diff options
Diffstat (limited to 'bin/tests/system/legacy')
-rwxr-xr-x | bin/tests/system/legacy/ns6/sign.sh | 6 | ||||
-rwxr-xr-x | bin/tests/system/legacy/ns7/sign.sh | 8 | ||||
-rwxr-xr-x | bin/tests/system/legacy/tests.sh | 188 |
3 files changed, 101 insertions, 101 deletions
diff --git a/bin/tests/system/legacy/ns6/sign.sh b/bin/tests/system/legacy/ns6/sign.sh index f76b3c2..96ce285 100755 --- a/bin/tests/system/legacy/ns6/sign.sh +++ b/bin/tests/system/legacy/ns6/sign.sh @@ -22,9 +22,9 @@ infile=edns512.db.in zonefile=edns512.db outfile=edns512.db.signed -keyname1=$($KEYGEN -a RSASHA512 -b 4096 -n zone $zone 2> /dev/null) -keyname2=$($KEYGEN -f KSK -a RSASHA512 -b 4096 -n zone $zone 2> /dev/null) +keyname1=$($KEYGEN -a RSASHA512 -b 4096 -n zone $zone 2>/dev/null) +keyname2=$($KEYGEN -f KSK -a RSASHA512 -b 4096 -n zone $zone 2>/dev/null) cat $infile $keyname1.key $keyname2.key >$zonefile -$SIGNER -g -o $zone -f $outfile -e +30y $zonefile > /dev/null 2> signer.err || cat signer.err +$SIGNER -g -o $zone -f $outfile -e +30y $zonefile >/dev/null 2>signer.err || cat signer.err diff --git a/bin/tests/system/legacy/ns7/sign.sh b/bin/tests/system/legacy/ns7/sign.sh index c2153f9..82c6b7e 100755 --- a/bin/tests/system/legacy/ns7/sign.sh +++ b/bin/tests/system/legacy/ns7/sign.sh @@ -22,12 +22,12 @@ infile=edns512-notcp.db.in zonefile=edns512-notcp.db outfile=edns512-notcp.db.signed -keyname1=$($KEYGEN -a RSASHA512 -b 4096 -n zone $zone 2> /dev/null) -keyname2=$($KEYGEN -f KSK -a RSASHA512 -b 4096 -n zone $zone 2> /dev/null) +keyname1=$($KEYGEN -a RSASHA512 -b 4096 -n zone $zone 2>/dev/null) +keyname2=$($KEYGEN -f KSK -a RSASHA512 -b 4096 -n zone $zone 2>/dev/null) cat $infile $keyname1.key $keyname2.key >$zonefile -$SIGNER -g -o $zone -f $outfile -e +30y $zonefile > /dev/null 2> signer.err || cat signer.err +$SIGNER -g -o $zone -f $outfile -e +30y $zonefile >/dev/null 2>signer.err || cat signer.err -keyfile_to_static_ds $keyname2 > trusted.conf +keyfile_to_static_ds $keyname2 >trusted.conf cp trusted.conf ../ns1 diff --git a/bin/tests/system/legacy/tests.sh b/bin/tests/system/legacy/tests.sh index 44d3b11..ddb950b 100755 --- a/bin/tests/system/legacy/tests.sh +++ b/bin/tests/system/legacy/tests.sh @@ -20,10 +20,10 @@ DIGOPTS="-p ${PORT} +tries=1 +time=2" # Check whether the SOA record for the name provided in $1 can be resolved by # ns1. Return 0 if resolution succeeds as expected; return 1 otherwise. resolution_succeeds() { - _ret=0 - $DIG $DIGOPTS +tcp +tries=3 +time=5 @10.53.0.1 ${1} SOA > dig.out.test$n || _ret=1 - grep "status: NOERROR" dig.out.test$n > /dev/null || _ret=1 - return $_ret + _ret=0 + $DIG $DIGOPTS +tcp +tries=3 +time=5 @10.53.0.1 ${1} SOA >dig.out.test$n || _ret=1 + grep "status: NOERROR" dig.out.test$n >/dev/null || _ret=1 + return $_ret } # Check whether the SOA record for the name provided in $1 can be resolved by @@ -32,16 +32,16 @@ resolution_succeeds() { # code of dig does not influence the result (the exit code for a SERVFAIL # response is 0 while the exit code for not getting a response at all is not 0). resolution_fails() { - _servfail=0 - _timeout=0 - $DIG $DIGOPTS +tcp +time=5 @10.53.0.1 ${1} TXT > dig.out.test$n - grep -F "status: SERVFAIL" dig.out.test$n > /dev/null && _servfail=1 - grep -F "timed out" dig.out.test$n > /dev/null && _timeout=1 - if [ $_servfail -eq 1 ] || [ $_timeout -eq 1 ]; then - return 0 - else - return 1 - fi + _servfail=0 + _timeout=0 + $DIG $DIGOPTS +tcp +time=5 @10.53.0.1 ${1} TXT >dig.out.test$n + grep -F "status: SERVFAIL" dig.out.test$n >/dev/null && _servfail=1 + grep -F "timed out" dig.out.test$n >/dev/null && _timeout=1 + if [ $_servfail -eq 1 ] || [ $_timeout -eq 1 ]; then + return 0 + else + return 1 + fi } status=0 @@ -50,12 +50,12 @@ n=0 n=$((n + 1)) echo_i "checking formerr edns server setup ($n)" ret=0 -$DIG $DIGOPTS +edns @10.53.0.8 ednsformerr soa > dig.out.1.test$n || ret=1 -grep "status: FORMERR" dig.out.1.test$n > /dev/null || ret=1 -grep "EDNS: version:" dig.out.1.test$n > /dev/null && ret=1 -$DIG $DIGOPTS +noedns @10.53.0.8 ednsformerr soa > dig.out.2.test$n || ret=1 -grep "status: NOERROR" dig.out.2.test$n > /dev/null || ret=1 -grep "EDNS: version:" dig.out.2.test$n > /dev/null && ret=1 +$DIG $DIGOPTS +edns @10.53.0.8 ednsformerr soa >dig.out.1.test$n || ret=1 +grep "status: FORMERR" dig.out.1.test$n >/dev/null || ret=1 +grep "EDNS: version:" dig.out.1.test$n >/dev/null && ret=1 +$DIG $DIGOPTS +noedns @10.53.0.8 ednsformerr soa >dig.out.2.test$n || ret=1 +grep "status: NOERROR" dig.out.2.test$n >/dev/null || ret=1 +grep "EDNS: version:" dig.out.2.test$n >/dev/null && ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) @@ -69,12 +69,12 @@ status=$((status + ret)) n=$((n + 1)) echo_i "checking notimp edns server setup ($n)" ret=0 -$DIG $DIGOPTS +edns @10.53.0.9 ednsnotimp soa > dig.out.1.test$n || ret=1 -grep "status: NOTIMP" dig.out.1.test$n > /dev/null || ret=1 -grep "EDNS: version:" dig.out.1.test$n > /dev/null && ret=1 -$DIG $DIGOPTS +noedns @10.53.0.9 ednsnotimp soa > dig.out.2.test$n || ret=1 -grep "status: NOERROR" dig.out.2.test$n > /dev/null || ret=1 -grep "EDNS: version:" dig.out.2.test$n > /dev/null && ret=1 +$DIG $DIGOPTS +edns @10.53.0.9 ednsnotimp soa >dig.out.1.test$n || ret=1 +grep "status: NOTIMP" dig.out.1.test$n >/dev/null || ret=1 +grep "EDNS: version:" dig.out.1.test$n >/dev/null && ret=1 +$DIG $DIGOPTS +noedns @10.53.0.9 ednsnotimp soa >dig.out.2.test$n || ret=1 +grep "status: NOERROR" dig.out.2.test$n >/dev/null || ret=1 +grep "EDNS: version:" dig.out.2.test$n >/dev/null && ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) @@ -88,12 +88,12 @@ status=$((status + ret)) n=$((n + 1)) echo_i "checking refused edns server setup ($n)" ret=0 -$DIG $DIGOPTS +edns @10.53.0.10 ednsrefused soa > dig.out.1.test$n || ret=1 -grep "status: REFUSED" dig.out.1.test$n > /dev/null || ret=1 -grep "EDNS: version:" dig.out.1.test$n > /dev/null && ret=1 -$DIG $DIGOPTS +noedns @10.53.0.10 ednsrefused soa > dig.out.2.test$n || ret=1 -grep "status: NOERROR" dig.out.2.test$n > /dev/null || ret=1 -grep "EDNS: version:" dig.out.2.test$n > /dev/null && ret=1 +$DIG $DIGOPTS +edns @10.53.0.10 ednsrefused soa >dig.out.1.test$n || ret=1 +grep "status: REFUSED" dig.out.1.test$n >/dev/null || ret=1 +grep "EDNS: version:" dig.out.1.test$n >/dev/null && ret=1 +$DIG $DIGOPTS +noedns @10.53.0.10 ednsrefused soa >dig.out.2.test$n || ret=1 +grep "status: NOERROR" dig.out.2.test$n >/dev/null || ret=1 +grep "EDNS: version:" dig.out.2.test$n >/dev/null && ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) @@ -107,18 +107,18 @@ status=$((status + ret)) n=$((n + 1)) echo_i "checking drop edns server setup ($n)" ret=0 -$DIG $DIGOPTS +edns @10.53.0.2 dropedns soa > dig.out.1.test$n && ret=1 -grep "timed out" dig.out.1.test$n > /dev/null || ret=1 -grep ";; no servers could be reached" dig.out.1.test$n > /dev/null || ret=1 -$DIG $DIGOPTS +noedns @10.53.0.2 dropedns soa > dig.out.2.test$n || ret=1 -grep "status: NOERROR" dig.out.2.test$n > /dev/null || ret=1 -grep "EDNS: version:" dig.out.2.test$n > /dev/null && ret=1 -$DIG $DIGOPTS +noedns +tcp @10.53.0.2 dropedns soa > dig.out.3.test$n || ret=1 -grep "status: NOERROR" dig.out.3.test$n > /dev/null || ret=1 -grep "EDNS: version:" dig.out.3.test$n > /dev/null && ret=1 -$DIG $DIGOPTS +edns +tcp @10.53.0.2 dropedns soa > dig.out.4.test$n && ret=1 -grep "timed out" dig.out.4.test$n > /dev/null || ret=1 -grep ";; no servers could be reached" dig.out.4.test$n > /dev/null || ret=1 +$DIG $DIGOPTS +edns @10.53.0.2 dropedns soa >dig.out.1.test$n && ret=1 +grep "timed out" dig.out.1.test$n >/dev/null || ret=1 +grep ";; no servers could be reached" dig.out.1.test$n >/dev/null || ret=1 +$DIG $DIGOPTS +noedns @10.53.0.2 dropedns soa >dig.out.2.test$n || ret=1 +grep "status: NOERROR" dig.out.2.test$n >/dev/null || ret=1 +grep "EDNS: version:" dig.out.2.test$n >/dev/null && ret=1 +$DIG $DIGOPTS +noedns +tcp @10.53.0.2 dropedns soa >dig.out.3.test$n || ret=1 +grep "status: NOERROR" dig.out.3.test$n >/dev/null || ret=1 +grep "EDNS: version:" dig.out.3.test$n >/dev/null && ret=1 +$DIG $DIGOPTS +edns +tcp @10.53.0.2 dropedns soa >dig.out.4.test$n && ret=1 +grep "timed out" dig.out.4.test$n >/dev/null || ret=1 +grep ";; no servers could be reached" dig.out.4.test$n >/dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) @@ -132,14 +132,14 @@ status=$((status + ret)) n=$((n + 1)) echo_i "checking drop edns + no tcp server setup ($n)" ret=0 -$DIG $DIGOPTS +edns @10.53.0.3 dropedns-notcp soa > dig.out.1.test$n && ret=1 -grep "timed out" dig.out.1.test$n > /dev/null || ret=1 -grep ";; no servers could be reached" dig.out.1.test$n > /dev/null || ret=1 -$DIG $DIGOPTS +noedns +tcp @10.53.0.3 dropedns-notcp soa > dig.out.2.test$n && ret=1 -grep "connection refused" dig.out.2.test$n > /dev/null || ret=1 -$DIG $DIGOPTS +noedns @10.53.0.3 dropedns-notcp soa > dig.out.3.test$n || ret=1 -grep "status: NOERROR" dig.out.3.test$n > /dev/null || ret=1 -grep "EDNS: version:" dig.out.3.test$n > /dev/null && ret=1 +$DIG $DIGOPTS +edns @10.53.0.3 dropedns-notcp soa >dig.out.1.test$n && ret=1 +grep "timed out" dig.out.1.test$n >/dev/null || ret=1 +grep ";; no servers could be reached" dig.out.1.test$n >/dev/null || ret=1 +$DIG $DIGOPTS +noedns +tcp @10.53.0.3 dropedns-notcp soa >dig.out.2.test$n && ret=1 +grep "connection refused" dig.out.2.test$n >/dev/null || ret=1 +$DIG $DIGOPTS +noedns @10.53.0.3 dropedns-notcp soa >dig.out.3.test$n || ret=1 +grep "status: NOERROR" dig.out.3.test$n >/dev/null || ret=1 +grep "EDNS: version:" dig.out.3.test$n >/dev/null && ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) @@ -153,12 +153,12 @@ status=$((status + ret)) n=$((n + 1)) echo_i "checking plain dns server setup ($n)" ret=0 -$DIG $DIGOPTS +edns @10.53.0.4 plain soa > dig.out.1.test$n || ret=1 -grep "status: NOERROR" dig.out.1.test$n > /dev/null || ret=1 -grep "EDNS: version:" dig.out.1.test$n > /dev/null && ret=1 -$DIG $DIGOPTS +edns +tcp @10.53.0.4 plain soa > dig.out.2.test$n -grep "status: NOERROR" dig.out.2.test$n > /dev/null || ret=1 -grep "EDNS: version:" dig.out.2.test$n > /dev/null && ret=1 +$DIG $DIGOPTS +edns @10.53.0.4 plain soa >dig.out.1.test$n || ret=1 +grep "status: NOERROR" dig.out.1.test$n >/dev/null || ret=1 +grep "EDNS: version:" dig.out.1.test$n >/dev/null && ret=1 +$DIG $DIGOPTS +edns +tcp @10.53.0.4 plain soa >dig.out.2.test$n +grep "status: NOERROR" dig.out.2.test$n >/dev/null || ret=1 +grep "EDNS: version:" dig.out.2.test$n >/dev/null && ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) @@ -172,11 +172,11 @@ status=$((status + ret)) n=$((n + 1)) echo_i "checking plain dns + no tcp server setup ($n)" ret=0 -$DIG $DIGOPTS +edns @10.53.0.5 plain-notcp soa > dig.out.1.test$n || ret=1 -grep "status: NOERROR" dig.out.1.test$n > /dev/null || ret=1 -grep "EDNS: version:" dig.out.1.test$n > /dev/null && ret=1 -$DIG $DIGOPTS +edns +tcp @10.53.0.5 plain-notcp soa > dig.out.2.test$n && ret=1 -grep "connection refused" dig.out.2.test$n > /dev/null || ret=1 +$DIG $DIGOPTS +edns @10.53.0.5 plain-notcp soa >dig.out.1.test$n || ret=1 +grep "status: NOERROR" dig.out.1.test$n >/dev/null || ret=1 +grep "EDNS: version:" dig.out.1.test$n >/dev/null && ret=1 +$DIG $DIGOPTS +edns +tcp @10.53.0.5 plain-notcp soa >dig.out.2.test$n && ret=1 +grep "connection refused" dig.out.2.test$n >/dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) @@ -190,19 +190,19 @@ n=$((n + 1)) echo_i "checking edns 512 server setup ($n)" ret=0 -$DIG $DIGOPTS +edns @10.53.0.6 edns512 txt > dig.out.1.test$n || ret=1 -grep "status: NOERROR" dig.out.1.test$n > /dev/null || ret=1 -grep "EDNS: version:" dig.out.1.test$n > /dev/null || ret=1 -$DIG $DIGOPTS +edns +tcp @10.53.0.6 edns512 txt > dig.out.2.test$n || ret=1 -grep "status: NOERROR" dig.out.2.test$n > /dev/null || ret=1 -grep "EDNS: version:" dig.out.2.test$n > /dev/null || ret=1 -$DIG $DIGOPTS +edns +dnssec @10.53.0.6 edns512 txt > dig.out.3.test$n && ret=1 -grep "timed out" dig.out.3.test$n > /dev/null || ret=1 -grep ";; no servers could be reached" dig.out.3.test$n > /dev/null || ret=1 -$DIG $DIGOPTS +edns +dnssec +bufsize=512 +ignore @10.53.0.6 edns512 soa > dig.out.4.test$n || ret=1 -grep "status: NOERROR" dig.out.4.test$n > /dev/null || ret=1 -grep "EDNS: version:" dig.out.4.test$n > /dev/null || ret=1 -grep "flags:.* tc[ ;]" dig.out.4.test$n > /dev/null || ret=1 +$DIG $DIGOPTS +edns @10.53.0.6 edns512 txt >dig.out.1.test$n || ret=1 +grep "status: NOERROR" dig.out.1.test$n >/dev/null || ret=1 +grep "EDNS: version:" dig.out.1.test$n >/dev/null || ret=1 +$DIG $DIGOPTS +edns +tcp @10.53.0.6 edns512 txt >dig.out.2.test$n || ret=1 +grep "status: NOERROR" dig.out.2.test$n >/dev/null || ret=1 +grep "EDNS: version:" dig.out.2.test$n >/dev/null || ret=1 +$DIG $DIGOPTS +edns +dnssec @10.53.0.6 edns512 txt >dig.out.3.test$n && ret=1 +grep "timed out" dig.out.3.test$n >/dev/null || ret=1 +grep ";; no servers could be reached" dig.out.3.test$n >/dev/null || ret=1 +$DIG $DIGOPTS +edns +dnssec +bufsize=512 +ignore @10.53.0.6 edns512 soa >dig.out.4.test$n || ret=1 +grep "status: NOERROR" dig.out.4.test$n >/dev/null || ret=1 +grep "EDNS: version:" dig.out.4.test$n >/dev/null || ret=1 +grep "flags:.* tc[ ;]" dig.out.4.test$n >/dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) @@ -216,18 +216,18 @@ status=$((status + ret)) n=$((n + 1)) echo_i "checking edns 512 + no tcp server setup ($n)" ret=0 -$DIG $DIGOPTS +edns @10.53.0.7 edns512-notcp soa > dig.out.1.test$n || ret=1 -grep "status: NOERROR" dig.out.1.test$n > /dev/null || ret=1 -grep "EDNS: version:" dig.out.1.test$n > /dev/null || ret=1 -$DIG $DIGOPTS +edns +tcp @10.53.0.7 edns512-notcp soa > dig.out.2.test$n && ret=1 -grep "connection refused" dig.out.2.test$n > /dev/null || ret=1 -$DIG $DIGOPTS +edns +dnssec @10.53.0.7 edns512-notcp soa > dig.out.3.test$n && ret=1 -grep "timed out" dig.out.3.test$n > /dev/null || ret=1 -grep ";; no servers could be reached" dig.out.3.test$n > /dev/null || ret=1 -$DIG $DIGOPTS +edns +dnssec +bufsize=512 +ignore @10.53.0.7 edns512-notcp soa > dig.out.4.test$n || ret=1 -grep "status: NOERROR" dig.out.4.test$n > /dev/null || ret=1 -grep "EDNS: version:" dig.out.4.test$n > /dev/null || ret=1 -grep "flags:.* tc[ ;]" dig.out.4.test$n > /dev/null || ret=1 +$DIG $DIGOPTS +edns @10.53.0.7 edns512-notcp soa >dig.out.1.test$n || ret=1 +grep "status: NOERROR" dig.out.1.test$n >/dev/null || ret=1 +grep "EDNS: version:" dig.out.1.test$n >/dev/null || ret=1 +$DIG $DIGOPTS +edns +tcp @10.53.0.7 edns512-notcp soa >dig.out.2.test$n && ret=1 +grep "connection refused" dig.out.2.test$n >/dev/null || ret=1 +$DIG $DIGOPTS +edns +dnssec @10.53.0.7 edns512-notcp soa >dig.out.3.test$n && ret=1 +grep "timed out" dig.out.3.test$n >/dev/null || ret=1 +grep ";; no servers could be reached" dig.out.3.test$n >/dev/null || ret=1 +$DIG $DIGOPTS +edns +dnssec +bufsize=512 +ignore @10.53.0.7 edns512-notcp soa >dig.out.4.test$n || ret=1 +grep "status: NOERROR" dig.out.4.test$n >/dev/null || ret=1 +grep "EDNS: version:" dig.out.4.test$n >/dev/null || ret=1 +grep "flags:.* tc[ ;]" dig.out.4.test$n >/dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) @@ -243,8 +243,8 @@ echo_i "checking recursive lookup to edns 512 + no tcp server does not cause que ret=0 sent=$(grep -c -F "sending packet to 10.53.0.7" ns1/named.run) if [ $sent -ge 10 ]; then - echo_i "ns1 sent $sent queries to ns7, expected less than 10" - ret=1 + echo_i "ns1 sent $sent queries to ns7, expected less than 10" + ret=1 fi if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) @@ -257,10 +257,10 @@ n=$((n + 1)) echo_i "checking recursive lookup to edns 512 + no tcp + trust anchor fails ($n)" # retry loop in case the server restart above causes transient failure for try in 0 1 2 3 4 5 6 7 8 9; do - ret=0 - resolution_fails edns512-notcp. || ret=1 - [ "$ret" -eq 0 ] && break - sleep 1 + ret=0 + resolution_fails edns512-notcp. || ret=1 + [ "$ret" -eq 0 ] && break + sleep 1 done if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) |