Skip to content
GitLab
Menu
Projects
Groups
Snippets
Loading...
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
Menu
Open sidebar
ISC Open Source Projects
BIND
Commits
473ca0bf
Commit
473ca0bf
authored
Jan 22, 2002
by
Andreas Gustafsson
Browse files
Added RT
#2399
regression test
parent
48b0f5ff
Changes
9
Hide whitespace changes
Inline
Side-by-side
bin/tests/system/dnssec/clean.sh
View file @
473ca0bf
...
...
@@ -15,11 +15,12 @@
# NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
# WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
# $Id: clean.sh,v 1.1
1
200
1/11/06 19:32:54 bwelling
Exp $
# $Id: clean.sh,v 1.1
2
200
2/01/22 22:27:23 gson
Exp $
rm
-f
*
/K
*
*
/keyset-
*
*
/signedkey-
*
*
/
*
.signed
*
/trusted.conf
*
/tmp
*
rm
-f
ns1/root.db ns2/example.db ns3/secure.example.db
rm
-f
ns3/unsecure.example.db ns3/bogus.example.db ns3/keyless.example.db
rm
-f
ns3/dynamic.example.db ns3/dynamic.example.db.signed.jnl
rm
-f
dig.out.
*
rm
-f
random.data
bin/tests/system/dnssec/dnssec_update_test.pl
0 → 100644
View file @
473ca0bf
#!/usr/bin/perl
#
# Copyright (C) 2000, 2001 Internet Software Consortium.
#
# Permission to use, copy, modify, and distribute this software for any
# purpose with or without fee is hereby granted, provided that the above
# copyright notice and this permission notice appear in all copies.
#
# THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
# DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
# INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
# FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
# NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
# WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
#
# DNSSEC Dynamic update test suite.
#
# Usage:
#
# perl update_test.pl [-s server] [-p port] zone
#
# The server defaults to 127.0.0.1.
# The port defaults to 53.
#
# Installation notes:
#
# This program uses the Net::DNS::Resolver module.
# You can install it by saying
#
# perl -MCPAN -e "install Net::DNS"
#
# $Id: dnssec_update_test.pl,v 1.1 2002/01/22 22:27:24 gson Exp $
#
use
Getopt::
Std
;
use
Net::
DNS
;
use
Net::DNS::
Update
;
use
Net::DNS::
Resolver
;
$opt_s
=
"
127.0.0.1
";
$opt_p
=
53
;
getopt
('
s:p:
');
$res
=
new
Net::DNS::
Resolver
;
$res
->
nameservers
(
$opt_s
);
$res
->
port
(
$opt_p
);
$res
->
defnames
(
0
);
# Do not append default domain.
@ARGV
==
1
or
die
"
usage: perl update_test.pl [-s server] [-p port] zone
\n
";
$zone
=
shift
@ARGV
;
my
$failures
=
0
;
sub
assert
{
my
(
$cond
,
$explanation
)
=
@_
;
if
(
!
$cond
)
{
print
"
I:Test Failed:
$explanation
***
\n
";
$failures
++
}
}
sub
test
{
my
(
$expected
,
@records
)
=
@_
;
my
$update
=
new
Net::DNS::
Update
("
$zone
");
foreach
$rec
(
@records
)
{
$update
->
push
(
@$rec
);
}
$reply
=
$res
->
send
(
$update
);
# Did it work?
if
(
defined
$reply
)
{
my
$rcode
=
$reply
->
header
->
rcode
;
assert
(
$rcode
eq
$expected
,
"
expected
$expected
, got
$rcode
");
}
else
{
print
"
I:Update failed:
",
$res
->
errorstring
,
"
\n
";
}
}
sub
section
{
my
(
$msg
)
=
@_
;
print
"
I:
$msg
\n
";
}
section
("
Add a name
");
test
("
NOERROR
",
["
update
",
rr_add
("
a.
$zone
300 A 73.80.65.49
")]);
section
("
Delete the name
");
test
("
NOERROR
",
["
update
",
rr_del
("
a.
$zone
")]);
if
(
$failures
)
{
print
"
I:
$failures
tests failed.
\n
";
}
else
{
print
"
I:All tests successful.
\n
";
}
exit
$failures
;
bin/tests/system/dnssec/ns2/example.db.in
View file @
473ca0bf
...
