Commit 6b8e4d6e authored by Mark Andrews's avatar Mark Andrews

4782. [test] dnssec: 'checking positive and negative validation

                        with negative trust anchors' required more time to
                        complete on some machines. [RT #46386]
parent a94d68ce
4782. [test] dnssec: 'checking positive and negative validation
with negative trust anchors' required more time to
complete on some machines. [RT #46386]
4781. [maint] B.ROOT-SERVERS.NET is now 199.9.14.201. [RT #45889]
4780. [bug] When answering ANY queries, don't include the NS
......
......@@ -24,8 +24,8 @@ options {
dnssec-must-be-secure mustbesecure.example yes;
minimal-responses no;
nta-lifetime 10s;
nta-recheck 7s;
nta-lifetime 12s;
nta-recheck 9s;
# Note: We only reference the bind.keys file here to confirm that it
# is *not* being used. It contains the real root key, and we're
......
......@@ -1722,7 +1722,7 @@ echo "I: waiting for NTA rechecks/expirations"
# fakenode.secure.example should both be lifted, but badds.example
# should still be going.
#
$PERL -e 'my $delay = '$start' + 8 - time(); select(undef, undef, undef, $delay) if ($delay > 0);'
$PERL -e 'my $delay = '$start' + 10 - time(); select(undef, undef, undef, $delay) if ($delay > 0);'
$DIG $DIGOPTS b.secure.example. a @10.53.0.4 > dig.out.ns4.test$n.8 || ret=1
grep "status: SERVFAIL" dig.out.ns4.test$n.8 > /dev/null && ret=1
grep "flags:[^;]* ad[^;]*;" dig.out.ns4.test$n.8 > /dev/null || ret=1
......@@ -1742,7 +1742,7 @@ ret=0
# it should still be NTA'd, but badds.example used the default
# lifetime of 10s, so it should revert to SERVFAIL now.
#
$PERL -e 'my $delay = '$start' + 11 - time(); select(undef, undef, undef, $delay) if ($delay > 0);'
$PERL -e 'my $delay = '$start' + 13 - time(); select(undef, undef, undef, $delay) if ($delay > 0);'
# check nta table
$RNDC -c ../common/rndc.conf -s 10.53.0.4 -p 9953 nta -d > rndc.out.ns4.test$n._11
lines=`grep " expiry " rndc.out.ns4.test$n._11 | wc -l`
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment