1# #-- root_zonemd.test --# 2# source the master var file when it's there 3[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master 4# use .tpkg.var.test for in test variable passing 5[ -f .tpkg.var.test ] && source .tpkg.var.test 6 7PRE="../.." 8# do the test 9echo "> dig . SOA" 10dig @127.0.0.1 -p $UNBOUND_PORT . SOA | tee outfile 11echo "> check answer" 12if grep root-servers outfile | grep "nstld.verisign-grs.com"; then 13 echo "OK" 14else 15 echo "Not OK" 16 exit 1 17fi 18 19echo "> unbound-control status" 20$PRE/unbound-control -c ub.conf status 21if test $? -ne 0; then 22 echo "wrong exit value." 23 exit 1 24else 25 echo "exit value: OK" 26fi 27 28# This is the output when an unsupported algorithm is used. 29if grep "auth zone . zonemd DNSSEC verification of SOA and ZONEMD RRsets secure" unbound.log; then 30 echo "OK" 31else 32 echo "ZONEMD verification not OK" 33 exit 1 34fi 35if grep "auth-zone . ZONEMD hash is correct" unbound.log; then 36 echo "OK" 37else 38 echo "ZONEMD verification not OK" 39 exit 1 40fi 41if grep "auth zone . ZONEMD verification successful" unbound.log; then 42 echo "OK" 43else 44 echo "ZONEMD verification not OK" 45 exit 1 46fi 47 48echo "> unbound-control auth_zone_reload ." 49$PRE/unbound-control -c ub.conf auth_zone_reload . 2>&1 | tee outfile 50if test $? -ne 0; then 51 echo "wrong exit value." 52 exit 1 53fi 54# The output of the reload can be checked. 55echo "> check unbound-control output" 56if grep ".: ZONEMD verification successful" outfile; then 57 echo "OK" 58else 59 echo "Not OK" 60 exit 1 61fi 62 63exit 0 64