- sleep 3
- ./clean.sh
- cd ../regression-tests
- - touch verify-dnssec-zone/allow-missing
+ - touch tests/verify-dnssec-zone/allow-missing
- ./start-test-stop 5300 bind-both
- ./start-test-stop 5300 bind-dnssec-both
- ./start-test-stop 5300 bind-dnssec-nsec3-both
# Copy original zones because the test might modify them (well only the dyndns stuff, but let's make this work for others as well)
-for zone in $(grep zone ../../regression-tests/named.conf | cut -f2 -d\")
+for zone in $(grep 'zone ' ../../regression-tests/named.conf | cut -f2 -d\")
do
- if [ -f ../../regression-tests/$zone.orig ]
+ if [ -f ../../regression-tests/zones/$zone.orig ]
then
- cp -f ../../regression-tests/$zone.orig ../../regression-tests/$zone
+ cp -f ../../regression-tests/zones/$zone.orig ../../regression-tests/zones/$zone
fi
done
cd $startdir
[ -e data ] && rm data
-for zone in $(grep zone ../../regression-tests/named.conf | cut -f2 -d\")
+for zone in $(grep 'zone ' ../../regression-tests/named.conf | cut -f2 -d\")
do
$tcpclient 127.0.0.1 5300 $axfrget $zone $zone.out $zone.out.tmp
cat $zone.out >> data
options {
- directory "../regression-tests/";
+ directory "../regression-tests/zones/";
recursion no;
listen-on port 5300 {
127.0.0.1;
#!/usr/bin/env bash
-for zone in `cat ../regression-tests/named.conf | grep zone | cut -f 2 -d \"`
+for zone in `cat ../regression-tests/named.conf | grep 'zone ' | cut -f 2 -d \"`
do
- md5sum ../regression-tests/$zone
+ md5sum ../regression-tests/zones/$zone
done
md5sum ../modules/tinydnsbackend/data.cdb
-4bc48a8d9b8d04b553be67639e5656e8 ../regression-tests/example.com
-4e9eed426f0cd123c08dffb9e715824a ../regression-tests/test.com
-005b3381db2a7dc70b690484f6ab7770 ../regression-tests/test.dyndns
-21213b4e8cd56e4184696a1bafd987d7 ../regression-tests/wtest.com
-42b442de632686e94bde75acf66cf524 ../regression-tests/nztest.com
-6e4ac6e3a6cd717df107a7bc2e466ac7 ../regression-tests/dnssec-parent.com
-6510bf48aa3ca3501b73a1f510852a34 ../regression-tests/delegated.dnssec-parent.com
-a63dc120391d9df0003f2ec4f461a6af ../regression-tests/secure-delegated.dnssec-parent.com
-24514dc104b22206daeb973ff9303545 ../regression-tests/minimal.com
-0b20d7a0250576451135483b863750bf ../regression-tests/tsig.com
-b1f775045fa2cf0a3b91aa834af06e49 ../regression-tests/stest.com
+4bc48a8d9b8d04b553be67639e5656e8 ../regression-tests/zones/example.com
+4e9eed426f0cd123c08dffb9e715824a ../regression-tests/zones/test.com
+005b3381db2a7dc70b690484f6ab7770 ../regression-tests/zones/test.dyndns
+21213b4e8cd56e4184696a1bafd987d7 ../regression-tests/zones/wtest.com
+42b442de632686e94bde75acf66cf524 ../regression-tests/zones/nztest.com
+6e4ac6e3a6cd717df107a7bc2e466ac7 ../regression-tests/zones/dnssec-parent.com
+6510bf48aa3ca3501b73a1f510852a34 ../regression-tests/zones/delegated.dnssec-parent.com
+a63dc120391d9df0003f2ec4f461a6af ../regression-tests/zones/secure-delegated.dnssec-parent.com
+24514dc104b22206daeb973ff9303545 ../regression-tests/zones/minimal.com
+0b20d7a0250576451135483b863750bf ../regression-tests/zones/tsig.com
+b1f775045fa2cf0a3b91aa834af06e49 ../regression-tests/zones/stest.com
80927ffb754402270483d06c0ebeaaad ../modules/tinydnsbackend/data.cdb
-diff
-real_result
-*.out
/*.xml
/*.tar
/K*
/*.controlsocket
/pdns-*.conf
/*.sqlite3*
-/*.com-slave
-/*.dyndns-slave
/named-slave.conf
-*/start
-*/step.*
-/test.dyndns
/bulktest.results
/recursor-bulktest/
/recursor.log
/report.json
/nsd.*
/nsd-slave.*
-/*.nsd
-/ixfr*.db
-/ixfr*.state
-/*.signed
-/*.bind
/dsset-*
/bind.conf
/bind-slave.conf
--- /dev/null
+case $context in
+ bind)
+ $RUNWRAPPER $PDNS --daemon=no --local-port=$port --socket-dir=./ \
+ --no-shuffle --launch=bind --bind-config=./named.conf \
+ --send-root-referral \
+ --allow-2136-from=127.0.0.0/8 --experimental-rfc2136=yes \
+ --cache-ttl=$cachettl --no-config \
+ --bind-ignore-broken-records=yes &
+ skipreasons="nodnssec nodyndns"
+ bindwait
+ ;;
+
+ bind-dnssec | bind-dnssec-nsec3 | bind-dnssec-nsec3-optout | bind-dnssec-nsec3-narrow)
+ rm -f dnssec.sqlite3
+ ../pdns/pdnssec --config-dir=. create-bind-db dnssec.sqlite3
+
+ for zone in $(grep 'zone ' named.conf | cut -f2 -d\")
+ do
+ securezone $zone
+ if [ $context = bind-dnssec-nsec3 ] || [ $context = bind-dnssec-nsec3-optout ]
+ then
+ ../pdns/pdnssec --config-dir=. set-nsec3 $zone "1 $optout 1 abcd" 2>&1
+ elif [ $context = bind-dnssec-nsec3-narrow ]
+ then
+ ../pdns/pdnssec --config-dir=. set-nsec3 $zone '1 1 1 abcd' narrow 2>&1
+ fi
+ done
+
+ if [ $context = bind-dnssec-nsec3 ]
+ then
+ extracontexts="bind dnssec nsec3"
+ skipreasons="nsec3 nodyndns"
+ elif [ $context = bind-dnssec-nsec3-optout ]
+ then
+ extracontexts="bind dnssec nsec3 nsec3-optout"
+ skipreasons="optout nodyndns"
+ elif [ $context = bind-dnssec-nsec3-narrow ]
+ then
+ extracontexts="bind dnssec narrow"
+ skipreasons="narrow nodyndns"
+ else
+ extracontexts="bind dnssec"
+ skipreasons="nodyndns"
+ fi
+
+ ../pdns/pdnssec --config-dir=. import-tsig-key test $ALGORITHM $KEY
+ ../pdns/pdnssec --config-dir=. activate-tsig-key tsig.com test master
+
+ $RUNWRAPPER $PDNS --daemon=no --local-port=$port --socket-dir=./ \
+ --no-shuffle --launch=bind --bind-config=./named.conf \
+ --bind-dnssec-db=./dnssec.sqlite3 \
+ --send-root-referral \
+ --allow-2136-from=127.0.0.0/8 --experimental-rfc2136=yes --direct-dnskey=yes \
+ --cache-ttl=$cachettl --no-config \
+ --bind-ignore-broken-records=yes $lua_prequery &
+ bindwait
+ ;;
+
+ *)
+ nocontext=yes
+esac
--- /dev/null
+ context=${context}-presigned
+ sed -e 's/type master;/type slave;\n\tmasters { 127.0.0.1:'$port'; };/' -e 's/file "\([^"]\+\)/file "\1-slave/' < named.conf > named-slave.conf
+
+ for zone in $(grep 'zone ' named.conf | cut -f2 -d\")
+ do
+ rm -rf zones/$zone-slave
+ done
+
+ rm -f dnssec-slave.sqlite3
+
+ ../pdns/pdnssec --config-dir=. create-bind-db dnssec-slave.sqlite3
+
+ set +e
+ echo $skipreasons | grep -q nodnssec
+ if [ $? -ne 0 ]
+ then
+ sqlite3 dnssec-slave.sqlite3 "INSERT INTO tsigkeys (name, algorithm,secret) VALUES('test', '$ALGORITHM', '$KEY')"
+ sqlite3 dnssec-slave.sqlite3 "INSERT INTO domainmetadata (domain, kind, content) SELECT 'tsig.com', 'AXFR-MASTER-TSIG', 'test'"
+ echo $skipreasons | grep -q nolua
+ if [ $? -ne 0 ]
+ then
+ sqlite3 dnssec-slave.sqlite3 "INSERT INTO domainmetadata (domain,kind,content) SELECT 'stest.com','AXFR-SOURCE','127.0.0.2'"
+ fi
+ fi
+ set -e
+
+ port=$((port+100))
+
+ $RUNWRAPPER $PDNS2 --daemon=no --local-port=$port --socket-dir=./ \
+ --no-shuffle --launch=bind --bind-config=./named-slave.conf --slave \
+ --send-root-referral --retrieval-threads=1 --config-name=bind-slave \
+ --allow-2136-from=127.0.0.0/8 --experimental-rfc2136=yes \
+ --cache-ttl=$cachettl --no-config --bind-dnssec-db=./dnssec-slave.sqlite3 &
+ echo 'waiting for zones to be loaded'
+ bindwait bind-slave
--- /dev/null
+start_master ()
+{
+ case $context in
+ bind*)
+ source ./backends/bind-master
+ ;;
+
+ gmysql*)
+ source ./backends/gmysql-master
+ ;;
+
+ goracle*)
+ source ./backends/goracle-master
+ ;;
+
+ gpgsql*)
+ source ./backends/gpgsql-master
+ ;;
+
+ gsqlite3*)
+ source ./backends/gsqlite3-master
+ ;;
+
+ mydns*)
+ source ./backends/mydns-master
+ ;;
+
+ opendbx*)
+ source ./backends/opendbx-master
+ ;;
+
+ oracle*)
+ source ./backends/oracle-master
+ ;;
+
+ remote*)
+ source ./backends/remote-master
+ ;;
+
+ tinydns*)
+ source ./backends/tinydns-master
+ ;;
+
+ ext-nsd*)
+ source ./ext/nsd-master
+ ;;
+
+ ext-bind*)
+ source ./ext/bind-master
+ ;;
+
+ *)
+ nocontext=yes
+ esac
+
+ if [ "$nocontext" == "yes" ]
+ then
+ echo unknown context $context
+ : > passed_tests
+ echo 'unknown-context-'"$context" > failed_tests
+ ./toxml $context
+ exit
+ fi
+}
+
+start_slave ()
+{
+ skipreasons="$skipreasons presigned nodyndns"
+
+ case $presignedcontext in
+ bind*)
