Commit ecafa2ae authored by Mark Andrews's avatar Mark Andrews

set the DNSKEY deletion time to now+5 once we got all the zones into their initial state

parent 77f96234
......@@ -284,12 +284,11 @@ $KEYGEN -a RSASHA1 -3 -q -r $RANDFILE -P now -A now+3600 $zone > kg.out 2>&1 ||
$DSFROMKEY $ksk.key > dsset-${zone}$TP
#
# A zone that starts with a active KSK + ZSK and a inactive ZSK which becomes
# a zone with a active KSK and a inactive ZSK after 20 seconds.
# A zone that starts with a active KSK + ZSK and a inactive ZSK.
#
setup inaczsk3.example
cp $infile $zonefile
ksk=`$KEYGEN -a NSEC3RSASHA1 -3 -q -r $RANDFILE -fk $zone 2> kg.out` || dumpit kg.out
$KEYGEN -a NSEC3RSASHA1 -3 -q -r $RANDFILE -D now+20 $zone > kg.out 2>&1 || dumpit kg.out
$KEYGEN -a NSEC3RSASHA1 -3 -q -r $RANDFILE $zone > kg.out 2>&1 || dumpit kg.out
$KEYGEN -a NSEC3RSASHA1 -3 -q -r $RANDFILE -P now -A now+3600 $zone > kg.out 2>&1 || dumpit kg.out
$DSFROMKEY $ksk.key > dsset-${zone}$TP
......@@ -104,6 +104,9 @@ count=`awk 'BEGIN { count = 0 }
$4 == "DNSKEY" { count++ }
END {print count}' dig.out.ns3.test$n`
test $count -eq 3 || ret=1
id=`awk '$4 == "RRSIG" && $5 == "CNAME" { printf "%05u\n", $11 }' dig.out.ns3.test$n`
$SETTIME -D now+5 ns3/Kinaczsk3.example.+007+${id}
$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 loadkeys inaczsk3.example
n=`expr $n + 1`
if [ $ret != 0 ]; then echo "I:failed"; fi
status=`expr $status + $ret`
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment