Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
Menu
Open sidebar
ISC Open Source Projects
BIND
Commits
e11a0c11
Commit
e11a0c11
authored
Jan 18, 2010
by
Evan Hunt
Browse files
2841. [func] Added "smartsign" and improved "autosign" and
"dnssec" regression tests. [RT #20865]
parent
f78fe6d8
Changes
35
Hide whitespace changes
Inline
Side-by-side
CHANGES
View file @
e11a0c11
2841. [func] Added "smartsign" and improved "autosign" and
"dnssec" regression tests. [RT #20865]
2840. [bug] Change 2836 was not complete. [RT #20883]
2839. [bug] Temporary fixed pkcs11-destroy usage check.
...
...
bin/tests/system/autosign/clean.sh
View file @
e11a0c11
...
...
@@ -14,24 +14,31 @@
# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
# PERFORMANCE OF THIS SOFTWARE.
# $Id: clean.sh,v 1.
3
20
09/11/30 23:48:02 tbox
Exp $
# $Id: clean.sh,v 1.
4
20
10/01/18 19:19:30 each
Exp $
rm
-f
*
/K
*
*
/dsset-
*
*
/
*
.signed
*
/trusted.conf
*
/tmp
*
*
/
*
.jnl
*
/
*
.bk
rm
-f
inact.key del.key unpub.key standby.key rev.key
rm
-f
ns1/root.db ns2/example.db ns3/secure.example.db
rm
-f
ns3/rsasha256.example.db ns3/rsasha512.example.db
rm
-f
ns2/private.secure.example.db
rm
-f
active.key inact.key del.key unpub.key standby.key rev.key
rm
-f
nopriv.key vanishing.key
rm
-f
nsupdate.out
rm
-f
*
/core
rm
-f
*
/example.bk
rm
-f
*
/named.memstats
rm
-f
dig.out.
*
rm
-f
random.data
rm
-f
ns2/dlv.db
rm
-f
ns3/multiple.example.db ns3/nsec3-unknown.example.db ns3/nsec3.example.db
rm
-f
ns3/optout-unknown.example.db ns3/optout.example.db
rm
-f
*
/named.memstats
rm
-f
ns1/root.db
rm
-f
ns2/example.db
rm
-f
ns2/private.secure.example.db ns2/bar.db
rm
-f
ns3/nsec.example.db
rm
-f
ns3/nsec3.example.db
rm
-f
ns3/nsec3.nsec3.example.db
rm
-f
ns3/nsec3.optout.example.db
rm
-f
ns3/nsec3-to-nsec.example.db
rm
-f
ns3/oldsigs.example.db
rm
-f
ns3/optout.example.db
rm
-f
ns3/optout.nsec3.example.db
rm
-f
ns3/optout.optout.example.db
rm
-f
ns3/rsasha256.example.db ns3/rsasha512.example.db
rm
-f
ns3/secure.example.db
rm
-f
ns3/secure.nsec3.example.db
rm
-f
ns3/secure.optout.example.db
rm
-f
ns3/secure-to-insecure.example.db
bin/tests/system/autosign/ns1/keygen.sh
View file @
e11a0c11
...
...
@@ -14,7 +14,7 @@
# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
# PERFORMANCE OF THIS SOFTWARE.
# $Id: keygen.sh,v 1.
4
20
09/12
/1
9
1
7:30
:3
1
each Exp $
# $Id: keygen.sh,v 1.
5
20
10/01
/1
8
1
9:19
:3
0
each Exp $
SYSTEMTESTTOP
=
../..
.
$SYSTEMTESTTOP
/conf.sh
...
...
@@ -29,11 +29,14 @@ infile=root.db.in
cat
$infile
../ns2/dsset-example.
>
$zonefile
$KEYGEN
-3
-q
-r
$RANDFILE
$zone
>
/dev/null
zskact
=
`
$KEYGEN
-3
-q
-r
$RANDFILE
$zone
`
zskvanish
=
`
$KEYGEN
-3
-q
-r
$RANDFILE
$zone
`
zskdel
=
`
$KEYGEN
-3
-q
-r
$RANDFILE
-D
now
$zone
`
zskinact
=
`
$KEYGEN
-3
-q
-r
$RANDFILE
-I
now
$zone
`
zskunpub
=
`
$KEYGEN
-3
-q
-r
$RANDFILE
-G
$zone
`
zsksby
=
`
$KEYGEN
-3
-q
-r
$RANDFILE
-A
none
$zone
`
zsknopriv
=
`
$KEYGEN
-3
-q
-r
$RANDFILE
$zone
`
rm
$zsknopriv
.private
ksksby
=
`
$KEYGEN
-3
-q
-r
$RANDFILE
-P
now
-A
now+15s
-fk
$zone
`
kskrev
=
`
$KEYGEN
-3
-q
-r
$RANDFILE
-R
now+15s
-fk
$zone
`
...
...
@@ -62,8 +65,11 @@ EOF
'
>
trusted.conf
cp
trusted.conf ../ns5/trusted.conf
echo
$zskact
>
../active.key
echo
$zskvanish
>
../vanishing.key
echo
$zskdel
>
../del.key
echo
$zskinact
>
../inact.key
echo
$zskunpub
>
../unpub.key
echo
$zsknopriv
>
../nopriv.key
echo
$zsksby
>
../standby.key
echo
$kskrev
>
../rev.key
bin/tests/system/autosign/ns1/root.db.in
View file @
e11a0c11
...
...
@@ -12,7 +12,7 @@
; OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
; PERFORMANCE OF THIS SOFTWARE.
; $Id: root.db.in,v 1.
3
20
09/11/30 23:48:02 tbox
Exp $
; $Id: root.db.in,v 1.
4
20
10/01/18 19:19:30 each
Exp $
$TTL 30
. IN SOA a.root.servers.nil. each.isc.org. (
...
...
@@ -26,4 +26,5 @@ $TTL 30
a.root-servers.nil. A 10.53.0.1
example. NS ns2.example.
bar. NS ns2.example.
ns2.example. A 10.53.0.2
bin/tests/system/autosign/ns2/bar.db.in
0 → 100644
View file @
e11a0c11
; Copyright (C) 2009 Internet Systems Consortium, Inc. ("ISC")
;
; Permission to use, copy, modify, and/or distribute this software for any
; purpose with or without fee is hereby granted, provided that the above
; copyright notice and this permission notice appear in all copies.
;
; THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
; REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
; AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
; INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
; LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
; OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
; PERFORMANCE OF THIS SOFTWARE.
; $Id: bar.db.in,v 1.2 2010/01/18 19:19:31 each Exp $
$TTL 300 ; 5 minutes
@ IN SOA mname1. . (
2000042407 ; serial
20 ; refresh (20 seconds)
20 ; retry (20 seconds)
1814400 ; expire (3 weeks)
3600 ; minimum (1 hour)
)
NS ns2
NS ns3
ns2 A 10.53.0.2
ns3 A 10.53.0.3
a A 10.0.0.1
b A 10.0.0.2
d A 10.0.0.4
; Used for testing ANY queries
foo TXT "testing"
foo A 10.0.1.0
; Used for testing CNAME queries
cname1 CNAME cname1-target
cname1-target TXT "testing cname"
cname2 CNAME cname2-target
cname2-target TXT "testing cname"
; Used for testing DNAME queries
dname1 DNAME dname1-target
foo.dname1-target TXT "testing dname"
dname2 DNAME dname2-target
foo.dname2-target TXT "testing dname"
; A secure subdomain
secure NS ns.secure
ns.secure A 10.53.0.3
; An insecure subdomain
insecure NS ns.insecure
ns.insecure A 10.53.0.3
; A insecure subdomain
mustbesecure NS ns.mustbesecure
ns.mustbesecure A 10.53.0.3
z A 10.0.0.26
nsec3 NS ns.nsec3
ns.nsec3 A 10.53.0.3
optout NS ns.optout
ns.optout A 10.53.0.3
nsec3-unknown NS ns.nsec3-unknown
ns.nsec3-unknown A 10.53.0.3
optout-unknown NS ns.optout-unknown
ns.optout-unknown A 10.53.0.3
multiple NS ns.multiple
ns.multiple A 10.53.0.3
rsasha256 NS ns.rsasha256
ns.rsasha256 A 10.53.0.3
rsasha512 NS ns.rsasha512
ns.rsasha512 A 10.53.0.3
bin/tests/system/autosign/ns2/example.db.in
View file @
e11a0c11
...
...
@@ -12,7 +12,7 @@
; OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
; PERFORMANCE OF THIS SOFTWARE.
; $Id: example.db.in,v 1.
3
20
09/11/30 23:48:02 tbox
Exp $
; $Id: example.db.in,v 1.
4
20
10/01/18 19:19:31 each
Exp $
$TTL 300 ; 5 minutes
@ IN SOA mname1. . (
...
...
@@ -83,3 +83,9 @@ ns.rsasha256 A 10.53.0.3
rsasha512 NS ns.rsasha512
ns.rsasha512 A 10.53.0.3
nsec3-to-nsec NS ns.nsec3-to-nsec
ns.nsec3-to-nsec A 10.53.0.3
oldsigs NS ns.oldsigs
ns.oldsigs A 10.53.0.3
bin/tests/system/autosign/ns2/keygen.sh
View file @
e11a0c11
...
...
@@ -14,7 +14,7 @@
# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
# PERFORMANCE OF THIS SOFTWARE.
# $Id: keygen.sh,v 1.
4
20
09/12
/1
9
1
7:30
:31 each Exp $
# $Id: keygen.sh,v 1.
5
20
10/01
/1
8
1
9:19
:31 each Exp $
SYSTEMTESTTOP
=
../..
.
$SYSTEMTESTTOP
/conf.sh
...
...
@@ -24,7 +24,7 @@ RANDFILE=../random.data
# Have the child generate subdomain keys and pass DS sets to us.
(
cd
../ns3
&&
sh keygen.sh
)
for
subdomain
in
secure nsec3 optout rsasha256 rsasha512
for
subdomain
in
secure nsec3 optout rsasha256 rsasha512
nsec3-to-nsec oldsigs
do
cp
../ns3/dsset-
$subdomain
.example.
.
done
...
...
@@ -46,3 +46,12 @@ infile="${zonefile}.in"
cp
$infile
$zonefile
$KEYGEN
-3
-q
-r
$RANDFILE
-fk
$zone
>
/dev/null
$KEYGEN
-3
-q
-r
$RANDFILE
$zone
>
/dev/null
# Extract saved keys for the revoke-to-duplicate-key test
zone
=
bar
zonefile
=
"
${
zone
}
.db"
infile
=
"
${
zonefile
}
.in"
cat
$infile
>
$zonefile
sh revkeys.shar
>
/dev/null
$KEYGEN
-3
-q
-r
$RANDFILE
$zone
>
/dev/null
$DSFROMKEY
Kbar.+005+30804.key
>
dsset-bar.
bin/tests/system/autosign/ns2/named.conf
View file @
e11a0c11
...
...
@@ -14,7 +14,7 @@
*
PERFORMANCE
OF
THIS
SOFTWARE
.
*/
/* $
Id
:
named
.
conf
,
v
1
.
3
20
09
/
11
/
30
23
:
48
:
02
tbox
Exp
$ */
/* $
Id
:
named
.
conf
,
v
1
.
4
20
10
/
01
/
18
19
:
19
:
31
each
Exp
$ */
//
NS2
...
...
@@ -35,12 +35,12 @@ options {
};
key
rndc_key
{
secret
"1234abcd8765"
;
algorithm
hmac
-
md5
;
secret
"1234abcd8765"
;
algorithm
hmac
-
md5
;
};
controls
{
inet
10
.
53
.
0
.
2
port
9953
allow
{
any
; }
keys
{
rndc_key
; };
inet
10
.
53
.
0
.
2
port
9953
allow
{
any
; }
keys
{
rndc_key
; };
};
zone
"."
{
...
...
@@ -51,46 +51,56 @@ zone "." {
zone
"example"
{
type
master
;
file
"example.db"
;
allow
-
query
{
any
; };
allow
-
transfer
{
any
; };
allow
-
query
{
any
; };
allow
-
transfer
{
any
; };
allow
-
update
{
any
; };
auto
-
dnssec
maintain
;
auto
-
dnssec
maintain
;
};
zone
"bar"
{
type
master
;
file
"bar.db"
;
allow
-
query
{
any
; };
allow
-
transfer
{
any
; };
allow
-
update
{
any
; };
auto
-
dnssec
maintain
;
dnssec
-
dnskey
-
kskonly
yes
;
};
zone
"private.secure.example"
{
type
master
;
file
"private.secure.example.db"
;
allow
-
query
{
any
; };
allow
-
transfer
{
any
; };
allow
-
query
{
any
; };
allow
-
transfer
{
any
; };
allow
-
update
{
any
; };
auto
-
dnssec
maintain
;
auto
-
dnssec
maintain
;
};
zone
"insecure.secure.example"
{
type
master
;
file
"insecure.secure.example.db"
;
allow
-
query
{
any
; };
allow
-
transfer
{
any
; };
allow
-
query
{
any
; };
allow
-
transfer
{
any
; };
allow
-
update
{
any
; };
auto
-
dnssec
maintain
;
auto
-
dnssec
maintain
;
};
zone
"child.nsec3.example"
{
type
master
;
file
"child.nsec3.example.db"
;
allow
-
query
{
any
; };
allow
-
transfer
{
any
; };
allow
-
query
{
any
; };
allow
-
transfer
{
any
; };
allow
-
update
{
any
; };
auto
-
dnssec
maintain
;
auto
-
dnssec
maintain
;
};
zone
"child.optout.example"
{
type
master
;
file
"child.optout.example.db"
;
allow
-
query
{
any
; };
allow
-
transfer
{
any
; };
allow
-
query
{
any
; };
allow
-
transfer
{
any
; };
allow
-
update
{
any
; };
auto
-
dnssec
maintain
;
auto
-
dnssec
maintain
;
};
include
"trusted.conf"
;
bin/tests/system/autosign/ns2/revkeys.shar
0 → 100644
View file @
e11a0c11
#!/bin/sh
# This is a shell archive (produced by GNU sharutils 4.6.3).
# To extract the files from this archive, save it to some FILE, remove
# everything before the `#!/bin/sh' line above, then type `sh FILE'.
#
lock_dir
=
_sh31052
# Made on 2010-01-08 23:17 PST by <each@pisces>.
# Source directory was `/home/each/isc/bind9/bin/tests/system/autosign/ns2/keys'.
#
# Existing files will *not* be overwritten, unless `-c' is specified.
#
# This shar contains:
# length mode name
# ------ ---------- ------------------------------------------
# 538 -rw-r--r-- Kbar.+005+30676.key
# 1774 -rw-r--r-- Kbar.+005+30676.private
# 538 -rw-r--r-- Kbar.+005+30804.key
# 1774 -rw-r--r-- Kbar.+005+30804.private
#
MD5SUM
=
${
MD5SUM
-md5sum
}
f
=
`
${
MD5SUM
}
--version
| egrep
'^md5sum .*(core|text)utils'
`
test
-n
"
${
f
}
"
&&
md5check
=
true
||
md5check
=
false
${
md5check
}
||
\
echo
'Note: not verifying md5sums. Consider installing GNU coreutils.'
save_IFS
=
"
${
IFS
}
"
IFS
=
"
${
IFS
}
:"
gettext_dir
=
FAILED
locale_dir
=
FAILED
first_param
=
"
$1
"
for
dir
in
$PATH
do
if
test
"
$gettext_dir
"
=
FAILED
&&
test
-f
$dir
/gettext
\
&&
(
$dir
/gettext
--version
>
/dev/null 2>&1
)
then
case
`
$dir
/gettext
--version
2>&1 |
sed
1q
`
in
*
GNU
*
)
gettext_dir
=
$dir
;;
esac
fi
if
test
"
$locale_dir
"
=
FAILED
&&
test
-f
$dir
/shar
\
&&
(
$dir
/shar
--print-text-domain-dir
>
/dev/null 2>&1
)
then
locale_dir
=
`
$dir
/shar
--print-text-domain-dir
`
fi
done
IFS
=
"
$save_IFS
"
if
test
"
$locale_dir
"
=
FAILED
||
test
"
$gettext_dir
"
=
FAILED
then
echo
=
echo
else
TEXTDOMAINDIR
=
$locale_dir
export
TEXTDOMAINDIR
TEXTDOMAIN
=
sharutils
export
TEXTDOMAIN
echo
=
"
$gettext_dir
/gettext -s"
fi
if
(
echo
"testing
\c
"
;
echo
1,2,3
)
|
grep
c
>
/dev/null
then if
(
echo
-n
test
;
echo
1,2,3
)
|
grep
n
>
/dev/null
then
shar_n
=
shar_c
=
'
'
else
shar_n
=
-n
shar_c
=
;
fi
else
shar_n
=
shar_c
=
'\c'
;
fi
f
=
shar-touch.
$$
st1
=
200112312359.59
st2
=
123123592001.59
st2tr
=
123123592001.5
# old SysV 14-char limit
st3
=
1231235901
if
touch
-am
-t
${
st1
}
${
f
}
>
/dev/null 2>&1
&&
\
test
!
-f
${
st1
}
&&
test
-f
${
f
}
;
then
shar_touch
=
'touch -am -t $1$2$3$4$5$6.$7 "$8"'
elif
touch
-am
${
st2
}
${
f
}
>
/dev/null 2>&1
&&
\
test
!
-f
${
st2
}
&&
test
!
-f
${
st2tr
}
&&
test
-f
${
f
}
;
then
shar_touch
=
'touch -am $3$4$5$6$1$2.$7 "$8"'
elif
touch
-am
${
st3
}
${
f
}
>
/dev/null 2>&1
&&
\
test
!
-f
${
st3
}
&&
test
-f
${
f
}
;
then
shar_touch
=
'touch -am $3$4$5$6$2 "$8"'
else
shar_touch
=
:
echo
${
echo
}
'WARNING: not restoring timestamps. Consider getting and'
${
echo
}
'installing GNU `touch'
\'
', distributed in GNU coreutils...'
echo
fi
rm
-f
${
st1
}
${
st2
}
${
st2tr
}
${
st3
}
${
f
}
#
if
test
!
