tests.sh revision 1.1.1.10
1#!/bin/sh 2 3# Copyright (C) Internet Systems Consortium, Inc. ("ISC") 4# 5# SPDX-License-Identifier: MPL-2.0 6# 7# This Source Code Form is subject to the terms of the Mozilla Public 8# License, v. 2.0. If a copy of the MPL was not distributed with this 9# file, you can obtain one at https://mozilla.org/MPL/2.0/. 10# 11# See the COPYRIGHT file distributed with this work for additional 12# information regarding copyright ownership. 13 14SYSTEMTESTTOP=.. 15. $SYSTEMTESTTOP/conf.sh 16 17DIGOPTS="+tcp +noadd +nosea +nostat +noquest +nocomm +nocmd" 18DIGOPTS="" 19DIGCMD="$DIG $DIGOPTS -p ${PORT}" 20RNDCCMD="$RNDC -p ${CONTROLPORT} -c ../common/rndc.conf -s" 21 22status=0 23n=0 24 25n=`expr $n + 1` 26echo_i "preparing ($n)" 27ret=0 28$NSUPDATE -p ${PORT} -k ns2/session.key > /dev/null 2>&1 <<END || ret=1 29server 10.53.0.2 30zone nil. 31update add text1.nil. 600 IN TXT "addition 1" 32send 33zone other. 34update add text1.other. 600 IN TXT "addition 1" 35send 36END 37[ -s ns2/nil.db.jnl ] || { 38 echo_i "'test -s ns2/nil.db.jnl' failed when it shouldn't have"; ret=1; 39} 40[ -s ns2/other.db.jnl ] || { 41 echo_i "'test -s ns2/other.db.jnl' failed when it shouldn't have"; ret=1; 42} 43if [ $ret != 0 ]; then echo_i "failed"; fi 44status=`expr $status + $ret` 45 46echo_i "rndc freeze" 47$RNDCCMD 10.53.0.2 freeze | sed 's/^/ns2 /' | cat_i 48 49n=`expr $n + 1` 50echo_i "checking zone was dumped ($n)" 51ret=0 52for i in 1 2 3 4 5 6 7 8 9 10 53do 54 grep "addition 1" ns2/nil.db > /dev/null && break 55 sleep 1 56done 57grep "addition 1" ns2/nil.db > /dev/null 2>&1 || ret=1 58if [ $ret != 0 ]; then echo_i "failed"; fi 59status=`expr $status + $ret` 60 61n=`expr $n + 1` 62echo_i "checking journal file is still present ($n)" 63ret=0 64[ -s ns2/nil.db.jnl ] || { 65 echo_i "'test -s ns2/nil.db.jnl' failed when it shouldn't have"; ret=1; 66} 67if [ $ret != 0 ]; then echo_i "failed"; fi 68status=`expr $status + $ret` 69 70n=`expr $n + 1` 71echo_i "checking zone not writable ($n)" 72ret=0 73$NSUPDATE -p ${PORT} -k ns2/session.key > /dev/null 2>&1 <<END && ret=1 74server 10.53.0.2 75zone nil. 76update add text2.nil. 600 IN TXT "addition 2" 77send 78END 79 80$DIGCMD @10.53.0.2 text2.nil. TXT > dig.out.1.test$n 81grep 'addition 2' dig.out.1.test$n >/dev/null && ret=1 82if [ $ret != 0 ]; then echo_i "failed"; fi 83status=`expr $status + $ret` 84 85echo_i "rndc thaw" 86$RNDCCMD 10.53.0.2 thaw | sed 's/^/ns2 /' | cat_i 87 88n=`expr $n + 1` 89echo_i "checking zone now writable ($n)" 90ret=0 91$NSUPDATE -p ${PORT} -k ns2/session.key > nsupdate.out.1.test$n 2>&1 <<END || ret=1 92server 10.53.0.2 93zone nil. 94update add text3.nil. 600 IN TXT "addition 3" 95send 96END 97$DIGCMD @10.53.0.2 text3.nil. TXT > dig.out.1.test$n 98grep 'addition 3' dig.out.1.test$n >/dev/null || ret=1 99if [ $ret != 0 ]; then echo_i "failed"; fi 100status=`expr $status + $ret` 101 102echo_i "rndc sync" 103ret=0 104$RNDCCMD 10.53.0.2 sync nil | sed 's/^/ns2 /' | cat_i 105 106n=`expr $n + 1` 107echo_i "checking zone was dumped ($n)" 108ret=0 109for i in 1 2 3 4 5 6 7 8 9 10 110do 111 grep "addition 3" ns2/nil.db > /dev/null && break 112 sleep 1 113done 114grep "addition 3" ns2/nil.db > /dev/null 2>&1 || ret=1 115if [ $ret != 0 ]; then echo_i "failed"; fi 116status=`expr $status + $ret` 117 118n=`expr $n + 1` 119echo_i "checking journal file is still present ($n)" 120ret=0 121[ -s ns2/nil.db.jnl ] || { 122 echo_i "'test -s ns2/nil.db.jnl' failed when it shouldn't have"; ret=1; 123} 124if [ $ret != 0 ]; then echo_i "failed"; fi 125status=`expr $status + $ret` 126 127n=`expr $n + 1` 128echo_i "checking zone is still writable ($n)" 129ret=0 130$NSUPDATE -p ${PORT} -k ns2/session.key > nsupdate.out.1.test$n 2>&1 <<END || ret=1 131server 10.53.0.2 132zone nil. 133update add text4.nil. 600 IN TXT "addition 4" 134send 135END 136 137$DIGCMD @10.53.0.2 text4.nil. TXT > dig.out.1.test$n 138grep 'addition 4' dig.out.1.test$n > /dev/null || ret=1 139if [ $ret != 0 ]; then echo_i "failed"; fi 140status=`expr $status + $ret` 141 142echo_i "rndc sync -clean" 143ret=0 144$RNDCCMD 10.53.0.2 sync -clean nil | sed 's/^/ns2 /' | cat_i 145 146n=`expr $n + 1` 147echo_i "checking zone was dumped ($n)" 148ret=0 149for i in 1 2 3 4 5 6 7 8 9 10 150do 151 grep "addition 4" ns2/nil.db > /dev/null && break 152 sleep 1 153done 154grep "addition 4" ns2/nil.db > /dev/null 2>&1 || ret=1 155if [ $ret != 0 ]; then echo_i "failed"; fi 156status=`expr $status + $ret` 157 158n=`expr $n + 1` 159echo_i "checking journal file is deleted ($n)" 160ret=0 161[ -s ns2/nil.db.jnl ] && { 162 echo_i "'test -s ns2/nil.db.jnl' failed when it shouldn't have"; ret=1; 163} 164if [ $ret != 0 ]; then echo_i "failed"; fi 165status=`expr $status + $ret` 166 167n=`expr $n + 1` 168echo_i "checking zone is still writable ($n)" 169ret=0 170$NSUPDATE -p ${PORT} -k ns2/session.key > /dev/null 2>&1 <<END || ret=1 171server 10.53.0.2 172zone nil. 173update add text5.nil. 600 IN TXT "addition 5" 174send 175END 176 177$DIGCMD @10.53.0.2 text4.nil. TXT > dig.out.1.test$n 178grep 'addition 4' dig.out.1.test$n >/dev/null || ret=1 179if [ $ret != 0 ]; then echo_i "failed"; fi 180status=`expr $status + $ret` 181 182n=`expr $n + 1` 183echo_i "checking other journal files not removed ($n)" 184ret=0 185[ -s ns2/other.db.jnl ] || { 186 echo_i "'test -s ns2/other.db.jnl' failed when it shouldn't have"; ret=1; 187} 188if [ $ret != 0 ]; then echo_i "failed"; fi 189status=`expr $status + $ret` 190 191echo_i "cleaning all zones ($n)" 192$RNDCCMD 10.53.0.2 sync -clean | sed 's/^/ns2 /' | cat_i 193 194n=`expr $n + 1` 195echo_i "checking all journals removed ($n)" 196ret=0 197[ -s ns2/nil.db.jnl ] && { 198 echo_i "'test -s ns2/nil.db.jnl' succeeded when it shouldn't have"; ret=1; 199} 200[ -s ns2/other.db.jnl ] && { 201 echo_i "'test -s ns2/other.db.jnl' succeeded when it shouldn't have"; ret=1; 202} 203if [ $ret != 0 ]; then echo_i "failed"; fi 204status=`expr $status + $ret` 205 206n=`expr $n + 1` 207echo_i "checking that freezing static zones is not allowed ($n)" 208ret=0 209$RNDCCMD 10.53.0.2 freeze static > rndc.out.1.test$n 2>&1 210grep 'not dynamic' rndc.out.1.test$n > /dev/null || ret=1 211if [ $ret != 0 ]; then echo_i "failed"; fi 212status=`expr $status + $ret` 213 214n=`expr $n + 1` 215echo_i "checking that journal is removed when serial is changed before thaw ($n)" 216ret=0 217sleep 1 218$NSUPDATE -p ${PORT} -k ns2/session.key > nsupdate.out.1.test$n 2>&1 <<END || ret=1 219server 10.53.0.2 220zone other. 221update add text6.other. 600 IN TXT "addition 6" 222send 223END 224[ -s ns2/other.db.jnl ] || { 225 echo_i "'test -s ns2/other.db.jnl' failed when it shouldn't have"; ret=1; 226} 227$RNDCCMD 10.53.0.2 freeze other 2>&1 | sed 's/^/ns2 /' | cat_i 228for i in 1 2 3 4 5 6 7 8 9 10 229do 230 grep "addition 6" ns2/other.db > /dev/null && break 231 sleep 1 232done 233serial=`awk '$3 ~ /serial/ {print $1}' ns2/other.db` 234newserial=`expr $serial + 1` 235sed s/$serial/$newserial/ ns2/other.db > ns2/other.db.new 236echo 'frozen TXT "frozen addition"' >> ns2/other.db.new 237mv -f ns2/other.db.new ns2/other.db 238$RNDCCMD 10.53.0.2 thaw 2>&1 | sed 's/^/ns2 /' | cat_i 239sleep 1 240[ -f ns2/other.db.jnl ] && { 241 echo_i "'test -f ns2/other.db.jnl' succeeded when it shouldn't have"; ret=1; 242} 243$NSUPDATE -p ${PORT} -k ns2/session.key > nsupdate.out.2.test$n 2>&1 <<END || ret=1 244server 10.53.0.2 245zone other. 246update add text7.other. 600 IN TXT "addition 7" 247send 248END 249$DIGCMD @10.53.0.2 text6.other. TXT > dig.out.1.test$n 250grep 'addition 6' dig.out.1.test$n >/dev/null || ret=1 251$DIGCMD @10.53.0.2 text7.other. TXT > dig.out.2.test$n 252grep 'addition 7' dig.out.2.test$n >/dev/null || ret=1 253$DIGCMD @10.53.0.2 frozen.other. TXT > dig.out.3.test$n 254grep 'frozen addition' dig.out.3.test$n >/dev/null || ret=1 255if [ $ret != 0 ]; then echo_i "failed"; fi 256status=`expr $status + $ret` 257 258n=`expr $n + 1` 259echo_i "checking that journal is kept when ixfr-from-differences is in use ($n)" 260ret=0 261$NSUPDATE -p ${PORT} -k ns2/session.key > nsupdate.out.1.test$n 2>&1 <<END || ret=1 262server 10.53.0.2 263zone nil. 264update add text6.nil. 600 IN TXT "addition 6" 265send 266END 267[ -s ns2/nil.db.jnl ] || { 268 echo_i "'test -s ns2/nil.db.jnl' failed when it shouldn't have"; ret=1; 269} 270$RNDCCMD 10.53.0.2 freeze nil 2>&1 | sed 's/^/ns2 /' | cat_i 271for i in 1 2 3 4 5 6 7 8 9 10 272do 273 grep "addition 6" ns2/nil.db > /dev/null && break 274 sleep 1 275done 276serial=`awk '$3 ~ /serial/ {print $1}' ns2/nil.db` 277newserial=`expr $serial + 1` 278sed s/$serial/$newserial/ ns2/nil.db > ns2/nil.db.new 279echo 'frozen TXT "frozen addition"' >> ns2/nil.db.new 280mv -f ns2/nil.db.new ns2/nil.db 281$RNDCCMD 10.53.0.2 thaw 2>&1 | sed 's/^/ns2 /' | cat_i 282sleep 1 283[ -s ns2/nil.db.jnl ] || { 284 echo_i "'test -s ns2/nil.db.jnl' failed when it shouldn't have"; ret=1; 285} 286$NSUPDATE -p ${PORT} -k ns2/session.key > nsupdate.out.2.test$n 2>&1 <<END || ret=1 287server 10.53.0.2 288zone nil. 289update add text7.nil. 600 IN TXT "addition 7" 290send 291END 292$DIGCMD @10.53.0.2 text6.nil. TXT > dig.out.1.test$n 293grep 'addition 6' dig.out.1.test$n > /dev/null || ret=1 294$DIGCMD @10.53.0.2 text7.nil. TXT > dig.out.2.test$n 295grep 'addition 7' dig.out.2.test$n > /dev/null || ret=1 296$DIGCMD @10.53.0.2 frozen.nil. TXT > dig.out.3.test$n 297grep 'frozen addition' dig.out.3.test$n >/dev/null || ret=1 298if [ $ret != 0 ]; then echo_i "failed"; fi 299status=`expr $status + $ret` 300 301# temp test 302echo_i "dumping stats ($n)" 303$RNDCCMD 10.53.0.2 stats 304n=`expr $n + 1` 305echo_i "verifying adb records in named.stats ($n)" 306grep "ADB stats" ns2/named.stats > /dev/null || ret=1 307if [ $ret != 0 ]; then echo_i "failed"; fi 308status=`expr $status + $ret` 309 310n=`expr $n + 1` 311echo_i "test using second key ($n)" 312ret=0 313$RNDC -s 10.53.0.2 -p ${CONTROLPORT} -c ns2/secondkey.conf status > /dev/null || ret=1 314if [ $ret != 0 ]; then echo_i "failed"; fi 315status=`expr $status + $ret` 316 317n=`expr $n + 1` 318echo_i "test 'rndc dumpdb' on a empty cache ($n)" 319ret=0 320rndc_dumpdb ns3 || ret=1 321if [ $ret != 0 ]; then echo_i "failed"; fi 322status=`expr $status + $ret` 323 324n=`expr $n + 1` 325echo_i "test 'rndc reload' on a zone with include files ($n)" 326ret=0 327grep "incl/IN: skipping load" ns2/named.run > /dev/null && ret=1 328loads=`grep "incl/IN: starting load" ns2/named.run | wc -l` 329[ "$loads" -eq 1 ] || ret=1 330$RNDCCMD 10.53.0.2 reload > /dev/null || ret=1 331for i in 1 2 3 4 5 6 7 8 9 332do 333 tmp=0 334 grep "incl/IN: skipping load" ns2/named.run > /dev/null || tmp=1 335 [ $tmp -eq 0 ] && break 336 sleep 1 337done 338[ $tmp -eq 1 ] && ret=1 339touch ns2/static.db 340$RNDCCMD 10.53.0.2 reload > /dev/null || ret=1 341for i in 1 2 3 4 5 6 7 8 9 342do 343 tmp=0 344 loads=`grep "incl/IN: starting load" ns2/named.run | wc -l` 345 [ "$loads" -eq 2 ] || tmp=1 346 [ $tmp -eq 0 ] && break 347 sleep 1 348done 349[ $tmp -eq 1 ] && ret=1 350if [ $ret != 0 ]; then echo_i "failed"; fi 351status=`expr $status + $ret` 352 353n=$((n+1)) 354if $FEATURETEST --md5; then 355 echo_i "testing rndc with hmac-md5 ($n)" 356 ret=0 357 $RNDC -s 10.53.0.4 -p ${EXTRAPORT1} -c ns4/key1.conf status > /dev/null 2>&1 || ret=1 358 for i in 2 3 4 5 6 359 do 360 $RNDC -s 10.53.0.4 -p ${EXTRAPORT1} -c ns4/key${i}.conf status > /dev/null 2>&1 && ret=1 361 done 362 if [ $ret != 0 ]; then echo_i "failed"; fi 363 status=$((status+ret)) 364else 365 echo_i "skipping rndc with hmac-md5 ($n)" 366fi 367 368n=`expr $n + 1` 369echo_i "testing rndc with hmac-sha1 ($n)" 370ret=0 371$RNDC -s 10.53.0.4 -p ${EXTRAPORT2} -c ns4/key2.conf status > /dev/null 2>&1 || ret=1 372for i in 1 3 4 5 6 373do 374 $RNDC -s 10.53.0.4 -p ${EXTRAPORT2} -c ns4/key${i}.conf status > /dev/null 2>&1 && ret=1 375done 376if [ $ret != 0 ]; then echo_i "failed"; fi 377status=`expr $status + $ret` 378 379n=`expr $n + 1` 380echo_i "testing rndc with hmac-sha224 ($n)" 381ret=0 382$RNDC -s 10.53.0.4 -p ${EXTRAPORT3} -c ns4/key3.conf status > /dev/null 2>&1 || ret=1 383for i in 1 2 4 5 6 384do 385 $RNDC -s 10.53.0.4 -p ${EXTRAPORT3} -c ns4/key${i}.conf status > /dev/null 2>&1 && ret=1 386done 387if [ $ret != 0 ]; then echo_i "failed"; fi 388status=`expr $status + $ret` 389 390n=`expr $n + 1` 391echo_i "testing rndc with hmac-sha256 ($n)" 392ret=0 393$RNDC -s 10.53.0.4 -p ${EXTRAPORT4} -c ns4/key4.conf status > /dev/null 2>&1 || ret=1 394for i in 1 2 3 5 6 395do 396 $RNDC -s 10.53.0.4 -p ${EXTRAPORT4} -c ns4/key${i}.conf status > /dev/null 2>&1 && ret=1 397done 398if [ $ret != 0 ]; then echo_i "failed"; fi 399status=`expr $status + $ret` 400 401n=`expr $n + 1` 402echo_i "testing rndc with hmac-sha384 ($n)" 403ret=0 404$RNDC -s 10.53.0.4 -p ${EXTRAPORT5} -c ns4/key5.conf status > /dev/null 2>&1 || ret=1 405for i in 1 2 3 4 6 406do 407 $RNDC -s 10.53.0.4 -p ${EXTRAPORT5} -c ns4/key${i}.conf status > /dev/null 2>&1 && ret=1 408done 409if [ $ret != 0 ]; then echo_i "failed"; fi 410status=`expr $status + $ret` 411 412n=`expr $n + 1` 413echo_i "testing rndc with hmac-sha512 ($n)" 414ret=0 415$RNDC -s 10.53.0.4 -p ${EXTRAPORT6} -c ns4/key6.conf status > /dev/null 2>&1 || ret=1 416for i in 1 2 3 4 5 417do 418 $RNDC -s 10.53.0.4 -p ${EXTRAPORT6} -c ns4/key${i}.conf status > /dev/null 2>&1 2>&1 && ret=1 419done 420if [ $ret != 0 ]; then echo_i "failed"; fi 421status=`expr $status + $ret` 422 423n=`expr $n + 1` 424echo_i "testing single control channel with multiple algorithms ($n)" 425ret=0 426for i in 1 2 3 4 5 6 427do 428 $RNDC -s 10.53.0.4 -p ${EXTRAPORT7} -c ns4/key${i}.conf status > /dev/null 2>&1 || ret=1 429done 430if [ $ret != 0 ]; then echo_i "failed"; fi 431status=`expr $status + $ret` 432 433n=`expr $n + 1` 434echo_i "testing automatic zones are reported ($n)" 435ret=0 436$RNDC -s 10.53.0.4 -p ${EXTRAPORT6} -c ns4/key6.conf status > rndc.out.1.test$n || ret=1 437grep "number of zones: 201 (198 automatic)" rndc.out.1.test$n > /dev/null || ret=1 438if [ $ret != 0 ]; then echo_i "failed"; fi 439status=`expr $status + $ret` 440 441n=`expr $n + 1` 442echo_i "testing rndc with null command ($n)" 443ret=0 444$RNDC -s 10.53.0.4 -p ${EXTRAPORT6} -c ns4/key6.conf null || ret=1 445if [ $ret != 0 ]; then echo_i "failed"; fi 446status=`expr $status + $ret` 447 448n=`expr $n + 1` 449echo_i "testing rndc with unknown control channel command ($n)" 450ret=0 451$RNDC -s 10.53.0.4 -p ${EXTRAPORT6} -c ns4/key6.conf obviouslynotacommand >/dev/null 2>&1 && ret=1 452# rndc: 'obviouslynotacommand' failed: unknown command 453if [ $ret != 0 ]; then echo_i "failed"; fi 454status=`expr $status + $ret` 455 456n=`expr $n + 1` 457echo_i "testing rndc with querylog command ($n)" 458ret=0 459# first enable it with querylog on option 460$RNDC -s 10.53.0.4 -p ${EXTRAPORT6} -c ns4/key6.conf querylog on >/dev/null 2>&1 || ret=1 461grep "query logging is now on" ns4/named.run > /dev/null || ret=1 462# query for builtin and check if query was logged (without +subnet) 463$DIG @10.53.0.4 -p ${PORT} -c ch -t txt foo12345.bind +qr > dig.out.1.test$n 2>&1 || ret=1 464grep "query: foo12345.bind CH TXT.*(.*)$" ns4/named.run > /dev/null || ret=1 465# query for another builtin zone and check if query was logged (with +subnet=127.0.0.1) 466$DIG +subnet=127.0.0.1 @10.53.0.4 -p ${PORT} -c ch -t txt foo12346.bind +qr > dig.out.2.test$n 2>&1 || ret=1 467grep "query: foo12346.bind CH TXT.*\[ECS 127\.0\.0\.1/32/0]" ns4/named.run > /dev/null || ret=1 468# query for another builtin zone and check if query was logged (with +subnet=127.0.0.1/24) 469$DIG +subnet=127.0.0.1/24 @10.53.0.4 -p ${PORT} -c ch -t txt foo12347.bind +qr > dig.out.3.test$n 2>&1 || ret=1 470grep "query: foo12347.bind CH TXT.*\[ECS 127\.0\.0\.0/24/0]" ns4/named.run > /dev/null || ret=1 471# query for another builtin zone and check if query was logged (with +subnet=::1) 472$DIG +subnet=::1 @10.53.0.4 -p ${PORT} -c ch -t txt foo12348.bind +qr > dig.out.4.test$n 2>&1 || ret=1 473grep "query: foo12348.bind CH TXT.*\[ECS ::1/128/0]" ns4/named.run > /dev/null || ret=1 474# toggle query logging and check again 475$RNDC -s 10.53.0.4 -p ${EXTRAPORT6} -c ns4/key6.conf querylog > /dev/null 2>&1 || ret=1 476grep "query logging is now off" ns4/named.run > /dev/null || ret=1 477# query for another builtin zone and check if query was logged (without +subnet) 478$DIG @10.53.0.4 -p ${PORT} -c ch -t txt foo9876.bind +qr > dig.out.5.test$n 2>&1 || ret=1 479grep "query: foo9876.bind CH TXT.*(.*)$" ns4/named.run > /dev/null && ret=1 480if [ $ret != 0 ]; then echo_i "failed"; fi 481status=`expr $status + $ret` 482 483RNDCCMD4="$RNDC -s 10.53.0.4 -p ${EXTRAPORT6} -c ns4/key6.conf" 484n=`expr $n + 1` 485echo_i "testing rndc nta time limits ($n)" 486ret=0 487$RNDCCMD4 nta -l 2h nta1.example > rndc.out.1.test$n 2>&1 488grep "Negative trust anchor added" rndc.out.1.test$n > /dev/null || ret=1 489$RNDCCMD4 nta -l 1d nta2.example > rndc.out.2.test$n 2>&1 490grep "Negative trust anchor added" rndc.out.2.test$n > /dev/null || ret=1 491$RNDCCMD4 nta -l 1w nta3.example > rndc.out.3.test$n 2>&1 492grep "Negative trust anchor added" rndc.out.3.test$n > /dev/null || ret=1 493$RNDCCMD4 nta -l 8d nta4.example > rndc.out.4.test$n 2>&1 494grep "NTA lifetime cannot exceed one week" rndc.out.4.test$n > /dev/null || ret=1 495if [ $ret != 0 ]; then echo_i "failed"; fi 496status=`expr $status + $ret` 497 498n=`expr $n + 1` 499echo_i "testing rndc nta -class option ($n)" 500ret=0 501nextpart ns4/named.run > /dev/null 502$RNDCCMD4 nta -c in nta1.example > rndc.out.1.test$n 2>&1 503nextpart ns4/named.run | grep "added NTA 'nta1.example'" > /dev/null || ret=1 504$RNDCCMD4 nta -c any nta1.example > rndc.out.2.test$n 2>&1 505nextpart ns4/named.run | grep "added NTA 'nta1.example'" > /dev/null || ret=1 506$RNDCCMD4 nta -c ch nta1.example > rndc.out.3.test$n 2>&1 507nextpart ns4/named.run | grep "added NTA 'nta1.example'" > /dev/null && ret=1 508$RNDCCMD4 nta -c fake nta1.example > rndc.out.4.test$n 2>&1 509nextpart ns4/named.run | grep "added NTA 'nta1.example'" > /dev/null && ret=1 510grep 'unknown class' rndc.out.4.test$n > /dev/null || ret=1 511if [ $ret != 0 ]; then echo_i "failed"; fi 512status=`expr $status + $ret` 513 514for i in 512 1024 2048 4096 8192 16384 32768 65536 131072 262144 524288 515do 516 n=`expr $n + 1` 517 echo_i "testing rndc buffer size limits (size=${i}) ($n)" 518 ret=0 519 $RNDC -s 10.53.0.4 -p ${EXTRAPORT6} -c ns4/key6.conf testgen ${i} 2>&1 > rndc.out.$i.test$n || ret=1 520 actual_size=`$GENCHECK rndc.out.$i.test$n` 521 if [ "$?" = "0" ]; then 522 expected_size=`expr $i + 1` 523 if [ $actual_size != $expected_size ]; then ret=1; fi 524 else 525 ret=1 526 fi 527 528 if [ $ret != 0 ]; then echo_i "failed"; fi 529 status=`expr $status + $ret` 530done 531 532n=`expr $n + 1` 533echo_i "testing rndc -r (show result) ($n)" 534ret=0 535$RNDC -s 10.53.0.4 -p ${EXTRAPORT6} -c ns4/key6.conf -r testgen 0 2>&1 > rndc.out.1.test$n || ret=1 536grep "ISC_R_SUCCESS 0" rndc.out.1.test$n > /dev/null || ret=1 537if [ $ret != 0 ]; then echo_i "failed"; fi 538status=`expr $status + $ret` 539 540n=`expr $n + 1` 541echo_i "testing rndc with a token containing a space ($n)" 542ret=0 543$RNDC -s 10.53.0.4 -p ${EXTRAPORT6} -c ns4/key6.conf -r flush '"view with a space"' 2>&1 > rndc.out.1.test$n || ret=1 544grep "not found" rndc.out.1.test$n > /dev/null && ret=1 545if [ $ret != 0 ]; then echo_i "failed"; fi 546status=`expr $status + $ret` 547 548n=`expr $n + 1` 549echo_i "test 'rndc reconfig' with a broken config ($n)" 550ret=0 551$RNDC -s 10.53.0.4 -p ${EXTRAPORT6} -c ns4/key6.conf reconfig > /dev/null || ret=1 552sleep 1 553mv ns4/named.conf ns4/named.conf.save 554echo "error error error" >> ns4/named.conf 555$RNDC -s 10.53.0.4 -p ${EXTRAPORT6} -c ns4/key6.conf reconfig > rndc.out.1.test$n 2>&1 && ret=1 556grep "rndc: 'reconfig' failed: unexpected token" rndc.out.1.test$n > /dev/null || ret=1 557if [ $ret != 0 ]; then echo_i "failed"; fi 558status=`expr $status + $ret` 559 560n=`expr $n + 1` 561echo_i "check rndc status reports failure ($n)" 562ret=0 563$RNDC -s 10.53.0.4 -p ${EXTRAPORT6} -c ns4/key6.conf status > rndc.out.1.test$n 2>&1 || ret=1 564grep "reload/reconfig failed" rndc.out.1.test$n > /dev/null || ret=1 565if [ $ret != 0 ]; then echo_i "failed"; fi 566status=`expr $status + $ret` 567 568n=`expr $n + 1` 569echo_i "restore working config ($n)" 570ret=0 571mv ns4/named.conf.save ns4/named.conf 572sleep 1 573$RNDC -s 10.53.0.4 -p ${EXTRAPORT6} -c ns4/key6.conf reconfig > /dev/null || ret=1 574sleep 1 575if [ $ret != 0 ]; then echo_i "failed"; fi 576status=`expr $status + $ret` 577 578n=`expr $n + 1` 579echo_i "check 'rndc status' 'reload/reconfig failure' is cleared after successful reload/reconfig ($n)" 580ret=0 581$RNDC -s 10.53.0.4 -p ${EXTRAPORT6} -c ns4/key6.conf status > rndc.out.1.test$n 2>&1 || ret=1 582grep "reload/reconfig failed" rndc.out.1.test$n > /dev/null && ret=1 583if [ $ret != 0 ]; then echo_i "failed"; fi 584status=`expr $status + $ret` 585 586n=`expr $n + 1` 587echo_i "test read-only control channel access ($n)" 588ret=0 589$RNDCCMD 10.53.0.5 status > rndc.out.1.test$n 2>&1 || ret=1 590$RNDCCMD 10.53.0.5 nta -dump > rndc.out.2.test$n 2>&1 || ret=1 591$RNDCCMD 10.53.0.5 reconfig > rndc.out.3.test$n 2>&1 && ret=1 592if [ $ret != 0 ]; then echo_i "failed"; fi 593status=`expr $status + $ret` 594 595n=`expr $n + 1` 596echo_i "test rndc status shows running on ($n)" 597ret=0 598$RNDCCMD 10.53.0.5 status > rndc.out.1.test$n 2>&1 || ret=1 599grep "^running on " rndc.out.1.test$n > /dev/null || ret=1 600if [ $ret != 0 ]; then echo_i "failed"; fi 601status=`expr $status + $ret` 602 603n=`expr $n + 1` 604echo_i "test 'rndc reconfig' with loading of a large zone ($n)" 605ret=0 606cur=`awk 'BEGIN {l=0} /^/ {l++} END { print l }' ns6/named.run` 607cp ns6/named.conf ns6/named.conf.save 608echo "zone \"huge.zone\" { type primary; file \"huge.zone.db\"; };" >> ns6/named.conf 609echo_i "reloading config" 610$RNDCCMD 10.53.0.6 reconfig > rndc.out.1.test$n 2>&1 || ret=1 611if [ $ret != 0 ]; then echo_i "failed"; fi 612status=`expr $status + $ret` 613sleep 1 614n=`expr $n + 1` 615echo_i "check if zone load was scheduled ($n)" 616grep "scheduled loading new zones" ns6/named.run > /dev/null || ret=1 617if [ $ret != 0 ]; then echo_i "failed"; fi 618status=`expr $status + $ret` 619 620n=`expr $n + 1` 621echo_i "check if query for the zone returns SERVFAIL ($n)" 622$DIG @10.53.0.6 -p ${PORT} -t soa huge.zone > dig.out.1.test$n 623grep "SERVFAIL" dig.out.1.test$n > /dev/null || ret=1 624if [ $ret != 0 ]; then echo_i "failed (ignored)"; ret=0; fi 625status=`expr $status + $ret` 626 627n=`expr $n + 1` 628echo_i "wait for the zones to be loaded ($n)" 629ret=1 630try=0 631while test $try -lt 180 632do 633 sleep 1 634 sed -n "$cur,"'$p' < ns6/named.run | grep "any newly configured zones are now loaded" > /dev/null && { 635 ret=0 636 break 637 } 638 try=`expr $try + 1` 639done 640if [ $ret != 0 ]; then echo_i "failed"; fi 641status=`expr $status + $ret` 642 643n=`expr $n + 1` 644echo_i "check if query for the zone returns NOERROR ($n)" 645$DIG @10.53.0.6 -p ${PORT} -t soa huge.zone > dig.out.1.test$n 646grep "NOERROR" dig.out.1.test$n > /dev/null || ret=1 647if [ $ret != 0 ]; then echo_i "failed"; fi 648status=`expr $status + $ret` 649 650n=`expr $n + 1` 651echo_i "verify that the full command is logged ($n)" 652ret=0 653$RNDCCMD 10.53.0.2 null with extra arguments > /dev/null 2>&1 654grep "received control channel command 'null with extra arguments'" ns2/named.run > /dev/null || ret=1 655if [ $ret != 0 ]; then echo_i "failed"; fi 656status=`expr $status + $ret` 657 658mv ns6/named.conf.save ns6/named.conf 659sleep 1 660$RNDCCMD 10.53.0.6 reconfig > /dev/null || ret=1 661sleep 1 662if [ $ret != 0 ]; then echo_i "failed"; fi 663status=`expr $status + $ret` 664 665if [ -x "$PYTHON" ]; then 666 n=`expr $n + 1` 667 echo_i "test rndc python bindings ($n)" 668 ret=0 669 $PYTHON > python.out.1.test$n << EOF 670import sys 671sys.path.insert(0, '../../../../bin/python') 672from isc import * 673r = rndc(('10.53.0.5', ${CONTROLPORT}), 'hmac-sha256', '1234abcd8765') 674result = r.call('status') 675print(result['text']) 676EOF 677 grep 'server is up and running' python.out.1.test$n > /dev/null 2>&1 || ret=1 678 if [ $ret != 0 ]; then echo_i "failed"; fi 679 status=`expr $status + $ret` 680fi 681 682n=`expr $n + 1` 683echo_i "check 'rndc \"\"' is handled ($n)" 684ret=0 685$RNDCCMD 10.53.0.2 "" > rndc.out.1.test$n 2>&1 && ret=1 686grep "rndc: '' failed: failure" rndc.out.1.test$n > /dev/null 687if [ $ret != 0 ]; then echo_i "failed"; fi 688status=`expr $status + $ret` 689 690n=`expr $n + 1` 691echo_i "check rndc -4 -6 ($n)" 692ret=0 693$RNDCCMD 10.53.0.2 -4 -6 status > rndc.out.1.test$n 2>&1 && ret=1 694grep "only one of -4 and -6 allowed" rndc.out.1.test$n > /dev/null || ret=1 695if [ $ret != 0 ]; then echo_i "failed"; fi 696status=`expr $status + $ret` 697 698n=`expr $n + 1` 699echo_i "check rndc -4 with an IPv6 server address ($n)" 700ret=0 701$RNDCCMD fd92:7065:b8e:ffff::2 -4 status > rndc.out.1.test$n 2>&1 && ret=1 702grep "address family not supported" rndc.out.1.test$n > /dev/null || ret=1 703if [ $ret != 0 ]; then echo_i "failed"; fi 704status=`expr $status + $ret` 705 706n=`expr $n + 1` 707echo_i "check rndc nta reports adding to multiple views ($n)" 708ret=0 709$RNDCCMD 10.53.0.3 nta test.com > rndc.out.test$n 2>&1 || ret=1 710lines=`cat rndc.out.test$n | wc -l` 711[ ${lines:-0} -eq 2 ] || ret=1 712if [ $ret != 0 ]; then echo_i "failed"; fi 713status=`expr $status + $ret` 714 715n=`expr $n + 1` 716echo_i "check 'rndc retransfer' of primary error message ($n)" 717ret=0 718$RNDCCMD 10.53.0.2 retransfer nil > rndc.out.test$n 2>&1 && ret=1 719grep "rndc: 'retransfer' failed: failure" rndc.out.test$n > /dev/null || ret=1 720grep "retransfer: inappropriate zone type: primary" rndc.out.test$n > /dev/null || ret=1 721lines=`cat rndc.out.test$n | wc -l` 722[ ${lines:-0} -eq 2 ] || ret=1 723if [ $ret != 0 ]; then echo_i "failed"; fi 724status=`expr $status + $ret` 725 726n=$((n+1)) 727echo_i "check 'rndc freeze' with in-view zones works ($n)" 728ret=0 729$RNDC -s 10.53.0.4 -p ${EXTRAPORT6} -c ns4/key6.conf freeze > rndc.out.test$n 2>&1 || ret=1 730test -s rndc.out.test$n && sed 's/^/ns2 /' rndc.out.test$n | cat_i 731if [ $ret != 0 ]; then echo_i "failed"; fi 732status=$((status+ret)) 733 734n=$((n+1)) 735echo_i "checking non in-view zone instance is not writable ($n)" 736ret=0 737$NSUPDATE -p ${PORT} > /dev/null 2>&1 <<END && ret=1 738server 10.53.0.4 739zone example. 740update add text2.example. 600 IN TXT "addition 3" 741send 742END 743$DIGCMD @10.53.0.4 -p ${PORT} text2.example. TXT > dig.out.1.test$n 744grep 'addition 3' dig.out.1.test$n >/dev/null && ret=1 745if [ $ret != 0 ]; then echo_i "failed"; fi 746status=$((status+ret)) 747 748n=$((n+1)) 749echo_i "check 'rndc thaw' with in-view zones works ($n)" 750ret=0 751$RNDC -s 10.53.0.4 -p ${EXTRAPORT6} -c ns4/key6.conf thaw > rndc.out.test$n 2>&1 || ret=1 752test -s rndc.out.test$n && sed 's/^/ns2 /' rndc.out.test$n | cat_i 753if [ $ret != 0 ]; then echo_i "failed"; fi 754status=$((status+ret)) 755 756n=$((n+1)) 757echo_i "checking non in-view zone instance is now writable ($n)" 758ret=0 759$NSUPDATE -p ${PORT} > nsupdate.out.test$n 2>&1 <<END || ret=1 760server 10.53.0.4 761zone example. 762update add text2.example. 600 IN TXT "addition 3" 763send 764END 765$DIGCMD @10.53.0.4 -p ${PORT} text2.example. TXT > dig.out.1.test$n 766grep 'addition 3' dig.out.1.test$n >/dev/null || ret=1 767if [ $ret != 0 ]; then echo_i "failed"; fi 768status=$((status+ret)) 769 770n=$((n+1)) 771echo_i "checking initial in-view zone file is loaded ($n)" 772ret=0 773TSIG="$DEFAULT_HMAC:int:FrSt77yPTFx6hTs4i2tKLB9LmE0=" 774$DIGCMD @10.53.0.7 -y "$TSIG" text1.test. TXT > dig.out.1.test$n 775grep 'include 1' dig.out.1.test$n >/dev/null || ret=1 776TSIG="$DEFAULT_HMAC:ext:FrSt77yPTFx6hTs4i2tKLB9LmE0=" 777$DIGCMD @10.53.0.7 -y "$TSIG" text1.test. TXT > dig.out.2.test$n 778grep 'include 1' dig.out.2.test$n >/dev/null || ret=1 779if [ $ret != 0 ]; then echo_i "failed"; fi 780status=$((status+ret)) 781 782echo_i "update in-view zone ($n)" 783ret=0 784TSIG="$DEFAULT_HMAC:int:FrSt77yPTFx6hTs4i2tKLB9LmE0=" 785$NSUPDATE -p ${PORT} -y "$TSIG" > /dev/null 2>&1 <<END || ret=1 786server 10.53.0.7 787zone test. 788update add text2.test. 600 IN TXT "addition 1" 789send 790END 791[ -s ns7/test.db.jnl ] || { 792 echo_i "'test -s ns7/test.db.jnl' failed when it shouldn't have"; ret=1; 793} 794if [ $ret != 0 ]; then echo_i "failed"; fi 795status=$((status+ret)) 796 797echo_i "checking update ($n)" 798ret=0 799TSIG="$DEFAULT_HMAC:int:FrSt77yPTFx6hTs4i2tKLB9LmE0=" 800$DIGCMD @10.53.0.7 -y "$TSIG" text2.test. TXT > dig.out.1.test$n 801grep 'addition 1' dig.out.1.test$n >/dev/null || ret=1 802if [ $ret != 0 ]; then echo_i "failed"; fi 803status=$((status+ret)) 804 805nextpart ns7/named.run > /dev/null 806 807echo_i "rndc freeze" 808$RNDCCMD 10.53.0.7 freeze | sed 's/^/ns7 /' | cat_i | cat_i 809 810wait_for_log 3 "dump_done: zone test/IN/internal: enter" ns7/named.run 811 812echo_i "edit zone files" 813cp ns7/test.db.in ns7/test.db 814cp ns7/include2.db.in ns7/include.db 815 816echo_i "rndc thaw" 817$RNDCCMD 10.53.0.7 thaw | sed 's/^/ns7 /' | cat_i 818 819wait_for_log 3 "zone_postload: zone test/IN/internal: done" ns7/named.run 820 821echo_i "rndc reload" 822$RNDCCMD 10.53.0.7 reload | sed 's/^/ns7 /' | cat_i 823 824wait_for_log 3 "all zones loaded" ns7/named.run 825 826n=$((n+1)) 827echo_i "checking zone file edits are loaded ($n)" 828ret=0 829TSIG="$DEFAULT_HMAC:int:FrSt77yPTFx6hTs4i2tKLB9LmE0=" 830$DIGCMD @10.53.0.7 -y "$TSIG" text1.test. TXT > dig.out.1.test$n 831grep 'include 2' dig.out.1.test$n >/dev/null || ret=1 832TSIG="$DEFAULT_HMAC:ext:FrSt77yPTFx6hTs4i2tKLB9LmE0=" 833$DIGCMD @10.53.0.7 -y "$TSIG" text1.test. TXT > dig.out.2.test$n 834grep 'include 2' dig.out.2.test$n >/dev/null || ret=1 835if [ $ret != 0 ]; then echo_i "failed"; fi 836status=$((status+ret)) 837 838echo_i "exit status: $status" 839[ $status -eq 0 ] || exit 1 840