mirror of
https://github.com/isc-projects/bind9.git
synced 2026-06-09 07:12:11 -04:00
migrate tests from bin/tests/dnssec-signzone to bin/tests/system/dnssec
- added tests to the dnssec system test that duplicate the ones from bin/tests/dnssec-signzone - changed cleanall.sh so it doesn't automatically remove all key files, because there are now some of those that are part of the distribution
This commit is contained in:
Evan Hunt
parent
344ab0eb7d
commit
ccfe778c01
19 changed files with 103 additions and 64 deletions
|
|
@ -1,46 +0,0 @@
|
|||
#!/bin/sh
|
||||
#
|
||||
# Copyright (C) Internet Systems Consortium, Inc. ("ISC")
|
||||
#
|
||||
# This Source Code Form is subject to the terms of the Mozilla Public
|
||||
# License, v. 2.0. If a copy of the MPL was not distributed with this
|
||||
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
|
||||
#
|
||||
# See the COPYRIGHT file distributed with this work for additional
|
||||
# information regarding copyright ownership.
|
||||
|
||||
# $Id: run-test.sh,v 1.3 2009/06/04 02:56:47 tbox Exp $
|
||||
|
||||
|
||||
sign="../../dnssec/dnssec-signzone -f signed.zone -o example.com."
|
||||
|
||||
signit() {
|
||||
rm -f signed.zone
|
||||
grep '^;' $zone
|
||||
$sign $zone
|
||||
}
|
||||
|
||||
expect_success() {
|
||||
if ! test -f signed.zone ; then
|
||||
echo "Error: expected success, but sign failed for $zone."
|
||||
else
|
||||
echo "Success: Sign succeeded for $zone."
|
||||
fi
|
||||
}
|
||||
|
||||
expect_failure() {
|
||||
if test -f signed.zone ; then
|
||||
echo "Error: expected failure, but sign succeeded for $zone."
|
||||
else
|
||||
echo "Success: Sign failed (expected) for $zone"
|
||||
fi
|
||||
}
|
||||
|
||||
zone="test1.zone" ; signit ; expect_success
|
||||
zone="test2.zone" ; signit ; expect_failure
|
||||
zone="test3.zone" ; signit ; expect_failure
|
||||
zone="test4.zone" ; signit ; expect_success
|
||||
zone="test5.zone" ; signit ; expect_failure
|
||||
zone="test6.zone" ; signit ; expect_failure
|
||||
zone="test7.zone" ; signit ; expect_failure
|
||||
zone="test8.zone" ; signit ; expect_failure
|
||||
|
|
@ -18,7 +18,7 @@ SYSTEMTESTTOP=.
|
|||
|
||||
|
||||
find . -type f \( \
|
||||
-name 'K*' -o -name '*~' -o -name 'core' -o -name '*.core' \
|
||||
-name '*~' -o -name 'core' -o -name '*.core' \
|
||||
-o -name '*.log' -o -name '*.pid' -o -name '*.keyset' \
|
||||
-o -name named.run -o -name ans.run \
|
||||
-o -name '*-valgrind-*.log' \) -print | xargs rm -f
|
||||
|
|
|
|||
|
|
@ -92,4 +92,7 @@ rm -f signer/example.db.after signer/example.db.before
|
|||
rm -f signer/example.db.changed
|
||||
rm -f signer/nsec3param.out
|
||||
rm -f signer/signer.out.*
|
||||
rm -f signer/general/signed.zone
|
||||
rm -f signer/general/signer.out.*
|
||||
rm -f signer/general/dsset*
|
||||
rm -f signing.out*
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
;
|
||||
; This is a zone which has three DNSKEY records, two (KSK + ZSK) of
|
||||
; which have existing private key files available. The third is a
|
||||
; which have existing private key files available. The third is a
|
||||
; pre-published ZSK.
|
||||
;
|
||||
$TTL 3600
|
||||
|
|
@ -1,5 +1,5 @@
|
|||
;
|
||||
; This is a zone which has two DNSKEY records, none of which have
|
||||
; This is a zone which has two DNSKEY records, none of which have
|
||||
; existing private key files available. The resulting zone should fail
|
||||
; the consistancy tests.
|
||||
;
|
||||
|
|
@ -1269,6 +1269,103 @@ n=`expr $n + 1`
|
|||
if [ $ret != 0 ]; then echo_i "failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
|
||||
echo_i "basic dnssec-signzone checks:"
|
||||
echo_i " two DNSKEYs ($n)"
|
||||
ret=0
|
||||
(
|
||||
cd signer/general
|
||||
rm -f signed.zone
|
||||
$SIGNER -f signed.zone -o example.com. test1.zone > signer.out.$n 2>&1
|
||||
test -f signed.zone
|
||||
) || ret=1
|
||||
n=`expr $n + 1`
|
||||
if [ $ret != 0 ]; then echo_i "failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
|
||||
echo_i " one non-KSK DNSKEY ($n)"
|
||||
ret=0
|
||||
(
|
||||
cd signer/general
|
||||
rm -f signed.zone
|
||||
$SIGNER -f signed.zone -o example.com. test2.zone > signer.out.$n 2>&1
|
||||
test -f signed.zone
|
||||
) && ret=1
|
||||
n=`expr $n + 1`
|
||||
if [ $ret != 0 ]; then echo_i "failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
|
||||
echo_i " one KSK DNSKEY ($n)"
|
||||
ret=0
|
||||
(
|
||||
cd signer/general
|
||||
rm -f signed.zone
|
||||
$SIGNER -f signed.zone -o example.com. test3.zone > signer.out.$n 2>&1
|
||||
test -f signed.zone
|
||||
) && ret=1
|
||||
n=`expr $n + 1`
|
||||
if [ $ret != 0 ]; then echo_i "failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
|
||||
echo_i " three DNSKEY ($n)"
|
||||
ret=0
|
||||
(
|
||||
cd signer/general
|
||||
rm -f signed.zone
|
||||
$SIGNER -f signed.zone -o example.com. test4.zone > signer.out.$n 2>&1
|
||||
test -f signed.zone
|
||||
) || ret=1
|
||||
n=`expr $n + 1`
|
||||
if [ $ret != 0 ]; then echo_i "failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
|
||||
echo_i " three DNSKEY, one private key missing ($n)"
|
||||
ret=0
|
||||
(
|
||||
cd signer/general
|
||||
rm -f signed.zone
|
||||
$SIGNER -f signed.zone -o example.com. test5.zone > signer.out.$n 2>&1
|
||||
test -f signed.zone
|
||||
) || ret=1
|
||||
n=`expr $n + 1`
|
||||
if [ $ret != 0 ]; then echo_i "failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
|
||||
echo_i " four DNSKEY ($n)"
|
||||
ret=0
|
||||
(
|
||||
cd signer/general
|
||||
rm -f signed.zone
|
||||
$SIGNER -f signed.zone -o example.com. test6.zone > signer.out.$n 2>&1
|
||||
test -f signed.zone
|
||||
) || ret=1
|
||||
n=`expr $n + 1`
|
||||
if [ $ret != 0 ]; then echo_i "failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
|
||||
echo_i " two DNSKEY, both private keys missing ($n)"
|
||||
ret=0
|
||||
(
|
||||
cd signer/general
|
||||
rm -f signed.zone
|
||||
$SIGNER -f signed.zone -o example.com. test7.zone > signer.out.$n 2>&1
|
||||
test -f signed.zone
|
||||
) && ret=1
|
||||
n=`expr $n + 1`
|
||||
if [ $ret != 0 ]; then echo_i "failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
|
||||
echo_i " two DNSKEY, one private key missing ($n)"
|
||||
ret=0
|
||||
(
|
||||
cd signer/general
|
||||
rm -f signed.zone
|
||||
$SIGNER -f signed.zone -o example.com. test8.zone > signer.out.$n 2>&1
|
||||
test -f signed.zone
|
||||
) && ret=1
|
||||
n=`expr $n + 1`
|
||||
if [ $ret != 0 ]; then echo_i "failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
|
||||
echo_i "checking that we can sign a zone with out-of-zone records ($n)"
|
||||
ret=0
|
||||
zone=example
|
||||
|
|
|
|||
|
|
@ -405,21 +405,6 @@
|
|||
./bin/tests/db/win32/t_db.vcxproj.in X 2013,2015,2016,2017,2018
|
||||
./bin/tests/db/win32/t_db.vcxproj.user X 2013,2018
|
||||
./bin/tests/db_test.c C 1999,2000,2001,2004,2005,2007,2008,2009,2011,2012,2013,2015,2016,2017,2018
|
||||
./bin/tests/dnssec-signzone/Kexample.com.+005+07065.key X 2009,2018
|
||||
./bin/tests/dnssec-signzone/Kexample.com.+005+07065.private X 2009,2018
|
||||
./bin/tests/dnssec-signzone/Kexample.com.+005+23362.key X 2009,2018
|
||||
./bin/tests/dnssec-signzone/Kexample.com.+005+23362.private X 2009,2018
|
||||
./bin/tests/dnssec-signzone/bogus-ksk.key X 2009,2018
|
||||
./bin/tests/dnssec-signzone/bogus-zsk.key X 2009,2018
|
||||
./bin/tests/dnssec-signzone/run-test.sh SH 2009,2012,2016,2018
|
||||
./bin/tests/dnssec-signzone/test1.zone X 2009,2018
|
||||
./bin/tests/dnssec-signzone/test2.zone X 2009,2018
|
||||
./bin/tests/dnssec-signzone/test3.zone X 2009,2018
|
||||
./bin/tests/dnssec-signzone/test4.zone X 2009,2018
|
||||
./bin/tests/dnssec-signzone/test5.zone X 2009,2018
|
||||
./bin/tests/dnssec-signzone/test6.zone X 2009,2018
|
||||
./bin/tests/dnssec-signzone/test7.zone X 2009,2018
|
||||
./bin/tests/dnssec-signzone/test8.zone X 2009,2018
|
||||
./bin/tests/dst/.gitignore X 2012,2013,2018
|
||||
./bin/tests/dst/Kdh.+002+18602.key.in X 2001,2013,2018
|
||||
./bin/tests/dst/Kdh.+002+18602.private.in X 2001,2013,2018
|
||||
|
|
|
|||
Loading…
Reference in a new issue