diff options
Diffstat (limited to '')
| -rw-r--r-- | bin/tests/system/ckdnsrps.sh | 123 |
1 files changed, 64 insertions, 59 deletions
diff --git a/bin/tests/system/ckdnsrps.sh b/bin/tests/system/ckdnsrps.sh index afc405d..19eb054 100644 --- a/bin/tests/system/ckdnsrps.sh +++ b/bin/tests/system/ckdnsrps.sh @@ -18,7 +18,6 @@ set -e # Note that dnsrps.conf and dnsrps-secondary.conf are included in named.conf # and differ from dnsrpz.conf which is used by dnsrpzd. - . ../conf.sh DNSRPS_CMD=../rpz/dnsrps @@ -29,57 +28,64 @@ MCONF=dnsrps.conf SCONF=dnsrps-secondary.conf USAGE="$0: [-xAD] [-M dnsrps.conf] [-S dnsrps-secondary.conf]" while getopts "xADM:S:" c; do - case $c in - x) set -x; DEBUG=-x;; - A) AS_NS=yes;; - D) TEST_DNSRPS=yes;; - M) MCONF="$OPTARG";; - S) SCONF="$OPTARG";; - *) echo "$USAGE" 1>&2; exit 1;; - esac + case $c in + x) + set -x + DEBUG=-x + ;; + A) AS_NS=yes ;; + D) TEST_DNSRPS=yes ;; + M) MCONF="$OPTARG" ;; + S) SCONF="$OPTARG" ;; + *) + echo "$USAGE" 1>&2 + exit 1 + ;; + esac done shift $(expr $OPTIND - 1 || true) if [ "$#" -ne 0 ]; then - echo "$USAGE" 1>&2 - exit 1 + echo "$USAGE" 1>&2 + exit 1 fi # erase any existing conf files -cat /dev/null > $MCONF -cat /dev/null > $SCONF +cat /dev/null >$MCONF +cat /dev/null >$SCONF -add_conf () { - echo "$*" >>$MCONF - echo "$*" >>$SCONF +add_conf() { + echo "$*" >>$MCONF + echo "$*" >>$SCONF } if ! $FEATURETEST --enable-dnsrps; then - if [ -n "$TEST_DNSRPS" ]; then - add_conf "## DNSRPS disabled at compile time" - fi - add_conf "#skip" - exit 0 + if [ -n "$TEST_DNSRPS" ]; then + add_conf "## DNSRPS disabled at compile time" + fi + add_conf "#skip" + exit 0 fi if [ -z "$TEST_DNSRPS" ]; then - add_conf "## testing with native RPZ" - add_conf '#skip' - exit 0 + add_conf "## testing with native RPZ" + add_conf '#skip' + exit 0 else - add_conf "## testing with DNSRPS" + add_conf "## testing with DNSRPS" fi if [ ! -x "$DNSRPS_CMD" ]; then - add_conf "## make $DNSRPS_CMD to test DNSRPS" - add_conf '#skip' - exit 0 + add_conf "## make $DNSRPS_CMD to test DNSRPS" + add_conf '#skip' + exit 0 fi -if $DNSRPS_CMD -a >/dev/null; then : +if $DNSRPS_CMD -a >/dev/null; then + : else - add_conf "## DNSRPS provider library is not available" - add_conf '#skip' - exit 0 + add_conf "## DNSRPS provider library is not available" + add_conf '#skip' + exit 0 fi CMN=" dnsrps-options { dnsrpzd-conf ../dnsrpzd.conf @@ -90,7 +96,7 @@ CMN=" dnsrps-options { dnsrpzd-conf ../dnsrpzd.conf PRIMARY="$CMN" if [ -n "$AS_NS" ]; then - PRIMARY="$PRIMARY + PRIMARY="$PRIMARY qname-as-ns yes ip-as-ns yes" fi @@ -106,7 +112,6 @@ $CMN dnsrpzd '' }; # do not start dnsrpzd EOF - # DNSRPS is available. # The test should fail if the license is bad. add_conf "dnsrps-enable yes;" @@ -117,49 +122,49 @@ ALT_L=alt-dnsrpzd-license.conf # try ../rpz/alt-dnsrpzd-license.conf if alt-dnsrpzd-license.conf does not exist [ -s $ALT_L ] || ALT_L=../rpz/alt-dnsrpzd-license.conf if [ -s $ALT_L ]; then - SRC_L=$ALT_L - USE_ALT= + SRC_L=$ALT_L + USE_ALT= else - SRC_L=../rpz/dnsrpzd-license.conf - USE_ALT="## consider installing alt-dnsrpzd-license.conf" + SRC_L=../rpz/dnsrpzd-license.conf + USE_ALT="## consider installing alt-dnsrpzd-license.conf" fi cp $SRC_L $CUR_L # parse $CUR_L for the license zone name, primary IP addresses, and optional # transfer-source IP addresses -eval `sed -n -e 'y/ABCDEFGHIJKLMNOPQRSTUVWXYZ/abcdefghijklmnopqrstuvwxyz/'\ - -e 's/.*zone *\([-a-z0-9]*.license.fastrpz.com\).*/NAME=\1/p' \ - -e 's/.*farsight_fastrpz_license *\([0-9.]*\);.*/IPV4=\1/p' \ - -e 's/.*farsight_fastrpz_license *\([0-9a-f:]*\);.*/IPV6=\1/p' \ - -e 's/.*transfer-source *\([0-9.]*\);.*/TS4=-b\1/p' \ - -e 's/.*transfer-source *\([0-9a-f:]*\);.*/TS6=-b\1/p' \ - -e 's/.*transfer-source-v6 *\([0-9a-f:]*\);.*/TS6=-b\1/p' \ - $CUR_L` +eval $(sed -n -e 'y/ABCDEFGHIJKLMNOPQRSTUVWXYZ/abcdefghijklmnopqrstuvwxyz/' \ + -e 's/.*zone *\([-a-z0-9]*.license.fastrpz.com\).*/NAME=\1/p' \ + -e 's/.*farsight_fastrpz_license *\([0-9.]*\);.*/IPV4=\1/p' \ + -e 's/.*farsight_fastrpz_license *\([0-9a-f:]*\);.*/IPV6=\1/p' \ + -e 's/.*transfer-source *\([0-9.]*\);.*/TS4=-b\1/p' \ + -e 's/.*transfer-source *\([0-9a-f:]*\);.*/TS6=-b\1/p' \ + -e 's/.*transfer-source-v6 *\([0-9a-f:]*\);.*/TS6=-b\1/p' \ + $CUR_L) if [ -z "$NAME" ]; then - add_conf "## no DNSRPS tests; no license domain name in $SRC_L" - add_conf '#fail' - exit 0 + add_conf "## no DNSRPS tests; no license domain name in $SRC_L" + add_conf '#fail' + exit 0 fi if [ -z "$IPV4" ]; then - IPV4=license1.fastrpz.com - TS4= + IPV4=license1.fastrpz.com + TS4= fi if [ -z "$IPV6" ]; then - IPV6=license1.fastrpz.com - TS6= + IPV6=license1.fastrpz.com + TS6= fi # This TSIG key is common and NOT a secret KEY='hmac-sha256:farsight_fastrpz_license:f405d02b4c8af54855fcebc1' # Try IPv4 and then IPv6 to deal with IPv6 tunnel and connectivity problems -if `$DIG -4 -t axfr -y$KEY $TS4 $NAME @$IPV4 \ - | grep -i "^$NAME.*TXT" >/dev/null`; then - exit 0 +if $($DIG -4 -t axfr -y$KEY $TS4 $NAME @$IPV4 \ + | grep -i "^$NAME.*TXT" >/dev/null); then + exit 0 fi -if `$DIG -6 -t axfr -y$KEY $TS6 $NAME @$IPV6 \ - | grep -i "^$NAME.*TXT" >/dev/null`; then - exit 0 +if $($DIG -6 -t axfr -y$KEY $TS6 $NAME @$IPV6 \ + | grep -i "^$NAME.*TXT" >/dev/null); then + exit 0 fi add_conf "## DNSRPS lacks a valid license via $SRC_L" |