Commit ee42f734 authored by Tinderbox User's avatar Tinderbox User
Browse files

Merge branch 'master' of /proj/git/prod/bind9

parents 2658ebbc 6e023590
4802. [test] Refactor mkeys system test to make it quicker and more
reliable. [RT #45293]
4801. [func] 'dnssec-lookaside auto;' and 'dnssec-lookaside .
trust-anchor dlv.isc.org;' now elicit warnings rather
than being fatal configuration errors. [RT #46410]
......
......@@ -186,6 +186,19 @@ else
}
fi
#
# Useful functions in test scripts
#
# nextpart: read everything that's been appended to a file since the
# last time 'nextpart' was called.
nextpart () {
[ -f $1.prev ] || echo "0" > $1.prev
prev=`cat $1.prev`
awk "FNR > $prev "'{ print }
END { print NR > "/dev/stderr" }' $1 2> $1.prev
}
#
# Export command paths
#
......
......@@ -11,7 +11,7 @@ rm -f dsset-. ns1/dsset-.
rm -f ns*/named.lock
rm -f */managed-keys.bind* */named.secroots
rm -f */managed*.conf ns1/managed.key ns1/managed.key.id
rm -f */named.memstats */named.run
rm -f */named.memstats */named.run */named.run.prev
rm -f dig.out* delv.out* rndc.out* signer.out*
rm -f ns1/named.secroots ns1/root.db.signed* ns1/root.db.tmp
rm -f ns1/named.conf
......
......@@ -4,7 +4,7 @@
; License, v. 2.0. If a copy of the MPL was not distributed with this
; file, You can obtain one at http://mozilla.org/MPL/2.0/.
$TTL 2
$TTL 20
. IN SOA gson.nominum.com. a.root.servers.nil. (
2000042100 ; serial
600 ; refresh
......
-m record,size,mctx -T clienttest -c named.conf -d 99 -X named.lock -g -T mkeytimers=2/20/40 -T tat=1
-m record,size,mctx -T clienttest -c named.conf -d 99 -X named.lock -g -T mkeytimers=5/10/20 -T tat=1
-m record,size,mctx -T clienttest -c named.conf -d 99 -X named.lock -g -T mkeytimers=2/20/40 -T tat=1
-m record,size,mctx -T clienttest -c named.conf -d 99 -X named.lock -g -T mkeytimers=5/10/20
......@@ -23,6 +23,7 @@ options {
dnssec-enable yes;
dnssec-validation yes;
bindkeys-file "managed.conf";
trust-anchor-telemetry no;
};
key rndc_key {
......
This diff is collapsed.
......@@ -16,15 +16,6 @@ rm -f dig.out.*
DIGOPTS="+tcp +noadd +nosea +nostat +nocmd -p 5300"
# read everything that's been appended to a file since the last time
# 'nextpart' was called.
nextpart () {
[ -f $1.prev ] || echo "0" > $1.prev
prev=`cat $1.prev`
awk "FNR > $prev "'{ print }
END { print NR > "/dev/stderr" }' $1 2> $1.prev
}
echo "I:checking DNSSEC SERVFAIL is cached ($n)"
ret=0
$DIG $DIGOPTS +dnssec foo.example. a @10.53.0.5 > dig.out.ns5.test$n || ret=1
......
......@@ -515,15 +515,15 @@
<div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; ">
<li class="listitem">
<p>
The ISC DNSSEC Lookaside Validation (DLV) service has been shut
down; all DLV records in the dlv.isc.org zone have been removed.
References to the service have been removed from BIND documentation.
Lookaside validation is no longer used by default by
<span class="command"><strong>delv</strong></span>. The DLV key has been removed from
<code class="filename">bind.keys</code>. Setting
<span class="command"><strong>dnssec-lookaside</strong></span> to
The ISC DNSSEC Lookaside Validation (DLV) service has
been shut down; all DLV records in the dlv.isc.org zone
have been removed. References to the service have been
removed from BIND documentation. Lookaside validation
is no longer used by default by <span class="command"><strong>delv</strong></span>.
The DLV key has been removed from <code class="filename">bind.keys</code>.
Setting <span class="command"><strong>dnssec-lookaside</strong></span> to
<span class="command"><strong>auto</strong></span> or to use dlv.isc.org as a trust
anchor is now a fatal configuration error. [RT #46155]
anchor results in a warning being issued.
</p>
</li>
<li class="listitem">
......
......@@ -475,15 +475,15 @@
<div class="itemizedlist"><ul class="itemizedlist" style="list-style-type: disc; ">
<li class="listitem">
<p>
The ISC DNSSEC Lookaside Validation (DLV) service has been shut
down; all DLV records in the dlv.isc.org zone have been removed.
References to the service have been removed from BIND documentation.
Lookaside validation is no longer used by default by
<span class="command"><strong>delv</strong></span>. The DLV key has been removed from
<code class="filename">bind.keys</code>. Setting
<span class="command"><strong>dnssec-lookaside</strong></span> to
The ISC DNSSEC Lookaside Validation (DLV) service has
been shut down; all DLV records in the dlv.isc.org zone
have been removed. References to the service have been
removed from BIND documentation. Lookaside validation
is no longer used by default by <span class="command"><strong>delv</strong></span>.
The DLV key has been removed from <code class="filename">bind.keys</code>.
Setting <span class="command"><strong>dnssec-lookaside</strong></span> to
<span class="command"><strong>auto</strong></span> or to use dlv.isc.org as a trust
anchor is now a fatal configuration error. [RT #46155]
anchor results in a warning being issued.
</p>
</li>
<li class="listitem">
......
......@@ -386,7 +386,7 @@ getquad(const void *src, struct in_addr *dst,
isc_lex_t *lexer, dns_rdatacallbacks_t *callbacks)
{
int result;
struct in_addr *tmp;
struct in_addr tmp;
result = inet_aton(src, dst);
if (result == 1 && callbacks != NULL &&
......
......@@ -832,8 +832,6 @@
./bin/tests/system/checkconf/bad-acl.conf CONF-C 2016
./bin/tests/system/checkconf/bad-also-notify.conf CONF-C 2012,2013,2016
./bin/tests/system/checkconf/bad-catz-zone.conf CONF-C 2016
./bin/tests/system/checkconf/bad-dlv-auto.conf CONF-C 2017
./bin/tests/system/checkconf/bad-dlv-dlv.isc.org.conf CONF-C 2017
./bin/tests/system/checkconf/bad-dnssec.conf CONF-C 2012,2013,2016
./bin/tests/system/checkconf/bad-glue-cache-bogus.conf CONF-C 2017
./bin/tests/system/checkconf/bad-hint.conf CONF-C 2014,2016
......@@ -917,6 +915,8 @@
./bin/tests/system/checkconf/view-class-any2.conf CONF-C 2016
./bin/tests/system/checkconf/view-class-in1.conf CONF-C 2016
./bin/tests/system/checkconf/view-class-in2.conf CONF-C 2016
./bin/tests/system/checkconf/warn-dlv-auto.conf CONF-C 2017
./bin/tests/system/checkconf/warn-dlv-dlv.isc.org.conf CONF-C 2017
./bin/tests/system/checkconf/warn-keydir.conf CONF-C 2013,2016
./bin/tests/system/checkds/clean.sh SH 2012,2013,2014,2016,2017
./bin/tests/system/checkds/dig.bat BAT 2016
......@@ -1423,7 +1423,6 @@
./bin/tests/system/filter-aaaa/ns4/signed.db.in ZONE 2010,2012,2016,2017
./bin/tests/system/filter-aaaa/ns4/signed.db.presigned X 2014
./bin/tests/system/filter-aaaa/ns4/unsigned.db ZONE 2010,2012,2016,2017
./bin/tests/system/filter-aaaa/prereq.sh SH 2010,2012,2014,2016
./bin/tests/system/filter-aaaa/setup.sh SH 2010,2012,2014,2016,2017
./bin/tests/system/filter-aaaa/tests.sh SH 2010,2012,2015,2016
./bin/tests/system/formerr/clean.sh SH 2013,2014,2015,2016
......@@ -1712,12 +1711,12 @@
./bin/tests/system/mkeys/ns1/named1.conf CONF-C 2015,2016,2017
./bin/tests/system/mkeys/ns1/named2.conf CONF-C 2015,2016,2017
./bin/tests/system/mkeys/ns1/named3.conf CONF-C 2017
./bin/tests/system/mkeys/ns1/root.db ZONE 2015,2016
./bin/tests/system/mkeys/ns1/root.db ZONE 2015,2016,2017
./bin/tests/system/mkeys/ns1/sign.sh SH 2015,2016,2017
./bin/tests/system/mkeys/ns2/named.args X 2015,2016,2017
./bin/tests/system/mkeys/ns2/named.conf CONF-C 2015,2016
./bin/tests/system/mkeys/ns3/named.args X 2015,2016
./bin/tests/system/mkeys/ns3/named.conf CONF-C 2015,2016
./bin/tests/system/mkeys/ns3/named.args X 2015,2016,2017
./bin/tests/system/mkeys/ns3/named.conf CONF-C 2015,2016,2017
./bin/tests/system/mkeys/ns4/named.conf CONF-C 2017
./bin/tests/system/mkeys/ns5/named.conf CONF-C 2017
./bin/tests/system/mkeys/ns5/named1.args X 2017
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment