system/xfer/tests.sh

	tests.sh revision 6c6ccd6b330fa92d62136ec1062cc07a790a7165
4cd765650776027d05fe7fca248478918e02e63bDavid Lawrence#!/bin/sh
3759f10fc543747668b1ca4b4671f35b0dea8445Francis Dupont#
07dcadc6e24f4572f2b7d7cae7d47d0f5256d129Andreas Gustafsson# Copyright (C) 2004, 2005, 2007, 2011, 2012  Internet Systems Consortium, Inc. ("ISC")
4cd765650776027d05fe7fca248478918e02e63bDavid Lawrence# Copyright (C) 2000, 2001  Internet Software Consortium.
ec5347e2c775f027573ce5648b910361aa926c01Automatic Updater#
4cd765650776027d05fe7fca248478918e02e63bDavid Lawrence# Permission to use, copy, modify, and/or distribute this software for any
4cd765650776027d05fe7fca248478918e02e63bDavid Lawrence# purpose with or without fee is hereby granted, provided that the above
4cd765650776027d05fe7fca248478918e02e63bDavid Lawrence# copyright notice and this permission notice appear in all copies.
dafcb997e390efa4423883dafd100c975c4095d6Mark Andrews#
dafcb997e390efa4423883dafd100c975c4095d6Mark Andrews# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
dafcb997e390efa4423883dafd100c975c4095d6Mark Andrews# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
dafcb997e390efa4423883dafd100c975c4095d6Mark Andrews# AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
dafcb997e390efa4423883dafd100c975c4095d6Mark Andrews# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
dafcb997e390efa4423883dafd100c975c4095d6Mark Andrews# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
dafcb997e390efa4423883dafd100c975c4095d6Mark Andrews# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
4cd765650776027d05fe7fca248478918e02e63bDavid Lawrence# PERFORMANCE OF THIS SOFTWARE.
4cd765650776027d05fe7fca248478918e02e63bDavid Lawrence
70e5a7403f0e0a3bd292b8287c5fed5772c15270Automatic Updater# $Id: tests.sh,v 1.37 2012/02/22 23:47:35 tbox Exp $
ab023a65562e62b85a824509d829b6fad87e00b1Rob Austein
ab023a65562e62b85a824509d829b6fad87e00b1Rob AusteinSYSTEMTESTTOP=..
4cd765650776027d05fe7fca248478918e02e63bDavid Lawrence. $SYSTEMTESTTOP/conf.sh
4cd765650776027d05fe7fca248478918e02e63bDavid Lawrence
4cd765650776027d05fe7fca248478918e02e63bDavid LawrenceDIGOPTS="+tcp +noadd +nosea +nostat +noquest +nocomm +nocmd"
4cd765650776027d05fe7fca248478918e02e63bDavid Lawrence
4cd765650776027d05fe7fca248478918e02e63bDavid Lawrencestatus=0
4cd765650776027d05fe7fca248478918e02e63bDavid Lawrence
4cd765650776027d05fe7fca248478918e02e63bDavid Lawrenceecho "I:testing basic zone transfer functionality"
4cd765650776027d05fe7fca248478918e02e63bDavid Lawrence$DIG $DIGOPTS example. \
3759f10fc543747668b1ca4b4671f35b0dea8445Francis Dupont    @10.53.0.2 axfr -p 5300 > dig.out.ns2 || status=1
4cd765650776027d05fe7fca248478918e02e63bDavid Lawrencegrep ";" dig.out.ns2
4cd765650776027d05fe7fca248478918e02e63bDavid Lawrence
4cd765650776027d05fe7fca248478918e02e63bDavid Lawrence#
4cd765650776027d05fe7fca248478918e02e63bDavid Lawrence# Spin to allow the zone to tranfer.
4cd765650776027d05fe7fca248478918e02e63bDavid Lawrence#
4cd765650776027d05fe7fca248478918e02e63bDavid Lawrencefor i in 1 2 3 4 5
4cd765650776027d05fe7fca248478918e02e63bDavid Lawrencedo
4cd765650776027d05fe7fca248478918e02e63bDavid Lawrencetmp=0
4cd765650776027d05fe7fca248478918e02e63bDavid Lawrence$DIG $DIGOPTS example. \
4cd765650776027d05fe7fca248478918e02e63bDavid Lawrence    @10.53.0.3 axfr -p 5300 > dig.out.ns3 || tmp=1
4cd765650776027d05fe7fca248478918e02e63bDavid Lawrence    grep ";" dig.out.ns3 > /dev/null
4cd765650776027d05fe7fca248478918e02e63bDavid Lawrence    if test $? -ne 0 ; then break; fi
4cd765650776027d05fe7fca248478918e02e63bDavid Lawrence    echo "I: plain zone re-transfer"
4cd765650776027d05fe7fca248478918e02e63bDavid Lawrence    sleep 5
4cd765650776027d05fe7fca248478918e02e63bDavid Lawrencedone
4cd765650776027d05fe7fca248478918e02e63bDavid Lawrenceif test $tmp -eq 1 ; then status=1; fi
4cd765650776027d05fe7fca248478918e02e63bDavid Lawrencegrep ";" dig.out.ns3
4cd765650776027d05fe7fca248478918e02e63bDavid Lawrence
d70dac20d2b88e48fbf2606180d0ba6dcc4bc44fTinderbox User$PERL ../digcomp.pl dig1.good dig.out.ns2 || status=1
4cd765650776027d05fe7fca248478918e02e63bDavid Lawrence
4cd765650776027d05fe7fca248478918e02e63bDavid Lawrence$PERL ../digcomp.pl dig1.good dig.out.ns3 || status=1
4cd765650776027d05fe7fca248478918e02e63bDavid Lawrence
4cd765650776027d05fe7fca248478918e02e63bDavid Lawrenceecho "I:testing TSIG signed zone transfers"
4cd765650776027d05fe7fca248478918e02e63bDavid Lawrence$DIG $DIGOPTS tsigzone. \
4cd765650776027d05fe7fca248478918e02e63bDavid Lawrence        @10.53.0.2 axfr -y tsigzone.:1234abcd8765 -p 5300 \
4cd765650776027d05fe7fca248478918e02e63bDavid Lawrence    > dig.out.ns2 || status=1
4cd765650776027d05fe7fca248478918e02e63bDavid Lawrencegrep ";" dig.out.ns2
4cd765650776027d05fe7fca248478918e02e63bDavid Lawrence
d70dac20d2b88e48fbf2606180d0ba6dcc4bc44fTinderbox User#
# Spin to allow the zone to tranfer.
#
for i in 1 2 3 4 5
do
tmp=0
$DIG $DIGOPTS tsigzone. \
        @10.53.0.3 axfr -y tsigzone.:1234abcd8765 -p 5300 \
    > dig.out.ns3 || tmp=1
    grep ";" dig.out.ns3 > /dev/null
    if test $? -ne 0 ; then break; fi
    echo "I: plain zone re-transfer"
    sleep 5
done
if test $tmp -eq 1 ; then status=1; fi
grep ";" dig.out.ns3

$PERL ../digcomp.pl dig.out.ns2 dig.out.ns3 || status=1

echo "I:reload servers for in preparation for ixfr-from-differences tests"

$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 reload 2>&1 | sed 's/^/I:ns1 /'
$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 reload 2>&1 | sed 's/^/I:ns2 /'
$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 reload 2>&1 | sed 's/^/I:ns3 /'
$RNDC -c ../common/rndc.conf -s 10.53.0.6 -p 9953 reload 2>&1 | sed 's/^/I:ns6 /'
$RNDC -c ../common/rndc.conf -s 10.53.0.7 -p 9953 reload 2>&1 | sed 's/^/I:ns7 /'

sleep 2

echo "I:updating master zones for ixfr-from-differences tests"

$PERL -i -p -e '
    s/0\.0\.0\.0/0.0.0.1/;
    s/1397051952/1397051953/
' ns1/slave.db

$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 reload 2>&1 | sed 's/^/I:ns1 /'

$PERL -i -p -e '
    s/0\.0\.0\.0/0.0.0.1/;
    s/1397051952/1397051953/
' ns2/example.db

$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 reload 2>&1 | sed 's/^/I:ns2 /'

$PERL -i -p -e '
    s/0\.0\.0\.0/0.0.0.1/;
    s/1397051952/1397051953/
' ns6/master.db

$RNDC -c ../common/rndc.conf -s 10.53.0.6 -p 9953 reload 2>&1 | sed 's/^/I:ns6 /'

$PERL -i -p -e '
    s/0\.0\.0\.0/0.0.0.1/;
    s/1397051952/1397051953/
' ns7/master2.db

$RNDC -c ../common/rndc.conf -s 10.53.0.7 -p 9953 reload 2>&1 | sed 's/^/I:ns7 /'

sleep 3

echo "I:testing ixfr-from-differences yes;"
tmp=0

$DIG $DIGOPTS example. \
    @10.53.0.3 axfr -p 5300 > dig.out.ns3 || tmp=1
grep ";" dig.out.ns3

$PERL ../digcomp.pl dig2.good dig.out.ns3 || tmp=1

# ns3 has a journal iff it received an IXFR.
test -f ns3/example.bk || tmp=1
test -f ns3/example.bk.jnl || tmp=1

if test $tmp != 0 ; then echo "I:failed"; fi
status=`expr $status + $tmp`

echo "I:testing ixfr-from-differences master; (master zone)"
tmp=0

$DIG $DIGOPTS master. \
    @10.53.0.6 axfr -p 5300 > dig.out.ns6 || tmp=1
grep ";" dig.out.ns6

$DIG $DIGOPTS master. \
    @10.53.0.3 axfr -p 5300 > dig.out.ns3 || tmp=1
grep ";" dig.out.ns3 && cat dig.out.ns3

$PERL ../digcomp.pl dig.out.ns6 dig.out.ns3 || tmp=1

# ns3 has a journal iff it received an IXFR.
test -f ns3/master.bk || tmp=1
test -f ns3/master.bk.jnl || tmp=1

if test $tmp != 0 ; then echo "I:failed"; fi
status=`expr $status + $tmp`

echo "I:testing ixfr-from-differences master; (slave zone)"
tmp=0

$DIG $DIGOPTS slave. \
    @10.53.0.6 axfr -p 5300 > dig.out.ns6 || tmp=1
grep ";" dig.out.ns6

$DIG $DIGOPTS slave. \
    @10.53.0.1 axfr -p 5300 > dig.out.ns1 || tmp=1
grep ";" dig.out.ns1

$PERL ../digcomp.pl dig.out.ns6 dig.out.ns1 || tmp=1

# ns6 has a journal iff it received an IXFR.
test -f ns6/slave.bk || tmp=1
test -f ns6/slave.bk.jnl && tmp=1

if test $tmp != 0 ; then echo "I:failed"; fi
status=`expr $status + $tmp`

echo "I:testing ixfr-from-differences slave; (master zone)"
tmp=0

# ns7 has a journal iff it generates an IXFR.
test -f ns7/master2.db || tmp=1
test -f ns7/master2.db.jnl && tmp=1

if test $tmp != 0 ; then echo "I:failed"; fi
status=`expr $status + $tmp`
echo "I:testing ixfr-from-differences slave; (slave zone)"
tmp=0

$DIG $DIGOPTS slave. \
    @10.53.0.1 axfr -p 5300 > dig.out.ns1 || tmp=1
grep ";" dig.out.ns1

$DIG $DIGOPTS slave. \
    @10.53.0.7 axfr -p 5300 > dig.out.ns7 || tmp=1
grep ";" dig.out.ns1

$PERL ../digcomp.pl dig.out.ns7 dig.out.ns1 || tmp=1

# ns7 has a journal iff it generates an IXFR.
test -f ns7/slave.bk || tmp=1
test -f ns7/slave.bk.jnl || tmp=1

if test $tmp != 0 ; then echo "I:failed"; fi
status=`expr $status + $tmp`

echo "I:check that a multi-message uncompressable zone transfers"
$DIG axfr . -p 5300 @10.53.0.4 | grep SOA > axfr.out
if test `wc -l < axfr.out` != 2
then
     echo "I:failed"
     status=`expr $status + 1`
fi

# now we test transfers with assorted TSIG glitches
DIGCMD="$DIG $DIGOPTS @10.53.0.4 -p 5300"
SENDCMD="$PERL ../send.pl 10.53.0.5 5301"
RNDCCMD="$RNDC -s 10.53.0.4 -p 9953 -c ../common/rndc.conf"

echo "I:testing that incorrectly signed transfers will fail..."
echo "I:initial correctly-signed transfer should succeed"

$SENDCMD < ans5/goodaxfr
sleep 1

# Initially, ns4 is not authoritative for anything.
# Now that ans is up and running with the right data, we make it
# a slave for nil.

cat <<EOF >>ns4/named.conf
zone "nil" {
    type slave;
    file "nil.db";
    masters { 10.53.0.5 key tsig_key; };
};
EOF

$RNDCCMD reload | sed 's/^/I:ns4 /'


for i in 0 1 2 3 4 5 6 7 8 9
do
    $DIGCMD nil. SOA > dig.out.ns4
    grep SOA dig.out.ns4 > /dev/null && break
    sleep 1
done

$DIGCMD nil. TXT | grep 'initial AXFR' >/dev/null || {
    echo "I:failed"
    status=1
}

echo "I:unsigned transfer"

$SENDCMD < ans5/unsigned
sleep 1

$RNDCCMD retransfer nil | sed 's/^/I:ns4 /'

sleep 2

$DIGCMD nil. TXT | grep 'unsigned AXFR' >/dev/null && {
    echo "I:failed"
    status=1
}

echo "I:bad keydata"

$SENDCMD < ans5/badkeydata
sleep 1

$RNDCCMD retransfer nil | sed 's/^/I:ns4 /'

sleep 2

$DIGCMD nil. TXT | grep 'bad keydata AXFR' >/dev/null && {
    echo "I:failed"
    status=1
}

echo "I:partially-signed transfer"

$SENDCMD < ans5/partial
sleep 1

$RNDCCMD retransfer nil | sed 's/^/I:ns4 /'

sleep 2

$DIGCMD nil. TXT | grep 'partially signed AXFR' >/dev/null && {
    echo "I:failed"
    status=1
}

echo "I:unknown key"

$SENDCMD < ans5/unknownkey
sleep 1

$RNDCCMD retransfer nil | sed 's/^/I:ns4 /'

sleep 2

$DIGCMD nil. TXT | grep 'unknown key AXFR' >/dev/null && {
    echo "I:failed"
    status=1
}

echo "I:incorrect key"

$SENDCMD < ans5/wrongkey
sleep 1

$RNDCCMD retransfer nil | sed 's/^/I:ns4 /'

sleep 2

$DIGCMD nil. TXT | grep 'incorrect key AXFR' >/dev/null && {
    echo "I:failed"
    status=1
}

echo "I:exit status: $status"
exit $status