diff --git a/CHANGES b/CHANGES index ac81d5f33d..74144751cf 100644 --- a/CHANGES +++ b/CHANGES @@ -1,3 +1,5 @@ +5968. [cleanup] Remove 'resolve' binary from tests. [GL !6733] + 5967. [cleanup] Flagged the obsolete "random-device" option as ancient; it is now an error to configure it. [GL #3399] diff --git a/bin/tests/system/Makefile.am b/bin/tests/system/Makefile.am index e7fe8f97b9..2ced3a941e 100644 --- a/bin/tests/system/Makefile.am +++ b/bin/tests/system/Makefile.am @@ -23,7 +23,6 @@ check_PROGRAMS = \ feature-test \ makejournal \ pipelined/pipequeries \ - resolve \ rndc/gencheck \ rpz/dnsrps \ tkey/keycreate \ @@ -49,14 +48,6 @@ pipelined_pipequeries_LDADD = \ $(LDADD) \ $(LIBDNS_LIBS) -resolve_CPPFLAGS = \ - $(AM_CPPFLAGS) \ - $(LIBISC_CFLAGS) \ - $(LIBDNS_CFLAGS) \ - $(LIBIRS_CFLAGS) - -resolve_LDADD = $(LIBISC_LIBS) $(LIBIRS_LIBS) $(LIBDNS_LIBS) - tkey_keycreate_CPPFLAGS = \ $(AM_CPPFLAGS) \ $(LIBDNS_CFLAGS) diff --git a/bin/tests/system/conf.sh.common b/bin/tests/system/conf.sh.common index d02ae5e766..804c1ef7cd 100644 --- a/bin/tests/system/conf.sh.common +++ b/bin/tests/system/conf.sh.common @@ -754,7 +754,6 @@ export NZD2NZF export PERL export PIPEQUERIES export PYTHON -export RESOLVE export RNDC export RRCHECKER export SIGNER diff --git a/bin/tests/system/conf.sh.in b/bin/tests/system/conf.sh.in index 30dbbbbf63..295c657479 100644 --- a/bin/tests/system/conf.sh.in +++ b/bin/tests/system/conf.sh.in @@ -47,7 +47,6 @@ NSEC3HASH=$TOP_BUILDDIR/bin/tools/nsec3hash NSLOOKUP=$TOP_BUILDDIR/bin/dig/nslookup NSUPDATE=$TOP_BUILDDIR/bin/nsupdate/nsupdate NZD2NZF=$TOP_BUILDDIR/bin/tools/named-nzd2nzf -RESOLVE=$TOP_BUILDDIR/bin/tests/system/resolve REVOKE=$TOP_BUILDDIR/bin/dnssec/dnssec-revoke RNDC=$TOP_BUILDDIR/bin/rndc/rndc RNDCCONFGEN=$TOP_BUILDDIR/bin/confgen/rndc-confgen diff --git a/bin/tests/system/resolve.c b/bin/tests/system/resolve.c deleted file mode 100644 index be4eecf53b..0000000000 --- a/bin/tests/system/resolve.c +++ /dev/null @@ -1,494 +0,0 @@ -/* - * Copyright (C) Internet Systems Consortium, Inc. ("ISC") - * - * SPDX-License-Identifier: MPL-2.0 - * - * This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, you can obtain one at https://mozilla.org/MPL/2.0/. - * - * See the COPYRIGHT file distributed with this work for additional - * information regarding copyright ownership. - */ - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#include - -#include - -/* - * Global contexts - */ - -isc_mem_t *ctxs_mctx = NULL; -isc_loopmgr_t *ctxs_loopmgr = NULL; -isc_nm_t *ctxs_netmgr = NULL; -isc_taskmgr_t *ctxs_taskmgr = NULL; - -static char *algname = NULL; - -static isc_result_t -printdata(dns_rdataset_t *rdataset, dns_name_t *owner) { - isc_buffer_t target; - isc_result_t result; - isc_region_t r; - char t[4096]; - - if (!dns_rdataset_isassociated(rdataset)) { - printf("[WARN: empty]\n"); - return (ISC_R_SUCCESS); - } - - isc_buffer_init(&target, t, sizeof(t)); - - result = dns_rdataset_totext(rdataset, owner, false, false, &target); - if (result != ISC_R_SUCCESS) { - return (result); - } - isc_buffer_usedregion(&target, &r); - printf("%.*s", (int)r.length, (char *)r.base); - - return (ISC_R_SUCCESS); -} - -noreturn static void -usage(void); - -static void -usage(void) { - fprintf(stderr, "resolve [-t RRtype] " - "[[-a algorithm] [-e] -k keyname -K keystring] " - "[-S domain:serveraddr_for_domain ] [-s server_address]" - "[-b address[#port]] hostname\n"); - - exit(1); -} - -static void -set_key(dns_client_t *client, char *keynamestr, char *keystr, bool is_sep) { - isc_result_t result; - dns_fixedname_t fkeyname; - unsigned int namelen; - dns_name_t *keyname; - dns_rdata_dnskey_t keystruct; - unsigned char keydata[4096]; - isc_buffer_t keydatabuf; - unsigned char rrdata[4096]; - isc_buffer_t rrdatabuf; - isc_buffer_t b; - isc_textregion_t tr; - isc_region_t r; - dns_secalg_t alg; - - if (algname != NULL) { - tr.base = algname; - tr.length = strlen(algname); - result = dns_secalg_fromtext(&alg, &tr); - if (result != ISC_R_SUCCESS) { - fprintf(stderr, "failed to identify the algorithm\n"); - exit(1); - } - } else { - alg = DNS_KEYALG_RSASHA1; - } - - keystruct.common.rdclass = dns_rdataclass_in; - keystruct.common.rdtype = dns_rdatatype_dnskey; - keystruct.flags = DNS_KEYOWNER_ZONE; /* fixed */ - if (is_sep) { - keystruct.flags |= DNS_KEYFLAG_KSK; - } - keystruct.protocol = DNS_KEYPROTO_DNSSEC; /* fixed */ - keystruct.algorithm = alg; - - isc_buffer_init(&keydatabuf, keydata, sizeof(keydata)); - isc_buffer_init(&rrdatabuf, rrdata, sizeof(rrdata)); - result = isc_base64_decodestring(keystr, &keydatabuf); - if (result != ISC_R_SUCCESS) { - fprintf(stderr, "base64 decode failed\n"); - exit(1); - } - isc_buffer_usedregion(&keydatabuf, &r); - keystruct.datalen = r.length; - keystruct.data = r.base; - - result = dns_rdata_fromstruct(NULL, keystruct.common.rdclass, - keystruct.common.rdtype, &keystruct, - &rrdatabuf); - if (result != ISC_R_SUCCESS) { - fprintf(stderr, "failed to construct key rdata\n"); - exit(1); - } - namelen = strlen(keynamestr); - isc_buffer_init(&b, keynamestr, namelen); - isc_buffer_add(&b, namelen); - keyname = dns_fixedname_initname(&fkeyname); - result = dns_name_fromtext(keyname, &b, dns_rootname, 0, NULL); - if (result != ISC_R_SUCCESS) { - fprintf(stderr, "failed to construct key name\n"); - exit(1); - } - result = dns_client_addtrustedkey(client, dns_rdataclass_in, - dns_rdatatype_dnskey, keyname, - &rrdatabuf); - if (result != ISC_R_SUCCESS) { - fprintf(stderr, "failed to add key for %s\n", keynamestr); - exit(1); - } -} - -static void -addserver(dns_client_t *client, const char *addrstr, const char *port, - const char *name_space) { - struct addrinfo hints, *res; - int gaierror; - isc_sockaddr_t sa; - isc_sockaddrlist_t servers; - isc_result_t result; - isc_buffer_t b; - dns_fixedname_t fname; - dns_name_t *name = NULL; - - memset(&hints, 0, sizeof(hints)); - hints.ai_family = AF_UNSPEC; - hints.ai_socktype = SOCK_DGRAM; - hints.ai_protocol = IPPROTO_UDP; - hints.ai_flags = AI_NUMERICHOST; - gaierror = getaddrinfo(addrstr, port, &hints, &res); - if (gaierror != 0) { - fprintf(stderr, "getaddrinfo failed: %s\n", - gai_strerror(gaierror)); - exit(1); - } - INSIST(res->ai_addrlen <= sizeof(sa.type)); - memmove(&sa.type, res->ai_addr, res->ai_addrlen); - sa.length = (unsigned int)res->ai_addrlen; - freeaddrinfo(res); - ISC_LINK_INIT(&sa, link); - ISC_LIST_INIT(servers); - ISC_LIST_APPEND(servers, &sa, link); - - if (name_space != NULL) { - unsigned int namelen = strlen(name_space); - isc_buffer_constinit(&b, name_space, namelen); - isc_buffer_add(&b, namelen); - name = dns_fixedname_initname(&fname); - result = dns_name_fromtext(name, &b, dns_rootname, 0, NULL); - if (result != ISC_R_SUCCESS) { - fprintf(stderr, "failed to convert qname: %u\n", - (unsigned int)result); - exit(1); - } - } - - result = dns_client_setservers(client, dns_rdataclass_in, name, - &servers); - if (result != ISC_R_SUCCESS) { - fprintf(stderr, "set server failed: %u\n", - (unsigned int)result); - exit(1); - } -} - -static dns_name_t *qname = NULL; -static unsigned int resopt = 0; -static dns_rdatatype_t type = dns_rdatatype_a; - -static void -resolve_cb(dns_client_t *client, const dns_name_t *query_name, - dns_namelist_t *namelist, isc_result_t result) { - UNUSED(query_name); - - if (result != ISC_R_SUCCESS) { - fprintf(stderr, "resolution failed: %s\n", - isc_result_totext(result)); - goto cleanup; - } - - for (dns_name_t *name = ISC_LIST_HEAD(*namelist); name != NULL; - name = ISC_LIST_NEXT(name, link)) - { - for (dns_rdataset_t *rdataset = ISC_LIST_HEAD(name->list); - rdataset != NULL; rdataset = ISC_LIST_NEXT(rdataset, link)) - { - if (printdata(rdataset, name) != ISC_R_SUCCESS) { - fprintf(stderr, "print data failed\n"); - } - } - } - -cleanup: - dns_client_freeresanswer(client, namelist); - - dns_client_detach(&client); - - isc_mem_put(ctxs_mctx, namelist, sizeof(*namelist)); - - isc_loopmgr_shutdown(ctxs_loopmgr); -} - -static void -resolve(void *arg) { - dns_client_t *client = (void *)arg; - dns_namelist_t *namelist = isc_mem_get(ctxs_mctx, sizeof(*namelist)); - isc_result_t result; - - ISC_LIST_INIT(*namelist); - result = dns_client_resolve(client, qname, dns_rdataclass_in, type, - resopt, namelist, resolve_cb); - - if (result != ISC_R_SUCCESS) { - fprintf(stderr, "resolution failed: %s\n", - isc_result_totext(result)); - isc_mem_put(ctxs_mctx, namelist, sizeof(*namelist)); - isc_loopmgr_shutdown(ctxs_loopmgr); - } -} - -int -main(int argc, char *argv[]) { - int ch; - isc_textregion_t tr; - char *server = NULL; - char *altserver = NULL; - char *altserveraddr = NULL; - char *altservername = NULL; - dns_client_t *client = NULL; - char *keynamestr = NULL; - char *keystr = NULL; - isc_result_t result; - isc_buffer_t b; - dns_fixedname_t qname0; - unsigned int namelen; - unsigned int clientopt; - bool is_sep = false; - const char *port = "53"; - struct in_addr in4; - struct in6_addr in6; - isc_sockaddr_t a4, a6; - isc_sockaddr_t *addr4 = NULL, *addr6 = NULL; - - while ((ch = isc_commandline_parse(argc, argv, "a:b:es:t:k:K:p:S:")) != - -1) { - switch (ch) { - case 't': - tr.base = isc_commandline_argument; - tr.length = strlen(isc_commandline_argument); - result = dns_rdatatype_fromtext(&type, &tr); - if (result != ISC_R_SUCCESS) { - fprintf(stderr, "invalid RRtype: %s\n", - isc_commandline_argument); - exit(1); - } - break; - case 'a': - algname = isc_commandline_argument; - break; - case 'b': - if (inet_pton(AF_INET, isc_commandline_argument, - &in4) == 1) { - if (addr4 != NULL) { - fprintf(stderr, "only one local " - "address per family " - "can be specified\n"); - exit(1); - } - isc_sockaddr_fromin(&a4, &in4, 0); - addr4 = &a4; - } else if (inet_pton(AF_INET6, isc_commandline_argument, - &in6) == 1) { - if (addr6 != NULL) { - fprintf(stderr, "only one local " - "address per family " - "can be specified\n"); - exit(1); - } - isc_sockaddr_fromin6(&a6, &in6, 0); - addr6 = &a6; - } else { - fprintf(stderr, "invalid address %s\n", - isc_commandline_argument); - exit(1); - } - break; - case 'e': - is_sep = true; - break; - case 'S': - if (altserver != NULL) { - fprintf(stderr, - "alternate server " - "already defined: %s\n", - altserver); - exit(1); - } - altserver = isc_commandline_argument; - break; - case 's': - if (server != NULL) { - fprintf(stderr, - "server " - "already defined: %s\n", - server); - exit(1); - } - server = isc_commandline_argument; - break; - case 'k': - keynamestr = isc_commandline_argument; - break; - case 'K': - keystr = isc_commandline_argument; - break; - case 'p': - port = isc_commandline_argument; - break; - default: - usage(); - } - } - - argc -= isc_commandline_index; - argv += isc_commandline_index; - if (argc < 1) { - usage(); - } - - if (altserver != NULL) { - char *cp; - - cp = strchr(altserver, ':'); - if (cp == NULL) { - fprintf(stderr, "invalid alternate server: %s\n", - altserver); - exit(1); - } - *cp = '\0'; - altservername = altserver; - altserveraddr = cp + 1; - } - - isc_managers_create(&ctxs_mctx, 1, &ctxs_loopmgr, &ctxs_netmgr, - &ctxs_taskmgr); - - result = dst_lib_init(ctxs_mctx, NULL); - if (result != ISC_R_SUCCESS) { - fprintf(stderr, "dst_lib_init failed: %u\n", - (unsigned int)result); - exit(1); - } - - clientopt = 0; - result = dns_client_create(ctxs_mctx, ctxs_loopmgr, ctxs_taskmgr, - ctxs_netmgr, clientopt, &client, addr4, - addr6); - if (result != ISC_R_SUCCESS) { - fprintf(stderr, "dns_client_create failed: %u, %s\n", - (unsigned int)result, isc_result_totext(result)); - exit(1); - } - - /* Set the nameserver */ - if (server == NULL) { - irs_resconf_t *resconf = NULL; - isc_sockaddrlist_t *nameservers; - - result = irs_resconf_load(ctxs_mctx, "/etc/resolv.conf", - &resconf); - if (result != ISC_R_SUCCESS && result != ISC_R_FILENOTFOUND) { - fprintf(stderr, "irs_resconf_load failed: %u\n", - (unsigned int)result); - exit(1); - } - nameservers = irs_resconf_getnameservers(resconf); - result = dns_client_setservers(client, dns_rdataclass_in, NULL, - nameservers); - if (result != ISC_R_SUCCESS) { - irs_resconf_destroy(&resconf); - fprintf(stderr, "dns_client_setservers failed: %u\n", - (unsigned int)result); - exit(1); - } - irs_resconf_destroy(&resconf); - } else { - addserver(client, server, port, NULL); - } - - /* Set the alternate nameserver (when specified) */ - if (altserver != NULL) { - addserver(client, altserveraddr, port, altservername); - } - - /* Install DNSSEC key (if given) */ - if (keynamestr != NULL) { - if (keystr == NULL) { - fprintf(stderr, "key string is missing " - "while key name is provided\n"); - exit(1); - } - set_key(client, keynamestr, keystr, is_sep); - } - - /* Construct qname */ - namelen = strlen(argv[0]); - isc_buffer_init(&b, argv[0], namelen); - isc_buffer_add(&b, namelen); - qname = dns_fixedname_initname(&qname0); - result = dns_name_fromtext(qname, &b, dns_rootname, 0, NULL); - if (result != ISC_R_SUCCESS) { - fprintf(stderr, "failed to convert qname: %u\n", - (unsigned int)result); - exit(1); - } - - /* Perform resolution */ - if (keynamestr == NULL) { - resopt |= DNS_CLIENTRESOPT_NODNSSEC; - } - - isc_loopmgr_setup(ctxs_loopmgr, resolve, client); - - isc_loopmgr_run(ctxs_loopmgr); - - dst_lib_destroy(); - - isc_managers_destroy(&ctxs_mctx, &ctxs_loopmgr, &ctxs_netmgr, - &ctxs_taskmgr); - - return (0); -} diff --git a/bin/tests/system/resolver/tests.sh b/bin/tests/system/resolver/tests.sh index 3ff9576756..6f50c08b8a 100755 --- a/bin/tests/system/resolver/tests.sh +++ b/bin/tests/system/resolver/tests.sh @@ -18,10 +18,6 @@ dig_with_opts() { "${DIG}" -p "${PORT}" "${@}" } -resolve_with_opts() { - "${RESOLVE}" -p "${PORT}" "${@}" -} - rndccmd() { "${RNDC}" -c ../common/rndc.conf -p "${CONTROLPORT}" -s "${@}" } @@ -37,34 +33,6 @@ grep "status: NXDOMAIN" dig.out.ns1.test${n} > /dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) -if [ -x ${RESOLVE} ] ; then - n=$((n+1)) - echo_i "checking non-cachable NXDOMAIN response handling using dns_client ($n)" - ret=0 - resolve_with_opts -t a -s 10.53.0.1 nxdomain.example.net 2> resolve.out.ns1.test${n} || ret=1 - grep "resolution failed: ncache nxdomain" resolve.out.ns1.test${n} > /dev/null || ret=1 - if [ $ret != 0 ]; then echo_i "failed"; fi - status=$((status + ret)) -fi - -if [ -x ${RESOLVE} ] ; then - n=$((n+1)) - echo_i "checking that local bound address can be set (Can't query from a denied address) ($n)" - ret=0 - resolve_with_opts -b 10.53.0.8 -t a -s 10.53.0.1 www.example.org 2> resolve.out.ns1.test${n} || ret=1 - grep "resolution failed: SERVFAIL" resolve.out.ns1.test${n} > /dev/null || ret=1 - if [ $ret != 0 ]; then echo_i "failed"; fi - status=$((status + ret)) - - n=$((n+1)) - echo_i "checking that local bound address can be set (Can query from an allowed address) ($n)" - ret=0 - resolve_with_opts -b 10.53.0.1 -t a -s 10.53.0.1 www.example.org > resolve.out.ns1.test${n} || ret=1 - grep "www.example.org..*.192.0.2.1" resolve.out.ns1.test${n} > /dev/null || ret=1 - if [ $ret != 0 ]; then echo_i "failed"; fi - status=$((status + ret)) -fi - n=$((n+1)) echo_i "checking non-cachable NODATA response handling ($n)" ret=0 @@ -73,31 +41,11 @@ grep "status: NOERROR" dig.out.ns1.test${n} > /dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) -if [ -x ${RESOLVE} ] ; then - n=$((n+1)) - echo_i "checking non-cachable NODATA response handling using dns_client ($n)" - ret=0 - resolve_with_opts -t a -s 10.53.0.1 nodata.example.net 2> resolve.out.ns1.test${n} || ret=1 - grep "resolution failed: ncache nxrrset" resolve.out.ns1.test${n} > /dev/null || ret=1 - if [ $ret != 0 ]; then echo_i "failed"; fi - status=$((status + ret)) -fi - n=$((n+1)) echo_i "checking handling of bogus referrals ($n)" # If the server has the "INSIST(!external)" bug, this query will kill it. dig_with_opts +tcp www.example.com. a @10.53.0.1 >/dev/null || { echo_i "failed"; status=$((status + 1)); } -if [ -x ${RESOLVE} ] ; then - n=$((n+1)) - echo_i "checking handling of bogus referrals using dns_client ($n)" - ret=0 - resolve_with_opts -t a -s 10.53.0.1 www.example.com 2> resolve.out.ns1.test${n} || ret=1 - grep "resolution failed: SERVFAIL" resolve.out.ns1.test${n} > /dev/null || ret=1 - if [ $ret != 0 ]; then echo_i "failed"; fi - status=$((status + ret)) -fi - n=$((n+1)) echo_i "check handling of cname + other data / 1 ($n)" dig_with_opts +tcp cname1.example.com. a @10.53.0.1 >/dev/null || { echo_i "failed"; status=$((status + 1)); } @@ -134,17 +82,6 @@ grep "status: NOERROR" dig.out.ns1.test${n} > /dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) - -if [ -x ${RESOLVE} ] ; then - n=$((n+1)) - echo_i "checking answer IPv4 address filtering using dns_client (accept) ($n)" - ret=0 - resolve_with_opts -t a -s 10.53.0.1 www.example.org > resolve.out.ns1.test${n} || ret=1 - grep "www.example.org..*.192.0.2.1" resolve.out.ns1.test${n} > /dev/null || ret=1 - if [ $ret != 0 ]; then echo_i "failed"; fi - status=$((status + ret)) -fi - n=$((n+1)) echo_i "checking answer IPv6 address filtering (accept) ($n)" ret=0 @@ -153,16 +90,6 @@ grep "status: NOERROR" dig.out.ns1.test${n} > /dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) -if [ -x ${RESOLVE} ] ; then - n=$((n+1)) - echo_i "checking answer IPv6 address filtering using dns_client (accept) ($n)" - ret=0 - resolve_with_opts -t aaaa -s 10.53.0.1 www.example.org > resolve.out.ns1.test${n} || ret=1 - grep "www.example.org..*.2001:db8:beef::1" resolve.out.ns1.test${n} > /dev/null || ret=1 - if [ $ret != 0 ]; then echo_i "failed"; fi - status=$((status + ret)) -fi - n=$((n+1)) echo_i "checking CNAME target filtering (deny) ($n)" ret=0 @@ -179,36 +106,6 @@ grep "status: NOERROR" dig.out.ns1.test${n} > /dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) -if [ -x ${RESOLVE} ] ; then - n=$((n+1)) - echo_i "checking CNAME target filtering using dns_client (accept) ($n)" - ret=0 - resolve_with_opts -t a -s 10.53.0.1 goodcname.example.net > resolve.out.ns1.test${n} || ret=1 - grep "goodcname.example.net..*.goodcname.example.org." resolve.out.ns1.test${n} > /dev/null || ret=1 - grep "goodcname.example.org..*.192.0.2.1" resolve.out.ns1.test${n} > /dev/null || ret=1 - if [ $ret != 0 ]; then echo_i "failed"; fi - status=$((status + ret)) -fi - -n=$((n+1)) -echo_i "checking CNAME target filtering (accept due to subdomain) ($n)" -ret=0 -dig_with_opts +tcp cname.sub.example.org @10.53.0.1 a > dig.out.ns1.test${n} || ret=1 -grep "status: NOERROR" dig.out.ns1.test${n} > /dev/null || ret=1 -if [ $ret != 0 ]; then echo_i "failed"; fi -status=$((status + ret)) - -if [ -x ${RESOLVE} ] ; then - n=$((n+1)) - echo_i "checking CNAME target filtering using dns_client (accept due to subdomain) ($n)" - ret=0 - resolve_with_opts -t a -s 10.53.0.1 cname.sub.example.org > resolve.out.ns1.test${n} || ret=1 - grep "cname.sub.example.org..*.ok.sub.example.org." resolve.out.ns1.test${n} > /dev/null || ret=1 - grep "ok.sub.example.org..*.192.0.2.1" resolve.out.ns1.test${n} > /dev/null || ret=1 - if [ $ret != 0 ]; then echo_i "failed"; fi - status=$((status + ret)) -fi - n=$((n+1)) echo_i "checking DNAME target filtering (deny) ($n)" ret=0 @@ -226,17 +123,6 @@ grep "status: NOERROR" dig.out.ns1.test${n} > /dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) -if [ -x ${RESOLVE} ] ; then - n=$((n+1)) - echo_i "checking DNAME target filtering using dns_client (accept) ($n)" - ret=0 - resolve_with_opts -t a -s 10.53.0.1 foo.gooddname.example.net > resolve.out.ns1.test${n} || ret=1 - grep "foo.gooddname.example.net..*.gooddname.example.org" resolve.out.ns1.test${n} > /dev/null || ret=1 - grep "foo.gooddname.example.org..*.192.0.2.1" resolve.out.ns1.test${n} > /dev/null || ret=1 - if [ $ret != 0 ]; then echo_i "failed"; fi - status=$((status + ret)) -fi - n=$((n+1)) echo_i "checking DNAME target filtering (accept due to subdomain) ($n)" ret=0 @@ -245,17 +131,6 @@ grep "status: NOERROR" dig.out.ns1.test${n} > /dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) -if [ -x ${RESOLVE} ] ; then - n=$((n+1)) - echo_i "checking DNAME target filtering using dns_client (accept due to subdomain) ($n)" - ret=0 - resolve_with_opts -t a -s 10.53.0.1 www.dname.sub.example.org > resolve.out.ns1.test${n} || ret=1 - grep "www.dname.sub.example.org..*.ok.sub.example.org." resolve.out.ns1.test${n} > /dev/null || ret=1 - grep "www.ok.sub.example.org..*.192.0.2.1" resolve.out.ns1.test${n} > /dev/null || ret=1 - if [ $ret != 0 ]; then echo_i "failed"; fi - status=$((status + ret)) -fi - n=$((n+1)) echo_i "check that the resolver accepts a referral response with a non-empty ANSWER section ($n)" ret=0