upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-05-28 04:34:54 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

Check conf dnssec-policy inline-signing secondary

Browse source 
Add a variant of checking configuration where inline-signing is
enabled on the secondary, requiring the 'file' entry. This time,
inline-signing is implicitly enabled via dnssec-policy.
This commit is contained in:
Matthijs Mekking 2026-05-18 15:13:38 +02:00
parent c62cff5aef
commit 43bbfbeb3c
2 changed files with 10 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
bin/tests/system/checkconf/inline-inherit.conf Normal file
View file

@ -0,0 +1,7 @@
remote-servers "stealthPrimaries" {127.0.0.1;};
zone "example.net" {
type secondary;
dnssec-policy default;
primaries { stealthPrimaries; };
};

3
bin/tests/system/checkconf/tests.sh
View file

@ -277,6 +277,9 @@ l=$(grep "missing 'file' entry" <checkconf.out$n.2 | wc -l)
$CHECKCONF inline-bad.conf >checkconf.out$n.3 2>&1 && ret=1
l=$(grep "missing 'file' entry" <checkconf.out$n.3 | wc -l)
[ $l -eq 1 ] || ret=1
$CHECKCONF inline-inherit.conf >checkconf.out$n.3 2>&1 && ret=1
l=$(grep "missing 'file' entry" <checkconf.out$n.3 | wc -l)
[ $l -eq 1 ] || ret=1
if [ $ret -ne 0 ]; then echo_i "failed"; fi
status=$((status + ret))