Check delv TTLs.

146202d6 · Mark Andrews · 68851ddb · 146202d6
Commit 146202d6 authored Apr 01, 2019 by Mark Andrews
Hide whitespace changes
Inline Side-by-side

Showing with 35 additions and 0 deletions

bin/tests/system/digdelv/tests.sh bin/tests/system/digdelv/tests.sh +35 -0

No files found.
--- a/bin/tests/system/digdelv/tests.sh
+++ b/bin/tests/system/digdelv/tests.sh
@@ -30,6 +30,29 @@ mdig_with_opts() {
    "$MDIG" -p "$PORT" "$@"
 }

+# Check if response in file $1 has the correct TTL range.
+# The response record must have RRtype $2 and class IN (CLASS1).
+# Maximum TTL is given by $3.  This works in most cases where TTL is
+# the second word on the line.  TTL position can be adjusted with
+# setting the position $4, but that requires updating this function.
+check_ttl_range() {
+    file=$1
+    pos=$4
+
+    case "$pos" in
+    "3")
+    awk -v rrtype="$2" -v ttl="$3" '($4 == "IN" || $4 == "CLASS1" ) && $5 == rrtype { if ($3 <= ttl) { ok=1 } } END { exit(ok?0:1) }' < $file
+    ;;
+    *)
+    awk -v rrtype="$2" -v ttl="$3" '($3 == "IN" || $3 == "CLASS1" ) && $4 == rrtype { if ($2 <= ttl) { ok=1 } } END { exit(ok?0:1) }' < $file
+    ;;
+    esac
+
+   result=$?
+   [ $result -eq 0 ] || echo_i "ttl check failed"
+   return $result
+}
+
 # using delv insecure mode as not testing dnssec here
 delv_with_opts() {
    "$DELV" -i -p "$PORT" "$@"
@@ -615,6 +638,7 @@ if [ -x "$DELV" ] ; then
  ret=0
  delv_with_opts @10.53.0.3 +split=4 -t sshfp foo.example > delv.out.test$n || ret=1
  grep " 9ABC DEF6 7890 " < delv.out.test$n > /dev/null || ret=1
+  check_ttl_range delv.out.test$n "SSHFP" 300 || ret=1
  if [ $ret -ne 0 ]; then echo_i "failed"; fi
  status=$((status+ret))

@@ -623,6 +647,7 @@ if [ -x "$DELV" ] ; then
  ret=0
  delv_with_opts @10.53.0.3 +unknownformat a a.example > delv.out.test$n || ret=1
  grep "CLASS1[ 	][ 	]*TYPE1[ 	][ 	]*\\\\# 4 0A000001" < delv.out.test$n > /dev/null || ret=1
+  check_ttl_range delv.out.test$n "TYPE1" 300 || ret=1
  if [ $ret -ne 0 ]; then echo_i "failed"; fi
  status=$((status+ret))

@@ -676,6 +701,7 @@ if [ -x "$DELV" ] ; then
  delv_with_opts @10.53.0.3 -x 127.0.0.1 > delv.out.test$n 2>&1 || ret=1
  # doesn't matter if has answer
  grep -i "127\\.in-addr\\.arpa\\." < delv.out.test$n > /dev/null || ret=1
+  check_ttl_range delv.out.test$n '\\-ANY' 10800 3 || ret=1
  if [ $ret -ne 0 ]; then echo_i "failed"; fi
  status=$((status+ret))

@@ -684,6 +710,7 @@ if [ -x "$DELV" ] ; then
  ret=0
  delv_with_opts +tcp @10.53.0.3 a a.example > delv.out.test$n || ret=1
  grep "10\\.0\\.0\\.1$" < delv.out.test$n > /dev/null || ret=1
+  check_ttl_range delv.out.test$n "A" 300 || ret=1
  if [ $ret -ne 0 ]; then echo_i "failed"; fi
  status=$((status+ret))

@@ -692,6 +719,7 @@ if [ -x "$DELV" ] ; then
  ret=0
  delv_with_opts +tcp @10.53.0.3 +multi +norrcomments DNSKEY dnskey.example > delv.out.test$n || ret=1
  grep "; ZSK; alg = $DEFAULT_ALGORITHM ; key id = $KEYID" < delv.out.test$n > /dev/null && ret=1
+  check_ttl_range delv.out.test$n "DNSKEY" 300 || ret=1
  if [ $ret -ne 0 ]; then echo_i "failed"; fi
  status=$((status+ret))

@@ -700,6 +728,7 @@ if [ -x "$DELV" ] ; then
  ret=0
  delv_with_opts +tcp @10.53.0.3 +multi +norrcomments SOA example > delv.out.test$n || ret=1
  grep "; ZSK; alg = $DEFAULT_ALGORITHM ; key id = $KEYID" < delv.out.test$n > /dev/null && ret=1
+  check_ttl_range delv.out.test$n "SOA" 300 || ret=1
  if [ $ret -ne 0 ]; then echo_i "failed"; fi
  status=$((status+ret))

@@ -708,6 +737,7 @@ if [ -x "$DELV" ] ; then
  ret=0
  delv_with_opts +tcp @10.53.0.3 +rrcomments DNSKEY dnskey.example > delv.out.test$n || ret=1
  grep "; ZSK; alg = $DEFAULT_ALGORITHM ; key id = $KEYID" < delv.out.test$n > /dev/null || ret=1
+  check_ttl_range delv.out.test$n "DNSKEY" 300 || ret=1
  if [ $ret -ne 0 ]; then echo_i "failed"; fi
  status=$((status+ret))

@@ -752,6 +782,7 @@ if [ -x "$DELV" ] ; then
  ret=0
  delv_with_opts @10.53.0.3 +sp=4 -t sshfp foo.example > delv.out.test$n || ret=1
  grep " 9ABC DEF6 7890 " < delv.out.test$n > /dev/null || ret=1
+  check_ttl_range delv.out.test$n "SSHFP" 300 || ret=1
  if [ $ret -ne 0 ]; then echo_i "failed"; fi
  status=$((status+ret))

@@ -768,6 +799,7 @@ if [ -x "$DELV" ] ; then
  ret=0
  delv_with_opts @10.53.0.3 -c IN -t a a.example > delv.out.test$n || ret=1
  grep "a.example." < delv.out.test$n > /dev/null || ret=1
+  check_ttl_range delv.out.test$n "A" 300 || ret=1
  if [ $ret -ne 0 ]; then echo_i "failed"; fi
  status=$((status+ret))

@@ -776,6 +808,7 @@ if [ -x "$DELV" ] ; then
  ret=0
  delv_with_opts @10.53.0.3 -c CH -t a a.example > delv.out.test$n || ret=1
  grep "a.example." < delv.out.test$n > /dev/null || ret=1
+  check_ttl_range delv.out.test$n "A" 300 || ret=1
  if [ $ret -ne 0 ]; then echo_i "failed"; fi
  status=$((status+ret))

@@ -784,6 +817,7 @@ if [ -x "$DELV" ] ; then
  ret=0
  delv_with_opts @10.53.0.3 -c CH -t a a.example > delv.out.test$n || ret=1
  grep "a.example." < delv.out.test$n > /dev/null || ret=1
+  check_ttl_range delv.out.test$n "A" 300 || ret=1
  if [ $ret -ne 0 ]; then echo_i "failed"; fi
  status=$((status+ret))

@@ -794,6 +828,7 @@ if [ -x "$DELV" ] ; then
  grep '^; -m\..*[0-9]*.*IN.*ANY.*;' delv.out.test$n > /dev/null || ret=1
  grep "^add " delv.out.test$n > /dev/null && ret=1
  grep "^del " delv.out.test$n > /dev/null && ret=1
+  check_ttl_range delv.out.test$n '\\-ANY' 300 3 || ret=1
  if [ $ret -ne 0 ]; then echo_i "failed"; fi
  status=$((status+ret))
 else