summaryrefslogtreecommitdiffstats
path: root/bin/tests/system/verify/tests.sh
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-27 23:51:28 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-27 23:51:28 +0000
commit754c7de1e91eeb28c6d3766900ead0c3e44fdb85 (patch)
tree51433c0e38731dc9ecd342555a56f876980b1834 /bin/tests/system/verify/tests.sh
parentAdding debian version 1:9.16.44-1~deb11u1. (diff)
downloadbind9-754c7de1e91eeb28c6d3766900ead0c3e44fdb85.tar.xz
bind9-754c7de1e91eeb28c6d3766900ead0c3e44fdb85.zip
Merging upstream version 1:9.16.48.
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'bin/tests/system/verify/tests.sh')
-rw-r--r--bin/tests/system/verify/tests.sh152
1 files changed, 75 insertions, 77 deletions
diff --git a/bin/tests/system/verify/tests.sh b/bin/tests/system/verify/tests.sh
index cda891a..fb8cc40 100644
--- a/bin/tests/system/verify/tests.sh
+++ b/bin/tests/system/verify/tests.sh
@@ -13,99 +13,97 @@
SYSTEMTESTTOP=..
. $SYSTEMTESTTOP/conf.sh
-failed () {
- cat verify.out.$n | sed 's/^/D:/';
- echo_i "failed";
- status=1;
+failed() {
+ cat verify.out.$n | sed 's/^/D:/'
+ echo_i "failed"
+ status=1
}
n=0
status=0
-for file in zones/*.good
-do
- n=`expr $n + 1`
- zone=`expr "$file" : 'zones/\(.*\).good'`
- echo_i "checking supposedly good zone: $zone ($n)"
- ret=0
- case $zone in
- zsk-only.*) only=-z;;
- ksk-only.*) only=-z;;
- *) only=;;
- esac
- $VERIFY ${only} -o $zone $file > verify.out.$n 2>&1 || ret=1
- [ $ret = 0 ] || failed
+for file in zones/*.good; do
+ n=$(expr $n + 1)
+ zone=$(expr "$file" : 'zones/\(.*\).good')
+ echo_i "checking supposedly good zone: $zone ($n)"
+ ret=0
+ case $zone in
+ zsk-only.*) only=-z ;;
+ ksk-only.*) only=-z ;;
+ *) only= ;;
+ esac
+ $VERIFY ${only} -o $zone $file >verify.out.$n 2>&1 || ret=1
+ [ $ret = 0 ] || failed
done
-for file in zones/*.bad
-do
- n=`expr $n + 1`
- zone=`expr "$file" : 'zones/\(.*\).bad'`
- echo_i "checking supposedly bad zone: $zone ($n)"
- ret=0
- dumpit=0
- case $zone in
- zsk-only.*) only=-z;;
- ksk-only.*) only=-z;;
- *) only=;;
- esac
- expect1= expect2=
- case $zone in
- *.dnskeyonly)
- expect1="DNSKEY is not signed"
- ;;
- *.expired)
- expect1="signature has expired"
- expect2="No self-signed .*DNSKEY found"
- ;;
- *.ksk-expired)
- expect1="signature has expired"
- expect2="No self-signed .*DNSKEY found"
- ;;
- *.out-of-zone-nsec|*.below-bottom-of-zone-nsec|*.below-dname-nsec)
- expect1="unexpected NSEC RRset at"
- ;;
- *.nsec.broken-chain)
- expect1="Bad NSEC record for.*, next name mismatch"
- ;;
- *.bad-bitmap)
- expect1="bit map mismatch"
- ;;
- *.missing-empty)
- expect1="Missing NSEC3 record for";
- ;;
- unsigned)
- expect1="Zone contains no DNSSEC keys"
- ;;
- *.extra-nsec3)
- expect1="Expected and found NSEC3 chains not equal";
- ;;
- *)
- dumpit=1
- ;;
- esac
- $VERIFY ${only} -o $zone $file > verify.out.$n 2>&1 && ret=1
- grep "${expect1:-.}" verify.out.$n > /dev/null || ret=1
- grep "${expect2:-.}" verify.out.$n > /dev/null || ret=1
- [ $ret = 0 ] || failed
- [ $dumpit = 1 ] && cat verify.out.$n
+for file in zones/*.bad; do
+ n=$(expr $n + 1)
+ zone=$(expr "$file" : 'zones/\(.*\).bad')
+ echo_i "checking supposedly bad zone: $zone ($n)"
+ ret=0
+ dumpit=0
+ case $zone in
+ zsk-only.*) only=-z ;;
+ ksk-only.*) only=-z ;;
+ *) only= ;;
+ esac
+ expect1= expect2=
+ case $zone in
+ *.dnskeyonly)
+ expect1="DNSKEY is not signed"
+ ;;
+ *.expired)
+ expect1="signature has expired"
+ expect2="No self-signed .*DNSKEY found"
+ ;;
+ *.ksk-expired)
+ expect1="signature has expired"
+ expect2="No self-signed .*DNSKEY found"
+ ;;
+ *.out-of-zone-nsec | *.below-bottom-of-zone-nsec | *.below-dname-nsec)
+ expect1="unexpected NSEC RRset at"
+ ;;
+ *.nsec.broken-chain)
+ expect1="Bad NSEC record for.*, next name mismatch"
+ ;;
+ *.bad-bitmap)
+ expect1="bit map mismatch"
+ ;;
+ *.missing-empty)
+ expect1="Missing NSEC3 record for"
+ ;;
+ unsigned)
+ expect1="Zone contains no DNSSEC keys"
+ ;;
+ *.extra-nsec3)
+ expect1="Expected and found NSEC3 chains not equal"
+ ;;
+ *)
+ dumpit=1
+ ;;
+ esac
+ $VERIFY ${only} -o $zone $file >verify.out.$n 2>&1 && ret=1
+ grep "${expect1:-.}" verify.out.$n >/dev/null || ret=1
+ grep "${expect2:-.}" verify.out.$n >/dev/null || ret=1
+ [ $ret = 0 ] || failed
+ [ $dumpit = 1 ] && cat verify.out.$n
done
-n=`expr $n + 1`
+n=$(expr $n + 1)
echo_i "checking error message when -o is not used and a SOA record not at top of zone is found ($n)"
ret=0
# When -o is not used, origin is set to zone file name, which should cause an error in this case
-$VERIFY zones/ksk+zsk.nsec.good > verify.out.$n 2>&1 && ret=1
-grep "not at top of zone" verify.out.$n > /dev/null || ret=1
-grep "use -o to specify a different zone origin" verify.out.$n > /dev/null || ret=1
+$VERIFY zones/ksk+zsk.nsec.good >verify.out.$n 2>&1 && ret=1
+grep "not at top of zone" verify.out.$n >/dev/null || ret=1
+grep "use -o to specify a different zone origin" verify.out.$n >/dev/null || ret=1
[ $ret = 0 ] || failed
-n=`expr $n + 1`
+n=$(expr $n + 1)
echo_i "checking error message when an invalid -o is specified and a SOA record not at top of zone is found ($n)"
ret=0
-$VERIFY -o invalid.origin zones/ksk+zsk.nsec.good > verify.out.$n 2>&1 && ret=1
-grep "not at top of zone" verify.out.$n > /dev/null || ret=1
-grep "use -o to specify a different zone origin" verify.out.$n > /dev/null && ret=1
+$VERIFY -o invalid.origin zones/ksk+zsk.nsec.good >verify.out.$n 2>&1 && ret=1
+grep "not at top of zone" verify.out.$n >/dev/null || ret=1
+grep "use -o to specify a different zone origin" verify.out.$n >/dev/null && ret=1
[ $ret = 0 ] || failed
echo_i "exit status: $status"