tests.sh 5.54 KB
Newer Older
Evan Hunt's avatar
Evan Hunt committed
1 2
#!/bin/sh -e
#
3
# Copyright (C) Internet Systems Consortium, Inc. ("ISC")
Evan Hunt's avatar
Evan Hunt committed
4 5 6 7
#
# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
8 9 10
#
# See the COPYRIGHT file distributed with this work for additional
# information regarding copyright ownership.
Evan Hunt's avatar
Evan Hunt committed
11

12
. ../conf.sh
13

Evan Hunt's avatar
Evan Hunt committed
14
status=0
15 16
n=0
fail() {
Evan Hunt's avatar
Evan Hunt committed
17
	echo_i "failed"
18 19 20 21 22 23
	status=`expr $status + 1`
}

runcmd() {
        "$@" 1> out.$n 2> err.$n
	echo $?
Evan Hunt's avatar
Evan Hunt committed
24
}
Evan Hunt's avatar
Evan Hunt committed
25

26 27
testcase() {
	n=`expr $n + 1`
Evan Hunt's avatar
Evan Hunt committed
28
	echo_i "$name ($n)"
29
	expect=$1
Evan Hunt's avatar
Evan Hunt committed
30
	shift
31 32 33 34
	result=`runcmd "$@"`
	check_stdout
	check_stderr
	if [ "$expect" -ne "$result" ]; then
35
                echo_d "exit status does not match $expect"
36
		fail
Evan Hunt's avatar
Evan Hunt committed
37
	fi
38
        unset name err out
Evan Hunt's avatar
Evan Hunt committed
39
}
Evan Hunt's avatar
Evan Hunt committed
40

41 42 43 44 45
check_stderr() {
	if [ -n "${err:=}" ]; then
		egrep "$err" err.$n >/dev/null && return 0
	else
		[ -s err.$n ] || return 0
Evan Hunt's avatar
Evan Hunt committed
46
	fi
47 48
	echo_d "stderr did not match '$err'"
	cat err.$n | cat_d
49
	fail
Evan Hunt's avatar
Evan Hunt committed
50
}
Evan Hunt's avatar
Evan Hunt committed
51

52
check_stdout() {
Evan Hunt's avatar
Evan Hunt committed
53
	$DIFF out.$n "${out:-empty}" >/dev/null && return
54
	echo_d "stdout did not match '$out'"
Evan Hunt's avatar
Evan Hunt committed
55 56 57
	(	echo "wanted"
		cat "$out"
		echo "got"
58
		cat out.$n
59
	) | cat_d
60
	fail
Evan Hunt's avatar
Evan Hunt committed
61 62 63 64 65 66
}

Z=cds.test

name='usage'
err='Usage'
67
testcase 1 $CDS
Evan Hunt's avatar
Evan Hunt committed
68 69 70

name='need a DS file'
err='DS pathname'
71
testcase 1 $CDS $Z
Evan Hunt's avatar
Evan Hunt committed
72 73 74

name='name of dsset in directory'
err="./dsset-$Z.: file not found"
75
testcase 1 $CDS -d . $Z
Evan Hunt's avatar
Evan Hunt committed
76 77 78

name='load a file'
err='could not find DS records'
79
testcase 1 $CDS -d empty $Z
Evan Hunt's avatar
Evan Hunt committed
80 81 82

name='load DS records'
err='path to file containing child data must be specified'
83
testcase 1 $CDS -d DS.1 $Z
Evan Hunt's avatar
Evan Hunt committed
84 85 86

name='missing DNSKEY'
err='could not find signed DNSKEY RRset'
87
testcase 1 $CDS -f db.null -d DS.1 $Z
Evan Hunt's avatar
Evan Hunt committed
88 89 90

name='sigs too old'
err='could not validate child DNSKEY RRset'
91
testcase 1 $CDS -f sig.null -d DS.1 $Z
Evan Hunt's avatar
Evan Hunt committed
92 93 94

name='sigs too old, verbosely'
err='skip RRSIG by key [0-9]+: too old'
95
testcase 1 $CDS -v1 -f sig.null -d DS.1 $Z
Evan Hunt's avatar
Evan Hunt committed
96 97 98 99

name='old sigs are allowed'
err='found RRSIG by key'
out=DS.1
100
testcase 0 $CDS -v1 -s -7200 -f sig.null -d DS.1 $Z
Evan Hunt's avatar
Evan Hunt committed
101 102 103

name='no CDS/CDNSKEY records'
out=DS.1
104
testcase 0 $CDS -s -7200 -f sig.null -d DS.1 $Z
Evan Hunt's avatar
Evan Hunt committed
105 106 107 108

name='no child records, verbosely'
err='has neither CDS nor CDNSKEY records'
out=DS.1
109
testcase 0 $CDS -v1 -s -7200 -f sig.null -d DS.1 $Z
Evan Hunt's avatar
Evan Hunt committed
110 111 112

name='unsigned CDS'
err='missing RRSIG CDS records'
113
testcase 1 $CDS -f brk.unsigned-cds -d DS.1 $Z
Evan Hunt's avatar
Evan Hunt committed
114 115 116

name='correct signature inception time'
$CDS -v3 -s -7200 -f sig.cds.1 -d DS.1 $Z 1>xout 2>xerr
117
testcase 0 $PERL checktime.pl 3600 xerr
Evan Hunt's avatar
Evan Hunt committed
118 119

name='in-place reads modification time'
120
testcase 0 $CDS -f sig.cds.1 -i.bak -d DS.inplace $Z
Evan Hunt's avatar
Evan Hunt committed
121 122

name='in-place output correct modification time'
123
testcase 0 $PERL checkmtime.pl 3600 DS.inplace
Evan Hunt's avatar
Evan Hunt committed
124 125

name='in-place backup correct modification time'
126
testcase 0 $PERL checkmtime.pl 7200 DS.inplace.bak
Evan Hunt's avatar
Evan Hunt committed
127 128

name='in-place correct output'
Evan Hunt's avatar
Evan Hunt committed
129
testcase 0 $DIFF DS.1 DS.inplace
Evan Hunt's avatar
Evan Hunt committed
130 131

name='in-place backup unmodified'
Evan Hunt's avatar
Evan Hunt committed
132
testcase 0 $DIFF DS.1 DS.inplace.bak
Evan Hunt's avatar
Evan Hunt committed
133 134 135 136

name='one mangled DS'
err='found RRSIG by key'
out=DS.1
137
testcase 0 $CDS -v1 -s -7200 -f sig.cds.1 -d DS.broke1 $Z
Evan Hunt's avatar
Evan Hunt committed
138 139 140 141

name='other mangled DS'
err='found RRSIG by key'
out=DS.1
142
testcase 0 $CDS -v1 -s -7200 -f sig.cds.1 -d DS.broke2 $Z
Evan Hunt's avatar
Evan Hunt committed
143 144 145

name='both mangled DS'
err='could not validate child DNSKEY RRset'
146
testcase 1 $CDS -v1 -s -7200 -f sig.cds.1 -d DS.broke12 $Z
Evan Hunt's avatar
Evan Hunt committed
147 148 149 150

name='mangle RRSIG CDS by ZSK'
err='found RRSIG by key'
out=DS.1
151
testcase 0 $CDS -v1 -s -7200 -f brk.rrsig.cds.zsk -d DS.1 $Z
Evan Hunt's avatar
Evan Hunt committed
152 153 154

name='mangle RRSIG CDS by KSK'
err='could not validate child CDS RRset'
155
testcase 1 $CDS -v1 -s -7200 -f brk.rrsig.cds.ksk -d DS.1 $Z
Evan Hunt's avatar
Evan Hunt committed
156 157 158

name='mangle CDS 1'
err='could not validate child DNSKEY RRset with new DS records'
159
testcase 1 $CDS -s -7200 -f sig.cds-mangled -d DS.1 $Z
Evan Hunt's avatar
Evan Hunt committed
160 161 162

name='inconsistent digests'
err='do not cover each key with the same set of digest types'
163
testcase 1 $CDS -s -7200 -f sig.bad-digests -d DS.1 $Z
Evan Hunt's avatar
Evan Hunt committed
164 165 166

name='inconsistent algorithms'
err='missing signature for algorithm'
167
testcase 1 $CDS -s -7200 -f sig.bad-algos -d DS.1 $Z
Evan Hunt's avatar
Evan Hunt committed
168 169 170 171 172

name='add DS records'
out=DS.both
$CDS -s -7200 -f sig.cds.both -d DS.1 $Z >DS.out
# sort to allow for numerical vs lexical order of key tags
173
testcase 0 sort DS.out
Evan Hunt's avatar
Evan Hunt committed
174 175 176

name='update add'
out=UP.add2
177
testcase 0 $CDS -u -s -7200 -f sig.cds.both -d DS.1 $Z
Evan Hunt's avatar
Evan Hunt committed
178 179 180

name='remove DS records'
out=DS.2
181
testcase 0 $CDS -s -7200 -f sig.cds.2 -d DS.both $Z
Evan Hunt's avatar
Evan Hunt committed
182 183 184

name='update del'
out=UP.del1
185
testcase 0 $CDS -u -s -7200 -f sig.cds.2 -d DS.both $Z
Evan Hunt's avatar
Evan Hunt committed
186 187 188

name='swap DS records'
out=DS.2
189
testcase 0 $CDS -s -7200 -f sig.cds.2 -d DS.1 $Z
Evan Hunt's avatar
Evan Hunt committed
190 191 192

name='update swap'
out=UP.swap
193
testcase 0 $CDS -u -s -7200 -f sig.cds.2 -d DS.1 $Z
Evan Hunt's avatar
Evan Hunt committed
194 195 196

name='TTL from -T'
out=DS.ttl2
197
testcase 0 $CDS -T 3600 -s -7200 -f sig.cds.2 -d DS.1 $Z
Evan Hunt's avatar
Evan Hunt committed
198 199 200

name='update TTL from -T'
out=UP.swapttl
201
testcase 0 $CDS -u -T 3600 -s -7200 -f sig.cds.2 -d DS.1 $Z
Evan Hunt's avatar
Evan Hunt committed
202 203 204

name='update TTL from dsset'
out=UP.swapttl
205
testcase 0 $CDS -u -s -7200 -f sig.cds.2 -d DS.ttl1 $Z
Evan Hunt's avatar
Evan Hunt committed
206 207 208

name='TTL from -T overrides dsset'
out=DS.ttlong2
209
testcase 0 $CDS -T 7200 -s -7200 -f sig.cds.2 -d DS.ttl1 $Z
Evan Hunt's avatar
Evan Hunt committed
210 211 212

name='stable DS record order (changes)'
out=DS.1
213
testcase 0 $CDS -s -7200 -f sig.cds.rev1 -d DS.2 $Z
Evan Hunt's avatar
Evan Hunt committed
214 215 216

name='CDNSKEY default algorithm'
out=DS.2-2
217
testcase 0 $CDS -s -7200 -f sig.cdnskey.2 -d DS.1 $Z
Evan Hunt's avatar
Evan Hunt committed
218 219 220

name='CDNSKEY SHA1'
out=DS.2-1
221
testcase 0 $CDS -a SHA1 -s -7200 -f sig.cdnskey.2 -d DS.1 $Z
Evan Hunt's avatar
Evan Hunt committed
222 223 224

name='CDNSKEY two algorithms'
out=DS.2
225
testcase 0 $CDS -a SHA1 -a SHA256 -s -7200 -f sig.cdnskey.2 -d DS.1 $Z
Evan Hunt's avatar
Evan Hunt committed
226 227 228

name='CDNSKEY two algorithms, reversed'
out=DS.2
229
testcase 0 $CDS -a SHA256 -a SHA1 -s -7200 -f sig.cdnskey.2 -d DS.1 $Z
Evan Hunt's avatar
Evan Hunt committed
230 231 232

name='CDNSKEY and CDS'
out=DS.2
233
testcase 0 $CDS -s -7200 -f sig.cds.cdnskey.2 -d DS.1 $Z
Evan Hunt's avatar
Evan Hunt committed
234 235 236

name='prefer CDNSKEY'
out=DS.2-2
237
testcase 0 $CDS -D -s -7200 -f sig.cds.cdnskey.2 -d DS.1 $Z
Evan Hunt's avatar
Evan Hunt committed
238

Evan Hunt's avatar
Evan Hunt committed
239
echo_i "exit status: $status"
240
[ $status -eq 0 ] || exit 1