-d
${
lock_dir
}
then
:
;
else
${
echo
}
'lock directory '
${
lock_dir
}
' exists'
exit
1
fi
if
mkdir
${
lock_dir
}
then
${
echo
}
'x - created lock directory `'
${
lock_dir
}
\'
'.'
else
${
echo
}
'x - failed to create lock directory `'
${
lock_dir
}
\'
'.'
exit
1
fi
# ============= Kbar.+005+30676.key ==============
if
test
-f
'Kbar.+005+30676.key'
&&
test
"
$first_param
"
!=
-c
;
then
${
echo
}
'x -SKIPPING Kbar.+005+30676.key (file already exists)'
else
${
echo
}
'x - extracting Kbar.+005+30676.key (text)'
sed
's/^X//'
<<
'
SHAR_EOF
' > 'Kbar.+005+30676.key' &&
; This is a key-signing key, keyid 30676, for bar.
; Created: Sat Dec 26 03:13:10 2009
; Publish: Sat Dec 26 03:13:10 2009
; Activate: Sat Dec 26 03:13:10 2009
bar. IN DNSKEY 257 3 5 AwEAAc7ppysDZjlldTwsvcXcTTOYJd5TvW5RUWWYKRsee+ozwY6C7vNI 0Xp1PiY+H31GhcnNMCjQU00y8Vezo42oJ4kpRTDevL0STksExXi1/wG+ M4j1CFMh2wgJ/9XLFzHaEWzt4sflVBAVZVXa/qNkRWDXYjsr30MWyylA wHCIxEuyA+NxAL6UL+ZuFo1j84AvfwkGcMbXTcOBSCaHT6AJToSXAcCa X4fnKJIzG4RyJoN2GK4TVdj4qSzLxL1lRkYHNqJvcmMjezxUs9A5fHNI iBEBRPs7NKrQJxegAGVn9ALylKHyhJW6uyBjleOWUDom4ej2J1vGrpQT /KCA35toCvU=
SHAR_EOF
(
set
20 10 01 08 23 14 29
'Kbar.+005+30676.key'
;
eval
"
$shar_touch
"
)
&&
chmod
0644
'Kbar.+005+30676.key'
if
test
$?
-ne
0
then
${
echo
}
'restore of Kbar.+005+30676.key failed'
fi
if
${
md5check
}
then
(
${
MD5SUM
}
-c
>
/dev/null 2>&1
||
${
echo
}
'Kbar.+005+30676.key: MD5 check failed'
)
<<
SHAR_EOF
9c89adb7c9e6d5e2fd34f694b8752c95 Kbar.+005+30676.key
SHAR_EOF
else
test
`
LC_ALL
=
C
wc
-c
<
'Kbar.+005+30676.key'
`
-ne
538
&&
\
${
echo
}
'restoration warning: size of Kbar.+005+30676.key is not 538'
fi
fi
# ============= Kbar.+005+30676.private ==============
if
test
-f
'Kbar.+005+30676.private'
&&
test
"
$first_param
"
!=
-c
;
then
${
echo
}
'x -SKIPPING Kbar.+005+30676.private (file already exists)'
else
${
echo
}
'x - extracting Kbar.+005+30676.private (text)'
sed
's/^X//'
<<
'
SHAR_EOF
' > 'Kbar.+005+30676.private' &&
Private-key-format: v1.3
Algorithm: 5 (RSASHA1)
Modulus: zumnKwNmOWV1PCy9xdxNM5gl3lO9blFRZZgpGx576jPBjoLu80jRenU+Jj4ffUaFyc0wKNBTTTLxV7OjjagniSlFMN68vRJOSwTFeLX/Ab4ziPUIUyHbCAn/1csXMdoRbO3ix+VUEBVlVdr+o2RFYNdiOyvfQxbLKUDAcIjES7ID43EAvpQv5m4WjWPzgC9/CQZwxtdNw4FIJodPoAlOhJcBwJpfh+cokjMbhHImg3YYrhNV2PipLMvEvWVGRgc2om9yYyN7PFSz0Dl8c0iIEQFE+zs0qtAnF6AAZWf0AvKUofKElbq7IGOV45ZQOibh6PYnW8aulBP8oIDfm2gK9Q==
PublicExponent: AQAB
PrivateExponent: BcfjYsFCjuH1x4ucdbW09ncOv8ppJXbiJkt9AoP0hFOT2c5wrJ1hNOGnrdvYd2CMBlpUOR+w5BxDP+cF78Q97ogXpcjjTwj+5PuqJLg4+qx8thvacrAkdXIKEsgMytjD2d4/ksQmeBiQ7zgiGyCHC7CYzvxnzXEKlgl4FuzLRy4SH1YiSTxKfw1ANKKHxmw8Xvav9ljubrzNdBEQNs6eJNkC6c3aGqiPFyTWGa90s6t1mwTXSxFqBUR1WlbfyYfuiAK2CAvFHeNo7VuC934ri7ceEq8jeOSuY0IqDq2pA3gVWVOyR4NFLXJWeDA3pjqi109t/WGg9IGydD/hsleP4Q==
Prime1: /hz+WxAL+9bO1l/857ME/OhxImSp86Xi7eA920sAo5ukOIQAQ6hbaKemYxyUbwBmGHEX9d0GOU+xAgZWUU9PbZgXw0fdf+uw6Hrgfce0rWY+uJpUcVHfjLPFgMC/XYrfcVQ8tsCXqRsIbqL+ynsEkQ4vybLhlSAyFqGqYFk/Qt0=
Prime2: 0HLxXynoSxUcNW15cbuMRHD34ri8sUQsqCtezofPWcCo/17jqf42W7X9YGO70+BvmG3awSr3LaLf862ovCR5+orwE2MqamAV6JZMyR7nvMNGSHTdg3Kk7Jv7T5Gu7Cg6K+on8pMRW3aIms4gs/Z16j0Gxz74ES9IP3vsvC+q6vk=
Exponent1: NLeXHRUrJ0fdCSRIt1iwRDeEoPn5OA7GEUtgCcp5i3eSjhb0ZxTaQc/l+NHJCW4vwApWSi9cRy99LUpbResKM1ZGN8EE9rDStqgnQnDXztFTWcDKm+e8VNhGtPtHuARDbqNnJRK3Y+Gz0iAGc8Mpo14qE9IEcoeHXKKVUf+x3BE=
Exponent2: dKCbJB+SdM/u5IXH+TZyGKkMSLIMATKfucfqV6vs+86rv5Yb0zUEvPNqPNAQe0+LoMF2L7YWblY+71wumHXgOaobAP3u8W2pVGUjuTOtfRPU8x1QAwfV9vye87oTINaxFXkBuNtITuBXNiY2bfprpw9WB4zXxuWpiruPjQsumiE=
Coefficient: qk8HX5fy74Sx6z3niBfTM/SUEjcsnJCTTmsXy6e7nOXWBK5ihKkmMw7LDhaY4OwjXvaVQH0Z190dfyOkWYTbXInIyNNnqCD+xZXkuzuvsUwLNgvXEFhVnzrrj3ozNiizZsyeAhFCKcITz3ci15HB3y8ZLChGYBPFU1ui7MsSkc8=
Created: 20091226021310
Publish: 20091226021310
Activate: 20091226021310
SHAR_EOF
(
set
20 10 01 08 23 14 29
'Kbar.+005+30676.private'
;
eval
"
$shar_touch
"
)
&&
chmod
0644
'Kbar.+005+30676.private'
if
test
$?
-ne
0
then
${
echo
}
'restore of Kbar.+005+30676.private failed'
fi
if
${
md5check
}
then
(
${
MD5SUM
}
-c
>
/dev/null 2>&1
||
${
echo
}
'Kbar.+005+30676.private: MD5 check failed'
)
<<
SHAR_EOF
c85dfac0b5c0cf2972878a65717af9ea Kbar.+005+30676.private
SHAR_EOF
else
test
`
LC_ALL
=
C
wc
-c
<
'Kbar.+005+30676.private'
`
-ne
1774
&&
\
${
echo
}
'restoration warning: size of Kbar.+005+30676.private is not 1774'
fi
fi
# ============= Kbar.+005+30804.key ==============
if
test
-f
'Kbar.+005+30804.key'
&&
test
"
$first_param
"
!=
-c
;
then
${
echo
}
'x -SKIPPING Kbar.+005+30804.key (file already exists)'
else
${
echo
}
'x - extracting Kbar.+005+30804.key (text)'
sed
's/^X//'
<<
'
SHAR_EOF
' > 'Kbar.+005+30804.key' &&
; This is a key-signing key, keyid 30804, for bar.
; Created: Sat Dec 26 03:13:10 2009
; Publish: Sat Dec 26 03:13:10 2009
; Activate: Sat Dec 26 03:13:10 2009
bar. IN DNSKEY 257 3 5 AwEAgc7ppysDZjlldTwsvcXcTTOYJd5TvW5RUWWYKRsee+ozwY6C7vNI 0Xp1PiY+H31GhcnNMCjQU00y8Vezo42oJ4kpRTDevL0STksExXi1/wG+ M4j1CFMh2wgJ/9XLFzHaEWzt4sflVBAVZVXa/qNkRWDXYjsr30MWyylA wHCIxEuyA+NxAL6UL+ZuFo1j84AvfwkGcMbXTcOBSCaHT6AJToSXAcCa X4fnKJIzG4RyJoN2GK4TVdj4qSzLxL1lRkYHNqJvcmMjezxUs9A5fHNI iBEBRPs7NKrQJxegAGVn9ALylKHyhJW6uyBjleOWUDom4ej2J1vGrpQT /KCA35toCvU=
SHAR_EOF
(
set
20 10 01 08 23 14 29
'Kbar.+005+30804.key'
;
eval
"
$shar_touch
"
)
&&
chmod
0644
'Kbar.+005+30804.key'
if
test
$?
