system/inline/tests.sh

	tests.sh revision b1c6de5456a5287b442de5620282902da39a4968
a3ab70dae26d009bf78b0594b2ab5eb9208f4b91Michael Graff#!/bin/sh
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews#
40f53fa8d9c6a4fc38c0014495e7a42b08f52481David Lawrence# Copyright (C) 2011  Internet Systems Consortium, Inc. ("ISC")
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews#
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews# Permission to use, copy, modify, and/or distribute this software for any
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews# purpose with or without fee is hereby granted, provided that the above
a3ab70dae26d009bf78b0594b2ab5eb9208f4b91Michael Graff# copyright notice and this permission notice appear in all copies.
a3ab70dae26d009bf78b0594b2ab5eb9208f4b91Michael Graff#
70e5a7403f0e0a3bd292b8287c5fed5772c15270Automatic Updater# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
9c3531d72aeaad6c5f01efe6a1c82023e1379e4dDavid Lawrence# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
a3ab70dae26d009bf78b0594b2ab5eb9208f4b91Michael Graff# AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
a3ab70dae26d009bf78b0594b2ab5eb9208f4b91Michael Graff# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
e4f074a2c2340ea80099beebecc3b89aa234fa8fMichael Graff# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
a3ab70dae26d009bf78b0594b2ab5eb9208f4b91Michael Graff# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
142784f574e0b63e8bbcccb762eb8727ac7c76feBrian Wellington# PERFORMANCE OF THIS SOFTWARE.
a3ab70dae26d009bf78b0594b2ab5eb9208f4b91Michael Graff
ae7d0a4375abaecfd5c5b0816616d9882831e69bMichael Graff# $Id: tests.sh,v 1.4 2011/10/25 01:54:20 marka Exp $
ae7d0a4375abaecfd5c5b0816616d9882831e69bMichael Graff
3759f10fc543747668b1ca4b4671f35b0dea8445Francis DupontSYSTEMTESTTOP=..
7df0472d8a76c83d2137bd9549414a30787d58cfBrian Wellington. $SYSTEMTESTTOP/conf.sh
ae7d0a4375abaecfd5c5b0816616d9882831e69bMichael Graff
a3ab70dae26d009bf78b0594b2ab5eb9208f4b91Michael GraffDIGOPTS="+tcp +dnssec"
a3ab70dae26d009bf78b0594b2ab5eb9208f4b91Michael GraffRANDFILE=random.data
74889a341cac183d477e15cfead391a8f7bdba95Michael Graff
74889a341cac183d477e15cfead391a8f7bdba95Michael Graffstatus=0
e4f074a2c2340ea80099beebecc3b89aa234fa8fMichael Graffn=0
1b6d529cb5ee0ad44f8518e1b8c2cbca54bbdf18David Lawrence
e4f074a2c2340ea80099beebecc3b89aa234fa8fMichael Graffn=`expr $n + 1`
e4f074a2c2340ea80099beebecc3b89aa234fa8fMichael Graffecho "I:checking that the zone is signed on initial transfer ($n)"
e4f074a2c2340ea80099beebecc3b89aa234fa8fMichael Graffret=0
e4f074a2c2340ea80099beebecc3b89aa234fa8fMichael Grafffor i in 1 2 3 4 5 6 7 8 9 10
e4f074a2c2340ea80099beebecc3b89aa234fa8fMichael Graffdo
e4f074a2c2340ea80099beebecc3b89aa234fa8fMichael Graff    ret=0
e4f074a2c2340ea80099beebecc3b89aa234fa8fMichael Graff    $DIG $DIGOPTS @10.53.0.3 -p 5300 bits TYPE65534 > dig.out.ns3.test$n
1b6d529cb5ee0ad44f8518e1b8c2cbca54bbdf18David Lawrence    grep "status: NOERROR" dig.out.ns3.test$n > /dev/null || ret=1
e4f074a2c2340ea80099beebecc3b89aa234fa8fMichael Graff    grep "ANSWER: 3," dig.out.ns3.test$n > /dev/null || ret=1
e4f074a2c2340ea80099beebecc3b89aa234fa8fMichael Graff    records=`grep 'TYPE65534.*05[0-9A-F][0-9A-F][0-9A-F][0-9A-F]0001$' dig.out.ns3.test$n | wc -l`
e4f074a2c2340ea80099beebecc3b89aa234fa8fMichael Graff    [ $records = 2 ] || ret=1
e4f074a2c2340ea80099beebecc3b89aa234fa8fMichael Graff    if [ $ret = 0 ]; then break; fi
e4f074a2c2340ea80099beebecc3b89aa234fa8fMichael Graff    sleep 1
e4f074a2c2340ea80099beebecc3b89aa234fa8fMichael Graffdone
b6b21d80450f81d873d7e8cd21e7b72fdf512507Mark Andrewsif [ $ret != 0 ]; then echo "I:failed"; fi
e4f074a2c2340ea80099beebecc3b89aa234fa8fMichael Graffstatus=`expr $status + $ret`
e4f074a2c2340ea80099beebecc3b89aa234fa8fMichael Graff
e4f074a2c2340ea80099beebecc3b89aa234fa8fMichael Graffn=`expr $n + 1`
e4f074a2c2340ea80099beebecc3b89aa234fa8fMichael Graffecho "I:checking removal of private type record via 'rndc keydone' ($n)"
e4f074a2c2340ea80099beebecc3b89aa234fa8fMichael Graffret=0
e4f074a2c2340ea80099beebecc3b89aa234fa8fMichael Graff$DIG $DIGOPTS @10.53.0.3 -p 5300 bits TYPE65534 > dig.out.ns3.test$n
e4f074a2c2340ea80099beebecc3b89aa234fa8fMichael Graffrecords=`sed -n -e 's/.*TYPE65534.*\(05[0-9A-F][0-9A-F][0-9A-F][0-9A-F]0001\)$/\1/p' dig.out.ns3.test$n`
e4f074a2c2340ea80099beebecc3b89aa234fa8fMichael Grafffor record in $records
e4f074a2c2340ea80099beebecc3b89aa234fa8fMichael Graffdo
e4f074a2c2340ea80099beebecc3b89aa234fa8fMichael Graff    $RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 keydone "${record}" bits || ret=1
e4f074a2c2340ea80099beebecc3b89aa234fa8fMichael Graff    break;  # We only want to remove 1 record for now.
e4f074a2c2340ea80099beebecc3b89aa234fa8fMichael Graffdone 2>&1 |sed 's/^/I:ns3 /'
e4f074a2c2340ea80099beebecc3b89aa234fa8fMichael Graff
e4f074a2c2340ea80099beebecc3b89aa234fa8fMichael Grafffor i in 1 2 3 4 5 6 7 8 9 10
e4f074a2c2340ea80099beebecc3b89aa234fa8fMichael Graffdo
e4f074a2c2340ea80099beebecc3b89aa234fa8fMichael Graff    ans=0
e4f074a2c2340ea80099beebecc3b89aa234fa8fMichael Graff    $DIG $DIGOPTS @10.53.0.3 -p 5300 bits TYPE65534 > dig.out.ns3.test$n
1b6d529cb5ee0ad44f8518e1b8c2cbca54bbdf18David Lawrence    grep "ANSWER: 2," dig.out.ns3.test$n > /dev/null || ans=1
7dbf5a0b64237aa3052f04f4c8f7d56be8ec5d79Michael Graff    [ $ans = 1 ] || break
e4f074a2c2340ea80099beebecc3b89aa234fa8fMichael Graff    sleep 1
7dbf5a0b64237aa3052f04f4c8f7d56be8ec5d79Michael Graffdone
1a69a1a78cfaa86f3b68bbc965232b7876d4da2aDavid Lawrence[ $ans = 0 ] || ret=1
e4f074a2c2340ea80099beebecc3b89aa234fa8fMichael Graff
e4f074a2c2340ea80099beebecc3b89aa234fa8fMichael Graffif [ $ret != 0 ]; then echo "I:failed"; fi
e4f074a2c2340ea80099beebecc3b89aa234fa8fMichael Graffstatus=`expr $status + $ret`
e4f074a2c2340ea80099beebecc3b89aa234fa8fMichael Graff
e4f074a2c2340ea80099beebecc3b89aa234fa8fMichael Graffn=`expr $n + 1`
e4f074a2c2340ea80099beebecc3b89aa234fa8fMichael Graffecho "I:checking private type was properly signed ($n)"
58ff88cca7c169f7fbebc9b6e93bbba1fb345157Michael Graffret=0
e4f074a2c2340ea80099beebecc3b89aa234fa8fMichael Graff$DIG $DIGOPTS @10.53.0.6 -p 5300 bits TYPE65534 > dig.out.ns6.test$n
e4f074a2c2340ea80099beebecc3b89aa234fa8fMichael Graffgrep "ANSWER: 2," dig.out.ns6.test$n > /dev/null || ret=1
e4f074a2c2340ea80099beebecc3b89aa234fa8fMichael Graffgrep "flags:.* ad[ ;]" dig.out.ns6.test$n > /dev/null || ret=1
e4f074a2c2340ea80099beebecc3b89aa234fa8fMichael Graff
e4f074a2c2340ea80099beebecc3b89aa234fa8fMichael Graffif [ $ret != 0 ]; then echo "I:failed"; fi
1b6d529cb5ee0ad44f8518e1b8c2cbca54bbdf18David Lawrencestatus=`expr $status + $ret`
1b6d529cb5ee0ad44f8518e1b8c2cbca54bbdf18David Lawrence
e4f074a2c2340ea80099beebecc3b89aa234fa8fMichael Graffn=`expr $n + 1`
e4f074a2c2340ea80099beebecc3b89aa234fa8fMichael Graffecho "I:checking removal of remaining private type record via 'rndc keydone' ($n)"
e4f074a2c2340ea80099beebecc3b89aa234fa8fMichael Graffret=0
e4f074a2c2340ea80099beebecc3b89aa234fa8fMichael Graff$DIG $DIGOPTS @10.53.0.3 -p 5300 bits TYPE65534 > dig.out.ns3.test$n
e4f074a2c2340ea80099beebecc3b89aa234fa8fMichael Graffrecords=`sed -n -e 's/.*TYPE65534.*\(05[0-9A-F][0-9A-F][0-9A-F][0-9A-F]0001\)$/\1/p' dig.out.ns3.test$n`
e4f074a2c2340ea80099beebecc3b89aa234fa8fMichael Grafffor record in $records
e4f074a2c2340ea80099beebecc3b89aa234fa8fMichael Graffdo
e4f074a2c2340ea80099beebecc3b89aa234fa8fMichael Graff    $RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 keydone "${record}" bits || ret=1
e4f074a2c2340ea80099beebecc3b89aa234fa8fMichael Graffdone 2>&1 |sed 's/^/I:ns3 /'
e4f074a2c2340ea80099beebecc3b89aa234fa8fMichael Graff
e4f074a2c2340ea80099beebecc3b89aa234fa8fMichael Grafffor i in 1 2 3 4 5 6 7 8 9 10
e4f074a2c2340ea80099beebecc3b89aa234fa8fMichael Graffdo
e4f074a2c2340ea80099beebecc3b89aa234fa8fMichael Graff    ans=0
e4f074a2c2340ea80099beebecc3b89aa234fa8fMichael Graff    $DIG $DIGOPTS @10.53.0.3 -p 5300 bits TYPE65534 > dig.out.ns3.test$n
e4f074a2c2340ea80099beebecc3b89aa234fa8fMichael Graff    grep "ANSWER: 0," dig.out.ns3.test$n > /dev/null || ans=1
e4f074a2c2340ea80099beebecc3b89aa234fa8fMichael Graff    grep "status: NOERROR" dig.out.ns3.test$n > /dev/null || ans=1
e4f074a2c2340ea80099beebecc3b89aa234fa8fMichael Graff    [ $ans = 1 ] || break
e4f074a2c2340ea80099beebecc3b89aa234fa8fMichael Graff    sleep 1
e4f074a2c2340ea80099beebecc3b89aa234fa8fMichael Graffdone
e4f074a2c2340ea80099beebecc3b89aa234fa8fMichael Graff[ $ans = 0 ] || ret=1
e4f074a2c2340ea80099beebecc3b89aa234fa8fMichael Graff
e4f074a2c2340ea80099beebecc3b89aa234fa8fMichael Graffif [ $ret != 0 ]; then echo "I:failed"; fi
e4f074a2c2340ea80099beebecc3b89aa234fa8fMichael Graffstatus=`expr $status + $ret`
e4f074a2c2340ea80099beebecc3b89aa234fa8fMichael Graff
e4f074a2c2340ea80099beebecc3b89aa234fa8fMichael Graffn=`expr $n + 1`
e4f074a2c2340ea80099beebecc3b89aa234fa8fMichael Graffecho "I:checking negative private type response was properly signed ($n)"
e4f074a2c2340ea80099beebecc3b89aa234fa8fMichael Graffret=0
e4f074a2c2340ea80099beebecc3b89aa234fa8fMichael Graff$DIG $DIGOPTS @10.53.0.6 -p 5300 bits TYPE65534 > dig.out.ns6.test$n
58ff88cca7c169f7fbebc9b6e93bbba1fb345157Michael Graffgrep "status: NOERROR" dig.out.ns6.test$n > /dev/null || ret=1
c05e003dce672b2f8555a3e56857f29ce89c1677Michael Graffgrep "ANSWER: 0," dig.out.ns6.test$n > /dev/null || ret=1
c05e003dce672b2f8555a3e56857f29ce89c1677Michael Graffgrep "flags:.* ad[ ;]" dig.out.ns6.test$n > /dev/null || ret=1
c05e003dce672b2f8555a3e56857f29ce89c1677Michael Graff
c05e003dce672b2f8555a3e56857f29ce89c1677Michael Graffif [ $ret != 0 ]; then echo "I:failed"; fi
c05e003dce672b2f8555a3e56857f29ce89c1677Michael Graffstatus=`expr $status + $ret`
1b6d529cb5ee0ad44f8518e1b8c2cbca54bbdf18David Lawrence
1b6d529cb5ee0ad44f8518e1b8c2cbca54bbdf18David Lawrence$NSUPDATE << EOF
c05e003dce672b2f8555a3e56857f29ce89c1677Michael Graffzone bits
c05e003dce672b2f8555a3e56857f29ce89c1677Michael Graffserver 10.53.0.2 5300
c05e003dce672b2f8555a3e56857f29ce89c1677Michael Graffupdate add added.bits 0 A 1.2.3.4
c05e003dce672b2f8555a3e56857f29ce89c1677Michael Graffsend
c05e003dce672b2f8555a3e56857f29ce89c1677Michael GraffEOF
c05e003dce672b2f8555a3e56857f29ce89c1677Michael Graff
c05e003dce672b2f8555a3e56857f29ce89c1677Michael Graffn=`expr $n + 1`
c05e003dce672b2f8555a3e56857f29ce89c1677Michael Graffecho "I:checking that the record is added on the hidden master ($n)"
c05e003dce672b2f8555a3e56857f29ce89c1677Michael Graffret=0
c05e003dce672b2f8555a3e56857f29ce89c1677Michael Graff$DIG $DIGOPTS @10.53.0.2 -p 5300 added.bits A > dig.out.ns2.test$n
c05e003dce672b2f8555a3e56857f29ce89c1677Michael Graffgrep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1
c05e003dce672b2f8555a3e56857f29ce89c1677Michael Graffgrep "ANSWER: 1," dig.out.ns2.test$n > /dev/null || ret=1
c05e003dce672b2f8555a3e56857f29ce89c1677Michael Graffif [ $ret != 0 ]; then echo "I:failed"; fi
c05e003dce672b2f8555a3e56857f29ce89c1677Michael Graffstatus=`expr $status + $ret`
c05e003dce672b2f8555a3e56857f29ce89c1677Michael Graff
c05e003dce672b2f8555a3e56857f29ce89c1677Michael Graffn=`expr $n + 1`
c05e003dce672b2f8555a3e56857f29ce89c1677Michael Graffecho "I:checking that update has been transfered and has been signed ($n)"
c05e003dce672b2f8555a3e56857f29ce89c1677Michael Graffret=0
c05e003dce672b2f8555a3e56857f29ce89c1677Michael Grafffor i in 1 2 3 4 5 6 7 8 9 10
c05e003dce672b2f8555a3e56857f29ce89c1677Michael Graffdo
c05e003dce672b2f8555a3e56857f29ce89c1677Michael Graff    ret=0
c05e003dce672b2f8555a3e56857f29ce89c1677Michael Graff    $DIG $DIGOPTS @10.53.0.3 -p 5300 added.bits A > dig.out.ns3.test$n
c05e003dce672b2f8555a3e56857f29ce89c1677Michael Graff    grep "status: NOERROR" dig.out.ns3.test$n > /dev/null || ret=1
c05e003dce672b2f8555a3e56857f29ce89c1677Michael Graff    grep "ANSWER: 2," dig.out.ns3.test$n > /dev/null || ret=1
c05e003dce672b2f8555a3e56857f29ce89c1677Michael Graff    if [ $ret = 0 ]; then break; fi
c05e003dce672b2f8555a3e56857f29ce89c1677Michael Graff    sleep 1
c05e003dce672b2f8555a3e56857f29ce89c1677Michael Graffdone
7dbf5a0b64237aa3052f04f4c8f7d56be8ec5d79Michael Graffif [ $ret != 0 ]; then echo "I:failed"; fi
7dbf5a0b64237aa3052f04f4c8f7d56be8ec5d79Michael Graffstatus=`expr $status + $ret`
7dbf5a0b64237aa3052f04f4c8f7d56be8ec5d79Michael Graff
1b6d529cb5ee0ad44f8518e1b8c2cbca54bbdf18David Lawrence$NSUPDATE << EOF
7dbf5a0b64237aa3052f04f4c8f7d56be8ec5d79Michael Graffzone bits
d736db6dc53e615e3f2d66d1ddbe28473694d107Michael Graffserver 10.53.0.2 5300
7dbf5a0b64237aa3052f04f4c8f7d56be8ec5d79Michael Graffupdate add bits 0 SOA ns2.bits. . 2011072400 20 20 1814400 3600
291b0d910d115e41a4b69d0603c3376aebf0c630Michael Graffsend
e24f605ad64182532640dc6721070456b13112d5Michael GraffEOF
7dbf5a0b64237aa3052f04f4c8f7d56be8ec5d79Michael Graff
7dbf5a0b64237aa3052f04f4c8f7d56be8ec5d79Michael Graffn=`expr $n + 1`
1a0e33bc2044e1902493111db14cbf793083ac47Michael Graffecho "I:checking YYYYMMDDVV (2011072400) serial on hidden master ($n)"
291b0d910d115e41a4b69d0603c3376aebf0c630Michael Graffret=0
7dbf5a0b64237aa3052f04f4c8f7d56be8ec5d79Michael Graff$DIG $DIGOPTS @10.53.0.2 -p 5300 bits SOA > dig.out.ns2.test$n
1a0e33bc2044e1902493111db14cbf793083ac47Michael Graffgrep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1
4e675038a097065ff13944232cd7c89ac5961984Michael Graffgrep "ANSWER: 1," dig.out.ns2.test$n > /dev/null || ret=1
4e675038a097065ff13944232cd7c89ac5961984Michael Graffgrep "2011072400" dig.out.ns2.test$n > /dev/null || ret=1
4e675038a097065ff13944232cd7c89ac5961984Michael Graffif [ $ret != 0 ]; then echo "I:failed"; fi
4e675038a097065ff13944232cd7c89ac5961984Michael Graffstatus=`expr $status + $ret`
2311073ce0ef26c0250e91e4a083d7cc94fa7d33Michael Graff
4e675038a097065ff13944232cd7c89ac5961984Michael Graffn=`expr $n + 1`
291b0d910d115e41a4b69d0603c3376aebf0c630Michael Graffecho "I:checking YYYYMMDDVV (2011072400) serial in signed zone ($n)"
291b0d910d115e41a4b69d0603c3376aebf0c630Michael Grafffor i in 1 2 3 4 5 6 7 8 9 10
291b0d910d115e41a4b69d0603c3376aebf0c630Michael Graffdo
291b0d910d115e41a4b69d0603c3376aebf0c630Michael Graff    ret=0
f1b68725503ff3e46001eee5a1751e29a43a09d1Andreas Gustafsson    $DIG $DIGOPTS @10.53.0.3 -p 5300 bits SOA > dig.out.ns3.test$n
291b0d910d115e41a4b69d0603c3376aebf0c630Michael Graff    grep "status: NOERROR" dig.out.ns3.test$n > /dev/null || ret=1
291b0d910d115e41a4b69d0603c3376aebf0c630Michael Graff    grep "ANSWER: 2," dig.out.ns3.test$n > /dev/null || ret=1
d736db6dc53e615e3f2d66d1ddbe28473694d107Michael Graff    grep "2011072400" dig.out.ns3.test$n > /dev/null || ret=1
f1b68725503ff3e46001eee5a1751e29a43a09d1Andreas Gustafsson    if [ $ret = 0 ]; then break; fi
d736db6dc53e615e3f2d66d1ddbe28473694d107Michael Graff    sleep 1
d736db6dc53e615e3f2d66d1ddbe28473694d107Michael Graffdone
d736db6dc53e615e3f2d66d1ddbe28473694d107Michael Graffif [ $ret != 0 ]; then echo "I:failed"; fi
d736db6dc53e615e3f2d66d1ddbe28473694d107Michael Graffstatus=`expr $status + $ret`
e24f605ad64182532640dc6721070456b13112d5Michael Graffn=`expr $n + 1`
e24f605ad64182532640dc6721070456b13112d5Michael Graff
d736db6dc53e615e3f2d66d1ddbe28473694d107Michael Graffecho "I:checking that the zone is signed on initial transfer, noixfr ($n)"
e24f605ad64182532640dc6721070456b13112d5Michael Graffret=0
e24f605ad64182532640dc6721070456b13112d5Michael Grafffor i in 1 2 3 4 5 6 7 8 9 10 1 2 3 4 5 6 7 8 9 10 1 2 3 4 5 6 7 8 9 10
d736db6dc53e615e3f2d66d1ddbe28473694d107Michael Graffdo
d736db6dc53e615e3f2d66d1ddbe28473694d107Michael Graff    ret=0
291b0d910d115e41a4b69d0603c3376aebf0c630Michael Graff    $DIG $DIGOPTS @10.53.0.3 -p 5300 noixfr TYPE65534 > dig.out.ns3.test$n
7dbf5a0b64237aa3052f04f4c8f7d56be8ec5d79Michael Graff    grep "status: NOERROR" dig.out.ns3.test$n > /dev/null || ret=1
7dbf5a0b64237aa3052f04f4c8f7d56be8ec5d79Michael Graff    grep "ANSWER: 3," dig.out.ns3.test$n > /dev/null || ret=1
7dbf5a0b64237aa3052f04f4c8f7d56be8ec5d79Michael Graff    records=`grep "TYPE65534.*05[0-9A-F][0-9A-F][0-9A-F][0-9A-F]0001" dig.out.ns3.test$n | wc -l`
7dbf5a0b64237aa3052f04f4c8f7d56be8ec5d79Michael Graff    [ $records = 2 ] || ret=1
ae7d0a4375abaecfd5c5b0816616d9882831e69bMichael Graff    if [ $ret = 0 ]; then break; fi
1b6d529cb5ee0ad44f8518e1b8c2cbca54bbdf18David Lawrence    sleep 1
ae7d0a4375abaecfd5c5b0816616d9882831e69bMichael Graffdone
ae7d0a4375abaecfd5c5b0816616d9882831e69bMichael Graffif [ $ret != 0 ]; then echo "I:failed"; fi
ae7d0a4375abaecfd5c5b0816616d9882831e69bMichael Graffstatus=`expr $status + $ret`
e24f605ad64182532640dc6721070456b13112d5Michael Graff
e24f605ad64182532640dc6721070456b13112d5Michael Graff$NSUPDATE << EOF
e24f605ad64182532640dc6721070456b13112d5Michael Graffzone noixfr
e24f605ad64182532640dc6721070456b13112d5Michael Graffserver 10.53.0.4 5300
e24f605ad64182532640dc6721070456b13112d5Michael Graffupdate add added.noixfr 0 A 1.2.3.4
e24f605ad64182532640dc6721070456b13112d5Michael Graffsend
e24f605ad64182532640dc6721070456b13112d5Michael GraffEOF
e24f605ad64182532640dc6721070456b13112d5Michael Graff
e24f605ad64182532640dc6721070456b13112d5Michael Graffn=`expr $n + 1`
e24f605ad64182532640dc6721070456b13112d5Michael Graffecho "I:checking that the record is added on the hidden master, noixfr ($n)"
e24f605ad64182532640dc6721070456b13112d5Michael Graffret=0
e24f605ad64182532640dc6721070456b13112d5Michael Graff$DIG $DIGOPTS @10.53.0.4 -p 5300 added.noixfr A > dig.out.ns4.test$n
ae7d0a4375abaecfd5c5b0816616d9882831e69bMichael Graffgrep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1
ae7d0a4375abaecfd5c5b0816616d9882831e69bMichael Graffgrep "ANSWER: 1," dig.out.ns4.test$n > /dev/null || ret=1
e24f605ad64182532640dc6721070456b13112d5Michael Graffif [ $ret != 0 ]; then echo "I:failed"; fi
1a0e33bc2044e1902493111db14cbf793083ac47Michael Graffstatus=`expr $status + $ret`
ae7d0a4375abaecfd5c5b0816616d9882831e69bMichael Graff
ae7d0a4375abaecfd5c5b0816616d9882831e69bMichael Graffn=`expr $n + 1`
ae7d0a4375abaecfd5c5b0816616d9882831e69bMichael Graffecho "I:checking that update has been transfered and has been signed, noixfr ($n)"
ae7d0a4375abaecfd5c5b0816616d9882831e69bMichael Graffret=0
ae7d0a4375abaecfd5c5b0816616d9882831e69bMichael Grafffor i in 1 2 3 4 5 6 7 8 9 10 1 2 3 4 5 6 7 8 9 10 1 2 3 4 5 6 7 8 9 10
ae7d0a4375abaecfd5c5b0816616d9882831e69bMichael Graffdo
f1b68725503ff3e46001eee5a1751e29a43a09d1Andreas Gustafsson    ret=0
ae7d0a4375abaecfd5c5b0816616d9882831e69bMichael Graff    $DIG $DIGOPTS @10.53.0.3 -p 5300 added.noixfr A > dig.out.ns3.test$n
ae7d0a4375abaecfd5c5b0816616d9882831e69bMichael Graff    grep "status: NOERROR" dig.out.ns3.test$n > /dev/null || ret=1
ae7d0a4375abaecfd5c5b0816616d9882831e69bMichael Graff    grep "ANSWER: 2," dig.out.ns3.test$n > /dev/null || ret=1
ae7d0a4375abaecfd5c5b0816616d9882831e69bMichael Graff    if [ $ret = 0 ]; then break; fi
ae7d0a4375abaecfd5c5b0816616d9882831e69bMichael Graff    sleep 1
74889a341cac183d477e15cfead391a8f7bdba95Michael Graffdone
ae7d0a4375abaecfd5c5b0816616d9882831e69bMichael Graffif [ $ret != 0 ]; then echo "I:failed"; fi
ae7d0a4375abaecfd5c5b0816616d9882831e69bMichael Graffstatus=`expr $status + $ret`
ae7d0a4375abaecfd5c5b0816616d9882831e69bMichael Graff
ae7d0a4375abaecfd5c5b0816616d9882831e69bMichael Graff$NSUPDATE << EOF
1a69a1a78cfaa86f3b68bbc965232b7876d4da2aDavid Lawrencezone noixfr
ae7d0a4375abaecfd5c5b0816616d9882831e69bMichael Graffserver 10.53.0.4 5300
ae7d0a4375abaecfd5c5b0816616d9882831e69bMichael Graffupdate add noixfr 0 SOA ns4.noixfr. . 2011072400 20 20 1814400 3600
ae7d0a4375abaecfd5c5b0816616d9882831e69bMichael Graffsend
ae7d0a4375abaecfd5c5b0816616d9882831e69bMichael GraffEOF
1a69a1a78cfaa86f3b68bbc965232b7876d4da2aDavid Lawrence
ae7d0a4375abaecfd5c5b0816616d9882831e69bMichael Graffn=`expr $n + 1`
ae7d0a4375abaecfd5c5b0816616d9882831e69bMichael Graffecho "I:checking YYYYMMDDVV (2011072400) serial on hidden master, noixfr ($n)"
74889a341cac183d477e15cfead391a8f7bdba95Michael Graffret=0
ae7d0a4375abaecfd5c5b0816616d9882831e69bMichael Graff$DIG $DIGOPTS @10.53.0.4 -p 5300 noixfr SOA > dig.out.ns4.test$n
7dbf5a0b64237aa3052f04f4c8f7d56be8ec5d79Michael Graffgrep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1
1a69a1a78cfaa86f3b68bbc965232b7876d4da2aDavid Lawrencegrep "ANSWER: 1," dig.out.ns4.test$n > /dev/null || ret=1
7dbf5a0b64237aa3052f04f4c8f7d56be8ec5d79Michael Graffgrep "2011072400" dig.out.ns4.test$n > /dev/null || ret=1
74889a341cac183d477e15cfead391a8f7bdba95Michael Graffif [ $ret != 0 ]; then echo "I:failed"; fi
ae7d0a4375abaecfd5c5b0816616d9882831e69bMichael Graffstatus=`expr $status + $ret`
ae7d0a4375abaecfd5c5b0816616d9882831e69bMichael Graff
74889a341cac183d477e15cfead391a8f7bdba95Michael Graffn=`expr $n + 1`
7dbf5a0b64237aa3052f04f4c8f7d56be8ec5d79Michael Graffecho "I:checking YYYYMMDDVV (2011072400) serial in signed zone, noixfr ($n)"
7dbf5a0b64237aa3052f04f4c8f7d56be8ec5d79Michael Grafffor i in 1 2 3 4 5 6 7 8 9 10
7dbf5a0b64237aa3052f04f4c8f7d56be8ec5d79Michael Graffdo
7dbf5a0b64237aa3052f04f4c8f7d56be8ec5d79Michael Graff    ret=0
74889a341cac183d477e15cfead391a8f7bdba95Michael Graff    $DIG $DIGOPTS @10.53.0.3 -p 5300 noixfr SOA > dig.out.ns3.test$n
ae7d0a4375abaecfd5c5b0816616d9882831e69bMichael Graff    grep "status: NOERROR" dig.out.ns3.test$n > /dev/null || ret=1
ae7d0a4375abaecfd5c5b0816616d9882831e69bMichael Graff    grep "ANSWER: 2," dig.out.ns3.test$n > /dev/null || ret=1
ae7d0a4375abaecfd5c5b0816616d9882831e69bMichael Graff    grep "2011072400" dig.out.ns3.test$n > /dev/null || ret=1
74889a341cac183d477e15cfead391a8f7bdba95Michael Graff    if [ $ret = 0 ]; then break; fi
ae7d0a4375abaecfd5c5b0816616d9882831e69bMichael Graff    sleep 1
7dbf5a0b64237aa3052f04f4c8f7d56be8ec5d79Michael Graffdone
74889a341cac183d477e15cfead391a8f7bdba95Michael Graffif [ $ret != 0 ]; then echo "I:failed"; fi
efe2f579ba6fbec4229129015780f2d925085b04Michael Graffstatus=`expr $status + $ret`
74889a341cac183d477e15cfead391a8f7bdba95Michael Graff
efe2f579ba6fbec4229129015780f2d925085b04Michael Graffn=`expr $n + 1`
74889a341cac183d477e15cfead391a8f7bdba95Michael Graffecho "I:stop bump in the wire signer server ($n)"
2311073ce0ef26c0250e91e4a083d7cc94fa7d33Michael Graffret=0
7dbf5a0b64237aa3052f04f4c8f7d56be8ec5d79Michael Graff$PERL ../stop.pl . ns3 || ret=1
7dbf5a0b64237aa3052f04f4c8f7d56be8ec5d79Michael Graffif [ $ret != 0 ]; then echo "I:failed"; fi
2311073ce0ef26c0250e91e4a083d7cc94fa7d33Michael Graffstatus=`expr $status + $ret`
2311073ce0ef26c0250e91e4a083d7cc94fa7d33Michael Graff
2311073ce0ef26c0250e91e4a083d7cc94fa7d33Michael Graffn=`expr $n + 1`
2311073ce0ef26c0250e91e4a083d7cc94fa7d33Michael Graffecho "I:restart bump in the wire signer server ($n)"
2311073ce0ef26c0250e91e4a083d7cc94fa7d33Michael Graffret=0
7dbf5a0b64237aa3052f04f4c8f7d56be8ec5d79Michael Graff$PERL ../start.pl --noclean --restart . ns3 || ret=1
2311073ce0ef26c0250e91e4a083d7cc94fa7d33Michael Graffif [ $ret != 0 ]; then echo "I:failed"; fi
2311073ce0ef26c0250e91e4a083d7cc94fa7d33Michael Graffstatus=`expr $status + $ret`
2311073ce0ef26c0250e91e4a083d7cc94fa7d33Michael Graff
2311073ce0ef26c0250e91e4a083d7cc94fa7d33Michael Graff$NSUPDATE << EOF
2311073ce0ef26c0250e91e4a083d7cc94fa7d33Michael Graffzone bits
2311073ce0ef26c0250e91e4a083d7cc94fa7d33Michael Graffserver 10.53.0.2 5300
2311073ce0ef26c0250e91e4a083d7cc94fa7d33Michael Graffupdate add bits 0 SOA ns2.bits. . 2011072450 20 20 1814400 3600
1a0e33bc2044e1902493111db14cbf793083ac47Michael Graffsend
e24f605ad64182532640dc6721070456b13112d5Michael GraffEOF
4e675038a097065ff13944232cd7c89ac5961984Michael Graff
2311073ce0ef26c0250e91e4a083d7cc94fa7d33Michael Graffn=`expr $n + 1`
2311073ce0ef26c0250e91e4a083d7cc94fa7d33Michael Graffecho "I:checking YYYYMMDDVV (2011072450) serial on hidden master ($n)"
2311073ce0ef26c0250e91e4a083d7cc94fa7d33Michael Graffret=0
2311073ce0ef26c0250e91e4a083d7cc94fa7d33Michael Graff$DIG $DIGOPTS @10.53.0.2 -p 5300 bits SOA > dig.out.ns2.test$n
2311073ce0ef26c0250e91e4a083d7cc94fa7d33Michael Graffgrep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1
e24f605ad64182532640dc6721070456b13112d5Michael Graffgrep "ANSWER: 1," dig.out.ns2.test$n > /dev/null || ret=1
e24f605ad64182532640dc6721070456b13112d5Michael Graffgrep "2011072450" dig.out.ns2.test$n > /dev/null || ret=1
e24f605ad64182532640dc6721070456b13112d5Michael Graffif [ $ret != 0 ]; then echo "I:failed"; fi
c05e003dce672b2f8555a3e56857f29ce89c1677Michael Graffstatus=`expr $status + $ret`
2311073ce0ef26c0250e91e4a083d7cc94fa7d33Michael Graff
e4f074a2c2340ea80099beebecc3b89aa234fa8fMichael Graffn=`expr $n + 1`
e4f074a2c2340ea80099beebecc3b89aa234fa8fMichael Graffecho "I:checking YYYYMMDDVV (2011072450) serial in signed zone ($n)"
74889a341cac183d477e15cfead391a8f7bdba95Michael Grafffor i in 1 2 3 4 5 6 7 8 9 10
ae7d0a4375abaecfd5c5b0816616d9882831e69bMichael Graffdo
ae7d0a4375abaecfd5c5b0816616d9882831e69bMichael Graff    ret=0
74889a341cac183d477e15cfead391a8f7bdba95Michael Graff    $DIG $DIGOPTS @10.53.0.3 -p 5300 bits SOA > dig.out.ns3.test$n
ae7d0a4375abaecfd5c5b0816616d9882831e69bMichael Graff    grep "status: NOERROR" dig.out.ns3.test$n > /dev/null || ret=1
e4f074a2c2340ea80099beebecc3b89aa234fa8fMichael Graff    grep "ANSWER: 2," dig.out.ns3.test$n > /dev/null || ret=1
a3ab70dae26d009bf78b0594b2ab5eb9208f4b91Michael Graff    grep "2011072450" dig.out.ns3.test$n > /dev/null || ret=1
    if [ $ret = 0 ]; then break; fi
    sleep 1
done
if [ $ret != 0 ]; then echo "I:failed"; fi
status=`expr $status + $ret`

$NSUPDATE << EOF
zone noixfr
server 10.53.0.4 5300
update add noixfr 0 SOA ns4.noixfr. . 2011072450 20 20 1814400 3600
send
EOF

n=`expr $n + 1`
echo "I:checking YYYYMMDDVV (2011072450) serial on hidden master, noixfr ($n)"
ret=0
$DIG $DIGOPTS @10.53.0.4 -p 5300 noixfr SOA > dig.out.ns4.test$n
grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1
grep "ANSWER: 1," dig.out.ns4.test$n > /dev/null || ret=1
grep "2011072450" dig.out.ns4.test$n > /dev/null || ret=1
if [ $ret != 0 ]; then echo "I:failed"; fi
status=`expr $status + $ret`

n=`expr $n + 1`
echo "I:checking YYYYMMDDVV (2011072450) serial in signed zone, noixfr ($n)"
for i in 1 2 3 4 5 6 7 8 9 10
do
    ret=0
    $DIG $DIGOPTS @10.53.0.3 -p 5300 noixfr SOA > dig.out.ns3.test$n
    grep "status: NOERROR" dig.out.ns3.test$n > /dev/null || ret=1
    grep "ANSWER: 2," dig.out.ns3.test$n > /dev/null || ret=1
    grep "2011072450" dig.out.ns3.test$n > /dev/null || ret=1
    if [ $ret = 0 ]; then break; fi
    sleep 1
done
if [ $ret != 0 ]; then echo "I:failed"; fi
status=`expr $status + $ret`

$NSUPDATE << EOF
zone bits
server 10.53.0.3 5300
update add bits 0 SOA ns2.bits. . 2011072460 20 20 1814400 3600
send
EOF

n=`expr $n + 1`
echo "I:checking forwarded update on hidden master ($n)"
ret=0
$DIG $DIGOPTS @10.53.0.2 -p 5300 bits SOA > dig.out.ns2.test$n
grep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1
grep "ANSWER: 1," dig.out.ns2.test$n > /dev/null || ret=1
grep "2011072460" dig.out.ns2.test$n > /dev/null || ret=1
if [ $ret != 0 ]; then echo "I:failed"; fi
status=`expr $status + $ret`

n=`expr $n + 1`
echo "I:checking forwarded update on signed zone ($n)"
for i in 1 2 3 4 5 6 7 8 9 10
do
    ret=0
    $DIG $DIGOPTS @10.53.0.3 -p 5300 bits SOA > dig.out.ns3.test$n
    grep "status: NOERROR" dig.out.ns3.test$n > /dev/null || ret=1
    grep "ANSWER: 2," dig.out.ns3.test$n > /dev/null || ret=1
    grep "2011072460" dig.out.ns3.test$n > /dev/null || ret=1
    if [ $ret = 0 ]; then break; fi
    sleep 1
done
if [ $ret != 0 ]; then echo "I:failed"; fi
status=`expr $status + $ret`

$NSUPDATE << EOF
zone noixfr
server 10.53.0.3 5300
update add noixfr 0 SOA ns4.noixfr. . 2011072460 20 20 1814400 3600
send
EOF

n=`expr $n + 1`
echo "I:checking forwarded update on hidden master, noixfr ($n)"
ret=0
$DIG $DIGOPTS @10.53.0.4 -p 5300 noixfr SOA > dig.out.ns4.test$n
grep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1
grep "ANSWER: 1," dig.out.ns4.test$n > /dev/null || ret=1
grep "2011072460" dig.out.ns4.test$n > /dev/null || ret=1
if [ $ret != 0 ]; then echo "I:failed"; fi
status=`expr $status + $ret`

n=`expr $n + 1`
echo "I:checking forwarded update on signed zone, noixfr ($n)"
for i in 1 2 3 4 5 6 7 8 9 10
do
    ret=0
    $DIG $DIGOPTS @10.53.0.3 -p 5300 noixfr SOA > dig.out.ns3.test$n
    grep "status: NOERROR" dig.out.ns3.test$n > /dev/null || ret=1
    grep "ANSWER: 2," dig.out.ns3.test$n > /dev/null || ret=1
    grep "2011072460" dig.out.ns3.test$n > /dev/null || ret=1
    if [ $ret = 0 ]; then break; fi
    sleep 1
done
if [ $ret != 0 ]; then echo "I:failed"; fi
status=`expr $status + $ret`

n=`expr $n + 1`
echo "I:checking turning on of inline signing in a slave zone via reload ($n)"
$DIG $DIGOPTS @10.53.0.5 -p 5300 +dnssec bits SOA > dig.out.ns5.test$n
grep "status: NOERROR" dig.out.ns5.test$n > /dev/null || ret=1
grep "ANSWER: 1," dig.out.ns5.test$n > /dev/null || ret=1
if [ $ret != 0 ]; then echo "I:setup broken"; fi
status=`expr $status + $ret`
cp ns5/named.conf.post ns5/named.conf
(cd ns5; $KEYGEN -q -r ../$RANDFILE bits) > /dev/null 2>&1
(cd ns5; $KEYGEN -q -r ../$RANDFILE -f KSK bits) > /dev/null 2>&1
$RNDC -c ../common/rndc.conf -s 10.53.0.5 -p 9953 reload 2>&1 | sed 's/^/I:ns5 /'
for i in 1 2 3 4 5 6 7 8 9 10
do
    ret=0
    $DIG $DIGOPTS @10.53.0.5 -p 5300 bits SOA > dig.out.ns5.test$n
    grep "status: NOERROR" dig.out.ns5.test$n > /dev/null || ret=1
    grep "ANSWER: 2," dig.out.ns5.test$n > /dev/null || ret=1
    if [ $ret = 0 ]; then break; fi
    sleep 1
done
if [ $ret != 0 ]; then echo "I:failed"; fi
status=`expr $status + $ret`

exit $status