tests.sh revision 1.1.1.3
1#!/bin/sh 2# 3# Copyright (C) Internet Systems Consortium, Inc. ("ISC") 4# 5# This Source Code Form is subject to the terms of the Mozilla Public 6# License, v. 2.0. If a copy of the MPL was not distributed with this 7# file, you can obtain one at https://mozilla.org/MPL/2.0/. 8# 9# See the COPYRIGHT file distributed with this work for additional 10# information regarding copyright ownership. 11 12# ns1 = stealth primary 13# ns2 = secondary with update forwarding disabled; not currently used 14# ns3 = secondary with update forwarding enabled 15 16SYSTEMTESTTOP=.. 17. $SYSTEMTESTTOP/conf.sh 18 19DIGOPTS="+tcp +noadd +nosea +nostat +noquest +nocomm +nocmd -p ${PORT}" 20RNDCCMD="$RNDC -p ${CONTROLPORT} -c ../common/rndc.conf" 21 22status=0 23n=1 24capture_dnstap() { 25 retry_quiet 20 test -f ns3/dnstap.out && mv ns3/dnstap.out dnstap.out.$n 26 $RNDCCMD -s 10.53.0.3 dnstap -reopen 27} 28 29uq_equals_ur() { 30 "$DNSTAPREAD" dnstap.out.$n | 31 awk '$3 == "UQ" { UQ+=1 } $3 == "UR" { UR += 1 } END { print UQ+0, UR+0 }' > dnstapread.out$n 32 read UQ UR < dnstapread.out$n 33 echo_i "UQ=$UQ UR=$UR" 34 test $UQ -eq $UR || return 1 35} 36 37echo_i "waiting for servers to be ready for testing ($n)" 38for i in 1 2 3 4 5 6 7 8 9 10 39do 40 ret=0 41 $DIG +tcp -p ${PORT} example. @10.53.0.1 soa > dig.out.ns1 || ret=1 42 grep "status: NOERROR" dig.out.ns1 > /dev/null || ret=1 43 $DIG +tcp -p ${PORT} example. @10.53.0.2 soa > dig.out.ns2 || ret=1 44 grep "status: NOERROR" dig.out.ns2 > /dev/null || ret=1 45 $DIG +tcp -p ${PORT} example. @10.53.0.3 soa > dig.out.ns3 || ret=1 46 grep "status: NOERROR" dig.out.ns3 > /dev/null || ret=1 47 test $ret = 0 && break 48 sleep 1 49done 50if [ $ret != 0 ] ; then echo_i "failed"; status=`expr $status + $ret`; fi 51n=`expr $n + 1` 52 53echo_i "fetching primary copy of zone before update ($n)" 54ret=0 55$DIG $DIGOPTS example.\ 56 @10.53.0.1 axfr > dig.out.ns1 || ret=1 57if [ $ret != 0 ] ; then echo_i "failed"; status=`expr $status + $ret`; fi 58n=`expr $n + 1` 59 60echo_i "fetching secondary 1 copy of zone before update ($n)" 61$DIG $DIGOPTS example.\ 62 @10.53.0.2 axfr > dig.out.ns2 || ret=1 63if [ $ret != 0 ] ; then echo_i "failed"; status=`expr $status + $ret`; fi 64n=`expr $n + 1` 65 66echo_i "fetching secondary 2 copy of zone before update ($n)" 67ret=0 68$DIG $DIGOPTS example.\ 69 @10.53.0.3 axfr > dig.out.ns3 || ret=1 70if [ $ret != 0 ] ; then echo_i "failed"; status=`expr $status + $ret`; fi 71n=`expr $n + 1` 72 73echo_i "comparing pre-update copies to known good data ($n)" 74ret=0 75digcomp knowngood.before dig.out.ns1 || ret=1 76digcomp knowngood.before dig.out.ns2 || ret=1 77digcomp knowngood.before dig.out.ns3 || ret=1 78if [ $ret != 0 ] ; then echo_i "failed"; status=`expr $status + $ret`; fi 79 80echo_i "updating zone (signed) ($n)" 81ret=0 82$NSUPDATE -y update.example:c3Ryb25nIGVub3VnaCBmb3IgYSBtYW4gYnV0IG1hZGUgZm9yIGEgd29tYW4K -- - <<EOF || ret=1 83server 10.53.0.3 ${PORT} 84update add updated.example. 600 A 10.10.10.1 85update add updated.example. 600 TXT Foo 86send 87EOF 88if [ $ret != 0 ] ; then echo_i "failed"; status=`expr $status + $ret`; fi 89n=`expr $n + 1` 90 91echo_i "sleeping 15 seconds for server to incorporate changes" 92sleep 15 93 94echo_i "fetching primary copy of zone after update ($n)" 95ret=0 96$DIG $DIGOPTS example.\ 97 @10.53.0.1 axfr > dig.out.ns1 || ret=1 98if [ $ret != 0 ] ; then echo_i "failed"; status=`expr $status + $ret`; fi 99n=`expr $n + 1` 100 101echo_i "fetching secondary 1 copy of zone after update ($n)" 102ret=0 103$DIG $DIGOPTS example.\ 104 @10.53.0.2 axfr > dig.out.ns2 || ret=1 105if [ $ret != 0 ] ; then echo_i "failed"; status=`expr $status + $ret`; fi 106 107echo_i "fetching secondary 2 copy of zone after update ($n)" 108ret=0 109$DIG $DIGOPTS example.\ 110 @10.53.0.3 axfr > dig.out.ns3 || ret=1 111if [ $ret != 0 ] ; then echo_i "failed"; status=`expr $status + $ret`; fi 112n=`expr $n + 1` 113 114echo_i "comparing post-update copies to known good data ($n)" 115ret=0 116digcomp knowngood.after1 dig.out.ns1 || ret=1 117digcomp knowngood.after1 dig.out.ns2 || ret=1 118digcomp knowngood.after1 dig.out.ns3 || ret=1 119if [ $ret != 0 ] ; then echo_i "failed"; status=`expr $status + $ret`; fi 120 121echo_i "checking 'forwarding update for zone' is logged ($n)" 122ret=0 123grep "forwarding update for zone 'example/IN'" ns3/named.run > /dev/null || ret=1 124if [ $ret != 0 ] ; then echo_i "failed"; status=`expr $status + $ret`; fi 125n=`expr $n + 1` 126 127if $FEATURETEST --enable-dnstap 128then 129 echo_i "checking DNSTAP logging of UPDATE forwarded update replies ($n)" 130 ret=0 131 capture_dnstap 132 uq_equals_ur || ret=1 133 if [ $ret != 0 ] ; then echo_i "failed"; fi 134 status=`expr $status + $ret` 135 n=`expr $n + 1` 136fi 137 138echo_i "updating zone (unsigned) ($n)" 139ret=0 140$NSUPDATE -- - <<EOF || ret=1 141server 10.53.0.3 ${PORT} 142update add unsigned.example. 600 A 10.10.10.1 143update add unsigned.example. 600 TXT Foo 144send 145EOF 146if [ $ret != 0 ] ; then echo_i "failed"; status=`expr $status + $ret`; fi 147n=`expr $n + 1` 148 149echo_i "sleeping 15 seconds for server to incorporate changes" 150sleep 15 151 152echo_i "fetching primary copy of zone after update ($n)" 153ret=0 154$DIG $DIGOPTS example.\ 155 @10.53.0.1 axfr > dig.out.ns1 || ret=1 156if [ $ret != 0 ] ; then echo_i "failed"; status=`expr $status + $ret`; fi 157 158echo_i "fetching secondary 1 copy of zone after update ($n)" 159ret=0 160$DIG $DIGOPTS example.\ 161 @10.53.0.2 axfr > dig.out.ns2 || ret=1 162if [ $ret != 0 ] ; then echo_i "failed"; status=`expr $status + $ret`; fi 163n=`expr $n + 1` 164 165echo_i "fetching secondary 2 copy of zone after update ($n)" 166ret=0 167$DIG $DIGOPTS example.\ 168 @10.53.0.3 axfr > dig.out.ns3 || ret=1 169if [ $ret != 0 ] ; then echo_i "failed"; status=`expr $status + $ret`; fi 170 171echo_i "comparing post-update copies to known good data ($n)" 172ret=0 173digcomp knowngood.after2 dig.out.ns1 || ret=1 174digcomp knowngood.after2 dig.out.ns2 || ret=1 175digcomp knowngood.after2 dig.out.ns3 || ret=1 176if [ $ret != 0 ] ; then echo_i "failed"; status=`expr $status + $ret`; fi 177 178if $FEATURETEST --enable-dnstap 179then 180 echo_i "checking DNSTAP logging of UPDATE forwarded update replies ($n)" 181 ret=0 182 capture_dnstap 183 uq_equals_ur || ret=1 184 if [ $ret != 0 ] ; then echo_i "failed"; fi 185 status=`expr $status + $ret` 186 n=`expr $n + 1` 187fi 188n=`expr $n + 1` 189 190echo_i "checking update forwarding to dead primary ($n)" 191count=0 192ret=0 193while [ $count -lt 5 -a $ret -eq 0 ] 194do 195( 196$NSUPDATE -- - <<EOF 197server 10.53.0.3 ${PORT} 198zone nomaster 199update add unsigned.nomaster. 600 A 10.10.10.1 200update add unsigned.nomaster. 600 TXT Foo 201send 202EOF 203) > /dev/null 2>&1 & 204 $DIG -p ${PORT} +noadd +notcp +noauth nomaster. @10.53.0.3 soa > dig.out.ns3 || ret=1 205 grep "status: NOERROR" dig.out.ns3 > /dev/null || ret=1 206 count=`expr $count + 1` 207done 208if [ $ret != 0 ] ; then echo_i "failed"; status=`expr $status + $ret`; fi 209n=`expr $n + 1` 210 211if $FEATURETEST --enable-dnstap 212then 213 echo_i "checking DNSTAP logging of UPDATE forwarded update replies ($n)" 214 ret=0 215 capture_dnstap 216 uq_equals_ur && ret=1 217 if [ $ret != 0 ] ; then echo_i "failed"; fi 218 status=`expr $status + $ret` 219 n=`expr $n + 1` 220fi 221 222if test -f keyname 223then 224 echo_i "checking update forwarding to with sig0 ($n)" 225 ret=0 226 keyname=`cat keyname` 227 $NSUPDATE -k $keyname.private -- - <<EOF 228 server 10.53.0.3 ${PORT} 229 zone example2 230 update add unsigned.example2. 600 A 10.10.10.1 231 update add unsigned.example2. 600 TXT Foo 232 send 233EOF 234 $DIG -p ${PORT} unsigned.example2 A @10.53.0.1 > dig.out.ns1.test$n 235 grep "status: NOERROR" dig.out.ns1.test$n > /dev/null || ret=1 236 if [ $ret != 0 ] ; then echo_i "failed"; fi 237 status=`expr $status + $ret` 238 n=`expr $n + 1` 239 240 if $FEATURETEST --enable-dnstap 241 then 242 echo_i "checking DNSTAP logging of UPDATE forwarded update replies ($n)" 243 ret=0 244 capture_dnstap 245 uq_equals_ur || ret=1 246 if [ $ret != 0 ] ; then echo_i "failed"; fi 247 status=`expr $status + $ret` 248 n=`expr $n + 1` 249 fi 250fi 251 252echo_i "exit status: $status" 253[ $status -eq 0 ] || exit 1 254