1#!/bin/sh 2# 3# Copyright (C) Internet Systems Consortium, Inc. ("ISC") 4# 5# This Source Code Form is subject to the terms of the Mozilla Public 6# License, v. 2.0. If a copy of the MPL was not distributed with this 7# file, You can obtain one at http://mozilla.org/MPL/2.0/. 8# 9# See the COPYRIGHT file distributed with this work for additional 10# information regarding copyright ownership. 11 12SYSTEMTESTTOP=.. 13. $SYSTEMTESTTOP/conf.sh 14 15DIGOPTS="-p ${PORT}" 16RNDCCMD="$RNDC -c $SYSTEMTESTTOP/common/rndc.conf -p ${CONTROLPORT} -s" 17 18status=0 19n=0 20 21dotests() { 22 n=`expr $n + 1` 23 echo_i "test with RT, single zone (+rec) ($n)" 24 ret=0 25 $DIG $DIGOPTS +rec -t RT rt.rt.example @10.53.0.1 > dig.out.$n || ret=1 26 if [ $ret -eq 1 ] ; then 27 echo_i "failed"; status=$((status+1)) 28 fi 29 30 n=`expr $n + 1` 31 echo_i "test with RT, two zones (+rec) ($n)" 32 ret=0 33 $DIG $DIGOPTS +rec -t RT rt.rt2.example @10.53.0.1 > dig.out.$n || ret=1 34 if [ $ret -eq 1 ] ; then 35 echo_i "failed"; status=$((status+1)) 36 fi 37 38 n=`expr $n + 1` 39 echo_i "test with NAPTR, single zone (+rec) ($n)" 40 ret=0 41 $DIG $DIGOPTS +rec -t NAPTR nap.naptr.example @10.53.0.1 > dig.out.$n || ret=1 42 if [ $ret -eq 1 ] ; then 43 echo_i "failed"; status=$((status+1)) 44 fi 45 46 n=`expr $n + 1` 47 echo_i "test with NAPTR, two zones (+rec) ($n)" 48 ret=0 49 $DIG $DIGOPTS +rec -t NAPTR nap.hang3b.example @10.53.0.1 > dig.out.$n || ret=1 50 if [ $ret -eq 1 ] ; then 51 echo_i "failed"; status=$((status+1)) 52 fi 53 54 n=`expr $n + 1` 55 echo_i "test with LP (+rec) ($n)" 56 ret=0 57 $DIG $DIGOPTS +rec -t LP nid2.nid.example @10.53.0.1 > dig.out.$n || ret=1 58 case $minimal in 59 no) 60 grep -w "NS" dig.out.$n > /dev/null || ret=1 61 grep -w "L64" dig.out.$n > /dev/null || ret=1 62 grep -w "L32" dig.out.$n > /dev/null || ret=1 63 ;; 64 yes) 65 grep -w "NS" dig.out.$n > /dev/null && ret=1 66 grep -w "L64" dig.out.$n > /dev/null && ret=1 67 grep -w "L32" dig.out.$n > /dev/null && ret=1 68 ;; 69 no-auth) 70 grep -w "NS" dig.out.$n > /dev/null && ret=1 71 grep -w "L64" dig.out.$n > /dev/null || ret=1 72 grep -w "L32" dig.out.$n > /dev/null || ret=1 73 ;; 74 no-auth-recursive) 75 grep -w "NS" dig.out.$n > /dev/null && ret=1 76 grep -w "L64" dig.out.$n > /dev/null || ret=1 77 grep -w "L32" dig.out.$n > /dev/null || ret=1 78 ;; 79 esac 80 if [ $ret -eq 1 ] ; then 81 echo_i "failed"; status=$((status+1)) 82 fi 83 84 n=`expr $n + 1` 85 echo_i "test with NID (+rec) ($n)" 86 ret=0 87 $DIG $DIGOPTS +rec -t NID ns1.nid.example @10.53.0.1 > dig.out.$n || ret=1 88 if [ $minimal = no ] ; then 89 # change && to || when we support NID additional processing 90 grep -w "L64" dig.out.$n > /dev/null && ret=1 91 grep -w "L32" dig.out.$n > /dev/null && ret=1 92 else 93 grep -w "L64" dig.out.$n > /dev/null && ret=1 94 grep -w "L32" dig.out.$n > /dev/null && ret=1 95 fi 96 if [ $ret -eq 1 ] ; then 97 echo_i "failed"; status=$((status+1)) 98 fi 99 100 n=`expr $n + 1` 101 echo_i "test with NID + LP (+rec) ($n)" 102 ret=0 103 $DIG $DIGOPTS +rec -t NID nid2.nid.example @10.53.0.1 > dig.out.$n || ret=1 104 if [ $minimal = no ] ; then 105 # change && to || when we support NID additional processing 106 grep -w "LP" dig.out.$n > /dev/null && ret=1 107 grep -w "L64" dig.out.$n > /dev/null && ret=1 108 grep -w "L32" dig.out.$n > /dev/null && ret=1 109 else 110 grep -w "LP" dig.out.$n > /dev/null && ret=1 111 grep -w "L64" dig.out.$n > /dev/null && ret=1 112 grep -w "L32" dig.out.$n > /dev/null && ret=1 113 fi 114 if [ $ret -eq 1 ] ; then 115 echo_i "failed"; status=$((status+1)) 116 fi 117 118 n=`expr $n + 1` 119 echo_i "test with RT, single zone (+norec) ($n)" 120 ret=0 121 $DIG $DIGOPTS +norec -t RT rt.rt.example @10.53.0.1 > dig.out.$n || ret=1 122 if [ $ret -eq 1 ] ; then 123 echo_i "failed"; status=$((status+1)) 124 fi 125 126 n=`expr $n + 1` 127 echo_i "test with RT, two zones (+norec) ($n)" 128 ret=0 129 $DIG $DIGOPTS +norec -t RT rt.rt2.example @10.53.0.1 > dig.out.$n || ret=1 130 if [ $ret -eq 1 ] ; then 131 echo_i "failed"; status=$((status+1)) 132 fi 133 134 n=`expr $n + 1` 135 echo_i "test with NAPTR, single zone (+norec) ($n)" 136 ret=0 137 $DIG $DIGOPTS +norec -t NAPTR nap.naptr.example @10.53.0.1 > dig.out.$n || ret=1 138 if [ $ret -eq 1 ] ; then 139 echo_i "failed"; status=$((status+1)) 140 fi 141 142 n=`expr $n + 1` 143 echo_i "test with NAPTR, two zones (+norec) ($n)" 144 ret=0 145 $DIG $DIGOPTS +norec -t NAPTR nap.hang3b.example @10.53.0.1 > dig.out.$n || ret=1 146 if [ $ret -eq 1 ] ; then 147 echo_i "failed"; status=$((status+1)) 148 fi 149 150 n=`expr $n + 1` 151 echo_i "test with LP (+norec) ($n)" 152 ret=0 153 $DIG $DIGOPTS +norec -t LP nid2.nid.example @10.53.0.1 > dig.out.$n || ret=1 154 case $minimal in 155 no) 156 grep -w "NS" dig.out.$n > /dev/null || ret=1 157 grep -w "L64" dig.out.$n > /dev/null || ret=1 158 grep -w "L32" dig.out.$n > /dev/null || ret=1 159 ;; 160 yes) 161 grep -w "NS" dig.out.$n > /dev/null && ret=1 162 grep -w "L64" dig.out.$n > /dev/null && ret=1 163 grep -w "L32" dig.out.$n > /dev/null && ret=1 164 ;; 165 no-auth) 166 grep -w "NS" dig.out.$n > /dev/null && ret=1 167 grep -w "L64" dig.out.$n > /dev/null || ret=1 168 grep -w "L32" dig.out.$n > /dev/null || ret=1 169 ;; 170 no-auth-recursive) 171 grep -w "NS" dig.out.$n > /dev/null || ret=1 172 grep -w "L64" dig.out.$n > /dev/null || ret=1 173 grep -w "L32" dig.out.$n > /dev/null || ret=1 174 ;; 175 esac 176 if [ $ret -eq 1 ] ; then 177 echo_i "failed"; status=$((status+1)) 178 fi 179 180 n=`expr $n + 1` 181 echo_i "test with NID (+norec) ($n)" 182 ret=0 183 $DIG $DIGOPTS +norec -t NID ns1.nid.example @10.53.0.1 > dig.out.$n || ret=1 184 if [ $minimal = no ] ; then 185 # change && to || when we support NID additional processing 186 grep -w "L64" dig.out.$n > /dev/null && ret=1 187 grep -w "L32" dig.out.$n > /dev/null && ret=1 188 else 189 grep -w "L64" dig.out.$n > /dev/null && ret=1 190 grep -w "L32" dig.out.$n > /dev/null && ret=1 191 fi 192 if [ $ret -eq 1 ] ; then 193 echo_i "failed"; status=$((status+1)) 194 fi 195 196 n=`expr $n + 1` 197 echo_i "test with NID + LP (+norec) ($n)" 198 ret=0 199 $DIG $DIGOPTS +norec -t NID nid2.nid.example @10.53.0.1 > dig.out.$n || ret=1 200 if [ $minimal = no ] ; then 201 # change && to || when we support NID additional processing 202 grep -w "LP" dig.out.$n > /dev/null && ret=1 203 grep -w "L64" dig.out.$n > /dev/null && ret=1 204 grep -w "L32" dig.out.$n > /dev/null && ret=1 205 else 206 grep -w "LP" dig.out.$n > /dev/null && ret=1 207 grep -w "L64" dig.out.$n > /dev/null && ret=1 208 grep -w "L32" dig.out.$n > /dev/null && ret=1 209 fi 210 if [ $ret -eq 1 ] ; then 211 echo_i "failed"; status=$((status+1)) 212 fi 213 214 n=`expr $n + 1` 215 echo_i "test with NS, root zone ($n)" 216 ret=0 217 $DIG $DIGOPTS -t NS . @10.53.0.1 > dig.out.$n || ret=1 218 # Always expect glue for root priming queries, regardless $minimal 219 grep 'ADDITIONAL: 3' dig.out.$n > /dev/null || ret=1 220 if [ $ret -eq 1 ] ; then 221 echo_i "failed"; status=$((status+1)) 222 fi 223 224 n=`expr $n + 1` 225 echo_i "test with NS, non-root zone ($n)" 226 ret=0 227 $DIG $DIGOPTS -t NS rt.example @10.53.0.1 > dig.out.$n || ret=1 228 case $minimal in 229 yes) 230 grep 'ADDITIONAL: 1' dig.out.$n > /dev/null || ret=1 231 ;; 232 no) 233 grep 'ADDITIONAL: 2' dig.out.$n > /dev/null || ret=1 234 ;; 235 no-auth) 236 grep 'ADDITIONAL: 2' dig.out.$n > /dev/null || ret=1 237 ;; 238 no-auth-recursive) 239 grep 'ADDITIONAL: 2' dig.out.$n > /dev/null || ret=1 240 ;; 241 esac 242 if [ $ret -eq 1 ] ; then 243 echo_i "failed"; status=$((status+1)) 244 fi 245} 246 247echo_i "testing with 'minimal-responses yes;'" 248minimal=yes 249dotests 250 251echo_i "reconfiguring server: minimal-responses no" 252copy_setports ns1/named2.conf.in ns1/named.conf 253rndc_reconfig ns1 10.53.0.1 254 255echo_i "testing with 'minimal-responses no;'" 256minimal=no 257dotests 258 259n=`expr $n + 1` 260echo_i "testing with 'minimal-any no;' ($n)" 261ret=0 262$DIG $DIGOPTS -t ANY www.rt.example @10.53.0.1 > dig.out.$n || ret=1 263grep "ANSWER: 3, AUTHORITY: 2, ADDITIONAL: 2" dig.out.$n > /dev/null || ret=1 264if [ $ret -eq 1 ] ; then 265 echo_i "failed"; status=$((status+1)) 266fi 267 268echo_i "reconfiguring server: minimal-any yes" 269copy_setports ns1/named3.conf.in ns1/named.conf 270rndc_reconfig ns1 10.53.0.1 271 272n=`expr $n + 1` 273echo_i "testing with 'minimal-any yes;' over UDP ($n)" 274ret=0 275$DIG $DIGOPTS -t ANY +notcp www.rt.example @10.53.0.1 > dig.out.$n || ret=1 276grep "ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1" dig.out.$n > /dev/null || ret=1 277if [ $ret -eq 1 ] ; then 278 echo_i "failed"; status=$((status+1)) 279fi 280n=`expr $n + 1` 281 282echo_i "testing with 'minimal-any yes;' over TCP ($n)" 283ret=0 284$DIG $DIGOPTS -t ANY +tcp www.rt.example @10.53.0.1 > dig.out.$n || ret=1 285grep "ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1" dig.out.$n > /dev/null || ret=1 286if [ $ret -eq 1 ] ; then 287 echo_i "failed"; status=$((status+1)) 288fi 289 290n=`expr $n + 1` 291echo_i "testing with 'minimal-any yes;' over UDP ($n)" 292ret=0 293$DIG $DIGOPTS -t ANY +notcp www.rt.example @10.53.0.1 > dig.out.$n || ret=1 294grep "ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1" dig.out.$n > /dev/null || ret=1 295if [ $ret -eq 1 ] ; then 296 echo_i "failed"; status=$((status+1)) 297fi 298 299echo_i "testing with 'minimal-responses no-auth;'" 300minimal=no-auth 301dotests 302 303echo_i "reconfiguring server: minimal-responses no-auth-recursive" 304copy_setports ns1/named4.conf.in ns1/named.conf 305rndc_reconfig ns1 10.53.0.1 306 307echo_i "testing with 'minimal-responses no-auth-recursive;'" 308minimal=no-auth-recursive 309dotests 310 311n=`expr $n + 1` 312echo_i "testing returning TLSA records with MX query ($n)" 313ret=0 314$DIG $DIGOPTS -t mx mx.example @10.53.0.1 > dig.out.$n || ret=1 315grep "mx\.example\..*MX.0 mail\.mx\.example" dig.out.$n > /dev/null || ret=1 316grep "mail\.mx\.example\..*A.1\.2\.3\.4" dig.out.$n > /dev/null || ret=1 317grep "_25\._tcp\.mail\.mx\.example\..*TLSA.3 0 1 5B30F9602297D558EB719162C225088184FAA32CA45E1ED15DE58A21 D9FCE383" dig.out.$n > /dev/null || ret=1 318if [ $ret -eq 1 ] ; then 319 echo_i "failed"; status=$((status+1)) 320fi 321 322n=`expr $n + 1` 323echo_i "testing returning TLSA records with SRV query ($n)" 324ret=0 325$DIG $DIGOPTS -t srv _xmpp-client._tcp.srv.example @10.53.0.1 > dig.out.$n || ret=1 326grep "_xmpp-client\._tcp\.srv\.example\..*SRV.1 0 5222 server\.srv\.example" dig.out.$n > /dev/null || ret=1 327grep "server\.srv\.example\..*A.1\.2\.3\.4" dig.out.$n > /dev/null || ret=1 328grep "_5222\._tcp\.server\.srv\.example\..*TLSA.3 0 1 5B30F9602297D558EB719162C225088184FAA32CA45E1ED15DE58A21 D9FCE383" dig.out.$n > /dev/null || ret=1 329if [ $ret -eq 1 ] ; then 330 echo_i "failed"; status=$((status+1)) 331fi 332 333echo_i "reconfiguring server: minimal-responses no" 334copy_setports ns1/named2.conf.in ns1/named.conf 335rndc_reconfig ns1 10.53.0.1 336 337n=`expr $n + 1` 338echo_i "testing NS handling in ANY responses (authoritative) ($n)" 339ret=0 340$DIG $DIGOPTS -t ANY rt.example @10.53.0.1 > dig.out.$n || ret=1 341grep "AUTHORITY: 0" dig.out.$n > /dev/null || ret=1 342grep "NS[ ]*ns" dig.out.$n > /dev/null || ret=1 343if [ $ret -eq 1 ] ; then 344 echo_i "failed"; status=$((status+1)) 345fi 346 347n=`expr $n + 1` 348echo_i "testing NS handling in ANY responses (recursive) ($n)" 349ret=0 350$DIG $DIGOPTS -t ANY rt.example @10.53.0.3 > dig.out.$n || ret=1 351grep "AUTHORITY: 0" dig.out.$n > /dev/null || ret=1 352grep "NS[ ]*ns" dig.out.$n > /dev/null || ret=1 353if [ $ret -eq 1 ] ; then 354 echo_i "failed"; status=$((status+1)) 355fi 356 357n=`expr $n + 1` 358echo_i "testing out-of-zone additional data from auth zones (authoritative) ($n)" 359ret=0 360$DIG $DIGOPTS -t NS rt.example @10.53.0.1 > dig.out.$n || ret=1 361grep "ADDITIONAL: 2" dig.out.$n > /dev/null || ret=1 362if [ $ret -eq 1 ] ; then 363 echo_i "failed"; status=$((status+1)) 364fi 365 366n=`expr $n + 1` 367echo_i "testing out-of-zone additional data from auth zones (recursive) ($n)" 368ret=0 369$DIG $DIGOPTS -t NS ex @10.53.0.3 > dig.out.$n || ret=1 370grep "ADDITIONAL: 3" dig.out.$n > /dev/null || ret=1 371if [ $ret -eq 1 ] ; then 372 echo_i "failed"; status=$((status+1)) 373fi 374 375echo_i "exit status: $status" 376[ $status -eq 0 ] || exit 1 377