Skip to content
GitLab
Menu
Projects
Groups
Snippets
Loading...
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
Menu
Open sidebar
ISC Open Source Projects
BIND
Commits
72fd845d
Commit
72fd845d
authored
Feb 16, 2014
by
Evan Hunt
Browse files
[master] remove accidentally committed changes
parent
792915be
Changes
4
Hide whitespace changes
Inline
Side-by-side
bin/tests/system/conf.sh.in
View file @
72fd845d
...
...
@@ -33,7 +33,6 @@ NAMED=$TOP/bin/named/named
# if the program is libtoolized.
LWRESD
=
"
$TOP
/bin/named/named -l"
DIG
=
$TOP
/bin/dig/dig
DELVE
=
$TOP
/bin/delve/delve
RNDC
=
$TOP
/bin/rndc/rndc
NSUPDATE
=
$TOP
/bin/nsupdate/nsupdate
DDNSCONFGEN
=
$TOP
/bin/confgen/ddns-confgen
...
...
bin/tests/system/dnssec/clean.sh
View file @
72fd845d
...
...
@@ -67,5 +67,6 @@ rm -f ns6/optout-tld.db
rm
-f
nosign.before
rm
-f
signing.out
*
rm
-f
canonical?.
*
rm
-f
ns1/resolve.key
rm
-f
ns3/siginterval.conf
rm
-f
ns4/named_dump.db
bin/tests/system/dnssec/ns1/sign.sh
View file @
72fd845d
...
...
@@ -65,3 +65,14 @@ cp trusted.conf ../ns4/trusted.conf
cp
trusted.conf ../ns6/trusted.conf
cp
trusted.conf ../ns7/trusted.conf
cp
managed.conf ../ns4/managed.conf
#
# Save keyid for managed key id test.
#
keyid
=
`
expr
$keyname
:
'K.+001+\(.*\)'
`
keyid
=
`
expr
$keyid
+ 0
`
echo
"
$keyid
"
>
managed.key.id
cat
$keyname
.key |
grep
-v
'^; '
|
$PERL
-n
-e
'
local ($dn, $class, $type, $flags, $proto, $alg, @rest) = split;
local $key = join("", @rest);
print "-a $alg -e -k $dn -K $key\n"
'
>
resolve.key
bin/tests/system/dnssec/tests.sh
View file @
72fd845d
...
...
@@ -26,7 +26,7 @@ n=1
rm
-f
dig.out.
*
DIGOPTS
=
"+tcp +noadd +nosea +nostat +nocmd +dnssec -p 5300"
DELVEOPTS
=
"-a ns1/trusted.conf"
RESKEY
=
`
cat
ns1/resolve.key
`
# convert private-type records to readable form
showprivate
()
{
...
...
@@ -137,10 +137,10 @@ n=`expr $n + 1`
if
[
$ret
!=
0
]
;
then
echo
"I:failed"
;
fi
status
=
`
expr
$status
+
$ret
`
if
[
-x
${
DE
LVE
}
]
;
then
if
[
-x
${
RESO
LVE
}
]
;
then
ret
=
0
echo
"I:checking postive validation NSEC using dns_client (
$n
)"
$
DE
LVE
$
DELVEOPTS
-p
5300
-t
a
-s
10.53.0.4 a.example
>
resolve.out
$n
||
ret
=
1
$
RESO
LVE
$
RESKEY
-p
5300
-t
a
-s
10.53.0.4 a.example
>
resolve.out
$n
||
ret
=
1
grep
"a.example..*10.0.0.1"
resolve.out
$n
>
/dev/null
||
ret
=
1
grep
"a.example..*.RRSIG.A 3 2 300 .*"
resolve.out
$n
>
/dev/null
||
ret
=
1
n
=
`
expr
$n
+ 1
`
...
...
@@ -160,10 +160,10 @@ n=`expr $n + 1`
if
[
$ret
!=
0
]
;
then
echo
"I:failed"
;
fi
status
=
`
expr
$status
+
$ret
`
if
[
-x
${
DE
LVE
}
]
;
then
if
[
-x
${
RESO
LVE
}
]
;
then
ret
=
0
echo
"I:checking positive validation NSEC3 using dns_client (
$n
)"
$
DE
LVE
$
DELVEOPTS
-p
5300
-t
a
-s
10.53.0.4 a.nsec3.example
>
resolve.out
$n
||
ret
=
1
$
RESO
LVE
$
RESKEY
-p
5300
-t
a
-s
10.53.0.4 a.nsec3.example
>
resolve.out
$n
||
ret
=
1
grep
"a.nsec3.example..*10.0.0.1"
resolve.out
$n
>
/dev/null
||
ret
=
1
grep
"a.nsec3.example..*RRSIG.A 7 3 300.*"
resolve.out
$n
>
/dev/null
||
ret
=
1
n
=
`
expr
$n
+ 1
`
...
...
@@ -183,10 +183,10 @@ n=`expr $n + 1`
if
[
$ret
!=
0
]
;
then
echo
"I:failed"
;
fi
status
=
`
expr
$status
+
$ret
`
if
[
-x
${
DE
LVE
}
]
;
then
if
[
-x
${
RESO
LVE
}
]
;
then
ret
=
0
echo
"I:checking positive validation OPTOUT using dns_client (
$n
)"
$
DE
LVE
$
DELVEOPTS
-p
5300
-t
a
-s
10.53.0.4 a.optout.example
>
resolve.out
$n
||
ret
=
1
$
RESO
LVE
$
RESKEY
-p
5300
-t
a
-s
10.53.0.4 a.optout.example
>
resolve.out
$n
||
ret
=
1
grep
"a.optout.example..*10.0.0.1"
resolve.out
$n
>
/dev/null
||
ret
=
1
grep
"a.optout.example..*RRSIG.A 7 3 300.*"
resolve.out
$n
>
/dev/null
||
ret
=
1
n
=
`
expr
$n
+ 1
`
...
...
@@ -209,10 +209,10 @@ n=`expr $n + 1`
if
[
$ret
!=
0
]
;
then
echo
"I:failed"
;
fi
status
=
`
expr
$status
+
$ret
`
if
[
-x
${
DE
LVE
}
]
;
then
if
[
-x
${
RESO
LVE
}
]
;
then
ret
=
0
echo
"I:checking positive wildcard validation NSEC using dns_client (
$n
)"
$
DE
LVE
$
DELVEOPTS
-p
5300
-t
a
-s
10.53.0.4 a.wild.example
>
resolve.out
$n
||
ret
=
1
$
RESO
LVE
$
RESKEY
-p
5300
-t
a
-s
10.53.0.4 a.wild.example
>
resolve.out
$n
||
ret
=
1
grep
"a.wild.example..*10.0.0.27"
resolve.out
$n
>
/dev/null
||
ret
=
1
grep
"a.wild.example..*RRSIG.A 3 2 300.*"
resolve.out
$n
>
/dev/null
||
ret
=
1
n
=
`
expr
$n
+ 1
`
...
...
@@ -251,10 +251,10 @@ n=`expr $n + 1`
if
[
$ret
!=
0
]
;
then
echo
"I:failed"
;
fi
status
=
`
expr
$status
+
$ret
`
if
[
-x
${
DE
LVE
}
]
;
then
if
[
-x
${
RESO
LVE
}
]
;
then
ret
=
0
echo
"I:checking positive wildcard validation NSEC3 using dns_client (
$n
)"
$
DE
LVE
$
DELVEOPTS
-p
5300
-t
a
-s
10.53.0.4 a.wild.nsec3.example
>
resolve.out
$n
||
ret
=
1
$
RESO
LVE
$
RESKEY
-p
5300
-t
a
-s
10.53.0.4 a.wild.nsec3.example
>
resolve.out
$n
||
ret
=
1
grep
"a.wild.nsec3.example..*10.0.0.6"
resolve.out
$n
>
/dev/null
||
ret
=
1
grep
"a.wild.nsec3.example..*RRSIG.A 7 3 300.*"
resolve.out
$n
>
/dev/null
||
ret
=
1
n
=
`
expr
$n
+ 1
`
...
...
@@ -277,10 +277,10 @@ n=`expr $n + 1`
if
[
$ret
!=
0
]
;
then
echo
"I:failed"
;
fi
status
=
`
expr
$status
+
$ret
`
if
[
-x
${
DE
LVE
}
]
;
then
if
[
-x
${
RESO
LVE
}
]
;
then
ret
=
0
echo
"I:checking positive wildcard validation OPTOUT using dns_client (
$n
)"
$
DE
LVE
$
DELVEOPTS
-p
5300
-t
a
-s
10.53.0.4 a.wild.optout.example
>
resolve.out
$n
||
ret
=
1
$
RESO
LVE
$
RESKEY
-p
5300
-t
a
-s
10.53.0.4 a.wild.optout.example
>
resolve.out
$n
||
ret
=
1
grep
"a.wild.optout.example..*10.0.0.6"
resolve.out
$n
>
/dev/null
||
ret
=
1
grep
"a.wild.optout.example..*RRSIG.A 7 3 300.*"
resolve.out
$n
>
/dev/null
||
ret
=
1
n
=
`
expr
$n
+ 1
`
...
...
@@ -299,10 +299,10 @@ n=`expr $n + 1`
if
[
$ret
!=
0
]
;
then
echo
"I:failed"
;
fi
status
=
`
expr
$status
+
$ret
`
if
[
-x
${
DE
LVE
}
]
;
then
if
[
-x
${
RESO
LVE
}
]
;
then
ret
=
0
echo
"I:checking negative validation NXDOMAIN NSEC using dns_client (
$n
)"
$
DE
LVE
$
DELVEOPTS
-p
5300
-t
a
-s
10.53.0.4 q.example
>
/dev/null 2> resolve.out
$n
||
ret
=
1
$
RESO
LVE
$
RESKEY
-p
5300
-t
a
-s
10.53.0.4 q.example
>
/dev/null 2> resolve.out
$n
||
ret
=
1
grep
"resolution failed: ncache nxdomain"
resolve.out
$n
>
/dev/null
||
ret
=
1
n
=
`
expr
$n
+ 1
`
if
[
$ret
!=
0
]
;
then
echo
"I:failed"
;
fi
...
...
@@ -322,10 +322,10 @@ n=`expr $n + 1`
if
[
$ret
!=
0
]
;
then
echo
"I:failed"
;
fi
status
=
`
expr
$status
+
$ret
`
if
[
-x
${
DE
LVE
}
]
;
then
if
[
-x
${
RESO
LVE
}
]
;
then
ret
=
0
echo
"I:checking negative validation NXDOMAIN NSEC3 using dns_client (
$n
)"
$
DE
LVE
$
DELVEOPTS
-p
5300
-t
a
-s
10.53.0.4 q.nsec3.example
>
/dev/null 2> resolve.out
$n
||
ret
=
1
$
RESO
LVE
$
RESKEY
-p
5300
-t
a
-s
10.53.0.4 q.nsec3.example
>
/dev/null 2> resolve.out
$n
||
ret
=
1
grep
"resolution failed: ncache nxdomain"
resolve.out
$n
>
/dev/null
||
ret
=
1
n
=
`
expr
$n
+ 1
`
if
[
$ret
!=
0
]
;
then
echo
"I:failed"
;
fi
...
...
@@ -346,10 +346,10 @@ n=`expr $n + 1`
if
[
$ret
!=
0
]
;
then
echo
"I:failed"
;
fi
status
=
`
expr
$status
+
$ret
`
if
[
-x
${
DE
LVE
}
]
;
then
if
[
-x
${
RESO
LVE
}
]
;
then
ret
=
0
echo
"I:checking negative validation NXDOMAIN OPTOUT using dns_client (
$n
)"
$
DE
LVE
$
DELVEOPTS
-p
5300
-t
a
-s
10.53.0.4 q.optout.example
>
/dev/null 2> resolve.out
$n
||
ret
=
1
$
RESO
LVE
$
RESKEY
-p
5300
-t
a
-s
10.53.0.4 q.optout.example
>
/dev/null 2> resolve.out
$n
||
ret
=
1
grep
"resolution failed: ncache nxdomain"
resolve.out
$n
>
/dev/null
||
ret
=
1
n
=
`
expr
$n
+ 1
`
if
[
$ret
!=
0
]
;
then
echo
"I:failed"
;
fi
...
...
@@ -368,10 +368,10 @@ n=`expr $n + 1`
if
[
$ret
!=
0
]
;
then
echo
"I:failed"
;
fi
status
=
`
expr
$status
+
$ret
`
if
[
-x
${
DE
LVE
}
]
;
then
if
[
-x
${
RESO
LVE
}
]
;
then
ret
=
0
echo
"I:checking negative validation NODATA OPTOUT using dns_client (
$n
)"
$
DE
LVE
$
DELVEOPTS
-p
5300
-t
txt
-s
10.53.0.4 a.example
>
/dev/null 2> resolve.out
$n
||
ret
=
1
$
RESO
LVE
$
RESKEY
-p
5300
-t
txt
-s
10.53.0.4 a.example
>
/dev/null 2> resolve.out
$n
||
ret
=
1
grep
"resolution failed: ncache nxrrset"
resolve.out
$n
>
/dev/null
||
ret
=
1
n
=
`
expr
$n
+ 1
`
if
[
$ret
!=
0
]
;
then
echo
"I:failed"
;
fi
...
...
@@ -392,10 +392,10 @@ n=`expr $n + 1`
if
[
$ret
!=
0
]
;
then
echo
"I:failed"
;
fi
status
=
`
expr
$status
+
$ret
`
if
[
-x
${
DE
LVE
}
]
;
then
if
[
-x
${
RESO
LVE
}
]
;
then
ret
=
0
echo
"I:checking negative validation NODATA NSEC3 using dns_client (
$n
)"
$
DE
LVE
$
DELVEOPTS
-p
5300
-t
txt
-s
10.53.0.4 a.nsec3.example
>
/dev/null 2> resolve.out
$n
||
ret
=
1
$
RESO
LVE
$
RESKEY
-p
5300
-t
txt
-s
10.53.0.4 a.nsec3.example
>
/dev/null 2> resolve.out
$n
||
ret
=
1
grep
"resolution failed: ncache nxrrset"
resolve.out
$n
>
/dev/null
||
ret
=
1
n
=
`
expr
$n
+ 1
`
if
[
$ret
!=
0
]
;
then
echo
"I:failed"
;
fi
...
...
@@ -416,10 +416,10 @@ n=`expr $n + 1`
if
[
$ret
!=
0
]
;
then
echo
"I:failed"
;
fi
status
=
`
expr
$status
+
$ret
`
if
[
-x
${
DE
LVE
}
]
;
then
if
[
-x
${
RESO
LVE
}
]
;
then
ret
=
0
echo
"I:checking negative validation NODATA OPTOUT using dns_client (
$n
)"
$
DE
LVE
$
DELVEOPTS
-p
5300
-t
txt
-s
10.53.0.4 a.optout.example
>
/dev/null 2> resolve.out
$n
||
ret
=
1
$
RESO
LVE
$
RESKEY
-p
5300
-t
txt
-s
10.53.0.4 a.optout.example
>
/dev/null 2> resolve.out
$n
||
ret
=
1
grep
"resolution failed: ncache nxrrset"
resolve.out
$n
>
/dev/null
||
ret
=
1
n
=
`
expr
$n
+ 1
`
if
[
$ret
!=
0
]
;
then
echo
"I:failed"
;
fi
...
...
@@ -437,10 +437,10 @@ n=`expr $n + 1`
if
[
$ret
!=
0
]
;
then
echo
"I:failed"
;
fi
status
=
`
expr
$status
+
$ret
`
if
[
-x
${
DE
LVE
}
]
;
then
if
[
-x
${
RESO
LVE
}
]
;
then
ret
=
0
echo
"I:checking negative wildcard validation NSEC using dns_client (
$n
)"
$
DE
LVE
$
DELVEOPTS
-p
5300
-t
txt
-s
10.53.0.4 b.wild.example
>
/dev/null 2> resolve.out
$n
||
ret
=
1
$
RESO
LVE
$
RESKEY
-p
5300
-t
txt
-s
10.53.0.4 b.wild.example
>
/dev/null 2> resolve.out
$n
||
ret
=
1
grep
"resolution failed: ncache nxrrset"
resolve.out
$n
>
/dev/null
||
ret
=
1
n
=
`
expr
$n
+ 1
`
if
[
$ret
!=
0
]
;
then
echo
"I:failed"
;
fi
...
...
@@ -457,10 +457,10 @@ n=`expr $n + 1`
if
[
$ret
!=
0
]
;
then
echo
"I:failed"
;
fi
status
=
`
expr
$status
+
$ret
`
if
[
-x
${
DE
LVE
}
]
;
then
if
[
-x
${
RESO
LVE
}
]
;
then
ret
=
0
echo
"I:checking negative wildcard validation NSEC3 using dns_client (
$n
)"
$
DE
LVE
$
DELVEOPTS
-p
5300
-t
txt
-s
10.53.0.4 b.wild.nsec3.example
>
/dev/null 2> resolve.out
$n
||
ret
=
1
$
RESO
LVE
$
RESKEY
-p
5300
-t
txt
-s
10.53.0.4 b.wild.nsec3.example
>
/dev/null 2> resolve.out
$n
||
ret
=
1
grep
"resolution failed: ncache nxrrset"
resolve.out
$n
>
/dev/null
||
ret
=
1
n
=
`
expr
$n
+ 1
`
if
[
$ret
!=
0
]
;
then
echo
"I:failed"
;
fi
...
...
@@ -481,10 +481,10 @@ n=`expr $n + 1`
if
[
$ret
!=
0
]
;
then
echo
"I:failed"
;
fi
status
=
`
expr
$status
+
$ret
`
if
[
-x
${
DE
LVE
}
]
;
then
if
[
-x
${
RESO
LVE
}
]
;
then
ret
=
0
echo
"I:checking negative wildcard validation OPTOUT using dns_client (
$n
)"
$
DE
LVE
$
DELVEOPTS
-p
5300
-t
txt
-s
10.53.0.4 b.optout.nsec3.example
>
/dev/null 2> resolve.out
$n
||
ret
=
1
$
RESO
LVE
$
RESKEY
-p
5300
-t
txt
-s
10.53.0.4 b.optout.nsec3.example
>
/dev/null 2> resolve.out
$n
||
ret
=
1
grep
"resolution failed: ncache nxrrset"
resolve.out
$n
>
/dev/null
||
ret
=
1
n
=
`
expr
$n
+ 1
`
if
[
$ret
!=
0
]
;
then
echo
"I:failed"
;
fi
...
...
@@ -505,10 +505,10 @@ n=`expr $n + 1`
if
[
$ret
!=
0
]
;
then
echo
"I:failed"
;
fi
status
=
`
expr
$status
+
$ret
`
if
[
-x
${
DE
LVE
}
]
;
then
if
[
-x
${
RESO
LVE
}
]
;
then
ret
=
0
echo
"I:checking 1-server insecurity proof NSEC using dns_client (
$n
)"
$
DE
LVE
$
DELVEOPTS
-p
5300
-t
a
-s
10.53.0.4 a.insecure.example
>
resolve.out
$n
||
ret
=
1
$
RESO
LVE
$
RESKEY
-p
5300
-t
a
-s
10.53.0.4 a.insecure.example
>
resolve.out
$n
||
ret
=
1
grep
"a.insecure.example..*10.0.0.1"
resolve.out
$n
>
/dev/null
||
ret
=
1
n
=
`
expr
$n
+ 1
`
if
[
$ret
!=
0
]
;
then
echo
"I:failed"
;
fi
...
...
@@ -527,10 +527,10 @@ n=`expr $n + 1`
if
[
$ret
!=
0
]
;
then
echo
"I:failed"
;
fi
status
=
`
expr
$status
+
$ret
`
if
[
-x
${
DE
LVE
}
]
;
then
if
[
-x
${
RESO
LVE
}
]
;
then
ret
=
0
echo
"I:checking 1-server insecurity proof NSEC3 using dns_client (
$n
)"
$
DE
LVE
$
DELVEOPTS
-p
5300
-t
a
-s
10.53.0.4 a.insecure.nsec3.example
>
resolve.out
$n
||
ret
=
1
$
RESO
LVE
$
RESKEY
-p
5300
-t
a
-s
10.53.0.4 a.insecure.nsec3.example
>
resolve.out
$n
||
ret
=
1
grep
"a.insecure.nsec3.example..*10.0.0.1"
resolve.out
$n
>
/dev/null
||
ret
=
1
n
=
`
expr
$n
+ 1
`
if
[
$ret
!=
0
]
;
then
echo
"I:failed"
;
fi
...
...
@@ -549,10 +549,10 @@ n=`expr $n + 1`
if
[
$ret
!=
0
]
;
then
echo
"I:failed"
;
fi
status
=
`
expr
$status
+
$ret
`
if
[
-x
${
DE
LVE
}
]
;
then
if
[
-x
${
RESO
LVE
}
]
;
then
ret
=
0
echo
"I:checking 1-server insecurity proof OPTOUT using dns_client (
$n
)"
$
DE
LVE
$
DELVEOPTS
-p
5300
-t
a
-s
10.53.0.4 a.insecure.optout.example
>
resolve.out
$n
||
ret
=
1
$
RESO
LVE
$
RESKEY
-p
5300
-t
a
-s
10.53.0.4 a.insecure.optout.example
>
resolve.out
$n
||
ret
=
1
grep
"a.insecure.optout.example..*10.0.0.1"
resolve.out
$n
>
/dev/null
||
ret
=
1
n
=
`
expr
$n
+ 1
`
if
[
$ret
!=
0
]
;
then
echo
"I:failed"
;
fi
...
...
@@ -573,10 +573,10 @@ n=`expr $n + 1`
if
[
$ret
!=
0
]
;
then
echo
"I:failed"
;
fi
status
=
`
expr
$status
+
$ret
`
if
[
-x
${
DE
LVE
}
]
;
then
if
[
-x
${
RESO
LVE
}
]
;
then
ret
=
0
echo
"I:checking 1-server negative insecurity proof NSEC using dns_client (
$n
)"
$
DE
LVE
$
DELVEOPTS
-p
5300
-t
a
-s
10.53.0.4 q.insecure.example
>
/dev/null 2> resolve.out
$n
||
ret
=
1
$
RESO
LVE
$
RESKEY
-p
5300
-t
a
-s
10.53.0.4 q.insecure.example
>
/dev/null 2> resolve.out
$n
||
ret
=
1
grep
"resolution failed: ncache nxdomain"
resolve.out
$n
>
/dev/null
||
ret
=
1
n
=
`
expr
$n
+ 1
`
if
[
$ret
!=
0
]
;
then
echo
"I:failed"
;
fi
...
...
