explicitly set dnssec-validation in system tests

the default value of dnssec-validation is 'auto', which causes a server to send a key refresh query to the root zone when starting up. this is undesirable behavior in system tests, so this commit sets dnssec-validation to either 'yes' or 'no' in all tests where it had not previously been set. this change had the mostly-harmless side effect of changing the cached trust level of unvalidated answer data from 'answer' to 'authanswer', which caused a few test cases in which dumped cache data was examined in the serve-stale system test to fail. those test cases have now been updated to expect 'authanswer'.
2026-03-09 09:40:45 -04:00 · 2023-06-01 17:14:49 -07:00 · 2023-06-01 17:14:49 -07:00 · 0b09ee8cdc
commit 0b09ee8cdc
parent 73b09653d4
209 changed files with 212 additions and 4 deletions
--- a/bin/tests/system/acl/ns2/named1.conf.in
+++ b/bin/tests/system/acl/ns2/named1.conf.in
@ -32,6 +32,7 @@ options {
 	notify yes;
 	ixfr-from-differences yes;
 	check-integrity no;
+	dnssec-validation no;
 };

 key one {
--- a/bin/tests/system/acl/ns2/named2.conf.in
+++ b/bin/tests/system/acl/ns2/named2.conf.in
@ -32,6 +32,7 @@ options {
 	notify yes;
 	ixfr-from-differences yes;
 	check-integrity no;
+	dnssec-validation no;
 };

 key one {
--- a/bin/tests/system/acl/ns2/named3.conf.in
+++ b/bin/tests/system/acl/ns2/named3.conf.in
@ -32,6 +32,7 @@ options {
 	notify yes;
 	ixfr-from-differences yes;
 	check-integrity no;
+	dnssec-validation no;
 };

 key one {
--- a/bin/tests/system/acl/ns2/named4.conf.in
+++ b/bin/tests/system/acl/ns2/named4.conf.in
@ -32,6 +32,7 @@ options {
 	notify yes;
 	ixfr-from-differences yes;
 	check-integrity no;
+	dnssec-validation no;
 };

 key one {
--- a/bin/tests/system/acl/ns2/named5.conf.in
+++ b/bin/tests/system/acl/ns2/named5.conf.in
@ -32,6 +32,7 @@ options {
 	notify yes;
 	ixfr-from-differences yes;
 	check-integrity no;
+	dnssec-validation no;
 	allow-query-on { 10.53.0.2; };
 	blackhole { 10.53.0.8; };
 };
--- a/bin/tests/system/acl/ns3/named.conf.in
+++ b/bin/tests/system/acl/ns3/named.conf.in
@ -23,6 +23,7 @@ options {
 	notify no;
 	allow-new-zones yes;
 	allow-transfer { none; };
+	dnssec-validation no;
 };

 controls {
--- a/bin/tests/system/acl/ns4/named.conf.in
+++ b/bin/tests/system/acl/ns4/named.conf.in
@ -23,6 +23,7 @@ options {
 	notify no;
 	allow-new-zones yes;
 	allow-transfer { none; };
+	dnssec-validation no;
 };

 controls {
--- a/bin/tests/system/additional/ns2/named.conf.in
+++ b/bin/tests/system/additional/ns2/named.conf.in
@ -22,6 +22,7 @@ options {
 	listen-on-v6 { none; };
 	notify no;
 	minimal-responses yes;
+	dnssec-validation no;
 };

 zone "." {
--- a/bin/tests/system/addzone/ns1/named.conf.in
+++ b/bin/tests/system/addzone/ns1/named.conf.in
@ -28,6 +28,7 @@ options {
 	allow-query { any; };
 	allow-new-zones yes;
 	recursion no;
+	dnssec-validation no;
 };

 zone "." {
--- a/bin/tests/system/addzone/ns2/named1.conf.in
+++ b/bin/tests/system/addzone/ns2/named1.conf.in
@ -19,6 +19,7 @@ options {
 	allow-query { any; };
 	recursion no;
 	allow-new-zones yes;
+	dnssec-validation no;
 };

 include "../../common/rndc.key";
--- a/bin/tests/system/addzone/ns2/named2.conf.in
+++ b/bin/tests/system/addzone/ns2/named2.conf.in
@ -24,6 +24,7 @@ options {
 	listen-on { 10.53.0.2; 10.53.0.4; };
 	listen-on-v6 { none; };
 	recursion no;
+	dnssec-validation no;
 };

 view internal {
--- a/bin/tests/system/addzone/ns2/named3.conf.in
+++ b/bin/tests/system/addzone/ns2/named3.conf.in
@ -24,6 +24,7 @@ options {
 	listen-on-v6 { none; };
 	recursion no;
 	new-zones-directory "new-zones";
+	dnssec-validation no;
 };

 view internal {
--- a/bin/tests/system/addzone/ns3/named1.conf.in
+++ b/bin/tests/system/addzone/ns3/named1.conf.in
@ -25,6 +25,7 @@ options {
 	allow-query { any; };
 	recursion no;
 	allow-new-zones yes;
+	dnssec-validation no;
 };

 zone "." {
--- a/bin/tests/system/addzone/ns3/named2.conf.in
+++ b/bin/tests/system/addzone/ns3/named2.conf.in
@ -25,4 +25,5 @@ options {
 	allow-query { any; };
 	recursion no;
 	allow-new-zones yes;
+	dnssec-validation no;
 };
--- a/bin/tests/system/allow-query/ns1/named.conf.in
+++ b/bin/tests/system/allow-query/ns1/named.conf.in
@ -17,6 +17,7 @@ options {
 	listen-on { 10.53.0.1; };
 	listen-on-v6 { none; };
 	recursion no;
+	dnssec-validation no;
 };

 zone "." {
--- a/bin/tests/system/allow-query/ns2/named01.conf.in
+++ b/bin/tests/system/allow-query/ns2/named01.conf.in
@ -17,6 +17,7 @@ options {
 	listen-on { 10.53.0.2; };
 	listen-on-v6 { none; };
 	recursion no;
+	dnssec-validation no;
 };

 include "controls.conf";
--- a/bin/tests/system/allow-query/ns2/named02.conf.in
+++ b/bin/tests/system/allow-query/ns2/named02.conf.in
@ -18,6 +18,7 @@ options {
 	listen-on-v6 { none; };
 	recursion no;
 	allow-query { any; };
+	dnssec-validation no;
 };

 include "controls.conf";
--- a/bin/tests/system/allow-query/ns2/named03.conf.in
+++ b/bin/tests/system/allow-query/ns2/named03.conf.in
@ -18,6 +18,7 @@ options {
 	listen-on-v6 { none; };
 	recursion no;
 	allow-query { none; };
+	dnssec-validation no;
 };

 include "controls.conf";
--- a/bin/tests/system/allow-query/ns2/named04.conf.in
+++ b/bin/tests/system/allow-query/ns2/named04.conf.in
@ -18,6 +18,7 @@ options {
 	listen-on-v6 { none; };
 	recursion no;
 	allow-query { 10.53.0.2; };
+	dnssec-validation no;
 };

 include "controls.conf";
--- a/bin/tests/system/allow-query/ns2/named05.conf.in
+++ b/bin/tests/system/allow-query/ns2/named05.conf.in
@ -18,6 +18,7 @@ options {
 	listen-on-v6 { none; };
 	recursion no;
 	allow-query { 10.53.0.1; };
+	dnssec-validation no;
 };

 include "controls.conf";
--- a/bin/tests/system/allow-query/ns2/named06.conf.in
+++ b/bin/tests/system/allow-query/ns2/named06.conf.in
@ -18,6 +18,7 @@ options {
 	listen-on-v6 { none; };
 	recursion no;
 	allow-query {! 10.53.0.2; };
+	dnssec-validation no;
 };

 include "controls.conf";
--- a/bin/tests/system/allow-query/ns2/named07.conf.in
+++ b/bin/tests/system/allow-query/ns2/named07.conf.in
@ -20,6 +20,7 @@ options {
 	listen-on-v6 { none; };
 	recursion no;
 	allow-query { accept; };
+	dnssec-validation no;
 };

 include "controls.conf";
--- a/bin/tests/system/allow-query/ns2/named08.conf.in
+++ b/bin/tests/system/allow-query/ns2/named08.conf.in
@ -20,6 +20,7 @@ options {
 	listen-on-v6 { none; };
 	recursion no;
 	allow-query { accept; };
+	dnssec-validation no;
 };

 include "controls.conf";
--- a/bin/tests/system/allow-query/ns2/named09.conf.in
+++ b/bin/tests/system/allow-query/ns2/named09.conf.in
@ -20,6 +20,7 @@ options {
 	listen-on-v6 { none; };
 	recursion no;
 	allow-query {! accept; };
+	dnssec-validation no;
 };

 include "controls.conf";
--- a/bin/tests/system/allow-query/ns2/named10.conf.in
+++ b/bin/tests/system/allow-query/ns2/named10.conf.in
@ -23,6 +23,7 @@ options {
 	listen-on-v6 { none; };
 	recursion no;
 	allow-query { key one; };
+	dnssec-validation no;
 };

 include "controls.conf";
--- a/bin/tests/system/allow-query/ns2/named11.conf.in
+++ b/bin/tests/system/allow-query/ns2/named11.conf.in
@ -29,6 +29,7 @@ options {
 	listen-on-v6 { none; };
 	recursion no;
 	allow-query { key one; };
+	dnssec-validation no;
 };

 include "controls.conf";
--- a/bin/tests/system/allow-query/ns2/named12.conf.in
+++ b/bin/tests/system/allow-query/ns2/named12.conf.in
@ -23,6 +23,7 @@ options {
 	listen-on-v6 { none; };
 	recursion no;
 	allow-query {! key one; };
+	dnssec-validation no;
 };

 include "controls.conf";
--- a/bin/tests/system/allow-query/ns2/named21.conf.in
+++ b/bin/tests/system/allow-query/ns2/named21.conf.in
@ -17,6 +17,7 @@ options {
 	listen-on { 10.53.0.2; };
 	listen-on-v6 { none; };
 	recursion no;
+	dnssec-validation no;
 };

 include "controls.conf";
--- a/bin/tests/system/allow-query/ns2/named22.conf.in
+++ b/bin/tests/system/allow-query/ns2/named22.conf.in
@ -17,6 +17,7 @@ options {
 	listen-on { 10.53.0.2; };
 	listen-on-v6 { none; };
 	recursion no;
+	dnssec-validation no;
 };

 include "controls.conf";
--- a/bin/tests/system/allow-query/ns2/named23.conf.in
+++ b/bin/tests/system/allow-query/ns2/named23.conf.in
@ -17,6 +17,7 @@ options {
 	listen-on { 10.53.0.2; };
 	listen-on-v6 { none; };
 	recursion no;
+	dnssec-validation no;
 };

 include "controls.conf";
--- a/bin/tests/system/allow-query/ns2/named24.conf.in
+++ b/bin/tests/system/allow-query/ns2/named24.conf.in
@ -17,6 +17,7 @@ options {
 	listen-on { 10.53.0.2; };
 	listen-on-v6 { none; };
 	recursion no;
+	dnssec-validation no;
 };

 include "controls.conf";
--- a/bin/tests/system/allow-query/ns2/named25.conf.in
+++ b/bin/tests/system/allow-query/ns2/named25.conf.in
@ -17,6 +17,7 @@ options {
 	listen-on { 10.53.0.2; };
 	listen-on-v6 { none; };
 	recursion no;
+	dnssec-validation no;
 };

 include "controls.conf";
--- a/bin/tests/system/allow-query/ns2/named26.conf.in
+++ b/bin/tests/system/allow-query/ns2/named26.conf.in
@ -17,6 +17,7 @@ options {
 	listen-on { 10.53.0.2; };
 	listen-on-v6 { none; };
 	recursion no;
+	dnssec-validation no;
 };

 include "controls.conf";
--- a/bin/tests/system/allow-query/ns2/named27.conf.in
+++ b/bin/tests/system/allow-query/ns2/named27.conf.in
@ -19,6 +19,7 @@ options {
 	listen-on { 10.53.0.2; };
 	listen-on-v6 { none; };
 	recursion no;
+	dnssec-validation no;
 };

 include "controls.conf";
--- a/bin/tests/system/allow-query/ns2/named28.conf.in
+++ b/bin/tests/system/allow-query/ns2/named28.conf.in
@ -19,6 +19,7 @@ options {
 	listen-on { 10.53.0.2; };
 	listen-on-v6 { none; };
 	recursion no;
+	dnssec-validation no;
 };

 include "controls.conf";
--- a/bin/tests/system/allow-query/ns2/named29.conf.in
+++ b/bin/tests/system/allow-query/ns2/named29.conf.in
@ -19,6 +19,7 @@ options {
 	listen-on { 10.53.0.2; };
 	listen-on-v6 { none; };
 	recursion no;
+	dnssec-validation no;
 };

 include "controls.conf";
--- a/bin/tests/system/allow-query/ns2/named30.conf.in
+++ b/bin/tests/system/allow-query/ns2/named30.conf.in
@ -22,6 +22,7 @@ options {
 	listen-on { 10.53.0.2; };
 	listen-on-v6 { none; };
 	recursion no;
+	dnssec-validation no;
 };

 include "controls.conf";
--- a/bin/tests/system/allow-query/ns2/named31.conf.in
+++ b/bin/tests/system/allow-query/ns2/named31.conf.in
@ -29,6 +29,7 @@ options {
 	listen-on-v6 { none; };
 	recursion no;
 	allow-query { key one; };
+	dnssec-validation no;
 };

 include "controls.conf";
--- a/bin/tests/system/allow-query/ns2/named32.conf.in
+++ b/bin/tests/system/allow-query/ns2/named32.conf.in
@ -22,6 +22,7 @@ options {
 	listen-on { 10.53.0.2; };
 	listen-on-v6 { none; };
 	recursion no;
+	dnssec-validation no;
 };

 include "controls.conf";
--- a/bin/tests/system/allow-query/ns2/named33.conf.in
+++ b/bin/tests/system/allow-query/ns2/named33.conf.in
@ -18,6 +18,7 @@ options {
 	listen-on-v6 { none; };
 	recursion no;
 	allow-query { none; };
+	dnssec-validation no;
 };

 include "controls.conf";
--- a/bin/tests/system/allow-query/ns2/named34.conf.in
+++ b/bin/tests/system/allow-query/ns2/named34.conf.in
@ -18,6 +18,7 @@ options {
 	listen-on-v6 { none; };
 	recursion no;
 	allow-query { any; };
+	dnssec-validation no;
 };

 include "controls.conf";
--- a/bin/tests/system/allow-query/ns2/named40.conf.in
+++ b/bin/tests/system/allow-query/ns2/named40.conf.in
@ -31,6 +31,7 @@ options {
 	listen-on { 10.53.0.2; };
 	listen-on-v6 { none; };
 	recursion no;
+	dnssec-validation no;
 };

 include "controls.conf";
--- a/bin/tests/system/allow-query/ns2/named53.conf.in
+++ b/bin/tests/system/allow-query/ns2/named53.conf.in
@ -18,6 +18,7 @@ options {
 	listen-on-v6 { none; };
 	recursion no;
 	allow-query { none; };
+	dnssec-validation no;
 };

 include "controls.conf";
--- a/bin/tests/system/allow-query/ns2/named54.conf.in
+++ b/bin/tests/system/allow-query/ns2/named54.conf.in
@ -18,6 +18,7 @@ options {
 	listen-on-v6 { none; };
 	recursion no;
 	allow-query { any; };
+	dnssec-validation no;
 };

 include "controls.conf";
--- a/bin/tests/system/allow-query/ns2/named55.conf.in
+++ b/bin/tests/system/allow-query/ns2/named55.conf.in
@ -17,6 +17,7 @@ options {
 	listen-on { 10.53.0.2; };
 	listen-on-v6 { none; };
 	recursion no;
+	dnssec-validation no;
 };

 include "controls.conf";
--- a/bin/tests/system/allow-query/ns2/named56.conf.in
+++ b/bin/tests/system/allow-query/ns2/named56.conf.in
@ -17,6 +17,7 @@ options {
 	listen-on { 10.53.0.2; };
 	listen-on-v6 { none; };
 	recursion no;
+	dnssec-validation no;
 };

 include "controls.conf";
--- a/bin/tests/system/allow-query/ns2/named57.conf.in
+++ b/bin/tests/system/allow-query/ns2/named57.conf.in
@ -17,6 +17,7 @@ options {
 	listen-on { 10.53.0.2; };
 	listen-on-v6 { none; };
 	recursion no;
+	dnssec-validation no;
 };

 include "controls.conf";
--- a/bin/tests/system/auth/ns1/named.conf.in
+++ b/bin/tests/system/auth/ns1/named.conf.in
@ -21,6 +21,7 @@ options {
 	listen-on-v6 { none; };
 	recursion no;
 	notify yes;
+	dnssec-validation no;
 };

 view main in {
--- a/bin/tests/system/auth/ns2/named.conf.in
+++ b/bin/tests/system/auth/ns2/named.conf.in
@ -21,6 +21,7 @@ options {
 	listen-on-v6 { none; };
 	recursion yes;
 	notify no;
+	dnssec-validation no;
 };

 zone example.net {
--- a/bin/tests/system/builtin/ns1/named.conf.in
+++ b/bin/tests/system/builtin/ns1/named.conf.in
@ -27,4 +27,5 @@ options {
 	listen-on-v6 { none; };
 	recursion yes;
 	notify no;
+	dnssec-validation no;
 };
--- a/bin/tests/system/builtin/ns2/named.conf.in
+++ b/bin/tests/system/builtin/ns2/named.conf.in
@ -28,4 +28,5 @@ options {
 	recursion yes;
 	notify no;
 	server-id hostname;
+	dnssec-validation no;
 };
--- a/bin/tests/system/builtin/ns3/named.conf.in
+++ b/bin/tests/system/builtin/ns3/named.conf.in
@ -30,4 +30,5 @@ options {
 	hostname "this.is.a.test.of.hostname";
 	server-id "this.is.a.test.of.server-id";
 	version "this is a test of version";
+	dnssec-validation no;
 };
--- a/bin/tests/system/case/ns1/named.conf.in
+++ b/bin/tests/system/case/ns1/named.conf.in
@ -24,6 +24,7 @@ options {
 	ixfr-from-differences yes;
 	check-integrity no;
 	minimal-responses no;
+	dnssec-validation no;
 };

 zone "example" {
--- a/bin/tests/system/case/ns2/named.conf.in
+++ b/bin/tests/system/case/ns2/named.conf.in
@ -25,6 +25,7 @@ options {
 	check-integrity no;
 	no-case-compress { 10.53.0.2; };
 	minimal-responses no;
+	dnssec-validation no;
 };

 zone "example" {
--- a/bin/tests/system/catz/ns1/named.conf.in
+++ b/bin/tests/system/catz/ns1/named.conf.in
@ -33,6 +33,7 @@ options {
 	notify-delay 0;
 	recursion no;
 	allow-transfer { any; };
+	dnssec-validation no;
 };

 view "default" {
--- a/bin/tests/system/catz/ns2/named1.conf.in
+++ b/bin/tests/system/catz/ns2/named1.conf.in
@ -29,6 +29,7 @@ options {
 	notify-delay 0;
 	recursion no;
 	serial-query-rate 100;
+	dnssec-validation no;
 };

 /*
--- a/bin/tests/system/catz/ns2/named2.conf.in
+++ b/bin/tests/system/catz/ns2/named2.conf.in
@ -29,6 +29,7 @@ options {
 	notify-delay 0;
 	recursion no;
 	serial-query-rate 100;
+	dnssec-validation no;
 };

 view "default" {
--- a/bin/tests/system/catz/ns3/named.conf.in
+++ b/bin/tests/system/catz/ns3/named.conf.in
@ -30,6 +30,7 @@ options {
 	notify no;
 	notify-delay 0;
 	recursion no;
+	dnssec-validation no;
 };

 zone "catalog2.example" {
--- a/bin/tests/system/catz/ns4/named.conf.in
+++ b/bin/tests/system/catz/ns4/named.conf.in
@ -31,6 +31,7 @@ options {
 	recursion no;
 	serial-query-rate 100;
 	ixfr-from-differences yes; // GL #3777
+	dnssec-validation no;

 	catalog-zones {
 		zone "catalog-tls.example"
--- a/bin/tests/system/checkds/ns10/named.conf.in
+++ b/bin/tests/system/checkds/ns10/named.conf.in
@ -23,6 +23,7 @@ options {
 	listen-on-v6 { none; };
 	allow-transfer { any; };
 	recursion no;
+	dnssec-validation no;
 };

 key rndc_key {
--- a/bin/tests/system/checkds/ns2/named.conf.in
+++ b/bin/tests/system/checkds/ns2/named.conf.in
@ -23,6 +23,7 @@ options {
 	listen-on-v6 { none; };
 	allow-transfer { any; };
 	recursion no;
+	dnssec-validation no;
 };

 key rndc_key {
--- a/bin/tests/system/checkds/ns4/named.conf.in
+++ b/bin/tests/system/checkds/ns4/named.conf.in
@ -23,6 +23,7 @@ options {
 	listen-on-v6 { none; };
 	allow-transfer { any; };
 	recursion no;
+	dnssec-validation no;
 };

 key rndc_key {
--- a/bin/tests/system/checkds/ns5/named.conf.in
+++ b/bin/tests/system/checkds/ns5/named.conf.in
@ -23,6 +23,7 @@ options {
 	listen-on-v6 { none; };
 	allow-transfer { any; };
 	recursion no;
+	dnssec-validation no;
 };

 key rndc_key {
--- a/bin/tests/system/checkds/ns6/named.conf.in
+++ b/bin/tests/system/checkds/ns6/named.conf.in
@ -23,6 +23,7 @@ options {
 	listen-on-v6 { none; };
 	allow-transfer { any; };
 	recursion no;
+	dnssec-validation no;
 };

 key rndc_key {
--- a/bin/tests/system/checkds/ns7/named.conf.in
+++ b/bin/tests/system/checkds/ns7/named.conf.in
@ -23,6 +23,7 @@ options {
 	listen-on-v6 { none; };
 	allow-transfer { any; };
 	recursion no;
+	dnssec-validation no;
 };

 key rndc_key {
--- a/bin/tests/system/checkds/ns8/named.conf.in
+++ b/bin/tests/system/checkds/ns8/named.conf.in
@ -23,6 +23,7 @@ options {
 	listen-on-v6 { none; };
 	allow-transfer { any; };
 	recursion no;
+	dnssec-validation no;
 };

 key rndc_key {
--- a/bin/tests/system/checkds/ns9/named.conf.in
+++ b/bin/tests/system/checkds/ns9/named.conf.in
@ -25,6 +25,7 @@ options {
 	listen-on-v6 { none; };
 	allow-transfer { any; };
 	recursion no;
+	dnssec-validation yes;
 };

 key rndc_key {
--- a/bin/tests/system/cookie/ns7/named.conf.in
+++ b/bin/tests/system/cookie/ns7/named.conf.in
@ -23,6 +23,7 @@ options {
 	answer-cookie no;
 	send-cookie yes;
 	nocookie-udp-size 512;
+	dnssec-validation no;
 };

 zone "." {
--- a/bin/tests/system/dispatch/ns1/named.conf.in
+++ b/bin/tests/system/dispatch/ns1/named.conf.in
@ -36,6 +36,7 @@ options {

 	recursion no;
 	servfail-ttl 0;
+	dnssec-validation no;
 };

 zone "." {
--- a/bin/tests/system/dispatch/ns2/named.conf.in
+++ b/bin/tests/system/dispatch/ns2/named.conf.in
@ -36,6 +36,7 @@ options {

 	recursion yes;
 	servfail-ttl 0;
+	dnssec-validation no;
 };

 zone "." {
--- a/bin/tests/system/dlzexternal/ns1/named.conf.in
+++ b/bin/tests/system/dlzexternal/ns1/named.conf.in
@ -23,6 +23,7 @@ options {
 	allow-transfer { !10.53.0.1; any; };
 	recursion no;
 	notify yes;
+	dnssec-validation no;
 };

 key rndc_key {
--- a/bin/tests/system/dnssec/ns4/named5.conf.in
+++ b/bin/tests/system/dnssec/ns4/named5.conf.in
@ -22,6 +22,7 @@ options {
 	listen-on { 10.53.0.4; };
 	listen-on-v6 { none; };
 	bindkeys-file "managed.conf";
+	dnssec-validation no;
 };

 key rndc_key {
--- a/bin/tests/system/dnssec/ns5/named2.conf.in
+++ b/bin/tests/system/dnssec/ns5/named2.conf.in
@ -31,6 +31,7 @@ options {
 	listen-on { 10.53.0.5; 127.0.0.1; };
 	listen-on-v6 { none; };
 	recursion yes;
+	dnssec-validation yes;
 };

 view root {
--- a/bin/tests/system/dupsigs/ns1/named.conf.in
+++ b/bin/tests/system/dupsigs/ns1/named.conf.in
@ -18,6 +18,7 @@ options {
 	listen-on { 10.53.0.1; };
 	listen-on-v6 { none; };
 	pid-file "named.pid";
+	dnssec-validation no;
 };

 zone "signing.test" {
--- a/bin/tests/system/dyndb/ns1/named.conf.in
+++ b/bin/tests/system/dyndb/ns1/named.conf.in
@ -24,6 +24,7 @@ options {
 	listen-on-v6 { none; };
 	recursion no;
 	notify yes;
+	dnssec-validation no;
 };

 key rndc_key {
--- a/bin/tests/system/ednscompliance/ns1/named.conf.in
+++ b/bin/tests/system/ednscompliance/ns1/named.conf.in
@ -20,6 +20,7 @@ options {
 	listen-on { 10.53.0.1; };
 	listen-on-v6 { none; };
 	recursion no;
+	dnssec-validation no;
 };

 zone "." {
--- a/bin/tests/system/emptyzones/ns1/named1.conf.in
+++ b/bin/tests/system/emptyzones/ns1/named1.conf.in
@ -29,6 +29,7 @@ options {
 	listen-on { 10.53.0.1; };
 	listen-on-v6 { none; };
 	recursion yes;
+	dnssec-validation no;
 	deny-answer-addresses { 192.0.2.0/24; 2001:db8:beef::/48; }
 		 except-from { "example.org"; };
 	deny-answer-aliases { "example.org"; }
--- a/bin/tests/system/emptyzones/ns1/named2.conf.in
+++ b/bin/tests/system/emptyzones/ns1/named2.conf.in
@ -29,6 +29,7 @@ options {
 	listen-on { 10.53.0.1; };
 	listen-on-v6 { none; };
 	recursion yes;
+	dnssec-validation no;
 	deny-answer-addresses { 192.0.2.0/24; 2001:db8:beef::/48; }
 		 except-from { "example.org"; };
 	deny-answer-aliases { "example.org"; }
--- a/bin/tests/system/formerr/ns1/named.conf.in
+++ b/bin/tests/system/formerr/ns1/named.conf.in
@ -20,6 +20,7 @@ options {
 	listen-on { 10.53.0.1; };
 	listen-on-v6 { none; };
 	recursion no;
+	dnssec-validation no;
 };

 zone "." {
--- a/bin/tests/system/forward/ns10/named.conf.in
+++ b/bin/tests/system/forward/ns10/named.conf.in
@ -20,6 +20,7 @@ options {
 	listen-on { 10.53.0.10; };
 	listen-on-v6 { none; };
 	minimal-responses no;
+	dnssec-validation no;
 };

 zone "net." {
--- a/bin/tests/system/glue/ns1/named.conf.in
+++ b/bin/tests/system/glue/ns1/named.conf.in
@ -21,6 +21,7 @@ options {
 	listen-on-v6 { none; };
 	recursion yes;
 	notify no;
+	dnssec-validation no;
 };

 zone "." {
--- a/bin/tests/system/host/ns1/named.conf.in
+++ b/bin/tests/system/host/ns1/named.conf.in
@ -20,6 +20,7 @@ options {
 	listen-on { 10.53.0.1; };
 	listen-on-v6 { none; };
 	recursion no;
+	dnssec-validation no;
 };

 zone "example" {
--- a/bin/tests/system/include-multiplecfg/ns2/named.conf.in
+++ b/bin/tests/system/include-multiplecfg/ns2/named.conf.in
@ -18,6 +18,7 @@ options {
 	listen-on-v6 { none; };
 	recursion no;
        notify no;
+	dnssec-validation no;
 };

 # Should include all files matching pattern.
--- a/bin/tests/system/inline/ns2/named.conf.in
+++ b/bin/tests/system/inline/ns2/named.conf.in
@ -31,6 +31,7 @@ options {
 	notify yes;
 	notify-delay 0;
 	allow-new-zones yes;
+	dnssec-validation no;
 };

 zone "bits" {
--- a/bin/tests/system/inline/ns3/named.conf.in
+++ b/bin/tests/system/inline/ns3/named.conf.in
@ -32,6 +32,7 @@ options {
 	try-tcp-refresh no;
 	notify-delay 0;
 	allow-new-zones yes;
+	dnssec-validation no;
 };

 zone "bits" {
--- a/bin/tests/system/inline/ns4/named.conf.in
+++ b/bin/tests/system/inline/ns4/named.conf.in
@ -24,6 +24,7 @@ options {
 	recursion no;
 	notify yes;
 	notify-delay 0;
+	dnssec-validation no;
 };

 zone "noixfr" {
--- a/bin/tests/system/inline/ns6/named.conf.in
+++ b/bin/tests/system/inline/ns6/named.conf.in
@ -30,6 +30,7 @@ options {
 	recursion yes;
 	notify yes;
 	notify-delay 0;
+	dnssec-validation yes;
 };

 zone "." {
--- a/bin/tests/system/inline/ns8/named.conf.in
+++ b/bin/tests/system/inline/ns8/named.conf.in
@ -33,6 +33,7 @@ options {
 	try-tcp-refresh no;
 	notify-delay 0;
 	allow-new-zones yes;
+	dnssec-validation no;
 };

 zone "example01.com" {
--- a/bin/tests/system/integrity/ns1/named.conf.in
+++ b/bin/tests/system/integrity/ns1/named.conf.in
@ -23,6 +23,7 @@ options {
 	notify yes;
 	ixfr-from-differences yes;
 	check-integrity no;
+	dnssec-validation no;
 };

 zone "." {
--- a/bin/tests/system/ixfr/ns1/named.conf.in
+++ b/bin/tests/system/ixfr/ns1/named.conf.in
@ -21,6 +21,7 @@ options {
 	listen-on-v6 { none; };
 	recursion no;
 	notify yes;
+	dnssec-validation no;
 };

 key rndc_key {
--- a/bin/tests/system/ixfr/ns3/named.conf.in
+++ b/bin/tests/system/ixfr/ns3/named.conf.in
@ -22,6 +22,7 @@ options {
 	listen-on-v6 { none; };
 	recursion no;
 	notify yes;
+	dnssec-validation no;
 };

 key rndc_key {
--- a/bin/tests/system/ixfr/ns4/named.conf.in
+++ b/bin/tests/system/ixfr/ns4/named.conf.in
@ -21,6 +21,7 @@ options {
 	listen-on-v6 { none; };
 	recursion no;
 	notify yes;
+	dnssec-validation no;
 };

 key rndc_key {
--- a/bin/tests/system/ixfr/ns5/named.conf.in
+++ b/bin/tests/system/ixfr/ns5/named.conf.in
@ -22,6 +22,7 @@ options {
 	recursion no;
 	notify yes;
 	provide-ixfr no;
+	dnssec-validation no;
 };

 key rndc_key {
--- a/bin/tests/system/kasp/ns2/named.conf.in
+++ b/bin/tests/system/kasp/ns2/named.conf.in
@ -24,6 +24,7 @@ options {
 	allow-transfer { any; };
 	recursion no;
 	dnssec-policy "none";
+	dnssec-validation no;
 };

 key rndc_key {
--- a/bin/tests/system/kasp/ns3/named-fips.conf.in
+++ b/bin/tests/system/kasp/ns3/named-fips.conf.in
@ -27,6 +27,7 @@ options {
 	allow-transfer { any; };
 	recursion no;
 	dnssec-policy "rsasha256";
+	dnssec-validation no;
 };

 key rndc_key {
--- a/bin/tests/system/kasp/ns4/named.conf.in
+++ b/bin/tests/system/kasp/ns4/named.conf.in
@ -66,6 +66,7 @@ options {
 	listen-on-v6 { none; };
 	recursion no;
 	dnssec-policy "test";
+	dnssec-validation no;
 };

 view "inherit" {
--- a/bin/tests/system/kasp/ns5/named.conf.in
+++ b/bin/tests/system/kasp/ns5/named.conf.in
@ -51,6 +51,7 @@ options {
 	listen-on-v6 { none; };
 	recursion no;
 	dnssec-policy "none";
+	dnssec-validation no;
 };

 view "inherit" {
--- a/bin/tests/system/kasp/ns6/named.conf.in
+++ b/bin/tests/system/kasp/ns6/named.conf.in
@ -27,6 +27,7 @@ options {
 	allow-transfer { any; };
 	recursion no;
 	key-directory ".";
+	dnssec-validation no;
 };

 key rndc_key {
--- a/bin/tests/system/kasp/ns6/named2.conf.in
+++ b/bin/tests/system/kasp/ns6/named2.conf.in
@ -26,6 +26,7 @@ options {
 	listen-on-v6 { none; };
 	allow-transfer { any; };
 	recursion no;
+	dnssec-validation no;
 };

 key rndc_key {
--- a/bin/tests/system/keepalive/ns1/named.conf.in
+++ b/bin/tests/system/keepalive/ns1/named.conf.in
@ -21,6 +21,7 @@ options {
 	listen-on-v6 { none; };
 	recursion no;
 	notify yes;
+	dnssec-validation no;
 };

 key rndc_key {
--- a/Show more
+++ b/Show more