-ne
0
then
${
echo
}
'restore of Kbar.+005+30804.key failed'
fi
if
${
md5check
}
then
(
${
MD5SUM
}
-c
>
/dev/null 2>&1
||
${
echo
}
'Kbar.+005+30804.key: MD5 check failed'
)
<<
SHAR_EOF
825116de64b44b14893cb3b8a48475bc Kbar.+005+30804.key
SHAR_EOF
else
test
`
LC_ALL
=
C
wc
-c
<
'Kbar.+005+30804.key'
`
-ne
538
&&
\
${
echo
}
'restoration warning: size of Kbar.+005+30804.key is not 538'
fi
fi
# ============= Kbar.+005+30804.private ==============
if
test
-f
'Kbar.+005+30804.private'
&&
test
"
$first_param
"
!=
-c
;
then
${
echo
}
'x -SKIPPING Kbar.+005+30804.private (file already exists)'
else
${
echo
}
'x - extracting Kbar.+005+30804.private (text)'
sed
's/^X//'
<<
'
SHAR_EOF
' > 'Kbar.+005+30804.private' &&
Private-key-format: v1.3
Algorithm: 5 (RSASHA1)
Modulus: zumnKwNmOWV1PCy9xdxNM5gl3lO9blFRZZgpGx576jPBjoLu80jRenU+Jj4ffUaFyc0wKNBTTTLxV7OjjagniSlFMN68vRJOSwTFeLX/Ab4ziPUIUyHbCAn/1csXMdoRbO3ix+VUEBVlVdr+o2RFYNdiOyvfQxbLKUDAcIjES7ID43EAvpQv5m4WjWPzgC9/CQZwxtdNw4FIJodPoAlOhJcBwJpfh+cokjMbhHImg3YYrhNV2PipLMvEvWVGRgc2om9yYyN7PFSz0Dl8c0iIEQFE+zs0qtAnF6AAZWf0AvKUofKElbq7IGOV45ZQOibh6PYnW8aulBP8oIDfm2gK9Q==
PublicExponent: AQCB
PrivateExponent: I5TcRq2sbSi1u5a+jL6VVBBu3nyY7p3NXeD1WYYYD66b8RWbgJdTtsZxgixD5sKKrW/xT68d3FUsIjs36w7yp5+g99q7lJ3v35VcMuLXbaKitS/LJdTZF/GIWwRs+DHdt+chh0QeNLzclq8ZfBeTAycFxwC7zVDLsqqcL6/JHiJhHT+dNEqj6/AIOgSYJzVeBI34LtZLW94IKf4dHLzREnLK6+64PFjpwjOG12O9klKfwHRIRN9WUsDG4AuzDSABH+qo2Zc6uJusC/D6HADbiG7tXmLYL6IxanWTbTrx4Hfp01fF+JQCuyOCRmN47X/nCumvDXKMn9Ve5+OlYi0vAQ==
Prime1: /hz+WxAL+9bO1l/857ME/OhxImSp86Xi7eA920sAo5ukOIQAQ6hbaKemYxyUbwBmGHEX9d0GOU+xAgZWUU9PbZgXw0fdf+uw6Hrgfce0rWY+uJpUcVHfjLPFgMC/XYrfcVQ8tsCXqRsIbqL+ynsEkQ4vybLhlSAyFqGqYFk/Qt0=
Prime2: 0HLxXynoSxUcNW15cbuMRHD34ri8sUQsqCtezofPWcCo/17jqf42W7X9YGO70+BvmG3awSr3LaLf862ovCR5+orwE2MqamAV6JZMyR7nvMNGSHTdg3Kk7Jv7T5Gu7Cg6K+on8pMRW3aIms4gs/Z16j0Gxz74ES9IP3vsvC+q6vk=
Exponent1: JDLRyjRz53hTP7H2oaKgQYADs/UDswN2lwWpuag0wsPwQmeRAZZY2TiISPSu+3Mvh4XJ6r5UHQd5FbAN1v2mG4aYgWwoYwoxyvdTLcnQXciX2z+7877GcEyKHPno4fYXRqhVH4i1QjKaQl8dw9LFvzbVvGvvwsHGwQeqPprw7hk=
Exponent2: vbnob7AZKqKhiVdEcnnhbeZBGcaKkTpE+RAkUL7spNQDiTPvJgo5fcTk/h6G7ijAXK0j62ZHZ3RS7RnaRa+KhO7usPcYMFiJ/VdAyRlIivhyi+WNQ2x4vSygwDy2VV9elljFeNe4dV1Cb+ssE8kAmbP52JjJD6MkhvVLd0u/jMk=
Coefficient: qk8HX5fy74Sx6z3niBfTM/SUEjcsnJCTTmsXy6e7nOXWBK5ihKkmMw7LDhaY4OwjXvaVQH0Z190dfyOkWYTbXInIyNNnqCD+xZXkuzuvsUwLNgvXEFhVnzrrj3ozNiizZsyeAhFCKcITz3ci15HB3y8ZLChGYBPFU1ui7MsSkc8=
Created: 20091226021310
Publish: 20091226021310
Activate: 20091226021310
SHAR_EOF
(
set
20 10 01 08 23 14 29
'Kbar.+005+30804.private'
;
eval
"
$shar_touch
"
)
&&
chmod
0644
'Kbar.+005+30804.private'
if
test
$?
