tests.sh revision 1.1.1.5
1#!/bin/sh 2# 3# Copyright (C) Internet Systems Consortium, Inc. ("ISC") 4# 5# This Source Code Form is subject to the terms of the Mozilla Public 6# License, v. 2.0. If a copy of the MPL was not distributed with this 7# file, you can obtain one at https://mozilla.org/MPL/2.0/. 8# 9# See the COPYRIGHT file distributed with this work for additional 10# information regarding copyright ownership. 11 12SYSTEMTESTTOP=.. 13. $SYSTEMTESTTOP/conf.sh 14 15DIGOPTS="+tcp +nosea +nostat +nocmd +norec +noques +noauth +noadd +nostats +dnssec -p ${PORT}" 16RNDCCMD="$RNDC -c $SYSTEMTESTTOP/common/rndc.conf -p ${CONTROLPORT} -s" 17 18check_zonestatus() ( 19 $RNDCCMD "10.53.0.$1" zonestatus -redirect > "zonestatus.out.ns$1.$n" && 20 grep "type: redirect" "zonestatus.out.ns$1.$n" > /dev/null && 21 grep "serial: 1" "zonestatus.out.ns$1.$n" > /dev/null 22) 23 24status=0 25n=0 26 27echo_i "checking normally loaded zone ($n)" 28ret=0 29$DIG $DIGOPTS @10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret=1 30grep 'status: NOERROR' dig.out.ns2.$n > /dev/null || ret=1 31grep '^a.normal.example' dig.out.ns2.$n > /dev/null || ret=1 32n=`expr $n + 1` 33if [ $ret != 0 ]; then echo_i "failed"; fi 34status=`expr $status + $ret` 35 36# When LMDB support is compiled in, this tests that migration from 37# NZF to NZD occurs during named startup 38echo_i "checking previously added zone ($n)" 39ret=0 40$DIG $DIGOPTS @10.53.0.2 a.previous.example a > dig.out.ns2.$n || ret=1 41grep 'status: NOERROR' dig.out.ns2.$n > /dev/null || ret=1 42grep '^a.previous.example' dig.out.ns2.$n > /dev/null || ret=1 43n=`expr $n + 1` 44if [ $ret != 0 ]; then echo_i "failed"; fi 45status=`expr $status + $ret` 46 47if [ -n "$NZD" ]; then 48 echo_i "checking that existing NZF file was renamed after migration ($n)" 49 [ -e ns2/3bf305731dd26307.nzf~ ] || ret=1 50 n=`expr $n + 1` 51 if [ $ret != 0 ]; then echo_i "failed"; fi 52 status=`expr $status + $ret` 53fi 54 55echo_i "adding new zone ($n)" 56ret=0 57$RNDCCMD 10.53.0.2 addzone 'added.example { type primary; file "added.db"; };' 2>&1 | sed 's/^/I:ns2 /' 58_check_adding_new_zone () ( 59 $DIG $DIGOPTS @10.53.0.2 a.added.example a > dig.out.ns2.$n && 60 grep 'status: NOERROR' dig.out.ns2.$n > /dev/null && 61 grep '^a.added.example' dig.out.ns2.$n > /dev/null 62) 63retry_quiet 10 _check_adding_new_zone || ret=1 64n=`expr $n + 1` 65if [ $ret != 0 ]; then echo_i "failed"; fi 66status=`expr $status + $ret` 67 68nextpart ns2/named.run >/dev/null 69echo_i "checking addzone errors are logged correctly" 70ret=0 71$RNDCCMD 10.53.0.2 addzone bad.example '{ type mister; };' 2>&1 | grep 'unexpected token' > /dev/null 2>&1 || ret=1 72wait_for_log_peek 20 "addzone: 'mister' unexpected" ns2/named.run || ret=1 73n=`expr $n + 1` 74if [ $ret != 0 ]; then echo_i "failed"; fi 75status=`expr $status + $ret` 76 77nextpart ns2/named.run >/dev/null 78echo_i "checking modzone errors are logged correctly" 79ret=0 80$RNDCCMD 10.53.0.2 modzone added.example '{ type mister; };' 2>&1 | grep 'unexpected token' > /dev/null 2>&1 || ret=1 81wait_for_log_peek 20 "modzone: 'mister' unexpected" ns2/named.run || ret=1 82n=`expr $n + 1` 83if [ $ret != 0 ]; then echo_i "failed"; fi 84status=`expr $status + $ret` 85 86echo_i "adding a zone that requires quotes ($n)" 87ret=0 88$RNDCCMD 10.53.0.2 addzone '"32/1.0.0.127-in-addr.added.example" { 89check-names ignore; type primary; file "added.db"; };' 2>&1 | sed 's/^/I:ns2 /' 90_check_zone_that_requires_quotes() ( 91 $DIG $DIGOPTS @10.53.0.2 "a.32/1.0.0.127-in-addr.added.example" a > dig.out.ns2.$n && 92 grep 'status: NOERROR' dig.out.ns2.$n > /dev/null && 93 grep '^a.32/1.0.0.127-in-addr.added.example' dig.out.ns2.$n > /dev/null 94) 95retry_quiet 10 _check_zone_that_requires_quotes || ret=1 96n=`expr $n + 1` 97if [ $ret != 0 ]; then echo_i "failed"; fi 98status=`expr $status + $ret` 99 100echo_i "adding a zone with a quote in the name ($n)" 101ret=0 102$RNDCCMD 10.53.0.2 addzone '"foo\"bar.example" { check-names ignore; type primary; file "added.db"; };' 2>&1 | sed 's/^/I:ns2 /' 103_check_zone_with_a_quote() ( 104 $DIG $DIGOPTS @10.53.0.2 "a.foo\"bar.example" a > dig.out.ns2.$n && 105 grep 'status: NOERROR' dig.out.ns2.$n > /dev/null && 106 grep '^a.foo\\"bar.example' dig.out.ns2.$n > /dev/null 107) 108retry_quiet 10 _check_zone_with_a_quote || ret=1 109n=`expr $n + 1` 110if [ $ret != 0 ]; then echo_i "failed"; fi 111status=`expr $status + $ret` 112 113echo_i "adding new zone with missing file ($n)" 114ret=0 115$DIG $DIGOPTS +all @10.53.0.2 a.missing.example a > dig.out.ns2.pre.$n || ret=1 116grep "status: REFUSED" dig.out.ns2.pre.$n > /dev/null || ret=1 117$RNDCCMD 10.53.0.2 addzone 'missing.example { type primary; file "missing.db"; };' 2> rndc.out.ns2.$n 118grep "file not found" rndc.out.ns2.$n > /dev/null || ret=1 119$DIG $DIGOPTS +all @10.53.0.2 a.missing.example a > dig.out.ns2.post.$n || ret=1 120grep "status: REFUSED" dig.out.ns2.post.$n > /dev/null || ret=1 121digcomp dig.out.ns2.pre.$n dig.out.ns2.post.$n || ret=1 122n=`expr $n + 1` 123if [ $ret != 0 ]; then echo_i "failed"; fi 124status=`expr $status + $ret` 125 126if [ -z "$NZD" ]; then 127 echo_i "verifying no comments in NZF file ($n)" 128 ret=0 129 hcount=`grep "^# New zone file for view: _default" ns2/3bf305731dd26307.nzf | wc -l` 130 [ $hcount -eq 0 ] || ret=1 131 n=`expr $n + 1` 132 if [ $ret != 0 ]; then echo_i "failed"; fi 133 status=`expr $status + $ret` 134fi 135 136echo_i "checking rndc showzone with previously added zone ($n)" 137ret=0 138$RNDCCMD 10.53.0.2 showzone previous.example > rndc.out.ns2.$n 139expected='zone "previous.example" { type primary; file "previous.db"; };' 140[ "`cat rndc.out.ns2.$n`" = "$expected" ] || ret=1 141n=`expr $n + 1` 142if [ $ret != 0 ]; then echo_i "failed"; fi 143status=`expr $status + $ret` 144 145if [ -n "$NZD" ]; then 146 echo_i "checking zone is present in NZD ($n)" 147 ret=0 148 $NZD2NZF ns2/_default.nzd | grep previous.example > /dev/null || ret=1 149 if [ $ret != 0 ]; then echo_i "failed"; fi 150 status=`expr $status + $ret` 151fi 152 153echo_i "deleting previously added zone ($n)" 154ret=0 155$RNDCCMD 10.53.0.2 delzone previous.example 2>&1 | sed 's/^/I:ns2 /' 156_check_deleting_previously_added_zone() ( 157 $DIG $DIGOPTS @10.53.0.2 a.previous.example a > dig.out.ns2.$n && 158 grep 'status: REFUSED' dig.out.ns2.$n > /dev/null && 159 ! grep '^a.previous.example' dig.out.ns2.$n > /dev/null 160) 161retry_quiet 10 _check_deleting_previously_added_zone || ret=1 162n=`expr $n + 1` 163if [ $ret != 0 ]; then echo_i "failed"; fi 164status=`expr $status + $ret` 165 166check_nzd2nzf() ( 167 $NZD2NZF ns2/_default.nzd > nzd2nzf.out.$n && 168 ! grep previous.example nzd2nzf.out.$n > /dev/null 169) 170 171if [ -n "$NZD" ]; then 172 echo_i "checking zone was deleted from NZD ($n)" 173 retry_quiet 10 check_nzd2nzf || ret=1 174 if [ $ret != 0 ]; then echo_i "failed"; fi 175 status=`expr $status + $ret` 176fi 177 178if [ -z "$NZD" ]; then 179 echo_i "checking NZF file now has comment ($n)" 180 ret=0 181 hcount=`grep "^# New zone file for view: _default" ns2/3bf305731dd26307.nzf | wc -l` 182 [ $hcount -eq 1 ] || ret=1 183 n=`expr $n + 1` 184 if [ $ret != 0 ]; then echo_i "failed"; fi 185 status=`expr $status + $ret` 186fi 187 188echo_i "deleting newly added zone added.example ($n)" 189ret=0 190$RNDCCMD 10.53.0.2 delzone added.example 2>&1 | sed 's/^/I:ns2 /' 191_check_deleting_newly_added_zone() ( 192 $DIG $DIGOPTS @10.53.0.2 a.added.example a > dig.out.ns2.$n && 193 grep 'status: REFUSED' dig.out.ns2.$n > /dev/null && 194 ! grep '^a.added.example' dig.out.ns2.$n > /dev/null 195) 196retry_quiet 10 _check_deleting_newly_added_zone || ret=1 197n=`expr $n + 1` 198if [ $ret != 0 ]; then echo_i "failed"; fi 199status=`expr $status + $ret` 200 201echo_i "deleting newly added zone with escaped quote ($n)" 202ret=0 203$RNDCCMD 10.53.0.2 delzone "foo\\\"bar.example" 2>&1 | sed 's/^/I:ns2 /' 204_check_deleting_newly_added_zone_quote() ( 205 $DIG $DIGOPTS @10.53.0.2 "a.foo\"bar.example" a > dig.out.ns2.$n && 206 grep 'status: REFUSED' dig.out.ns2.$n > /dev/null && 207 ! grep "^a.foo\"bar.example" dig.out.ns2.$n > /dev/null 208) 209retry_quiet 10 _check_deleting_newly_added_zone_quote || ret=1 210n=`expr $n + 1` 211if [ $ret != 0 ]; then echo_i "failed"; fi 212status=`expr $status + $ret` 213 214echo_i "checking rndc showzone with a normally-loaded zone ($n)" 215ret=0 216$RNDCCMD 10.53.0.2 showzone normal.example > rndc.out.ns2.