($n)" + echo_i "testing rndc buffer size limits (size=${i}) ($n)" ret=0 - $RNDC -s 10.53.0.4 -p 9956 -c ns4/key6.conf testgen ${i} 2>&1 > rndc.out.$i.test$n || ret=1 + $RNDC -s 10.53.0.4 -p ${EXTRAPORT6} -c ns4/key6.conf testgen ${i} 2>&1 > rndc.out.$i.test$n || ret=1 actual_size=`$GENCHECK rndc.out.$i.test$n` if [ "$?" = "0" ]; then expected_size=`expr $i + 1` @@ -499,85 +497,85 @@ do ret=1 fi - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` done n=`expr $n + 1` -echo "I:testing rndc -r (show result) ($n)" +echo_i "testing rndc -r (show result) ($n)" ret=0 -$RNDC -s 10.53.0.4 -p 9956 -c ns4/key6.conf -r testgen 0 2>&1 > rndc.out.1.test$n || ret=1 +$RNDC -s 10.53.0.4 -p ${EXTRAPORT6} -c ns4/key6.conf -r testgen 0 2>&1 > rndc.out.1.test$n || ret=1 grep "ISC_R_SUCCESS 0" rndc.out.1.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:testing rndc with a token containing a space ($n)" +echo_i "testing rndc with a token containing a space ($n)" ret=0 -$RNDC -s 10.53.0.4 -p 9956 -c ns4/key6.conf -r flush '"view with a space"' 2>&1 > rndc.out.1.test$n || ret=1 +$RNDC -s 10.53.0.4 -p ${EXTRAPORT6} -c ns4/key6.conf -r flush '"view with a space"' 2>&1 > rndc.out.1.test$n || ret=1 grep "not found" rndc.out.1.test$n > /dev/null && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:test 'rndc reconfig' with a broken config ($n)" +echo_i "test 'rndc reconfig' with a broken config ($n)" ret=0 -$RNDC -s 10.53.0.4 -p 9956 -c ns4/key6.conf reconfig > /dev/null || ret=1 +$RNDC -s 10.53.0.4 -p ${EXTRAPORT6} -c ns4/key6.conf reconfig > /dev/null || ret=1 sleep 1 mv ns4/named.conf ns4/named.conf.save echo "error error error" >> ns4/named.conf -$RNDC -s 10.53.0.4 -p 9956 -c ns4/key6.conf reconfig > rndc.out.1.test$n 2>&1 && ret=1 +$RNDC -s 10.53.0.4 -p ${EXTRAPORT6} -c ns4/key6.conf reconfig > rndc.out.1.test$n 2>&1 && ret=1 grep "rndc: 'reconfig' failed: unexpected token" rndc.out.1.test$n > /dev/null || ret=1 mv ns4/named.conf.save ns4/named.conf sleep 1 -$RNDC -s 10.53.0.4 -p 9956 -c ns4/key6.conf reconfig > /dev/null || ret=1 +$RNDC -s 10.53.0.4 -p ${EXTRAPORT6} -c ns4/key6.conf reconfig > /dev/null || ret=1 sleep 1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:test read-only control channel access ($n)" +echo_i "test read-only control channel access ($n)" ret=0 -$RNDC -s 10.53.0.5 -p 9953 -c ../common/rndc.conf status > rndc.out.1.test$n 2>&1 || ret=1 -$RNDC -s 10.53.0.5 -p 9953 -c ../common/rndc.conf nta -dump > rndc.out.2.test$n 2>&1 || ret=1 -$RNDC -s 10.53.0.5 -p 9953 -c ../common/rndc.conf reconfig > rndc.out.3.test$n 2>&1 && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +$RNDCCMD 10.53.0.5 status > rndc.out.1.test$n 2>&1 || ret=1 +$RNDCCMD 10.53.0.5 nta -dump > rndc.out.2.test$n 2>&1 || ret=1 +$RNDCCMD 10.53.0.5 reconfig > rndc.out.3.test$n 2>&1 && ret=1 +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:test rndc status shows running on ($n)" +echo_i "test rndc status shows running on ($n)" ret=0 -$RNDC -s 10.53.0.5 -p 9953 -c ../common/rndc.conf status > rndc.out.1.test$n 2>&1 || ret=1 +$RNDCCMD 10.53.0.5 status > rndc.out.1.test$n 2>&1 || ret=1 grep "^running on " rndc.out.1.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:test 'rndc reconfig' with loading of a large zone ($n)" +echo_i "test 'rndc reconfig' with loading of a large zone ($n)" ret=0 cur=`awk 'BEGIN {l=0} /^/ {l++} END { print l }' ns6/named.run` cp ns6/named.conf ns6/named.conf.save echo "zone \"huge.zone\" { type master; file \"huge.zone.db\"; };" >> ns6/named.conf -echo " I:reloading config" -$RNDC -s 10.53.0.6 -p 9953 -c ../common/rndc.conf reconfig > rndc.out.1.test$n 2>&1 || ret=1 -if [ $ret != 0 ]; then echo " I:failed"; fi +echo_i "reloading config" +$RNDCCMD 10.53.0.6 reconfig > rndc.out.1.test$n 2>&1 || ret=1 +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` sleep 1 n=`expr $n + 1` -echo " I:check if zone load was scheduled ($n)" +echo_i "check if zone load was scheduled ($n)" grep "scheduled loading new zones" ns6/named.run > /dev/null || ret=1 -if [ $ret != 0 ]; then echo " I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo " I:check if query for the zone returns SERVFAIL ($n)" -$DIG @10.53.0.6 -p 5300 -t soa huge.zone > dig.out.1.test$n +echo_i "check if query for the zone returns SERVFAIL ($n)" +$DIG @10.53.0.6 -p ${PORT} -t soa huge.zone > dig.out.1.test$n grep "SERVFAIL" dig.out.1.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo " I:failed (ignored)"; ret=0; fi +if [ $ret != 0 ]; then echo_i "failed (ignored)"; ret=0; fi status=`expr $status + $ret` n=`expr $n + 1` -echo " I:wait for the zones to be loaded ($n)" +echo_i "wait for the zones to be loaded ($n)" ret=1 try=0 while test $try -lt 100 @@ -589,71 +587,71 @@ do } try=`expr $try + 1` done -if [ $ret != 0 ]; then echo " I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo " I:check if query for the zone returns NOERROR ($n)" -$DIG @10.53.0.6 -p 5300 -t soa huge.zone > dig.out.1.test$n +echo_i "check if query for the zone returns NOERROR ($n)" +$DIG @10.53.0.6 -p ${PORT} -t soa huge.zone > dig.out.1.test$n grep "NOERROR" dig.out.1.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo " I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:verify that the full command is logged ($n)" +echo_i "verify that the full command is logged ($n)" ret=0 -$RNDCCMD null with extra arguments > /dev/null 2>&1 +$RNDCCMD 10.53.0.2 null with extra arguments > /dev/null 2>&1 grep "received control channel command 'null with extra arguments'" ns2/named.run > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` mv ns6/named.conf.save ns6/named.conf sleep 1 -$RNDC -s 10.53.0.6 -p 9953 -c ../common/rndc.conf reconfig > /dev/null || ret=1 +$RNDCCMD 10.53.0.6 reconfig > /dev/null || ret=1 sleep 1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` if [ -x "$PYTHON" ]; then n=`expr $n + 1` - echo "I:test rndc python bindings ($n)" + echo_i "test rndc python bindings ($n)" ret=0 $PYTHON > python.out.1.test$n << EOF import sys sys.path.insert(0, '../../../../bin/python') from isc import * -r = rndc(('10.53.0.5', 9953), 'hmac-sha256', '1234abcd8765') +r = rndc(('10.53.0.5', ${CONTROLPORT}), 'hmac-sha256', '1234abcd8765') result = r.call('status') print(result['text']) EOF grep 'server is up and running' python.out.1.test$n > /dev/null 2>&1 || ret=1 - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` fi n=`expr $n + 1` -echo "I:check 'rndc \"\"' is handled ($n)" +echo_i "check 'rndc \"\"' is handled ($n)" ret=0 -$RNDCCMD "" > rndc.out.1.test$n 2>&1 && ret=1 +$RNDCCMD 10.53.0.2 "" > rndc.out.1.test$n 2>&1 && ret=1 grep "rndc: '' failed: failure" rndc.out.1.test$n > /dev/null -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:check rndc -4 -6 ($n)" +echo_i "check rndc -4 -6 ($n)" ret=0 -$RNDCCMD -4 -6 status > rndc.out.1.test$n 2>&1 && ret=1 +$RNDCCMD 10.53.0.2 -4 -6 status > rndc.out.1.test$n 2>&1 && ret=1 grep "only one of -4 and -6 allowed" rndc.out.1.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:check rndc -4 with an IPv6 server address ($n)" +echo_i "check rndc -4 with an IPv6 server address ($n)" ret=0 -$RNDCCMD -4 -s fd92:7065:b8e:ffff::2 status > rndc.out.1.test$n 2>&1 && ret=1 +$RNDCCMD fd92:7065:b8e:ffff::2 -4 status > rndc.out.1.test$n 2>&1 && ret=1 grep "address family not supported" rndc.out.1.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:exit status: $status" +echo_i "exit status: $status" [ $status -eq 0 ] || exit 1 diff --git a/bin/tests/system/rpz/clean.sh b/bin/tests/system/rpz/clean.sh index c3464b641f..a55ca8cb88 100644 --- a/bin/tests/system/rpz/clean.sh +++ b/bin/tests/system/rpz/clean.sh @@ -14,5 +14,8 @@ rm -f */named.memstats */*.run */named.stats */session.key rm -f */*.log */*.jnl */*core */*.pid rm -f */policy2.db rm -f ns*/named.lock +rm -f ns*/named.conf rm -f dnsrps*.conf +rm -f dnsrpzd.conf rm -f dnsrpzd-license-cur.conf dnsrpzd.rpzf dnsrpzd.sock dnsrpzd.pid +rm -f tmp diff --git a/bin/tests/system/rpz/dnsrpzd.conf b/bin/tests/system/rpz/dnsrpzd.conf.in similarity index 56% rename from bin/tests/system/rpz/dnsrpzd.conf rename to bin/tests/system/rpz/dnsrpzd.conf.in index 8ae5d617c6..a0c92d4440 100644 --- a/bin/tests/system/rpz/dnsrpzd.conf +++ b/bin/tests/system/rpz/dnsrpzd.conf.in @@ -13,8 +13,8 @@ pid-file ../dnsrpzd.pid include ../dnsrpzd-license-cur.conf # configure NOTIFY and zone transfers -port 5301; -listen-on port 5301 { 10.53.0.3; }; +port @EXTRAPORT1@; +listen-on port @EXTRAPORT1@ { 10.53.0.3; }; allow-notify { 10.53.0.0/24; }; zone "bl0" {type master; file "../ns5/bl.db"; }; @@ -38,20 +38,20 @@ zone "bl17" {type master; file "../ns5/bl.db"; }; zone "bl18" {type master; file "../ns5/bl.db"; }; zone "bl19" {type master; file "../ns5/bl.db"; }; -zone "bl" {type slave; masters port 5300 { 10.53.0.3; }; }; -zone "bl-2" {type slave; masters port 5300 { 10.53.0.3; }; }; -zone "bl-given" {type slave; masters port 5300 { 10.53.0.3; }; }; -zone "bl-passthru" {type slave; masters port 5300 { 10.53.0.3; }; }; -zone "bl-no-op" {type slave; masters port 5300 { 10.53.0.3; }; }; -zone "bl-disabled" {type slave; masters port 5300 { 10.53.0.3; }; }; -zone "bl-nodata" {type slave; masters port 5300 { 10.53.0.3; }; }; -zone "bl-nxdomain" {type slave; masters port 5300 { 10.53.0.3; }; }; -zone "bl-cname" {type slave; masters port 5300 { 10.53.0.3; }; }; -zone "bl-wildcname" {type slave; masters port 5300 { 10.53.0.3; }; }; -zone "bl-garden" {type slave; masters port 5300 { 10.53.0.3; }; }; -zone "bl-drop" {type slave; masters port 5300 { 10.53.0.3; }; }; -zone "bl-tcp-only" {type slave; masters port 5300 { 10.53.0.3; }; }; -zone "bl.tld2" {type slave; masters port 5300 { 10.53.0.3; }; }; +zone "bl" {type slave; masters port @PORT@ { 10.53.0.3; }; }; +zone "bl-2" {type slave; masters port @PORT@ { 10.53.0.3; }; }; +zone "bl-given" {type slave; masters port @PORT@ { 10.53.0.3; }; }; +zone "bl-passthru" {type slave; masters port @PORT@ { 10.53.0.3; }; }; +zone "bl-no-op" {type slave; masters port @PORT@ { 10.53.0.3; }; }; +zone "bl-disabled" {type slave; masters port @PORT@ { 10.53.0.3; }; }; +zone "bl-nodata" {type slave; masters port @PORT@ { 10.53.0.3; }; }; +zone "bl-nxdomain" {type slave; masters port @PORT@ { 10.53.0.3; }; }; +zone "bl-cname" {type slave; masters port @PORT@ { 10.53.0.3; }; }; +zone "bl-wildcname" {type slave; masters port @PORT@ { 10.53.0.3; }; }; +zone "bl-garden" {type slave; masters port @PORT@ { 10.53.0.3; }; }; +zone "bl-drop" {type slave; masters port @PORT@ { 10.53.0.3; }; }; +zone "bl-tcp-only" {type slave; masters port @PORT@ { 10.53.0.3; }; }; +zone "bl.tld2" {type slave; masters port @PORT@ { 10.53.0.3; }; }; -zone "policy1" {type slave; masters port 5300 { 10.53.0.6; }; }; -zone "policy2" {type slave; masters port 5300 { 10.53.0.7; }; }; +zone "policy1" {type slave; masters port @PORT@ { 10.53.0.6; }; }; +zone "policy2" {type slave; masters port @PORT@ { 10.53.0.7; }; }; diff --git a/bin/tests/system/rpz/ns1/named.conf b/bin/tests/system/rpz/ns1/named.conf.in similarity index 93% rename from bin/tests/system/rpz/ns1/named.conf rename to bin/tests/system/rpz/ns1/named.conf.in index 98402bddcb..3d2197df11 100644 --- a/bin/tests/system/rpz/ns1/named.conf +++ b/bin/tests/system/rpz/ns1/named.conf.in @@ -6,14 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ - -controls { /* empty */ }; - options { query-source address 10.53.0.1; notify-source 10.53.0.1; transfer-source 10.53.0.1; - port 5300; + port @PORT@; session-keyfile "session.key"; pid-file "named.pid"; listen-on { 10.53.0.1; }; diff --git a/bin/tests/system/rpz/ns2/named.conf b/bin/tests/system/rpz/ns2/named.conf.in similarity index 92% rename from bin/tests/system/rpz/ns2/named.conf rename to bin/tests/system/rpz/ns2/named.conf.in index d30551df4a..a2237bd7ff 100644 --- a/bin/tests/system/rpz/ns2/named.conf +++ b/bin/tests/system/rpz/ns2/named.conf.in @@ -6,14 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ - -controls { /* empty */ }; - options { query-source address 10.53.0.2; notify-source 10.53.0.2; transfer-source 10.53.0.2; - port 5300; + port @PORT@; pid-file "named.pid"; session-keyfile "session.key"; listen-on { 10.53.0.2; }; @@ -27,7 +24,7 @@ key rndc_key { algorithm hmac-sha256; }; controls { - inet 10.53.0.2 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; include "../trusted.conf"; diff --git a/bin/tests/system/rpz/ns3/named.conf b/bin/tests/system/rpz/ns3/named.conf.in similarity index 95% rename from bin/tests/system/rpz/ns3/named.conf rename to bin/tests/system/rpz/ns3/named.conf.in index 866d5feb66..3255f57ccd 100644 --- a/bin/tests/system/rpz/ns3/named.conf +++ b/bin/tests/system/rpz/ns3/named.conf.in @@ -15,7 +15,7 @@ options { query-source address 10.53.0.3; notify-source 10.53.0.3; transfer-source 10.53.0.3; - port 5300; + port @PORT@; pid-file "named.pid"; statistics-file "named.stats"; session-keyfile "session.key"; @@ -48,7 +48,7 @@ options { ; include "../dnsrps.conf"; - also-notify { 10.53.0.3 port 5301; }; + also-notify { 10.53.0.3 port @EXTRAPORT1@; }; notify-delay 0; }; @@ -59,7 +59,7 @@ key rndc_key { algorithm hmac-sha256; }; controls { - inet 10.53.0.3 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.3 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; diff --git a/bin/tests/system/rpz/ns4/named.conf b/bin/tests/system/rpz/ns4/named.conf.in similarity index 95% rename from bin/tests/system/rpz/ns4/named.conf rename to bin/tests/system/rpz/ns4/named.conf.in index 2531483d05..46443d57cd 100644 --- a/bin/tests/system/rpz/ns4/named.conf +++ b/bin/tests/system/rpz/ns4/named.conf.in @@ -6,14 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ - -controls { /* empty */ }; - options { query-source address 10.53.0.4; notify-source 10.53.0.4; transfer-source 10.53.0.4; - port 5300; + port @PORT@; pid-file "named.pid"; session-keyfile "session.key"; listen-on { 10.53.0.4; }; diff --git a/bin/tests/system/rpz/ns5/named.conf b/bin/tests/system/rpz/ns5/named.conf.in similarity index 96% rename from bin/tests/system/rpz/ns5/named.conf rename to bin/tests/system/rpz/ns5/named.conf.in index 22e56cb0ed..33b9c925d1 100644 --- a/bin/tests/system/rpz/ns5/named.conf +++ b/bin/tests/system/rpz/ns5/named.conf.in @@ -15,7 +15,7 @@ options { query-source address 10.53.0.5; notify-source 10.53.0.5; transfer-source 10.53.0.5; - port 5300; + port @PORT@; pid-file "named.pid"; statistics-file "named.stats"; session-keyfile "session.key"; @@ -37,10 +37,9 @@ key rndc_key { algorithm hmac-sha256; }; controls { - inet 10.53.0.5 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.5 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; - include "../trusted.conf"; zone "." {type hint; file "hints"; }; diff --git a/bin/tests/system/rpz/ns6/named.conf b/bin/tests/system/rpz/ns6/named.conf.in similarity index 88% rename from bin/tests/system/rpz/ns6/named.conf rename to bin/tests/system/rpz/ns6/named.conf.in index 064b3cdbae..db9d3ea937 100644 --- a/bin/tests/system/rpz/ns6/named.conf +++ b/bin/tests/system/rpz/ns6/named.conf.in @@ -10,7 +10,7 @@ options { query-source address 10.53.0.6; notify-source 10.53.0.6; transfer-source 10.53.0.6; - port 5300; + port @PORT@; pid-file "named.pid"; statistics-file "named.stats"; session-keyfile "session.key"; @@ -37,7 +37,7 @@ key rndc_key { }; controls { - inet 10.53.0.6 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.6 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; include "../trusted.conf"; @@ -46,7 +46,7 @@ zone "policy1" { type slave; masters { 10.53.0.5; }; file "empty.db"; - also-notify { 10.53.0.3 port 5301; }; + also-notify { 10.53.0.3 port @EXTRAPORT1@; }; notify-delay 0; allow-transfer { any; }; }; diff --git a/bin/tests/system/rpz/ns7/named.conf b/bin/tests/system/rpz/ns7/named.conf.in similarity index 88% rename from bin/tests/system/rpz/ns7/named.conf rename to bin/tests/system/rpz/ns7/named.conf.in index 740d9a8bdd..e25ec3dc45 100644 --- a/bin/tests/system/rpz/ns7/named.conf +++ b/bin/tests/system/rpz/ns7/named.conf.in @@ -10,7 +10,7 @@ options { query-source address 10.53.0.7; notify-source 10.53.0.7; transfer-source 10.53.0.7; - port 5300; + port @PORT@; pid-file "named.pid"; statistics-file "named.stats"; session-keyfile "session.key"; @@ -36,7 +36,7 @@ key rndc_key { }; controls { - inet 10.53.0.7 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.7 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; include "../trusted.conf"; @@ -45,7 +45,7 @@ zone "policy2" { type slave; masters { 10.53.0.5; }; file "policy2.db"; - also-notify { 10.53.0.3 port 5301; }; + also-notify { 10.53.0.3 port @EXTRAPORT1@; }; notify-delay 0; allow-transfer { any; }; request-ixfr no; // force axfr on rndc reload diff --git a/bin/tests/system/rpz/setup.sh b/bin/tests/system/rpz/setup.sh index ddf9ac808c..f264e05024 100644 --- a/bin/tests/system/rpz/setup.sh +++ b/bin/tests/system/rpz/setup.sh @@ -33,6 +33,16 @@ fi [ ${NOCLEAN:-unset} = unset ] && $SHELL clean.sh $DEBUG +copy_setports ns1/named.conf.in ns1/named.conf +copy_setports ns2/named.conf.in ns2/named.conf +copy_setports ns3/named.conf.in ns3/named.conf +copy_setports ns4/named.conf.in ns4/named.conf +copy_setports ns5/named.conf.in ns5/named.conf +copy_setports ns6/named.conf.in ns6/named.conf +copy_setports ns7/named.conf.in ns7/named.conf + +copy_setports dnsrpzd.conf.in dnsrpzd.conf + # decide whether to test DNSRPS # Note that dnsrps.conf and dnsrps-slave.conf are included in named.conf # and differ from dnsrpz.conf which is used by dnsrpzd. diff --git a/bin/tests/system/rpz/test1 b/bin/tests/system/rpz/test1 index 0fb9cdf1c4..5f3d91165d 100644 --- a/bin/tests/system/rpz/test1 +++ b/bin/tests/system/rpz/test1 @@ -11,7 +11,7 @@ ; Separate update requests for distinct TLDs with blank lines or 'send' ; End the file with a blank line or 'send' -server 10.53.0.3 5300 +server 10.53.0.3 @PORT@ ; QNAME tests diff --git a/bin/tests/system/rpz/test2 b/bin/tests/system/rpz/test2 index 83ffa77649..56fcdf263f 100644 --- a/bin/tests/system/rpz/test2 +++ b/bin/tests/system/rpz/test2 @@ -14,7 +14,7 @@ ; IP tests -server 10.53.0.3 5300 +server 10.53.0.3 @PORT@ ; NODATA a3-1.tld2 ; 1 diff --git a/bin/tests/system/rpz/test3 b/bin/tests/system/rpz/test3 index f9035c0c33..f1ca8e20a0 100644 --- a/bin/tests/system/rpz/test3 +++ b/bin/tests/system/rpz/test3 @@ -13,7 +13,7 @@ ; NSDNAME tests -server 10.53.0.3 5300 +server 10.53.0.3 @PORT@ ; 3, 4, 5 ; NXDOMAIN for *.sub1.tld2 by NSDNAME diff --git a/bin/tests/system/rpz/test4 b/bin/tests/system/rpz/test4 index de04403f68..bdf3d06d0c 100644 --- a/bin/tests/system/rpz/test4 +++ b/bin/tests/system/rpz/test4 @@ -13,7 +13,7 @@ ; NSIP tests -server 10.53.0.3 5300 +server 10.53.0.3 @PORT@ ; NXDOMAIN for all of tld2 based on its server IP address update add 32.2.0.53.10.rpz-nsip.bl. 300 CNAME . diff --git a/bin/tests/system/rpz/test4a b/bin/tests/system/rpz/test4a index a41e127e0b..afb26e2878 100644 --- a/bin/tests/system/rpz/test4a +++ b/bin/tests/system/rpz/test4a @@ -13,7 +13,7 @@ ; walled-garden NSIP tests -server 10.53.0.3 5300 +server 10.53.0.3 @PORT@ ; rewrite all of tld2 based on its server IP address update add 32.2.0.53.10.rpz-nsip.bl. 300 A 41.41.41.41 diff --git a/bin/tests/system/rpz/test5 b/bin/tests/system/rpz/test5 index 0c0adc5358..97d185da55 100644 --- a/bin/tests/system/rpz/test5 +++ b/bin/tests/system/rpz/test5 @@ -13,7 +13,7 @@ ; the policies or replacements specified in ns3/named.conf override these -server 10.53.0.3 5300 +server 10.53.0.3 @PORT@ ; 1 update add a3-1.tld2.bl-given. 300 A 127.0.0.1 diff --git a/bin/tests/system/rpz/test6 b/bin/tests/system/rpz/test6 index 79c549d1ed..46c6bd9105 100644 --- a/bin/tests/system/rpz/test6 +++ b/bin/tests/system/rpz/test6 @@ -11,7 +11,7 @@ ; Separate update requests for distinct TLDs with blank lines or 'send' ; End the file with a blank line or 'send' -server 10.53.0.3 5300 +server 10.53.0.3 @PORT@ ; Poke the radix tree a little. update add 128.1111.2222.3333.4444.5555.6666.7777.8888.rpz-ip.bl. 300 CNAME . diff --git a/bin/tests/system/rpz/tests.sh b/bin/tests/system/rpz/tests.sh index 512ecdbf2e..43d8532158 100644 --- a/bin/tests/system/rpz/tests.sh +++ b/bin/tests/system/rpz/tests.sh @@ -54,12 +54,12 @@ TS='%H:%M:%S ' TS= comment () { if test -n "$TS"; then - date "+I:${TS}$*" + date "+${TS}$*" | cat_i fi } DNSRPSCMD=./dnsrps -RNDCCMD="$RNDC -c $SYSTEMTESTTOP/common/rndc.conf -p 9953 -s" +RNDCCMD="$RNDC -c $SYSTEMTESTTOP/common/rndc.conf -p ${CONTROLPORT} -s" if test -x $DNSRPSCMD; then # speed up the many delays for dnsrpzd by waiting only 0.1 seconds @@ -77,11 +77,11 @@ digcmd () { # Default to +noauth and @$ns3 # Also default to -bX where X is the @value so that OS X will choose # the right IP source address. - digcmd_args=`echo "+nocookie +noadd +time=2 +tries=1 -p 5300 $*" | \ + digcmd_args=`echo "+nocookie +noadd +time=2 +tries=1 -p ${PORT} $*" | \ sed -e "/@/!s/.*/& @$ns3/" \ -e '/-b/!s/@\([^ ]*\)/@\1 -b\1/' \ -e '/+n?o?auth/!s/.*/+noauth &/'` - #echo I:dig $digcmd_args 1>&2 + #echo_i "dig $digcmd_args 1>&2 $DIG $digcmd_args } @@ -101,16 +101,16 @@ make_dignm () { setret () { ret=1 status=`expr $status + 1` - echo "$*" + echo_i "$*" } # set $SN to the SOA serial number of a zone # $1=domain $2=DNS server and client IP address get_sn() { - SOA=`$DIG -p 5300 +short +norecurse soa "$1" "@$2" "-b$2"` + SOA=`$DIG -p ${PORT} +short +norecurse soa "$1" "@$2" "-b$2"` SN=`expr "$SOA" : '[^ ]* [^ ]* \([^ ]*\) .*'` test "$SN" != "" && return - echo "I:no serial number from \`dig -p 5300 soa $1 @$2\` in \"$SOA\"" + echo_i "no serial number from \`dig -p ${PORT} soa $1 @$2\` in \"$SOA\"" exit 1 } @@ -118,7 +118,7 @@ get_sn_fast () { RSN=`$DNSRPSCMD -n "$1"` #echo "dnsrps serial for $1 is $RSN" if test -z "$RSN"; then - echo "I:dnsrps failed to get SOA serial number for $1" + echo_i "dnsrps failed to get SOA serial number for $1" exit 1 fi } @@ -140,7 +140,7 @@ dnsrps_loaded() { fi n=`expr $n + 1` if test "$n" -gt $TEN_SECS; then - echo "I:dnsrps serial for $Z is $RSN instead of $SN" + echo_i "dnsrps serial for $Z is $RSN instead of $SN" exit 1 fi $WAIT_CMD @@ -163,7 +163,7 @@ ck_soa() { fi n=`expr $n + 1` if test "$n" -gt $TEN_SECS; then - echo "I:got serial number \"$SN\" instead of \"$1\" from $2 @$3" + echo_i "got serial number \"$SN\" instead of \"$1\" from $2 @$3" return fi $WAIT_CMD @@ -173,13 +173,15 @@ ck_soa() { # (re)load the reponse policy zones with the rules in the file $TEST_FILE load_db () { if test -n "$TEST_FILE"; then - if $NSUPDATE -v $TEST_FILE; then : + copy_setports $TEST_FILE tmp + if $NSUPDATE -v tmp; then : $RNDCCMD $ns3 sync else - echo "I:failed to update policy zone with $TEST_FILE" + echo_i "failed to update policy zone with $TEST_FILE" $RNDCCMD $ns3 sync exit 1 fi + rm -f tmp fi } @@ -192,7 +194,7 @@ restart () { sleep 1 PID=`cat ns$1/named.pid 2>/dev/null` if test -n "$PID"; then - echo "I:killing ns$1 server $PID" + echo_i "killing ns$1 server $PID" $KILL -9 $PID fi fi @@ -203,7 +205,7 @@ restart () { cp -f ns$1/base.db $NM done fi - $PERL $SYSTEMTESTTOP/start.pl --noclean --restart . ns$1 + $PERL $SYSTEMTESTTOP/start.pl --noclean --restart --port ${PORT} . ns$1 load_db dnsrps_loaded } @@ -234,7 +236,7 @@ ckstats () { eval "OLD_CNT=0\$${NSDIR}_CNT" GOT=`expr $NEW_CNT - $OLD_CNT` if test "$GOT" -ne "$EXPECTED"; then - setret "I:wrong $LABEL $NSDIR statistics of $GOT instead of $EXPECTED" + setret "wrong $LABEL $NSDIR statistics of $GOT instead of $EXPECTED" fi eval "${NSDIR}_CNT=$NEW_CNT" } @@ -251,7 +253,7 @@ ckstatsrange () { eval "OLD_CNT=0\$${NSDIR}_CNT" GOT=`expr $NEW_CNT - $OLD_CNT` if test "$GOT" -lt "$MIN" -o "$GOT" -gt "$MAX"; then - setret "I:wrong $LABEL $NSDIR statistics of $GOT instead of ${MIN}..${MAX}" + setret "wrong $LABEL $NSDIR statistics of $GOT instead of ${MIN}..${MAX}" fi eval "${NSDIR}_CNT=$NEW_CNT" } @@ -260,7 +262,7 @@ ckstatsrange () { start_group () { ret=0 t=`expr $t + 1` - test -n "$1" && date "+I:${TS}checking $1 (${t})" + test -n "$1" && date "+${TS}checking $1 (${t})" | cat_i TEST_FILE=$2 if test -n "$TEST_FILE"; then GROUP_NM="-$TEST_FILE" @@ -275,10 +277,12 @@ start_group () { end_group () { if test -n "$TEST_FILE"; then # remove the previous set of test rules - sed -e 's/[ ]add[ ]/ delete /' $TEST_FILE | $NSUPDATE + copy_setports $TEST_FILE tmp + sed -e 's/[ ]add[ ]/ delete /' tmp | $NSUPDATE + rm -f tmp TEST_FILE= fi - ckalive $ns3 "I:failed; ns3 server crashed and restarted" + ckalive $ns3 "failed; ns3 server crashed and restarted" dnsrps_loaded GROUP_NM= } @@ -291,23 +295,23 @@ clean_result () { # $1=dig args $2=other dig output file ckresult () { - #ckalive "$1" "I:server crashed by 'dig $1'" || return 1 + #ckalive "$1" "server crashed by 'dig $1'" || return 1 if grep "flags:.* aa .*ad;" $DIGNM; then - setret "I:'dig $1' AA and AD set;" + setret "'dig $1' AA and AD set;" elif grep "flags:.* aa .*ad;" $DIGNM; then - setret "I:'dig $1' AD set;" + setret "'dig $1' AD set;" fi if $PERL $SYSTEMTESTTOP/digcomp.pl $DIGNM $2 >/dev/null; then NEED_TCP=`echo "$1" | sed -n -e 's/[Tt][Cc][Pp].*/TCP/p'` RESULT_TCP=`sed -n -e 's/.*Truncated, retrying in TCP.*/TCP/p' $DIGNM` if test "$NEED_TCP" != "$RESULT_TCP"; then - setret "I:'dig $1' wrong; no or unexpected truncation in $DIGNM" + setret "'dig $1' wrong; no or unexpected truncation in $DIGNM" return 1 fi clean_result ${DIGNM}* return 0 fi - setret "I:'dig $1' wrong; diff $DIGNM $2" + setret "'dig $1' wrong; diff $DIGNM $2" return 1 } @@ -315,7 +319,7 @@ ckresult () { # $1=target domain $2=optional query type nocrash () { digcmd $* >/dev/null - ckalive "$*" "I:server crashed by 'dig $*'" + ckalive "$*" "server crashed by 'dig $*'" } @@ -346,15 +350,15 @@ addr () { ADDR=$1 make_dignm digcmd $2 >$DIGNM - #ckalive "$2" "I:server crashed by 'dig $2'" || return 1 + #ckalive "$2" "server crashed by 'dig $2'" || return 1 ADDR_ESC=`echo "$ADDR" | sed -e 's/\./\\\\./g'` ADDR_TTL=`sed -n -e "s/^[-.a-z0-9]\{1,\}[ ]*\([0-9]*\) IN AA* ${ADDR_ESC}\$/\1/p" $DIGNM` if test -z "$ADDR_TTL"; then - setret "I:'dig $2' wrong; no address $ADDR record in $DIGNM" + setret "'dig $2' wrong; no address $ADDR record in $DIGNM" return 1 fi if test -n "$3" && test "$ADDR_TTL" -ne "$3"; then - setret "I:'dig $2' wrong; TTL=$ADDR_TTL instead of $3 in $DIGNM" + setret "'dig $2' wrong; TTL=$ADDR_TTL instead of $3 in $DIGNM" return 1 fi clean_result ${DIGNM}* @@ -388,12 +392,12 @@ drop () { clean_result ${DIGNM}* return 0 fi - setret "I:'dig $1' wrong; response in $DIGNM" + setret "'dig $1' wrong; response in $DIGNM" return 1 } nsd() { - $NSUPDATE -p 5300 << EOF + $NSUPDATE -p ${PORT} << EOF server $1 ttl 300 update $2 $3 IN CNAME . @@ -421,25 +425,25 @@ do case ${mode} in native) if [ ${DNSRPS_TEST_MODE:-unset} = unset -a -e dnsrps-only ] ; then - echo "I:'dnsrps-only' found: skipping native RPZ sub-test" + echo_i "'dnsrps-only' found: skipping native RPZ sub-test" continue fi ;; dnsrps) if [ ${DNSRPS_TEST_MODE:-unset} = unset -a -e dnsrps-off ] ; then - echo "I:'dnsrps-off' found: skipping DNSRPS sub-test" + echo_i "'dnsrps-off' found: skipping DNSRPS sub-test" continue fi if grep '^#skip' dnsrps.conf > /dev/null ; then - echo "I:DNSRPS sub-test skipped" + echo_i "DNSRPS sub-test skipped" continue fi $PERL $SYSTEMTESTTOP/stop.pl . $SHELL ./setup.sh -N -D $DEBUG - $PERL $SYSTEMTESTTOP/start.pl --noclean --restart . + $PERL $SYSTEMTESTTOP/start.pl --noclean --restart --port ${PORT} . ;; esac - sed -n 's/^## /I:/p' dnsrps.conf + sed -n 's/^## //p' dnsrps.conf | cat_i start_group "QNAME rewrites" test1 nochange . # 1 do not crash or rewrite root @@ -530,12 +534,12 @@ EOF addr 127.0.0.17 "a4-4.tld2 -b $ns1" # 17 client-IP address trigger nxdomain a7-1.tld2 # 18 slave policy zone (RT34450) cp ns2/blv2.tld2.db.in ns2/bl.tld2.db - $RNDCCMD $ns2 reload bl.tld2 + $RNDCCMD $ns2 reload bl.tld2 | sed 's/^/ns2 /' | cat_i ck_soa 2 bl.tld2 $ns3 nochange a7-1.tld2 # 19 PASSTHRU sleep 1 # ensure that a clock tick has occured so that named will do the reload cp ns2/blv3.tld2.db.in ns2/bl.tld2.db - $RNDCCMD $ns2 reload bl.tld2 + $RNDCCMD $ns2 reload bl.tld2 | sed 's/^/ns2 /' | cat_i ck_soa 3 bl.tld2 $ns3 nxdomain a7-1.tld2 # 20 slave policy zone (RT34450) end_group @@ -658,21 +662,21 @@ EOF QPERF=`sh qperf.sh` if test -n "$QPERF"; then perf () { - date "+I:${TS}checking performance $1" + date "+${TS}checking performance $1" | cat_i # Dry run to prime everything comment "before dry run $1" $RNDCCMD $ns5 notrace - $QPERF -c -1 -l30 -d ns5/requests -s $ns5 -p 5300 >/dev/null + $QPERF -c -1 -l30 -d ns5/requests -s $ns5 -p ${PORT} >/dev/null comment "before real test $1" PFILE="ns5/$2.perf" - $QPERF -c -1 -l30 -d ns5/requests -s $ns5 -p 5300 >$PFILE + $QPERF -c -1 -l30 -d ns5/requests -s $ns5 -p ${PORT} >$PFILE comment "after test $1" X=`sed -n -e 's/.*Returned *\([^ ]*:\) *\([0-9]*\) .*/\1\2/p' $PFILE \ | tr '\n' ' '` if test "$X" != "$3"; then - setret "I:wrong results '$X' in $PFILE" + setret "wrong results '$X' in $PFILE" fi - ckalive $ns5 "I:failed; server #5 crashed" + ckalive $ns5 "failed; server #5 crashed" } trim () { sed -n -e 's/.*Queries per second: *\([0-9]*\).*/\1/p' ns5/$1.perf @@ -688,25 +692,25 @@ EOF NORPZ=`trim norpz` PERCENT=`expr \( "$RPZ" \* 100 + \( $NORPZ / 2 \) \) / $NORPZ` - echo "I:$RPZ qps with RPZ is $PERCENT% of $NORPZ qps without RPZ" + echo_i "$RPZ qps with RPZ is $PERCENT% of $NORPZ qps without RPZ" MIN_PERCENT=30 if test "$PERCENT" -lt $MIN_PERCENT; then - echo "I:$RPZ qps with rpz or $PERCENT% is below $MIN_PERCENT% of $NORPZ qps" + echo_i "$RPZ qps with rpz or $PERCENT% is below $MIN_PERCENT% of $NORPZ qps" fi if test "$PERCENT" -ge 100; then - echo "I:$RPZ qps with RPZ or $PERCENT% of $NORPZ qps without RPZ is too high" + echo_i "$RPZ qps with RPZ or $PERCENT% of $NORPZ qps without RPZ is too high" fi ckstats $ns5 performance ns5 200 else - echo "I:performance not checked; queryperf not available" + echo_i "performance not checked; queryperf not available" fi if [ "$DNSRPS_TEST_MODE" = dnsrps ]; then - echo "I:checking that dnsrpzd is automatically restarted" + echo_i "checking that dnsrpzd is automatically restarted" OLD_PID=`cat dnsrpzd.pid` $KILL "$OLD_PID" n=0 @@ -716,10 +720,10 @@ EOF #echo "OLD_PID=$OLD_PID NEW_PID=$NEW_PID" break; fi - $DIG -p 5300 +short +norecurse a0-1.tld2 @$ns3 >/dev/null + $DIG -p ${PORT} +short +norecurse a0-1.tld2 @$ns3 >/dev/null n=`expr $n + 1` if test "$n" -gt $TEN_SECS; then - setret "I:dnsrpzd did not restart" + setret "dnsrpzd did not restart" break fi $WAIT_CMD @@ -731,24 +735,25 @@ EOF $PERL $SYSTEMTESTTOP/stop.pl . ns3 restart 3 HAVE_CORE=`find ns* -name '*core*' -print` - test -z "$HAVE_CORE" || setret "I:found $HAVE_CORE; memory leak?" + test -z "$HAVE_CORE" || setret "found $HAVE_CORE; memory leak?" fi # look for complaints from lib/dns/rpz.c and bin/name/query.c EMSGS=`egrep -l 'invalid rpz|rpz.*failed' ns*/named.run` if test -n "$EMSGS"; then - setret "I:error messages in $EMSGS starting with:" - egrep 'invalid rpz|rpz.*failed' ns*/named.run | sed -e '10,$d' -e 's/^/I: /' + setret "error messages in $EMSGS starting with:" + egrep 'invalid rpz|rpz.*failed' ns*/named.run | \ + sed -e '10,$d' -e 's/^//' | cat_i fi t=`expr $t + 1` - echo "I:checking that ttl values are not zeroed when qtype is '*' (${t})" - $DIG +noall +answer -p 5300 @$ns3 any a3-2.tld2 > dig.out.$t + echo_i "checking that ttl values are not zeroed when qtype is '*' (${t})" + $DIG +noall +answer -p ${PORT} @$ns3 any a3-2.tld2 > dig.out.$t ttl=`awk '/a3-2 tld2 text/ {print $2}' dig.out.$t` - if test ${ttl:=0} -eq 0; then setret I:failed; fi + if test ${ttl:=0} -eq 0; then setret "failed"; fi t=`expr $t + 1` - echo "I:checking rpz updates/transfers with parent nodes added after children" \ + echo_i "checking rpz updates/transfers with parent nodes added after children" \ | tr -d '\n' # regression test for RT #36272: the success condition # is the slave server not crashing. @@ -767,32 +772,32 @@ EOF echo " (${t})" t=`expr $t + 1` - echo "I:checking that going from an empty policy zone works (${t})" + echo_i "checking that going from an empty policy zone works (${t})" nsd $ns5 add '*.x.servfail.policy2.' x.servfail.policy2. sleep 1 - $RNDCCMD $ns7 reload policy2 - $DIG z.x.servfail -p 5300 @$ns7 > dig.out.${t} - grep NXDOMAIN dig.out.${t} > /dev/null || setret I:failed + $RNDCCMD $ns7 reload policy2 | sed 's/^/ns7 /' | cat_i + $DIG z.x.servfail -p ${PORT} @$ns7 > dig.out.${t} + grep NXDOMAIN dig.out.${t} > /dev/null || setret "failed" # dnsrps does not allow NS RRs in policy zones, so this check # with dnsrps results in no rewriting. if [ "$DNSRPS_TEST_MODE" = native ]; then t=`expr $t + 1` - echo "I:checking rpz with delegation fails correctly (${t})" - $DIG -p 5300 @$ns3 ns example.com > dig.out.$t - grep "status: SERVFAIL" dig.out.$t > /dev/null || setret "I:failed" + echo_i "checking rpz with delegation fails correctly (${t})" + $DIG -p ${PORT} @$ns3 ns example.com > dig.out.$t + grep "status: SERVFAIL" dig.out.$t > /dev/null || setret "failed" fi [ $status -ne 0 ] && pf=fail || pf=pass case $DNSRPS_TEST_MODE in native) native=$status - echo "I:status (native RPZ sub-test): $status ($pf)";; + echo_i "status (native RPZ sub-test): $status ($pf)";; dnsrps) dnsrps=$status - echo "I:status (DNSRPS sub-test): $status ($pf)";; - *) echo "I:invalid test mode";; + echo_i "status (DNSRPS sub-test): $status ($pf)";; + *) echo_i "invalid test mode";; esac done status=`expr ${native:-0} + ${dnsrps:-0}` diff --git a/bin/tests/system/rpzrecurse/ans5/ans.pl.in b/bin/tests/system/rpzrecurse/ans5/ans.pl similarity index 92% rename from bin/tests/system/rpzrecurse/ans5/ans.pl.in rename to bin/tests/system/rpzrecurse/ans5/ans.pl index 1e04f88c04..60cf084089 100644 --- a/bin/tests/system/rpzrecurse/ans5/ans.pl.in +++ b/bin/tests/system/rpzrecurse/ans5/ans.pl @@ -11,8 +11,11 @@ use IO::Socket; use Net::DNS; use Net::DNS::Packet; +my $localport = int($ENV{'PORT'}); +if (!