tests.sh revision de0fd6809754ad9dc47b7c60fda8f4c8b22ea1f8
71cef386fae61275b03e203825680b39fedaa8c6Tinderbox User# Copyright (C) 2011, 2012 Internet Systems Consortium, Inc. ("ISC")
5347c0fcb04eaea19d9f39795646239f487c6207Tinderbox User# Permission to use, copy, modify, and/or distribute this software for any
5347c0fcb04eaea19d9f39795646239f487c6207Tinderbox User# purpose with or without fee is hereby granted, provided that the above
5347c0fcb04eaea19d9f39795646239f487c6207Tinderbox User# copyright notice and this permission notice appear in all copies.
d6fa26d0adaec6c910115be34fe7a5a5f402c14fMark Andrews# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews# AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
fd2597f75693a2279fdf588bd40dfe2407c42028Tinderbox User# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
cd32f419a8a5432fbb139f56ee73cbf68b9350ccTinderbox User# PERFORMANCE OF THIS SOFTWARE.
c3dc968140ab7f04795acc7835e4e89ccb0c0a27Tinderbox User# $Id: tests.sh,v 1.18 2012/02/23 06:53:15 marka Exp $
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrewsecho "I:checking that the zone is signed on initial transfer ($n)"
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews $RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 signing -list bits > signing.out.test$n 2>&1
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User keys=`grep '^Done signing' signing.out.test$n | wc -l`
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox Userecho "I:checking expired signatures are updated on load ($n)"
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews$DIG $DIGOPTS @10.53.0.3 -p 5300 +noall +answer +dnssec expired SOA > dig.out.ns3.test$n
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox Userexpiry=`awk '$4 == "RRSIG" { print $9 }' dig.out.ns3.test$n`
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox Userecho "I:checking removal of private type record via 'rndc signing -clear' ($n)"
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 signing -list bits > signing.out.test$n 2>&1
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox Userkeys=`sed -n -e 's/Done signing with key \(.*\)$/\1/p' signing.out.test$n`
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User $RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 signing -clear ${key} bits > /dev/null || ret=1
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User break; # We only want to remove 1 record for now.
c52dde922980a55e22f6f9f9f97544922a9d67f8Tinderbox User $RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 signing -list bits > signing.out.test$n 2>&1
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User num=`grep "Done signing with" signing.out.test$n | wc -l`
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox Userecho "I:checking private type was properly signed ($n)"
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User$DIG $DIGOPTS @10.53.0.6 -p 5300 bits TYPE65534 > dig.out.ns6.test$n
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox Usergrep "ANSWER: 2," dig.out.ns6.test$n > /dev/null || ret=1
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox Usergrep "flags:.* ad[ ;]" dig.out.ns6.test$n > /dev/null || ret=1
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox Userecho "I:checking removal of remaining private type record via 'rndc signing -clear all' ($n)"
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 signing -clear all bits > /dev/null || ret=1
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User $RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 signing -list bits > signing.out.test$n 2>&1
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User grep "No signing records found" signing.out.test$n > /dev/null || ans=1
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrewsecho "I:checking negative private type response was properly signed ($n)"
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews$DIG $DIGOPTS @10.53.0.6 -p 5300 bits TYPE65534 > dig.out.ns6.test$n
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrewsgrep "status: NOERROR" dig.out.ns6.test$n > /dev/null || ret=1
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox Usergrep "ANSWER: 0," dig.out.ns6.test$n > /dev/null || ret=1
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox Usergrep "flags:.* ad[ ;]" dig.out.ns6.test$n > /dev/null || ret=1
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox Userserver 10.53.0.2 5300
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox Userupdate add added.bits 0 A 1.2.3.4
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox Userecho "I:checking that the record is added on the hidden master ($n)"
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews$DIG $DIGOPTS @10.53.0.2 -p 5300 added.bits A > dig.out.ns2.test$n
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox Usergrep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox Usergrep "ANSWER: 1," dig.out.ns2.test$n > /dev/null || ret=1
2895f101b5585a19015ac2c2c1e1812ac467fa12Automatic Updaterecho "I:checking that update has been transfered and has been signed ($n)"
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User $DIG $DIGOPTS @10.53.0.3 -p 5300 added.bits A > dig.out.ns3.test$n
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User grep "status: NOERROR" dig.out.ns3.test$n > /dev/null || ret=1
0a7ed88633a680bb881868b75ded4d09a7bbbc50Automatic Updater grep "ANSWER: 2," dig.out.ns3.test$n > /dev/null || ret=1
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox Userserver 10.53.0.2 5300
be6c1c506161e6f45fcff5d0425f78801bc267c1Automatic Updaterupdate add bits 0 SOA ns2.bits. . 2011072400 20 20 1814400 3600
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Huntecho "I:checking YYYYMMDDVV (2011072400) serial on hidden master ($n)"
43b94483957d3168796a816ed86cf097518817dcTinderbox User$DIG $DIGOPTS @10.53.0.2 -p 5300 bits SOA > dig.out.ns2.test$n
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox Usergrep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox Usergrep "ANSWER: 1," dig.out.ns2.test$n > /dev/null || ret=1
8ec3c085233cedb22b05da36e2773c8f357a7e45Automatic Updatergrep "2011072400" dig.out.ns2.test$n > /dev/null || ret=1
6ea2385360e9e2167e65f9286447da9eea189457Tinderbox Userecho "I:checking YYYYMMDDVV (2011072400) serial in signed zone ($n)"
6ea2385360e9e2167e65f9286447da9eea189457Tinderbox User $DIG $DIGOPTS @10.53.0.3 -p 5300 bits SOA > dig.out.ns3.test$n
6ea2385360e9e2167e65f9286447da9eea189457Tinderbox User grep "status: NOERROR" dig.out.ns3.test$n > /dev/null || ret=1
6ea2385360e9e2167e65f9286447da9eea189457Tinderbox User grep "ANSWER: 2," dig.out.ns3.test$n > /dev/null || ret=1
6ea2385360e9e2167e65f9286447da9eea189457Tinderbox User grep "2011072400" dig.out.ns3.test$n > /dev/null || ret=1
0a7ed88633a680bb881868b75ded4d09a7bbbc50Automatic Updaterecho "I:checking that the zone is signed on initial transfer, noixfr ($n)"
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox Userfor i in 1 2 3 4 5 6 7 8 9 10 1 2 3 4 5 6 7 8 9 10 1 2 3 4 5 6 7 8 9 10
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User $RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 signing -list noixfr > signing.out.test$n 2>&1
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User keys=`grep '^Done signing' signing.out.test$n | wc -l`
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox Userserver 10.53.0.4 5300
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox Userupdate add added.noixfr 0 A 1.2.3.4
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrewsecho "I:checking that the record is added on the hidden master, noixfr ($n)"
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User$DIG $DIGOPTS @10.53.0.4 -p 5300 added.noixfr A > dig.out.ns4.test$n
0e1dece22e128f9dfa723316a35c4b3f06912381Tinderbox Usergrep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox Usergrep "ANSWER: 1," dig.out.ns4.test$n > /dev/null || ret=1
0e1dece22e128f9dfa723316a35c4b3f06912381Tinderbox Userecho "I:checking that update has been transfered and has been signed, noixfr ($n)"
0e1dece22e128f9dfa723316a35c4b3f06912381Tinderbox Userfor i in 1 2 3 4 5 6 7 8 9 10 1 2 3 4 5 6 7 8 9 10 1 2 3 4 5 6 7 8 9 10
0e1dece22e128f9dfa723316a35c4b3f06912381Tinderbox User $DIG $DIGOPTS @10.53.0.3 -p 5300 added.noixfr A > dig.out.ns3.test$n
