296f5969a8dd6e3d1bb3761569c6a7070abd2e47Tinderbox User# Copyright (C) 2012, 2013, 2016, 2017 Internet Systems Consortium, Inc. ("ISC")
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews# This Source Code Form is subject to the terms of the Mozilla Public
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews# License, v. 2.0. If a copy of the MPL was not distributed with this
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews# file, You can obtain one at http://mozilla.org/MPL/2.0/.
ad127d839d2e7aa542939a8a336691407e23397eMark Andrews echo "I:checking supposedly good zone: $zone ($n)"
ad127d839d2e7aa542939a8a336691407e23397eMark Andrews $VERIFY ${only} -o $zone $file > verify.out.$n 2>&1 || ret=1
ad127d839d2e7aa542939a8a336691407e23397eMark Andrews echo "I:checking supposedly bad zone: $zone ($n)"
ad127d839d2e7aa542939a8a336691407e23397eMark Andrews *.out-of-zone-nsec|*.below-bottom-of-zone-nsec)
9a0dd99a757c469d9530acd5cb11789b3b0af5ceEvan Hunt expect1="Bad NSEC record for.*, next name mismatch"
ad127d839d2e7aa542939a8a336691407e23397eMark Andrews expect1="Expected and found NSEC3 chains not equal";
ad127d839d2e7aa542939a8a336691407e23397eMark Andrews $VERIFY ${only} -o $zone $file > verify.out.$n 2>&1 && ret=1
ad127d839d2e7aa542939a8a336691407e23397eMark Andrews grep "${expect1:-.}" verify.out.$n > /dev/null || ret=1
ad127d839d2e7aa542939a8a336691407e23397eMark Andrews grep "${expect2:-.}" verify.out.$n > /dev/null || ret=1
cbb33c87f4bcf415c840acb61c9d4642c3c2a8e0Michał Kępieńecho "I:checking error message when -o is not used and a SOA record not at top of zone is found ($n)"
cbb33c87f4bcf415c840acb61c9d4642c3c2a8e0Michał Kępień# When -o is not used, origin is set to zone file name, which should cause an error in this case
cbb33c87f4bcf415c840acb61c9d4642c3c2a8e0Michał Kępień$VERIFY zones/ksk+zsk.nsec.good > verify.out.$n 2>&1 && ret=1
cbb33c87f4bcf415c840acb61c9d4642c3c2a8e0Michał Kępieńgrep "not at top of zone" verify.out.$n > /dev/null || ret=1
cbb33c87f4bcf415c840acb61c9d4642c3c2a8e0Michał Kępieńgrep "use -o to specify a different zone origin" verify.out.$n > /dev/null || ret=1
cbb33c87f4bcf415c840acb61c9d4642c3c2a8e0Michał Kępieńecho "I:checking error message when an invalid -o is specified and a SOA record not at top of zone is found ($n)"
cbb33c87f4bcf415c840acb61c9d4642c3c2a8e0Michał Kępień$VERIFY -o invalid.origin zones/ksk+zsk.nsec.good > verify.out.$n 2>&1 && ret=1
cbb33c87f4bcf415c840acb61c9d4642c3c2a8e0Michał Kępieńgrep "not at top of zone" verify.out.$n > /dev/null || ret=1
cbb33c87f4bcf415c840acb61c9d4642c3c2a8e0Michał Kępieńgrep "use -o to specify a different zone origin" verify.out.$n > /dev/null && ret=1
3635d8f9104e70e141a8f191a0e6c1502ceed2f3Mark Andrewsecho "I:exit status: $status"