1#!/bin/sh 2# 3# Copyright (C) Internet Systems Consortium, Inc. ("ISC") 4# 5# This Source Code Form is subject to the terms of the Mozilla Public 6# License, v. 2.0. If a copy of the MPL was not distributed with this 7# file, you can obtain one at https://mozilla.org/MPL/2.0/. 8# 9# See the COPYRIGHT file distributed with this work for additional 10# information regarding copyright ownership. 11 12SYSTEMTESTTOP=.. 13. $SYSTEMTESTTOP/conf.sh 14 15DIGOPTS="-p ${PORT}" 16RNDCCMD="$RNDC -c $SYSTEMTESTTOP/common/rndc.conf -p ${CONTROLPORT} -s" 17 18status=0 19n=0 20 21dotests() { 22 n=`expr $n + 1` 23 echo_i "test with RT, single zone (+rec) ($n)" 24 ret=0 25 $DIG $DIGOPTS +rec -t RT rt.rt.example @10.53.0.1 > dig.out.$n || ret=1 26 if [ $ret -eq 1 ] ; then 27 echo_i "failed"; status=`expr status + 1` 28 fi 29 30 n=`expr $n + 1` 31 echo_i "test with RT, two zones (+rec) ($n)" 32 ret=0 33 $DIG $DIGOPTS +rec -t RT rt.rt2.example @10.53.0.1 > dig.out.$n || ret=1 34 if [ $ret -eq 1 ] ; then 35 echo_i "failed"; status=`expr status + 1` 36 fi 37 38 n=`expr $n + 1` 39 echo_i "test with NAPTR, single zone (+rec) ($n)" 40 ret=0 41 $DIG $DIGOPTS +rec -t NAPTR nap.naptr.example @10.53.0.1 > dig.out.$n || ret=1 42 if [ $ret -eq 1 ] ; then 43 echo_i "failed"; status=`expr status + 1` 44 fi 45 46 n=`expr $n + 1` 47 echo_i "test with NAPTR, two zones (+rec) ($n)" 48 ret=0 49 $DIG $DIGOPTS +rec -t NAPTR nap.hang3b.example @10.53.0.1 > dig.out.$n || ret=1 50 if [ $ret -eq 1 ] ; then 51 echo_i "failed"; status=`expr status + 1` 52 fi 53 54 n=`expr $n + 1` 55 echo_i "test with LP (+rec) ($n)" 56 ret=0 57 $DIG $DIGOPTS +rec -t LP nid2.nid.example @10.53.0.1 > dig.out.$n || ret=1 58 case $minimal in 59 no) 60 grep -w "NS" dig.out.$n > /dev/null || ret=1 61 grep -w "L64" dig.out.$n > /dev/null || ret=1 62 grep -w "L32" dig.out.$n > /dev/null || ret=1 63 ;; 64 yes) 65 grep -w "NS" dig.out.$n > /dev/null && ret=1 66 grep -w "L64" dig.out.$n > /dev/null && ret=1 67 grep -w "L32" dig.out.$n > /dev/null && ret=1 68 ;; 69 no-auth) 70 grep -w "NS" dig.out.$n > /dev/null && ret=1 71 grep -w "L64" dig.out.$n > /dev/null || ret=1 72 grep -w "L32" dig.out.$n > /dev/null || ret=1 73 ;; 74 no-auth-recursive) 75 grep -w "NS" dig.out.$n > /dev/null && ret=1 76 grep -w "L64" dig.out.$n > /dev/null || ret=1 77 grep -w "L32" dig.out.$n > /dev/null || ret=1 78 ;; 79 esac 80 if [ $ret -eq 1 ] ; then 81 echo_i "failed"; status=`expr status + 1` 82 fi 83 84 n=`expr $n + 1` 85 echo_i "test with NID (+rec) ($n)" 86 ret=0 87 $DIG $DIGOPTS +rec -t NID ns1.nid.example @10.53.0.1 > dig.out.$n || ret=1 88 if [ $minimal = no ] ; then 89 # change && to || when we support NID additional processing 90 grep -w "L64" dig.out.$n > /dev/null && ret=1 91 grep -w "L32" dig.out.$n > /dev/null && ret=1 92 else 93 grep -w "L64" dig.out.$n > /dev/null && ret=1 94 grep -w "L32" dig.out.$n > /dev/null && ret=1 95 fi 96 if [ $ret -eq 1 ] ; then 97 echo_i "failed"; status=`expr status + 1` 98 fi 99 100 n=`expr $n + 1` 101 echo_i "test with NID + LP (+rec) ($n)" 102 ret=0 103 $DIG $DIGOPTS +rec -t NID nid2.nid.example @10.53.0.1 > dig.out.