7865ea9545f28f12f046b32d24c989e8441b9812Mark Andrews#!/bin/sh
7865ea9545f28f12f046b32d24c989e8441b9812Mark Andrews#
dce54b9b5cfa450570fe9c11644450aeb3ee89f3Tinderbox User# Copyright (C) 2012, 2016 Internet Systems Consortium, Inc. ("ISC")
bf8267aa453e5d2a735ed732a043b77a0b355b20Mark Andrews#
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews# This Source Code Form is subject to the terms of the Mozilla Public
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews# License, v. 2.0. If a copy of the MPL was not distributed with this
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews# file, You can obtain one at http://mozilla.org/MPL/2.0/.
7865ea9545f28f12f046b32d24c989e8441b9812Mark Andrews
7865ea9545f28f12f046b32d24c989e8441b9812Mark Andrews# $Id$
7865ea9545f28f12f046b32d24c989e8441b9812Mark Andrews
7865ea9545f28f12f046b32d24c989e8441b9812Mark AndrewsSYSTEMTESTTOP=..
7865ea9545f28f12f046b32d24c989e8441b9812Mark Andrews. $SYSTEMTESTTOP/conf.sh
7865ea9545f28f12f046b32d24c989e8441b9812Mark Andrews
7865ea9545f28f12f046b32d24c989e8441b9812Mark Andrewsstatus=0
7865ea9545f28f12f046b32d24c989e8441b9812Mark Andrews
7865ea9545f28f12f046b32d24c989e8441b9812Mark Andrewsrm -f dig.out.*
7865ea9545f28f12f046b32d24c989e8441b9812Mark Andrews
7865ea9545f28f12f046b32d24c989e8441b9812Mark AndrewsDIGOPTS="+tcp +noadd +nosea +nostat +nocmd +dnssec -p 5300"
7865ea9545f28f12f046b32d24c989e8441b9812Mark Andrews
7865ea9545f28f12f046b32d24c989e8441b9812Mark Andrewsfor f in conf/good*.conf
7865ea9545f28f12f046b32d24c989e8441b9812Mark Andrewsdo
7865ea9545f28f12f046b32d24c989e8441b9812Mark Andrews echo "I:checking '$f'"
7865ea9545f28f12f046b32d24c989e8441b9812Mark Andrews ret=0
7865ea9545f28f12f046b32d24c989e8441b9812Mark Andrews $CHECKCONF $f > /dev/null || ret=1
7865ea9545f28f12f046b32d24c989e8441b9812Mark Andrews if [ $ret != 0 ]; then echo "I:failed"; fi
7865ea9545f28f12f046b32d24c989e8441b9812Mark Andrews status=`expr $status + $ret`
7865ea9545f28f12f046b32d24c989e8441b9812Mark Andrewsdone
7865ea9545f28f12f046b32d24c989e8441b9812Mark Andrews
7865ea9545f28f12f046b32d24c989e8441b9812Mark Andrewsfor f in conf/bad*.conf
7865ea9545f28f12f046b32d24c989e8441b9812Mark Andrewsdo
7865ea9545f28f12f046b32d24c989e8441b9812Mark Andrews echo "I:checking '$f'"
7865ea9545f28f12f046b32d24c989e8441b9812Mark Andrews ret=0
7865ea9545f28f12f046b32d24c989e8441b9812Mark Andrews $CHECKCONF $f > /dev/null && ret=1
7865ea9545f28f12f046b32d24c989e8441b9812Mark Andrews if [ $ret != 0 ]; then echo "I:failed"; fi
7865ea9545f28f12f046b32d24c989e8441b9812Mark Andrews status=`expr $status + $ret`
7865ea9545f28f12f046b32d24c989e8441b9812Mark Andrewsdone
7865ea9545f28f12f046b32d24c989e8441b9812Mark Andrews
7865ea9545f28f12f046b32d24c989e8441b9812Mark Andrewsecho "I:checking that RSA big exponent keys can't be loaded"
7865ea9545f28f12f046b32d24c989e8441b9812Mark Andrewsret=0
7865ea9545f28f12f046b32d24c989e8441b9812Mark Andrewsgrep "out of range" ns2/signer.err > /dev/null || ret=1
7865ea9545f28f12f046b32d24c989e8441b9812Mark Andrewsif [ $ret != 0 ]; then echo "I:failed"; fi
7865ea9545f28f12f046b32d24c989e8441b9812Mark Andrewsstatus=`expr $status + $ret`
7865ea9545f28f12f046b32d24c989e8441b9812Mark Andrews
7865ea9545f28f12f046b32d24c989e8441b9812Mark Andrewsecho "I:checking that RSA big exponent signature can't validate"
7865ea9545f28f12f046b32d24c989e8441b9812Mark Andrewsret=0
7865ea9545f28f12f046b32d24c989e8441b9812Mark Andrews$DIG $DIGOPTS a.example @10.53.0.2 > dig.out.ns2 || ret=1
7865ea9545f28f12f046b32d24c989e8441b9812Mark Andrews$DIG $DIGOPTS a.example @10.53.0.3 > dig.out.ns3 || ret=1
7865ea9545f28f12f046b32d24c989e8441b9812Mark Andrewsgrep "status: NOERROR" dig.out.ns2 > /dev/null || ret=1
7865ea9545f28f12f046b32d24c989e8441b9812Mark Andrewsgrep "status: SERVFAIL" dig.out.ns3 > /dev/null || ret=1
7865ea9545f28f12f046b32d24c989e8441b9812Mark Andrewsif [ $ret != 0 ]; then echo "I:failed"; fi
7865ea9545f28f12f046b32d24c989e8441b9812Mark Andrewsstatus=`expr $status + $ret`
7865ea9545f28f12f046b32d24c989e8441b9812Mark Andrews
7865ea9545f28f12f046b32d24c989e8441b9812Mark Andrewsecho "I:exit status: $status"
3635d8f9104e70e141a8f191a0e6c1502ceed2f3Mark Andrews[ $status -eq 0 ] || exit 1