mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-08-30 14:07:59 +00:00
Code Issues Releases Wiki Activity

Add test configurations with invalid dnssec-policy clauses

Browse Source 
bad-ksk-without-zsk.conf only has a ksk defined without a
matching zsk for the same algorithm.

bad-zsk-without-ksk.conf only has a zsk defined without a
matching ksk for the same algorithm.

bad-unpaired-keys.conf has two keys of different algorithms
one ksk only and the other zsk only
This commit is contained in:
Mark Andrews
2022-02-15 16:24:52 +11:00
parent 18efcdc65f
commit f23e86b96b
3 changed files with 75 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
bin/tests/system/checkconf/bad-ksk-without-zsk.conf Normal file
View File

@@ -0,0 +1,24 @@
/*
* Copyright (C) Internet Systems Consortium, Inc. ("ISC")
*
* SPDX-License-Identifier: MPL-2.0
*
* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, you can obtain one at https://mozilla.org/MPL/2.0/.
*
* See the COPYRIGHT file distributed with this work for additional
* information regarding copyright ownership.
*/
dnssec-policy ksk-without-zsk {
keys {
ksk lifetime 30d algorithm 13;
};
};
zone "example" {
type primary;
file "example.db";
dnssec-policy ksk-without-zsk;
};

27
bin/tests/system/checkconf/bad-unpaired-keys.conf Normal file
View File

@@ -0,0 +1,27 @@
/*
* Copyright (C) Internet Systems Consortium, Inc. ("ISC")
*
* SPDX-License-Identifier: MPL-2.0
*
* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, you can obtain one at https://mozilla.org/MPL/2.0/.
*
* See the COPYRIGHT file distributed with this work for additional
* information regarding copyright ownership.
*/
dnssec-policy unpaired-keys {
keys {
/* zsk without ksk */
zsk lifetime 30d algorithm 13;
/* ksk without zsk */
ksk lifetime 30d algorithm 7;
};
};
zone "example" {
type primary;
file "example.db";
dnssec-policy unpaired-keys;
};

24
bin/tests/system/checkconf/bad-zsk-without-ksk.conf Normal file
View File

@@ -0,0 +1,24 @@
/*
* Copyright (C) Internet Systems Consortium, Inc. ("ISC")
*
* SPDX-License-Identifier: MPL-2.0
*
* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, you can obtain one at https://mozilla.org/MPL/2.0/.
*
* See the COPYRIGHT file distributed with this work for additional
* information regarding copyright ownership.
*/
dnssec-policy zsk-without-ksk {
keys {
zsk lifetime 30d algorithm 13;
};
};
zone "example" {
type primary;
file "example.db";
dnssec-policy zsk-without-ksk;
};