$n || ret=1 104 if [ $minimal = no ] ; then 105 # change && to || when we support NID additional processing 106 grep -w "LP" dig.out.$n > /dev/null && ret=1 107 grep -w "L64" dig.out.$n > /dev/null && ret=1 108 grep -w "L32" dig.out.$n > /dev/null && ret=1 109 else 110 grep -w "LP" dig.out.$n > /dev/null && ret=1 111 grep -w "L64" dig.out.$n > /dev/null && ret=1 112 grep -w "L32" dig.out.$n > /dev/null && ret=1 113 fi 114 if [ $ret -eq 1 ] ; then 115 echo_i "failed"; status=`expr status + 1` 116 fi 117 118 n=`expr $n + 1` 119 echo_i "test with RT, single zone (+norec) ($n)" 120 ret=0 121 $DIG $DIGOPTS +norec -t RT rt.rt.example @10.53.0.1 > dig.out.$n || ret=1 122 if [ $ret -eq 1 ] ; then 123 echo_i "failed"; status=`expr status + 1` 124 fi 125 126 n=`expr $n + 1` 127 echo_i "test with RT, two zones (+norec) ($n)" 128 ret=0 129 $DIG $DIGOPTS +norec -t RT rt.rt2.example @10.53.0.1 > dig.out.$n || ret=1 130 if [ $ret -eq 1 ] ; then 131 echo_i "failed"; status=`expr status + 1` 132 fi 133 134 n=`expr $n + 1` 135 echo_i "test with NAPTR, single zone (+norec) ($n)" 136 ret=0 137 $DIG $DIGOPTS +norec -t NAPTR nap.naptr.example @10.53.0.1 > dig.out.$n || ret=1 138 if [ $ret -eq 1 ] ; then 139 echo_i "failed"; status=`expr status + 1` 140 fi 141 142 n=`expr $n + 1` 143 echo_i "test with NAPTR, two zones (+norec) ($n)" 144 ret=0 145 $DIG $DIGOPTS +norec -t NAPTR nap.hang3b.example @10.53.0.1 > dig.out.$n || ret=1 146 if [ $ret -eq 1 ] ; then 147 echo_i "failed"; status=`expr status + 1` 148 fi 149 150 n=`expr $n + 1` 151 echo_i "test with LP (+norec) ($n)" 152 ret=0 153 $DIG $DIGOPTS +norec -t LP nid2.nid.example @10.53.0.1 > dig.out.$n || ret=1 154 case $minimal in 155 no) 156 grep -w "NS" dig.out.$n > /dev/null || ret=1 157 grep -w "L64" dig.out.$n > /dev/null || ret=1 158 grep -w "L32" dig.out.$n > /dev/null || ret=1 159 ;; 160 yes) 161 grep -w "NS" dig.out.$n > /dev/null && ret=1 162 grep -w "L64" dig.out.$n > /dev/null && ret=1 163 grep -w "L32" dig.out.$n > /dev/null && ret=1 164 ;; 165 no-auth) 166 grep -w "NS" dig.out.$n > /dev/null && ret=1 167 grep -w "L64" dig.out.$n > /dev/null || ret=1 168 grep -w "L32" dig.out.$n > /dev/null || ret=1 169 ;; 170 no-auth-recursive) 171 grep -w "NS" dig.out.$n > /dev/null || ret=1 172 grep -w "L64" dig.out.$n > /dev/null || ret=1 173 grep -w "L32" dig.out.$n > /dev/null || ret=1 174 ;; 175 esac 176 if [ $ret -eq 1 ] ; then 177 echo_i "failed"; status=`expr status + 1` 178 fi 179 180 n=`expr $n + 1` 181 echo_i "test with NID (+norec) ($n)" 182 ret=0 183 $DIG $DIGOPTS +norec -t NID ns1.nid.example @10.53.0.1 > dig.out.$n || ret=1 184 if [ $minimal = no ] ; then 185 # change && to || when we support NID additional processing 186 grep -w "L64" dig.out.$n > /dev/null && ret=1 187 grep -w "L32" dig.out.$n > /dev/null && ret=1 188 else 189 grep -w "L64" dig.out.$n > /dev/null && ret=1 190 grep -w "L32" dig.out.$n > /dev/null && ret=1 191 fi 192 if [ $ret -eq 1 ] ; then 193 echo_i "failed"; status=`expr status + 1` 194 fi 195 196 n=`expr $n + 1` 197 echo_i "test with NID + LP (+norec) ($n)" 198 ret=0 199 $DIG $DIGOPTS +norec -t NID nid2.nid.example @10.53.0.1 > dig.out.$n || ret=1 200 if [ $minimal = no ] ; then 201 # change && to || when we support NID additional processing 202 grep -w "LP" dig.out.$n > /dev/null && ret=1 203 grep -w "L64" dig.out.$n > /dev/null && ret=1 204 grep -w "L32" dig.out.$n > /dev/null && ret=1 205 else 206 grep -w "LP" dig.out.$n > /dev/null && ret=1 207 grep -w "L64" dig.out.$n > /dev/null && ret=1 208 grep -w "L32" dig.out.$n > /dev/null && ret=1 209 fi 210 if [ $ret -eq 1 ] ; then 211 echo_i "failed"; status=`expr status + 1` 212 fi 213 214 n=`expr $n + 1` 215 echo_i "test with NS, root zone ($n)" 216 ret=0 217 $DIG $DIGOPTS -t NS . @10.53.0.1 > dig.out.$n || ret=1 218 # Always expect glue for root priming queries, regardless $minimal 219 grep 'ADDITIONAL: 3' dig.out.$n > /dev/null || ret=1 220 if [ $ret -eq 1 ] ; then 221 echo_i "failed"; status=`expr status + 1` 222 fi 223 224 n=`expr $n + 1` 225 echo_i "test with NS, non-root zone ($n)" 226 ret=0 227 $DIG $DIGOPTS -t NS rt.example @10.53.0.1 > dig.out.$n || ret=1 228 case $minimal in 229 yes) 230 grep 'ADDITIONAL: 2' dig.out.$n > /dev/null || ret=1 231 ;; 232 no) 233 grep 'ADDITIONAL: 2' dig.out.$n > /dev/null || ret=1 234 ;; 235 no-auth) 236 grep 'ADDITIONAL: 2' dig.out.$n > /dev/null || ret=1 237 ;; 238 no-auth-recursive) 239 grep 'ADDITIONAL: 2' dig.out.$n > /dev/null || ret=1 240 ;; 241 esac 242 if [ $ret -eq 1 ] ; then 243 echo_i "failed"; status=`expr status + 1` 244 fi 245} 246 247echo_i "testing with 'minimal-responses yes;'" 248minimal=yes 249dotests 250 251echo_i "reconfiguring server: minimal-responses no" 252copy_setports ns1/named2.conf.in ns1/named.conf 253$RNDCCMD 10.53.0.1 reconfig 2>&1 | sed 's/^/ns1 /' | cat_i 254sleep 2 255 256echo_i "testing with 'minimal-responses no;'" 257minimal=no 258dotests 259 260n=`expr $n + 1` 261echo_i "testing with 'minimal-any no;' ($n)" 262ret=0 263$DIG $DIGOPTS -t ANY www.rt.example @10.53.0.1 > dig.out.$n || ret=1 264grep "ANSWER: 3, AUTHORITY: 1, ADDITIONAL: 2" dig.out.$n > /dev/null || ret=1 265if [ $ret -eq 1 ] ; then 266 echo_i "failed"; status=`expr status + 1` 267fi 268 269echo_i "reconfiguring server: minimal-any yes" 270copy_setports ns1/named3.conf.in ns1/named.conf 271$RNDCCMD 10.53.0.1 reconfig 2>&1 | sed 's/^/ns1 /' | cat_i 272sleep 2 273 274n=`expr $n + 1` 275echo_i "testing with 'minimal-any yes;' over UDP ($n)" 276ret=0 277$DIG $DIGOPTS -t ANY +notcp www.rt.example @10.53.0.1 > dig.out.$n || ret=1 278grep "ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1" dig.out.$n > /dev/null || ret=1 279if [ $ret -eq 1 ] ; then 280 echo_i "failed"; status=`expr status + 1` 281fi 282n=`expr $n + 1` 283 284echo_i "testing with 'minimal-any yes;' over TCP ($n)" 285ret=0 286$DIG $DIGOPTS -t ANY +tcp www.rt.example @10.53.0.1 > dig.out.$n || ret=1 287grep "ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1" dig.out.$n > /dev/null || ret=1 288if [ $ret -eq 1 ] ; then 289 echo_i "failed"; status=`expr status + 1` 290fi 291 292n=`expr $n + 1` 293echo_i "testing with 'minimal-any yes;' over UDP ($n)" 294ret=0 295$DIG $DIGOPTS -t ANY +notcp www.rt.example @10.53.0.1 > dig.out.$n || ret=1 296grep "ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1" dig.out.$n > /dev/null || ret=1 297if [ $ret -eq 1 ] ; then 298 echo_i "failed"; status=`expr status + 1` 299fi 300 301echo_i "testing with 'minimal-responses no-auth;'" 302minimal=no-auth 303dotests 304 305echo_i "reconfiguring server: minimal-responses no-auth-recursive" 306copy_setports ns1/named4.conf.in ns1/named.conf 307$RNDCCMD 10.53.0.1 reconfig 2>&1 | sed 's/^/ns1 /' | cat_i 308sleep 2 309 310echo_i "testing with 'minimal-responses no-auth-recursive;'" 311minimal=no-auth-recursive 312dotests 313 314n=`expr $n + 1` 315echo_i "testing returning TLSA records with MX query ($n)" 316ret=0 317$DIG $DIGOPTS -t mx mx.example @10.53.0.1 > dig.out.$n || ret=1 318grep "mx\.example\..*MX.0 mail\.mx\.example" dig.out.$n > /dev/null || ret=1 319grep "mail\.mx\.example\..*A.1\.2\.3\.4" dig.out.$n > /dev/null || ret=1 320grep "_25\._tcp\.mail\.mx\.example\..*TLSA.3 0 1 5B30F9602297D558EB719162C225088184FAA32CA45E1ED15DE58A21 D9FCE383" dig.out.$n > /dev/null || ret=1 321if [ $ret -eq 1 ] ; then 322 echo_i "failed"; status=`expr status + 1` 323fi 324 325n=`expr $n + 1` 326echo_i "testing returning TLSA records with SRV query ($n)" 327ret=0 328$DIG $DIGOPTS -t srv _xmpp-client._tcp.srv.example @10.53.0.1 > dig.out.$n || ret=1 329grep "_xmpp-client\._tcp\.srv\.example\..*SRV.1 0 5222 server\.srv\.example" dig.out.$n > /dev/null || ret=1 330grep "server\.srv\.example\..*A.1\.2\.3\.4" dig.out.$n > /dev/null || ret=1 331grep "_5222\._tcp\.server\.srv\.example\..*TLSA.3 0 1 5B30F9602297D558EB719162C225088184FAA32CA45E1ED15DE58A21 D9FCE383" dig.out.$n > /dev/null || ret=1 332if [ $ret -eq 1 ] ; then 333 echo_i "failed"; status=`expr status + 1` 334fi 335 336echo_i "reconfiguring server: minimal-responses no" 337copy_setports ns1/named2.conf.in ns1/named.conf 338$RNDCCMD 10.53.0.1 reconfig 2>&1 | sed 's/^/ns1 /' | cat_i 339sleep 2 340 341n=`expr $n + 1` 342echo_i "testing NS handling in ANY responses (authoritative) ($n)" 343ret=0 344$DIG $DIGOPTS -t ANY rt.example @10.53.0.1 > dig.out.$n || ret=1 345grep "AUTHORITY: 0" dig.out.$n > /dev/null || ret=1 346grep "NS[ ]*ns" dig.out.$n > /dev/null || ret=1 347if [ $ret -eq 1 ] ; then 348 echo_i "failed"; status=`expr status + 1` 349fi 350 351n=`expr $n + 1` 352echo_i "testing NS handling in ANY responses (recursive) ($n)" 353ret=0 354$DIG $DIGOPTS -t ANY rt.example @10.53.0.3 > dig.out.$n || ret=1 355grep "AUTHORITY: 0" dig.out.$n > /dev/null || ret=1 356grep "NS[ ]*ns" dig.out.$n > /dev/null || ret=1 357if [ $ret -eq 1 ] ; then 358 echo_i "failed"; status=`expr status + 1` 359fi 360 361echo_i "exit status: $status" 362[ $status -eq 0 ] || exit 1 363