@@ -597,10 +597,10 @@ n=`expr $n + 1`
if
[
$ret
!=
0
]
;
then
echo
"I:failed"
;
fi
status
=
`
expr
$status
+
$ret
`
if
[
-x
${
DE
LVE
}
]
;
then
if
[
-x
${
RESO
LVE
}
]
;
then
ret
=
0
echo
"I:checking 1-server negative insecurity proof NSEC3 using dns_client (
$n
)"
$
DE
LVE
$
DELVEOPTS
-p
5300
-t
a
-s
10.53.0.4 q.insecure.nsec3.example
>
/dev/null 2> resolve.out
$n
||
ret
=
1
$
RESO
LVE
$
RESKEY
-p
5300
-t
a
-s
10.53.0.4 q.insecure.nsec3.example
>
/dev/null 2> resolve.out
$n
||
ret
=
1
grep
"resolution failed: ncache nxdomain"
resolve.out
$n
>
/dev/null
||
ret
=
1
n
=
`
expr
$n
+ 1
`
if
[
$ret
!=
0
]
;
then
echo
"I:failed"
;
fi
...
...
@@ -621,10 +621,10 @@ n=`expr $n + 1`
if
[
$ret
!=
0
]
;
then
echo
"I:failed"
;
fi
status
=
`
expr
$status
+
$ret
`
if
[
-x
${
DE
LVE
}
]
;
then
if
[
-x
${
RESO
LVE
}
]
;
then
ret
=
0
echo
"I:checking 1-server negative insecurity proof OPTOUT using dns_client (
$n
)"
$
DE
LVE
$
DELVEOPTS
-p
5300
-t
a
-s
10.53.0.4 q.insecure.optout.example
>
/dev/null 2> resolve.out
$n
||
ret
=
1
$
RESO
LVE
$
RESKEY
-p
5300
-t
a
-s
10.53.0.4 q.insecure.optout.example
>
/dev/null 2> resolve.out
$n
||
ret
=
1
grep
"resolution failed: ncache nxdomain"
resolve.out
$n
>
/dev/null
||
ret
=
1
n
=
`
expr
$n
+ 1
`
if
[
$ret
!=
0
]
;
then
echo
"I:failed"
;
fi
...
...
@@ -818,10 +818,10 @@ n=`expr $n + 1`
if
[
$ret
!=
0
]
;
then
echo
"I:failed"
;
fi
status
=
`
expr
$status
+
$ret
`
if
[
-x
${
DE
LVE
}
]
;
then
if
[
-x
${
RESO
LVE
}
]
;
then
ret
=
0
echo
"I:checking failed validation using dns_client (
$n
)"
$
DE
LVE
$
DELVEOPTS
-p
5300
-t
a
-s
10.53.0.4 a.bogus.example
>
/dev/null 2> resolve.out
$n
||
ret
=
1
$
RESO
LVE
$
RESKEY
-p
5300
-t
a
-s
10.53.0.4 a.bogus.example
>
/dev/null 2> resolve.out
$n
||
ret
=
1
grep
"resolution failed: no valid RRSIG"
resolve.out
$n
>
/dev/null
||
ret
=
1
n
=
`
expr
$n
+ 1
`
if
[
$ret
!=
0
]
;
then
echo
"I:failed"
;
fi
...
...
@@ -863,10 +863,10 @@ n=`expr $n + 1`
if
[
$ret
!=
0
]
;
then
echo
"I:failed"
;
fi
status
=
`
expr
$status
+
$ret
`
if
[
-x
${
DE
LVE
}
]
;
then
if
[
-x
${
RESO
LVE
}
]
;
then
ret
=
0
echo
"I:checking that validation fails when key record is missing using dns_client (
$n
)"
$
DE
LVE
$
DELVEOPTS
-p
5300
-t
a
-s
10.53.0.4 a.b.keyless.example
>
/dev/null 2> resolve.out
$n
||
ret
=
1
$
RESO
LVE
$
RESKEY
-p
5300
-t
a
-s
10.53.0.4 a.b.keyless.example
>
/dev/null 2> resolve.out
$n
||
ret
=
1
grep
"resolution failed: broken trust chain"
resolve.out
$n
>
/dev/null
||
ret
=
1
n
=
`
expr
$n
+ 1
`
if
[
$ret
!=
0
]
;
then
echo
"I:failed"
;
fi
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment