1#!/bin/sh
2#
3# Copyright (C) 2004, 2005, 2007, 2011-2014  Internet Systems Consortium, Inc. ("ISC")
4# Copyright (C) 2000, 2001  Internet Software Consortium.
5#
6# Permission to use, copy, modify, and/or distribute this software for any
7# purpose with or without fee is hereby granted, provided that the above
8# copyright notice and this permission notice appear in all copies.
9#
10# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
11# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
12# AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
13# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
14# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
15# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
16# PERFORMANCE OF THIS SOFTWARE.
17
18# Id: tests.sh,v 1.37 2012/02/22 23:47:35 tbox Exp
19
20SYSTEMTESTTOP=..
21. $SYSTEMTESTTOP/conf.sh
22
23DIGOPTS="+tcp +noadd +nosea +nostat +noquest +nocomm +nocmd"
24
25status=0
26
27echo "I:testing basic zone transfer functionality"
28$DIG $DIGOPTS example. \
29	@10.53.0.2 axfr -p 5300 > dig.out.ns2 || status=1
30grep "^;" dig.out.ns2
31
32#
33# Spin to allow the zone to tranfer.
34#
35for i in 1 2 3 4 5
36do
37tmp=0
38$DIG $DIGOPTS example. \
39	@10.53.0.3 axfr -p 5300 > dig.out.ns3 || tmp=1
40	grep "^;" dig.out.ns3 > /dev/null
41	if test $? -ne 0 ; then break; fi
42	echo "I: plain zone re-transfer"
43	sleep 5
44done
45if test $tmp -eq 1 ; then status=1; fi
46grep "^;" dig.out.ns3
47
48$PERL ../digcomp.pl dig1.good dig.out.ns2 || status=1
49
50$PERL ../digcomp.pl dig1.good dig.out.ns3 || status=1
51
52echo "I:testing TSIG signed zone transfers"
53$DIG $DIGOPTS tsigzone. \
54    	@10.53.0.2 axfr -y tsigzone.:1234abcd8765 -p 5300 \
55	> dig.out.ns2 || status=1
56grep "^;" dig.out.ns2
57
58#
59# Spin to allow the zone to tranfer.
60#
61for i in 1 2 3 4 5
62do
63tmp=0
64$DIG $DIGOPTS tsigzone. \
65    	@10.53.0.3 axfr -y tsigzone.:1234abcd8765 -p 5300 \
66	> dig.out.ns3 || tmp=1
67	grep "^;" dig.out.ns3 > /dev/null
68	if test $? -ne 0 ; then break; fi
69	echo "I: plain zone re-transfer"
70	sleep 5
71done
72if test $tmp -eq 1 ; then status=1; fi
73grep "^;" dig.out.ns3
74
75$PERL ../digcomp.pl dig.out.ns2 dig.out.ns3 || status=1
76
77echo "I:reload servers for in preparation for ixfr-from-differences tests"
78
79$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 reload 2>&1 | sed 's/^/I:ns1 /'
80$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 reload 2>&1 | sed 's/^/I:ns2 /'
81$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 reload 2>&1 | sed 's/^/I:ns3 /'
82$RNDC -c ../common/rndc.conf -s 10.53.0.6 -p 9953 reload 2>&1 | sed 's/^/I:ns6 /'
83$RNDC -c ../common/rndc.conf -s 10.53.0.7 -p 9953 reload 2>&1 | sed 's/^/I:ns7 /'
84
85sleep 2
86
87echo "I:updating master zones for ixfr-from-differences tests"
88
89$PERL -i -p -e '
90	s/0\.0\.0\.0/0.0.0.1/;
91	s/1397051952/1397051953/
92' ns1/slave.db
93
94$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 reload 2>&1 | sed 's/^/I:ns1 /'
95
96$PERL -i -p -e '
97	s/0\.0\.0\.0/0.0.0.1/;
98	s/1397051952/1397051953/
99' ns2/example.db
100
101$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 reload 2>&1 | sed 's/^/I:ns2 /'
102
103$PERL -i -p -e '
104	s/0\.0\.0\.0/0.0.0.1/;
105	s/1397051952/1397051953/
106' ns6/master.db
107
108$RNDC -c ../common/rndc.conf -s 10.53.0.6 -p 9953 reload 2>&1 | sed 's/^/I:ns6 /'
109
110$PERL -i -p -e '
111	s/0\.0\.0\.0/0.0.0.1/;
112	s/1397051952/1397051953/
113' ns7/master2.db
114
115$RNDC -c ../common/rndc.conf -s 10.53.0.7 -p 9953 reload 2>&1 | sed 's/^/I:ns7 /'
116
117sleep 3
118
119echo "I:testing zone is dumped after successful transfer"
120$DIG $DIGOPTS +noall +answer +multi @10.53.0.2 -p 5300 \
121	slave. soa > dig.out.ns2 || tmp=1
122grep "1397051952 ; serial" dig.out.ns2 > /dev/null 2>&1 || tmp=1
123grep "1397051952 ; serial" ns2/slave.db > /dev/null 2>&1 || tmp=1
124if test $tmp != 0 ; then echo "I:failed"; fi
125status=`expr $status + $tmp`
126
127echo "I:testing ixfr-from-differences yes;"
128tmp=0
129for i in 0 1 2 3 4 5 6 7 8 9
130do
131	$DIG $DIGOPTS @10.53.0.3 -p 5300 +noall +answer soa example > dig.out.soa.ns3
132	grep "1397051953" dig.out.soa.ns3 > /dev/null && break;
133	sleep 1
134done
135
136$DIG $DIGOPTS example. \
137	@10.53.0.3 axfr -p 5300 > dig.out.ns3 || tmp=1
138grep "^;" dig.out.ns3
139
140$PERL ../digcomp.pl dig2.good dig.out.ns3 || tmp=1
141
142# ns3 has a journal iff it received an IXFR.
143test -f ns3/example.bk || tmp=1
144test -f ns3/example.bk.jnl || tmp=1
145
146if test $tmp != 0 ; then echo "I:failed"; fi
147status=`expr $status + $tmp`
148
149echo "I:testing ixfr-from-differences master; (master zone)"
150tmp=0
151
152$DIG $DIGOPTS master. \
153	@10.53.0.6 axfr -p 5300 > dig.out.ns6 || tmp=1
154grep "^;" dig.out.ns6
155
156$DIG $DIGOPTS master. \
157	@10.53.0.3 axfr -p 5300 > dig.out.ns3 || tmp=1
158grep "^;" dig.out.ns3 && cat dig.out.ns3
159
160$PERL ../digcomp.pl dig.out.ns6 dig.out.ns3 || tmp=1
161
162# ns3 has a journal iff it received an IXFR.
163test -f ns3/master.bk || tmp=1
164test -f ns3/master.bk.jnl || tmp=1
165
166if test $tmp != 0 ; then echo "I:failed"; fi
167status=`expr $status + $tmp`
168
169echo "I:testing ixfr-from-differences master; (slave zone)"
170tmp=0
171
172$DIG $DIGOPTS slave. \
173	@10.53.0.6 axfr -p 5300 > dig.out.ns6 || tmp=1
174grep "^;" dig.out.ns6
175
176$DIG $DIGOPTS slave. \
177	@10.53.0.1 axfr -p 5300 > dig.out.ns1 || tmp=1
178grep "^;" dig.out.ns1
179
180$PERL ../digcomp.pl dig.out.ns6 dig.out.ns1 || tmp=1
181
182# ns6 has a journal iff it received an IXFR.
183test -f ns6/slave.bk || tmp=1
184test -f ns6/slave.bk.jnl && tmp=1
185
186if test $tmp != 0 ; then echo "I:failed"; fi
187status=`expr $status + $tmp`
188
189echo "I:testing ixfr-from-differences slave; (master zone)"
190tmp=0
191
192# ns7 has a journal iff it generates an IXFR.
193test -f ns7/master2.db || tmp=1
194test -f ns7/master2.db.jnl && tmp=1
195
196if test $tmp != 0 ; then echo "I:failed"; fi
197status=`expr $status + $tmp`
198echo "I:testing ixfr-from-differences slave; (slave zone)"
199tmp=0
200
201$DIG $DIGOPTS slave. \
202	@10.53.0.1 axfr -p 5300 > dig.out.ns1 || tmp=1
203grep "^;" dig.out.ns1
204
205$DIG $DIGOPTS slave. \
206	@10.53.0.7 axfr -p 5300 > dig.out.ns7 || tmp=1
207grep "^;" dig.out.ns1
208
209$PERL ../digcomp.pl dig.out.ns7 dig.out.ns1 || tmp=1
210
211# ns7 has a journal iff it generates an IXFR.
212test -f ns7/slave.bk || tmp=1
213test -f ns7/slave.bk.jnl || tmp=1
214
215if test $tmp != 0 ; then echo "I:failed"; fi
216status=`expr $status + $tmp`
217
218echo "I:check that a multi-message uncompressable zone transfers"
219$DIG axfr . -p 5300 @10.53.0.4 | grep SOA > axfr.out
220if test `wc -l < axfr.out` != 2
221then
222	 echo "I:failed"
223	 status=`expr $status + 1`
224fi
225
226# now we test transfers with assorted TSIG glitches
227DIGCMD="$DIG $DIGOPTS @10.53.0.4 -p 5300"
228SENDCMD="$PERL ../send.pl 10.53.0.5 5301"
229RNDCCMD="$RNDC -s 10.53.0.4 -p 9953 -c ../common/rndc.conf"
230
231echo "I:testing that incorrectly signed transfers will fail..."
232echo "I:initial correctly-signed transfer should succeed"
233
234$SENDCMD < ans5/goodaxfr
235sleep 1
236
237# Initially, ns4 is not authoritative for anything.
238# Now that ans is up and running with the right data, we make it
239# a slave for nil.
240
241cat <<EOF >>ns4/named.conf
242zone "nil" {
243	type slave;
244	file "nil.db";
245	masters { 10.53.0.5 key tsig_key; };
246};
247EOF
248
249$RNDCCMD reload | sed 's/^/I:ns4 /'
250
251
252for i in 0 1 2 3 4 5 6 7 8 9
253do
254	$DIGCMD nil. SOA > dig.out.ns4
255	grep SOA dig.out.ns4 > /dev/null && break
256	sleep 1
257done
258
259$DIGCMD nil. TXT | grep 'initial AXFR' >/dev/null || {
260    echo "I:failed"
261    status=1
262}
263
264echo "I:unsigned transfer"
265
266$SENDCMD < ans5/unsigned
267sleep 1
268
269$RNDCCMD retransfer nil | sed 's/^/I:ns4 /'
270
271sleep 2
272
273$DIGCMD nil. TXT | grep 'unsigned AXFR' >/dev/null && {
274    echo "I:failed"
275    status=1
276}
277
278echo "I:bad keydata"
279
280$SENDCMD < ans5/badkeydata
281sleep 1
282
283$RNDCCMD retransfer nil | sed 's/^/I:ns4 /'
284
285sleep 2
286
287$DIGCMD nil. TXT | grep 'bad keydata AXFR' >/dev/null && {
288    echo "I:failed"
289    status=1
290}
291
292echo "I:partially-signed transfer"
293
294$SENDCMD < ans5/partial
295sleep 1
296
297$RNDCCMD retransfer nil | sed 's/^/I:ns4 /'
298
299sleep 2
300
301$DIGCMD nil. TXT | grep 'partially signed AXFR' >/dev/null && {
302    echo "I:failed"
303    status=1
304}
305
306echo "I:unknown key"
307
308$SENDCMD < ans5/unknownkey
309sleep 1
310
311$RNDCCMD retransfer nil | sed 's/^/I:ns4 /'
312
313sleep 2
314
315$DIGCMD nil. TXT | grep 'unknown key AXFR' >/dev/null && {
316    echo "I:failed"
317    status=1
318}
319
320echo "I:incorrect key"
321
322$SENDCMD < ans5/wrongkey
323sleep 1
324
325$RNDCCMD retransfer nil | sed 's/^/I:ns4 /'
326
327sleep 2
328
329$DIGCMD nil. TXT | grep 'incorrect key AXFR' >/dev/null && {
330    echo "I:failed"
331    status=1
332}
333
334echo "I:exit status: $status"
335exit $status
336