$localport) { $localport = 5300; } + my $sock = IO::Socket::INET->new(LocalAddr => "10.53.0.5", - LocalPort => @PORT@, Proto => "udp") or die "$!"; + LocalPort => $localport, Proto => "udp") or die "$!"; my $pidf = new IO::File "ans.pid", "w" or die "cannot open pid file: $!"; print $pidf "$$\n" or die "cannot write pid file: $!"; diff --git a/bin/tests/system/rpzrecurse/clean.sh b/bin/tests/system/rpzrecurse/clean.sh index b1a3b65360..a2e73be34d 100644 --- a/bin/tests/system/rpzrecurse/clean.sh +++ b/bin/tests/system/rpzrecurse/clean.sh @@ -21,7 +21,5 @@ rm -f ns2/named.conf.header rm -f ns3/named2.conf -rm -f ans4/ans.pl - rm -f dnsrps*.conf dnsrpzd* rm -f ns*/session.key diff --git a/bin/tests/system/rpzrecurse/setup.sh b/bin/tests/system/rpzrecurse/setup.sh index b4063a1408..c37b07693d 100644 --- a/bin/tests/system/rpzrecurse/setup.sh +++ b/bin/tests/system/rpzrecurse/setup.sh @@ -44,8 +44,6 @@ copy_setports ns3/named2.conf.in ns3/named2.conf copy_setports ns4/named.conf.in ns4/named.conf -copy_setports ans5/ans.pl.in ans5/ans.pl - # decide whether to test DNSRPS $SHELL ../rpz/ckdnsrps.sh $TEST_DNSRPS $DEBUG test -z "`grep 'dnsrps-enable yes' dnsrps.conf`" && TEST_DNSRPS= diff --git a/bin/tests/system/rrchecker/tests.sh b/bin/tests/system/rrchecker/tests.sh index 0e25dd5b91..8ae0406539 100644 --- a/bin/tests/system/rrchecker/tests.sh +++ b/bin/tests/system/rrchecker/tests.sh @@ -13,19 +13,19 @@ status=0 n=0 n=`expr $n + 1` -echo "I:class list ($n)" +echo_i "class list ($n)" $RRCHECKER -C > classlist.out -$DIFF classlist.out classlist.good || { echo "I:failed"; status=`expr $status + 1`; } +$DIFF classlist.out classlist.good || { echo_i "failed"; status=`expr $status + 1`; } n=`expr $n + 1` -echo "I:type list ($n)" +echo_i "type list ($n)" $RRCHECKER -T > typelist.out -$DIFF typelist.out typelist.good || { echo "I:failed"; status=`expr $status + 1`; } +$DIFF typelist.out typelist.good || { echo_i "failed"; status=`expr $status + 1`; } n=`expr $n + 1` -echo "I:private type list ($n)" +echo_i "private type list ($n)" $RRCHECKER -P > privatelist.out -$DIFF privatelist.out privatelist.good || { echo "I:failed"; status=`expr $status + 1`; } +$DIFF privatelist.out privatelist.good || { echo_i "failed"; status=`expr $status + 1`; } myecho() { cat << EOF @@ -34,7 +34,7 @@ EOF } n=`expr $n + 1` -echo "I:check conversions to canonical format ($n)" +echo_i "check conversions to canonical format ($n)" ret=0 $SHELL ../genzone.sh 0 > tempzone $CHECKZONE -Dq . tempzone | sed '/^;/d' > checkzone.out$n @@ -42,38 +42,38 @@ while read -r name tt cl ty rest do myecho "$cl $ty $rest" | $RRCHECKER -p > checker.out || { ret=1 - echo "I: '$cl $ty $rest' not handled." + echo_i "'$cl $ty $rest' not handled." } read -r cl0 ty0 rest0 < checker.out test "$cl $ty $rest" = "$cl0 $ty0 $rest0" || { ret=1 - echo "I: '$cl $ty $rest' != '$cl0 $ty0 $rest0'" + echo_i "'$cl $ty $rest' != '$cl0 $ty0 $rest0'" } done < checkzone.out$n -test $ret -eq 0 || { echo "I:failed"; status=`expr $status + 1`; } +test $ret -eq 0 || { echo_i "failed"; status=`expr $status + 1`; } n=`expr $n + 1` -echo "I:check conversions to and from unknown record format ($n)" +echo_i "check conversions to and from unknown record format ($n)" ret=0 $CHECKZONE -Dq . tempzone | sed '/^;/d' > checkzone.out$n while read -r name tt cl ty rest do myecho "$cl $ty $rest" | $RRCHECKER -u > checker.out || { ret=1 - echo "I: '$cl $ty $rest' not converted to unknown record format" + echo_i "'$cl $ty $rest' not converted to unknown record format" } read -r clu tyu restu < checker.out myecho "$clu $tyu $restu" | $RRCHECKER -p > checker.out || { ret=1 - echo "I: '$cl $ty $rest' not converted back to canonical format" + echo_i "'$cl $ty $rest' not converted back to canonical format" } read -r cl0 ty0 rest0 < checker.out test "$cl $ty $rest" = "$cl0 $ty0 $rest0" || { ret=1 - echo "I: '$cl $ty $rest' != '$cl0 $ty0 $rest0'" + echo_i "'$cl $ty $rest' != '$cl0 $ty0 $rest0'" } done < checkzone.out$n -test $ret -eq 0 || { echo "I:failed"; status=`expr $status + 1`; } +test $ret -eq 0 || { echo_i "failed"; status=`expr $status + 1`; } -echo "I:exit status: $status" +echo_i "exit status: $status" [ $status -eq 0 ] || exit 1 diff --git a/bin/tests/system/rrl/clean.sh b/bin/tests/system/rrl/clean.sh index 499cd40741..ddaa461a48 100644 --- a/bin/tests/system/rrl/clean.sh +++ b/bin/tests/system/rrl/clean.sh @@ -4,12 +4,11 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. - - # Clean up after rrl tests. rm -f dig.out* *mdig.out* rm -f */named.memstats */named.run */named.stats */log-* */session.key rm -f ns3/bl*.db */*.jnl */*.core */*.pid rm -f ns*/named.lock +rm -f ns*/named.conf rm -f broken.out diff --git a/bin/tests/system/rrl/ns1/named.conf b/bin/tests/system/rrl/ns1/named.conf.in similarity index 93% rename from bin/tests/system/rrl/ns1/named.conf rename to bin/tests/system/rrl/ns1/named.conf.in index 8e62410587..c644058ce6 100644 --- a/bin/tests/system/rrl/ns1/named.conf +++ b/bin/tests/system/rrl/ns1/named.conf.in @@ -6,14 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ - -controls { /* empty */ }; - options { query-source address 10.53.0.1; notify-source 10.53.0.1; transfer-source 10.53.0.1; - port 5300; + port @PORT@; session-keyfile "session.key"; pid-file "named.pid"; listen-on { 10.53.0.1; }; diff --git a/bin/tests/system/rrl/ns2/named.conf b/bin/tests/system/rrl/ns2/named.conf.in similarity index 92% rename from bin/tests/system/rrl/ns2/named.conf rename to bin/tests/system/rrl/ns2/named.conf.in index 4aac7b4a3d..cfcd09687d 100644 --- a/bin/tests/system/rrl/ns2/named.conf +++ b/bin/tests/system/rrl/ns2/named.conf.in @@ -6,14 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ - -controls { /* empty */ }; - options { query-source address 10.53.0.2; notify-source 10.53.0.2; transfer-source 10.53.0.2; - port 5300; + port @PORT@; session-keyfile "session.key"; pid-file "named.pid"; statistics-file "named.stats"; @@ -37,7 +34,7 @@ key rndc_key { algorithm hmac-sha256; }; controls { - inet 10.53.0.2 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; /* diff --git a/bin/tests/system/rrl/ns3/named.conf b/bin/tests/system/rrl/ns3/named.conf.in similarity index 96% rename from bin/tests/system/rrl/ns3/named.conf rename to bin/tests/system/rrl/ns3/named.conf.in index 9e7187e4e0..85e368af5d 100644 --- a/bin/tests/system/rrl/ns3/named.conf +++ b/bin/tests/system/rrl/ns3/named.conf.in @@ -6,14 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ - -controls { /* empty */ }; - options { query-source address 10.53.0.3; notify-source 10.53.0.3; transfer-source 10.53.0.3; - port 5300; + port @PORT@; session-keyfile "session.key"; pid-file "named.pid"; listen-on { 10.53.0.3; }; diff --git a/bin/tests/system/rrl/ns4/named.conf b/bin/tests/system/rrl/ns4/named.conf.in similarity index 92% rename from bin/tests/system/rrl/ns4/named.conf rename to bin/tests/system/rrl/ns4/named.conf.in index ab7596cc0d..ea0992b8fa 100644 --- a/bin/tests/system/rrl/ns4/named.conf +++ b/bin/tests/system/rrl/ns4/named.conf.in @@ -6,14 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ - -controls { /* empty */ }; - options { query-source address 10.53.0.4; notify-source 10.53.0.4; transfer-source 10.53.0.4; - port 5300; + port @PORT@; session-keyfile "session.key"; pid-file "named.pid"; statistics-file "named.stats"; @@ -38,7 +35,7 @@ key rndc_key { algorithm hmac-sha256; }; controls { - inet 10.53.0.4 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.4 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; /* diff --git a/bin/tests/system/rrl/setup.sh b/bin/tests/system/rrl/setup.sh index cfde842c09..20211579f2 100644 --- a/bin/tests/system/rrl/setup.sh +++ b/bin/tests/system/rrl/setup.sh @@ -6,8 +6,12 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. - SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh -. ./clean.sh +$SHELL clean.sh + +copy_setports ns1/named.conf.in ns1/named.conf +copy_setports ns2/named.conf.in ns2/named.conf +copy_setports ns3/named.conf.in ns3/named.conf +copy_setports ns4/named.conf.in ns4/named.conf diff --git a/bin/tests/system/rrl/tests.sh b/bin/tests/system/rrl/tests.sh index 4906e1d79e..e76d8011ab 100644 --- a/bin/tests/system/rrl/tests.sh +++ b/bin/tests/system/rrl/tests.sh @@ -4,12 +4,13 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. - # test response rate limiting SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh +RNDCCMD="$RNDC -c $SYSTEMTESTTOP/common/rndc.conf -p ${CONTROLPORT} -s" + #set -x ns1=10.53.0.1 # root, defining the others @@ -37,7 +38,7 @@ trap 'exit 1' 1 2 15 ret=0 setret () { ret=1 - echo "$*" + echo_i "$*" } @@ -77,7 +78,7 @@ burst () { eval BURST_DOM="$BURST_DOM_BASE" DOMS="$DOMS $BURST_DOM" done - ARGS="+nocookie +continue +time=1 +tries=1 -p 5300 $* @$ns2 $DOMS" + ARGS="+nocookie +continue +time=1 +tries=1 -p ${PORT} $* @$ns2 $DOMS" $MDIG $ARGS 2>&1 | tee -a full-$FILENAME | sed -n -e '/^;; AUTHORITY/,/^$/d' \ -e '/^;; ADDITIONAL/,/^$/d' \ -e 's/^[^;].* \([^ ]\{1,\}\)$/\1/p' \ @@ -109,27 +110,27 @@ ck_result() { NOERROR=`egrep "^NOERROR$" mdig.out-$1 2>/dev/null | wc -l` range $ADDRS "$3" 1 || - setret "I:"$ADDRS" instead of $3 '$2' responses for $1" && + setret "$ADDRS instead of $3 '$2' responses for $1" && BAD=yes range $TC "$4" 1 || - setret "I:"$TC" instead of $4 truncation responses for $1" && + setret "$TC instead of $4 truncation responses for $1" && BAD=yes range $DROP "$5" 1 || - setret "I:"$DROP" instead of $5 dropped responses for $1" && + setret "$DROP instead of $5 dropped responses for $1" && BAD=yes range $NXDOMAIN "$6" 1 || - setret "I:"$NXDOMAIN" instead of $6 NXDOMAIN responses for $1" && + setret "$NXDOMAIN instead of $6 NXDOMAIN responses for $1" && BAD=yes range $SERVFAIL "$7" 1 || - setret "I:"$SERVFAIL" instead of $7 error responses for $1" && + setret "$SERVFAIL instead of $7 error responses for $1" && BAD=yes range $NOERROR "$8" 1 || - setret "I:"$NOERROR" instead of $8 NOERROR responses for $1" && + setret "$NOERROR instead of $8 NOERROR responses for $1" && BAD=yes if test -z "$BAD"; then @@ -147,7 +148,7 @@ ckstats () { C=`expr 0$C + 0` range "$C" $EXPECTED 1 || - setret "I:wrong $LABEL $TYPE statistics of $C instead of $EXPECTED" + setret "wrong $LABEL $TYPE statistics of $C instead of $EXPECTED" } @@ -198,7 +199,7 @@ ck_result 'y*.a3.tld3' 192.0.3.3 10 0 0 0 0 10 # as both truncated and NXDOMAIN. ck_result 'z*.a4.tld2' x 0 3 5 5 0 0 -$RNDC -c $SYSTEMTESTTOP/common/rndc.conf -p 9953 -s $ns2 stats +$RNDCCMD $ns2 stats ckstats first dropped 36 ckstats first truncated 21 @@ -226,7 +227,7 @@ ck_result a7.tld4 x 0 0 8 0 2 0 # NODATA responses are counted as the same regardless of qtype. ck_result a8.tld2 x 0 2 2 0 0 4 -$RNDC -c $SYSTEMTESTTOP/common/rndc.conf -p 9953 -s $ns2 stats +$RNDCCMD $ns2 stats ckstats second dropped 46 ckstats second truncated 23 @@ -242,38 +243,37 @@ burst 60 'all$CNT.a9.tld2' ck_result 'a*.a9.tld2' 192.0.2.8 50 0 10 0 0 50 -$RNDC -c $SYSTEMTESTTOP/common/rndc.conf -p 9953 -s $ns2 stats +$RNDCCMD $ns2 stats ckstats final dropped 56 ckstats final truncated 23 ######### sec_start -$DIG +nocookie +nosearch +time=1 +tries=1 +ignore -p 5300 @$ns4 A a7.tld4 > /dev/null 2>&1 -$DIG +nocookie +nosearch +time=1 +tries=1 +ignore -p 5300 @$ns4 A a7.tld4 > /dev/null 2>&1 -$DIG +nocookie +nosearch +time=1 +tries=1 +ignore -p 5300 @$ns4 A a7.tld4 > /dev/null 2>&1 -$DIG +nocookie +nosearch +time=1 +tries=1 +ignore -p 5300 @$ns4 A a7.tld4 > /dev/null 2>&1 -$DIG +nocookie +nosearch +time=1 +tries=1 +ignore -p 5300 @$ns4 A a7.tld4 > /dev/null 2>&1 -$DIG +nocookie +nosearch +time=1 +tries=1 +ignore -p 5300 @$ns4 A a7.tld4 > /dev/null 2>&1 -$DIG +nocookie +nosearch +time=1 +tries=1 +ignore -p 5300 @$ns4 A a7.tld4 > /dev/null 2>&1 -$DIG +nocookie +nosearch +time=1 +tries=1 +ignore -p 5300 @$ns4 A a7.tld4 > /dev/null 2>&1 -$DIG +nocookie +nosearch +time=1 +tries=1 +ignore -p 5300 @$ns4 A a7.tld4 > /dev/null 2>&1 -$DIG +nocookie +nosearch +time=1 +tries=1 +ignore -p 5300 @$ns4 A a7.tld4 > /dev/null 2>&1 -$DIG +nocookie +nosearch +time=1 +tries=1 +ignore -p 5300 @$ns4 A a7.tld4 > /dev/null 2>&1 +DIGOPTS="+nocookie +nosearch +time=1 +tries=1 +ignore -p ${PORT}" +$DIG $DIGOPTS @$ns4 A a7.tld4 > /dev/null 2>&1 +$DIG $DIGOPTS @$ns4 A a7.tld4 > /dev/null 2>&1 +$DIG $DIGOPTS @$ns4 A a7.tld4 > /dev/null 2>&1 +$DIG $DIGOPTS @$ns4 A a7.tld4 > /dev/null 2>&1 +$DIG $DIGOPTS @$ns4 A a7.tld4 > /dev/null 2>&1 +$DIG $DIGOPTS @$ns4 A a7.tld4 > /dev/null 2>&1 +$DIG $DIGOPTS @$ns4 A a7.tld4 > /dev/null 2>&1 +$DIG $DIGOPTS @$ns4 A a7.tld4 > /dev/null 2>&1 +$DIG $DIGOPTS @$ns4 A a7.tld4 > /dev/null 2>&1 +$DIG $DIGOPTS @$ns4 A a7.tld4 > /dev/null 2>&1 +$DIG $DIGOPTS @$ns4 A a7.tld4 > /dev/null 2>&1 grep "would limit" ns4/named.run >/dev/null 2>&1 || -setret "I: \"would limit\" not found in log file." +setret "\"would limit\" not found in log file." $NAMED -gc broken.conf > broken.out 2>&1 & sleep 2 -grep "min-table-size 1" broken.out > /dev/null || setret "I: min-table-size 0 was not changed to 1" +grep "min-table-size 1" broken.out > /dev/null || setret "min-table-size 0 was not changed to 1" if [ -f named.pid ]; then $KILL `cat named.pid` - setret "I: named should not have started, but did" + setret "named should not have started, but did" fi -echo "I:exit status: $ret" +echo_i "exit status: $ret" [ $ret -eq 0 ] || exit 1 -#[ $ret -ne 0 ] && echo "I:test failure overridden" -#[ $status -eq 0 ] || exit 1 diff --git a/bin/tests/system/rrsetorder/clean.sh b/bin/tests/system/rrsetorder/clean.sh index 13b79c8bf0..069fcbcb87 100644 --- a/bin/tests/system/rrsetorder/clean.sh +++ b/bin/tests/system/rrsetorder/clean.sh @@ -14,3 +14,4 @@ rm -f ns2/root.bk rm -f ns?/named.run ns?/named.core rm -f */named.memstats rm -f ns*/named.lock +rm -f ns*/named.conf diff --git a/bin/tests/system/rrsetorder/ns1/named.conf b/bin/tests/system/rrsetorder/ns1/named.conf.in similarity index 88% rename from bin/tests/system/rrsetorder/ns1/named.conf rename to bin/tests/system/rrsetorder/ns1/named.conf.in index 77576819a3..cbc210c360 100644 --- a/bin/tests/system/rrsetorder/ns1/named.conf +++ b/bin/tests/system/rrsetorder/ns1/named.conf.in @@ -6,15 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.4 2007/06/19 23:47:05 tbox Exp $ */ - -controls { /* empty */ }; - options { query-source address 10.53.0.1; notify-source 10.53.0.1; transfer-source 10.53.0.1; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.1; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/rrsetorder/ns2/named.conf b/bin/tests/system/rrsetorder/ns2/named.conf.in similarity index 88% rename from bin/tests/system/rrsetorder/ns2/named.conf rename to bin/tests/system/rrsetorder/ns2/named.conf.in index f9ce307c31..19aca3f730 100644 --- a/bin/tests/system/rrsetorder/ns2/named.conf +++ b/bin/tests/system/rrsetorder/ns2/named.conf.in @@ -6,15 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.4 2007/06/19 23:47:05 tbox Exp $ */ - -controls { /* empty */ }; - options { query-source address 10.53.0.2; notify-source 10.53.0.2; transfer-source 10.53.0.2; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.2; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/rrsetorder/ns3/named.conf b/bin/tests/system/rrsetorder/ns3/named.conf.in similarity index 87% rename from bin/tests/system/rrsetorder/ns3/named.conf rename to bin/tests/system/rrsetorder/ns3/named.conf.in index a8cea4a71b..5506caa43f 100644 --- a/bin/tests/system/rrsetorder/ns3/named.conf +++ b/bin/tests/system/rrsetorder/ns3/named.conf.in @@ -6,15 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.5 2007/06/18 23:47:30 tbox Exp $ */ - -controls { /* empty */ }; - options { query-source address 10.53.0.3; notify-source 10.53.0.3; transfer-source 10.53.0.3; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.3; }; listen-on-v6 { none; }; @@ -33,4 +29,3 @@ zone "." { type hint; file "../../common/root.hint"; }; - diff --git a/bin/tests/system/rrsetorder/ns4/named.conf b/bin/tests/system/rrsetorder/ns4/named.conf.in similarity index 86% rename from bin/tests/system/rrsetorder/ns4/named.conf rename to bin/tests/system/rrsetorder/ns4/named.conf.in index 8ccdf143a9..297e954268 100644 --- a/bin/tests/system/rrsetorder/ns4/named.conf +++ b/bin/tests/system/rrsetorder/ns4/named.conf.in @@ -6,15 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.5 2007/06/18 23:47:30 tbox Exp $ */ - -controls { /* empty */ }; - options { query-source address 10.53.0.4; notify-source 10.53.0.4; transfer-source 10.53.0.4; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.4; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/rrsetorder/setup.sh b/bin/tests/system/rrsetorder/setup.sh new file mode 100644 index 0000000000..a3303c3117 --- /dev/null +++ b/bin/tests/system/rrsetorder/setup.sh @@ -0,0 +1,16 @@ +#!/bin/sh +# +# Copyright (C) 2018 Internet Systems Consortium, Inc. ("ISC") +# +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +SYSTEMTESTTOP=.. +. $SYSTEMTESTTOP/conf.sh + +$SHELL clean.sh +copy_setports ns1/named.conf.in ns1/named.conf +copy_setports ns2/named.conf.in ns2/named.conf +copy_setports ns3/named.conf.in ns3/named.conf +copy_setports ns4/named.conf.in ns4/named.conf diff --git a/bin/tests/system/rrsetorder/tests.sh b/bin/tests/system/rrsetorder/tests.sh index eddd8cdde6..361ef8574d 100644 --- a/bin/tests/system/rrsetorder/tests.sh +++ b/bin/tests/system/rrsetorder/tests.sh @@ -10,32 +10,32 @@ SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh DIGOPTS="+nosea +nocomm +nocmd +noquest +noadd +noauth +nocomm +nostat +short +nocookie" -DIGCMD="$DIG $DIGOPTS -p 5300" +DIGCMD="$DIG $DIGOPTS -p ${PORT}" status=0 if grep "^#define DNS_RDATASET_FIXED" $TOP/config.h > /dev/null 2>&1 ; then - test_fixed=true + test_fixed=true else - echo "I: Order 'fixed' disabled at compile time" - test_fixed=false + echo_i "Order 'fixed' disabled at compile time" + test_fixed=false fi # # # if $test_fixed; then - echo "I: Checking order fixed (master)" + echo_i "Checking order fixed (master)" ret=0 for i in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 do $DIGCMD @10.53.0.1 fixed.example > dig.out.fixed || ret=1 $DIFF dig.out.fixed dig.out.fixed.good >/dev/null || ret=1 done - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` else - echo "I: Checking order fixed behaves as cyclic when disabled (master)" + echo_i "Checking order fixed behaves as cyclic when disabled (master)" ret=0 matches=0 for i in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 @@ -55,14 +55,14 @@ else $DIFF dig.out.1 dig.out.3 >/dev/null && ret=1 $DIFF dig.out.2 dig.out.3 >/dev/null && ret=1 if [ $matches -ne 16 ]; then ret=1; fi - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` fi # # # -echo "I: Checking order cyclic (master + additional)" +echo_i "Checking order cyclic (master + additional)" ret=0 matches=0 for i in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 @@ -82,13 +82,13 @@ $DIFF dig.out.1 dig.out.2 >/dev/null && ret=1 $DIFF dig.out.1 dig.out.3 >/dev/null && ret=1 $DIFF dig.out.2 dig.out.3 >/dev/null && ret=1 if [ $matches -ne 16 ]; then ret=1; fi -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` # # # -echo "I: Checking order cyclic (master)" +echo_i "Checking order cyclic (master)" ret=0 matches=0 for i in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 @@ -108,9 +108,9 @@ $DIFF dig.out.1 dig.out.2 >/dev/null && ret=1 $DIFF dig.out.1 dig.out.3 >/dev/null && ret=1 $DIFF dig.out.2 dig.out.3 >/dev/null && ret=1 if [ $matches -ne 16 ]; then ret=1; fi -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: Checking order random (master)" +echo_i "Checking order random (master)" ret=0 for i in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 do @@ -118,44 +118,44 @@ do done for i in a b c d e f g h i j k l m n o p q r s t u v w x y z 0 1 2 3 4 5 6 7 9 do - $DIGCMD @10.53.0.1 random.example > dig.out.random || ret=1 - match=0 - for j in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 - do - eval "$DIFF dig.out.random dig.out.random.good$j >/dev/null && match$j=1 match=1" - if [ $match -eq 1 ]; then break; fi - done - if [ $match -eq 0 ]; then ret=1; fi + $DIGCMD @10.53.0.1 random.example > dig.out.random || ret=1 + match=0 + for j in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 + do + eval "$DIFF dig.out.random dig.out.random.good$j >/dev/null && match$j=1 match=1" + if [ $match -eq 1 ]; then break; fi + done + if [ $match -eq 0 ]; then ret=1; fi done match=0 for i in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 do eval "match=\`expr \$match + \$match$i\`" done -echo "I: Random selection return $match of 24 possible orders in 36 samples" +echo_i "Random selection return $match of 24 possible orders in 36 samples" if [ $match -lt 8 ]; then echo ret=1; fi -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` # # # if $test_fixed; then - echo "I: Checking order fixed (slave)" + echo_i "Checking order fixed (slave)" ret=0 for i in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 do $DIGCMD @10.53.0.2 fixed.example > dig.out.fixed || ret=1 $DIFF dig.out.fixed dig.out.fixed.good || ret=1 done - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` fi # # # -echo "I: Checking order cyclic (slave + additional)" +echo_i "Checking order cyclic (slave + additional)" ret=0 matches=0 for i in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 @@ -175,13 +175,13 @@ $DIFF dig.out.1 dig.out.2 >/dev/null && ret=1 $DIFF dig.out.1 dig.out.3 >/dev/null && ret=1 $DIFF dig.out.2 dig.out.3 >/dev/null && ret=1 if [ $matches -ne 16 ]; then ret=1; fi -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` # # # -echo "I: Checking order cyclic (slave)" +echo_i "Checking order cyclic (slave)" ret=0 matches=0 for i in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 @@ -201,10 +201,10 @@ $DIFF dig.out.1 dig.out.2 >/dev/null && ret=1 $DIFF dig.out.1 dig.out.3 >/dev/null && ret=1 $DIFF dig.out.2 dig.out.3 >/dev/null && ret=1 if [ $matches -ne 16 ]; then ret=1; fi -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: Checking order random (slave)" +echo_i "Checking order random (slave)" ret=0 for i in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 do @@ -212,60 +212,60 @@ do done for i in a b c d e f g h i j k l m n o p q r s t u v w x y z 0 1 2 3 4 5 6 7 9 do -$DIGCMD @10.53.0.2 random.example > dig.out.random || ret=1 - match=0 - for j in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 - do - eval "$DIFF dig.out.random dig.out.random.good$j >/dev/null && match$j=1 match=1" - if [ $match -eq 1 ]; then break; fi - done - if [ $match -eq 0 ]; then ret=1; fi + $DIGCMD @10.53.0.2 random.example > dig.out.random || ret=1 + match=0 + for j in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 + do + eval "$DIFF dig.out.random dig.out.random.good$j >/dev/null && match$j=1 match=1" + if [ $match -eq 1 ]; then break; fi + done + if [ $match -eq 0 ]; then ret=1; fi done match=0 for i in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 do eval "match=\`expr \$match + \$match$i\`" done -echo "I: Random selection return $match of 24 possible orders in 36 samples" +echo_i "Random selection return $match of 24 possible orders in 36 samples" if [ $match -lt 8 ]; then echo ret=1; fi -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: Shutting down slave" +echo_i "Shutting down slave" (cd ..; $SHELL stop.sh rrsetorder ns2 ) -echo "I: Checking for slave's on disk copy of zone" +echo_i "Checking for slave's on disk copy of zone" if [ ! -f ns2/root.bk ] then - echo "I:failed"; + echo_i "failed"; status=`expr $status + 1` fi -echo "I: Re-starting slave" +echo_i "Re-starting slave" -(cd ..; $SHELL start.sh --noclean rrsetorder ns2 ) +(cd ..; $PERL start.pl --noclean --port ${PORT} rrsetorder ns2 ) # # # if $test_fixed; then - echo "I: Checking order fixed (slave loaded from disk)" + echo_i "Checking order fixed (slave loaded from disk)" ret=0 for i in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 do $DIGCMD @10.53.0.2 fixed.example > dig.out.fixed || ret=1 $DIFF dig.out.fixed dig.out.fixed.good || ret=1 done - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` fi # # # -echo "I: Checking order cyclic (slave + additional, loaded from disk)" +echo_i "Checking order cyclic (slave + additional, loaded from disk)" ret=0 matches=0 for i in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 @@ -285,13 +285,13 @@ $DIFF dig.out.1 dig.out.2 >/dev/null && ret=1 $DIFF dig.out.1 dig.out.3 >/dev/null && ret=1 $DIFF dig.out.2 dig.out.3 >/dev/null && ret=1 if [ $matches -ne 16 ]; then ret=1; fi -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` # # # -echo "I: Checking order cyclic (slave loaded from disk)" +echo_i "Checking order cyclic (slave loaded from disk)" ret=0 matches=0 for i in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 @@ -311,10 +311,10 @@ $DIFF dig.out.1 dig.out.2 >/dev/null && ret=1 $DIFF dig.out.1 dig.out.3 >/dev/null && ret=1 $DIFF dig.out.2 dig.out.3 >/dev/null && ret=1 if [ $matches -ne 16 ]; then ret=1; fi -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: Checking order random (slave loaded from disk)" +echo_i "Checking order random (slave loaded from disk)" ret=0 for i in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 do @@ -336,30 +336,30 @@ for i in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 do eval "match=\`expr \$match + \$match$i\`" done -echo "I: Random selection return $match of 24 possible orders in 36 samples" +echo_i "Random selection return $match of 24 possible orders in 36 samples" if [ $match -lt 8 ]; then echo ret=1; fi -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` # # # if $test_fixed; then - echo "I: Checking order fixed (cache)" + echo_i "Checking order fixed (cache)" ret=0 for i in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 do $DIGCMD @10.53.0.3 fixed.example > dig.out.fixed || ret=1 $DIFF dig.out.fixed dig.out.fixed.good || ret=1 done - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` fi # # # -echo "I: Checking order cyclic (cache + additional)" +echo_i "Checking order cyclic (cache + additional)" ret=0 # prime acache $DIGCMD @10.53.0.3 cyclic.example > dig.out.cyclic || ret=1 @@ -381,13 +381,13 @@ $DIFF dig.out.1 dig.out.2 >/dev/null && ret=1 $DIFF dig.out.1 dig.out.3 >/dev/null && ret=1 $DIFF dig.out.2 dig.out.3 >/dev/null && ret=1 if [ $matches -ne 16 ]; then ret=1; fi -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` # # # -echo "I: Checking order cyclic (cache)" +echo_i "Checking order cyclic (cache)" ret=0 # prime acache $DIGCMD @10.53.0.3 cyclic2.example > dig.out.cyclic2 || ret=1 @@ -409,10 +409,10 @@ $DIFF dig.out.1 dig.out.2 >/dev/null && ret=1 $DIFF dig.out.1 dig.out.3 >/dev/null && ret=1 $DIFF dig.out.2 dig.out.3 >/dev/null && ret=1 if [ $matches -ne 16 ]; then ret=1; fi -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: Checking order random (cache)" +echo_i "Checking order random (cache)" ret=0 for i in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 do @@ -434,11 +434,11 @@ for i in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 do eval "match=\`expr \$match + \$match$i\`" done -echo "I: Random selection return $match of 24 possible orders in 36 samples" +echo_i "Random selection return $match of 24 possible orders in 36 samples" if [ $match -lt 8 ]; then echo ret=1; fi -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi -echo "I: Checking default order no match in rrset-order (no shuffling)" +echo_i "Checking default order no match in rrset-order (no shuffling)" ret=0 for i in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 do @@ -446,8 +446,7 @@ do done for i in a b c d e f g h i j k l m n o p q r s t u v w x y z 0 1 2 3 4 5 6 7 9 do -$DIG +nosea +nocomm +nocmd +noquest +noadd +noauth +nocomm +nostat +short \ - -p 5300 @10.53.0.4 nomatch.example > dig.out.nomatch|| ret=1 +$DIGCMD @10.53.0.4 nomatch.example > dig.out.nomatch|| ret=1 match=0 for j in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 do @@ -461,10 +460,10 @@ for i in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 do eval "match=\`expr \$match + \$match$i\`" done -echo "I: Consistent selection return $match of 24 possible orders in 36 samples" +echo_i "Consistent selection return $match of 24 possible orders in 36 samples" if [ $match -ne 1 ]; then echo ret=1; fi -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:exit status: $status" +echo_i "exit status: $status" [ $status -eq 0 ] || exit 1 diff --git a/bin/tests/system/rsabigexponent/clean.sh b/bin/tests/system/rsabigexponent/clean.sh index 715b6cde2c..4c0418dac9 100644 --- a/bin/tests/system/rsabigexponent/clean.sh +++ b/bin/tests/system/rsabigexponent/clean.sh @@ -14,3 +14,4 @@ rm -f ns1/root.db rm -f ns2/signer.err rm -f dig.out.* rm -f ns*/named.lock +rm -f ns*/named.conf diff --git a/bin/tests/system/rsabigexponent/ns1/named.conf b/bin/tests/system/rsabigexponent/ns1/named.conf.in similarity index 92% rename from bin/tests/system/rsabigexponent/ns1/named.conf rename to bin/tests/system/rsabigexponent/ns1/named.conf.in index 9374ce43ef..25f88fd0cc 100644 --- a/bin/tests/system/rsabigexponent/ns1/named.conf +++ b/bin/tests/system/rsabigexponent/ns1/named.conf.in @@ -6,17 +6,13 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id$ */ - // NS1 -controls { /* empty */ }; - options { query-source address 10.53.0.1; notify-source 10.53.0.1; transfer-source 10.53.0.1; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.1; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/rsabigexponent/ns2/named.conf b/bin/tests/system/rsabigexponent/ns2/named.conf.in similarity index 92% rename from bin/tests/system/rsabigexponent/ns2/named.conf rename to bin/tests/system/rsabigexponent/ns2/named.conf.in index b312d58efd..8dadb7ee22 100644 --- a/bin/tests/system/rsabigexponent/ns2/named.conf +++ b/bin/tests/system/rsabigexponent/ns2/named.conf.in @@ -6,17 +6,13 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id$ */ - // NS2 -controls { /* empty */ }; - options { query-source address 10.53.0.2; notify-source 10.53.0.2; transfer-source 10.53.0.2; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.2; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/rsabigexponent/ns3/named.conf b/bin/tests/system/rsabigexponent/ns3/named.conf.in similarity index 92% rename from bin/tests/system/rsabigexponent/ns3/named.conf rename to bin/tests/system/rsabigexponent/ns3/named.conf.in index b311882c5e..2b24883541 100644 --- a/bin/tests/system/rsabigexponent/ns3/named.conf +++ b/bin/tests/system/rsabigexponent/ns3/named.conf.in @@ -6,17 +6,13 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id$ */ - // NS3 -controls { /* empty */ }; - options { query-source address 10.53.0.3; notify-source 10.53.0.3; transfer-source 10.53.0.3; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.3; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/rsabigexponent/prereq.sh b/bin/tests/system/rsabigexponent/prereq.sh index 8d6b090e30..b93cb21074 100644 --- a/bin/tests/system/rsabigexponent/prereq.sh +++ b/bin/tests/system/rsabigexponent/prereq.sh @@ -15,7 +15,7 @@ if $BIGKEY > /dev/null 2>&1 then rm -f Kexample.* else - echo "I:This test requires cryptography" >&2 - echo "I:configure with --with-openssl, or --with-pkcs11 and --enable-native-pkcs11" >&2 + echo_i "This test requires cryptography" >&2 + echo_i "configure with --with-openssl, or --with-pkcs11 and --enable-native-pkcs11" >&2 exit 255 fi diff --git a/bin/tests/system/rsabigexponent/setup.sh b/bin/tests/system/rsabigexponent/setup.sh index e7e07baf6a..75688ee883 100644 --- a/bin/tests/system/rsabigexponent/setup.sh +++ b/bin/tests/system/rsabigexponent/setup.sh @@ -13,4 +13,8 @@ $SHELL clean.sh test -r $RANDFILE || $GENRANDOM 800 $RANDFILE +copy_setports ns1/named.conf.in ns1/named.conf +copy_setports ns2/named.conf.in ns2/named.conf +copy_setports ns3/named.conf.in ns3/named.conf + cd ns1 && $SHELL -e sign.sh diff --git a/bin/tests/system/rsabigexponent/tests.sh b/bin/tests/system/rsabigexponent/tests.sh index 8f6e260d65..1bb0e973e6 100644 --- a/bin/tests/system/rsabigexponent/tests.sh +++ b/bin/tests/system/rsabigexponent/tests.sh @@ -6,8 +6,6 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -# $Id$ - SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh @@ -15,40 +13,40 @@ status=0 rm -f dig.out.* -DIGOPTS="+tcp +noadd +nosea +nostat +nocmd +dnssec -p 5300" +DIGOPTS="+tcp +noadd +nosea +nostat +nocmd +dnssec -p ${PORT}" for f in conf/good*.conf do - echo "I:checking '$f'" + echo_i "checking '$f'" ret=0 $CHECKCONF $f > /dev/null || ret=1 - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` done for f in conf/bad*.conf do - echo "I:checking '$f'" + echo_i "checking '$f'" ret=0 $CHECKCONF $f > /dev/null && ret=1 - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` done -echo "I:checking that RSA big exponent keys can't be loaded" +echo_i "checking that RSA big exponent keys can't be loaded" ret=0 grep "out of range" ns2/signer.err > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking that RSA big exponent signature can't validate" +echo_i "checking that RSA big exponent signature can't validate" ret=0 $DIG $DIGOPTS a.example @10.53.0.2 > dig.out.ns2 || ret=1 $DIG $DIGOPTS a.example @10.53.0.3 > dig.out.ns3 || ret=1 grep "status: NOERROR" dig.out.ns2 > /dev/null || ret=1 grep "status: SERVFAIL" dig.out.ns3 > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:exit status: $status" +echo_i "exit status: $status" [ $status -eq 0 ] || exit 1 diff --git a/bin/tests/system/run.sh b/bin/tests/system/run.sh index 38ee8623f0..7379fdc746 100644 --- a/bin/tests/system/run.sh +++ b/bin/tests/system/run.sh @@ -178,7 +178,6 @@ else echopass "R:$systest:PASS" if $clean then - rm -f $SYSTEMTESTTOP/random.data $SHELL clean.sh $runall $systest "$@" if test -d ../../../.git then diff --git a/bin/tests/system/runtime/clean.sh b/bin/tests/system/runtime/clean.sh index b3de9924c4..c141923f67 100644 --- a/bin/tests/system/runtime/clean.sh +++ b/bin/tests/system/runtime/clean.sh @@ -6,7 +6,7 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -rm -f ns2/named.conf +rm -f ns2/named.conf ns2/named-alt*.conf rm -f */named.memstats rm -f */named*.run rm -f ns*/named.lock ns*/named*.pid ns*/other.lock diff --git a/bin/tests/system/runtime/ns2/named-alt1.conf b/bin/tests/system/runtime/ns2/named-alt1.conf.in similarity index 92% rename from bin/tests/system/runtime/ns2/named-alt1.conf rename to bin/tests/system/runtime/ns2/named-alt1.conf.in index 7a0095a541..e3b1fcd08d 100644 --- a/bin/tests/system/runtime/ns2/named-alt1.conf +++ b/bin/tests/system/runtime/ns2/named-alt1.conf.in @@ -8,11 +8,9 @@ // NS2 -controls { /* empty */ }; - options { query-source address 10.53.0.2; - port 5300; + port @PORT@; pid-file "named2.pid"; listen-on { 10.53.0.2; }; listen-on-v6 { fd92:7065:b8e:ffff::2; }; diff --git a/bin/tests/system/runtime/ns2/named-alt2.conf b/bin/tests/system/runtime/ns2/named-alt2.conf.in similarity index 92% rename from bin/tests/system/runtime/ns2/named-alt2.conf rename to bin/tests/system/runtime/ns2/named-alt2.conf.in index d18ea86211..1329de4f4e 100644 --- a/bin/tests/system/runtime/ns2/named-alt2.conf +++ b/bin/tests/system/runtime/ns2/named-alt2.conf.in @@ -8,11 +8,9 @@ // NS2 -controls { /* empty */ }; - options { query-source address 10.53.0.2; - port 5300; + port @PORT@; pid-file "named3.pid"; listen-on { 10.53.0.2; 10.53.0.3; }; listen-on-v6 { fd92:7065:b8e:ffff::2; }; diff --git a/bin/tests/system/runtime/ns2/named-alt3.conf b/bin/tests/system/runtime/ns2/named-alt3.conf.in similarity index 93% rename from bin/tests/system/runtime/ns2/named-alt3.conf rename to bin/tests/system/runtime/ns2/named-alt3.conf.in index 69356ea758..976f531f10 100644 --- a/bin/tests/system/runtime/ns2/named-alt3.conf +++ b/bin/tests/system/runtime/ns2/named-alt3.conf.in @@ -8,11 +8,9 @@ // NS2 -controls { /* empty */ }; - options { query-source address 10.53.0.2; - port 5300; + port @PORT@; pid-file "named4.pid"; lock-file none; listen-on { 10.53.0.2; 10.53.0.3; }; diff --git a/bin/tests/system/runtime/ns2/named-alt4.conf b/bin/tests/system/runtime/ns2/named-alt4.conf.in similarity index 96% rename from bin/tests/system/runtime/ns2/named-alt4.conf rename to bin/tests/system/runtime/ns2/named-alt4.conf.in index c1da2fed59..a52f2aee7b 100644 --- a/bin/tests/system/runtime/ns2/named-alt4.conf +++ b/bin/tests/system/runtime/ns2/named-alt4.conf.in @@ -8,7 +8,7 @@ options { directory "./nope"; - port 5300; + port @PORT@; pid-file "../named.pid"; listen-on { 127.0.0.1; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/runtime/ns2/named-alt5.conf b/bin/tests/system/runtime/ns2/named-alt5.conf.in similarity index 96% rename from bin/tests/system/runtime/ns2/named-alt5.conf rename to bin/tests/system/runtime/ns2/named-alt5.conf.in index 8b60f58e9a..18412b9307 100644 --- a/bin/tests/system/runtime/ns2/named-alt5.conf +++ b/bin/tests/system/runtime/ns2/named-alt5.conf.in @@ -8,7 +8,7 @@ options { managed-keys-directory "./nope"; - port 5300; + port @PORT@; pid-file "../named.pid"; listen-on { 127.0.0.1; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/runtime/ns2/named-alt6.conf b/bin/tests/system/runtime/ns2/named-alt6.conf.in similarity index 96% rename from bin/tests/system/runtime/ns2/named-alt6.conf rename to bin/tests/system/runtime/ns2/named-alt6.conf.in index 178059959e..2bb26345f9 100644 --- a/bin/tests/system/runtime/ns2/named-alt6.conf +++ b/bin/tests/system/runtime/ns2/named-alt6.conf.in @@ -8,7 +8,7 @@ options { new-zones-directory "./nope"; - port 5300; + port @PORT@; pid-file "../named.pid"; listen-on { 127.0.0.1; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/runtime/ns2/named1.conf b/bin/tests/system/runtime/ns2/named1.conf.in similarity index 85% rename from bin/tests/system/runtime/ns2/named1.conf rename to bin/tests/system/runtime/ns2/named1.conf.in index 34dcfef415..a882f9bac4 100644 --- a/bin/tests/system/runtime/ns2/named1.conf +++ b/bin/tests/system/runtime/ns2/named1.conf.in @@ -8,11 +8,9 @@ // NS2 -controls { /* empty */ }; - options { query-source address 10.53.0.2; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.2; }; listen-on-v6 { fd92:7065:b8e:ffff::2; }; @@ -28,6 +26,5 @@ key rndc_key { }; controls { - inet 10.53.0.2 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; - diff --git a/bin/tests/system/runtime/setup.sh b/bin/tests/system/runtime/setup.sh index 5c3f768af9..fc301c8f92 100644 --- a/bin/tests/system/runtime/setup.sh +++ b/bin/tests/system/runtime/setup.sh @@ -11,7 +11,11 @@ SYSTEMTESTTOP=.. $SHELL clean.sh -cp ns2/named1.conf ns2/named.conf +copy_setports ns2/named1.conf.in ns2/named.conf + +copy_setports ns2/named-alt1.conf.in ns2/named-alt1.conf +copy_setports ns2/named-alt2.conf.in ns2/named-alt2.conf +copy_setports ns2/named-alt3.conf.in ns2/named-alt3.conf mkdir ns2/nope diff --git a/bin/tests/system/runtime/tests.sh b/bin/tests/system/runtime/tests.sh index 63a96fff2b..30f8de2b5f 100644 --- a/bin/tests/system/runtime/tests.sh +++ b/bin/tests/system/runtime/tests.sh @@ -7,21 +7,23 @@ SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh +RNDCCMD="$RNDC -c $SYSTEMTESTTOP/common/rndc.conf -p ${CONTROLPORT} -s" + status=0 n=0 n=`expr $n + 1` -echo "I:verifying that named started normally ($n)" +echo_i "verifying that named started normally ($n)" ret=0 [ -s ns2/named.pid ] || ret=1 grep "unable to listen on any configured interface" ns2/named.run > /dev/null && ret=1 grep "another named process" ns2/named.run > /dev/null && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` if [ ! "$CYGWIN" ]; then n=`expr $n + 1` - echo "I:verifying that named checks for conflicting listeners ($n)" + echo_i "verifying that named checks for conflicting listeners ($n)" ret=0 (cd ns2; $NAMED -c named-alt1.conf -D ns2-extra-1 -X other.lock -m record,size,mctx -d 99 -g -U 4 >> named2.run 2>&1 & ) for i in 1 2 3 4 5 6 7 8 9 @@ -37,67 +39,67 @@ if [ ! "$CYGWIN" ]; then done pid=`cat ns2/named2.pid 2>/dev/null` test "${pid:+set}" = set && $KILL -15 ${pid} >/dev/null 2>&1 - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` fi n=`expr $n + 1` -echo "I:verifying that named checks for conflicting named processes ($n)" +echo_i "verifying that named checks for conflicting named processes ($n)" ret=0 (cd ns2; $NAMED -c named-alt2.conf -D ns2-extra-2 -X named.lock -m record,size,mctx -d 99 -g -U 4 >> named3.run 2>&1 & ) sleep 2 grep "another named process" ns2/named3.run > /dev/null || ret=1 pid=`cat ns2/named3.pid 2>/dev/null` test "${pid:+set}" = set && $KILL -15 ${pid} >/dev/null 2>&1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:verifying that 'lock-file none' disables process check ($n)" +echo_i "verifying that 'lock-file none' disables process check ($n)" ret=0 (cd ns2; $NAMED -c named-alt3.conf -D ns2-extra-3 -m record,size,mctx -d 99 -g -U 4 >> named4.run 2>&1 & ) sleep 2 grep "another named process" ns2/named4.run > /dev/null && ret=1 pid=`cat ns2/named4.pid 2>/dev/null` test "${pid:+set}" = set && $KILL -15 ${pid} >/dev/null 2>&1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I: checking that named refuses to reconfigure if working directory is not writable ($n)" +echo_i "checking that named refuses to reconfigure if working directory is not writable ($n)" ret=0 -cp -f ns2/named-alt4.conf ns2/named.conf -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 reconfig > rndc.out.$n 2>&1 +copy_setports ns2/named-alt4.conf.in ns2/named.conf +$RNDCCMD 10.53.0.2 reconfig > rndc.out.$n 2>&1 grep "failed: permission denied" rndc.out.$n > /dev/null 2>&1 || ret=1 sleep 1 grep "[^-]directory './nope' is not writable" ns2/named.run > /dev/null 2>&1 || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I: checking that named refuses to reconfigure if managed-keys-directory is not writable ($n)" +echo_i "checking that named refuses to reconfigure if managed-keys-directory is not writable ($n)" ret=0 -cp -f ns2/named-alt5.conf ns2/named.conf -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 reconfig > rndc.out.$n 2>&1 +copy_setports ns2/named-alt5.conf.in ns2/named.conf +$RNDCCMD 10.53.0.2 reconfig > rndc.out.$n 2>&1 grep "failed: permission denied" rndc.out.$n > /dev/null 2>&1 || ret=1 sleep 1 grep "managed-keys-directory './nope' is not writable" ns2/named.run > /dev/null 2>&1 || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I: checking that named refuses to reconfigure if new-zones-directory is not writable ($n)" +echo_i "checking that named refuses to reconfigure if new-zones-directory is not writable ($n)" ret=0 -cp -f ns2/named-alt6.conf ns2/named.conf -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 reconfig > rndc.out.$n 2>&1 +copy_setports ns2/named-alt6.conf.in ns2/named.conf +$RNDCCMD 10.53.0.2 reconfig > rndc.out.$n 2>&1 grep "failed: permission denied" rndc.out.$n > /dev/null 2>&1 || ret=1 sleep 1 grep "new-zones-directory './nope' is not writable" ns2/named.run > /dev/null 2>&1 || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I: checking that named refuses to start if working directory is not writable ($n)" +echo_i "checking that named refuses to start if working directory is not writable ($n)" ret=0 cd ns2 $NAMED -c named-alt4.conf -d 99 -g > named4.run 2>&1 & @@ -110,11 +112,11 @@ test "${pid:+set}" = set && $KILL -15 ${pid} >/dev/null 2>&1 pid=`cat ../named.pid 2>/dev/null` test "${pid:+set}" = set && $KILL -15 ${pid} >/dev/null 2>&1 cd .. -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I: checking that named refuses to start if managed-keys-directory is not writable ($n)" +echo_i "checking that named refuses to start if managed-keys-directory is not writable ($n)" ret=0 cd ns2 $NAMED -c named-alt5.conf -d 99 -g > named5.run 2>&1 & @@ -127,8 +129,8 @@ test "${pid:+set}" = set && $KILL -15 ${pid} >/dev/null 2>&1 pid=`cat ../named.pid 2>/dev/null` test "${pid:+set}" = set && $KILL -15 ${pid} >/dev/null 2>&1 cd .. -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:exit status: $status" +echo_i "exit status: $status" [ $status -eq 0 ] || exit 1 diff --git a/bin/tests/system/serve-stale/ans2/ans.pl.in b/bin/tests/system/serve-stale/ans2/ans.pl similarity index 97% rename from bin/tests/system/serve-stale/ans2/ans.pl.in rename to bin/tests/system/serve-stale/ans2/ans.pl index 3d2da5aaf7..2992fb8dab 100644 --- a/bin/tests/system/serve-stale/ans2/ans.pl.in +++ b/bin/tests/system/serve-stale/ans2/ans.pl @@ -25,7 +25,10 @@ $SIG{TERM} = \&rmpid; my $send_response = 1; my $localaddr = "10.53.0.2"; -my $localport = @PORT@; + +my $localport = int($ENV{'PORT'}); +if (!$localport) { $localport = 5300; } + my $verbose = 0; # diff --git a/bin/tests/system/serve-stale/clean.sh b/bin/tests/system/serve-stale/clean.sh index 7bbeea7d33..9ba52f1709 100644 --- a/bin/tests/system/serve-stale/clean.sh +++ b/bin/tests/system/serve-stale/clean.sh @@ -6,7 +6,7 @@ rm -f dig.out.test* rm -f ns1/named.conf -rm -f ans2/ans.pl rm -f ns3/named.conf rm -f ns3/root.bk rm -f rndc.out.test* +rm -f */named.run */named.memstats diff --git a/bin/tests/system/serve-stale/setup.sh b/bin/tests/system/serve-stale/setup.sh index 690f43c813..1eb5b0bfcb 100644 --- a/bin/tests/system/serve-stale/setup.sh +++ b/bin/tests/system/serve-stale/setup.sh @@ -9,5 +9,4 @@ SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh copy_setports ns1/named1.conf.in ns1/named.conf -copy_setports ans2/ans.pl.in ans2/ans.pl copy_setports ns3/named.conf.in ns3/named.conf diff --git a/bin/tests/system/sfcache/clean.sh b/bin/tests/system/sfcache/clean.sh index 316db74f62..a14406f880 100644 --- a/bin/tests/system/sfcache/clean.sh +++ b/bin/tests/system/sfcache/clean.sh @@ -9,6 +9,7 @@ rm -f */K*.key */K*.private */*.signed */*.db */dsset-* rm -f */managed.conf */trusted.conf rm -f */named.memstats +rm -f */named.conf rm -f */named.run */named.run.prev rm -f dig.* rm -f sfcache.* diff --git a/bin/tests/system/sfcache/ns1/named.conf b/bin/tests/system/sfcache/ns1/named.conf.in similarity index 94% rename from bin/tests/system/sfcache/ns1/named.conf rename to bin/tests/system/sfcache/ns1/named.conf.in index cb75be5b1f..6cf080e37f 100644 --- a/bin/tests/system/sfcache/ns1/named.conf +++ b/bin/tests/system/sfcache/ns1/named.conf.in @@ -8,13 +8,11 @@ // NS1 -controls { /* empty */ }; - options { query-source address 10.53.0.1; notify-source 10.53.0.1; transfer-source 10.53.0.1; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.1; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/sfcache/ns2/named.conf b/bin/tests/system/sfcache/ns2/named.conf.in similarity index 88% rename from bin/tests/system/sfcache/ns2/named.conf rename to bin/tests/system/sfcache/ns2/named.conf.in index 7e4f7e9c7c..93d25aab69 100644 --- a/bin/tests/system/sfcache/ns2/named.conf +++ b/bin/tests/system/sfcache/ns2/named.conf.in @@ -8,13 +8,11 @@ // NS2 -controls { /* empty */ }; - options { query-source address 10.53.0.2; notify-source 10.53.0.2; transfer-source 10.53.0.2; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.2; }; listen-on-v6 { none; }; @@ -30,7 +28,7 @@ key rndc_key { }; controls { - inet 10.53.0.2 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; zone "." { diff --git a/bin/tests/system/sfcache/ns5/named.conf b/bin/tests/system/sfcache/ns5/named.conf.in similarity index 87% rename from bin/tests/system/sfcache/ns5/named.conf rename to bin/tests/system/sfcache/ns5/named.conf.in index 33f8eb3224..4e8a15bdaf 100644 --- a/bin/tests/system/sfcache/ns5/named.conf +++ b/bin/tests/system/sfcache/ns5/named.conf.in @@ -8,13 +8,11 @@ // NS5 -controls { /* empty */ }; - options { query-source address 10.53.0.5; notify-source 10.53.0.5; transfer-source 10.53.0.5; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.5; }; listen-on-v6 { none; }; @@ -30,7 +28,7 @@ key rndc_key { }; controls { - inet 10.53.0.5 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.5 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; zone "." { diff --git a/bin/tests/system/sfcache/setup.sh b/bin/tests/system/sfcache/setup.sh index 643f7a86ff..7e1cb1ee08 100644 --- a/bin/tests/system/sfcache/setup.sh +++ b/bin/tests/system/sfcache/setup.sh @@ -13,6 +13,10 @@ $SHELL clean.sh test -r $RANDFILE || $GENRANDOM 800 $RANDFILE +copy_setports ns1/named.conf.in ns1/named.conf +copy_setports ns2/named.conf.in ns2/named.conf +copy_setports ns5/named.conf.in ns5/named.conf + cd ns1 && $SHELL sign.sh cd ../ns5 && cp -f trusted.conf.bad trusted.conf diff --git a/bin/tests/system/sfcache/tests.sh b/bin/tests/system/sfcache/tests.sh index 7884e5d535..5d65341fd4 100644 --- a/bin/tests/system/sfcache/tests.sh +++ b/bin/tests/system/sfcache/tests.sh @@ -14,12 +14,13 @@ n=0 rm -f dig.out.* -DIGOPTS="+tcp +noadd +nosea +nostat +nocmd -p 5300" +DIGOPTS="+tcp +noadd +nosea +nostat +nocmd -p ${PORT}" +RNDCCMD="$RNDC -c $SYSTEMTESTTOP/common/rndc.conf -p ${CONTROLPORT} -s" -echo "I:checking DNSSEC SERVFAIL is cached ($n)" +echo_i "checking DNSSEC SERVFAIL is cached ($n)" ret=0 $DIG $DIGOPTS +dnssec foo.example. a @10.53.0.5 > dig.out.ns5.test$n || ret=1 -$RNDC -c ../common/rndc.conf -s 10.53.0.5 -p 9953 dumpdb -all 2>&1 | sed 's/^/I:ns5 /' +$RNDCCMD 10.53.0.5 dumpdb -all 2>&1 | sed 's/^/I:ns5 /' for i in 1 2 3 4 5 6 7 8 9 10; do awk '/Zone/{out=0} { if (out) print } /SERVFAIL/{out=1}' ns5/named_dump.db > sfcache.$n [ -s "sfcache.$n" ] && break @@ -27,32 +28,32 @@ for i in 1 2 3 4 5 6 7 8 9 10; do done grep "^; foo.example/A" sfcache.$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking SERVFAIL is returned from cache ($n)" +echo_i "checking SERVFAIL is returned from cache ($n)" ret=0 $DIG $DIGOPTS +dnssec foo.example. a @10.53.0.5 > dig.out.ns5.test$n || ret=1 grep "SERVFAIL" dig.out.ns5.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking that +cd bypasses cache check ($n)" +echo_i "checking that +cd bypasses cache check ($n)" ret=0 $DIG $DIGOPTS +dnssec +cd foo.example. a @10.53.0.5 > dig.out.ns5.test$n || ret=1 grep "SERVFAIL" dig.out.ns5.test$n > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:disabling server to force non-dnssec SERVFAIL" -$PERL $SYSTEMTESTTOP/stop.pl --use-rndc . ns2 +echo_i "disabling server to force non-dnssec SERVFAIL" +$PERL $SYSTEMTESTTOP/stop.pl --use-rndc --port ${CONTROLPORT} . ns2 awk '/SERVFAIL/ { next; out=1 } /Zone/ { out=0 } { if (out) print }' ns5/named_dump.db -echo "I:checking SERVFAIL is cached ($n)" +echo_i "checking SERVFAIL is cached ($n)" ret=0 $DIG $DIGOPTS bar.example. a @10.53.0.5 > dig.out.ns5.test$n || ret=1 -$RNDC -c ../common/rndc.conf -s 10.53.0.5 -p 9953 dumpdb -all 2>&1 | sed 's/^/I:ns5 /' +$RNDCCMD 10.53.0.5 dumpdb -all 2>&1 | sed 's/^/I:ns5 /' for i in 1 2 3 4 5 6 7 8 9 10; do awk '/Zone/{out=0} { if (out) print } /SERVFAIL/{out=1}' ns5/named_dump.db > sfcache.$n [ -s "sfcache.$n" ] && break @@ -60,10 +61,10 @@ for i in 1 2 3 4 5 6 7 8 9 10; do done grep "^; bar.example/A" sfcache.$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking SERVFAIL is returned from cache ($n)" +echo_i "checking SERVFAIL is returned from cache ($n)" ret=0 nextpart ns5/named.run > /dev/null $DIG $DIGOPTS bar.example. a @10.53.0.5 > dig.out.ns5.test$n || ret=1 @@ -71,28 +72,28 @@ grep "SERVFAIL" dig.out.ns5.test$n > /dev/null || ret=1 nextpart ns5/named.run > ns5/named.run.part$n grep 'servfail cache hit bar.example/A (CD=0)' ns5/named.run.part$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking cache is bypassed with +cd query ($n)" +echo_i "checking cache is bypassed with +cd query ($n)" ret=0 $DIG $DIGOPTS +cd bar.example. a @10.53.0.5 > dig.out.ns5.test$n || ret=1 grep "SERVFAIL" dig.out.ns5.test$n > /dev/null || ret=1 nextpart ns5/named.run > ns5/named.run.part$n grep 'servfail cache hit' ns5/named.run.part$n > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking cache is used for subsequent +cd query ($n)" +echo_i "checking cache is used for subsequent +cd query ($n)" ret=0 $DIG $DIGOPTS +dnssec bar.example. a @10.53.0.5 > dig.out.ns5.test$n || ret=1 grep "SERVFAIL" dig.out.ns5.test$n > /dev/null || ret=1 nextpart ns5/named.run > ns5/named.run.part$n grep 'servfail cache hit bar.example/A (CD=1)' ns5/named.run.part$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:exit status: $status" +echo_i "exit status: $status" [ $status -eq 0 ] || exit 1 diff --git a/bin/tests/system/smartsign/tests.sh b/bin/tests/system/smartsign/tests.sh index 197131d7f2..f5dd39b0bc 100644 --- a/bin/tests/system/smartsign/tests.sh +++ b/bin/tests/system/smartsign/tests.sh @@ -6,8 +6,6 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -# $Id: tests.sh,v 1.21 2012/02/09 23:47:18 tbox Exp $ - SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh @@ -19,7 +17,7 @@ pfile=parent.db czone=child.parent.nil cfile=child.db -echo "I:generating child's keys" +echo_i "generating child's keys" # active zsk czsk1=`$KEYGEN -q -a rsasha1 -r $RANDFILE -L 30 $czone` @@ -46,26 +44,26 @@ cksk1=`$KEYGEN -q -a rsasha1 -r $RANDFILE -fk -L 30 $czone` cksk2=`$KEYGEN -q -a rsasha1 -r $RANDFILE -fk $czone` # $SETTIME moved after other $KEYGENs -echo I:revoking key +echo_i "revoking key" # revoking key changes its ID cksk3=`$KEYGEN -q -a rsasha1 -r $RANDFILE -fk $czone` cksk4=`$REVOKE $cksk3` -echo I:setting up sync key +echo_i "setting up sync key" cksk5=`$KEYGEN -q -a rsasha1 -r $RANDFILE -fk -P now+1mo -A now+1mo -Psync now $czone` -echo I:generating parent keys +echo_i "generating parent keys" pzsk=`$KEYGEN -q -a rsasha1 -r $RANDFILE $pzone` pksk=`$KEYGEN -q -a rsasha1 -r $RANDFILE -fk $pzone` -echo "I:setting child's activation time" +echo_i "setting child's activation time" # using now+30s to fix RT 24561 $SETTIME -A now+30s $cksk2 > /dev/null -echo I:signing child zone +echo_i "signing child zone" czoneout=`$SIGNER -Sg -e now+1d -X now+2d -r $RANDFILE -o $czone $cfile 2>&1` -echo I:signing parent zone +echo_i "signing parent zone" pzoneout=`$SIGNER -Sg -r $RANDFILE -o $pzone $pfile 2>&1` czactive=`echo $czsk1 | sed 's/^K.*+005+0*\([0-9]\)/\1/'` @@ -82,20 +80,20 @@ ckrevoked=`echo $cksk4 | sed 's/.*+005+0*\([0-9]*\)$/\1/'` pzid=`echo $pzsk | sed 's/^K.*+005+0*\([0-9]\)/\1/'` pkid=`echo $pksk | sed 's/^K.*+005+0*\([0-9]\)/\1/'` -echo "I:checking dnssec-signzone output matches expectations" +echo_i "checking dnssec-signzone output matches expectations" ret=0 echo "$pzoneout" | grep 'KSKs: 1 active, 0 stand-by, 0 revoked' > /dev/null || ret=1 echo "$pzoneout" | grep 'ZSKs: 1 active, 0 stand-by, 0 revoked' > /dev/null || ret=1 echo "$czoneout" | grep 'KSKs: 1 active, 1 stand-by, 1 revoked' > /dev/null || ret=1 echo "$czoneout" | grep 'ZSKs: 1 active, 2 stand-by, 0 revoked' > /dev/null || ret=1 if [ $ret != 0 ]; then - echo "I: parent $pzoneout" - echo "I: child $czoneout" - echo "I:failed"; + echo_i "parent $pzoneout" + echo_i "child $czoneout" + echo_i "failed"; fi status=`expr $status + $ret` -echo "I:rechecking dnssec-signzone output with -x" +echo_i "rechecking dnssec-signzone output with -x" ret=0 # use an alternate output file so -x doesn't interfere with later checks pzoneout=`$SIGNER -Sxg -r $RANDFILE -o $pzone -f ${pfile}2.signed $pfile 2>&1` @@ -105,26 +103,26 @@ echo "$pzoneout" | grep 'ZSKs: 1 active, 0 present, 0 revoked' > /dev/null || re echo "$czoneout" | grep 'KSKs: 1 active, 1 stand-by, 1 revoked' > /dev/null || ret=1 echo "$czoneout" | grep 'ZSKs: 1 active, 2 present, 0 revoked' > /dev/null || ret=1 if [ $ret != 0 ]; then - echo "I: parent $pzoneout" - echo "I: child $czoneout" - echo "I:failed"; + echo_i "parent $pzoneout" + echo_i "child $czoneout" + echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking parent zone DNSKEY set" +echo_i "checking parent zone DNSKEY set" ret=0 grep "key id = $pzid" $pfile.signed > /dev/null || { ret=1 - echo "I: missing expected parent ZSK id = $pzid" + echo_i "missing expected parent ZSK id = $pzid" } grep "key id = $pkid" $pfile.signed > /dev/null || { ret=1 - echo "I: missing expected parent KSK id = $pkid" + echo_i "missing expected parent KSK id = $pkid" } -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking parent zone DS records" +echo_i "checking parent zone DS records" ret=0 awk '$2 == "DS" {print $3}' $pfile.signed > dsset.out grep -w "$ckactive" dsset.out > /dev/null || ret=1 @@ -132,56 +130,56 @@ grep -w "$ckpublished" dsset.out > /dev/null || ret=1 # revoked key should not be there, hence the && grep -w "$ckprerevoke" dsset.out > /dev/null && ret=1 grep -w "$ckrevoked" dsset.out > /dev/null && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking child zone DNSKEY set" +echo_i "checking child zone DNSKEY set" ret=0 grep "key id = $ckactive\$" $cfile.signed > /dev/null || { ret=1 - echo "I: missing expected child KSK id = $ckactive" + echo_i "missing expected child KSK id = $ckactive" } grep "key id = $ckpublished\$" $cfile.signed > /dev/null || { ret=1 - echo "I: missing expected child prepublished KSK id = $ckpublished" + echo_i "missing expected child prepublished KSK id = $ckpublished" } grep "key id = $ckrevoked\$" $cfile.signed > /dev/null || { ret=1 - echo "I: missing expected child revoked KSK id = $ckrevoked" + echo_i "missing expected child revoked KSK id = $ckrevoked" } grep "key id = $czactive\$" $cfile.signed > /dev/null || { ret=1 - echo "I: missing expected child ZSK id = $czactive" + echo_i "missing expected child ZSK id = $czactive" } grep "key id = $czpublished\$" $cfile.signed > /dev/null || { ret=1 - echo "I: missing expected child prepublished ZSK id = $czpublished" + echo_i "missing expected child prepublished ZSK id = $czpublished" } grep "key id = $czinactive\$" $cfile.signed > /dev/null || { ret=1 - echo "I: missing expected child inactive ZSK id = $czinactive" + echo_i "missing expected child inactive ZSK id = $czinactive" } # should not be there, hence the && grep "key id = $ckprerevoke\$" $cfile.signed > /dev/null && { ret=1 - echo "I: found unexpect child pre-revoke ZSK id = $ckprerevoke" + echo_i "found unexpect child pre-revoke ZSK id = $ckprerevoke" } grep "key id = $czgenerated\$" $cfile.signed > /dev/null && { ret=1 - echo "I: found unexpected child generated ZSK id = $czgenerated" + echo_i "found unexpected child generated ZSK id = $czgenerated" } grep "key id = $czpredecessor\$" $cfile.signed > /dev/null && { - echo "I: found unexpected ZSK predecessor id = $czpredecessor (ignored)" + echo_i "found unexpected ZSK predecessor id = $czpredecessor (ignored)" } grep "key id = $czsuccessor\$" $cfile.signed > /dev/null && { - echo "I: found unexpected ZSK successor id = $czsuccessor (ignored)" + echo_i "found unexpected ZSK successor id = $czsuccessor (ignored)" } #grep "key id = $czpredecessor\$" $cfile.signed > /dev/null && ret=1 #grep "key id = $czsuccessor\$" $cfile.signed > /dev/null && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking key TTLs are correct" +echo_i "checking key TTLs are correct" ret=0 grep "${czone}. 30 IN" ${czsk1}.key > /dev/null 2>&1 || ret=1 grep "${czone}. 30 IN" ${cksk1}.key > /dev/null 2>&1 || ret=1 @@ -190,71 +188,71 @@ $SETTIME -L 45 ${czsk2} > /dev/null grep "${czone}. 45 IN" ${czsk2}.key > /dev/null 2>&1 || ret=1 $SETTIME -L 0 ${czsk2} > /dev/null grep "${czone}. IN" ${czsk2}.key > /dev/null 2>&1 || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking key TTLs were imported correctly" +echo_i "checking key TTLs were imported correctly" ret=0 awk 'BEGIN {r = 0} $2 == "DNSKEY" && $1 != 30 {r = 1} END {exit r}' \ ${cfile}.signed || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:re-signing and checking imported TTLs again" +echo_i "re-signing and checking imported TTLs again" ret=0 $SETTIME -L 15 ${czsk2} > /dev/null czoneout=`$SIGNER -Sg -e now+1d -X now+2d -r $RANDFILE -o $czone $cfile 2>&1` awk 'BEGIN {r = 0} $2 == "DNSKEY" && $1 != 15 {r = 1} END {exit r}' \ ${cfile}.signed || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` # There is some weirdness in Solaris 10 (Generic_120011-14), which # is why the next section has all those echo $ret > /dev/null;sync # commands -echo "I:checking child zone signatures" +echo_i "checking child zone signatures" ret=0 # check DNSKEY signatures first awk '$2 == "RRSIG" && $3 == "DNSKEY" { getline; print $3 }' $cfile.signed > dnskey.sigs sub=0 grep -w "$ckactive" dnskey.sigs > /dev/null || sub=1 -if [ $sub != 0 ]; then echo "I:missing ckactive $ckactive (dnskey)"; ret=1; fi +if [ $sub != 0 ]; then echo_i "missing ckactive $ckactive (dnskey)"; ret=1; fi echo $ret > /dev/null sync sub=0 grep -w "$ckrevoked" dnskey.sigs > /dev/null || sub=1 -if [ $sub != 0 ]; then echo "I:missing ckrevoke $ckrevoke (dnskey)"; ret=1; fi +if [ $sub != 0 ]; then echo_i "missing ckrevoke $ckrevoke (dnskey)"; ret=1; fi echo $ret > /dev/null sync sub=0 grep -w "$czactive" dnskey.sigs > /dev/null || sub=1 -if [ $sub != 0 ]; then echo "I:missing czactive $czactive (dnskey)"; ret=1; fi +if [ $sub != 0 ]; then echo_i "missing czactive $czactive (dnskey)"; ret=1; fi # should not be there: echo $ret > /dev/null sync sub=0 grep -w "$ckprerevoke" dnskey.sigs > /dev/null && sub=1 -if [ $sub != 0 ]; then echo "I:found ckprerevoke $ckprerevoke (dnskey)"; ret=1; fi +if [ $sub != 0 ]; then echo_i "found ckprerevoke $ckprerevoke (dnskey)"; ret=1; fi echo $ret > /dev/null sync sub=0 grep -w "$ckpublished" dnskey.sigs > /dev/null && sub=1 -if [ $sub != 0 ]; then echo "I:found ckpublished $ckpublished (dnskey)"; ret=1; fi +if [ $sub != 0 ]; then echo_i "found ckpublished $ckpublished (dnskey)"; ret=1; fi echo $ret > /dev/null sync sub=0 grep -w "$czpublished" dnskey.sigs > /dev/null && sub=1 -if [ $sub != 0 ]; then echo "I:found czpublished $czpublished (dnskey)"; ret=1; fi +if [ $sub != 0 ]; then echo_i "found czpublished $czpublished (dnskey)"; ret=1; fi echo $ret > /dev/null sync sub=0 grep -w "$czinactive" dnskey.sigs > /dev/null && sub=1 -if [ $sub != 0 ]; then echo "I:found czinactive $czinactive (dnskey)"; ret=1; fi +if [ $sub != 0 ]; then echo_i "found czinactive $czinactive (dnskey)"; ret=1; fi echo $ret > /dev/null sync sub=0 grep -w "$czgenerated" dnskey.sigs > /dev/null && sub=1 -if [ $sub != 0 ]; then echo "I:found czgenerated $czgenerated (dnskey)"; ret=1; fi +if [ $sub != 0 ]; then echo_i "found czgenerated $czgenerated (dnskey)"; ret=1; fi # now check other signatures first awk '$2 == "RRSIG" && $3 != "DNSKEY" && $3 != "CDNSKEY" && $3 != "CDS" { getline; print $3 }' $cfile.signed | sort -un > other.sigs # should not be there: @@ -262,55 +260,55 @@ echo $ret > /dev/null sync sub=0 grep -w "$ckactive" other.sigs > /dev/null && sub=1 -if [ $sub != 0 ]; then echo "I:found ckactive $ckactive (other)"; ret=1; fi +if [ $sub != 0 ]; then echo_i "found ckactive $ckactive (other)"; ret=1; fi echo $ret > /dev/null sync sub=0 grep -w "$ckpublished" other.sigs > /dev/null && sub=1 -if [ $sub != 0 ]; then echo "I:found ckpublished $ckpublished (other)"; ret=1; fi +if [ $sub != 0 ]; then echo_i "found ckpublished $ckpublished (other)"; ret=1; fi echo $ret > /dev/null sync sub=0 grep -w "$ckprerevoke" other.sigs > /dev/null && sub=1 -if [ $sub != 0 ]; then echo "I:found ckprerevoke $ckprerevoke (other)"; ret=1; fi +if [ $sub != 0 ]; then echo_i "found ckprerevoke $ckprerevoke (other)"; ret=1; fi echo $ret > /dev/null sync sub=0 grep -w "$ckrevoked" other.sigs > /dev/null && sub=1 -if [ $sub != 0 ]; then echo "I:found ckrevoked $ckrevoked (other)"; ret=1; fi +if [ $sub != 0 ]; then echo_i "found ckrevoked $ckrevoked (other)"; ret=1; fi echo $ret > /dev/null sync sub=0 grep -w "$czpublished" other.sigs > /dev/null && sub=1 -if [ $sub != 0 ]; then echo "I:found czpublished $czpublished (other)"; ret=1; fi +if [ $sub != 0 ]; then echo_i "found czpublished $czpublished (other)"; ret=1; fi echo $ret > /dev/null sync sub=0 grep -w "$czinactive" other.sigs > /dev/null && sub=1 -if [ $sub != 0 ]; then echo "I:found czinactive $czinactive (other)"; ret=1; fi +if [ $sub != 0 ]; then echo_i "found czinactive $czinactive (other)"; ret=1; fi echo $ret > /dev/null sync sub=0 grep -w "$czgenerated" other.sigs > /dev/null && sub=1 -if [ $sub != 0 ]; then echo "I:found czgenerated $czgenerated (other)"; ret=1; fi +if [ $sub != 0 ]; then echo_i "found czgenerated $czgenerated (other)"; ret=1; fi echo $ret > /dev/null sync sub=0 grep -w "$czpredecessor" other.sigs > /dev/null && sub=1 -if [ $sub != 0 ]; then echo "I:found czpredecessor $czpredecessor (other)"; ret=1; fi +if [ $sub != 0 ]; then echo_i "found czpredecessor $czpredecessor (other)"; ret=1; fi echo $ret > /dev/null sync sub=0 grep -w "$czsuccessor" other.sigs > /dev/null && sub=1 -if [ $sub != 0 ]; then echo "I:found czsuccessor $czsuccessor (other)"; ret=1; fi +if [ $sub != 0 ]; then echo_i "found czsuccessor $czsuccessor (other)"; ret=1; fi if [ $ret != 0 ]; then sed 's/^/I:dnskey sigs: /' < dnskey.sigs sed 's/^/I:other sigs: /' < other.sigs - echo "I:failed"; + echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking RRSIG expiry date correctness" +echo_i "checking RRSIG expiry date correctness" dnskey_expiry=`$CHECKZONE -o - $czone $cfile.signed 2> /dev/null | awk '$4 == "RRSIG" && $5 == "DNSKEY" {print $9; exit}' | cut -c1-10` @@ -318,44 +316,44 @@ soa_expiry=`$CHECKZONE -o - $czone $cfile.signed 2> /dev/null | awk '$4 == "RRSIG" && $5 == "SOA" {print $9; exit}' | cut -c1-10` [ $dnskey_expiry -gt $soa_expiry ] || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:waiting 30 seconds for key activation" +echo_i "waiting 30 seconds for key activation" sleep 30 -echo "I:re-signing child zone" +echo_i "re-signing child zone" czoneout2=`$SIGNER -Sg -r $RANDFILE -o $czone -f $cfile.new $cfile.signed 2>&1` mv $cfile.new $cfile.signed -echo "I:checking dnssec-signzone output matches expectations" +echo_i "checking dnssec-signzone output matches expectations" ret=0 echo "$czoneout2" | grep 'KSKs: 2 active, 0 stand-by, 1 revoked' > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking child zone signatures again" +echo_i "checking child zone signatures again" ret=0 awk '$2 == "RRSIG" && $3 == "DNSKEY" { getline; print $3 }' $cfile.signed > dnskey.sigs grep -w "$ckpublished" dnskey.sigs > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking sync record publication" +echo_i "checking sync record publication" ret=0 grep -w CDNSKEY $cfile.signed > /dev/null || ret=1 grep -w CDS $cfile.signed > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:checking sync record deletion" +echo_i "checking sync record deletion" ret=0 $SETTIME -P now -A now -Dsync now ${cksk5} > /dev/null $SIGNER -Sg -r $RANDFILE -o $czone -f $cfile.new $cfile.signed > /dev/null 2>&1 mv $cfile.new $cfile.signed grep -w CDNSKEY $cfile.signed > /dev/null && ret=1 grep -w CDS $cfile.signed > /dev/null && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:exit status: $status" +echo_i "exit status: $status" [ $status -eq 0 ] || exit 1 diff --git a/bin/tests/system/sortlist/clean.sh b/bin/tests/system/sortlist/clean.sh index acac4dd68a..9d060fa53e 100644 --- a/bin/tests/system/sortlist/clean.sh +++ b/bin/tests/system/sortlist/clean.sh @@ -6,9 +6,8 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -# $Id: clean.sh,v 1.9 2009/12/06 23:48:29 tbox Exp $ - rm -f *.dig *.good *.out rm -f */named.memstats rm -f */named.run +rm -f */named.conf rm -f ns*/named.lock diff --git a/bin/tests/system/sortlist/ns1/named.conf b/bin/tests/system/sortlist/ns1/named.conf.in similarity index 90% rename from bin/tests/system/sortlist/ns1/named.conf rename to bin/tests/system/sortlist/ns1/named.conf.in index c081c47abf..ba0710eed7 100644 --- a/bin/tests/system/sortlist/ns1/named.conf +++ b/bin/tests/system/sortlist/ns1/named.conf.in @@ -6,15 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.10 2007/06/19 23:47:05 tbox Exp $ */ - -controls { /* empty */ }; - options { query-source address 10.53.0.1; notify-source 10.53.0.1; transfer-source 10.53.0.1; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.1; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/sortlist/setup.sh b/bin/tests/system/sortlist/setup.sh new file mode 100644 index 0000000000..c69f051dbc --- /dev/null +++ b/bin/tests/system/sortlist/setup.sh @@ -0,0 +1,13 @@ +#!/bin/sh +# +# Copyright (C) 2018 Internet Systems Consortium, Inc. ("ISC") +# +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +SYSTEMTESTTOP=.. +. $SYSTEMTESTTOP/conf.sh + +$SHELL clean.sh +copy_setports ns1/named.conf.in ns1/named.conf diff --git a/bin/tests/system/sortlist/tests.sh b/bin/tests/system/sortlist/tests.sh index 4ac3705e9d..00ecfdb598 100644 --- a/bin/tests/system/sortlist/tests.sh +++ b/bin/tests/system/sortlist/tests.sh @@ -6,14 +6,14 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -# $Id: tests.sh,v 1.9 2007/09/14 01:46:05 marka Exp $ - SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh +DIGOPTS="+tcp +noadd +nosea +nostat +noquest +noauth +nocomm +nocmd -p ${PORT}" + status=0 -echo "I:test 2-element sortlist statement" +echo_i "test 2-element sortlist statement" cat <test1.good a.example. 300 IN A 192.168.3.1 a.example. 300 IN A 192.168.1.1 @@ -23,29 +23,24 @@ a.example. 300 IN A 1.1.1.3 a.example. 300 IN A 1.1.1.2 a.example. 300 IN A 1.1.1.4 EOF -$DIG +tcp +noadd +nosea +nostat +noquest +noauth +nocomm +nocmd a.example. \ - @10.53.0.1 -b 10.53.0.1 -p 5300 >test1.dig +$DIG $DIGOPTS a.example. @10.53.0.1 -b 10.53.0.1 >test1.dig # Note that this can't use digcomp.pl because here, the ordering of the # result RRs is significant. $DIFF test1.dig test1.good || status=1 -echo "I:test 1-element sortlist statement and undocumented BIND 8 features" +echo_i "test 1-element sortlist statement and undocumented BIND 8 features" cat <test2.good b.example. 300 IN A 10.53.0.$n EOF -$DIG +tcp +noadd +nosea +nostat +noquest +noauth +nocomm +nocmd \ - b.example. @10.53.0.1 -b 10.53.0.2 -p 5300 | sed 1q | \ +$DIG $DIGOPTS b.example. @10.53.0.1 -b 10.53.0.2 | sed 1q | \ egrep '10.53.0.(2|3)$' > test2.out && -$DIG +tcp +noadd +nosea +nostat +noquest +noauth +nocomm +nocmd \ - b.example. @10.53.0.1 -b 10.53.0.3 -p 5300 | sed 1q | \ +$DIG $DIGOPTS b.example. @10.53.0.1 -b 10.53.0.3 | sed 1q | \ egrep '10.53.0.(2|3)$' >> test2.out && -$DIG +tcp +noadd +nosea +nostat +noquest +noauth +nocomm +nocmd \ - b.example. @10.53.0.1 -b 10.53.0.4 -p 5300 | sed 1q | \ +$DIG $DIGOPTS b.example. @10.53.0.1 -b 10.53.0.4 | sed 1q | \ egrep '10.53.0.4$' >> test2.out && -$DIG +tcp +noadd +nosea +nostat +noquest +noauth +nocomm +nocmd \ - b.example. @10.53.0.1 -b 10.53.0.5 -p 5300 | sed 1q | \ +$DIG $DIGOPTS b.example. @10.53.0.1 -b 10.53.0.5 | sed 1q | \ egrep '10.53.0.5$' >> test2.out || status=1 -echo "I:exit status: $status" +echo_i "exit status: $status" [ $status -eq 0 ] || exit 1 diff --git a/bin/tests/system/spf/clean.sh b/bin/tests/system/spf/clean.sh index 5766211750..98fc06997f 100644 --- a/bin/tests/system/spf/clean.sh +++ b/bin/tests/system/spf/clean.sh @@ -7,3 +7,4 @@ rm -f ns1/named.run rm -f ns1/named.memstats rm -f ns*/named.lock +rm -f ns*/named.conf diff --git a/bin/tests/system/spf/ns1/named.conf b/bin/tests/system/spf/ns1/named.conf.in similarity index 94% rename from bin/tests/system/spf/ns1/named.conf rename to bin/tests/system/spf/ns1/named.conf.in index 1b4dc8bdc4..11f9679273 100644 --- a/bin/tests/system/spf/ns1/named.conf +++ b/bin/tests/system/spf/ns1/named.conf.in @@ -6,13 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -controls { /* empty */ }; - options { query-source address 10.53.0.1; notify-source 10.53.0.1; transfer-source 10.53.0.1; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.1; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/spf/setup.sh b/bin/tests/system/spf/setup.sh new file mode 100644 index 0000000000..c69f051dbc --- /dev/null +++ b/bin/tests/system/spf/setup.sh @@ -0,0 +1,13 @@ +#!/bin/sh +# +# Copyright (C) 2018 Internet Systems Consortium, Inc. ("ISC") +# +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +SYSTEMTESTTOP=.. +. $SYSTEMTESTTOP/conf.sh + +$SHELL clean.sh +copy_setports ns1/named.conf.in ns1/named.conf diff --git a/bin/tests/system/spf/tests.sh b/bin/tests/system/spf/tests.sh index b0e0f07b25..01e9d20ef8 100644 --- a/bin/tests/system/spf/tests.sh +++ b/bin/tests/system/spf/tests.sh @@ -12,7 +12,7 @@ SYSTEMTESTTOP=.. n=1 status=0 -echo "I:checking that SPF warnings have been correctly generated ($n)" +echo_i "checking that SPF warnings have been correctly generated ($n)" ret=0 grep "zone spf/IN: loaded serial 0" ns1/named.run > /dev/null || ret=1 @@ -27,8 +27,8 @@ grep "zone nowarn/IN: loaded serial 0" ns1/named.run > /dev/null || ret=1 grep "'y.nowarn' found type SPF" ns1/named.run > /dev/null && ret=1 grep "'nowarn' found type SPF" ns1/named.run > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:exit status: $status" +echo_i "exit status: $status" [ $status -eq 0 ] || exit 1 diff --git a/bin/tests/system/staticstub/clean.sh b/bin/tests/system/staticstub/clean.sh index fe9d932579..2cb1cf0b38 100755 --- a/bin/tests/system/staticstub/clean.sh +++ b/bin/tests/system/staticstub/clean.sh @@ -6,11 +6,11 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. +rm -f tmp rm -f dig.out.* rm -f ns*/named.lock -rm -f ns2/named.conf +rm -f ns*/named.conf rm -f ns3/example.db -rm -f ns3/named.conf rm -f ns3/undelegated.db rm -f ns4/sub.example.db rm -f ns?/named.memstats diff --git a/bin/tests/system/staticstub/ns1/named.conf b/bin/tests/system/staticstub/ns1/named.conf.in similarity index 82% rename from bin/tests/system/staticstub/ns1/named.conf rename to bin/tests/system/staticstub/ns1/named.conf.in index 4b8991c6cc..52a32b4395 100644 --- a/bin/tests/system/staticstub/ns1/named.conf +++ b/bin/tests/system/staticstub/ns1/named.conf.in @@ -6,13 +6,9 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.3 2010/12/17 00:57:38 marka Exp $ */ - -controls { /* empty */ }; - options { query-source address 10.53.0.1; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.1; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/staticstub/ns2/named.conf.in b/bin/tests/system/staticstub/ns2/named.conf.in index ef050fe27d..fc45b5cc98 100644 --- a/bin/tests/system/staticstub/ns2/named.conf.in +++ b/bin/tests/system/staticstub/ns2/named.conf.in @@ -6,23 +6,14 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -# Copyright (C) 2010 Internet Systems Consortium, Inc. ("ISC") -# -# Permission to use, copy, modify, and/or distribute this software for any -# purpose with or without fee is hereby granted, provided that the above -# copyright notice and this permission notice appear in all copies. -# -# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH -# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY -# AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, -# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM -# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE -# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR -# PERFORMANCE OF THIS SOFTWARE. +key rndc_key { + secret "1234abcd8765"; + algorithm hmac-sha256; +}; -# $Id: named.conf.in,v 1.3 2010/12/18 23:47:11 tbox Exp $ - -include "../../common/controls.conf"; +controls { + inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; +}; include "trusted.conf"; @@ -30,7 +21,7 @@ options { query-source address 10.53.0.2; notify-source 10.53.0.2; transfer-source 10.53.0.2; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.2; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/staticstub/ns3/named.conf.in b/bin/tests/system/staticstub/ns3/named.conf.in index d812600480..7b4dbc9fd4 100644 --- a/bin/tests/system/staticstub/ns3/named.conf.in +++ b/bin/tests/system/staticstub/ns3/named.conf.in @@ -6,36 +6,20 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -# Copyright (C) 2010 Internet Systems Consortium, Inc. ("ISC") -# -# Permission to use, copy, modify, and/or distribute this software for any -# purpose with or without fee is hereby granted, provided that the above -# copyright notice and this permission notice appear in all copies. -# -# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH -# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY -# AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, -# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM -# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE -# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR -# PERFORMANCE OF THIS SOFTWARE. - -# $Id: named.conf.in,v 1.4 2010/12/18 23:47:11 tbox Exp $ - key rndc_key { secret "1234abcd8765"; algorithm hmac-sha256; }; controls { - inet 10.53.0.3 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.3 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; options { query-source address 10.53.0.3; notify-source 10.53.0.3; transfer-source 10.53.0.3; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.3; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/staticstub/ns4/named.conf b/bin/tests/system/staticstub/ns4/named.conf deleted file mode 100644 index 840890a09a..0000000000 --- a/bin/tests/system/staticstub/ns4/named.conf +++ /dev/null @@ -1,57 +0,0 @@ -/* - * Copyright (C) 2010, 2016 Internet Systems Consortium, Inc. ("ISC") - * - * This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. - */ - -# Copyright (C) 2010 Internet Systems Consortium, Inc. ("ISC") -# -# Permission to use, copy, modify, and/or distribute this software for any -# purpose with or without fee is hereby granted, provided that the above -# copyright notice and this permission notice appear in all copies. -# -# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH -# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY -# AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, -# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM -# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE -# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR -# PERFORMANCE OF THIS SOFTWARE. - -# $Id: named.conf,v 1.4 2010/12/18 23:47:11 tbox Exp $ - -controls { /* empty */ }; - -options { - query-source address 10.53.0.4; - notify-source 10.53.0.4; - transfer-source 10.53.0.4; - port 5300; - pid-file "named.pid"; - listen-on { 10.53.0.4; }; - listen-on-v6 { ::1; }; - recursion no; - notify no; -}; - -zone "example.com" { - type master; - file "example.com.db"; -}; - -zone "example.org" { - type master; - file "example.org.db"; -}; - -zone "sub.example" { - type master; - file "sub.example.db.signed"; -}; - -zone "example.info" { - type master; - file "example.info.db"; -}; diff --git a/bin/tests/system/staticstub/ns4/named.conf.in b/bin/tests/system/staticstub/ns4/named.conf.in new file mode 100644 index 0000000000..df97b25ade --- /dev/null +++ b/bin/tests/system/staticstub/ns4/named.conf.in @@ -0,0 +1,39 @@ +/* + * Copyright (C) 2010, 2016 Internet Systems Consortium, Inc. ("ISC") + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. + */ + +options { + query-source address 10.53.0.4; + notify-source 10.53.0.4; + transfer-source 10.53.0.4; + port @PORT@; + pid-file "named.pid"; + listen-on { 10.53.0.4; }; + listen-on-v6 { ::1; }; + recursion no; + notify no; +}; + +zone "example.com" { + type master; + file "example.com.db"; +}; + +zone "example.org" { + type master; + file "example.org.db"; +}; + +zone "sub.example" { + type master; + file "sub.example.db.signed"; +}; + +zone "example.info" { + type master; + file "example.info.db"; +}; diff --git a/bin/tests/system/staticstub/setup.sh b/bin/tests/system/staticstub/setup.sh index 682478be41..ee89992605 100755 --- a/bin/tests/system/staticstub/setup.sh +++ b/bin/tests/system/staticstub/setup.sh @@ -9,9 +9,16 @@ SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh -sed 's/SERVER_CONFIG_PLACEHOLDER/server-names { "ns.example.net"; };/' ns2/named.conf.in > ns2/named.conf +copy_setports ns1/named.conf.in ns1/named.conf +copy_setports ns2/named.conf.in tmp +sed 's/SERVER_CONFIG_PLACEHOLDER/server-names { "ns.example.net"; };/' tmp > ns2/named.conf -sed 's/EXAMPLE_ZONE_PLACEHOLDER/zone "example" { type master; file "example.db.signed"; };/' ns3/named.conf.in > ns3/named.conf +copy_setports ns3/named.conf.in tmp +sed 's/EXAMPLE_ZONE_PLACEHOLDER/zone "example" { type master; file "example.db.signed"; };/' tmp > ns3/named.conf + +rm -f tmp + +copy_setports ns4/named.conf.in ns4/named.conf test -r $RANDFILE || $GENRANDOM 800 $RANDFILE diff --git a/bin/tests/system/staticstub/tests.sh b/bin/tests/system/staticstub/tests.sh index 55b3a6a0cc..7e2c0ca00e 100755 --- a/bin/tests/system/staticstub/tests.sh +++ b/bin/tests/system/staticstub/tests.sh @@ -6,148 +6,151 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -# $Id: tests.sh,v 1.5 2011/01/11 23:47:12 tbox Exp $ - SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh +DIGOPTS="-p ${PORT}" +RNDCCMD="$RNDC -c $SYSTEMTESTTOP/common/rndc.conf -p ${CONTROLPORT} -s" + status=0 n=0 for conf in conf/good*.conf do n=`expr $n + 1` - echo "I:checking that $conf is accepted ($n)" + echo_i "checking that $conf is accepted ($n)" ret=0 $CHECKCONF "$conf" || ret=1 - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` done for conf in conf/bad*.conf do n=`expr $n + 1` - echo "I:checking that $conf is rejected ($n)" + echo_i "checking that $conf is rejected ($n)" ret=0 $CHECKCONF "$conf" >/dev/null && ret=1 - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` done n=`expr $n + 1` -echo "I:trying an axfr that should be denied (NOTAUTH) ($n)" +echo_i "trying an axfr that should be denied (NOTAUTH) ($n)" ret=0 -$DIG +tcp data.example. @10.53.0.2 axfr -p 5300 > dig.out.ns2.test$n || ret=1 +$DIG $DIGOPTS +tcp data.example. @10.53.0.2 axfr > dig.out.ns2.test$n || ret=1 grep "; Transfer failed." dig.out.ns2.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:non recursive query for a static-stub zone with server name should be rejected ($n)" +echo_i "non recursive query for a static-stub zone with server name should be rejected ($n)" ret=0 - $DIG +tcp +norec data.example. @10.53.0.2 txt -p 5300 > dig.out.ns2.test$n \ + $DIG $DIGOPTS +tcp +norec data.example. @10.53.0.2 txt > dig.out.ns2.test$n \ || ret=1 grep "REFUSED" dig.out.ns2.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:non recursive query for a static-stub zone with server name should be rejected ($n)" +echo_i "non recursive query for a static-stub zone with server name should be rejected ($n)" ret=0 -$DIG +tcp +norec data.example.org. @10.53.0.2 txt -p 5300 > dig.out.ns2.test$n \ +$DIG $DIGOPTS +tcp +norec data.example.org. @10.53.0.2 txt > dig.out.ns2.test$n \ || ret=1 grep "REFUSED" dig.out.ns2.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:allow-query ACL ($n)" +echo_i "allow-query ACL ($n)" ret=0 -$DIG +tcp +norec data.example. @10.53.0.2 txt -b 10.53.0.7 -p 5300 \ +$DIG $DIGOPTS +tcp +norec data.example. @10.53.0.2 txt -b 10.53.0.7 \ > dig.out.ns2.test$n || ret=1 grep "REFUSED" dig.out.ns2.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:look for static-stub zone data with recursion (should be found) ($n)" +echo_i "look for static-stub zone data with recursion (should be found) ($n)" ret=0 -$DIG +tcp +noauth data.example. @10.53.0.2 txt -p 5300 > dig.out.ns2.test$n || ret=1 +$DIG $DIGOPTS +tcp +noauth data.example. @10.53.0.2 txt > dig.out.ns2.test$n || ret=1 $PERL ../digcomp.pl knowngood.dig.out.rec dig.out.ns2.test$n || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking authoritative NS is ignored for delegation ($n)" +echo_i "checking authoritative NS is ignored for delegation ($n)" ret=0 # the auth server returns a different (and incorrect) NS for .example. -$DIG +tcp example. @10.53.0.2 ns -p 5300 > dig.out.ns2.test1.$n || ret=1 +$DIG $DIGOPTS +tcp example. @10.53.0.2 ns > dig.out.ns2.test1.$n || ret=1 grep "ns4.example." dig.out.ns2.test1.$n > /dev/null || ret=1 # but static-stub configuration should still be used -$DIG +tcp data2.example. @10.53.0.2 txt -p 5300 > dig.out.ns2.test2.$n || ret=1 +$DIG $DIGOPTS +tcp data2.example. @10.53.0.2 txt > dig.out.ns2.test2.$n || ret=1 grep "2nd test data" dig.out.ns2.test2.$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking queries for a child zone of the static-stub zone ($n)" +echo_i "checking queries for a child zone of the static-stub zone ($n)" ret=0 # prime the delegation to a child zone of the static-stub zone -$DIG +tcp data1.sub.example. @10.53.0.2 txt -p 5300 > dig.out.ns2.test1.$n || ret=1 +$DIG $DIGOPTS +tcp data1.sub.example. @10.53.0.2 txt > dig.out.ns2.test1.$n || ret=1 grep "1st sub test data" dig.out.ns2.test1.$n > /dev/null || ret=1 # temporarily disable the the parent zone -sed 's/EXAMPLE_ZONE_PLACEHOLDER//' ns3/named.conf.in > ns3/named.conf -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 reload 2>&1 | sed 's/^/I:ns3 /' +copy_setports ns3/named.conf.in tmp +sed 's/EXAMPLE_ZONE_PLACEHOLDER//' tmp > ns3/named.conf +$RNDCCMD 10.53.0.3 reload 2>&1 | sed 's/^/ns3 /' | cat_i # query the child zone again. this should directly go to the child and # succeed. for i in 0 1 2 3 4 5 6 7 8 9 do - $DIG +tcp data2.sub.example. @10.53.0.2 txt -p 5300 > dig.out.ns2.test2.$n || ret=1 + $DIG $DIGOPTS +tcp data2.sub.example. @10.53.0.2 txt > dig.out.ns2.test2.$n || ret=1 grep "2nd sub test data" dig.out.ns2.test2.$n > /dev/null && break sleep 1 done grep "2nd sub test data" dig.out.ns2.test2.$n > /dev/null || ret=1 # re-enable the parent -sed 's/EXAMPLE_ZONE_PLACEHOLDER/zone "example" { type master; file "example.db.signed"; };/' ns3/named.conf.in > ns3/named.conf -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 reload 2>&1 | sed 's/^/I:ns3 /' -if [ $ret != 0 ]; then echo "I:failed"; fi +copy_setports ns3/named.conf.in tmp +sed 's/EXAMPLE_ZONE_PLACEHOLDER/zone "example" { type master; file "example.db.signed"; };/' tmp > ns3/named.conf +$RNDCCMD 10.53.0.3 reload 2>&1 | sed 's/^/ns3 /' | cat_i +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking authoritative NS addresses are ignored for delegation ($n)" +echo_i "checking authoritative NS addresses are ignored for delegation ($n)" ret=0 # the auth server returns a different (and incorrect) A/AAA RR for .example. -$DIG +tcp example. @10.53.0.2 a -p 5300 > dig.out.ns2.test1.$n || ret=1 +$DIG $DIGOPTS +tcp example. @10.53.0.2 a > dig.out.ns2.test1.$n || ret=1 grep "10.53.0.4" dig.out.ns2.test1.$n > /dev/null || ret=1 -$DIG +tcp example. @10.53.0.2 aaaa -p 5300 > dig.out.ns2.test2.$n || ret=1 +$DIG $DIGOPTS +tcp example. @10.53.0.2 aaaa > dig.out.ns2.test2.$n || ret=1 grep "::1" dig.out.ns2.test2.$n > /dev/null || ret=1 # reload the server. this will flush the ADB. -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 reload 2>&1 | sed 's/^/I:ns2 /' +$RNDCCMD 10.53.0.2 reload 2>&1 | sed 's/^/ns2 /' | cat_i # ask another RR that would require delegation. static-stub configuration # should still be used instead of the authoritative A/AAAA cached above. -$DIG +tcp data3.example. @10.53.0.2 txt -p 5300 > dig.out.ns2.test3.$n || ret=1 +$DIG $DIGOPTS +tcp data3.example. @10.53.0.2 txt > dig.out.ns2.test3.$n || ret=1 grep "3rd test data" dig.out.ns2.test3.$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` # the authoritative server of the query domain (example.com) is the apex # name of the static-stub zone (example). in this case the static-stub # configuration must be ignored and cached information must be used. n=`expr $n + 1` -echo "I:checking NS of static-stub is ignored when referenced from other domain ($n)" +echo_i "checking NS of static-stub is ignored when referenced from other domain ($n)" ret=0 -$DIG +tcp data.example.com. @10.53.0.2 txt -p 5300 > dig.out.ns2.test$n || ret=1 +$DIG $DIGOPTS +tcp data.example.com. @10.53.0.2 txt > dig.out.ns2.test$n || ret=1 grep "example com data" dig.out.ns2.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` # check server-names n=`expr $n + 1` -echo "I:checking static-stub with a server-name ($n)" +echo_i "checking static-stub with a server-name ($n)" ret=0 -$DIG +tcp data.example.org. @10.53.0.2 txt -p 5300 > dig.out.ns2.test$n || ret=1 +$DIG $DIGOPTS +tcp data.example.org. @10.53.0.2 txt > dig.out.ns2.test$n || ret=1 grep "example org data" dig.out.ns2.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` @@ -156,54 +159,55 @@ n=`expr $n + 1` # checks introduced in change 2916. if $TESTSOCK6 ../testsock6.pl ::1 2> /dev/null then - echo "I:checking IPv6 static-stub address ($n)" + echo_i "checking IPv6 static-stub address ($n)" ret=0 - $DIG +tcp data.example.info. @10.53.0.2 txt -p 5300 > dig.out.ns2.test$n || ret=1 + $DIG $DIGOPTS +tcp data.example.info. @10.53.0.2 txt > dig.out.ns2.test$n || ret=1 grep "example info data" dig.out.ns2.test$n > /dev/null || ret=1 - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` else - echo "I:SKIPPED: checking IPv6 static-stub address ($n)" + echo_i "SKIPPED: checking IPv6 static-stub address ($n)" fi n=`expr $n + 1` -echo "I:look for static-stub zone data with DNSSEC validation ($n)" +echo_i "look for static-stub zone data with DNSSEC validation ($n)" ret=0 -$DIG +tcp +dnssec data4.example. @10.53.0.2 txt -p 5300 > dig.out.ns2.test$n || ret=1 +$DIG $DIGOPTS +tcp +dnssec data4.example. @10.53.0.2 txt > dig.out.ns2.test$n || ret=1 grep "ad; QUERY" dig.out.ns2.test$n > /dev/null || ret=1 grep "4th test data" dig.out.ns2.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:look for a child of static-stub zone data with DNSSEC validation ($n)" +echo_i "look for a child of static-stub zone data with DNSSEC validation ($n)" ret=0 -$DIG +tcp +dnssec data3.sub.example. @10.53.0.2 txt -p 5300 > dig.out.ns2.test$n || ret=1 +$DIG $DIGOPTS +tcp +dnssec data3.sub.example. @10.53.0.2 txt > dig.out.ns2.test$n || ret=1 grep "ad; QUERY" dig.out.ns2.test$n > /dev/null || ret=1 grep "3rd sub test data" dig.out.ns2.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` # reload with a different name server: exisitng zone shouldn't be reused. n=`expr $n + 1` -echo "I:checking server reload with a different static-stub config ($n)" +echo_i "checking server reload with a different static-stub config ($n)" ret=0 -sed 's/SERVER_CONFIG_PLACEHOLDER/server-addresses { 10.53.0.4; };/' ns2/named.conf.in > ns2/named.conf -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 reload 2>&1 | sed 's/^/I:ns2 /' -$DIG +tcp data2.example.org. @10.53.0.2 txt -p 5300 > dig.out.ns2.test$n || ret=1 +copy_setports ns2/named.conf.in tmp +sed 's/SERVER_CONFIG_PLACEHOLDER/server-addresses { 10.53.0.4; };/' tmp > ns2/named.conf +$RNDCCMD 10.53.0.2 reload 2>&1 | sed 's/^/ns2 /' | cat_i +$DIG $DIGOPTS +tcp data2.example.org. @10.53.0.2 txt > dig.out.ns2.test$n || ret=1 grep "2nd example org data" dig.out.ns2.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:checking static-stub of a undelegated tld resolves after DS query ($n)" +echo_i "checking static-stub of a undelegated tld resolves after DS query ($n)" ret=0 -$DIG undelegated. @10.53.0.2 ds -p 5300 > dig.out.ns2.ds.test$n -$DIG undelegated. @10.53.0.2 soa -p 5300 > dig.out.ns2.soa.test$n +$DIG $DIGOPTS undelegated. @10.53.0.2 ds > dig.out.ns2.ds.test$n +$DIG $DIGOPTS undelegated. @10.53.0.2 soa > dig.out.ns2.soa.test$n grep "status: NXDOMAIN" dig.out.ns2.ds.test$n > /dev/null || ret=1 grep "status: NOERROR" dig.out.ns2.soa.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:exit status: $status" +echo_i "exit status: $status" [ $status -eq 0 ] || exit 1 diff --git a/bin/tests/system/statistics/ans4/ans.pl b/bin/tests/system/statistics/ans4/ans.pl index 4a0544251c..a6b2e92b3a 100644 --- a/bin/tests/system/statistics/ans4/ans.pl +++ b/bin/tests/system/statistics/ans4/ans.pl @@ -6,8 +6,6 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -# $Id$ - # # Ad hoc name server # @@ -17,8 +15,11 @@ use IO::Socket; use Net::DNS; use Net::DNS::Packet; +my $localport = int($ENV{'PORT'}); +if (!$localport) { $localport = 5300; } + my $sock = IO::Socket::INET->new(LocalAddr => "10.53.0.4", - LocalPort => 5300, Proto => "udp") or die "$!"; + LocalPort => $localport, Proto => "udp") or die "$!"; my $pidf = new IO::File "ans.pid", "w" or die "cannot open pid file: $!"; print $pidf "$$\n" or die "cannot write pid file: $!"; diff --git a/bin/tests/system/statistics/clean.sh b/bin/tests/system/statistics/clean.sh index 512b83a84d..bda1a0809b 100644 --- a/bin/tests/system/statistics/clean.sh +++ b/bin/tests/system/statistics/clean.sh @@ -6,14 +6,13 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -# $Id$ - # # Clean up after zone transfer tests. # rm -f ns3/example.bk rm -f ns3/internal.bk +rm -f */named.conf rm -f */named.memstats rm -f */named.run rm -f */ans.run diff --git a/bin/tests/system/statistics/ns1/named.conf b/bin/tests/system/statistics/ns1/named.conf.in similarity index 89% rename from bin/tests/system/statistics/ns1/named.conf rename to bin/tests/system/statistics/ns1/named.conf.in index 1dfbf510a1..43edaf5cb8 100644 --- a/bin/tests/system/statistics/ns1/named.conf +++ b/bin/tests/system/statistics/ns1/named.conf.in @@ -6,13 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -controls { /* empty */ }; - options { query-source address 10.53.0.1; notify-source 10.53.0.1; transfer-source 10.53.0.1; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.1; }; listen-on-v6 { none; }; @@ -21,7 +19,7 @@ options { }; statistics-channels { - inet 10.53.0.1 port 8053 allow { any; }; + inet 10.53.0.1 port @EXTRAPORT1@ allow { any; }; }; zone "." { diff --git a/bin/tests/system/statistics/ns2/named.conf b/bin/tests/system/statistics/ns2/named.conf.in similarity index 75% rename from bin/tests/system/statistics/ns2/named.conf rename to bin/tests/system/statistics/ns2/named.conf.in index 19a355f434..c9bfe52baa 100644 --- a/bin/tests/system/statistics/ns2/named.conf +++ b/bin/tests/system/statistics/ns2/named.conf.in @@ -6,15 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id$ */ - -controls { /* empty */ }; - options { query-source address 10.53.0.2; notify-source 10.53.0.2; transfer-source 10.53.0.2; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.2; }; listen-on-v6 { none; }; @@ -23,10 +19,18 @@ options { }; statistics-channels { - inet 10.53.0.2 port 8053 allow { any; }; + inet 10.53.0.2 port @EXTRAPORT1@ allow { any; }; +}; + +key rndc_key { + secret "1234abcd8765"; + algorithm hmac-sha256; +}; + +controls { + inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; -include "../../common/controls.conf"; zone "." { type hint; diff --git a/bin/tests/system/statistics/ns3/named.conf b/bin/tests/system/statistics/ns3/named.conf.in similarity index 82% rename from bin/tests/system/statistics/ns3/named.conf rename to bin/tests/system/statistics/ns3/named.conf.in index abe9666aa5..8fda6a227c 100644 --- a/bin/tests/system/statistics/ns3/named.conf +++ b/bin/tests/system/statistics/ns3/named.conf.in @@ -6,15 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id$ */ - -controls { /* empty */ }; - options { query-source address 10.53.0.3; notify-source 10.53.0.3; transfer-source 10.53.0.3; - port 5300; + port @PORT@; directory "."; pid-file "named.pid"; listen-on { 10.53.0.3; }; @@ -24,7 +20,7 @@ options { }; statistics-channels { - inet 10.53.0.3 port 8053 allow { any; }; + inet 10.53.0.3 port @EXTRAPORT1@ allow { any; }; }; key rndc_key { @@ -33,7 +29,7 @@ key rndc_key { }; controls { - inet 10.53.0.3 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.3 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; zone "." { @@ -46,5 +42,3 @@ zone "example" { allow-update { any; }; file "internal.db"; }; - - diff --git a/bin/tests/system/statistics/prereq.sh b/bin/tests/system/statistics/prereq.sh index 3a37b61491..d621132d8b 100644 --- a/bin/tests/system/statistics/prereq.sh +++ b/bin/tests/system/statistics/prereq.sh @@ -12,10 +12,10 @@ then then : else - echo "I:Net::DNS version 0.76 and 0.77 have a bug that causes this test to fail: please update." >&2 + echo_i "Net::DNS version 0.76 and 0.77 have a bug that causes this test to fail: please update." >&2 exit 1 fi else - echo "I:This test requires the Net::DNS library." >&2 + echo_i "This test requires the Net::DNS library." >&2 exit 1 fi diff --git a/bin/tests/system/statistics/setup.sh b/bin/tests/system/statistics/setup.sh new file mode 100644 index 0000000000..e877403d82 --- /dev/null +++ b/bin/tests/system/statistics/setup.sh @@ -0,0 +1,15 @@ +#!/bin/sh +# +# Copyright (C) 2018 Internet Systems Consortium, Inc. ("ISC") +# +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +SYSTEMTESTTOP=.. +. $SYSTEMTESTTOP/conf.sh + +$SHELL clean.sh +copy_setports ns1/named.conf.in ns1/named.conf +copy_setports ns2/named.conf.in ns2/named.conf +copy_setports ns3/named.conf.in ns3/named.conf diff --git a/bin/tests/system/statistics/tests.sh b/bin/tests/system/statistics/tests.sh index 5b7fef9ed5..89453a99e4 100644 --- a/bin/tests/system/statistics/tests.sh +++ b/bin/tests/system/statistics/tests.sh @@ -6,92 +6,90 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -# $Id: tests.sh,v 1.1.4.11 2012/02/01 16:54:32 each Exp $ - SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh DIGOPTS="+tcp +noadd +nosea +nostat +noquest +nocomm +nocmd" -DIGCMD="$DIG $DIGOPTS -p 5300" -RNDCCMD="$RNDC -p 9953 -c ../common/rndc.conf" +DIGCMD="$DIG $DIGOPTS -p ${PORT}" +RNDCCMD="$RNDC -p ${CONTROLPORT} -c ../common/rndc.conf" status=0 ret=0 n=1 -echo "I:fetching a.example from ns2's initial configuration ($n)" +echo_i "fetching a.example from ns2's initial configuration ($n)" $DIGCMD +noauth a.example. @10.53.0.2 any > dig.out.ns2.1 || ret=1 -if [ $ret != 0 ]; then echo "I: failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` ret=0 -echo "I:verifying adb records in named.stats ($n)" +echo_i "verifying adb records in named.stats ($n)" $RNDCCMD -s 10.53.0.2 stats > /dev/null 2>&1 -echo "I: checking for 1 entry in adb hash table in named.stats" +echo_i "checking for 1 entry in adb hash table in named.stats" grep "1 Addresses in hash table" ns2/named.stats > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` ret=0 -echo "I: verifying cache statistics in named.stats ($n)" +echo_i "verifying cache statistics in named.stats ($n)" grep "Cache Statistics" ns2/named.stats > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I: checking for 2 entries in adb hash table in named.stats" +echo_i "checking for 2 entries in adb hash table in named.stats" $DIGCMD a.example.info. @10.53.0.2 any > /dev/null 2>&1 ret=0 $RNDCCMD -s 10.53.0.2 stats > /dev/null 2>&1 grep "2 Addresses in hash table" ns2/named.stats > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I: failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` ret=0 -echo "I:dumping initial stats for ns3" +echo_i "dumping initial stats for ns3" rm -f ns3/named.stats $RNDCCMD -s 10.53.0.3 stats > /dev/null 2>&1 [ -f ns3/named.stats ] || ret=1 [ "$CYGWIN" ] || \ nsock0nstat=`grep "UDP/IPv4 sockets active" ns3/named.stats | awk '{print $1}'` -echo "I:sending queries to ns3" +echo_i "sending queries to ns3" $DIGCMD +tries=2 +time=1 +recurse @10.53.0.3 foo.info. any > /dev/null 2>&1 #$DIGCMD +tries=2 +time=1 +recurse @10.53.0.3 foo.info. any -echo "I:dumping updated stats for ns3 ($n)" +echo_i "dumping updated stats for ns3 ($n)" rm -f ns3/named.stats $RNDCCMD -s 10.53.0.3 stats > /dev/null 2>&1 [ -f ns3/named.stats ] || ret=1 -if [ $ret != 0 ]; then echo "I: failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` ret=0 -echo "I: verifying recursing clients output in named.stats ($n)" +echo_i "verifying recursing clients output in named.stats ($n)" grep "2 recursing clients" ns3/named.stats > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I: failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` ret=0 -echo "I: verifying active fetches output in named.stats ($n)" +echo_i "verifying active fetches output in named.stats ($n)" grep "1 active fetches" ns3/named.stats > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I: failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` if [ ! "$CYGWIN" ]; then - echo "I: verifying active sockets output in named.stats" + echo_i "verifying active sockets output in named.stats" nsock1nstat=`grep "UDP/IPv4 sockets active" ns3/named.stats | awk '{print $1}'` ret=0 [ `expr $nsock1nstat - $nsock0nstat` -eq 1 ] || ret=1 - if [ $ret != 0 ]; then echo "I: failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` fi @@ -99,50 +97,50 @@ fi ret=0 # there should be 1 UDP and no TCP queries. As the TCP counter is zero # no status line is emitted. -echo "I: verifying queries in progress in named.stats ($n)" +echo_i "verifying queries in progress in named.stats ($n)" grep "1 UDP queries in progress" ns3/named.stats > /dev/null || ret=1 grep "TCP queries in progress" ns3/named.stats > /dev/null && ret=1 -if [ $ret != 0 ]; then echo "I: failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` ret=0 -echo "I: verifying bucket size output ($n)" +echo_i "verifying bucket size output ($n)" grep "bucket size" ns3/named.stats > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I: failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` ret=0 n=`expr $n + 1` -echo "I:checking that zones with slash are properly shown in XML output ($n)" +echo_i "checking that zones with slash are properly shown in XML output ($n)" if $FEATURETEST --have-libxml2 && [ -x ${CURL} ] ; then - ${CURL} http://10.53.0.1:8053/xml/v3/zones > curl.out.${t} 2>/dev/null || ret=1 + ${CURL} http://10.53.0.1:${EXTRAPORT1}/xml/v3/zones > curl.out.${t} 2>/dev/null || ret=1 grep '' curl.out.${t} > /dev/null || ret=1 else - echo "I:skipping test as libxml2 and/or curl was not found" + echo_i "skipping test as libxml2 and/or curl was not found" fi -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` ret=0 n=`expr $n + 1` -echo "I:checking that zones return their type ($n)" +echo_i "checking that zones return their type ($n)" if $FEATURETEST --have-libxml2 && [ -x ${CURL} ] ; then - ${CURL} http://10.53.0.1:8053/xml/v3/zones > curl.out.${t} 2>/dev/null || ret=1 + ${CURL} http://10.53.0.1:${EXTRAPORT1}/xml/v3/zones > curl.out.${t} 2>/dev/null || ret=1 grep 'master' curl.out.${t} > /dev/null || ret=1 else - echo "I:skipping test as libxml2 and/or curl was not found" + echo_i "skipping test as libxml2 and/or curl was not found" fi -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` ret=0 n=`expr $n + 1` -echo "I:checking priming queries are counted ($n)" +echo_i "checking priming queries are counted ($n)" grep "1 priming queries" ns3/named.stats -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:exit status: $status" +echo_i "exit status: $status" [ $status -eq 0 ] || exit 1 diff --git a/bin/tests/system/statschannel/clean.sh b/bin/tests/system/statschannel/clean.sh index 0e603e3654..ae34df0688 100644 --- a/bin/tests/system/statschannel/clean.sh +++ b/bin/tests/system/statschannel/clean.sh @@ -9,6 +9,7 @@ rm -f traffic traffic.out.* rm -f dig.out* rm -f */named.memstats +rm -f */named.conf rm -f */named.run rm -f ns*/named.lock rm -f ns*/named.stats diff --git a/bin/tests/system/statschannel/ns2/named.conf b/bin/tests/system/statschannel/ns2/named.conf.in similarity index 73% rename from bin/tests/system/statschannel/ns2/named.conf rename to bin/tests/system/statschannel/ns2/named.conf.in index d6d99bcff7..8cad831682 100644 --- a/bin/tests/system/statschannel/ns2/named.conf +++ b/bin/tests/system/statschannel/ns2/named.conf.in @@ -6,13 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -controls { /* empty */ }; - options { query-source address 10.53.0.2; notify-source 10.53.0.2; transfer-source 10.53.0.2; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.2; }; listen-on-v6 { none; }; @@ -22,9 +20,16 @@ options { version none; // make statistics independent of the version number }; -statistics-channels { inet 10.53.0.2 port 8853 allow { localhost; }; }; +statistics-channels { inet 10.53.0.2 port @EXTRAPORT1@ allow { localhost; }; }; -include "../../common/controls.conf"; +key rndc_key { + secret "1234abcd8765"; + algorithm hmac-sha256; +}; + +controls { + inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; +}; zone "example" { type master; diff --git a/bin/tests/system/statschannel/prereq.sh b/bin/tests/system/statschannel/prereq.sh index 49add5f7f1..cc676f7f5f 100644 --- a/bin/tests/system/statschannel/prereq.sh +++ b/bin/tests/system/statschannel/prereq.sh @@ -12,7 +12,7 @@ if $PERL -e 'use File::Fetch;' 2>/dev/null then : else - echo "I:This test requires the File::Fetch library." >&2 + echo_i "This test requires the File::Fetch library." >&2 fail=1 fi diff --git a/bin/tests/system/statschannel/setup.sh b/bin/tests/system/statschannel/setup.sh new file mode 100644 index 0000000000..6942b2ca80 --- /dev/null +++ b/bin/tests/system/statschannel/setup.sh @@ -0,0 +1,14 @@ +#!/bin/sh +# +# Copyright (C) 2018 Internet Systems Consortium, Inc. ("ISC") +# +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +SYSTEMTESTTOP=.. +. $SYSTEMTESTTOP/conf.sh + +$SHELL clean.sh + +copy_setports ns2/named.conf.in ns2/named.conf diff --git a/bin/tests/system/statschannel/tests.sh b/bin/tests/system/statschannel/tests.sh index b5601b7c83..459d7c2ea8 100644 --- a/bin/tests/system/statschannel/tests.sh +++ b/bin/tests/system/statschannel/tests.sh @@ -9,46 +9,47 @@ SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh -DIGCMD="$DIG @10.53.0.2 -p 5300" +DIGCMD="$DIG @10.53.0.2 -p ${PORT}" +RNDCCMD="$RNDC -c $SYSTEMTESTTOP/common/rndc.conf -p ${CONTROLPORT} -s" if [ ! "$HAVEJSONSTATS" ] then unset PERL_JSON - echo "I:JSON was not configured; skipping" >&2 + echo_i "JSON was not configured; skipping" >&2 elif $PERL -e 'use JSON;' 2>/dev/null then PERL_JSON=1 else unset PERL_JSON - echo "I:JSON tests require JSON library; skipping" >&2 + echo_i "JSON tests require JSON library; skipping" >&2 fi if [ ! "$HAVEXMLSTATS" ] then unset PERL_XML - echo "I:XML was not configured; skipping" >&2 + echo_i "XML was not configured; skipping" >&2 elif $PERL -e 'use XML::Simple;' 2>/dev/null then PERL_XML=1 else unset PERL_XML - echo "I:XML tests require XML::Simple; skipping" >&2 + echo_i "XML tests require XML::Simple; skipping" >&2 fi if [ ! "$PERL_JSON" -a ! "$PERL_XML" ]; then - echo "I:skipping all tests" + echo_i "skipping all tests" exit 0 fi gettraffic() { - echo "I:... using $1" + echo_i "... using $1" case $1 in xml) path='xml/v3/traffic' ;; json) path='json/v1/traffic' ;; *) return 1 ;; esac - file=`$PERL fetch.pl $path` + file=`$PERL fetch.pl -p ${EXTRAPORT1} $path` $PERL traffic-${1}.pl $file 2>/dev/null | sort > traffic.out.$2 result=$? rm -f $file @@ -58,7 +59,7 @@ gettraffic() { status=0 n=1 ret=0 -echo "I:fetching traffic size data ($n)" +echo_i "fetching traffic size data ($n)" if [ $PERL_XML ]; then gettraffic xml x$n || ret=1 cmp traffic.out.x$n traffic.expect.$n || ret=1 @@ -67,12 +68,12 @@ if [ $PERL_JSON ]; then gettraffic json j$n || ret=1 cmp traffic.out.j$n traffic.expect.$n || ret=1 fi -if [ $ret != 0 ]; then echo "I: failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` ret=0 -echo "I:fetching traffic size data after small UDP query ($n)" +echo_i "fetching traffic size data after small UDP query ($n)" $DIGCMD short.example txt > dig.out.$n || ret=1 if [ $PERL_XML ]; then gettraffic xml x$n || ret=1 @@ -82,13 +83,13 @@ if [ $PERL_JSON ]; then gettraffic json j$n || ret=1 cmp traffic.out.j$n traffic.expect.$n || ret=1 fi -if [ $ret != 0 ]; then echo "I: failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` ret=0 n=`expr $n + 1` -echo "I:fetching traffic size data after large UDP query ($n)" +echo_i "fetching traffic size data after large UDP query ($n)" $DIGCMD long.example txt > dig.out.$n || ret=1 if [ $PERL_XML ]; then gettraffic xml x$n || ret=1 @@ -98,12 +99,12 @@ if [ $PERL_JSON ]; then gettraffic json j$n || ret=1 cmp traffic.out.j$n traffic.expect.$n || ret=1 fi -if [ $ret != 0 ]; then echo "I: failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` ret=0 -echo "I:fetching traffic size data after small TCP query ($n)" +echo_i "fetching traffic size data after small TCP query ($n)" $DIGCMD +tcp short.example txt > dig.out.$n || ret=1 if [ $PERL_XML ]; then gettraffic xml x$n || ret=1 @@ -113,12 +114,12 @@ if [ $PERL_JSON ]; then gettraffic json j$n || ret=1 cmp traffic.out.j$n traffic.expect.$n || ret=1 fi -if [ $ret != 0 ]; then echo "I: failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` ret=0 -echo "I:fetching traffic size data after large TCP query ($n)" +echo_i "fetching traffic size data after large TCP query ($n)" $DIGCMD +tcp long.example txt > dig.out.$n || ret=1 if [ $PERL_XML ]; then gettraffic xml x$n || ret=1 @@ -128,20 +129,20 @@ if [ $PERL_JSON ]; then gettraffic json j$n || ret=1 cmp traffic.out.j$n traffic.expect.$n || ret=1 fi -if [ $ret != 0 ]; then echo "I: failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` ret=0 -echo "I:checking consistency between named.stats and xml/json ($n)" +echo_i "checking consistency between named.stats and xml/json ($n)" rm -f ns2/named.stats $DIGCMD +tcp example ns > dig.out.$n || ret=1 -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 stats 2>&1 | sed 's/^/I:ns1 /' +$RNDCCMD 10.53.0.2 stats 2>&1 | sed 's/^/I:ns1 /' query_count=`awk '/QUERY/ {print $1}' ns2/named.stats` txt_count=`awk '/TXT/ {print $1}' ns2/named.stats` noerror_count=`awk '/NOERROR/ {print $1}' ns2/named.stats` if [ $PERL_XML ]; then - file=`$PERL fetch.pl xml/v3/server` + file=`$PERL fetch.pl -p ${EXTRAPORT1} xml/v3/server` mv $file xml.stats $PERL server-xml.pl > xml.fmtstats 2> /dev/null xml_query_count=`awk '/opcode QUERY/ { print $NF }' xml.fmtstats` @@ -155,7 +156,7 @@ if [ $PERL_XML ]; then [ "$noerror_count" -eq "$xml_noerror_count" ] || ret=1 fi if [ $PERL_JSON ]; then - file=`$PERL fetch.pl json/v1/server` + file=`$PERL fetch.pl -p ${EXTRAPORT1} json/v1/server` mv $file json.stats $PERL server-json.pl > json.fmtstats 2> /dev/null json_query_count=`awk '/opcode QUERY/ { print $NF }' json.fmtstats` @@ -168,14 +169,14 @@ if [ $PERL_JSON ]; then json_noerror_count=${json_noerror_count:-0} [ "$noerror_count" -eq "$json_noerror_count" ] || ret=1 fi -if [ $ret != 0 ]; then echo "I: failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` ret=0 -echo "I:checking malloced memory statistics xml/json ($n)" +echo_i "checking malloced memory statistics xml/json ($n)" if [ $PERL_XML ]; then - file=`$PERL fetch.pl xml/v3/mem` + file=`$PERL fetch.pl -p ${EXTRAPORT1} xml/v3/mem` mv $file xml.mem $PERL mem-xml.pl $file > xml.fmtmem grep "'Malloced' => '[0-9][0-9]*'" xml.fmtmem > /dev/null || ret=1 @@ -183,35 +184,35 @@ if [ $PERL_XML ]; then grep "'maxmalloced' => '[0-9][0-9]*'" xml.fmtmem > /dev/null || ret=1 fi if [ $PERL_JSON ]; then - file=`$PERL fetch.pl json/v1/mem` + file=`$PERL fetch.pl -p ${EXTRAPORT1} json/v1/mem` mv $file json.mem grep '"malloced":[0-9][0-9]*,' json.mem > /dev/null || ret=1 grep '"maxmalloced":[0-9][0-9]*,' json.mem > /dev/null || ret=1 grep '"Malloced":[0-9][0-9]*,' json.mem > /dev/null || ret=1 fi -if [ $ret != 0 ]; then echo "I: failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` ret=0 -echo "I:checking consistency between regular and compressed output ($n)" +echo_i "checking consistency between regular and compressed output ($n)" if [ "$HAVEXMLSTATS" ]; then - URL=http://10.53.0.2:8853/xml/v3/server + URL=http://10.53.0.2:${EXTRAPORT1}/xml/v3/server else - URL=http://10.53.0.2:8853/json/v1/server + URL=http://10.53.0.2:${EXTRAPORT1}/json/v1/server fi $CURL -D regular.headers $URL 2>/dev/null | \ sed -e "s#.*##g" > regular.out $CURL -D compressed.headers --compressed $URL 2>/dev/null | \ sed -e "s#.*##g" > compressed.out diff regular.out compressed.out >/dev/null || ret=1 -if [ $ret != 0 ]; then echo "I: failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` ret=0 -echo "I:checking if compressed output is really compressed ($n)" +echo_i "checking if compressed output is really compressed ($n)" if [ "$ZLIB" ]; then REGSIZE=`cat regular.headers | \ @@ -222,11 +223,11 @@ then ret=1 fi else - echo "I:skipped" + echo_i "skipped" fi -if [ $ret != 0 ]; then echo "I: failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:exit status: $status" +echo_i "exit status: $status" [ $status -eq 0 ] || exit 1 diff --git a/bin/tests/system/stub/clean.sh b/bin/tests/system/stub/clean.sh index bc953353c9..d4f800f969 100644 --- a/bin/tests/system/stub/clean.sh +++ b/bin/tests/system/stub/clean.sh @@ -6,12 +6,11 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -# $Id: clean.sh,v 1.10 2007/09/26 03:22:44 marka Exp $ - # # Clean up after stub tests. # rm -f dig.out.ns3 ns3/child.example.st rm -f */named.memstats +rm -f */named.conf rm -f */named.run rm -f ns*/named.lock diff --git a/bin/tests/system/stub/ns1/named.conf b/bin/tests/system/stub/ns1/named.conf.in similarity index 93% rename from bin/tests/system/stub/ns1/named.conf rename to bin/tests/system/stub/ns1/named.conf.in index 4b056e3181..23b0c22af5 100644 --- a/bin/tests/system/stub/ns1/named.conf +++ b/bin/tests/system/stub/ns1/named.conf.in @@ -6,13 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -controls { /* empty */ }; - options { query-source address 10.53.0.1; notify-source 10.53.0.1; transfer-source 10.53.0.1; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.1; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/stub/ns2/named.conf b/bin/tests/system/stub/ns2/named.conf.in similarity index 94% rename from bin/tests/system/stub/ns2/named.conf rename to bin/tests/system/stub/ns2/named.conf.in index 42bfc6cb22..36b8c578a3 100644 --- a/bin/tests/system/stub/ns2/named.conf +++ b/bin/tests/system/stub/ns2/named.conf.in @@ -6,13 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -controls { /* empty */ }; - options { query-source address 10.53.0.2; notify-source 10.53.0.2; transfer-source 10.53.0.2; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.2; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/stub/ns3/named.conf b/bin/tests/system/stub/ns3/named.conf.in similarity index 94% rename from bin/tests/system/stub/ns3/named.conf rename to bin/tests/system/stub/ns3/named.conf.in index c0d0ce54f1..d6300e2979 100644 --- a/bin/tests/system/stub/ns3/named.conf +++ b/bin/tests/system/stub/ns3/named.conf.in @@ -6,13 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -controls { /* empty */ }; - options { query-source address 10.53.0.3; notify-source 10.53.0.3; transfer-source 10.53.0.3; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.3; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/stub/setup.sh b/bin/tests/system/stub/setup.sh new file mode 100644 index 0000000000..5a1b70fb72 --- /dev/null +++ b/bin/tests/system/stub/setup.sh @@ -0,0 +1,16 @@ +#!/bin/sh +# +# Copyright (C) 2018 Internet Systems Consortium, Inc. ("ISC") +# +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +SYSTEMTESTTOP=.. +. $SYSTEMTESTTOP/conf.sh + +$SHELL clean.sh + +copy_setports ns1/named.conf.in ns1/named.conf +copy_setports ns2/named.conf.in ns2/named.conf +copy_setports ns3/named.conf.in ns3/named.conf diff --git a/bin/tests/system/stub/tests.sh b/bin/tests/system/stub/tests.sh index 8804ab0b18..a2c838e83f 100644 --- a/bin/tests/system/stub/tests.sh +++ b/bin/tests/system/stub/tests.sh @@ -6,56 +6,56 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -# $Id: tests.sh,v 1.16 2011/11/02 23:46:24 tbox Exp $ - SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh +DIGOPTS="+tcp -p ${PORT}" + status=0 -echo "I:check that the stub zone has been saved to disk" +echo_i "check that the stub zone has been saved to disk" for i in 1 2 3 4 5 6 7 8 9 20 do [ -f ns3/child.example.st ] && break sleep 1 done -[ -f ns3/child.example.st ] || { status=1; echo "I:failed"; } +[ -f ns3/child.example.st ] || { status=1; echo_i "failed"; } for pass in 1 2 do -echo "I:trying an axfr that should be denied (NOTAUTH) (pass=$pass)" +echo_i "trying an axfr that should be denied (NOTAUTH) (pass=$pass)" ret=0 -$DIG +tcp child.example. @10.53.0.3 axfr -p 5300 > dig.out.ns3 || ret=1 +$DIG $DIGOPTS child.example. @10.53.0.3 axfr > dig.out.ns3 || ret=1 grep "; Transfer failed." dig.out.ns3 > /dev/null || ret=1 -[ $ret = 0 ] || { status=1; echo "I:failed"; } +[ $ret = 0 ] || { status=1; echo_i "failed"; } -echo "I:look for stub zone data without recursion (should not be found) (pass=$pass)" +echo_i "look for stub zone data without recursion (should not be found) (pass=$pass)" for i in 1 2 3 4 5 6 7 8 9 do ret=0 - $DIG +tcp +norec data.child.example. \ - @10.53.0.3 txt -p 5300 > dig.out.ns3 || ret=1 + $DIG $DIGOPTS +norec data.child.example. \ + @10.53.0.3 txt > dig.out.ns3 || ret=1 grep "status: NOERROR" dig.out.ns3 > /dev/null || ret=1 [ $ret = 0 ] && break sleep 1 done $PERL ../digcomp.pl knowngood.dig.out.norec dig.out.ns3 || ret=1 -[ $ret = 0 ] || { status=1; echo "I:failed"; } +[ $ret = 0 ] || { status=1; echo_i "failed"; } -echo "I:look for stub zone data with recursion (should be found) (pass=$pass)" +echo_i "look for stub zone data with recursion (should be found) (pass=$pass)" ret=0 -$DIG +tcp +noauth +noadd data.child.example. @10.53.0.3 txt -p 5300 > dig.out.ns3 || ret=1 +$DIG $DIGOPTS +noauth +noadd data.child.example. @10.53.0.3 txt > dig.out.ns3 || ret=1 $PERL ../digcomp.pl knowngood.dig.out.rec dig.out.ns3 || ret=1 -[ $ret = 0 ] || { status=1; echo "I:failed"; } +[ $ret = 0 ] || { status=1; echo_i "failed"; } [ $pass = 1 ] && { - echo "I:stopping stub server" + echo_i "stopping stub server" $PERL $SYSTEMTESTTOP/stop.pl . ns3 - echo "I:re-starting stub server" - $PERL $SYSTEMTESTTOP/start.pl --noclean --restart . ns3 + echo_i "re-starting stub server" + $PERL $SYSTEMTESTTOP/start.pl --noclean --restart --port ${PORT} . ns3 } done -echo "I:exit status: $status" +echo_i "exit status: $status" [ $status -eq 0 ] || exit 1 diff --git a/bin/tests/system/synthfromdnssec/clean.sh b/bin/tests/system/synthfromdnssec/clean.sh index 4db273f35d..dcfc4615ba 100644 --- a/bin/tests/system/synthfromdnssec/clean.sh +++ b/bin/tests/system/synthfromdnssec/clean.sh @@ -5,6 +5,7 @@ # file, You can obtain one at http://mozilla.org/MPL/2.0/. rm -f */named.memstats +rm -f */named.conf rm -f */named.run rm -f dig.out.* rm -f ns1/K*+*+*.key diff --git a/bin/tests/system/synthfromdnssec/ns1/named.conf b/bin/tests/system/synthfromdnssec/ns1/named.conf.in similarity index 94% rename from bin/tests/system/synthfromdnssec/ns1/named.conf rename to bin/tests/system/synthfromdnssec/ns1/named.conf.in index 0a93a8793b..3df43654e4 100644 --- a/bin/tests/system/synthfromdnssec/ns1/named.conf +++ b/bin/tests/system/synthfromdnssec/ns1/named.conf.in @@ -8,13 +8,11 @@ // NS1 -controls { /* empty */ }; - options { query-source address 10.53.0.1; notify-source 10.53.0.1; transfer-source 10.53.0.1; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.1; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/synthfromdnssec/ns2/named.conf b/bin/tests/system/synthfromdnssec/ns2/named.conf.in similarity index 94% rename from bin/tests/system/synthfromdnssec/ns2/named.conf rename to bin/tests/system/synthfromdnssec/ns2/named.conf.in index fc7808ebf0..fe115d5f12 100644 --- a/bin/tests/system/synthfromdnssec/ns2/named.conf +++ b/bin/tests/system/synthfromdnssec/ns2/named.conf.in @@ -8,13 +8,11 @@ // NS2 -controls { /* empty */ }; - options { query-source address 10.53.0.2; notify-source 10.53.0.2; transfer-source 10.53.0.2; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.2; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/synthfromdnssec/ns3/named.conf b/bin/tests/system/synthfromdnssec/ns3/named.conf.in similarity index 94% rename from bin/tests/system/synthfromdnssec/ns3/named.conf rename to bin/tests/system/synthfromdnssec/ns3/named.conf.in index 95bd423669..364c9677af 100644 --- a/bin/tests/system/synthfromdnssec/ns3/named.conf +++ b/bin/tests/system/synthfromdnssec/ns3/named.conf.in @@ -8,13 +8,11 @@ // NS3 -controls { /* empty */ }; - options { query-source address 10.53.0.3; notify-source 10.53.0.3; transfer-source 10.53.0.3; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.3; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/synthfromdnssec/ns4/named.conf b/bin/tests/system/synthfromdnssec/ns4/named.conf.in similarity index 94% rename from bin/tests/system/synthfromdnssec/ns4/named.conf rename to bin/tests/system/synthfromdnssec/ns4/named.conf.in index 514a3b1b1f..5c65c96d8f 100644 --- a/bin/tests/system/synthfromdnssec/ns4/named.conf +++ b/bin/tests/system/synthfromdnssec/ns4/named.conf.in @@ -8,13 +8,11 @@ // NS4 -controls { /* empty */ }; - options { query-source address 10.53.0.4; notify-source 10.53.0.4; transfer-source 10.53.0.4; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.4; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/synthfromdnssec/ns5/named.conf b/bin/tests/system/synthfromdnssec/ns5/named.conf.in similarity index 94% rename from bin/tests/system/synthfromdnssec/ns5/named.conf rename to bin/tests/system/synthfromdnssec/ns5/named.conf.in index 7c8bc4b5c6..7c32aa7a3e 100644 --- a/bin/tests/system/synthfromdnssec/ns5/named.conf +++ b/bin/tests/system/synthfromdnssec/ns5/named.conf.in @@ -8,13 +8,11 @@ // NS5 -controls { /* empty */ }; - options { query-source address 10.53.0.5; notify-source 10.53.0.5; transfer-source 10.53.0.5; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.5; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/synthfromdnssec/setup.sh b/bin/tests/system/synthfromdnssec/setup.sh index ff63c23deb..d22413cbad 100644 --- a/bin/tests/system/synthfromdnssec/setup.sh +++ b/bin/tests/system/synthfromdnssec/setup.sh @@ -13,5 +13,11 @@ $SHELL clean.sh test -r $RANDFILE || $GENRANDOM 800 $RANDFILE +copy_setports ns1/named.conf.in ns1/named.conf +copy_setports ns2/named.conf.in ns2/named.conf +copy_setports ns3/named.conf.in ns3/named.conf +copy_setports ns4/named.conf.in ns4/named.conf +copy_setports ns5/named.conf.in ns5/named.conf + cd ns1 $SHELL sign.sh diff --git a/bin/tests/system/synthfromdnssec/tests.sh b/bin/tests/system/synthfromdnssec/tests.sh index 47b956be7d..4b7c066cfe 100644 --- a/bin/tests/system/synthfromdnssec/tests.sh +++ b/bin/tests/system/synthfromdnssec/tests.sh @@ -14,8 +14,8 @@ n=1 rm -f dig.out.* -DIGOPTS="+tcp +noadd +nosea +nostat +nocmd +dnssec -p 5300" -DELVOPTS="-a ns1/trusted.conf -p 5300" +DIGOPTS="+tcp +noadd +nosea +nostat +nocmd +dnssec -p ${PORT}" +DELVOPTS="-a ns1/trusted.conf -p ${PORT}" for ns in 2 4 5 do @@ -25,7 +25,7 @@ do 5) description="yes";; *) exit 1;; esac - echo "I:prime negative NXDOMAIN response (synth-from-dnssec ${description};) ($n)" + echo_i "prime negative NXDOMAIN response (synth-from-dnssec ${description};) ($n)" ret=0 $DIG $DIGOPTS a.example. @10.53.0.${ns} a > dig.out.ns${ns}.test$n || ret=1 grep "flags:[^;]* ad[ ;]" dig.out.ns${ns}.test$n > /dev/null || ret=1 @@ -33,10 +33,10 @@ do grep "example.*3600.IN.SOA" dig.out.ns${ns}.test$n > /dev/null || ret=1 [ $ns -eq ${ns} ] && nxdomain=dig.out.ns${ns}.test$n n=`expr $n + 1` - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` - echo "I:prime negative NODATA response (synth-from-dnssec ${description};) ($n)" + echo_i "prime negative NODATA response (synth-from-dnssec ${description};) ($n)" ret=0 $DIG $DIGOPTS nodata.example. @10.53.0.${ns} a > dig.out.ns${ns}.test$n || ret=1 grep "flags:[^;]* ad[ ;]" dig.out.ns${ns}.test$n > /dev/null || ret=1 @@ -44,38 +44,38 @@ do grep "example.*3600.IN.SOA" dig.out.ns${ns}.test$n > /dev/null || ret=1 [ $ns -eq 2 ] && nodata=dig.out.ns${ns}.test$n n=`expr $n + 1` - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` - echo "I:prime wildcard response (synth-from-dnssec ${description};) ($n)" + echo_i "prime wildcard response (synth-from-dnssec ${description};) ($n)" ret=0 $DIG $DIGOPTS a.wild-a.example. @10.53.0.${ns} a > dig.out.ns${ns}.test$n || ret=1 grep "flags:[^;]* ad[ ;]" dig.out.ns${ns}.test$n > /dev/null || ret=1 grep "status: NOERROR," dig.out.ns${ns}.test$n > /dev/null || ret=1 grep "a.wild-a.example.*3600.IN.A" dig.out.ns${ns}.test$n > /dev/null || ret=1 n=`expr $n + 1` - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` - echo "I:prime wildcard CNAME response (synth-from-dnssec ${description};) ($n)" + echo_i "prime wildcard CNAME response (synth-from-dnssec ${description};) ($n)" ret=0 $DIG $DIGOPTS a.wild-cname.example. @10.53.0.${ns} a > dig.out.ns${ns}.test$n || ret=1 grep "flags:[^;]* ad[ ;]" dig.out.ns${ns}.test$n > /dev/null || ret=1 grep "status: NOERROR," dig.out.ns${ns}.test$n > /dev/null || ret=1 grep "a.wild-cname.example.*3600.IN.CNAME" dig.out.ns${ns}.test$n > /dev/null || ret=1 n=`expr $n + 1` - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` done -echo "I:prime redirect response (+nodnssec) (synth-from-dnssec ;) ($n)" +echo_i "prime redirect response (+nodnssec) (synth-from-dnssec ;) ($n)" ret=0 $DIG $DIGOPTS +nodnssec a.redirect. @10.53.0.3 a > dig.out.ns2.test$n || ret=1 grep "flags:[^;]* ad[ ;]" dig.out.ns2.test$n > /dev/null && ret=1 grep "status: NOERROR," dig.out.ns2.test$n > /dev/null || ret=1 grep 'a\.redirect\..*300.IN.A.100\.100\.100\.2' dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` # @@ -91,7 +91,7 @@ do 5) synth=yes description="yes";; *) exit 1;; esac - echo "I:check synthesized NXDOMAIN response (synth-from-dnssec ${description};) ($n)" + echo_i "check synthesized NXDOMAIN response (synth-from-dnssec ${description};) ($n)" ret=0 $DIG $DIGOPTS b.example. @10.53.0.${ns} a > dig.out.ns${ns}.test$n || ret=1 grep "flags:[^;]* ad[ ;]" dig.out.ns${ns}.test$n > /dev/null || ret=1 @@ -105,10 +105,10 @@ do fi $PERL ../digcomp.pl $nxdomain dig.out.ns${ns}.test$n || ret=1 n=`expr $n + 1` - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` - echo "I:check synthesized NODATA response (synth-from-dnssec ${description};) ($n)" + echo_i "check synthesized NODATA response (synth-from-dnssec ${description};) ($n)" ret=0 $DIG $DIGOPTS nodata.example. @10.53.0.${ns} aaaa > dig.out.ns${ns}.test$n || ret=1 grep "flags:[^;]* ad[ ;]" dig.out.ns${ns}.test$n > /dev/null || ret=1 @@ -122,10 +122,10 @@ do fi $PERL ../digcomp.pl $nodata dig.out.ns${ns}.test$n || ret=1 n=`expr $n + 1` - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` - echo "I:check synthesized wildcard response (synth-from-dnssec ${description};) ($n)" + echo_i "check synthesized wildcard response (synth-from-dnssec ${description};) ($n)" ret=0 $DIG $DIGOPTS b.wild-a.example. @10.53.0.${ns} a > dig.out.ns${ns}.test$n || ret=1 grep "flags:[^;]* ad[ ;]" dig.out.ns${ns}.test$n > /dev/null || ret=1 @@ -138,10 +138,10 @@ do grep "b\.wild-a\.example\..*3600.IN.A" dig.out.ns${ns}.test$n > /dev/null || ret=1 fi n=`expr $n + 1` - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` - echo "I:check synthesized wildcard CNAME response (synth-from-dnssec ${description};) ($n)" + echo_i "check synthesized wildcard CNAME response (synth-from-dnssec ${description};) ($n)" ret=0 $DIG $DIGOPTS b.wild-cname.example. @10.53.0.${ns} a > dig.out.ns${ns}.test$n || ret=1 grep "flags:[^;]* ad[ ;]" dig.out.ns${ns}.test$n > /dev/null || ret=1 @@ -155,29 +155,29 @@ do fi grep "ns1.example.*.IN.A" dig.out.ns${ns}.test$n > /dev/null || ret=1 n=`expr $n + 1` - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` done -echo "I:check redirect response (+dnssec) (synth-from-dnssec ;) ($n)" +echo_i "check redirect response (+dnssec) (synth-from-dnssec ;) ($n)" ret=0 $DIG $DIGOPTS b.redirect. @10.53.0.3 a > dig.out.ns2.test$n || ret=1 grep "flags:[^;]* ad[ ;]" dig.out.ns2.test$n > /dev/null || ret=1 grep "status: NXDOMAIN," dig.out.ns2.test$n > /dev/null || ret=1 grep "\..*3600.IN.SOA" dig.out.ns2.test$n > /dev/null && ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:check redirect response (+nodnssec) (synth-from-dnssec ;) ($n)" +echo_i "check redirect response (+nodnssec) (synth-from-dnssec ;) ($n)" ret=0 $DIG $DIGOPTS +nodnssec b.redirect. @10.53.0.3 a > dig.out.ns2.test$n || ret=1 grep "flags:[^;]* ad[ ;]" dig.out.ns2.test$n > /dev/null && ret=1 grep "status: NOERROR," dig.out.ns2.test$n > /dev/null || ret=1 grep 'b\.redirect\..*300.IN.A.100\.100\.100\.2' dig.out.ns2.test$n > /dev/null || ret=1 n=`expr $n + 1` -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:exit status: $status" +echo_i "exit status: $status" [ $status -eq 0 ] || exit 1 diff --git a/bin/tests/system/tcp/clean.sh b/bin/tests/system/tcp/clean.sh index 64d1278dad..7744782b12 100644 --- a/bin/tests/system/tcp/clean.sh +++ b/bin/tests/system/tcp/clean.sh @@ -8,6 +8,7 @@ rm -f */named.memstats rm -f */named.run +rm -f */named.conf rm -f */named.stats rm -f dig.out* rm -f ns*/named.lock diff --git a/bin/tests/system/tcp/ns1/named.conf b/bin/tests/system/tcp/ns1/named.conf.in similarity index 86% rename from bin/tests/system/tcp/ns1/named.conf rename to bin/tests/system/tcp/ns1/named.conf.in index ad62ff0b51..8775f1c6e0 100644 --- a/bin/tests/system/tcp/ns1/named.conf +++ b/bin/tests/system/tcp/ns1/named.conf.in @@ -6,13 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -controls { /* empty */ }; - options { query-source address 10.53.0.1; notify-source 10.53.0.1; transfer-source 10.53.0.1; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.1; }; listen-on-v6 { none; }; @@ -27,7 +25,7 @@ key rndc_key { }; controls { - inet 10.53.0.1 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.1 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; zone "." { diff --git a/bin/tests/system/tcp/ns2/named.conf b/bin/tests/system/tcp/ns2/named.conf.in similarity index 80% rename from bin/tests/system/tcp/ns2/named.conf rename to bin/tests/system/tcp/ns2/named.conf.in index cc51923565..b59241d708 100644 --- a/bin/tests/system/tcp/ns2/named.conf +++ b/bin/tests/system/tcp/ns2/named.conf.in @@ -6,13 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -controls { /* empty */ }; - options { query-source address 10.53.0.2; notify-source 10.53.0.2; transfer-source 10.53.0.2; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.2; }; listen-on-v6 { none; }; @@ -21,7 +19,15 @@ options { statistics-file "named.stats"; }; -include "../../common/controls.conf"; +key rndc_key { + secret "1234abcd8765"; + algorithm hmac-sha256; +}; + +controls { + inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; +}; + zone "." { type hint; diff --git a/bin/tests/system/tcp/ns3/named.conf b/bin/tests/system/tcp/ns3/named.conf.in similarity index 87% rename from bin/tests/system/tcp/ns3/named.conf rename to bin/tests/system/tcp/ns3/named.conf.in index 0980d1fa68..18f5cf883a 100644 --- a/bin/tests/system/tcp/ns3/named.conf +++ b/bin/tests/system/tcp/ns3/named.conf.in @@ -6,13 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -controls { /* empty */ }; - options { query-source address 10.53.0.3; notify-source 10.53.0.3; transfer-source 10.53.0.3; - port 5300; + port @PORT@; directory "."; pid-file "named.pid"; listen-on { 10.53.0.3; }; @@ -29,7 +27,7 @@ key rndc_key { }; controls { - inet 10.53.0.3 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.3 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; zone "." { diff --git a/bin/tests/system/tcp/ns4/named.conf b/bin/tests/system/tcp/ns4/named.conf.in similarity index 87% rename from bin/tests/system/tcp/ns4/named.conf rename to bin/tests/system/tcp/ns4/named.conf.in index 8236aa52f5..2400638225 100644 --- a/bin/tests/system/tcp/ns4/named.conf +++ b/bin/tests/system/tcp/ns4/named.conf.in @@ -6,13 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -controls { /* empty */ }; - options { query-source address 10.53.0.4; notify-source 10.53.0.4; transfer-source 10.53.0.4; - port 5300; + port @PORT@; directory "."; pid-file "named.pid"; listen-on { 10.53.0.4; }; @@ -31,7 +29,7 @@ key rndc_key { }; controls { - inet 10.53.0.4 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.4 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; zone "." { diff --git a/bin/tests/system/tcp/setup.sh b/bin/tests/system/tcp/setup.sh new file mode 100644 index 0000000000..0088e79099 --- /dev/null +++ b/bin/tests/system/tcp/setup.sh @@ -0,0 +1,17 @@ +#!/bin/sh +# +# Copyright (C) 2018 Internet Systems Consortium, Inc. ("ISC") +# +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +SYSTEMTESTTOP=.. +. $SYSTEMTESTTOP/conf.sh + +$SHELL clean.sh + +copy_setports ns1/named.conf.in ns1/named.conf +copy_setports ns2/named.conf.in ns2/named.conf +copy_setports ns3/named.conf.in ns3/named.conf +copy_setports ns4/named.conf.in ns4/named.conf diff --git a/bin/tests/system/tcp/tests.sh b/bin/tests/system/tcp/tests.sh index 1e987004a4..8c27c323cc 100644 --- a/bin/tests/system/tcp/tests.sh +++ b/bin/tests/system/tcp/tests.sh @@ -9,11 +9,12 @@ SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh -RNDCCMD="$RNDC -p 9953 -c ../common/rndc.conf" +DIGOPTS="-p ${PORT}" +RNDCCMD="$RNDC -p ${CONTROLPORT} -c ../common/rndc.conf" status=0 -echo "I:initialize counters" +echo_i "initialize counters" $RNDCCMD -s 10.53.0.1 stats > /dev/null 2>&1 $RNDCCMD -s 10.53.0.2 stats > /dev/null 2>&1 ntcp10=`grep "TCP requests received" ns1/named.stats | tail -1 | awk '{print $1}'` @@ -21,9 +22,9 @@ ntcp20=`grep "TCP requests received" ns2/named.stats | tail -1 | awk '{print $1} #echo ntcp10 ':' "$ntcp10" #echo ntcp20 ':' "$ntcp20" -echo "I:check TCP transport" +echo_i "check TCP transport" ret=0 -$DIG -p 5300 @10.53.0.3 txt.example. > dig.out.3 +$DIG $DIGOPTS @10.53.0.3 txt.example. > dig.out.3 $RNDCCMD -s 10.53.0.1 stats > /dev/null 2>&1 $RNDCCMD -s 10.53.0.2 stats > /dev/null 2>&1 ntcp11=`grep "TCP requests received" ns1/named.stats | tail -1 | awk '{print $1}'` @@ -32,12 +33,12 @@ ntcp21=`grep "TCP requests received" ns2/named.stats | tail -1 | awk '{print $1} #echo ntcp21 ':' "$ntcp21" if [ "$ntcp10" -ge "$ntcp11" ]; then ret=1; fi if [ "$ntcp20" -ne "$ntcp21" ]; then ret=1; fi -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:check TCP forwarder" +echo_i "check TCP forwarder" ret=0 -$DIG -p 5300 @10.53.0.4 txt.example. > dig.out.4 +$DIG $DIGOPTS @10.53.0.4 txt.example. > dig.out.4 $RNDCCMD -s 10.53.0.1 stats > /dev/null 2>&1 $RNDCCMD -s 10.53.0.2 stats > /dev/null 2>&1 ntcp12=`grep "TCP requests received" ns1/named.stats | tail -1 | awk '{print $1}'` @@ -46,8 +47,8 @@ ntcp22=`grep "TCP requests received" ns2/named.stats | tail -1 | awk '{print $1} #echo ntcp22 ':' "$ntcp22" if [ "$ntcp11" -ne "$ntcp12" ]; then ret=1; fi if [ "$ntcp21" -ge "$ntcp22" ];then ret=1; fi -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:exit status: $status" +echo_i "exit status: $status" [ $status -eq 0 ] || exit 1 diff --git a/bin/tests/system/tools/tests.sh b/bin/tests/system/tools/tests.sh index 7e8fe149b0..6c1f77c45f 100644 --- a/bin/tests/system/tools/tests.sh +++ b/bin/tests/system/tools/tests.sh @@ -14,15 +14,15 @@ status=0 checkout() { case $? in 0) : ok ;; - *) echo "I:failed" + *) echo_i "failed" status=`expr $status + 1` return 1 ;; esac case $out in *$hash*) : ok ;; - *) echo "I:expect $hash" - echo "I:output $out" - echo "I:failed" + *) echo_i "expect $hash" + echo_i "output $out" + echo_i "failed" status=`expr $status + 1` ;; esac } @@ -31,11 +31,11 @@ checkout() { algo=1 flags=0 iters=12 salt="aabbccdd" while read name hash do - echo "I:checking $NSEC3HASH $name" + echo_i "checking $NSEC3HASH $name" out=`$NSEC3HASH $salt $algo $iters $name` checkout - echo "I:checking $NSEC3HASH -r $name" + echo_i "checking $NSEC3HASH -r $name" out=`$NSEC3HASH -r $algo $flags $iters $salt $name` checkout @@ -60,41 +60,41 @@ checkempty() { hash=- checkout } name=com algo=1 flags=1 iters=0 -echo "I:checking $NSEC3HASH '' $name" +echo_i "checking $NSEC3HASH '' $name" out=`$NSEC3HASH '' $algo $iters $name` checkempty -echo "I:checking $NSEC3HASH - $name" +echo_i "checking $NSEC3HASH - $name" out=`$NSEC3HASH - $algo $iters $name` checkempty -echo "I:checking $NSEC3HASH -- '' $name" +echo_i "checking $NSEC3HASH -- '' $name" out=`$NSEC3HASH -- '' $algo $iters $name` checkempty -echo "I:checking $NSEC3HASH -- - $name" +echo_i "checking $NSEC3HASH -- - $name" out=`$NSEC3HASH -- - $algo $iters $name` checkempty -echo "I:checking $NSEC3HASH -r '' $name" +echo_i "checking $NSEC3HASH -r '' $name" out=`$NSEC3HASH -r $algo $flags $iters '' $name` checkempty -echo "I:checking $NSEC3HASH -r - $name" +echo_i "checking $NSEC3HASH -r - $name" out=`$NSEC3HASH -r $algo $flags $iters - $name` checkempty checkfail() { case $? in - 0) echo "I:failed to fail" + 0) echo_i "failed to fail" status=`expr $status + 1` return 1 ;; esac } -echo "I:checking $NSEC3HASH missing args" +echo_i "checking $NSEC3HASH missing args" out=`$NSEC3HASH 00 1 0 2>&1` checkfail -echo "I:checking $NSEC3HASH extra args" +echo_i "checking $NSEC3HASH extra args" out=`$NSEC3HASH 00 1 0 two names 2>&1` checkfail -echo "I:checking $NSEC3HASH bad option" +echo_i "checking $NSEC3HASH bad option" out=`$NSEC3HASH -? 2>&1` checkfail -echo "I:exit status: $status" +echo_i "exit status: $status" [ $status -eq 0 ] || exit 1 diff --git a/bin/tests/system/tsig/clean.sh b/bin/tests/system/tsig/clean.sh index 063b476b54..dfa712bf82 100644 --- a/bin/tests/system/tsig/clean.sh +++ b/bin/tests/system/tsig/clean.sh @@ -12,6 +12,7 @@ rm -f dig.out.* rm -f */named.memstats +rm -f */named.conf rm -f */named.run rm -f ns*/named.lock rm -f Kexample.net.* diff --git a/bin/tests/system/tsig/ns1/named.conf b/bin/tests/system/tsig/ns1/named.conf.in similarity index 94% rename from bin/tests/system/tsig/ns1/named.conf rename to bin/tests/system/tsig/ns1/named.conf.in index de2643d933..12095e541d 100644 --- a/bin/tests/system/tsig/ns1/named.conf +++ b/bin/tests/system/tsig/ns1/named.conf.in @@ -6,15 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.5 2007/06/19 23:47:06 tbox Exp $ */ - -controls { /* empty */ }; - options { query-source address 10.53.0.1; notify-source 10.53.0.1; transfer-source 10.53.0.1; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.1; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/tsig/setup.sh b/bin/tests/system/tsig/setup.sh index b2941155a9..160e3d941f 100644 --- a/bin/tests/system/tsig/setup.sh +++ b/bin/tests/system/tsig/setup.sh @@ -9,6 +9,8 @@ SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh -sh clean.sh +$SHELL clean.sh + +copy_setports ns1/named.conf.in ns1/named.conf test -r $RANDFILE || $GENRANDOM 800 $RANDFILE diff --git a/bin/tests/system/tsig/tests.sh b/bin/tests/system/tsig/tests.sh index 90881ddd3e..9583cd9cf1 100644 --- a/bin/tests/system/tsig/tests.sh +++ b/bin/tests/system/tsig/tests.sh @@ -6,11 +6,11 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -# $Id: tests.sh,v 1.7 2011/11/06 23:46:40 tbox Exp $ - SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh +DIGOPTS="+tcp +nosea +nostat +noquest +nocomm +nocmd -p ${PORT}" + # # Shared secrets. # @@ -23,67 +23,60 @@ sha512="jI/Pa4qRu96t76Pns5Z/Ndxbn3QCkwcxLOgt9vgvnJw5wqTRvNyk3FtD6yIMd1dWVlqZ+Y4f status=0 -echo "I:fetching using hmac-md5 (old form)" +echo_i "fetching using hmac-md5 (old form)" ret=0 -$DIG +tcp +nosea +nostat +noquest +nocomm +nocmd example.nil.\ - -y "md5:$md5" @10.53.0.1 soa -p 5300 > dig.out.md5.old || ret=1 +$DIG $DIGOPTS example.nil. -y "md5:$md5" @10.53.0.1 soa > dig.out.md5.old || ret=1 grep -i "md5.*TSIG.*NOERROR" dig.out.md5.old > /dev/null || ret=1 if [ $ret -eq 1 ] ; then - echo "I: failed"; status=1 + echo_i "failed"; status=1 fi -echo "I:fetching using hmac-md5 (new form)" +echo_i "fetching using hmac-md5 (new form)" ret=0 -$DIG +tcp +nosea +nostat +noquest +nocomm +nocmd example.nil.\ - -y "hmac-md5:md5:$md5" @10.53.0.1 soa -p 5300 > dig.out.md5.new || ret=1 +$DIG $DIGOPTS example.nil. -y "hmac-md5:md5:$md5" @10.53.0.1 soa > dig.out.md5.new || ret=1 grep -i "md5.*TSIG.*NOERROR" dig.out.md5.new > /dev/null || ret=1 if [ $ret -eq 1 ] ; then - echo "I: failed"; status=1 + echo_i "failed"; status=1 fi -echo "I:fetching using hmac-sha1" +echo_i "fetching using hmac-sha1" ret=0 -$DIG +tcp +nosea +nostat +noquest +nocomm +nocmd example.nil.\ - -y "hmac-sha1:sha1:$sha1" @10.53.0.1 soa -p 5300 > dig.out.sha1 || ret=1 +$DIG $DIGOPTS example.nil. -y "hmac-sha1:sha1:$sha1" @10.53.0.1 soa > dig.out.sha1 || ret=1 grep -i "sha1.*TSIG.*NOERROR" dig.out.sha1 > /dev/null || ret=1 if [ $ret -eq 1 ] ; then - echo "I: failed"; status=1 + echo_i "failed"; status=1 fi -echo "I:fetching using hmac-sha224" +echo_i "fetching using hmac-sha224" ret=0 -$DIG +tcp +nosea +nostat +noquest +nocomm +nocmd example.nil.\ - -y "hmac-sha224:sha224:$sha224" @10.53.0.1 soa -p 5300 > dig.out.sha224 || ret=1 +$DIG $DIGOPTS example.nil. -y "hmac-sha224:sha224:$sha224" @10.53.0.1 soa > dig.out.sha224 || ret=1 grep -i "sha224.*TSIG.*NOERROR" dig.out.sha224 > /dev/null || ret=1 if [ $ret -eq 1 ] ; then - echo "I: failed"; status=1 + echo_i "failed"; status=1 fi -echo "I:fetching using hmac-sha256" +echo_i "fetching using hmac-sha256" ret=0 -$DIG +tcp +nosea +nostat +noquest +nocomm +nocmd example.nil.\ - -y "hmac-sha256:sha256:$sha256" @10.53.0.1 soa -p 5300 > dig.out.sha256 || ret=1 +$DIG $DIGOPTS example.nil. -y "hmac-sha256:sha256:$sha256" @10.53.0.1 soa > dig.out.sha256 || ret=1 grep -i "sha256.*TSIG.*NOERROR" dig.out.sha256 > /dev/null || ret=1 if [ $ret -eq 1 ] ; then - echo "I: failed"; status=1 + echo_i "failed"; status=1 fi -echo "I:fetching using hmac-sha384" +echo_i "fetching using hmac-sha384" ret=0 -$DIG +tcp +nosea +nostat +noquest +nocomm +nocmd example.nil.\ - -y "hmac-sha384:sha384:$sha384" @10.53.0.1 soa -p 5300 > dig.out.sha384 || ret=1 +$DIG $DIGOPTS example.nil. -y "hmac-sha384:sha384:$sha384" @10.53.0.1 soa > dig.out.sha384 || ret=1 grep -i "sha384.*TSIG.*NOERROR" dig.out.sha384 > /dev/null || ret=1 if [ $ret -eq 1 ] ; then - echo "I: failed"; status=1 + echo_i "failed"; status=1 fi -echo "I:fetching using hmac-sha512" +echo_i "fetching using hmac-sha512" ret=0 -$DIG +tcp +nosea +nostat +noquest +nocomm +nocmd example.nil.\ - -y "hmac-sha512:sha512:$sha512" @10.53.0.1 soa -p 5300 > dig.out.sha512 || ret=1 +$DIG $DIGOPTS example.nil. -y "hmac-sha512:sha512:$sha512" @10.53.0.1 soa > dig.out.sha512 || ret=1 grep -i "sha512.*TSIG.*NOERROR" dig.out.sha512 > /dev/null || ret=1 if [ $ret -eq 1 ] ; then - echo "I: failed"; status=1 + echo_i "failed"; status=1 fi # @@ -91,58 +84,52 @@ fi # Truncated TSIG # # -echo "I:fetching using hmac-md5 (trunc)" +echo_i "fetching using hmac-md5 (trunc)" ret=0 -$DIG +tcp +nosea +nostat +noquest +nocomm +nocmd example.nil.\ - -y "hmac-md5-80:md5-trunc:$md5" @10.53.0.1 soa -p 5300 > dig.out.md5.trunc || ret=1 +$DIG $DIGOPTS example.nil. -y "hmac-md5-80:md5-trunc:$md5" @10.53.0.1 soa > dig.out.md5.trunc || ret=1 grep -i "md5-trunc.*TSIG.*NOERROR" dig.out.md5.trunc > /dev/null || ret=1 if [ $ret -eq 1 ] ; then - echo "I: failed"; status=1 + echo_i "failed"; status=1 fi -echo "I:fetching using hmac-sha1 (trunc)" +echo_i "fetching using hmac-sha1 (trunc)" ret=0 -$DIG +tcp +nosea +nostat +noquest +nocomm +nocmd example.nil.\ - -y "hmac-sha1-80:sha1-trunc:$sha1" @10.53.0.1 soa -p 5300 > dig.out.sha1.trunc || ret=1 +$DIG $DIGOPTS example.nil. -y "hmac-sha1-80:sha1-trunc:$sha1" @10.53.0.1 soa > dig.out.sha1.trunc || ret=1 grep -i "sha1.*TSIG.*NOERROR" dig.out.sha1.trunc > /dev/null || ret=1 if [ $ret -eq 1 ] ; then - echo "I: failed"; status=1 + echo_i "failed"; status=1 fi -echo "I:fetching using hmac-sha224 (trunc)" +echo_i "fetching using hmac-sha224 (trunc)" ret=0 -$DIG +tcp +nosea +nostat +noquest +nocomm +nocmd example.nil.\ - -y "hmac-sha224-112:sha224-trunc:$sha224" @10.53.0.1 soa -p 5300 > dig.out.sha224.trunc || ret=1 +$DIG $DIGOPTS example.nil. -y "hmac-sha224-112:sha224-trunc:$sha224" @10.53.0.1 soa > dig.out.sha224.trunc || ret=1 grep -i "sha224-trunc.*TSIG.*NOERROR" dig.out.sha224.trunc > /dev/null || ret=1 if [ $ret -eq 1 ] ; then - echo "I: failed"; status=1 + echo_i "failed"; status=1 fi -echo "I:fetching using hmac-sha256 (trunc)" +echo_i "fetching using hmac-sha256 (trunc)" ret=0 -$DIG +tcp +nosea +nostat +noquest +nocomm +nocmd example.nil.\ - -y "hmac-sha256-128:sha256-trunc:$sha256" @10.53.0.1 soa -p 5300 > dig.out.sha256.trunc || ret=1 +$DIG $DIGOPTS example.nil. -y "hmac-sha256-128:sha256-trunc:$sha256" @10.53.0.1 soa > dig.out.sha256.trunc || ret=1 grep -i "sha256-trunc.*TSIG.*NOERROR" dig.out.sha256.trunc > /dev/null || ret=1 if [ $ret -eq 1 ] ; then - echo "I: failed"; status=1 + echo_i "failed"; status=1 fi -echo "I:fetching using hmac-sha384 (trunc)" +echo_i "fetching using hmac-sha384 (trunc)" ret=0 -$DIG +tcp +nosea +nostat +noquest +nocomm +nocmd example.nil.\ - -y "hmac-sha384-192:sha384-trunc:$sha384" @10.53.0.1 soa -p 5300 > dig.out.sha384.trunc || ret=1 +$DIG $DIGOPTS example.nil. -y "hmac-sha384-192:sha384-trunc:$sha384" @10.53.0.1 soa > dig.out.sha384.trunc || ret=1 grep -i "sha384-trunc.*TSIG.*NOERROR" dig.out.sha384.trunc > /dev/null || ret=1 if [ $ret -eq 1 ] ; then - echo "I: failed"; status=1 + echo_i "failed"; status=1 fi -echo "I:fetching using hmac-sha512-256 (trunc)" +echo_i "fetching using hmac-sha512-256 (trunc)" ret=0 -$DIG +tcp +nosea +nostat +noquest +nocomm +nocmd example.nil.\ - -y "hmac-sha512-256:sha512-trunc:$sha512" @10.53.0.1 soa -p 5300 > dig.out.sha512.trunc || ret=1 +$DIG $DIGOPTS example.nil. -y "hmac-sha512-256:sha512-trunc:$sha512" @10.53.0.1 soa > dig.out.sha512.trunc || ret=1 grep -i "sha512-trunc.*TSIG.*NOERROR" dig.out.sha512.trunc > /dev/null || ret=1 if [ $ret -eq 1 ] ; then - echo "I: failed"; status=1 + echo_i "failed"; status=1 fi @@ -151,98 +138,90 @@ fi # Check for bad truncation. # # -echo "I:fetching using hmac-md5-80 (BADTRUNC)" +echo_i "fetching using hmac-md5-80 (BADTRUNC)" ret=0 -$DIG +tcp +nosea +nostat +noquest +nocomm +nocmd example.nil.\ - -y "hmac-md5-80:md5:$md5" @10.53.0.1 soa -p 5300 > dig.out.md5-80 || ret=1 +$DIG $DIGOPTS example.nil. -y "hmac-md5-80:md5:$md5" @10.53.0.1 soa > dig.out.md5-80 || ret=1 grep -i "md5.*TSIG.*BADTRUNC" dig.out.md5-80 > /dev/null || ret=1 if [ $ret -eq 1 ] ; then - echo "I: failed"; status=1 + echo_i "failed"; status=1 fi -echo "I:fetching using hmac-sha1-80 (BADTRUNC)" +echo_i "fetching using hmac-sha1-80 (BADTRUNC)" ret=0 -$DIG +tcp +nosea +nostat +noquest +nocomm +nocmd example.nil.\ - -y "hmac-sha1-80:sha1:$sha1" @10.53.0.1 soa -p 5300 > dig.out.sha1-80 || ret=1 +$DIG $DIGOPTS example.nil. -y "hmac-sha1-80:sha1:$sha1" @10.53.0.1 soa > dig.out.sha1-80 || ret=1 grep -i "sha1.*TSIG.*BADTRUNC" dig.out.sha1-80 > /dev/null || ret=1 if [ $ret -eq 1 ] ; then - echo "I: failed"; status=1 + echo_i "failed"; status=1 fi -echo "I:fetching using hmac-sha224-112 (BADTRUNC)" +echo_i "fetching using hmac-sha224-112 (BADTRUNC)" ret=0 -$DIG +tcp +nosea +nostat +noquest +nocomm +nocmd example.nil.\ - -y "hmac-sha224-112:sha224:$sha224" @10.53.0.1 soa -p 5300 > dig.out.sha224-112 || ret=1 +$DIG $DIGOPTS example.nil. -y "hmac-sha224-112:sha224:$sha224" @10.53.0.1 soa > dig.out.sha224-112 || ret=1 grep -i "sha224.*TSIG.*BADTRUNC" dig.out.sha224-112 > /dev/null || ret=1 if [ $ret -eq 1 ] ; then - echo "I: failed"; status=1 + echo_i "failed"; status=1 fi -echo "I:fetching using hmac-sha256-128 (BADTRUNC)" +echo_i "fetching using hmac-sha256-128 (BADTRUNC)" ret=0 -$DIG +tcp +nosea +nostat +noquest +nocomm +nocmd example.nil.\ - -y "hmac-sha256-128:sha256:$sha256" @10.53.0.1 soa -p 5300 > dig.out.sha256-128 || ret=1 +$DIG $DIGOPTS example.nil. -y "hmac-sha256-128:sha256:$sha256" @10.53.0.1 soa > dig.out.sha256-128 || ret=1 grep -i "sha256.*TSIG.*BADTRUNC" dig.out.sha256-128 > /dev/null || ret=1 if [ $ret -eq 1 ] ; then - echo "I: failed"; status=1 + echo_i "failed"; status=1 fi -echo "I:fetching using hmac-sha384-192 (BADTRUNC)" +echo_i "fetching using hmac-sha384-192 (BADTRUNC)" ret=0 -$DIG +tcp +nosea +nostat +noquest +nocomm +nocmd example.nil.\ - -y "hmac-sha384-192:sha384:$sha384" @10.53.0.1 soa -p 5300 > dig.out.sha384-192 || ret=1 +$DIG $DIGOPTS example.nil. -y "hmac-sha384-192:sha384:$sha384" @10.53.0.1 soa > dig.out.sha384-192 || ret=1 grep -i "sha384.*TSIG.*BADTRUNC" dig.out.sha384-192 > /dev/null || ret=1 if [ $ret -eq 1 ] ; then - echo "I: failed"; status=1 + echo_i "failed"; status=1 fi -echo "I:fetching using hmac-sha512-256 (BADTRUNC)" +echo_i "fetching using hmac-sha512-256 (BADTRUNC)" ret=0 -$DIG +tcp +nosea +nostat +noquest +nocomm +nocmd example.nil.\ - -y "hmac-sha512-256:sha512:$sha512" @10.53.0.1 soa -p 5300 > dig.out.sha512-256 || ret=1 +$DIG $DIGOPTS example.nil. -y "hmac-sha512-256:sha512:$sha512" @10.53.0.1 soa > dig.out.sha512-256 || ret=1 grep -i "sha512.*TSIG.*BADTRUNC" dig.out.sha512-256 > /dev/null || ret=1 if [ $ret -eq 1 ] ; then - echo "I: failed"; status=1 + echo_i "failed"; status=1 fi -echo "I:attempting fetch with bad tsig algorithm" +echo_i "attempting fetch with bad tsig algorithm" ret=0 -$DIG +tcp +nosea +nostat +noquest +nocomm +nocmd example.nil.\ - -y "badalgo:invalid:$sha512" @10.53.0.1 soa -p 5300 > dig.out.badalgo 2>&1 || ret=1 +$DIG $DIGOPTS example.nil. -y "badalgo:invalid:$sha512" @10.53.0.1 soa > dig.out.badalgo 2>&1 || ret=1 grep -i "Couldn't create key invalid: algorithm is unsupported" dig.out.badalgo > /dev/null || ret=1 if [ $ret -eq 1 ] ; then - echo "I: failed"; status=1 + echo_i "failed"; status=1 fi -echo "I:checking both OPT and TSIG records are returned when TC=1" +echo_i "checking both OPT and TSIG records are returned when TC=1" ret=0 -$DIG +ignore +bufsize=512 large.example.nil \ - -y "hmac-sha1:sha1:$sha1" @10.53.0.1 txt -p 5300 > dig.out.large 2>&1 || ret=1 +$DIG -p ${PORT} +ignore +bufsize=512 large.example.nil -y "hmac-sha1:sha1:$sha1" @10.53.0.1 txt > dig.out.large 2>&1 || ret=1 grep "flags:.* tc[ ;]" dig.out.large > /dev/null || ret=1 grep "status: NOERROR" dig.out.large > /dev/null || ret=1 grep "EDNS:" dig.out.large > /dev/null || ret=1 grep -i "sha1.*TSIG.*NOERROR" dig.out.sha1 > /dev/null || ret=1 if [ $ret -eq 1 ] ; then - echo "I: failed"; status=1 + echo_i "failed"; status=1 fi if $SHELL ../testcrypto.sh -q then - echo "I:check that multiple dnssec-keygen calls don't emit dns_dnssec_findmatchingkeys warning" + echo_i "check that multiple dnssec-keygen calls don't emit dns_dnssec_findmatchingkeys warning" ret=0 $KEYGEN -r $RANDFILE -a dh -b 128 -n host example.net > keygen.out1 2>&1 || ret=1 grep dns_dnssec_findmatchingkeys keygen.out1 > /dev/null && ret=1 $KEYGEN -r $RANDFILE -a dh -b 128 -n host example.net > keygen.out2 2>&1 || ret=1 grep dns_dnssec_findmatchingkeys keygen.out2 > /dev/null && ret=1 if [ $ret -eq 1 ] ; then - echo "I: failed"; status=1 + echo_i "failed"; status=1 fi fi -echo "I:check that dnssec-keygen won't generate TSIG keys" +echo_i "check that dnssec-keygen won't generate TSIG keys" ret=0 $KEYGEN -r $RANDFILE -a hmac-sha256 -b 128 -n host example.net > keygen.out3 2>&1 && ret=1 grep "unknown algorithm" keygen.out3 > /dev/null || ret=1 -echo "I:exit status: $status" +echo_i "exit status: $status" [ $status -eq 0 ] || exit 1 diff --git a/bin/tests/system/tsiggss/authsock.pl b/bin/tests/system/tsiggss/authsock.pl index 6814377b9b..75ed972ab5 100644 --- a/bin/tests/system/tsiggss/authsock.pl +++ b/bin/tests/system/tsiggss/authsock.pl @@ -6,8 +6,6 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -# $Id: authsock.pl,v 1.3 2011/01/07 23:47:07 tbox Exp $ - # test the update-policy external protocol require 5.6.0; diff --git a/bin/tests/system/tsiggss/clean.sh b/bin/tests/system/tsiggss/clean.sh index db1828d7ab..bca6e4b034 100644 --- a/bin/tests/system/tsiggss/clean.sh +++ b/bin/tests/system/tsiggss/clean.sh @@ -14,6 +14,7 @@ rm -f ns1/*.jnl ns1/update.txt ns1/auth.sock rm -f ns1/*.db ns1/K*.key ns1/K*.private rm -f ns1/_default.tsigkeys rm -f */named.memstats +rm -f */named.conf rm -f */named.run rm -f authsock.pid rm -f ns1/core diff --git a/bin/tests/system/tsiggss/ns1/named.conf b/bin/tests/system/tsiggss/ns1/named.conf.in similarity index 87% rename from bin/tests/system/tsiggss/ns1/named.conf rename to bin/tests/system/tsiggss/ns1/named.conf.in index 9b8f55dd24..bc554cee5c 100644 --- a/bin/tests/system/tsiggss/ns1/named.conf +++ b/bin/tests/system/tsiggss/ns1/named.conf.in @@ -6,15 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.6 2011/01/06 23:47:00 tbox Exp $ */ - -controls { }; - options { query-source address 10.53.0.1; notify-source 10.53.0.1; transfer-source 10.53.0.1; - port 5300; + port @PORT@; pid-file "named.pid"; session-keyfile "session.key"; listen-on { 10.53.0.1; 127.0.0.1; }; @@ -30,7 +26,7 @@ key rndc_key { }; controls { - inet 10.53.0.1 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.1 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; zone "example.nil." IN { diff --git a/bin/tests/system/tsiggss/prereq.sh b/bin/tests/system/tsiggss/prereq.sh index 2037a1609d..3a1a4b13d2 100644 --- a/bin/tests/system/tsiggss/prereq.sh +++ b/bin/tests/system/tsiggss/prereq.sh @@ -11,7 +11,7 @@ SYSTEMTESTTOP=.. # enable the tsiggss test only if gssapi was enabled $FEATURETEST --gssapi || { - echo "I:gssapi and krb5 not supported - skipping tsiggss test" + echo_i "gssapi and krb5 not supported - skipping tsiggss test" exit 255 } diff --git a/bin/tests/system/tsiggss/setup.sh b/bin/tests/system/tsiggss/setup.sh index 9a100dd7d6..d53a8610a4 100644 --- a/bin/tests/system/tsiggss/setup.sh +++ b/bin/tests/system/tsiggss/setup.sh @@ -9,9 +9,11 @@ SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh +$SHELL clean.sh + test -r $RANDFILE || $GENRANDOM 800 $RANDFILE -rm -f ns1/*.jnl ns1/K*.key ns1/K*.private ns1/_default.tsigkeys +copy_setports ns1/named.conf.in ns1/named.conf key=`$KEYGEN -Cq -K ns1 -a DSA -b 512 -r $RANDFILE -n HOST -T KEY key.example.nil.` cat ns1/example.nil.db.in ns1/${key}.key > ns1/example.nil.db diff --git a/bin/tests/system/tsiggss/tests.sh b/bin/tests/system/tsiggss/tests.sh index 2fb850717f..5c84b3496e 100644 --- a/bin/tests/system/tsiggss/tests.sh +++ b/bin/tests/system/tsiggss/tests.sh @@ -13,7 +13,7 @@ SYSTEMTESTTOP=.. status=0 -DIGOPTS="@10.53.0.1 -p 5300" +DIGOPTS="@10.53.0.1 -p ${PORT}" test_update() { host="$1" @@ -22,7 +22,7 @@ test_update() { digout="$4" cat < ns1/update.txt -server 10.53.0.1 5300 +server 10.53.0.1 ${PORT} update add $host $cmd send EOF @@ -67,7 +67,7 @@ test_update testcname.example.nil. TXT "86400 A 10.53.0.13" "10.53.0.13" > /dev/ echo "I:testing external policy with SIG(0) key" ret=0 $NSUPDATE -R $RANDFILE -k ns1/Kkey.example.nil.*.private < /dev/null 2>&1 || ret=1 -server 10.53.0.1 5300 +server 10.53.0.1 ${PORT} zone example.nil update add fred.example.nil 120 cname foo.bar. send diff --git a/bin/tests/system/unknown/clean.sh b/bin/tests/system/unknown/clean.sh index 98ad5aa440..d452409b28 100644 --- a/bin/tests/system/unknown/clean.sh +++ b/bin/tests/system/unknown/clean.sh @@ -6,10 +6,9 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -# $Id: clean.sh,v 1.7 2007/09/26 03:22:44 marka Exp $ - rm -f dig.out check.out rm -f */named.memstats +rm -f */named.conf rm -f */named.run rm -f */*.bk rm -f */*.bk.* diff --git a/bin/tests/system/unknown/ns1/named.conf b/bin/tests/system/unknown/ns1/named.conf.in similarity index 91% rename from bin/tests/system/unknown/ns1/named.conf rename to bin/tests/system/unknown/ns1/named.conf.in index 3b6317b7c1..e1e7901b4e 100644 --- a/bin/tests/system/unknown/ns1/named.conf +++ b/bin/tests/system/unknown/ns1/named.conf.in @@ -6,15 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.11 2007/06/19 23:47:06 tbox Exp $ */ - -controls { /* empty */ }; - options { query-source address 10.53.0.1; notify-source 10.53.0.1; transfer-source 10.53.0.1; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.1; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/unknown/ns2/named.conf b/bin/tests/system/unknown/ns2/named.conf.in similarity index 85% rename from bin/tests/system/unknown/ns2/named.conf rename to bin/tests/system/unknown/ns2/named.conf.in index 91a2aedac6..ae41808fb0 100644 --- a/bin/tests/system/unknown/ns2/named.conf +++ b/bin/tests/system/unknown/ns2/named.conf.in @@ -6,15 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.11 2007/06/19 23:47:06 tbox Exp $ */ - -controls { /* empty */ }; - options { query-source address 10.53.0.2; notify-source 10.53.0.2; transfer-source 10.53.0.2; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.2; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/unknown/ns3/named.conf b/bin/tests/system/unknown/ns3/named.conf.in similarity index 86% rename from bin/tests/system/unknown/ns3/named.conf rename to bin/tests/system/unknown/ns3/named.conf.in index aec48c9686..c75d16d299 100644 --- a/bin/tests/system/unknown/ns3/named.conf +++ b/bin/tests/system/unknown/ns3/named.conf.in @@ -6,15 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.11 2007/06/19 23:47:06 tbox Exp $ */ - -controls { /* empty */ }; - options { query-source address 10.53.0.3; notify-source 10.53.0.3; transfer-source 10.53.0.3; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.3; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/unknown/setup.sh b/bin/tests/system/unknown/setup.sh index 2c940a5078..1a2f04b66d 100644 --- a/bin/tests/system/unknown/setup.sh +++ b/bin/tests/system/unknown/setup.sh @@ -11,4 +11,8 @@ $SHELL clean.sh test -r $RANDFILE || $GENRANDOM 800 $RANDFILE +copy_setports ns1/named.conf.in ns1/named.conf +copy_setports ns2/named.conf.in ns2/named.conf +copy_setports ns3/named.conf.in ns3/named.conf + (cd ns3; $SHELL -e sign.sh) diff --git a/bin/tests/system/unknown/tests.sh b/bin/tests/system/unknown/tests.sh index c6242ad1d3..e1bb9ee09b 100644 --- a/bin/tests/system/unknown/tests.sh +++ b/bin/tests/system/unknown/tests.sh @@ -6,16 +6,14 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -# $Id: tests.sh,v 1.12 2011/11/02 23:46:24 tbox Exp $ - SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh status=0 -DIGOPTS="-p 5300" +DIGOPTS="-p ${PORT}" -echo "I:querying for various representations of an IN A record" +echo_i "querying for various representations of an IN A record" for i in 1 2 3 4 5 6 7 8 9 10 11 12 do ret=0 @@ -28,7 +26,7 @@ do status=`expr $status + $ret` done -echo "I:querying for various representations of an IN TXT record" +echo_i "querying for various representations of an IN TXT record" for i in 1 2 3 4 5 6 7 do ret=0 @@ -41,7 +39,7 @@ do status=`expr $status + $ret` done -echo "I:querying for various representations of an IN TYPE123 record" +echo_i "querying for various representations of an IN TYPE123 record" for i in 1 2 3 do ret=0 @@ -54,21 +52,21 @@ do status=`expr $status + $ret` done -echo "I:querying for NULL record" +echo_i "querying for NULL record" ret=0 $DIG +short $DIGOPTS @10.53.0.1 null.example null in > dig.out || ret=1 echo '\# 1 00' | $DIFF - dig.out || ret=1 -[ $ret = 0 ] || echo "I: failed" +[ $ret = 0 ] || echo_i "failed" status=`expr $status + $ret` -echo "I:querying for empty NULL record" +echo_i "querying for empty NULL record" ret=0 $DIG +short $DIGOPTS @10.53.0.1 empty.example null in > dig.out || ret=1 echo '\# 0' | $DIFF - dig.out || ret=1 -[ $ret = 0 ] || echo "I: failed" +[ $ret = 0 ] || echo_i "failed" status=`expr $status + $ret` -echo "I:querying for various representations of a CLASS10 TYPE1 record" +echo_i "querying for various representations of a CLASS10 TYPE1 record" for i in 1 2 do ret=0 @@ -81,7 +79,7 @@ do status=`expr $status + $ret` done -echo "I:querying for various representations of a CLASS10 TXT record" +echo_i "querying for various representations of a CLASS10 TXT record" for i in 1 2 3 4 do ret=0 @@ -94,7 +92,7 @@ do status=`expr $status + $ret` done -echo "I:querying for various representations of a CLASS10 TYPE123 record" +echo_i "querying for various representations of a CLASS10 TYPE123 record" for i in 1 2 do ret=0 @@ -107,7 +105,7 @@ do status=`expr $status + $ret` done -echo "I:querying for SOAs of zone that should have failed to load" +echo_i "querying for SOAs of zone that should have failed to load" for i in 1 2 3 4 do ret=0 @@ -120,71 +118,69 @@ do status=`expr $status + $ret` done -echo "I:checking large unknown record loading on master" +echo_i "checking large unknown record loading on master" ret=0 -$DIG $DIGOPTS @10.53.0.1 +tcp +short large.example TYPE45234 > dig.out || { ret=1 ; echo I: dig failed ; } -$DIFF -s large.out dig.out > /dev/null || { ret=1 ; echo "I: $DIFF failed"; } -[ $ret = 0 ] || echo "I: failed" +$DIG $DIGOPTS @10.53.0.1 +tcp +short large.example TYPE45234 > dig.out || { ret=1 ; echo_i "dig failed" ; } +$DIFF -s large.out dig.out > /dev/null || { ret=1 ; echo_i "$DIFF failed"; } +[ $ret = 0 ] || echo_i "failed" status=`expr $status + $ret` -echo "I:checking large unknown record loading on slave" +echo_i "checking large unknown record loading on slave" ret=0 -$DIG $DIGOPTS @10.53.0.2 +tcp +short large.example TYPE45234 > dig.out || { ret=1 ; echo I: dig failed ; } -$DIFF -s large.out dig.out > /dev/null || { ret=1 ; echo "I: $DIFF failed"; } -[ $ret = 0 ] || echo "I: failed" +$DIG $DIGOPTS @10.53.0.2 +tcp +short large.example TYPE45234 > dig.out || { ret=1 ; echo_i "dig failed" ; } +$DIFF -s large.out dig.out > /dev/null || { ret=1 ; echo_i "$DIFF failed"; } +[ $ret = 0 ] || echo_i "failed" status=`expr $status + $ret` -echo "I:stop and restart slave" +echo_i "stop and restart slave" $PERL $SYSTEMTESTTOP/stop.pl . ns2 -$PERL $SYSTEMTESTTOP/start.pl --noclean --restart . ns2 +$PERL $SYSTEMTESTTOP/start.pl --noclean --restart --port ${PORT} . ns2 -echo "I:checking large unknown record loading on slave" +echo_i "checking large unknown record loading on slave" ret=0 -$DIG $DIGOPTS @10.53.0.2 +tcp +short large.example TYPE45234 > dig.out || { ret=1 ; echo I: dig failed ; } -$DIFF -s large.out dig.out > /dev/null || { ret=1 ; echo "I: $DIFF failed"; } -[ $ret = 0 ] || echo "I: failed" +$DIG $DIGOPTS @10.53.0.2 +tcp +short large.example TYPE45234 > dig.out || { ret=1 ; echo_i "dig failed" ; } +$DIFF -s large.out dig.out > /dev/null || { ret=1 ; echo_i "$DIFF failed"; } +[ $ret = 0 ] || echo_i "failed" status=`expr $status + $ret` -echo "I:checking large unknown record loading on inline slave" +echo_i "checking large unknown record loading on inline slave" ret=0 -$DIG $DIGOPTS @10.53.0.3 +tcp +short large.example TYPE45234 > dig.out || { ret=1 ; echo I: dig failed ; } -$DIFF large.out dig.out > /dev/null || { ret=1 ; echo "I: $DIFF failed"; } -[ $ret = 0 ] || echo "I: failed" +$DIG $DIGOPTS @10.53.0.3 +tcp +short large.example TYPE45234 > dig.out || { ret=1 ; echo_i "dig failed" ; } +$DIFF large.out dig.out > /dev/null || { ret=1 ; echo_i "$DIFF failed"; } +[ $ret = 0 ] || echo_i "failed" status=`expr $status + $ret` -echo "I:stop and restart inline slave" +echo_i "stop and restart inline slave" $PERL $SYSTEMTESTTOP/stop.pl . ns3 -$PERL $SYSTEMTESTTOP/start.pl --noclean --restart . ns3 +$PERL $SYSTEMTESTTOP/start.pl --noclean --restart --port ${PORT} . ns3 -echo "I:checking large unknown record loading on inline slave" +echo_i "checking large unknown record loading on inline slave" ret=0 -$DIG $DIGOPTS @10.53.0.3 +tcp +short large.example TYPE45234 > dig.out || { ret=1 ; echo I: dig failed ; } -$DIFF large.out dig.out > /dev/null || { ret=1 ; echo "I: $DIFF failed"; } -[ $ret = 0 ] || echo "I: failed" +$DIG $DIGOPTS @10.53.0.3 +tcp +short large.example TYPE45234 > dig.out || { ret=1 ; echo_i "dig failed" ; } +$DIFF large.out dig.out > /dev/null || { ret=1 ; echo_i "$DIFF failed"; } +[ $ret = 0 ] || echo_i "failed" status=`expr $status + $ret` -echo "I:check that '"'"\\#"'"' is not treated as the unknown escape sequence" +echo_i "check that '"'"\\#"'"' is not treated as the unknown escape sequence" ret=0 $DIG $DIGOPTS @10.53.0.1 +tcp +short txt8.example txt > dig.out echo '"#" "2" "0145"' | $DIFF - dig.out || ret=1 -[ $ret = 0 ] || echo "I: failed" +[ $ret = 0 ] || echo_i "failed" status=`expr $status + $ret` -echo "I:check that 'TXT \# text' is not treated as the unknown escape sequence" +echo_i "check that 'TXT \# text' is not treated as the unknown escape sequence" ret=0 $DIG $DIGOPTS @10.53.0.1 +tcp +short txt9.example txt > dig.out echo '"#" "text"' | $DIFF - dig.out || ret=1 -[ $ret = 0 ] || echo "I: failed" +[ $ret = 0 ] || echo_i "failed" status=`expr $status + $ret` -echo "I:check that 'TYPE353 \# cat' produces 'not a valid number'" +echo_i "check that 'TYPE353 \# cat' produces 'not a valid number'" ret=0 $CHECKZONE nan.bad zones/nan.bad > check.out 2>&1 grep "not a valid number" check.out > /dev/null || ret=1 -[ $ret = 0 ] || echo "I: failed" +[ $ret = 0 ] || echo_i "failed" status=`expr $status + $ret` - - -echo "I:exit status: $status" +echo_i "exit status: $status" [ $status -eq 0 ] || exit 1 diff --git a/bin/tests/system/upforwd/ans4/ans.pl b/bin/tests/system/upforwd/ans4/ans.pl index 0e991f6576..2f4d12e28e 100644 --- a/bin/tests/system/upforwd/ans4/ans.pl +++ b/bin/tests/system/upforwd/ans4/ans.pl @@ -6,8 +6,6 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -# $Id: ans.pl,v 1.2 2011/08/31 06:49:10 marka Exp $ - # # This is the name server from hell. It provides canned # responses based on pattern matching the queries, and @@ -70,13 +68,16 @@ local $| = 1; my $server_addr = "10.53.0.4"; +my $localport = int($ENV{'PORT'}); +if (!$localport) { $localport = 5300; } + my $udpsock = IO::Socket::INET->new(LocalAddr => "$server_addr", - LocalPort => 5300, Proto => "udp", Reuse => 1) or die "$!"; + LocalPort => $localport, Proto => "udp", Reuse => 1) or die "$!"; my $tcpsock = IO::Socket::INET->new(LocalAddr => "$server_addr", - LocalPort => 5300, Proto => "tcp", Listen => 5, Reuse => 1) or die "$!"; + LocalPort => $localport, Proto => "tcp", Listen => 5, Reuse => 1) or die "$!"; -print "listening on $server_addr:5300.\n"; +print "listening on $server_addr:$localport.\n"; my $pidf = new IO::File "ans.pid", "w" or die "cannot open pid file: $!"; print $pidf "$$\n" or die "cannot write pid file: $!"; diff --git a/bin/tests/system/upforwd/clean.sh b/bin/tests/system/upforwd/clean.sh index dadff6f909..7f6560c336 100644 --- a/bin/tests/system/upforwd/clean.sh +++ b/bin/tests/system/upforwd/clean.sh @@ -6,8 +6,6 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -# $Id: clean.sh,v 1.11 2011/10/30 23:46:15 tbox Exp $ - # # Clean up after zone transfer tests. # @@ -17,6 +15,7 @@ rm -f ns1/*.jnl ns2/*.jnl ns3/*.jnl ns1/example.db ns2/*.bk ns3/*.bk rm -f ns3/nomaster1.db rm -f */named.memstats rm -f */named.run +rm -f */named.conf rm -f */ans.run rm -f Ksig0.example2.* rm -f keyname diff --git a/bin/tests/system/upforwd/ns1/named.conf b/bin/tests/system/upforwd/ns1/named.conf.in similarity index 89% rename from bin/tests/system/upforwd/ns1/named.conf rename to bin/tests/system/upforwd/ns1/named.conf.in index 5eeca7d6ed..9322bc76a0 100644 --- a/bin/tests/system/upforwd/ns1/named.conf +++ b/bin/tests/system/upforwd/ns1/named.conf.in @@ -6,20 +6,16 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.11 2007/06/18 23:47:31 tbox Exp $ */ - key "update.example." { algorithm "hmac-md5"; secret "c3Ryb25nIGVub3VnaCBmb3IgYSBtYW4gYnV0IG1hZGUgZm9yIGEgd29tYW4K"; }; -controls { /* empty */ }; - options { query-source address 10.53.0.1; notify-source 10.53.0.1; transfer-source 10.53.0.1; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.1; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/upforwd/ns2/named.conf b/bin/tests/system/upforwd/ns2/named.conf.in similarity index 87% rename from bin/tests/system/upforwd/ns2/named.conf rename to bin/tests/system/upforwd/ns2/named.conf.in index ee224c1231..5cf42c78ce 100644 --- a/bin/tests/system/upforwd/ns2/named.conf +++ b/bin/tests/system/upforwd/ns2/named.conf.in @@ -6,15 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.10 2007/06/18 23:47:31 tbox Exp $ */ - -controls { /* empty */ }; - options { query-source address 10.53.0.2; notify-source 10.53.0.2; transfer-source 10.53.0.2; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.2; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/upforwd/ns3/named.conf b/bin/tests/system/upforwd/ns3/named.conf.in similarity index 89% rename from bin/tests/system/upforwd/ns3/named.conf rename to bin/tests/system/upforwd/ns3/named.conf.in index 2b2e6b3f2a..2dcba8326e 100644 --- a/bin/tests/system/upforwd/ns3/named.conf +++ b/bin/tests/system/upforwd/ns3/named.conf.in @@ -6,15 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.14 2011/10/26 15:23:37 each Exp $ */ - -controls { /* empty */ }; - options { query-source address 10.53.0.3; notify-source 10.53.0.3; transfer-source 10.53.0.3; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.3; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/upforwd/prereq.sh b/bin/tests/system/upforwd/prereq.sh index e05468868f..fad66b0fb4 100644 --- a/bin/tests/system/upforwd/prereq.sh +++ b/bin/tests/system/upforwd/prereq.sh @@ -10,6 +10,6 @@ if $PERL -e 'use Net::DNS;' 2>/dev/null then : else - echo "I:This test requires the Net::DNS library." >&2 + echo_i "This test requires the Net::DNS library." >&2 exit 1 fi diff --git a/bin/tests/system/upforwd/setup.sh b/bin/tests/system/upforwd/setup.sh index fb1978ec25..31cab0a7c9 100644 --- a/bin/tests/system/upforwd/setup.sh +++ b/bin/tests/system/upforwd/setup.sh @@ -9,11 +9,14 @@ SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh +$SHELL clean.sh + cp -f ns1/example1.db ns1/example.db -rm -f ns1/example.db.jnl ns2/example.bk ns2/example.bk.jnl -rm -f ns1/example2.db.jnl ns2/example2.bk ns2/example2.bk.jnl cp -f ns3/nomaster.db ns3/nomaster1.db -rm -f Ksig0.example2.* + +copy_setports ns1/named.conf.in ns1/named.conf +copy_setports ns2/named.conf.in ns2/named.conf +copy_setports ns3/named.conf.in ns3/named.conf # # SIG(0) required cryptographic support which may not be configured. diff --git a/bin/tests/system/upforwd/tests.sh b/bin/tests/system/upforwd/tests.sh index 6da4b3c5c4..8748eddd86 100644 --- a/bin/tests/system/upforwd/tests.sh +++ b/bin/tests/system/upforwd/tests.sh @@ -6,8 +6,6 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -# $Id: tests.sh,v 1.13 2011/10/13 22:18:05 marka Exp $ - # ns1 = stealth master # ns2 = slave with update forwarding disabled; not currently used # ns3 = slave with update forwarding enabled @@ -15,182 +13,183 @@ SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh +DIGOPTS="+tcp +noadd +nosea +nostat +noquest +nocomm +nocmd -p ${PORT}" + status=0 n=1 sleep 5 -echo "I:waiting for servers to be ready for testing ($n)" +echo_i "waiting for servers to be ready for testing ($n)" for i in 1 2 3 4 5 6 7 8 9 10 do ret=0 - $DIG +tcp example. @10.53.0.1 soa -p 5300 > dig.out.ns1 || ret=1 + $DIG +tcp -p ${PORT} example. @10.53.0.1 soa > dig.out.ns1 || ret=1 grep "status: NOERROR" dig.out.ns1 > /dev/null || ret=1 - $DIG +tcp example. @10.53.0.2 soa -p 5300 > dig.out.ns2 || ret=1 + $DIG +tcp -p ${PORT} example. @10.53.0.2 soa > dig.out.ns2 || ret=1 grep "status: NOERROR" dig.out.ns2 > /dev/null || ret=1 - $DIG +tcp example. @10.53.0.3 soa -p 5300 > dig.out.ns3 || ret=1 + $DIG +tcp -p ${PORT} example. @10.53.0.3 soa > dig.out.ns3 || ret=1 grep "status: NOERROR" dig.out.ns3 > /dev/null || ret=1 test $ret = 0 && break sleep 1 done -if [ $ret != 0 ] ; then echo "I:failed"; status=`expr $status + $ret`; fi +if [ $ret != 0 ] ; then echo_i "failed"; status=`expr $status + $ret`; fi n=`expr $n + 1` -echo "I:fetching master copy of zone before update ($n)" +echo_i "fetching master copy of zone before update ($n)" ret=0 -$DIG +tcp +noadd +nosea +nostat +noquest +nocomm +nocmd example.\ - @10.53.0.1 axfr -p 5300 > dig.out.ns1 || ret=1 -if [ $ret != 0 ] ; then echo "I:failed"; status=`expr $status + $ret`; fi +$DIG $DIGOPTS example.\ + @10.53.0.1 axfr > dig.out.ns1 || ret=1 +if [ $ret != 0 ] ; then echo_i "failed"; status=`expr $status + $ret`; fi n=`expr $n + 1` -echo "I:fetching slave 1 copy of zone before update ($n)" -$DIG +tcp +noadd +nosea +nostat +noquest +nocomm +nocmd example.\ - @10.53.0.2 axfr -p 5300 > dig.out.ns2 || ret=1 -if [ $ret != 0 ] ; then echo "I:failed"; status=`expr $status + $ret`; fi +echo_i "fetching slave 1 copy of zone before update ($n)" +$DIG $DIGOPTS example.\ + @10.53.0.2 axfr > dig.out.ns2 || ret=1 +if [ $ret != 0 ] ; then echo_i "failed"; status=`expr $status + $ret`; fi n=`expr $n + 1` -echo "I:fetching slave 2 copy of zone before update ($n)" +echo_i "fetching slave 2 copy of zone before update ($n)" ret=0 -$DIG +tcp +noadd +nosea +nostat +noquest +nocomm +nocmd example.\ - @10.53.0.3 axfr -p 5300 > dig.out.ns3 || ret=1 -if [ $ret != 0 ] ; then echo "I:failed"; status=`expr $status + $ret`; fi +$DIG $DIGOPTS example.\ + @10.53.0.3 axfr > dig.out.ns3 || ret=1 +if [ $ret != 0 ] ; then echo_i "failed"; status=`expr $status + $ret`; fi n=`expr $n + 1` -echo "I:comparing pre-update copies to known good data ($n)" +echo_i "comparing pre-update copies to known good data ($n)" ret=0 $PERL ../digcomp.pl knowngood.before dig.out.ns1 || ret=1 $PERL ../digcomp.pl knowngood.before dig.out.ns2 || ret=1 $PERL ../digcomp.pl knowngood.before dig.out.ns3 || ret=1 -if [ $ret != 0 ] ; then echo "I:failed"; status=`expr $status + $ret`; fi +if [ $ret != 0 ] ; then echo_i "failed"; status=`expr $status + $ret`; fi -echo "I:updating zone (signed) ($n)" +echo_i "updating zone (signed) ($n)" ret=0 $NSUPDATE -y update.example:c3Ryb25nIGVub3VnaCBmb3IgYSBtYW4gYnV0IG1hZGUgZm9yIGEgd29tYW4K -- - < dig.out.ns1 || ret=1 -if [ $ret != 0 ] ; then echo "I:failed"; status=`expr $status + $ret`; fi +$DIG $DIGOPTS example.\ + @10.53.0.1 axfr > dig.out.ns1 || ret=1 +if [ $ret != 0 ] ; then echo_i "failed"; status=`expr $status + $ret`; fi n=`expr $n + 1` -echo "I:fetching slave 1 copy of zone after update ($n)" +echo_i "fetching slave 1 copy of zone after update ($n)" ret=0 -$DIG +tcp +noadd +nosea +nostat +noquest +nocomm +nocmd example.\ - @10.53.0.2 axfr -p 5300 > dig.out.ns2 || ret=1 -if [ $ret != 0 ] ; then echo "I:failed"; status=`expr $status + $ret`; fi +$DIG $DIGOPTS example.\ + @10.53.0.2 axfr > dig.out.ns2 || ret=1 +if [ $ret != 0 ] ; then echo_i "failed"; status=`expr $status + $ret`; fi -echo "I:fetching slave 2 copy of zone after update ($n)" +echo_i "fetching slave 2 copy of zone after update ($n)" ret=0 -$DIG +tcp +noadd +nosea +nostat +noquest +nocomm +nocmd example.\ - @10.53.0.3 axfr -p 5300 > dig.out.ns3 || ret=1 -if [ $ret != 0 ] ; then echo "I:failed"; status=`expr $status + $ret`; fi +$DIG $DIGOPTS example.\ + @10.53.0.3 axfr > dig.out.ns3 || ret=1 +if [ $ret != 0 ] ; then echo_i "failed"; status=`expr $status + $ret`; fi n=`expr $n + 1` -echo "I:comparing post-update copies to known good data ($n)" +echo_i "comparing post-update copies to known good data ($n)" ret=0 $PERL ../digcomp.pl knowngood.after1 dig.out.ns1 || ret=1 $PERL ../digcomp.pl knowngood.after1 dig.out.ns2 || ret=1 $PERL ../digcomp.pl knowngood.after1 dig.out.ns3 || ret=1 -if [ $ret != 0 ] ; then echo "I:failed"; status=`expr $status + $ret`; fi +if [ $ret != 0 ] ; then echo_i "failed"; status=`expr $status + $ret`; fi -echo "I:checking 'forwarding update for zone' is logged ($n)" +echo_i "checking 'forwarding update for zone' is logged ($n)" ret=0 grep "forwarding update for zone 'example/IN'" ns3/named.run > /dev/null || ret=1 -if [ $ret != 0 ] ; then echo "I:failed"; status=`expr $status + $ret`; fi +if [ $ret != 0 ] ; then echo_i "failed"; status=`expr $status + $ret`; fi n=`expr $n + 1` -echo "I:updating zone (unsigned) ($n)" +echo_i "updating zone (unsigned) ($n)" ret=0 $NSUPDATE -- - < dig.out.ns1 || ret=1 -if [ $ret != 0 ] ; then echo "I:failed"; status=`expr $status + $ret`; fi +$DIG $DIGOPTS example.\ + @10.53.0.1 axfr > dig.out.ns1 || ret=1 +if [ $ret != 0 ] ; then echo_i "failed"; status=`expr $status + $ret`; fi -echo "I:fetching slave 1 copy of zone after update ($n)" +echo_i "fetching slave 1 copy of zone after update ($n)" ret=0 -$DIG +tcp +noadd +nosea +nostat +noquest +nocomm +nocmd example.\ - @10.53.0.2 axfr -p 5300 > dig.out.ns2 || ret=1 -if [ $ret != 0 ] ; then echo "I:failed"; status=`expr $status + $ret`; fi +$DIG $DIGOPTS example.\ + @10.53.0.2 axfr > dig.out.ns2 || ret=1 +if [ $ret != 0 ] ; then echo_i "failed"; status=`expr $status + $ret`; fi n=`expr $n + 1` -echo "I:fetching slave 2 copy of zone after update ($n)" +echo_i "fetching slave 2 copy of zone after update ($n)" ret=0 -$DIG +tcp +noadd +nosea +nostat +noquest +nocomm +nocmd example.\ - @10.53.0.3 axfr -p 5300 > dig.out.ns3 || ret=1 -if [ $ret != 0 ] ; then echo "I:failed"; status=`expr $status + $ret`; fi +$DIG $DIGOPTS example.\ + @10.53.0.3 axfr > dig.out.ns3 || ret=1 +if [ $ret != 0 ] ; then echo_i "failed"; status=`expr $status + $ret`; fi -echo "I:comparing post-update copies to known good data ($n)" +echo_i "comparing post-update copies to known good data ($n)" ret=0 $PERL ../digcomp.pl knowngood.after2 dig.out.ns1 || ret=1 $PERL ../digcomp.pl knowngood.after2 dig.out.ns2 || ret=1 $PERL ../digcomp.pl knowngood.after2 dig.out.ns3 || ret=1 -if [ $ret != 0 ] ; then echo "I:failed"; status=`expr $status + $ret`; fi +if [ $ret != 0 ] ; then echo_i "failed"; status=`expr $status + $ret`; fi n=`expr $n + 1` -echo "I:checking update forwarding to dead master ($n)" +echo_i "checking update forwarding to dead master ($n)" count=0 ret=0 while [ $count -lt 5 -a $ret -eq 0 ] do ( $NSUPDATE -- - < /dev/null 2>&1 & - $DIG +notcp +noadd +noauth nomaster.\ - @10.53.0.3 soa -p 5300 > dig.out.ns3 || ret=1 + $DIG -p ${PORT} +noadd +notcp +noauth nomaster. @10.53.0.3 soa > dig.out.ns3 || ret=1 grep "status: NOERROR" dig.out.ns3 > /dev/null || ret=1 count=`expr $count + 1` done -if [ $ret != 0 ] ; then echo "I:failed"; status=`expr $status + $ret`; fi +if [ $ret != 0 ] ; then echo_i "failed"; status=`expr $status + $ret`; fi n=`expr $n + 1` if test -f keyname then - echo "I:checking update forwarding to with sig0 ($n)" + echo_i "checking update forwarding to with sig0 ($n)" ret=0 keyname=`cat keyname` $NSUPDATE -k $keyname.private -- - < dig.out.ns1.test$n + $DIG unsigned.example2 A @10.53.0.1 > dig.out.ns1.test$n grep "status: NOERROR" dig.out.ns1.test$n > /dev/null || ret=1 - if [ $ret != 0 ] ; then echo "I:failed"; fi + if [ $ret != 0 ] ; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` fi -echo "I:exit status: $status" +echo_i "exit status: $status" [ $status -eq 0 ] || exit 1 diff --git a/bin/tests/system/verify/tests.sh b/bin/tests/system/verify/tests.sh index a02a1a03dc..f42b415689 100644 --- a/bin/tests/system/verify/tests.sh +++ b/bin/tests/system/verify/tests.sh @@ -4,13 +4,11 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -# $Id$ - SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh failed () { cat verify.out.$n | sed 's/^/D:/'; - echo "I:failed"; + echo_i "failed"; status=1; } @@ -21,7 +19,7 @@ for file in zones/*.good do n=`expr $n + 1` zone=`expr "$file" : 'zones/\(.*\).good'` - echo "I:checking supposedly good zone: $zone ($n)" + echo_i "checking supposedly good zone: $zone ($n)" ret=0 case $zone in zsk-only.*) only=-z;; @@ -36,7 +34,7 @@ for file in zones/*.bad do n=`expr $n + 1` zone=`expr "$file" : 'zones/\(.*\).bad'` - echo "I:checking supposedly bad zone: $zone ($n)" + echo_i "checking supposedly bad zone: $zone ($n)" ret=0 dumpit=0 case $zone in @@ -87,7 +85,7 @@ do done n=`expr $n + 1` -echo "I:checking error message when -o is not used and a SOA record not at top of zone is found ($n)" +echo_i "checking error message when -o is not used and a SOA record not at top of zone is found ($n)" ret=0 # When -o is not used, origin is set to zone file name, which should cause an error in this case $VERIFY zones/ksk+zsk.nsec.good > verify.out.$n 2>&1 && ret=1 @@ -96,12 +94,12 @@ grep "use -o to specify a different zone origin" verify.out.$n > /dev/null || re [ $ret = 0 ] || failed n=`expr $n + 1` -echo "I:checking error message when an invalid -o is specified and a SOA record not at top of zone is found ($n)" +echo_i "checking error message when an invalid -o is specified and a SOA record not at top of zone is found ($n)" ret=0 $VERIFY -o invalid.origin zones/ksk+zsk.nsec.good > verify.out.$n 2>&1 && ret=1 grep "not at top of zone" verify.out.$n > /dev/null || ret=1 grep "use -o to specify a different zone origin" verify.out.$n > /dev/null && ret=1 [ $ret = 0 ] || failed -echo "I:exit status: $status" +echo_i "exit status: $status" [ $status -eq 0 ] || exit 1 diff --git a/bin/tests/system/verify/zones/genzones.sh b/bin/tests/system/verify/zones/genzones.sh index 5b4190b997..0c05714276 100644 --- a/bin/tests/system/verify/zones/genzones.sh +++ b/bin/tests/system/verify/zones/genzones.sh @@ -4,8 +4,6 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -# $Id$ - SYSTEMTESTTOP=../.. . $SYSTEMTESTTOP/conf.sh @@ -14,7 +12,7 @@ dumpit () { cat "${1}" | sed 's/^/D:/' } setup () { - echo "I:setting up $2 zone: $1" + echo_i "setting up $2 zone: $1" debug="$1" zone="$1" file="$1.$2" diff --git a/bin/tests/system/views/clean.sh b/bin/tests/system/views/clean.sh index 3389ee6b4a..4a04921fa7 100644 --- a/bin/tests/system/views/clean.sh +++ b/bin/tests/system/views/clean.sh @@ -6,17 +6,16 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -# $Id: clean.sh,v 1.14 2007/09/26 03:22:44 marka Exp $ - # # Clean up after zone transfer tests. # +rm -f ns*/named.conf rm -f ns3/example.bk dig.out.ns?.? -rm -f ns2/named.conf ns2/example.db ns3/named.conf ns3/internal.bk +rm -f ns2/example.db ns3/internal.bk rm -f */*.jnl rm -f */named.memstats -rm -f */named.run +rm -f */named.run */named.run.prev rm -f ns2/external/K* rm -f ns2/external/inline.db.jbk rm -f ns2/external/inline.db.signed diff --git a/bin/tests/system/notify/ns1/named.conf b/bin/tests/system/views/ns1/named.conf.in similarity index 84% rename from bin/tests/system/notify/ns1/named.conf rename to bin/tests/system/views/ns1/named.conf.in index c635fb57e5..262fbe93d7 100644 --- a/bin/tests/system/notify/ns1/named.conf +++ b/bin/tests/system/views/ns1/named.conf.in @@ -6,15 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.18 2007/06/19 23:47:04 tbox Exp $ */ - -controls { /* empty */ }; - options { query-source address 10.53.0.1; notify-source 10.53.0.1; transfer-source 10.53.0.1; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.1; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/views/ns2/named1.conf b/bin/tests/system/views/ns2/named1.conf.in similarity index 79% rename from bin/tests/system/views/ns2/named1.conf rename to bin/tests/system/views/ns2/named1.conf.in index 0d9da0f4e2..d02c762d87 100644 --- a/bin/tests/system/views/ns2/named1.conf +++ b/bin/tests/system/views/ns2/named1.conf.in @@ -6,15 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named1.conf,v 1.20 2007/06/19 23:47:07 tbox Exp $ */ - -controls { /* empty */ }; - options { query-source address 10.53.0.2; notify-source 10.53.0.2; transfer-source 10.53.0.2; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.2; }; listen-on-v6 { none; }; @@ -22,7 +18,15 @@ options { notify yes; }; -include "../../common/controls.conf"; +key rndc_key { + secret "1234abcd8765"; + algorithm hmac-sha256; +}; + +controls { + inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; +}; + zone "." { type hint; diff --git a/bin/tests/system/views/ns2/named2.conf b/bin/tests/system/views/ns2/named2.conf.in similarity index 90% rename from bin/tests/system/views/ns2/named2.conf rename to bin/tests/system/views/ns2/named2.conf.in index 082b54a8e7..7dbd132c22 100644 --- a/bin/tests/system/views/ns2/named2.conf +++ b/bin/tests/system/views/ns2/named2.conf.in @@ -6,15 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named2.conf,v 1.22 2007/06/19 23:47:07 tbox Exp $ */ - -controls { /* empty */ }; - options { query-source address 10.53.0.2; notify-source 10.53.0.2; transfer-source 10.53.0.2; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.2; 10.53.0.4; }; listen-on-v6 { none; }; @@ -22,7 +18,14 @@ options { notify yes; }; -include "../../common/controls.conf"; +key rndc_key { + secret "1234abcd8765"; + algorithm hmac-sha256; +}; + +controls { + inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; +}; view "internal" { match-clients { 10.53.0.2; diff --git a/bin/tests/system/views/ns3/named1.conf b/bin/tests/system/views/ns3/named1.conf.in similarity index 83% rename from bin/tests/system/views/ns3/named1.conf rename to bin/tests/system/views/ns3/named1.conf.in index b68bc6accc..5f29876bfa 100644 --- a/bin/tests/system/views/ns3/named1.conf +++ b/bin/tests/system/views/ns3/named1.conf.in @@ -6,15 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named1.conf,v 1.19 2007/06/19 23:47:07 tbox Exp $ */ - -controls { /* empty */ }; - options { query-source address 10.53.0.3; notify-source 10.53.0.3; transfer-source 10.53.0.3; - port 5300; + port @PORT@; directory "."; pid-file "named.pid"; listen-on { 10.53.0.3; }; @@ -29,7 +25,7 @@ key rndc_key { }; controls { - inet 10.53.0.3 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.3 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; zone "." { diff --git a/bin/tests/system/views/ns3/named2.conf b/bin/tests/system/views/ns3/named2.conf.in similarity index 81% rename from bin/tests/system/views/ns3/named2.conf rename to bin/tests/system/views/ns3/named2.conf.in index ca9854993e..8a16e048dc 100644 --- a/bin/tests/system/views/ns3/named2.conf +++ b/bin/tests/system/views/ns3/named2.conf.in @@ -6,15 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named2.conf,v 1.19 2007/06/19 23:47:07 tbox Exp $ */ - -controls { /* empty */ }; - options { query-source address 10.53.0.3; notify-source 10.53.0.3; transfer-source 10.53.0.3; - port 5300; + port @PORT@; directory "."; pid-file "named.pid"; listen-on { 10.53.0.3; }; @@ -29,7 +25,7 @@ key rndc_key { }; controls { - inet 10.53.0.3 port 11953 allow { any; } keys { rndc_key; }; + inet 10.53.0.3 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; zone "." { @@ -40,7 +36,6 @@ zone "." { zone "example" { type slave; masters { 10.53.0.2; }; - allow-update { any; }; file "internal.bk"; }; @@ -48,4 +43,3 @@ zone "child.clone" { type master; file "child.clone.db"; }; - diff --git a/bin/tests/system/views/ns5/named.conf b/bin/tests/system/views/ns5/named.conf.in similarity index 81% rename from bin/tests/system/views/ns5/named.conf rename to bin/tests/system/views/ns5/named.conf.in index 8b55d58613..f16eb695ef 100644 --- a/bin/tests/system/views/ns5/named.conf +++ b/bin/tests/system/views/ns5/named.conf.in @@ -6,15 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named1.conf,v 1.19 2007/06/19 23:47:07 tbox Exp $ */ - -controls { /* empty */ }; - options { query-source address 10.53.0.5; notify-source 10.53.0.5; transfer-source 10.53.0.5; - port 5300; + port @PORT@; directory "."; pid-file "named.pid"; listen-on { 10.53.0.5; }; @@ -29,7 +25,7 @@ key rndc_key { }; controls { - inet 10.53.0.5 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.5 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; zone "." { diff --git a/bin/tests/system/views/setup.sh b/bin/tests/system/views/setup.sh index 77aa47d476..4dca90a31c 100644 --- a/bin/tests/system/views/setup.sh +++ b/bin/tests/system/views/setup.sh @@ -6,9 +6,14 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. +SYSTEMTESTTOP=.. +. $SYSTEMTESTTOP/conf.sh + +$SHELL clean.sh + +test -r $RANDFILE || $GENRANDOM 800 $RANDFILE + cp -f ns2/example1.db ns2/example.db -cp -f ns2/named1.conf ns2/named.conf -cp -f ns3/named1.conf ns3/named.conf rm -f ns2/external/K* rm -f ns2/external/inline.db.signed rm -f ns2/external/inline.db.signed.jnl @@ -16,10 +21,10 @@ rm -f ns2/internal/K* rm -f ns2/internal/inline.db.signed rm -f ns2/internal/inline.db.signed.jnl -SYSTEMTESTTOP=.. -. $SYSTEMTESTTOP/conf.sh - -test -r $RANDFILE || $GENRANDOM 800 $RANDFILE +copy_setports ns1/named.conf.in ns1/named.conf +copy_setports ns2/named1.conf.in ns2/named.conf +copy_setports ns3/named1.conf.in ns3/named.conf +copy_setports ns5/named.conf.in ns5/named.conf # # We remove k1 and k2 as KEYGEN is deterministic when given the diff --git a/bin/tests/system/views/tests.sh b/bin/tests/system/views/tests.sh index be1876241d..c1610095a6 100644 --- a/bin/tests/system/views/tests.sh +++ b/bin/tests/system/views/tests.sh @@ -6,97 +6,100 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -# $Id: tests.sh,v 1.30 2007/06/19 23:47:06 tbox Exp $ - SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh +DIGOPTS="+tcp +noadd +nosea +nostat +noquest +nocomm +nocmd +noauth -p ${PORT}" +SHORTOPTS="+tcp +short -p ${PORT}" +RNDCCMD="$RNDC -c $SYSTEMTESTTOP/common/rndc.conf -p ${CONTROLPORT} -s" + status=0 -echo "I:fetching a.example from ns2's initial configuration" -$DIG +tcp +noadd +nosea +nostat +noquest +nocomm +nocmd +noauth \ - a.example. @10.53.0.2 any -p 5300 > dig.out.ns2.1 || status=1 +echo_i "fetching a.example from ns2's initial configuration" +$DIG $DIGOPTS a.example. @10.53.0.2 any > dig.out.ns2.1 || status=1 grep ";" dig.out.ns2.1 # XXXDCL why is this here? -echo "I:fetching a.example from ns3's initial configuration" -$DIG +tcp +noadd +nosea +nostat +noquest +nocomm +nocmd +noauth \ - a.example. @10.53.0.3 any -p 5300 > dig.out.ns3.1 || status=1 +echo_i "fetching a.example from ns3's initial configuration" +$DIG $DIGOPTS a.example. @10.53.0.3 any > dig.out.ns3.1 || status=1 grep ";" dig.out.ns3.1 # XXXDCL why is this here? -echo "I:copying in new configurations for ns2 and ns3" +echo_i "copying in new configurations for ns2 and ns3" rm -f ns2/named.conf ns3/named.conf ns2/example.db -cp -f ns2/named2.conf ns2/named.conf -cp -f ns3/named2.conf ns3/named.conf cp -f ns2/example2.db ns2/example.db +copy_setports ns2/named2.conf.in ns2/named.conf +copy_setports ns3/named2.conf.in ns3/named.conf -echo "I:reloading ns2 and ns3 with rndc" -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 reload 2>&1 | sed 's/^/I:ns2 /' -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 reload 2>&1 | sed 's/^/I:ns3 /' +echo_i "reloading ns2 and ns3 with rndc" +nextpart ns2/named.run > /dev/null +nextpart ns3/named.run > /dev/null +$RNDCCMD 10.53.0.2 reload 2>&1 | sed 's/^/ns2 /' | cat_i +$RNDCCMD 10.53.0.3 reload 2>&1 | sed 's/^/ns3 /' | cat_i -echo "I:sleeping for 20 seconds" -sleep 20 +echo_i "wait for reload" +a=0 b=0 +for i in 1 2 3 4 5 6 7 8 9 0; do + nextpart ns2/named.run | grep "reloading zones succeeded" > /dev/null && a=1 + nextpart ns3/named.run | grep "reloading zones succeeded" > /dev/null && b=1 + [ $a -eq 1 -a $b -eq 1 ] && break + sleep 1 +done -echo "I:fetching a.example from ns2's 10.53.0.4, source address 10.53.0.4" -$DIG +tcp +noadd +nosea +nostat +noquest +nocomm +nocmd +noauth \ - -b 10.53.0.4 a.example. @10.53.0.4 any -p 5300 > dig.out.ns4.2 \ - || status=1 +echo_i "fetching a.example from ns2's 10.53.0.4, source address 10.53.0.4" +$DIG $DIGOPTS -b 10.53.0.4 a.example. @10.53.0.4 any > dig.out.ns4.2 || status=1 grep ";" dig.out.ns4.2 # XXXDCL why is this here? -echo "I:fetching a.example from ns2's 10.53.0.2, source address 10.53.0.2" -$DIG +tcp +noadd +nosea +nostat +noquest +nocomm +nocmd +noauth \ - -b 10.53.0.2 a.example. @10.53.0.2 any -p 5300 > dig.out.ns2.2 \ - || status=1 +echo_i "fetching a.example from ns2's 10.53.0.2, source address 10.53.0.2" +$DIG $DIGOPTS -b 10.53.0.2 a.example. @10.53.0.2 any > dig.out.ns2.2 || status=1 grep ";" dig.out.ns2.2 # XXXDCL why is this here? -echo "I:fetching a.example from ns3's 10.53.0.3, source address defaulted" -$DIG +tcp +noadd +nosea +nostat +noquest +nocomm +nocmd +noauth \ - @10.53.0.3 a.example. any -p 5300 > dig.out.ns3.2 || status=1 +echo_i "fetching a.example from ns3's 10.53.0.3, source address defaulted" +$DIG $DIGOPTS @10.53.0.3 a.example. any > dig.out.ns3.2 || status=1 grep ";" dig.out.ns3.2 # XXXDCL why is this here? -echo "I:comparing ns3's initial a.example to one from reconfigured 10.53.0.2" +echo_i "comparing ns3's initial a.example to one from reconfigured 10.53.0.2" $PERL ../digcomp.pl dig.out.ns3.1 dig.out.ns2.2 || status=1 -echo "I:comparing ns3's initial a.example to one from reconfigured 10.53.0.3" +echo_i "comparing ns3's initial a.example to one from reconfigured 10.53.0.3" $PERL ../digcomp.pl dig.out.ns3.1 dig.out.ns3.2 || status=1 -echo "I:comparing ns2's initial a.example to one from reconfigured 10.53.0.4" +echo_i "comparing ns2's initial a.example to one from reconfigured 10.53.0.4" $PERL ../digcomp.pl dig.out.ns2.1 dig.out.ns4.2 || status=1 -echo "I:comparing ns2's initial a.example to one from reconfigured 10.53.0.3" -echo "I:(should be different)" +echo_i "comparing ns2's initial a.example to one from reconfigured 10.53.0.3" +echo_i "(should be different)" if $PERL ../digcomp.pl dig.out.ns2.1 dig.out.ns3.2 >/dev/null then - echo "I:no differences found. something's wrong." + echo_i "no differences found. something's wrong." status=1 fi -echo "I:updating cloned zone in internal view" +echo_i "updating cloned zone in internal view" $NSUPDATE << EOF -server 10.53.0.2 5300 +server 10.53.0.2 ${PORT} zone clone update add b.clone. 300 in a 10.1.0.3 send EOF -echo "I:sleeping to allow update to take effect" +echo_i "sleeping to allow update to take effect" sleep 5 -echo "I:verifying update affected both views" +echo_i "verifying update affected both views" ret=0 -one=`$DIG +tcp +short -p 5300 -b 10.53.0.2 @10.53.0.2 b.clone a` -two=`$DIG +tcp +short -p 5300 -b 10.53.0.4 @10.53.0.2 b.clone a` +one=`$DIG $SHORTOPTS -b 10.53.0.2 @10.53.0.2 b.clone a` +two=`$DIG $SHORTOPTS -b 10.53.0.4 @10.53.0.2 b.clone a` if [ "$one" != "$two" ]; then echo "'$one' does not match '$two'" ret=1 fi -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:verifying forwarder in cloned zone works" +echo_i "verifying forwarder in cloned zone works" ret=0 -one=`$DIG +tcp +short -p 5300 -b 10.53.0.2 @10.53.0.2 child.clone txt` -two=`$DIG +tcp +short -p 5300 -b 10.53.0.4 @10.53.0.2 child.clone txt` -three=`$DIG +tcp +short -p 5300 @10.53.0.3 child.clone txt` -four=`$DIG +tcp +short -p 5300 @10.53.0.5 child.clone txt` +one=`$DIG $SHORTOPTS -b 10.53.0.2 @10.53.0.2 child.clone txt` +two=`$DIG $SHORTOPTS -b 10.53.0.4 @10.53.0.2 child.clone txt` +three=`$DIG $SHORTOPTS @10.53.0.3 child.clone txt` +four=`$DIG $SHORTOPTS @10.53.0.5 child.clone txt` echo "$three" | grep NS3 > /dev/null || { ret=1; echo "expected response from NS3 got '$three'"; } echo "$four" | grep NS5 > /dev/null || { ret=1; echo "expected response from NS5 got '$four'"; } if [ "$one" = "$two" ]; then @@ -111,23 +114,23 @@ if [ "$two" != "$four" ]; then echo "'$two' does not match '$four'" ret=1 fi -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` if $SHELL ../testcrypto.sh then - echo "I:verifying inline zones work with views" + echo_i "verifying inline zones work with views" ret=0 - $DIG @10.53.0.2 -p 5300 -b 10.53.0.2 +dnssec DNSKEY inline > dig.out.internal - $DIG @10.53.0.2 -p 5300 -b 10.53.0.5 +dnssec DNSKEY inline > dig.out.external + $DIG -p ${PORT} @10.53.0.2 -b 10.53.0.2 +dnssec DNSKEY inline > dig.out.internal + $DIG -p ${PORT} @10.53.0.2 -b 10.53.0.5 +dnssec DNSKEY inline > dig.out.external grep "ANSWER: 4," dig.out.internal > /dev/null || ret=1 grep "ANSWER: 4," dig.out.external > /dev/null || ret=1 int=`awk '$4 == "DNSKEY" { print $8 }' dig.out.internal | sort` ext=`awk '$4 == "DNSKEY" { print $8 }' dig.out.external | sort` test "$int" != "$ext" || ret=1 - if [ $ret != 0 ]; then echo "I:failed"; fi + if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` fi -echo "I:exit status: $status" +echo_i "exit status: $status" [ $status -eq 0 ] || exit 1 diff --git a/bin/tests/system/wildcard/clean.sh b/bin/tests/system/wildcard/clean.sh index 0edbf46297..d16bc49ded 100644 --- a/bin/tests/system/wildcard/clean.sh +++ b/bin/tests/system/wildcard/clean.sh @@ -7,6 +7,7 @@ # file, You can obtain one at http://mozilla.org/MPL/2.0/. rm -f ns*/named.run +rm -f ns*/named.conf rm -f ns1/K* rm -f ns1/*.db rm -f ns1/*.signed diff --git a/bin/tests/system/wildcard/ns1/named.conf b/bin/tests/system/wildcard/ns1/named.conf.in similarity index 90% rename from bin/tests/system/wildcard/ns1/named.conf rename to bin/tests/system/wildcard/ns1/named.conf.in index c6491dc640..3cc039ec3a 100644 --- a/bin/tests/system/wildcard/ns1/named.conf +++ b/bin/tests/system/wildcard/ns1/named.conf.in @@ -6,15 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.1.2.3 2010/06/01 07:04:49 marka Exp $ */ - -controls { /* empty */ }; - options { query-source address 10.53.0.1; notify-source 10.53.0.1; transfer-source 10.53.0.1; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.1; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/wildcard/ns1/sign.sh b/bin/tests/system/wildcard/ns1/sign.sh index 603c928e2b..39697ba936 100755 --- a/bin/tests/system/wildcard/ns1/sign.sh +++ b/bin/tests/system/wildcard/ns1/sign.sh @@ -6,8 +6,6 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -# $Id: sign.sh,v 1.1.2.2 2010/06/01 06:38:47 marka Exp $ - SYSTEMTESTTOP=../.. . $SYSTEMTESTTOP/conf.sh @@ -25,7 +23,7 @@ keyname2=`$KEYGEN -f KSK -r $RANDFILE -a RSASHA1 -b 1024 -n zone $zone 2> /dev/n cat $infile $keyname1.key $keyname2.key > $zonefile $SIGNER -r $RANDFILE -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err -echo "I: signed $zone" +echo_i "signed $zone" zone=nsec. infile=nsec.db.in @@ -39,7 +37,7 @@ keyname2=`$KEYGEN -f KSK -r $RANDFILE -a RSASHA1 -b 1024 -n zone $zone 2> /dev/n cat $infile $keyname1.key $keyname2.key > $zonefile $SIGNER -r $RANDFILE -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err -echo "I: signed $zone" +echo_i "signed $zone" zone=private.nsec. infile=private.nsec.db.in @@ -52,7 +50,7 @@ keyname2=`$KEYGEN -f KSK -r $RANDFILE -a RSASHA1 -b 1024 -n zone $zone 2> /dev/n cat $infile $keyname1.key $keyname2.key > $zonefile $SIGNER -r $RANDFILE -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err -echo "I: signed $zone" +echo_i "signed $zone" grep -v '^;' $keyname2.key | $PERL -n -e ' local ($dn, $class, $type, $flags, $proto, $alg, @rest) = split; @@ -76,7 +74,7 @@ keyname2=`$KEYGEN -f KSK -r $RANDFILE -a NSEC3RSASHA1 -b 1024 -n zone $zone 2> / cat $infile $keyname1.key $keyname2.key > $zonefile $SIGNER -r $RANDFILE -3 - -H 10 -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err -echo "I: signed $zone" +echo_i "signed $zone" zone=private.nsec3. infile=private.nsec3.db.in @@ -89,7 +87,7 @@ keyname2=`$KEYGEN -f KSK -r $RANDFILE -a NSEC3RSASHA1 -b 1024 -n zone $zone 2> / cat $infile $keyname1.key $keyname2.key > $zonefile $SIGNER -r $RANDFILE -3 - -H 10 -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err -echo "I: signed $zone" +echo_i "signed $zone" grep -v '^;' $keyname2.key | $PERL -n -e ' local ($dn, $class, $type, $flags, $proto, $alg, @rest) = split; @@ -112,7 +110,7 @@ keyname2=`$KEYGEN -f KSK -r $RANDFILE -a RSASHA1 -b 1024 -n zone $zone 2> /dev/n cat $infile $keyname1.key $keyname2.key $dssets >$zonefile $SIGNER -r $RANDFILE -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err -echo "I: signed $zone" +echo_i "signed $zone" grep -v '^;' $keyname2.key | $PERL -n -e ' local ($dn, $class, $type, $flags, $proto, $alg, @rest) = split; diff --git a/bin/tests/system/wildcard/ns2/named.conf b/bin/tests/system/wildcard/ns2/named.conf.in similarity index 83% rename from bin/tests/system/wildcard/ns2/named.conf rename to bin/tests/system/wildcard/ns2/named.conf.in index 2976cd5b7e..098dcd4913 100644 --- a/bin/tests/system/wildcard/ns2/named.conf +++ b/bin/tests/system/wildcard/ns2/named.conf.in @@ -6,15 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.1.2.1 2010/06/01 03:55:02 marka Exp $ */ - -controls { /* empty */ }; - options { query-source address 10.53.0.2; notify-source 10.53.0.2; transfer-source 10.53.0.2; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.2; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/wildcard/ns3/named.conf b/bin/tests/system/wildcard/ns3/named.conf.in similarity index 84% rename from bin/tests/system/wildcard/ns3/named.conf rename to bin/tests/system/wildcard/ns3/named.conf.in index 57964e20cc..61de7f2b7b 100644 --- a/bin/tests/system/wildcard/ns3/named.conf +++ b/bin/tests/system/wildcard/ns3/named.conf.in @@ -6,15 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.1.2.1 2010/06/01 03:55:02 marka Exp $ */ - -controls { /* empty */ }; - options { query-source address 10.53.0.3; notify-source 10.53.0.3; transfer-source 10.53.0.3; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.3; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/wildcard/ns4/named.conf b/bin/tests/system/wildcard/ns4/named.conf.in similarity index 85% rename from bin/tests/system/wildcard/ns4/named.conf rename to bin/tests/system/wildcard/ns4/named.conf.in index 6592b1174c..ee5b74688b 100644 --- a/bin/tests/system/wildcard/ns4/named.conf +++ b/bin/tests/system/wildcard/ns4/named.conf.in @@ -6,15 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.1.2.1 2010/06/01 03:55:02 marka Exp $ */ - -controls { /* empty */ }; - options { query-source address 10.53.0.4; notify-source 10.53.0.4; transfer-source 10.53.0.4; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.4; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/wildcard/ns5/named.conf b/bin/tests/system/wildcard/ns5/named.conf.in similarity index 85% rename from bin/tests/system/wildcard/ns5/named.conf rename to bin/tests/system/wildcard/ns5/named.conf.in index 829546af24..5396ca903d 100644 --- a/bin/tests/system/wildcard/ns5/named.conf +++ b/bin/tests/system/wildcard/ns5/named.conf.in @@ -6,15 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.1.2.1 2010/06/01 03:55:02 marka Exp $ */ - -controls { /* empty */ }; - options { query-source address 10.53.0.5; notify-source 10.53.0.5; transfer-source 10.53.0.5; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.5; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/wildcard/setup.sh b/bin/tests/system/wildcard/setup.sh index f979cd0e3d..02d72e77da 100644 --- a/bin/tests/system/wildcard/setup.sh +++ b/bin/tests/system/wildcard/setup.sh @@ -9,6 +9,14 @@ SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh +$SHELL clean.sh + test -r $RANDFILE || $GENRANDOM 800 $RANDFILE +copy_setports ns1/named.conf.in ns1/named.conf +copy_setports ns2/named.conf.in ns2/named.conf +copy_setports ns3/named.conf.in ns3/named.conf +copy_setports ns4/named.conf.in ns4/named.conf +copy_setports ns5/named.conf.in ns5/named.conf + (cd ns1 && $SHELL -e sign.sh) diff --git a/bin/tests/system/wildcard/tests.sh b/bin/tests/system/wildcard/tests.sh index 7c61922f85..08934560bf 100644 --- a/bin/tests/system/wildcard/tests.sh +++ b/bin/tests/system/wildcard/tests.sh @@ -6,8 +6,6 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -# $Id: tests.sh,v 1.1.2.3 2010/06/01 06:57:31 marka Exp $ - SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh @@ -16,131 +14,131 @@ n=0 rm -f dig.out.* -DIGOPTS="+tcp +noadd +nosea +nostat +nocmd +dnssec -p 5300" +DIGOPTS="+tcp +noadd +nosea +nostat +nocmd +dnssec -p ${PORT}" n=`expr $n + 1` -echo "I: checking that NSEC wildcard non-existance proof is returned auth ($n)" +echo_i "checking that NSEC wildcard non-existance proof is returned auth ($n)" ret=0 $DIG $DIGOPTS a b.wild.nsec +norec @10.53.0.1 > dig.out.ns1.test$n || ret=1 grep -i 'a\.wild\.nsec\..*NSEC.*nsec\..*NSEC' dig.out.ns1.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I: checking that NSEC wildcard non-existance proof is returned non-validating ($n)" +echo_i "checking that NSEC wildcard non-existance proof is returned non-validating ($n)" ret=0 $DIG $DIGOPTS a b.wild.nsec @10.53.0.2 > dig.out.ns2.test$n || ret=1 grep -i 'a\.wild\.nsec\..*NSEC.*nsec\..*NSEC' dig.out.ns2.test$n > /dev/null || ret=1 grep -i 'flags:.* ad[ ;]' dig.out.ns2.test$n > /dev/null && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I: checking that NSEC wildcard non-existance proof is returned validating ($n)" +echo_i "checking that NSEC wildcard non-existance proof is returned validating ($n)" ret=0 $DIG $DIGOPTS a b.wild.nsec @10.53.0.3 > dig.out.ns3.test$n || ret=1 grep -i 'a\.wild\.nsec\..*NSEC.*nsec\..*NSEC' dig.out.ns3.test$n > /dev/null || ret=1 grep -i 'flags:.* ad[ ;]' dig.out.ns3.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I: checking that NSEC wildcard non-existance proof is returned validating + CD ($n)" +echo_i "checking that NSEC wildcard non-existance proof is returned validating + CD ($n)" ret=0 $DIG $DIGOPTS +cd a b.wild.nsec @10.53.0.5 > dig.out.ns5.test$n || ret=1 grep -i 'a\.wild\.nsec\..*NSEC.*nsec\..*NSEC' dig.out.ns5.test$n > /dev/null || ret=1 grep -i 'flags:.* ad[ ;]' dig.out.ns5.test$n > /dev/null && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I: checking that returned NSEC wildcard non-existance proof validates ($n)" +echo_i "checking that returned NSEC wildcard non-existance proof validates ($n)" ret=0 $DIG $DIGOPTS a b.wild.nsec @10.53.0.4 > dig.out.ns4.test$n || ret=1 grep -i 'a\.wild\.nsec\..*NSEC.*nsec\..*NSEC' dig.out.ns4.test$n > /dev/null || ret=1 grep -i 'flags:.* ad[ ;]' dig.out.ns4.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I: checking that NSEC wildcard non-existance proof is returned private, validating ($n)" +echo_i "checking that NSEC wildcard non-existance proof is returned private, validating ($n)" ret=0 $DIG $DIGOPTS a b.wild.private.nsec @10.53.0.3 > dig.out.ns3.test$n || ret=1 grep -i 'a\.wild\.private\.nsec\..*NSEC.*private\.nsec\..*NSEC' dig.out.ns3.test$n > /dev/null || ret=1 grep -i 'flags:.* ad[ ;]' dig.out.ns3.test$n > /dev/null && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I: checking that returned NSEC wildcard non-existance proof for private zone validates ($n)" +echo_i "checking that returned NSEC wildcard non-existance proof for private zone validates ($n)" ret=0 $DIG $DIGOPTS a b.wild.private.nsec @10.53.0.4 > dig.out.ns4.test$n || ret=1 grep -i 'a\.wild\.private\.nsec\..*NSEC.*private\.nsec\..*NSEC' dig.out.ns4.test$n > /dev/null || ret=1 grep -i 'flags:.* ad[ ;]' dig.out.ns4.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I: checking that NSEC3 wildcard non-existance proof is returned auth ($n)" +echo_i "checking that NSEC3 wildcard non-existance proof is returned auth ($n)" ret=0 $DIG $DIGOPTS a b.wild.nsec3 +norec @10.53.0.1 > dig.out.ns1.test$n || ret=1 grep -i 'O3TJ8D9AJ54CBTFCQCJ3QK49CH7SF6H9\.nsec3\..*V5DLFB6UJNHR94LQ61FO607KGK12H88A' dig.out.ns1.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I: checking that NSEC3 wildcard non-existance proof is returned non-validating ($n)" +echo_i "checking that NSEC3 wildcard non-existance proof is returned non-validating ($n)" ret=0 $DIG $DIGOPTS a b.wild.nsec3 @10.53.0.2 > dig.out.ns2.test$n || ret=1 grep -i 'O3TJ8D9AJ54CBTFCQCJ3QK49CH7SF6H9\.nsec3\..*V5DLFB6UJNHR94LQ61FO607KGK12H88A' dig.out.ns2.test$n > /dev/null || ret=1 grep -i 'flags:.* ad[ ;]' dig.out.ns2.test$n > /dev/null && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I: checking that NSEC3 wildcard non-existance proof is returned validating ($n)" +echo_i "checking that NSEC3 wildcard non-existance proof is returned validating ($n)" ret=0 $DIG $DIGOPTS a b.wild.nsec3 @10.53.0.3 > dig.out.ns3.test$n || ret=1 grep -i 'O3TJ8D9AJ54CBTFCQCJ3QK49CH7SF6H9\.nsec3\..*V5DLFB6UJNHR94LQ61FO607KGK12H88A' dig.out.ns3.test$n > /dev/null || ret=1 grep -i 'flags:.* ad[ ;]' dig.out.ns3.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I: checking that NSEC3 wildcard non-existance proof is returned validating + CD ($n)" +echo_i "checking that NSEC3 wildcard non-existance proof is returned validating + CD ($n)" ret=0 $DIG $DIGOPTS +cd a b.wild.nsec3 @10.53.0.5 > dig.out.ns5.test$n || ret=1 grep -i 'O3TJ8D9AJ54CBTFCQCJ3QK49CH7SF6H9\.nsec3\..*V5DLFB6UJNHR94LQ61FO607KGK12H88A' dig.out.ns5.test$n > /dev/null || ret=1 grep -i 'flags:.* ad[ ;]' dig.out.ns5.test$n > /dev/null && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I: checking that returned NSEC3 wildcard non-existance proof validates ($n)" +echo_i "checking that returned NSEC3 wildcard non-existance proof validates ($n)" ret=0 $DIG $DIGOPTS a b.wild.nsec3 @10.53.0.4 > dig.out.ns4.test$n || ret=1 grep -i 'O3TJ8D9AJ54CBTFCQCJ3QK49CH7SF6H9\.nsec3\..*V5DLFB6UJNHR94LQ61FO607KGK12H88A' dig.out.ns4.test$n > /dev/null || ret=1 grep -i 'flags:.* ad[ ;]' dig.out.ns4.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I: checking that NSEC3 wildcard non-existance proof is returned private, validating ($n)" +echo_i "checking that NSEC3 wildcard non-existance proof is returned private, validating ($n)" ret=0 $DIG $DIGOPTS a b.wild.private.nsec3 @10.53.0.3 > dig.out.ns3.test$n || ret=1 grep -i 'UDBSP4R8OUOT6HSO39VD8B5LMOSHRD5N\.private\.nsec3\..*NSEC3.*ASDRUIB7GO00OR92S5OUGI404LT27RNU' dig.out.ns3.test$n > /dev/null || ret=1 grep -i 'flags:.* ad[ ;]' dig.out.ns3.test$n > /dev/null && ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I: checking that returned NSEC3 wildcard non-existance proof for private zone validates ($n)" +echo_i "checking that returned NSEC3 wildcard non-existance proof for private zone validates ($n)" ret=0 $DIG $DIGOPTS a b.wild.private.nsec3 @10.53.0.4 > dig.out.ns4.test$n || ret=1 grep -i 'UDBSP4R8OUOT6HSO39VD8B5LMOSHRD5N\.private\.nsec3\..*NSEC3.*ASDRUIB7GO00OR92S5OUGI404LT27RNU' dig.out.ns4.test$n > /dev/null || ret=1 grep -i 'flags:.* ad[ ;]' dig.out.ns4.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:exit status: $status" +echo_i "exit status: $status" [ $status -eq 0 ] || exit 1 diff --git a/bin/tests/system/xfer/clean.sh b/bin/tests/system/xfer/clean.sh index 3a5f270072..5adf658db1 100644 --- a/bin/tests/system/xfer/clean.sh +++ b/bin/tests/system/xfer/clean.sh @@ -6,8 +6,6 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -# $Id: clean.sh,v 1.19 2012/02/22 23:47:35 tbox Exp $ - # # Clean up after zone transfer tests. # @@ -22,11 +20,12 @@ rm -f ns1/edns-expire.db rm -f ns2/example.db ns2/tsigzone.db ns2/example.db.jnl rm -f ns3/example.bk ns3/tsigzone.bk ns3/example.bk.jnl rm -f ns3/master.bk ns3/master.bk.jnl -rm -f ns4/named.conf ns4/nil.db ns4/root.db +rm -f ns4/nil.db ns4/root.db rm -f ns6/*.db ns6/*.bk ns6/*.jnl rm -f ns7/*.db ns7/*.bk ns7/*.jnl rm -f ns8/large.db ns8/small.db - +rm -f */named.conf +rm -f */named.run rm -f */named.memstats rm -f */named.run rm -f */ans.run diff --git a/bin/tests/system/xfer/ns1/named.conf b/bin/tests/system/xfer/ns1/named.conf.in similarity index 86% rename from bin/tests/system/xfer/ns1/named.conf rename to bin/tests/system/xfer/ns1/named.conf.in index 79fa7c9efe..51a0806457 100644 --- a/bin/tests/system/xfer/ns1/named.conf +++ b/bin/tests/system/xfer/ns1/named.conf.in @@ -6,19 +6,17 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.20 2011/03/12 04:59:47 tbox Exp $ */ - include "../../common/rndc.key"; controls { - inet 10.53.0.1 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.1 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; options { query-source address 10.53.0.1; notify-source 10.53.0.1; transfer-source 10.53.0.1; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.1; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/xfer/ns2/named.conf b/bin/tests/system/xfer/ns2/named.conf.in similarity index 86% rename from bin/tests/system/xfer/ns2/named.conf rename to bin/tests/system/xfer/ns2/named.conf.in index 0a84d5d536..3a3ffdd394 100644 --- a/bin/tests/system/xfer/ns2/named.conf +++ b/bin/tests/system/xfer/ns2/named.conf.in @@ -6,15 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.24 2007/12/20 01:48:29 marka Exp $ */ - -controls { /* empty */ }; - options { query-source address 10.53.0.2; notify-source 10.53.0.2; transfer-source 10.53.0.2; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.2; }; listen-on-v6 { none; }; @@ -24,7 +20,14 @@ options { check-integrity no; }; -include "../../common/controls.conf"; +key rndc_key { + secret "1234abcd8765"; + algorithm hmac-sha256; +}; + +controls { + inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; +}; key tsigzone. { algorithm hmac-md5; diff --git a/bin/tests/system/xfer/ns3/named.conf b/bin/tests/system/xfer/ns3/named.conf.in similarity index 87% rename from bin/tests/system/xfer/ns3/named.conf rename to bin/tests/system/xfer/ns3/named.conf.in index c1c0d40671..3b73481063 100644 --- a/bin/tests/system/xfer/ns3/named.conf +++ b/bin/tests/system/xfer/ns3/named.conf.in @@ -6,15 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.23 2011/03/12 04:59:47 tbox Exp $ */ - -controls { /* empty */ }; - options { query-source address 10.53.0.3; notify-source 10.53.0.3; transfer-source 10.53.0.3; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.3; }; listen-on-v6 { none; }; @@ -28,7 +24,7 @@ key rndc_key { }; controls { - inet 10.53.0.3 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.3 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; key tsigzone. { diff --git a/bin/tests/system/xfer/ns4/named.conf.base b/bin/tests/system/xfer/ns4/named.conf.base index 859cc7497d..bbb9af4e2f 100644 --- a/bin/tests/system/xfer/ns4/named.conf.base +++ b/bin/tests/system/xfer/ns4/named.conf.base @@ -6,13 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf.base,v 1.3 2011/12/01 00:53:58 marka Exp $ */ - options { query-source address 10.53.0.4; notify-source 10.53.0.4; transfer-source 10.53.0.4; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.4; }; listen-on-v6 { none; }; @@ -36,7 +34,7 @@ key tsig_key. { }; controls { - inet 10.53.0.4 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.4 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; zone "." { diff --git a/bin/tests/system/xfer/ns6/named.conf b/bin/tests/system/xfer/ns6/named.conf.in similarity index 89% rename from bin/tests/system/xfer/ns6/named.conf rename to bin/tests/system/xfer/ns6/named.conf.in index f9909270cb..5ee08275cd 100644 --- a/bin/tests/system/xfer/ns6/named.conf +++ b/bin/tests/system/xfer/ns6/named.conf.in @@ -6,19 +6,17 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.3 2011/03/12 04:59:47 tbox Exp $ */ - include "../../common/rndc.key"; controls { - inet 10.53.0.6 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.6 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; options { query-source address 10.53.0.6; notify-source 10.53.0.6; transfer-source 10.53.0.6; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.6; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/xfer/ns7/named.conf b/bin/tests/system/xfer/ns7/named.conf.in similarity index 86% rename from bin/tests/system/xfer/ns7/named.conf rename to bin/tests/system/xfer/ns7/named.conf.in index 06cd5c492d..9f3bbbd96c 100644 --- a/bin/tests/system/xfer/ns7/named.conf +++ b/bin/tests/system/xfer/ns7/named.conf.in @@ -6,19 +6,17 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.3 2011/03/12 04:59:47 tbox Exp $ */ - include "../../common/rndc.key"; controls { - inet 10.53.0.7 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.7 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; options { query-source address 10.53.0.7; notify-source 10.53.0.7; transfer-source 10.53.0.7; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.7; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/xfer/ns8/named.conf b/bin/tests/system/xfer/ns8/named.conf.in similarity index 89% rename from bin/tests/system/xfer/ns8/named.conf rename to bin/tests/system/xfer/ns8/named.conf.in index ae9024d400..1b34706c70 100644 --- a/bin/tests/system/xfer/ns8/named.conf +++ b/bin/tests/system/xfer/ns8/named.conf.in @@ -9,14 +9,14 @@ include "../../common/rndc.key"; controls { - inet 10.53.0.8 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.8 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; options { query-source address 10.53.0.8; notify-source 10.53.0.8; transfer-source 10.53.0.8; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.8; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/xfer/prereq.sh b/bin/tests/system/xfer/prereq.sh index d858e505ba..f180da62a1 100644 --- a/bin/tests/system/xfer/prereq.sh +++ b/bin/tests/system/xfer/prereq.sh @@ -12,10 +12,10 @@ then then : else - echo "I:Net::DNS versions 0.69 to 0.74 have bugs that cause this test to fail: please update." >&2 + echo_i "Net::DNS versions 0.69 to 0.74 have bugs that cause this test to fail: please update." >&2 exit 1 fi else - echo "I:This test requires the Net::DNS library." >&2 + echo_i "This test requires the Net::DNS library." >&2 exit 1 fi diff --git a/bin/tests/system/xfer/setup.sh b/bin/tests/system/xfer/setup.sh index 6edd02b68c..dc6c56b11e 100644 --- a/bin/tests/system/xfer/setup.sh +++ b/bin/tests/system/xfer/setup.sh @@ -21,7 +21,15 @@ $SHELL ../genzone.sh 7 >ns7/master2.db rm -f ns4/*.db ns4/*.jnl cp -f ns4/root.db.in ns4/root.db $PERL -e 'for ($i=0;$i<10000;$i++){ printf("x%u 0 in a 10.53.0.1\n", $i);}' >> ns4/root.db -cp -f ns4/named.conf.base ns4/named.conf + +copy_setports ns1/named.conf.in ns1/named.conf +copy_setports ns2/named.conf.in ns2/named.conf +copy_setports ns3/named.conf.in ns3/named.conf +copy_setports ns6/named.conf.in ns6/named.conf +copy_setports ns7/named.conf.in ns7/named.conf +copy_setports ns8/named.conf.in ns8/named.conf + +copy_setports ns4/named.conf.base ns4/named.conf cp ns2/slave.db.in ns2/slave.db touch -t 200101010000 ns2/slave.db diff --git a/bin/tests/system/xfer/tests.sh b/bin/tests/system/xfer/tests.sh index ffd4780bf0..e9d762a5e6 100644 --- a/bin/tests/system/xfer/tests.sh +++ b/bin/tests/system/xfer/tests.sh @@ -6,20 +6,19 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -# $Id: tests.sh,v 1.37 2012/02/22 23:47:35 tbox Exp $ - SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh -DIGOPTS="+tcp +noadd +nosea +nostat +noquest +nocomm +nocmd" +DIGOPTS="+tcp +noadd +nosea +nostat +noquest +nocomm +nocmd -p ${PORT}" +RNDCCMD="$RNDC -c $SYSTEMTESTTOP/common/rndc.conf -p ${CONTROLPORT} -s" status=0 n=0 n=`expr $n + 1` -echo "I:testing basic zone transfer functionality" +echo_i "testing basic zone transfer functionality" $DIG $DIGOPTS example. \ - @10.53.0.2 axfr -p 5300 > dig.out.ns2 || status=1 + @10.53.0.2 axfr > dig.out.ns2 || status=1 grep "^;" dig.out.ns2 # @@ -29,10 +28,10 @@ for i in 1 2 3 4 5 do tmp=0 $DIG $DIGOPTS example. \ - @10.53.0.3 axfr -p 5300 > dig.out.ns3 || tmp=1 + @10.53.0.3 axfr > dig.out.ns3 || tmp=1 grep "^;" dig.out.ns3 > /dev/null if test $? -ne 0 ; then break; fi - echo "I: plain zone re-transfer" + echo_i "plain zone re-transfer" sleep 5 done if test $tmp -eq 1 ; then status=1; fi @@ -43,10 +42,8 @@ $PERL ../digcomp.pl dig1.good dig.out.ns2 || status=1 $PERL ../digcomp.pl dig1.good dig.out.ns3 || status=1 n=`expr $n + 1` -echo "I:testing TSIG signed zone transfers" -$DIG $DIGOPTS tsigzone. \ - @10.53.0.2 axfr -y tsigzone.:1234abcd8765 -p 5300 \ - > dig.out.ns2 || status=1 +echo_i "testing TSIG signed zone transfers" +$DIG $DIGOPTS tsigzone. @10.53.0.2 axfr -y tsigzone.:1234abcd8765 > dig.out.ns2 || status=1 grep "^;" dig.out.ns2 # @@ -55,12 +52,10 @@ grep "^;" dig.out.ns2 for i in 1 2 3 4 5 do tmp=0 -$DIG $DIGOPTS tsigzone. \ - @10.53.0.3 axfr -y tsigzone.:1234abcd8765 -p 5300 \ - > dig.out.ns3 || tmp=1 + $DIG $DIGOPTS tsigzone. @10.53.0.3 axfr -y tsigzone.:1234abcd8765 > dig.out.ns3 || tmp=1 grep "^;" dig.out.ns3 > /dev/null if test $? -ne 0 ; then break; fi - echo "I: plain zone re-transfer" + echo_i "plain zone re-transfer" sleep 5 done if test $tmp -eq 1 ; then status=1; fi @@ -68,168 +63,167 @@ grep "^;" dig.out.ns3 $PERL ../digcomp.pl dig.out.ns2 dig.out.ns3 || status=1 -echo "I:reload servers for in preparation for ixfr-from-differences tests" +echo_i "reload servers for in preparation for ixfr-from-differences tests" -$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 reload 2>&1 | sed 's/^/I:ns1 /' -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 reload 2>&1 | sed 's/^/I:ns2 /' -$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 reload 2>&1 | sed 's/^/I:ns3 /' -$RNDC -c ../common/rndc.conf -s 10.53.0.6 -p 9953 reload 2>&1 | sed 's/^/I:ns6 /' -$RNDC -c ../common/rndc.conf -s 10.53.0.7 -p 9953 reload 2>&1 | sed 's/^/I:ns7 /' +$RNDCCMD 10.53.0.1 reload 2>&1 | sed 's/^/ns1 /' | cat_i +$RNDCCMD 10.53.0.2 reload 2>&1 | sed 's/^/ns2 /' | cat_i +$RNDCCMD 10.53.0.3 reload 2>&1 | sed 's/^/ns3 /' | cat_i +$RNDCCMD 10.53.0.6 reload 2>&1 | sed 's/^/ns6 /' | cat_i +$RNDCCMD 10.53.0.7 reload 2>&1 | sed 's/^/ns7 /' | cat_i sleep 2 -echo "I:updating master zones for ixfr-from-differences tests" +echo_i "updating master zones for ixfr-from-differences tests" $PERL -i -p -e ' s/0\.0\.0\.0/0.0.0.1/; s/1397051952/1397051953/ ' ns1/slave.db -$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 reload 2>&1 | sed 's/^/I:ns1 /' +$RNDCCMD 10.53.0.1 reload 2>&1 | sed 's/^/ns1 /' | cat_i $PERL -i -p -e ' s/0\.0\.0\.0/0.0.0.1/; s/1397051952/1397051953/ ' ns2/example.db -$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 reload 2>&1 | sed 's/^/I:ns2 /' +$RNDCCMD 10.53.0.2 reload 2>&1 | sed 's/^/ns2 /' | cat_i $PERL -i -p -e ' s/0\.0\.0\.0/0.0.0.1/; s/1397051952/1397051953/ ' ns6/master.db -$RNDC -c ../common/rndc.conf -s 10.53.0.6 -p 9953 reload 2>&1 | sed 's/^/I:ns6 /' +$RNDCCMD 10.53.0.6 reload 2>&1 | sed 's/^/ns6 /' | cat_i $PERL -i -p -e ' s/0\.0\.0\.0/0.0.0.1/; s/1397051952/1397051953/ ' ns7/master2.db -$RNDC -c ../common/rndc.conf -s 10.53.0.7 -p 9953 reload 2>&1 | sed 's/^/I:ns7 /' +$RNDCCMD 10.53.0.7 reload 2>&1 | sed 's/^/ns7 /' | cat_i sleep 3 -echo "I:testing zone is dumped after successful transfer" -$DIG $DIGOPTS +noall +answer +multi @10.53.0.2 -p 5300 \ +echo_i "testing zone is dumped after successful transfer" +$DIG $DIGOPTS +noall +answer +multi @10.53.0.2 \ slave. soa > dig.out.ns2 || tmp=1 grep "1397051952 ; serial" dig.out.ns2 > /dev/null 2>&1 || tmp=1 grep "1397051952 ; serial" ns2/slave.db > /dev/null 2>&1 || tmp=1 -if test $tmp != 0 ; then echo "I:failed"; fi +if test $tmp != 0 ; then echo_i "failed"; fi status=`expr $status + $tmp` n=`expr $n + 1` -echo "I:testing ixfr-from-differences yes;" +echo_i "testing ixfr-from-differences yes;" tmp=0 for i in 0 1 2 3 4 5 6 7 8 9 do - $DIG $DIGOPTS @10.53.0.3 -p 5300 +noall +answer soa example > dig.out.soa.ns3 + $DIG $DIGOPTS @10.53.0.3 +noall +answer soa example > dig.out.soa.ns3 grep "1397051953" dig.out.soa.ns3 > /dev/null && break; sleep 1 done $DIG $DIGOPTS example. \ - @10.53.0.3 axfr -p 5300 > dig.out.ns3 || tmp=1 + @10.53.0.3 axfr > dig.out.ns3 || tmp=1 grep "^;" dig.out.ns3 $PERL ../digcomp.pl dig2.good dig.out.ns3 || tmp=1 # ns3 has a journal iff it received an IXFR. -test -f ns3/example.bk || tmp=1 -test -f ns3/example.bk.jnl || tmp=1 +test -f ns3/example.bk || tmp=1 +test -f ns3/example.bk.jnl || tmp=1 -if test $tmp != 0 ; then echo "I:failed"; fi +if test $tmp != 0 ; then echo_i "failed"; fi status=`expr $status + $tmp` n=`expr $n + 1` -echo "I:testing ixfr-from-differences master; (master zone)" +echo_i "testing ixfr-from-differences master; (master zone)" tmp=0 $DIG $DIGOPTS master. \ - @10.53.0.6 axfr -p 5300 > dig.out.ns6 || tmp=1 + @10.53.0.6 axfr > dig.out.ns6 || tmp=1 grep "^;" dig.out.ns6 $DIG $DIGOPTS master. \ - @10.53.0.3 axfr -p 5300 > dig.out.ns3 || tmp=1 + @10.53.0.3 axfr > dig.out.ns3 || tmp=1 grep "^;" dig.out.ns3 && cat dig.out.ns3 $PERL ../digcomp.pl dig.out.ns6 dig.out.ns3 || tmp=1 # ns3 has a journal iff it received an IXFR. -test -f ns3/master.bk || tmp=1 -test -f ns3/master.bk.jnl || tmp=1 +test -f ns3/master.bk || tmp=1 +test -f ns3/master.bk.jnl || tmp=1 -if test $tmp != 0 ; then echo "I:failed"; fi +if test $tmp != 0 ; then echo_i "failed"; fi status=`expr $status + $tmp` n=`expr $n + 1` -echo "I:testing ixfr-from-differences master; (slave zone)" +echo_i "testing ixfr-from-differences master; (slave zone)" tmp=0 $DIG $DIGOPTS slave. \ - @10.53.0.6 axfr -p 5300 > dig.out.ns6 || tmp=1 + @10.53.0.6 axfr > dig.out.ns6 || tmp=1 grep "^;" dig.out.ns6 $DIG $DIGOPTS slave. \ - @10.53.0.1 axfr -p 5300 > dig.out.ns1 || tmp=1 + @10.53.0.1 axfr > dig.out.ns1 || tmp=1 grep "^;" dig.out.ns1 $PERL ../digcomp.pl dig.out.ns6 dig.out.ns1 || tmp=1 # ns6 has a journal iff it received an IXFR. -test -f ns6/slave.bk || tmp=1 -test -f ns6/slave.bk.jnl && tmp=1 +test -f ns6/slave.bk || tmp=1 +test -f ns6/slave.bk.jnl && tmp=1 -if test $tmp != 0 ; then echo "I:failed"; fi +if test $tmp != 0 ; then echo_i "failed"; fi status=`expr $status + $tmp` n=`expr $n + 1` -echo "I:testing ixfr-from-differences slave; (master zone)" +echo_i "testing ixfr-from-differences slave; (master zone)" tmp=0 # ns7 has a journal iff it generates an IXFR. -test -f ns7/master2.db || tmp=1 -test -f ns7/master2.db.jnl && tmp=1 +test -f ns7/master2.db || tmp=1 +test -f ns7/master2.db.jnl && tmp=1 -if test $tmp != 0 ; then echo "I:failed"; fi +if test $tmp != 0 ; then echo_i "failed"; fi status=`expr $status + $tmp` n=`expr $n + 1` -echo "I:testing ixfr-from-differences slave; (slave zone)" +echo_i "testing ixfr-from-differences slave; (slave zone)" tmp=0 $DIG $DIGOPTS slave. \ - @10.53.0.1 axfr -p 5300 > dig.out.ns1 || tmp=1 + @10.53.0.1 axfr > dig.out.ns1 || tmp=1 grep "^;" dig.out.ns1 $DIG $DIGOPTS slave. \ - @10.53.0.7 axfr -p 5300 > dig.out.ns7 || tmp=1 + @10.53.0.7 axfr > dig.out.ns7 || tmp=1 grep "^;" dig.out.ns1 $PERL ../digcomp.pl dig.out.ns7 dig.out.ns1 || tmp=1 # ns7 has a journal iff it generates an IXFR. -test -f ns7/slave.bk || tmp=1 -test -f ns7/slave.bk.jnl || tmp=1 +test -f ns7/slave.bk || tmp=1 +test -f ns7/slave.bk.jnl || tmp=1 -if test $tmp != 0 ; then echo "I:failed"; fi +if test $tmp != 0 ; then echo_i "failed"; fi status=`expr $status + $tmp` -echo "I:check that a multi-message uncompressable zone transfers" -$DIG axfr . -p 5300 @10.53.0.4 | grep SOA > axfr.out +echo_i "check that a multi-message uncompressable zone transfers" +$DIG axfr . -p ${PORT} @10.53.0.4 | grep SOA > axfr.out if test `wc -l < axfr.out` != 2 then - echo "I:failed" + echo_i "failed" status=`expr $status + 1` fi # now we test transfers with assorted TSIG glitches -DIGCMD="$DIG $DIGOPTS @10.53.0.4 -p 5300" -SENDCMD="$PERL ../send.pl 10.53.0.5 5301" -RNDCCMD="$RNDC -s 10.53.0.4 -p 9953 -c ../common/rndc.conf" +DIGCMD="$DIG $DIGOPTS @10.53.0.4" +SENDCMD="$PERL ../send.pl 10.53.0.5 $EXTRAPORT1" -echo "I:testing that incorrectly signed transfers will fail..." -echo "I:initial correctly-signed transfer should succeed" +echo_i "testing that incorrectly signed transfers will fail..." +echo_i "initial correctly-signed transfer should succeed" $SENDCMD < ans5/goodaxfr sleep 1 @@ -248,7 +242,7 @@ EOF cur=`awk 'END {print NR}' ns4/named.run` -$RNDCCMD reload | sed 's/^/I:ns4 /' +$RNDCCMD 10.53.0.4 reload | sed 's/^/ns4 /' | cat_i for i in 0 1 2 3 4 5 6 7 8 9 do @@ -258,176 +252,176 @@ do done sed -n "$cur,\$p" < ns4/named.run | grep "Transfer status: success" > /dev/null || { - echo "I: failed: expected status was not logged" + echo_i "failed: expected status was not logged" status=1 } cur=`awk 'END {print NR}' ns4/named.run` $DIGCMD nil. TXT | grep 'initial AXFR' >/dev/null || { - echo "I:failed" + echo_i "failed" status=1 } -echo "I:unsigned transfer" +echo_i "unsigned transfer" $SENDCMD < ans5/unsigned sleep 1 -$RNDCCMD retransfer nil | sed 's/^/I:ns4 /' +$RNDCCMD 10.53.0.4 retransfer nil | sed 's/^/ns4 /' | cat_i sleep 2 sed -n "$cur,\$p" < ns4/named.run | grep "Transfer status: expected a TSIG or SIG(0)" > /dev/null || { - echo "I: failed: expected status was not logged" + echo_i "failed: expected status was not logged" status=1 } cur=`awk 'END {print NR}' ns4/named.run` $DIGCMD nil. TXT | grep 'unsigned AXFR' >/dev/null && { - echo "I:failed" + echo_i "failed" status=1 } -echo "I:bad keydata" +echo_i "bad keydata" $SENDCMD < ans5/badkeydata sleep 1 -$RNDCCMD retransfer nil | sed 's/^/I:ns4 /' +$RNDCCMD 10.53.0.4 retransfer nil | sed 's/^/ns4 /' | cat_i sleep 2 sed -n "$cur,\$p" < ns4/named.run | grep "Transfer status: tsig verify failure" > /dev/null || { - echo "I: failed: expected status was not logged" + echo_i "failed: expected status was not logged" status=1 } cur=`awk 'END {print NR}' ns4/named.run` $DIGCMD nil. TXT | grep 'bad keydata AXFR' >/dev/null && { - echo "I:failed" + echo_i "failed" status=1 } -echo "I:partially-signed transfer" +echo_i "partially-signed transfer" $SENDCMD < ans5/partial sleep 1 -$RNDCCMD retransfer nil | sed 's/^/I:ns4 /' +$RNDCCMD 10.53.0.4 retransfer nil | sed 's/^/ns4 /' | cat_i sleep 2 sed -n "$cur,\$p" < ns4/named.run | grep "Transfer status: expected a TSIG or SIG(0)" > /dev/null || { - echo "I: failed: expected status was not logged" + echo_i "failed: expected status was not logged" status=1 } cur=`awk 'END {print NR}' ns4/named.run` $DIGCMD nil. TXT | grep 'partially signed AXFR' >/dev/null && { - echo "I:failed" + echo_i "failed" status=1 } -echo "I:unknown key" +echo_i "unknown key" $SENDCMD < ans5/unknownkey sleep 1 -$RNDCCMD retransfer nil | sed 's/^/I:ns4 /' +$RNDCCMD 10.53.0.4 retransfer nil | sed 's/^/ns4 /' | cat_i sleep 2 sed -n "$cur,\$p" < ns4/named.run | grep "tsig key 'tsig_key': key name and algorithm do not match" > /dev/null || { - echo "I: failed: expected status was not logged" + echo_i "failed: expected status was not logged" status=1 } cur=`awk 'END {print NR}' ns4/named.run` $DIGCMD nil. TXT | grep 'unknown key AXFR' >/dev/null && { - echo "I:failed" + echo_i "failed" status=1 } -echo "I:incorrect key" +echo_i "incorrect key" $SENDCMD < ans5/wrongkey sleep 1 -$RNDCCMD retransfer nil | sed 's/^/I:ns4 /' +$RNDCCMD 10.53.0.4 retransfer nil | sed 's/^/ns4 /' | cat_i sleep 2 sed -n "$cur,\$p" < ns4/named.run | grep "tsig key 'tsig_key': key name and algorithm do not match" > /dev/null || { - echo "I: failed: expected status was not logged" + echo_i "failed: expected status was not logged" status=1 } cur=`awk 'END {print NR}' ns4/named.run` $DIGCMD nil. TXT | grep 'incorrect key AXFR' >/dev/null && { - echo "I:failed" + echo_i "failed" status=1 } n=`expr $n + 1` -echo "I:check that we ask for and get a EDNS EXPIRE response ($n)" +echo_i "check that we ask for and get a EDNS EXPIRE response ($n)" # force a refresh query -$RNDC -s 10.53.0.7 -p 9953 -c ../common/rndc.conf refresh edns-expire 2>&1 | sed 's/^/I:ns7 /' +$RNDCCMD 10.53.0.7 refresh edns-expire 2>&1 | sed 's/^/ns7 /' | cat_i sleep 10 # there may be multiple log entries so get the last one. expire=`awk '/edns-expire\/IN: got EDNS EXPIRE of/ { x=$9 } END { print x }' ns7/named.run` test ${expire:-0} -gt 0 -a ${expire:-0} -lt 1814400 || { - echo "I:failed (expire=${expire:-0})" + echo_i "failed (expire=${expire:-0})" status=1 } n=`expr $n + 1` -echo "I:test smaller transfer TCP message size ($n)" -$DIG $DIGOPTS example. @10.53.0.8 axfr -p 5300 \ +echo_i "test smaller transfer TCP message size ($n)" +$DIG $DIGOPTS example. @10.53.0.8 axfr \ -y key1.:1234abcd8765 > dig.out.msgsize || status=1 $DOS2UNIX dig.out.msgsize >/dev/null bytes=`wc -c < dig.out.msgsize` if [ $bytes -ne 459357 ]; then - echo "I:failed axfr size check" + echo_i "failed axfr size check" status=1 fi num_messages=`cat ns8/named.run | grep "sending TCP message of" | wc -l` if [ $num_messages -le 300 ]; then - echo "I:failed transfer message count check" + echo_i "failed transfer message count check" status=1 fi n=`expr $n + 1` -echo "I:test mapped zone with out of zone data ($n)" +echo_i "test mapped zone with out of zone data ($n)" tmp=0 -$DIG -p 5300 txt mapped @10.53.0.3 > dig.out.1.$n +$DIG -p ${PORT} txt mapped @10.53.0.3 > dig.out.1.$n grep "status: NOERROR," dig.out.1.$n > /dev/null || tmp=1 $PERL $SYSTEMTESTTOP/stop.pl . ns3 -$PERL $SYSTEMTESTTOP/start.pl --noclean --restart . ns3 -$DIG -p 5300 txt mapped @10.53.0.3 > dig.out.2.$n +$PERL $SYSTEMTESTTOP/start.pl --noclean --restart --port ${PORT} . ns3 +$DIG -p ${PORT} txt mapped @10.53.0.3 > dig.out.2.$n grep "status: NOERROR," dig.out.2.$n > /dev/null || tmp=1 -$DIG -p 5300 axfr mapped @10.53.0.3 > dig.out.3.$n +$DIG -p ${PORT} axfr mapped @10.53.0.3 > dig.out.3.$n $PERL ../digcomp.pl knowngood.mapped dig.out.3.$n || tmp=1 -if test $tmp != 0 ; then echo "I:failed"; fi +if test $tmp != 0 ; then echo_i "failed"; fi status=`expr $status + $tmp` n=`expr $n + 1` -echo "I:test that a zone with too many records is rejected (AXFR) ($n)" +echo_i "test that a zone with too many records is rejected (AXFR) ($n)" tmp=0 grep "'axfr-too-big/IN'.*: too many records" ns6/named.run >/dev/null || tmp=1 -if test $tmp != 0 ; then echo "I:failed"; fi +if test $tmp != 0 ; then echo_i "failed"; fi status=`expr $status + $tmp` n=`expr $n + 1` -echo "I:test that a zone with too many records is rejected (IXFR) ($n)" +echo_i "test that a zone with too many records is rejected (IXFR) ($n)" tmp=0 grep "'ixfr-too-big./IN.*: too many records" ns6/named.run >/dev/null && tmp=1 $NSUPDATE << EOF zone ixfr-too-big -server 10.53.0.1 5300 +server 10.53.0.1 ${PORT} update add the-31st-record.ixfr-too-big 0 TXT this is it send EOF @@ -437,8 +431,8 @@ do sleep 1 done grep "'ixfr-too-big/IN'.*: too many records" ns6/named.run >/dev/null || tmp=1 -if test $tmp != 0 ; then echo "I:failed"; fi +if test $tmp != 0 ; then echo_i "failed"; fi status=`expr $status + $tmp` -echo "I:exit status: $status" +echo_i "exit status: $status" [ $status -eq 0 ] || exit 1 diff --git a/bin/tests/system/xferquota/clean.sh b/bin/tests/system/xferquota/clean.sh index 1cb1371802..8a14de9534 100644 --- a/bin/tests/system/xferquota/clean.sh +++ b/bin/tests/system/xferquota/clean.sh @@ -6,8 +6,6 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -# $Id: clean.sh,v 1.14 2007/09/26 03:22:44 marka Exp $ - # # Clean up after zone transfer quota tests. # @@ -17,5 +15,6 @@ rm -f ns2/zone*.example.bk ns2/zones.conf rm -f dig.out.* ns2/changing.bk rm -f ns1/changing.db rm -f */named.memstats +rm -f */named.conf rm -f */named.run rm -f ns*/named.lock diff --git a/bin/tests/system/xferquota/ns1/named.conf b/bin/tests/system/xferquota/ns1/named.conf.in similarity index 81% rename from bin/tests/system/xferquota/ns1/named.conf rename to bin/tests/system/xferquota/ns1/named.conf.in index 6c25c9356d..f2fdbb2861 100644 --- a/bin/tests/system/xferquota/ns1/named.conf +++ b/bin/tests/system/xferquota/ns1/named.conf.in @@ -6,15 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.21 2007/06/19 23:47:07 tbox Exp $ */ - -controls { /* empty */ }; - options { query-source address 10.53.0.1; notify-source 10.53.0.1; transfer-source 10.53.0.1; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.1; }; listen-on-v6 { none; }; @@ -28,7 +24,7 @@ key rndc_key { }; controls { - inet 10.53.0.1 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.1 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; zone "." { diff --git a/bin/tests/system/xferquota/ns2/named.conf b/bin/tests/system/xferquota/ns2/named.conf.in similarity index 87% rename from bin/tests/system/xferquota/ns2/named.conf rename to bin/tests/system/xferquota/ns2/named.conf.in index 07cb5eb331..b6328eb810 100644 --- a/bin/tests/system/xferquota/ns2/named.conf +++ b/bin/tests/system/xferquota/ns2/named.conf.in @@ -6,15 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.22 2007/06/19 23:47:07 tbox Exp $ */ - -controls { /* empty */ }; - options { query-source address 10.53.0.2; notify-source 10.53.0.2; transfer-source 10.53.0.2; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.2; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/xferquota/setup.sh b/bin/tests/system/xferquota/setup.sh index 87d43c8032..c9dbd91c76 100644 --- a/bin/tests/system/xferquota/setup.sh +++ b/bin/tests/system/xferquota/setup.sh @@ -6,12 +6,18 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -# $Id: setup.sh,v 1.15 2007/06/19 23:47:07 tbox Exp $ - # # Set up test data for zone transfer quota tests. # +SYSTEMTESTTOP=.. +. $SYSTEMTESTTOP/conf.sh + +$SHELL clean.sh + $PERL setup.pl cp -f ns1/changing1.db ns1/changing.db + +copy_setports ns1/named.conf.in ns1/named.conf +copy_setports ns2/named.conf.in ns2/named.conf diff --git a/bin/tests/system/xferquota/tests.sh b/bin/tests/system/xferquota/tests.sh index 6120b7cc60..5dab132844 100644 --- a/bin/tests/system/xferquota/tests.sh +++ b/bin/tests/system/xferquota/tests.sh @@ -6,11 +6,12 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. -# $Id: tests.sh,v 1.25 2007/06/19 23:47:07 tbox Exp $ - SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh +DIGOPTS="+tcp +noadd +nosea +nostat +noquest +nocomm +nocmd -p ${PORT}" +RNDCCMD="$RNDC -c $SYSTEMTESTTOP/common/rndc.conf -p ${CONTROLPORT} -s" + # # Perform tests # @@ -19,49 +20,44 @@ count=0 ticks=0 while [ $count != 300 ]; do if [ $ticks = 1 ]; then - echo "I:Changing test zone..." + echo_i "Changing test zone..." cp -f ns1/changing2.db ns1/changing.db if [ ! "$CYGWIN" ]; then $KILL -HUP `cat ns1/named.pid` else - $RDNC -c ../common/rndc.conf -s 10.53.0.1 \ - -p 9953 reloade > /dev/null 2>&1 + $RNDCCMD 10.53.0.1 reload > /dev/null 2>&1 fi fi sleep 1 ticks=`expr $ticks + 1` seconds=`expr $ticks \* 1` if [ $ticks = 360 ]; then - echo "I:Took too long to load zones" + echo_i "Took too long to load zones" exit 1 fi count=`cat ns2/zone*.bk | grep xyzzy | wc -l` - echo "I:Have $count zones up in $seconds seconds" + echo_i "Have $count zones up in $seconds seconds" done status=0 -$DIG +tcp +noadd +nosea +nostat +noquest +nocomm +nocmd \ - zone000099.example. @10.53.0.1 axfr -p 5300 > dig.out.ns1 || status=1 +$DIG $DIGOPTS zone000099.example. @10.53.0.1 axfr > dig.out.ns1 || status=1 grep ";" dig.out.ns1 -$DIG +tcp +noadd +nosea +nostat +noquest +nocomm +nocmd \ - zone000099.example. @10.53.0.2 axfr -p 5300 > dig.out.ns2 || status=1 +$DIG $DIGOPTS zone000099.example. @10.53.0.2 axfr > dig.out.ns2 || status=1 grep ";" dig.out.ns2 $PERL ../digcomp.pl dig.out.ns1 dig.out.ns2 || status=1 sleep 15 -$DIG +tcp +noadd +nosea +nostat +noquest +nocomm +nocmd \ - a.changing. @10.53.0.1 a -p 5300 > dig.out.ns1 || status=1 +$DIG $DIGOPTS a.changing. @10.53.0.1 a > dig.out.ns1 || status=1 grep ";" dig.out.ns1 -$DIG +tcp +noadd +nosea +nostat +noquest +nocomm +nocmd \ - a.changing. @10.53.0.2 a -p 5300 > dig.out.ns2 || status=1 +$DIG $DIGOPTS a.changing. @10.53.0.2 a > dig.out.ns2 || status=1 grep ";" dig.out.ns2 $PERL ../digcomp.pl dig.out.ns1 dig.out.ns2 || status=1 -echo "I:exit status: $status" +echo_i "exit status: $status" [ $status -eq 0 ] || exit 1 diff --git a/bin/tests/system/zero/ans5/ans.pl b/bin/tests/system/zero/ans5/ans.pl index 8014deb7be..a5ce18f46b 100644 --- a/bin/tests/system/zero/ans5/ans.pl +++ b/bin/tests/system/zero/ans5/ans.pl @@ -16,8 +16,11 @@ use IO::Socket; use Net::DNS; use Net::DNS::Packet; +my $localport = int($ENV{'PORT'}); +if (!$localport) { $localport = 5300; } + my $sock = IO::Socket::INET->new(LocalAddr => "10.53.0.5", - LocalPort => 5300, Proto => "udp") or die "$!"; + LocalPort => $localport, Proto => "udp") or die "$!"; my $pidf = new IO::File "ans.pid", "w" or die "cannot open pid file: $!"; print $pidf "$$\n" or die "cannot write pid file: $!"; diff --git a/bin/tests/system/zero/clean.sh b/bin/tests/system/zero/clean.sh index f0131c76c9..edc02ab2c9 100644 --- a/bin/tests/system/zero/clean.sh +++ b/bin/tests/system/zero/clean.sh @@ -4,6 +4,7 @@ # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. +rm -f */named.conf rm -f */named.run rm -f */named.memstats rm -f ns2/example.db diff --git a/bin/tests/system/zero/ns1/named.conf b/bin/tests/system/zero/ns1/named.conf.in similarity index 83% rename from bin/tests/system/zero/ns1/named.conf rename to bin/tests/system/zero/ns1/named.conf.in index 23db9a419a..3b6e72afac 100644 --- a/bin/tests/system/zero/ns1/named.conf +++ b/bin/tests/system/zero/ns1/named.conf.in @@ -6,15 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.15 2009/05/29 23:47:49 tbox Exp $ */ - -controls { /* empty */ }; - options { query-source address 10.53.0.1; notify-source 10.53.0.1; transfer-source 10.53.0.1; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.1; }; listen-on-v6 { none; }; @@ -25,4 +21,3 @@ zone "." { type master; file "root.db"; }; - diff --git a/bin/tests/system/zero/ns2/named.conf b/bin/tests/system/zero/ns2/named.conf.in similarity index 85% rename from bin/tests/system/zero/ns2/named.conf rename to bin/tests/system/zero/ns2/named.conf.in index 281104cf0e..9b4c09d92f 100644 --- a/bin/tests/system/zero/ns2/named.conf +++ b/bin/tests/system/zero/ns2/named.conf.in @@ -6,15 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.15 2009/05/29 23:47:49 tbox Exp $ */ - -controls { /* empty */ }; - options { query-source address 10.53.0.2; notify-source 10.53.0.2; transfer-source 10.53.0.2; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.2; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/zero/ns3/named.conf b/bin/tests/system/zero/ns3/named.conf.in similarity index 83% rename from bin/tests/system/zero/ns3/named.conf rename to bin/tests/system/zero/ns3/named.conf.in index 0c3b75d558..538e6675ff 100644 --- a/bin/tests/system/zero/ns3/named.conf +++ b/bin/tests/system/zero/ns3/named.conf.in @@ -6,15 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.15 2009/05/29 23:47:49 tbox Exp $ */ - -controls { /* empty */ }; - options { query-source address 10.53.0.3; notify-source 10.53.0.3; transfer-source 10.53.0.3; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.3; }; listen-on-v6 { none; }; @@ -25,4 +21,3 @@ zone "." { type hint; file "root.hint"; }; - diff --git a/bin/tests/system/zero/ns4/named.conf b/bin/tests/system/zero/ns4/named.conf.in similarity index 85% rename from bin/tests/system/zero/ns4/named.conf rename to bin/tests/system/zero/ns4/named.conf.in index f1454a38c4..8bf1917500 100644 --- a/bin/tests/system/zero/ns4/named.conf +++ b/bin/tests/system/zero/ns4/named.conf.in @@ -6,15 +6,11 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.15 2009/05/29 23:47:49 tbox Exp $ */ - -controls { /* empty */ }; - options { query-source address 10.53.0.4; notify-source 10.53.0.4; transfer-source 10.53.0.4; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.4; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/zero/setup.sh b/bin/tests/system/zero/setup.sh index cfaad48f22..ce82f3641b 100644 --- a/bin/tests/system/zero/setup.sh +++ b/bin/tests/system/zero/setup.sh @@ -7,4 +7,11 @@ SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh +$SHELL clean.sh + +copy_setports ns1/named.conf.in ns1/named.conf +copy_setports ns2/named.conf.in ns2/named.conf +copy_setports ns3/named.conf.in ns3/named.conf +copy_setports ns4/named.conf.in ns4/named.conf + $SHELL ../genzone.sh 2 4 | sed -e 's/^$TTL 3600$/$TTL 0 ; force TTL to zero/' -e 's/86400.IN SOA/0 SOA/' > ns2/example.db diff --git a/bin/tests/system/zero/tests.sh b/bin/tests/system/zero/tests.sh index c19137406c..3e6cda5545 100644 --- a/bin/tests/system/zero/tests.sh +++ b/bin/tests/system/zero/tests.sh @@ -7,24 +7,26 @@ SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh +DIGOPTS="-p ${PORT}" + status=0 n=0 n=`expr $n + 1` -echo "I:check lookups against TTL=0 records ($n)" +echo_i "check lookups against TTL=0 records ($n)" i=0 passes=10 -$DIG -p 5300 @10.53.0.2 axfr example | grep -v "^ds0" | +$DIG $DIGOPTS @10.53.0.2 axfr example | grep -v "^ds0" | awk '$2 == "0" { print "-q", $1, $4; print "-q", "zzz"$1, $4;}' > query.list while [ $i -lt $passes ] do ret=0 - $DIG -p 5300 @10.53.0.3 -f query.list > dig.out$i.1.test$n & - $DIG -p 5300 @10.53.0.3 -f query.list > dig.out$i.2.test$n & - $DIG -p 5300 @10.53.0.3 -f query.list > dig.out$i.3.test$n & - $DIG -p 5300 @10.53.0.3 -f query.list > dig.out$i.4.test$n & - $DIG -p 5300 @10.53.0.3 -f query.list > dig.out$i.5.test$n & - $DIG -p 5300 @10.53.0.3 -f query.list > dig.out$i.6.test$n & + $DIG $DIGOPTS @10.53.0.3 -f query.list > dig.out$i.1.test$n & + $DIG $DIGOPTS @10.53.0.3 -f query.list > dig.out$i.2.test$n & + $DIG $DIGOPTS @10.53.0.3 -f query.list > dig.out$i.3.test$n & + $DIG $DIGOPTS @10.53.0.3 -f query.list > dig.out$i.4.test$n & + $DIG $DIGOPTS @10.53.0.3 -f query.list > dig.out$i.5.test$n & + $DIG $DIGOPTS @10.53.0.3 -f query.list > dig.out$i.6.test$n & wait grep "status: SERVFAIL" dig.out$i.1.test$n && ret=1 grep "status: SERVFAIL" dig.out$i.2.test$n && ret=1 @@ -34,38 +36,38 @@ do grep "status: SERVFAIL" dig.out$i.6.test$n && ret=1 [ $ret = 1 ] && break i=`expr $i + 1` - echo "I: successfully completed pass $i of $passes" + echo_i "successfully completed pass $i of $passes" done -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:check repeated recursive lookups of non recurring TTL=0 responses get new values ($n)" +echo_i "check repeated recursive lookups of non recurring TTL=0 responses get new values ($n)" count=`( -$DIG +short -p 5300 @10.53.0.3 foo.increment -$DIG +short -p 5300 @10.53.0.3 foo.increment -$DIG +short -p 5300 @10.53.0.3 foo.increment -$DIG +short -p 5300 @10.53.0.3 foo.increment -$DIG +short -p 5300 @10.53.0.3 foo.increment -$DIG +short -p 5300 @10.53.0.3 foo.increment -$DIG +short -p 5300 @10.53.0.3 foo.increment +$DIG $DIGOPTS +short @10.53.0.3 foo.increment +$DIG $DIGOPTS +short @10.53.0.3 foo.increment +$DIG $DIGOPTS +short @10.53.0.3 foo.increment +$DIG $DIGOPTS +short @10.53.0.3 foo.increment +$DIG $DIGOPTS +short @10.53.0.3 foo.increment +$DIG $DIGOPTS +short @10.53.0.3 foo.increment +$DIG $DIGOPTS +short @10.53.0.3 foo.increment ) | sort -u | wc -l ` -if [ $count -ne 7 ] ; then echo "I:failed (count=$count)"; ret=1; fi +if [ $count -ne 7 ] ; then echo_i "failed (count=$count)"; ret=1; fi status=`expr $status + $ret` n=`expr $n + 1` -echo "I:check lookups against TTL=1 records ($n)" +echo_i "check lookups against TTL=1 records ($n)" i=0 passes=10 while [ $i -lt $passes ] do ret=0 - $DIG -p 5300 @10.53.0.3 www.one.tld > dig.out$i.1.test$n - $DIG -p 5300 @10.53.0.3 www.one.tld > dig.out$i.2.test$n - $DIG -p 5300 @10.53.0.3 www.one.tld > dig.out$i.3.test$n - $DIG -p 5300 @10.53.0.3 www.one.tld > dig.out$i.4.test$n - $DIG -p 5300 @10.53.0.3 www.one.tld > dig.out$i.5.test$n - $DIG -p 5300 @10.53.0.3 www.one.tld > dig.out$i.6.test$n + $DIG $DIGOPTS @10.53.0.3 www.one.tld > dig.out$i.1.test$n + $DIG $DIGOPTS @10.53.0.3 www.one.tld > dig.out$i.2.test$n + $DIG $DIGOPTS @10.53.0.3 www.one.tld > dig.out$i.3.test$n + $DIG $DIGOPTS @10.53.0.3 www.one.tld > dig.out$i.4.test$n + $DIG $DIGOPTS @10.53.0.3 www.one.tld > dig.out$i.5.test$n + $DIG $DIGOPTS @10.53.0.3 www.one.tld > dig.out$i.6.test$n grep "status: SERVFAIL" dig.out$i.1.test$n && ret=1 grep "status: SERVFAIL" dig.out$i.2.test$n && ret=1 grep "status: SERVFAIL" dig.out$i.3.test$n && ret=1 @@ -74,11 +76,11 @@ do grep "status: SERVFAIL" dig.out$i.6.test$n && ret=1 [ $ret = 1 ] && break i=`expr $i + 1` - echo "I: successfully completed pass $i of $passes" + echo_i "successfully completed pass $i of $passes" $PERL -e 'select(undef, undef, undef, 0.3);' done -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:exit status: $status" +echo_i "exit status: $status" [ $status -eq 0 ] || exit 1 diff --git a/bin/tests/system/zonechecks/clean.sh b/bin/tests/system/zonechecks/clean.sh index 52d872c1c7..fee0edecde 100644 --- a/bin/tests/system/zonechecks/clean.sh +++ b/bin/tests/system/zonechecks/clean.sh @@ -8,6 +8,7 @@ rm -f *.out rm -f */named.memstats +rm -f */named.conf rm -f */named.run rm -f */*.db */*.db.signed */K*.key */K*.private */*.jnl */dsset-* rm -f */signer.err diff --git a/bin/tests/system/zonechecks/ns1/named.conf b/bin/tests/system/zonechecks/ns1/named.conf.in similarity index 91% rename from bin/tests/system/zonechecks/ns1/named.conf rename to bin/tests/system/zonechecks/ns1/named.conf.in index 6916227747..8ff627dad4 100644 --- a/bin/tests/system/zonechecks/ns1/named.conf +++ b/bin/tests/system/zonechecks/ns1/named.conf.in @@ -8,13 +8,11 @@ // NS1 -controls { /* empty */ }; - options { query-source address 10.53.0.1; notify-source 10.53.0.1; transfer-source 10.53.0.1; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.1; }; listen-on-v6 { none; }; @@ -30,7 +28,7 @@ key rndc_key { }; controls { - inet 10.53.0.1 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.1 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; view unused { diff --git a/bin/tests/system/zonechecks/ns2/named.conf b/bin/tests/system/zonechecks/ns2/named.conf.in similarity index 81% rename from bin/tests/system/zonechecks/ns2/named.conf rename to bin/tests/system/zonechecks/ns2/named.conf.in index a57eefb588..fe2cc45371 100644 --- a/bin/tests/system/zonechecks/ns2/named.conf +++ b/bin/tests/system/zonechecks/ns2/named.conf.in @@ -6,17 +6,13 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* $Id: named.conf,v 1.3 2012/01/31 23:47:32 tbox Exp $ */ - // NS2 -controls { /* empty */ }; - options { query-source address 10.53.0.2; notify-source 10.53.0.2; transfer-source 10.53.0.2; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.2; }; listen-on-v6 { none; }; @@ -32,7 +28,7 @@ key rndc_key { }; controls { - inet 10.53.0.2 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.2 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; zone "master.example" { @@ -40,4 +36,3 @@ zone "master.example" { masters { 10.53.0.1; }; file "slave.db"; }; - diff --git a/bin/tests/system/zonechecks/setup.sh b/bin/tests/system/zonechecks/setup.sh index e16cb4abb9..bef8895d4c 100644 --- a/bin/tests/system/zonechecks/setup.sh +++ b/bin/tests/system/zonechecks/setup.sh @@ -13,6 +13,9 @@ $SHELL clean.sh test -r $RANDFILE || $GENRANDOM 800 $RANDFILE +copy_setports ns1/named.conf.in ns1/named.conf +copy_setports ns2/named.conf.in ns2/named.conf + $SHELL ../genzone.sh 1 > ns1/master.db $SHELL ../genzone.sh 1 > ns1/duplicate.db cp bigserial.db ns1/ diff --git a/bin/tests/system/zonechecks/tests.sh b/bin/tests/system/zonechecks/tests.sh index 65c7c164a3..055bb6f6b8 100644 --- a/bin/tests/system/zonechecks/tests.sh +++ b/bin/tests/system/zonechecks/tests.sh @@ -9,161 +9,164 @@ SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh +DIGOPTS="-p ${PORT}" +RNDCCMD="$RNDC -c $SYSTEMTESTTOP/common/rndc.conf -p ${CONTROLPORT} -s" + status=0 # -echo "I: checking that we detect a NS which refers to a CNAME" +echo_i "checking that we detect a NS which refers to a CNAME" if $CHECKZONE . cname.db > cname.out 2>&1 then - echo "I:failed (status)"; status=`expr $status + 1` + echo_i "failed (status)"; status=`expr $status + 1` else if grep "is a CNAME" cname.out > /dev/null then : else - echo "I:failed (message)"; status=`expr $status + 1` + echo_i "failed (message)"; status=`expr $status + 1` fi fi # -echo "I: checking that we detect a NS which is below a DNAME" +echo_i "checking that we detect a NS which is below a DNAME" if $CHECKZONE . dname.db > dname.out 2>&1 then - echo "I:failed (status)"; status=`expr $status + 1` + echo_i "failed (status)"; status=`expr $status + 1` else if grep "is below a DNAME" dname.out > /dev/null then : else - echo "I:failed (message)"; status=`expr $status + 1` + echo_i "failed (message)"; status=`expr $status + 1` fi fi # -echo "I: checking that we detect a NS which has no address records (A/AAAA)" +echo_i "checking that we detect a NS which has no address records (A/AAAA)" if $CHECKZONE . noaddress.db > noaddress.out then - echo "I:failed (status)"; status=`expr $status + 1` + echo_i "failed (status)"; status=`expr $status + 1` else if grep "has no address records" noaddress.out > /dev/null then : else - echo "I:failed (message)"; status=`expr $status + 1` + echo_i "failed (message)"; status=`expr $status + 1` fi fi # -echo "I: checking that we detect a NS which has no records" +echo_i "checking that we detect a NS which has no records" if $CHECKZONE . nxdomain.db > nxdomain.out then - echo "I:failed (status)"; status=`expr $status + 1` + echo_i "failed (status)"; status=`expr $status + 1` else if grep "has no address records" noaddress.out > /dev/null then : else - echo "I:failed (message)"; status=`expr $status + 1` + echo_i "failed (message)"; status=`expr $status + 1` fi fi # -echo "I: checking that we detect a NS which looks like a A record (fail)" +echo_i "checking that we detect a NS which looks like a A record (fail)" if $CHECKZONE -n fail . a.db > a.out 2>&1 then - echo "I:failed (status)"; status=`expr $status + 1` + echo_i "failed (status)"; status=`expr $status + 1` else if grep "appears to be an address" a.out > /dev/null then : else - echo "I:failed (message)"; status=`expr $status + 1` + echo_i "failed (message)"; status=`expr $status + 1` fi fi # -echo "I: checking that we detect a NS which looks like a A record (warn=default)" +echo_i "checking that we detect a NS which looks like a A record (warn=default)" if $CHECKZONE . a.db > a.out 2>&1 then if grep "appears to be an address" a.out > /dev/null then : else - echo "I:failed (message)"; status=`expr $status + 1` + echo_i "failed (message)"; status=`expr $status + 1` fi else - echo "I:failed (status)"; status=`expr $status + 1` + echo_i "failed (status)"; status=`expr $status + 1` fi # -echo "I: checking that we detect a NS which looks like a A record (ignore)" +echo_i "checking that we detect a NS which looks like a A record (ignore)" if $CHECKZONE -n ignore . a.db > a.out 2>&1 then if grep "appears to be an address" a.out > /dev/null then - echo "I:failed (message)"; status=`expr $status + 1` + echo_i "failed (message)"; status=`expr $status + 1` else : fi else - echo "I:failed (status)"; status=`expr $status + 1` + echo_i "failed (status)"; status=`expr $status + 1` fi # -echo "I: checking that we detect a NS which looks like a AAAA record (fail)" +echo_i "checking that we detect a NS which looks like a AAAA record (fail)" if $CHECKZONE -n fail . aaaa.db > aaaa.out 2>&1 then - echo "I:failed (status)"; status=`expr $status + 1` + echo_i "failed (status)"; status=`expr $status + 1` else if grep "appears to be an address" aaaa.out > /dev/null then : else - echo "I:failed (message)"; status=`expr $status + 1` + echo_i "failed (message)"; status=`expr $status + 1` fi fi # -echo "I: checking that we detect a NS which looks like a AAAA record (warn=default)" +echo_i "checking that we detect a NS which looks like a AAAA record (warn=default)" if $CHECKZONE . aaaa.db > aaaa.out 2>&1 then if grep "appears to be an address" aaaa.out > /dev/null then : else - echo "I:failed (message)"; status=`expr $status + 1` + echo_i "failed (message)"; status=`expr $status + 1` fi else - echo "I:failed (status)"; status=`expr $status + 1` + echo_i "failed (status)"; status=`expr $status + 1` fi # -echo "I: checking that we detect a NS which looks like a AAAA record (ignore)" +echo_i "checking that we detect a NS which looks like a AAAA record (ignore)" if $CHECKZONE -n ignore . aaaa.db > aaaa.out 2>&1 then if grep "appears to be an address" aaaa.out > /dev/null then - echo "I:failed (message)"; status=`expr $status + 1` + echo_i "failed (message)"; status=`expr $status + 1` else : fi else - echo "I:failed (status)"; status=`expr $status + 1` + echo_i "failed (status)"; status=`expr $status + 1` fi # -echo "I: checking 'rdnc zonestatus' output" +echo_i "checking 'rdnc zonestatus' output" ret=0 for i in 0 1 2 3 4 5 6 7 8 9 do - $RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 zonestatus master.example > rndc.out.master 2>&1 + $RNDCCMD 10.53.0.1 zonestatus master.example > rndc.out.master 2>&1 grep "zone not loaded" rndc.out.master > /dev/null || break sleep 1 done checkfor() { grep "$1" $2 > /dev/null || { ret=1; - echo "I: missing string '$1' from '$2'" + echo_i "missing string '$1' from '$2'" } } checkfor "name: master.example" rndc.out.master @@ -182,7 +185,7 @@ checkfor "dynamic: yes" rndc.out.master checkfor "frozen: no" rndc.out.master for i in 0 1 2 3 4 5 6 7 8 9 do - $RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 zonestatus master.example > rndc.out.slave 2>&1 + $RNDCCMD 10.53.0.2 zonestatus master.example > rndc.out.slave 2>&1 grep "zone not loaded" rndc.out.slave > /dev/null || break sleep 1 done @@ -196,54 +199,54 @@ checkfor "expires: " rndc.out.slave checkfor "secure: yes" rndc.out.slave for i in 0 1 2 3 4 5 6 7 8 9 do - $RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 zonestatus reload.example > rndc.out.prereload 2>&1 + $RNDCCMD 10.53.0.1 zonestatus reload.example > rndc.out.prereload 2>&1 grep "zone not loaded" rndc.out.prereload > /dev/null || break sleep 1 done checkfor "files: reload.db, soa.db$" rndc.out.prereload echo "@ 0 SOA . . 2 0 0 0 0" > ns1/soa.db -$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 reload reload.example +$RNDCCMD 10.53.0.1 reload reload.example | sed 's/^/ns1 /' | cat_i for i in 0 1 2 3 4 5 6 7 8 9 do - $DIG reload.example SOA @10.53.0.1 -p 5300 > dig.out + $DIG $DIGOPTS reload.example SOA @10.53.0.1 > dig.out grep " 2 0 0 0 0" dig.out >/dev/null && break sleep 1 done -$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 zonestatus reload.example > rndc.out.postreload 2>&1 +$RNDCCMD 10.53.0.1 zonestatus reload.example > rndc.out.postreload 2>&1 checkfor "files: reload.db, soa.db$" rndc.out.postreload sleep 1 echo "@ 0 SOA . . 3 0 0 0 0" > ns1/reload.db echo "@ 0 NS ." >> ns1/reload.db -$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 reload reload.example +$RNDCCMD 10.53.0.1 reload reload.example | sed 's/^/ns1 /' | cat_i for i in 0 1 2 3 4 5 6 7 8 9 do - $DIG reload.example SOA @10.53.0.1 -p 5300 > dig.out + $DIG $DIGOPTS reload.example SOA @10.53.0.1 > dig.out grep " 3 0 0 0 0" dig.out >/dev/null && break sleep 1 done -$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 zonestatus reload.example > rndc.out.removeinclude 2>&1 +$RNDCCMD 10.53.0.1 zonestatus reload.example > rndc.out.removeinclude 2>&1 checkfor "files: reload.db$" rndc.out.removeinclude -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking 'rdnc zonestatus' with duplicated zone name" +echo_i "checking 'rdnc zonestatus' with duplicated zone name" ret=0 -$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 zonestatus duplicate.example > rndc.out.duplicate 2>&1 +$RNDCCMD 10.53.0.1 zonestatus duplicate.example > rndc.out.duplicate 2>&1 checkfor "zone 'duplicate.example' was found in multiple views" rndc.out.duplicate -$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 zonestatus duplicate.example in primary > rndc.out.duplicate 2>&1 +$RNDCCMD 10.53.0.1 zonestatus duplicate.example in primary > rndc.out.duplicate 2>&1 checkfor "name: duplicate.example" rndc.out.duplicate -$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 zonestatus nosuchzone.example > rndc.out.duplicate 2>&1 +$RNDCCMD 10.53.0.1 zonestatus nosuchzone.example > rndc.out.duplicate 2>&1 checkfor "no matching zone 'nosuchzone.example' in any view" rndc.out.duplicate -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I: checking 'rdnc zonestatus' with big serial value" +echo_i "checking 'rdnc zonestatus' with big serial value" ret=0 -$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 zonestatus bigserial.example > rndc.out.bigserial 2>&1 +$RNDCCMD 10.53.0.1 zonestatus bigserial.example > rndc.out.bigserial 2>&1 checkfor "serial: 3003113544" rndc.out.bigserial -if [ $ret != 0 ]; then echo "I:failed"; fi +if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` -echo "I:exit status: $status" +echo_i "exit status: $status" [ $status -eq 0 ] || exit 1 diff --git a/configure b/configure index db980faf1e..00b766c45e 100755 --- a/configure +++ b/configure @@ -24158,7 +24158,7 @@ ac_config_commands="$ac_config_commands chmod" # elsewhere if there's a good reason for doing so. # -ac_config_files="$ac_config_files make/Makefile make/mkdep Makefile bin/Makefile bin/check/Makefile bin/confgen/Makefile bin/confgen/unix/Makefile bin/delv/Makefile bin/dig/Makefile bin/dnssec/Makefile bin/named/Makefile bin/named/unix/Makefile bin/nsupdate/Makefile bin/pkcs11/Makefile bin/python/Makefile bin/python/isc/Makefile bin/python/isc/utils.py bin/python/isc/tests/Makefile bin/python/dnssec-checkds.py bin/python/dnssec-coverage.py bin/python/dnssec-keymgr.py bin/python/isc/__init__.py bin/python/isc/checkds.py bin/python/isc/coverage.py bin/python/isc/dnskey.py bin/python/isc/eventlist.py bin/python/isc/keydict.py bin/python/isc/keyevent.py bin/python/isc/keymgr.py bin/python/isc/keyseries.py bin/python/isc/keyzone.py bin/python/isc/policy.py bin/python/isc/rndc.py bin/python/isc/tests/dnskey_test.py bin/python/isc/tests/policy_test.py bin/rndc/Makefile bin/tests/Makefile bin/tests/atomic/Makefile bin/tests/db/Makefile bin/tests/dst/Makefile bin/tests/dst/Kdh.+002+18602.key bin/tests/dst/Kdh.+002+18602.private bin/tests/dst/Kdh.+002+48957.key bin/tests/dst/Kdh.+002+48957.private bin/tests/dst/Ktest.+001+00002.key bin/tests/dst/Ktest.+001+54622.key bin/tests/dst/Ktest.+001+54622.private bin/tests/dst/Ktest.+003+23616.key bin/tests/dst/Ktest.+003+23616.private bin/tests/dst/Ktest.+003+49667.key bin/tests/dst/dst_2_data bin/tests/dst/t2_data_1 bin/tests/dst/t2_data_2 bin/tests/dst/t2_dsasig bin/tests/dst/t2_rsasig bin/tests/hashes/Makefile bin/tests/headerdep_test.sh bin/tests/master/Makefile bin/tests/mem/Makefile bin/tests/names/Makefile bin/tests/net/Makefile bin/tests/pkcs11/Makefile bin/tests/pkcs11/benchmarks/Makefile bin/tests/rbt/Makefile bin/tests/resolver/Makefile bin/tests/sockaddr/Makefile bin/tests/system/Makefile bin/tests/system/conf.sh bin/tests/system/dlz/prereq.sh bin/tests/system/dlzexternal/Makefile bin/tests/system/dlzexternal/ns1/named.conf bin/tests/system/dyndb/Makefile bin/tests/system/dyndb/driver/Makefile bin/tests/system/inline/checkdsa.sh bin/tests/system/pipelined/Makefile bin/tests/system/rndc/Makefile bin/tests/system/rpz/Makefile bin/tests/system/rsabigexponent/Makefile bin/tests/system/tkey/Makefile bin/tests/tasks/Makefile bin/tests/timers/Makefile bin/tests/virtual-time/Makefile bin/tests/virtual-time/conf.sh bin/tools/Makefile contrib/scripts/check-secure-delegation.pl contrib/scripts/zone-edit.sh doc/Makefile doc/arm/Makefile doc/arm/noteversion.xml doc/arm/pkgversion.xml doc/arm/releaseinfo.xml doc/doxygen/Doxyfile doc/doxygen/Makefile doc/doxygen/doxygen-input-filter doc/misc/Makefile doc/tex/Makefile doc/tex/armstyle.sty doc/xsl/Makefile doc/xsl/isc-docbook-chunk.xsl doc/xsl/isc-docbook-html.xsl doc/xsl/isc-manpage.xsl doc/xsl/isc-notes-html.xsl isc-config.sh lib/Makefile lib/bind9/Makefile lib/bind9/include/Makefile lib/bind9/include/bind9/Makefile lib/dns/Makefile lib/dns/include/Makefile lib/dns/include/dns/Makefile lib/dns/include/dst/Makefile lib/dns/tests/Makefile lib/irs/Makefile lib/irs/include/Makefile lib/irs/include/irs/Makefile lib/irs/include/irs/netdb.h lib/irs/include/irs/platform.h lib/irs/tests/Makefile lib/isc/$arch/Makefile lib/isc/$arch/include/Makefile lib/isc/$arch/include/isc/Makefile lib/isc/$thread_dir/Makefile lib/isc/$thread_dir/include/Makefile lib/isc/$thread_dir/include/isc/Makefile lib/isc/Makefile lib/isc/include/Makefile lib/isc/include/isc/Makefile lib/isc/include/isc/platform.h lib/isc/include/pk11/Makefile lib/isc/include/pkcs11/Makefile lib/isc/tests/Makefile lib/isc/nls/Makefile lib/isc/unix/Makefile lib/isc/unix/include/Makefile lib/isc/unix/include/isc/Makefile lib/isc/unix/include/pkcs11/Makefile lib/isccc/Makefile lib/isccc/include/Makefile lib/isccc/include/isccc/Makefile lib/isccfg/Makefile lib/isccfg/include/Makefile lib/isccfg/include/isccfg/Makefile lib/isccfg/tests/Makefile lib/ns/Makefile lib/ns/include/Makefile lib/ns/include/ns/Makefile lib/ns/tests/Makefile lib/tests/Makefile lib/tests/include/Makefile lib/tests/include/tests/Makefile lib/samples/Makefile lib/samples/Makefile-postinstall unit/Makefile unit/unittest.sh" +ac_config_files="$ac_config_files make/Makefile make/mkdep Makefile bin/Makefile bin/check/Makefile bin/confgen/Makefile bin/confgen/unix/Makefile bin/delv/Makefile bin/dig/Makefile bin/dnssec/Makefile bin/named/Makefile bin/named/unix/Makefile bin/nsupdate/Makefile bin/pkcs11/Makefile bin/python/Makefile bin/python/isc/Makefile bin/python/isc/utils.py bin/python/isc/tests/Makefile bin/python/dnssec-checkds.py bin/python/dnssec-coverage.py bin/python/dnssec-keymgr.py bin/python/isc/__init__.py bin/python/isc/checkds.py bin/python/isc/coverage.py bin/python/isc/dnskey.py bin/python/isc/eventlist.py bin/python/isc/keydict.py bin/python/isc/keyevent.py bin/python/isc/keymgr.py bin/python/isc/keyseries.py bin/python/isc/keyzone.py bin/python/isc/policy.py bin/python/isc/rndc.py bin/python/isc/tests/dnskey_test.py bin/python/isc/tests/policy_test.py bin/rndc/Makefile bin/tests/Makefile bin/tests/atomic/Makefile bin/tests/db/Makefile bin/tests/dst/Makefile bin/tests/dst/Kdh.+002+18602.key bin/tests/dst/Kdh.+002+18602.private bin/tests/dst/Kdh.+002+48957.key bin/tests/dst/Kdh.+002+48957.private bin/tests/dst/Ktest.+001+00002.key bin/tests/dst/Ktest.+001+54622.key bin/tests/dst/Ktest.+001+54622.private bin/tests/dst/Ktest.+003+23616.key bin/tests/dst/Ktest.+003+23616.private bin/tests/dst/Ktest.+003+49667.key bin/tests/dst/dst_2_data bin/tests/dst/t2_data_1 bin/tests/dst/t2_data_2 bin/tests/dst/t2_dsasig bin/tests/dst/t2_rsasig bin/tests/hashes/Makefile bin/tests/headerdep_test.sh bin/tests/master/Makefile bin/tests/mem/Makefile bin/tests/names/Makefile bin/tests/net/Makefile bin/tests/pkcs11/Makefile bin/tests/pkcs11/benchmarks/Makefile bin/tests/rbt/Makefile bin/tests/resolver/Makefile bin/tests/sockaddr/Makefile bin/tests/system/Makefile bin/tests/system/conf.sh bin/tests/system/dlz/prereq.sh bin/tests/system/dlzexternal/Makefile bin/tests/system/dlzexternal/ns1/dlzs.conf bin/tests/system/dyndb/Makefile bin/tests/system/dyndb/driver/Makefile bin/tests/system/inline/checkdsa.sh bin/tests/system/pipelined/Makefile bin/tests/system/rndc/Makefile bin/tests/system/rpz/Makefile bin/tests/system/rsabigexponent/Makefile bin/tests/system/tkey/Makefile bin/tests/tasks/Makefile bin/tests/timers/Makefile bin/tests/virtual-time/Makefile bin/tests/virtual-time/conf.sh bin/tools/Makefile contrib/scripts/check-secure-delegation.pl contrib/scripts/zone-edit.sh doc/Makefile doc/arm/Makefile doc/arm/noteversion.xml doc/arm/pkgversion.xml doc/arm/releaseinfo.xml doc/doxygen/Doxyfile doc/doxygen/Makefile doc/doxygen/doxygen-input-filter doc/misc/Makefile doc/tex/Makefile doc/tex/armstyle.sty doc/xsl/Makefile doc/xsl/isc-docbook-chunk.xsl doc/xsl/isc-docbook-html.xsl doc/xsl/isc-manpage.xsl doc/xsl/isc-notes-html.xsl isc-config.sh lib/Makefile lib/bind9/Makefile lib/bind9/include/Makefile lib/bind9/include/bind9/Makefile lib/dns/Makefile lib/dns/include/Makefile lib/dns/include/dns/Makefile lib/dns/include/dst/Makefile lib/dns/tests/Makefile lib/irs/Makefile lib/irs/include/Makefile lib/irs/include/irs/Makefile lib/irs/include/irs/netdb.h lib/irs/include/irs/platform.h lib/irs/tests/Makefile lib/isc/$arch/Makefile lib/isc/$arch/include/Makefile lib/isc/$arch/include/isc/Makefile lib/isc/$thread_dir/Makefile lib/isc/$thread_dir/include/Makefile lib/isc/$thread_dir/include/isc/Makefile lib/isc/Makefile lib/isc/include/Makefile lib/isc/include/isc/Makefile lib/isc/include/isc/platform.h lib/isc/include/pk11/Makefile lib/isc/include/pkcs11/Makefile lib/isc/tests/Makefile lib/isc/nls/Makefile lib/isc/unix/Makefile lib/isc/unix/include/Makefile lib/isc/unix/include/isc/Makefile lib/isc/unix/include/pkcs11/Makefile lib/isccc/Makefile lib/isccc/include/Makefile lib/isccc/include/isccc/Makefile lib/isccfg/Makefile lib/isccfg/include/Makefile lib/isccfg/include/isccfg/Makefile lib/isccfg/tests/Makefile lib/ns/Makefile lib/ns/include/Makefile lib/ns/include/ns/Makefile lib/ns/tests/Makefile lib/tests/Makefile lib/tests/include/Makefile lib/tests/include/tests/Makefile lib/samples/Makefile lib/samples/Makefile-postinstall unit/Makefile unit/unittest.sh" # @@ -25230,7 +25230,7 @@ do "bin/tests/system/conf.sh") CONFIG_FILES="$CONFIG_FILES bin/tests/system/conf.sh" ;; "bin/tests/system/dlz/prereq.sh") CONFIG_FILES="$CONFIG_FILES bin/tests/system/dlz/prereq.sh" ;; "bin/tests/system/dlzexternal/Makefile") CONFIG_FILES="$CONFIG_FILES bin/tests/system/dlzexternal/Makefile" ;; - "bin/tests/system/dlzexternal/ns1/named.conf") CONFIG_FILES="$CONFIG_FILES bin/tests/system/dlzexternal/ns1/named.conf" ;; + "bin/tests/system/dlzexternal/ns1/dlzs.conf") CONFIG_FILES="$CONFIG_FILES bin/tests/system/dlzexternal/ns1/dlzs.conf" ;; "bin/tests/system/dyndb/Makefile") CONFIG_FILES="$CONFIG_FILES bin/tests/system/dyndb/Makefile" ;; "bin/tests/system/dyndb/driver/Makefile") CONFIG_FILES="$CONFIG_FILES bin/tests/system/dyndb/driver/Makefile" ;; "bin/tests/system/inline/checkdsa.sh") CONFIG_FILES="$CONFIG_FILES bin/tests/system/inline/checkdsa.sh" ;; diff --git a/configure.in b/configure.in index 9dbfc88bf4..e2e6c1ef1b 100644 --- a/configure.in +++ b/configure.in @@ -5343,7 +5343,7 @@ AC_CONFIG_FILES([ bin/tests/system/conf.sh bin/tests/system/dlz/prereq.sh bin/tests/system/dlzexternal/Makefile - bin/tests/system/dlzexternal/ns1/named.conf + bin/tests/system/dlzexternal/ns1/dlzs.conf bin/tests/system/dyndb/Makefile bin/tests/system/dyndb/driver/Makefile bin/tests/system/inline/checkdsa.sh