$n 217expected='zone "normal.example" { type primary; file "normal.db"; };' 218[ "`cat rndc.out.ns2.$n`" = "$expected" ] || ret=1 219n=`expr $n + 1` 220if [ $ret != 0 ]; then echo_i "failed"; fi 221status=`expr $status + $ret` 222 223echo_i "checking rndc showzone with a normally-loaded zone with trailing dot ($n)" 224ret=0 225$RNDCCMD 10.53.0.2 showzone finaldot.example > rndc.out.ns2.$n 226expected='zone "finaldot.example." { type primary; file "normal.db"; };' 227[ "`cat rndc.out.ns2.$n`" = "$expected" ] || ret=1 228n=`expr $n + 1` 229if [ $ret != 0 ]; then echo_i "failed"; fi 230status=`expr $status + $ret` 231 232echo_i "checking rndc showzone with a normally-loaded redirect zone ($n)" 233ret=0 234$RNDCCMD 10.53.0.1 showzone -redirect > rndc.out.ns1.$n 235expected='zone "." { type redirect; file "redirect.db"; };' 236[ "`cat rndc.out.ns1.$n`" = "$expected" ] || ret=1 237n=`expr $n + 1` 238if [ $ret != 0 ]; then echo_i "failed"; fi 239status=`expr $status + $ret` 240 241echo_i "checking rndc zonestatus with a normally-loaded redirect zone ($n)" 242ret=0 243$RNDCCMD 10.53.0.1 zonestatus -redirect > rndc.out.ns1.$n 244grep "type: redirect" rndc.out.ns1.$n > /dev/null || ret=1 245grep "serial: 0" rndc.out.ns1.$n > /dev/null || ret=1 246n=`expr $n + 1` 247if [ $ret != 0 ]; then echo_i "failed"; fi 248status=`expr $status + $ret` 249 250echo_i "checking rndc reload with a normally-loaded redirect zone ($n)" 251ret=0 252sleep 1 253cp -f ns1/redirect.db.2 ns1/redirect.db 254$RNDCCMD 10.53.0.1 reload -redirect > rndc.out.ns1.$n 255retry_quiet 5 check_zonestatus 1 || ret=1 256n=`expr $n + 1` 257if [ $ret != 0 ]; then echo_i "failed"; fi 258status=`expr $status + $ret` 259 260echo_i "delete a normally-loaded zone ($n)" 261ret=0 262$RNDCCMD 10.53.0.2 delzone normal.example > rndc.out.ns2.$n 2>&1 263grep "is no longer active and will be deleted" rndc.out.ns2.$n > /dev/null || ret=11 264grep "To keep it from returning when the server is restarted" rndc.out.ns2.$n > /dev/null || ret=1 265grep "must also be removed from named.conf." rndc.out.ns2.$n > /dev/null || ret=1 266_check_delete_normally_loaded_zone() ( 267 $DIG $DIGOPTS @10.53.0.2 a.normal.example a > dig.out.ns2.$n && 268 grep 'status: REFUSED' dig.out.ns2.$n > /dev/null 269) 270retry_quiet 5 _check_delete_normally_loaded_zone || ret=1 271 272n=`expr $n + 1` 273if [ $ret != 0 ]; then echo_i "failed"; fi 274status=`expr $status + $ret` 275 276echo_i "attempting to add primary zone with inline signing ($n)" 277$RNDCCMD 10.53.0.2 addzone 'inline.example { type primary; file "inline.db"; inline-signing yes; };' 2>&1 | sed 's/^/I:ns2 /' 278_check_add_primary_zone_with_inline() ( 279 $DIG $DIGOPTS @10.53.0.2 a.inline.example a > dig.out.ns2.$n && 280 grep 'status: NOERROR' dig.out.ns2.$n > /dev/null && 281 grep '^a.inline.example' dig.out.ns2.$n > /dev/null 282) 283retry_quiet 5 _check_add_primary_zone_with_inline || ret=1 284n=`expr $n + 1` 285if [ $ret != 0 ]; then echo_i "failed"; fi 286status=`expr $status + $ret` 287 288echo_i "attempting to add primary zone with inline signing and missing file ($n)" 289ret=0 290$RNDCCMD 10.53.0.2 addzone 'inlinemissing.example { type primary; file "missing.db"; inline-signing yes; };' 2> rndc.out.ns2.$n 291grep "file not found" rndc.out.ns2.$n > /dev/null || ret=1 292n=`expr $n + 1` 293if [ $ret != 0 ]; then echo_i "failed"; fi 294status=`expr $status + $ret` 295 296echo_i "attempting to add secondary zone with inline signing ($n)" 297$RNDCCMD 10.53.0.2 addzone 'inlinesec.example { type secondary; primaries { 10.53.0.1; }; file "inlinesec.bk"; inline-signing yes; };' 2>&1 | sed 's/^/I:ns2 /' 298_check_add_secondary_with_inline() ( 299 $DIG $DIGOPTS @10.53.0.2 a.inlinesec.example a > dig.out.ns2.$n && 300 grep 'status: NOERROR' dig.out.ns2.$n > /dev/null && 301 grep '^a.inlinesec.example' dig.out.ns2.$n > /dev/null 302) 303retry_quiet 5 _check_add_secondary_with_inline || ret=1 304n=`expr $n + 1` 305if [ $ret != 0 ]; then echo_i "failed"; fi 306status=`expr $status + $ret` 307 308echo_i "attempting to delete secondary zone with inline signing ($n)" 309ret=0 310retry_quiet 10 test -f ns2/inlinesec.bk.signed -a -f ns2/inlinesec.bk || ret=1 311$RNDCCMD 10.53.0.2 delzone inlinesec.example > rndc.out2.test$n 2>&1 || ret=1 312test -f inlinesec.bk || 313grep '^inlinesec.bk$' rndc.out2.test$n > /dev/null || { 314 echo_i "failed to report inlinesec.bk"; ret=1; 315} 316test ! -f inlinesec.bk.signed || 317grep '^inlinesec.bk.signed$' rndc.out2.test$n > /dev/null || { 318 echo_i "failed to report inlinesec.bk.signed"; ret=1; 319} 320n=`expr $n + 1` 321status=`expr $status + $ret` 322 323echo_i "restoring secondary zone with inline signing ($n)" 324$RNDCCMD 10.53.0.2 addzone 'inlinesec.example { type secondary; primaries { 10.53.0.1; }; file "inlinesec.bk"; inline-signing yes; };' 2>&1 | sed 's/^/I:ns2 /' 325_check_restoring_secondary_with_inline() ( 326 $DIG $DIGOPTS @10.53.0.2 a.inlinesec.example a > dig.out.ns2.$n && 327 grep 'status: NOERROR' dig.out.ns2.$n > /dev/null && 328 grep '^a.inlinesec.example' dig.out.ns2.$n > /dev/null 329) 330retry_quiet 5 _check_restoring_secondary_with_inline || ret=1 331n=`expr $n + 1` 332if [ $ret != 0 ]; then echo_i "failed"; fi 333status=`expr $status + $ret` 334 335echo_i "deleting secondary zone with automatic zone file removal ($n)" 336ret=0 337retry_quiet 10 test -f ns2/inlinesec.bk.signed -a -f ns2/inlinesec.bk || ret=1 338$RNDCCMD 10.53.0.2 delzone -clean inlinesec.example > /dev/null 2>&1 339retry_quiet 10 test ! -f ns2/inlinesec.bk.signed -a ! -f ns2/inlinesec.bk 340n=`expr $n + 1` 341status=`expr $status + $ret` 342 343echo_i "modifying zone configuration ($n)" 344ret=0 345$RNDCCMD 10.53.0.2 addzone 'mod.example { type primary; file "added.db"; };' 2>&1 | sed 's/^/ns2 /' | cat_i 346$DIG +norec $DIGOPTS @10.53.0.2 mod.example ns > dig.out.ns2.1.$n || ret=1 347grep 'status: NOERROR' dig.out.ns2.1.$n > /dev/null || ret=1 348$RNDCCMD 10.53.0.2 modzone 'mod.example { type primary; file "added.db"; allow-query { none; }; };' 2>&1 | sed 's/^/ns2 /' | cat_i 349$DIG +norec $DIGOPTS @10.53.0.2 mod.example ns > dig.out.ns2.2.$n || ret=1 350$RNDCCMD 10.53.0.2 showzone mod.example | grep 'allow-query { "none"; };' > /dev/null 2>&1 || ret=1 351n=`expr $n + 1` 352if [ $ret != 0 ]; then echo_i "failed"; fi 353status=`expr $status + $ret` 354 355echo_i "check that adding a 'stub' zone works ($n)" 356ret=0 357$RNDCCMD 10.53.0.2 addzone 'stub.example { type stub; primaries { 1.2.3.4; }; file "stub.example.bk"; };' > rndc.out.ns2.$n 2>&1 || ret=1 358n=`expr $n + 1` 359if [ $ret != 0 ]; then echo_i "failed"; fi 360status=`expr $status + $ret` 361 362echo_i "check that adding a 'static-stub' zone works ($n)" 363ret=0 364$RNDCCMD 10.53.0.2 addzone 'static-stub.example { type static-stub; server-addresses { 1.2.3.4; }; };' > rndc.out.ns2.$n 2>&1 || ret=1 365n=`expr $n + 1` 366if [ $ret != 0 ]; then echo_i "failed"; fi 367status=`expr $status + $ret` 368 369echo_i "check that adding a 'primary redirect' zone works ($n)" 370ret=0 371$RNDCCMD 10.53.0.2 addzone '"." { type redirect; file "redirect.db"; };' > rndc.out.ns2.$n 2>&1 || ret=1 372_check_add_primary_redirect() ( 373 $RNDCCMD 10.53.0.2 showzone -redirect > showzone.out.ns2.$n 2>&1 && 374 grep "type redirect;" showzone.out.ns2.$n > /dev/null && 375 $RNDCCMD 10.53.0.2 zonestatus -redirect > zonestatus.out.ns2.$n 2>&1 && 376 grep "type: redirect" zonestatus.out.ns2.$n > /dev/null && 377 grep "serial: 0" zonestatus.out.ns2.$n > /dev/null 378) 379retry_quiet 10 _check_add_primary_redirect || ret=1 380n=`expr $n + 1` 381if [ $ret != 0 ]; then echo_i "failed"; fi 382status=`expr $status + $ret` 383 384echo_i "check that reloading a added 'primary redirect' zone works ($n)" 385ret=0 386sleep 1 387cp -f ns2/redirect.db.2 ns2/redirect.db 388$RNDCCMD 10.53.0.2 reload -redirect > rndc.out.ns2.$n 389retry_quiet 10 check_zonestatus 2 || ret=1 390n=`expr $n + 1` 391if [ $ret != 0 ]; then echo_i "failed"; fi 392status=`expr $status + $ret` 393 394echo_i "check that retransfer of a added 'primary redirect' zone fails ($n)" 395ret=0 396$RNDCCMD 10.53.0.2 retransfer -redirect > rndc.out.ns2.$n 2>&1 && ret=1 397n=`expr $n + 1` 398if [ $ret != 0 ]; then echo_i "failed"; fi 399status=`expr $status + $ret` 400 401echo_i "check that deleting a 'primary redirect' zone works ($n)" 402ret=0 403$RNDCCMD 10.53.0.2 delzone -redirect > rndc.out.ns2.$n 2>&1 || ret=1 404_check_deleting_primary_redirect() ( 405 $RNDCCMD 10.53.0.2 showzone -redirect > showzone.out.ns2.$n 2>&1 || true 406 grep 'not found' showzone.out.ns2.$n > /dev/null 407) 408retry_quiet 10 _check_deleting_primary_redirect || ret=1 409n=`expr $n + 1` 410if [ $ret != 0 ]; then echo_i "failed"; fi 411status=`expr $status + $ret` 412 413echo_i "check that adding a 'secondary redirect' zone works ($n)" 414ret=0 415$RNDCCMD 10.53.0.2 addzone '"." { type redirect; primaries { 10.53.0.3;}; file "redirect.bk"; };' > rndc.out.ns2.$n 2>&1 || ret=1 416_check_adding_secondary_redirect() ( 417 $RNDCCMD 10.53.0.2 showzone -redirect > showzone.out.ns2.$n 2>&1 && 418 grep "type redirect;" showzone.out.ns2.$n > /dev/null && 419 $RNDCCMD 10.53.0.2 zonestatus -redirect > zonestatus.out.ns2.$n 2>&1 && 420 grep "type: redirect" zonestatus.out.ns2.$n > /dev/null && 421 grep "serial: 0" zonestatus.out.ns2.$n > /dev/null 422) 423retry_quiet 10 _check_adding_secondary_redirect || ret=1 424n=`expr $n + 1` 425if [ $ret != 0 ]; then echo_i "failed"; fi 426status=`expr $status + $ret` 427 428echo_i "check that retransfering a added 'secondary redirect' zone works ($n)" 429ret=0 430cp -f ns3/redirect.db.2 ns3/redirect.db 431$RNDCCMD 10.53.0.3 reload . > showzone.out.ns3.$n 2>&1 || ret=1 432_check_retransfering_secondary_redirect() ( 433 $RNDCCMD 10.53.0.2 retransfer -redirect > rndc.out.ns2.$n 2>&1 && 434 $RNDCCMD 10.53.0.2 zonestatus -redirect > zonestatus.out.ns2.$n 2>&1 && 435 grep "type: redirect" zonestatus.out.ns2.$n > /dev/null && 436 grep "serial: 1" zonestatus.out.ns2.$n > /dev/null 437) 438retry_quiet 10 _check_retransfering_secondary_redirect || ret=1 439n=`expr $n + 1` 440if [ $ret != 0 ]; then echo_i "failed"; fi 441status=`expr $status + $ret` 442 443echo_i "check that deleting a 'secondary redirect' zone works ($n)" 444ret=0 445$RNDCCMD 10.53.0.2 delzone -redirect > rndc.out.ns2.$n 2>&1 || ret=1 446_check_deleting_secondary_redirect() ( 447 $RNDCCMD 10.53.0.2 showzone -redirect > showzone.out.ns2.$n 2>&1 || true 448 grep 'not found' showzone.out.ns2.$n > /dev/null 449) 450retry_quiet 10 _check_deleting_secondary_redirect || ret=1 451n=`expr $n + 1` 452if [ $ret != 0 ]; then echo_i "failed"; fi 453status=`expr $status + $ret` 454 455echo_i "check that zone type 'hint' is properly rejected ($n)" 456ret=0 457$RNDCCMD 10.53.0.2 addzone '"." { type hint; file "hints.db"; };' > rndc.out.ns2.$n 2>&1 && ret=1 458grep "zones not supported by addzone" rndc.out.ns2.$n > /dev/null || ret=1 459n=`expr $n + 1` 460if [ $ret != 0 ]; then echo_i "failed"; fi 461status=`expr $status + $ret` 462 463echo_i "check that zone type 'forward' is properly rejected ($n)" 464ret=0 465$RNDCCMD 10.53.0.2 addzone 'forward.example { type forward; forwarders { 1.2.3.4; }; forward only; };' > rndc.out.ns2.$n 2>&1 && ret=1 466grep "zones not supported by addzone" rndc.out.ns2.$n > /dev/null || ret=1 467n=`expr $n + 1` 468if [ $ret != 0 ]; then echo_i "failed"; fi 469status=`expr $status + $ret` 470 471echo_i "check that zone type 'delegation-only' is properly rejected ($n)" 472ret=0 473$RNDCCMD 10.53.0.2 addzone 'delegation-only.example { type delegation-only; };' > rndc.out.ns2.$n 2>&1 && ret=1 474grep "zones not supported by addzone" rndc.out.ns2.$n > /dev/null || ret=1 475n=`expr $n + 1` 476if [ $ret != 0 ]; then echo_i "failed"; fi 477status=`expr $status + $ret` 478 479echo_i "check that 'in-view' zones are properly rejected ($n)" 480ret=0 481$RNDCCMD 10.53.0.2 addzone 'in-view.example { in-view "_default"; };' > rndc.out.ns2.$n 2>&1 && ret=1 482grep "zones not supported by addzone" rndc.out.ns2.$n > /dev/null || ret=1 483n=`expr $n + 1` 484if [ $ret != 0 ]; then echo_i "failed"; fi 485status=`expr $status + $ret` 486 487echo_i "reconfiguring server with multiple views" 488rm -f ns2/named.conf 489copy_setports ns2/named2.conf.in ns2/named.conf 490rndc_reconfig ns2 10.53.0.2 491 492echo_i "adding new zone to external view ($n)" 493# NOTE: The internal view has "recursion yes" set, and so queries for 494# nonexistent zones should return NOERROR. The external view is 495# "recursion no", so queries for nonexistent zones should return 496# REFUSED. This behavior should be the same regardless of whether 497# the zone does not exist because a) it has not yet been loaded, b) 498# it failed to load, or c) it has been deleted. 499ret=0 500$DIG +norec $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.added.example a > dig.out.ns2.intpre.$n || ret=1 501grep 'status: NOERROR' dig.out.ns2.intpre.$n > /dev/null || ret=1 502$DIG +norec $DIGOPTS @10.53.0.4 -b 10.53.0.4 a.added.example a > dig.out.ns2.extpre.$n || ret=1 503grep 'status: REFUSED' dig.out.ns2.extpre.$n > /dev/null || ret=1 504$RNDCCMD 10.53.0.2 addzone 'added.example in external { type primary; file "added.db"; };' 2>&1 | sed 's/^/I:ns2 /' 505$DIG +norec $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.added.example a > dig.out.ns2.int.$n || ret=1 506grep 'status: NOERROR' dig.out.ns2.int.$n > /dev/null || ret=1 507$DIG +norec $DIGOPTS @10.53.0.4 -b 10.53.0.4 a.added.example a > dig.out.ns2.ext.$n || ret=1 508grep 'status: NOERROR' dig.out.ns2.ext.$n > /dev/null || ret=1 509grep '^a.added.example' dig.out.ns2.ext.$n > /dev/null || ret=1 510n=`expr $n + 1` 511if [ $ret != 0 ]; then echo_i "failed"; fi 512status=`expr $status + $ret` 513 514if [ -z "$NZD" ]; then 515 echo_i "checking new NZF file has comment ($n)" 516 ret=0 517 hcount=`grep "^# New zone file for view: external" ns2/external.nzf | wc -l` 518 [ $hcount -eq 1 ] || ret=1 519 n=`expr $n + 1` 520 if [ $ret != 0 ]; then echo_i "failed"; fi 521 status=`expr $status + $ret` 522fi 523 524if [ -n "$NZD" ]; then 525 echo_i "verifying added.example in external view created an external.nzd DB ($n)" 526 ret=0 527 [ -e ns2/external.nzd ] || ret=1 528 n=`expr $n + 1` 529 if [ $ret != 0 ]; then echo_i "failed"; fi 530 status=`expr $status + $ret` 531fi 532 533echo_i "checking rndc reload causes named to reload the external view's new zone config ($n)" 534ret=0 535$RNDCCMD 10.53.0.2 reload 2>&1 | sed 's/^/ns2 /' | cat_i 536_check_rndc_reload_external_view_config() ( 537 $DIG +norec $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.added.example a > dig.out.ns2.int.$n && 538 grep 'status: NOERROR' dig.out.ns2.int.$n > /dev/null && 539 $DIG +norec $DIGOPTS @10.53.0.4 -b 10.53.0.4 a.added.example a > dig.out.ns2.ext.$n && 540 grep 'status: NOERROR' dig.out.ns2.ext.$n > /dev/null && 541 grep '^a.added.example' dig.out.ns2.ext.$n > /dev/null 542) 543retry_quiet 10 _check_rndc_reload_external_view_config || ret=1 544n=`expr $n + 1` 545if [ $ret != 0 ]; then echo_i "failed"; fi 546status=`expr $status + $ret` 547 548echo_i "checking rndc showzone with newly added zone ($n)" 549_check_rndc_showzone_newly_added() ( 550 if [ -z "$NZD" ]; then 551 expected='zone "added.example" in external { type primary; file "added.db"; };' 552 else 553 expected='zone "added.example" { type primary; file "added.db"; };' 554 fi 555 $RNDCCMD 10.53.0.2 showzone added.example in external > rndc.out.ns2.$n 2>/dev/null && 556 [ "`cat rndc.out.ns2.$n`" = "$expected" ] 557) 558retry_quiet 10 _check_rndc_showzone_newly_added || ret=1 559n=`expr $n + 1` 560if [ $ret != 0 ]; then echo_i "failed"; fi 561status=`expr $status + $ret` 562 563echo_i "deleting newly added zone ($n)" 564ret=0 565$RNDCCMD 10.53.0.2 delzone 'added.example in external' 2>&1 | sed 's/^/I:ns2 /' 566_check_deleting_newly_added_zone() ( 567 $DIG $DIGOPTS @10.53.0.4 -b 10.53.0.4 a.added.example a > dig.out.ns2.$n && 568 grep 'status: REFUSED' dig.out.ns2.$n > /dev/null && 569 ! grep '^a.added.example' dig.out.ns2.$n > /dev/null 570) 571retry_quiet 10 _check_deleting_newly_added_zone || ret=1 572n=`expr $n + 1` 573if [ $ret != 0 ]; then echo_i "failed"; fi 574status=`expr $status + $ret` 575 576echo_i "attempting to add zone to internal view ($n)" 577ret=0 578$DIG +norec $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.added.example a > dig.out.ns2.pre.$n || ret=1 579grep 'status: NOERROR' dig.out.ns2.pre.$n > /dev/null || ret=1 580$RNDCCMD 10.53.0.2 addzone 'added.example in internal { type primary; file "added.db"; };' 2> rndc.out.ns2.$n 581grep "permission denied" rndc.out.ns2.$n > /dev/null || ret=1 582$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.added.example a > dig.out.ns2.int.$n || ret=1 583grep 'status: NOERROR' dig.out.ns2.int.$n > /dev/null || ret=1 584$DIG $DIGOPTS @10.53.0.4 -b 10.53.0.4 a.added.example a > dig.out.ns2.ext.$n || ret=1 585grep 'status: REFUSED' dig.out.ns2.ext.$n > /dev/null || ret=1 586n=`expr $n + 1` 587if [ $ret != 0 ]; then echo_i "failed"; fi 588status=`expr $status + $ret` 589 590echo_i "attempting to delete a policy zone ($n)" 591ret=0 592$RNDCCMD 10.53.0.2 delzone 'policy in internal' 2> rndc.out.ns2.$n >&1 593grep 'cannot be deleted' rndc.out.ns2.$n > /dev/null || ret=1 594n=`expr $n + 1` 595if [ $ret != 0 ]; then echo_i "failed"; fi 596status=`expr $status + $ret` 597 598echo_i "adding new zone again to external view ($n)" 599ret=0 600$RNDCCMD 10.53.0.2 addzone 'added.example in external { type primary; file "added.db"; };' 2>&1 | sed 's/^/I:ns2 /' 601_check_adding_new_zone_again_external() ( 602 $DIG +norec $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.added.example a > dig.out.ns2.int.$n && 603 grep 'status: NOERROR' dig.out.ns2.int.$n > /dev/null && 604 $DIG +norec $DIGOPTS @10.53.0.4 -b 10.53.0.4 a.added.example a > dig.out.ns2.ext.$n && 605 grep 'status: NOERROR' dig.out.ns2.ext.$n > /dev/null && 606 grep '^a.added.example' dig.out.ns2.ext.$n > /dev/null 607) 608retry_quiet 10 _check_adding_new_zone_again_external || ret=1 609n=`expr $n + 1` 610if [ $ret != 0 ]; then echo_i "failed"; fi 611status=`expr $status + $ret` 612 613echo_i "reconfiguring server with multiple views and new-zones-directory" 614rm -f ns2/named.conf 615copy_setports ns2/named3.conf.in ns2/named.conf 616rndc_reconfig ns2 10.53.0.2 617 618echo_i "checking new zone is still loaded after dir change ($n)" 619ret=0 620$DIG +norec $DIGOPTS @10.53.0.4 -b 10.53.0.4 a.added.example a > dig.out.ns2.ext.$n || ret=1 621grep 'status: NOERROR' dig.out.ns2.ext.$n > /dev/null || ret=1 622grep '^a.added.example' dig.out.ns2.ext.$n > /dev/null || ret=1 623n=`expr $n + 1` 624if [ $ret != 0 ]; then echo_i "failed"; fi 625status=`expr $status + $ret` 626 627echo_i "deleting newly added zone from external ($n)" 628ret=0 629$RNDCCMD 10.53.0.2 delzone 'added.example in external' 2>&1 | sed 's/^/I:ns2 /' 630$DIG $DIGOPTS @10.53.0.4 -b 10.53.0.4 a.added.example a > dig.out.ns2.$n || ret=1 631grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1 632grep '^a.added.example' dig.out.ns2.$n > /dev/null && ret=1 633n=`expr $n + 1` 634if [ $ret != 0 ]; then echo_i "failed"; fi 635status=`expr $status + $ret` 636 637echo_i "adding new zone to directory view ($n)" 638ret=0 639$DIG +norec $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.added.example a > dig.out.ns2.intpre.$n || ret=1 640grep 'status: NOERROR' dig.out.ns2.intpre.$n > /dev/null || ret=1 641$DIG +norec $DIGOPTS @10.53.0.4 -b 10.53.0.4 a.added.example a > dig.out.ns2.extpre.$n || ret=1 642grep 'status: REFUSED' dig.out.ns2.extpre.$n > /dev/null || ret=1 643$DIG +norec $DIGOPTS @10.53.0.5 -b 10.53.0.5 a.added.example a > dig.out.ns2.dirpre.$n || ret=1 644grep 'status: REFUSED' dig.out.ns2.dirpre.$n > /dev/null || ret=1 645$RNDCCMD 10.53.0.2 addzone 'added.example in directory { type primary; file "added.db"; };' 2>&1 | sed 's/^/I:ns2 /' 646$DIG +norec $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.added.example a > dig.out.ns2.int.$n || ret=1 647grep 'status: NOERROR' dig.out.ns2.int.$n > /dev/null || ret=1 648$DIG +norec $DIGOPTS @10.53.0.4 -b 10.53.0.4 a.added.example a > dig.out.ns2.ext.$n || ret=1 649grep 'status: REFUSED' dig.out.ns2.ext.$n > /dev/null || ret=1 650$DIG +norec $DIGOPTS @10.53.0.5 -b 10.53.0.5 a.added.example a > dig.out.ns2.dir.$n || ret=1 651grep 'status: NOERROR' dig.out.ns2.dir.$n > /dev/null || ret=1 652grep '^a.added.example' dig.out.ns2.dir.$n > /dev/null || ret=1 653n=`expr $n + 1` 654if [ $ret != 0 ]; then echo_i "failed"; fi 655status=`expr $status + $ret` 656 657if [ -n "$NZD" ]; then 658 echo_i "checking NZD file was created in new-zones-directory ($n)" 659 expect=ns2/new-zones/directory.nzd 660else 661 echo_i "checking NZF file was created in new-zones-directory ($n)" 662 expect=ns2/new-zones/directory.nzf 663fi 664$RNDCCMD 10.53.0.2 sync 'added.example IN directory' 2>&1 | sed 's/^/I:ns2 /' 665sleep 2 666[ -e "$expect" ] || ret=1 667n=`expr $n + 1` 668if [ $ret != 0 ]; then echo_i "failed"; fi 669status=`expr $status + $ret` 670 671echo_i "deleting newly added zone from directory ($n)" 672ret=0 673$RNDCCMD 10.53.0.2 delzone 'added.example in directory' 2>&1 | sed 's/^/I:ns2 /' 674$DIG $DIGOPTS @10.53.0.5 -b 10.53.0.5 a.added.example a > dig.out.ns2.$n || ret=1 675grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1 676grep '^a.added.example' dig.out.ns2.$n > /dev/null && ret=1 677n=`expr $n + 1` 678if [ $ret != 0 ]; then echo_i "failed"; fi 679status=`expr $status + $ret` 680 681echo_i "ensure the configuration context is cleaned up correctly ($n)" 682ret=0 683rndc_reconfig ns2 10.53.0.2 684$RNDCCMD 10.53.0.2 status > /dev/null 2>&1 || ret=1 685n=`expr $n + 1` 686if [ $ret != 0 ]; then echo_i "failed"; fi 687status=`expr $status + $ret` 688 689echo_i "check delzone after reconfig failure ($n)" 690ret=0 691$RNDCCMD 10.53.0.3 addzone 'inlinesec.example. IN { type secondary; file "inlinesec.db"; masterfile-format text; primaries { test; }; };' > /dev/null 2>&1 || ret=1 692copy_setports ns3/named2.conf.in ns3/named.conf 693rndc_reconfig ns3 10.53.0.3 694$RNDCCMD 10.53.0.3 delzone inlinesec.example > /dev/null 2>&1 || ret=1 695n=`expr $n + 1` 696if [ $ret != 0 ]; then echo_i "failed"; fi 697status=`expr $status + $ret` 698 699if ! $FEATURETEST --with-lmdb 700then 701 echo_i "check that addzone is fully reversed on failure (--with-lmdb=no) ($n)" 702 ret=0 703 $RNDCCMD 10.53.0.3 addzone "test1.baz" '{ type primary; file "e.db"; };' > /dev/null 2>&1 || ret=1 704 $RNDCCMD 10.53.0.3 addzone "test2.baz" '{ type primary; file "dne.db"; };' > /dev/null 2>&1 && ret=1 705 $RNDCCMD 10.53.0.3 addzone "test3.baz" '{ type primary; file "e.db"; };' > /dev/null 2>&1 || ret=1 706 $RNDCCMD 10.53.0.3 delzone "test3.baz" > /dev/null 2>&1 || ret=1 707 grep test2.baz ns3/_default.nzf > /dev/null && ret=1 708 n=`expr $n + 1` 709 if [ $ret != 0 ]; then echo_i "failed"; fi 710 status=`expr $status + $ret` 711fi 712 713_check_version_bind() ( 714 $DIG $DIGOPTS @10.53.0.3 version.bind txt ch > dig.out.test$n && 715 grep "status: NOERROR" dig.out.test$n > /dev/null 716) 717 718echo_i "check that named restarts with multiple added zones ($n)" 719ret=0 720$RNDCCMD 10.53.0.3 addzone "test4.baz" '{ type primary; file "e.db"; };' > /dev/null 2>&1 || ret=1 721$RNDCCMD 10.53.0.3 addzone "test5.baz" '{ type primary; file "e.db"; };' > /dev/null 2>&1 || ret=1 722$RNDCCMD 10.53.0.3 addzone '"test/.baz"' '{ type primary; check-names ignore; file "e.db"; };' > /dev/null 2>&1 || ret=1 723$RNDCCMD 10.53.0.3 addzone '"test\".baz"' '{ type primary; check-names ignore; file "e.db"; };' > /dev/null 2>&1 || ret=1 724$RNDCCMD 10.53.0.3 addzone '"test\\.baz"' '{ type primary; check-names ignore; file "e.db"; };' > /dev/null 2>&1 || ret=1 725$RNDCCMD 10.53.0.3 addzone '"test\032.baz"' '{ type primary; check-names ignore; file "e.db"; };' > /dev/null 2>&1 || ret=1 726$RNDCCMD 10.53.0.3 addzone '"test\010.baz"' '{ type primary; check-names ignore; file "e.db"; };' > /dev/null 2>&1 || ret=1 727$PERL $SYSTEMTESTTOP/stop.pl addzone ns3 728$PERL $SYSTEMTESTTOP/start.pl --noclean --restart --port ${PORT} addzone ns3 || ret=1 729retry_quiet 10 _check_version_bind || ret=1 730$DIG $DIGOPTS @10.53.0.3 SOA "test4.baz" > dig.out.1.test$n || ret=1 731grep "status: NOERROR" dig.out.1.test$n > /dev/null || ret=1 732grep "ANSWER: 1," dig.out.1.test$n > /dev/null || ret=1 733$DIG $DIGOPTS @10.53.0.3 SOA "test5.baz" > dig.out.2.test$n || ret=1 734grep "status: NOERROR" dig.out.2.test$n > /dev/null || ret=1 735grep "ANSWER: 1," dig.out.2.test$n > /dev/null || ret=1 736$DIG $DIGOPTS @10.53.0.3 SOA 'test/.baz' > dig.out.3.test$n || ret=1 737grep "status: NOERROR" dig.out.3.test$n > /dev/null || ret=1 738grep "ANSWER: 1," dig.out.3.test$n > /dev/null || ret=1 739$DIG $DIGOPTS @10.53.0.3 SOA 'test\\.baz' > dig.out.4.test$n || ret=1 740grep "status: NOERROR" dig.out.4.test$n > /dev/null || ret=1 741grep "ANSWER: 1," dig.out.4.test$n > /dev/null || ret=1 742$DIG $DIGOPTS @10.53.0.3 SOA 'test\032.baz' > dig.out.5.test$n || ret=1 743grep "status: NOERROR" dig.out.5.test$n > /dev/null || ret=1 744grep "ANSWER: 1," dig.out.5.test$n > /dev/null || ret=1 745$DIG $DIGOPTS @10.53.0.3 SOA 'test\010.baz' > dig.out.6.test$n || ret=1 746grep "status: NOERROR" dig.out.6.test$n > /dev/null || ret=1 747grep "ANSWER: 1," dig.out.6.test$n > /dev/null || ret=1 748if [ $ret != 0 ]; then echo_i "failed"; fi 749status=`expr $status + $ret` 750n=`expr $n + 1` 751 752echo_i "exit status: $status" 753[ $status -eq 0 ] || exit 1 754