mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-08-22 18:19:42 +00:00
Code Issues Releases Wiki Activity

Added RT #1763 regression test

Browse Source
This commit is contained in:
Andreas Gustafsson 2001-09-19 21:19:52 +00:00
parent 97f4d2e8f4
commit e4b5f088ca
5 changed files with 67 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
bin/tests/system/dnssec/ns2/example.db.in
View File

@ -13,7 +13,7 @@
; NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION ; NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
; WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. ; WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
; $Id: example.db.in,v 1.8 2001/02/20 18:33:50 bwelling Exp $ ; $Id: example.db.in,v 1.9 2001/09/19 21:19:50 gson Exp $
$TTL 300 ; 5 minutes $TTL 300 ; 5 minutes
@ IN SOA mname1. . ( @ IN SOA mname1. . (
@ -64,3 +64,6 @@ bogus NS ns.bogus
ns.bogus A 10.53.0.3 ns.bogus A 10.53.0.3
z A 10.0.0.26 z A 10.0.0.26
keyless NS ns.keyless
ns.keyless A 10.53.0.3

29
bin/tests/system/dnssec/ns3/keyless.example.db.in Normal file
View File

@ -0,0 +1,29 @@
; Copyright (C) 2000, 2001 Internet Software Consortium.
;
; Permission to use, copy, modify, and distribute this software for any
; purpose with or without fee is hereby granted, provided that the above
; copyright notice and this permission notice appear in all copies.
;
; THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
; DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
; IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
; INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
; INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
; FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
; NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
; WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
; $Id: keyless.example.db.in,v 1.1 2001/09/19 21:19:51 gson Exp $
$TTL 300 ; 5 minutes
@ IN SOA mname1. . (
2000042407 ; serial
20 ; refresh (20 seconds)
20 ; retry (20 seconds)
1814400 ; expire (3 weeks)
3600 ; minimum (1 hour)
)
NS ns
ns A 10.53.0.3
a.b A 10.0.0.1

6
bin/tests/system/dnssec/ns3/named.conf
View File

@ -15,7 +15,7 @@
* WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. * WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/ */
/* $Id: named.conf,v 1.18 2001/01/11 20:41:34 gson Exp $ */ /* $Id: named.conf,v 1.19 2001/09/19 21:19:51 gson Exp $ */
// NS3 // NS3
@ -60,5 +60,9 @@ zone "insecure.example" {
allow-update { any; }; allow-update { any; };
}; };
zone "keyless.example" {
type master;
file "keyless.example.db.signed";
};
include "trusted.conf"; include "trusted.conf";

21
bin/tests/system/dnssec/ns3/sign.sh
View File

@ -15,7 +15,7 @@
# NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION # NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
# WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. # WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
# $Id: sign.sh,v 1.13 2001/09/17 17:47:20 bwelling Exp $ # $Id: sign.sh,v 1.14 2001/09/19 21:19:52 gson Exp $
RANDFILE=../random.data RANDFILE=../random.data
@ -42,3 +42,22 @@ $KEYSETTOOL -r $RANDFILE -t 3600 $keyname.key > /dev/null
cat $infile $keyname.key >$zonefile cat $infile $keyname.key >$zonefile
$SIGNER -r $RANDFILE -o $zone $zonefile > /dev/null $SIGNER -r $RANDFILE -o $zone $zonefile > /dev/null
zone=keyless.example.
infile=keyless.example.db.in
zonefile=keyless.example.db
keyname=`$KEYGEN -r $RANDFILE -a RSA -b 768 -n zone $zone`
$KEYSETTOOL -r $RANDFILE -t 3600 $keyname.key > /dev/null
cat $infile $keyname.key >$zonefile
$SIGNER -r $RANDFILE -o $zone $zonefile > /dev/null
# Change the signer field of the a.b.keyless.example SIG A
# to point to a provably nonexistent KEY record.
mv $zonefile.signed $zonefile.tmp
<$zonefile.tmp perl -p -e 's/ keyless.example/ b.keyless.example/
if /^a.b.keyless.example/../NXT/;' >$zonefile.signed
rm -f $zonefile.tmp

10
bin/tests/system/dnssec/tests.sh
View File

@ -15,7 +15,7 @@
# NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION # NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
# WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. # WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
# $Id: tests.sh,v 1.34 2001/09/19 20:47:02 gson Exp $ # $Id: tests.sh,v 1.35 2001/09/19 21:19:48 gson Exp $
SYSTEMTESTTOP=.. SYSTEMTESTTOP=..
. $SYSTEMTESTTOP/conf.sh . $SYSTEMTESTTOP/conf.sh
@ -113,6 +113,14 @@ n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi if [ $ret != 0 ]; then echo "I:failed"; fi
status=`expr $status + $ret` status=`expr $status + $ret`
echo "I:checking that validation fails when key record is missing ($n)"
ret=0
$DIG $DIGOPTS a.b.keyless.example. a @10.53.0.4 > dig.out.ns4.test$n || ret=1
grep "SERVFAIL" dig.out.ns4.test$n > /dev/null || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
status=`expr $status + $ret`
# Check the insecure.secure.example domain (insecurity proof) # Check the insecure.secure.example domain (insecurity proof)
echo "I:checking 2-server insecurity proof ($n)" echo "I:checking 2-server insecurity proof ($n)"