Commit bbedadf7 authored by Evan Hunt's avatar Evan Hunt
Browse files

2985. [bug] Add a regression test for change #2896. [RT #21324]

parent 47d4a3b4
2985. [bug] Add a regression test for change #2896. [RT #21324]
2984. [bug] Don't run MX checks when the target of the MX record
is ".". [RT #22645]
......
......@@ -14,7 +14,7 @@
# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
# PERFORMANCE OF THIS SOFTWARE.
# $Id: keygen.sh,v 1.7 2010/05/19 07:45:38 marka Exp $
# $Id: keygen.sh,v 1.8 2010/12/15 18:44:37 each Exp $
SYSTEMTESTTOP=../..
. $SYSTEMTESTTOP/conf.sh
......@@ -196,3 +196,12 @@ echo $ksk > ../del1.key
zsk=`$KEYGEN -q -3 -r $RANDFILE $zone`
echo $zsk > ../del2.key
$SIGNER -S -3 beef -o $zone -f $zonefile $infile > /dev/null 2>&1
#
# Introducing a pre-published key test.
#
zone=prepub.example
zonefile="${zone}.db"
$KEYGEN -3 -q -r $RANDFILE -fk $zone > /dev/null
$KEYGEN -3 -q -r $RANDFILE $zone > /dev/null
$SIGNER -S -3 beef -o $zone -f $zonefile $infile > /dev/null 2>&1
......@@ -14,7 +14,7 @@
* PERFORMANCE OF THIS SOFTWARE.
*/
/* $Id: named.conf,v 1.6 2010/05/19 07:45:38 marka Exp $ */
/* $Id: named.conf,v 1.7 2010/12/15 18:44:37 each Exp $ */
// NS3
......@@ -178,4 +178,11 @@ zone "oldsigs.example" {
auto-dnssec maintain;
};
zone "prepub.example" {
type master;
file "prepub.example.db";
allow-update { any; };
auto-dnssec maintain;
};
include "trusted.conf";
......@@ -14,11 +14,13 @@
# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
# PERFORMANCE OF THIS SOFTWARE.
# $Id: tests.sh,v 1.11 2010/08/16 22:21:06 marka Exp $
# $Id: tests.sh,v 1.12 2010/12/15 18:44:37 each Exp $
SYSTEMTESTTOP=..
. $SYSTEMTESTTOP/conf.sh
RANDFILE=random.data
status=0
n=0
......@@ -587,7 +589,7 @@ status=`expr $status + $ret`
echo "I:checking that standby key does not sign records ($n)"
ret=0
id=`sed 's/^K.+007+0*//' < standby.key`
ed=`sed 's/^K.+007+0*//' < standby.key`
$DIG $DIGOPTS dnskey . @10.53.0.1 > dig.out.ns1.test$n || ret=1
grep 'RRSIG.*'" $id "'\. ' dig.out.ns1.test$n > /dev/null && ret=1
n=`expr $n + 1`
......@@ -660,6 +662,32 @@ n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
status=`expr $status + $ret`
echo "I:checking that serial number and RRSIGs are both updated (rt21045) ($n)"
ret=0
oldserial=`$DIG $DIGOPTS +short soa prepub.example @10.53.0.3 | awk '$0 !~ /SOA/ {print $3}'`
oldinception=`$DIG $DIGOPTS +short soa prepub.example @10.53.0.3 | awk '/SOA/ {print $6}' | sort -u`
$KEYGEN -3 -q -r $RANDFILE -K ns3 -P 0 -A +6d -I +38d -D +45d prepub.example > /dev/null
$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 sign prepub.example 2>&1 | sed 's/^/I:ns1 /'
newserial=$oldserial
try=0
while [ $oldserial -eq $newserial -a $try -lt 42 ]
do
newserial=`$DIG $DIGOPTS +short soa prepub.example @10.53.0.3 |
awk '$0 !~ /SOA/ {print $3}'`
sleep 1
try=`expr $try + 1`
done
newinception=`$DIG $DIGOPTS +short soa prepub.example @10.53.0.3 | awk '/SOA/ {print $6}' | sort -u`
#echo "$oldserial : $newserial"
#echo "$oldinception : $newinception"
[ "$oldserial" = "$newserial" ] && ret=1
[ "$oldinception" = "$newinception" ] && ret=1
if [ $ret != 0 ]; then echo "I:failed"; fi
status=`expr $status + $ret`
echo "I:preparing to test key change corner cases"
echo "I:removing a private key file"
file="ns1/`cat vanishing.key`.private"
......@@ -673,6 +701,9 @@ newid=`sed 's/^K.+007+0*//' < standby.key`
$SETTIME -K ns1 -I now -D now+15 $oldfile > /dev/null
$SETTIME -K ns1 -i 0 -S $oldfile $newfile > /dev/null
# note previous zone serial number
oldserial=`$DIG $DIGOPTS +short soa . @10.53.0.1 | awk '{print $3}'`
$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 loadkeys . 2>&1 | sed 's/^/I:ns1 /'
echo "I:revoking key to duplicated key ID"
......@@ -715,6 +746,14 @@ n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
status=`expr $status + $ret`
echo "I:checking SOA serial number has been incremented ($n)"
ret=0
newserial=`$DIG $DIGOPTS +short soa . @10.53.0.1 | awk '{print $3}'`
[ "$newserial" != "$oldserial" ] || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
status=`expr $status + $ret`
echo "I:waiting for former active key to be removed"
sleep 10
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment