diff options
Diffstat (limited to '')
42 files changed, 1441 insertions, 0 deletions
diff --git a/bin/tests/system/legacy/build.sh b/bin/tests/system/legacy/build.sh new file mode 100644 index 0000000..5aeeb9c --- /dev/null +++ b/bin/tests/system/legacy/build.sh @@ -0,0 +1,22 @@ +#!/bin/sh + +# Copyright (C) Internet Systems Consortium, Inc. ("ISC") +# +# SPDX-License-Identifier: MPL-2.0 +# +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, you can obtain one at https://mozilla.org/MPL/2.0/. +# +# See the COPYRIGHT file distributed with this work for additional +# information regarding copyright ownership. + +SYSTEMTESTTOP=.. +. $SYSTEMTESTTOP/conf.sh + +$SHELL clean.sh + +(cd ns6 && $SHELL -e sign.sh) +(cd ns7 && $SHELL -e sign.sh) + +$SHELL clean.sh diff --git a/bin/tests/system/legacy/clean.sh b/bin/tests/system/legacy/clean.sh new file mode 100644 index 0000000..4c65a2d --- /dev/null +++ b/bin/tests/system/legacy/clean.sh @@ -0,0 +1,31 @@ +#!/bin/sh + +# Copyright (C) Internet Systems Consortium, Inc. ("ISC") +# +# SPDX-License-Identifier: MPL-2.0 +# +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, you can obtain one at https://mozilla.org/MPL/2.0/. +# +# See the COPYRIGHT file distributed with this work for additional +# information regarding copyright ownership. + +rm -f dig.out.* +rm -f ns*/named.conf +rm -f ns*/named.memstats +rm -f ns*/named.run +rm -f ns*/named.lock + +# build.sh +rm -f ns1/named_dump.db* +rm -f ns6/K* +rm -f ns6/dsset-* +rm -f ns6/edns512.db +rm -f ns6/signer.err +rm -f ns7/K* +rm -f ns7/dsset-* +rm -f ns7/edns512-notcp.db +rm -f ns7/signer.err +rm -f ns7/trusted.conf +rm -f ns*/managed-keys.bind* diff --git a/bin/tests/system/legacy/ns1/named1.conf.in b/bin/tests/system/legacy/ns1/named1.conf.in new file mode 100644 index 0000000..7f8e897 --- /dev/null +++ b/bin/tests/system/legacy/ns1/named1.conf.in @@ -0,0 +1,41 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * SPDX-License-Identifier: MPL-2.0 + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, you can obtain one at https://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +options { + query-source address 10.53.0.1; + notify-source 10.53.0.1; + transfer-source 10.53.0.1; + port @PORT@; + pid-file "named.pid"; + listen-on { 10.53.0.1; }; + listen-on-v6 { none; }; + recursion yes; + dnssec-validation yes; + max-udp-size 4096; + edns-udp-size 4096; + nocookie-udp-size 4096; +}; + +key rndc_key { + secret "1234abcd8765"; + algorithm hmac-sha256; +}; + +controls { + inet 10.53.0.1 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; +}; + +zone "." { + type primary; + file "root.db"; +}; diff --git a/bin/tests/system/legacy/ns1/named2.conf.in b/bin/tests/system/legacy/ns1/named2.conf.in new file mode 100644 index 0000000..9d4f1f6 --- /dev/null +++ b/bin/tests/system/legacy/ns1/named2.conf.in @@ -0,0 +1,34 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * SPDX-License-Identifier: MPL-2.0 + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, you can obtain one at https://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +options { + query-source address 10.53.0.1; + notify-source 10.53.0.1; + transfer-source 10.53.0.1; + port @PORT@; + pid-file "named.pid"; + listen-on { 10.53.0.1; }; + listen-on-v6 { none; }; + recursion yes; + dnssec-validation yes; + max-udp-size 4096; + edns-udp-size 4096; + nocookie-udp-size 4096; +}; + +zone "." { + type primary; + file "root.db"; +}; + +include "trusted.conf"; diff --git a/bin/tests/system/legacy/ns1/root.db b/bin/tests/system/legacy/ns1/root.db new file mode 100644 index 0000000..175847a --- /dev/null +++ b/bin/tests/system/legacy/ns1/root.db @@ -0,0 +1,33 @@ +; Copyright (C) Internet Systems Consortium, Inc. ("ISC") +; +; SPDX-License-Identifier: MPL-2.0 +; +; This Source Code Form is subject to the terms of the Mozilla Public +; License, v. 2.0. If a copy of the MPL was not distributed with this +; file, you can obtain one at https://mozilla.org/MPL/2.0/. +; +; See the COPYRIGHT file distributed with this work for additional +; information regarding copyright ownership. + +$TTL 60 +. SOA ns1. marka.isc.org 1 0 0 0 0 +. NS ns1. +ns1. A 10.53.0.1 +dropedns. NS ns.dropedns. +ns.dropedns. A 10.53.0.2 +dropedns-notcp. NS ns.dropedns-notcp. +ns.dropedns-notcp. A 10.53.0.3 +plain. NS ns.plain. +ns.plain. A 10.53.0.4 +plain-notcp. NS ns.plain-notcp. +ns.plain-notcp. A 10.53.0.5 +edns512. NS ns.edns512. +ns.edns512. A 10.53.0.6 +edns512-notcp. NS ns.edns512-notcp. +ns.edns512-notcp. A 10.53.0.7 +ednsformerr. NS ns.ednsformerr. +ns.ednsformerr. A 10.53.0.8 +ednsnotimp. NS ns.ednsnotimp. +ns.ednsnotimp. A 10.53.0.9 +ednsrefused. NS ns.ednsrefused. +ns.ednsrefused. A 10.53.0.10 diff --git a/bin/tests/system/legacy/ns1/trusted.conf b/bin/tests/system/legacy/ns1/trusted.conf new file mode 100644 index 0000000..73500fc --- /dev/null +++ b/bin/tests/system/legacy/ns1/trusted.conf @@ -0,0 +1,16 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * SPDX-License-Identifier: MPL-2.0 + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, you can obtain one at https://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +trust-anchors { + "edns512-notcp." static-key 257 3 10 "AwEAAcEBkn/cuVhdRTWMHt19O7h9F4Hx2t68u1JUZg7swLLvwfljqnNYjsKYk9EzUhIaYOAHtVe7//cYwoVU4BFhY2DGbx1YE1LnKIGxfqpopFxDZC34TTl6jpoTP6kvj+XpeO0HfF2+DcyNgnQcMGgHXyLWeRUJFt1As6o9tmsBiInGIZMTE3/rANhtAGMLNzhRLN7CS/Tc5GhKaL66uebyEYenEOAyDVgsuhr8Q9D5ka6xZmxzXFVswy2KvsSxu9aoxVq4nACjIeTZ4GJy0v83zclV7hA+5jlPDXMFtIpvwux5XALrNkUUPq+Fb5sc5/u141LcvdASnlk58I77HbsnfausvDxdYYxEns7K9e9N85dwyreM/OGTmm8p4hNDngZESAea7MrSCsJpOGn9XLkVe6gZnBgB1cra+ezzTSWn+4QH17lIhFXYNjMV83df2h/gH3Gmthqnr9RgknZga8B/Czc7TeX6iy2gAOshKGyb6w12eJim1L8tS5T138V8d6SigzxZz1raiJNolVhXyA8SbbDpgBrcoEXN/WjwvWI+2ol5gzlqMeNw/F9SMoWdpGIWkkNCNWBbhLWhp6qfhpRLUFwVys54LGOIGSVRd9uJmc2hPdXoP8ephnCIeNJb8Zp6DnpssyN0JaF815dKkOHff9GEjaiRLj0xWvtZSqNFaGoB"; +}; diff --git a/bin/tests/system/legacy/ns10/ednsrefused.db b/bin/tests/system/legacy/ns10/ednsrefused.db new file mode 100644 index 0000000..9aa3a4a --- /dev/null +++ b/bin/tests/system/legacy/ns10/ednsrefused.db @@ -0,0 +1,14 @@ +; Copyright (C) Internet Systems Consortium, Inc. ("ISC") +; +; SPDX-License-Identifier: MPL-2.0 +; +; This Source Code Form is subject to the terms of the Mozilla Public +; License, v. 2.0. If a copy of the MPL was not distributed with this +; file, you can obtain one at https://mozilla.org/MPL/2.0/. +; +; See the COPYRIGHT file distributed with this work for additional +; information regarding copyright ownership. + +@ 60 SOA ns marka.isc.org. 1 0 0 0 0 +@ 60 NS ns +ns 60 A 10.53.0.8 diff --git a/bin/tests/system/legacy/ns10/named.conf.in b/bin/tests/system/legacy/ns10/named.conf.in new file mode 100644 index 0000000..628c51a --- /dev/null +++ b/bin/tests/system/legacy/ns10/named.conf.in @@ -0,0 +1,29 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * SPDX-License-Identifier: MPL-2.0 + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, you can obtain one at https://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +options { + query-source address 10.53.0.10; + notify-source 10.53.0.10; + transfer-source 10.53.0.10; + port @PORT@; + pid-file "named.pid"; + listen-on { 10.53.0.10; }; + listen-on-v6 { none; }; + recursion no; + dnssec-validation no; +}; + +zone "ednsrefused" { + type primary; + file "ednsrefused.db"; +}; diff --git a/bin/tests/system/legacy/ns10/named.ednsrefused b/bin/tests/system/legacy/ns10/named.ednsrefused new file mode 100644 index 0000000..6b43ac0 --- /dev/null +++ b/bin/tests/system/legacy/ns10/named.ednsrefused @@ -0,0 +1 @@ +ednsrefused diff --git a/bin/tests/system/legacy/ns2/dropedns.db b/bin/tests/system/legacy/ns2/dropedns.db new file mode 100644 index 0000000..06c023c --- /dev/null +++ b/bin/tests/system/legacy/ns2/dropedns.db @@ -0,0 +1,14 @@ +; Copyright (C) Internet Systems Consortium, Inc. ("ISC") +; +; SPDX-License-Identifier: MPL-2.0 +; +; This Source Code Form is subject to the terms of the Mozilla Public +; License, v. 2.0. If a copy of the MPL was not distributed with this +; file, you can obtain one at https://mozilla.org/MPL/2.0/. +; +; See the COPYRIGHT file distributed with this work for additional +; information regarding copyright ownership. + +@ 60 SOA ns marka.isc.org. 1 0 0 0 0 +@ 60 NS ns +ns 60 A 10.53.0.2 diff --git a/bin/tests/system/legacy/ns2/named.conf.in b/bin/tests/system/legacy/ns2/named.conf.in new file mode 100644 index 0000000..e570ffe --- /dev/null +++ b/bin/tests/system/legacy/ns2/named.conf.in @@ -0,0 +1,29 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * SPDX-License-Identifier: MPL-2.0 + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, you can obtain one at https://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +options { + query-source address 10.53.0.2; + notify-source 10.53.0.2; + transfer-source 10.53.0.2; + port @PORT@; + pid-file "named.pid"; + listen-on { 10.53.0.2; }; + listen-on-v6 { none; }; + recursion no; + dnssec-validation no; +}; + +zone "dropedns" { + type primary; + file "dropedns.db"; +}; diff --git a/bin/tests/system/legacy/ns2/named.dropedns b/bin/tests/system/legacy/ns2/named.dropedns new file mode 100644 index 0000000..37dd9cf --- /dev/null +++ b/bin/tests/system/legacy/ns2/named.dropedns @@ -0,0 +1 @@ +dropedns diff --git a/bin/tests/system/legacy/ns3/dropedns-notcp.db b/bin/tests/system/legacy/ns3/dropedns-notcp.db new file mode 100644 index 0000000..0ac44bc --- /dev/null +++ b/bin/tests/system/legacy/ns3/dropedns-notcp.db @@ -0,0 +1,14 @@ +; Copyright (C) Internet Systems Consortium, Inc. ("ISC") +; +; SPDX-License-Identifier: MPL-2.0 +; +; This Source Code Form is subject to the terms of the Mozilla Public +; License, v. 2.0. If a copy of the MPL was not distributed with this +; file, you can obtain one at https://mozilla.org/MPL/2.0/. +; +; See the COPYRIGHT file distributed with this work for additional +; information regarding copyright ownership. + +@ 60 SOA ns marka.isc.org. 1 0 0 0 0 +@ 60 NS ns +ns 60 A 10.53.0.3 diff --git a/bin/tests/system/legacy/ns3/named.conf.in b/bin/tests/system/legacy/ns3/named.conf.in new file mode 100644 index 0000000..3d89554 --- /dev/null +++ b/bin/tests/system/legacy/ns3/named.conf.in @@ -0,0 +1,29 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * SPDX-License-Identifier: MPL-2.0 + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, you can obtain one at https://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +options { + query-source address 10.53.0.3; + notify-source 10.53.0.3; + transfer-source 10.53.0.3; + port @PORT@; + pid-file "named.pid"; + listen-on { 10.53.0.3; }; + listen-on-v6 { none; }; + recursion no; + dnssec-validation no; +}; + +zone "dropedns-notcp" { + type primary; + file "dropedns-notcp.db"; +}; diff --git a/bin/tests/system/legacy/ns3/named.dropedns b/bin/tests/system/legacy/ns3/named.dropedns new file mode 100644 index 0000000..37dd9cf --- /dev/null +++ b/bin/tests/system/legacy/ns3/named.dropedns @@ -0,0 +1 @@ +dropedns diff --git a/bin/tests/system/legacy/ns3/named.notcp b/bin/tests/system/legacy/ns3/named.notcp new file mode 100644 index 0000000..e25c3a8 --- /dev/null +++ b/bin/tests/system/legacy/ns3/named.notcp @@ -0,0 +1 @@ +notcp diff --git a/bin/tests/system/legacy/ns4/named.args b/bin/tests/system/legacy/ns4/named.args new file mode 100644 index 0000000..0fe6774 --- /dev/null +++ b/bin/tests/system/legacy/ns4/named.args @@ -0,0 +1 @@ +-m record,size,mctx -c named.conf -d 99 -D legacy-ns4 -X named.lock -g -U 4 -T maxcachesize=2097152 -T noedns diff --git a/bin/tests/system/legacy/ns4/named.conf.in b/bin/tests/system/legacy/ns4/named.conf.in new file mode 100644 index 0000000..32bdb05 --- /dev/null +++ b/bin/tests/system/legacy/ns4/named.conf.in @@ -0,0 +1,29 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * SPDX-License-Identifier: MPL-2.0 + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, you can obtain one at https://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +options { + query-source address 10.53.0.4; + notify-source 10.53.0.4; + transfer-source 10.53.0.4; + port @PORT@; + pid-file "named.pid"; + listen-on { 10.53.0.4; }; + listen-on-v6 { none; }; + recursion no; + dnssec-validation no; +}; + +zone "plain" { + type primary; + file "plain.db"; +}; diff --git a/bin/tests/system/legacy/ns4/plain.db b/bin/tests/system/legacy/ns4/plain.db new file mode 100644 index 0000000..2c20a70 --- /dev/null +++ b/bin/tests/system/legacy/ns4/plain.db @@ -0,0 +1,14 @@ +; Copyright (C) Internet Systems Consortium, Inc. ("ISC") +; +; SPDX-License-Identifier: MPL-2.0 +; +; This Source Code Form is subject to the terms of the Mozilla Public +; License, v. 2.0. If a copy of the MPL was not distributed with this +; file, you can obtain one at https://mozilla.org/MPL/2.0/. +; +; See the COPYRIGHT file distributed with this work for additional +; information regarding copyright ownership. + +@ 60 SOA ns marka.isc.org. 1 0 0 0 0 +@ 60 NS ns +ns 60 A 10.53.0.4 diff --git a/bin/tests/system/legacy/ns5/named.args b/bin/tests/system/legacy/ns5/named.args new file mode 100644 index 0000000..364370a --- /dev/null +++ b/bin/tests/system/legacy/ns5/named.args @@ -0,0 +1 @@ +-m record,size,mctx -c named.conf -d 99 -D legacy-ns5 -X named.lock -g -U 4 -T maxcachesize=2097152 -T noedns diff --git a/bin/tests/system/legacy/ns5/named.conf.in b/bin/tests/system/legacy/ns5/named.conf.in new file mode 100644 index 0000000..92e754f --- /dev/null +++ b/bin/tests/system/legacy/ns5/named.conf.in @@ -0,0 +1,29 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * SPDX-License-Identifier: MPL-2.0 + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, you can obtain one at https://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +options { + query-source address 10.53.0.5; + notify-source 10.53.0.5; + transfer-source 10.53.0.5; + port @PORT@; + pid-file "named.pid"; + listen-on { 10.53.0.5; }; + listen-on-v6 { none; }; + recursion no; + dnssec-validation no; +}; + +zone "plain-notcp" { + type primary; + file "plain-notcp.db"; +}; diff --git a/bin/tests/system/legacy/ns5/named.notcp b/bin/tests/system/legacy/ns5/named.notcp new file mode 100644 index 0000000..e25c3a8 --- /dev/null +++ b/bin/tests/system/legacy/ns5/named.notcp @@ -0,0 +1 @@ +notcp diff --git a/bin/tests/system/legacy/ns5/plain-notcp.db b/bin/tests/system/legacy/ns5/plain-notcp.db new file mode 100644 index 0000000..9c1a96b --- /dev/null +++ b/bin/tests/system/legacy/ns5/plain-notcp.db @@ -0,0 +1,14 @@ +; Copyright (C) Internet Systems Consortium, Inc. ("ISC") +; +; SPDX-License-Identifier: MPL-2.0 +; +; This Source Code Form is subject to the terms of the Mozilla Public +; License, v. 2.0. If a copy of the MPL was not distributed with this +; file, you can obtain one at https://mozilla.org/MPL/2.0/. +; +; See the COPYRIGHT file distributed with this work for additional +; information regarding copyright ownership. + +@ 60 SOA ns marka.isc.org. 1 0 0 0 0 +@ 60 NS ns +ns 60 A 10.53.0.5 diff --git a/bin/tests/system/legacy/ns6/edns512.db.in b/bin/tests/system/legacy/ns6/edns512.db.in new file mode 100644 index 0000000..7c2309b --- /dev/null +++ b/bin/tests/system/legacy/ns6/edns512.db.in @@ -0,0 +1,14 @@ +; Copyright (C) Internet Systems Consortium, Inc. ("ISC") +; +; SPDX-License-Identifier: MPL-2.0 +; +; This Source Code Form is subject to the terms of the Mozilla Public +; License, v. 2.0. If a copy of the MPL was not distributed with this +; file, you can obtain one at https://mozilla.org/MPL/2.0/. +; +; See the COPYRIGHT file distributed with this work for additional +; information regarding copyright ownership. + +@ 60 SOA ns marka.isc.org. 1 0 0 0 0 +@ 60 NS ns +ns 60 A 10.53.0.6 diff --git a/bin/tests/system/legacy/ns6/edns512.db.signed b/bin/tests/system/legacy/ns6/edns512.db.signed new file mode 100644 index 0000000..1493dd8 --- /dev/null +++ b/bin/tests/system/legacy/ns6/edns512.db.signed @@ -0,0 +1,248 @@ +; File written on Fri Dec 5 16:35:57 2014 +; dnssec_signzone version 9.11.0pre-alpha +edns512. 60 IN SOA ns.edns512. marka.isc.org. ( + 1 ; serial + 0 ; refresh (0 seconds) + 0 ; retry (0 seconds) + 0 ; expire (0 seconds) + 0 ; minimum (0 seconds) + ) + 60 RRSIG SOA 10 1 60 ( + 20441127043557 20141205043557 59033 edns512. + Xqas69NmX1N9jXSQntGXjcDTmZpO542fJURc + peYqY2gD445jxcH6FwmdMbzyPX4Nel+ZKdqx + wzb6U4S2sc7V1Wt8sOuNWil3LOaF9Mr2ZhL9 + /BgFaZixYdij0dFkUyuaSRfDx+3rvYtGZBRW + w55/U2bRvIgk0TjH+XHOUM+l5n755bsH1GFP + kRxhsYtsrUdWrB7Wn5lOdURsIf31xUfuMejR + QO5UIeqIgLhqE67GTy4SkfJW01G97Fkmt9Kx + 6K1gIwOeJy2rHN9WIF9vLJ2nyxWiSkmUka7l + Zw3kuR9fjgrFE8FEy4e/J8VIoq0v9bnwLh8a + woBnoQoZcfngu56e5hyF+g4t91JDbViOMAcJ + /DWsaGa7IF0o61Z51XoOakpgV4TP3VU53jFr + gfc4HDKP3sQQH9ZqzOpkXtoWGpSQ+u+2jSYu + NKa05LW4q1SJf8DHTiMxAUkkbikGHemskgIm + 0MESkBJI95/M3FbsRc9FswOeX0ZaRo3+6982 + elE1T0ZVPOWjPq1L5upWvUZDP0/d+2ns7Yt/ + MY5dKXjl74kQWTIDdeUC/8aaWFiJhsx7Haa1 + LhHtttBHtQQKQBo8uWVoTHDs9XY7pDcpkF6Z + /NzaCOVHFKh4Ahpr9xwY1J9Cy56oRIq5AEP9 + HmtN1vS04jbad220C+jfkDPJH9s64MKggQ4= ) + 60 NS ns.edns512. + 60 RRSIG NS 10 1 60 ( + 20441127043557 20141205043557 59033 edns512. + G9qrHjBQZ+jcueOhibtN18rXYEaLzWOZh1o2 + ZRQ9jS59BJd0KJ4taQzpz4CxA/juqEjSCmuY + Vynfeg15u4wvUf1/anC38Rp/QG0MHPrFily0 + DzeS/o2plYNCJ8r2wOmufG34rZakXZs2EdBf + 9s3+f+vqx+WsIs1TfaayGi90qDxVjn/SKGqb + v/eXGmYxyRMTaQ2x0+8y018MT+7zLbb3/VvV + EuD8X+J8N8dZiw3Rc1X6zj3usSOEO6wa4GRk + Oss3CMkYJuMND/3RG6XGt6du4hl3lK3+UK/4 + bb/D5FBlCJc76bkmo8ZmUjxKGXXGzh9w+bMT + rt0GfabUcbQyWyOifIsWOeIxYVpvUHusk7VT + gvvhfqXabGT7pPoCPz97IW820qTXKPPX/Rzb + DpRgWdVdQDWcmhb4RBDQrr1DDMmBJlz91S4Q + 0lDAnSMfMO2JIpJKOFNHnsMgLayEvdKOKQOH + ESKzbylxL4qARAq4zYbwz3vY6VDCV5MGcnAT + 3XMNM9RwRq0/qMuE8XfPmRaDimIOLaEojMpU + 59sFvaKzvn7t1h1ZQVLuJqu3jkWwz4iUtwts + +av/IdbbKP6spPy4gimngRWbpiiQHESNx9kp + EHB85/UAR28RffvPadNoQq1eaAOQJCEJf7xv + BOGytbBxrLFsTWrmrB5uCb9hujWu04unJyc= ) + 0 NSEC ns.edns512. NS SOA RRSIG NSEC DNSKEY + 0 RRSIG NSEC 10 1 0 ( + 20441127043557 20141205043557 59033 edns512. + BY9hQLrs9zkekTWeXmSqT+8dCZ+vaRBGSSUf + E8BUr4gYbuzo7xeOpHjMkpO7IpkT80TRcIQf + AkleOlf3+XcUIhK9/7C/xu0/jI3XbaBs5NNJ + 0zhf0CmJBzeCSMtxXInDLGkhGMgoclB3j5+f + nme65PHYFVEVWS/64ZRd71XUUV2kTk4slfqx + YNGhT7IPcgUTNOrsBGi6SmH2iKMseg2BfFOt + +2RRY9HBlfKywozHz9jjWsEmRZke3fqfpuln + C6r3EQ873XBjrsOrDerNaSDf29Zl46SQs3UQ + kCJZ0gWEReRvvooLlh4+PsbIW1M0FMmsImfv + l1kPh8kQgJVxljba7kXX3k5bc/YwTQE3rI6e + ametdxSwbxcUZiUr8rM2ZF4IfqFGS05sD+Cz + 68dDDyR/vu+6Rt/U+39bzg2tI4Ok6aQxOgXP + v+hhOC8Sancpmn+SHLQvYoMW/VxR633TeyW3 + zn4Xhcp7aD4TdKHGK9PpVrtWcx50zZEXu17c + essPk0yDOarTmoqx0r3LSe5jjDLJJ5kZxWxM + nlfkw3aKQwQMuyaVWN+Ruz7KRgD9lkwoOic4 + Qs/7PYpMrV58YVlEa7aESd3+qPHjv6dD99Zm + Fe6bc+SqUTKwjeYfIm/luc70FpykGhdxTK/E + dEjQJ8jMrAzCCr/or/JOHgV1yrTCfU3hAN8= ) + 60 DNSKEY 256 3 10 ( + AwEAAcEBkn/cuVhdRTWMHt19O7h9F4Hx2t68 + u1JUZg7swLLvwfljqnNYjsKYk9EzUhIaYOAH + tVe7//cYwoVU4BFhY2DGbx1YE1LnKIGxfqpo + pFxDZC34TTl6jpoTP6kvj+XpeO0HfF2+DcyN + gnQcMGgHXyLWeRUJFt1As6o9tmsBiInGIZMT + E3/rANhtAGMLNzhRLN7CS/Tc5GhKaL66ueby + EYenEOAyDVgsuhr8Q9D5ka6xZmxzXFVswy2K + vsSxu9aoxVq4nACjIeTZ4GJy0v83zclV7hA+ + 5jlPDXMFtIpvwux5XALrNkUUPq+Fb5sc5/u1 + 41LcvdASnlk58I77HbsnfausvDxdYYxEns7K + 9e9N85dwyreM/OGTmm8p4hNDngZESAea7MrS + CsJpOGn9XLkVe6gZnBgB1cra+ezzTSWn+4QH + 17lIhFXYNjMV83df2h/gH3Gmthqnr9RgknZg + a8B/Czc7TeX6iy2gAOshKGyb6w12eJim1L8t + S5T138V8d6SigzxZz1raiJNolVhXyA8SbbDp + gBrcoEXN/WjwvWI+2ol5gzlqMeNw/F9SMoWd + pGIWkkNCNWBbhLWhp6qfhpRLUFwVys54LGOI + GSVRd9uJmc2hPdXoP8ephnCIeNJb8Zp6Dnps + syN0JaF815dKkOHff9GEjaiRLj0xWvtZSqNF + aGoB + ) ; ZSK; alg = RSASHA512; key id = 59033 + 60 DNSKEY 257 3 10 ( + AwEAAcEBkn/cuVhdRTWMHt19O7h9F4Hx2t68 + u1JUZg7swLLvwfljqnNYjsKYk9EzUhIaYOAH + tVe7//cYwoVU4BFhY2DGbx1YE1LnKIGxfqpo + pFxDZC34TTl6jpoTP6kvj+XpeO0HfF2+DcyN + gnQcMGgHXyLWeRUJFt1As6o9tmsBiInGIZMT + E3/rANhtAGMLNzhRLN7CS/Tc5GhKaL66ueby + EYenEOAyDVgsuhr8Q9D5ka6xZmxzXFVswy2K + vsSxu9aoxVq4nACjIeTZ4GJy0v83zclV7hA+ + 5jlPDXMFtIpvwux5XALrNkUUPq+Fb5sc5/u1 + 41LcvdASnlk58I77HbsnfausvDxdYYxEns7K + 9e9N85dwyreM/OGTmm8p4hNDngZESAea7MrS + CsJpOGn9XLkVe6gZnBgB1cra+ezzTSWn+4QH + 17lIhFXYNjMV83df2h/gH3Gmthqnr9RgknZg + a8B/Czc7TeX6iy2gAOshKGyb6w12eJim1L8t + S5T138V8d6SigzxZz1raiJNolVhXyA8SbbDp + gBrcoEXN/WjwvWI+2ol5gzlqMeNw/F9SMoWd + pGIWkkNCNWBbhLWhp6qfhpRLUFwVys54LGOI + GSVRd9uJmc2hPdXoP8ephnCIeNJb8Zp6Dnps + syN0JaF815dKkOHff9GEjaiRLj0xWvtZSqNF + aGoB + ) ; KSK; alg = RSASHA512; key id = 59034 + 60 RRSIG DNSKEY 10 1 60 ( + 20441127043557 20141205043557 59033 edns512. + QYXBCtuqzY2R7s4sIDFmSkhLqXXYAAdm5T3x + MddwlppybV0tEnkRdgWD+3VL2PAdr+MMFigm + OCohMdYAXOhJwW9OHiSkeIpYamojB+eBPDBl + 63guu73QADTUmffZirWvNb79reVHmKkTPdLm + nEfEs7VEtTm1Wj60jT1q1RIkJDvtIo7mJgRO + MYKyJBCocBUSGGXoHCA+djXCqKiuLavQ2rBu + IGxXtB2Pf2Wkw/9xxhBo5vTrT1u+V2hFGMPO + vnODw0lU4XiSjeBrmMXnadrsx8DrM4KInwAL + A9VolAXXWjqvD3il54ziqikkjTYnOeyik3QM + R7UtDrLTLnAeyeL9rhLuBk2dnsE+XaJ2PP3q + iD7LiEQLDGGKJRC3P6odVb17e7q0mDtH2HId + VdjGap+W6mxql8aVrRHs5P0t/5GJmW83JbJi + e7W3Y1ikoimB4S6FPBbjadaUEpzUs806SIdj + v/AZoydoa/qOdre9Pur51At2dQNgeFhIL9w+ + 2IcN3pRjojTPrMToqVRqOySzx6OzvSmnydDg + PMe4yoqpzumJLQXJ2IceEg5rlLaRjMOBYSW8 + VuqLMfEup+KBEg+nZv6mAmx1KLuIgO5q5ae9 + tq0I7eaV/EPvBYxO7j2RA0AbtmGSUyP4ZzTy + FjIYfOqzwwPjONzLQ2E/RsbS5MlIAk92aC0= ) + 60 RRSIG DNSKEY 10 1 60 ( + 20441127043557 20141205043557 59034 edns512. + V13nqWSVWVdkN/RZnJ+4ywjju3JoRbQrpnjL + RKPi4U8cOc1nnh64y4RvaIe+2TI1hiVKYHfE + 9XGXZb2zhxrWMq8kLjpIRN+jpItoFXu7rSRA + GmiHz7v7PW7+UHz7fhGHKJuqQuodBokTlHhR + /0mNkaDQ96OOyG/aLOfj6Jj16KEBfyM8hALy + jwWE8EOKzV37CLBWawazXVY/EAP5jzQuAaot + SPh3wFuJ2L6rB4lkh5IwaeXU42ip7eirT2i5 + V9W2v01UWbQ3Jab1DJlNwVgNGzXYvCvLU9zG + EHbqVcDuMErOqFzePLhK7Aqh8LIB9DnQlFqE + 2tyATJb0hcMetMNRiInJFGPMekdNiTguhLMC + GyEjzEJdiKT0XA/lVF9MVyEqL2HeSj3NYRe6 + ScfqAZArEPgu+UI0CaiC2eR8KdQCPcwUJuNE + mNdv3F9CnNvq3w72Q3TJpOaFzuToQh8JleTN + Ty3zRkVGKWSDNs+px9sedJkRpaRyVQVXJruT + /boYT8HgK8R6PXIp3Ujud0SSlVjPQrlbxF/P + 5saDwruBkYPRKNGBC0OVcHhI+w1N3gkp59kY + CqBih/kazLfWjUXxc130OEkPhmS1zUEOjsl2 + fmRhKrlRmPM1DyHqFiEVogj/nfZ+VCiO4bIx + F+vVQX+EqQo0p3bRvfSxpY/I7fM0P6/cZlQ= ) +txt500.edns512. 60 IN TXT "01234567890123456789012345678901234567890123456789" "01234567890123456789012345678901234567890123456789" "01234567890123456789012345678901234567890123456789" "01234567890123456789012345678901234567890123456789" "01234567890123456789012345678901234567890123456789" "01234567890123456789012345678901234567890123456789" "01234567890123456789012345678901234567890123456789" "01234567890123456789012345678901234567890123456789" "01234567890123456789012345678901234567890123456789" "01234567890123456789012345678901234567890123456789" "01234567890123456789012345678901234567890123456789" "01234567890123456789012345678901234567890123456789" + 60 RRSIG TXT 10 2 60 ( + 20441127043557 20141205043557 59033 edns512. + OtzlxomsR6xFpPI19gEpl5edx+rbqjrhR6CI + zWiqpjHv5HhdydRPIW6M8KSuBDK/AOuUCy1P + 9qOy7J0QUIGK8Ds4wcw09VCqkxImVu6w7e+z + HoaNJzKT4Oxf1LLrvUnitqEbS4cME15r+Fj4 + cUlkpSZgttMcGhV+VPEiG3z56KzXNAViapJl + HaV10Be0nx0UtEpftkAtgnkXwNPIaDrbULUI + tvD/uvu3ICV5gRATriy3RcanB9c0xKEO9NAm + nbWQD8a7o+zs3OqqDRcZqvq0PRuz7X8Q4T/n + fPYNkGoph1etQTaM1F6V0gP/2Hxv/oQclL77 + IQSRZ8zCZJech8qgBlEHgdY/4hqJzJtO98Ha + OfB7ixmHp9fE5dGInIot6eMKN+Utnl2KLjjn + oO05gh9VESsgDIOM2amN/aViP54ad5DFtJni + 1mLRhV7FmBD2WSkdZF4/u4SvxjKYpWF1pspO + xNPhgaavnAqkM361P0kV13StLXzff9g9QsuB + S8Z4v0Ypiv4s5SlXsKeTpa0Y1gKXf8U1UZGq + /+2089ZurC8S1D89m72M3hgP80TDnLeuDCHY + /3tpU4V0yZ0u2riJG8/4MVFeeo8suk/z2gq0 + nvs3YD7U0XB5ozLUlnKTT+NK49lnv5xoIByL + +ezP5zXMz4D0KAfKk+Wn84RgYn3ADABr1ZI= ) + 0 NSEC edns512. TXT RRSIG NSEC + 0 RRSIG NSEC 10 2 0 ( + 20441127043557 20141205043557 59033 edns512. + nFZKkyTy5O+je3VUaWt/eqVDqPtpktHFJt5X + K1TJHvRbuEanNMJoQJidS6ZhawgJhK54qgcM + klsR2n/eZ61Wbr1dpUscI7PNWGtZThW18d6W + GQjfxvLVSi+YVcSlAt5Jfc+4KZ+Mcte25xOD + DJMWVXTv2AgKt9T7JdOQTrpiugkpflct87FQ + 95POqtj5j72xnTvpjzaDcL22rD5q3kLQlQ14 + xDZV1hOgqCYgbYVgwxgxigWSuWkKjiHiYR9o + YkLPkWHYNn7aDDFpAve4MJXRpuwPP9/TLQKH + hV4H8q7CZK30uKpUqy38JGTQzr7FDgTekGCd + InPLwSrURIkn3rVyCRq7PgvSBNXNW+3h9tYX + gMj6FDNyroWRH1eWmDFg3BmXKu6hUxrZ2fOk + wyhJ5M0LtZinjd5RuHy0CCKFuFA/Gv3Zga0m + vc34auzfwLnQmJc94j3JfwUGlMDeKtizKrhK + PahfCxEMVhY9E9LKx0UsbtJJ1ZgeNsm+zF5E + 6TkzYFc+hHeYM2/Jb2PVxjTmOkbfRoDmnRCd + 9Fus/kFtbgUK6ukpaQsNgdkwtLT8++FiaJUs + ion91SQWK7wjW3Fm+zMA88K/vzSQtv9mGUry + oZ4qpK1PFpafpzUVODx3HSS5RCPGZzd4zuDR + 6u7jgRUH3mokpudb4X1qt9L6tVyMLPqAaq8= ) +ns.edns512. 60 IN A 10.53.0.6 + 60 RRSIG A 10 2 60 ( + 20441127043557 20141205043557 59033 edns512. + BLCw43y8QO0QFaQpBPbMgLk3iIStBvp08qp6 + wRCslXGRNK279mlNd29ZROVwmU7jrNd5jTIt + KhYlO/9DX0JMuTrG3W+tsGkGNqx3LNsVt6/U + rfF7iAxzBjnY4MRv0DIIKJqgEuz+A/vmbGQi + L0QxukaNPycQUEnMBbNmVvEi6uETW0yMPugn + BPg2jSVbrd/lY40K1yyUme//q8ljvneU++Mg + mmQ2crmINUQX3h4NBmXoOun0T5hehqiSvz4n + TUO9rhSMWFJxCvUcjndha2MBEm3/H5MhqHqH + vEFlL9/yDScmwT6FW7yoVtcoQzPymgimBIlB + SW75upaIy6EQcx88WhANB+oEm3JsIwufcpUl + jwe7taxtCV1VYxqbqH9ynEzbUH956pE6gsvW + 1lYrqzkmKl1l4YdJEr/Um8daVT88OR8ClP/3 + v3OhAjmvnzl6WolaMPARCkFtswK8Awd61qDw + T11lTu7k0jB7Xx0JNzP2L/ehPaLokctPvECl + lMbHUryP30VnfBahCewO3/15+sUEhKrrlCif + G/MSFzDWbV11X1ItEQcBWgfcvhNfmAgQ0bsi + HgrgUuFIkmosoQUPEqJFCggTMYNZ769zEv/a + 9gJpLo5AmQqZYCn0sOw59IgXHUOsDoStB+WB + vAl9Q3ePoJ8wd+4sBC4KJs++Hw5pJ1oU+ks= ) + 0 NSEC txt500.edns512. A RRSIG NSEC + 0 RRSIG NSEC 10 2 0 ( + 20441127043557 20141205043557 59033 edns512. + DP0dAdDzZRS91BYNOzrHPbcGRRDTdkk+fAHi + Zb+kQ6Eur3EbXrrc/zH9UBmqircogWtOk8iv + h83G5y7Ry/tKQdrqb2igbkLo/BFsyeLKZFLh + DuWbSVvC1Hhs9tzFHVcH5gUObmlrj7wQd3T5 + Iq4ZHbQCHg4OWZbS2gn+90uL/G5OHncE2Ni9 + ELp3puFG+mO5RJJbF6CpU6vVGRs+kQyHREmj + i9kQ6C/12SHPnuIW8v/IP6EUSNb92mJk5n9P + N7EW1E67zCrHSh0rURz627hZRkpt831uod9H + Yf/Uj88zyTkprnBYdflydOzsjBiLMJwMh1CZ + BQ4EkEuRinkFeE3fmKHzv26S/HSbhVIS9E2z + nF7InmHB67uJvqj0oBTP2YFQdrDx5KWNBrqG + 4wB+OYnc6RSKrJWuvzUzyK4mCK619lVhgMi5 + Jl6kBo7swgeriVhEODJVcX1ZEkd5WUwkpumw + JReLYStQKM8AbulcLQ4/bPwurhVPDpoNK6WL + kuv0MXijsFWps43ojok6DGPD01c7FRWxAKZV + eywmEIGLSYHDnWAzVIErXuO7RPfvLIVlZJzq + nzVj0ZLDh2BrrwbLt5zoETY5Ka6d6/YUXJLQ + Y+lxqTaDuJHnTqF7vcvxdkjYtR6JhsA4nfAO + TJHTtETInoRdXBTHahG5Q6tkj3kbhqR7dBc= ) diff --git a/bin/tests/system/legacy/ns6/named.args b/bin/tests/system/legacy/ns6/named.args new file mode 100644 index 0000000..64e5524 --- /dev/null +++ b/bin/tests/system/legacy/ns6/named.args @@ -0,0 +1 @@ +-m record,size,mctx -c named.conf -d 99 -D legacy-ns6 -X named.lock -g -U 4 -T maxcachesize=2097152 -T maxudp512 diff --git a/bin/tests/system/legacy/ns6/named.conf.in b/bin/tests/system/legacy/ns6/named.conf.in new file mode 100644 index 0000000..17f19d9 --- /dev/null +++ b/bin/tests/system/legacy/ns6/named.conf.in @@ -0,0 +1,29 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * SPDX-License-Identifier: MPL-2.0 + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, you can obtain one at https://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +options { + query-source address 10.53.0.6; + notify-source 10.53.0.6; + transfer-source 10.53.0.6; + port @PORT@; + pid-file "named.pid"; + listen-on { 10.53.0.6; }; + listen-on-v6 { none; }; + recursion no; + dnssec-validation no; +}; + +zone "edns512" { + type primary; + file "edns512.db.signed"; +}; diff --git a/bin/tests/system/legacy/ns6/sign.sh b/bin/tests/system/legacy/ns6/sign.sh new file mode 100755 index 0000000..6ebc2a4 --- /dev/null +++ b/bin/tests/system/legacy/ns6/sign.sh @@ -0,0 +1,31 @@ +#!/bin/sh + +# Copyright (C) Internet Systems Consortium, Inc. ("ISC") +# +# SPDX-License-Identifier: MPL-2.0 +# +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, you can obtain one at https://mozilla.org/MPL/2.0/. +# +# See the COPYRIGHT file distributed with this work for additional +# information regarding copyright ownership. + +SYSTEMTESTTOP=../.. +. $SYSTEMTESTTOP/conf.sh + +SYSTESTDIR=legacy + +echo_i "sign edns512" + +zone=edns512 +infile=edns512.db.in +zonefile=edns512.db +outfile=edns512.db.signed + +keyname1=`$KEYGEN -a RSASHA512 -b 4096 -n zone $zone 2> /dev/null` +keyname2=`$KEYGEN -f KSK -a RSASHA512 -b 4096 -n zone $zone 2> /dev/null` + +cat $infile $keyname1.key $keyname2.key >$zonefile + +$SIGNER -g -o $zone -f $outfile -e +30y $zonefile > /dev/null 2> signer.err || cat signer.err diff --git a/bin/tests/system/legacy/ns7/edns512-notcp.db.in b/bin/tests/system/legacy/ns7/edns512-notcp.db.in new file mode 100644 index 0000000..89f3e83 --- /dev/null +++ b/bin/tests/system/legacy/ns7/edns512-notcp.db.in @@ -0,0 +1,14 @@ +; Copyright (C) Internet Systems Consortium, Inc. ("ISC") +; +; SPDX-License-Identifier: MPL-2.0 +; +; This Source Code Form is subject to the terms of the Mozilla Public +; License, v. 2.0. If a copy of the MPL was not distributed with this +; file, you can obtain one at https://mozilla.org/MPL/2.0/. +; +; See the COPYRIGHT file distributed with this work for additional +; information regarding copyright ownership. + +@ 60 SOA ns marka.isc.org. 1 0 0 0 0 +@ 60 NS ns +ns 60 A 10.53.0.7 diff --git a/bin/tests/system/legacy/ns7/edns512-notcp.db.signed b/bin/tests/system/legacy/ns7/edns512-notcp.db.signed new file mode 100644 index 0000000..87c8036 --- /dev/null +++ b/bin/tests/system/legacy/ns7/edns512-notcp.db.signed @@ -0,0 +1,248 @@ +; File written on Fri Dec 5 16:35:58 2014 +; dnssec_signzone version 9.11.0pre-alpha +edns512-notcp. 60 IN SOA ns.edns512-notcp. marka.isc.org. ( + 1 ; serial + 0 ; refresh (0 seconds) + 0 ; retry (0 seconds) + 0 ; expire (0 seconds) + 0 ; minimum (0 seconds) + ) + 60 RRSIG SOA 10 1 60 ( + 20441127043558 20141205043558 59033 edns512-notcp. + ESBGgT1akISzDYasx1vDn4479d3zRZKvHIEb + OJIn2UqPVl6YDzcuUIqRwvFoqV7/eT4tllJ/ + DSywHFPKV5t42BvnF2bEtPJZb6GUg3ZCqja4 + CEaUNtqd4xyIT8BMT29w+d0OE6wbjaF3F3rS + RePp8RXde62vuR1rseTYLCF/V3jh1RvZCf3b + HnmavjU7Gzu6SG1IyBnxxJ43lvUOpKPbEiLa + H2MTRNzMxQ1CB7nv953XuWDjlqv37LqzQgt+ + qHYC+Tjqx5KVUMewOAbcc4sne+ohMgz9p04h + JS3TIejgOfybFcmsZnsiqPkR9GKlDJ/L6hBH + azWKrnaHgS5n/j1rIWteV70E/VKXmiVspWkj + asOQM5F/7+RZWBA/bVsJqQOUdt3o04h70bQ5 + mbPYY3AFpcpfPRVHoPAhvhMd5jdQoAY2SiI3 + Uehleuyt3K+tDPCdgRhkkFwI15OBH1Jh2Y59 + 7jvcXLqgI7T9kzUAbRpKOpR3+73Sa+UCx/Vw + iZqr03mBT8sSaZR1Zyd9y4b9yAQ7W2gHY1VM + 0N3lStdS938bwhcU5gN4ElkqXrwkCgVP8BoY + 3FotvKHUcLmnvrfKgnjcwReCJ66GeI+i205x + NcbDnmSfxYcW4VsLYA8yoQM+0NWmBBXT5JT/ + ybAmt683yRwbFnl/YovtNwXtNKMb8+FKJjw= ) + 60 NS ns.edns512-notcp. + 60 RRSIG NS 10 1 60 ( + 20441127043558 20141205043558 59033 edns512-notcp. + FLwTgbguhIW1UHjObRRogJg6RA5/32Sd7623 + +btt7TqXchUMJyQsiIdZ0g5+NKQNawnhY4CV + NwNTeEiW55fjrZJC1A+nwBXGeE0MP9a2ngkj + PNK6spLXe67hMqudgbdp3toSfx1M3jI4PJ0Q + ji1UryuIqleR6w77JiaSB55MpoVDUVui/y/Y + VYHJ2z4wVBA0upoLegE5S9fWWpWIuD8aCU9y + +WMWhUd92Jm1Z9NWc7M9cwPp5/CAmitV5wjZ + wWu17WytNbwpYBww+DB72CrvvMZvVw8fcbdC + 5FIxIr6Ed0dNjfoakcPTW5EtDTk9ms6AjdMn + edNRZXgVuGZEenqmmsfuHFvNCurrNZJHG/je + xm5qhN9N85pmBILWpJPArKxwC37i00t/28Wx + FY7H2a7RWgtHkxuvnh4pwpidr2ZD+L5hQQ+c + O7CpzQMmS+dFOLF4/FOs6d/Do/7rxs1plUgp + NjOW3ts4tK1OkKPypXovuMxyLQstrnTkCNjA + pA+K5OBXdEsmtbIhXVAlARcyXXoKnYVFqd9c + Czu0kS4xy8B/auWcBzPMVYuTWGhNWemm7J9P + 0zOOB4n6nsaM7/UIoWK7Qx1CJLLOiWdEYNur + ouS9X97/LnsRcO/SPWB0aBTJgsMVQBkDB073 + 0eZBJmUIAMidot4okbC3hQ3atQ0pGhDaAIo= ) + 0 NSEC ns.edns512-notcp. NS SOA RRSIG NSEC DNSKEY + 0 RRSIG NSEC 10 1 0 ( + 20441127043558 20141205043558 59033 edns512-notcp. + JEdGV3CAGd23NG76F0B6FT6uz6TNWmP3Ecck + aI8djQLmnhu8vV1eYf4JCAS/EBOU/gS7iP+R + ziiJ3bPrvA1JSJhieTGw8K5IplUSTGHmlaIq + PfKRqN41mB9f3qI3PkN8h0Y2SbLKjYMIrHG1 + 1R3LubcKwyEc+Y4ylqySaYO7JPcGznvWiu8k + KLcvYsBOy2V9gjY2Q1BYP6TR0QyYMXDht7cR + 27YSG2D+LP0HDIFV4f7T1SLjGmDl6ROh2Rnn + i51tnK02IwoDs207RC1ExlVqD4n/3JZIkh+M + c5FoPK/fV6IRz5cdwLk1Mv2ovihxPjryFLdw + 1ULSEc7gK8EkYfedv336GgZbDEWhWQgmVhPE + h26vJNF+ZSqWlo0tkKLAKzbd8yEguPf6HY1e + 0v5KVnUV3lINJIOmWtXDZNXho8WzA4WViqqW + yn+nTnRBg/20WdpHEhVDJKywQvKY6zsXMN8G + J++lx6FalaFdgE4gNcQQsu11VQDnJO90kKBU + uVRkFQArPj0TEaUWq+ZC1eJLKtraO9w/5ybw + LaIKBJBAcyU2jy7ieRc+NEY6rE2XOfJs0kEa + 8q5vM9/AFbX01yUEKnYj2CO/VhtfUa2tHEVo + JhATux63HBiTwhiYcyjfKhYcML2KoEYUCYU/ + DAdy4zrs352EC3gVxagyUxCNJZ1Bq0wq+jI= ) + 60 DNSKEY 256 3 10 ( + AwEAAcEBkn/cuVhdRTWMHt19O7h9F4Hx2t68 + u1JUZg7swLLvwfljqnNYjsKYk9EzUhIaYOAH + tVe7//cYwoVU4BFhY2DGbx1YE1LnKIGxfqpo + pFxDZC34TTl6jpoTP6kvj+XpeO0HfF2+DcyN + gnQcMGgHXyLWeRUJFt1As6o9tmsBiInGIZMT + E3/rANhtAGMLNzhRLN7CS/Tc5GhKaL66ueby + EYenEOAyDVgsuhr8Q9D5ka6xZmxzXFVswy2K + vsSxu9aoxVq4nACjIeTZ4GJy0v83zclV7hA+ + 5jlPDXMFtIpvwux5XALrNkUUPq+Fb5sc5/u1 + 41LcvdASnlk58I77HbsnfausvDxdYYxEns7K + 9e9N85dwyreM/OGTmm8p4hNDngZESAea7MrS + CsJpOGn9XLkVe6gZnBgB1cra+ezzTSWn+4QH + 17lIhFXYNjMV83df2h/gH3Gmthqnr9RgknZg + a8B/Czc7TeX6iy2gAOshKGyb6w12eJim1L8t + S5T138V8d6SigzxZz1raiJNolVhXyA8SbbDp + gBrcoEXN/WjwvWI+2ol5gzlqMeNw/F9SMoWd + pGIWkkNCNWBbhLWhp6qfhpRLUFwVys54LGOI + GSVRd9uJmc2hPdXoP8ephnCIeNJb8Zp6Dnps + syN0JaF815dKkOHff9GEjaiRLj0xWvtZSqNF + aGoB + ) ; ZSK; alg = RSASHA512; key id = 59033 + 60 DNSKEY 257 3 10 ( + AwEAAcEBkn/cuVhdRTWMHt19O7h9F4Hx2t68 + u1JUZg7swLLvwfljqnNYjsKYk9EzUhIaYOAH + tVe7//cYwoVU4BFhY2DGbx1YE1LnKIGxfqpo + pFxDZC34TTl6jpoTP6kvj+XpeO0HfF2+DcyN + gnQcMGgHXyLWeRUJFt1As6o9tmsBiInGIZMT + E3/rANhtAGMLNzhRLN7CS/Tc5GhKaL66ueby + EYenEOAyDVgsuhr8Q9D5ka6xZmxzXFVswy2K + vsSxu9aoxVq4nACjIeTZ4GJy0v83zclV7hA+ + 5jlPDXMFtIpvwux5XALrNkUUPq+Fb5sc5/u1 + 41LcvdASnlk58I77HbsnfausvDxdYYxEns7K + 9e9N85dwyreM/OGTmm8p4hNDngZESAea7MrS + CsJpOGn9XLkVe6gZnBgB1cra+ezzTSWn+4QH + 17lIhFXYNjMV83df2h/gH3Gmthqnr9RgknZg + a8B/Czc7TeX6iy2gAOshKGyb6w12eJim1L8t + S5T138V8d6SigzxZz1raiJNolVhXyA8SbbDp + gBrcoEXN/WjwvWI+2ol5gzlqMeNw/F9SMoWd + pGIWkkNCNWBbhLWhp6qfhpRLUFwVys54LGOI + GSVRd9uJmc2hPdXoP8ephnCIeNJb8Zp6Dnps + syN0JaF815dKkOHff9GEjaiRLj0xWvtZSqNF + aGoB + ) ; KSK; alg = RSASHA512; key id = 59034 + 60 RRSIG DNSKEY 10 1 60 ( + 20441127043558 20141205043558 59033 edns512-notcp. + IrMpyEssdfDiqBDfMI5BVicoN5Upu20Bq0eL + BKXuiYBoRhBJhBnv6bovD0XWMf0spgPMHz4f + lgc0zT+41lQykiydy6WDLJ184E4If35ip9jp + Lj2yJGKUCr1FrvtciYPmYuH3wBIWl5wNlzJd + qH3P6nO3xYU4lgsBQPDUKvLHX7HIuSJB+2by + wbs3jj5Q78Ri1ELqKCCicfKbZwsRY9vexjw8 + ptuJh+Y8kvhM/Yh7NyG5PByb5GRVVCCZ20ms + msBCiniPb/5IFiy7iUUiderLsa3y4UauTOKD + pKiOkBbB0XfxZtAsTZFU2W5seo6eoW3LfLp5 + fD/qqUKyRZzPZaqJmp2n7egmX3WmRw11ILXk + LEuXA3P65YVbfqv08lZHz5K6xFhWsIJoBeev + 2leb3hN6nmSFApltdF0PDEfq1ZV+sBpOBsKN + EekIGAYO28u3+7pjxMzMe5EMtDAajb9bZCT6 + 3ZTMPjlyT5ChtNRSIvgzgbfYAn1bigtQ+Opu + Jp82U+N1FRBNaSz7uw2uDAiE/cSNgfGIC7Dd + KBzWE6z/HFCzQp/gF8006AjztDq/SnyHWnWX + RzfMi1pE2IOT/GoCKOQwQNei0cG/ar+/ntVp + 3yg9PbYdhdMH8IQ1GpwczFfD1/I2/wuOGzPw + 1iFhd3dT9Sz2xgF/8xS95Ljgy8YgP+pmE3c= ) + 60 RRSIG DNSKEY 10 1 60 ( + 20441127043558 20141205043558 59034 edns512-notcp. + VusByVbeIayH6KfnbhxLKycQfjU2L2Ilfa9o + K/MjEve4vMjqKeYV0oNan2X4DvPZusKeMVJp + JhQxvBz2GXE6syjrL5eEQtdcn6MW5Ew40w2E + i7BCGiHYrxH+SJqSORl5pBjihe24dRWoHHt/ + 3CVBE18TU+ubSdLgOT3SvBtffJ1NVtvtCgpP + /yIgffhHOU/F0J+ewL6lmYzrkj/48Ep8F9e9 + suAoorKmRP4zmeiojQedM+4PfbRn0doOLFIR + 8RZK8rv9WeQv1mhUh9s0zY4UARRGRb9i8Zhr + ERor3lZprmujx/Ok6XndTW7vRY/0IfC2i99C + 0zfcIdzuZ96YtiUFFTynptz3yxrJqQxeJaFt + vuZ4rd5XqSb3uPu8wVzYJEwhNRPJGqBpRAba + vxqOV1HAw89t1sUKXQR2qQ4HvpIzRIxFpIKQ + hRPMyd6uz0EtPQFE6ri1C5JkZkbdZ0r5SauY + EqZMsIl8oGtt1S5kEK2Agqx4b1pUfSv6cOLb + 765SGYVr1RdjmFZ7ftYYZPyMKJl6t3/ruZ9f + iazQGzoO6O+nQq3DD8EjZynsnAedzyEe3Hxd + tJM1Rm3nWAPka4QV5hdzpU93N/ao4tRuCYp/ + 4pnVlc8MStuyuy9RRapEoOMs0iIQFPdidU+V + aM+ZSOa6RbYwzvzmX7I1UxBf5gKJzuDydDA= ) +ns.edns512-notcp. 60 IN A 10.53.0.7 + 60 RRSIG A 10 2 60 ( + 20441127043558 20141205043558 59033 edns512-notcp. + eY/gUZcEKDE0loJ4zaxwJDg4E/S+ILJOrJrC + Yb64VWSE7RAzoQt8gYXAcEec4NLo2ZFsckTL + O0jD4db+q1rJLtniw+Xg/fckXvjxt21jNR43 + +rW17ZuEYYlOWg9o+NyP9QnLjxNOR22f6gSx + FCLOca+8Yoxf4bw7EsdV98KajMFpcljQu2iE + NOKCoDSdunaZnhdP8kVuXO7P+VEXRa1OFzxb + mm2axihSqXcA7vdEdpGmTWoUFdG7p61Kl8Jw + rQzT7RiA3PoeyYoQ2wC2oitRr4lnsN/IF1vz + D3ldJ6pnYNVYmSHaS2potOMNDSTZtgV2LUmx + pqsaa3coYaJPJj0ijWzxw77nAXXQ7u/YWIzz + vUhXKygQIZaInl1msFPkFRy4AqriDmDnAAfJ + YyPunq7VkR2ExUhU1iFGGmDFE35ktxFl6AWL + /0CWElHPwuvqGksLnxrE7Syr25TOC+EhqDUS + G5X7/7Cb+Hl/twlA4oYDv8eXCwxMsncMp1cn + VDfwOrN4/JWzYcqNLTZHFRr+Uz7Fo8tGAri0 + p7yDVHg35QN7usMKfsU3WnoOm1VlD/sU8bTW + 32dudd3yauhdKlmytZ2s2PMrXBf7/fsjDlY6 + ZEc91TwM9Yt71FQ27XKoP5eFGajlxG+haoyB + 6jfoV4cIDq4MVerLOSUlczFjczbBXLHwLno= ) + 0 NSEC txt500.edns512-notcp. A RRSIG NSEC + 0 RRSIG NSEC 10 2 0 ( + 20441127043558 20141205043558 59033 edns512-notcp. + mR1PHdEWNP90/80SAlKkj7jV0hBj0eDxM5Q0 + RGPbv2pb1fOT/W8dTe2Qm/qwE0aY4nmRfiah + 8klCAXH9gvVAQFbPlz8tkLKEOrKjZM/YP9Vd + EoUmYj6+G2OXYvvetVStpqfiSK731iPUhKUD + Y0uYUzTyqgmOyyKWApk1+C+b3fYNS2E0jA77 + riOCULE2FSPim7cEGS7JWE22qRY4//ENQZ27 + eA+KbkXWR+vdqnQ6vs1cIwsbGbFFzmcogMT2 + 3cN1e2lNbzTZIpVd9ukwp8FqyT0p7oz+q5r/ + so4Zq0EGx473OgThMfTMs6pOg7L6M60jMhmF + 8V50dpePHmFLxI/Nn4kvxcUt684L3TWGObFQ + y9vxO8Wh66+USSX8jyDnP8mtMnGEeHD9SVYz + WIbCDVUsvSkFqSi/2o1/SZYWQ+wXkj6qO2Mz + JIgJKucALub0dOfaoncPYa7kfOxEOmgwY39I + RQodc53Brhgn6IF/1zNxZd5/FpWUs4ivrpsN + MOKy/E+MJiaGOdj1RwNlDdZQNtamexxOjcaD + 6pWAD44LgakoELE0Ktxtl/oMmouky0Dx/zwN + e9nEBTe9nTbG99lbzuGZ2vWkfqA1EsliCryd + wH6+EF3l5w9EEKBdVgBIEoHZ92TaiiJfRmFQ + LwEjS+AYjQKzmvp47lGqQf8/ggvMxcv/SCE= ) +txt500.edns512-notcp. 60 IN TXT "01234567890123456789012345678901234567890123456789" "01234567890123456789012345678901234567890123456789" "01234567890123456789012345678901234567890123456789" "01234567890123456789012345678901234567890123456789" "01234567890123456789012345678901234567890123456789" "01234567890123456789012345678901234567890123456789" "01234567890123456789012345678901234567890123456789" "01234567890123456789012345678901234567890123456789" "01234567890123456789012345678901234567890123456789" "01234567890123456789012345678901234567890123456789" "01234567890123456789012345678901234567890123456789" "01234567890123456789012345678901234567890123456789" + 60 RRSIG TXT 10 2 60 ( + 20441127043558 20141205043558 59033 edns512-notcp. + fpzr1/DNby1CMHfZclvga7Pk9S3tqWn0wwC9 + xsUhYoPRcaIN4o9g5rOC0fxX1W4Q6gEXt0l2 + fKzUdxE9QqTgpJOAOcMJa7D1yRo2ifVoX3Oq + M2lUYusg3o0Wg1JuNnf3DXaSaLOiYOrS2ixs + XnPwU0pLiniGIT9Bh2OuMBPs5YP2dZRKKJ7z + VrxE4F213A0FQfN68tIbN5XrzwO8EfyjBTyM + YtApC33vMajYeILnFemLrs9VL5hbLoyKcyqg + 1n0eSXhneHlYgsS5anSXWOSd9sT46jqpFwYF + O+frR2DNmdua4eZiUqA9HMgvaQnNodVU2Z5r + 5lzrHSVSXS/Au7kp4FZtYCUj2W4m/grOidH9 + ulwM0Ut+OZOOLHVcwBQGuedEEwU/h+YGbJH6 + fomTvfW+NAaL6X3IJggcQnHmCOTf0f3xXeXT + iHK1hE+iabTQ8gCabt4KCQ11Oz8zu3j7ZB5T + 2byQ49N2jj+i8+p2wsRbnz5Algx15KP11NM0 + lUb+fhPlIrhbgwqPtv8udeRsBpRAwHXWrz5m + BxWQ5X52frQAPNoi51q5tTWE7UlpLYFBeXtW + 0XY7o6+TqP+EN5lGwddNhS0wYRWE10M2Es8A + 2q1RKIBDSPB3XEeULrQ6ciDgiDQ7T55p1KKM + r25OyqYCGZs9obDHnNVNQP2rTjfm6062TSo= ) + 0 NSEC edns512-notcp. TXT RRSIG NSEC + 0 RRSIG NSEC 10 2 0 ( + 20441127043558 20141205043558 59033 edns512-notcp. + pTTiIXjWLSH1Qm59kZlX0QmXtm7gDhL4RdQF + sHMtxZA1JhWjBC3u48C8M19ZWTu1xmTrhuil + tPV9a4u9zTasPWOy2HSKnl/jMaqGZ3xa96mo + I1qULVqb8XRTYqPsJ3reD6x9jJepEFAsK+xa + /TdrFTfZ5Oc0RYLQxH2qrJVc2n7S5gCHp10O + extcck2cyhiaRnI/wha6PdAXKG0ikX/oKAQL + hMcNUpOeewJLTvXasVPf4cF9O0B1/wXun3C4 + lkzKF+fYBe2qg6ikGgsHws72/TYD2xDOae41 + yjkVwdthTECDzedPc6jbKeApyEGA1G2lc7Ie + DE1rLRP3OhME5X9bhPcQnop4k583RQI0QY60 + PUdZ/cr99eM6Zj3Mal6zBrebPiBAJVnr8C4X + /ozv3MFmaoNalB0JuTVojCboQ6Sf7+UCumXk + VK56zx6ZiGcwtnKHRQZIGGsHpPt28zo33wKJ + 0xljGuxfnxstGGmUUCTrhi0U/8991ZdqnjHg + hBkWxmEm1X5ioIVy5c5M6baSoEmls4iwad/O + vU9cx0aXxqir7/5jYlMFjn6Xo2BuUVQWf/LY + E9rZRZUN0a4sh7Wj8pjKS1hJ5pTK9C3ijEqD + Y9B5OslWHcOhSlv4q9YwuZkBo/b8UiV6EOnS + vE/TgzfP7DcXjTI5qErka0iJMxz/m90VuiU= ) diff --git a/bin/tests/system/legacy/ns7/named.args b/bin/tests/system/legacy/ns7/named.args new file mode 100644 index 0000000..e491a95 --- /dev/null +++ b/bin/tests/system/legacy/ns7/named.args @@ -0,0 +1 @@ +-m record,size,mctx -c named.conf -d 99 -D legacy-ns7 -X named.lock -g -U 4 -T maxcachesize=2097152 -T maxudp512 diff --git a/bin/tests/system/legacy/ns7/named.conf.in b/bin/tests/system/legacy/ns7/named.conf.in new file mode 100644 index 0000000..ada7d4f --- /dev/null +++ b/bin/tests/system/legacy/ns7/named.conf.in @@ -0,0 +1,32 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * SPDX-License-Identifier: MPL-2.0 + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, you can obtain one at https://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +options { + query-source address 10.53.0.7; + notify-source 10.53.0.7; + transfer-source 10.53.0.7; + port @PORT@; + pid-file "named.pid"; + listen-on { 10.53.0.7; }; + listen-on-v6 { none; }; + recursion no; + dnssec-validation no; + max-udp-size 4096; + edns-udp-size 4096; + nocookie-udp-size 4096; +}; + +zone "edns512-notcp" { + type primary; + file "edns512-notcp.db.signed"; +}; diff --git a/bin/tests/system/legacy/ns7/named.notcp b/bin/tests/system/legacy/ns7/named.notcp new file mode 100644 index 0000000..e25c3a8 --- /dev/null +++ b/bin/tests/system/legacy/ns7/named.notcp @@ -0,0 +1 @@ +notcp diff --git a/bin/tests/system/legacy/ns7/sign.sh b/bin/tests/system/legacy/ns7/sign.sh new file mode 100755 index 0000000..90ceca9 --- /dev/null +++ b/bin/tests/system/legacy/ns7/sign.sh @@ -0,0 +1,34 @@ +#!/bin/sh + +# Copyright (C) Internet Systems Consortium, Inc. ("ISC") +# +# SPDX-License-Identifier: MPL-2.0 +# +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, you can obtain one at https://mozilla.org/MPL/2.0/. +# +# See the COPYRIGHT file distributed with this work for additional +# information regarding copyright ownership. + +SYSTEMTESTTOP=../.. +. $SYSTEMTESTTOP/conf.sh + +SYSTESTDIR=legacy + +echo_i "sign edns512-notcp" + +zone=edns512-notcp +infile=edns512-notcp.db.in +zonefile=edns512-notcp.db +outfile=edns512-notcp.db.signed + +keyname1=`$KEYGEN -a RSASHA512 -b 4096 -n zone $zone 2> /dev/null` +keyname2=`$KEYGEN -f KSK -a RSASHA512 -b 4096 -n zone $zone 2> /dev/null` + +cat $infile $keyname1.key $keyname2.key >$zonefile + +$SIGNER -g -o $zone -f $outfile -e +30y $zonefile > /dev/null 2> signer.err || cat signer.err + +keyfile_to_static_ds $keyname2 > trusted.conf +cp trusted.conf ../ns1 diff --git a/bin/tests/system/legacy/ns8/ednsformerr.db b/bin/tests/system/legacy/ns8/ednsformerr.db new file mode 100644 index 0000000..9aa3a4a --- /dev/null +++ b/bin/tests/system/legacy/ns8/ednsformerr.db @@ -0,0 +1,14 @@ +; Copyright (C) Internet Systems Consortium, Inc. ("ISC") +; +; SPDX-License-Identifier: MPL-2.0 +; +; This Source Code Form is subject to the terms of the Mozilla Public +; License, v. 2.0. If a copy of the MPL was not distributed with this +; file, you can obtain one at https://mozilla.org/MPL/2.0/. +; +; See the COPYRIGHT file distributed with this work for additional +; information regarding copyright ownership. + +@ 60 SOA ns marka.isc.org. 1 0 0 0 0 +@ 60 NS ns +ns 60 A 10.53.0.8 diff --git a/bin/tests/system/legacy/ns8/named.conf.in b/bin/tests/system/legacy/ns8/named.conf.in new file mode 100644 index 0000000..7431cf8 --- /dev/null +++ b/bin/tests/system/legacy/ns8/named.conf.in @@ -0,0 +1,29 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * SPDX-License-Identifier: MPL-2.0 + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, you can obtain one at https://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +options { + query-source address 10.53.0.8; + notify-source 10.53.0.8; + transfer-source 10.53.0.8; + port @PORT@; + pid-file "named.pid"; + listen-on { 10.53.0.8; }; + listen-on-v6 { none; }; + recursion no; + dnssec-validation no; +}; + +zone "ednsformerr" { + type primary; + file "ednsformerr.db"; +}; diff --git a/bin/tests/system/legacy/ns8/named.ednsformerr b/bin/tests/system/legacy/ns8/named.ednsformerr new file mode 100644 index 0000000..e35cb02 --- /dev/null +++ b/bin/tests/system/legacy/ns8/named.ednsformerr @@ -0,0 +1 @@ +ednsformerr diff --git a/bin/tests/system/legacy/ns9/ednsnotimp.db b/bin/tests/system/legacy/ns9/ednsnotimp.db new file mode 100644 index 0000000..9aa3a4a --- /dev/null +++ b/bin/tests/system/legacy/ns9/ednsnotimp.db @@ -0,0 +1,14 @@ +; Copyright (C) Internet Systems Consortium, Inc. ("ISC") +; +; SPDX-License-Identifier: MPL-2.0 +; +; This Source Code Form is subject to the terms of the Mozilla Public +; License, v. 2.0. If a copy of the MPL was not distributed with this +; file, you can obtain one at https://mozilla.org/MPL/2.0/. +; +; See the COPYRIGHT file distributed with this work for additional +; information regarding copyright ownership. + +@ 60 SOA ns marka.isc.org. 1 0 0 0 0 +@ 60 NS ns +ns 60 A 10.53.0.8 diff --git a/bin/tests/system/legacy/ns9/named.conf.in b/bin/tests/system/legacy/ns9/named.conf.in new file mode 100644 index 0000000..385fbfd --- /dev/null +++ b/bin/tests/system/legacy/ns9/named.conf.in @@ -0,0 +1,29 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * SPDX-License-Identifier: MPL-2.0 + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, you can obtain one at https://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +options { + query-source address 10.53.0.9; + notify-source 10.53.0.9; + transfer-source 10.53.0.9; + port @PORT@; + pid-file "named.pid"; + listen-on { 10.53.0.9; }; + listen-on-v6 { none; }; + recursion no; + dnssec-validation no; +}; + +zone "ednsnotimp" { + type primary; + file "ednsnotimp.db"; +}; diff --git a/bin/tests/system/legacy/ns9/named.ednsnotimp b/bin/tests/system/legacy/ns9/named.ednsnotimp new file mode 100644 index 0000000..4e6424d --- /dev/null +++ b/bin/tests/system/legacy/ns9/named.ednsnotimp @@ -0,0 +1 @@ +ednsnotimp diff --git a/bin/tests/system/legacy/setup.sh b/bin/tests/system/legacy/setup.sh new file mode 100644 index 0000000..2356d8f --- /dev/null +++ b/bin/tests/system/legacy/setup.sh @@ -0,0 +1,26 @@ +#!/bin/sh + +# Copyright (C) Internet Systems Consortium, Inc. ("ISC") +# +# SPDX-License-Identifier: MPL-2.0 +# +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, you can obtain one at https://mozilla.org/MPL/2.0/. +# +# See the COPYRIGHT file distributed with this work for additional +# information regarding copyright ownership. + +SYSTEMTESTTOP=.. +. $SYSTEMTESTTOP/conf.sh + +copy_setports ns1/named1.conf.in ns1/named.conf +copy_setports ns2/named.conf.in ns2/named.conf +copy_setports ns3/named.conf.in ns3/named.conf +copy_setports ns4/named.conf.in ns4/named.conf +copy_setports ns5/named.conf.in ns5/named.conf +copy_setports ns6/named.conf.in ns6/named.conf +copy_setports ns7/named.conf.in ns7/named.conf +copy_setports ns8/named.conf.in ns8/named.conf +copy_setports ns9/named.conf.in ns9/named.conf +copy_setports ns10/named.conf.in ns10/named.conf diff --git a/bin/tests/system/legacy/tests.sh b/bin/tests/system/legacy/tests.sh new file mode 100755 index 0000000..5e1622b --- /dev/null +++ b/bin/tests/system/legacy/tests.sh @@ -0,0 +1,275 @@ +#!/bin/sh + +# Copyright (C) Internet Systems Consortium, Inc. ("ISC") +# +# SPDX-License-Identifier: MPL-2.0 +# +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, you can obtain one at https://mozilla.org/MPL/2.0/. +# +# See the COPYRIGHT file distributed with this work for additional +# information regarding copyright ownership. + +SYSTEMTESTTOP=.. +. $SYSTEMTESTTOP/conf.sh + +DIGOPTS="-p ${PORT} +tries=1 +time=2" + +# Check whether the SOA record for the name provided in $1 can be resolved by +# ns1. Return 0 if resolution succeeds as expected; return 1 otherwise. +resolution_succeeds() { + _ret=0 + $DIG $DIGOPTS +tcp +tries=3 +time=5 @10.53.0.1 ${1} SOA > dig.out.test$n || _ret=1 + grep "status: NOERROR" dig.out.test$n > /dev/null || _ret=1 + return $_ret +} + +# Check whether the SOA record for the name provided in $1 can be resolved by +# ns1. Return 0 if resolution fails as expected; return 1 otherwise. Note that +# both a SERVFAIL response and timing out mean resolution failed, so the exit +# code of dig does not influence the result (the exit code for a SERVFAIL +# response is 0 while the exit code for not getting a response at all is not 0). +resolution_fails() { + _servfail=0 + _timeout=0 + $DIG $DIGOPTS +tcp +time=5 @10.53.0.1 ${1} SOA > dig.out.test$n + grep "status: SERVFAIL" dig.out.test$n > /dev/null && _servfail=1 + grep "connection timed out" dig.out.test$n > /dev/null && _timeout=1 + if [ $_servfail -eq 1 ] || [ $_timeout -eq 1 ]; then + return 0 + else + return 1 + fi +} + +status=0 +n=0 + +n=`expr $n + 1` +echo_i "checking formerr edns server setup ($n)" +ret=0 +$DIG $DIGOPTS +edns @10.53.0.8 ednsformerr soa > dig.out.1.test$n || ret=1 +grep "status: FORMERR" dig.out.1.test$n > /dev/null || ret=1 +grep "EDNS: version:" dig.out.1.test$n > /dev/null && ret=1 +$DIG $DIGOPTS +noedns @10.53.0.8 ednsformerr soa > dig.out.2.test$n || ret=1 +grep "status: NOERROR" dig.out.2.test$n > /dev/null || ret=1 +grep "EDNS: version:" dig.out.2.test$n > /dev/null && ret=1 +if [ $ret != 0 ]; then echo_i "failed"; fi +status=`expr $status + $ret` + +n=`expr $n + 1` +echo_i "checking recursive lookup to formerr edns server succeeds ($n)" +ret=0 +resolution_succeeds ednsformerr. || ret=1 +if [ $ret != 0 ]; then echo_i "failed"; fi +status=`expr $status + $ret` + +n=`expr $n + 1` +echo_i "checking notimp edns server setup ($n)" +ret=0 +$DIG $DIGOPTS +edns @10.53.0.9 ednsnotimp soa > dig.out.1.test$n || ret=1 +grep "status: NOTIMP" dig.out.1.test$n > /dev/null || ret=1 +grep "EDNS: version:" dig.out.1.test$n > /dev/null && ret=1 +$DIG $DIGOPTS +noedns @10.53.0.9 ednsnotimp soa > dig.out.2.test$n || ret=1 +grep "status: NOERROR" dig.out.2.test$n > /dev/null || ret=1 +grep "EDNS: version:" dig.out.2.test$n > /dev/null && ret=1 +if [ $ret != 0 ]; then echo_i "failed"; fi +status=`expr $status + $ret` + +n=`expr $n + 1` +echo_i "checking recursive lookup to notimp edns server fails ($n)" +ret=0 +resolution_fails ednsnotimp. || ret=1 +if [ $ret != 0 ]; then echo_i "failed"; fi +status=`expr $status + $ret` + +n=`expr $n + 1` +echo_i "checking refused edns server setup ($n)" +ret=0 +$DIG $DIGOPTS +edns @10.53.0.10 ednsrefused soa > dig.out.1.test$n || ret=1 +grep "status: REFUSED" dig.out.1.test$n > /dev/null || ret=1 +grep "EDNS: version:" dig.out.1.test$n > /dev/null && ret=1 +$DIG $DIGOPTS +noedns @10.53.0.10 ednsrefused soa > dig.out.2.test$n || ret=1 +grep "status: NOERROR" dig.out.2.test$n > /dev/null || ret=1 +grep "EDNS: version:" dig.out.2.test$n > /dev/null && ret=1 +if [ $ret != 0 ]; then echo_i "failed"; fi +status=`expr $status + $ret` + +n=`expr $n + 1` +echo_i "checking recursive lookup to refused edns server fails ($n)" +ret=0 +resolution_fails ednsrefused. || ret=1 +if [ $ret != 0 ]; then echo_i "failed"; fi +status=`expr $status + $ret` + +n=`expr $n + 1` +echo_i "checking drop edns server setup ($n)" +ret=0 +$DIG $DIGOPTS +edns @10.53.0.2 dropedns soa > dig.out.1.test$n && ret=1 +grep "connection timed out; no servers could be reached" dig.out.1.test$n > /dev/null || ret=1 +$DIG $DIGOPTS +noedns @10.53.0.2 dropedns soa > dig.out.2.test$n || ret=1 +grep "status: NOERROR" dig.out.2.test$n > /dev/null || ret=1 +grep "EDNS: version:" dig.out.2.test$n > /dev/null && ret=1 +$DIG $DIGOPTS +noedns +tcp @10.53.0.2 dropedns soa > dig.out.3.test$n || ret=1 +grep "status: NOERROR" dig.out.3.test$n > /dev/null || ret=1 +grep "EDNS: version:" dig.out.3.test$n > /dev/null && ret=1 +$DIG $DIGOPTS +edns +tcp @10.53.0.2 dropedns soa > dig.out.4.test$n && ret=1 +grep "connection timed out; no servers could be reached" dig.out.4.test$n > /dev/null || ret=1 +if [ $ret != 0 ]; then echo_i "failed"; fi +status=`expr $status + $ret` + +n=`expr $n + 1` +echo_i "checking recursive lookup to drop edns server fails ($n)" +ret=0 +resolution_fails dropedns. || ret=1 +if [ $ret != 0 ]; then echo_i "failed"; fi +status=`expr $status + $ret` + +n=`expr $n + 1` +echo_i "checking drop edns + no tcp server setup ($n)" +ret=0 +$DIG $DIGOPTS +edns @10.53.0.3 dropedns-notcp soa > dig.out.1.test$n && ret=1 +grep "connection timed out; no servers could be reached" dig.out.1.test$n > /dev/null || ret=1 +$DIG $DIGOPTS +noedns +tcp @10.53.0.3 dropedns-notcp soa > dig.out.2.test$n && ret=1 +grep "connection refused" dig.out.2.test$n > /dev/null || ret=1 +$DIG $DIGOPTS +noedns @10.53.0.3 dropedns-notcp soa > dig.out.3.test$n || ret=1 +grep "status: NOERROR" dig.out.3.test$n > /dev/null || ret=1 +grep "EDNS: version:" dig.out.3.test$n > /dev/null && ret=1 +if [ $ret != 0 ]; then echo_i "failed"; fi +status=`expr $status + $ret` + +n=`expr $n + 1` +echo_i "checking recursive lookup to drop edns + no tcp server fails ($n)" +ret=0 +resolution_fails dropedns-notcp. || ret=1 +if [ $ret != 0 ]; then echo_i "failed"; fi +status=`expr $status + $ret` + +n=`expr $n + 1` +echo_i "checking plain dns server setup ($n)" +ret=0 +$DIG $DIGOPTS +edns @10.53.0.4 plain soa > dig.out.1.test$n || ret=1 +grep "status: NOERROR" dig.out.1.test$n > /dev/null || ret=1 +grep "EDNS: version:" dig.out.1.test$n > /dev/null && ret=1 +$DIG $DIGOPTS +edns +tcp @10.53.0.4 plain soa > dig.out.2.test$n +grep "status: NOERROR" dig.out.2.test$n > /dev/null || ret=1 +grep "EDNS: version:" dig.out.2.test$n > /dev/null && ret=1 +if [ $ret != 0 ]; then echo_i "failed"; fi +status=`expr $status + $ret` + +n=`expr $n + 1` +echo_i "checking recursive lookup to plain dns server succeeds ($n)" +ret=0 +resolution_succeeds plain. || ret=1 +if [ $ret != 0 ]; then echo_i "failed"; fi +status=`expr $status + $ret` + +n=`expr $n + 1` +echo_i "checking plain dns + no tcp server setup ($n)" +ret=0 +$DIG $DIGOPTS +edns @10.53.0.5 plain-notcp soa > dig.out.1.test$n || ret=1 +grep "status: NOERROR" dig.out.1.test$n > /dev/null || ret=1 +grep "EDNS: version:" dig.out.1.test$n > /dev/null && ret=1 +$DIG $DIGOPTS +edns +tcp @10.53.0.5 plain-notcp soa > dig.out.2.test$n +grep "connection refused" dig.out.2.test$n > /dev/null || ret=1 +if [ $ret != 0 ]; then echo_i "failed"; fi +status=`expr $status + $ret` + +n=`expr $n + 1` +echo_i "checking recursive lookup to plain dns + no tcp server succeeds ($n)" +ret=0 +resolution_succeeds plain-notcp. || ret=1 +if [ $ret != 0 ]; then echo_i "failed"; fi +status=`expr $status + $ret` +n=`expr $n + 1` + +echo_i "checking edns 512 server setup ($n)" +ret=0 +$DIG $DIGOPTS +edns @10.53.0.6 edns512 soa > dig.out.1.test$n || ret=1 +grep "status: NOERROR" dig.out.1.test$n > /dev/null || ret=1 +grep "EDNS: version:" dig.out.1.test$n > /dev/null || ret=1 +$DIG $DIGOPTS +edns +tcp @10.53.0.6 edns512 soa > dig.out.2.test$n || ret=1 +grep "status: NOERROR" dig.out.2.test$n > /dev/null || ret=1 +grep "EDNS: version:" dig.out.2.test$n > /dev/null || ret=1 +$DIG $DIGOPTS +edns +dnssec @10.53.0.6 edns512 soa > dig.out.3.test$n && ret=1 +grep "connection timed out; no servers could be reached" dig.out.3.test$n > /dev/null || ret=1 +$DIG $DIGOPTS +edns +dnssec +bufsize=512 +ignore @10.53.0.6 edns512 soa > dig.out.4.test$n || ret=1 +grep "status: NOERROR" dig.out.4.test$n > /dev/null || ret=1 +grep "EDNS: version:" dig.out.4.test$n > /dev/null || ret=1 +grep "flags:.* tc[ ;]" dig.out.4.test$n > /dev/null || ret=1 +if [ $ret != 0 ]; then echo_i "failed"; fi +status=`expr $status + $ret` + +n=`expr $n + 1` +echo_i "checking recursive lookup to edns 512 server succeeds ($n)" +ret=0 +resolution_succeeds edns512. || ret=1 +if [ $ret != 0 ]; then echo_i "failed"; fi +status=`expr $status + $ret` + +n=`expr $n + 1` +echo_i "checking edns 512 + no tcp server setup ($n)" +ret=0 +$DIG $DIGOPTS +edns @10.53.0.7 edns512-notcp soa > dig.out.1.test$n || ret=1 +grep "status: NOERROR" dig.out.1.test$n > /dev/null || ret=1 +grep "EDNS: version:" dig.out.1.test$n > /dev/null || ret=1 +$DIG $DIGOPTS +edns +tcp @10.53.0.7 edns512-notcp soa > dig.out.2.test$n && ret=1 +grep "connection refused" dig.out.2.test$n > /dev/null || ret=1 +$DIG $DIGOPTS +edns +dnssec @10.53.0.7 edns512-notcp soa > dig.out.3.test$n && ret=1 +grep "connection timed out; no servers could be reached" dig.out.3.test$n > /dev/null || ret=1 +$DIG $DIGOPTS +edns +dnssec +bufsize=512 +ignore @10.53.0.7 edns512-notcp soa > dig.out.4.test$n || ret=1 +grep "status: NOERROR" dig.out.4.test$n > /dev/null || ret=1 +grep "EDNS: version:" dig.out.4.test$n > /dev/null || ret=1 +grep "flags:.* tc[ ;]" dig.out.4.test$n > /dev/null || ret=1 +if [ $ret != 0 ]; then echo_i "failed"; fi +status=`expr $status + $ret` + +n=`expr $n + 1` +echo_i "checking recursive lookup to edns 512 + no tcp server fails ($n)" +ret=0 +resolution_fails edns512-notcp. || ret=1 +if [ $ret != 0 ]; then echo_i "failed"; fi +status=`expr $status + $ret` + +n=`expr $n + 1` +echo_i "checking recursive lookup to edns 512 + no tcp server does not cause query loops ($n)" +ret=0 +sent=`grep -c -F "sending packet to 10.53.0.7" ns1/named.run` +if [ $sent -ge 10 ]; then + echo_i "ns1 sent $sent queries to ns7, expected less than 10" + ret=1 +fi +if [ $ret != 0 ]; then echo_i "failed"; fi +status=`expr $status + $ret` + +n=`expr $n + 1` +echo_i "checking that TCP failures do not influence EDNS statistics in the ADB ($n)" +ret=0 +rndc_dumpdb ns1 -adb || ret=1 +timeouts512=`sed -n "s|.*10\.53\.0\.7.*\[edns \([0-9/][0-9/]*\).*|\1|p" ns1/named_dump.db.test$n | awk -F/ '{print $NF}'` +if [ $timeouts512 -ne 0 ]; then + echo_i "512-byte EDNS timeouts according to ADB: $timeouts512, expected: 0" + ret=1 +fi +if [ $ret != 0 ]; then echo_i "failed"; fi +status=`expr $status + $ret` + +stop_server --use-rndc --port ${CONTROLPORT} ns1 +copy_setports ns1/named2.conf.in ns1/named.conf +start_server --noclean --restart --port ${PORT} ns1 + +n=`expr $n + 1` +echo_i "checking recursive lookup to edns 512 + no tcp + trust anchor fails ($n)" +# retry loop in case the server restart above causes transient failure +for try in 0 1 2 3 4 5 6 7 8 9; do + ret=0 + resolution_fails edns512-notcp. || ret=1 + [ "$ret" -eq 0 ] && break + sleep 1 +done +if [ $ret != 0 ]; then echo_i "failed"; fi +status=`expr $status + $ret` + +echo_i "exit status: $status" +[ $status -eq 0 ] || exit 1 |