diff options
Diffstat (limited to 'bin/tests')
89 files changed, 1009 insertions, 135 deletions
diff --git a/bin/tests/Makefile.in b/bin/tests/Makefile.in index 6c8055b9..9d34e627 100644 --- a/bin/tests/Makefile.in +++ b/bin/tests/Makefile.in @@ -1,4 +1,4 @@ -# Copyright (C) 2004-2009 Internet Systems Consortium, Inc. ("ISC") +# Copyright (C) 2004-2010 Internet Systems Consortium, Inc. ("ISC") # Copyright (C) 1998-2003 Internet Software Consortium. # # Permission to use, copy, modify, and/or distribute this software for any @@ -13,7 +13,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $Id: Makefile.in,v 1.138 2009/12/05 23:31:40 each Exp $ +# $Id: Makefile.in,v 1.138.2.2 2010/09/29 23:46:41 tbox Exp $ srcdir = @srcdir@ VPATH = @srcdir@ @@ -41,7 +41,7 @@ LWRESDEPLIBS = ../../lib/lwres/liblwres.@A@ LIBS = @LIBS@ -SUBDIRS = db dst master mem names net rbt sockaddr tasks timers system +SUBDIRS = db dst master mem hashes names net rbt sockaddr tasks timers system # Test programs that are built by default: # cfg_test is needed for regenerating doc/misc/options diff --git a/bin/tests/hashes/Makefile.in b/bin/tests/hashes/Makefile.in new file mode 100644 index 00000000..f1015897 --- /dev/null +++ b/bin/tests/hashes/Makefile.in @@ -0,0 +1,54 @@ +# Copyright (C) 2010 Internet Systems Consortium, Inc. ("ISC") +# +# Permission to use, copy, modify, and/or distribute this software for any +# purpose with or without fee is hereby granted, provided that the above +# copyright notice and this permission notice appear in all copies. +# +# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH +# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY +# AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, +# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM +# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR +# PERFORMANCE OF THIS SOFTWARE. + +# $Id: Makefile.in,v 1.2.2.3 2010/09/29 23:46:44 tbox Exp $ + +srcdir = @srcdir@ +VPATH = @srcdir@ +top_srcdir = @top_srcdir@ + +@BIND9_MAKE_INCLUDES@ + +CINCLUDES = ${TEST_INCLUDES} ${ISC_INCLUDES} + +CDEFINES = +CWARNINGS = + +ISCLIBS = ../../../lib/isc/libisc.@A@ @DNS_CRYPTO_LIBS@ + +ISCDEPLIBS = ../../../lib/isc/libisc.@A@ + +DEPLIBS = ${ISCDEPLIBS} + +LIBS = ${ISCLIBS} @LIBS@ + +TLIB = ../../../lib/tests/libt_api.@A@ + +TARGETS = t_hashes@EXEEXT@ + +SRCS = t_hashes.c + +@BIND9_MAKE_RULES@ + +t_hashes@EXEEXT@: t_hashes.@O@ ${DEPLIBS} ${TLIB} + ${LIBTOOL_MODE_LINK} ${PURIFY} ${CC} ${CFLAGS} ${LDFLAGS} -o $@ t_hashes.@O@ ${TLIB} ${LIBS} + +test: t_hashes@EXEEXT@ + -@./t_hashes@EXEEXT@ -c @top_srcdir@/t_config -b @srcdir@ -q 60 -a + +testhelp: + @./t_hashes@EXEEXT@ -h + +clean distclean:: + rm -f ${TARGETS} diff --git a/bin/tests/hashes/t_hashes.c b/bin/tests/hashes/t_hashes.c new file mode 100644 index 00000000..7dfcb77c --- /dev/null +++ b/bin/tests/hashes/t_hashes.c @@ -0,0 +1,467 @@ +/* + * Copyright (C) 2010 Internet Systems Consortium, Inc. ("ISC") + * + * Permission to use, copy, modify, and/or distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $Id: t_hashes.c,v 1.2.2.5 2010/10/04 22:25:25 marka Exp $ */ + +/* + * -d1 or larger shows hash or HMAC result even if correct + */ + +#include <config.h> + +#include <stdlib.h> + +#include <isc/hmacmd5.h> +#include <isc/hmacsha.h> +#include <isc/md5.h> +#include <isc/print.h> +#include <isc/sha1.h> +#include <isc/string.h> +#include <isc/util.h> + +#include <tests/t_api.h> + + +static int nprobs; + +typedef void(*HASH_INIT)(void *); +typedef void(*HMAC_INIT)(void *, const unsigned char *, unsigned int); +typedef void(*UPDATE)(void *, const unsigned char *, unsigned int); +typedef void(*FINAL)(void *, const unsigned char *); +typedef void(*SIGN)(void *, const unsigned char *, unsigned int); + +typedef struct { + const char *name; + const unsigned char *key; + const unsigned int key_len; + const unsigned char *str; + const unsigned int str_len; +} IN; +#define STR_INIT(s) (const unsigned char *)(s), sizeof(s)-1 + + +union { + unsigned char b[1024]; + unsigned char md5[16]; + unsigned char sha1[ISC_SHA1_DIGESTLENGTH]; + unsigned char sha224[ISC_SHA224_DIGESTLENGTH]; + unsigned char sha256[ISC_SHA256_DIGESTLENGTH]; + unsigned char sha384[ISC_SHA384_DIGESTLENGTH]; + unsigned char sha512[ISC_SHA512_DIGESTLENGTH]; +} dbuf; +#define DIGEST_FILL 0xdf + +typedef struct { + const char *str; + const unsigned int digest_len; +} OUT; + + +/* + * two ad hoc hash examples + */ +static IN abc = { "\"abc\"", NULL, 0, STR_INIT("abc")}; +static OUT abc_sha1 = { + "a9993e364706816aba3e25717850c26c9cd0d89d", + ISC_SHA1_DIGESTLENGTH}; +static OUT abc_sha224 = { + "23097d223405d8228642a477bda255b32aadbce4bda0b3f7e36c9da7", + ISC_SHA224_DIGESTLENGTH}; +static OUT abc_md5 = { + "900150983cd24fb0d6963f7d28e17f72", + 16}; + +static IN abc_blah = { "\"abcdbc...\"", NULL, 0, + STR_INIT("abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq")}; +static OUT abc_blah_sha1 = { + "84983e441c3bd26ebaae4aa1f95129e5e54670f1", + ISC_SHA1_DIGESTLENGTH}; +static OUT abc_blah_sha224 = { + "75388b16512776cc5dba5da1fd890150b0c6455cb4f58b1952522525", + ISC_SHA224_DIGESTLENGTH}; +static OUT abc_blah_md5 = { + "8215ef0796a20bcaaae116d3876c664a", + 16}; + +/* + * three HMAC-md5 examples from RFC 2104 + */ +static const unsigned char rfc2104_1_key[16] = { + 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, + 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b}; +static IN rfc2104_1 = {"RFC 2104 #1", rfc2104_1_key, sizeof(rfc2104_1_key), + STR_INIT("Hi There")}; +static OUT rfc2104_1_hmac = { + "9294727a3638bb1c13f48ef8158bfc9d", + 16}; + +static IN rfc2104_2 = {"RFC 2104 #2", STR_INIT("Jefe"), + STR_INIT("what do ya want for nothing?")}; +static OUT rfc2104_2_hmac = { + "750c783e6ab0b503eaa86e310a5db738", + 16}; + +static const unsigned char rfc2104_3_key[16] = { + 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, + 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA}; +static const unsigned char rfc2104_3_s[50] = { + 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, + 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, + 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, + 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, + 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, + 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, + 0xDD, 0xDD}; +static IN rfc2104_3 = {"RFC 2104 #3", rfc2104_3_key, sizeof(rfc2104_3_key), + rfc2104_3_s, sizeof(rfc2104_3_s)}; +static OUT rfc2104_3_hmac = { + "56be34521d144c88dbb8c733f0e8b3f6", + 16}; + +/* + * four three HMAC-SHA tests cut-and-pasted from RFC 4634 starting on page 86 + */ +static const unsigned char rfc4634_1_key[20] = { + 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, + 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b +}; +static IN rfc4634_1 = {"RFC 4634 #1", rfc4634_1_key, sizeof(rfc4634_1_key), + STR_INIT("Hi There")}; +static OUT rfc4634_1_sha1 = { + "B617318655057264E28BC0B6FB378C8EF146BE00", + ISC_SHA1_DIGESTLENGTH}; +static OUT rfc4634_1_sha224 = { + "896FB1128ABBDF196832107CD49DF33F47B4B1169912BA4F53684B22", + ISC_SHA224_DIGESTLENGTH}; +static OUT rfc4634_1_sha256 = { + "B0344C61D8DB38535CA8AFCEAF0BF12B881DC200C9833DA726E9376C2E32" + "CFF7", + ISC_SHA256_DIGESTLENGTH}; +static OUT rfc4634_1_sha384 = { + "AFD03944D84895626B0825F4AB46907F15F9DADBE4101EC682AA034C7CEB" + "C59CFAEA9EA9076EDE7F4AF152E8B2FA9CB6", + ISC_SHA384_DIGESTLENGTH}; +static OUT rfc4634_1_sha512 = { + "87AA7CDEA5EF619D4FF0B4241A1D6CB02379F4E2CE4EC2787AD0B30545E1" + "7CDEDAA833B7D6B8A702038B274EAEA3F4E4BE9D914EEB61F1702E696C20" + "3A126854", + ISC_SHA512_DIGESTLENGTH}; + +static IN rfc4634_2 = {"RFC 4634 #2", STR_INIT("Jefe"), + STR_INIT("what do ya want for nothing?")}; +static OUT rfc4634_2_sha1 = { + "EFFCDF6AE5EB2FA2D27416D5F184DF9C259A7C79", + ISC_SHA1_DIGESTLENGTH}; +static OUT rfc4634_2_sha224 = { + "A30E01098BC6DBBF45690F3A7E9E6D0F8BBEA2A39E6148008FD05E44", + ISC_SHA224_DIGESTLENGTH}; +static OUT rfc4634_2_sha256 = { + "5BDCC146BF60754E6A042426089575C75A003F089D2739839DEC58B964EC" + "3843", + ISC_SHA256_DIGESTLENGTH}; +static OUT rfc4634_2_sha384 = { + "AF45D2E376484031617F78D2B58A6B1B9C7EF464F5A01B47E42EC3736322" + "445E8E2240CA5E69E2C78B3239ECFAB21649", + ISC_SHA384_DIGESTLENGTH}; +static OUT rfc4634_2_sha512 = { + "164B7A7BFCF819E2E395FBE73B56E0A387BD64222E831FD610270CD7EA25" + "05549758BF75C05A994A6D034F65F8F0E6FDCAEAB1A34D4A6B4B636E070A" + "38BCE737", + ISC_SHA512_DIGESTLENGTH}; + +static const unsigned char rfc4634_3_key[20] = { + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa +}; +static const unsigned char rfc4634_3_s[50] = { + 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, + 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, + 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, + 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, + 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd +}; +static IN rfc4634_3 = {"RFC 4634 #3", rfc4634_3_key, sizeof(rfc4634_3_key), + rfc4634_3_s, sizeof(rfc4634_3_s)}; +static OUT rfc4634_3_sha1 = { + "125D7342B9AC11CD91A39AF48AA17B4F63F175D3", + ISC_SHA1_DIGESTLENGTH}; +static OUT rfc4634_3_sha224 = { + "7FB3CB3588C6C1F6FFA9694D7D6AD2649365B0C1F65D69D1EC8333EA", + ISC_SHA224_DIGESTLENGTH}; +static OUT rfc4634_3_sha256 = { + "773EA91E36800E46854DB8EBD09181A72959098B3EF8C122D9635514CED5" + "65FE", + ISC_SHA256_DIGESTLENGTH}; +static OUT rfc4634_3_sha384 = { + "88062608D3E6AD8A0AA2ACE014C8A86F0AA635D947AC9FEBE83EF4E55966" + "144B2A5AB39DC13814B94E3AB6E101A34F27", + ISC_SHA384_DIGESTLENGTH}; +static OUT rfc4634_3_sha512 = { + "FA73B0089D56A284EFB0F0756C890BE9B1B5DBDD8EE81A3655F83E33B227" + "9D39BF3E848279A722C806B485A47E67C807B946A337BEE8942674278859" + "E13292FB", + ISC_SHA512_DIGESTLENGTH}; + +static const unsigned char rfc4634_4_key[25] = { + 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, + 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, + 0x15, 0x16, 0x17, 0x18, 0x19 +}; +static const unsigned char rfc4634_4_s[50] = { + 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, + 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, + 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, + 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, + 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd +}; +static IN rfc4634_4 = {"RFC 4634 #3", rfc4634_4_key, sizeof(rfc4634_4_key), + rfc4634_4_s, sizeof(rfc4634_4_s)}; +static OUT rfc4634_4_sha1 = { + "4C9007F4026250C6BC8414F9BF50C86C2D7235DA", + ISC_SHA1_DIGESTLENGTH}; +static OUT rfc4634_4_sha224 = { + "6C11506874013CAC6A2ABC1BB382627CEC6A90D86EFC012DE7AFEC5A", + ISC_SHA224_DIGESTLENGTH}; +static OUT rfc4634_4_sha256 = { + "82558A389A443C0EA4CC819899F2083A85F0FAA3E578F8077A2E3FF46729" + "665B", + ISC_SHA256_DIGESTLENGTH}; +static OUT rfc4634_4_sha384 = { + "3E8A69B7783C25851933AB6290AF6CA77A9981480850009CC5577C6E1F57" + "3B4E6801DD23C4A7D679CCF8A386C674CFFB", + ISC_SHA384_DIGESTLENGTH}; +static OUT rfc4634_4_sha512 = { + "B0BA465637458C6990E5A8C5F61D4AF7E576D97FF94B872DE76F8050361E" + "E3DBA91CA5C11AA25EB4D679275CC5788063A5F19741120C4F2DE2ADEBEB" + "10A298DD", + ISC_SHA512_DIGESTLENGTH}; + + + +static const char * +d2str(char *buf, unsigned int buf_len, + const unsigned char *d, unsigned int d_len) +{ + unsigned int i, l; + + l = 0; + for (i = 0; i < d_len && l < buf_len-4; ++i) { + l += snprintf(&buf[l], buf_len-l, "%02x", d[i]); + } + if (l >= buf_len-3) { + REQUIRE(buf_len > sizeof("...")); + strcpy(&buf[l-sizeof(" ...")], " ..."); + } + return buf; +} + + + +/* + * Compare binary digest or HMAC to string of hex digits from an RFC + */ +static void +ck(const char *name, const IN *in, const OUT *out) +{ + char buf[sizeof(dbuf)*2+1]; + const char *str_name; + unsigned int l; + + d2str(buf, sizeof(buf), dbuf.b, out->digest_len); + str_name = in->name != NULL ? in->name : (const char *)in->str; + + if (T_debug != 0) + t_info("%s(%s) = %s\n", name, str_name, buf); + + if (strcasecmp(buf, out->str)) { + t_info("%s(%s)\n%9s %s\n%9s %s\n", + name, str_name, + "is", buf, + "should be", out->str); + ++nprobs; + return; + } + + /* + * check that the hash or HMAC is no longer than we think it is + */ + for (l = out->digest_len; l < sizeof(dbuf); ++l) { + if (dbuf.b[l] != DIGEST_FILL) { + t_info("byte #%d after end of %s(%s) changed to %02x\n", + l-out->digest_len, name, str_name, dbuf.b[l]); + ++nprobs; + break; + } + } +} + + + +static void +t_hash(const char *hname, HASH_INIT init, UPDATE update, FINAL final, + IN *in, OUT *out) +{ + union { + unsigned char b[1024]; + isc_sha1_t sha1; + isc_md5_t md5; + } ctx; + + init(&ctx); + update(&ctx, in->str, in->str_len); + memset(dbuf.b, DIGEST_FILL, sizeof(dbuf)); + final(&ctx, dbuf.b); + ck(hname, in, out); +} + + + +/* + * isc_sha224_final has a different calling sequence + */ +static void +t_sha224(IN *in, OUT *out) +{ + isc_sha224_t ctx; + + memset(dbuf.b, DIGEST_FILL, sizeof(dbuf)); + isc_sha224_init(&ctx); + isc_sha224_update(&ctx, in->str, in->str_len); + memset(dbuf.b, DIGEST_FILL, sizeof(dbuf)); + isc_sha224_final(dbuf.b, &ctx); + ck("SHA224", in, out); +} + + + +static void +t_hashes(IN *in, OUT *out_sha1, OUT *out_sha224, OUT *out_md5) +{ + t_hash("SHA1", (HASH_INIT)isc_sha1_init, (UPDATE)isc_sha1_update, + (FINAL)isc_sha1_final, in, out_sha1); + t_sha224(in, out_sha224); + t_hash("md5", (HASH_INIT)isc_md5_init, (UPDATE)isc_md5_update, + (FINAL)isc_md5_final, in, out_md5); +} + + + +/* + * isc_hmacmd5_sign has a different calling sequence + */ +static void +t_md5hmac(IN *in, OUT *out) +{ + isc_hmacmd5_t ctx; + + isc_hmacmd5_init(&ctx, in->key, in->key_len); + isc_hmacmd5_update(&ctx, in->str, in->str_len); + memset(dbuf.b, DIGEST_FILL, sizeof(dbuf)); + isc_hmacmd5_sign(&ctx, dbuf.b); + ck("HMAC-md5", in, out); +} + + + +static void +t_hmac(const char *hname, HMAC_INIT init, UPDATE update, SIGN sign, + IN *in, OUT *out) +{ + union { + unsigned char b[1024]; + isc_hmacmd5_t hmacmd5; + isc_hmacsha1_t hmacsha1; + isc_hmacsha224_t hmacsha224; + isc_hmacsha256_t hmacsha256; + isc_hmacsha384_t hmacsha384; + isc_hmacsha512_t hmacsha512; + } ctx; + + init(&ctx, in->key, in->key_len); + update(&ctx, in->str, in->str_len); + memset(dbuf.b, DIGEST_FILL, sizeof(dbuf)); + sign(&ctx, dbuf.b, out->digest_len); + ck(hname, in, out); +} + + + +static void +t_hmacs(IN *in, OUT *out_sha1, OUT *out_sha224, OUT *out_sha256, + OUT *out_sha384, OUT *out_sha512) +{ + t_hmac("HMAC-SHA1", (HMAC_INIT)isc_hmacsha1_init, + (UPDATE)isc_hmacsha1_update, (SIGN)isc_hmacsha1_sign, + in, out_sha1); + t_hmac("HMAC-SHA224", (HMAC_INIT)isc_hmacsha224_init, + (UPDATE)isc_hmacsha224_update, (SIGN)isc_hmacsha224_sign, + in, out_sha224); + t_hmac("HMAC-SHA256", (HMAC_INIT)isc_hmacsha256_init, + (UPDATE)isc_hmacsha256_update, (SIGN)isc_hmacsha256_sign, + in, out_sha256); + t_hmac("HMAC-SHA384", (HMAC_INIT)isc_hmacsha384_init, + (UPDATE)isc_hmacsha384_update, (SIGN)isc_hmacsha384_sign, + in, out_sha384); + t_hmac("HMAC-SHA512", (HMAC_INIT)isc_hmacsha512_init, + (UPDATE)isc_hmacsha512_update, (SIGN)isc_hmacsha512_sign, + in, out_sha512); +} + + + +/* + * This will almost never fail, and so there is no need for the extra noise + * that would come from breaking it into several tests. + */ +static void +t1(void) +{ + /* + * two ad hoc hash examples + */ + t_hashes(&abc, &abc_sha1, &abc_sha224, &abc_md5); + t_hashes(&abc_blah, &abc_blah_sha1, &abc_blah_sha224, &abc_blah_md5); + + /* + * three HMAC-md5 examples from RFC 2104 + */ + t_md5hmac(&rfc2104_1, &rfc2104_1_hmac); + t_md5hmac(&rfc2104_2, &rfc2104_2_hmac); + t_md5hmac(&rfc2104_3, &rfc2104_3_hmac); + + /* + * four HMAC-SHA tests from RFC 4634 starting on page 86 + */ + t_hmacs(&rfc4634_1, &rfc4634_1_sha1, &rfc4634_1_sha224, + &rfc4634_1_sha256, &rfc4634_1_sha384, &rfc4634_1_sha512); + t_hmacs(&rfc4634_2, &rfc4634_2_sha1, &rfc4634_2_sha224, + &rfc4634_2_sha256, &rfc4634_2_sha384, &rfc4634_2_sha512); + t_hmacs(&rfc4634_3, &rfc4634_3_sha1, &rfc4634_3_sha224, + &rfc4634_3_sha256, &rfc4634_3_sha384, &rfc4634_3_sha512); + t_hmacs(&rfc4634_4, &rfc4634_4_sha1, &rfc4634_4_sha224, + &rfc4634_4_sha256, &rfc4634_4_sha384, &rfc4634_4_sha512); + + if (nprobs != 0) + t_result(T_FAIL); + else + t_result(T_PASS); +} + + +testspec_t T_testlist[] = { + { t1, "hashes" }, + { NULL, NULL } +}; diff --git a/bin/tests/system/addzone/clean.sh b/bin/tests/system/addzone/clean.sh index 1cf94bdc..58a3db6d 100644 --- a/bin/tests/system/addzone/clean.sh +++ b/bin/tests/system/addzone/clean.sh @@ -14,7 +14,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $Id: clean.sh,v 1.2.2.2.6.1 2010/09/15 03:42:59 marka Exp $ +# $Id: clean.sh,v 1.2.2.3 2010/09/15 03:36:41 marka Exp $ rm -f dig.out.* rm -f rndc.out.* diff --git a/bin/tests/system/addzone/ns2/named2.conf b/bin/tests/system/addzone/ns2/named2.conf index c1c5e95d..f69505cc 100644 --- a/bin/tests/system/addzone/ns2/named2.conf +++ b/bin/tests/system/addzone/ns2/named2.conf @@ -14,7 +14,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: named2.conf,v 1.2.2.2.6.1 2010/09/24 06:32:57 marka Exp $ */ +/* $Id: named2.conf,v 1.2.2.3 2010/09/24 05:54:06 marka Exp $ */ controls { /* empty */ }; diff --git a/bin/tests/system/addzone/tests.sh b/bin/tests/system/addzone/tests.sh index aefc1f9c..bfb37136 100644 --- a/bin/tests/system/addzone/tests.sh +++ b/bin/tests/system/addzone/tests.sh @@ -14,7 +14,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $Id: tests.sh,v 1.2.2.2.6.2 2010/09/24 06:32:57 marka Exp $ +# $Id: tests.sh,v 1.2.2.4 2010/09/24 05:54:05 marka Exp $ SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh diff --git a/bin/tests/system/allow_query/clean.sh b/bin/tests/system/allow_query/clean.sh index 8f2e5869..fd97baf1 100644 --- a/bin/tests/system/allow_query/clean.sh +++ b/bin/tests/system/allow_query/clean.sh @@ -14,7 +14,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $Id: clean.sh,v 1.2.4.2 2010/11/16 02:26:24 sar Exp $ +# $Id: clean.sh,v 1.2.2.2 2010/11/16 02:11:47 sar Exp $ # # Clean up after allow query tests. diff --git a/bin/tests/system/allow_query/ns2/aclallow.db b/bin/tests/system/allow_query/ns2/aclallow.db index ad625947..3bdec1eb 100644 --- a/bin/tests/system/allow_query/ns2/aclallow.db +++ b/bin/tests/system/allow_query/ns2/aclallow.db @@ -12,7 +12,7 @@ ; OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR ; PERFORMANCE OF THIS SOFTWARE. -; $Id: aclallow.db,v 1.2.4.2 2010/11/16 02:26:25 sar Exp $ +; $Id: aclallow.db,v 1.2.2.2 2010/11/16 02:11:47 sar Exp $ $ORIGIN aclallow.example. $TTL 300 ; 5 minutes diff --git a/bin/tests/system/allow_query/ns2/acldisallow.db b/bin/tests/system/allow_query/ns2/acldisallow.db index 2359658d..ac9ffd3e 100644 --- a/bin/tests/system/allow_query/ns2/acldisallow.db +++ b/bin/tests/system/allow_query/ns2/acldisallow.db @@ -12,7 +12,7 @@ ; OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR ; PERFORMANCE OF THIS SOFTWARE. -; $Id: acldisallow.db,v 1.2.4.2 2010/11/16 02:26:25 sar Exp $ +; $Id: acldisallow.db,v 1.2.2.2 2010/11/16 02:11:47 sar Exp $ $ORIGIN acldisallow.example. $TTL 300 ; 5 minutes diff --git a/bin/tests/system/allow_query/ns2/aclnotallow.db b/bin/tests/system/allow_query/ns2/aclnotallow.db index a8a03972..e2ebcd5e 100644 --- a/bin/tests/system/allow_query/ns2/aclnotallow.db +++ b/bin/tests/system/allow_query/ns2/aclnotallow.db @@ -12,7 +12,7 @@ ; OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR ; PERFORMANCE OF THIS SOFTWARE. -; $Id: aclnotallow.db,v 1.2.4.2 2010/11/16 02:26:25 sar Exp $ +; $Id: aclnotallow.db,v 1.2.2.2 2010/11/16 02:11:48 sar Exp $ $ORIGIN aclnotallow.example. $TTL 300 ; 5 minutes diff --git a/bin/tests/system/allow_query/ns2/added.db b/bin/tests/system/allow_query/ns2/added.db index 452f04a1..a079ad0d 100644 --- a/bin/tests/system/allow_query/ns2/added.db +++ b/bin/tests/system/allow_query/ns2/added.db @@ -12,7 +12,7 @@ ; OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR ; PERFORMANCE OF THIS SOFTWARE. -; $Id: added.db,v 1.2.4.2 2010/11/16 02:26:25 sar Exp $ +; $Id: added.db,v 1.2.2.2 2010/11/16 02:11:48 sar Exp $ $ORIGIN added.example. $TTL 300 ; 5 minutes diff --git a/bin/tests/system/allow_query/ns2/addrallow.db b/bin/tests/system/allow_query/ns2/addrallow.db index 7d992b51..fd591d1e 100644 --- a/bin/tests/system/allow_query/ns2/addrallow.db +++ b/bin/tests/system/allow_query/ns2/addrallow.db @@ -12,7 +12,7 @@ ; OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR ; PERFORMANCE OF THIS SOFTWARE. -; $Id: addrallow.db,v 1.2.4.2 2010/11/16 02:26:25 sar Exp $ +; $Id: addrallow.db,v 1.2.2.2 2010/11/16 02:11:48 sar Exp $ $ORIGIN addrallow.example. $TTL 300 ; 5 minutes diff --git a/bin/tests/system/allow_query/ns2/addrdisallow.db b/bin/tests/system/allow_query/ns2/addrdisallow.db index 38b4e555..cc2f4f25 100644 --- a/bin/tests/system/allow_query/ns2/addrdisallow.db +++ b/bin/tests/system/allow_query/ns2/addrdisallow.db @@ -12,7 +12,7 @@ ; OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR ; PERFORMANCE OF THIS SOFTWARE. -; $Id: addrdisallow.db,v 1.2.4.2 2010/11/16 02:26:25 sar Exp $ +; $Id: addrdisallow.db,v 1.2.2.2 2010/11/16 02:11:48 sar Exp $ $ORIGIN addrdisallow.example. $TTL 300 ; 5 minutes diff --git a/bin/tests/system/allow_query/ns2/addrnotallow.db b/bin/tests/system/allow_query/ns2/addrnotallow.db index 50646799..2a9304d1 100644 --- a/bin/tests/system/allow_query/ns2/addrnotallow.db +++ b/bin/tests/system/allow_query/ns2/addrnotallow.db @@ -12,7 +12,7 @@ ; OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR ; PERFORMANCE OF THIS SOFTWARE. -; $Id: addrnotallow.db,v 1.2.4.2 2010/11/16 02:26:25 sar Exp $ +; $Id: addrnotallow.db,v 1.2.2.2 2010/11/16 02:11:48 sar Exp $ $ORIGIN addrnotallow.example. $TTL 300 ; 5 minutes diff --git a/bin/tests/system/allow_query/ns2/any.db b/bin/tests/system/allow_query/ns2/any.db index d4935bde..37045394 100644 --- a/bin/tests/system/allow_query/ns2/any.db +++ b/bin/tests/system/allow_query/ns2/any.db @@ -12,7 +12,7 @@ ; OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR ; PERFORMANCE OF THIS SOFTWARE. -; $Id: any.db,v 1.2.4.2 2010/11/16 02:26:25 sar Exp $ +; $Id: any.db,v 1.2.2.2 2010/11/16 02:11:48 sar Exp $ $ORIGIN any.example. $TTL 300 ; 5 minutes diff --git a/bin/tests/system/allow_query/ns2/keyallow.db b/bin/tests/system/allow_query/ns2/keyallow.db index fd83faf5..b9ec9416 100644 --- a/bin/tests/system/allow_query/ns2/keyallow.db +++ b/bin/tests/system/allow_query/ns2/keyallow.db @@ -12,7 +12,7 @@ ; OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR ; PERFORMANCE OF THIS SOFTWARE. -; $Id: keyallow.db,v 1.2.4.2 2010/11/16 02:26:25 sar Exp $ +; $Id: keyallow.db,v 1.2.2.2 2010/11/16 02:11:48 sar Exp $ $ORIGIN keyallow.example. $TTL 300 ; 5 minutes diff --git a/bin/tests/system/allow_query/ns2/keydisallow.db b/bin/tests/system/allow_query/ns2/keydisallow.db index 17782267..61989e54 100644 --- a/bin/tests/system/allow_query/ns2/keydisallow.db +++ b/bin/tests/system/allow_query/ns2/keydisallow.db @@ -12,7 +12,7 @@ ; OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR ; PERFORMANCE OF THIS SOFTWARE. -; $Id: keydisallow.db,v 1.2.4.2 2010/11/16 02:26:26 sar Exp $ +; $Id: keydisallow.db,v 1.2.2.2 2010/11/16 02:11:48 sar Exp $ $ORIGIN keydisallow.example. $TTL 300 ; 5 minutes diff --git a/bin/tests/system/allow_query/ns2/named01.conf b/bin/tests/system/allow_query/ns2/named01.conf index 289149be..d94583f4 100644 --- a/bin/tests/system/allow_query/ns2/named01.conf +++ b/bin/tests/system/allow_query/ns2/named01.conf @@ -14,7 +14,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: named01.conf,v 1.2.4.2 2010/11/16 02:26:26 sar Exp $ */ +/* $Id: named01.conf,v 1.2.2.2 2010/11/16 02:11:49 sar Exp $ */ controls { /* empty */ }; diff --git a/bin/tests/system/allow_query/ns2/named02.conf b/bin/tests/system/allow_query/ns2/named02.conf index 9f74beab..93e84845 100644 --- a/bin/tests/system/allow_query/ns2/named02.conf +++ b/bin/tests/system/allow_query/ns2/named02.conf @@ -14,7 +14,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: named02.conf,v 1.2.4.2 2010/11/16 02:26:26 sar Exp $ */ +/* $Id: named02.conf,v 1.2.2.2 2010/11/16 02:11:49 sar Exp $ */ controls { /* empty */ }; diff --git a/bin/tests/system/allow_query/ns2/named03.conf b/bin/tests/system/allow_query/ns2/named03.conf index 7c50f399..6af6027a 100644 --- a/bin/tests/system/allow_query/ns2/named03.conf +++ b/bin/tests/system/allow_query/ns2/named03.conf @@ -14,7 +14,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: named03.conf,v 1.2.4.2 2010/11/16 02:26:26 sar Exp $ */ +/* $Id: named03.conf,v 1.2.2.2 2010/11/16 02:11:49 sar Exp $ */ controls { /* empty */ }; diff --git a/bin/tests/system/allow_query/ns2/named04.conf b/bin/tests/system/allow_query/ns2/named04.conf index 9c83244a..66b5d951 100644 --- a/bin/tests/system/allow_query/ns2/named04.conf +++ b/bin/tests/system/allow_query/ns2/named04.conf @@ -14,7 +14,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: named04.conf,v 1.2.4.2 2010/11/16 02:26:26 sar Exp $ */ +/* $Id: named04.conf,v 1.2.2.2 2010/11/16 02:11:49 sar Exp $ */ controls { /* empty */ }; diff --git a/bin/tests/system/allow_query/ns2/named05.conf b/bin/tests/system/allow_query/ns2/named05.conf index 222f10e9..acb7a90e 100644 --- a/bin/tests/system/allow_query/ns2/named05.conf +++ b/bin/tests/system/allow_query/ns2/named05.conf @@ -14,7 +14,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: named05.conf,v 1.2.4.2 2010/11/16 02:26:26 sar Exp $ */ +/* $Id: named05.conf,v 1.2.2.2 2010/11/16 02:11:49 sar Exp $ */ controls { /* empty */ }; diff --git a/bin/tests/system/allow_query/ns2/named06.conf b/bin/tests/system/allow_query/ns2/named06.conf index 91c08727..cc3ca9cd 100644 --- a/bin/tests/system/allow_query/ns2/named06.conf +++ b/bin/tests/system/allow_query/ns2/named06.conf @@ -14,7 +14,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: named06.conf,v 1.2.4.2 2010/11/16 02:26:26 sar Exp $ */ +/* $Id: named06.conf,v 1.2.2.2 2010/11/16 02:11:49 sar Exp $ */ controls { /* empty */ }; diff --git a/bin/tests/system/allow_query/ns2/named07.conf b/bin/tests/system/allow_query/ns2/named07.conf index 5f59dee5..537a919f 100644 --- a/bin/tests/system/allow_query/ns2/named07.conf +++ b/bin/tests/system/allow_query/ns2/named07.conf @@ -14,7 +14,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: named07.conf,v 1.2.4.2 2010/11/16 02:26:26 sar Exp $ */ +/* $Id: named07.conf,v 1.2.2.2 2010/11/16 02:11:49 sar Exp $ */ controls { /* empty */ }; diff --git a/bin/tests/system/allow_query/ns2/named08.conf b/bin/tests/system/allow_query/ns2/named08.conf index b7331c9c..eb9e8b4a 100644 --- a/bin/tests/system/allow_query/ns2/named08.conf +++ b/bin/tests/system/allow_query/ns2/named08.conf @@ -14,7 +14,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: named08.conf,v 1.2.4.2 2010/11/16 02:26:26 sar Exp $ */ +/* $Id: named08.conf,v 1.2.2.2 2010/11/16 02:11:49 sar Exp $ */ controls { /* empty */ }; diff --git a/bin/tests/system/allow_query/ns2/named09.conf b/bin/tests/system/allow_query/ns2/named09.conf index de5a3f7e..3b34fff3 100644 --- a/bin/tests/system/allow_query/ns2/named09.conf +++ b/bin/tests/system/allow_query/ns2/named09.conf @@ -14,7 +14,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: named09.conf,v 1.2.4.2 2010/11/16 02:26:27 sar Exp $ */ +/* $Id: named09.conf,v 1.2.2.2 2010/11/16 02:11:50 sar Exp $ */ controls { /* empty */ }; diff --git a/bin/tests/system/allow_query/ns2/named10.conf b/bin/tests/system/allow_query/ns2/named10.conf index 6342aa19..2b24aedc 100644 --- a/bin/tests/system/allow_query/ns2/named10.conf +++ b/bin/tests/system/allow_query/ns2/named10.conf @@ -14,7 +14,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: named10.conf,v 1.2.4.2 2010/11/16 02:26:27 sar Exp $ */ +/* $Id: named10.conf,v 1.2.2.2 2010/11/16 02:11:50 sar Exp $ */ controls { /* empty */ }; diff --git a/bin/tests/system/allow_query/ns2/named11.conf b/bin/tests/system/allow_query/ns2/named11.conf index 79c4757b..a041d31c 100644 --- a/bin/tests/system/allow_query/ns2/named11.conf +++ b/bin/tests/system/allow_query/ns2/named11.conf @@ -14,7 +14,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: named11.conf,v 1.2.4.2 2010/11/16 02:26:27 sar Exp $ */ +/* $Id: named11.conf,v 1.2.2.2 2010/11/16 02:11:50 sar Exp $ */ controls { /* empty */ }; diff --git a/bin/tests/system/allow_query/ns2/named12.conf b/bin/tests/system/allow_query/ns2/named12.conf index 59e25891..f10f0f4e 100644 --- a/bin/tests/system/allow_query/ns2/named12.conf +++ b/bin/tests/system/allow_query/ns2/named12.conf @@ -14,7 +14,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: named12.conf,v 1.2.4.2 2010/11/16 02:26:27 sar Exp $ */ +/* $Id: named12.conf,v 1.2.2.2 2010/11/16 02:11:50 sar Exp $ */ controls { /* empty */ }; diff --git a/bin/tests/system/allow_query/ns2/named21.conf b/bin/tests/system/allow_query/ns2/named21.conf index 8ea61ec7..10dfdc90 100644 --- a/bin/tests/system/allow_query/ns2/named21.conf +++ b/bin/tests/system/allow_query/ns2/named21.conf @@ -14,7 +14,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: named21.conf,v 1.2.4.2 2010/11/16 02:26:27 sar Exp $ */ +/* $Id: named21.conf,v 1.2.2.2 2010/11/16 02:11:50 sar Exp $ */ controls { /* empty */ }; diff --git a/bin/tests/system/allow_query/ns2/named22.conf b/bin/tests/system/allow_query/ns2/named22.conf index 10e5fcee..0cdd38bf 100644 --- a/bin/tests/system/allow_query/ns2/named22.conf +++ b/bin/tests/system/allow_query/ns2/named22.conf @@ -14,7 +14,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: named22.conf,v 1.2.4.2 2010/11/16 02:26:27 sar Exp $ */ +/* $Id: named22.conf,v 1.2.2.2 2010/11/16 02:11:50 sar Exp $ */ controls { /* empty */ }; diff --git a/bin/tests/system/allow_query/ns2/named23.conf b/bin/tests/system/allow_query/ns2/named23.conf index 321ea92e..764ed276 100644 --- a/bin/tests/system/allow_query/ns2/named23.conf +++ b/bin/tests/system/allow_query/ns2/named23.conf @@ -14,7 +14,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: named23.conf,v 1.2.4.2 2010/11/16 02:26:27 sar Exp $ */ +/* $Id: named23.conf,v 1.2.2.2 2010/11/16 02:11:50 sar Exp $ */ controls { /* empty */ }; diff --git a/bin/tests/system/allow_query/ns2/named24.conf b/bin/tests/system/allow_query/ns2/named24.conf index e007aa33..f95174b9 100644 --- a/bin/tests/system/allow_query/ns2/named24.conf +++ b/bin/tests/system/allow_query/ns2/named24.conf @@ -14,7 +14,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: named24.conf,v 1.2.4.2 2010/11/16 02:26:27 sar Exp $ */ +/* $Id: named24.conf,v 1.2.2.2 2010/11/16 02:11:50 sar Exp $ */ controls { /* empty */ }; diff --git a/bin/tests/system/allow_query/ns2/named25.conf b/bin/tests/system/allow_query/ns2/named25.conf index d9119419..a419f751 100644 --- a/bin/tests/system/allow_query/ns2/named25.conf +++ b/bin/tests/system/allow_query/ns2/named25.conf @@ -14,7 +14,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: named25.conf,v 1.2.4.2 2010/11/16 02:26:28 sar Exp $ */ +/* $Id: named25.conf,v 1.2.2.2 2010/11/16 02:11:51 sar Exp $ */ controls { /* empty */ }; diff --git a/bin/tests/system/allow_query/ns2/named26.conf b/bin/tests/system/allow_query/ns2/named26.conf index 647d9b15..ecd5ff01 100644 --- a/bin/tests/system/allow_query/ns2/named26.conf +++ b/bin/tests/system/allow_query/ns2/named26.conf @@ -14,7 +14,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: named26.conf,v 1.2.4.2 2010/11/16 02:26:28 sar Exp $ */ +/* $Id: named26.conf,v 1.2.2.2 2010/11/16 02:11:51 sar Exp $ */ controls { /* empty */ }; diff --git a/bin/tests/system/allow_query/ns2/named27.conf b/bin/tests/system/allow_query/ns2/named27.conf index 7718f770..35826e44 100644 --- a/bin/tests/system/allow_query/ns2/named27.conf +++ b/bin/tests/system/allow_query/ns2/named27.conf @@ -14,7 +14,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: named27.conf,v 1.2.4.2 2010/11/16 02:26:28 sar Exp $ */ +/* $Id: named27.conf,v 1.2.2.2 2010/11/16 02:11:51 sar Exp $ */ controls { /* empty */ }; diff --git a/bin/tests/system/allow_query/ns2/named28.conf b/bin/tests/system/allow_query/ns2/named28.conf index a839b6ef..479f2997 100644 --- a/bin/tests/system/allow_query/ns2/named28.conf +++ b/bin/tests/system/allow_query/ns2/named28.conf @@ -14,7 +14,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: named28.conf,v 1.2.4.2 2010/11/16 02:26:28 sar Exp $ */ +/* $Id: named28.conf,v 1.2.2.2 2010/11/16 02:11:51 sar Exp $ */ controls { /* empty */ }; diff --git a/bin/tests/system/allow_query/ns2/named29.conf b/bin/tests/system/allow_query/ns2/named29.conf index c40fb1ec..b5e96922 100644 --- a/bin/tests/system/allow_query/ns2/named29.conf +++ b/bin/tests/system/allow_query/ns2/named29.conf @@ -14,7 +14,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: named29.conf,v 1.2.4.2 2010/11/16 02:26:28 sar Exp $ */ +/* $Id: named29.conf,v 1.2.2.2 2010/11/16 02:11:51 sar Exp $ */ controls { /* empty */ }; diff --git a/bin/tests/system/allow_query/ns2/named30.conf b/bin/tests/system/allow_query/ns2/named30.conf index 10580d7d..a0c975b4 100644 --- a/bin/tests/system/allow_query/ns2/named30.conf +++ b/bin/tests/system/allow_query/ns2/named30.conf @@ -14,7 +14,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: named30.conf,v 1.2.4.2 2010/11/16 02:26:28 sar Exp $ */ +/* $Id: named30.conf,v 1.2.2.2 2010/11/16 02:11:51 sar Exp $ */ controls { /* empty */ }; diff --git a/bin/tests/system/allow_query/ns2/named31.conf b/bin/tests/system/allow_query/ns2/named31.conf index b4b1edc9..fa00adda 100644 --- a/bin/tests/system/allow_query/ns2/named31.conf +++ b/bin/tests/system/allow_query/ns2/named31.conf @@ -14,7 +14,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: named31.conf,v 1.2.4.2 2010/11/16 02:26:28 sar Exp $ */ +/* $Id: named31.conf,v 1.2.2.2 2010/11/16 02:11:51 sar Exp $ */ controls { /* empty */ }; diff --git a/bin/tests/system/allow_query/ns2/named32.conf b/bin/tests/system/allow_query/ns2/named32.conf index acbe1c7a..257953b4 100644 --- a/bin/tests/system/allow_query/ns2/named32.conf +++ b/bin/tests/system/allow_query/ns2/named32.conf @@ -14,7 +14,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: named32.conf,v 1.2.4.2 2010/11/16 02:26:28 sar Exp $ */ +/* $Id: named32.conf,v 1.2.2.2 2010/11/16 02:11:51 sar Exp $ */ controls { /* empty */ }; diff --git a/bin/tests/system/allow_query/ns2/named33.conf b/bin/tests/system/allow_query/ns2/named33.conf index 8c683110..8587ae63 100644 --- a/bin/tests/system/allow_query/ns2/named33.conf +++ b/bin/tests/system/allow_query/ns2/named33.conf @@ -14,7 +14,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: named33.conf,v 1.2.4.2 2010/11/16 02:26:28 sar Exp $ */ +/* $Id: named33.conf,v 1.2.2.2 2010/11/16 02:11:52 sar Exp $ */ controls { /* empty */ }; diff --git a/bin/tests/system/allow_query/ns2/named34.conf b/bin/tests/system/allow_query/ns2/named34.conf index daad6462..2cd924fc 100644 --- a/bin/tests/system/allow_query/ns2/named34.conf +++ b/bin/tests/system/allow_query/ns2/named34.conf @@ -14,7 +14,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: named34.conf,v 1.2.4.2 2010/11/16 02:26:29 sar Exp $ */ +/* $Id: named34.conf,v 1.2.2.2 2010/11/16 02:11:52 sar Exp $ */ controls { /* empty */ }; diff --git a/bin/tests/system/allow_query/ns2/named40.conf b/bin/tests/system/allow_query/ns2/named40.conf index 7b8b1378..d35ad6fb 100644 --- a/bin/tests/system/allow_query/ns2/named40.conf +++ b/bin/tests/system/allow_query/ns2/named40.conf @@ -14,7 +14,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: named40.conf,v 1.2.4.2 2010/11/16 02:26:29 sar Exp $ */ +/* $Id: named40.conf,v 1.2.2.2 2010/11/16 02:11:52 sar Exp $ */ controls { /* empty */ }; diff --git a/bin/tests/system/allow_query/ns2/named53.conf b/bin/tests/system/allow_query/ns2/named53.conf index e0647090..0cc9c59c 100644 --- a/bin/tests/system/allow_query/ns2/named53.conf +++ b/bin/tests/system/allow_query/ns2/named53.conf @@ -14,7 +14,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: named53.conf,v 1.2.4.2 2010/11/16 02:26:29 sar Exp $ */ +/* $Id: named53.conf,v 1.2.2.2 2010/11/16 02:11:52 sar Exp $ */ controls { /* empty */ }; diff --git a/bin/tests/system/allow_query/ns2/named54.conf b/bin/tests/system/allow_query/ns2/named54.conf index fa288c97..137dcd02 100644 --- a/bin/tests/system/allow_query/ns2/named54.conf +++ b/bin/tests/system/allow_query/ns2/named54.conf @@ -14,7 +14,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: named54.conf,v 1.2.4.2 2010/11/16 02:26:29 sar Exp $ */ +/* $Id: named54.conf,v 1.2.2.2 2010/11/16 02:11:52 sar Exp $ */ controls { /* empty */ }; diff --git a/bin/tests/system/allow_query/ns2/named55.conf b/bin/tests/system/allow_query/ns2/named55.conf index 6198507c..05abd7ce 100644 --- a/bin/tests/system/allow_query/ns2/named55.conf +++ b/bin/tests/system/allow_query/ns2/named55.conf @@ -14,7 +14,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: named55.conf,v 1.2.4.2 2010/11/16 02:26:29 sar Exp $ */ +/* $Id: named55.conf,v 1.2.2.2 2010/11/16 02:11:52 sar Exp $ */ controls { /* empty */ }; diff --git a/bin/tests/system/allow_query/ns2/named56.conf b/bin/tests/system/allow_query/ns2/named56.conf index a5360b52..05ce66c1 100644 --- a/bin/tests/system/allow_query/ns2/named56.conf +++ b/bin/tests/system/allow_query/ns2/named56.conf @@ -14,7 +14,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: named56.conf,v 1.2.4.2 2010/11/16 02:26:29 sar Exp $ */ +/* $Id: named56.conf,v 1.2.2.2 2010/11/16 02:11:52 sar Exp $ */ controls { /* empty */ }; diff --git a/bin/tests/system/allow_query/ns2/none.db b/bin/tests/system/allow_query/ns2/none.db index c7961cc0..85898755 100644 --- a/bin/tests/system/allow_query/ns2/none.db +++ b/bin/tests/system/allow_query/ns2/none.db @@ -12,7 +12,7 @@ ; OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR ; PERFORMANCE OF THIS SOFTWARE. -; $Id: none.db,v 1.2.4.2 2010/11/16 02:26:29 sar Exp $ +; $Id: none.db,v 1.2.2.2 2010/11/16 02:11:53 sar Exp $ $ORIGIN none.example. $TTL 300 ; 5 minutes diff --git a/bin/tests/system/allow_query/ns2/normal.db b/bin/tests/system/allow_query/ns2/normal.db index 828ec5b4..e34ac9e4 100644 --- a/bin/tests/system/allow_query/ns2/normal.db +++ b/bin/tests/system/allow_query/ns2/normal.db @@ -12,7 +12,7 @@ ; OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR ; PERFORMANCE OF THIS SOFTWARE. -; $Id: normal.db,v 1.2.4.2 2010/11/16 02:26:29 sar Exp $ +; $Id: normal.db,v 1.2.2.2 2010/11/16 02:11:53 sar Exp $ $ORIGIN normal.example. $TTL 300 ; 5 minutes diff --git a/bin/tests/system/allow_query/ns2/previous.db b/bin/tests/system/allow_query/ns2/previous.db index 569a0b59..4a13eb95 100644 --- a/bin/tests/system/allow_query/ns2/previous.db +++ b/bin/tests/system/allow_query/ns2/previous.db @@ -12,7 +12,7 @@ ; OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR ; PERFORMANCE OF THIS SOFTWARE. -; $Id: previous.db,v 1.2.4.2 2010/11/16 02:26:30 sar Exp $ +; $Id: previous.db,v 1.2.2.2 2010/11/16 02:11:53 sar Exp $ $ORIGIN previous.example. $TTL 300 ; 5 minutes diff --git a/bin/tests/system/allow_query/setup.sh b/bin/tests/system/allow_query/setup.sh index 2fac4b88..b3173ccc 100644 --- a/bin/tests/system/allow_query/setup.sh +++ b/bin/tests/system/allow_query/setup.sh @@ -14,6 +14,6 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $Id: setup.sh,v 1.2.4.2 2010/11/16 02:26:24 sar Exp $ +# $Id: setup.sh,v 1.2.2.2 2010/11/16 02:11:47 sar Exp $ cp -f ns2/named01.conf ns2/named.conf diff --git a/bin/tests/system/allow_query/tests.sh b/bin/tests/system/allow_query/tests.sh index 333f02d8..60ae6487 100644 --- a/bin/tests/system/allow_query/tests.sh +++ b/bin/tests/system/allow_query/tests.sh @@ -14,7 +14,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $Id: tests.sh,v 1.2.4.2 2010/11/16 02:26:24 sar Exp $ +# $Id: tests.sh,v 1.2.2.3 2010/12/02 23:26:56 marka Exp $ # Test of allow-query statement. # allow-query takes an address match list and can be included in either the @@ -68,7 +68,7 @@ n=0 n=`expr $n + 1` echo "I:test $n: default - query allowed" ret=0 -$DIG $DIGOPTS @10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret=1 +$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret=1 grep 'status: NOERROR' dig.out.ns2.$n > /dev/null || ret=1 grep '^a.normal.example' dig.out.ns2.$n > /dev/null || ret=1 if [ $ret != 0 ]; then echo "I:failed"; fi @@ -82,7 +82,7 @@ sleep 5 echo "I:test $n: explicit any - query allowed" ret=0 -$DIG $DIGOPTS @10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret=1 +$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret=1 grep 'status: NOERROR' dig.out.ns2.$n > /dev/null || ret=1 grep '^a.normal.example' dig.out.ns2.$n > /dev/null || ret=1 if [ $ret != 0 ]; then echo "I:failed"; fi @@ -96,7 +96,7 @@ sleep 5 echo "I:test $n: none - query refused" ret=0 -$DIG $DIGOPTS @10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret=1 +$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret=1 grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1 grep '^a.normal.example' dig.out.ns2.$n > /dev/null && ret=1 if [ $ret != 0 ]; then echo "I:failed"; fi @@ -110,7 +110,7 @@ sleep 5 echo "I:test $n: address allowed - query allowed" ret=0 -$DIG $DIGOPTS @10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret=1 +$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret=1 grep 'status: NOERROR' dig.out.ns2.$n > /dev/null || ret=1 grep '^a.normal.example' dig.out.ns2.$n > /dev/null || ret=1 if [ $ret != 0 ]; then echo "I:failed"; fi @@ -124,7 +124,7 @@ sleep 5 echo "I:test $n: address not allowed - query refused" ret=0 -$DIG $DIGOPTS @10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret=1 +$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret=1 grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1 grep '^a.normal.example' dig.out.ns2.$n > /dev/null && ret=1 if [ $ret != 0 ]; then echo "I:failed"; fi @@ -138,7 +138,7 @@ sleep 5 echo "I:test $n: address disallowed - query refused" ret=0 -$DIG $DIGOPTS @10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret=1 +$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret=1 grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1 grep '^a.normal.example' dig.out.ns2.$n > /dev/null && ret=1 if [ $ret != 0 ]; then echo "I:failed"; fi @@ -152,7 +152,7 @@ sleep 5 echo "I:test $n: acl allowed - query allowed" ret=0 -$DIG $DIGOPTS @10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret=1 +$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret=1 grep 'status: NOERROR' dig.out.ns2.$n > /dev/null || ret=1 grep '^a.normal.example' dig.out.ns2.$n > /dev/null || ret=1 if [ $ret != 0 ]; then echo "I:failed"; fi @@ -166,7 +166,7 @@ sleep 5 echo "I:test $n: acl not allowed - query refused" ret=0 -$DIG $DIGOPTS @10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret=1 +$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret=1 grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1 grep '^a.normal.example' dig.out.ns2.$n > /dev/null && ret=1 if [ $ret != 0 ]; then echo "I:failed"; fi @@ -181,7 +181,7 @@ sleep 5 echo "I:test $n: acl disallowed - query refused" ret=0 -$DIG $DIGOPTS @10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret=1 +$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret=1 grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1 grep '^a.normal.example' dig.out.ns2.$n > /dev/null && ret=1 if [ $ret != 0 ]; then echo "I:failed"; fi @@ -195,7 +195,7 @@ sleep 5 echo "I:test $n: key allowed - query allowed" ret=0 -$DIG $DIGOPTS @10.53.0.2 -y one:1234abcd8765 a.normal.example a > dig.out.ns2.$n || ret=1 +$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 -y one:1234abcd8765 a.normal.example a > dig.out.ns2.$n || ret=1 grep 'status: NOERROR' dig.out.ns2.$n > /dev/null || ret=1 grep '^a.normal.example' dig.out.ns2.$n > /dev/null || ret=1 if [ $ret != 0 ]; then echo "I:failed"; fi @@ -209,7 +209,7 @@ sleep 5 echo "I:test $n: key not allowed - query refused" ret=0 -$DIG $DIGOPTS @10.53.0.2 -y two:1234efgh8765 a.normal.example a > dig.out.ns2.$n || ret=1 +$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 -y two:1234efgh8765 a.normal.example a > dig.out.ns2.$n || ret=1 grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1 grep '^a.normal.example' dig.out.ns2.$n > /dev/null && ret=1 if [ $ret != 0 ]; then echo "I:failed"; fi @@ -223,7 +223,7 @@ sleep 5 echo "I:test $n: key disallowed - query refused" ret=0 -$DIG $DIGOPTS @10.53.0.2 -y one:1234abcd8765 a.normal.example a > dig.out.ns2.$n || ret=1 +$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 -y one:1234abcd8765 a.normal.example a > dig.out.ns2.$n || ret=1 grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1 grep '^a.normal.example' dig.out.ns2.$n > /dev/null && ret=1 if [ $ret != 0 ]; then echo "I:failed"; fi @@ -240,7 +240,7 @@ sleep 5 echo "I:test $n: views default - query allowed" ret=0 -$DIG $DIGOPTS @10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret=1 +$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret=1 grep 'status: NOERROR' dig.out.ns2.$n > /dev/null || ret=1 grep '^a.normal.example' dig.out.ns2.$n > /dev/null || ret=1 if [ $ret != 0 ]; then echo "I:failed"; fi @@ -254,7 +254,7 @@ sleep 5 echo "I:test $n: views explicit any - query allowed" ret=0 -$DIG $DIGOPTS @10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret=1 +$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret=1 grep 'status: NOERROR' dig.out.ns2.$n > /dev/null || ret=1 grep '^a.normal.example' dig.out.ns2.$n > /dev/null || ret=1 if [ $ret != 0 ]; then echo "I:failed"; fi @@ -268,7 +268,7 @@ sleep 5 echo "I:test $n: views none - query refused" ret=0 -$DIG $DIGOPTS @10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret=1 +$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret=1 grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1 grep '^a.normal.example' dig.out.ns2.$n > /dev/null && ret=1 if [ $ret != 0 ]; then echo "I:failed"; fi @@ -282,7 +282,7 @@ sleep 5 echo "I:test $n: views address allowed - query allowed" ret=0 -$DIG $DIGOPTS @10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret=1 +$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret=1 grep 'status: NOERROR' dig.out.ns2.$n > /dev/null || ret=1 grep '^a.normal.example' dig.out.ns2.$n > /dev/null || ret=1 if [ $ret != 0 ]; then echo "I:failed"; fi @@ -296,7 +296,7 @@ sleep 5 echo "I:test $n: views address not allowed - query refused" ret=0 -$DIG $DIGOPTS @10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret=1 +$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret=1 grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1 grep '^a.normal.example' dig.out.ns2.$n > /dev/null && ret=1 if [ $ret != 0 ]; then echo "I:failed"; fi @@ -310,7 +310,7 @@ sleep 5 echo "I:test $n: views address disallowed - query refused" ret=0 -$DIG $DIGOPTS @10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret=1 +$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret=1 grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1 grep '^a.normal.example' dig.out.ns2.$n > /dev/null && ret=1 if [ $ret != 0 ]; then echo "I:failed"; fi @@ -324,7 +324,7 @@ sleep 5 echo "I:test $n: views acl allowed - query allowed" ret=0 -$DIG $DIGOPTS @10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret=1 +$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret=1 grep 'status: NOERROR' dig.out.ns2.$n > /dev/null || ret=1 grep '^a.normal.example' dig.out.ns2.$n > /dev/null || ret=1 if [ $ret != 0 ]; then echo "I:failed"; fi @@ -338,7 +338,7 @@ sleep 5 echo "I:test $n: views acl not allowed - query refused" ret=0 -$DIG $DIGOPTS @10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret=1 +$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret=1 grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1 grep '^a.normal.example' dig.out.ns2.$n > /dev/null && ret=1 if [ $ret != 0 ]; then echo "I:failed"; fi @@ -352,7 +352,7 @@ sleep 5 echo "I:test $n: views acl disallowed - query refused" ret=0 -$DIG $DIGOPTS @10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret=1 +$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret=1 grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1 grep '^a.normal.example' dig.out.ns2.$n > /dev/null && ret=1 if [ $ret != 0 ]; then echo "I:failed"; fi @@ -366,7 +366,7 @@ sleep 5 echo "I:test $n: views key allowed - query allowed" ret=0 -$DIG $DIGOPTS @10.53.0.2 -y one:1234abcd8765 a.normal.example a > dig.out.ns2.$n || ret=1 +$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 -y one:1234abcd8765 a.normal.example a > dig.out.ns2.$n || ret=1 grep 'status: NOERROR' dig.out.ns2.$n > /dev/null || ret=1 grep '^a.normal.example' dig.out.ns2.$n > /dev/null || ret=1 if [ $ret != 0 ]; then echo "I:failed"; fi @@ -380,7 +380,7 @@ sleep 5 echo "I:test $n: views key not allowed - query refused" ret=0 -$DIG $DIGOPTS @10.53.0.2 -y two:1234efgh8765 a.normal.example a > dig.out.ns2.$n || ret=1 +$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 -y two:1234efgh8765 a.normal.example a > dig.out.ns2.$n || ret=1 grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1 grep '^a.normal.example' dig.out.ns2.$n > /dev/null && ret=1 if [ $ret != 0 ]; then echo "I:failed"; fi @@ -394,7 +394,7 @@ sleep 5 echo "I:test $n: views key disallowed - query refused" ret=0 -$DIG $DIGOPTS @10.53.0.2 -y one:1234abcd8765 a.normal.example a > dig.out.ns2.$n || ret=1 +$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 -y one:1234abcd8765 a.normal.example a > dig.out.ns2.$n || ret=1 grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1 grep '^a.normal.example' dig.out.ns2.$n > /dev/null && ret=1 if [ $ret != 0 ]; then echo "I:failed"; fi @@ -408,7 +408,7 @@ sleep 5 echo "I:test $n: views over options, views allow - query allowed" ret=0 -$DIG $DIGOPTS @10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret=1 +$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret=1 grep 'status: NOERROR' dig.out.ns2.$n > /dev/null || ret=1 grep '^a.normal.example' dig.out.ns2.$n > /dev/null || ret=1 if [ $ret != 0 ]; then echo "I:failed"; fi @@ -422,7 +422,7 @@ sleep 5 echo "I:test $n: views over options, views disallow - query refused" ret=0 -$DIG $DIGOPTS @10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret=1 +$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret=1 grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1 grep '^a.normal.example' dig.out.ns2.$n > /dev/null && ret=1 if [ $ret != 0 ]; then echo "I:failed"; fi @@ -440,7 +440,7 @@ sleep 5 echo "I:test $n: zone default - query allowed" ret=0 -$DIG $DIGOPTS @10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret=1 +$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret=1 grep 'status: NOERROR' dig.out.ns2.$n > /dev/null || ret=1 grep '^a.normal.example' dig.out.ns2.$n > /dev/null || ret=1 if [ $ret != 0 ]; then echo "I:failed"; fi @@ -450,7 +450,7 @@ status=`expr $status + $ret` n=`expr $n + 1` echo "I:test $n: zone explicit any - query allowed" ret=0 -$DIG $DIGOPTS @10.53.0.2 a.any.example a > dig.out.ns2.$n || ret=1 +$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.any.example a > dig.out.ns2.$n || ret=1 grep 'status: NOERROR' dig.out.ns2.$n > /dev/null || ret=1 grep '^a.any.example' dig.out.ns2.$n > /dev/null || ret=1 if [ $ret != 0 ]; then echo "I:failed"; fi @@ -460,7 +460,7 @@ status=`expr $status + $ret` n=`expr $n + 1` echo "I:test $n: zone none - query refused" ret=0 -$DIG $DIGOPTS @10.53.0.2 a.none.example a > dig.out.ns2.$n || ret=1 +$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.none.example a > dig.out.ns2.$n || ret=1 grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1 grep '^a.none.example' dig.out.ns2.$n > /dev/null && ret=1 if [ $ret != 0 ]; then echo "I:failed"; fi @@ -470,7 +470,7 @@ status=`expr $status + $ret` n=`expr $n + 1` echo "I:test $n: zone address allowed - query allowed" ret=0 -$DIG $DIGOPTS @10.53.0.2 a.addrallow.example a > dig.out.ns2.$n || ret=1 +$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.addrallow.example a > dig.out.ns2.$n || ret=1 grep 'status: NOERROR' dig.out.ns2.$n > /dev/null || ret=1 grep '^a.addrallow.example' dig.out.ns2.$n > /dev/null || ret=1 if [ $ret != 0 ]; then echo "I:failed"; fi @@ -480,7 +480,7 @@ status=`expr $status + $ret` n=`expr $n + 1` echo "I:test $n: zone address not allowed - query refused" ret=0 -$DIG $DIGOPTS @10.53.0.2 a.addrnotallow.example a > dig.out.ns2.$n || ret=1 +$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.addrnotallow.example a > dig.out.ns2.$n || ret=1 grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1 grep '^a.addrnotallow.example' dig.out.ns2.$n > /dev/null && ret=1 if [ $ret != 0 ]; then echo "I:failed"; fi @@ -490,7 +490,7 @@ status=`expr $status + $ret` n=`expr $n + 1` echo "I:test $n: zone address disallowed - query refused" ret=0 -$DIG $DIGOPTS @10.53.0.2 a.addrdisallow.example a > dig.out.ns2.$n || ret=1 +$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.addrdisallow.example a > dig.out.ns2.$n || ret=1 grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1 grep '^a.addrdisallow.example' dig.out.ns2.$n > /dev/null && ret=1 if [ $ret != 0 ]; then echo "I:failed"; fi @@ -500,7 +500,7 @@ status=`expr $status + $ret` n=`expr $n + 1` echo "I:test $n: zone acl allowed - query allowed" ret=0 -$DIG $DIGOPTS @10.53.0.2 a.aclallow.example a > dig.out.ns2.$n || ret=1 +$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.aclallow.example a > dig.out.ns2.$n || ret=1 grep 'status: NOERROR' dig.out.ns2.$n > /dev/null || ret=1 grep '^a.aclallow.example' dig.out.ns2.$n > /dev/null || ret=1 if [ $ret != 0 ]; then echo "I:failed"; fi @@ -510,7 +510,7 @@ status=`expr $status + $ret` n=`expr $n + 1` echo "I:test $n: zone acl not allowed - query refused" ret=0 -$DIG $DIGOPTS @10.53.0.2 a.aclnotallow.example a > dig.out.ns2.$n || ret=1 +$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.aclnotallow.example a > dig.out.ns2.$n || ret=1 grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1 grep '^a.aclnotallow.example' dig.out.ns2.$n > /dev/null && ret=1 if [ $ret != 0 ]; then echo "I:failed"; fi @@ -520,7 +520,7 @@ status=`expr $status + $ret` n=`expr $n + 1` echo "I:test $n: zone acl disallowed - query refused" ret=0 -$DIG $DIGOPTS @10.53.0.2 a.acldisallow.example a > dig.out.ns2.$n || ret=1 +$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.acldisallow.example a > dig.out.ns2.$n || ret=1 grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1 grep '^a.acldisallow.example' dig.out.ns2.$n > /dev/null && ret=1 if [ $ret != 0 ]; then echo "I:failed"; fi @@ -530,7 +530,7 @@ status=`expr $status + $ret` n=`expr $n + 1` echo "I:test $n: zone key allowed - query allowed" ret=0 -$DIG $DIGOPTS @10.53.0.2 -y one:1234abcd8765 a.keyallow.example a > dig.out.ns2.$n || ret=1 +$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 -y one:1234abcd8765 a.keyallow.example a > dig.out.ns2.$n || ret=1 grep 'status: NOERROR' dig.out.ns2.$n > /dev/null || ret=1 grep '^a.keyallow.example' dig.out.ns2.$n > /dev/null || ret=1 if [ $ret != 0 ]; then echo "I:failed"; fi @@ -540,7 +540,7 @@ status=`expr $status + $ret` n=`expr $n + 1` echo "I:test $n: zone key not allowed - query refused" ret=0 -$DIG $DIGOPTS @10.53.0.2 -y two:1234efgh8765 a.keyallow.example a > dig.out.ns2.$n || ret=1 +$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 -y two:1234efgh8765 a.keyallow.example a > dig.out.ns2.$n || ret=1 grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1 grep '^a.keyallow.example' dig.out.ns2.$n > /dev/null && ret=1 if [ $ret != 0 ]; then echo "I:failed"; fi @@ -550,7 +550,7 @@ status=`expr $status + $ret` n=`expr $n + 1` echo "I:test $n: zone key disallowed - query refused" ret=0 -$DIG $DIGOPTS @10.53.0.2 -y one:1234abcd8765 a.keydisallow.example a > dig.out.ns2.$n || ret=1 +$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 -y one:1234abcd8765 a.keydisallow.example a > dig.out.ns2.$n || ret=1 grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1 grep '^a.keydisallow.example' dig.out.ns2.$n > /dev/null && ret=1 if [ $ret != 0 ]; then echo "I:failed"; fi @@ -564,7 +564,7 @@ sleep 5 echo "I:test $n: views over options, views allow - query allowed" ret=0 -$DIG $DIGOPTS @10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret=1 +$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret=1 grep 'status: NOERROR' dig.out.ns2.$n > /dev/null || ret=1 grep '^a.normal.example' dig.out.ns2.$n > /dev/null || ret=1 if [ $ret != 0 ]; then echo "I:failed"; fi @@ -578,7 +578,7 @@ sleep 5 echo "I:test $n: views over options, views disallow - query refused" ret=0 -$DIG $DIGOPTS @10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret=1 +$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret=1 grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1 grep '^a.normal.example' dig.out.ns2.$n > /dev/null && ret=1 if [ $ret != 0 ]; then echo "I:failed"; fi @@ -592,7 +592,7 @@ sleep 5 echo "I:test $n: zones over views, views allow - query allowed" ret=0 -$DIG $DIGOPTS @10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret=1 +$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret=1 grep 'status: NOERROR' dig.out.ns2.$n > /dev/null || ret=1 grep '^a.normal.example' dig.out.ns2.$n > /dev/null || ret=1 if [ $ret != 0 ]; then echo "I:failed"; fi @@ -606,7 +606,7 @@ sleep 5 echo "I:test $n: zones over views, views disallow - query refused" ret=0 -$DIG $DIGOPTS @10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret=1 +$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret=1 grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1 grep '^a.normal.example' dig.out.ns2.$n > /dev/null && ret=1 if [ $ret != 0 ]; then echo "I:failed"; fi diff --git a/bin/tests/system/conf.sh.in b/bin/tests/system/conf.sh.in index 61025a37..adc2c2f5 100644 --- a/bin/tests/system/conf.sh.in +++ b/bin/tests/system/conf.sh.in @@ -15,7 +15,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $Id: conf.sh.in,v 1.43.8.8.6.1 2010/11/16 02:26:24 sar Exp $ +# $Id: conf.sh.in,v 1.43.8.10 2010/12/07 03:01:37 marka Exp $ # # Common configuration data for system tests, to be sourced into @@ -47,6 +47,7 @@ CHECKCONF=$TOP/bin/check/named-checkconf PK11GEN="$TOP/bin/pkcs11/pkcs11-keygen -s 0 -p 1234" PK11LIST="$TOP/bin/pkcs11/pkcs11-list -s 0 -p 1234" PK11DEL="$TOP/bin/pkcs11/pkcs11-destroy -s 0 -p 1234" +JOURNALPRINT=$TOP/bin/tools/named-journalprint # The "stress" test is not run by default since it creates enough # load on the machine to make it unusable to other users. @@ -72,4 +73,5 @@ else fi export NAMED LWRESD DIG NSUPDATE KEYGEN KEYFRLAB SIGNER KEYSIGNER KEYSETTOOL \ - PERL SUBDIRS RNDC CHECKZONE PK11GEN PK11LIST PK11DEL TESTSOCK6 + PERL SUBDIRS RNDC CHECKZONE PK11GEN PK11LIST PK11DEL TESTSOCK6 \ + JOURNALPRINT diff --git a/bin/tests/system/dnssec/clean.sh b/bin/tests/system/dnssec/clean.sh index 904815b2..def04a04 100644 --- a/bin/tests/system/dnssec/clean.sh +++ b/bin/tests/system/dnssec/clean.sh @@ -15,7 +15,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $Id: clean.sh,v 1.25.32.4 2010/08/13 07:00:40 marka Exp $ +# $Id: clean.sh,v 1.25.32.5 2010/09/07 01:05:58 marka Exp $ rm -f */K* */keyset-* */dsset-* */dlvset-* */signedkey-* */*.signed */trusted.conf */tmp* */*.jnl */*.bk rm -f ns1/root.db ns2/example.db ns3/secure.example.db @@ -24,6 +24,7 @@ rm -f ns3/dynamic.example.db ns3/dynamic.example.db.signed.jnl rm -f ns3/rsasha256.example.db ns3/rsasha512.example.db rm -f ns2/private.secure.example.db rm -f ns2/badparam.db ns2/badparam.db.bad +rm -f ns2/single-nsec3.db rm -f */example.bk rm -f dig.out.* rm -f random.data diff --git a/bin/tests/system/dnssec/ns1/root.db.in b/bin/tests/system/dnssec/ns1/root.db.in index 90c28dfd..a1c290a7 100644 --- a/bin/tests/system/dnssec/ns1/root.db.in +++ b/bin/tests/system/dnssec/ns1/root.db.in @@ -13,7 +13,7 @@ ; OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR ; PERFORMANCE OF THIS SOFTWARE. -; $Id: root.db.in,v 1.10.740.2 2010/11/17 23:46:50 tbox Exp $ +; $Id: root.db.in,v 1.10.558.2 2010/11/17 23:46:31 tbox Exp $ $TTL 300 . IN SOA gson.nominum.com. a.root.servers.nil. ( diff --git a/bin/tests/system/dnssec/ns1/sign.sh b/bin/tests/system/dnssec/ns1/sign.sh index d2bbf026..893d7e09 100644 --- a/bin/tests/system/dnssec/ns1/sign.sh +++ b/bin/tests/system/dnssec/ns1/sign.sh @@ -15,7 +15,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $Id: sign.sh,v 1.30.32.3.8.1 2010/11/16 01:31:38 marka Exp $ +# $Id: sign.sh,v 1.30.32.4 2010/11/16 01:21:49 marka Exp $ SYSTEMTESTTOP=../.. . $SYSTEMTESTTOP/conf.sh diff --git a/bin/tests/system/dnssec/ns2/algroll.db.in b/bin/tests/system/dnssec/ns2/algroll.db.in index 01dfe492..4ae275aa 100644 --- a/bin/tests/system/dnssec/ns2/algroll.db.in +++ b/bin/tests/system/dnssec/ns2/algroll.db.in @@ -12,7 +12,7 @@ ; OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR ; PERFORMANCE OF THIS SOFTWARE. -; $Id: algroll.db.in,v 1.2.4.3 2010/11/17 23:46:50 tbox Exp $ +; $Id: algroll.db.in,v 1.2.2.3 2010/11/17 23:46:31 tbox Exp $ $TTL 30 ; 5 minutes @ IN SOA mname1. . ( diff --git a/bin/tests/system/dnssec/ns2/named.conf b/bin/tests/system/dnssec/ns2/named.conf index 09a7e976..4fb6aff7 100644 --- a/bin/tests/system/dnssec/ns2/named.conf +++ b/bin/tests/system/dnssec/ns2/named.conf @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: named.conf,v 1.30.268.2.6.1 2010/11/16 01:31:39 marka Exp $ */ +/* $Id: named.conf,v 1.30.268.4 2010/11/16 01:21:49 marka Exp $ */ // NS2 @@ -80,12 +80,16 @@ zone "child.optout.example" { allow-update { none; }; }; - zone "badparam" { type master; file "badparam.db.bad"; }; +zone "single-nsec3" { + type master; + file "single-nsec3.db.signed"; +}; + zone "algroll" { type master; file "algroll.db.signed"; diff --git a/bin/tests/system/dnssec/ns2/sign.sh b/bin/tests/system/dnssec/ns2/sign.sh index 4daf6027..6f6a130c 100644 --- a/bin/tests/system/dnssec/ns2/sign.sh +++ b/bin/tests/system/dnssec/ns2/sign.sh @@ -15,7 +15,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $Id: sign.sh,v 1.35.32.4.6.1 2010/11/16 01:31:39 marka Exp $ +# $Id: sign.sh,v 1.35.32.6 2010/11/16 01:21:49 marka Exp $ SYSTEMTESTTOP=../.. . $SYSTEMTESTTOP/conf.sh @@ -115,7 +115,6 @@ cat $dlvinfile $dlvkeyname.key dlvset-$privzone > $dlvzonefile $SIGNER -P -g -r $RANDFILE -o $dlvzone $dlvzonefile > /dev/null - # Sign the badparam secure file zone=badparam. @@ -131,6 +130,19 @@ $SIGNER -P -3 - -H 1 -g -r $RANDFILE -o $zone -k $keyname1 $zonefile $keyname2 > sed 's/IN NSEC3 1 0 1 /IN NSEC3 1 0 10 /' $zonefile.signed > $zonefile.bad +# Sign the single-nsec3 secure zone with optout + +zone=single-nsec3. +infile=single-nsec3.db.in +zonefile=single-nsec3.db + +keyname1=`$KEYGEN -q -r $RANDFILE -a RSASHA256 -b 1024 -n zone -f KSK $zone` +keyname2=`$KEYGEN -q -r $RANDFILE -a RSASHA256 -b 1024 -n zone $zone` + +cat $infile $keyname1.key $keyname2.key >$zonefile + +$SIGNER -P -3 - -A -H 1 -g -r $RANDFILE -o $zone -k $keyname1 $zonefile $keyname2 > /dev/null + # # algroll has just has the old DNSKEY records removed and is waiting # for them to be flushed from caches. We still need to generate diff --git a/bin/tests/system/dnssec/ns2/single-nsec3.db.in b/bin/tests/system/dnssec/ns2/single-nsec3.db.in new file mode 100644 index 00000000..6ee36a04 --- /dev/null +++ b/bin/tests/system/dnssec/ns2/single-nsec3.db.in @@ -0,0 +1,26 @@ +; Copyright (C) 2010 Internet Systems Consortium, Inc. ("ISC") +; +; Permission to use, copy, modify, and/or distribute this software for any +; purpose with or without fee is hereby granted, provided that the above +; copyright notice and this permission notice appear in all copies. +; +; THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH +; REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY +; AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, +; INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM +; LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +; OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR +; PERFORMANCE OF THIS SOFTWARE. + +; $Id: single-nsec3.db.in,v 1.2.2.2 2010/09/07 01:05:59 marka Exp $ + +$TTL 300 ; 5 minutes +@ IN SOA ns2.example. . ( + 2010042407 ; serial + 20 ; refresh (20 seconds) + 20 ; retry (20 seconds) + 1814400 ; expire (3 weeks) + 3600 ; minimum (1 hour) + ) + NS ns2.example. +delegation NS ns3.example. diff --git a/bin/tests/system/dnssec/tests.sh b/bin/tests/system/dnssec/tests.sh index b515d3a2..adba696a 100644 --- a/bin/tests/system/dnssec/tests.sh +++ b/bin/tests/system/dnssec/tests.sh @@ -15,7 +15,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $Id: tests.sh,v 1.55.32.13.6.1 2010/11/16 01:31:37 marka Exp $ +# $Id: tests.sh,v 1.55.32.15 2010/11/16 01:21:49 marka Exp $ SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh @@ -1006,6 +1006,36 @@ n=`expr $n + 1` if [ $ret != 0 ]; then echo "I:failed"; fi status=`expr $status + $ret` +# +# RT22007 regression test. +# +echo "I:checking optout NSEC3 referral with only insecure delegations ($n)" +ret=0 +$DIG $DIGOPTS +norec delegation.single-nsec3. @10.53.0.2 a > dig.out.ns2.test$n || ret=1 +grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 +grep "3KL3NK1HKQ4IUEEHBEF12VGFKUETNBAN.*NSEC3 1 1 1 - 3KL3NK1HKQ4IUEEHBEF12VGFKUETNBAN" dig.out.ns2.test$n > /dev/null || ret=1 +n=`expr $n + 1` +if [ $ret != 0 ]; then echo "I:failed"; fi +status=`expr $status + $ret` + +echo "I:checking optout NSEC3 NXDOMAIN with only insecure delegations ($n)" +ret=0 +$DIG $DIGOPTS +norec nonexist.single-nsec3. @10.53.0.2 a > dig.out.ns2.test$n || ret=1 +grep "status: NXDOMAIN" dig.out.ns2.test$n > /dev/null || ret=1 +grep "3KL3NK1HKQ4IUEEHBEF12VGFKUETNBAN.*NSEC3 1 1 1 - 3KL3NK1HKQ4IUEEHBEF12VGFKUETNBAN" dig.out.ns2.test$n > /dev/null || ret=1 +n=`expr $n + 1` +if [ $ret != 0 ]; then echo "I:failed"; fi + +status=`expr $status + $ret` +echo "I:checking optout NSEC3 nodata with only insecure delegations ($n)" +ret=0 +$DIG $DIGOPTS +norec single-nsec3. @10.53.0.2 a > dig.out.ns2.test$n || ret=1 +grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1 +grep "3KL3NK1HKQ4IUEEHBEF12VGFKUETNBAN.*NSEC3 1 1 1 - 3KL3NK1HKQ4IUEEHBEF12VGFKUETNBAN" dig.out.ns2.test$n > /dev/null || ret=1 +n=`expr $n + 1` +if [ $ret != 0 ]; then echo "I:failed"; fi +status=`expr $status + $ret` + echo "I:checking that a zone finishing the transition from RSASHA1 to RSASHA256 validates secure ($n)" ret=0 $DIG $DIGOPTS ns algroll. @10.53.0.4 > dig.out.ns4.test$n || ret=1 diff --git a/bin/tests/system/masterfile/clean.sh b/bin/tests/system/masterfile/clean.sh index 43cd19ae..089c5588 100644 --- a/bin/tests/system/masterfile/clean.sh +++ b/bin/tests/system/masterfile/clean.sh @@ -15,7 +15,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $Id: clean.sh,v 1.5.658.2 2010/09/15 12:38:21 tbox Exp $ +# $Id: clean.sh,v 1.5.476.2 2010/09/15 12:38:03 tbox Exp $ rm -f dig.out.* rm -f */named.memstats diff --git a/bin/tests/system/masterfile/ns2/example.db b/bin/tests/system/masterfile/ns2/example.db index 7c3dbf19..cb2619bb 100644 --- a/bin/tests/system/masterfile/ns2/example.db +++ b/bin/tests/system/masterfile/ns2/example.db @@ -12,7 +12,7 @@ ; OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR ; PERFORMANCE OF THIS SOFTWARE. -; $Id: example.db,v 1.2.4.2 2010/09/15 03:42:59 marka Exp $ +; $Id: example.db,v 1.2.2.2 2010/09/15 03:36:41 marka Exp $ $TTL 300 ; 5 minutes @ IN SOA mname1. . ( diff --git a/bin/tests/system/masterfile/ns2/named.conf b/bin/tests/system/masterfile/ns2/named.conf index 0203c091..15527352 100644 --- a/bin/tests/system/masterfile/ns2/named.conf +++ b/bin/tests/system/masterfile/ns2/named.conf @@ -14,7 +14,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: named.conf,v 1.2.4.2 2010/09/15 03:42:59 marka Exp $ */ +/* $Id: named.conf,v 1.2.2.2 2010/09/15 03:36:41 marka Exp $ */ // NS2 diff --git a/bin/tests/system/masterfile/tests.sh b/bin/tests/system/masterfile/tests.sh index dbbfe0a6..4a33d11a 100644 --- a/bin/tests/system/masterfile/tests.sh +++ b/bin/tests/system/masterfile/tests.sh @@ -15,7 +15,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $Id: tests.sh,v 1.5.740.2 2010/09/15 12:38:21 tbox Exp $ +# $Id: tests.sh,v 1.5.558.2 2010/09/15 12:38:03 tbox Exp $ SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh diff --git a/bin/tests/system/nsupdate/clean.sh b/bin/tests/system/nsupdate/clean.sh index a24e6079..30027906 100644 --- a/bin/tests/system/nsupdate/clean.sh +++ b/bin/tests/system/nsupdate/clean.sh @@ -1,6 +1,6 @@ #!/bin/sh # -# Copyright (C) 2004, 2007, 2009 Internet Systems Consortium, Inc. ("ISC") +# Copyright (C) 2004, 2007, 2009, 2010 Internet Systems Consortium, Inc. ("ISC") # Copyright (C) 2000, 2001 Internet Software Consortium. # # Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $Id: clean.sh,v 1.16 2009/10/27 05:57:06 each Exp $ +# $Id: clean.sh,v 1.16.34.4 2010/12/07 03:01:37 marka Exp $ # # Clean up after zone transfer tests. @@ -23,7 +23,14 @@ rm -f dig.out.ns1 dig.out.ns2 dig.out.ns1.after ns1/*.jnl ns2/*.jnl \ ns1/example.db ns1/update.db ns1/other.db ns1/ddns.key +rm -f nsupdate.out rm -f random.data rm -f ns2/example.bk rm -f ns2/update.bk rm -f */named.memstats +rm -f nsupdate.out +rm -f ns3/example.db.jnl ns3/example.db +rm -f ns3/nsec3param.test.db.signed.jnl ns3/nsec3param.test.db ns3/nsec3param.test.db.signed ns3/dsset-nsec3param.test. +rm -f ns3/K* +rm -f dig.out.ns3.* +rm -f jp.out.ns3.* diff --git a/bin/tests/system/nsupdate/ns3/example.db.in b/bin/tests/system/nsupdate/ns3/example.db.in new file mode 100644 index 00000000..0094ed3e --- /dev/null +++ b/bin/tests/system/nsupdate/ns3/example.db.in @@ -0,0 +1,20 @@ +; Copyright (C) 2010 Internet Systems Consortium, Inc. ("ISC") +; +; Permission to use, copy, modify, and/or distribute this software for any +; purpose with or without fee is hereby granted, provided that the above +; copyright notice and this permission notice appear in all copies. +; +; THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH +; REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY +; AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, +; INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM +; LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +; OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR +; PERFORMANCE OF THIS SOFTWARE. + +; $Id: example.db.in,v 1.2.2.3 2010/12/07 23:46:26 tbox Exp $ + +example. 10 IN SOA example. hostmaster.example. 1 3600 900 2419200 3600 +example. 10 IN NS example. +example. 10 IN A 10.53.0.3 +example. 10 IN NSEC3PARAM 1 1 0 - diff --git a/bin/tests/system/nsupdate/ns3/named.conf b/bin/tests/system/nsupdate/ns3/named.conf new file mode 100644 index 00000000..60c81981 --- /dev/null +++ b/bin/tests/system/nsupdate/ns3/named.conf @@ -0,0 +1,56 @@ +/* + * Copyright (C) 2010 Internet Systems Consortium, Inc. ("ISC") + * + * Permission to use, copy, modify, and/or distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $Id: named.conf,v 1.2.2.3 2010/12/07 23:46:26 tbox Exp $ */ + +// NS1 + +controls { /* empty */ }; + +options { + query-source address 10.53.0.3; + notify-source 10.53.0.3; + transfer-source 10.53.0.3; + port 5300; + pid-file "named.pid"; + listen-on { 10.53.0.3; }; + listen-on-v6 { none; }; + recursion no; + notify yes; + dnssec-enable yes; + dnssec-validation yes; +}; + +/* +zone "." { + type master; + file "root.db.signed"; +}; +*/ + +// include "trusted.conf"; + +zone "example" { + type master; + allow-update { any; }; + file "example.db"; +}; + +zone "nsec3param.test" { + type master; + allow-update { any; }; + file "nsec3param.test.db.signed"; +}; diff --git a/bin/tests/system/nsupdate/ns3/nsec3param.test.db.in b/bin/tests/system/nsupdate/ns3/nsec3param.test.db.in new file mode 100644 index 00000000..e7ff0d79 --- /dev/null +++ b/bin/tests/system/nsupdate/ns3/nsec3param.test.db.in @@ -0,0 +1,20 @@ +; Copyright (C) 2010 Internet Systems Consortium, Inc. ("ISC") +; +; Permission to use, copy, modify, and/or distribute this software for any +; purpose with or without fee is hereby granted, provided that the above +; copyright notice and this permission notice appear in all copies. +; +; THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH +; REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY +; AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, +; INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM +; LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +; OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR +; PERFORMANCE OF THIS SOFTWARE. + +; $Id: nsec3param.test.db.in,v 1.2.2.3 2010/12/07 23:46:26 tbox Exp $ + +$TTL 10 +nsec3param.test. IN SOA nsec3param.test. hostmaster.nsec3param.test. 1 3600 900 2419200 3600 +nsec3param.test. IN NS nsec3param.test. +nsec3param.test. IN A 10.53.0.3 diff --git a/bin/tests/system/nsupdate/ns3/sign.sh b/bin/tests/system/nsupdate/ns3/sign.sh new file mode 100644 index 00000000..4da40d85 --- /dev/null +++ b/bin/tests/system/nsupdate/ns3/sign.sh @@ -0,0 +1,33 @@ +#!/bin/sh -e +# +# Copyright (C) 2010 Internet Systems Consortium, Inc. ("ISC") +# +# Permission to use, copy, modify, and/or distribute this software for any +# purpose with or without fee is hereby granted, provided that the above +# copyright notice and this permission notice appear in all copies. +# +# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH +# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY +# AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, +# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM +# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR +# PERFORMANCE OF THIS SOFTWARE. + +# $Id: sign.sh,v 1.2.2.2 2010/12/07 03:01:39 marka Exp $ + +SYSTEMTESTTOP=../.. +. $SYSTEMTESTTOP/conf.sh + +RANDFILE=../random.data + +zone=nsec3param.test. +infile=nsec3param.test.db.in +zonefile=nsec3param.test.db + +keyname1=`$KEYGEN -q -r $RANDFILE -a NSEC3RSASHA1 -b 1024 -n zone -f KSK $zone` +keyname2=`$KEYGEN -q -r $RANDFILE -a NSEC3RSASHA1 -b 1024 -n zone $zone` + +cat $infile $keyname1.key $keyname2.key >$zonefile + +$SIGNER -P -3 - -H 1 -r $RANDFILE -o $zone -k $keyname1 $zonefile $keyname2 > /dev/null diff --git a/bin/tests/system/nsupdate/setup.sh b/bin/tests/system/nsupdate/setup.sh index 8ade441e..80268357 100644 --- a/bin/tests/system/nsupdate/setup.sh +++ b/bin/tests/system/nsupdate/setup.sh @@ -1,6 +1,6 @@ #!/bin/sh # -# Copyright (C) 2004, 2007, 2009 Internet Systems Consortium, Inc. ("ISC") +# Copyright (C) 2004, 2007, 2009, 2010 Internet Systems Consortium, Inc. ("ISC") # Copyright (C) 2000, 2001 Internet Software Consortium. # # Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $Id: setup.sh,v 1.14 2009/12/04 03:33:15 marka Exp $ +# $Id: setup.sh,v 1.14.4.2 2010/12/07 23:46:26 tbox Exp $ SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh @@ -25,9 +25,11 @@ SYSTEMTESTTOP=.. # rm -f ns1/*.jnl ns1/example.db ns2/*.jnl ns2/example.bk +rm -f ns3/example.db.jnl cp -f ns1/example1.db ns1/example.db sed 's/example.nil/other.nil/g' ns1/example1.db > ns1/other.db +cp -f ns3/example.db.in ns3/example.db # update_test.pl has its own zone file because it # requires a specific NS record set. @@ -48,3 +50,5 @@ EOF ../../../tools/genrandom 400 random.data $DDNSCONFGEN -q -r random.data -z example.nil > ns1/ddns.key + +(cd ns3; sh -e sign.sh) diff --git a/bin/tests/system/nsupdate/tests.sh b/bin/tests/system/nsupdate/tests.sh index 4de05ba9..df660e2e 100644 --- a/bin/tests/system/nsupdate/tests.sh +++ b/bin/tests/system/nsupdate/tests.sh @@ -1,6 +1,6 @@ #!/bin/sh # -# Copyright (C) 2004, 2007, 2009 Internet Systems Consortium, Inc. ("ISC") +# Copyright (C) 2004, 2007, 2009, 2010 Internet Systems Consortium, Inc. ("ISC") # Copyright (C) 2000, 2001 Internet Software Consortium. # # Permission to use, copy, modify, and/or distribute this software for any @@ -15,12 +15,13 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $Id: tests.sh,v 1.28 2009/09/04 17:14:58 each Exp $ +# $Id: tests.sh,v 1.28.102.4 2010/12/07 03:01:38 marka Exp $ SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh status=0 +n=0 # wait for zone transfer to complete tries=0 @@ -61,8 +62,8 @@ update add updated.example.nil. 600 TXT Foo update delete t.example.nil. END -echo "I:sleeping 15 seconds for server to incorporate changes" -sleep 15 +echo "I:sleeping 5 seconds for server to incorporate changes" +sleep 5 echo "I:fetching first copy of zone after update" $DIG +tcp +noadd +nosea +nostat +noquest +nocomm +nocmd example.nil.\ @@ -98,6 +99,48 @@ post=`$DIG +short new.other.nil. @10.53.0.1 a -p 5300` || status=1 echo "I:comparing post-update copy to known good data" $PERL ../digcomp.pl knowngood.ns1.after dig.out.ns1 || status=1 +echo "I:testing zone consistency checks" +# inserting an NS record without a corresponding A or AAAA record should fail +$NSUPDATE -l -p 5300 -k ns1/session.key > nsupdate.out 2>&1 << END && status=1 +update add other.nil. 600 in ns ns3.other.nil. +send +END +grep REFUSED nsupdate.out > /dev/null 2>&1 || status=1 +# ...but should work if an A record is inserted first: +$NSUPDATE -l -p 5300 -k ns1/session.key > nsupdate.out 2>&1 << END || status=1 +update add ns4.other.nil 600 in a 10.53.0.1 +send +update add other.nil. 600 in ns ns4.other.nil. +send +END +grep REFUSED nsupdate.out > /dev/null 2>&1 && status=1 +# ...or if an AAAA record does: +$NSUPDATE -l -p 5300 -k ns1/session.key > nsupdate.out 2>&1 << END || status=1 +update add ns5.other.nil 600 in aaaa 2001:db8::1 +send +update add other.nil. 600 in ns ns5.other.nil. +send +END +grep REFUSED nsupdate.out > /dev/null 2>&1 && status=1 +# ...or if the NS and A/AAAA are inserted together: +$NSUPDATE -l -p 5300 -k ns1/session.key > nsupdate.out 2>&1 << END || status=1 +update add other.nil. 600 in ns ns6.other.nil. +update add ns6.other.nil 600 in a 10.53.0.1 +send +END +grep REFUSED nsupdate.out > /dev/null 2>&1 && status=1 + +echo "I:sleeping 5 seconds for server to incorporate changes" +sleep 5 + +echo "I:checking result of update" +$DIG +short @10.53.0.1 -p 5300 ns other.nil > dig.out.ns1 || status=1 +grep ns3.other.nil dig.out.ns1 > /dev/null 2>&1 && status=1 +grep ns4.other.nil dig.out.ns1 > /dev/null 2>&1 || status=1 +grep ns5.other.nil dig.out.ns1 > /dev/null 2>&1 || status=1 +grep ns6.other.nil dig.out.ns1 > /dev/null 2>&1 || status=1 + + if $PERL -e 'use Net::DNS;' 2>/dev/null then echo "I:running update.pl test" @@ -181,6 +224,90 @@ fi echo "I:end RT #482 regression test" +n=`expr $n + 1` +echo "I:start NSEC3PARAM changes via UPDATE on a unsigned zone test ($n)" +ret=0 +$NSUPDATE << EOF +server 10.53.0.3 5300 +update add example 3600 nsec3param 1 0 0 - +send +EOF + +sleep 1 + +# the zone is not signed. The nsec3param records should be removed. +# this also proves that the server is still running. +$DIG +tcp +noadd +nosea +nostat +noquest +nocmd +norec example.\ + @10.53.0.3 nsec3param -p 5300 > dig.out.ns3.$n || ret=1 +grep "ANSWER: 0" dig.out.ns3.$n > /dev/null || ret=1 +grep "flags:[^;]* aa[ ;]" dig.out.ns3.$n > /dev/null || ret=1 +if [ $ret != 0 ] ; then echo "I: failed"; status=`expr $ret + $status`; fi + +n=`expr $n + 1` +echo "I:change the NSEC3PARAM ttl via update ($n)" +ret=0 +$NSUPDATE << EOF +server 10.53.0.3 5300 +update add nsec3param.test 3600 NSEC3PARAM 1 0 1 - +send +EOF + +sleep 1 + +$DIG +tcp +noadd +nosea +nostat +noquest +nocmd +norec nsec3param.test.\ + @10.53.0.3 nsec3param -p 5300 > dig.out.ns3.$n || ret=1 +grep "ANSWER: 1" dig.out.ns3.$n > /dev/null || ret=1 +grep "3600.*NSEC3PARAM" dig.out.ns3.$n > /dev/null || ret=1 +grep "flags:[^;]* aa[ ;]" dig.out.ns3.$n > /dev/null || ret=1 +if [ $ret != 0 ] ; then echo "I: failed"; status=`expr $ret + $status`; fi + +n=`expr $n + 1` +echo "I:add a new the NSEC3PARAM via update ($n)" +ret=0 +$NSUPDATE << EOF +server 10.53.0.3 5300 +update add nsec3param.test 3600 NSEC3PARAM 1 0 4 - +send +EOF + +sleep 1 + +$DIG +tcp +noadd +nosea +nostat +noquest +nocmd +norec nsec3param.test.\ + @10.53.0.3 nsec3param -p 5300 > dig.out.ns3.$n || ret=1 +grep "ANSWER: 2" dig.out.ns3.$n > /dev/null || ret=1 +grep "NSEC3PARAM 1 0 4 -" dig.out.ns3.$n > /dev/null || ret=1 +grep "flags:[^;]* aa[ ;]" dig.out.ns3.$n > /dev/null || ret=1 +if [ $ret != 0 ] ; then echo "I: failed"; status=`expr $ret + $status`; fi + +n=`expr $n + 1` +echo "I:add, delete and change the ttl of the NSEC3PARAM rrset via update ($n)" +ret=0 +$NSUPDATE << EOF +server 10.53.0.3 5300 +update delete nsec3param.test NSEC3PARAM +update add nsec3param.test 7200 NSEC3PARAM 1 0 5 - +send +EOF + +sleep 1 + +$DIG +tcp +noadd +nosea +nostat +noquest +nocmd +norec nsec3param.test.\ + @10.53.0.3 nsec3param -p 5300 > dig.out.ns3.$n || ret=1 +grep "ANSWER: 1" dig.out.ns3.$n > /dev/null || ret=1 +grep "7200.*NSEC3PARAM 1 0 5 -" dig.out.ns3.$n > /dev/null || ret=1 +grep "flags:[^;]* aa[ ;]" dig.out.ns3.$n > /dev/null || ret=1 +$JOURNALPRINT ns3/nsec3param.test.db.signed.jnl > jp.out.ns3.$n +# intermediate TTL changes. +grep "add nsec3param.test. 7200 IN NSEC3PARAM 1 0 4 -" jp.out.ns3.$n > /dev/null || ret=1 +grep "add nsec3param.test. 7200 IN NSEC3PARAM 1 0 1 -" jp.out.ns3.$n > /dev/null || ret=1 +# delayed adds and deletes. +grep "add nsec3param.test. 0 IN TYPE65534 .# 6 000180000500" jp.out.ns3.$n > /dev/null || ret=1 +grep "add nsec3param.test. 0 IN TYPE65534 .# 6 000140000100" jp.out.ns3.$n > /dev/null || ret=1 +grep "add nsec3param.test. 0 IN TYPE65534 .# 6 000140000400" jp.out.ns3.$n > /dev/null || ret=1 +if [ $ret != 0 ] ; then echo "I: failed"; status=`expr $ret + $status`; fi + + + echo "I:testing that rndc stop updates the master file" $NSUPDATE -k ns1/ddns.key <<END > /dev/null || status=1 server 10.53.0.1 5300 @@ -197,5 +324,15 @@ $DIG +tcp +noadd +nosea +nostat +noquest +nocomm +nocmd updated4.example.nil.\ @10.53.0.1 a -p 5300 > dig.out.ns1 || status=1 $PERL ../digcomp.pl knowngood.ns1.afterstop dig.out.ns1 || status=1 +ret=0 +echo "I:check that 'nsupdate -l' with a missing keyfile reports the missing file" +$NSUPDATE -l -p 5300 -k ns1/nonexistant.key 2> nsupdate.out < /dev/null +grep ns1/nonexistant.key nsupdate.out > /dev/null || ret=1 +if test $ret -ne 0 +then +echo "I:failed"; status=1 +fi + + echo "I:exit status: $status" exit $status diff --git a/bin/tests/system/resolver/clean.sh b/bin/tests/system/resolver/clean.sh index 02d4779a..d7530ff0 100644 --- a/bin/tests/system/resolver/clean.sh +++ b/bin/tests/system/resolver/clean.sh @@ -14,7 +14,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $Id: clean.sh,v 1.3.310.2 2010/11/17 23:46:50 tbox Exp $ +# $Id: clean.sh,v 1.3.142.2 2010/11/17 23:46:31 tbox Exp $ # # Clean up after resolver tests. diff --git a/bin/tests/system/resolver/ns4/named.conf b/bin/tests/system/resolver/ns4/named.conf index 4bbd79f8..5c7ba74d 100644 --- a/bin/tests/system/resolver/ns4/named.conf +++ b/bin/tests/system/resolver/ns4/named.conf @@ -14,7 +14,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: named.conf,v 1.2.4.2 2010/09/15 12:13:29 marka Exp $ */ +/* $Id: named.conf,v 1.2.2.2 2010/09/15 12:10:53 marka Exp $ */ // NS4 diff --git a/bin/tests/system/resolver/ns4/named.noaa b/bin/tests/system/resolver/ns4/named.noaa index 971ef25b..634aea22 100644 --- a/bin/tests/system/resolver/ns4/named.noaa +++ b/bin/tests/system/resolver/ns4/named.noaa @@ -1,6 +1,6 @@ Copyright (C) 2010 Internet Systems Consortium, Inc. ("ISC") See COPYRIGHT in the source root or http://isc.org/copyright.html for terms. -$Id: named.noaa,v 1.2.4.2 2010/09/15 12:13:29 marka Exp $ +$Id: named.noaa,v 1.2.2.2 2010/09/15 12:10:53 marka Exp $ Add -T noaa. diff --git a/bin/tests/system/resolver/ns4/root.db b/bin/tests/system/resolver/ns4/root.db index e8f91aff..76881dc1 100644 --- a/bin/tests/system/resolver/ns4/root.db +++ b/bin/tests/system/resolver/ns4/root.db @@ -12,7 +12,7 @@ ; OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR ; PERFORMANCE OF THIS SOFTWARE. -; $Id: root.db,v 1.2.4.2 2010/09/15 12:13:30 marka Exp $ +; $Id: root.db,v 1.2.2.2 2010/09/15 12:10:54 marka Exp $ $TTL 300 . IN SOA marka.isc.org. a.root.servers.nil. ( diff --git a/bin/tests/system/resolver/ns5/named.conf b/bin/tests/system/resolver/ns5/named.conf index c4ca22a6..b6c03eda 100644 --- a/bin/tests/system/resolver/ns5/named.conf +++ b/bin/tests/system/resolver/ns5/named.conf @@ -14,7 +14,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: named.conf,v 1.2.4.2 2010/09/15 12:13:30 marka Exp $ */ +/* $Id: named.conf,v 1.2.2.2 2010/09/15 12:10:54 marka Exp $ */ // NS4 diff --git a/bin/tests/system/resolver/ns5/root.hint b/bin/tests/system/resolver/ns5/root.hint index 0532f39c..53e3e061 100644 --- a/bin/tests/system/resolver/ns5/root.hint +++ b/bin/tests/system/resolver/ns5/root.hint @@ -12,7 +12,7 @@ ; OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR ; PERFORMANCE OF THIS SOFTWARE. -; $Id: root.hint,v 1.2.4.2 2010/09/15 12:13:30 marka Exp $ +; $Id: root.hint,v 1.2.2.2 2010/09/15 12:10:54 marka Exp $ $TTL 999999 . IN NS a.root-servers.nil. diff --git a/bin/tests/system/resolver/ns6/example.net.db.in b/bin/tests/system/resolver/ns6/example.net.db.in index 23202c73..b0a2b2ea 100644 --- a/bin/tests/system/resolver/ns6/example.net.db.in +++ b/bin/tests/system/resolver/ns6/example.net.db.in @@ -12,7 +12,7 @@ ; OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR ; PERFORMANCE OF THIS SOFTWARE. -; $Id: example.net.db.in,v 1.2.2.3 2010/11/17 23:46:50 tbox Exp $ +; $Id: example.net.db.in,v 1.2.4.3 2010/11/17 23:46:32 tbox Exp $ $TTL 600 @ IN SOA ns hostmaster 1 1800 900 604800 600 diff --git a/bin/tests/system/resolver/ns6/keygen.sh b/bin/tests/system/resolver/ns6/keygen.sh index fe146925..cb15f4b6 100644 --- a/bin/tests/system/resolver/ns6/keygen.sh +++ b/bin/tests/system/resolver/ns6/keygen.sh @@ -14,7 +14,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $Id: keygen.sh,v 1.2.2.2 2010/11/16 07:04:08 marka Exp $ +# $Id: keygen.sh,v 1.2.4.2 2010/11/16 07:28:37 marka Exp $ SYSTEMTESTTOP=../.. . $SYSTEMTESTTOP/conf.sh diff --git a/bin/tests/system/resolver/ns6/named.conf b/bin/tests/system/resolver/ns6/named.conf index bab70d2a..19122f70 100644 --- a/bin/tests/system/resolver/ns6/named.conf +++ b/bin/tests/system/resolver/ns6/named.conf @@ -14,7 +14,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: named.conf,v 1.2.2.2 2010/11/16 07:04:09 marka Exp $ */ +/* $Id: named.conf,v 1.2.4.2 2010/11/16 07:28:37 marka Exp $ */ // NS4 diff --git a/bin/tests/system/resolver/ns6/root.db b/bin/tests/system/resolver/ns6/root.db index 797ee553..e8a18f54 100644 --- a/bin/tests/system/resolver/ns6/root.db +++ b/bin/tests/system/resolver/ns6/root.db @@ -12,7 +12,7 @@ ; OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR ; PERFORMANCE OF THIS SOFTWARE. -; $Id: root.db,v 1.2.2.2 2010/11/16 07:04:09 marka Exp $ +; $Id: root.db,v 1.2.4.2 2010/11/16 07:28:37 marka Exp $ $TTL 300 . IN SOA marka.isc.org. a.root.servers.nil. ( diff --git a/bin/tests/system/resolver/ns7/named.conf b/bin/tests/system/resolver/ns7/named.conf index 45b5abce..c421a90b 100644 --- a/bin/tests/system/resolver/ns7/named.conf +++ b/bin/tests/system/resolver/ns7/named.conf @@ -14,7 +14,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: named.conf,v 1.2.2.2 2010/11/16 07:04:09 marka Exp $ */ +/* $Id: named.conf,v 1.2.4.2 2010/11/16 07:28:37 marka Exp $ */ // NS4 diff --git a/bin/tests/system/resolver/ns7/root.hint b/bin/tests/system/resolver/ns7/root.hint index 25095ca3..b2323999 100644 --- a/bin/tests/system/resolver/ns7/root.hint +++ b/bin/tests/system/resolver/ns7/root.hint @@ -12,7 +12,7 @@ ; OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR ; PERFORMANCE OF THIS SOFTWARE. -; $Id: root.hint,v 1.2.2.2 2010/11/16 07:04:09 marka Exp $ +; $Id: root.hint,v 1.2.4.2 2010/11/16 07:28:37 marka Exp $ $TTL 999999 . IN NS a.root-servers.nil. diff --git a/bin/tests/system/resolver/setup.sh b/bin/tests/system/resolver/setup.sh index b99baec9..a665c25d 100644 --- a/bin/tests/system/resolver/setup.sh +++ b/bin/tests/system/resolver/setup.sh @@ -14,7 +14,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $Id: setup.sh,v 1.2.2.3 2010/11/17 23:46:50 tbox Exp $ +# $Id: setup.sh,v 1.2.4.3 2010/11/17 23:46:31 tbox Exp $ ../../../tools/genrandom 400 random.data diff --git a/bin/tests/system/resolver/tests.sh b/bin/tests/system/resolver/tests.sh index c3bf13a9..0d9365b7 100644 --- a/bin/tests/system/resolver/tests.sh +++ b/bin/tests/system/resolver/tests.sh @@ -15,7 +15,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $Id: tests.sh,v 1.11.142.2.18.4 2010/11/16 07:04:08 marka Exp $ +# $Id: tests.sh,v 1.11.142.6 2010/11/16 07:28:37 marka Exp $ SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh diff --git a/bin/tests/system/start.pl b/bin/tests/system/start.pl index b4afa2b3..54498f02 100644 --- a/bin/tests/system/start.pl +++ b/bin/tests/system/start.pl @@ -15,7 +15,7 @@ # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR # PERFORMANCE OF THIS SOFTWARE. -# $Id: start.pl,v 1.13.396.2.8.1 2010/09/15 12:13:29 marka Exp $ +# $Id: start.pl,v 1.13.396.3 2010/09/15 12:10:53 marka Exp $ # Framework for starting test servers. # Based on the type of server specified, check for port availability, remove diff --git a/bin/tests/system/tkey/keydelete.c b/bin/tests/system/tkey/keydelete.c index 24bb0b3c..373472a9 100644 --- a/bin/tests/system/tkey/keydelete.c +++ b/bin/tests/system/tkey/keydelete.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2005, 2007, 2009 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005, 2007, 2009, 2010 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2001 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: keydelete.c,v 1.13 2009/07/19 23:47:55 tbox Exp $ */ +/* $Id: keydelete.c,v 1.13.126.3 2010/12/09 01:05:28 marka Exp $ */ #include <config.h> @@ -232,6 +232,7 @@ main(int argc, char **argv) { DNS_TSIG_HMACMD5_NAME, dstkey, ISC_TRUE, NULL, 0, 0, mctx, ring, &tsigkey); + dst_key_free(&dstkey); CHECK("dns_tsigkey_createfromkey", result); (void)isc_app_run(); |