blob: 596b756933ee342069e392abc536fff6d266b785 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
|
# Copyright (C) Internet Systems Consortium, Inc. ("ISC")
#
# SPDX-License-Identifier: MPL-2.0
#
# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, you can obtain one at https://mozilla.org/MPL/2.0/.
#
# See the COPYRIGHT file distributed with this work for additional
# information regarding copyright ownership.
import glob
import struct
class RawFormatHeader(dict):
"""
A dictionary of raw-format header fields read from a zone file.
"""
fields = [
"format",
"version",
"dumptime",
"flags",
"sourceserial",
"lastxfrin",
]
def __init__(self, file_name):
header = struct.Struct(">IIIIII")
with open(file_name, "rb") as data:
header_data = data.read(header.size)
super().__init__(zip(self.fields, header.unpack_from(header_data)))
def test_unsigned_serial_number():
"""
Check whether all signed zone files in the "ns8" subdirectory contain the
serial number of the unsigned version of the zone in the raw-format header.
The test assumes that all "*.signed" files in the "ns8" subdirectory are in
raw format.
Notes:
- The actual zone signing and dumping happens while the tests.sh phase of
the "inline" system test is set up and run. This check only verifies
the outcome of those events; it does not initiate any signing or
dumping itself.
- example[0-9][0-9].com.db.signed files are initially signed by
dnssec-signzone while the others - by named.
"""
zones_with_unsigned_serial_missing = []
for signed_zone in sorted(glob.glob("ns8/*.signed")):
raw_header = RawFormatHeader(signed_zone)
# Ensure the unsigned serial number is placed where it is expected.
assert raw_header["format"] == 2
assert raw_header["version"] == 1
# Check whether the header flags indicate that the unsigned serial
# number is set and that the latter is indeed set.
if raw_header["flags"] & 0x02 == 0 or raw_header["sourceserial"] == 0:
zones_with_unsigned_serial_missing.append(signed_zone)
assert not zones_with_unsigned_serial_missing
|
