Add a DNSSEC policy test case for a special zone

Try to create a key for a zone, and then sign it, that has some special characters in the name. (cherry picked from commit 6a4f3ec242)
2026-06-11 04:20:00 -04:00 · 2023-11-17 16:00:23 +01:00 · 2023-11-17 16:00:23 +01:00 · cf23303dd9
commit cf23303dd9
parent 3c244da9d4
3 changed files with 26 additions and 0 deletions
--- a/bin/tests/system/kasp/ns3/named-fips.conf.in
+++ b/bin/tests/system/kasp/ns3/named-fips.conf.in
@ -49,6 +49,15 @@ zone "default.kasp" {
 	dnssec-policy "default";
 };

+/* A zone with special characters. */
+zone "i-am.\":\;?&[]\@!\$*+,|=\.\(\)special.kasp." {
+        type primary;
+        file "i-am.special.kasp.db";
+        check-names ignore;
+	inline-signing yes;
+        dnssec-policy "default";
+};
+
 /* checkds: Zone with one KSK. */
 zone "checkds-ksk.kasp" {
 	type primary;
--- a/bin/tests/system/kasp/ns3/setup.sh
+++ b/bin/tests/system/kasp/ns3/setup.sh
@ -51,6 +51,13 @@ for zn in default dnssec-keygen some-keys legacy-keys pregenerated \
  cp template.db.in "$zonefile"
 done

+#
+# Setup special zone
+#
+zone="i-am.\":\;?&[]\@!\$*+,|=\.\(\)special.kasp."
+echo_i "setting up zone: $zone"
+cp template.db.in "i-am.special.kasp.db"
+
 #
 # Set up RSASHA1 based zones
 #
--- a/bin/tests/system/kasp/tests.sh
+++ b/bin/tests/system/kasp/tests.sh
@ -393,6 +393,16 @@ check_apex
 check_subdomain
 dnssec_verify

+#
+# A zone with special characters.
+#
+set_zone "i-am.\":\;?&[]\@!\$*+,|=\.\(\)special.kasp."
+set_policy "default" "1" "3600"
+set_server "ns3" "10.53.0.3"
+# It is non-trivial to adapt the tests to deal with all possible different
+# escaping characters, so we will just try to verify the zone.
+dnssec_verify
+
 #
 # Zone: dynamic.kasp
 #