1#!/bin/sh
2
3# Copyright (C) Internet Systems Consortium, Inc. ("ISC")
4#
5# SPDX-License-Identifier: MPL-2.0
6#
7# This Source Code Form is subject to the terms of the Mozilla Public
8# License, v. 2.0.  If a copy of the MPL was not distributed with this
9# file, you can obtain one at https://mozilla.org/MPL/2.0/.
10#
11# See the COPYRIGHT file distributed with this work for additional
12# information regarding copyright ownership.
13
14set -e
15
16. ../conf.sh
17
18DIGOPTS="-p ${PORT}"
19RNDCCMD="$RNDC -c ../_common/rndc.conf -p ${CONTROLPORT} -s"
20
21status=0
22
23#
24echo_i "checking that we detect a NS which refers to a CNAME"
25if $CHECKZONE . cname.db >cname.out 2>&1; then
26  echo_i "failed (status)"
27  status=$((status + 1))
28else
29  if grep "is a CNAME" cname.out >/dev/null; then
30    :
31  else
32    echo_i "failed (message)"
33    status=$((status + 1))
34  fi
35fi
36
37#
38echo_i "checking that we detect a NS which is below a DNAME"
39if $CHECKZONE . dname.db >dname.out 2>&1; then
40  echo_i "failed (status)"
41  status=$((status + 1))
42else
43  if grep "is below a DNAME" dname.out >/dev/null; then
44    :
45  else
46    echo_i "failed (message)"
47    status=$((status + 1))
48  fi
49fi
50
51#
52echo_i "checking that we detect a NS which has no address records (A/AAAA)"
53if $CHECKZONE . noaddress.db >noaddress.out; then
54  echo_i "failed (status)"
55  status=$((status + 1))
56else
57  if grep "has no address records" noaddress.out >/dev/null; then
58    :
59  else
60    echo_i "failed (message)"
61    status=$((status + 1))
62  fi
63fi
64
65#
66echo_i "checking that we detect a NS which has no records"
67if $CHECKZONE . nxdomain.db >nxdomain.out; then
68  echo_i "failed (status)"
69  status=$((status + 1))
70else
71  if grep "has no address records" noaddress.out >/dev/null; then
72    :
73  else
74    echo_i "failed (message)"
75    status=$((status + 1))
76  fi
77fi
78
79#
80echo_i "checking that we detect a NS which looks like a A record (fail)"
81if $CHECKZONE -n fail . a.db >a.out 2>&1; then
82  echo_i "failed (status)"
83  status=$((status + 1))
84else
85  if grep "appears to be an address" a.out >/dev/null; then
86    :
87  else
88    echo_i "failed (message)"
89    status=$((status + 1))
90  fi
91fi
92
93#
94echo_i "checking that we detect a NS which looks like a A record (warn=default)"
95if $CHECKZONE . a.db >a.out 2>&1; then
96  if grep "appears to be an address" a.out >/dev/null; then
97    :
98  else
99    echo_i "failed (message)"
100    status=$((status + 1))
101  fi
102else
103  echo_i "failed (status)"
104  status=$((status + 1))
105fi
106
107#
108echo_i "checking that we detect a NS which looks like a A record (ignore)"
109if $CHECKZONE -n ignore . a.db >a.out 2>&1; then
110  if grep "appears to be an address" a.out >/dev/null; then
111    echo_i "failed (message)"
112    status=$((status + 1))
113  else
114    :
115  fi
116else
117  echo_i "failed (status)"
118  status=$((status + 1))
119fi
120
121#
122echo_i "checking that we detect a NS which looks like a AAAA record (fail)"
123if $CHECKZONE -n fail . aaaa.db >aaaa.out 2>&1; then
124  echo_i "failed (status)"
125  status=$((status + 1))
126else
127  if grep "appears to be an address" aaaa.out >/dev/null; then
128    :
129  else
130    echo_i "failed (message)"
131    status=$((status + 1))
132  fi
133fi
134
135#
136echo_i "checking that we detect a NS which looks like a AAAA record (warn=default)"
137if $CHECKZONE . aaaa.db >aaaa.out 2>&1; then
138  if grep "appears to be an address" aaaa.out >/dev/null; then
139    :
140  else
141    echo_i "failed (message)"
142    status=$((status + 1))
143  fi
144else
145  echo_i "failed (status)"
146  status=$((status + 1))
147fi
148
149#
150echo_i "checking that we detect a NS which looks like a AAAA record (ignore)"
151if $CHECKZONE -n ignore . aaaa.db >aaaa.out 2>&1; then
152  if grep "appears to be an address" aaaa.out >/dev/null; then
153    echo_i "failed (message)"
154    status=$((status + 1))
155  else
156    :
157  fi
158else
159  echo_i "failed (status)"
160  status=$((status + 1))
161fi
162
163#
164echo_i "checking 'rdnc zonestatus' output"
165ret=0
166for i in 0 1 2 3 4 5 6 7 8 9; do
167  $RNDCCMD 10.53.0.1 zonestatus primary.example >rndc.out.pri 2>&1
168  grep "zone not loaded" rndc.out.pri >/dev/null || break
169  sleep 1
170done
171checkfor() {
172  grep "$1" $2 >/dev/null || {
173    ret=1
174    echo_i "missing string '$1' from '$2'"
175  }
176}
177checkfor "name: primary.example" rndc.out.pri
178checkfor "type: primary" rndc.out.pri
179checkfor "files: primary.db, primary.db.signed" rndc.out.pri
180checkfor "serial: " rndc.out.pri
181checkfor "nodes: " rndc.out.pri
182checkfor "last loaded: " rndc.out.pri
183checkfor "secure: yes" rndc.out.pri
184checkfor "inline signing: no" rndc.out.pri
185checkfor "key maintenance: automatic" rndc.out.pri
186checkfor "next key event: " rndc.out.pri
187checkfor "next resign node: " rndc.out.pri
188checkfor "next resign time: " rndc.out.pri
189checkfor "dynamic: yes" rndc.out.pri
190checkfor "frozen: no" rndc.out.pri
191for i in 0 1 2 3 4 5 6 7 8 9; do
192  $RNDCCMD 10.53.0.2 zonestatus primary.example >rndc.out.sec 2>&1
193  grep "zone not loaded" rndc.out.sec >/dev/null || break
194  sleep 1
195done
196checkfor "name: primary.example" rndc.out.sec
197checkfor "type: secondary" rndc.out.sec
198checkfor "files: sec.db" rndc.out.sec
199checkfor "serial: " rndc.out.sec
200checkfor "nodes: " rndc.out.sec
201checkfor "next refresh: " rndc.out.sec
202checkfor "expires: " rndc.out.sec
203checkfor "secure: yes" rndc.out.sec
204for i in 0 1 2 3 4 5 6 7 8 9; do
205  $RNDCCMD 10.53.0.1 zonestatus reload.example >rndc.out.prereload 2>&1
206  grep "zone not loaded" rndc.out.prereload >/dev/null || break
207  sleep 1
208done
209checkfor "files: reload.db, soa.db$" rndc.out.prereload
210echo "@ 0 SOA . . 2 0 0 0 0" >ns1/soa.db
211$RNDCCMD 10.53.0.1 reload reload.example | sed 's/^/ns1 /' | cat_i
212for i in 0 1 2 3 4 5 6 7 8 9; do
213  $DIG $DIGOPTS reload.example SOA @10.53.0.1 >dig.out
214  grep " 2 0 0 0 0" dig.out >/dev/null && break
215  sleep 1
216done
217$RNDCCMD 10.53.0.1 zonestatus reload.example >rndc.out.postreload 2>&1
218checkfor "files: reload.db, soa.db$" rndc.out.postreload
219sleep 1
220echo "@ 0 SOA . . 3 0 0 0 0" >ns1/reload.db
221echo "@ 0 NS ." >>ns1/reload.db
222rndc_reload ns1 10.53.0.1 reload.example
223for i in 0 1 2 3 4 5 6 7 8 9; do
224  $DIG $DIGOPTS reload.example SOA @10.53.0.1 >dig.out
225  grep " 3 0 0 0 0" dig.out >/dev/null && break
226  sleep 1
227done
228$RNDCCMD 10.53.0.1 zonestatus reload.example >rndc.out.removeinclude 2>&1
229checkfor "files: reload.db$" rndc.out.removeinclude
230
231if [ $ret != 0 ]; then echo_i "failed"; fi
232status=$((status + ret))
233
234echo_i "checking 'rdnc zonestatus' with duplicated zone name"
235ret=0
236$RNDCCMD 10.53.0.1 zonestatus duplicate.example >rndc.out.duplicate 2>&1 && ret=1
237checkfor "zone 'duplicate.example' was found in multiple views" rndc.out.duplicate
238$RNDCCMD 10.53.0.1 zonestatus duplicate.example in primary >rndc.out.duplicate 2>&1 || ret=1
239checkfor "name: duplicate.example" rndc.out.duplicate
240$RNDCCMD 10.53.0.1 zonestatus nosuchzone.example >rndc.out.duplicate 2>&1 && ret=1
241checkfor "no matching zone 'nosuchzone.example' in any view" rndc.out.duplicate
242if [ $ret != 0 ]; then echo_i "failed"; fi
243status=$((status + ret))
244
245echo_i "checking 'rdnc zonestatus' with big serial value"
246ret=0
247$RNDCCMD 10.53.0.1 zonestatus bigserial.example >rndc.out.bigserial 2>&1
248checkfor "serial: 3003113544" rndc.out.bigserial
249if [ $ret != 0 ]; then echo_i "failed"; fi
250status=$((status + ret))
251
252echo_i "exit status: $status"
253[ $status -eq 0 ] || exit 1
254