Commit a7a2fa29 authored by Evan Hunt's avatar Evan Hunt Committed by Ondřej Surý
Browse files

update system tests so validation won't fail when using IANA key

- all tests with "recursion yes" now also specify "dnssec-validation yes",
  and all tests with "recursion no" also specify "dnssec-validation no".
  this must be maintained in all new tests, or else validation will fail
  when we use local root zones for testing.
- clean.sh has been modified where necessary to remove managed-keys.bind
  and viewname.mkeys files.
parent bef18eca
......@@ -21,3 +21,4 @@ rm -f */named.run
rm -f ns*/named.lock
rm -f ns*/_default.nzf
rm -f ns*/_default.nzd*
rm -f ns*/managed-keys.bind* ns*/*.mkeys*
......@@ -18,3 +18,4 @@ rm -f */named.memstats
rm -f */named.conf
rm -f */named.run
rm -f ns*/named.lock
rm -f ns*/managed-keys.bind*
......@@ -14,6 +14,7 @@ options {
notify-source 10.53.0.1;
transfer-source 10.53.0.1;
recursion no;
dnssec-validation no;
port @PORT@;
pid-file "named.pid";
listen-on { 10.53.0.1; };
......
......@@ -14,6 +14,7 @@ options {
notify-source 10.53.0.1;
transfer-source 10.53.0.1;
recursion no;
dnssec-validation no;
port @PORT@;
pid-file "named.pid";
listen-on { 10.53.0.1; };
......
......@@ -14,6 +14,7 @@ options {
notify-source 10.53.0.1;
transfer-source 10.53.0.1;
recursion no;
dnssec-validation no;
port @PORT@;
pid-file "named.pid";
listen-on { 10.53.0.1; };
......
......@@ -14,6 +14,7 @@ options {
notify-source 10.53.0.1;
transfer-source 10.53.0.1;
recursion no;
dnssec-validation no;
port @PORT@;
pid-file "named.pid";
listen-on { 10.53.0.1; };
......
......@@ -20,6 +20,7 @@ options {
listen-on { 10.53.0.3; };
listen-on-v6 { none; };
recursion yes;
dnssec-validation yes;
};
zone "." {
......
......@@ -37,3 +37,4 @@ rm -f ns1/redirect.db
rm -f ns2/redirect.db
rm -f ns2/redirect.bk
rm -f ns3/redirect.db
rm -f ns*/managed-keys.bind* ns*/*.mkeys*
......@@ -18,3 +18,4 @@ rm -f ns2/named.conf ns2/controls.conf
rm -f */named.memstats
rm -f ns*/named.lock
rm -f ns*/named.run ns*/named.run.prev
rm -f ns*/managed-keys.bind* ns*/*.mkeys*
......@@ -13,3 +13,4 @@ rm -f */named.conf
rm -f dig.out.test*
rm -f ns2/example.com.bk
rm -f ns2/example.net.bk
rm -f ns*/managed-keys.bind*
......@@ -63,3 +63,4 @@ rm -f nsupdate.out
rm -f settime.out.*
rm -f signing.out.*
rm -f sync.key
rm -f ns*/managed-keys.bind*
......@@ -15,3 +15,4 @@ rm -f ns?/named.conf
rm -f rndc.status.ns*
rm -f dig.out.ns*
rm -f ns*/named.lock
rm -f ns*/managed-keys.bind*
......@@ -21,3 +21,4 @@ rm -f */named.run
rm -f */named.conf
rm -f ns2/named_dump.db.*
rm -f ns*/named.lock
rm -f ns*/managed-keys.bind*
......@@ -18,6 +18,7 @@ options {
listen-on { 10.53.0.1; };
listen-on-v6 { none; };
recursion no;
dnssec-validation no;
notify yes;
check-integrity no;
minimal-responses no;
......
......@@ -20,6 +20,8 @@ options {
notify yes;
max-cache-size 80%;
disable-empty-zone 127.IN-ADDR.ARPA;
recursion yes;
dnssec-validation yes;
};
key rndc_key {
......
......@@ -19,3 +19,4 @@ rm -f ns1/dynamic.db.jnl
rm -f ns2/dynamic.bk
rm -f ns2/dynamic.bk.jnl
rm -f ns2/example.bk
rm -f ns*/managed-keys.bind*
......@@ -22,3 +22,4 @@ rm -f nsupdate.out.*
rm -f ns[123]/catalog[1234].example.db
rm -rf ns2/zonedir
rm -f ns*/*.nzd ns*/*.nzd-lock
rm -f ns*/managed-keys.bind*
......@@ -13,3 +13,4 @@ rm -f dig.out.* named*.pid
rm -f ns*/named.conf
rm -f */named.memstats */named.recursing */named.lock */named.run */ans.run
rm -f ns2/K* ns2/dsset-* ns2/example.db.signed
rm -f ns*/managed-keys.bind*
......@@ -18,8 +18,8 @@ options {
listen-on { 10.53.0.1; };
listen-on-v6 { none; };
recursion no;
dnssec-validation yes;
notify yes;
dnssec-enable yes;
};
zone "." { type master; file "root.db"; };
......@@ -20,6 +20,7 @@ options {
listen-on { 10.53.0.2; };
listen-on-v6 { none; };
recursion no;
dnssec-validation no;
notify yes;
};
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment