upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-05-28 04:34:54 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

clean up test output

Browse source 
- removed a few remaing places where output wasn't being passed
  through echo_i or cat_i
- added a "digcomp" function to conf.sh.in to send digcomp.pl output
  through cat_i and return the correct exit value
- set SYSTESTDIR when calling echo_i from nsX directories, so that
  the test name will always be printed correctly
- fixed a test name typo in conf.sh.in
This commit is contained in:
Evan Hunt 2018-02-24 00:48:50 -08:00
parent e656041fd7
commit 0e52fbd0b3
37 changed files with 286 additions and 229 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
bin/tests/system/addzone/tests.sh
View file

@ -100,7 +100,7 @@ $RNDCCMD 10.53.0.2 addzone 'missing.example { type master; file "missing.db"; };
grep "file not found" rndc.out.ns2.$n > /dev/null || ret=1
$DIG $DIGOPTS +all @10.53.0.2 a.missing.example a > dig.out.ns2.post.$n || ret=1
grep "status: REFUSED" dig.out.ns2.post.$n > /dev/null || ret=1
$PERL ../digcomp.pl dig.out.ns2.pre.$n dig.out.ns2.post.$n || ret=1
digcomp dig.out.ns2.pre.$n dig.out.ns2.post.$n || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`

6
bin/tests/system/autosign/ns3/keygen.sh
View file

@ -9,18 +9,18 @@
# See the COPYRIGHT file distributed with this work for additional
# information regarding copyright ownership.
# $Id: keygen.sh,v 1.15 2012/02/06 23:46:46 tbox Exp $
SYSTEMTESTTOP=../..
. $SYSTEMTESTTOP/conf.sh
SYSTESTDIR=autosign
dumpit () {
echo "D:${debug}: dumping ${1}"
cat "${1}" | sed 's/^/D:/'
}
setup () {
echo "I:setting up zone: $1"
echo_i "setting up zone: $1"
debug="$1"
zone="$1"
zonefile="${zone}.db"

2
bin/tests/system/autosign/setup.sh
View file

@ -22,5 +22,5 @@ copy_setports ns3/named.conf.in ns3/named.conf
copy_setports ns4/named.conf.in ns4/named.conf
copy_setports ns5/named.conf.in ns5/named.conf
echo "I:generating keys and preparing zones"
echo_i "generating keys and preparing zones"
cd ns1 && $SHELL keygen.sh

131
bin/tests/system/autosign/tests.sh
View file

@ -99,10 +99,10 @@ echo_i " resigned after the active KSK is deleted - stage 1: Verify that DNSKEY
echo_i " is initially signed with a KSK and not a ZSK. ($n)"
ret=0
$DIG $DIGOPTS @10.53.0.3 axfr inacksk3.example > dig.out.ns3.test$n
$DIG $DIGOPTS @10.53.0.3 axfr inacksk3.example > dig.out.ns3.test$n
zskid=`awk '$4 == "DNSKEY" && $5 == 256 { print }' dig.out.ns3.test$n |
$DSFROMKEY -A -2 -f - inacksk3.example | awk '{ print $4}' `
$DSFROMKEY -A -2 -f - inacksk3.example | awk '{ print $4}'`
grep "DNSKEY 7 2 " dig.out.ns3.test$n > /dev/null || ret=1
pattern="DNSKEY 7 2 [0-9]* [0-9]* [0-9]* ${zskid} "
@ -121,8 +121,8 @@ test $count -eq 3 || ret=1
awk='$4 == "RRSIG" && $5 == "DNSKEY" { printf "%05u\n", $11 }'
id=`awk "${awk}" dig.out.ns3.test$n`
$SETTIME -D now+5 ns3/Kinacksk3.example.+007+${id}
$RNDCCMD 10.53.0.3 loadkeys inacksk3.example
$SETTIME -D now+5 ns3/Kinacksk3.example.+007+${id} > /dev/null 2>&1
$RNDCCMD 10.53.0.3 loadkeys inacksk3.example 2>&1 | sed 's/^/ns3 /' | cat_i
n=`expr $n + 1`
if [ $ret != 0 ]; then echo_i "failed"; fi
@ -135,7 +135,7 @@ echo_i "check that zone with active and inactive ZSK and active KSK is properly"
echo_i " resigned after the active ZSK is deleted - stage 1: Verify that zone"
echo_i " is initially signed with a ZSK and not a KSK. ($n)"
ret=0
$DIG $DIGOPTS @10.53.0.3 axfr inaczsk3.example > dig.out.ns3.test$n
$DIG $DIGOPTS @10.53.0.3 axfr inaczsk3.example > dig.out.ns3.test$n
kskid=`awk '$4 == "DNSKEY" && $5 == 257 { print }' dig.out.ns3.test$n |
$DSFROMKEY -2 -f - inaczsk3.example | awk '{ print $4}' `
grep "CNAME 7 3 " dig.out.ns3.test$n > /dev/null || ret=1
@ -149,8 +149,8 @@ count=`awk 'BEGIN { count = 0 }
END {print count}' dig.out.ns3.test$n`
test $count -eq 3 || ret=1
id=`awk '$4 == "RRSIG" && $5 == "CNAME" { printf "%05u\n", $11 }' dig.out.ns3.test$n`
$SETTIME -D now+5 ns3/Kinaczsk3.example.+007+${id}
$RNDCCMD 10.53.0.3 loadkeys inaczsk3.example
$SETTIME -D now+5 ns3/Kinaczsk3.example.+007+${id} > /dev/null 2>&1
$RNDCCMD 10.53.0.3 loadkeys inaczsk3.example 2>&1 | sed 's/^/ns3 /' | cat_i
n=`expr $n + 1`
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
@ -219,7 +219,7 @@ status=`expr $status + $ret`
echo_i "checking for nsec3param signing record ($n)"
ret=0
$RNDCCMD 10.53.0.3 signing -list autonsec3.example. > signing.out.test$n 2>&1
$RNDCCMD 10.53.0.3 signing -list autonsec3.example. > signing.out.test$n 2>&1 | sed 's/^/ns3 /' | cat_i
grep "Pending NSEC3 chain 1 0 20 DEAF" signing.out.test$n > /dev/null || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo_i "failed"; fi
@ -248,7 +248,7 @@ zsk=`cat autozsk.key`
ksk=`cat autoksk.key`
$SETTIME -K ns3 -P now -A now $zsk > /dev/null 2>&1
$SETTIME -K ns3 -P now -A now $ksk > /dev/null 2>&1
$RNDCCMD 10.53.0.3 loadkeys autonsec3.example. 2>&1 | sed 's/^/I:ns3 /'
$RNDCCMD 10.53.0.3 loadkeys autonsec3.example. 2>&1 | sed 's/^/ns3 /' | cat_i
echo_i "waiting for changes to take effect"
sleep 3
@ -301,9 +301,9 @@ status=`expr $status + $ret`
# Send rndc sync command to ns1, ns2 and ns3, to force the dynamically
# signed zones to be dumped to their zone files
echo_i "dumping zone files"
$RNDCCMD 10.53.0.1 sync 2>&1 | sed 's/^/I:ns1 /'
$RNDCCMD 10.53.0.2 sync 2>&1 | sed 's/^/I:ns2 /'
$RNDCCMD 10.53.0.3 sync 2>&1 | sed 's/^/I:ns3 /'
$RNDCCMD 10.53.0.1 sync 2>&1 | sed 's/^/ns1 /' | cat_i
$RNDCCMD 10.53.0.2 sync 2>&1 | sed 's/^/ns2 /' | cat_i
$RNDCCMD 10.53.0.3 sync 2>&1 | sed 's/^/ns3 /' | cat_i
echo_i "checking expired signatures were updated ($n)"
for i in 1 2 3 4 5 6 7 8 9
@ -311,12 +311,11 @@ do
ret=0
$DIG $DIGOPTS +noauth a.oldsigs.example. @10.53.0.3 a > dig.out.ns3.test$n || ret=1
$DIG $DIGOPTS +noauth a.oldsigs.example. @10.53.0.4 a > dig.out.ns4.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n > digcomp.out.test$n || ret=1
digcomp dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1
[ $ret = 0 ] && break
sleep 1
done
if [ $ret != 0 ]; then cat digcomp.out.test$n; echo_i "failed"; fi
n=`expr $n + 1`
status=`expr $status + $ret`
@ -326,7 +325,7 @@ $DIG $DIGOPTS nsec3.example. nsec3param @10.53.0.3 > dig.out.ns3.ok.test$n || re
grep "status: NOERROR" dig.out.ns3.ok.test$n > /dev/null || ret=1
$DIG $DIGOPTS +noauth q.nsec3.example. @10.53.0.3 a > dig.out.ns3.test$n || ret=1
$DIG $DIGOPTS +noauth q.nsec3.example. @10.53.0.4 a > dig.out.ns4.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
digcomp dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1
grep "status: NXDOMAIN" dig.out.ns4.test$n > /dev/null || ret=1
n=`expr $n + 1`
@ -340,7 +339,7 @@ $DIG $DIGOPTS +noall +answer autonsec3.example. nsec3param @10.53.0.3 > dig.out.
grep "NSEC3PARAM" dig.out.ns3.ok.test$n > /dev/null || ret=1
$DIG $DIGOPTS +noauth q.autonsec3.example. @10.53.0.3 a > dig.out.ns3.test$n || ret=1
$DIG $DIGOPTS +noauth q.autonsec3.example. @10.53.0.4 a > dig.out.ns4.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
digcomp dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1
grep "status: NXDOMAIN" dig.out.ns4.test$n > /dev/null || ret=1
n=`expr $n + 1`
@ -361,7 +360,7 @@ $DIG $DIGOPTS +noall +answer nsec3-to-nsec.example. nsec3param @10.53.0.3 > dig.
grep "NSEC3PARAM" dig.out.ns3.nx.test$n > /dev/null && ret=1
$DIG $DIGOPTS +noauth q.nsec3-to-nsec.example. @10.53.0.3 a > dig.out.ns3.test$n || ret=1
$DIG $DIGOPTS +noauth q.nsec3-to-nsec.example. @10.53.0.4 a > dig.out.ns4.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
digcomp dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1
grep "status: NXDOMAIN" dig.out.ns4.test$n > /dev/null || ret=1
n=`expr $n + 1`
@ -377,7 +376,7 @@ $DIG $DIGOPTS +noall +answer autonsec3.example. nsec3param @10.53.0.3 > dig.out.
grep "NSEC3PARAM" dig.out.ns3.nx.test$n > /dev/null && ret=1
$DIG $DIGOPTS +noauth q.autonsec3.example. @10.53.0.3 a > dig.out.ns3.test$n || ret=1
$DIG $DIGOPTS +noauth q.autonsec3.example. @10.53.0.4 a > dig.out.ns4.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
digcomp dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1
grep "status: NXDOMAIN" dig.out.ns4.test$n > /dev/null || ret=1
n=`expr $n + 1`
@ -388,7 +387,7 @@ echo_i "checking TTLs of imported DNSKEYs (no default) ($n)"
ret=0
$DIG $DIGOPTS +tcp +noall +answer dnskey ttl1.example. @10.53.0.3 > dig.out.ns3.test$n || ret=1
[ -s dig.out.ns3.test$n ] || ret=1
awk 'BEGIN {r=0} $2 != 300 {r=1; print "I:found TTL " $2} END {exit r}' dig.out.ns3.test$n || ret=1
awk 'BEGIN {r=0} $2 != 300 {r=1; print "found TTL " $2} END {exit r}' dig.out.ns3.test$n || ret=1 | cat_i
n=`expr $n + 1`
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
@ -397,7 +396,7 @@ echo_i "checking TTLs of imported DNSKEYs (with default) ($n)"
ret=0
$DIG $DIGOPTS +tcp +noall +answer dnskey ttl2.example. @10.53.0.3 > dig.out.ns3.test$n || ret=1
[ -s dig.out.ns3.test$n ] || ret=1
awk 'BEGIN {r=0} $2 != 60 {r=1; print "I:found TTL " $2} END {exit r}' dig.out.ns3.test$n || ret=1
awk 'BEGIN {r=0} $2 != 60 {r=1; print "found TTL " $2} END {exit r}' dig.out.ns3.test$n || ret=1 | cat_i
n=`expr $n + 1`
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
@ -406,7 +405,7 @@ echo_i "checking TTLs of imported DNSKEYs (mismatched) ($n)"
ret=0
$DIG $DIGOPTS +tcp +noall +answer dnskey ttl3.example. @10.53.0.3 > dig.out.ns3.test$n || ret=1
[ -s dig.out.ns3.test$n ] || ret=1
awk 'BEGIN {r=0} $2 != 30 {r=1; print "I:found TTL " $2} END {exit r}' dig.out.ns3.test$n || ret=1
awk 'BEGIN {r=0} $2 != 30 {r=1; print "found TTL " $2} END {exit r}' dig.out.ns3.test$n || ret=1 | cat_i
n=`expr $n + 1`
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
@ -415,7 +414,7 @@ echo_i "checking TTLs of imported DNSKEYs (existing RRset) ($n)"
ret=0
$DIG $DIGOPTS +tcp +noall +answer dnskey ttl4.example. @10.53.0.3 > dig.out.ns3.test$n || ret=1
[ -s dig.out.ns3.test$n ] || ret=1
awk 'BEGIN {r=0} $2 != 30 {r=1; print "I:found TTL " $2} END {exit r}' dig.out.ns3.test$n || ret=1
awk 'BEGIN {r=0} $2 != 30 {r=1; print "found TTL " $2} END {exit r}' dig.out.ns3.test$n || ret=1 | cat_i
n=`expr $n + 1`
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
@ -424,7 +423,7 @@ echo_i "checking positive validation NSEC ($n)"
ret=0
$DIG $DIGOPTS +noauth a.example. @10.53.0.2 a > dig.out.ns2.test$n || ret=1
$DIG $DIGOPTS +noauth a.example. @10.53.0.4 a > dig.out.ns4.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns2.test$n dig.out.ns4.test$n || ret=1
digcomp dig.out.ns2.test$n dig.out.ns4.test$n || ret=1
grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo_i "failed"; fi
@ -436,7 +435,7 @@ $DIG $DIGOPTS +noauth a.nsec3.example. \
@10.53.0.3 a > dig.out.ns3.test$n || ret=1
$DIG $DIGOPTS +noauth a.nsec3.example. \
@10.53.0.4 a > dig.out.ns4.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
digcomp dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo_i "failed"; fi
@ -448,7 +447,7 @@ $DIG $DIGOPTS +noauth a.optout.example. \
@10.53.0.3 a > dig.out.ns3.test$n || ret=1
$DIG $DIGOPTS +noauth a.optout.example. \
@10.53.0.4 a > dig.out.ns4.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
digcomp dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo_i "failed"; fi
@ -458,7 +457,7 @@ echo_i "checking negative validation NXDOMAIN NSEC ($n)"
ret=0
$DIG $DIGOPTS +noauth q.example. @10.53.0.2 a > dig.out.ns2.test$n || ret=1
$DIG $DIGOPTS +noauth q.example. @10.53.0.4 a > dig.out.ns4.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns2.test$n dig.out.ns4.test$n || ret=1
digcomp dig.out.ns2.test$n dig.out.ns4.test$n || ret=1
grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1
grep "status: NXDOMAIN" dig.out.ns4.test$n > /dev/null || ret=1
n=`expr $n + 1`
@ -471,7 +470,7 @@ $DIG $DIGOPTS +noauth q.nsec3.example. \
@10.53.0.3 a > dig.out.ns3.test$n || ret=1
$DIG $DIGOPTS +noauth q.nsec3.example. \
@10.53.0.4 a > dig.out.ns4.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
digcomp dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1
grep "status: NXDOMAIN" dig.out.ns4.test$n > /dev/null || ret=1
n=`expr $n + 1`
@ -484,7 +483,7 @@ $DIG $DIGOPTS +noauth q.optout.example. \
@10.53.0.3 a > dig.out.ns3.test$n || ret=1
$DIG $DIGOPTS +noauth q.optout.example. \
@10.53.0.4 a > dig.out.ns4.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
digcomp dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
grep "status: NXDOMAIN" dig.out.ns4.test$n > /dev/null || ret=1
# Note - this is looking for failure, hence the &&
grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null && ret=1
@ -496,7 +495,7 @@ echo_i "checking negative validation NODATA NSEC ($n)"
ret=0
$DIG $DIGOPTS +noauth a.example. @10.53.0.2 txt > dig.out.ns2.test$n || ret=1
$DIG $DIGOPTS +noauth a.example. @10.53.0.4 txt > dig.out.ns4.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns2.test$n dig.out.ns4.test$n || ret=1
digcomp dig.out.ns2.test$n dig.out.ns4.test$n || ret=1
grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1
grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1
grep "ANSWER: 0" dig.out.ns4.test$n > /dev/null || ret=1
@ -510,7 +509,7 @@ $DIG $DIGOPTS +noauth a.nsec3.example. \
@10.53.0.3 txt > dig.out.ns3.test$n || ret=1
$DIG $DIGOPTS +noauth a.nsec3.example. \
@10.53.0.4 txt > dig.out.ns4.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
digcomp dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1
grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1
grep "ANSWER: 0" dig.out.ns4.test$n > /dev/null || ret=1
@ -524,7 +523,7 @@ $DIG $DIGOPTS +noauth a.optout.example. \
@10.53.0.3 txt > dig.out.ns3.test$n || ret=1
$DIG $DIGOPTS +noauth a.optout.example. \
@10.53.0.4 txt > dig.out.ns4.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
digcomp dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1
grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1
grep "ANSWER: 0" dig.out.ns4.test$n > /dev/null || ret=1
@ -538,7 +537,7 @@ echo_i "checking 1-server insecurity proof NSEC ($n)"
ret=0
$DIG $DIGOPTS +noauth a.insecure.example. @10.53.0.3 a > dig.out.ns3.test$n || ret=1
$DIG $DIGOPTS +noauth a.insecure.example. @10.53.0.4 a > dig.out.ns4.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
digcomp dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1
# Note - this is looking for failure, hence the &&
grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null && ret=1
@ -552,7 +551,7 @@ $DIG $DIGOPTS q.insecure.example. a @10.53.0.3 \
> dig.out.ns3.test$n || ret=1
$DIG $DIGOPTS q.insecure.example. a @10.53.0.4 \
> dig.out.ns4.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
digcomp dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
grep "status: NXDOMAIN" dig.out.ns4.test$n > /dev/null || ret=1
# Note - this is looking for failure, hence the &&
grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null && ret=1
@ -568,7 +567,7 @@ $DIG $DIGOPTS +noauth a.secure.example. \
@10.53.0.3 a > dig.out.ns3.test$n || ret=1
$DIG $DIGOPTS +noauth a.secure.example. \
@10.53.0.4 a > dig.out.ns4.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
digcomp dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1
grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1
n=`expr $n + 1`
@ -581,7 +580,7 @@ $DIG $DIGOPTS +noauth a.nsec3.example. \
@10.53.0.3 a > dig.out.ns3.test$n || ret=1
$DIG $DIGOPTS +noauth a.nsec3.example. \
@10.53.0.4 a > dig.out.ns4.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
digcomp dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1
grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1
n=`expr $n + 1`
@ -594,7 +593,7 @@ $DIG $DIGOPTS +noauth a.optout.example. \
@10.53.0.3 a > dig.out.ns3.test$n || ret=1
$DIG $DIGOPTS +noauth a.optout.example. \
@10.53.0.4 a > dig.out.ns4.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
digcomp dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1
grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1
n=`expr $n + 1`
@ -607,7 +606,7 @@ $DIG $DIGOPTS +noauth a.secure.nsec3.example. \
@10.53.0.3 a > dig.out.ns3.test$n || ret=1
$DIG $DIGOPTS +noauth a.secure.nsec3.example. \
@10.53.0.4 a > dig.out.ns4.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
digcomp dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1
grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1
n=`expr $n + 1`
@ -620,7 +619,7 @@ $DIG $DIGOPTS +noauth a.nsec3.nsec3.example. \
@10.53.0.3 a > dig.out.ns3.test$n || ret=1
$DIG $DIGOPTS +noauth a.nsec3.nsec3.example. \
@10.53.0.4 a > dig.out.ns4.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
digcomp dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1
grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1
n=`expr $n + 1`
@ -633,7 +632,7 @@ $DIG $DIGOPTS +noauth a.optout.nsec3.example. \
@10.53.0.3 a > dig.out.ns3.test$n || ret=1
$DIG $DIGOPTS +noauth a.optout.nsec3.example. \
@10.53.0.4 a > dig.out.ns4.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
digcomp dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1
grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1
n=`expr $n + 1`
@ -646,7 +645,7 @@ $DIG $DIGOPTS +noauth a.secure.optout.example. \
@10.53.0.3 a > dig.out.ns3.test$n || ret=1
$DIG $DIGOPTS +noauth a.secure.optout.example. \
@10.53.0.4 a > dig.out.ns4.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
digcomp dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1
grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1
n=`expr $n + 1`
@ -659,7 +658,7 @@ $DIG $DIGOPTS +noauth a.nsec3.optout.example. \
@10.53.0.3 a > dig.out.ns3.test$n || ret=1
$DIG $DIGOPTS +noauth a.nsec3.optout.example. \
@10.53.0.4 a > dig.out.ns4.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
digcomp dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1
grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1
n=`expr $n + 1`
@ -672,7 +671,7 @@ $DIG $DIGOPTS +noauth a.optout.optout.example. \
@10.53.0.3 a > dig.out.ns3.test$n || ret=1
$DIG $DIGOPTS +noauth a.optout.optout.example. \
@10.53.0.4 a > dig.out.ns4.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
digcomp dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1
grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1
n=`expr $n + 1`
@ -685,7 +684,7 @@ $DIG $DIGOPTS +noauth empty.optout.example. \
@10.53.0.3 a > dig.out.ns3.test$n || ret=1
$DIG $DIGOPTS +noauth empty.optout.example. \
@10.53.0.4 a > dig.out.ns4.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
digcomp dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1
#grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1
n=`expr $n + 1`
@ -700,7 +699,7 @@ $DIG $DIGOPTS +noauth a.insecure.secure.example. @10.53.0.2 a \
> dig.out.ns2.test$n || ret=1
$DIG $DIGOPTS +noauth a.insecure.secure.example. @10.53.0.4 a \
> dig.out.ns4.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns2.test$n dig.out.ns4.test$n || ret=1
digcomp dig.out.ns2.test$n dig.out.ns4.test$n || ret=1
grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1
# Note - this is looking for failure, hence the &&
grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null && ret=1
@ -716,7 +715,7 @@ $DIG $DIGOPTS q.insecure.secure.example. @10.53.0.2 a > dig.out.ns2.test$n \
|| ret=1
$DIG $DIGOPTS q.insecure.secure.example. @10.53.0.4 a > dig.out.ns4.test$n \
|| ret=1
$PERL ../digcomp.pl dig.out.ns2.test$n dig.out.ns4.test$n || ret=1
digcomp dig.out.ns2.test$n dig.out.ns4.test$n || ret=1
grep "status: NXDOMAIN" dig.out.ns4.test$n > /dev/null || ret=1
# Note - this is looking for failure, hence the &&
grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null && ret=1
@ -737,7 +736,7 @@ echo_i "checking positive validation RSASHA256 NSEC ($n)"
ret=0
$DIG $DIGOPTS +noauth a.rsasha256.example. @10.53.0.3 a > dig.out.ns3.test$n || ret=1
$DIG $DIGOPTS +noauth a.rsasha256.example. @10.53.0.4 a > dig.out.ns4.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
digcomp dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo_i "failed"; fi
@ -747,7 +746,7 @@ echo_i "checking positive validation RSASHA512 NSEC ($n)"
ret=0
$DIG $DIGOPTS +noauth a.rsasha512.example. @10.53.0.3 a > dig.out.ns3.test$n || ret=1
$DIG $DIGOPTS +noauth a.rsasha512.example. @10.53.0.4 a > dig.out.ns4.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
digcomp dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo_i "failed"; fi
@ -759,7 +758,7 @@ $DIG $DIGOPTS +noauth a.private.secure.example. a @10.53.0.2 \
> dig.out.ns2.test$n || ret=1
$DIG $DIGOPTS +noauth a.private.secure.example. a @10.53.0.4 \
> dig.out.ns4.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns2.test$n dig.out.ns4.test$n || ret=1
digcomp dig.out.ns2.test$n dig.out.ns4.test$n || ret=1
grep "NOERROR" dig.out.ns4.test$n > /dev/null || ret=1
grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1
n=`expr $n + 1`
@ -772,7 +771,7 @@ $DIG $DIGOPTS +noauth q.private.secure.example. a @10.53.0.2 \
> dig.out.ns2.test$n || ret=1
$DIG $DIGOPTS +noauth q.private.secure.example. a @10.53.0.4 \
> dig.out.ns4.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns2.test$n dig.out.ns4.test$n || ret=1
digcomp dig.out.ns2.test$n dig.out.ns4.test$n || ret=1
grep "NXDOMAIN" dig.out.ns4.test$n > /dev/null || ret=1
# Note - this is looking for failure, hence the &&
grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null && ret=1
@ -909,7 +908,7 @@ file="ns3/`cat del1.key`.key"
$SETTIME -I now -D now $file > /dev/null
file="ns3/`cat del2.key`.key"
$SETTIME -I now -D now $file > /dev/null
$RNDCCMD 10.53.0.3 sign secure-to-insecure2.example. 2>&1 | sed 's/^/I:ns3 /'
$RNDCCMD 10.53.0.3 sign secure-to-insecure2.example. 2>&1 | sed 's/^/ns3 /' | cat_i
for i in 0 1 2 3 4 5 6 7 8 9; do
ret=0
$DIG $DIGOPTS axfr secure-to-insecure2.example @10.53.0.3 > dig.out.ns3.test$n || ret=1
@ -929,7 +928,7 @@ oldinception=`$DIG $DIGOPTS +short soa prepub.example @10.53.0.3 | awk '/SOA/ {p
$KEYGEN -a rsasha1 -3 -q -r $RANDFILE -K ns3 -P 0 -A +6d -I +38d -D +45d prepub.example > /dev/null
$RNDCCMD 10.53.0.3 sign prepub.example 2>&1 | sed 's/^/I:ns1 /'
$RNDCCMD 10.53.0.3 sign prepub.example 2>&1 | sed 's/^/ns1 /' | cat_i
newserial=$oldserial
try=0
while [ $oldserial -eq $newserial -a $try -lt 42 ]
@ -966,13 +965,13 @@ $SETTIME -K ns1 -i 0 -S $oldfile $newfile > /dev/null
# note previous zone serial number
oldserial=`$DIG $DIGOPTS +short soa . @10.53.0.1 | awk '{print $3}'`
$RNDCCMD 10.53.0.1 loadkeys . 2>&1 | sed 's/^/I:ns1 /'
$RNDCCMD 10.53.0.1 loadkeys . 2>&1 | sed 's/^/ns1 /' | cat_i
sleep 4
echo_i "revoking key to duplicated key ID"
$SETTIME -R now -K ns2 Kbar.+005+30676.key > /dev/null
$SETTIME -R now -K ns2 Kbar.+005+30676.key > /dev/null 2>&1
$RNDCCMD 10.53.0.2 loadkeys bar. 2>&1 | sed 's/^/I:ns2 /'
$RNDCCMD 10.53.0.2 loadkeys bar. 2>&1 | sed 's/^/ns2 /' | cat_i
echo_i "waiting for changes to take effect"
sleep 5
@ -1025,7 +1024,7 @@ n=`expr $n + 1`
status=`expr $status + $ret`
echo_i "forcing full sign"
$RNDCCMD 10.53.0.1 sign . 2>&1 | sed 's/^/I:ns1 /'
$RNDCCMD 10.53.0.1 sign . 2>&1 | sed 's/^/ns1 /' | cat_i
echo_i "waiting for change to take effect"
sleep 5
@ -1064,7 +1063,7 @@ echo_i "checking scheduled key publication, not activation ($n)"
ret=0
$SETTIME -K ns3 -P now+3s -A none $zsk > /dev/null 2>&1
$SETTIME -K ns3 -P now+3s -A none $ksk > /dev/null 2>&1
$RNDCCMD 10.53.0.3 loadkeys delay.example. 2>&1 | sed 's/^/I:ns2 /'
$RNDCCMD 10.53.0.3 loadkeys delay.example. 2>&1 | sed 's/^/ns2 /' | cat_i
echo_i "waiting for changes to take effect"
sleep 5
@ -1082,7 +1081,7 @@ echo_i "checking scheduled key activation ($n)"
ret=0
$SETTIME -K ns3 -A now+3s $zsk > /dev/null 2>&1
$SETTIME -K ns3 -A now+3s $ksk > /dev/null 2>&1
$RNDCCMD 10.53.0.3 loadkeys delay.example. 2>&1 | sed 's/^/I:ns2 /'
$RNDCCMD 10.53.0.3 loadkeys delay.example. 2>&1 | sed 's/^/ns2 /' | cat_i
echo_i "waiting for changes to take effect"
sleep 5
@ -1196,7 +1195,7 @@ status=`expr $status + $ret`
echo_i "forcing full sign with unreadable keys ($n)"
ret=0
chmod 0 ns1/K.+*+*.key ns1/K.+*+*.private || ret=1
$RNDCCMD 10.53.0.1 sign . 2>&1 | sed 's/^/I:ns1 /'
$RNDCCMD 10.53.0.1 sign . 2>&1 | sed 's/^/ns1 /' | cat_i
$DIG $DIGOPTS . @10.53.0.1 dnskey > dig.out.ns1.test$n || ret=1
grep "status: NOERROR" dig.out.ns1.test$n > /dev/null || ret=1
n=`expr $n + 1`
@ -1206,12 +1205,12 @@ status=`expr $status + $ret`
echo_i "test turning on auto-dnssec during reconfig ($n)"
ret=0
# first create a zone that doesn't have auto-dnssec
$RNDCCMD 10.53.0.3 addzone reconf.example '{ type master; file "reconf.example.db"; };' 2>&1 | sed 's/^/I:ns3 /'
$RNDCCMD 10.53.0.3 addzone reconf.example '{ type master; file "reconf.example.db"; };' 2>&1 | sed 's/^/ns3 /' | cat_i
rekey_calls=`grep "zone reconf.example.*next key event" ns3/named.run | wc -l`
[ "$rekey_calls" -eq 0 ] || ret=1
# ...then we add auto-dnssec and reconfigure
$RNDCCMD 10.53.0.3 modzone reconf.example '{ type master; file "reconf.example.db"; allow-update { any; }; auto-dnssec maintain; };' 2>&1 | sed 's/^/I:ns3 /'
$RNDCCMD 10.53.0.3 reconfig 2>&1 | sed 's/^/I:ns3 /'
$RNDCCMD 10.53.0.3 modzone reconf.example '{ type master; file "reconf.example.db"; allow-update { any; }; auto-dnssec maintain; };' 2>&1 | sed 's/^/ns3 /' | cat_i
$RNDCCMD 10.53.0.3 reconfig 2>&1 | sed 's/^/ns3 /' | cat_i
for i in 0 1 2 3 4 5 6 7 8 9; do
lret=0
rekey_calls=`grep "zone reconf.example.*next key event" ns3/named.run | wc -l`
@ -1268,7 +1267,7 @@ status=`expr $status + $ret`
echo_i "setting CDS and CDNSKEY deletion times and calling 'rndc loadkeys'"
$SETTIME -D sync now+2 `cat sync.key` > /dev/null
$RNDCCMD 10.53.0.3 loadkeys sync.example
$RNDCCMD 10.53.0.3 loadkeys sync.example | sed 's/^/ns3 /' | cat_i
echo_i "waiting for deletion to occur"
sleep 3
@ -1303,7 +1302,7 @@ status=`expr $status + $ret`
echo_i "check that zone with inactive KSK and active ZSK is properly autosigned ($n)"
ret=0
$DIG $DIGOPTS @10.53.0.3 axfr inacksk2.example > dig.out.ns3.test$n
$DIG $DIGOPTS @10.53.0.3 axfr inacksk2.example > dig.out.ns3.test$n
zskid=`awk '$4 == "DNSKEY" && $5 == 256 { print }' dig.out.ns3.test$n |
$DSFROMKEY -A -2 -f - inacksk2.example | awk '{ print $4}' `
@ -1321,7 +1320,7 @@ status=`expr $status + $ret`
echo_i "check that zone with inactive ZSK and active KSK is properly autosigned ($n)"
ret=0
$DIG $DIGOPTS @10.53.0.3 axfr inaczsk2.example > dig.out.ns3.test$n
$DIG $DIGOPTS @10.53.0.3 axfr inaczsk2.example > dig.out.ns3.test$n
grep "SOA 7 2" dig.out.ns3.test$n > /dev/null || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo_i "failed"; fi
@ -1335,7 +1334,7 @@ echo_i " resigned after the active KSK is deleted - stage 2: Verify that DNSKEY
echo_i " is now signed with the ZSK. ($n)"
ret=0
$DIG $DIGOPTS @10.53.0.3 axfr inacksk3.example > dig.out.ns3.test$n
$DIG $DIGOPTS @10.53.0.3 axfr inacksk3.example > dig.out.ns3.test$n
zskid=`awk '$4 == "DNSKEY" && $5 == 256 { print }' dig.out.ns3.test$n |
$DSFROMKEY -A -2 -f - inacksk3.example | awk '{ print $4}' `
@ -1363,7 +1362,7 @@ echo_i "check that zone with active and inactive ZSK and active KSK is properly"
echo_i " resigned after the active ZSK is deleted - stage 2: Verify that zone"
echo_i " is now signed with the KSK. ($n)"
ret=0
$DIG $DIGOPTS @10.53.0.3 axfr inaczsk3.example > dig.out.ns3.test$n
$DIG $DIGOPTS @10.53.0.3 axfr inaczsk3.example > dig.out.ns3.test$n
kskid=`awk '$4 == "DNSKEY" && $5 == 257 { print }' dig.out.ns3.test$n |
$DSFROMKEY -2 -f - inaczsk3.example | awk '{ print $4}' `
grep "CNAME 7 3 [0-9]* [0-9]* [0-9]* ${kskid} " dig.out.ns3.test$n > /dev/null || ret=1

2
bin/tests/system/cacheclean/tests.sh
View file

@ -85,7 +85,7 @@ n=`expr $n + 1`
echo_i "check correctness of routine cache cleaning ($n)"
$DIG $DIGOPTS +tcp +keepopen -b 10.53.0.7 -f dig.batch > dig.out.ns2 || status=1
$PERL ../digcomp.pl --lc dig.out.ns2 knowngood.dig.out || status=1
digcomp --lc dig.out.ns2 knowngood.dig.out || status=1
n=`expr $n + 1`
echo_i "only one tcp socket was used ($n)"

12
bin/tests/system/case/tests.sh
View file

@ -63,7 +63,7 @@ n=`expr $n + 1`
echo_i "testing load of dynamic zone with various \$ORIGIN values ($n)"
ret=0
$DIG $DIGOPTS axfr dynamic @10.53.0.1 > dig.ns1.test$n
$PERL ../digcomp.pl dig.ns1.test$n dynamic.good || ret=1
digcomp dig.ns1.test$n dynamic.good || ret=1
test $ret -eq 0 || echo_i "failed"
status=`expr $status + $ret`
@ -72,7 +72,7 @@ n=`expr $n + 1`
echo_i "transfer of dynamic zone with various \$ORIGIN values ($n)"
ret=0
$DIG $DIGOPTS axfr dynamic @10.53.0.2 > dig.ns2.test$n
$PERL ../digcomp.pl dig.ns2.test$n dynamic.good || ret=1
digcomp dig.ns2.test$n dynamic.good || ret=1
test $ret -eq 0 || echo_i "failed"
status=`expr $status + $ret`
@ -86,7 +86,7 @@ update add dYNAMIc 0 SOA mname1. . 2000042408 20 20 1814400 3600
send
EOF
$DIG $DIGOPTS axfr dynamic @10.53.0.1 > dig.ns1.test$n
$PERL ../digcomp.pl dig.ns1.test$n postupdate.good || ret=1
digcomp dig.ns1.test$n postupdate.good || ret=1
test $ret -eq 0 || echo_i "failed"
status=`expr $status + $ret`
@ -101,7 +101,7 @@ n=`expr $n + 1`
echo_i "check SOA owner case is transfered to slave ($n)"
ret=0
$DIG $DIGOPTS axfr dynamic @10.53.0.2 > dig.ns2.test$n
$PERL ../digcomp.pl dig.ns2.test$n postupdate.good || ret=1
digcomp dig.ns2.test$n postupdate.good || ret=1
test $ret -eq 0 || echo_i "failed"
status=`expr $status + $ret`
@ -116,7 +116,7 @@ update add Ns1.DyNaMIC. 300 IN A 10.53.0.1
send
EOF
$DIG $DIGOPTS axfr dynamic @10.53.0.1 > dig.ns1.test$n
$PERL ../digcomp.pl dig.ns1.test$n postns1.good || ret=1
digcomp dig.ns1.test$n postns1.good || ret=1
test $ret -eq 0 || echo_i "failed"
status=`expr $status + $ret`
@ -131,7 +131,7 @@ n=`expr $n + 1`
echo_i "check A owner case is transfered to slave ($n)"
ret=0
$DIG $DIGOPTS axfr dynamic @10.53.0.2 > dig.ns2.test$n
$PERL ../digcomp.pl dig.ns2.test$n postns1.good || ret=1
digcomp dig.ns2.test$n postns1.good || ret=1
status=`expr $status + $ret`
echo_i "exit status: $status"

32
bin/tests/system/checkds/tests.sh
View file

@ -36,7 +36,7 @@ status=`expr $status + $ret`
echo_i "checking for correct DS, obtaining key from file ($n)"
ret=0
$CHECKDS -f ok.example.dnskey.db ok.example > checkds.out.$n || ret=1
$CHECKDS -f ok.example.dnskey.db ok.example > checkds.out.$n 2>&1 || ret=1
grep 'SHA-1' checkds.out.$n > /dev/null 2>&1 || ret=1
grep 'SHA-256' checkds.out.$n > /dev/null 2>&1 || ret=1
n=`expr $n + 1`
@ -45,7 +45,7 @@ status=`expr $status + $ret`
echo_i "checking for correct DLV, looking up key via 'dig' ($n)"
ret=0
$CHECKDS -l dlv.example ok.example > checkds.out.$n || ret=1
$CHECKDS -l dlv.example ok.example > checkds.out.$n 2>&1 || ret=1
grep 'SHA-1' checkds.out.$n > /dev/null 2>&1 || ret=1
grep 'SHA-256' checkds.out.$n > /dev/null 2>&1 || ret=1
n=`expr $n + 1`
@ -54,7 +54,7 @@ status=`expr $status + $ret`
echo_i "checking for correct DLV, obtaining key from file ($n)"
ret=0
$CHECKDS -l dlv.example -f ok.example.dnskey.db ok.example > checkds.out.$n || ret=1
$CHECKDS -l dlv.example -f ok.example.dnskey.db ok.example > checkds.out.$n 2>&1 || ret=1
grep 'SHA-1' checkds.out.$n > /dev/null 2>&1 || ret=1
grep 'SHA-256' checkds.out.$n > /dev/null 2>&1 || ret=1
n=`expr $n + 1`
@ -63,7 +63,7 @@ status=`expr $status + $ret`
echo_i "checking for incorrect DS, lowronging up key via 'dig' ($n)"
ret=0
$CHECKDS wrong.example > checkds.out.$n || ret=1
$CHECKDS wrong.example > checkds.out.$n 2>&1 || ret=1
grep 'SHA-1' checkds.out.$n > /dev/null 2>&1 || ret=1
grep 'SHA-256' checkds.out.$n > /dev/null 2>&1 || ret=1
n=`expr $n + 1`
@ -72,7 +72,7 @@ status=`expr $status + $ret`
echo_i "checking for incorrect DS, obtaining key from file ($n)"
ret=0
$CHECKDS -f wrong.example.dnskey.db wrong.example > checkds.out.$n || ret=1
$CHECKDS -f wrong.example.dnskey.db wrong.example > checkds.out.$n 2>&1 || ret=1
grep 'SHA-1' checkds.out.$n > /dev/null 2>&1 || ret=1
grep 'SHA-256' checkds.out.$n > /dev/null 2>&1 || ret=1
n=`expr $n + 1`
@ -81,7 +81,7 @@ status=`expr $status + $ret`
echo_i "checking for incorrect DLV, lowronging up key via 'dig' ($n)"
ret=0
$CHECKDS -l dlv.example wrong.example > checkds.out.$n || ret=1
$CHECKDS -l dlv.example wrong.example > checkds.out.$n 2>&1 || ret=1
grep 'SHA-1' checkds.out.$n > /dev/null 2>&1 || ret=1
grep 'SHA-256' checkds.out.$n > /dev/null 2>&1 || ret=1
n=`expr $n + 1`
@ -90,7 +90,7 @@ status=`expr $status + $ret`
echo_i "checking for incorrect DLV, obtaining key from file ($n)"
ret=0
$CHECKDS -l dlv.example -f wrong.example.dnskey.db wrong.example > checkds.out.$n || ret=1
$CHECKDS -l dlv.example -f wrong.example.dnskey.db wrong.example > checkds.out.$n 2>&1 || ret=1
grep 'SHA-1' checkds.out.$n > /dev/null 2>&1 || ret=1
grep 'SHA-256' checkds.out.$n > /dev/null 2>&1 || ret=1
n=`expr $n + 1`
@ -100,7 +100,7 @@ status=`expr $status + $ret`
echo_i "checking for partially missing DS, looking up key via 'dig' ($n)"
ret=0
$CHECKDS missing.example > checkds.out.$n || ret=1
$CHECKDS missing.example > checkds.out.$n 2>&1 || ret=1
grep 'SHA-1.*found' checkds.out.$n > /dev/null 2>&1 || ret=1
grep 'SHA-256.*found' checkds.out.$n > /dev/null 2>&1 || ret=1
grep 'SHA-1.*missing' checkds.out.$n > /dev/null 2>&1 || ret=1
@ -111,7 +111,7 @@ status=`expr $status + $ret`
echo_i "checking for partially missing DS, obtaining key from file ($n)"
ret=0
$CHECKDS -f missing.example.dnskey.db missing.example > checkds.out.$n || ret=1
$CHECKDS -f missing.example.dnskey.db missing.example > checkds.out.$n 2>&1 || ret=1
grep 'SHA-1.*found' checkds.out.$n > /dev/null 2>&1 || ret=1
grep 'SHA-256.*found' checkds.out.$n > /dev/null 2>&1 || ret=1
grep 'SHA-1.*missing' checkds.out.$n > /dev/null 2>&1 || ret=1
@ -122,7 +122,7 @@ status=`expr $status + $ret`
echo_i "checking for partially missing DLV, looking up key via 'dig' ($n)"
ret=0
$CHECKDS -l dlv.example missing.example > checkds.out.$n || ret=1
$CHECKDS -l dlv.example missing.example > checkds.out.$n 2>&1 || ret=1
grep 'SHA-1.*found' checkds.out.$n > /dev/null 2>&1 || ret=1
grep 'SHA-256.*found' checkds.out.$n > /dev/null 2>&1 || ret=1
grep 'SHA-1.*missing' checkds.out.$n > /dev/null 2>&1 || ret=1
@ -133,7 +133,7 @@ status=`expr $status + $ret`
echo_i "checking for partially missing DLV, obtaining key from file ($n)"
ret=0
$CHECKDS -l dlv.example -f missing.example.dnskey.db missing.example > checkds.out.$n || ret=1
$CHECKDS -l dlv.example -f missing.example.dnskey.db missing.example > checkds.out.$n 2>&1 || ret=1
grep 'SHA-1.*found' checkds.out.$n > /dev/null 2>&1 || ret=1
grep 'SHA-256.*found' checkds.out.$n > /dev/null 2>&1 || ret=1
grep 'SHA-1.*missing' checkds.out.$n > /dev/null 2>&1 || ret=1
@ -144,7 +144,7 @@ status=`expr $status + $ret`
echo_i "checking for entirely missing DS, looking up key via 'dig' ($n)"
ret=0
$CHECKDS none.example > checkds.out.$n && ret=1
$CHECKDS none.example > checkds.out.$n 2>&1 && ret=1
grep 'No DS' checkds.out.$n > /dev/null 2>&1 || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo_i "failed"; fi
@ -152,7 +152,7 @@ status=`expr $status + $ret`
echo_i "checking for entirely missing DS, obtaining key from file ($n)"
ret=0
$CHECKDS -f none.example.dnskey.db none.example > checkds.out.$n && ret=1
$CHECKDS -f none.example.dnskey.db none.example > checkds.out.$n 2>&1 && ret=1
grep 'No DS' checkds.out.$n > /dev/null 2>&1 || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo_i "failed"; fi
@ -160,7 +160,7 @@ status=`expr $status + $ret`
echo_i "checking for entirely missing DLV, looking up key via 'dig' ($n)"
ret=0
$CHECKDS -l dlv.example none.example > checkds.out.$n && ret=1
$CHECKDS -l dlv.example none.example > checkds.out.$n 2>&1 && ret=1
grep 'No DLV' checkds.out.$n > /dev/null 2>&1 || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo_i "failed"; fi
@ -168,7 +168,7 @@ status=`expr $status + $ret`
echo_i "checking for entirely missing DLV, obtaining key from file ($n)"
ret=0
$CHECKDS -l dlv.example -f none.example.dnskey.db none.example > checkds.out.$n && ret=1
$CHECKDS -l dlv.example -f none.example.dnskey.db none.example > checkds.out.$n 2>&1 && ret=1
grep 'No DLV' checkds.out.$n > /dev/null 2>&1 || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo_i "failed"; fi
@ -176,7 +176,7 @@ status=`expr $status + $ret`
echo_i "checking with prepared dsset file ($n)"
ret=0
$CHECKDS -f prep.example.db -s prep.example.ds.db prep.example > checkds.out.$n || ret=1
$CHECKDS -f prep.example.db -s prep.example.ds.db prep.example > checkds.out.$n 2>&1 || ret=1
grep 'SHA-1.*found' checkds.out.$n > /dev/null 2>&1 || ret=1
grep 'SHA-256.*found' checkds.out.$n > /dev/null 2>&1 || ret=1
n=`expr $n + 1`

2
bin/tests/system/checknames/tests.sh
View file

@ -48,7 +48,7 @@ echo_i "check that 'check-names response warn;' works ($n)"
ret=0
$DIG $DIGOPTS +noauth yy_yy.ignore.example. @10.53.0.1 a > dig.out.ns1.test$n || ret=1
$DIG $DIGOPTS +noauth yy_yy.ignore.example. @10.53.0.2 a > dig.out.ns2.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns1.test$n dig.out.ns2.test$n || ret=1
digcomp dig.out.ns1.test$n dig.out.ns2.test$n || ret=1
grep "check-names warning yy_yy.ignore.example/A/IN" ns2/named.run > /dev/null || ret=1
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`

9
bin/tests/system/conf.sh.in
View file

@ -100,7 +100,7 @@ PARALLELDIRS="acl additional addzone allow_query auth autosign \
names notify nslookup nsupdate nzd2nzf \
padding pending pipelined \
reclimit redirect resolver rndc rpz rpzrecurse \
rrchecker rrlrrsetorder rsabigexponent runtime \
rrchecker rrl rrsetorder rsabigexponent runtime \
serve-stale sfcache smartsign sortlist \
spf staticstub statistics statschannel stub synthfromdnssec \
tcp tools tsig tsiggss \
@ -240,6 +240,13 @@ cat_i() {
done
}
digcomp() {
output=`$PERL $SYSTEMTESTTOP/digcomp.pl "$@"`
result=$?
[ -n "$output" ] && { echo "digcomp failed:"; echo "$output"; } | cat_i
return $result
}
#
# Useful functions in test scripts
#

13
bin/tests/system/conf.sh.win32
View file

@ -211,6 +211,19 @@ echo_i() {
done
}
cat_i() {
while read LINE ; do
echoinfo "I:$SYSTESTDIR:$LINE"
done
}
digcomp() {
output=`$PERL $SYSTEMTESTTOP/digcomp.pl "$@"`
result=$?
[ -n "$output" ] && { echo "digcomp failed:"; echo "$output"; } | cat_i
return $result
}
#
# Useful functions in test scripts
#

6
bin/tests/system/dialup/tests.sh
View file

@ -9,8 +9,6 @@
# See the COPYRIGHT file distributed with this work for additional
# information regarding copyright ownership.
# $Id: tests.sh,v 1.6 2007/06/19 23:47:01 tbox Exp $
SYSTEMTESTTOP=..
. $SYSTEMTESTTOP/conf.sh
@ -34,7 +32,7 @@ do
try=`expr $try + 1`
sleep 1
else
$PERL ../digcomp.pl dig.out.ns1.test dig.out.ns2.test || ret=1
digcomp dig.out.ns1.test dig.out.ns2.test || ret=1
break;
fi
done
@ -53,7 +51,7 @@ do
try=`expr $try + 1`
sleep 1
else
$PERL ../digcomp.pl dig.out.ns1.test dig.out.ns3.test || ret=1
digcomp dig.out.ns1.test dig.out.ns3.test || ret=1
break;
fi
done

2
bin/tests/system/dlv/ns1/sign.sh
View file

@ -12,6 +12,8 @@
SYSTEMTESTTOP=../..
. $SYSTEMTESTTOP/conf.sh
SYSTESTDIR=dlv
(cd ../ns2 && $SHELL -e ./sign.sh || exit 1)
echo_i "dlv/ns1/sign.sh"

2
bin/tests/system/dlv/ns2/sign.sh
View file

@ -12,6 +12,8 @@
SYSTEMTESTTOP=../..
. $SYSTEMTESTTOP/conf.sh
SYSTESTDIR=dlv
(cd ../ns3 && $SHELL -e ./sign.sh || exit 1)
echo_i "dlv/ns2/sign.sh"

2
bin/tests/system/dlv/ns6/sign.sh
View file

@ -12,6 +12,8 @@
SYSTEMTESTTOP=../..
. $SYSTEMTESTTOP/conf.sh
SYSTESTDIR=dlv
echo_i "dlv/ns6/sign.sh"
zone=grand.child1.utld.

136
bin/tests/system/dnssec/tests.sh
View file

@ -85,7 +85,7 @@ do
[ $ret = 0 ] && break
sleep 1
done
$PERL ../digcomp.pl dig.out.ns2.test$n dig.out.ns3.test$n > /dev/null || ret=1
digcomp dig.out.ns2.test$n dig.out.ns3.test$n > /dev/null || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
@ -96,7 +96,7 @@ echo_i "checking AD bit asking for validation ($n)"
ret=0
$DIG $DIGOPTS +noauth +noadd +nodnssec +adflag a.example. @10.53.0.2 a > dig.out.ns2.test$n || ret=1
$DIG $DIGOPTS +noauth +noadd +nodnssec +adflag a.example. @10.53.0.4 a > dig.out.ns4.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns2.test$n dig.out.ns4.test$n || ret=1
digcomp dig.out.ns2.test$n dig.out.ns4.test$n || ret=1
grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo_i "failed"; fi
@ -108,7 +108,7 @@ echo_i "checking that AD is not set without +adflag or +dnssec ($n)"
ret=0
$DIG $DIGOPTS +noauth +noadd +nodnssec +noadflag a.example. @10.53.0.2 a > dig.out.ns2.test$n || ret=1
$DIG $DIGOPTS +noauth +noadd +nodnssec +noadflag a.example. @10.53.0.4 a > dig.out.ns4.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns2.test$n dig.out.ns4.test$n || ret=1
digcomp dig.out.ns2.test$n dig.out.ns4.test$n || ret=1
grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null && ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo_i "failed"; fi
@ -126,7 +126,7 @@ echo_i "checking positive validation NSEC ($n)"
ret=0
$DIG $DIGOPTS +noauth a.example. @10.53.0.2 a > dig.out.ns2.test$n || ret=1
$DIG $DIGOPTS +noauth a.example. @10.53.0.4 a > dig.out.ns4.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns2.test$n dig.out.ns4.test$n || ret=1
digcomp dig.out.ns2.test$n dig.out.ns4.test$n || ret=1
grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo_i "failed"; fi
@ -149,7 +149,7 @@ $DIG $DIGOPTS +noauth a.nsec3.example. \
@10.53.0.3 a > dig.out.ns3.test$n || ret=1
$DIG $DIGOPTS +noauth a.nsec3.example. \
@10.53.0.4 a > dig.out.ns4.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
digcomp dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo_i "failed"; fi
@ -172,7 +172,7 @@ $DIG $DIGOPTS +noauth a.optout.example. \
@10.53.0.3 a > dig.out.ns3.test$n || ret=1
$DIG $DIGOPTS +noauth a.optout.example. \
@10.53.0.4 a > dig.out.ns4.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
digcomp dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo_i "failed"; fi
@ -195,7 +195,7 @@ $DIG $DIGOPTS a.wild.example. @10.53.0.3 a > dig.out.ns3.test$n || ret=1
$DIG $DIGOPTS a.wild.example. @10.53.0.4 a > dig.out.ns4.test$n || ret=1
stripns dig.out.ns3.test$n > dig.out.ns3.stripped.test$n
stripns dig.out.ns4.test$n > dig.out.ns4.stripped.test$n
$PERL ../digcomp.pl dig.out.ns3.stripped.test$n dig.out.ns4.stripped.test$n || ret=1
digcomp dig.out.ns3.stripped.test$n dig.out.ns4.stripped.test$n || ret=1
grep "\*\.wild\.example\..*RRSIG NSEC" dig.out.ns4.test$n > /dev/null || ret=1
grep "\*\.wild\.example\..*NSEC z\.example" dig.out.ns4.test$n > /dev/null || ret=1
grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1
@ -239,7 +239,7 @@ $DIG $DIGOPTS a.wild.nsec3.example. @10.53.0.3 a > dig.out.ns3.test$n || ret=1
$DIG $DIGOPTS a.wild.nsec3.example. @10.53.0.4 a > dig.out.ns4.test$n || ret=1
stripns dig.out.ns3.test$n > dig.out.ns3.stripped.test$n
stripns dig.out.ns4.test$n > dig.out.ns4.stripped.test$n
$PERL ../digcomp.pl dig.out.ns3.stripped.test$n dig.out.ns4.stripped.test$n || ret=1
digcomp dig.out.ns3.stripped.test$n dig.out.ns4.stripped.test$n || ret=1
grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1
grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1
n=`expr $n + 1`
@ -265,7 +265,7 @@ $DIG $DIGOPTS a.wild.optout.example. \
@10.53.0.4 a > dig.out.ns4.test$n || ret=1
stripns dig.out.ns3.test$n > dig.out.ns3.stripped.test$n
stripns dig.out.ns4.test$n > dig.out.ns4.stripped.test$n
$PERL ../digcomp.pl dig.out.ns3.stripped.test$n dig.out.ns4.stripped.test$n || ret=1
digcomp dig.out.ns3.stripped.test$n dig.out.ns4.stripped.test$n || ret=1
grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null && ret=1
grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1
n=`expr $n + 1`
@ -287,7 +287,7 @@ echo_i "checking negative validation NXDOMAIN NSEC ($n)"
ret=0
$DIG $DIGOPTS +noauth q.example. @10.53.0.2 a > dig.out.ns2.test$n || ret=1
$DIG $DIGOPTS +noauth q.example. @10.53.0.4 a > dig.out.ns4.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns2.test$n dig.out.ns4.test$n || ret=1
digcomp dig.out.ns2.test$n dig.out.ns4.test$n || ret=1
grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1
grep "status: NXDOMAIN" dig.out.ns4.test$n > /dev/null || ret=1
n=`expr $n + 1`
@ -310,7 +310,7 @@ $DIG $DIGOPTS +noauth q.nsec3.example. \
@10.53.0.3 a > dig.out.ns3.test$n || ret=1
$DIG $DIGOPTS +noauth q.nsec3.example. \
@10.53.0.4 a > dig.out.ns4.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
digcomp dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1
grep "status: NXDOMAIN" dig.out.ns4.test$n > /dev/null || ret=1
n=`expr $n + 1`
@ -333,7 +333,7 @@ $DIG $DIGOPTS +noauth q.optout.example. \
@10.53.0.3 a > dig.out.ns3.test$n || ret=1
$DIG $DIGOPTS +noauth q.optout.example. \
@10.53.0.4 a > dig.out.ns4.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
digcomp dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
grep "status: NXDOMAIN" dig.out.ns4.test$n > /dev/null || ret=1
# Note - this is looking for failure, hence the &&
grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null && ret=1
@ -355,7 +355,7 @@ echo_i "checking negative validation NODATA NSEC ($n)"
ret=0
$DIG $DIGOPTS +noauth a.example. @10.53.0.2 txt > dig.out.ns2.test$n || ret=1
$DIG $DIGOPTS +noauth a.example. @10.53.0.4 txt > dig.out.ns4.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns2.test$n dig.out.ns4.test$n || ret=1
digcomp dig.out.ns2.test$n dig.out.ns4.test$n || ret=1
grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1
grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1
grep "ANSWER: 0" dig.out.ns4.test$n > /dev/null || ret=1
@ -379,7 +379,7 @@ $DIG $DIGOPTS +noauth a.nsec3.example. \
@10.53.0.3 txt > dig.out.ns3.test$n || ret=1
$DIG $DIGOPTS +noauth a.nsec3.example. \
@10.53.0.4 txt > dig.out.ns4.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
digcomp dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1
grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1
grep "ANSWER: 0" dig.out.ns4.test$n > /dev/null || ret=1
@ -403,7 +403,7 @@ $DIG $DIGOPTS +noauth a.optout.example. \
@10.53.0.3 txt > dig.out.ns3.test$n || ret=1
$DIG $DIGOPTS +noauth a.optout.example. \
@10.53.0.4 txt > dig.out.ns4.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
digcomp dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1
grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1
grep "ANSWER: 0" dig.out.ns4.test$n > /dev/null || ret=1
@ -425,7 +425,7 @@ echo_i "checking negative wildcard validation NSEC ($n)"
ret=0
$DIG $DIGOPTS b.wild.example. @10.53.0.2 txt > dig.out.ns2.test$n || ret=1
$DIG $DIGOPTS b.wild.example. @10.53.0.4 txt > dig.out.ns4.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns2.test$n dig.out.ns4.test$n || ret=1
digcomp dig.out.ns2.test$n dig.out.ns4.test$n || ret=1
grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1
grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1
n=`expr $n + 1`
@ -446,7 +446,7 @@ echo_i "checking negative wildcard validation NSEC3 ($n)"
ret=0
$DIG $DIGOPTS b.wild.nsec3.example. @10.53.0.3 txt > dig.out.ns3.test$n || ret=1
$DIG $DIGOPTS b.wild.nsec3.example. @10.53.0.4 txt > dig.out.ns4.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
digcomp dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo_i "failed"; fi
@ -468,7 +468,7 @@ $DIG $DIGOPTS b.wild.optout.example. \
@10.53.0.3 txt > dig.out.ns3.test$n || ret=1
$DIG $DIGOPTS b.wild.optout.example. \
@10.53.0.4 txt > dig.out.ns4.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
digcomp dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1
# Note - this is looking for failure, hence the &&
grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null && ret=1
@ -492,7 +492,7 @@ echo_i "checking 1-server insecurity proof NSEC ($n)"
ret=0
$DIG $DIGOPTS +noauth a.insecure.example. @10.53.0.3 a > dig.out.ns3.test$n || ret=1
$DIG $DIGOPTS +noauth a.insecure.example. @10.53.0.4 a > dig.out.ns4.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
digcomp dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1
# Note - this is looking for failure, hence the &&
grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null && ret=1
@ -514,7 +514,7 @@ echo_i "checking 1-server insecurity proof NSEC3 ($n)"
ret=0
$DIG $DIGOPTS +noauth a.insecure.nsec3.example. @10.53.0.3 a > dig.out.ns3.test$n || ret=1
$DIG $DIGOPTS +noauth a.insecure.nsec3.example. @10.53.0.4 a > dig.out.ns4.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
digcomp dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1
# Note - this is looking for failure, hence the &&
grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null && ret=1
@ -536,7 +536,7 @@ echo_i "checking 1-server insecurity proof OPTOUT ($n)"
ret=0
$DIG $DIGOPTS +noauth a.insecure.optout.example. @10.53.0.3 a > dig.out.ns3.test$n || ret=1
$DIG $DIGOPTS +noauth a.insecure.optout.example. @10.53.0.4 a > dig.out.ns4.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
digcomp dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1
# Note - this is looking for failure, hence the &&
grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null && ret=1
@ -560,7 +560,7 @@ $DIG $DIGOPTS q.insecure.example. a @10.53.0.3 \
> dig.out.ns3.test$n || ret=1
$DIG $DIGOPTS q.insecure.example. a @10.53.0.4 \
> dig.out.ns4.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
digcomp dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
grep "status: NXDOMAIN" dig.out.ns4.test$n > /dev/null || ret=1
# Note - this is looking for failure, hence the &&
grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null && ret=1
@ -584,7 +584,7 @@ $DIG $DIGOPTS q.insecure.nsec3.example. a @10.53.0.3 \
> dig.out.ns3.test$n || ret=1
$DIG $DIGOPTS q.insecure.nsec3.example. a @10.53.0.4 \
> dig.out.ns4.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
digcomp dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
grep "status: NXDOMAIN" dig.out.ns4.test$n > /dev/null || ret=1
# Note - this is looking for failure, hence the &&
grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null && ret=1
@ -608,7 +608,7 @@ $DIG $DIGOPTS q.insecure.optout.example. a @10.53.0.3 \
> dig.out.ns3.test$n || ret=1
$DIG $DIGOPTS q.insecure.optout.example. a @10.53.0.4 \
> dig.out.ns4.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
digcomp dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
grep "status: NXDOMAIN" dig.out.ns4.test$n > /dev/null || ret=1
# Note - this is looking for failure, hence the &&
grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null && ret=1
@ -632,7 +632,7 @@ $DIG $DIGOPTS r.insecure.example. soa @10.53.0.3 \
> dig.out.ns3.test$n || ret=1
$DIG $DIGOPTS r.insecure.example. soa @10.53.0.4 \
> dig.out.ns4.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
digcomp dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
grep "status: NXDOMAIN" dig.out.ns4.test$n > /dev/null || ret=1
grep "0 IN SOA" dig.out.ns4.test$n > /dev/null || ret=1
# Note - this is looking for failure, hence the &&
@ -647,7 +647,7 @@ $DIG $DIGOPTS r.insecure.nsec3.example. soa @10.53.0.3 \
> dig.out.ns3.test$n || ret=1
$DIG $DIGOPTS r.insecure.nsec3.example. soa @10.53.0.4 \
> dig.out.ns4.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
digcomp dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
grep "status: NXDOMAIN" dig.out.ns4.test$n > /dev/null || ret=1
grep "0 IN SOA" dig.out.ns4.test$n > /dev/null || ret=1
# Note - this is looking for failure, hence the &&
@ -662,7 +662,7 @@ $DIG $DIGOPTS r.insecure.optout.example. soa @10.53.0.3 \
> dig.out.ns3.test$n || ret=1
$DIG $DIGOPTS r.insecure.optout.example. soa @10.53.0.4 \
> dig.out.ns4.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
digcomp dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
grep "status: NXDOMAIN" dig.out.ns4.test$n > /dev/null || ret=1
grep "0 IN SOA" dig.out.ns4.test$n > /dev/null || ret=1
# Note - this is looking for failure, hence the &&
@ -679,7 +679,7 @@ $DIG $DIGOPTS +noauth a.secure.example. \
@10.53.0.3 a > dig.out.ns3.test$n || ret=1
$DIG $DIGOPTS +noauth a.secure.example. \
@10.53.0.4 a > dig.out.ns4.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
digcomp dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1
grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1
n=`expr $n + 1`
@ -692,7 +692,7 @@ $DIG $DIGOPTS +noauth a.nsec3.example. \
@10.53.0.3 a > dig.out.ns3.test$n || ret=1
$DIG $DIGOPTS +noauth a.nsec3.example. \
@10.53.0.4 a > dig.out.ns4.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
digcomp dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1
grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1
n=`expr $n + 1`
@ -705,7 +705,7 @@ $DIG $DIGOPTS +noauth a.optout.example. \
@10.53.0.3 a > dig.out.ns3.test$n || ret=1
$DIG $DIGOPTS +noauth a.optout.example. \
@10.53.0.4 a > dig.out.ns4.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
digcomp dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1
grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1
n=`expr $n + 1`
@ -718,7 +718,7 @@ $DIG $DIGOPTS +noauth a.secure.nsec3.example. \
@10.53.0.3 a > dig.out.ns3.test$n || ret=1
$DIG $DIGOPTS +noauth a.secure.nsec3.example. \
@10.53.0.4 a > dig.out.ns4.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
digcomp dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1
grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1
n=`expr $n + 1`
@ -731,7 +731,7 @@ $DIG $DIGOPTS +noauth a.nsec3.nsec3.example. \
@10.53.0.3 a > dig.out.ns3.test$n || ret=1
$DIG $DIGOPTS +noauth a.nsec3.nsec3.example. \
@10.53.0.4 a > dig.out.ns4.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
digcomp dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1
grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1
n=`expr $n + 1`
@ -744,7 +744,7 @@ $DIG $DIGOPTS +noauth a.optout.nsec3.example. \
@10.53.0.3 a > dig.out.ns3.test$n || ret=1
$DIG $DIGOPTS +noauth a.optout.nsec3.example. \
@10.53.0.4 a > dig.out.ns4.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
digcomp dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1
grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1
n=`expr $n + 1`
@ -757,7 +757,7 @@ $DIG $DIGOPTS +noauth a.secure.optout.example. \
@10.53.0.3 a > dig.out.ns3.test$n || ret=1
$DIG $DIGOPTS +noauth a.secure.optout.example. \
@10.53.0.4 a > dig.out.ns4.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
digcomp dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1
grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1
n=`expr $n + 1`
@ -770,7 +770,7 @@ $DIG $DIGOPTS +noauth a.nsec3.optout.example. \
@10.53.0.3 a > dig.out.ns3.test$n || ret=1
$DIG $DIGOPTS +noauth a.nsec3.optout.example. \
@10.53.0.4 a > dig.out.ns4.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
digcomp dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1
grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1
n=`expr $n + 1`
@ -783,7 +783,7 @@ $DIG $DIGOPTS +noauth a.optout.optout.example. \
@10.53.0.3 a > dig.out.ns3.test$n || ret=1
$DIG $DIGOPTS +noauth a.optout.optout.example. \
@10.53.0.4 a > dig.out.ns4.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
digcomp dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1
grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1
n=`expr $n + 1`
@ -796,7 +796,7 @@ $DIG $DIGOPTS +noauth empty.optout.example. \
@10.53.0.3 a > dig.out.ns3.test$n || ret=1
$DIG $DIGOPTS +noauth empty.optout.example. \
@10.53.0.4 a > dig.out.ns4.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
digcomp dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1
#grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1
n=`expr $n + 1`
@ -930,7 +930,7 @@ $DIG $DIGOPTS +noauth a.insecure.secure.example. @10.53.0.2 a \
> dig.out.ns2.test$n || ret=1
$DIG $DIGOPTS +noauth a.insecure.secure.example. @10.53.0.4 a \
> dig.out.ns4.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns2.test$n dig.out.ns4.test$n || ret=1
digcomp dig.out.ns2.test$n dig.out.ns4.test$n || ret=1
grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1
# Note - this is looking for failure, hence the &&
grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null && ret=1
@ -946,7 +946,7 @@ $DIG $DIGOPTS q.insecure.secure.example. @10.53.0.2 a > dig.out.ns2.test$n \
|| ret=1
$DIG $DIGOPTS q.insecure.secure.example. @10.53.0.4 a > dig.out.ns4.test$n \
|| ret=1
$PERL ../digcomp.pl dig.out.ns2.test$n dig.out.ns4.test$n || ret=1
digcomp dig.out.ns2.test$n dig.out.ns4.test$n || ret=1
grep "status: NXDOMAIN" dig.out.ns4.test$n > /dev/null || ret=1
# Note - this is looking for failure, hence the &&
grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null && ret=1
@ -960,7 +960,7 @@ $DIG $DIGOPTS r.insecure.secure.example. @10.53.0.2 soa > dig.out.ns2.test$n \
|| ret=1
$DIG $DIGOPTS r.insecure.secure.example. @10.53.0.4 soa > dig.out.ns4.test$n \
|| ret=1
$PERL ../digcomp.pl dig.out.ns2.test$n dig.out.ns4.test$n || ret=1
digcomp dig.out.ns2.test$n dig.out.ns4.test$n || ret=1
grep "status: NXDOMAIN" dig.out.ns4.test$n > /dev/null || ret=1
# Note - this is looking for failure, hence the &&
grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null && ret=1
@ -987,7 +987,7 @@ $DIG $DIGOPTS +noauth example. soa @10.53.0.4 \
> dig.out.ns4.test$n || ret=1
$DIG $DIGOPTS +noauth +cdflag example. soa @10.53.0.5 \
> dig.out.ns5.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns4.test$n dig.out.ns5.test$n || ret=1
digcomp dig.out.ns4.test$n dig.out.ns5.test$n || ret=1
grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1
# Note - this is looking for failure, hence the &&
grep "flags:.*ad.*QUERY" dig.out.ns5.test$n > /dev/null && ret=1
@ -999,7 +999,7 @@ echo_i "checking cd bit on a negative answer ($n)"
ret=0
$DIG $DIGOPTS q.example. soa @10.53.0.4 > dig.out.ns4.test$n || ret=1
$DIG $DIGOPTS +cdflag q.example. soa @10.53.0.5 > dig.out.ns5.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns4.test$n dig.out.ns5.test$n || ret=1
digcomp dig.out.ns4.test$n dig.out.ns5.test$n || ret=1
grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1
# Note - this is looking for failure, hence the &&
grep "flags:.*ad.*QUERY" dig.out.ns5.test$n > /dev/null && ret=1
@ -1011,7 +1011,7 @@ echo_i "checking positive validation RSASHA256 NSEC ($n)"
ret=0
$DIG $DIGOPTS +noauth a.rsasha256.example. @10.53.0.3 a > dig.out.ns3.test$n || ret=1
$DIG $DIGOPTS +noauth a.rsasha256.example. @10.53.0.4 a > dig.out.ns4.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
digcomp dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo_i "failed"; fi
@ -1021,7 +1021,7 @@ echo_i "checking positive validation RSASHA512 NSEC ($n)"
ret=0
$DIG $DIGOPTS +noauth a.rsasha512.example. @10.53.0.3 a > dig.out.ns3.test$n || ret=1
$DIG $DIGOPTS +noauth a.rsasha512.example. @10.53.0.4 a > dig.out.ns4.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
digcomp dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo_i "failed"; fi
@ -1031,7 +1031,7 @@ echo_i "checking positive validation with KSK-only DNSKEY signature ($n)"
ret=0
$DIG $DIGOPTS +noauth a.kskonly.example. @10.53.0.3 a > dig.out.ns3.test$n || ret=1
$DIG $DIGOPTS +noauth a.kskonly.example. @10.53.0.4 a > dig.out.ns4.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
digcomp dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo_i "failed"; fi
@ -1043,7 +1043,7 @@ $DIG $DIGOPTS a.bogus.example. soa @10.53.0.4 \
> dig.out.ns4.test$n || ret=1
$DIG $DIGOPTS +cdflag a.bogus.example. soa @10.53.0.5 \
> dig.out.ns5.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns4.test$n dig.out.ns5.test$n || ret=1
digcomp dig.out.ns4.test$n dig.out.ns5.test$n || ret=1
grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1
# Note - this is looking for failure, hence the &&
grep "flags:.*ad.*QUERY" dig.out.ns5.test$n > /dev/null && ret=1
@ -1057,7 +1057,7 @@ $DIG $DIGOPTS +noauth a.insecure.example. soa @10.53.0.4 \
> dig.out.ns4.test$n || ret=1
$DIG $DIGOPTS +noauth +cdflag a.insecure.example. soa @10.53.0.5 \
> dig.out.ns5.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns4.test$n dig.out.ns5.test$n || ret=1
digcomp dig.out.ns4.test$n dig.out.ns5.test$n || ret=1
grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1
# Note - these are looking for failure, hence the &&
grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null && ret=1
@ -1072,7 +1072,7 @@ $DIG $DIGOPTS q.insecure.example. a @10.53.0.4 \
> dig.out.ns4.test$n || ret=1
$DIG $DIGOPTS +cdflag q.insecure.example. a @10.53.0.5 \
> dig.out.ns5.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns4.test$n dig.out.ns5.test$n || ret=1
digcomp dig.out.ns4.test$n dig.out.ns5.test$n || ret=1
grep "status: NXDOMAIN" dig.out.ns4.test$n > /dev/null || ret=1
# Note - these are looking for failure, hence the &&
grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null && ret=1
@ -1085,7 +1085,7 @@ echo_i "checking that validation of an ANY query works ($n)"
ret=0
$DIG $DIGOPTS +noauth foo.example. any @10.53.0.2 > dig.out.ns2.test$n || ret=1
$DIG $DIGOPTS +noauth foo.example. any @10.53.0.4 > dig.out.ns4.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns2.test$n dig.out.ns4.test$n || ret=1
digcomp dig.out.ns2.test$n dig.out.ns4.test$n || ret=1
grep "NOERROR" dig.out.ns4.test$n > /dev/null || ret=1
# 2 records in the zone, 1 NXT, 3 SIGs
grep "ANSWER: 6" dig.out.ns4.test$n > /dev/null || ret=1
@ -1099,7 +1099,7 @@ $DIG $DIGOPTS +noauth cname1.example. txt @10.53.0.2 \
> dig.out.ns2.test$n || ret=1
$DIG $DIGOPTS +noauth cname1.example. txt @10.53.0.4 \
> dig.out.ns4.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns2.test$n dig.out.ns4.test$n || ret=1
digcomp dig.out.ns2.test$n dig.out.ns4.test$n || ret=1
grep "NOERROR" dig.out.ns4.test$n > /dev/null || ret=1
# the CNAME & its sig, the TXT and its SIG
grep "ANSWER: 4" dig.out.ns4.test$n > /dev/null || ret=1
@ -1113,7 +1113,7 @@ $DIG $DIGOPTS +noauth foo.dname1.example. txt @10.53.0.2 \
> dig.out.ns2.test$n || ret=1
$DIG $DIGOPTS +noauth foo.dname1.example. txt @10.53.0.4 \
> dig.out.ns4.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns2.test$n dig.out.ns4.test$n || ret=1
digcomp dig.out.ns2.test$n dig.out.ns4.test$n || ret=1
grep "NOERROR" dig.out.ns4.test$n > /dev/null || ret=1
# The DNAME & its sig, the TXT and its SIG, and the synthesized CNAME.
# It would be nice to test that the CNAME is being synthesized by the
@ -1129,7 +1129,7 @@ $DIG $DIGOPTS +noauth cname2.example. any @10.53.0.2 \
> dig.out.ns2.test$n || ret=1
$DIG $DIGOPTS +noauth cname2.example. any @10.53.0.4 \
> dig.out.ns4.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns2.test$n dig.out.ns4.test$n || ret=1
digcomp dig.out.ns2.test$n dig.out.ns4.test$n || ret=1
grep "NOERROR" dig.out.ns4.test$n > /dev/null || ret=1
# The CNAME, NXT, and their SIGs
grep "ANSWER: 4" dig.out.ns4.test$n > /dev/null || ret=1
@ -1143,7 +1143,7 @@ $DIG $DIGOPTS +noauth foo.dname2.example. any @10.53.0.2 \
> dig.out.ns2.test$n || ret=1
$DIG $DIGOPTS +noauth foo.dname2.example. any @10.53.0.4 \
> dig.out.ns4.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns2.test$n dig.out.ns4.test$n || ret=1
digcomp dig.out.ns2.test$n dig.out.ns4.test$n || ret=1
grep "NOERROR" dig.out.ns4.test$n > /dev/null || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo_i "failed"; fi
@ -1155,7 +1155,7 @@ $DIG $DIGOPTS +noauth a.private.secure.example. a @10.53.0.2 \
> dig.out.ns2.test$n || ret=1
$DIG $DIGOPTS +noauth a.private.secure.example. a @10.53.0.4 \
> dig.out.ns4.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns2.test$n dig.out.ns4.test$n || ret=1
digcomp dig.out.ns2.test$n dig.out.ns4.test$n || ret=1
grep "NOERROR" dig.out.ns4.test$n > /dev/null || ret=1
# Note - this is looking for failure, hence the &&
grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null && ret=1
@ -1169,7 +1169,7 @@ $DIG $DIGOPTS +noauth q.private.secure.example. a @10.53.0.2 \
> dig.out.ns2.test$n || ret=1
$DIG $DIGOPTS +noauth q.private.secure.example. a @10.53.0.4 \
> dig.out.ns4.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns2.test$n dig.out.ns4.test$n || ret=1
digcomp dig.out.ns2.test$n dig.out.ns4.test$n || ret=1
grep "NXDOMAIN" dig.out.ns4.test$n > /dev/null || ret=1
# Note - this is looking for failure, hence the &&
grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null && ret=1
@ -1183,7 +1183,7 @@ $DIG $DIGOPTS +noauth example. SOA @10.53.0.2 \
> dig.out.ns2.test$n || ret=1
$DIG $DIGOPTS +noauth example. SOA @10.53.0.6 \
> dig.out.ns6.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns2.test$n dig.out.ns6.test$n || ret=1
digcomp dig.out.ns2.test$n dig.out.ns6.test$n || ret=1
# Note - this is looking for failure, hence the &&
grep "flags:.*ad.*QUERY" dig.out.ns6.test$n > /dev/null && ret=1
n=`expr $n + 1`
@ -2127,7 +2127,7 @@ echo_i "checking positive validation NSEC ($n)"
ret=0
$DIG $DIGOPTS +noauth a.example. @10.53.0.2 a > dig.out.ns2.test$n || ret=1
$DIG $DIGOPTS +noauth a.example. @10.53.0.4 a > dig.out.ns4.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns2.test$n dig.out.ns4.test$n || ret=1
digcomp dig.out.ns2.test$n dig.out.ns4.test$n || ret=1
grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo_i "failed"; fi
@ -2139,7 +2139,7 @@ $DIG $DIGOPTS +noauth a.nsec3.example. \
@10.53.0.3 a > dig.out.ns3.test$n || ret=1
$DIG $DIGOPTS +noauth a.nsec3.example. \
@10.53.0.4 a > dig.out.ns4.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
digcomp dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo_i "failed"; fi
@ -2151,7 +2151,7 @@ $DIG $DIGOPTS +noauth a.optout.example. \
@10.53.0.3 a > dig.out.ns3.test$n || ret=1
$DIG $DIGOPTS +noauth a.optout.example. \
@10.53.0.4 a > dig.out.ns4.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
digcomp dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo_i "failed"; fi
@ -2161,7 +2161,7 @@ echo_i "checking negative validation ($n)"
ret=0
$DIG $DIGOPTS +noauth q.example. @10.53.0.2 a > dig.out.ns2.test$n || ret=1
$DIG $DIGOPTS +noauth q.example. @10.53.0.4 a > dig.out.ns4.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns2.test$n dig.out.ns4.test$n || ret=1
digcomp dig.out.ns2.test$n dig.out.ns4.test$n || ret=1
grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1
grep "status: NXDOMAIN" dig.out.ns4.test$n > /dev/null || ret=1
n=`expr $n + 1`
@ -2172,7 +2172,7 @@ echo_i "checking that root DS queries validate ($n)"
ret=0
$DIG $DIGOPTS +noauth . @10.53.0.1 ds > dig.out.ns1.test$n || ret=1
$DIG $DIGOPTS +noauth . @10.53.0.4 ds > dig.out.ns4.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns1.test$n dig.out.ns4.test$n || ret=1
digcomp dig.out.ns1.test$n dig.out.ns4.test$n || ret=1
grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1
grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1
n=`expr $n + 1`
@ -2183,7 +2183,7 @@ echo_i "checking that DS at a RFC 1918 empty zone lookup succeeds ($n)"
ret=0
$DIG $DIGOPTS +noauth 10.in-addr.arpa ds @10.53.0.2 >dig.out.ns2.test$n || ret=1
$DIG $DIGOPTS +noauth 10.in-addr.arpa ds @10.53.0.6 >dig.out.ns6.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns2.test$n dig.out.ns6.test$n || ret=1
digcomp dig.out.ns2.test$n dig.out.ns6.test$n || ret=1
grep "status: NOERROR" dig.out.ns6.test$n > /dev/null || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo_i "failed"; fi
@ -2521,7 +2521,7 @@ do
test "$s2" = "$s3" && break
sleep 1
done
$PERL ../digcomp.pl dig.out.ns2.test$n dig.out.ns3.test$n || ret=1
digcomp dig.out.ns2.test$n dig.out.ns3.test$n || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
@ -2736,7 +2736,7 @@ $DIG $DIGOPTS +noauth cnameandkey.secure.example. \
@10.53.0.3 dnskey > dig.out.ns3.test$n || ret=1
$DIG $DIGOPTS +noauth cnameandkey.secure.example. \
@10.53.0.4 dnskey > dig.out.ns4.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
digcomp dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1
grep "CNAME" dig.out.ns4.test$n > /dev/null || ret=1
n=`expr $n + 1`
@ -2749,7 +2749,7 @@ $DIG $DIGOPTS +noauth cnameandkey.secure.example. \
@10.53.0.3 key > dig.out.ns3.test$n || ret=1
$DIG $DIGOPTS +noauth cnameandkey.secure.example. \
@10.53.0.4 key > dig.out.ns4.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
digcomp dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1
grep "CNAME" dig.out.ns4.test$n > /dev/null && ret=1
n=`expr $n + 1`
@ -2762,7 +2762,7 @@ $DIG $DIGOPTS +noauth cnamenokey.secure.example. \
@10.53.0.3 key > dig.out.ns3.test$n || ret=1
$DIG $DIGOPTS +noauth cnamenokey.secure.example. \
@10.53.0.4 key > dig.out.ns4.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
digcomp dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1
grep "CNAME" dig.out.ns4.test$n > /dev/null && ret=1
n=`expr $n + 1`
@ -2775,7 +2775,7 @@ $DIG $DIGOPTS a.dnameandkey.secure.example. \
@10.53.0.3 dnskey > dig.out.ns3.test$n || ret=1
$DIG $DIGOPTS a.dnameandkey.secure.example. \
@10.53.0.4 dnskey > dig.out.ns4.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
digcomp dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1
grep "CNAME" dig.out.ns4.test$n > /dev/null || ret=1
grep "DNAME" dig.out.ns4.test$n > /dev/null || ret=1
@ -2789,7 +2789,7 @@ $DIG $DIGOPTS b.dnameandkey.secure.example. \
@10.53.0.3 key > dig.out.ns3.test$n || ret=1
$DIG $DIGOPTS b.dnameandkey.secure.example. \
@10.53.0.4 key > dig.out.ns4.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
digcomp dig.out.ns3.test$n dig.out.ns4.test$n || ret=1
grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1
grep "DNAME" dig.out.ns4.test$n > /dev/null || ret=1
n=`expr $n + 1`

2
bin/tests/system/filter-aaaa/ns1/sign.sh
View file

@ -12,6 +12,8 @@
SYSTEMTESTTOP=../..
. $SYSTEMTESTTOP/conf.sh
SYSTESTDIR=filter-aaaa
dlvsets=
zone=signed.

2
bin/tests/system/filter-aaaa/ns4/sign.sh
View file

@ -12,6 +12,8 @@
SYSTEMTESTTOP=../..
. $SYSTEMTESTTOP/conf.sh
SYSTESTDIR=filter-aaaa
dlvsets=
zone=signed.

14
bin/tests/system/forward/tests.sh
View file

@ -23,7 +23,7 @@ echo_i "checking that a forward zone overrides global forwarders"
ret=0
$DIG $DIGOPTS +noadd +noauth txt.example1. txt @$hidden > dig.out.hidden || ret=1
$DIG $DIGOPTS +noadd +noauth txt.example1. txt @$f1 > dig.out.f1 || ret=1
$PERL ../digcomp.pl dig.out.hidden dig.out.f1 || ret=1
digcomp dig.out.hidden dig.out.f1 || ret=1
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
@ -31,7 +31,7 @@ echo_i "checking that a forward first zone no forwarders recurses"
ret=0
$DIG $DIGOPTS +noadd +noauth txt.example2. txt @$root > dig.out.root || ret=1
$DIG $DIGOPTS +noadd +noauth txt.example2. txt @$f1 > dig.out.f1 || ret=1
$PERL ../digcomp.pl dig.out.root dig.out.f1 || ret=1
digcomp dig.out.root dig.out.f1 || ret=1
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
@ -39,7 +39,7 @@ echo_i "checking that a forward only zone no forwarders fails"
ret=0
$DIG $DIGOPTS +noadd +noauth txt.example2. txt @$root > dig.out.root || ret=1
$DIG $DIGOPTS +noadd +noauth txt.example2. txt @$f1 > dig.out.f1 || ret=1
$PERL ../digcomp.pl dig.out.root dig.out.f1 || ret=1
digcomp dig.out.root dig.out.f1 || ret=1
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
@ -47,7 +47,7 @@ echo_i "checking that global forwarders work"
ret=0
$DIG $DIGOPTS +noadd +noauth txt.example4. txt @$hidden > dig.out.hidden || ret=1
$DIG $DIGOPTS +noadd +noauth txt.example4. txt @$f1 > dig.out.f1 || ret=1
$PERL ../digcomp.pl dig.out.hidden dig.out.f1 || ret=1
digcomp dig.out.hidden dig.out.f1 || ret=1
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
@ -55,7 +55,7 @@ echo_i "checking that a forward zone works"
ret=0
$DIG $DIGOPTS +noadd +noauth txt.example1. txt @$hidden > dig.out.hidden || ret=1
$DIG $DIGOPTS +noadd +noauth txt.example1. txt @$f2 > dig.out.f2 || ret=1
$PERL ../digcomp.pl dig.out.hidden dig.out.f2 || ret=1
digcomp dig.out.hidden dig.out.f2 || ret=1
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
@ -63,7 +63,7 @@ echo_i "checking that forwarding doesn't spontaneously happen"
ret=0
$DIG $DIGOPTS +noadd +noauth txt.example2. txt @$root > dig.out.root || ret=1
$DIG $DIGOPTS +noadd +noauth txt.example2. txt @$f2 > dig.out.f2 || ret=1
$PERL ../digcomp.pl dig.out.root dig.out.f2 || ret=1
digcomp dig.out.root dig.out.f2 || ret=1
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
@ -71,7 +71,7 @@ echo_i "checking that a forward zone with no specified policy works"
ret=0
$DIG $DIGOPTS +noadd +noauth txt.example3. txt @$hidden > dig.out.hidden || ret=1
$DIG $DIGOPTS +noadd +noauth txt.example3. txt @$f2 > dig.out.f2 || ret=1
$PERL ../digcomp.pl dig.out.hidden dig.out.f2 || ret=1
digcomp dig.out.hidden dig.out.f2 || ret=1
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`

4
bin/tests/system/glue/tests.sh
View file

@ -22,11 +22,11 @@ status=0
echo_i "testing that a ccTLD referral gets a full glue set from the root zone"
$DIG $DIGOPTS @10.53.0.1 foo.bar.fi. A >dig.out || status=1
$PERL ../digcomp.pl --lc fi.good dig.out || status=1
digcomp --lc fi.good dig.out || status=1
echo_i "testing that we don't find out-of-zone glue"
$DIG $DIGOPTS @10.53.0.1 example.net. a > dig.out || status=1
$PERL ../digcomp.pl noglue.good dig.out || status=1
digcomp noglue.good dig.out || status=1
echo_i "exit status: $status"
[ $status -eq 0 ] || exit 1

10
bin/tests/system/ixfr/tests.sh
View file

@ -54,7 +54,7 @@ zone "nil" {
};
EOF
$RNDCCMD 10.53.0.1 reload
$RNDCCMD 10.53.0.1 reload | sed 's/^/ns1 /' | cat_i
for i in 0 1 2 3 4 5 6 7 8 9
do
@ -157,7 +157,7 @@ done
# modify the master
cp ns3/mytest1.db ns3/mytest.db
$RNDCCMD 10.53.0.3 reload
$RNDCCMD 10.53.0.3 reload | sed 's/^/ns3 /' | cat_i
#wait for master to reload load
for i in 0 1 2 3 4 5 6 7 8 9
@ -202,7 +202,7 @@ echo_i "testing request-ixfr option in view vs zone"
echo_i " this result should be AXFR"
cp ns3/subtest1.db ns3/subtest.db # change to sub.test zone, should be AXFR
$RNDCCMD 10.53.0.3 reload
$RNDCCMD 10.53.0.3 reload | sed 's/^/ns3 /' | cat_i
#wait for master to reload zone
for i in 0 1 2 3 4 5 6 7 8 9
@ -242,7 +242,7 @@ fi
echo_i " this result should be IXFR"
cp ns3/mytest2.db ns3/mytest.db # change to test zone, should be IXFR
$RNDCCMD 10.53.0.3 reload
$RNDCCMD 10.53.0.3 reload | sed 's/^/ns3 /' | cat_i
# wait for master to reload zone
for i in 0 1 2 3 4 5 6 7 8 9
@ -296,7 +296,7 @@ ret=0
# Should be "switch to TCP" response
$DIG $DIGOPTS +notcp ixfr=1 test @10.53.0.4 > dig.out1 || ret=1
$DIG $DIGOPTS ixfr=1 +notcp test @10.53.0.4 > dig.out2 || ret=1
$PERL ../digcomp.pl dig.out1 dig.out2 || ret=1
digcomp dig.out1 dig.out2 || ret=1
awk '$4 == "SOA" { soacnt++} END {if (soacnt == 1) exit(0); else exit(1);}' dig.out1 || ret=1
awk '$4 == "SOA" { if ($7 == 4) exit(0); else exit(1);}' dig.out1 || ret=1
# Should be incremental transfer.

2
bin/tests/system/legacy/ns6/sign.sh
View file

@ -12,6 +12,8 @@
SYSTEMTESTTOP=../..
. $SYSTEMTESTTOP/conf.sh
SYSTESTDIR=legacy
echo_i "sign edns512"
zone=edns512

2
bin/tests/system/legacy/ns7/sign.sh
View file

@ -12,6 +12,8 @@
SYSTEMTESTTOP=../..
. $SYSTEMTESTTOP/conf.sh
SYSTESTDIR=legacy
echo_i "sign edns512-notcp"
zone=edns512-notcp

10
bin/tests/system/limits/tests.sh
View file

@ -19,28 +19,28 @@ status=0
echo_i "1000 A records"
$DIG $DIGOPTS +tcp +norec 1000.example. @10.53.0.1 a > dig.out.1000 || status=1
# $DIG $DIGOPTS 1000.example. @10.53.0.1 a > knowngood.dig.out.1000
$PERL ../digcomp.pl knowngood.dig.out.1000 dig.out.1000 || status=1
digcomp knowngood.dig.out.1000 dig.out.1000 || status=1
echo_i "2000 A records"
$DIG $DIGOPTS +tcp +norec 2000.example. @10.53.0.1 a > dig.out.2000 || status=1
# $DIG $DIGOPTS 2000.example. @10.53.0.1 a > knowngood.dig.out.2000
$PERL ../digcomp.pl knowngood.dig.out.2000 dig.out.2000 || status=1
digcomp knowngood.dig.out.2000 dig.out.2000 || status=1
echo_i "3000 A records"
$DIG $DIGOPTS +tcp +norec 3000.example. @10.53.0.1 a > dig.out.3000 || status=1
# $DIG $DIGOPTS 3000.example. @10.53.0.1 a > knowngood.dig.out.3000
$PERL ../digcomp.pl knowngood.dig.out.3000 dig.out.3000 || status=1
digcomp knowngood.dig.out.3000 dig.out.3000 || status=1
echo_i "4000 A records"
$DIG $DIGOPTS +tcp +norec 4000.example. @10.53.0.1 a > dig.out.4000 || status=1
# $DIG $DIGOPTS 4000.example. @10.53.0.1 a > knowngood.dig.out.4000
$PERL ../digcomp.pl knowngood.dig.out.4000 dig.out.4000 || status=1
digcomp knowngood.dig.out.4000 dig.out.4000 || status=1
echo_i "exactly maximum rrset"
$DIG $DIGOPTS +tcp +norec +noedns a-maximum-rrset.example. @10.53.0.1 a > dig.out.a-maximum-rrset \
|| status=1
# $DIG $DIGOPTS a-maximum-rrset.example. @10.53.0.1 a > knowngood.dig.out.a-maximum-rrset
$PERL ../digcomp.pl knowngood.dig.out.a-maximum-rrset dig.out.a-maximum-rrset || status=1
digcomp knowngood.dig.out.a-maximum-rrset dig.out.a-maximum-rrset || status=1
echo_i "exceed maximum rrset (5000 A records)"
$DIG $DIGOPTS +tcp +norec +noadd 5000.example. @10.53.0.1 a > dig.out.exceed || status=1

6
bin/tests/system/masterformat/tests.sh
View file

@ -91,10 +91,10 @@ for zone in example example-explicit example-compat; do
echo
done > dig.out.$zone.$server
done
$PERL ../digcomp.pl dig.out.$zone.1 dig.out.$zone.2 || ret=1
digcomp dig.out.$zone.1 dig.out.$zone.2 || ret=1
if [ $zone = "example" ]; then
set -- 1 2
$PERL ../digcomp.pl dig.out.$zone.1 dig.out.$zone.3 || ret=1
set -- 1 2
digcomp dig.out.$zone.1 dig.out.$zone.3 || ret=1
fi
done
[ $ret -eq 0 ] || echo_i "failed"

6
bin/tests/system/notify/tests.sh
View file

@ -45,7 +45,7 @@ grep "10.0.0.1" dig.out.ns2.test$n > /dev/null || ret=1
$DIG $DIGOPTS a.example. @10.53.0.3 a > dig.out.ns3.test$n || ret=1
grep "10.0.0.1" dig.out.ns3.test$n > /dev/null || ret=1
$PERL ../digcomp.pl dig.out.ns2.test$n dig.out.ns3.test$n || ret=1
digcomp dig.out.ns2.test$n dig.out.ns3.test$n || ret=1
[ $ret = 0 ] || echo_i "failed"
status=`expr $ret + $status`
@ -105,7 +105,7 @@ grep "10.0.0.2" dig.out.ns2.test$n > /dev/null || ret=1
$DIG $DIGOPTS a.example. @10.53.0.3 a > dig.out.ns3.test$n || ret=1
grep "10.0.0.2" dig.out.ns3.test$n > /dev/null || ret=1
$PERL ../digcomp.pl dig.out.ns2.test$n dig.out.ns3.test$n || ret=1
digcomp dig.out.ns2.test$n dig.out.ns3.test$n || ret=1
[ $ret = 0 ] || echo_i "failed"
status=`expr $ret + $status`
@ -151,7 +151,7 @@ grep "10.0.0.4" dig.out.ns2.test$n > /dev/null || ret=1
$DIG $DIGOPTS a.example. @10.53.0.3 a > dig.out.ns3.test$n || ret=1
grep "10.0.0.4" dig.out.ns3.test$n > /dev/null || ret=1
$PERL ../digcomp.pl dig.out.ns2.test$n dig.out.ns3.test$n || ret=1
digcomp dig.out.ns2.test$n dig.out.ns3.test$n || ret=1
[ $ret = 0 ] || echo_i "failed"
status=`expr $ret + $status`

16
bin/tests/system/nsupdate/tests.sh
View file

@ -50,8 +50,8 @@ $DIG $DIGOPTS +tcp +noadd +nosea +nostat +noquest +nocomm +nocmd example.nil.\
ret=0
echo_i "comparing pre-update copies to known good data"
$PERL ../digcomp.pl knowngood.ns1.before dig.out.ns1 || ret=1
$PERL ../digcomp.pl knowngood.ns1.before dig.out.ns2 || ret=1
digcomp knowngood.ns1.before dig.out.ns1 || ret=1
digcomp knowngood.ns1.before dig.out.ns2 || ret=1
[ $ret = 0 ] || { echo_i "failed"; status=1; }
ret=0
@ -83,8 +83,8 @@ $DIG $DIGOPTS +tcp +noadd +nosea +nostat +noquest +nocomm +nocmd example.nil.\
ret=0
echo_i "comparing post-update copies to known good data"
$PERL ../digcomp.pl knowngood.ns1.after dig.out.ns1 || ret=1
$PERL ../digcomp.pl knowngood.ns1.after dig.out.ns2 || ret=1
digcomp knowngood.ns1.after dig.out.ns1 || ret=1
digcomp knowngood.ns1.after dig.out.ns2 || ret=1
[ $ret = 0 ] || { echo_i "failed"; status=1; }
ret=0
@ -114,7 +114,7 @@ post=`$DIG $DIGOPTS +short new.other.nil. @10.53.0.1 a` || ret=1
ret=0
echo_i "comparing post-update copy to known good data"
$PERL ../digcomp.pl knowngood.ns1.after dig.out.ns1 || ret=1
digcomp knowngood.ns1.after dig.out.ns1 || ret=1
[ $ret = 0 ] || { echo_i "failed"; status=1; }
ret=0
@ -308,7 +308,7 @@ $DIG $DIGOPTS +tcp +noadd +nosea +nostat +noquest +nocomm +nocmd example.nil.\
ret=0
echo_i "comparing zones"
$PERL ../digcomp.pl dig.out.ns1 dig.out.ns2 || ret=1
digcomp dig.out.ns1 dig.out.ns2 || ret=1
[ $ret = 0 ] || { echo_i "failed"; status=1; }
echo_i "SIGKILL and restart server ns1"
@ -335,7 +335,7 @@ $DIG $DIGOPTS +tcp +noadd +nosea +nostat +noquest +nocomm +nocmd example.nil.\
ret=0
echo_i "comparing zones"
$PERL ../digcomp.pl dig.out.ns1 dig.out.ns1.after || ret=1
digcomp dig.out.ns1 dig.out.ns1.after || ret=1
[ $ret = 0 ] || { echo_i "failed"; status=1; }
echo_i "begin RT #482 regression test"
@ -494,7 +494,7 @@ rm -f ns1/*jnl
$PERL $SYSTEMTESTTOP/start.pl --noclean --restart --port ${PORT} . ns1
$DIG $DIGOPTS +tcp +noadd +nosea +nostat +noquest +nocomm +nocmd updated4.example.nil.\
@10.53.0.1 a > dig.out.ns1 || status=1
$PERL ../digcomp.pl knowngood.ns1.afterstop dig.out.ns1 || ret=1
digcomp knowngood.ns1.afterstop dig.out.ns1 || ret=1
[ $ret = 0 ] || { echo_i "failed"; status=1; }
ret=0

2
bin/tests/system/rndc/setup.sh
View file

@ -32,7 +32,7 @@ copy_setports ns6/named.conf.in ns6/named.conf
make_key () {
$RNDCCONFGEN -r $RANDFILE -k key$1 -A $3 -s 10.53.0.4 -p $2 \
> ns4/key${1}.conf
> ns4/key${1}.conf 2> /dev/null
egrep -v '(^# Start|^# End|^# Use|^[^#])' ns4/key$1.conf | cut -c3- | \
sed 's/allow { 10.53.0.4/allow { any/' >> ns4/named.conf
}

2
bin/tests/system/staticstub/tests.sh
View file

@ -77,7 +77,7 @@ n=`expr $n + 1`
echo_i "look for static-stub zone data with recursion (should be found) ($n)"
ret=0
$DIG $DIGOPTS +tcp +noauth data.example. @10.53.0.2 txt > dig.out.ns2.test$n || ret=1
$PERL ../digcomp.pl knowngood.dig.out.rec dig.out.ns2.test$n || ret=1
digcomp knowngood.dig.out.rec dig.out.ns2.test$n || ret=1
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`

22
bin/tests/system/stopall.sh Normal file
View file

@ -0,0 +1,22 @@
#!/bin/sh
#
# Copyright (C) Internet Systems Consortium, Inc. ("ISC")
#
# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
#
# See the COPYRIGHT file distributed with this work for additional
# information regarding copyright ownership.
#
# Stop all hanging processes from any system tests.
#
SYSTEMTESTTOP=.
. $SYSTEMTESTTOP/conf.sh
for d in $SUBDIRS
do
$SHELL stop.sh $d
done

4
bin/tests/system/stub/tests.sh
View file

@ -42,13 +42,13 @@ do
[ $ret = 0 ] && break
sleep 1
done
$PERL ../digcomp.pl knowngood.dig.out.norec dig.out.ns3 || ret=1
digcomp knowngood.dig.out.norec dig.out.ns3 || ret=1
[ $ret = 0 ] || { status=1; echo_i "failed"; }
echo_i "look for stub zone data with recursion (should be found) (pass=$pass)"
ret=0
$DIG $DIGOPTS +noauth +noadd data.child.example. @10.53.0.3 txt > dig.out.ns3 || ret=1
$PERL ../digcomp.pl knowngood.dig.out.rec dig.out.ns3 || ret=1
digcomp knowngood.dig.out.rec dig.out.ns3 || ret=1
[ $ret = 0 ] || { status=1; echo_i "failed"; }
[ $pass = 1 ] && {

4
bin/tests/system/synthfromdnssec/tests.sh
View file

@ -106,7 +106,7 @@ do
else
grep "example.*3600.IN.SOA" dig.out.ns${ns}.test$n > /dev/null || ret=1
fi
$PERL ../digcomp.pl $nxdomain dig.out.ns${ns}.test$n || ret=1
digcomp $nxdomain dig.out.ns${ns}.test$n || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
@ -123,7 +123,7 @@ do
else
grep "example.*3600.IN.SOA" dig.out.ns${ns}.test$n > /dev/null || ret=1
fi
$PERL ../digcomp.pl $nodata dig.out.ns${ns}.test$n || ret=1
digcomp $nodata dig.out.ns${ns}.test$n || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`

18
bin/tests/system/upforwd/tests.sh
View file

@ -61,9 +61,9 @@ n=`expr $n + 1`
echo_i "comparing pre-update copies to known good data ($n)"
ret=0
$PERL ../digcomp.pl knowngood.before dig.out.ns1 || ret=1
$PERL ../digcomp.pl knowngood.before dig.out.ns2 || ret=1
$PERL ../digcomp.pl knowngood.before dig.out.ns3 || ret=1
digcomp knowngood.before dig.out.ns1 || ret=1
digcomp knowngood.before dig.out.ns2 || ret=1
digcomp knowngood.before dig.out.ns3 || ret=1
if [ $ret != 0 ] ; then echo_i "failed"; status=`expr $status + $ret`; fi
echo_i "updating zone (signed) ($n)"
@ -102,9 +102,9 @@ n=`expr $n + 1`
echo_i "comparing post-update copies to known good data ($n)"
ret=0
$PERL ../digcomp.pl knowngood.after1 dig.out.ns1 || ret=1
$PERL ../digcomp.pl knowngood.after1 dig.out.ns2 || ret=1
$PERL ../digcomp.pl knowngood.after1 dig.out.ns3 || ret=1
digcomp knowngood.after1 dig.out.ns1 || ret=1
digcomp knowngood.after1 dig.out.ns2 || ret=1
digcomp knowngood.after1 dig.out.ns3 || ret=1
if [ $ret != 0 ] ; then echo_i "failed"; status=`expr $status + $ret`; fi
echo_i "checking 'forwarding update for zone' is logged ($n)"
@ -148,9 +148,9 @@ if [ $ret != 0 ] ; then echo_i "failed"; status=`expr $status + $ret`; fi
echo_i "comparing post-update copies to known good data ($n)"
ret=0
$PERL ../digcomp.pl knowngood.after2 dig.out.ns1 || ret=1
$PERL ../digcomp.pl knowngood.after2 dig.out.ns2 || ret=1
$PERL ../digcomp.pl knowngood.after2 dig.out.ns3 || ret=1
digcomp knowngood.after2 dig.out.ns1 || ret=1
digcomp knowngood.after2 dig.out.ns2 || ret=1
digcomp knowngood.after2 dig.out.ns3 || ret=1
if [ $ret != 0 ] ; then echo_i "failed"; status=`expr $status + $ret`; fi
n=`expr $n + 1`

2
bin/tests/system/verify/zones/genzones.sh
View file

@ -10,6 +10,8 @@
SYSTEMTESTTOP=../..
. $SYSTEMTESTTOP/conf.sh
SYSTESTDIR=verify
dumpit () {
echo "D:${debug}: dumping ${1}"
cat "${1}" | sed 's/^/D:/'

6
bin/tests/system/views/tests.sh
View file

@ -55,13 +55,13 @@ echo_i "fetching a.example from ns3's 10.53.0.3, source address defaulted"
$DIG $DIGOPTS @10.53.0.3 a.example. any > dig.out.ns3.2 || status=1
echo_i "comparing ns3's initial a.example to one from reconfigured 10.53.0.2"
$PERL ../digcomp.pl dig.out.ns3.1 dig.out.ns2.2 || status=1
digcomp dig.out.ns3.1 dig.out.ns2.2 || status=1
echo_i "comparing ns3's initial a.example to one from reconfigured 10.53.0.3"
$PERL ../digcomp.pl dig.out.ns3.1 dig.out.ns3.2 || status=1
digcomp dig.out.ns3.1 dig.out.ns3.2 || status=1
echo_i "comparing ns2's initial a.example to one from reconfigured 10.53.0.4"
$PERL ../digcomp.pl dig.out.ns2.1 dig.out.ns4.2 || status=1
digcomp dig.out.ns2.1 dig.out.ns4.2 || status=1
echo_i "comparing ns2's initial a.example to one from reconfigured 10.53.0.3"
echo_i "(should be different)"

2
bin/tests/system/wildcard/ns1/sign.sh
View file

@ -12,6 +12,8 @@
SYSTEMTESTTOP=../..
. $SYSTEMTESTTOP/conf.sh
SYSTESTDIR=wildcard
dssets=
zone=dlv.

16
bin/tests/system/xfer/tests.sh
View file

@ -40,9 +40,9 @@ done
if test $tmp -eq 1 ; then status=1; fi
grep "^;" dig.out.ns3 | cat_i
{ $PERL ../digcomp.pl dig1.good dig.out.ns2 || status=1; } | cat_i
digcomp dig1.good dig.out.ns2 || status=1
{ $PERL ../digcomp.pl dig1.good dig.out.ns3 || status=1; } | cat_i
digcomp dig1.good dig.out.ns3 || status=1
n=`expr $n + 1`
echo_i "testing TSIG signed zone transfers"
@ -64,7 +64,7 @@ done
if test $tmp -eq 1 ; then status=1; fi
grep "^;" dig.out.ns3 | cat_i
{ $PERL ../digcomp.pl dig.out.ns2 dig.out.ns3 || status=1; } | cat_i
digcomp dig.out.ns2 dig.out.ns3 || status=1
echo_i "reload servers for in preparation for ixfr-from-differences tests"
@ -157,7 +157,7 @@ $DIG $DIGOPTS example. \
@10.53.0.3 axfr > dig.out.ns3 || tmp=1
grep "^;" dig.out.ns3 | cat_i
{ $PERL ../digcomp.pl dig2.good dig.out.ns3 || tmp=1; } | cat_i
digcomp dig2.good dig.out.ns3 || tmp=1
# ns3 has a journal iff it received an IXFR.
test -f ns3/example.bk || tmp=1
@ -178,7 +178,7 @@ $DIG $DIGOPTS master. \
@10.53.0.3 axfr > dig.out.ns3 || tmp=1
grep "^;" dig.out.ns3 > /dev/null && cat_i dig.out.ns3
{ $PERL ../digcomp.pl dig.out.ns6 dig.out.ns3 || tmp=1; } | cat_i
digcomp dig.out.ns6 dig.out.ns3 || tmp=1
# ns3 has a journal iff it received an IXFR.
test -f ns3/master.bk || tmp=1
@ -199,7 +199,7 @@ $DIG $DIGOPTS slave. \
@10.53.0.1 axfr > dig.out.ns1 || tmp=1
grep "^;" dig.out.ns1 | cat_i
{ $PERL ../digcomp.pl dig.out.ns6 dig.out.ns1 || tmp=1; } | cat_i
digcomp dig.out.ns6 dig.out.ns1 || tmp=1
# ns6 has a journal iff it received an IXFR.
test -f ns6/slave.bk || tmp=1
@ -231,7 +231,7 @@ $DIG $DIGOPTS slave. \
@10.53.0.7 axfr > dig.out.ns7 || tmp=1
grep "^;" dig.out.ns1 | cat_i
{ $PERL ../digcomp.pl dig.out.ns7 dig.out.ns1 || tmp=1; } | cat_i
digcomp dig.out.ns7 dig.out.ns1 || tmp=1
# ns7 has a journal iff it generates an IXFR.
test -f ns7/slave.bk || tmp=1
@ -434,7 +434,7 @@ $PERL $SYSTEMTESTTOP/start.pl --noclean --restart --port ${PORT} . ns3
$DIG -p ${PORT} txt mapped @10.53.0.3 > dig.out.2.$n
grep "status: NOERROR," dig.out.2.$n > /dev/null || tmp=1
$DIG -p ${PORT} axfr mapped @10.53.0.3 > dig.out.3.$n
{ $PERL ../digcomp.pl knowngood.mapped dig.out.3.$n || tmp=1; } | cat_i
digcomp knowngood.mapped dig.out.3.$n || tmp=1
if test $tmp != 0 ; then echo_i "failed"; fi
status=`expr $status + $tmp`

4
bin/tests/system/xferquota/tests.sh
View file

@ -48,7 +48,7 @@ $DIG $DIGOPTS zone000099.example. @10.53.0.1 axfr > dig.out.ns1 || status=1
$DIG $DIGOPTS zone000099.example. @10.53.0.2 axfr > dig.out.ns2 || status=1
$PERL ../digcomp.pl dig.out.ns1 dig.out.ns2 || status=1
digcomp dig.out.ns1 dig.out.ns2 || status=1
sleep 15
@ -56,7 +56,7 @@ $DIG $DIGOPTS a.changing. @10.53.0.1 a > dig.out.ns1 || status=1
$DIG $DIGOPTS a.changing. @10.53.0.2 a > dig.out.ns2 || status=1
$PERL ../digcomp.pl dig.out.ns1 dig.out.ns2 || status=1
digcomp dig.out.ns1 dig.out.ns2 || status=1
echo_i "exit status: $status"
[ $status -eq 0 ] || exit 1