1#!/bin/sh 2# 3# Copyright (C) 2004, 2005, 2007, 2011-2014 Internet Systems Consortium, Inc. ("ISC") 4# Copyright (C) 2000, 2001 Internet Software Consortium. 5# 6# Permission to use, copy, modify, and/or distribute this software for any 7# purpose with or without fee is hereby granted, provided that the above 8# copyright notice and this permission notice appear in all copies. 9# 10# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH 11# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY 12# AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, 13# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM 14# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE 15# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR 16# PERFORMANCE OF THIS SOFTWARE. 17 18# Id: tests.sh,v 1.37 2012/02/22 23:47:35 tbox Exp 19 20SYSTEMTESTTOP=.. 21. $SYSTEMTESTTOP/conf.sh 22 23DIGOPTS="+tcp +noadd +nosea +nostat +noquest +nocomm +nocmd" 24 25status=0 26 27echo "I:testing basic zone transfer functionality" 28$DIG $DIGOPTS example. \ 29 @10.53.0.2 axfr -p 5300 > dig.out.ns2 || status=1 30grep "^;" dig.out.ns2 31 32# 33# Spin to allow the zone to tranfer. 34# 35for i in 1 2 3 4 5 36do 37tmp=0 38$DIG $DIGOPTS example. \ 39 @10.53.0.3 axfr -p 5300 > dig.out.ns3 || tmp=1 40 grep "^;" dig.out.ns3 > /dev/null 41 if test $? -ne 0 ; then break; fi 42 echo "I: plain zone re-transfer" 43 sleep 5 44done 45if test $tmp -eq 1 ; then status=1; fi 46grep "^;" dig.out.ns3 47 48$PERL ../digcomp.pl dig1.good dig.out.ns2 || status=1 49 50$PERL ../digcomp.pl dig1.good dig.out.ns3 || status=1 51 52echo "I:testing TSIG signed zone transfers" 53$DIG $DIGOPTS tsigzone. \ 54 @10.53.0.2 axfr -y tsigzone.:1234abcd8765 -p 5300 \ 55 > dig.out.ns2 || status=1 56grep "^;" dig.out.ns2 57 58# 59# Spin to allow the zone to tranfer. 60# 61for i in 1 2 3 4 5 62do 63tmp=0 64$DIG $DIGOPTS tsigzone. \ 65 @10.53.0.3 axfr -y tsigzone.:1234abcd8765 -p 5300 \ 66 > dig.out.ns3 || tmp=1 67 grep "^;" dig.out.ns3 > /dev/null 68 if test $? -ne 0 ; then break; fi 69 echo "I: plain zone re-transfer" 70 sleep 5 71done 72if test $tmp -eq 1 ; then status=1; fi 73grep "^;" dig.out.ns3 74 75$PERL ../digcomp.pl dig.out.ns2 dig.out.ns3 || status=1 76 77echo "I:reload servers for in preparation for ixfr-from-differences tests" 78 79$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 reload 2>&1 | sed 's/^/I:ns1 /' 80$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 reload 2>&1 | sed 's/^/I:ns2 /' 81$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 reload 2>&1 | sed 's/^/I:ns3 /' 82$RNDC -c ../common/rndc.conf -s 10.53.0.6 -p 9953 reload 2>&1 | sed 's/^/I:ns6 /' 83$RNDC -c ../common/rndc.conf -s 10.53.0.7 -p 9953 reload 2>&1 | sed 's/^/I:ns7 /' 84 85sleep 2 86 87echo "I:updating master zones for ixfr-from-differences tests" 88 89$PERL -i -p -e ' 90 s/0\.0\.0\.0/0.0.0.1/; 91 s/1397051952/1397051953/ 92' ns1/slave.db 93 94$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 reload 2>&1 | sed 's/^/I:ns1 /' 95 96$PERL -i -p -e ' 97 s/0\.0\.0\.0/0.0.0.1/; 98 s/1397051952/1397051953/ 99' ns2/example.db 100 101$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 reload 2>&1 | sed 's/^/I:ns2 /' 102 103$PERL -i -p -e ' 104 s/0\.0\.0\.0/0.0.0.1/; 105 s/1397051952/1397051953/ 106' ns6/master.db 107 108$RNDC -c ../common/rndc.conf -s 10.53.0.6 -p 9953 reload 2>&1 | sed 's/^/I:ns6 /' 109 110$PERL -i -p -e ' 111 s/0\.0\.0\.0/0.0.0.1/; 112 s/1397051952/1397051953/ 113' ns7/master2.db 114 115$RNDC -c ../common/rndc.conf -s 10.53.0.7 -p 9953 reload 2>&1 | sed 's/^/I:ns7 /' 116 117sleep 3 118 119echo "I:testing zone is dumped after successful transfer" 120$DIG $DIGOPTS +noall +answer +multi @10.53.0.2 -p 5300 \ 121 slave. soa > dig.out.ns2 || tmp=1 122grep "1397051952 ; serial" dig.out.ns2 > /dev/null 2>&1 || tmp=1 123grep "1397051952 ; serial" ns2/slave.db > /dev/null 2>&1 || tmp=1 124if test $tmp != 0 ; then echo "I:failed"; fi 125status=`expr $status + $tmp` 126 127echo "I:testing ixfr-from-differences yes;" 128tmp=0 129for i in 0 1 2 3 4 5 6 7 8 9 130do 131 $DIG $DIGOPTS @10.53.0.3 -p 5300 +noall +answer soa example > dig.out.soa.ns3 132 grep "1397051953" dig.out.soa.ns3 > /dev/null && break; 133 sleep 1 134done 135 136$DIG $DIGOPTS example. \ 137 @10.53.0.3 axfr -p 5300 > dig.out.ns3 || tmp=1 138grep "^;" dig.out.ns3 139 140$PERL ../digcomp.pl dig2.good dig.out.ns3 || tmp=1 141 142# ns3 has a journal iff it received an IXFR. 143test -f ns3/example.bk || tmp=1 144test -f ns3/example.bk.jnl || tmp=1 145 146if test $tmp != 0 ; then echo "I:failed"; fi 147status=`expr $status + $tmp` 148 149echo "I:testing ixfr-from-differences master; (master zone)" 150tmp=0 151 152$DIG $DIGOPTS master. \ 153 @10.53.0.6 axfr -p 5300 > dig.out.ns6 || tmp=1 154grep "^;" dig.out.ns6 155 156$DIG $DIGOPTS master. \ 157 @10.53.0.3 axfr -p 5300 > dig.out.ns3 || tmp=1 158grep "^;" dig.out.ns3 && cat dig.out.ns3 159 160$PERL ../digcomp.pl dig.out.ns6 dig.out.ns3 || tmp=1 161 162# ns3 has a journal iff it received an IXFR. 163test -f ns3/master.bk || tmp=1 164test -f ns3/master.bk.jnl || tmp=1 165 166if test $tmp != 0 ; then echo "I:failed"; fi 167status=`expr $status + $tmp` 168 169echo "I:testing ixfr-from-differences master; (slave zone)" 170tmp=0 171 172$DIG $DIGOPTS slave. \ 173 @10.53.0.6 axfr -p 5300 > dig.out.ns6 || tmp=1 174grep "^;" dig.out.ns6 175 176$DIG $DIGOPTS slave. \ 177 @10.53.0.1 axfr -p 5300 > dig.out.ns1 || tmp=1 178grep "^;" dig.out.ns1 179 180$PERL ../digcomp.pl dig.out.ns6 dig.out.ns1 || tmp=1 181 182# ns6 has a journal iff it received an IXFR. 183test -f ns6/slave.bk || tmp=1 184test -f ns6/slave.bk.jnl && tmp=1 185 186if test $tmp != 0 ; then echo "I:failed"; fi 187status=`expr $status + $tmp` 188 189echo "I:testing ixfr-from-differences slave; (master zone)" 190tmp=0 191 192# ns7 has a journal iff it generates an IXFR. 193test -f ns7/master2.db || tmp=1 194test -f ns7/master2.db.jnl && tmp=1 195 196if test $tmp != 0 ; then echo "I:failed"; fi 197status=`expr $status + $tmp` 198echo "I:testing ixfr-from-differences slave; (slave zone)" 199tmp=0 200 201$DIG $DIGOPTS slave. \ 202 @10.53.0.1 axfr -p 5300 > dig.out.ns1 || tmp=1 203grep "^;" dig.out.ns1 204 205$DIG $DIGOPTS slave. \ 206 @10.53.0.7 axfr -p 5300 > dig.out.ns7 || tmp=1 207grep "^;" dig.out.ns1 208 209$PERL ../digcomp.pl dig.out.ns7 dig.out.ns1 || tmp=1 210 211# ns7 has a journal iff it generates an IXFR. 212test -f ns7/slave.bk || tmp=1 213test -f ns7/slave.bk.jnl || tmp=1 214 215if test $tmp != 0 ; then echo "I:failed"; fi 216status=`expr $status + $tmp` 217 218echo "I:check that a multi-message uncompressable zone transfers" 219$DIG axfr . -p 5300 @10.53.0.4 | grep SOA > axfr.out 220if test `wc -l < axfr.out` != 2 221then 222 echo "I:failed" 223 status=`expr $status + 1` 224fi 225 226# now we test transfers with assorted TSIG glitches 227DIGCMD="$DIG $DIGOPTS @10.53.0.4 -p 5300" 228SENDCMD="$PERL ../send.pl 10.53.0.5 5301" 229RNDCCMD="$RNDC -s 10.53.0.4 -p 9953 -c ../common/rndc.conf" 230 231echo "I:testing that incorrectly signed transfers will fail..." 232echo "I:initial correctly-signed transfer should succeed" 233 234$SENDCMD < ans5/goodaxfr 235sleep 1 236 237# Initially, ns4 is not authoritative for anything. 238# Now that ans is up and running with the right data, we make it 239# a slave for nil. 240 241cat <<EOF >>ns4/named.conf 242zone "nil" { 243 type slave; 244 file "nil.db"; 245 masters { 10.53.0.5 key tsig_key; }; 246}; 247EOF 248 249$RNDCCMD reload | sed 's/^/I:ns4 /' 250 251 252for i in 0 1 2 3 4 5 6 7 8 9 253do 254 $DIGCMD nil. SOA > dig.out.ns4 255 grep SOA dig.out.ns4 > /dev/null && break 256 sleep 1 257done 258 259$DIGCMD nil. TXT | grep 'initial AXFR' >/dev/null || { 260 echo "I:failed" 261 status=1 262} 263 264echo "I:unsigned transfer" 265 266$SENDCMD < ans5/unsigned 267sleep 1 268 269$RNDCCMD retransfer nil | sed 's/^/I:ns4 /' 270 271sleep 2 272 273$DIGCMD nil. TXT | grep 'unsigned AXFR' >/dev/null && { 274 echo "I:failed" 275 status=1 276} 277 278echo "I:bad keydata" 279 280$SENDCMD < ans5/badkeydata 281sleep 1 282 283$RNDCCMD retransfer nil | sed 's/^/I:ns4 /' 284 285sleep 2 286 287$DIGCMD nil. TXT | grep 'bad keydata AXFR' >/dev/null && { 288 echo "I:failed" 289 status=1 290} 291 292echo "I:partially-signed transfer" 293 294$SENDCMD < ans5/partial 295sleep 1 296 297$RNDCCMD retransfer nil | sed 's/^/I:ns4 /' 298 299sleep 2 300 301$DIGCMD nil. TXT | grep 'partially signed AXFR' >/dev/null && { 302 echo "I:failed" 303 status=1 304} 305 306echo "I:unknown key" 307 308$SENDCMD < ans5/unknownkey 309sleep 1 310 311$RNDCCMD retransfer nil | sed 's/^/I:ns4 /' 312 313sleep 2 314 315$DIGCMD nil. TXT | grep 'unknown key AXFR' >/dev/null && { 316 echo "I:failed" 317 status=1 318} 319 320echo "I:incorrect key" 321 322$SENDCMD < ans5/wrongkey 323sleep 1 324 325$RNDCCMD retransfer nil | sed 's/^/I:ns4 /' 326 327sleep 2 328 329$DIGCMD nil. TXT | grep 'incorrect key AXFR' >/dev/null && { 330 echo "I:failed" 331 status=1 332} 333 334echo "I:exit status: $status" 335exit $status 336