...
@@ -13,7 +13,7 @@
; NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
; WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
; $Id: example.db.in,v 1.
9
200
1
/0
9/19 21:19:50
gson Exp $
; $Id: example.db.in,v 1.
10
200
2
/0
1/22 22:27:25
gson Exp $
$TTL 300 ; 5 minutes
@ IN SOA mname1. . (
...
...
@@ -58,11 +58,14 @@ ns.secure A 10.53.0.3
insecure NS ns.insecure
ns.insecure A 10.53.0.3
; A secure subdomain we're going to inject bogus data into
bogus NS ns.bogus
ns.bogus A 10.53.0.3
; A dynamic secure subdomain
dynamic NS dynamic
dynamic A 10.53.0.3
z A 10.0.0.26
keyless NS ns.keyless
...
...
bin/tests/system/dnssec/ns2/named.conf
View file @
473ca0bf
...
...
@@ -15,7 +15,7 @@
*
WITH
THE
USE
OR
PERFORMANCE
OF
THIS
SOFTWARE
.
*/
/* $
Id
:
named
.
conf
,
v
1
.
1
7
200
1
/
01
/
11
20
:
41
:
32
gson
Exp
$ */
/* $
Id
:
named
.
conf
,
v
1
.
1
8
200
2
/
01
/
22
22
:
27
:
26
gson
Exp
$ */
//
NS2
...
...
@@ -54,5 +54,4 @@ zone "insecure.secure.example" {
allow
-
update
{
any
; };
};
include
"trusted.conf"
;
bin/tests/system/dnssec/ns2/sign.sh
View file @
473ca0bf
...
...
@@ -15,7 +15,7 @@
# NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
# WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
# $Id: sign.sh,v 1.1
6
200
1
/0
9/17 17:47:18 bwelling
Exp $
# $Id: sign.sh,v 1.1
7
200
2
/0
1/22 22:27:27 gson
Exp $
SYSTEMTESTTOP
=
../..
.
$SYSTEMTESTTOP
/conf.sh
...
...
@@ -33,21 +33,16 @@ keyname=`$KEYGEN -r $RANDFILE -a DSA -b 768 -n zone $zone`
(
cd
../ns3
&&
sh sign.sh
)
cp
../ns3/keyset-secure.example.
.
for
subdomain
in
secure bogus
do
cp
../ns3/keyset-
$subdomain
.example.
.
$KEYSIGNER
-r
$RANDFILE
keyset-
secure
.example.
$keyname
>
/dev/null
$KEYSIGNER
-r
$RANDFILE
keyset-
$subdomain
.example.
$keyname
>
/dev/null
# This will leave two copies of the child's zone key in the signed db file;
# that shouldn't cause any problems.
cat
signedkey-secure.example.
>>
../ns3/secure.example.db.signed
cp
../ns3/keyset-bogus.example.
.
$KEYSIGNER
-r
$RANDFILE
keyset-bogus.example.
$keyname
>
/dev/null
# This will leave two copies of the child's zone key in the signed db file;
# that shouldn't cause any problems.
cat
signedkey-bogus.example.
>>
../ns3/bogus.example.db.signed
# This will leave two copies of the child's zone key in the signed db file;
# that shouldn't cause any problems.
cat
signedkey-
$subdomain
.example.
>>
../ns3/
$subdomain
.example.db.signed
done
$KEYSETTOOL
-r
$RANDFILE
-t
3600
$keyname
>
/dev/null
...
...
bin/tests/system/dnssec/ns3/dynamic.example.db.in
0 → 100644
View file @
473ca0bf
; Copyright (C) 2000, 2001 Internet Software Consortium.
;
; Permission to use, copy, modify, and distribute this software for any
; purpose with or without fee is hereby granted, provided that the above
; copyright notice and this permission notice appear in all copies.
;
; THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM
; DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL
; IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
; INTERNET SOFTWARE CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT,
; INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING
; FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
; NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
; WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
; $Id: dynamic.example.db.in,v 1.1 2002/01/22 22:27:28 gson Exp $
; This has the NS and glue at the apex because testing RT #2399
; requires we have only one name in the zone at a certain point
; during the test.
$TTL 300 ; 5 minutes
@ IN SOA mname1. . (
2000042407 ; serial
20 ; refresh (20 seconds)
20 ; retry (20 seconds)
1814400 ; expire (3 weeks)
3600 ; minimum (1 hour)
)
@ NS @
@ A 10.53.0.3
bin/tests/system/dnssec/ns3/named.conf
View file @
473ca0bf
...
...
@@ -15,7 +15,7 @@
*
WITH
THE
USE
OR
PERFORMANCE
OF
THIS
SOFTWARE
.
*/
/* $
Id
:
named
.
conf
,
v
1
.
19
200
1
/
0
9
/
19
21
:
19
:
51
gson
Exp
$ */
/* $
Id
:
named
.
conf
,
v
1
.
20
200
2
/
0
1
/
22
22
:
27
:
28
gson
Exp
$ */
//
NS3
...
...
@@ -54,6 +54,12 @@ zone "bogus.example" {
allow
-
update
{
any
; };
};
zone
"dynamic.example"
{
type
master
;
file
"dynamic.example.db.signed"
;
allow
-
update
{
any
; };
};
zone
"insecure.example"
{
type
master
;
file
"insecure.example.db"
;
...
...
bin/tests/system/dnssec/ns3/sign.sh
View file @
473ca0bf
...
...
@@ -15,7 +15,7 @@
# NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
# WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
# $Id: sign.sh,v 1.1
4
200
1
/0
9/19 21:19:52
gson Exp $
# $Id: sign.sh,v 1.1
5
200
2
/0
1/22 22:27:29
gson Exp $
RANDFILE
=
../random.data
...
...
@@ -43,6 +43,18 @@ cat $infile $keyname.key >$zonefile
$SIGNER
-r
$RANDFILE
-o
$zone
$zonefile
>
/dev/null
zone
=
dynamic.example.
infile
=
dynamic.example.db.in
zonefile
=
dynamic.example.db
keyname
=
`
$KEYGEN
-r
$RANDFILE
-a
RSA
-b
768
-n
zone
$zone
`
$KEYSETTOOL
-r
$RANDFILE
-t
3600
$keyname
.key
>
/dev/null
cat
$infile
$keyname
.key
>
$zonefile
$SIGNER
-r
$RANDFILE
-o
$zone
$zonefile
>
/dev/null
zone
=
keyless.example.
infile
=
keyless.example.db.in
zonefile
=
keyless.example.db
...
...
bin/tests/system/dnssec/tests.sh
View file @
473ca0bf
...
...
@@ -15,7 +15,7 @@
# NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
# WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
# $Id: tests.sh,v 1.3
5
200
1
/0
9/19 21:19:48
gson Exp $
# $Id: tests.sh,v 1.3
6
200
2
/0
1/22 22:27:24
gson Exp $
SYSTEMTESTTOP
=
..
.
$SYSTEMTESTTOP
/conf.sh
...
...
@@ -304,5 +304,27 @@ n=`expr $n + 1`
if
[
$ret
!=
0
]
;
then
echo
"I:failed"
;
fi
status
=
`
expr
$status
+
$ret
`
echo
"I:checking positive validation of dynamic zone (
$n
)"
ret
=
0
$DIG
$DIGOPTS
+noauth dynamic.example. SOA @10.53.0.3
>
dig.out.ns3.test
$n
||
ret
=
1
$DIG
$DIGOPTS
+noauth dynamic.example. SOA @10.53.0.4
>
dig.out.ns4.test
$n
||
ret
=
1
$PERL
../digcomp.pl dig.out.ns3.test
$n
dig.out.ns4.test
$n
||
ret
=
1
# XXX why does this fail?
# grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1
n
=
`
expr
$n
+ 1
`
if
[
$ret
!=
0
]
;
then
echo
"I:failed"
;
fi
status
=
`
expr
$status
+
$ret
`
# Run a minimal update test if possible. This is really just
# a regression test for RT #2399; more tests should be added.
if
$PERL
-e
'use Net::DNS;'
2>/dev/null
then
echo
"I:running DNSSEC update test"
$PERL
dnssec_update_test.pl
-s
10.53.0.3
-p
5300 dynamic.example.
||
status
=
1
else
echo
"I:The DNSSEC update test requires the Net::DNS library."
>
&2
fi
echo
"I:exit status:
$status
"
exit
$status
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment