diff options
Diffstat (limited to 'bin/tests/system/legacy')
43 files changed, 1394 insertions, 0 deletions
diff --git a/bin/tests/system/legacy/build.sh b/bin/tests/system/legacy/build.sh new file mode 100644 index 0000000..fcde4e1 --- /dev/null +++ b/bin/tests/system/legacy/build.sh @@ -0,0 +1,21 @@ +#!/bin/sh + +# Copyright (C) Internet Systems Consortium, Inc. ("ISC") +# +# SPDX-License-Identifier: MPL-2.0 +# +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, you can obtain one at https://mozilla.org/MPL/2.0/. +# +# See the COPYRIGHT file distributed with this work for additional +# information regarding copyright ownership. + +. ../conf.sh + +$SHELL clean.sh + +(cd ns6 && $SHELL -e sign.sh) +(cd ns7 && $SHELL -e sign.sh) + +$SHELL clean.sh diff --git a/bin/tests/system/legacy/clean.sh b/bin/tests/system/legacy/clean.sh new file mode 100644 index 0000000..4c65a2d --- /dev/null +++ b/bin/tests/system/legacy/clean.sh @@ -0,0 +1,31 @@ +#!/bin/sh + +# Copyright (C) Internet Systems Consortium, Inc. ("ISC") +# +# SPDX-License-Identifier: MPL-2.0 +# +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, you can obtain one at https://mozilla.org/MPL/2.0/. +# +# See the COPYRIGHT file distributed with this work for additional +# information regarding copyright ownership. + +rm -f dig.out.* +rm -f ns*/named.conf +rm -f ns*/named.memstats +rm -f ns*/named.run +rm -f ns*/named.lock + +# build.sh +rm -f ns1/named_dump.db* +rm -f ns6/K* +rm -f ns6/dsset-* +rm -f ns6/edns512.db +rm -f ns6/signer.err +rm -f ns7/K* +rm -f ns7/dsset-* +rm -f ns7/edns512-notcp.db +rm -f ns7/signer.err +rm -f ns7/trusted.conf +rm -f ns*/managed-keys.bind* diff --git a/bin/tests/system/legacy/ns1/named1.conf.in b/bin/tests/system/legacy/ns1/named1.conf.in new file mode 100644 index 0000000..5c4b1c4 --- /dev/null +++ b/bin/tests/system/legacy/ns1/named1.conf.in @@ -0,0 +1,38 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * SPDX-License-Identifier: MPL-2.0 + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, you can obtain one at https://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +options { + query-source address 10.53.0.1; + notify-source 10.53.0.1; + transfer-source 10.53.0.1; + port @PORT@; + pid-file "named.pid"; + listen-on { 10.53.0.1; }; + listen-on-v6 { none; }; + recursion yes; + dnssec-validation yes; +}; + +key rndc_key { + secret "1234abcd8765"; + algorithm @DEFAULT_HMAC@; +}; + +controls { + inet 10.53.0.1 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; +}; + +zone "." { + type primary; + file "root.db"; +}; diff --git a/bin/tests/system/legacy/ns1/named2.conf.in b/bin/tests/system/legacy/ns1/named2.conf.in new file mode 100644 index 0000000..239e58f --- /dev/null +++ b/bin/tests/system/legacy/ns1/named2.conf.in @@ -0,0 +1,31 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * SPDX-License-Identifier: MPL-2.0 + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, you can obtain one at https://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +options { + query-source address 10.53.0.1; + notify-source 10.53.0.1; + transfer-source 10.53.0.1; + port @PORT@; + pid-file "named.pid"; + listen-on { 10.53.0.1; }; + listen-on-v6 { none; }; + recursion yes; + dnssec-validation yes; +}; + +zone "." { + type primary; + file "root.db"; +}; + +include "trusted.conf"; diff --git a/bin/tests/system/legacy/ns1/root.db b/bin/tests/system/legacy/ns1/root.db new file mode 100644 index 0000000..175847a --- /dev/null +++ b/bin/tests/system/legacy/ns1/root.db @@ -0,0 +1,33 @@ +; Copyright (C) Internet Systems Consortium, Inc. ("ISC") +; +; SPDX-License-Identifier: MPL-2.0 +; +; This Source Code Form is subject to the terms of the Mozilla Public +; License, v. 2.0. If a copy of the MPL was not distributed with this +; file, you can obtain one at https://mozilla.org/MPL/2.0/. +; +; See the COPYRIGHT file distributed with this work for additional +; information regarding copyright ownership. + +$TTL 60 +. SOA ns1. marka.isc.org 1 0 0 0 0 +. NS ns1. +ns1. A 10.53.0.1 +dropedns. NS ns.dropedns. +ns.dropedns. A 10.53.0.2 +dropedns-notcp. NS ns.dropedns-notcp. +ns.dropedns-notcp. A 10.53.0.3 +plain. NS ns.plain. +ns.plain. A 10.53.0.4 +plain-notcp. NS ns.plain-notcp. +ns.plain-notcp. A 10.53.0.5 +edns512. NS ns.edns512. +ns.edns512. A 10.53.0.6 +edns512-notcp. NS ns.edns512-notcp. +ns.edns512-notcp. A 10.53.0.7 +ednsformerr. NS ns.ednsformerr. +ns.ednsformerr. A 10.53.0.8 +ednsnotimp. NS ns.ednsnotimp. +ns.ednsnotimp. A 10.53.0.9 +ednsrefused. NS ns.ednsrefused. +ns.ednsrefused. A 10.53.0.10 diff --git a/bin/tests/system/legacy/ns1/trusted.conf b/bin/tests/system/legacy/ns1/trusted.conf new file mode 100644 index 0000000..a54b6aa --- /dev/null +++ b/bin/tests/system/legacy/ns1/trusted.conf @@ -0,0 +1,16 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * SPDX-License-Identifier: MPL-2.0 + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, you can obtain one at https://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +trust-anchors { + "edns512-notcp." static-ds 8161 10 2 "19147C5BF59BED075AC26CE73DDA875438FB5AC61BCF31F081AD5BDA1AA7C236"; +}; diff --git a/bin/tests/system/legacy/ns10/ednsrefused.db b/bin/tests/system/legacy/ns10/ednsrefused.db new file mode 100644 index 0000000..9aa3a4a --- /dev/null +++ b/bin/tests/system/legacy/ns10/ednsrefused.db @@ -0,0 +1,14 @@ +; Copyright (C) Internet Systems Consortium, Inc. ("ISC") +; +; SPDX-License-Identifier: MPL-2.0 +; +; This Source Code Form is subject to the terms of the Mozilla Public +; License, v. 2.0. If a copy of the MPL was not distributed with this +; file, you can obtain one at https://mozilla.org/MPL/2.0/. +; +; See the COPYRIGHT file distributed with this work for additional +; information regarding copyright ownership. + +@ 60 SOA ns marka.isc.org. 1 0 0 0 0 +@ 60 NS ns +ns 60 A 10.53.0.8 diff --git a/bin/tests/system/legacy/ns10/named.conf.in b/bin/tests/system/legacy/ns10/named.conf.in new file mode 100644 index 0000000..628c51a --- /dev/null +++ b/bin/tests/system/legacy/ns10/named.conf.in @@ -0,0 +1,29 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * SPDX-License-Identifier: MPL-2.0 + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, you can obtain one at https://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +options { + query-source address 10.53.0.10; + notify-source 10.53.0.10; + transfer-source 10.53.0.10; + port @PORT@; + pid-file "named.pid"; + listen-on { 10.53.0.10; }; + listen-on-v6 { none; }; + recursion no; + dnssec-validation no; +}; + +zone "ednsrefused" { + type primary; + file "ednsrefused.db"; +}; diff --git a/bin/tests/system/legacy/ns10/named.ednsrefused b/bin/tests/system/legacy/ns10/named.ednsrefused new file mode 100644 index 0000000..6b43ac0 --- /dev/null +++ b/bin/tests/system/legacy/ns10/named.ednsrefused @@ -0,0 +1 @@ +ednsrefused diff --git a/bin/tests/system/legacy/ns2/dropedns.db b/bin/tests/system/legacy/ns2/dropedns.db new file mode 100644 index 0000000..06c023c --- /dev/null +++ b/bin/tests/system/legacy/ns2/dropedns.db @@ -0,0 +1,14 @@ +; Copyright (C) Internet Systems Consortium, Inc. ("ISC") +; +; SPDX-License-Identifier: MPL-2.0 +; +; This Source Code Form is subject to the terms of the Mozilla Public +; License, v. 2.0. If a copy of the MPL was not distributed with this +; file, you can obtain one at https://mozilla.org/MPL/2.0/. +; +; See the COPYRIGHT file distributed with this work for additional +; information regarding copyright ownership. + +@ 60 SOA ns marka.isc.org. 1 0 0 0 0 +@ 60 NS ns +ns 60 A 10.53.0.2 diff --git a/bin/tests/system/legacy/ns2/named.conf.in b/bin/tests/system/legacy/ns2/named.conf.in new file mode 100644 index 0000000..e570ffe --- /dev/null +++ b/bin/tests/system/legacy/ns2/named.conf.in @@ -0,0 +1,29 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * SPDX-License-Identifier: MPL-2.0 + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, you can obtain one at https://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +options { + query-source address 10.53.0.2; + notify-source 10.53.0.2; + transfer-source 10.53.0.2; + port @PORT@; + pid-file "named.pid"; + listen-on { 10.53.0.2; }; + listen-on-v6 { none; }; + recursion no; + dnssec-validation no; +}; + +zone "dropedns" { + type primary; + file "dropedns.db"; +}; diff --git a/bin/tests/system/legacy/ns2/named.dropedns b/bin/tests/system/legacy/ns2/named.dropedns new file mode 100644 index 0000000..37dd9cf --- /dev/null +++ b/bin/tests/system/legacy/ns2/named.dropedns @@ -0,0 +1 @@ +dropedns diff --git a/bin/tests/system/legacy/ns3/dropedns-notcp.db b/bin/tests/system/legacy/ns3/dropedns-notcp.db new file mode 100644 index 0000000..0ac44bc --- /dev/null +++ b/bin/tests/system/legacy/ns3/dropedns-notcp.db @@ -0,0 +1,14 @@ +; Copyright (C) Internet Systems Consortium, Inc. ("ISC") +; +; SPDX-License-Identifier: MPL-2.0 +; +; This Source Code Form is subject to the terms of the Mozilla Public +; License, v. 2.0. If a copy of the MPL was not distributed with this +; file, you can obtain one at https://mozilla.org/MPL/2.0/. +; +; See the COPYRIGHT file distributed with this work for additional +; information regarding copyright ownership. + +@ 60 SOA ns marka.isc.org. 1 0 0 0 0 +@ 60 NS ns +ns 60 A 10.53.0.3 diff --git a/bin/tests/system/legacy/ns3/named.conf.in b/bin/tests/system/legacy/ns3/named.conf.in new file mode 100644 index 0000000..3d89554 --- /dev/null +++ b/bin/tests/system/legacy/ns3/named.conf.in @@ -0,0 +1,29 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * SPDX-License-Identifier: MPL-2.0 + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, you can obtain one at https://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +options { + query-source address 10.53.0.3; + notify-source 10.53.0.3; + transfer-source 10.53.0.3; + port @PORT@; + pid-file "named.pid"; + listen-on { 10.53.0.3; }; + listen-on-v6 { none; }; + recursion no; + dnssec-validation no; +}; + +zone "dropedns-notcp" { + type primary; + file "dropedns-notcp.db"; +}; diff --git a/bin/tests/system/legacy/ns3/named.dropedns b/bin/tests/system/legacy/ns3/named.dropedns new file mode 100644 index 0000000..37dd9cf --- /dev/null +++ b/bin/tests/system/legacy/ns3/named.dropedns @@ -0,0 +1 @@ +dropedns diff --git a/bin/tests/system/legacy/ns3/named.notcp b/bin/tests/system/legacy/ns3/named.notcp new file mode 100644 index 0000000..e25c3a8 --- /dev/null +++ b/bin/tests/system/legacy/ns3/named.notcp @@ -0,0 +1 @@ +notcp diff --git a/bin/tests/system/legacy/ns4/named.args b/bin/tests/system/legacy/ns4/named.args new file mode 100644 index 0000000..4ccb648 --- /dev/null +++ b/bin/tests/system/legacy/ns4/named.args @@ -0,0 +1 @@ +-m record -c named.conf -d 99 -D legacy-ns4 -X named.lock -g -U 4 -T maxcachesize=2097152 -T noedns diff --git a/bin/tests/system/legacy/ns4/named.conf.in b/bin/tests/system/legacy/ns4/named.conf.in new file mode 100644 index 0000000..32bdb05 --- /dev/null +++ b/bin/tests/system/legacy/ns4/named.conf.in @@ -0,0 +1,29 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * SPDX-License-Identifier: MPL-2.0 + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, you can obtain one at https://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +options { + query-source address 10.53.0.4; + notify-source 10.53.0.4; + transfer-source 10.53.0.4; + port @PORT@; + pid-file "named.pid"; + listen-on { 10.53.0.4; }; + listen-on-v6 { none; }; + recursion no; + dnssec-validation no; +}; + +zone "plain" { + type primary; + file "plain.db"; +}; diff --git a/bin/tests/system/legacy/ns4/plain.db b/bin/tests/system/legacy/ns4/plain.db new file mode 100644 index 0000000..2c20a70 --- /dev/null +++ b/bin/tests/system/legacy/ns4/plain.db @@ -0,0 +1,14 @@ +; Copyright (C) Internet Systems Consortium, Inc. ("ISC") +; +; SPDX-License-Identifier: MPL-2.0 +; +; This Source Code Form is subject to the terms of the Mozilla Public +; License, v. 2.0. If a copy of the MPL was not distributed with this +; file, you can obtain one at https://mozilla.org/MPL/2.0/. +; +; See the COPYRIGHT file distributed with this work for additional +; information regarding copyright ownership. + +@ 60 SOA ns marka.isc.org. 1 0 0 0 0 +@ 60 NS ns +ns 60 A 10.53.0.4 diff --git a/bin/tests/system/legacy/ns5/named.args b/bin/tests/system/legacy/ns5/named.args new file mode 100644 index 0000000..0c5e17a --- /dev/null +++ b/bin/tests/system/legacy/ns5/named.args @@ -0,0 +1 @@ +-m record -c named.conf -d 99 -D legacy-ns5 -X named.lock -g -U 4 -T maxcachesize=2097152 -T noedns diff --git a/bin/tests/system/legacy/ns5/named.conf.in b/bin/tests/system/legacy/ns5/named.conf.in new file mode 100644 index 0000000..92e754f --- /dev/null +++ b/bin/tests/system/legacy/ns5/named.conf.in @@ -0,0 +1,29 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * SPDX-License-Identifier: MPL-2.0 + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, you can obtain one at https://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +options { + query-source address 10.53.0.5; + notify-source 10.53.0.5; + transfer-source 10.53.0.5; + port @PORT@; + pid-file "named.pid"; + listen-on { 10.53.0.5; }; + listen-on-v6 { none; }; + recursion no; + dnssec-validation no; +}; + +zone "plain-notcp" { + type primary; + file "plain-notcp.db"; +}; diff --git a/bin/tests/system/legacy/ns5/named.notcp b/bin/tests/system/legacy/ns5/named.notcp new file mode 100644 index 0000000..e25c3a8 --- /dev/null +++ b/bin/tests/system/legacy/ns5/named.notcp @@ -0,0 +1 @@ +notcp diff --git a/bin/tests/system/legacy/ns5/plain-notcp.db b/bin/tests/system/legacy/ns5/plain-notcp.db new file mode 100644 index 0000000..9c1a96b --- /dev/null +++ b/bin/tests/system/legacy/ns5/plain-notcp.db @@ -0,0 +1,14 @@ +; Copyright (C) Internet Systems Consortium, Inc. ("ISC") +; +; SPDX-License-Identifier: MPL-2.0 +; +; This Source Code Form is subject to the terms of the Mozilla Public +; License, v. 2.0. If a copy of the MPL was not distributed with this +; file, you can obtain one at https://mozilla.org/MPL/2.0/. +; +; See the COPYRIGHT file distributed with this work for additional +; information regarding copyright ownership. + +@ 60 SOA ns marka.isc.org. 1 0 0 0 0 +@ 60 NS ns +ns 60 A 10.53.0.5 diff --git a/bin/tests/system/legacy/ns6/edns512.db.in b/bin/tests/system/legacy/ns6/edns512.db.in new file mode 100644 index 0000000..485ec8e --- /dev/null +++ b/bin/tests/system/legacy/ns6/edns512.db.in @@ -0,0 +1,15 @@ +; Copyright (C) Internet Systems Consortium, Inc. ("ISC") +; +; SPDX-License-Identifier: MPL-2.0 +; +; This Source Code Form is subject to the terms of the Mozilla Public +; License, v. 2.0. If a copy of the MPL was not distributed with this +; file, you can obtain one at https://mozilla.org/MPL/2.0/. +; +; See the COPYRIGHT file distributed with this work for additional +; information regarding copyright ownership. + +@ 60 SOA ns marka.isc.org. 1 0 0 0 0 +@ 60 NS ns +@ 60 TXT a txt record +ns 60 A 10.53.0.6 diff --git a/bin/tests/system/legacy/ns6/edns512.db.signed b/bin/tests/system/legacy/ns6/edns512.db.signed new file mode 100644 index 0000000..f193a09 --- /dev/null +++ b/bin/tests/system/legacy/ns6/edns512.db.signed @@ -0,0 +1,226 @@ +; File written on Fri Oct 23 13:08:55 2020 +; dnssec_signzone version 9.17.6 +edns512. 60 IN SOA ns.edns512. marka.isc.org. ( + 1 ; serial + 0 ; refresh (0 seconds) + 0 ; retry (0 seconds) + 0 ; expire (0 seconds) + 0 ; minimum (0 seconds) + ) + 60 RRSIG SOA 10 1 60 ( + 20501016010855 20201023010855 53333 edns512. + De3f+wPXopHUPSD2z6Ak5oWhk7AOqqCGU/Z7 + iCHR+9SCTaDRyGQarIGoCrlc2hhrkxOsYWB1 + X01E0Zx+iKrzjbK8aJi1JoigvWvi+XogBfWR + g7P2LnRnriJfBtsFdKEQSHFo3dmVX4XCqyJX + xkJZG2+if+HedaYkrW2izH6PRUsXf3sQWdm4 + +k1jy+4m4m6bVM/QeHbX/u6KwEZlNuWy64lL + 2CXtRpjc2W0oX5Fqoz5GWKI6T038IEawLhP3 + g/SnC021ub89U5sWRY3s3c1vNrZBjtdnGkOr + V5xqBkVwl9RVJwmrMZ4Sa4JaPbd6eV25d+R+ + +yoCJu3mLwL3q7zBT/Du5N23sTeVeIQmmrj/ + PxaaX8YIsGH8cCDaverEAJsveuzpYuZjy8G8 + ZiZagWrA5DQwwy4t+XrhZkUYjxX51t6l367V + 8stKcY/SGEmuEpOuYlaTV0/EikZyWQFoq/iv + 2eyt/CS+vbD9Bz6v/EXI30rNIdSrYlA1/Vnb + hJmb/k13Nlf6ZeybSWLFDYYSXz//FObZ81Zi + 7mUB8nZaMtadOnaf7cmsEDUeDbOd9JkiMsmY + XDnJPN04hOlCpnwVs8gfLPexD+iDwGLc8rkB + hGcAOQRXw22QI7OkBlyaXCHwPpniahmK2wtB + Pb7wmdlIVz2lcbtdNz1e2Jfp2rlxcz7e74w= ) + 60 NS ns.edns512. + 60 RRSIG NS 10 1 60 ( + 20501016010855 20201023010855 53333 edns512. + n0ZPbouoYSPJO35aT4qUr9dwiHDwpf7tyCKn + 18v9b2UXSGloo5ojUkyA7aJf16vuTrcRR3/b + NFHE+qdUsyquHAqjzfPg6O6wL/1CFtZM4Be9 + SPoaMi1/qYJ51ixep07etIFeQamdSTdwFEFb + 2mowRZ5/6TP2GlQZuO56kLTNZSPzUOSh/keN + W/sqMludYPJ4JUSI/tyXaadyu/oTLxHvqmFg + IHGIVsZs4QGyJax75YKL/tQgpMV8A5w56J5V + 2N+8wcLArfwqSduDE0LCU9BfFt4FZf5Hxdqx + Vh30cQkNzvK+k2Em+dV7NyNUtyeQO+szkMdL + Rkwx9bLGaBExDQZZUvXaAmGcrFPGHgYxBEyN + YCpPETeTyvI/Hlt5ldKFLhBuy5h84VNpZ1et + T4YBoc/v+SLK+QygJTESvS86v3eSnKtTpr7Z + z6MaB0jU5rYc1GsVU/W/Hbw8N4EHtsA4PxP+ + CVHBqRCNT3VZuASJuGRYo5g/JFeoA1MFfvIK + gPR7JEAL9TXxgeCWPpyeF0uLabgusPfbcSaH + H90smjebOP5aN5F31oDyJdT0dj4VJybjkIkq + /DKh4gMUTDLe7XSz7E0V56W5TMjnh6qvJCNr + Lrt3M3su6iCTogCXnGqIyqd0udDjryMr6RX8 + QHdOfb8n9CE2cgbgB3lZ2yTo+wTElCK+QQ8= ) + 60 TXT "a" "txt" "record" + 60 RRSIG TXT 10 1 60 ( + 20501016010855 20201023010855 53333 edns512. + MFRZbRqXwWAL5FivjxPsq02Zn6GGO+v0PKAe + 2FCMrCzIFXqxAuiX3aUg3OXdtSgYKTsgS5X+ + GfTPAGrdH3hsdanqJbnD/pSjSIOuyrwTR4p5 + QS6nLReu6HgYqw38gJXzOL596s5N5PPIz0T2 + 6FmbUsVo0x+PNikUQe6rR68Wfs4T/C689aT7 + ws5e/NHvG/EfyxyAENQHLWjuXG0iyU61xmB9 + b8mzdUwT0TupyE75gBDEMLosbBOqSKp8Etjo + hVzjYkXkIRjp1+KceauOIIi8HnpJWkFDbgst + EFhEydCpf2cfCSooE/ddvjKCgsykL7H3iFBl + 6b1mgQ91mouK+qrJTtF9Vjbtz49Q8x/aPyw5 + YL37y7pXTcELJjE4QDk26OShxnUZYxV7rnp+ + u7AHaGjPpRHG+Tv+/Ovp7LP33ZFK05jCr2jl + KMfi6lPpivY7wF8Eyg+gNlf4Je+7jARYQ6/n + Gk4dD0IHg1Q9f9f9Zuus6EqBY+Hw4tMDrhvq + MFNdgNArN6MgQKpTqcl3RPsW5UmDQh4cyqZm + OsxxCSzwKggTsDSAHCemJp2HhiagRMEE5Jk3 + 8kiBA9CUSgMHu2hh3MeC/+mUWXO7rBl6f+4v + IwlJ5Lc5W+F7acJqpbhVRIW7SsTxC3unJXEu + ZJoIy8/VRRK5sW3y3lPh+kY3M+ibAaweGIc= ) + 0 NSEC ns.edns512. NS SOA TXT RRSIG NSEC DNSKEY + 0 RRSIG NSEC 10 1 0 ( + 20501016010855 20201023010855 53333 edns512. + uUXcf0YI0zxGIGCSoRCC5sY6PqaeiZMkMyEw + RaOmshO0ylGgjSdXDq8aYyfX0Yqk3cNlNws+ + pxc93SHjS5y5AouUJyAmp/DcuWTbb6HI5rUu + Vl5MBU4SaQc2mfNDbJVvkPFSG8L5KddL8AOo + 1C/n4xxtQXmBvxD26lm3Is4V8F0ka5s6Gsx6 + wa+wk/x4tIUXjPs31i9Rm6INMJrjTr0KEpEE + N4NDsiCd8udcQhSDXYSfJ6mL2T4oLBkI2rTb + 63YimpBl0tThlO852iXmGz42LiO4e/7OHEfi + qVbeLo66PAOW50dqxBchTydaUl1ODDbkaT06 + YXrIyO5epPOZcHnKnU+WtXzVGhx1WFYamK+d + YeFxIFT9FH3Ka0CutimVjziMoYzPZZTSBCER + e2Lat4VY3tlKIREo21k83q86KuuEmJsnn3mO + E4h29sJAbqPlJ81/iOPBM6mZOJKQRUYkd3xo + 9VdYMmLc0BPRH8YxbpqQ/2bZwE676/Z5TlzY + Zs4RgG7nxddzwrroD52MfKDvb7TelF0q1hwU + ay481qZkCRFEziRt0veUMTlp8u8tRJbSTOwn + KsgF2hadtzGwNPMcsx03cO6rkGlZXlJPvj2a + A8720jM+1xIKUH1ClDnIM3DLjwBAquJpstO0 + 6GccRya3pRDf/H+1kBodXMylIw7QF/1L91Q= ) + 60 DNSKEY 256 3 10 ( + AwEAAb6wC1T1oWvZUHHTf5er1NKQRzGyu/Rb + r2HgRcnOwqUh4Bv8jCN8zXCKRZ0t2uFFvRrX + HE/NvhxJnZNtwGyfJNNVCQ4jkbPoD/lPYCCc + 8LWeZ9ZLgN7XZpUk3F1EnGkHQCM7WoXe03UA + OCHo6hriB96pgFJV+tCSCIubB99Fyk+dN1gG + dfjbRRYSYi7fgQEEVicmbP1u8Bd/6HZQXE7o + aFdGs1gAkvNNVY+AkFQVdhv5gbDew1vFg9lY + C3wWWdRdJtOpHMYY4Q9LBPSKJe4/C/Qr9JJg + jl/OgfeMPPPw2O50W7j5DVqPAPJaeflJbpCp + EjBhIJAgp2nekWlN2WGqFuQLMfsm8HWftafY + WdGXQpGB+gG4yJTRC6aoAGLQ7Ah2xzwodRYx + 6Hu3VMBOjmbiNeubFmZHtOjND6VAexbuGf4Y + CiRfGbxY2+nQtDU3DPF1s0k6TcIw3HuukFuv + yaK9zjx//YD/+AprMHhvrsXjZwLUYwERe6Ax + CTKtbhPFoYb/Sx9spjMG/yWTJw/cLCen0K3t + JHoDKzmRuCldnCk5ff9ZVoOUvZrOfBicuVW4 + vy1eYdfugDf8Y0Gix00DpA6h0xEVh/pCd7VC + 2N5mi0m9ZX5gaH3Rz8AZy9c3iFG+36kUu7By + kSCAwVUEryxS1uuR4a3a3FTPgIYZAOAEif6Y + 0eFD + ) ; ZSK; alg = RSASHA512 ; key id = 53333 + 60 DNSKEY 257 3 10 ( + AwEAAZVmIZdDKaEpBYzRNZ8sCXLdPBkWvH1l + hRMwYtqQuwvKahA1+m0xHWczNV1m04e2MrI9 + AR2yYFCKi+znm9MS3WPo6fShbKzbzCu04G16 + 334WcmxiFfiKWd71NJoM/Oe7pcWJPiGlm0+z + SE93DD1681/GCJxolquJizZH3N9c9erK4Fzv + v8jSbEiVen89bkdUw8ulAmX/Eeb9x39A7fs+ + acO4BuTrL4vsKZ96D9+qbDnUkDn967jFeKGw + RCDUMa+UGABkkNjmic8WTVITwI84xEcaFEl5 + GQBYLJ/qfou1tPicCQxup/EllF4xgFsTvtgG + BjN+uJXaE6rs171pzIbDcwZVuq0JZfWXCnrp + JZUQbtpwr1nFwT4prg4riDCzmiA3gnXCOLFR + pvqx7iOhS77+7miNqBEBthfu6kEdChOlNWpO + TX1Df77HbLyGHPWpExcg11j1jxH1PUB/ijpL + gUFRORuE6Y8NxUvN8ooQWHIYjd8AEIGlAssy + 9dv91KlyOSfZfZftGelCvm5Hha4PoMXUF1of + 4rqVy346UhVRKIu29ML+Os4+HPTPhXY1/wco + 2q3fvKqix8sI997SOrjYeX39MJ2WImzWZVoc + U2X0sbZlYU0I6yq2zDh4oN98s2r1U4TJPf4G + Kc2A3107n5WHsavLF6DfV9bDU4/ozVE920/5 + KocD + ) ; KSK; alg = RSASHA512 ; key id = 21624 + 60 RRSIG DNSKEY 10 1 60 ( + 20501016010855 20201023010855 53333 edns512. + VFBtgMd79vb3EKirSuX5adFdCVMCQQrQ6ANM + iAMhKSxo9Ic8ICZGANm7jvpg+IEG13+2ehyt + 3EpBIHQYp+Apa1j6lGUDbdmcqP0E34eVy8jJ + brP94Bpo0hP1E0P6pPuIqWrnWYG60bXNztc1 + nJ0ACg7mbcbbnFKHwOcD+js74jGAQdCKpwo3 + SCfjApUMQwLhHVa0MKcxKCtbCz0WJJwGoXOV + U4l0DY/wD/aXTXjguiycjrHEP1dT23JPICFl + ZsaVE/+ra999p8fCZ5Vqy3PRFGqUirrwj8hG + 93dK4R5GxY0OLfIxYVX5Nt1w6qDmpXbVtryU + wgzdO3ZO6+Fz7hltPB19bfCQZQIkqypaPkXT + ltk23Jax9EU1nQ1CXLPgMDd3jjlF/46R/CD0 + H/69/ftwCUdmfX2TZmIWEca4sdj5Za1U1AY4 + pby4uPUncEw4T4WtRxKmrXjd9H2Ml8KRCIPe + Iz/21cUoxdLzlomjnP967H/TR6UFxayQziv/ + LL2R7LIQwQlz9ZCHHhedptCaK+0FUicWHqW4 + SW7Y/AKavvFGkMO3KXkXto2oZQLRL4m1Auv7 + M8rlStuEFBJ5/K0JIp4NCDKTayhXwwvf9jtn + WrsCaLRBJH2nCIO2/1w16G3D5mQdvt0QskM2 + FRtEhi3a7TpwRvCGKw9PuVilH7qXIYpHF54= ) + 60 RRSIG DNSKEY 10 1 60 ( + 20501016010855 20201023010855 21624 edns512. + Nv7YHuTniNFoFtEeF53VG5ERUEBzKY6wTzUe + 34+5hD/GwdxqKq0qQ8VflACrP/JYonCejgj7 + 6K4EWLBnZYk1K53NTetO19CCP9X7uQC5+av9 + D5TMLZUC+nQKzHqvJvR6E9UsaH8/wTfOPf1y + Li0CzNUpIQ1dKiDu4nJV15Vb8maxjsSxSMwB + 8bq6d7sNaa97KIqhhlQp1uJBtS26yp+vP7oJ + dYYuJJDeim3GyS/5SN1uMi0r+k9ZL5ajCcyh + IACupyTdGLmQKVR1QwF+UlLhY66TGuLKvvJB + ygg8W5nguqz8mu9uEmwnVta82itKTKWeXwDm + TvEsmW3otxkllRTnHUGDD5mYQBojblFvd27K + qf5ALNjAsDwqgrp3EkX7wSOjUNa14ndPLvlO + oaeI+ak914WeWrX4s3Pq14BOgeY2dkPX7+MN + J3cVkZF3UHsUzzI8vDu68Lnrr36Io5LLlbx6 + ZzVceeOGvFDz3F949LjYdfBPmIRaC1sKlhEf + VrHILfDQFKd3XUK9aRehj3coARu7Aovve1qO + nBTQKwxBFamDaNLlJOaTSaXF8qolIaaEx5Nf + ymlTsUEkhkB2R1E4LOg1GYziysJSuTYNK5vJ + k4kNVn4H/I+sFcxphy2bpZeVHeyNW7JEzQLy + JibBoojBRlVtYCmxqYMtGggHsG+C/YYF0QA= ) +ns.edns512. 60 IN A 10.53.0.6 + 60 RRSIG A 10 2 60 ( + 20501016010855 20201023010855 53333 edns512. + XL9RRX33pcjPE9x6705G/ztksGQbJ/y7tT+k + Ojr/hVxfm16IppAjqUnQawbpHTak9NQssa8w + 0+edKW5DDMnU6Cnk7rnD2JRNNoXCsQ+HI1oe + I7DAgxPvloELwqKnRFmViTCued13oTbzYYOF + w28oRXC+elYoeK5ee953hm298WJjOwaVFzub + YUf5Tf3DlVLtDeylnokPGTOHMo55IS1h+xni + 0V8+jPLXARA9L4fI590J83XPyDPwNgjt0Imv + ySZJ2WopQf16RLPJAHbqz+xQK/kO61TBzk6x + bqe2o5izwKmg46/5ekOvntjXebvxaC9PnSKw + e0fPlXBs5gwbSRFitRHxFzVS2m9eWLMtcYXP + XW7cVKLiBmlci0gzWkhOlGUSCAF5ZaUX/6EK + 4nHsDthtHa2Y4TGkCOeRZNDLGeO4fdfLSS+o + qR70HuhxYp+FqwYxJFtePx7PeJpSwc6FaWTs + Ol41GBSDVFNomOcUawMdstqj2QRWoi4o8Q4m + SwTdyIBd0gekzkyKheVzfFJxUlE524idgNL2 + fCF/y8G/GGwU8DZ2mXLRTbE+7eZV/BG0m9ih + hs/wqqY6o7ClTDWgWJOQ7bbzZBvy3QEmkMZc + TcuWRhVzbS64QlWlFOVD5EpQO5YM3UNKBgVX + ynqTaHEjDZ8P43szTvel8Og2LLdw13qNBYA= ) + 0 NSEC edns512. A RRSIG NSEC + 0 RRSIG NSEC 10 2 0 ( + 20501016010855 20201023010855 53333 edns512. + FuLjgUgFvqjd7KVC5Qli4TueVtHpJlWul+VT + fSWFW8V+730HaPqo2TvZr9pbU7TKFqNWm1mK + cqlxTg9iYviabIZO7cq5tDvX++CiVBaqbjnC + UM7PHl36mj/+WPkQHxSo+TpOC3zd1uSGoF4h + sg8HjMUuQ9dRpsYWPwGM9dwkcgzfHSrCs/zQ + kW4Ari8JgBLAQ7mqRzAEzZPWG90lFgsElvXu + YeSyeP8nSwRvzxjzfgg9YnWOY/zSqUup2HUm + jf4CSFqyOzJm+o0BhVs7qumFl6Z6DRibWece + 0cV7xdLqeBvHZdmBW1uWNio/7YnK1uF2UCBC + bwtzZKrwmCRWaj5HuhJ4DaftFje/7nPz0Kxl + VXWYqTDW+OFO9yJLc3+NPrZdNxuADnrW0MrR + OgJwd1vTpHAwf14ipOitzf4PyBWE5EyL2VIV + QM8oB3+xgZqG2QwAaGe4ZOrrDXQotQ5BmS1d + Y8SebfcylVUWKJK4kJzAvGjLddZ/1pq2bO2w + awj2UarfydJvH+JnX44cykGZeT3x7Y26jEzn + DL5/2NNPVU3jTl/HKdeyMG2INPxWr6z/+PXs + Wn0IjTRpVrKjoTIl2/hUctsldNgZ/kjKhP+U + VrI3O0cBhUM4BPV01mAU8Cq0nhrkRt0ESgo3 + Bulleb0NLQlhBgo0aiZYQLIA8cDLeAi/dIE= ) diff --git a/bin/tests/system/legacy/ns6/named.args b/bin/tests/system/legacy/ns6/named.args new file mode 100644 index 0000000..3475121 --- /dev/null +++ b/bin/tests/system/legacy/ns6/named.args @@ -0,0 +1 @@ +-m record -c named.conf -d 99 -D legacy-ns6 -X named.lock -g -U 4 -T maxcachesize=2097152 -T maxudp512 diff --git a/bin/tests/system/legacy/ns6/named.conf.in b/bin/tests/system/legacy/ns6/named.conf.in new file mode 100644 index 0000000..17f19d9 --- /dev/null +++ b/bin/tests/system/legacy/ns6/named.conf.in @@ -0,0 +1,29 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * SPDX-License-Identifier: MPL-2.0 + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, you can obtain one at https://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +options { + query-source address 10.53.0.6; + notify-source 10.53.0.6; + transfer-source 10.53.0.6; + port @PORT@; + pid-file "named.pid"; + listen-on { 10.53.0.6; }; + listen-on-v6 { none; }; + recursion no; + dnssec-validation no; +}; + +zone "edns512" { + type primary; + file "edns512.db.signed"; +}; diff --git a/bin/tests/system/legacy/ns6/sign.sh b/bin/tests/system/legacy/ns6/sign.sh new file mode 100755 index 0000000..f76b3c2 --- /dev/null +++ b/bin/tests/system/legacy/ns6/sign.sh @@ -0,0 +1,30 @@ +#!/bin/sh + +# Copyright (C) Internet Systems Consortium, Inc. ("ISC") +# +# SPDX-License-Identifier: MPL-2.0 +# +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, you can obtain one at https://mozilla.org/MPL/2.0/. +# +# See the COPYRIGHT file distributed with this work for additional +# information regarding copyright ownership. + +. ../../conf.sh + +SYSTESTDIR=legacy + +echo_i "sign edns512" + +zone=edns512 +infile=edns512.db.in +zonefile=edns512.db +outfile=edns512.db.signed + +keyname1=$($KEYGEN -a RSASHA512 -b 4096 -n zone $zone 2> /dev/null) +keyname2=$($KEYGEN -f KSK -a RSASHA512 -b 4096 -n zone $zone 2> /dev/null) + +cat $infile $keyname1.key $keyname2.key >$zonefile + +$SIGNER -g -o $zone -f $outfile -e +30y $zonefile > /dev/null 2> signer.err || cat signer.err diff --git a/bin/tests/system/legacy/ns7/edns512-notcp.db.in b/bin/tests/system/legacy/ns7/edns512-notcp.db.in new file mode 100644 index 0000000..e181ca4 --- /dev/null +++ b/bin/tests/system/legacy/ns7/edns512-notcp.db.in @@ -0,0 +1,15 @@ +; Copyright (C) Internet Systems Consortium, Inc. ("ISC") +; +; SPDX-License-Identifier: MPL-2.0 +; +; This Source Code Form is subject to the terms of the Mozilla Public +; License, v. 2.0. If a copy of the MPL was not distributed with this +; file, you can obtain one at https://mozilla.org/MPL/2.0/. +; +; See the COPYRIGHT file distributed with this work for additional +; information regarding copyright ownership. + +@ 60 SOA ns marka.isc.org. 1 0 0 0 0 +@ 60 NS ns +@ 60 TXT a txt record +ns 60 A 10.53.0.7 diff --git a/bin/tests/system/legacy/ns7/edns512-notcp.db.signed b/bin/tests/system/legacy/ns7/edns512-notcp.db.signed new file mode 100644 index 0000000..495d098 --- /dev/null +++ b/bin/tests/system/legacy/ns7/edns512-notcp.db.signed @@ -0,0 +1,226 @@ +; File written on Fri Oct 23 13:08:56 2020 +; dnssec_signzone version 9.17.6 +edns512-notcp. 60 IN SOA ns.edns512-notcp. marka.isc.org. ( + 1 ; serial + 0 ; refresh (0 seconds) + 0 ; retry (0 seconds) + 0 ; expire (0 seconds) + 0 ; minimum (0 seconds) + ) + 60 RRSIG SOA 10 1 60 ( + 20501016010856 20201023010856 22916 edns512-notcp. + oLYJAlTUS8D9FSdgdL+wQVNbWZamSxv+vTx1 + 3zAfTgMV/n3RclAtFfFENe+bNxW5vkt4ADEg + j5ys/MFnLA0pgw3fjziIzR2OwEQpuw76A8S/ + ecLVvon5VcEOvKRhUbDJoAS2PatPPqnGxVyE + bs+fBCqeorUl/noU/6TfiISIeVcOmEgZX9I7 + 9LN//CmDpGeZGMm3q6S3LlmsXnBoaMb6g1SN + xH/aA/xstiHXvwRLy1YwtImJa92WIZPaA9tb + zCX9vVXaVtnLxUVz7PyJOAW/+jsg4IfVmpbz + GboD0FdgENC4KuIHjjA93opAOI3iOuREmGEw + 7kBPAgaVB8EzypYxgKoEuargmw+3TymHipZE + e0/0JeXFdRbaiUQWXtKtYfPcmHcnrY5JO1eo + KjNbAakpDkd1wt5EtMc16TO7+00cY4VtUZNJ + IOLtzXByCy2a5FRWzar1InYhicUIvM6VoP5b + tj9QcYLWT3e1E0aXeBia2Qy+hS/Ut4X+vYvp + gedVySBjk8tSDyAkm7ALDiI1gPjdZfCWO+E3 + 8XI4RbCvaGNlZ4rRH17SKyjxJrgiAPN562bg + NAA2F/S5dzLOQn3wwXgHEwu77WisvMV5yrG+ + 3ef8eVEapJgNGzz1YlPTolpYn9EbAtRMxBcK + 6/CFz0Qf6cfBrHS3lxHj78Dcj53O0+zKenY= ) + 60 NS ns.edns512-notcp. + 60 RRSIG NS 10 1 60 ( + 20501016010856 20201023010856 22916 edns512-notcp. + r+WNvwHqzInk8Q/8bDkT4gUbgtc/ArysbpOC + Cw7LGnAREt4W6sZ3okkeXb8fnN/t8bsgE9IU + Hy7/IuhFu9eMzBYYuc4tzELXVswlCRpUvlVA + 0zUJpNmyAcUuCyesy/pu67X0H7mUJX6Z1MKc + /o9F21lGkbXxSPSEgRYp6Kmr0s6oGxUqfPL8 + KDM6yuLBn9YtXzZl5W95aHFGHSlJrCmOeW8P + 8Y+5PAWN3fqA8Djgxy1EOMswFVZqmdM0K9oE + +oDjTKtj87YmrwdPsUlJLUQTJuoGIpAZxSj8 + 4Vgs0sdfdo0w0ZyqljYnlrNUlj214FdbXBec + CCTSgGcacg7GTW/0yWWeP/cvvVh0MkXWVO37 + SUecD9jeMwyjFLfVFpzxkgbHO3AiBG8Y9rTk + ma18D/hAagbTLGlDhnjz0B/2loVCkRmvWyQp + 4Kgpt807cX5w/mR4a/M+//OUTm4xtdq/Ym6f + VXLK+JOX8Z+RsDfMWBNodT+JgefnfvdfMaiK + FA65Sgq2TIhe75v7ttoN0FaPmIv/g1lgKSxA + sLg9syXSUp6Z08wWy3V0jYhs89s4ZJmjezYc + bZKvszSqmoCm3KXAkrRUyYooPpNVaMK8taQ1 + v9vIiC7bFCap8eAogMrfjz1MImIQ/lsH0SC4 + T+OLiqKK0/uXrqO13FW9EKj5NyBeioURx/k= ) + 60 TXT "a" "txt" "record" + 60 RRSIG TXT 10 1 60 ( + 20501016010856 20201023010856 22916 edns512-notcp. + 06INKYbKaphZUY5Nyc/FuiZolDsQBWnkMB0+ + pwW/nUhCfXbZR+6wFuvmZHwDRUVvBGsLgPMs + WvUw313CsRB35vCb0ncGtFxaKdUahbf/9N2w + 600wINuoRSTdxkuGlFbF2Rm0IjuATXkK0QFJ + /eSuATu2PfmMyy2MVtjTWCNIEcCJNXm6HjKj + KokuKB5YJWdR7pI/ofJD0v8L9Y1uM6uOMSEm + MW3jnrqnItg0CzpdAoJNDKCdv0lVz2SYAMIm + fbbYGbfhjGJnHvU+PZmgX4OI0F0QKXT+AAe1 + fJaMBPFU5vvQo+Q/UYcWW+tc9jUiSMTwCOjW + j+cPJypLx7U3Hx3knUscYsikohQv9gqMTQsB + ylqpwJVbofgR62DWqlUUbgoEnILM18SvZ54A + nOcjfz6wLw3/jG/ONsXqLuyYiqetXGhhQLz3 + DxzQrCts1vXWGCnjWdqHeDGZoPWK9RMcsK46 + nGd+jHlOBvCgpgb0KEwKYBIdwnYgoLXqldVM + VEjJ4yJa0Lt9FDFEjdJmI9pcDkE/zAZSfKHF + cf0U/hHy303QpiL9c+2zzEeYpZzDltZfv1/g + oyVFPFxPxp8iNj2W4B1hYTYCgS3M/S75ylgQ + np/QyDv4PX6nIsVPvZUhslm62LfkRnANpqBe + y/VfZDrEHxsd6/4kpqFVhlCgmnCfvwT1PgU= ) + 0 NSEC ns.edns512-notcp. NS SOA TXT RRSIG NSEC DNSKEY + 0 RRSIG NSEC 10 1 0 ( + 20501016010856 20201023010856 22916 edns512-notcp. + ZuI5yl2PzNehPw4HKsR3G/mN2LWtAr+7xWkE + 2pm/Zr8LhnecYz0wbZkve5EDjLe7/93TH7y6 + n7RD4N4W/jtK80J82Xpjy7xOZ3UX4PVoX/0s + IvJFHCPEmlzuzHiVZglMZS9HQl9aY6J5KIde + T4xRnY8YzhvraHi2E2T7HPIGZLZVccWU1dFe + qAxaIhmVYAbLNixd2TbKr6SeWfLQRvn4aM3H + 90k5kSMwePOieyMtvfapmCsOIOxjG2KpibIX + VWnQrXGig5IQ0nOPkamKde5eTYH+cxkx2AHA + gjHutcrbrvwtW4HomW65BNZzyyknX8kC5eo9 + RdAOWTpEXhDDxoU9QxsI6U8zRIwDEuet63N8 + oESfik7AXDST1kJjLeY9QyX8FYKOQoCjxfIA + o06MTKN5OjtRquQUiCHNyOo3ySwaabEHVsbG + a28Laelo8oaPxEFZpVC02N9c2TW6H4gHijzm + WuyrlTV5T2FEQiWLlizVrDDKfNSbbF5DMw1A + AqYIiWUHTa5FAXT+DwBQaN1rd0FJXXMM4Uk+ + a9Mquw9whK5TOe0BSHOsctPz3rAXVmQ/C6Tk + U0tZAmxEsPQDPiM29VdTx2CfTiTqYDsLVCl5 + HUwHMYj9z5uVTZ8pD5zqI3NFH6KrqPlTB/je + ksrzOGaJrtnyj5oGExNWriYVsZx8FoyPNv0= ) + 60 DNSKEY 256 3 10 ( + AwEAAdnQArhgG2vUoiAvs8zH8Z/+RTBxYUnv + /J3Vd9ierGFvvWonU1Ao/WWspZggXe3I6ZmK + +NCSuVlWb1HmemTobib6jdKWpNOMn8OcJHSE + 4TsbOB0+sOknDdU/C8akwegHG2zgQG5dSKRC + oLVqlsnV27lFQrmpVm+cm0IruorTWJRC2W5t + iXnblVQ0ouR54SYG8+k18UqJDVfg1YBfDkzM + eMvz/wJjFy156yPul982VaRHT/xU+Ol5S/+c + yy91W22Q9ktlIjiIu5NLeH6TTwwfGu0YY+h7 + rMFImDkwPeTX+K28BRdjYY2htH8O+ZfbmYE7 + Ft8+qF9P7Df7YUPBiREs350NVuDMeqcJmbsi + yOFBZ+J/QJU7nM5VHCFeUIDZ873/o2bJN0W2 + MaI+v+WsTmHN+W42EmejonGZqlC4ct9j8KO5 + Z73y1+jdzqDOJfIctxRyqK6cF6PBz0Y1QoLI + Z3fmX4IsdIaiFH7h73R4s3uXYTx8BUzY369p + 95jxpMBqMPeFvOaYzeHc4hSqcXIehGwIIUj2 + XQxZU1wf8ijaDXOBM+Ccei147Njd/VOjhJ0F + MG/5EjCkrVLC2IVUO8VMuvpBtji5RNSal6b8 + 0pIZTgEposeT8dbNP8ojzAG15HclFgzjY/Q8 + 90DErfB8UsCtcOz060UKMYKx+zcoYU9KRo2u + 77b9 + ) ; ZSK; alg = RSASHA512 ; key id = 22916 + 60 DNSKEY 257 3 10 ( + AwEAAZ4bc3CnvoIGDpDOW2+afYCU7pSIFNzW + ueXVOjPRolnxUaJYwLyCIHngpm+9/9stMh+E + LBFozA785zPhfqnRaZz1xWMP1D5bHu6SXmpF + V88BOnSznEbam/kqzQTrowH2hs3SClFI2wFD + QsKytzgnRDFEkysgfbjx8rOQZLRV3HN56z39 + DgWWC4kz++0FQtp4rZRr0TKgpIXDYJbBxgWn + em43xdlCv8qErE2jRfE+gto6bS3Uw71qfFTn + XBuvoI2Tfy/cxCa4oeamWYwrfFKbSC0fEykG + 3YnTrYIqJCEnD8h5191h6GZ0OZ0XGWKD14N3 + NjXYSjjorqbqUSU01vDxS/8UvCKknmLCTTpN + Jm3RvpWM9EIghF3qDDgMgFd/hFlJsBGg1MxQ + vGskBg+PdsPDLQZRbpWy+5umLCZ//3Djmok4 + YnvnaFLeMnRlu0x4vTFtpuEdkwTrGUacOkJu + 53vH1pofl3WqC4PrPVwsQXNHTJcZTiHnyAN5 + wM4h6kD47+VKS2888SP49Bi36ypSnZp5bfM9 + wW3zOgh1oFUKTyknQWOX8Saxr+g3sVBZot7V + EpTEeJOWOwdSSRj/K/2UiXI5QJEX4+4aJYxA + ak8OJCmixLmcSVsY4MYsK2m9I0Sl6brGn0xG + qUa0SBTVw+X3zyybLlsqJV8LX9W7sLeM3OgY + st7t + ) ; KSK; alg = RSASHA512 ; key id = 8161 + 60 RRSIG DNSKEY 10 1 60 ( + 20501016010856 20201023010856 22916 edns512-notcp. + klMRNVbs52XfLa1AZNHlAiQWqzjNjNQ7yuVG + 9o8sxcAqzrxvdcnISC9CNz867Sw2JKs9dMZi + Vv07Jm/f85wN/B9OO63NbxQHgtMAv3lT5isN + 4xC7NJtDQCPIEKrgPjnznJG1/XiWZudPemv0 + dpTIMR9fiQHC5Z0I+xqUsRJjlBc4x1tPrPNC + 9r+YEaQlwKT59pWHTLPpBYZE+0jjNY9wMrhX + 1uP7gS8z0s0iyldhIgIicccjdRrCCc6EoNnc + ToEfWsLMN2HTNCtAAxCHSNTPrC2wriKl4CHi + Pqy2AsztfLLkyT+dR/gBLFbjHasp/5O1Y5M+ + 60WywgNr/tbsNzzuSSfcIZ4RM3JhS7cgoZpP + MEsumXOyJdTLF9oIZK3QKVjT07eai/KA+Vjt + bbkVBvagosE+uCCXhpM4nn0oTfZCZiIoUADr + wQ2PuvujEzPbky2BuX7iQGV90G1bcidpS1B8 + Hm7zrpOjO0mwNyF29YTcJkgelvVOmEaAH3X4 + +Enmji13kQmWkkc0sUYq9tyX0gTiXjZtz/4I + Yl/JOng3/CKS7/In20p1Oea4Sa0GDqtlmK+f + YsgaAkCaN1RbZslNDpphgEIKUF8M9YZVaAlE + XNqj5HFeqzOAoGNN/rUKKgNWcRynJdHP13gd + AoUxJa5FxdxZB4AAk6vfojOFjU7kQyeJlh8= ) + 60 RRSIG DNSKEY 10 1 60 ( + 20501016010856 20201023010856 8161 edns512-notcp. + Y27v9t6VkOZzuEdGZIr33RTGJ+L4QfWkoCvj + 9VGdOsj3dWVATqwYoGmlfRqlm6m2L7yhJVTC + pI8ihj/Tl7aoROTBnJGO9CkuvXKeGt16LIpi + ZBz9FbZ6MPwwjn7uPlm4RR51mscTWdu1Y45e + zs/uPxc2qpafl3NnBwcAw9l1VM9f11Ah7+tu + WA58niT+GMwKVSB2B0+cDQoP5covZmU3DjgE + 8CmqwBUF4cElQ4DcGGy6LkWdO2+Yj8ANCsUS + DTeE8j7XLVGGurwgwL0TNPA1yntibvl+U+ti + vznWlvsV7Mww16j83BrJvEeTVOGthINdtL4P + 7Pm6U6NUSMJNK2lGB3VucJyLDuuUN3CNNfsb + IO+6vBrA/T6UtXaRfv5c5Xnq9dcrbiYW1ar3 + Ysw6cpGi2Ti2YO5EfG8OfGmHeZXK+OqrTNEn + T14ELewVKVEWv4lGiVbddDUq7YmltoYog2Zp + DsyahxOgfFLYj32pYIdNRr5HE9c1FwOZXmnz + wPp/rB1baf5eNddRxJtDaEo/ek5v+CtWC6Y+ + eRwBKWN/ozmc5JnNpoJtKSvRlTuGYlKElct0 + 1cS9BmZsu/zAt4kGuNC71758XnVSd1CcwhwA + WYEAvrJV2+wr7jpjHvq1tGrCEPppBaelrwut + CGfenY08YE/dDMmbFPXMFUHbhtz1qvFiMjU= ) +ns.edns512-notcp. 60 IN A 10.53.0.7 + 60 RRSIG A 10 2 60 ( + 20501016010856 20201023010856 22916 edns512-notcp. + tFjfl9DvT60ko1h9p55T2s5hU4CmmHEYrMUg + 9Iv+tvW9YoCiHESBC7TkDmdVT8YwzaLDjlTf + YxgA5KLhV+04M9m7vUgxK5T4vjiE43VnTq7x + L+hM9cvjQ4sKTBJLHmTrKjrcE5fyd0/F3jvF + MiomX/8p7PLq2fzZWwygjiOrkd0s7ypFEuoX + AjRoxo60q2oV9/8jiKkgiD4+UEIqU/fxURP+ + 1MpNVqks/PXSFVQcyGrQKddiRpp53yYlgcDv + /0ulXnxK53dQ3CqymOflJrf7B5H0rq8LQHjK + ZO3ys54sWq80jxtxRWNMBvygmHl+LFCes5mL + GuB1pFYJq7z026GC6QHbVmOQu5P2pLOr13jW + KBwRisr0/BN/no3goGVAP7hJD47r2fr0E8WL + K1GJZI2McrHgQW12NnZm43AI2z7xjapbRquB + HMeJR8bPfjxEhy555AE0B1AXZobiuZHtycox + XBS+A9URAYx78OWAgAENF94rnkKIoSAmMENJ + KX29TEHrNLG3MCWxX9mRnMzON+5oTZjOxV8R + KIc6Qw/hE93Bho1+3Vdlq8X2Gwu8RswwLBgH + e3AnKRHWGTbv6uUwKCVrTyZOQft+yiKxooBr + Wz0AgEosnuwenxjw4Tim/Z5NhLnzrJBaSyjo + Pt+wguhDW1boaCf/4RYOAZtSNNalGnJNV4k= ) + 0 NSEC edns512-notcp. A RRSIG NSEC + 0 RRSIG NSEC 10 2 0 ( + 20501016010856 20201023010856 22916 edns512-notcp. + hwvmKC/yVOUavH1cty6pg1EyTNBo+MAz+KjY + UmodFwGPv2EuRY/6TcujLTMHdeSbi71e+JQU + +ij6TXcXNZl7CpZbBEfVZd8xvTPYykhO3rr8 + cckPre1p8pGx56x7nVjRA1P/+oyjjr6j1nVZ + RewWOrSo/LPah4WY2iyEJH0JF5H/SVrF2Z86 + XT4YrLqe+1vpeRw0C8VNAJGZbd6H90Qu/Cnd + Xdyj1OOl+RQbvJCVpcw6/fFmcNRy5zbQJFA6 + nsGyCL62OfptdByQKJhSU6gQcaWcMnYeqSgT + I3yBye1whQ/2fdgyKUFAESbPRp7WpzXzNabf + ZNeLRZT8RGsjHD4i0OqCL+R6axXl53wUn7sa + pXWTRBWIKshnTJrzntIkdXLq1qQtxnw7zA6h + kUCVzf1FzjP64cHh928CQBbnfT1MSdJuQe1G + /RGCn0RwOcn+n06O2uiCBmwkGnrZB/+Yytzp + apdULCyUmvByozvKYp73GOK4eTAqNF6igEAc + pSz8oXZy+wmVG1l72yli1Eyunm010Skb3oxe + 23htSPq1MIqETzAWtMJM082F9vAEjTJNSnSo + RFpPnlq6LDjtr7Z6/mRcqVXx5OC1nj4Svaxo + JOebR0igOJcAKG9gCGz6ffDy/1VeUHCnzvKR + vgJZjbvXDuHkOzNB6KYc3N2BglMIxajwVcQ= ) diff --git a/bin/tests/system/legacy/ns7/named.args b/bin/tests/system/legacy/ns7/named.args new file mode 100644 index 0000000..1da4980 --- /dev/null +++ b/bin/tests/system/legacy/ns7/named.args @@ -0,0 +1 @@ +-m record -c named.conf -d 99 -D legacy-ns7 -X named.lock -g -U 4 -T maxcachesize=2097152 -T maxudp512 diff --git a/bin/tests/system/legacy/ns7/named.conf.in b/bin/tests/system/legacy/ns7/named.conf.in new file mode 100644 index 0000000..30f3ea2 --- /dev/null +++ b/bin/tests/system/legacy/ns7/named.conf.in @@ -0,0 +1,29 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * SPDX-License-Identifier: MPL-2.0 + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, you can obtain one at https://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +options { + query-source address 10.53.0.7; + notify-source 10.53.0.7; + transfer-source 10.53.0.7; + port @PORT@; + pid-file "named.pid"; + listen-on { 10.53.0.7; }; + listen-on-v6 { none; }; + recursion no; + dnssec-validation no; +}; + +zone "edns512-notcp" { + type primary; + file "edns512-notcp.db.signed"; +}; diff --git a/bin/tests/system/legacy/ns7/named.notcp b/bin/tests/system/legacy/ns7/named.notcp new file mode 100644 index 0000000..e25c3a8 --- /dev/null +++ b/bin/tests/system/legacy/ns7/named.notcp @@ -0,0 +1 @@ +notcp diff --git a/bin/tests/system/legacy/ns7/sign.sh b/bin/tests/system/legacy/ns7/sign.sh new file mode 100755 index 0000000..c2153f9 --- /dev/null +++ b/bin/tests/system/legacy/ns7/sign.sh @@ -0,0 +1,33 @@ +#!/bin/sh + +# Copyright (C) Internet Systems Consortium, Inc. ("ISC") +# +# SPDX-License-Identifier: MPL-2.0 +# +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, you can obtain one at https://mozilla.org/MPL/2.0/. +# +# See the COPYRIGHT file distributed with this work for additional +# information regarding copyright ownership. + +. ../../conf.sh + +SYSTESTDIR=legacy + +echo_i "sign edns512-notcp" + +zone=edns512-notcp +infile=edns512-notcp.db.in +zonefile=edns512-notcp.db +outfile=edns512-notcp.db.signed + +keyname1=$($KEYGEN -a RSASHA512 -b 4096 -n zone $zone 2> /dev/null) +keyname2=$($KEYGEN -f KSK -a RSASHA512 -b 4096 -n zone $zone 2> /dev/null) + +cat $infile $keyname1.key $keyname2.key >$zonefile + +$SIGNER -g -o $zone -f $outfile -e +30y $zonefile > /dev/null 2> signer.err || cat signer.err + +keyfile_to_static_ds $keyname2 > trusted.conf +cp trusted.conf ../ns1 diff --git a/bin/tests/system/legacy/ns8/ednsformerr.db b/bin/tests/system/legacy/ns8/ednsformerr.db new file mode 100644 index 0000000..9aa3a4a --- /dev/null +++ b/bin/tests/system/legacy/ns8/ednsformerr.db @@ -0,0 +1,14 @@ +; Copyright (C) Internet Systems Consortium, Inc. ("ISC") +; +; SPDX-License-Identifier: MPL-2.0 +; +; This Source Code Form is subject to the terms of the Mozilla Public +; License, v. 2.0. If a copy of the MPL was not distributed with this +; file, you can obtain one at https://mozilla.org/MPL/2.0/. +; +; See the COPYRIGHT file distributed with this work for additional +; information regarding copyright ownership. + +@ 60 SOA ns marka.isc.org. 1 0 0 0 0 +@ 60 NS ns +ns 60 A 10.53.0.8 diff --git a/bin/tests/system/legacy/ns8/named.conf.in b/bin/tests/system/legacy/ns8/named.conf.in new file mode 100644 index 0000000..7431cf8 --- /dev/null +++ b/bin/tests/system/legacy/ns8/named.conf.in @@ -0,0 +1,29 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * SPDX-License-Identifier: MPL-2.0 + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, you can obtain one at https://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +options { + query-source address 10.53.0.8; + notify-source 10.53.0.8; + transfer-source 10.53.0.8; + port @PORT@; + pid-file "named.pid"; + listen-on { 10.53.0.8; }; + listen-on-v6 { none; }; + recursion no; + dnssec-validation no; +}; + +zone "ednsformerr" { + type primary; + file "ednsformerr.db"; +}; diff --git a/bin/tests/system/legacy/ns8/named.ednsformerr b/bin/tests/system/legacy/ns8/named.ednsformerr new file mode 100644 index 0000000..e35cb02 --- /dev/null +++ b/bin/tests/system/legacy/ns8/named.ednsformerr @@ -0,0 +1 @@ +ednsformerr diff --git a/bin/tests/system/legacy/ns9/ednsnotimp.db b/bin/tests/system/legacy/ns9/ednsnotimp.db new file mode 100644 index 0000000..9aa3a4a --- /dev/null +++ b/bin/tests/system/legacy/ns9/ednsnotimp.db @@ -0,0 +1,14 @@ +; Copyright (C) Internet Systems Consortium, Inc. ("ISC") +; +; SPDX-License-Identifier: MPL-2.0 +; +; This Source Code Form is subject to the terms of the Mozilla Public +; License, v. 2.0. If a copy of the MPL was not distributed with this +; file, you can obtain one at https://mozilla.org/MPL/2.0/. +; +; See the COPYRIGHT file distributed with this work for additional +; information regarding copyright ownership. + +@ 60 SOA ns marka.isc.org. 1 0 0 0 0 +@ 60 NS ns +ns 60 A 10.53.0.8 diff --git a/bin/tests/system/legacy/ns9/named.conf.in b/bin/tests/system/legacy/ns9/named.conf.in new file mode 100644 index 0000000..385fbfd --- /dev/null +++ b/bin/tests/system/legacy/ns9/named.conf.in @@ -0,0 +1,29 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * SPDX-License-Identifier: MPL-2.0 + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, you can obtain one at https://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +options { + query-source address 10.53.0.9; + notify-source 10.53.0.9; + transfer-source 10.53.0.9; + port @PORT@; + pid-file "named.pid"; + listen-on { 10.53.0.9; }; + listen-on-v6 { none; }; + recursion no; + dnssec-validation no; +}; + +zone "ednsnotimp" { + type primary; + file "ednsnotimp.db"; +}; diff --git a/bin/tests/system/legacy/ns9/named.ednsnotimp b/bin/tests/system/legacy/ns9/named.ednsnotimp new file mode 100644 index 0000000..4e6424d --- /dev/null +++ b/bin/tests/system/legacy/ns9/named.ednsnotimp @@ -0,0 +1 @@ +ednsnotimp diff --git a/bin/tests/system/legacy/setup.sh b/bin/tests/system/legacy/setup.sh new file mode 100644 index 0000000..d2a53bb --- /dev/null +++ b/bin/tests/system/legacy/setup.sh @@ -0,0 +1,25 @@ +#!/bin/sh + +# Copyright (C) Internet Systems Consortium, Inc. ("ISC") +# +# SPDX-License-Identifier: MPL-2.0 +# +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, you can obtain one at https://mozilla.org/MPL/2.0/. +# +# See the COPYRIGHT file distributed with this work for additional +# information regarding copyright ownership. + +. ../conf.sh + +copy_setports ns1/named1.conf.in ns1/named.conf +copy_setports ns2/named.conf.in ns2/named.conf +copy_setports ns3/named.conf.in ns3/named.conf +copy_setports ns4/named.conf.in ns4/named.conf +copy_setports ns5/named.conf.in ns5/named.conf +copy_setports ns6/named.conf.in ns6/named.conf +copy_setports ns7/named.conf.in ns7/named.conf +copy_setports ns8/named.conf.in ns8/named.conf +copy_setports ns9/named.conf.in ns9/named.conf +copy_setports ns10/named.conf.in ns10/named.conf diff --git a/bin/tests/system/legacy/tests.sh b/bin/tests/system/legacy/tests.sh new file mode 100755 index 0000000..44d3b11 --- /dev/null +++ b/bin/tests/system/legacy/tests.sh @@ -0,0 +1,269 @@ +#!/bin/sh + +# Copyright (C) Internet Systems Consortium, Inc. ("ISC") +# +# SPDX-License-Identifier: MPL-2.0 +# +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, you can obtain one at https://mozilla.org/MPL/2.0/. +# +# See the COPYRIGHT file distributed with this work for additional +# information regarding copyright ownership. + +set -e + +. ../conf.sh + +DIGOPTS="-p ${PORT} +tries=1 +time=2" + +# Check whether the SOA record for the name provided in $1 can be resolved by +# ns1. Return 0 if resolution succeeds as expected; return 1 otherwise. +resolution_succeeds() { + _ret=0 + $DIG $DIGOPTS +tcp +tries=3 +time=5 @10.53.0.1 ${1} SOA > dig.out.test$n || _ret=1 + grep "status: NOERROR" dig.out.test$n > /dev/null || _ret=1 + return $_ret +} + +# Check whether the SOA record for the name provided in $1 can be resolved by +# ns1. Return 0 if resolution fails as expected; return 1 otherwise. Note that +# both a SERVFAIL response and timing out mean resolution failed, so the exit +# code of dig does not influence the result (the exit code for a SERVFAIL +# response is 0 while the exit code for not getting a response at all is not 0). +resolution_fails() { + _servfail=0 + _timeout=0 + $DIG $DIGOPTS +tcp +time=5 @10.53.0.1 ${1} TXT > dig.out.test$n + grep -F "status: SERVFAIL" dig.out.test$n > /dev/null && _servfail=1 + grep -F "timed out" dig.out.test$n > /dev/null && _timeout=1 + if [ $_servfail -eq 1 ] || [ $_timeout -eq 1 ]; then + return 0 + else + return 1 + fi +} + +status=0 +n=0 + +n=$((n + 1)) +echo_i "checking formerr edns server setup ($n)" +ret=0 +$DIG $DIGOPTS +edns @10.53.0.8 ednsformerr soa > dig.out.1.test$n || ret=1 +grep "status: FORMERR" dig.out.1.test$n > /dev/null || ret=1 +grep "EDNS: version:" dig.out.1.test$n > /dev/null && ret=1 +$DIG $DIGOPTS +noedns @10.53.0.8 ednsformerr soa > dig.out.2.test$n || ret=1 +grep "status: NOERROR" dig.out.2.test$n > /dev/null || ret=1 +grep "EDNS: version:" dig.out.2.test$n > /dev/null && ret=1 +if [ $ret != 0 ]; then echo_i "failed"; fi +status=$((status + ret)) + +n=$((n + 1)) +echo_i "checking recursive lookup to formerr edns server succeeds ($n)" +ret=0 +resolution_succeeds ednsformerr. || ret=1 +if [ $ret != 0 ]; then echo_i "failed"; fi +status=$((status + ret)) + +n=$((n + 1)) +echo_i "checking notimp edns server setup ($n)" +ret=0 +$DIG $DIGOPTS +edns @10.53.0.9 ednsnotimp soa > dig.out.1.test$n || ret=1 +grep "status: NOTIMP" dig.out.1.test$n > /dev/null || ret=1 +grep "EDNS: version:" dig.out.1.test$n > /dev/null && ret=1 +$DIG $DIGOPTS +noedns @10.53.0.9 ednsnotimp soa > dig.out.2.test$n || ret=1 +grep "status: NOERROR" dig.out.2.test$n > /dev/null || ret=1 +grep "EDNS: version:" dig.out.2.test$n > /dev/null && ret=1 +if [ $ret != 0 ]; then echo_i "failed"; fi +status=$((status + ret)) + +n=$((n + 1)) +echo_i "checking recursive lookup to notimp edns server fails ($n)" +ret=0 +resolution_fails ednsnotimp. || ret=1 +if [ $ret != 0 ]; then echo_i "failed"; fi +status=$((status + ret)) + +n=$((n + 1)) +echo_i "checking refused edns server setup ($n)" +ret=0 +$DIG $DIGOPTS +edns @10.53.0.10 ednsrefused soa > dig.out.1.test$n || ret=1 +grep "status: REFUSED" dig.out.1.test$n > /dev/null || ret=1 +grep "EDNS: version:" dig.out.1.test$n > /dev/null && ret=1 +$DIG $DIGOPTS +noedns @10.53.0.10 ednsrefused soa > dig.out.2.test$n || ret=1 +grep "status: NOERROR" dig.out.2.test$n > /dev/null || ret=1 +grep "EDNS: version:" dig.out.2.test$n > /dev/null && ret=1 +if [ $ret != 0 ]; then echo_i "failed"; fi +status=$((status + ret)) + +n=$((n + 1)) +echo_i "checking recursive lookup to refused edns server fails ($n)" +ret=0 +resolution_fails ednsrefused. || ret=1 +if [ $ret != 0 ]; then echo_i "failed"; fi +status=$((status + ret)) + +n=$((n + 1)) +echo_i "checking drop edns server setup ($n)" +ret=0 +$DIG $DIGOPTS +edns @10.53.0.2 dropedns soa > dig.out.1.test$n && ret=1 +grep "timed out" dig.out.1.test$n > /dev/null || ret=1 +grep ";; no servers could be reached" dig.out.1.test$n > /dev/null || ret=1 +$DIG $DIGOPTS +noedns @10.53.0.2 dropedns soa > dig.out.2.test$n || ret=1 +grep "status: NOERROR" dig.out.2.test$n > /dev/null || ret=1 +grep "EDNS: version:" dig.out.2.test$n > /dev/null && ret=1 +$DIG $DIGOPTS +noedns +tcp @10.53.0.2 dropedns soa > dig.out.3.test$n || ret=1 +grep "status: NOERROR" dig.out.3.test$n > /dev/null || ret=1 +grep "EDNS: version:" dig.out.3.test$n > /dev/null && ret=1 +$DIG $DIGOPTS +edns +tcp @10.53.0.2 dropedns soa > dig.out.4.test$n && ret=1 +grep "timed out" dig.out.4.test$n > /dev/null || ret=1 +grep ";; no servers could be reached" dig.out.4.test$n > /dev/null || ret=1 +if [ $ret != 0 ]; then echo_i "failed"; fi +status=$((status + ret)) + +n=$((n + 1)) +echo_i "checking recursive lookup to drop edns server fails ($n)" +ret=0 +resolution_fails dropedns. || ret=1 +if [ $ret != 0 ]; then echo_i "failed"; fi +status=$((status + ret)) + +n=$((n + 1)) +echo_i "checking drop edns + no tcp server setup ($n)" +ret=0 +$DIG $DIGOPTS +edns @10.53.0.3 dropedns-notcp soa > dig.out.1.test$n && ret=1 +grep "timed out" dig.out.1.test$n > /dev/null || ret=1 +grep ";; no servers could be reached" dig.out.1.test$n > /dev/null || ret=1 +$DIG $DIGOPTS +noedns +tcp @10.53.0.3 dropedns-notcp soa > dig.out.2.test$n && ret=1 +grep "connection refused" dig.out.2.test$n > /dev/null || ret=1 +$DIG $DIGOPTS +noedns @10.53.0.3 dropedns-notcp soa > dig.out.3.test$n || ret=1 +grep "status: NOERROR" dig.out.3.test$n > /dev/null || ret=1 +grep "EDNS: version:" dig.out.3.test$n > /dev/null && ret=1 +if [ $ret != 0 ]; then echo_i "failed"; fi +status=$((status + ret)) + +n=$((n + 1)) +echo_i "checking recursive lookup to drop edns + no tcp server fails ($n)" +ret=0 +resolution_fails dropedns-notcp. || ret=1 +if [ $ret != 0 ]; then echo_i "failed"; fi +status=$((status + ret)) + +n=$((n + 1)) +echo_i "checking plain dns server setup ($n)" +ret=0 +$DIG $DIGOPTS +edns @10.53.0.4 plain soa > dig.out.1.test$n || ret=1 +grep "status: NOERROR" dig.out.1.test$n > /dev/null || ret=1 +grep "EDNS: version:" dig.out.1.test$n > /dev/null && ret=1 +$DIG $DIGOPTS +edns +tcp @10.53.0.4 plain soa > dig.out.2.test$n +grep "status: NOERROR" dig.out.2.test$n > /dev/null || ret=1 +grep "EDNS: version:" dig.out.2.test$n > /dev/null && ret=1 +if [ $ret != 0 ]; then echo_i "failed"; fi +status=$((status + ret)) + +n=$((n + 1)) +echo_i "checking recursive lookup to plain dns server succeeds ($n)" +ret=0 +resolution_succeeds plain. || ret=1 +if [ $ret != 0 ]; then echo_i "failed"; fi +status=$((status + ret)) + +n=$((n + 1)) +echo_i "checking plain dns + no tcp server setup ($n)" +ret=0 +$DIG $DIGOPTS +edns @10.53.0.5 plain-notcp soa > dig.out.1.test$n || ret=1 +grep "status: NOERROR" dig.out.1.test$n > /dev/null || ret=1 +grep "EDNS: version:" dig.out.1.test$n > /dev/null && ret=1 +$DIG $DIGOPTS +edns +tcp @10.53.0.5 plain-notcp soa > dig.out.2.test$n && ret=1 +grep "connection refused" dig.out.2.test$n > /dev/null || ret=1 +if [ $ret != 0 ]; then echo_i "failed"; fi +status=$((status + ret)) + +n=$((n + 1)) +echo_i "checking recursive lookup to plain dns + no tcp server succeeds ($n)" +ret=0 +resolution_succeeds plain-notcp. || ret=1 +if [ $ret != 0 ]; then echo_i "failed"; fi +status=$((status + ret)) +n=$((n + 1)) + +echo_i "checking edns 512 server setup ($n)" +ret=0 +$DIG $DIGOPTS +edns @10.53.0.6 edns512 txt > dig.out.1.test$n || ret=1 +grep "status: NOERROR" dig.out.1.test$n > /dev/null || ret=1 +grep "EDNS: version:" dig.out.1.test$n > /dev/null || ret=1 +$DIG $DIGOPTS +edns +tcp @10.53.0.6 edns512 txt > dig.out.2.test$n || ret=1 +grep "status: NOERROR" dig.out.2.test$n > /dev/null || ret=1 +grep "EDNS: version:" dig.out.2.test$n > /dev/null || ret=1 +$DIG $DIGOPTS +edns +dnssec @10.53.0.6 edns512 txt > dig.out.3.test$n && ret=1 +grep "timed out" dig.out.3.test$n > /dev/null || ret=1 +grep ";; no servers could be reached" dig.out.3.test$n > /dev/null || ret=1 +$DIG $DIGOPTS +edns +dnssec +bufsize=512 +ignore @10.53.0.6 edns512 soa > dig.out.4.test$n || ret=1 +grep "status: NOERROR" dig.out.4.test$n > /dev/null || ret=1 +grep "EDNS: version:" dig.out.4.test$n > /dev/null || ret=1 +grep "flags:.* tc[ ;]" dig.out.4.test$n > /dev/null || ret=1 +if [ $ret != 0 ]; then echo_i "failed"; fi +status=$((status + ret)) + +n=$((n + 1)) +echo_i "checking recursive lookup to edns 512 server succeeds ($n)" +ret=0 +retry_quiet 3 resolution_succeeds edns512. || ret=1 +if [ $ret != 0 ]; then echo_i "failed"; fi +status=$((status + ret)) + +n=$((n + 1)) +echo_i "checking edns 512 + no tcp server setup ($n)" +ret=0 +$DIG $DIGOPTS +edns @10.53.0.7 edns512-notcp soa > dig.out.1.test$n || ret=1 +grep "status: NOERROR" dig.out.1.test$n > /dev/null || ret=1 +grep "EDNS: version:" dig.out.1.test$n > /dev/null || ret=1 +$DIG $DIGOPTS +edns +tcp @10.53.0.7 edns512-notcp soa > dig.out.2.test$n && ret=1 +grep "connection refused" dig.out.2.test$n > /dev/null || ret=1 +$DIG $DIGOPTS +edns +dnssec @10.53.0.7 edns512-notcp soa > dig.out.3.test$n && ret=1 +grep "timed out" dig.out.3.test$n > /dev/null || ret=1 +grep ";; no servers could be reached" dig.out.3.test$n > /dev/null || ret=1 +$DIG $DIGOPTS +edns +dnssec +bufsize=512 +ignore @10.53.0.7 edns512-notcp soa > dig.out.4.test$n || ret=1 +grep "status: NOERROR" dig.out.4.test$n > /dev/null || ret=1 +grep "EDNS: version:" dig.out.4.test$n > /dev/null || ret=1 +grep "flags:.* tc[ ;]" dig.out.4.test$n > /dev/null || ret=1 +if [ $ret != 0 ]; then echo_i "failed"; fi +status=$((status + ret)) + +n=$((n + 1)) +echo_i "checking recursive lookup to edns 512 + no tcp server fails ($n)" +ret=0 +resolution_fails edns512-notcp. || ret=1 +if [ $ret != 0 ]; then echo_i "failed"; fi +status=$((status + ret)) + +n=$((n + 1)) +echo_i "checking recursive lookup to edns 512 + no tcp server does not cause query loops ($n)" +ret=0 +sent=$(grep -c -F "sending packet to 10.53.0.7" ns1/named.run) +if [ $sent -ge 10 ]; then + echo_i "ns1 sent $sent queries to ns7, expected less than 10" + ret=1 +fi +if [ $ret != 0 ]; then echo_i "failed"; fi +status=$((status + ret)) + +stop_server --use-rndc --port ${CONTROLPORT} ns1 +copy_setports ns1/named2.conf.in ns1/named.conf +start_server --noclean --restart --port ${PORT} ns1 + +n=$((n + 1)) +echo_i "checking recursive lookup to edns 512 + no tcp + trust anchor fails ($n)" +# retry loop in case the server restart above causes transient failure +for try in 0 1 2 3 4 5 6 7 8 9; do + ret=0 + resolution_fails edns512-notcp. || ret=1 + [ "$ret" -eq 0 ] && break + sleep 1 +done +if [ $ret != 0 ]; then echo_i "failed"; fi +status=$((status + ret)) + +echo_i "exit status: $status" +[ $status -eq 0 ] || exit 1 diff --git a/bin/tests/system/legacy/tests_sh_legacy.py b/bin/tests/system/legacy/tests_sh_legacy.py new file mode 100644 index 0000000..ded36f0 --- /dev/null +++ b/bin/tests/system/legacy/tests_sh_legacy.py @@ -0,0 +1,14 @@ +# Copyright (C) Internet Systems Consortium, Inc. ("ISC") +# +# SPDX-License-Identifier: MPL-2.0 +# +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, you can obtain one at https://mozilla.org/MPL/2.0/. +# +# See the COPYRIGHT file distributed with this work for additional +# information regarding copyright ownership. + + +def test_legacy(run_tests_sh): + run_tests_sh() |