0e1dece22e128f9dfa723316a35c4b3f06912381Tinderbox User grep "status: NOERROR" dig.out.ns3.test$n > /dev/null || ret=1
0e1dece22e128f9dfa723316a35c4b3f06912381Tinderbox User grep "ANSWER: 2," dig.out.ns3.test$n > /dev/null || ret=1
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrewsserver 10.53.0.4 5300
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrewsupdate add noixfr 0 SOA ns4.noixfr. . 2011072400 20 20 1814400 3600
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox Userecho "I:checking YYYYMMDDVV (2011072400) serial on hidden master, noixfr ($n)"
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews$DIG $DIGOPTS @10.53.0.4 -p 5300 noixfr SOA > dig.out.ns4.test$n
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox Usergrep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox Usergrep "ANSWER: 1," dig.out.ns4.test$n > /dev/null || ret=1
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrewsgrep "2011072400" dig.out.ns4.test$n > /dev/null || ret=1
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrewsecho "I:checking YYYYMMDDVV (2011072400) serial in signed zone, noixfr ($n)"
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User $DIG $DIGOPTS @10.53.0.3 -p 5300 noixfr SOA > dig.out.ns3.test$n
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User grep "status: NOERROR" dig.out.ns3.test$n > /dev/null || ret=1
60a900e83bab52c3f023be66654f3ab023172778Automatic Updater grep "ANSWER: 2," dig.out.ns3.test$n > /dev/null || ret=1
60a900e83bab52c3f023be66654f3ab023172778Automatic Updater grep "2011072400" dig.out.ns3.test$n > /dev/null || ret=1
60a900e83bab52c3f023be66654f3ab023172778Automatic Updaterecho "I:checking that the master zone signed on initial load ($n)"
60a900e83bab52c3f023be66654f3ab023172778Automatic Updater $RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 signing -list master > signing.out.test$n 2>&1
60a900e83bab52c3f023be66654f3ab023172778Automatic Updater keys=`grep '^Done signing' signing.out.test$n | wc -l`
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox Userecho "I:checking removal of private type record via 'rndc signing -clear' (master) ($n)"
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 signing -list master > signing.out.test$n 2>&1
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrewskeys=`sed -n -e 's/Done signing with key \(.*\)$/\1/p' signing.out.test$n`
2628293c6edaa41ed1407c42bb196083901e087bAutomatic Updater $RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 signing -clear ${key} master > /dev/null || ret=1
2628293c6edaa41ed1407c42bb196083901e087bAutomatic Updater break; # We only want to remove 1 record for now.
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User $RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 signing -list master > signing.out.test$n 2>&1
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews num=`grep "Done signing with" signing.out.test$n | wc -l`
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrewsecho "I:checking private type was properly signed (master) ($n)"
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User$DIG $DIGOPTS @10.53.0.6 -p 5300 master TYPE65534 > dig.out.ns6.test$n
d71e2e0c61df16ff37c9934c371a4a60c08974f7Mark Andrewsgrep "ANSWER: 2," dig.out.ns6.test$n > /dev/null || ret=1
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrewsgrep "flags:.* ad[ ;]" dig.out.ns6.test$n > /dev/null || ret=1
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox Userecho "I:checking removal of remaining private type record via 'rndc signing -clear' (master) ($n)"
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 signing -clear all master > /dev/null || ret=1
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews $RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 signing -list master > signing.out.test$n 2>&1
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews grep "No signing records found" signing.out.test$n > /dev/null || ans=1
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Huntecho "I:check adding of record to unsigned master ($n)"
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 reload master || ret=1
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User $DIG $DIGOPTS @10.53.0.3 -p 5300 e.master A > dig.out.ns3.test$n
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews grep "10.0.0.5" dig.out.ns3.test$n > /dev/null || ans=1
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews grep "ANSWER: 2," dig.out.ns3.test$n > /dev/null || ans=1
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrewsecho "I:check adding record fails when SOA serial not changed ($n)"
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 reload || ret=1
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews$DIG $DIGOPTS @10.53.0.3 -p 5300 c.master A > dig.out.ns3.test$n
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrewsgrep "NXDOMAIN" dig.out.ns3.test$n > /dev/null || ret=1
97e74139b19368e385a3564746d42db70879195eAutomatic Updaterecho "I:check adding record works after updating SOA serial ($n)"
43b94483957d3168796a816ed86cf097518817dcTinderbox User$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 reload master || ret=1
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User $DIG $DIGOPTS @10.53.0.3 -p 5300 c.master A > dig.out.ns3.test$n
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User grep "10.0.0.3" dig.out.ns3.test$n > /dev/null || ans=1
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews grep "ANSWER: 2," dig.out.ns3.test$n > /dev/null || ans=1
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox Userecho "I:check the added record was properly signed ($n)"
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt$DIG $DIGOPTS @10.53.0.3 -p 5300 e.master A > dig.out.ns6.test$n
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Huntgrep "10.0.0.5" dig.out.ns6.test$n > /dev/null || ans=1
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Huntgrep "ANSWER: 2," dig.out.ns6.test$n > /dev/null || ans=1
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Huntgrep "flags:.* ad[ ;]" dig.out.ns6.test$n > /dev/null || ans=1
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox Userecho "I:checking that the dynamic master zone signed on initial load ($n)"
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User $RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 signing -list dynamic > signing.out.test$n 2>&1
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt keys=`grep '^Done signing' signing.out.test$n | wc -l`
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox Userecho "I:checking master zone that was updated while offline is correct ($n)"
52ece689e0265f9a3e518de5b2539e749f6d35acMark Andrewsserial=`$DIG $DIGOPTS +short @10.53.0.3 -p 5300 updated SOA | awk '{print $3}'`
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User# serial should have changed
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews# e.updated should exist and should be signed
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User$DIG $DIGOPTS @10.53.0.3 -p 5300 e.updated A > dig.out.ns3.test$n
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox Usergrep "status: NOERROR" dig.out.ns3.test$n > /dev/null || ret=1
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrewsgrep "ANSWER: 2," dig.out.ns3.test$n > /dev/null || ret=1
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews# updated.db.signed.jnl should exist, should have the source serial
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User# of master2.db, and should show a minimal diff: no more than 8 added
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User# records (SOA/RRSIG, 2 x NSEC/RRSIG, A/RRSIG), and 4 removed records
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox Userserial=`$JOURNALPRINT ns3/updated.db.signed.jnl | head -1 | awk '{print $4}'`
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrewsdiffsize=`$JOURNALPRINT ns3/updated.db.signed.jnl | wc -l`
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Huntecho "I:checking adding of record to unsigned master using UPDATE ($n)"
dba3c818ae00b10388d31703e86a28415db398acTinderbox User[ -f ns3/dynamic.db.jnl ] && { ret=1 ; echo "I:journal exists (pretest)" ; }
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox Userserver 10.53.0.3 5300
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrewsupdate add e.dynamic 0 A 1.2.3.4
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews[ -f ns3/dynamic.db.jnl ] || { ret=1 ; echo "I:journal does not exist (posttest)" ; }
6283056805887de88040698685b8e1936a1f7a2dAutomatic Updater $DIG $DIGOPTS @10.53.0.3 -p 5300 e.dynamic > dig.out.ns3.test$n
6283056805887de88040698685b8e1936a1f7a2dAutomatic Updater grep "status: NOERROR" dig.out.ns3.test$n > /dev/null || ans=1
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User grep "ANSWER: 2," dig.out.ns3.test$n > /dev/null || ans=1
6283056805887de88040698685b8e1936a1f7a2dAutomatic Updater grep "1.2.3.4" dig.out.ns3.test$n > /dev/null || ans=1
1c51f79aba598e5e20bde66aea0237e347f6d5ceAutomatic Updater[ $ans = 0 ] || { ret=1; echo "I:signed record not found"; cat dig.out.ns3.test$n ; }
3f9791eac42b243d9f328d604e117f91a3f67a37Tinderbox Userecho "I:stop bump in the wire signer server ($n)"
7717ec7a6a898cdd3c35cbfba66010b7304ffd9bAutomatic Updaterecho "I:restart bump in the wire signer server ($n)"
7717ec7a6a898cdd3c35cbfba66010b7304ffd9bAutomatic Updater$PERL ../start.pl --noclean --restart . ns3 || ret=1
3f9791eac42b243d9f328d604e117f91a3f67a37Tinderbox Userserver 10.53.0.2 5300
3f9791eac42b243d9f328d604e117f91a3f67a37Tinderbox Userupdate add bits 0 SOA ns2.bits. . 2011072450 20 20 1814400 3600
3f9791eac42b243d9f328d604e117f91a3f67a37Tinderbox Userecho "I:checking YYYYMMDDVV (2011072450) serial on hidden master ($n)"
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User$DIG $DIGOPTS @10.53.0.2 -p 5300 bits SOA > dig.out.ns2.test$n
3f9791eac42b243d9f328d604e117f91a3f67a37Tinderbox Usergrep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Huntgrep "ANSWER: 1," dig.out.ns2.test$n > /dev/null || ret=1
3f9791eac42b243d9f328d604e117f91a3f67a37Tinderbox Usergrep "2011072450" dig.out.ns2.test$n > /dev/null || ret=1
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrewsecho "I:checking YYYYMMDDVV (2011072450) serial in signed zone ($n)"
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews $DIG $DIGOPTS @10.53.0.3 -p 5300 bits SOA > dig.out.ns3.test$n
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews grep "status: NOERROR" dig.out.ns3.test$n > /dev/null || ret=1
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews grep "ANSWER: 2," dig.out.ns3.test$n > /dev/null || ret=1
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews grep "2011072450" dig.out.ns3.test$n > /dev/null || ret=1
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox Userserver 10.53.0.4 5300
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Huntupdate add noixfr 0 SOA ns4.noixfr. . 2011072450 20 20 1814400 3600
0a7ed88633a680bb881868b75ded4d09a7bbbc50Automatic Updaterecho "I:checking YYYYMMDDVV (2011072450) serial on hidden master, noixfr ($n)"
0a7ed88633a680bb881868b75ded4d09a7bbbc50Automatic Updater$DIG $DIGOPTS @10.53.0.4 -p 5300 noixfr SOA > dig.out.ns4.test$n
0a7ed88633a680bb881868b75ded4d09a7bbbc50Automatic Updatergrep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1
0a7ed88633a680bb881868b75ded4d09a7bbbc50Automatic Updatergrep "ANSWER: 1," dig.out.ns4.test$n > /dev/null || ret=1
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox Usergrep "2011072450" dig.out.ns4.test$n > /dev/null || ret=1
0a7ed88633a680bb881868b75ded4d09a7bbbc50Automatic Updaterecho "I:checking YYYYMMDDVV (2011072450) serial in signed zone, noixfr ($n)"
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User $DIG $DIGOPTS @10.53.0.3 -p 5300 noixfr SOA > dig.out.ns3.test$n
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User grep "status: NOERROR" dig.out.ns3.test$n > /dev/null || ret=1
0a7ed88633a680bb881868b75ded4d09a7bbbc50Automatic Updater grep "ANSWER: 2," dig.out.ns3.test$n > /dev/null || ret=1
0a7ed88633a680bb881868b75ded4d09a7bbbc50Automatic Updater grep "2011072450" dig.out.ns3.test$n > /dev/null || ret=1
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox Userserver 10.53.0.3 5300
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox Userupdate add bits 0 SOA ns2.bits. . 2011072460 20 20 1814400 3600
0a7ed88633a680bb881868b75ded4d09a7bbbc50Automatic Updaterecho "I:checking forwarded update on hidden master ($n)"
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User$DIG $DIGOPTS @10.53.0.2 -p 5300 bits SOA > dig.out.ns2.test$n
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox Usergrep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1
0a7ed88633a680bb881868b75ded4d09a7bbbc50Automatic Updatergrep "ANSWER: 1," dig.out.ns2.test$n > /dev/null || ret=1
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox Usergrep "2011072460" dig.out.ns2.test$n > /dev/null || ret=1
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox Userecho "I:checking forwarded update on signed zone ($n)"
0a7ed88633a680bb881868b75ded4d09a7bbbc50Automatic Updater $DIG $DIGOPTS @10.53.0.3 -p 5300 bits SOA > dig.out.ns3.test$n
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User grep "status: NOERROR" dig.out.ns3.test$n > /dev/null || ret=1
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User grep "ANSWER: 2," dig.out.ns3.test$n > /dev/null || ret=1
a3f8c8e20780e488141d200acdfea6c5f3303513Automatic Updater grep "2011072460" dig.out.ns3.test$n > /dev/null || ret=1
a3f8c8e20780e488141d200acdfea6c5f3303513Automatic Updaterserver 10.53.0.3 5300
a3f8c8e20780e488141d200acdfea6c5f3303513Automatic Updaterupdate add noixfr 0 SOA ns4.noixfr. . 2011072460 20 20 1814400 3600
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox Userecho "I:checking forwarded update on hidden master, noixfr ($n)"
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User$DIG $DIGOPTS @10.53.0.4 -p 5300 noixfr SOA > dig.out.ns4.test$n
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox Usergrep "status: NOERROR" dig.out.ns4.test$n > /dev/null || ret=1
f3d1a0ba5228251d902a6acf3c8b05cb6842f992Automatic Updatergrep "ANSWER: 1," dig.out.ns4.test$n > /dev/null || ret=1
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox Usergrep "2011072460" dig.out.ns4.test$n > /dev/null || ret=1
f3d1a0ba5228251d902a6acf3c8b05cb6842f992Automatic Updaterecho "I:checking forwarded update on signed zone, noixfr ($n)"
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User $DIG $DIGOPTS @10.53.0.3 -p 5300 noixfr SOA > dig.out.ns3.test$n
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews grep "status: NOERROR" dig.out.ns3.test$n > /dev/null || ret=1
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User grep "ANSWER: 2," dig.out.ns3.test$n > /dev/null || ret=1
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User grep "2011072460" dig.out.ns3.test$n > /dev/null || ret=1
3b2c6af63e0367c6eabe0a21ca23841ca87cd22fAutomatic Updaterecho "I:checking turning on of inline signing in a slave zone via reload ($n)"
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt$DIG $DIGOPTS @10.53.0.5 -p 5300 +dnssec bits SOA > dig.out.ns5.test$n
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Huntgrep "status: NOERROR" dig.out.ns5.test$n > /dev/null || ret=1
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox Usergrep "ANSWER: 1," dig.out.ns5.test$n > /dev/null || ret=1
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox Userif [ $ret != 0 ]; then echo "I:setup broken"; fi
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User(cd ns5; $KEYGEN -q -r ../$RANDFILE bits) > /dev/null 2>&1
8de0d8a6905e397ed0a26054815420685f9b435eAutomatic Updater(cd ns5; $KEYGEN -q -r ../$RANDFILE -f KSK bits) > /dev/null 2>&1
8de0d8a6905e397ed0a26054815420685f9b435eAutomatic Updater$RNDC -c ../common/rndc.conf -s 10.53.0.5 -p 9953 reload 2>&1 | sed 's/^/I:ns5 /'
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User $DIG $DIGOPTS @10.53.0.5 -p 5300 bits SOA > dig.out.ns5.test$n
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User grep "status: NOERROR" dig.out.ns5.test$n > /dev/null || ret=1
731cc132f22dbc9e0ecd7035dce314a61076d31bAutomatic Updater grep "ANSWER: 2," dig.out.ns5.test$n > /dev/null || ret=1
731cc132f22dbc9e0ecd7035dce314a61076d31bAutomatic Updaterecho "I:checking rndc freeze/thaw of dynamic inline zone no change ($n)"
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 freeze dynamic > freeze.test$n 2>&1 || { echo "I: rndc freeze dynamic failed" ; sed 's/^/I:/' < freeze.test$n ; ret=1; }
66fec05962ae85e63c4aa568d44a962db5bbc902Automatic Updater$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 thaw dynamic > thaw.test$n 2>&1 || { echo "I: rndc thaw dynamic failed" ; ret=1; }
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox Usergrep "zone dynamic/IN (unsigned): ixfr-from-differences: unchanged" ns3/named.run > /dev/null || ret=1
731cc132f22dbc9e0ecd7035dce314a61076d31bAutomatic Updaterecho "I:checking rndc freeze/thaw of dynamic inline zone ($n)"
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 freeze dynamic > freeze.test$n 2>&1 || ret=1
f3d1a0ba5228251d902a6acf3c8b05cb6842f992Automatic Updaterawk '$2 == ";" && $3 == "serial" { print $1 + 1, $2, $3; next; }
f3d1a0ba5228251d902a6acf3c8b05cb6842f992Automatic Updater END { print "freeze1.dynamic. 0 TXT freeze1"; } ' ns3/dynamic.db > ns3/dynamic.db.new
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 thaw dynamic > thaw.test$n 2>&1 || ret=1
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox Userecho "I:check added record freeze1.dynamic ($n)"
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User $DIG $DIGOPTS @10.53.0.3 -p 5300 freeze1.dynamic TXT > dig.out.ns3.test$n
d71e2e0c61df16ff37c9934c371a4a60c08974f7Mark Andrews grep "status: NOERROR" dig.out.ns3.test$n > /dev/null || ret=1
d71e2e0c61df16ff37c9934c371a4a60c08974f7Mark Andrews grep "ANSWER: 2," dig.out.ns3.test$n > /dev/null || ret=1
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User# allow 1 second so that file time stamps change
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox Userecho "I:checking rndc freeze/thaw of server ($n)"
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 freeze > freeze.test$n 2>&1 || ret=1
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Huntawk '$2 == ";" && $3 == "serial" { print $1 + 1, $2, $3; next; }
3b2c6af63e0367c6eabe0a21ca23841ca87cd22fAutomatic Updater END { print "freeze2.dynamic. 0 TXT freeze2"; } ' ns3/dynamic.db > ns3/dynamic.db.new
14a656f94b1fd0ababd84a772228dfa52276ba15Evan Hunt$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 thaw > thaw.test$n 2>&1 || ret=1
d71e2e0c61df16ff37c9934c371a4a60c08974f7Mark Andrewsecho "I:check added record freeze2.dynamic ($n)"
d71e2e0c61df16ff37c9934c371a4a60c08974f7Mark Andrews $DIG $DIGOPTS @10.53.0.3 -p 5300 freeze2.dynamic TXT > dig.out.ns3.test$n
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews grep "status: NOERROR" dig.out.ns3.test$n > /dev/null || ret=1
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrews grep "ANSWER: 2," dig.out.ns3.test$n > /dev/null || ret=1
d71e2e0c61df16ff37c9934c371a4a60c08974f7Mark Andrewsecho "I:check rndc reload allows reuse of inline-signing zones ($n)"
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User{ $RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 reload 2>&1 || ret=1 ; } |
7e71f05d8643aca84914437c900cb716444507e4Tinderbox Usergrep "not reusable" ns3/named.run > /dev/null 2>&1 && ret=1
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrewsecho "I:check rndc sync removes both signed and unsigned journals ($n)"
7911e6f9de303bca5a3d8b34f4330c8f7cecffaeTinderbox User$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 sync -clean dynamic 2>&1 || ret=1
0a7ed88633a680bb881868b75ded4d09a7bbbc50Automatic Updaterzone retransfer
cd32f419a8a5432fbb139f56ee73cbf68b9350ccTinderbox Userserver 10.53.0.2 5300
c3dc968140ab7f04795acc7835e4e89ccb0c0a27Tinderbox Userupdate add added.retransfer 0 A 1.2.3.4
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrewsecho "I:checking that the retransfer record is added on the hidden master ($n)"
4abdfc917e6635a7c81d1f931a0c79227e72d025Mark Andrews$DIG $DIGOPTS @10.53.0.2 -p 5300 added.retransfer A > dig.out.ns2.test$n
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrewsgrep "status: NOERROR" dig.out.ns2.test$n > /dev/null || ret=1
5a4557e8de2951a2796676b5ec4b6a90caa5be14Mark Andrewsgrep "ANSWER: 1," dig.out.ns2.test$n > /dev/null || ret=1
n=`expr $n + 1`
n=`expr $n + 1`
n=`expr $n + 1`
n=`expr $n + 1`
echo "I:updates to SOA parameters other than serial while stopped are reflected in signed zone ($n)"
exit $status