-ne
0
then
${
echo
}
'restore of Kbar.+005+30804.private failed'
fi
if
${
md5check
}
then
(
${
MD5SUM
}
-c
>
/dev/null 2>&1
||
${
echo
}
'Kbar.+005+30804.private: MD5 check failed'
)
<<
SHAR_EOF
580cfb43bac6ed945896b464923676e7 Kbar.+005+30804.private
SHAR_EOF
else
test
`
LC_ALL
=
C
wc
-c
<
'Kbar.+005+30804.private'
`
-ne
1774
&&
\
${
echo
}
'restoration warning: size of Kbar.+005+30804.private is not 1774'
fi
fi
if
rm
-fr
${
lock_dir
}
then
${
echo
}
'x - removed lock directory `'
${
lock_dir
}
\'
'.'
else
${
echo
}
'x - failed to remove lock directory `'
${
lock_dir
}
\'
'.'
exit
1
fi
exit
0
bin/tests/system/autosign/ns3/keygen.sh
View file @
e11a0c11
...
...
@@ -14,7 +14,7 @@
# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
# PERFORMANCE OF THIS SOFTWARE.
# $Id: keygen.sh,v 1.
4
20
09/12
/1
9
1
7:30
:31 each Exp $
# $Id: keygen.sh,v 1.
5
20
10/01
/1
8
1
9:19
:31 each Exp $
SYSTEMTESTTOP
=
../..
.
$SYSTEMTESTTOP
/conf.sh
...
...
@@ -138,3 +138,47 @@ cp $infile $zonefile
ksk
=
`
$KEYGEN
-q
-a
RSASHA512
-b
2048
-r
$RANDFILE
-fk
$zone
`
$KEYGEN
-q
-a
RSASHA512
-b
1024
-r
$RANDFILE
$zone
>
/dev/null
$DSFROMKEY
$ksk
.key
>
dsset-
${
zone
}
.
#
# NSEC-only zone.
#
zone
=
nsec.example
zonefile
=
"
${
zone
}
.db"
infile
=
"
${
zonefile
}
.in"
cp
$infile
$zonefile
ksk
=
`
$KEYGEN
-q
-r
$RANDFILE
-fk
$zone
`
$KEYGEN
-q
-r
$RANDFILE
$zone
>
/dev/null
$DSFROMKEY
$ksk
.key
>
dsset-
${
zone
}
.
#
# Signature refresh test zone. Signatures are set to expire long
# in the past; they should be updated by autosign.
#
zone
=
oldsigs.example
zonefile
=
"
${
zone
}
.db"
infile
=
"
${
zonefile
}
.in"
cp
$infile
$zonefile
ksk
=
`
$KEYGEN
-q
-r
$RANDFILE
-fk
$zone
`
$KEYGEN
-q
-r
$RANDFILE
$zone
>
/dev/null
$SIGNER
-PS
-s
now-1y
-e
now-6mo
-o
$zone
-f
$zonefile
$infile
>
/dev/null 2>&1
#
# NSEC3->NSEC transition test zone.
#
zone
=
nsec3-to-nsec.example
zonefile
=
"
${
zone
}
.db"
infile
=
"
${
zonefile
}
.in"
cp
$infile
$zonefile
ksk
=
`
$KEYGEN
-q
-a
RSASHA512
-b
2048
-r
$RANDFILE
-fk
$zone
`
$KEYGEN
-q
-a
RSASHA512
-b
1024
-r
$RANDFILE
$zone
>
/dev/null
$SIGNER
-S
-3
beef
-A
-o
$zone
-f
$zonefile
$infile
>
/dev/null 2>&1