Commit 750619b7 authored by Mark Andrews's avatar Mark Andrews
Browse files

4551. [test] Add system tests for integrity checks of MX and

                        SRV records. [RT #43953]
parent 052551c4
4551. [test] Add system tests for integrity checks of MX and
SRV records. [RT #43953]
4550. [cleanup] Increased the number of available master file
output style flags from 32 to 64. [RT #44043]
......
......@@ -70,19 +70,19 @@ SAMPLEUPDATE=$TOP/lib/samples/sample-update
# The "stress" test is not run by default since it creates enough
# load on the machine to make it unusable to other users.
# v6synth
SUBDIRS="acl additional addzone allow_query autosign builtin cacheclean case
catz checkconf @CHECKDS@ checknames checkzone cookie @COVERAGE@
database digdelv dlv dlvauto dlz dlzexternal dname dns64 dnssec
@DNSTAP@ dscp dsdigest dyndb ecdsa ednscompliance emptyzones
fetchlimit filter-aaaa formerr forward geoip glue gost inline ixfr
keepalive @KEYMGR@ legacy limits logfileconfig lwresd
masterfile masterformat metadata mkeys names notify nslookup
nsupdate nzd2nzf padding pending pipelined @PKCS11_TEST@
reclimit redirect resolver rndc rpz rpzrecurse rrchecker rrl
rrsetorder rsabigexponent runtime sfcache smartsign sortlist
spf staticstub statistics statschannel stub tcp tkey tsig
tsiggss unknown upforwd verify views wildcard xfer xferquota
zero zonechecks"
SUBDIRS="acl additional addzone allow_query autosign builtin
cacheclean case catz checkconf @CHECKDS@ checknames checkzone
cookie @COVERAGE@ database digdelv dlv dlvauto dlz dlzexternal
dname dns64 dnssec @DNSTAP@ dscp dsdigest dyndb ecdsa
emptyzones fetchlimit filter-aaaa formerr geoip glue gost
inline integrity ixfr keepalive @KEYMGR@ legacy limits
logfileconfig lwresd masterfile masterformat metadata mkeys
names notify nslookup nsupdate nzd2nzf padding pending
pipelined @PKCS11_TEST@ reclimit redirect resolver rndc
rpz rpzrecurse rrchecker rrl rrsetorder rsabigexponent
runtime sfcache smartsign sortlist spf staticstub statistics
statschannel stub tcp tkey tsig tsiggss unknown upforwd
verify views wildcard xfer xferquota zero zonechecks"
# Things that are different on Windows
KILL=kill
......
#!/bin/sh
#
# Copyright (C) 2016 Internet Systems Consortium, Inc. ("ISC")
#
# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
rm -f dig.out.test*
; Copyright (C) 2016 Internet Systems Consortium, Inc. ("ISC")
;
; This Source Code Form is subject to the terms of the Mozilla Public
; License, v. 2.0. If a copy of the MPL was not distributed with this
; file, You can obtain one at http://mozilla.org/MPL/2.0/.
$TTL 3600
@ SOA ns1 hostmaster 0 0 0 0 0
@ NS ns1
@ MX 0 cname
ns1 A 10.53.0.1
cname CNAME ns1
/*
* Copyright (C) 2016 Internet Systems Consortium, Inc. ("ISC")
*
* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
*/
controls { /* empty */ };
options {
query-source address 10.53.0.1;
notify-source 10.53.0.1;
transfer-source 10.53.0.1;
port 5300;
pid-file "named.pid";
listen-on { 10.53.0.1; };
listen-on-v6 { none; };
recursion no;
notify yes;
ixfr-from-differences yes;
check-integrity no;
};
include "../../common/controls.conf";
zone "." {
type hint;
file "../../common/root.hint";
};
zone "mx-cname-fail" {
type master;
check-integrity yes;
check-mx-cname fail;
file "mx-cname.db";
};
zone "mx-cname-warn" {
type master;
check-integrity yes;
check-mx-cname warn;
file "mx-cname.db";
};
zone "mx-cname-ignore" {
type master;
check-integrity yes;
check-mx-cname ignore;
file "mx-cname.db";
};
zone "no-mx-cname-fail" {
type master;
check-integrity no;
check-mx-cname fail;
file "mx-cname.db";
};
zone "no-mx-cname-warn" {
type master;
check-integrity no;
check-mx-cname warn;
file "mx-cname.db";
};
zone "no-mx-cname-ignore" {
type master;
check-integrity no;
check-mx-cname ignore;
file "mx-cname.db";
};
zone "srv-cname-fail" {
type master;
check-integrity yes;
check-srv-cname fail;
file "srv-cname.db";
};
zone "srv-cname-warn" {
type master;
check-integrity yes;
check-srv-cname warn;
file "srv-cname.db";
};
zone "srv-cname-ignore" {
type master;
check-integrity yes;
check-srv-cname ignore;
file "srv-cname.db";
};
zone "no-srv-cname-fail" {
type master;
check-integrity no;
check-srv-cname fail;
file "srv-cname.db";
};
zone "no-srv-cname-warn" {
type master;
check-integrity no;
check-srv-cname warn;
file "srv-cname.db";
};
zone "no-srv-cname-ignore" {
type master;
check-integrity no;
check-srv-cname ignore;
file "srv-cname.db";
};
; Copyright (C) 2016 Internet Systems Consortium, Inc. ("ISC")
;
; This Source Code Form is subject to the terms of the Mozilla Public
; License, v. 2.0. If a copy of the MPL was not distributed with this
; file, You can obtain one at http://mozilla.org/MPL/2.0/.
$TTL 3600
@ SOA ns1 hostmaster 0 0 0 0 0
@ NS ns1
@ SRV 0 0 0 cname
ns1 A 10.53.0.1
cname CNAME ns1
#!/bin/sh
#
# Copyright (C) 2016 Internet Systems Consortium, Inc. ("ISC")
#
# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
SYSTEMTESTTOP=..
. $SYSTEMTESTTOP/conf.sh
status=0
n=1
echo "I:check that 'check-integrity yes; check-mx-cname fail;' works ($n)"
ret=0
$DIG -p 5300 @10.53.0.1 mx mx-cname-fail > dig.out.test$n || ret=1
grep "status: SERVFAIL," dig.out.test$n > /dev/null || ret=1
grep "zone mx-cname-fail/IN: mx-cname-fail/MX 'cname.mx-cname-fail' is a CNAME (illegal)" ns1/named.run > /dev/null || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
status=`expr $status + $ret`
echo "I:check that 'check-integrity yes; check-mx-cname warn;' works ($n)"
ret=0
$DIG -p 5300 @10.53.0.1 mx mx-cname-warn > dig.out.test$n || ret=1
grep "status: NOERROR," dig.out.test$n > /dev/null || ret=1
grep "zone mx-cname-warn/IN: mx-cname-warn/MX 'cname.mx-cname-warn' is a CNAME (illegal)" ns1/named.run > /dev/null || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
status=`expr $status + $ret`
echo "I:check that 'check-integrity yes; check-mx-cname ignore;' works ($n)"
ret=0
$DIG -p 5300 @10.53.0.1 mx mx-cname-ignore > dig.out.test$n || ret=1
grep "status: NOERROR," dig.out.test$n > /dev/null || ret=1
grep "zone mx-cname-ignore/IN: mx-cname-ignore/MX 'cname.mx-cname-ignore' is a CNAME (illegal)" ns1/named.run > /dev/null && ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
status=`expr $status + $ret`
echo "I:check that 'check-integrity no; check-mx-cname fail;' works ($n)"
ret=0
$DIG -p 5300 @10.53.0.1 mx no-mx-cname-fail > dig.out.test$n || ret=1
grep "status: NOERROR," dig.out.test$n > /dev/null || ret=1
grep "zone no-mx-cname-fail/IN: no-mx-cname-fail/MX 'cname.no-mx-cname-fail' is a CNAME (illegal)" ns1/named.run > /dev/null && ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
status=`expr $status + $ret`
echo "I:check that 'check-integrity no; check-mx-cname warn;' works ($n)"
ret=0
$DIG -p 5300 @10.53.0.1 mx no-mx-cname-warn > dig.out.test$n || ret=1
grep "status: NOERROR," dig.out.test$n > /dev/null || ret=1
grep "zone no-mx-cname-warn/IN: no-mx-cname-warn/MX 'cname.no-mx-cname-warn' is a CNAME (illegal)" ns1/named.run > /dev/null && ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
status=`expr $status + $ret`
echo "I:check that 'check-integrity no; check-mx-cname ignore;' works ($n)"
ret=0
$DIG -p 5300 @10.53.0.1 mx no-mx-cname-ignore > dig.out.test$n || ret=1
grep "status: NOERROR," dig.out.test$n > /dev/null || ret=1
grep "zone no-mx-cname-ignore/IN: no-mx-cname-ignore/MX 'cname.no-mx-cname-ignore' is a CNAME (illegal)" ns1/named.run > /dev/null && ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
status=`expr $status + $ret`
echo "I:check that 'check-integrity yes; check-srv-cname fail;' works ($n)"
ret=0
$DIG -p 5300 @10.53.0.1 srv srv-cname-fail > dig.out.test$n || ret=1
grep "status: SERVFAIL," dig.out.test$n > /dev/null || ret=1
grep "zone srv-cname-fail/IN: srv-cname-fail/SRV 'cname.srv-cname-fail' is a CNAME (illegal)" ns1/named.run > /dev/null || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
status=`expr $status + $ret`
echo "I:check that 'check-integrity yes; check-srv-cname warn;' works ($n)"
ret=0
$DIG -p 5300 @10.53.0.1 srv srv-cname-warn > dig.out.test$n || ret=1
grep "status: NOERROR," dig.out.test$n > /dev/null || ret=1
grep "zone srv-cname-warn/IN: srv-cname-warn/SRV 'cname.srv-cname-warn' is a CNAME (illegal)" ns1/named.run > /dev/null || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
status=`expr $status + $ret`
echo "I:check that 'check-integrity yes; check-srv-cname ignore;' works ($n)"
ret=0
$DIG -p 5300 @10.53.0.1 srv srv-cname-ignore > dig.out.test$n || ret=1
grep "status: NOERROR," dig.out.test$n > /dev/null || ret=1
grep "zone srv-cname-ignore/IN: srv-cname-ignore/SRV 'cname.srv-cname-ignore' is a CNAME (illegal)" ns1/named.run > /dev/null && ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
status=`expr $status + $ret`
echo "I:check that 'check-integrity no; check-srv-cname fail;' works ($n)"
ret=0
$DIG -p 5300 @10.53.0.1 srv no-srv-cname-fail > dig.out.test$n || ret=1
grep "status: NOERROR," dig.out.test$n > /dev/null || ret=1
grep "zone no-srv-cname-fail/IN: no-srv-cname-fail/SRV 'cname.no-srv-cname-fail' is a CNAME (illegal)" ns1/named.run > /dev/null && ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
status=`expr $status + $ret`
echo "I:check that 'check-integrity no; check-srv-cname warn;' works ($n)"
ret=0
$DIG -p 5300 @10.53.0.1 srv no-srv-cname-warn > dig.out.test$n || ret=1
grep "status: NOERROR," dig.out.test$n > /dev/null || ret=1
grep "zone no-srv-cname-warn/IN: no-srv-cname-warn/SRV 'cname.no-srv-cname-warn' is a CNAME (illegal)" ns1/named.run > /dev/null && ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
status=`expr $status + $ret`
echo "I:check that 'check-integrity no; check-srv-cname ignore;' works ($n)"
ret=0
$DIG -p 5300 @10.53.0.1 srv no-srv-cname-ignore > dig.out.test$n || ret=1
grep "status: NOERROR," dig.out.test$n > /dev/null || ret=1
grep "zone no-srv-cname-ignore/IN: no-srv-cname-ignore/SRV 'cname.no-srv-cname-ignore' is a CNAME (illegal)" ns1/named.run > /dev/null && ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
status=`expr $status + $ret`
echo "I:exit status: $status"
test $status -eq 0 || exit 1
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment