sign.sh revision 247bf378605811d695e968dbe930a7fc45c0038e
#
*
*
# $Id: sign.sh,v 1.43 2011/11/04 05:36:28 each Exp $
SYSTEMTESTTOP=../..
# Change the signer field of the a.b.keyless.example SIG A
# to point to a provably nonexistent KEY record.
#
#
#
#
#
#
#
# A nsec3 zone (non-optout).
#
#
#
#
#
#
#
#
# A optout nsec3 zone.
#
#
# A nsec3 zone (non-optout) with unknown hash algorithm.
#
#
# A optout nsec3 zone.
#
#
# A multiple parameter nsec3 zone.
#
#
# A RSASHA256 zone.
#
#
# A RSASHA512 zone.
#
#
# A zone with the DNSKEY set only signed by the KSK
#
#
# A zone with the expired signatures
#
#
# A NSEC3 signed zone that will have a DNSKEY added to it via UPDATE.
#
#
# A NSEC signed zone that will have auto-dnssec enabled and
# extra keys not in the initial signed zone.
#
#
# A NSEC3 signed zone that will have auto-dnssec enabled and
# extra keys not in the initial signed zone.
#
#
# Secure below cname test zone.
#
#
# Patched TTL test zone.
#
#
# Seperate DNSSEC records.
#
: > $signedfile
#
# Seperate DNSSEC records smart signing.
#
: > $signedfile
#
# Zone with signatures about to expire, but no private key to replace them
#
#
# A zone where the signer's name has been forced to uppercase.
#
#
# Check that the signer's name is in lower case when zone name is in
# upper case.
#
#
# Zone with signatures about to expire, and dynamic, but configured
# not to resign with 'auto-resign no;'
#
# preserve a normalized copy of the NS RRSIG for comparison later
awk '$4 == "RRSIG" && $5 == "NS" {$2 = ""; print}' | \