1. 30 Jul, 2020 1 commit
    • Michal Nowak's avatar
      Drop $SYSTEMTESTTOP from bin/tests/system/ · 093af1c0
      Michal Nowak authored
      The $SYSTEMTESTTOP shell variable if often set to .. in various shell
      scripts inside bin/tests/system/, but most of the time it is only
      used one line later, while sourcing conf.sh. This hardly improves
      code readability.
      
      $SYSTEMTESTTOP is also used for the purpose of referencing
      scripts/files living in bin/tests/system/, but given that the
      variable is always set to a short, relative path, we can drop it and
      replace all of its occurrences with the relative path without adversely
      affecting code readability.
      093af1c0
  2. 06 Mar, 2020 1 commit
    • Matthijs Mekking's avatar
      Add algorithm rollover test case · 88ebe958
      Matthijs Mekking authored
      Add a test case for algorithm rollover.  This is triggered by
      changing the dnssec-policy.  A new nameserver ns6 is introduced
      for tests related to dnssec-policy changes.
      
      This requires a slight change in check_next_key_event to only
      check the last occurrence.  Also, change the debug log message in
      lib/dns/zone.c to deal with checks when no next scheduled key event
      exists (and default to loadkeys interval 3600).
      88ebe958
  3. 06 Nov, 2019 3 commits
    • Matthijs Mekking's avatar
      dnssec-policy inheritance from options/view · 5f464d15
      Matthijs Mekking authored
      'dnssec-policy' can now also be set on the options and view level and
      a zone that does not set 'dnssec-policy' explicitly will inherit it
      from the view or options level.
      
      This requires a new keyword to be introduced: 'none'.  If set to
      'none' the zone will not be DNSSEC maintained, in other words it will
      stay unsigned.  You can use this to break the inheritance.  Of course
      you can also break the inheritance by referring to a different
      policy.
      
      The keywords 'default' and 'none' are not allowed when configuring
      your own dnssec-policy statement.
      
      Add appropriate tests for checking the configuration (checkconf)
      and add tests to the kasp system test to verify the inheritance
      works.
      
      Edit the kasp system test such that it can deal with unsigned zones
      and views (so setting a TSIG on the query).
      5f464d15
    • Matthijs Mekking's avatar
      Add kasp tests · c9f1ec83
      Matthijs Mekking authored
      Add more tests for kasp:
      
      - Add tests for different algorithms.
      
      - Add a test to ensure that an edit in an unsigned zone is
        picked up and properly signed.
      
      - Add two tests that ensures that a zone gets signed when it is
        configured as so-called 'inline-signing'.  In other words, a
        secondary zone that is configured with a 'dnssec-policy'.  A zone
        that is transferred over AXFR or IXFR will get signed.
      
      - Add a test to ensure signatures are reused if they are still
        fresh enough.
      
      - Adds two more tests to verify that expired and unfresh signatures
        will be regenerated.
      
      - Add tests for various cases with keys already available in the
        key-directory.
      c9f1ec83
    • Matthijs Mekking's avatar
      dnssec-keygen can create keys given dnssec-policy · 09ac224c
      Matthijs Mekking authored
      This commit adds code for generating keys with dnssec-keygen given
      a specific dnssec-policy.
      
      The dnssec-policy can be set with a new option '-k'. The '-l'
      option can be used to set a configuration file that contains a
      specific dnssec-policy.
      
      Because the dnssec-policy dictates how the keys should look like,
      many of the existing dnssec-keygen options cannot be used together
      with '-k'.
      
      If the dnssec-policy lists multiple keys, dnssec-keygen has now the
      possibility to generate multiple keys at one run.
      
      Add two tests for creating keys with '-k': One with the default
      policy, one with multiple keys from the configuration.
      09ac224c
  4. 04 Mar, 2019 2 commits
    • Matthijs Mekking's avatar
      Ensure all system tests run clean.sh from setup.sh · e4108039
      Matthijs Mekking authored
      For consistency between all system tests, add missing setup.sh scripts
      for tests which do not have one yet and ensure every setup.sh script
      calls its respective clean.sh script.
      e4108039
    • Matthijs Mekking's avatar
      Only perform test cleanups in clean.sh scripts · c64ed484
      Matthijs Mekking authored
      Temporary files created by a given system test should be removed by its
      clean.sh script, not its setup.sh script.  Remove redundant "rm"
      invocations from setup.sh scripts.  Move required "rm" invocations from
      setup.sh scripts to their corresponding clean.sh scripts.
      c64ed484
  5. 11 May, 2018 1 commit
  6. 23 Feb, 2018 1 commit
  7. 27 Jun, 2016 1 commit
  8. 29 Jun, 2012 3 commits
  9. 19 Jun, 2007 1 commit
  10. 18 Jun, 2007 1 commit
  11. 05 Mar, 2004 1 commit
  12. 09 Jan, 2001 1 commit
  13. 18 Nov, 2000 1 commit
  14. 03 Nov, 2000 1 commit