Commit 146202d6 authored by Mark Andrews's avatar Mark Andrews
Browse files

Check delv TTLs.

parent 68851ddb
......@@ -30,6 +30,29 @@ mdig_with_opts() {
"$MDIG" -p "$PORT" "$@"
}
# Check if response in file $1 has the correct TTL range.
# The response record must have RRtype $2 and class IN (CLASS1).
# Maximum TTL is given by $3. This works in most cases where TTL is
# the second word on the line. TTL position can be adjusted with
# setting the position $4, but that requires updating this function.
check_ttl_range() {
file=$1
pos=$4
case "$pos" in
"3")
awk -v rrtype="$2" -v ttl="$3" '($4 == "IN" || $4 == "CLASS1" ) && $5 == rrtype { if ($3 <= ttl) { ok=1 } } END { exit(ok?0:1) }' < $file
;;
*)
awk -v rrtype="$2" -v ttl="$3" '($3 == "IN" || $3 == "CLASS1" ) && $4 == rrtype { if ($2 <= ttl) { ok=1 } } END { exit(ok?0:1) }' < $file
;;
esac
result=$?
[ $result -eq 0 ] || echo_i "ttl check failed"
return $result
}
# using delv insecure mode as not testing dnssec here
delv_with_opts() {
"$DELV" -i -p "$PORT" "$@"
......@@ -615,6 +638,7 @@ if [ -x "$DELV" ] ; then
ret=0
delv_with_opts @10.53.0.3 +split=4 -t sshfp foo.example > delv.out.test$n || ret=1
grep " 9ABC DEF6 7890 " < delv.out.test$n > /dev/null || ret=1
check_ttl_range delv.out.test$n "SSHFP" 300 || ret=1
if [ $ret -ne 0 ]; then echo_i "failed"; fi
status=$((status+ret))
......@@ -623,6 +647,7 @@ if [ -x "$DELV" ] ; then
ret=0
delv_with_opts @10.53.0.3 +unknownformat a a.example > delv.out.test$n || ret=1
grep "CLASS1[ ][ ]*TYPE1[ ][ ]*\\\\# 4 0A000001" < delv.out.test$n > /dev/null || ret=1
check_ttl_range delv.out.test$n "TYPE1" 300 || ret=1
if [ $ret -ne 0 ]; then echo_i "failed"; fi
status=$((status+ret))
......@@ -676,6 +701,7 @@ if [ -x "$DELV" ] ; then
delv_with_opts @10.53.0.3 -x 127.0.0.1 > delv.out.test$n 2>&1 || ret=1
# doesn't matter if has answer
grep -i "127\\.in-addr\\.arpa\\." < delv.out.test$n > /dev/null || ret=1
check_ttl_range delv.out.test$n '\\-ANY' 10800 3 || ret=1
if [ $ret -ne 0 ]; then echo_i "failed"; fi
status=$((status+ret))
......@@ -684,6 +710,7 @@ if [ -x "$DELV" ] ; then
ret=0
delv_with_opts +tcp @10.53.0.3 a a.example > delv.out.test$n || ret=1
grep "10\\.0\\.0\\.1$" < delv.out.test$n > /dev/null || ret=1
check_ttl_range delv.out.test$n "A" 300 || ret=1
if [ $ret -ne 0 ]; then echo_i "failed"; fi
status=$((status+ret))
......@@ -692,6 +719,7 @@ if [ -x "$DELV" ] ; then
ret=0
delv_with_opts +tcp @10.53.0.3 +multi +norrcomments DNSKEY dnskey.example > delv.out.test$n || ret=1
grep "; ZSK; alg = $DEFAULT_ALGORITHM ; key id = $KEYID" < delv.out.test$n > /dev/null && ret=1
check_ttl_range delv.out.test$n "DNSKEY" 300 || ret=1
if [ $ret -ne 0 ]; then echo_i "failed"; fi
status=$((status+ret))
......@@ -700,6 +728,7 @@ if [ -x "$DELV" ] ; then
ret=0
delv_with_opts +tcp @10.53.0.3 +multi +norrcomments SOA example > delv.out.test$n || ret=1
grep "; ZSK; alg = $DEFAULT_ALGORITHM ; key id = $KEYID" < delv.out.test$n > /dev/null && ret=1
check_ttl_range delv.out.test$n "SOA" 300 || ret=1
if [ $ret -ne 0 ]; then echo_i "failed"; fi
status=$((status+ret))
......@@ -708,6 +737,7 @@ if [ -x "$DELV" ] ; then
ret=0
delv_with_opts +tcp @10.53.0.3 +rrcomments DNSKEY dnskey.example > delv.out.test$n || ret=1
grep "; ZSK; alg = $DEFAULT_ALGORITHM ; key id = $KEYID" < delv.out.test$n > /dev/null || ret=1
check_ttl_range delv.out.test$n "DNSKEY" 300 || ret=1
if [ $ret -ne 0 ]; then echo_i "failed"; fi
status=$((status+ret))
......@@ -752,6 +782,7 @@ if [ -x "$DELV" ] ; then
ret=0
delv_with_opts @10.53.0.3 +sp=4 -t sshfp foo.example > delv.out.test$n || ret=1
grep " 9ABC DEF6 7890 " < delv.out.test$n > /dev/null || ret=1
check_ttl_range delv.out.test$n "SSHFP" 300 || ret=1
if [ $ret -ne 0 ]; then echo_i "failed"; fi
status=$((status+ret))
......@@ -768,6 +799,7 @@ if [ -x "$DELV" ] ; then
ret=0
delv_with_opts @10.53.0.3 -c IN -t a a.example > delv.out.test$n || ret=1
grep "a.example." < delv.out.test$n > /dev/null || ret=1
check_ttl_range delv.out.test$n "A" 300 || ret=1
if [ $ret -ne 0 ]; then echo_i "failed"; fi
status=$((status+ret))
......@@ -776,6 +808,7 @@ if [ -x "$DELV" ] ; then
ret=0
delv_with_opts @10.53.0.3 -c CH -t a a.example > delv.out.test$n || ret=1
grep "a.example." < delv.out.test$n > /dev/null || ret=1
check_ttl_range delv.out.test$n "A" 300 || ret=1
if [ $ret -ne 0 ]; then echo_i "failed"; fi
status=$((status+ret))
......@@ -784,6 +817,7 @@ if [ -x "$DELV" ] ; then
ret=0
delv_with_opts @10.53.0.3 -c CH -t a a.example > delv.out.test$n || ret=1
grep "a.example." < delv.out.test$n > /dev/null || ret=1
check_ttl_range delv.out.test$n "A" 300 || ret=1
if [ $ret -ne 0 ]; then echo_i "failed"; fi
status=$((status+ret))
......@@ -794,6 +828,7 @@ if [ -x "$DELV" ] ; then
grep '^; -m\..*[0-9]*.*IN.*ANY.*;' delv.out.test$n > /dev/null || ret=1
grep "^add " delv.out.test$n > /dev/null && ret=1
grep "^del " delv.out.test$n > /dev/null && ret=1
check_ttl_range delv.out.test$n '\\-ANY' 300 3 || ret=1
if [ $ret -ne 0 ]; then echo_i "failed"; fi
status=$((status+ret))
else
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment