1#!/bin/sh 2# 3# Copyright (C) 2012-2014 Internet Systems Consortium, Inc. ("ISC") 4# 5# Permission to use, copy, modify, and/or distribute this software for any 6# purpose with or without fee is hereby granted, provided that the above 7# copyright notice and this permission notice appear in all copies. 8# 9# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH 10# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY 11# AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, 12# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM 13# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE 14# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR 15# PERFORMANCE OF THIS SOFTWARE. 16 17SYSTEMTESTTOP=.. 18. $SYSTEMTESTTOP/conf.sh 19 20DIG="./dig.sh" 21chmod +x $DIG 22 23CHECKDS="$CHECKDS -d $DIG -D $DSFROMKEY" 24 25status=0 26n=1 27 28echo "I:checking for correct DS, looking up key via 'dig' ($n)" 29ret=0 30$CHECKDS ok.example > checkds.out.$n 2>&1 || ret=1 31grep 'SHA-1' checkds.out.$n > /dev/null 2>&1 || ret=1 32grep 'SHA-256' checkds.out.$n > /dev/null 2>&1 || ret=1 33n=`expr $n + 1` 34if [ $ret != 0 ]; then echo "I:failed"; fi 35status=`expr $status + $ret` 36 37echo "I:checking for correct DS, obtaining key from file ($n)" 38ret=0 39$CHECKDS -f ok.example.dnskey.db ok.example > checkds.out.$n || ret=1 40grep 'SHA-1' checkds.out.$n > /dev/null 2>&1 || ret=1 41grep 'SHA-256' checkds.out.$n > /dev/null 2>&1 || ret=1 42n=`expr $n + 1` 43if [ $ret != 0 ]; then echo "I:failed"; fi 44status=`expr $status + $ret` 45 46echo "I:checking for correct DLV, looking up key via 'dig' ($n)" 47ret=0 48$CHECKDS -l dlv.example ok.example > checkds.out.$n || ret=1 49grep 'SHA-1' checkds.out.$n > /dev/null 2>&1 || ret=1 50grep 'SHA-256' checkds.out.$n > /dev/null 2>&1 || ret=1 51n=`expr $n + 1` 52if [ $ret != 0 ]; then echo "I:failed"; fi 53status=`expr $status + $ret` 54 55echo "I:checking for correct DLV, obtaining key from file ($n)" 56ret=0 57$CHECKDS -l dlv.example -f ok.example.dnskey.db ok.example > checkds.out.$n || ret=1 58grep 'SHA-1' checkds.out.$n > /dev/null 2>&1 || ret=1 59grep 'SHA-256' checkds.out.$n > /dev/null 2>&1 || ret=1 60n=`expr $n + 1` 61if [ $ret != 0 ]; then echo "I:failed"; fi 62status=`expr $status + $ret` 63 64echo "I:checking for incorrect DS, lowronging up key via 'dig' ($n)" 65ret=0 66$CHECKDS wrong.example > checkds.out.$n || ret=1 67grep 'SHA-1' checkds.out.$n > /dev/null 2>&1 || ret=1 68grep 'SHA-256' checkds.out.$n > /dev/null 2>&1 || ret=1 69n=`expr $n + 1` 70if [ $ret != 0 ]; then echo "I:failed"; fi 71status=`expr $status + $ret` 72 73echo "I:checking for incorrect DS, obtaining key from file ($n)" 74ret=0 75$CHECKDS -f wrong.example.dnskey.db wrong.example > checkds.out.$n || ret=1 76grep 'SHA-1' checkds.out.$n > /dev/null 2>&1 || ret=1 77grep 'SHA-256' checkds.out.$n > /dev/null 2>&1 || ret=1 78n=`expr $n + 1` 79if [ $ret != 0 ]; then echo "I:failed"; fi 80status=`expr $status + $ret` 81 82echo "I:checking for incorrect DLV, lowronging up key via 'dig' ($n)" 83ret=0 84$CHECKDS -l dlv.example wrong.example > checkds.out.$n || ret=1 85grep 'SHA-1' checkds.out.$n > /dev/null 2>&1 || ret=1 86grep 'SHA-256' checkds.out.$n > /dev/null 2>&1 || ret=1 87n=`expr $n + 1` 88if [ $ret != 0 ]; then echo "I:failed"; fi 89status=`expr $status + $ret` 90 91echo "I:checking for incorrect DLV, obtaining key from file ($n)" 92ret=0 93$CHECKDS -l dlv.example -f wrong.example.dnskey.db wrong.example > checkds.out.$n || ret=1 94grep 'SHA-1' checkds.out.$n > /dev/null 2>&1 || ret=1 95grep 'SHA-256' checkds.out.$n > /dev/null 2>&1 || ret=1 96n=`expr $n + 1` 97if [ $ret != 0 ]; then echo "I:failed"; fi 98status=`expr $status + $ret` 99 100 101echo "I:checking for partially missing DS, looking up key via 'dig' ($n)" 102ret=0 103$CHECKDS missing.example > checkds.out.$n || ret=1 104grep 'SHA-1.*found' checkds.out.$n > /dev/null 2>&1 || ret=1 105grep 'SHA-256.*found' checkds.out.$n > /dev/null 2>&1 || ret=1 106grep 'SHA-1.*missing' checkds.out.$n > /dev/null 2>&1 || ret=1 107grep 'SHA-256.*missing' checkds.out.$n > /dev/null 2>&1 || ret=1 108n=`expr $n + 1` 109if [ $ret != 0 ]; then echo "I:failed"; fi 110status=`expr $status + $ret` 111 112echo "I:checking for partially missing DS, obtaining key from file ($n)" 113ret=0 114$CHECKDS -f missing.example.dnskey.db missing.example > checkds.out.$n || ret=1 115grep 'SHA-1.*found' checkds.out.$n > /dev/null 2>&1 || ret=1 116grep 'SHA-256.*found' checkds.out.$n > /dev/null 2>&1 || ret=1 117grep 'SHA-1.*missing' checkds.out.$n > /dev/null 2>&1 || ret=1 118grep 'SHA-256.*missing' checkds.out.$n > /dev/null 2>&1 || ret=1 119n=`expr $n + 1` 120if [ $ret != 0 ]; then echo "I:failed"; fi 121status=`expr $status + $ret` 122 123echo "I:checking for partially missing DLV, looking up key via 'dig' ($n)" 124ret=0 125$CHECKDS -l dlv.example missing.example > checkds.out.$n || ret=1 126grep 'SHA-1.*found' checkds.out.$n > /dev/null 2>&1 || ret=1 127grep 'SHA-256.*found' checkds.out.$n > /dev/null 2>&1 || ret=1 128grep 'SHA-1.*missing' checkds.out.$n > /dev/null 2>&1 || ret=1 129grep 'SHA-256.*missing' checkds.out.$n > /dev/null 2>&1 || ret=1 130n=`expr $n + 1` 131if [ $ret != 0 ]; then echo "I:failed"; fi 132status=`expr $status + $ret` 133 134echo "I:checking for partially missing DLV, obtaining key from file ($n)" 135ret=0 136$CHECKDS -l dlv.example -f missing.example.dnskey.db missing.example > checkds.out.$n || ret=1 137grep 'SHA-1.*found' checkds.out.$n > /dev/null 2>&1 || ret=1 138grep 'SHA-256.*found' checkds.out.$n > /dev/null 2>&1 || ret=1 139grep 'SHA-1.*missing' checkds.out.$n > /dev/null 2>&1 || ret=1 140grep 'SHA-256.*missing' checkds.out.$n > /dev/null 2>&1 || ret=1 141n=`expr $n + 1` 142if [ $ret != 0 ]; then echo "I:failed"; fi 143status=`expr $status + $ret` 144 145echo "I:checking for entirely missing DS, looking up key via 'dig' ($n)" 146ret=0 147$CHECKDS none.example > checkds.out.$n && ret=1 148grep 'No DS' checkds.out.$n > /dev/null 2>&1 || ret=1 149n=`expr $n + 1` 150if [ $ret != 0 ]; then echo "I:failed"; fi 151status=`expr $status + $ret` 152 153echo "I:checking for entirely missing DS, obtaining key from file ($n)" 154ret=0 155$CHECKDS -f none.example.dnskey.db none.example > checkds.out.$n && ret=1 156grep 'No DS' checkds.out.$n > /dev/null 2>&1 || ret=1 157n=`expr $n + 1` 158if [ $ret != 0 ]; then echo "I:failed"; fi 159status=`expr $status + $ret` 160 161echo "I:checking for entirely missing DLV, looking up key via 'dig' ($n)" 162ret=0 163$CHECKDS -l dlv.example none.example > checkds.out.$n && ret=1 164grep 'No DLV' checkds.out.$n > /dev/null 2>&1 || ret=1 165n=`expr $n + 1` 166if [ $ret != 0 ]; then echo "I:failed"; fi 167status=`expr $status + $ret` 168 169echo "I:checking for entirely missing DLV, obtaining key from file ($n)" 170ret=0 171$CHECKDS -l dlv.example -f none.example.dnskey.db none.example > checkds.out.$n && ret=1 172grep 'No DLV' checkds.out.$n > /dev/null 2>&1 || ret=1 173n=`expr $n + 1` 174if [ $ret != 0 ]; then echo "I:failed"; fi 175status=`expr $status + $ret` 176 177if [ $status = 0 ]; then $SHELL clean.sh; fi 178echo "I:exit status: $status" 179exit $status 180