diff options
| author | Internet Software Consortium, Inc <@isc.org> | 2012-02-24 05:53:42 -0700 |
|---|---|---|
| committer | Internet Software Consortium, Inc <@isc.org> | 2012-02-24 05:53:42 -0700 |
| commit | d5366e3ab6dcf3feadccdd42219502f6da607288 (patch) | |
| tree | d2c2cbb8df2d0ef1061c1c78575041a7ded9f3a2 /bin/tests/system | |
| parent | 42ae2295b467bd2b6132ece85d7f555a54682288 (diff) | |
| download | bind9-d5366e3ab6dcf3feadccdd42219502f6da607288.tar.gz | |
9.9.0rc4
Diffstat (limited to 'bin/tests/system')
| -rw-r--r-- | bin/tests/system/ans.pl | 333 | ||||
| -rw-r--r-- | bin/tests/system/dlzexternal/tests.sh | 10 | ||||
| -rw-r--r-- | bin/tests/system/dnssec/clean.sh | 5 | ||||
| -rw-r--r-- | bin/tests/system/dnssec/tests.sh | 18 | ||||
| -rw-r--r-- | bin/tests/system/inline/clean.sh | 9 | ||||
| -rw-r--r-- | bin/tests/system/inline/ns1/root.db.in | 5 | ||||
| -rw-r--r-- | bin/tests/system/inline/ns1/sign.sh | 7 | ||||
| -rw-r--r-- | bin/tests/system/inline/ns2/named.conf | 11 | ||||
| -rw-r--r-- | bin/tests/system/inline/ns3/named.conf | 10 | ||||
| -rw-r--r-- | bin/tests/system/inline/ns3/sign.sh | 9 | ||||
| -rw-r--r-- | bin/tests/system/inline/setup.sh | 3 | ||||
| -rw-r--r-- | bin/tests/system/inline/tests.sh | 51 | ||||
| -rw-r--r-- | bin/tests/system/ixfr/tests.sh | 9 | ||||
| -rw-r--r-- | bin/tests/system/resolver/clean.sh | 4 | ||||
| -rw-r--r-- | bin/tests/system/xfer/clean.sh | 6 | ||||
| -rw-r--r-- | bin/tests/system/xfer/tests.sh | 12 |
16 files changed, 331 insertions, 171 deletions
diff --git a/bin/tests/system/ans.pl b/bin/tests/system/ans.pl index 796857b6..d9f6c5f5 100644 --- a/bin/tests/system/ans.pl +++ b/bin/tests/system/ans.pl @@ -1,6 +1,6 @@ #!/usr/bin/perl # -# Copyright (C) 2011 Internet Systems Consortium, Inc. ("ISC") +# Copyright (C) 2011, 2012 Internet Systems Consortium, Inc. ("ISC") # # Permission to use, copy, modify, and/or distribute this software for any # purpose with or without fee is hereby granted, provided that the above @@ -14,7 +14,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $Id: ans.pl,v 1.4 2011-03-18 04:41:15 each Exp $ +# $Id: ans.pl,v 1.4.238.2 2012-02-22 23:47:08 tbox Exp $ # # This is the name server from hell. It provides canned @@ -80,7 +80,7 @@ local $| = 1; # XXX: we should also be able to specify IPv6 my $server_addr = "10.53.0.2"; if (@ARGV > 0) { - $server_addr = @ARGV[0]; + $server_addr = @ARGV[0]; } # XXX: we should also be able to set the port numbers to listen on. @@ -106,108 +106,144 @@ $SIG{TERM} = \&rmpid; #my @answers = (); my @rules; sub handleUDP { - my ($buf) = @_; + my ($buf) = @_; - my ($packet, $err) = new Net::DNS::Packet(\$buf, 0); - $err and die $err; + my ($request, $err) = new Net::DNS::Packet(\$buf, 0); + $err and die $err; - $packet->header->qr(1); - $packet->header->aa(1); + my @questions = $request->question; + my $qname = $questions[0]->qname; + my $qtype = $questions[0]->qtype; + my $qclass = $questions[0]->qclass; + my $id = $request->header->id; - my @questions = $packet->question; - my $qname = $questions[0]->qname; - my $qtype = $questions[0]->qtype; + my $packet = new Net::DNS::Packet($qname, $qtype, $qclass); + $packet->header->qr(1); + $packet->header->aa(1); + $packet->header->id($id); - # get the existing signature if any, and clear the additional section - my $prev_tsig; - while (my $rr = $packet->pop("additional")) { - if ($rr->type eq "TSIG") { - $prev_tsig = $rr; - } - } + # get the existing signature if any, and clear the additional section + my $prev_tsig; + while (my $rr = $request->pop("additional")) { + if ($rr->type eq "TSIG") { + $prev_tsig = $rr; + } + } - my $r; - foreach $r (@rules) { - my $pattern = $r->{pattern}; + my $r; + foreach $r (@rules) { + my $pattern = $r->{pattern}; my($dbtype, $key_name, $key_data) = split(/ /,$pattern); print "[handleUDP] $dbtype, $key_name, $key_data \n"; - if ("$qname $qtype" =~ /$dbtype/) { - my $a; - foreach $a (@{$r->{answer}}) { - $packet->push("answer", $a); - } + if ("$qname $qtype" =~ /$dbtype/) { + my $a; + foreach $a (@{$r->{answer}}) { + $packet->push("answer", $a); + } if(defined($key_name) && defined($key_data)) { # Sign the packet print " Signing the response with " . - "$key_name/$key_data\n"; - my $tsig = Net::DNS::RR-> - new("$key_name TSIG $key_data"); - - # These kluges are necessary because Net::DNS - # doesn't know how to sign responses. We - # clear compnames so that the TSIG key and - # algorithm name won't be compressed, and - # add one to arcount because the signing - # function will attempt to decrement it, - # which is incorrect in a response. Finally - # we set request_mac to the previous digest. - $packet->{"compnames"} = {}; - $packet->{"header"}{"arcount"} += 1; - if (defined($prev_tsig)) { - my $rmac = pack('n H*', - $prev_tsig->mac_size, - $prev_tsig->mac); - $tsig->{"request_mac"} = - unpack("H*", $rmac); - } - + "$key_name/$key_data\n"; + my $tsig = Net::DNS::RR-> + new("$key_name TSIG $key_data"); + + # These kluges are necessary because Net::DNS + # doesn't know how to sign responses. We + # clear compnames so that the TSIG key and + # algorithm name won't be compressed, and + # add one to arcount because the signing + # function will attempt to decrement it, + # which is incorrect in a response. Finally + # we set request_mac to the previous digest. + $packet->{"compnames"} = {}; + $packet->{"header"}{"arcount"} += 1; + if (defined($prev_tsig)) { + my $rmac = pack('n H*', + $prev_tsig->mac_size, + $prev_tsig->mac); + $tsig->{"request_mac"} = + unpack("H*", $rmac); + } + $packet->sign_tsig($tsig); } - last; - } - } - #$packet->print; + last; + } + } + #$packet->print; - return $packet->data; + return $packet->data; } # namelen: # given a stream of data, reads a DNS-formatted name and returns its # total length, thus making it possible to skip past it. sub namelen { - my ($data) = @_; - my $len = 0; - my $label_len = 0; - do { - $label_len = unpack("c", $data); - $data = substr($data, $label_len + 1); - $len += $label_len + 1; - } while ($label_len != 0); - return ($len); + my ($data) = @_; + my $len = 0; + my $label_len = 0; + do { + $label_len = unpack("c", $data); + $data = substr($data, $label_len + 1); + $len += $label_len + 1; + } while ($label_len != 0); + return ($len); } # packetlen: # given a stream of data, reads a DNS wire-format packet and returns # its total length, making it possible to skip past it. sub packetlen { - my ($data) = @_; - my $q; - my $rr; - - my ($header, $offset) = Net::DNS::Header->parse(\$data); - for (1 .. $header->qdcount) { - ($q, $offset) = Net::DNS::Question->parse(\$data, $offset); - } - for (1 .. $header->ancount) { - ($rr, $offset) = Net::DNS::RR->parse(\$data, $offset); - } - for (1 .. $header->nscount) { - ($rr, $offset) = Net::DNS::RR->parse(\$data, $offset); - } - for (1 .. $header->arcount) { - ($rr, $offset) = Net::DNS::RR->parse(\$data, $offset); - } - return $offset; + my ($data) = @_; + my $q; + my $rr; + my $header; + my $offset; + + # + # decode/encode were introduced in Net::DNS 0.68 + # parse is no longer a method and calling it here makes perl croak. + # + my $decode = 0; + $decode = 1 if ($Net::DNS::VERSION >= 0.68); + + if ($decode) { + ($header, $offset) = Net::DNS::Header->decode(\$data); + } else { + ($header, $offset) = Net::DNS::Header->parse(\$data); + } + + for (1 .. $header->qdcount) { + if ($decode) { + ($q, $offset) = + Net::DNS::Question->decode(\$data, $offset); + } else { + ($q, $offset) = + Net::DNS::Question->parse(\$data, $offset); + } + } + for (1 .. $header->ancount) { + if ($decode) { + ($q, $offset) = Net::DNS::RR->decode(\$data, $offset); + } else { + ($q, $offset) = Net::DNS::RR->parse(\$data, $offset); + } + } + for (1 .. $header->nscount) { + if ($decode) { + ($q, $offset) = Net::DNS::RR->decode(\$data, $offset); + } else { + ($q, $offset) = Net::DNS::RR->parse(\$data, $offset); + } + } + for (1 .. $header->arcount) { + if ($decode) { + ($q, $offset) = Net::DNS::RR->decode(\$data, $offset); + } else { + ($q, $offset) = Net::DNS::RR->parse(\$data, $offset); + } + } + return $offset; } # sign_tcp_continuation: @@ -222,55 +258,59 @@ sub packetlen { # the unwanted data from the digest before calling the default sign_hmac # function. sub sign_tcp_continuation { - my ($key, $data) = @_; + my ($key, $data) = @_; - # copy out first two bytes: size of the previous MAC - my $rmacsize = unpack("n", $data); - $data = substr($data, 2); + # copy out first two bytes: size of the previous MAC + my $rmacsize = unpack("n", $data); + $data = substr($data, 2); - # copy out previous MAC - my $rmac = substr($data, 0, $rmacsize); - $data = substr($data, $rmacsize); + # copy out previous MAC + my $rmac = substr($data, 0, $rmacsize); + $data = substr($data, $rmacsize); - # try parsing out the packet information - my $plen = packetlen($data); - my $pdata = substr($data, 0, $plen); - $data = substr($data, $plen); + # try parsing out the packet information + my $plen = packetlen($data); + my $pdata = substr($data, 0, $plen); + $data = substr($data, $plen); - # remove the keyname, ttl, class, and algorithm name - $data = substr($data, namelen($data)); - $data = substr($data, 6); - $data = substr($data, namelen($data)); + # remove the keyname, ttl, class, and algorithm name + $data = substr($data, namelen($data)); + $data = substr($data, 6); + $data = substr($data, namelen($data)); - # preserve the TSIG data - my $tdata = substr($data, 0, 8); + # preserve the TSIG data + my $tdata = substr($data, 0, 8); - # prepare a new digest and sign with it - $data = pack("n", $rmacsize) . $rmac . $pdata . $tdata; - return Net::DNS::RR::TSIG::sign_hmac($key, $data); + # prepare a new digest and sign with it + $data = pack("n", $rmacsize) . $rmac . $pdata . $tdata; + return Net::DNS::RR::TSIG::sign_hmac($key, $data); } sub handleTCP { my ($buf) = @_; - my ($packet, $err) = new Net::DNS::Packet(\$buf, 0); + my ($request, $err) = new Net::DNS::Packet(\$buf, 0); $err and die $err; - $packet->header->qr(1); - $packet->header->aa(1); - - my @questions = $packet->question; + my @questions = $request->question; my $qname = $questions[0]->qname; my $qtype = $questions[0]->qtype; + my $qclass = $questions[0]->qclass; + my $id = $request->header->id; - # get the existing signature if any, and clear the additional section - my $prev_tsig; - my $signer; - while (my $rr = $packet->pop("additional")) { - if ($rr->type eq "TSIG") { - $prev_tsig = $rr; - } - } + my $packet = new Net::DNS::Packet($qname, $qtype, $qclass); + $packet->header->qr(1); + $packet->header->aa(1); + $packet->header->id($id); + + # get the existing signature if any, and clear the additional section + my $prev_tsig; + my $signer; + while (my $rr = $request->pop("additional")) { + if ($rr->type eq "TSIG") { + $prev_tsig = $rr; + } + } my @results = (); my $count_these = 0; @@ -289,42 +329,43 @@ sub handleTCP { if(defined($key_name) && defined($key_data)) { # sign the packet print " Signing the data with " . - "$key_name/$key_data\n"; - - my $tsig = Net::DNS::RR-> - new("$key_name TSIG $key_data"); - - # These kluges are necessary because Net::DNS - # doesn't know how to sign responses. We - # clear compnames so that the TSIG key and - # algorithm name won't be compressed, and - # add one to arcount because the signing - # function will attempt to decrement it, - # which is incorrect in a response. Finally - # we set request_mac to the previous digest. - $packet->{"compnames"} = {}; - $packet->{"header"}{"arcount"} += 1; - if (defined($prev_tsig)) { - my $rmac = pack('n H*', - $prev_tsig->mac_size, - $prev_tsig->mac); - $tsig->{"request_mac"} = - unpack("H*", $rmac); - } - - $tsig->sign_func($signer) if defined($signer); + "$key_name/$key_data\n"; + + my $tsig = Net::DNS::RR-> + new("$key_name TSIG $key_data"); + + # These kluges are necessary because Net::DNS + # doesn't know how to sign responses. We + # clear compnames so that the TSIG key and + # algorithm name won't be compressed, and + # add one to arcount because the signing + # function will attempt to decrement it, + # which is incorrect in a response. Finally + # we set request_mac to the previous digest. + $packet->{"compnames"} = {}; + $packet->{"header"}{"arcount"} += 1; + if (defined($prev_tsig)) { + my $rmac = pack('n H*', + $prev_tsig->mac_size, + $prev_tsig->mac); + $tsig->{"request_mac"} = + unpack("H*", $rmac); + } + + $tsig->sign_func($signer) if defined($signer); $packet->sign_tsig($tsig); - $signer = \&sign_tcp_continuation; + $signer = \&sign_tcp_continuation; - my $copy = - Net::DNS::Packet->new(\($packet->data)); - $prev_tsig = $copy->pop("additional"); + my $copy = + Net::DNS::Packet->new(\($packet->data)); + $prev_tsig = $copy->pop("additional"); } #$packet->print; push(@results,$packet->data); - $packet = new Net::DNS::Packet(\$buf, 0); + $packet = new Net::DNS::Packet($qname, $qtype, $qclass); $packet->header->qr(1); $packet->header->aa(1); + $packet->header->id($id); } } print " A total of $count_these patterns matched\n"; @@ -358,10 +399,10 @@ for (;;) { } } $conn->close; - #print Dumper(@rules); - #print "+=+=+ $rules[0]->{'pattern'}\n"; - #print "+=+=+ $rules[0]->{'answer'}->[0]->{'rname'}\n"; - #print "+=+=+ $rules[0]->{'answer'}->[0]\n"; + #print Dumper(@rules); + #print "+=+=+ $rules[0]->{'pattern'}\n"; + #print "+=+=+ $rules[0]->{'answer'}->[0]->{'rname'}\n"; + #print "+=+=+ $rules[0]->{'answer'}->[0]\n"; } elsif (vec($rout, fileno($udpsock), 1)) { printf "UDP request\n"; my $buf; diff --git a/bin/tests/system/dlzexternal/tests.sh b/bin/tests/system/dlzexternal/tests.sh index 3272b8b5..062a49e1 100644 --- a/bin/tests/system/dlzexternal/tests.sh +++ b/bin/tests/system/dlzexternal/tests.sh @@ -60,4 +60,14 @@ addr=`eval echo $out | cut -f1 -d'#'` [ "$ret" -eq 0 ] || echo "I:failed" status=`expr $status + $ret` +echo "I:testing DLZ driver is cleaned up on reload" +$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 reload 2>&1 | sed 's/^/I:ns1 /' +for i in 0 1 2 3 4 5 6 7 8 9; do + ret=0 + grep 'dlz_example: shutting down zone example.nil' ns1/named.run > /dev/null 2>&1 || ret=1 + [ "$ret" -eq 0 ] && break +done +[ "$ret" -eq 0 ] || echo "I:failed" +status=`expr $status + $ret` + exit $status diff --git a/bin/tests/system/dnssec/clean.sh b/bin/tests/system/dnssec/clean.sh index 72215d91..e31c9304 100644 --- a/bin/tests/system/dnssec/clean.sh +++ b/bin/tests/system/dnssec/clean.sh @@ -1,6 +1,6 @@ #!/bin/sh # -# Copyright (C) 2004, 2007-2011 Internet Systems Consortium, Inc. ("ISC") +# Copyright (C) 2004, 2007-2012 Internet Systems Consortium, Inc. ("ISC") # Copyright (C) 2000-2002 Internet Software Consortium. # # Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $Id: clean.sh,v 1.46 2011-12-08 16:07:20 each Exp $ +# $Id: clean.sh,v 1.46.36.2 2012-02-22 23:47:08 tbox Exp $ rm -f */K* */keyset-* */dsset-* */dlvset-* */signedkey-* */*.signed rm -f */trusted.conf */managed.conf */tmp* */*.jnl */*.bk @@ -51,6 +51,7 @@ rm -f signer/signer.out.* rm -f ns2/algroll.db rm -f ns3/kskonly.example.db rm -f ns4/named.conf +rm -f ns4/managed-keys.bind* rm -f ns3/auto-nsec.example.db ns3/auto-nsec3.example.db rm -f ns3/secure.below-cname.example.db rm -f signer/example.db.after signer/example.db.before diff --git a/bin/tests/system/dnssec/tests.sh b/bin/tests/system/dnssec/tests.sh index cb843d04..64288224 100644 --- a/bin/tests/system/dnssec/tests.sh +++ b/bin/tests/system/dnssec/tests.sh @@ -1,6 +1,6 @@ #!/bin/sh # -# Copyright (C) 2004-2011 Internet Systems Consortium, Inc. ("ISC") +# Copyright (C) 2004-2012 Internet Systems Consortium, Inc. ("ISC") # Copyright (C) 2000-2002 Internet Software Consortium. # # Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $Id: tests.sh,v 1.107 2011-12-22 12:01:43 marka Exp $ +# $Id: tests.sh,v 1.107.20.2 2012-02-22 23:47:08 tbox Exp $ SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh @@ -1255,6 +1255,13 @@ else echo "I:The DNSSEC update test requires the Net::DNS library." >&2 fi +echo "I:checking managed key maintenance has not started yet ($n)" +ret=0 +[ -f "ns4/managed-keys.bind.jnl" ] && ret=1 +n=`expr $n + 1` +if [ $ret != 0 ]; then echo "I:failed"; fi +status=`expr $status + $ret` + # Reconfigure caching server to use "dnssec-validation auto", and repeat # some of the DNSSEC validation tests to ensure that it works correctly. echo "I:switching to automatic root key configuration" @@ -1262,6 +1269,13 @@ cp ns4/named2.conf ns4/named.conf $RNDC -c ../common/rndc.conf -s 10.53.0.4 -p 9953 reconfig 2>&1 | sed 's/^/I:ns4 /' sleep 5 +echo "I:checking managed key maintenance timer has now started ($n)" +ret=0 +[ -f "ns4/managed-keys.bind.jnl" ] || ret=1 +n=`expr $n + 1` +if [ $ret != 0 ]; then echo "I:failed"; fi +status=`expr $status + $ret` + echo "I:checking positive validation NSEC ($n)" ret=0 $DIG $DIGOPTS +noauth a.example. @10.53.0.2 a > dig.out.ns2.test$n || ret=1 diff --git a/bin/tests/system/inline/clean.sh b/bin/tests/system/inline/clean.sh index 0b905fa8..bc12648a 100644 --- a/bin/tests/system/inline/clean.sh +++ b/bin/tests/system/inline/clean.sh @@ -12,7 +12,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $Id: clean.sh,v 1.12 2012-01-17 08:26:03 marka Exp $ +# $Id: clean.sh,v 1.12.12.1 2012-02-23 07:02:19 marka Exp $ rm -f */named.memstats rm -f */named.run @@ -24,6 +24,9 @@ rm -f ns1/root.db rm -f ns1/root.db.signed rm -f ns2/bits.db rm -f ns2/bits.db.jnl +rm -f ns1/signer.out +rm -f ns2/retransfer.db +rm -f ns2/retransfer.db.jnl rm -f ns3/K* rm -f ns3/bits.bk rm -f ns3/bits.bk.jnl @@ -49,6 +52,10 @@ rm -f ns3/expired.db rm -f ns3/expired.db.jnl rm -f ns3/expired.db.signed rm -f ns3/expired.db.signed.jnl +rm -f ns3/retransfer.bk +rm -f ns3/retransfer.bk.jnl +rm -f ns3/retransfer.bk.signed +rm -f ns3/retransfer.bk.signed.jnl rm -f ns4/K* rm -f ns4/noixfr.db rm -f ns4/noixfr.db.jnl diff --git a/bin/tests/system/inline/ns1/root.db.in b/bin/tests/system/inline/ns1/root.db.in index 378df511..6d165679 100644 --- a/bin/tests/system/inline/ns1/root.db.in +++ b/bin/tests/system/inline/ns1/root.db.in @@ -12,7 +12,7 @@ ; OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR ; PERFORMANCE OF THIS SOFTWARE. -; $Id: root.db.in,v 1.7 2012-01-10 23:46:58 tbox Exp $ +; $Id: root.db.in,v 1.7.14.1 2012-02-23 07:02:19 marka Exp $ $TTL 300 . IN SOA gson.nominum.com. a.root.servers.nil. ( @@ -44,3 +44,6 @@ ns3.updated. A 10.53.0.3 expired. NS ns3.expired. ns3.expired. A 10.53.0.3 + +retransfer. NS ns3.retransfer. +ns3.retransfer. A 10.53.0.3 diff --git a/bin/tests/system/inline/ns1/sign.sh b/bin/tests/system/inline/ns1/sign.sh index 90176c8b..6585ecab 100644 --- a/bin/tests/system/inline/ns1/sign.sh +++ b/bin/tests/system/inline/ns1/sign.sh @@ -1,6 +1,6 @@ #!/bin/sh -e # -# Copyright (C) 2011 Internet Systems Consortium, Inc. ("ISC") +# Copyright (C) 2011, 2012 Internet Systems Consortium, Inc. ("ISC") # # Permission to use, copy, modify, and/or distribute this software for any # purpose with or without fee is hereby granted, provided that the above @@ -14,7 +14,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $Id: sign.sh,v 1.3 2011-12-22 07:32:40 each Exp $ +# $Id: sign.sh,v 1.3.20.2 2012-02-23 07:09:01 tbox Exp $ SYSTEMTESTTOP=../.. . $SYSTEMTESTTOP/conf.sh @@ -26,7 +26,8 @@ rm -f K.+*+*.key rm -f K.+*+*.private keyname=`$KEYGEN -q -r $RANDFILE -a RSASHA1 -b 768 -n zone $zone` keyname=`$KEYGEN -q -r $RANDFILE -a RSASHA1 -b 1024 -n zone -f KSK $zone` -$SIGNER -S -x -T 1200 -o ${zone} root.db > /dev/null 2>&1 +$SIGNER -S -x -T 1200 -o ${zone} root.db > signer.out 2>&1 +[ $? = 0 ] || cat signer.out cat ${keyname}.key | grep -v '^; ' | $PERL -n -e ' local ($dn, $class, $type, $flags, $proto, $alg, @rest) = split; diff --git a/bin/tests/system/inline/ns2/named.conf b/bin/tests/system/inline/ns2/named.conf index 2623fe68..a296fead 100644 --- a/bin/tests/system/inline/ns2/named.conf +++ b/bin/tests/system/inline/ns2/named.conf @@ -1,5 +1,5 @@ /* - * Copyright (C) 2011 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2011, 2012 Internet Systems Consortium, Inc. ("ISC") * * Permission to use, copy, modify, and/or distribute this software for any * purpose with or without fee is hereby granted, provided that the above @@ -14,7 +14,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: named.conf,v 1.2 2011-08-30 23:46:52 tbox Exp $ */ +/* $Id: named.conf,v 1.2.138.2 2012-02-23 07:09:02 tbox Exp $ */ // NS2 @@ -38,3 +38,10 @@ zone "bits" { file "bits.db"; allow-update { any; }; }; + +zone "retransfer" { + type master; + file "retransfer.db"; + allow-update { any; }; + notify no; +}; diff --git a/bin/tests/system/inline/ns3/named.conf b/bin/tests/system/inline/ns3/named.conf index 6d3ea27c..251c87ad 100644 --- a/bin/tests/system/inline/ns3/named.conf +++ b/bin/tests/system/inline/ns3/named.conf @@ -14,7 +14,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: named.conf,v 1.7 2012-01-10 23:46:58 tbox Exp $ */ +/* $Id: named.conf,v 1.7.14.1 2012-02-23 07:02:19 marka Exp $ */ // NS3 @@ -86,3 +86,11 @@ zone "expired" { allow-update { any; }; file "expired.db"; }; + +zone "retransfer" { + type slave; + masters { 10.53.0.2; }; + inline-signing yes; + auto-dnssec maintain; + file "retransfer.bk"; +}; diff --git a/bin/tests/system/inline/ns3/sign.sh b/bin/tests/system/inline/ns3/sign.sh index 9d75299b..dfd78225 100644 --- a/bin/tests/system/inline/ns3/sign.sh +++ b/bin/tests/system/inline/ns3/sign.sh @@ -14,7 +14,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $Id: sign.sh,v 1.7 2012-01-10 23:46:58 tbox Exp $ +# $Id: sign.sh,v 1.7.14.1 2012-02-23 07:02:20 marka Exp $ SYSTEMTESTTOP=../.. . $SYSTEMTESTTOP/conf.sh @@ -66,3 +66,10 @@ keyname=`$KEYGEN -q -r $RANDFILE -a RSASHA1 -b 768 -n zone $zone` keyname=`$KEYGEN -q -r $RANDFILE -a RSASHA1 -b 1024 -n zone -f KSK $zone` $DSFROMKEY -T 1200 $keyname >> ../ns1/root.db $SIGNER -PS -s 20100101000000 -e 20110101000000 -O raw -L 2000042407 -o ${zone} ${zone}.db > /dev/null 2>&1 + +zone=retransfer +rm -f K${zone}.+*+*.key +rm -f K${zone}.+*+*.private +keyname=`$KEYGEN -q -r $RANDFILE -a RSASHA1 -b 768 -n zone $zone` +keyname=`$KEYGEN -q -r $RANDFILE -a RSASHA1 -b 1024 -n zone -f KSK $zone` +$DSFROMKEY -T 1200 $keyname >> ../ns1/root.db diff --git a/bin/tests/system/inline/setup.sh b/bin/tests/system/inline/setup.sh index f7606888..5960eafa 100644 --- a/bin/tests/system/inline/setup.sh +++ b/bin/tests/system/inline/setup.sh @@ -12,7 +12,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $Id: setup.sh,v 1.10 2012-01-10 23:46:58 tbox Exp $ +# $Id: setup.sh,v 1.10.14.1 2012-02-23 07:02:19 marka Exp $ sh clean.sh @@ -21,6 +21,7 @@ rm -f ns1/root.db.signed touch ns2/trusted.conf cp ns2/bits.db.in ns2/bits.db +cp ns2/bits.db.in ns2/retransfer.db rm -f ns2/bits.db.jnl cp ns3/master.db.in ns3/master.db diff --git a/bin/tests/system/inline/tests.sh b/bin/tests/system/inline/tests.sh index afa3c026..ee8c1661 100644 --- a/bin/tests/system/inline/tests.sh +++ b/bin/tests/system/inline/tests.sh @@ -14,7 +14,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $Id: tests.sh,v 1.16.12.1 2012-01-31 01:11:54 each Exp $ +# $Id: tests.sh,v 1.16.12.2 2012-02-23 07:02:19 marka Exp $ SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh @@ -693,4 +693,53 @@ $RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 sync -clean dynamic 2>&1 || re if [ $ret != 0 ]; then echo "I:failed"; fi status=`expr $status + $ret` +$NSUPDATE << EOF +zone retransfer +server 10.53.0.2 5300 +update add added.retransfer 0 A 1.2.3.4 +send + +EOF + +n=`expr $n + 1` +echo "I:checking that the retransfer record is added on the hidden master ($n)" +ret=0 +$DIG $DIGOPTS @10.53.0.2 -p 5300 added.retransfer A > dig.out.ns2.test$n +grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 +grep "ANSWER: 1," dig.out.ns2.test$n > /dev/null || ret=1 +if [ $ret != 0 ]; then echo "I:failed"; fi +status=`expr $status + $ret` + +n=`expr $n + 1` +echo "I:checking that the change has not been transfered due to notify ($n)" +ret=0 +for i in 0 1 2 3 4 5 6 7 8 9 +do + ans=0 + $DIG $DIGOPTS @10.53.0.3 -p 5300 added.retransfer A > dig.out.ns3.test$n + grep "status: NOERROR" dig.out.ns3.test$n > /dev/null || ans=1 + [ $ans = 0 ] && break + sleep 1 +done +if [ $ans != 1 ]; then echo "I:failed"; ret=1; fi +status=`expr $status + $ret` +n=`expr $n + 1` + +echo "I:check rndc retransfer of a inline slave zone works ($n)" +ret=0 +$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 retransfer retransfer 2>&1 || ret=1 +for i in 0 1 2 3 4 5 6 7 8 9 +do + ans=0 + $DIG $DIGOPTS @10.53.0.3 -p 5300 added.retransfer A > dig.out.ns3.test$n + grep "status: NOERROR" dig.out.ns3.test$n > /dev/null || ans=1 + grep "ANSWER: 2," dig.out.ns3.test$n > /dev/null || ans=1 + [ $ans = 0 ] && break + sleep 1 +done +[ $ans = 1 ] && ret=1 +n=`expr $n + 1` +if [ $ret != 0 ]; then echo "I:failed"; fi +status=`expr $status + $ret` + exit $status diff --git a/bin/tests/system/ixfr/tests.sh b/bin/tests/system/ixfr/tests.sh index d3bc1fa5..bc7e623e 100644 --- a/bin/tests/system/ixfr/tests.sh +++ b/bin/tests/system/ixfr/tests.sh @@ -15,7 +15,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $Id: tests.sh,v 1.8.134.2 2012-02-07 23:46:57 tbox Exp $ +# $Id: tests.sh,v 1.8.134.3 2012-02-22 14:29:38 marka Exp $ # WARNING: The test labelled "testing request-ixfr option in view vs zone" @@ -65,7 +65,12 @@ EOF $RNDCCMD reload -sleep 2 +for i in 0 1 2 3 4 5 6 7 8 9 +do + $DIGCMD nil. SOA > dig.out + grep "SOA" dig.out > /dev/null && break + sleep 1 +done $DIGCMD nil. TXT | grep 'initial AXFR' >/dev/null || { echo "I:failed" diff --git a/bin/tests/system/resolver/clean.sh b/bin/tests/system/resolver/clean.sh index b82b5456..a94c2deb 100644 --- a/bin/tests/system/resolver/clean.sh +++ b/bin/tests/system/resolver/clean.sh @@ -14,7 +14,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $Id: clean.sh,v 1.8.248.2 2012-02-09 23:46:50 tbox Exp $ +# $Id: clean.sh,v 1.8.248.3 2012-02-22 00:35:53 each Exp $ # # Clean up after resolver tests. @@ -28,6 +28,6 @@ rm -f ns4/tld.db rm -f ns6/K* rm -f ns6/example.net.db.signed ns6/example.net.db rm -f ns6/dsset-example.net. ns6/example.net.db.signed.jnl -rm -r ns6/to-be-removed.tld.db ns6/to-be-removed.tld.db.jnl +rm -f ns6/to-be-removed.tld.db ns6/to-be-removed.tld.db.jnl rm -f ns7/server.db ns7/server.db.jnl rm -f random.data diff --git a/bin/tests/system/xfer/clean.sh b/bin/tests/system/xfer/clean.sh index 3cbfb919..ef4bf98b 100644 --- a/bin/tests/system/xfer/clean.sh +++ b/bin/tests/system/xfer/clean.sh @@ -1,6 +1,6 @@ #!/bin/sh # -# Copyright (C) 2004, 2007, 2011 Internet Systems Consortium, Inc. ("ISC") +# Copyright (C) 2004, 2007, 2011, 2012 Internet Systems Consortium, Inc. ("ISC") # Copyright (C) 2000, 2001 Internet Software Consortium. # # Permission to use, copy, modify, and/or distribute this software for any @@ -15,13 +15,13 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $Id: clean.sh,v 1.17 2011-12-01 00:53:58 marka Exp $ +# $Id: clean.sh,v 1.17.44.2 2012-02-22 23:47:08 tbox Exp $ # # Clean up after zone transfer tests. # -rm -f dig.out.ns1 dig.out.ns2 dig.out.ns3 +rm -f dig.out.ns1 dig.out.ns2 dig.out.ns3 dig.out.ns4 rm -f dig.out.ns5 dig.out.ns6 dig.out.ns7 rm -f axfr.out rm -f ns1/slave.db diff --git a/bin/tests/system/xfer/tests.sh b/bin/tests/system/xfer/tests.sh index f9b8f1f7..7021218b 100644 --- a/bin/tests/system/xfer/tests.sh +++ b/bin/tests/system/xfer/tests.sh @@ -1,6 +1,6 @@ #!/bin/sh # -# Copyright (C) 2004, 2005, 2007, 2011 Internet Systems Consortium, Inc. ("ISC") +# Copyright (C) 2004, 2005, 2007, 2011, 2012 Internet Systems Consortium, Inc. ("ISC") # Copyright (C) 2000, 2001 Internet Software Consortium. # # Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $Id: tests.sh,v 1.35 2011-12-01 00:53:58 marka Exp $ +# $Id: tests.sh,v 1.35.44.2 2012-02-22 23:47:08 tbox Exp $ SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh @@ -234,7 +234,13 @@ EOF $RNDCCMD reload | sed 's/^/I:ns4 /' -sleep 2 + +for i in 0 1 2 3 4 5 6 7 8 9 +do + $DIGCMD nil. SOA > dig.out.ns4 + grep SOA dig.out.ns4 > /dev/null && break + sleep 1 +done $DIGCMD nil. TXT | grep 'initial AXFR' >/dev/null || { echo "I:failed" |