1#!/bin/sh
2#
3# Copyright (C) 2012-2014  Internet Systems Consortium, Inc. ("ISC")
4#
5# Permission to use, copy, modify, and/or distribute this software for any
6# purpose with or without fee is hereby granted, provided that the above
7# copyright notice and this permission notice appear in all copies.
8#
9# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
10# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
11# AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
12# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
13# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
14# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
15# PERFORMANCE OF THIS SOFTWARE.
16
17SYSTEMTESTTOP=..
18. $SYSTEMTESTTOP/conf.sh
19
20DIG="./dig.sh"
21chmod +x $DIG
22
23CHECKDS="$CHECKDS -d $DIG -D $DSFROMKEY"
24
25status=0
26n=1
27
28echo "I:checking for correct DS, looking up key via 'dig' ($n)"
29ret=0
30$CHECKDS ok.example > checkds.out.$n 2>&1 || ret=1
31grep 'SHA-1' checkds.out.$n > /dev/null 2>&1 || ret=1
32grep 'SHA-256' checkds.out.$n > /dev/null 2>&1 || ret=1
33n=`expr $n + 1`
34if [ $ret != 0 ]; then echo "I:failed"; fi
35status=`expr $status + $ret`
36
37echo "I:checking for correct DS, obtaining key from file ($n)"
38ret=0
39$CHECKDS -f ok.example.dnskey.db ok.example > checkds.out.$n || ret=1
40grep 'SHA-1' checkds.out.$n > /dev/null 2>&1 || ret=1
41grep 'SHA-256' checkds.out.$n > /dev/null 2>&1 || ret=1
42n=`expr $n + 1`
43if [ $ret != 0 ]; then echo "I:failed"; fi
44status=`expr $status + $ret`
45
46echo "I:checking for correct DLV, looking up key via 'dig' ($n)"
47ret=0
48$CHECKDS -l dlv.example ok.example > checkds.out.$n || ret=1
49grep 'SHA-1' checkds.out.$n > /dev/null 2>&1 || ret=1
50grep 'SHA-256' checkds.out.$n > /dev/null 2>&1 || ret=1
51n=`expr $n + 1`
52if [ $ret != 0 ]; then echo "I:failed"; fi
53status=`expr $status + $ret`
54
55echo "I:checking for correct DLV, obtaining key from file ($n)"
56ret=0
57$CHECKDS -l dlv.example -f ok.example.dnskey.db ok.example > checkds.out.$n || ret=1
58grep 'SHA-1' checkds.out.$n > /dev/null 2>&1 || ret=1
59grep 'SHA-256' checkds.out.$n > /dev/null 2>&1 || ret=1
60n=`expr $n + 1`
61if [ $ret != 0 ]; then echo "I:failed"; fi
62status=`expr $status + $ret`
63
64echo "I:checking for incorrect DS, lowronging up key via 'dig' ($n)"
65ret=0
66$CHECKDS wrong.example > checkds.out.$n || ret=1
67grep 'SHA-1' checkds.out.$n > /dev/null 2>&1 || ret=1
68grep 'SHA-256' checkds.out.$n > /dev/null 2>&1 || ret=1
69n=`expr $n + 1`
70if [ $ret != 0 ]; then echo "I:failed"; fi
71status=`expr $status + $ret`
72
73echo "I:checking for incorrect DS, obtaining key from file ($n)"
74ret=0
75$CHECKDS -f wrong.example.dnskey.db wrong.example > checkds.out.$n || ret=1
76grep 'SHA-1' checkds.out.$n > /dev/null 2>&1 || ret=1
77grep 'SHA-256' checkds.out.$n > /dev/null 2>&1 || ret=1
78n=`expr $n + 1`
79if [ $ret != 0 ]; then echo "I:failed"; fi
80status=`expr $status + $ret`
81
82echo "I:checking for incorrect DLV, lowronging up key via 'dig' ($n)"
83ret=0
84$CHECKDS -l dlv.example wrong.example > checkds.out.$n || ret=1
85grep 'SHA-1' checkds.out.$n > /dev/null 2>&1 || ret=1
86grep 'SHA-256' checkds.out.$n > /dev/null 2>&1 || ret=1
87n=`expr $n + 1`
88if [ $ret != 0 ]; then echo "I:failed"; fi
89status=`expr $status + $ret`
90
91echo "I:checking for incorrect DLV, obtaining key from file ($n)"
92ret=0
93$CHECKDS -l dlv.example -f wrong.example.dnskey.db wrong.example > checkds.out.$n || ret=1
94grep 'SHA-1' checkds.out.$n > /dev/null 2>&1 || ret=1
95grep 'SHA-256' checkds.out.$n > /dev/null 2>&1 || ret=1
96n=`expr $n + 1`
97if [ $ret != 0 ]; then echo "I:failed"; fi
98status=`expr $status + $ret`
99
100
101echo "I:checking for partially missing DS, looking up key via 'dig' ($n)"
102ret=0
103$CHECKDS missing.example > checkds.out.$n || ret=1
104grep 'SHA-1.*found' checkds.out.$n > /dev/null 2>&1 || ret=1
105grep 'SHA-256.*found' checkds.out.$n > /dev/null 2>&1 || ret=1
106grep 'SHA-1.*missing' checkds.out.$n > /dev/null 2>&1 || ret=1
107grep 'SHA-256.*missing' checkds.out.$n > /dev/null 2>&1 || ret=1
108n=`expr $n + 1`
109if [ $ret != 0 ]; then echo "I:failed"; fi
110status=`expr $status + $ret`
111
112echo "I:checking for partially missing DS, obtaining key from file ($n)"
113ret=0
114$CHECKDS -f missing.example.dnskey.db missing.example > checkds.out.$n || ret=1
115grep 'SHA-1.*found' checkds.out.$n > /dev/null 2>&1 || ret=1
116grep 'SHA-256.*found' checkds.out.$n > /dev/null 2>&1 || ret=1
117grep 'SHA-1.*missing' checkds.out.$n > /dev/null 2>&1 || ret=1
118grep 'SHA-256.*missing' checkds.out.$n > /dev/null 2>&1 || ret=1
119n=`expr $n + 1`
120if [ $ret != 0 ]; then echo "I:failed"; fi
121status=`expr $status + $ret`
122
123echo "I:checking for partially missing DLV, looking up key via 'dig' ($n)"
124ret=0
125$CHECKDS -l dlv.example missing.example > checkds.out.$n || ret=1
126grep 'SHA-1.*found' checkds.out.$n > /dev/null 2>&1 || ret=1
127grep 'SHA-256.*found' checkds.out.$n > /dev/null 2>&1 || ret=1
128grep 'SHA-1.*missing' checkds.out.$n > /dev/null 2>&1 || ret=1
129grep 'SHA-256.*missing' checkds.out.$n > /dev/null 2>&1 || ret=1
130n=`expr $n + 1`
131if [ $ret != 0 ]; then echo "I:failed"; fi
132status=`expr $status + $ret`
133
134echo "I:checking for partially missing DLV, obtaining key from file ($n)"
135ret=0
136$CHECKDS -l dlv.example -f missing.example.dnskey.db missing.example > checkds.out.$n || ret=1
137grep 'SHA-1.*found' checkds.out.$n > /dev/null 2>&1 || ret=1
138grep 'SHA-256.*found' checkds.out.$n > /dev/null 2>&1 || ret=1
139grep 'SHA-1.*missing' checkds.out.$n > /dev/null 2>&1 || ret=1
140grep 'SHA-256.*missing' checkds.out.$n > /dev/null 2>&1 || ret=1
141n=`expr $n + 1`
142if [ $ret != 0 ]; then echo "I:failed"; fi
143status=`expr $status + $ret`
144
145echo "I:checking for entirely missing DS, looking up key via 'dig' ($n)"
146ret=0
147$CHECKDS none.example > checkds.out.$n && ret=1
148grep 'No DS' checkds.out.$n > /dev/null 2>&1 || ret=1
149n=`expr $n + 1`
150if [ $ret != 0 ]; then echo "I:failed"; fi
151status=`expr $status + $ret`
152
153echo "I:checking for entirely missing DS, obtaining key from file ($n)"
154ret=0
155$CHECKDS -f none.example.dnskey.db none.example > checkds.out.$n && ret=1
156grep 'No DS' checkds.out.$n > /dev/null 2>&1 || ret=1
157n=`expr $n + 1`
158if [ $ret != 0 ]; then echo "I:failed"; fi
159status=`expr $status + $ret`
160
161echo "I:checking for entirely missing DLV, looking up key via 'dig' ($n)"
162ret=0
163$CHECKDS -l dlv.example none.example > checkds.out.$n && ret=1
164grep 'No DLV' checkds.out.$n > /dev/null 2>&1 || ret=1
165n=`expr $n + 1`
166if [ $ret != 0 ]; then echo "I:failed"; fi
167status=`expr $status + $ret`
168
169echo "I:checking for entirely missing DLV, obtaining key from file ($n)"
170ret=0
171$CHECKDS -l dlv.example -f none.example.dnskey.db none.example > checkds.out.$n && ret=1
172grep 'No DLV' checkds.out.$n > /dev/null 2>&1 || ret=1
173n=`expr $n + 1`
174if [ $ret != 0 ]; then echo "I:failed"; fi
175status=`expr $status + $ret`
176
177if [ $status = 0 ]; then $SHELL clean.sh; fi
178echo "I:exit status: $status"
179exit $status
180