1#!/bin/sh 2# 3# Copyright (C) 2010-2013 Internet Systems Consortium, Inc. ("ISC") 4# 5# Permission to use, copy, modify, and/or distribute this software for any 6# purpose with or without fee is hereby granted, provided that the above 7# copyright notice and this permission notice appear in all copies. 8# 9# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH 10# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY 11# AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, 12# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM 13# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE 14# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR 15# PERFORMANCE OF THIS SOFTWARE. 16 17# Id: tests.sh,v 1.6 2011/06/17 23:47:49 tbox Exp 18 19SYSTEMTESTTOP=.. 20. $SYSTEMTESTTOP/conf.sh 21 22DIGOPTS="+tcp +nosea +nostat +nocmd +norec +noques +noauth +noadd +nostats +dnssec -p 5300" 23status=0 24n=0 25 26echo "I:checking normally loaded zone ($n)" 27ret=0 28$DIG $DIGOPTS @10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret=1 29grep 'status: NOERROR' dig.out.ns2.$n > /dev/null || ret=1 30grep '^a.normal.example' dig.out.ns2.$n > /dev/null || ret=1 31n=`expr $n + 1` 32if [ $ret != 0 ]; then echo "I:failed"; fi 33status=`expr $status + $ret` 34 35echo "I:checking previously added zone ($n)" 36ret=0 37$DIG $DIGOPTS @10.53.0.2 a.previous.example a > dig.out.ns2.$n || ret=1 38grep 'status: NOERROR' dig.out.ns2.$n > /dev/null || ret=1 39grep '^a.previous.example' dig.out.ns2.$n > /dev/null || ret=1 40n=`expr $n + 1` 41if [ $ret != 0 ]; then echo "I:failed"; fi 42status=`expr $status + $ret` 43 44echo "I:adding new zone ($n)" 45ret=0 46$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 addzone 'added.example { type master; file "added.db"; };' 2>&1 | sed 's/^/I:ns2 /' 47$DIG $DIGOPTS @10.53.0.2 a.added.example a > dig.out.ns2.$n || ret=1 48grep 'status: NOERROR' dig.out.ns2.$n > /dev/null || ret=1 49grep '^a.added.example' dig.out.ns2.$n > /dev/null || ret=1 50n=`expr $n + 1` 51if [ $ret != 0 ]; then echo "I:failed"; fi 52status=`expr $status + $ret` 53 54echo "I:adding a zone that requires quotes ($n)" 55ret=0 56$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 addzone '"32/1.0.0.127-in-addr.added.example" { check-names ignore; type master; file "added.db"; };' 2>&1 | sed 's/^/I:ns2 /' 57$DIG $DIGOPTS @10.53.0.2 "a.32/1.0.0.127-in-addr.added.example" a > dig.out.ns2.$n || ret=1 58grep 'status: NOERROR' dig.out.ns2.$n > /dev/null || ret=1 59grep '^a.32/1.0.0.127-in-addr.added.example' dig.out.ns2.$n > /dev/null || ret=1 60n=`expr $n + 1` 61if [ $ret != 0 ]; then echo "I:failed"; fi 62status=`expr $status + $ret` 63 64echo "I:adding a zone with a quote in the name ($n)" 65ret=0 66$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 addzone '"foo\"bar.example" { check-names ignore; type master; file "added.db"; };' 2>&1 | sed 's/^/I:ns2 /' 67$DIG $DIGOPTS @10.53.0.2 "a.foo\"bar.example" a > dig.out.ns2.$n || ret=1 68grep 'status: NOERROR' dig.out.ns2.$n > /dev/null || ret=1 69grep '^a.foo\\"bar.example' dig.out.ns2.$n > /dev/null || ret=1 70n=`expr $n + 1` 71if [ $ret != 0 ]; then echo "I:failed"; fi 72status=`expr $status + $ret` 73 74echo "I:adding new zone with missing master file ($n)" 75ret=0 76$DIG $DIGOPTS +all @10.53.0.2 a.missing.example a > dig.out.ns2.pre.$n || ret=1 77grep "status: REFUSED" dig.out.ns2.pre.$n > /dev/null || ret=1 78$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 addzone 'missing.example { type master; file "missing.db"; };' 2> rndc.out.ns2.$n 79grep "file not found" rndc.out.ns2.$n > /dev/null || ret=1 80$DIG $DIGOPTS +all @10.53.0.2 a.missing.example a > dig.out.ns2.post.$n || ret=1 81grep "status: REFUSED" dig.out.ns2.post.$n > /dev/null || ret=1 82$PERL ../digcomp.pl dig.out.ns2.pre.$n dig.out.ns2.post.$n || ret=1 83n=`expr $n + 1` 84if [ $ret != 0 ]; then echo "I:failed"; fi 85status=`expr $status + $ret` 86 87echo "I:verifying no comments in nzf file ($n)" 88ret=0 89hcount=`grep "^# New zone file for view: _default" ns2/3bf305731dd26307.nzf | wc -l` 90[ $hcount -eq 0 ] || ret=1 91n=`expr $n + 1` 92if [ $ret != 0 ]; then echo "I:failed"; fi 93status=`expr $status + $ret` 94 95echo "I:deleting previously added zone ($n)" 96ret=0 97$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 delzone previous.example 2>&1 | sed 's/^/I:ns2 /' 98$DIG $DIGOPTS @10.53.0.2 a.previous.example a > dig.out.ns2.$n 99grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1 100grep '^a.previous.example' dig.out.ns2.$n > /dev/null && ret=1 101n=`expr $n + 1` 102if [ $ret != 0 ]; then echo "I:failed"; fi 103status=`expr $status + $ret` 104 105echo "I:checking nzf file now has comment ($n)" 106ret=0 107hcount=`grep "^# New zone file for view: _default" ns2/3bf305731dd26307.nzf | wc -l` 108[ $hcount -eq 1 ] || ret=1 109n=`expr $n + 1` 110if [ $ret != 0 ]; then echo "I:failed"; fi 111status=`expr $status + $ret` 112 113echo "I:deleting newly added zone ($n)" 114ret=0 115$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 delzone added.example 2>&1 | sed 's/^/I:ns2 /' 116$DIG $DIGOPTS @10.53.0.2 a.added.example a > dig.out.ns2.$n 117grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1 118grep '^a.added.example' dig.out.ns2.$n > /dev/null && ret=1 119n=`expr $n + 1` 120if [ $ret != 0 ]; then echo "I:failed"; fi 121status=`expr $status + $ret` 122 123echo "I:deleting newly added zone with escaped quote ($n)" 124ret=0 125$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 delzone "foo\\\"bar.example" 2>&1 | sed 's/^/I:ns2 /' 126$DIG $DIGOPTS @10.53.0.2 "a.foo\"bar.example" a > dig.out.ns2.$n 127grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1 128grep "^a.foo\"bar.example" dig.out.ns2.$n > /dev/null && ret=1 129n=`expr $n + 1` 130if [ $ret != 0 ]; then echo "I:failed"; fi 131status=`expr $status + $ret` 132 133echo "I:attempt to delete a normally-loaded zone ($n)" 134ret=0 135$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 delzone normal.example 2> rndc.out.ns2.$n 136grep "permission denied" rndc.out.ns2.$n > /dev/null || ret=1 137$DIG $DIGOPTS @10.53.0.2 a.normal.example a > dig.out.ns2.$n 138grep 'status: NOERROR' dig.out.ns2.$n > /dev/null || ret=1 139grep '^a.normal.example' dig.out.ns2.$n > /dev/null || ret=1 140n=`expr $n + 1` 141if [ $ret != 0 ]; then echo "I:failed"; fi 142status=`expr $status + $ret` 143 144echo "I:attempting to add master zone with inline signing ($n)" 145$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 addzone 'inline.example { type master; file "inline.db"; inline-signing yes; };' 2>&1 | sed 's/^/I:ns2 /' 146for i in 1 2 3 4 5 147do 148ret=0 149$DIG $DIGOPTS @10.53.0.2 a.inline.example a > dig.out.ns2.$n || ret=1 150grep 'status: NOERROR' dig.out.ns2.$n > /dev/null || ret=1 151grep '^a.inline.example' dig.out.ns2.$n > /dev/null || ret=1 152[ $ret = 0 ] && break 153sleep 1 154done 155n=`expr $n + 1` 156if [ $ret != 0 ]; then echo "I:failed"; fi 157status=`expr $status + $ret` 158 159echo "I:attempting to add master zone with inline signing and missing master ($n)" 160ret=0 161$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 addzone 'inlinemissing.example { type master; file "missing.db"; inline-signing yes; };' 2> rndc.out.ns2.$n 162grep "file not found" rndc.out.ns2.$n > /dev/null || ret=1 163n=`expr $n + 1` 164if [ $ret != 0 ]; then echo "I:failed"; fi 165status=`expr $status + $ret` 166 167echo "I:attempting to add slave zone with inline signing ($n)" 168$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 addzone 'inlineslave.example { type slave; masters { 10.53.0.1; }; file "inlineslave.bk"; inline-signing yes; };' 2>&1 | sed 's/^/I:ns2 /' 169for i in 1 2 3 4 5 170do 171ret=0 172$DIG $DIGOPTS @10.53.0.2 a.inlineslave.example a > dig.out.ns2.$n || ret=1 173grep 'status: NOERROR' dig.out.ns2.$n > /dev/null || ret=1 174grep '^a.inlineslave.example' dig.out.ns2.$n > /dev/null || ret=1 175[ $ret = 0 ] && break 176sleep 1 177done 178n=`expr $n + 1` 179if [ $ret != 0 ]; then echo "I:failed"; fi 180status=`expr $status + $ret` 181 182echo "I:attempting to delete slave zone with inline signing ($n)" 183ret=0 184for i in 0 1 2 3 4 5 6 7 8 9 185do 186 test -f ns2/inlineslave.bk.signed -a -f ns2/inlineslave.bk && break 187 sleep 1 188done 189$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 delzone inlineslave.example 2>&1 > rndc.out2.test$n 190test -f inlineslave.bk || 191grep '^inlineslave.bk$' rndc.out2.test$n > /dev/null || { 192 echo "I:failed to report inlineslave.bk"; ret=1; 193} 194test ! -f inlineslave.bk.signed || 195grep '^inlineslave.bk.signed$' rndc.out2.test$n > /dev/null || { 196 echo "I:failed to report inlineslave.bk.signed"; ret=1; 197} 198n=`expr $n + 1` 199status=`expr $status + $ret` 200 201echo "I:restoring slave zone with inline signing ($n)" 202$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 addzone 'inlineslave.example { type slave; masters { 10.53.0.1; }; file "inlineslave.bk"; inline-signing yes; };' 2>&1 | sed 's/^/I:ns2 /' 203for i in 1 2 3 4 5 204do 205ret=0 206$DIG $DIGOPTS @10.53.0.2 a.inlineslave.example a > dig.out.ns2.$n || ret=1 207grep 'status: NOERROR' dig.out.ns2.$n > /dev/null || ret=1 208grep '^a.inlineslave.example' dig.out.ns2.$n > /dev/null || ret=1 209[ $ret = 0 ] && break 210sleep 1 211done 212n=`expr $n + 1` 213if [ $ret != 0 ]; then echo "I:failed"; fi 214status=`expr $status + $ret` 215 216echo "I:deleting slave zone with automatic zone file removal ($n)" 217ret=0 218for i in 0 1 2 3 4 5 6 7 8 9 219do 220 test -f ns2/inlineslave.bk.signed -a -f ns2/inlineslave.bk && break 221 sleep 1 222done 223$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 delzone -clean inlineslave.example 2>&1 > /dev/null 224for i in 0 1 2 3 4 5 6 7 8 9 225do 226 ret=0 227 test -f ns2/inlineslave.bk.signed -a -f ns2/inlineslave.bk && ret=1 228 [ $ret = 0 ] && break 229 sleep 1 230done 231n=`expr $n + 1` 232status=`expr $status + $ret` 233 234echo "I:reconfiguring server with multiple views" 235rm -f ns2/named.conf 236cp -f ns2/named2.conf ns2/named.conf 237$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 reconfig 2>&1 | sed 's/^/I:ns2 /' 238sleep 5 239 240echo "I:adding new zone to external view ($n)" 241# NOTE: The internal view has "recursion yes" set, and so queries for 242# nonexistent zones should return NOERROR. The external view is 243# "recursion no", so queries for nonexistent zones should return 244# REFUSED. This behavior should be the same regardless of whether 245# the zone does not exist because a) it has not yet been loaded, b) 246# it failed to load, or c) it has been deleted. 247ret=0 248$DIG +norec $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.added.example a > dig.out.ns2.intpre.$n || ret=1 249grep 'status: NOERROR' dig.out.ns2.intpre.$n > /dev/null || ret=1 250$DIG +norec $DIGOPTS @10.53.0.4 -b 10.53.0.4 a.added.example a > dig.out.ns2.extpre.$n || ret=1 251grep 'status: REFUSED' dig.out.ns2.extpre.$n > /dev/null || ret=1 252$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 addzone 'added.example in external { type master; file "added.db"; };' 2>&1 | sed 's/^/I:ns2 /' 253$DIG +norec $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.added.example a > dig.out.ns2.int.$n || ret=1 254grep 'status: NOERROR' dig.out.ns2.int.$n > /dev/null || ret=1 255$DIG +norec $DIGOPTS @10.53.0.4 -b 10.53.0.4 a.added.example a > dig.out.ns2.ext.$n || ret=1 256grep 'status: NOERROR' dig.out.ns2.ext.$n > /dev/null || ret=1 257grep '^a.added.example' dig.out.ns2.ext.$n > /dev/null || ret=1 258n=`expr $n + 1` 259if [ $ret != 0 ]; then echo "I:failed"; fi 260status=`expr $status + $ret` 261 262echo "I:checking new nzf file has comment ($n)" 263ret=0 264hcount=`grep "^# New zone file for view: external" ns2/3c4623849a49a539.nzf | wc -l` 265[ $hcount -eq 1 ] || ret=1 266n=`expr $n + 1` 267if [ $ret != 0 ]; then echo "I:failed"; fi 268status=`expr $status + $ret` 269 270 271echo "I:deleting newly added zone ($n)" 272ret=0 273$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 delzone 'added.example in external' 2>&1 | sed 's/^/I:ns2 /' 274$DIG $DIGOPTS @10.53.0.4 -b 10.53.0.4 a.added.example a > dig.out.ns2.$n || ret=1 275grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1 276grep '^a.added.example' dig.out.ns2.$n > /dev/null && ret=1 277n=`expr $n + 1` 278if [ $ret != 0 ]; then echo "I:failed"; fi 279status=`expr $status + $ret` 280 281echo "I:attempting to add zone to internal view ($n)" 282ret=0 283$DIG +norec $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.added.example a > dig.out.ns2.pre.$n || ret=1 284grep 'status: NOERROR' dig.out.ns2.pre.$n > /dev/null || ret=1 285$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 addzone 'added.example in internal { type master; file "added.db"; };' 2> rndc.out.ns2.$n 286grep "permission denied" rndc.out.ns2.$n > /dev/null || ret=1 287$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.added.example a > dig.out.ns2.int.$n || ret=1 288grep 'status: NOERROR' dig.out.ns2.int.$n > /dev/null || ret=1 289$DIG $DIGOPTS @10.53.0.4 -b 10.53.0.4 a.added.example a > dig.out.ns2.ext.$n || ret=1 290grep 'status: REFUSED' dig.out.ns2.ext.$n > /dev/null || ret=1 291n=`expr $n + 1` 292if [ $ret != 0 ]; then echo "I:failed"; fi 293status=`expr $status + $ret` 294 295echo "I:ensure the configuration context is cleaned up correctly ($n)" 296ret=0 297$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 reconfig > /dev/null 2>&1 || ret=1 298sleep 5 299$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 status > /dev/null 2>&1 || ret=1 300n=`expr $n + 1` 301if [ $ret != 0 ]; then echo "I:failed"; fi 302status=`expr $status + $ret` 303 304echo "I:exit status: $status" 305exit $status 306