+ source ./backends/bind-slave
+ ;;
+
+ gmysql*)
+ source ./backends/gmysql-slave
+ ;;
+
+ goracle*)
+ source ./backends/goracle-slave
+ ;;
+
+ gsqlite3*)
+ source ./backends/gsqlite3-slave
+ ;;
+
+
+ ext-bind*)
+ source ./ext/bind-slave
+ ;;
+
+ ext-nsd*)
+ source ./ext/nsd-slave
+ ;;
+
+ *)
+ nocontext=yes
+ esac
+
+ if [ "$nocontext" == "yes" ]
+ then
+ echo unknown presigned context $presignedcontext
+ : > passed_tests
+ echo 'unknown-presigned-context-'"$presignedcontext" > failed_tests
+ ./toxml $context
+ exit
+ fi
+}
--- /dev/null
+case $context in
+ gmysql-nodnssec)
+ [ -z "$GMYSQLDB" ] && GMYSQLDB=pdnstest
+ [ -z "$GMYSQLUSER" ] && GMYSQLUSER=root
+ [ -z "$GMYSQLHOST" ] && GMYSQLHOST=localhost
+ [ -z "$GMYSQLPASSWD" ] && GMYSQLPASSWD=''
+
+ mysqladmin --user="$GMYSQLUSER" --password="$GMYSQLPASSWD" --host="$GMYSQLHOST" --force drop "$GMYSQLDB" \
+ || echo ignoring mysqladmin drop failure
+ mysqladmin --user="$GMYSQLUSER" --password="$GMYSQLPASSWD" --host="$GMYSQLHOST" create "$GMYSQLDB"
+ mysql --user="$GMYSQLUSER" --password="$GMYSQLPASSWD" --host="$GMYSQLHOST" \
+ "$GMYSQLDB" < ../modules/gmysqlbackend/no-dnssec.schema.mysql.sql
+
+ tosql gmysql | mysql --user="$GMYSQLUSER" --password="$GMYSQLPASSWD" --host="$GMYSQLHOST" \
+ "$GMYSQLDB"
+
+ cat > pdns-gmysql.conf << __EOF__
+launch=gmysql
+gmysql-dbname=$GMYSQLDB
+gmysql-user=$GMYSQLUSER
+gmysql-host=$GMYSQLHOST
+gmysql-password=$GMYSQLPASSWD
+__EOF__
+
+ for zone in $(grep 'zone ' named.conf | cut -f2 -d\")
+ do
+ ../pdns/pdnssec --config-dir=. --config-name=gmysql rectify-zone $zone 2>&1
+ done
+
+ $RUNWRAPPER $PDNS --daemon=no --local-port=$port --socket-dir=./ \
+ --no-shuffle --launch=gmysql \
+ --master --send-root-referral \
+ --allow-2136-from=127.0.0.0/8 --experimental-rfc2136=yes --direct-dnskey=yes \
+ --cache-ttl=$cachettl --no-config \
+ --gmysql-dbname="$GMYSQLDB" \
+ --gmysql-user="$GMYSQLUSER" \
+ --gmysql-host="$GMYSQLHOST" \
+ --gmysql-password="$GMYSQLPASSWD" &
+ skipreasons=nodnssec
+ ;;
+
+ gmysql | gmysql-nsec3 | gmysql-nsec3-optout |gmysql-nsec3-narrow)
+ [ -z "$GMYSQLDB" ] && GMYSQLDB=pdnstest
+ [ -z "$GMYSQLUSER" ] && GMYSQLUSER=root
+ [ -z "$GMYSQLHOST" ] && GMYSQLHOST=localhost
+ [ -z "$GMYSQLPASSWD" ] && GMYSQLPASSWD=''
+
+ mysqladmin --user="$GMYSQLUSER" --password="$GMYSQLPASSWD" --host="$GMYSQLHOST" --force drop "$GMYSQLDB" \
+ || echo ignoring mysqladmin drop failure
+ mysqladmin --user="$GMYSQLUSER" --password="$GMYSQLPASSWD" --host="$GMYSQLHOST" create "$GMYSQLDB"
+ mysql --user="$GMYSQLUSER" --password="$GMYSQLPASSWD" --host="$GMYSQLHOST" \
+ "$GMYSQLDB" < ../modules/gmysqlbackend/no-dnssec.schema.mysql.sql
+ mysql --user="$GMYSQLUSER" --password="$GMYSQLPASSWD" --host="$GMYSQLHOST" \
+ "$GMYSQLDB" < ../modules/gmysqlbackend/dnssec.schema.mysql.sql
+
+ tosql gmysql | mysql --user="$GMYSQLUSER" --password="$GMYSQLPASSWD" --host="$GMYSQLHOST" \
+ "$GMYSQLDB"
+
+ cat > pdns-gmysql.conf << __EOF__
+launch=gmysql
+gmysql-dbname=$GMYSQLDB
+gmysql-user=$GMYSQLUSER
+gmysql-host=$GMYSQLHOST
+gmysql-password=$GMYSQLPASSWD
+gmysql-dnssec
+__EOF__
+ for zone in $(grep 'zone ' named.conf | cut -f2 -d\")
+ do
+ securezone $zone gmysql
+ if [ $context = gmysql-nsec3 ] || [ $context = gmysql-nsec3-optout ]
+ then
+ ../pdns/pdnssec --config-dir=. --config-name=gmysql set-nsec3 $zone "1 $optout 1 abcd" 2>&1
+ ../pdns/pdnssec --config-dir=. --config-name=gmysql rectify-zone $zone 2>&1
+ elif [ $context = gmysql-nsec3-narrow ]
+ then
+ ../pdns/pdnssec --config-dir=. --config-name=gmysql set-nsec3 $zone '1 1 1 abcd' narrow 2>&1
+ ../pdns/pdnssec --config-dir=. --config-name=gmysql rectify-zone $zone 2>&1
+ fi
+ done
+
+ ../pdns/pdnssec --config-dir=. --config-name=gmysql import-tsig-key test $ALGORITHM $KEY
+ ../pdns/pdnssec --config-dir=. --config-name=gmysql activate-tsig-key tsig.com test master
+
+ $RUNWRAPPER $PDNS --daemon=no --local-port=$port --socket-dir=./ \
+ --no-shuffle --launch --launch+=random --launch+=gmysql --launch+=random --gmysql-dnssec \
+ --send-root-referral \
+ --allow-2136-from=127.0.0.0/8 --experimental-rfc2136=yes --direct-dnskey=yes \
+ --cache-ttl=$cachettl --no-config \
+ --gmysql-dbname="$GMYSQLDB" \
+ --gmysql-user="$GMYSQLUSER" \
+ --gmysql-host="$GMYSQLHOST" \
+ --gmysql-password="$GMYSQLPASSWD" $lua_prequery &
+ if [ $context = gmysql-nsec3 ]
+ then
+ extracontexts="dnssec nsec3"
+ skipreasons="nsec3"
+ elif [ $context = gmysql-nsec3-optout ]
+ then
+ extracontexts="dnssec nsec3 nsec3-optout"
+ skipreasons="optout"
+ elif [ $context = gmysql-nsec3-narrow ]
+ then
+ extracontexts="dnssec narrow"
+ skipreasons="narrow"
+ else
+ extracontexts="dnssec"
+ fi
+ ;;
+
+ *)
+ nocontext=yes
+esac
--- /dev/null
+ context=${context}-presigned
+ [ -z "$GMYSQL2DB" ] && GMYSQL2DB=pdnstest2
+ [ -z "$GMYSQL2USER" ] && GMYSQL2USER=root
+ [ -z "$GMYSQL2HOST" ] && GMYSQL2HOST=localhost
+ [ -z "$GMYSQL2PASSWD" ] && GMYSQL2PASSWD=''
+
+ mysqladmin --user="$GMYSQL2USER" --password="$GMYSQL2PASSWD" --host="$GMYSQL2HOST" --force drop "$GMYSQL2DB" \
+ || echo ignoring mysqladmin drop failure
+ mysqladmin --user="$GMYSQL2USER" --password="$GMYSQL2PASSWD" --host="$GMYSQL2HOST" create "$GMYSQL2DB"
+ mysql --user="$GMYSQL2USER" --password="$GMYSQL2PASSWD" --host="$GMYSQL2HOST" \
+ "$GMYSQL2DB" < ../modules/gmysqlbackend/no-dnssec.schema.mysql.sql
+ mysql --user="$GMYSQL2USER" --password="$GMYSQL2PASSWD" --host="$GMYSQL2HOST" \
+ "$GMYSQL2DB" < ../modules/gmysqlbackend/dnssec.schema.mysql.sql
+
+ for zone in $(grep 'zone ' named.conf | cut -f2 -d\" | tac)
+ do
+ mysql --user="$GMYSQL2USER" --password="$GMYSQL2PASSWD" --host="$GMYSQL2HOST" \
+ "$GMYSQL2DB" \
+ -e "INSERT INTO domains (name, type, master) VALUES('$zone','SLAVE','127.0.0.1:$port')"
+ done
+
+ set +e
+ echo $skipreasons | grep -q nodnssec
+ if [ $? -ne 0 ]
+ then
+ mysql --user="$GMYSQL2USER" --password="$GMYSQL2PASSWD" --host="$GMYSQL2HOST" "$GMYSQL2DB" \
+ -e "INSERT INTO tsigkeys (name, algorithm,secret) VALUES('test', '$ALGORITHM', '$KEY')"
+ mysql --user="$GMYSQL2USER" --password="$GMYSQL2PASSWD" --host="$GMYSQL2HOST" "$GMYSQL2DB" \
+ -e "INSERT INTO domainmetadata (domain_id, kind, content) SELECT id, 'AXFR-MASTER-TSIG', 'test' FROM domains WHERE name = 'tsig.com'"
+ echo $skipreasons | grep -q nolua
+ if [ $? -ne 0 ]
+ then
+ mysql --user="$GMYSQL2USER" --password="$GMYSQL2PASSWD" --host="$GMYSQL2HOST" "$GMYSQL2DB" \
+ -e "INSERT INTO domainmetadata (domain_id,kind,content) SELECT id,'AXFR-SOURCE','127.0.0.2' FROM domains WHERE name = 'stest.com'"
+ fi
+ fi
+ set -e
+
+ port=$((port+100))
+
+ $RUNWRAPPER $PDNS2 --daemon=no --local-port=$port --socket-dir=./ \
+ --no-shuffle --launch=gmysql --gmysql-dnssec \
+ --send-root-referral \
+ --allow-2136-from=127.0.0.0/8 --experimental-rfc2136=yes \
+ --cache-ttl=$cachettl --query-cache-ttl=$cachettl --no-config --slave --retrieval-threads=4 \
+ --gmysql-dbname="$GMYSQL2DB" \
+ --gmysql-user="$GMYSQL2USER" \
+ --gmysql-host="$GMYSQL2HOST" \
+ --gmysql-password="$GMYSQL2PASSWD" \
+ --config-name=gmysql2 &
+ echo 'waiting for zones to be slaved'
+ loopcount=0
+ while [ $loopcount -lt 20 ]
+ do
+ sleep 5
+ todo=$(mysql --user="$GMYSQL2USER" --password="$GMYSQL2PASSWD" --host="$GMYSQl2HOST" \
+ "$GMYSQL2DB" -ss -e 'SELECT COUNT(id) FROM domains WHERE last_check IS NULL')
+ if [ $todo = 0 ]
+ then
+ break
+ fi
+ let loopcount=loopcount+1
+ done
+ if [ $todo -ne 0 ]
+ then
+ echo "AXFR FAILED" >> failed_tests
+ fi
--- /dev/null
+case $context in
+ goracle-nodnssec | goracle | goracle-nsec3 | goracle-nsec3-optout)
+ [ -z "$GORACLEUSER" ] && GORACLEUSER=pdns
+ [ -z "$GORACLEPASSWD" ] && GORACLEPASSWD=pdns
+
+ echo "START ../modules/goraclebackend/goracle-drop-schema;" | sqlplus -S $GORACLEUSER/$GORACLEPASSWD@xe > goracle.log
+ echo "START ../modules/goraclebackend/goracle-schema;" | sqlplus -S $GORACLEUSER/$GORACLEPASSWD@xe >> goracle.log
+ tosql goracle | sqlplus -S $GORACLEUSER/$GORACLEPASSWD@xe >> goracle.log
+
+ cat > pdns-goracle.conf << __EOF__
+launch=goracle
+goracle-home=$ORACLE_HOME
+goracle-sid=$ORACLE_SID
+goracle-nls-lang=$NLS_LANG
+
+goracle-tnsname=xe
+goracle-user=$GORACLEUSER
+goracle-password=$GORACLEPASSWD
+__EOF__
+
+ if [ $context != goracle-nodnssec ]
+ then
+ echo "goracle-dnssec" >> pdns-goracle.conf
+ ../pdns/pdnssec --config-dir=. --config-name=goracle import-tsig-key test $ALGORITHM $KEY
+ ../pdns/pdnssec --config-dir=. --config-name=goracle activate-tsig-key tsig.com test master
+ fi
+
+ for zone in $(grep 'zone ' named.conf | cut -f2 -d\")
+ do
+ if [ $context != goracle-nodnssec ]
+ then
+ securezone $zone goracle
+ if [ $context = goracle-nsec3 ] || [ $context = goracle-nsec3-optout ]
+ then
+ ../pdns/pdnssec --config-dir=. --config-name=goracle set-nsec3 $zone "1 $optout 1 abcd" 2>&1
+ ../pdns/pdnssec --config-dir=. --config-name=goracle rectify-zone $zone 2>&1
+ fi
+ else
+ ../pdns/pdnssec --config-dir=. --config-name=goracle rectify-zone $zone 2>&1
+ fi
+ done
+
+ $RUNWRAPPER $PDNS --daemon=no --local-port=$port --config-dir=. \
+ --config-name=goracle --socket-dir=./ --no-shuffle \
+ --send-root-referral \
+ --allow-2136-from=127.0.0.0/8 --experimental-rfc2136=yes \
+ --cache-ttl=$cachettl $lua_prequery &
+
+ skipreasons="nodyndns"
+ if [ $context = goracle-nsec3 ]
+ then
+ extracontexts="dnssec nsec3"
+ elif [ $context = goracle-nsec3-optout ]
+ then
+ extracontexts="dnssec nsec3 nsec3-optout"
+ elif [ $context = goracle-nodnssec ]
+ then
+ skipreasons="nodnssec nodyndns"
+ else
+ extracontexts="dnssec"
+ fi
+ ;;
+
+ *)
+ nocontext=yes
+esac
--- /dev/null
+ context=${context}-presigned
+ [ -z "$GORACLE2USER" ] && GORACLE2USER=pdns2
+ [ -z "$GORACLE2PASSWD" ] && GORACLE2PASSWD=pdns
+
+ echo "START ../modules/goraclebackend/goracle-drop-schema;" | sqlplus -S $GORACLE2USER/$GORACLE2PASSWD@xe > goracle2.log
+ echo "START ../modules/goraclebackend/goracle-schema;" | sqlplus -S $GORACLE2USER/$GORACLE2PASSWD@xe >> goracle2.log
+
+ cat > pdns-goracle2.conf << __EOF__
+launch=goracle
+goracle-home=$ORACLE_HOME
+goracle-sid=$ORACLE_SID
+goracle-nls-lang=$NLS_LANG
+
+goracle-tnsname=xe
+goracle-user=$GORACLE2USER
+goracle-password=$GORACLE2PASSWD
+goracle-dnssec
+__EOF__
+
+ for zone in $(grep 'zone ' named.conf | cut -f2 -d\" | tac)
+ do
+ echo "INSERT INTO domains (id, name, type, master) VALUES(domains_id_sequence.nextval, '$zone', 'SLAVE', '127.0.0.1:$port');" | sqlplus -S $GORACLE2USER/$GORACLE2PASSWD@xe >> goracle2.log
+ done
+
+ set +e
+ echo $skipreasons | grep -q nodnssec
+ if [ $? -ne 0 ]
+ then
+ ../pdns/pdnssec --config-dir=. --config-name=goracle2 import-tsig-key test $ALGORITHM $KEY
+ ../pdns/pdnssec --config-dir=. --config-name=goracle2 activate-tsig-key tsig.com test master
+ echo $skipreasons | grep -q nolua
+ if [ $? -ne 0 ]
+ then
+ ../pdns/pdnssec --config-dir=. --config-name=goracle2 set-meta stest.com AXFR-SOURCE 127.0.0.2
+ fi
+ fi
+ set -e
+
+ port=$((port+100))
+
+ $RUNWRAPPER $PDNS2 --daemon=no --local-port=$port --config-dir=. \
+ --config-name=goracle2 --socket-dir=./ --no-shuffle \
+ --send-root-referral --slave --retrieval-threads=4 \
+ --slave-cycle-interval=300 --config-name=goracle2 &
+ echo 'waiting for zones to be slaved'
+
+ loopcount=0
+ while [ $loopcount -lt 40 ]
+ do
+ sleep 5
+ todo=$(sqlplus -S $GORACLE2USER/$GORACLE2PASSWD@xe << __EOF__
+set pagesize 0 feedback off verify off heading off echo off;
+SELECT COUNT(id) FROM domains WHERE last_check IS NULL;
+exit;
+__EOF__
+)
+ if [ $todo = 0 ]
+ then
+ break
+ fi
+ let loopcount=loopcount+1
+ done
+ if [ $todo -ne 0 ]
+ then
+ echo "AXFR FAILED" >> failed_tests
+ fi
--- /dev/null
+case $context in
+ gpgsql-nodnssec)
+ [ -z "$GPGSQLDB" ] && GPGSQLDB=pdnstest
+ [ -z "$GPGSQLUSER" ] && GPGSQLUSER=$(whoami)
+
+ dropdb --user="$GPGSQLUSER" "$GPGSQLDB" || echo ignoring mysqladmin drop failure
+ createdb --user="$GPGSQLUSER" "$GPGSQLDB" || echo ignoring mysqladmin drop failure
+ psql --user="$GPGSQLUSER" "$GPGSQLDB" < ../modules/gpgsqlbackend/no-dnssec.schema.pgsql.sql
+
+ tosql gpgsql | psql --user="$GPGSQLUSER" "$GPGSQLDB" 2>&1 | uniq -c
+
+ cat > pdns-gpgsql.conf << __EOF__
+launch=gpgsql
+gpgsql-dbname=$GPGSQLDB
+gpgsql-user=$GPGSQLUSER
+__EOF__
+
+ for zone in $(grep 'zone ' named.conf | cut -f2 -d\")
+ do
+ ../pdns/pdnssec --config-dir=. --config-name=gpgsql rectify-zone $zone 2>&1
+ done
+
+ $RUNWRAPPER $PDNS --daemon=no --local-port=$port --socket-dir=./ \
+ --no-shuffle --launch=gpgsql \
+ --send-root-referral \
+ --allow-2136-from=127.0.0.0/8 --experimental-rfc2136=yes \
+ --cache-ttl=$cachettl --no-config \
+ --gpgsql-dbname="$GPGSQLDB" \
+ --gpgsql-user="$GPGSQLUSER" &
+ skipreasons="nodnssec nodyndns"
+ ;;
+
+
+ gpgsql | gpgsql-nsec3 | gpgsql-nsec3-optout)
+ [ -z "$GPGSQLDB" ] && GPGSQLDB=pdnstest
+ [ -z "$GPGSQLUSER" ] && GPGSQLUSER=$(whoami)
+
+ dropdb --user="$GPGSQLUSER" "$GPGSQLDB" || echo ignoring dropdb failure
+ createdb --user="$GPGSQLUSER" "$GPGSQLDB" || echo ignoring createdb failure # FIXME
+ psql --user="$GPGSQLUSER" "$GPGSQLDB" < ../modules/gpgsqlbackend/no-dnssec.schema.pgsql.sql
+ psql --user="$GPGSQLUSER" "$GPGSQLDB" < ../modules/gpgsqlbackend/dnssec.schema.pgsql.sql
+
+ tosql gpgsql | psql --user="$GPGSQLUSER" "$GPGSQLDB" 2>&1 | uniq -c
+
+ cat > pdns-gpgsql.conf << __EOF__
+launch=gpgsql
+gpgsql-dbname=$GPGSQLDB
+gpgsql-user=$GPGSQLUSER
+gpgsql-dnssec
+__EOF__
+ for zone in $(grep 'zone ' named.conf | cut -f2 -d\")
+ do
+ securezone $zone gpgsql
+ if [ $context = gpgsql-nsec3 ] || [ $context = gpgsql-nsec3-optout ]
+ then
+ ../pdns/pdnssec --config-dir=. --config-name=gpgsql set-nsec3 $zone "1 $optout 1 abcd" 2>&1
+ ../pdns/pdnssec --config-dir=. --config-name=gpgsql rectify-zone $zone 2>&1
+ fi
+ done
+
+ ../pdns/pdnssec --config-dir=. --config-name=gpgsql import-tsig-key test $ALGORITHM $KEY
+ ../pdns/pdnssec --config-dir=. --config-name=gpgsql activate-tsig-key tsig.com test master
+
+ $RUNWRAPPER $PDNS --daemon=no --local-port=$port --socket-dir=./ \
+ --no-shuffle --launch=gpgsql --gpgsql-dnssec \
+ --send-root-referral \
+ --allow-2136-from=127.0.0.0/8 --experimental-rfc2136=yes \
+ --cache-ttl=$cachettl --no-config \
+ --gpgsql-dbname="$GPGSQLDB" \
+ --gpgsql-user="$GPGSQLUSER" $lua_prequery &
+ if [ $context = gpgsql-nsec3 ]
+ then
+ extracontexts="dnssec nsec3"
+ elif [ $context = gpgsql-nsec3-optout ]
+ then
+ extracontexts="dnssec nsec3 nsec3-optout"
+ elif [ $context = gpgsql-nsec3-narrow ]
+ then
+ extracontexts="dnssec narrow"
+ else
+ extracontexts="dnssec"
+ fi
+ skipreasons="nodyndns"
+ ;;
+
+ *)
+ nocontext=yes
+esac
--- /dev/null
+case $context in
+ gsqlite3-nodnssec)
+ rm -f pdns.sqlite3
+ sqlite3 pdns.sqlite3 < ../modules/gsqlite3backend/no-dnssec.schema.sqlite3.sql
+ tosql gsqlite | sqlite3 pdns.sqlite3
+ echo ANALYZE\; | sqlite3 pdns.sqlite3
+
+ cat > pdns-gsqlite3.conf << __EOF__
+launch=gsqlite3
+gsqlite3-database=pdns.sqlite3
+__EOF__
+ for zone in $(grep 'zone ' named.conf | cut -f2 -d\")
+ do
+ ../pdns/pdnssec --config-dir=. --config-name=gsqlite3 rectify-zone $zone 2>&1
+ done
+
+ $RUNWRAPPER $PDNS --daemon=no --local-port=$port --socket-dir=./ \
+ --no-shuffle --launch=gsqlite3 \
+ --send-root-referral \
+ --allow-2136-from=127.0.0.0/8 --experimental-rfc2136=yes \
+ --cache-ttl=$cachettl --no-config \
+ --gsqlite3-database=pdns.sqlite3 &
+ skipreasons="nodnssec nodyndns"
+ ;;
+
+ gsqlite3 | gsqlite3-nsec3 | gsqlite3-nsec3-optout)
+ rm -f pdns.sqlite3
+ sqlite3 pdns.sqlite3 < ../modules/gsqlite3backend/no-dnssec.schema.sqlite3.sql
+ sqlite3 pdns.sqlite3 < ../modules/gsqlite3backend/dnssec.schema.sqlite3.sql
+ tosql gsqlite | sqlite3 pdns.sqlite3
+ echo ANALYZE\; | sqlite3 pdns.sqlite3
+
+ cat > pdns-gsqlite3.conf << __EOF__
+launch=gsqlite3
+gsqlite3-database=pdns.sqlite3
+gsqlite3-dnssec
+__EOF__
+ for zone in $(grep 'zone ' named.conf | cut -f2 -d\")
+ do
+ securezone $zone gsqlite3
+ if [ $context = gsqlite3-nsec3 ] || [ $context = gsqlite3-nsec3-optout ]
+ then
+ ../pdns/pdnssec --config-dir=. --config-name=gsqlite3 set-nsec3 $zone "1 $optout 1 abcd" 2>&1
+ ../pdns/pdnssec --config-dir=. --config-name=gsqlite3 rectify-zone $zone 2>&1
+ fi
+ done
+
+ ../pdns/pdnssec --config-dir=. --config-name=gsqlite3 import-tsig-key test $ALGORITHM $KEY
+ ../pdns/pdnssec --config-dir=. --config-name=gsqlite3 activate-tsig-key tsig.com test master
+
+ $RUNWRAPPER $PDNS --daemon=no --local-port=$port --socket-dir=./ \
+ --no-shuffle --launch=gsqlite3 --gsqlite3-dnssec \
+ --send-root-referral \
+ --allow-2136-from=127.0.0.0/8 --experimental-rfc2136=yes \
+ --cache-ttl=$cachettl --no-config \
+ --gsqlite3-database=pdns.sqlite3 $lua_prequery &
+ if [ $context = gsqlite3-nsec3 ]
+ then
+ extracontexts="dnssec nsec3"
+ elif [ $context = gsqlite3-nsec3-optout ]
+ then
+ extracontexts="dnssec nsec3 nsec3-optout"
+ else
+ extracontexts="dnssec"
+ fi
+ skipreasons="nodyndns"
+ ;;
+
+ *)
+ nocontext=yes
+esac
--- /dev/null
+ context=${context}-presigned
+ rm -f pdns.sqlite31
+ sqlite3 pdns.sqlite31 < ../modules/gsqlite3backend/no-dnssec.schema.sqlite3.sql
+ sqlite3 pdns.sqlite31 < ../modules/gsqlite3backend/dnssec.schema.sqlite3.sql
+
+ for zone in $(grep 'zone ' named.conf | cut -f2 -d\" | tac)
+ do
+ sqlite3 pdns.sqlite31 "INSERT INTO domains (name, type, master) VALUES('$zone','SLAVE','127.0.0.1:$port');"
+ done
+
+ set +e
+ echo $skipreasons | grep -q nodnssec
+ if [ $? -ne 0 ]
+ then
+ sqlite3 pdns.sqlite31 "INSERT INTO tsigkeys (name,algorithm,secret) VALUES('test','$ALGORITHM', '$KEY')"
+ sqlite3 pdns.sqlite31 "INSERT INTO domainmetadata (domain_id, kind, content) SELECT id, 'AXFR-MASTER-TSIG', 'test' FROM domains WHERE name = 'tsig.com'"
+ echo $skipreasons | grep -q nolua
+ if [ $? -ne 0 ]
+ then
+ sqlite3 pdns.sqlite31 "INSERT INTO domainmetadata (domain_id,kind,content) SELECT id,'AXFR-SOURCE','127.0.0.2' FROM domains WHERE name = 'stest.com'"
+ fi
+ fi
+ set -e
+
+ port=$((port+100))
+
+ $RUNWRAPPER $PDNS2 --daemon=no --local-port=$port --socket-dir=./ \
+ --no-shuffle --launch=gsqlite3 --gsqlite3-dnssec \
+ --fancy-records --send-root-referral \
+ --cache-ttl=0 --query-cache-ttl=0 --no-config --slave --retrieval-threads=4 \
+ --gsqlite3-database=pdns.sqlite31 --gsqlite3-pragma-synchronous=0 \
+ --config-name=gsqlite32 |& egrep -v "update records set ordername|insert into records" &
+ echo 'waiting for zones to be slaved'
+ set +e
+ loopcount=0
+ while [ $loopcount -lt 20 ]
+ do
+ sleep 5
+ todo=$(sqlite3 pdns.sqlite31 'SELECT COUNT(id) FROM domains WHERE last_check IS NULL')
+ if [ $todo -eq 0 ]
+ then
+ if [ $todo = 0 ]
+ then
+ break
+ fi
+ fi
+ let loopcount=loopcount+1
+ done
+ if [ $todo -ne 0 ]
+ then
+ echo "AXFR FAILED" >> failed_tests
+ fi
+ set -e
+ sqlite3 pdns.sqlite31 ANALYZE;
--- /dev/null
+case $context in
+ mydns)
+ [ -z "$MYDNSDB" ] && MYDNSDB=pdnstest
+ [ -z "$MYDNSUSER" ] && MYDNSUSER=root
+ [ -z "$MYDNSHOST" ] && MYDNSHOST=localhost
+ [ -z "$MYDNSPASSWD" ] && MYDNSPASSWD=''
+
+ mysqladmin --user="$MYDNSUSER" --password="$MYDNSPASSWD" --host="$MYDNSHOST" --force drop "$MYDNSDB" \
+ || echo ignoring mysqladmin drop failure
+ mysqladmin --user="$MYDNSUSER" --password="$MYDNSPASSWD" --host="$MYDNSHOST" create "$MYDNSDB"
+ mysql --user="$MYDNSUSER" --password="$MYDNSPASSWD" --host="$MYDNSHOST" \
+ "$MYDNSDB" < ../modules/mydnsbackend/schema.sql
+
+ tosql mydns | grep -v 'double\.example\.com' | mysql --user="$MYDNSUSER" --password="$MYDNSPASSWD" --host="$MYDNSHOST" \
+ "$MYDNSDB"
+
+ cat > pdns-mydns.conf << __EOF__
+launch=mydns
+mydns-dbname=$MYDNSDB
+mydns-user=$MYDNSUSER
+mydns-host=$MYDNSHOST
+mydns-password=$MYDNSPASSWD
+__EOF__
+ $RUNWRAPPER $PDNS --daemon=no --local-port=$port --socket-dir=./ \
+ --no-shuffle --launch=mydns \
+ --master --send-root-referral \
+ --cache-ttl=0 --no-config \
+ --mydns-rr-active=no --mydns-soa-active=no --mydns-use-minimal-ttl=no \
+ --mydns-dbname="$MYDNSDB" \
+ --mydns-user="$MYDNSUSER" \
+ --mydns-host="$MYDNSHOST" \
+ --mydns-password="$MYDNSPASSWD" &
+ skipreasons="nodnssec noent nodyndns"
+ ;;
+
+ *)
+ nocontext=yes
+esac
--- /dev/null
+case $context in
+ opendbx-sqlite3)
+ rm -f pdns-opendbx.sqlite3
+ sqlite3 pdns-opendbx.sqlite3 < ../modules/gsqlite3backend/no-dnssec.schema.sqlite3.sql
+ tosql gsqlite | sqlite3 pdns-opendbx.sqlite3
+ sqlite3 pdns-opendbx.sqlite3 "ALTER TABLE domains ADD status CHARACTER(1) NOT NULL DEFAULT 'A'; \
+ ALTER TABLE domains ADD auto_serial INTEGER DEFAULT 0;"
+ echo ANALYZE\; | sqlite3 pdns-opendbx.sqlite3
+
+ $RUNWRAPPER $PDNS --daemon=no --local-port=$port --socket-dir=./ \
+ --no-shuffle --launch=opendbx \
+ --send-root-referral \
+ --cache-ttl=$cachettl --no-config \
+ --opendbx-backend=sqlite3 --opendbx-host-read=./ --opendbx-host-write=./ \
+ --opendbx-database=pdns-opendbx.sqlite3 &
+ skipreasons="nodnssec noent nodyndns"
+ ;;
+
+ *)
+ nocontext=yes
+esac
--- /dev/null
+case $context in
+ oracle-nodnssec | oracle | oracle-nsec3)
+ [ -z "$ORACLEUSER" ] && ORACLEUSER=pdns
+ [ -z "$ORACLEPASSWD" ] && ORACLEPASSWD=pdns
+
+ echo "START ../modules/oraclebackend/dropschema;" | sqlplus -S $ORACLEUSER/$ORACLEPASSWD@xe > oracle.log
+ echo "START ../modules/oraclebackend/schema;" | sqlplus -S $ORACLEUSER/$ORACLEPASSWD@xe >> oracle.log
+ ../pdns/zone2sql --oracle | grep -v 'INSERT INTO Records' | sqlplus -S $ORACLEUSER/$ORACLEPASSWD@xe >> oracle.log
+ ../pdns/zone2sql --oracle | grep " 'SOA', " | sqlplus -S $ORACLEUSER/$ORACLEPASSWD@xe >> oracle.log
+
+ cat > pdns-oracle.conf << __EOF__
+launch=oracle
+oracle-home=$ORACLE_HOME
+oracle-sid=$ORACLE_SID
+oracle-nls-lang=$NLS_LANG
+
+oracle-pool-database=xe
+oracle-pool-username=$ORACLEUSER
+oracle-pool-password=$ORACLEPASSWD
+oracle-master-database=xe
+oracle-master-username=$ORACLEUSER
+oracle-master-password=$ORACLEPASSWD
+__EOF__
+
+ if [ $context != oracle-nodnssec ]
+ then
+ echo "oracle-dnssec" >> pdns-oracle.conf
+ ../pdns/pdnssec --config-dir=. --config-name=oracle import-tsig-key test $ALGORITHM $KEY
+ ../pdns/pdnssec --config-dir=. --config-name=oracle activate-tsig-key tsig.com test master
+ fi
+
+ if [ $context != oracle-nodnssec ]
+ then
+ for zone in $(grep 'zone ' named.conf | cut -f2 -d\")
+ do
+ securezone $zone oracle
+ if [ $context = oracle-nsec3 ]
+ then
+ ../pdns/pdnssec --config-dir=. --config-name=oracle set-nsec3 $zone "1 0 1 abcd" 2>&1
+ fi
+ done
+ fi
+
+ echo "TRUNCATE TABLE records;" | sqlplus -S $ORACLEUSER/$ORACLEPASSWD@xe >> oracle.log
+ ../pdns/zone2sql --oracle | grep -v 'INSERT INTO Zones' | sqlplus -S $ORACLEUSER/$ORACLEPASSWD@xe >> oracle.log
+
+ $RUNWRAPPER $PDNS --daemon=no --local-port=$port --config-dir=. \
+ --config-name=oracle --socket-dir=./ --no-shuffle \
+ --send-root-referral --query-logging \
+ --cache-ttl=$cachettl $lua_prequery &
+
+ if [ $context = oracle-nsec3 ]
+ then
+ skipreasons="nodyndns oracle-nsec3"
+ extracontexts="dnssec nsec3"
+ elif [ $context = oracle-nodnssec ]
+ then
+ skipreasons="nodyndns nodnssec"
+ else
+ skipreasons="nodyndns oracle-nsec"
+ extracontexts="dnssec"
+ fi
+ skipreasons="$skipreasons noent" # TODO add ent support to oracle backend
+ ;;
+
+ *)
+ nocontext=yes
+esac
--- /dev/null
+case $context in
+ remotebackend-*)
+ remotetype=$(echo $context | cut -d- -f 2)
+ remotesec=$(echo $context | cut -d- -f 3)
+ narrow=$(echo $context | cut -d- -f 4)
+ testsdir=../modules/remotebackend/regression-tests/
+
+ # cleanup unbound-host.conf to avoid failures
+ rm -f unbound-host.conf
+
+ echo "Setting up test database..."
+ # setup test database
+ rm -f $testsdir/remote.sqlite3
+ sqlite3 $testsdir/remote.sqlite3 < $testsdir/test-schema.sql
+ chmod 0666 $testsdir/remote.sqlite3
+
+ case $remotetype in
+ http)
+ connstr="http:url=http://localhost:62434/dns"
+ rm -f remotebackend-server.log
+ rm -f remotebackend-access.log
+ $testsdir/http-backend.rb &
+ echo $! > pdns-remotebackend.pid
+ set +e
+ # make sure it runs before continuing
+ loopcount=0
+ while [ $loopcount -lt 20 ]; do
+ res=$(curl http://localhost:62434/ping 2>/dev/null)
+ if [ "x$res" == "xpong" ]
+ then
+ break
+ fi
+ sleep 1
+ let loopcount=loopcount+1
+ done
+ set -e
+ ;;
+ zeromq)
+ connstr="zeromq:endpoint=ipc:///tmp/pdns.0"
+ $testsdir/zeromq-backend.rb &
+ echo $! > pdns-remotebackend.pid
+ ;;
+ unix)
+ connstr="unix:path=/tmp/remote.socket"
+ socat unix-listen:/tmp/remote.socket,fork exec:$testsdir/unix-backend.rb &
+ echo $! > pdns-remotebackend.pid
+ ;;
+ pipe)
+ connstr="pipe:command=$testsdir/pipe-backend.rb"
+ ;;
+ *)
+ echo "Invalid usage"
+ exit
+ ;;
+ esac
+
+ skipreasons="nodnssec nodyndns"
+
+ if [ "$remotesec" = "nsec3" ]
+ then
+ remotedosec="yes"
+ if [ "$narrow" = "narrow" ]
+ then
+ extracontexts="dnssec nsec3 narrow"
+ skipreasons="narrow nsec3 nodyndns"
+ else
+ extracontexts="dnssec nsec3"
+ skipreasons="nsec3 nodyndns"
+ fi
+
+ remote_add_param="--remote-dnssec=yes"
+ elif [ "$remotesec" = "dnssec" ]
+ then
+ remotedosec="yes"
+ remote_add_param="--remote-dnssec=yes"
+ extracontexts="dnssec"
+ skipreasons="nonsec3 nonarrow nodyndns"
+ fi
+
+
+ # generate pdns.conf for pdnssec
+ cat > pdns-remote.conf <<EOF
+launch=remote
+remote-connection-string=$connstr
+EOF
+
+ if [ "$remotedosec" = "yes" ]
+ then
+ echo "remote-dnssec=yes" >> pdns-remote.conf
+ ../pdns/pdnssec --config-dir=. --config-name=remote import-zone-key example.com $testsdir/example.com.ksk ksk
+ ../pdns/pdnssec --config-dir=. --config-name=remote import-zone-key example.com $testsdir/example.com.zsk.1 zsk
+ ../pdns/pdnssec --config-dir=. --config-name=remote import-zone-key example.com $testsdir/example.com.zsk.2 zsk
+ ../pdns/pdnssec --config-dir=. --config-name=remote activate-zone-key example.com 1
+ ../pdns/pdnssec --config-dir=. --config-name=remote activate-zone-key example.com 2
+ ../pdns/pdnssec --config-dir=. --config-name=remote deactivate-zone-key example.com 3
+
+ ../pdns/pdnssec --config-dir=. --config-name=remote import-zone-key up.example.com $testsdir/up.example.com.ksk ksk
+ ../pdns/pdnssec --config-dir=. --config-name=remote import-zone-key up.example.com $testsdir/up.example.com.zsk.1 zsk
+ ../pdns/pdnssec --config-dir=. --config-name=remote import-zone-key up.example.com $testsdir/up.example.com.zsk.2 zsk
+ ../pdns/pdnssec --config-dir=. --config-name=remote activate-zone-key example.com 4
+ ../pdns/pdnssec --config-dir=. --config-name=remote activate-zone-key example.com 5
+ ../pdns/pdnssec --config-dir=. --config-name=remote deactivate-zone-key example.com 6
+
+ if [ "$remotesec" = "nsec3" ]
+ then
+ ../pdns/pdnssec --config-dir=. --config-name=remote set-nsec3 example.com
+ ../pdns/pdnssec --config-dir=. --config-name=remote set-nsec3 up.example.com
+ fi
+ fi
+
+ $RUNWRAPPER $PDNS --daemon=no --local-port=$port --socket-dir=./ \
+ --no-shuffle --launch=remote \
+ --query-logging --loglevel=9 --cache-ttl=$cachettl --no-config \
+ --send-root-referral --distributor-threads=1 \
+ --allow-2136-from=127.0.0.0/8 --experimental-rfc2136=yes \
+ --remote-connection-string="$connstr" $remote_add_param &
+ ;;
+
+ *)
+ nocontext=yes
+esac
--- /dev/null
+case $context in
+ tinydns)
+ $RUNWRAPPER $PDNS --daemon=no --local-port=$port --socket-dir=./ \
+ --no-shuffle --launch=tinydns \
+ --cache-ttl=$cachettl --no-config \
+ --send-root-referral \
+ --allow-2136-from=127.0.0.0/8 --experimental-rfc2136=yes \
+ --tinydns-dbfile=../modules/tinydnsbackend/data.cdb &
+ skipreasons="nodnssec noent nodyndns"
+ ;;
+
+ *)
+ nocontext=yes
+esac
--- /dev/null
+bindfix ()
+{
+ sed -e 's/"A very .*"/"shorter"/' < zones/test.com > zones/test.com.bind
+ sed -e '/EUI/s/^/;/g' -e '/host\.\*\.sub/s/^/;/g' < zones/example.com > zones/example.com.bind
+ sed -e '/DS\t44030/s/^/;/g' < zones/delegated.dnssec-parent.com > zones/delegated.dnssec-parent.com.bind
+}
+
+tobind ()
+{
+ cat > bind.conf << __EOF__
+options {
+ directory "./zones";
+ dnssec-enable yes;
+ listen-on port $port { 127.0.0.1; };
+ minimal-responses yes;
+ pid-file "../pdns.pid";
+};
+
+key test {
+ algorithm $ALGORITHM;
+ secret "$KEY";
+};
+__EOF__
+
+ rm -f K*
+ rm -f zones/*.bind
+
+ bindfix
+
+ for zone in $(grep 'zone ' named.conf | cut -f2 -d\")
+ do
+
+ if [ ! -f zones/$zone.bind ]
+ then
+ cp zones/$zone zones/$zone.bind
+ fi
+
+ if [ "$1" != "unsigned" ]
+ then
+ if [ ! "${zone: 0:16}" = "secure-delegated" ]
+ then
+ ksk=$(dnssec-keygen -r/dev/urandom -f KSK -a RSASHA256 -b 2048 -n ZONE $zone)
+ else
+ cp secure-delegated.dnssec-parent.com.private Ksecure-delegated.dnssec-parent.com.+008+54319.private
+ cp secure-delegated.dnssec-parent.com.key Ksecure-delegated.dnssec-parent.com.+008+54319.key
+ ksk="Ksecure-delegated.dnssec-parent.com.+008+54319"
+ fi
+ zsk=$(dnssec-keygen -r/dev/urandom -a RSASHA256 -b 1024 -n ZONE $zone)
+
+ echo "\$include $ksk.key ; KSK" >> zones/$zone.bind
+ echo "\$include $zsk.key ; ZSK" >> zones/$zone.bind
+ fi
+
+ case $1 in
+ nsec)
+ dnssec-signzone -o $zone -f zones/$zone.signed zones/$zone.bind
+ ;;
+ nsec3)
+ dnssec-signzone -3 abcd -H 1 -o $zone -f zones/$zone.signed zones/$zone.bind
+ ;;
+ nsec3-optout)
+ dnssec-signzone -3 abcd -H 1 -A -o $zone -f zones/$zone.signed zones/$zone.bind
+ if [ "$zone" = "dnssec-parent.com" ]
+ then
+ echo "insecure.dnssec-parent.com. IN NS ns.insecure.dnssec-parent.com." >> zones/${zone}.signed
+ fi
+ ;;
+ unsigned)
+ cp zones/${zone}.bind zones/${zone}.signed
+ ;;
+ *)
+ echo 'tobind called with wrong param'
+ exit
+ esac
+
+ echo "" >> bind.conf
+ echo "zone \"${zone}\" {" >> bind.conf
+ echo " type master;" >> bind.conf
+ if [ "${zone}" = "tsig.com" ]
+ then
+ echo " allow-transfer { key test; none; };" >> bind.conf
+ fi
+ echo " file \"${zone}.signed\";" >> bind.conf
+ echo "};" >> bind.conf
+ done
+}
+
+case $context in
+ ext-bind | ext-bind-nsec | ext-bind-nsec3 | ext-bind-nsec3-optout)
+ case $context in
+ ext-bind)
+ tobind unsigned
+ extracontexts="extbind"
+ skipreasons="bind nodnssec nodyndns"
+ ;;
+ ext-bind-nsec)
+ tobind nsec
+ extracontexts="extbind dnssec"
+ skipreasons="bind nodyndns"
+ ;;
+ ext-bind-nsec3)
+ tobind nsec3
+ extracontexts="extbind dnssec nsec3"
+ skipreasons="bind nsec3 nodyndns"
+ ;;
+ ext-bind-nsec3-optout)
+ tobind nsec3-optout
+ extracontexts="extbind dnssec nsec3 nsec3-optout"
+ skipreasons="bind optout nodyndns"
+ ;;
+ *)
+ nocontext=yes
+ esac
+ named -c bind.conf -g &
+ sleep 5
+ ;;
+
+ *)
+ nocontext=yes
+esac
--- /dev/null
+ skipreasons="$skipreasons bind"
+ context=$context-presigned
+ cat > bind-slave.conf << __EOF__
+options {
+ directory "./zones";
+ dnssec-enable yes;
+ listen-on port $(($port+100)) { 127.0.0.1; };
+ minimal-responses yes;
+ pid-file "../pdns-slave.pid";
+};
+
+key test {
+ algorithm $ALGORITHM;
+ secret "$KEY";
+};
+__EOF__
+
+ for zone in $(grep 'zone ' named.conf | cut -f2 -d\")
+ do
+ rm -f $zone-slave
+
+ echo "" >> bind-slave.conf
+ echo "zone \"${zone}\" {" >> bind-slave.conf
+ echo " type slave;" >> bind-slave.conf
+ echo " file \"${zone}-slave\";" >> bind-slave.conf
+ if [ "${zone}" = "tsig.com" ]
+ then
+ echo " masters port $port { 127.0.0.1 key test; };" >> bind-slave.conf
+ echo " allow-transfer { key test; none; };" >> bind-slave.conf
+ else
+ echo " masters port $port { 127.0.0.1; };" >> bind-slave.conf
+ fi
+ echo "};" >> bind-slave.conf
+ done
+
+ port=$((port+100))
+
+ named -c bind-slave.conf -g &
+ sleep 20
--- /dev/null
+nsdfix ()
+{
+ sed -e 's/"A very .*"/"shorter"/' < zones/test.com > zones/test.com.nsd
+ sed '/EUI/s/^/;/g' < zones/example.com > zones/example.com.nsd
+ sed -e '/testnonzone\.com\./s/^/;/g' -e '/NZTEST\.COM\.NET\./s/^/;/g' < zones/nztest.com > zones/nztest.com.nsd
+ sed -e '/DS\t44030/s/^/;/g' < zones/delegated.dnssec-parent.com > zones/delegated.dnssec-parent.com.nsd
+}
+
+tonsd ()
+{
+ cat > nsd.conf << __EOF__
+server:
+ ip-address: 127.0.0.1@$port
+ database: ./nsd.db
+ difffile: ./ixfr.db
+ xfrdfile: ./ixfr.state
+
+ zonesdir: ./zones
+ username: ""
+
+key:
+ name: test
+ algorithm: $ALGORITHM
+ secret: "$KEY"
+__EOF__
+
+ rm -f K*
+ rm -f zones/*.nsd
+
+ nsdfix
+
+ for zone in $(grep 'zone ' named.conf | cut -f2 -d\")
+ do
+
+ if [ -f zones/$zone.nsd ]
+ then
+ zonefile=zones/${zone}.nsd
+ else
+ zonefile=zones/${zone}
+ fi
+
+ if [ "$1" != "unsigned" ]
+ then
+ if [ ! "${zone: 0:16}" = "secure-delegated" ]
+ then
+ ksk=$(ldns-keygen -r /dev/urandom -a RSASHA256 -k $zone)
+ else
+ ksk="secure-delegated.dnssec-parent.com"
+ fi
+ zsk=$(ldns-keygen -r /dev/urandom -a RSASHA256 $zone)
+ fi
+
+ case $1 in
+ nsec)
+ ldns-signzone -f zones/${zone}.signed ${zonefile} $ksk $zsk
+ ;;
+ nsec3)
+ ldns-signzone -n -a 1 -s abcd -t 1 -f zones/${zone}.signed ${zonefile} $ksk $zsk
+ ;;
+ nsec3-optout)
+ ldns-signzone -n -p -a 1 -s abcd -t 1 -f zones/${zone}.signed ${zonefile} $ksk $zsk
+ if [ "$zone" = "dnssec-parent.com" ]
+ then
+ echo "insecure.dnssec-parent.com. IN NS ns.insecure.dnssec-parent.com." >> zones/${zone}.signed
+ fi
+ ;;
+ unsigned)
+ cp ${zonefile} zones/${zone}.signed
+ ;;
+ *)
+ echo 'tonsd called with wrong param'
+ exit
+ esac
+
+ echo "" >> nsd.conf
+ echo "zone:" >> nsd.conf
+ echo " name: \"${zone}\"" >> nsd.conf
+ echo " zonefile: \"${zone}.signed\"" >> nsd.conf
+ if [ "${zone}" = "tsig.com" ]
+ then
+ echo " provide-xfr: 0.0.0.0/0 test" >> nsd.conf
+ echo " provide-xfr: ::0/0 test" >> nsd.conf
+ else
+ echo " provide-xfr: 0.0.0.0/0 NOKEY" >> nsd.conf
+ echo " provide-xfr: ::0/0 NOKEY" >> nsd.conf
+ fi
+ done
+ nsdc -c nsd.conf rebuild
+}
+
+case $context in
+ ext-nsd | ext-nsd-nsec | ext-nsd-nsec3 | ext-nsd-nsec3-optout)
+ case $context in
+ ext-nsd)
+ tonsd unsigned
+ extracontexts="extnsd"
+ skipreasons="nsd nodnssec nodyndns"
+ ;;
+ ext-nsd-nsec)
+ tonsd nsec
+ extracontexts="extnsd dnssec"
+ skipreasons="nsd nodyndns"
+ ;;
+ ext-nsd-nsec3)
+ tonsd nsec3
+ extracontexts="extnsd dnssec nsec3"
+ skipreasons="nsd nsec3 nodyndns"
+ ;;
+ ext-nsd-nsec3-optout)
+ tonsd nsec3-optout
+ extracontexts="extnsd dnssec nsec3 nsec3-optout"
+ skipreasons="nsd optout nodyndns"
+ ;;
+ *)
+ nocontext=yes
+ esac
+ nsd -c nsd.conf -P ../pdns.pid -d &
+ sleep 5
+ ;;
+
+ *)
+ nocontext=yes
+esac
--- /dev/null
+ skipreasons="$skipreasons nsd"
+ context=$context-presigned
+ cat > nsd-slave.conf << __EOF__
+server:
+ ip-address: 127.0.0.1@$((port+100))
+ database: ./nsd-slave.db
+ difffile: ./ixfr-slave.db
+ xfrdfile: ./ixfr-slave.state
+ zonesdir: ./zones
+ username: ""
+
+key:
+ name: test
+ algorithm: $ALGORITHM
+ secret: "$KEY"
+__EOF__
+
+ rm -f ixfr-slave.db
+ rm -f ixfr-slave.state
+
+ for zone in $(grep 'zone ' named.conf | cut -f2 -d\")
+ do
+ rm -f zones/$zone-slave
+
+ echo "" >> nsd-slave.conf
+ echo "zone:" >> nsd-slave.conf
+ echo " name: \"${zone}\"" >> nsd-slave.conf
+ echo " zonefile: \"${zone}-slave\"" >> nsd-slave.conf
+ if [ "${zone}" = "tsig.com" ]
+ then
+ echo " allow-notify: 127.0.0.1 test" >> nsd-slave.conf
+ echo " request-xfr: AXFR 127.0.0.1@$port test" >> nsd-slave.conf
+ echo " provide-xfr: 0.0.0.0/0 test" >> nsd-slave.conf
+ echo " provide-xfr: ::0/0 test" >> nsd-slave.conf
+ else
+ echo " allow-notify: 127.0.0.1 NOKEY" >> nsd-slave.conf
+ echo " request-xfr: AXFR 127.0.0.1@$port NOKEY" >> nsd-slave.conf
+ echo " provide-xfr: 0.0.0.0/0 NOKEY" >> nsd-slave.conf
+ echo " provide-xfr: ::0/0 NOKEY" >> nsd-slave.conf
+ fi
+ done
+
+ port=$((port+100))
+ nsdc -c nsd-slave.conf rebuild
+
+ nsd -c nsd-slave.conf -P ../pdns-slave.pid -d &
+ sleep 20
options {
- directory "./";
+ directory "./zones/";
recursion no;
listen-on port 5300 {
127.0.0.1;
};
zone "example.com"{
type master;
- file "./example.com";
+ file "example.com";
};
zone "test.com"{
type master;
- file "./test.com";
+ file "test.com";
};
zone "test.dyndns" {
type master;
- file "./test.dyndns";
+ file "test.dyndns";
allow-update {
127.0.0.0/8;
};
zone "wtest.com"{
type master;
- file "./wtest.com";
+ file "wtest.com";
};
zone "nztest.com"{
type master;
- file "./nztest.com";
+ file "nztest.com";
};
zone "dnssec-parent.com"{
type master;
- file "./dnssec-parent.com";
+ file "dnssec-parent.com";
};
zone "delegated.dnssec-parent.com"{
type master;
- file "./delegated.dnssec-parent.com";
+ file "delegated.dnssec-parent.com";
};
zone "secure-delegated.dnssec-parent.com"{
type master;
- file "./secure-delegated.dnssec-parent.com";
+ file "secure-delegated.dnssec-parent.com";
};
zone "minimal.com"{
type master;
- file "./minimal.com";
+ file "minimal.com";
};
zone "tsig.com"{
type master;
- file "./tsig.com";
+ file "tsig.com";
};
zone "stest.com"{
type master;
- file "./stest.com";
+ file "stest.com";
};
trap "kill_process 2" EXIT INT TERM
-nsdfix ()
-{
- sed -e 's/"A very .*"/"shorter"/' < test.com > test.com.nsd
- sed '/EUI/s/^/;/g' < example.com > example.com.nsd
- sed -e '/testnonzone\.com\./s/^/;/g' -e '/NZTEST\.COM\.NET\./s/^/;/g' < nztest.com > nztest.com.nsd
-}
-
-bindfix ()
-{
- sed -e 's/"A very .*"/"shorter"/' < test.com > test.com.bind
- sed -e '/EUI/s/^/;/g' -e '/host\.\*\.sub/s/^/;/g' < example.com > example.com.bind
-}
-
-tonsd ()
-{
- cat > nsd.conf << __EOF__
-server:
- ip-address: 127.0.0.1@$port
- database: ./nsd.db
- difffile: ./ixfr.db
- xfrdfile: ./ixfr.state
-
- zonesdir: .
- username: ""
-
-key:
- name: test
- algorithm: $ALGORITHM
- secret: "$KEY"
-__EOF__
-
- rm -f K*
- rm -f *.nsd
-
- nsdfix
-
- for zone in $(grep zone named.conf | cut -f2 -d\")
- do
-
- if [ -f $zone.nsd ]
- then
- zonefile=${zone}.nsd
- else
- zonefile=${zone}
- fi
-
- if [ "$1" != "unsigned" ]
- then
- if [ ! "${zone: 0:16}" = "secure-delegated" ]
- then
- ksk=$(ldns-keygen -r /dev/urandom -a RSASHA256 -k $zone)
- else
- ksk="secure-delegated.dnssec-parent.com"
- fi
- zsk=$(ldns-keygen -r /dev/urandom -a RSASHA256 $zone)
- fi
-
- case $1 in
- nsec)
- ldns-signzone -f ${zone}.signed ${zonefile} $ksk $zsk
- ;;
- nsec3)
- ldns-signzone -n -a 1 -s abcd -t 1 -f ${zone}.signed ${zonefile} $ksk $zsk
- ;;
- nsec3-optout)
- ldns-signzone -n -p -a 1 -s abcd -t 1 -f ${zone}.signed ${zonefile} $ksk $zsk
- if [ "$zone" = "dnssec-parent.com" ]
- then
- echo "insecure.dnssec-parent.com. IN NS ns.insecure.dnssec-parent.com." >> ${zone}.signed
- fi
- ;;
- unsigned)
- cp ${zonefile} ${zone}.signed
- ;;
- *)
- echo 'tonsd called with wrong param'
- exit
- esac
-
- echo "" >> nsd.conf
- echo "zone:" >> nsd.conf
- echo " name: \"${zone}\"" >> nsd.conf
- echo " zonefile: \"${zone}.signed\"" >> nsd.conf
- if [ "${zone}" = "tsig.com" ]
- then
- echo " provide-xfr: 0.0.0.0/0 test" >> nsd.conf
- echo " provide-xfr: ::0/0 test" >> nsd.conf
- else
- echo " provide-xfr: 0.0.0.0/0 NOKEY" >> nsd.conf
- echo " provide-xfr: ::0/0 NOKEY" >> nsd.conf
- fi
- done
- nsdc -c nsd.conf rebuild
-}
-
-
-
-tobind ()
-{
- cat > bind.conf << __EOF__
-options {
- dnssec-enable yes;
- listen-on port $port { 127.0.0.1; };
- minimal-responses yes;
- pid-file "pdns.pid";
-};
-
-key test {
- algorithm $ALGORITHM;
- secret "$KEY";
-};
-__EOF__
-
- rm -f K*
- rm -f *.bind
-
- bindfix
-
- for zone in $(grep zone named.conf | cut -f2 -d\")
- do
-
- if [ ! -f $zone.bind ]
- then
- cp $zone $zone.bind
- fi
-
- if [ "$1" != "unsigned" ]
- then
- if [ ! "${zone: 0:16}" = "secure-delegated" ]
- then
- ksk=$(dnssec-keygen -r/dev/urandom -f KSK -a RSASHA256 -b 2048 -n ZONE $zone)
- else
- cp secure-delegated.dnssec-parent.com.private Ksecure-delegated.dnssec-parent.com.+008+54319.private
- cp secure-delegated.dnssec-parent.com.key Ksecure-delegated.dnssec-parent.com.+008+54319.key
- ksk="Ksecure-delegated.dnssec-parent.com.+008+54319"
- fi
- zsk=$(dnssec-keygen -r/dev/urandom -a RSASHA256 -b 1024 -n ZONE $zone)
-
- echo "\$include $ksk.key ; KSK" >> $zone.bind
- echo "\$include $zsk.key ; ZSK" >> $zone.bind
- fi
-
- case $1 in
- nsec)
- dnssec-signzone -o $zone -f $zone.signed $zone.bind
- ;;
- nsec3)
- dnssec-signzone -3 abcd -H 1 -o $zone -f $zone.signed $zone.bind
- ;;
- nsec3-optout)
- dnssec-signzone -3 abcd -H 1 -A -o $zone -f $zone.signed $zone.bind
- if [ "$zone" = "dnssec-parent.com" ]
- then
- echo "insecure.dnssec-parent.com. IN NS ns.insecure.dnssec-parent.com." >> ${zone}.signed
- fi
- ;;
- unsigned)
- cp ${zone}.bind ${zone}.signed
- ;;
- *)
- echo 'tobind called with wrong param'
- exit
- esac
-
- echo "" >> bind.conf
- echo "zone \"${zone}\" {" >> bind.conf
- echo " type master;" >> bind.conf
- if [ "${zone}" = "tsig.com" ]
- then
- echo " allow-transfer { key test; none; };" >> bind.conf
- fi
- echo " file \"${zone}.signed\";" >> bind.conf
- echo "};" >> bind.conf
- done
-}
-
-
-
tosql ()
{
${MAKE} -C ../pdns zone2sql > /dev/null
[ -z "$cachettl" ] && cachettl=0
spectest=$5
-testsdir=.
+testsdir=./tests
if [ "$port" = help ] || [ "$context" = help ]
then
${MAKE} -C ../pdns sdig nsec3dig || exit
# Copy original zones because the test might modify them (well only the dyndns stuff, but let's make this work for others as well)
-for zone in $(grep zone named.conf | cut -f2 -d\")
+for zone in $(grep 'zone ' named.conf | cut -f2 -d\")
do
- if [ -f $zone.orig ]
+ if [ -f zones/$zone.orig ]
then
- cp -f $zone.orig $zone
+ cp -f zones/$zone.orig zones/$zone
fi
done
skiplua=1
fi
-case $context in
- ext-nsd | ext-nsd-nsec | ext-nsd-nsec3 | ext-nsd-nsec3-optout)
- case $context in
- ext-nsd)
- tonsd unsigned
- extracontexts="extnsd"
- skipreasons="nsd nodnssec nodyndns"
- ;;
- ext-nsd-nsec)
- tonsd nsec
- extracontexts="extnsd dnssec"
- skipreasons="nsd nodyndns"
- ;;
- ext-nsd-nsec3)
- tonsd nsec3
- extracontexts="extnsd dnssec nsec3"
- skipreasons="nsd nsec3 nodyndns"
- ;;
- ext-nsd-nsec3-optout)
- tonsd nsec3-optout
- extracontexts="extnsd dnssec nsec3 nsec3-optout"
- skipreasons="nsd optout nodyndns"
- ;;
- esac
- nsd -c nsd.conf -P pdns.pid -d &
- sleep 5
- ;;
-
- ext-bind | ext-bind-nsec | ext-bind-nsec3 | ext-bind-nsec3-optout)
- case $context in
- ext-bind)
- tobind unsigned
- extracontexts="extbind"
- skipreasons="bind nodnssec nodyndns"
- ;;
- ext-bind-nsec)
- tobind nsec
- extracontexts="extbind dnssec"
- skipreasons="bind nodyndns"
- ;;
- ext-bind-nsec3)
- tobind nsec3
- extracontexts="extbind dnssec nsec3"
- skipreasons="bind nsec3 nodyndns"
- ;;
- ext-bind-nsec3-optout)
- tobind nsec3-optout
- extracontexts="extbind dnssec nsec3 nsec3-optout"
- skipreasons="bind optout nodyndns"
- ;;
- esac
- named -c bind.conf -g &
- sleep 5
- ;;
-
- bind)
- $RUNWRAPPER $PDNS --daemon=no --local-port=$port --socket-dir=./ \
- --no-shuffle --launch=bind --bind-config=./named.conf \
- --send-root-referral \
- --allow-2136-from=127.0.0.0/8 --experimental-rfc2136=yes \
- --cache-ttl=$cachettl --no-config \
- --bind-ignore-broken-records=yes &
- skipreasons="nodnssec nodyndns"
- bindwait
- ;;
-
- bind-dnssec | bind-dnssec-nsec3 | bind-dnssec-nsec3-optout | bind-dnssec-nsec3-narrow)
- rm -f dnssec.sqlite3
- ../pdns/pdnssec --config-dir=. create-bind-db dnssec.sqlite3
-
- for zone in $(grep zone named.conf | cut -f2 -d\")
- do
- securezone $zone
- if [ $context = bind-dnssec-nsec3 ] || [ $context = bind-dnssec-nsec3-optout ]
- then
- ../pdns/pdnssec --config-dir=. set-nsec3 $zone "1 $optout 1 abcd" 2>&1
- elif [ $context = bind-dnssec-nsec3-narrow ]
- then
- ../pdns/pdnssec --config-dir=. set-nsec3 $zone '1 1 1 abcd' narrow 2>&1
- fi
- done
-
- if [ $context = bind-dnssec-nsec3 ]
- then
- extracontexts="bind dnssec nsec3"
- skipreasons="nsec3 nodyndns"
- elif [ $context = bind-dnssec-nsec3-optout ]
- then
- extracontexts="bind dnssec nsec3 nsec3-optout"
- skipreasons="optout nodyndns"
- elif [ $context = bind-dnssec-nsec3-narrow ]
- then
- extracontexts="bind dnssec narrow"
- skipreasons="narrow nodyndns"
- else
- extracontexts="bind dnssec"
- skipreasons="nodyndns"
- fi
-
- ../pdns/pdnssec --config-dir=. import-tsig-key test $ALGORITHM $KEY
- ../pdns/pdnssec --config-dir=. activate-tsig-key tsig.com test master
-
- $RUNWRAPPER $PDNS --daemon=no --local-port=$port --socket-dir=./ \
- --no-shuffle --launch=bind --bind-config=./named.conf \
- --bind-dnssec-db=./dnssec.sqlite3 \
- --send-root-referral \
- --allow-2136-from=127.0.0.0/8 --experimental-rfc2136=yes --direct-dnskey=yes \
- --cache-ttl=$cachettl --no-config \
- --bind-ignore-broken-records=yes $lua_prequery &
- bindwait
- ;;
-
- gmysql-nodnssec)
- [ -z "$GMYSQLDB" ] && GMYSQLDB=pdnstest
- [ -z "$GMYSQLUSER" ] && GMYSQLUSER=root
- [ -z "$GMYSQLHOST" ] && GMYSQLHOST=localhost
- [ -z "$GMYSQLPASSWD" ] && GMYSQLPASSWD=''
-
- mysqladmin --user="$GMYSQLUSER" --password="$GMYSQLPASSWD" --host="$GMYSQLHOST" --force drop "$GMYSQLDB" \
- || echo ignoring mysqladmin drop failure
- mysqladmin --user="$GMYSQLUSER" --password="$GMYSQLPASSWD" --host="$GMYSQLHOST" create "$GMYSQLDB"
- mysql --user="$GMYSQLUSER" --password="$GMYSQLPASSWD" --host="$GMYSQLHOST" \
- "$GMYSQLDB" < ../modules/gmysqlbackend/no-dnssec.schema.mysql.sql
-
- tosql gmysql | mysql --user="$GMYSQLUSER" --password="$GMYSQLPASSWD" --host="$GMYSQLHOST" \
- "$GMYSQLDB"
-
- cat > pdns-gmysql.conf << __EOF__
-launch=gmysql
-gmysql-dbname=$GMYSQLDB
-gmysql-user=$GMYSQLUSER
-gmysql-host=$GMYSQLHOST
-gmysql-password=$GMYSQLPASSWD
-__EOF__
-
- for zone in $(grep zone named.conf | cut -f2 -d\")
- do
- ../pdns/pdnssec --config-dir=. --config-name=gmysql rectify-zone $zone 2>&1
- done
-
- $RUNWRAPPER $PDNS --daemon=no --local-port=$port --socket-dir=./ \
- --no-shuffle --launch=gmysql \
- --master --send-root-referral \
- --allow-2136-from=127.0.0.0/8 --experimental-rfc2136=yes --direct-dnskey=yes \
- --cache-ttl=$cachettl --no-config \
- --gmysql-dbname="$GMYSQLDB" \
- --gmysql-user="$GMYSQLUSER" \
- --gmysql-host="$GMYSQLHOST" \
- --gmysql-password="$GMYSQLPASSWD" &
- skipreasons=nodnssec
- ;;
- mydns)
- [ -z "$MYDNSDB" ] && MYDNSDB=pdnstest
- [ -z "$MYDNSUSER" ] && MYDNSUSER=root
- [ -z "$MYDNSHOST" ] && MYDNSHOST=localhost
- [ -z "$MYDNSPASSWD" ] && MYDNSPASSWD=''
-
- mysqladmin --user="$MYDNSUSER" --password="$MYDNSPASSWD" --host="$MYDNSHOST" --force drop "$MYDNSDB" \
- || echo ignoring mysqladmin drop failure
- mysqladmin --user="$MYDNSUSER" --password="$MYDNSPASSWD" --host="$MYDNSHOST" create "$MYDNSDB"
- mysql --user="$MYDNSUSER" --password="$MYDNSPASSWD" --host="$MYDNSHOST" \
- "$MYDNSDB" < ../modules/mydnsbackend/schema.sql
-
- tosql mydns | grep -v 'double\.example\.com' | mysql --user="$MYDNSUSER" --password="$MYDNSPASSWD" --host="$MYDNSHOST" \
- "$MYDNSDB"
-
- cat > pdns-mydns.conf << __EOF__
-launch=mydns
-mydns-dbname=$MYDNSDB
-mydns-user=$MYDNSUSER
-mydns-host=$MYDNSHOST
-mydns-password=$MYDNSPASSWD
-__EOF__
- $RUNWRAPPER $PDNS --daemon=no --local-port=$port --socket-dir=./ \
- --no-shuffle --launch=mydns \
- --master --send-root-referral \
- --cache-ttl=0 --no-config \
- --mydns-rr-active=no --mydns-soa-active=no --mydns-use-minimal-ttl=no \
- --mydns-dbname="$MYDNSDB" \
- --mydns-user="$MYDNSUSER" \
- --mydns-host="$MYDNSHOST" \
- --mydns-password="$MYDNSPASSWD" &
- skipreasons="nodnssec noent nodyndns"
- ;;
-
- gmysql | gmysql-nsec3 | gmysql-nsec3-optout |gmysql-nsec3-narrow)
- [ -z "$GMYSQLDB" ] && GMYSQLDB=pdnstest
- [ -z "$GMYSQLUSER" ] && GMYSQLUSER=root
- [ -z "$GMYSQLHOST" ] && GMYSQLHOST=localhost
- [ -z "$GMYSQLPASSWD" ] && GMYSQLPASSWD=''
-
- mysqladmin --user="$GMYSQLUSER" --password="$GMYSQLPASSWD" --host="$GMYSQLHOST" --force drop "$GMYSQLDB" \
- || echo ignoring mysqladmin drop failure
- mysqladmin --user="$GMYSQLUSER" --password="$GMYSQLPASSWD" --host="$GMYSQLHOST" create "$GMYSQLDB"
- mysql --user="$GMYSQLUSER" --password="$GMYSQLPASSWD" --host="$GMYSQLHOST" \
- "$GMYSQLDB" < ../modules/gmysqlbackend/no-dnssec.schema.mysql.sql
- mysql --user="$GMYSQLUSER" --password="$GMYSQLPASSWD" --host="$GMYSQLHOST" \
- "$GMYSQLDB" < ../modules/gmysqlbackend/dnssec.schema.mysql.sql
-
- tosql gmysql | mysql --user="$GMYSQLUSER" --password="$GMYSQLPASSWD" --host="$GMYSQLHOST" \
- "$GMYSQLDB"
-
- cat > pdns-gmysql.conf << __EOF__
-launch=gmysql
-gmysql-dbname=$GMYSQLDB
-gmysql-user=$GMYSQLUSER
-gmysql-host=$GMYSQLHOST
-gmysql-password=$GMYSQLPASSWD
-gmysql-dnssec
-__EOF__
- for zone in $(grep zone named.conf | cut -f2 -d\")
- do
- securezone $zone gmysql
- if [ $context = gmysql-nsec3 ] || [ $context = gmysql-nsec3-optout ]
- then
- ../pdns/pdnssec --config-dir=. --config-name=gmysql set-nsec3 $zone "1 $optout 1 abcd" 2>&1
- ../pdns/pdnssec --config-dir=. --config-name=gmysql rectify-zone $zone 2>&1
- elif [ $context = gmysql-nsec3-narrow ]
- then
- ../pdns/pdnssec --config-dir=. --config-name=gmysql set-nsec3 $zone '1 1 1 abcd' narrow 2>&1
- ../pdns/pdnssec --config-dir=. --config-name=gmysql rectify-zone $zone 2>&1
- fi
-
-
- done
-
- ../pdns/pdnssec --config-dir=. --config-name=gmysql import-tsig-key test $ALGORITHM $KEY
- ../pdns/pdnssec --config-dir=. --config-name=gmysql activate-tsig-key tsig.com test master
-
- $RUNWRAPPER $PDNS --daemon=no --local-port=$port --socket-dir=./ \
- --no-shuffle --launch --launch+=random --launch+=gmysql --launch+=random --gmysql-dnssec \
- --send-root-referral \
- --allow-2136-from=127.0.0.0/8 --experimental-rfc2136=yes --direct-dnskey=yes \
- --cache-ttl=$cachettl --no-config \
- --gmysql-dbname="$GMYSQLDB" \
- --gmysql-user="$GMYSQLUSER" \
- --gmysql-host="$GMYSQLHOST" \
- --gmysql-password="$GMYSQLPASSWD" $lua_prequery &
- if [ $context = gmysql-nsec3 ]
- then
- extracontexts="dnssec nsec3"
- skipreasons="nsec3"
- elif [ $context = gmysql-nsec3-optout ]
- then
- extracontexts="dnssec nsec3 nsec3-optout"
- skipreasons="optout"
- elif [ $context = gmysql-nsec3-narrow ]
- then
- extracontexts="dnssec narrow"
- skipreasons="narrow"
- else
- extracontexts="dnssec"
- fi
-
- ;;
- gpgsql | gpgsql-nsec3 | gpgsql-nsec3-optout)
- [ -z "$GPGSQLDB" ] && GPGSQLDB=pdnstest
- [ -z "$GPGSQLUSER" ] && GPGSQLUSER=$(whoami)
-
- dropdb --user="$GPGSQLUSER" "$GPGSQLDB" || echo ignoring dropdb failure
- createdb --user="$GPGSQLUSER" "$GPGSQLDB" || echo ignoring createdb failure # FIXME
- psql --user="$GPGSQLUSER" "$GPGSQLDB" < ../modules/gpgsqlbackend/no-dnssec.schema.pgsql.sql
- psql --user="$GPGSQLUSER" "$GPGSQLDB" < ../modules/gpgsqlbackend/dnssec.schema.pgsql.sql
-
- tosql gpgsql | psql --user="$GPGSQLUSER" "$GPGSQLDB" 2>&1 | uniq -c
-
- cat > pdns-gpgsql.conf << __EOF__
-launch=gpgsql
-gpgsql-dbname=$GPGSQLDB
-gpgsql-user=$GPGSQLUSER
-gpgsql-dnssec
-__EOF__
- for zone in $(grep zone named.conf | cut -f2 -d\")
- do
- securezone $zone gpgsql
- if [ $context = gpgsql-nsec3 ] || [ $context = gpgsql-nsec3-optout ]
- then
- ../pdns/pdnssec --config-dir=. --config-name=gpgsql set-nsec3 $zone "1 $optout 1 abcd" 2>&1
- ../pdns/pdnssec --config-dir=. --config-name=gpgsql rectify-zone $zone 2>&1
- fi
- done
-
- ../pdns/pdnssec --config-dir=. --config-name=gpgsql import-tsig-key test $ALGORITHM $KEY
- ../pdns/pdnssec --config-dir=. --config-name=gpgsql activate-tsig-key tsig.com test master
-
- $RUNWRAPPER $PDNS --daemon=no --local-port=$port --socket-dir=./ \
- --no-shuffle --launch=gpgsql --gpgsql-dnssec \
- --send-root-referral \
- --allow-2136-from=127.0.0.0/8 --experimental-rfc2136=yes \
- --cache-ttl=$cachettl --no-config \
- --gpgsql-dbname="$GPGSQLDB" \
- --gpgsql-user="$GPGSQLUSER" $lua_prequery &
- if [ $context = gpgsql-nsec3 ]
- then
- extracontexts="dnssec nsec3"
- elif [ $context = gpgsql-nsec3-optout ]
- then
- extracontexts="dnssec nsec3 nsec3-optout"
- elif [ $context = gpgsql-nsec3-narrow ]
- then
- extracontexts="dnssec narrow"
- else
- extracontexts="dnssec"
- fi
- skipreasons="nodyndns"
-
- ;;
- gpgsql-nodnssec)
- [ -z "$GPGSQLDB" ] && GPGSQLDB=pdnstest
- [ -z "$GPGSQLUSER" ] && GPGSQLUSER=$(whoami)
-
- dropdb --user="$GPGSQLUSER" "$GPGSQLDB" || echo ignoring mysqladmin drop failure
- createdb --user="$GPGSQLUSER" "$GPGSQLDB" || echo ignoring mysqladmin drop failure
- psql --user="$GPGSQLUSER" "$GPGSQLDB" < ../modules/gpgsqlbackend/no-dnssec.schema.pgsql.sql
-
- tosql gpgsql | psql --user="$GPGSQLUSER" "$GPGSQLDB" 2>&1 | uniq -c
-
- cat > pdns-gpgsql.conf << __EOF__
-launch=gpgsql
-gpgsql-dbname=$GPGSQLDB
-gpgsql-user=$GPGSQLUSER
-__EOF__
-
- for zone in $(grep zone named.conf | cut -f2 -d\")
- do
- ../pdns/pdnssec --config-dir=. --config-name=gpgsql rectify-zone $zone 2>&1
- done
-
- $RUNWRAPPER $PDNS --daemon=no --local-port=$port --socket-dir=./ \
- --no-shuffle --launch=gpgsql \
- --send-root-referral \
- --allow-2136-from=127.0.0.0/8 --experimental-rfc2136=yes \
- --cache-ttl=$cachettl --no-config \
- --gpgsql-dbname="$GPGSQLDB" \
- --gpgsql-user="$GPGSQLUSER" &
- skipreasons="nodnssec nodyndns"
- ;;
-
-
- gsqlite3-nodnssec)
- rm -f pdns.sqlite3
- sqlite3 pdns.sqlite3 < ../modules/gsqlite3backend/no-dnssec.schema.sqlite3.sql
- tosql gsqlite | sqlite3 pdns.sqlite3
- echo ANALYZE\; | sqlite3 pdns.sqlite3
-
- cat > pdns-gsqlite3.conf << __EOF__
-launch=gsqlite3
-gsqlite3-database=pdns.sqlite3
-__EOF__
- for zone in $(grep zone named.conf | cut -f2 -d\")
- do
- ../pdns/pdnssec --config-dir=. --config-name=gsqlite3 rectify-zone $zone 2>&1
- done
-
- $RUNWRAPPER $PDNS --daemon=no --local-port=$port --socket-dir=./ \
- --no-shuffle --launch=gsqlite3 \
- --send-root-referral \
- --allow-2136-from=127.0.0.0/8 --experimental-rfc2136=yes \
- --cache-ttl=$cachettl --no-config \
- --gsqlite3-database=pdns.sqlite3 &
- skipreasons="nodnssec nodyndns"
-
- ;;
- opendbx-sqlite3)
- rm -f pdns-opendbx.sqlite3
- sqlite3 pdns-opendbx.sqlite3 < ../modules/gsqlite3backend/no-dnssec.schema.sqlite3.sql
- tosql gsqlite | sqlite3 pdns-opendbx.sqlite3
- sqlite3 pdns-opendbx.sqlite3 "ALTER TABLE domains ADD status CHARACTER(1) NOT NULL DEFAULT 'A'; \
- ALTER TABLE domains ADD auto_serial INTEGER DEFAULT 0;"
- echo ANALYZE\; | sqlite3 pdns-opendbx.sqlite3
-
- $RUNWRAPPER $PDNS --daemon=no --local-port=$port --socket-dir=./ \
- --no-shuffle --launch=opendbx \
- --send-root-referral \
- --cache-ttl=$cachettl --no-config \
- --opendbx-backend=sqlite3 --opendbx-host-read=./ --opendbx-host-write=./ \
- --opendbx-database=pdns-opendbx.sqlite3 &
- skipreasons="nodnssec noent nodyndns"
-
- ;;
- gsqlite3 | gsqlite3-nsec3 | gsqlite3-nsec3-optout)
- rm -f pdns.sqlite3
- sqlite3 pdns.sqlite3 < ../modules/gsqlite3backend/no-dnssec.schema.sqlite3.sql
- sqlite3 pdns.sqlite3 < ../modules/gsqlite3backend/dnssec.schema.sqlite3.sql
- tosql gsqlite | sqlite3 pdns.sqlite3
- echo ANALYZE\; | sqlite3 pdns.sqlite3
-
- cat > pdns-gsqlite3.conf << __EOF__
-launch=gsqlite3
-gsqlite3-database=pdns.sqlite3
-gsqlite3-dnssec
-__EOF__
- for zone in $(grep zone named.conf | cut -f2 -d\")
- do
- securezone $zone gsqlite3
- if [ $context = gsqlite3-nsec3 ] || [ $context = gsqlite3-nsec3-optout ]
- then
- ../pdns/pdnssec --config-dir=. --config-name=gsqlite3 set-nsec3 $zone "1 $optout 1 abcd" 2>&1
- ../pdns/pdnssec --config-dir=. --config-name=gsqlite3 rectify-zone $zone 2>&1
- fi
- done
-
- ../pdns/pdnssec --config-dir=. --config-name=gsqlite3 import-tsig-key test $ALGORITHM $KEY
- ../pdns/pdnssec --config-dir=. --config-name=gsqlite3 activate-tsig-key tsig.com test master
-
- $RUNWRAPPER $PDNS --daemon=no --local-port=$port --socket-dir=./ \
- --no-shuffle --launch=gsqlite3 --gsqlite3-dnssec \
- --send-root-referral \
- --allow-2136-from=127.0.0.0/8 --experimental-rfc2136=yes \
- --cache-ttl=$cachettl --no-config \
- --gsqlite3-database=pdns.sqlite3 $lua_prequery &
- if [ $context = gsqlite3-nsec3 ]
- then
- extracontexts="dnssec nsec3"
- elif [ $context = gsqlite3-nsec3-optout ]
- then
- extracontexts="dnssec nsec3 nsec3-optout"
- else
- extracontexts="dnssec"
- fi
- skipreasons="nodyndns"
- ;;
-
-
- goracle-nodnssec | goracle | goracle-nsec3 | goracle-nsec3-optout)
- [ -z "$GORACLEUSER" ] && GORACLEUSER=pdns
- [ -z "$GORACLEPASSWD" ] && GORACLEPASSWD=pdns
-
- echo "START ../modules/goraclebackend/goracle-drop-schema;" | sqlplus -S $GORACLEUSER/$GORACLEPASSWD@xe > goracle.log
- echo "START ../modules/goraclebackend/goracle-schema;" | sqlplus -S $GORACLEUSER/$GORACLEPASSWD@xe >> goracle.log
- tosql goracle | sqlplus -S $GORACLEUSER/$GORACLEPASSWD@xe >> goracle.log
+source backends/common
- cat > pdns-goracle.conf << __EOF__
-launch=goracle
-goracle-home=$ORACLE_HOME
-goracle-sid=$ORACLE_SID
-goracle-nls-lang=$NLS_LANG
-
-goracle-tnsname=xe
-goracle-user=$GORACLEUSER
-goracle-password=$GORACLEPASSWD
-__EOF__
-
- if [ $context != goracle-nodnssec ]
- then
- echo "goracle-dnssec" >> pdns-goracle.conf
- ../pdns/pdnssec --config-dir=. --config-name=goracle import-tsig-key test $ALGORITHM $KEY
- ../pdns/pdnssec --config-dir=. --config-name=goracle activate-tsig-key tsig.com test master
- fi
-
- for zone in $(grep zone named.conf | cut -f2 -d\")
- do
- if [ $context != goracle-nodnssec ]
- then
- securezone $zone goracle
- if [ $context = goracle-nsec3 ] || [ $context = goracle-nsec3-optout ]
- then
- ../pdns/pdnssec --config-dir=. --config-name=goracle set-nsec3 $zone "1 $optout 1 abcd" 2>&1
- ../pdns/pdnssec --config-dir=. --config-name=goracle rectify-zone $zone 2>&1
- fi
- else
- ../pdns/pdnssec --config-dir=. --config-name=goracle rectify-zone $zone 2>&1
- fi
- done
-
- $RUNWRAPPER $PDNS --daemon=no --local-port=$port --config-dir=. \
- --config-name=goracle --socket-dir=./ --no-shuffle \
- --send-root-referral \
- --allow-2136-from=127.0.0.0/8 --experimental-rfc2136=yes \
- --cache-ttl=$cachettl $lua_prequery &
-
- skipreasons="nodyndns"
- if [ $context = goracle-nsec3 ]
- then
- extracontexts="dnssec nsec3"
- elif [ $context = goracle-nsec3-optout ]
- then
- extracontexts="dnssec nsec3 nsec3-optout"
- elif [ $context = goracle-nodnssec ]
- then
- skipreasons="nodnssec nodyndns"
- else
- extracontexts="dnssec"
- fi
- ;;
-
-
- oracle-nodnssec | oracle | oracle-nsec3)
- [ -z "$ORACLEUSER" ] && ORACLEUSER=pdns
- [ -z "$ORACLEPASSWD" ] && ORACLEPASSWD=pdns
-
- echo "START ../modules/oraclebackend/dropschema;" | sqlplus -S $ORACLEUSER/$ORACLEPASSWD@xe > oracle.log
- echo "START ../modules/oraclebackend/schema;" | sqlplus -S $ORACLEUSER/$ORACLEPASSWD@xe >> oracle.log
- ../pdns/zone2sql --oracle | grep -v 'INSERT INTO Records' | sqlplus -S $ORACLEUSER/$ORACLEPASSWD@xe >> oracle.log
- ../pdns/zone2sql --oracle | grep " 'SOA', " | sqlplus -S $ORACLEUSER/$ORACLEPASSWD@xe >> oracle.log
-
- cat > pdns-oracle.conf << __EOF__
-launch=oracle
-oracle-home=$ORACLE_HOME
-oracle-sid=$ORACLE_SID
-oracle-nls-lang=$NLS_LANG
-
-oracle-pool-database=xe
-oracle-pool-username=$ORACLEUSER
-oracle-pool-password=$ORACLEPASSWD
-oracle-master-database=xe
-oracle-master-username=$ORACLEUSER
-oracle-master-password=$ORACLEPASSWD
-__EOF__
-
- if [ $context != oracle-nodnssec ]
- then
- echo "oracle-dnssec" >> pdns-oracle.conf
- ../pdns/pdnssec --config-dir=. --config-name=oracle import-tsig-key test $ALGORITHM $KEY
- ../pdns/pdnssec --config-dir=. --config-name=oracle activate-tsig-key tsig.com test master
- fi
-
- if [ $context != oracle-nodnssec ]
- then
- for zone in $(grep zone named.conf | cut -f2 -d\")
- do
- securezone $zone oracle
- if [ $context = oracle-nsec3 ]
- then
- ../pdns/pdnssec --config-dir=. --config-name=oracle set-nsec3 $zone "1 0 1 abcd" 2>&1
- fi
- done
- fi
-
- echo "TRUNCATE TABLE records;" | sqlplus -S $ORACLEUSER/$ORACLEPASSWD@xe >> oracle.log
- ../pdns/zone2sql --oracle | grep -v 'INSERT INTO Zones' | sqlplus -S $ORACLEUSER/$ORACLEPASSWD@xe >> oracle.log
-
- $RUNWRAPPER $PDNS --daemon=no --local-port=$port --config-dir=. \
- --config-name=oracle --socket-dir=./ --no-shuffle \
- --send-root-referral --query-logging \
- --cache-ttl=$cachettl $lua_prequery &
-
- if [ $context = oracle-nsec3 ]
- then
- skipreasons="nodyndns oracle-nsec3"
- extracontexts="dnssec nsec3"
- elif [ $context = oracle-nodnssec ]
- then
- skipreasons="nodyndns nodnssec"
- else
- skipreasons="nodyndns oracle-nsec"
- extracontexts="dnssec"
- fi
- skipreasons="$skipreasons noent" # TODO add ent support to oracle backend
- ;;
-
-
- tinydns)
- $RUNWRAPPER $PDNS --daemon=no --local-port=$port --socket-dir=./ \
- --no-shuffle --launch=tinydns \
- --cache-ttl=$cachettl --no-config \
- --send-root-referral \
- --allow-2136-from=127.0.0.0/8 --experimental-rfc2136=yes \
- --tinydns-dbfile=../modules/tinydnsbackend/data.cdb &
- skipreasons="nodnssec noent nodyndns"
- ;;
- remotebackend-*)
- remotetype=$(echo $context | cut -d- -f 2)
- remotesec=$(echo $context | cut -d- -f 3)
- narrow=$(echo $context | cut -d- -f 4)
- testsdir=../modules/remotebackend/regression-tests/
-
- # cleanup unbound-host.conf to avoid failures
- rm -f unbound-host.conf
-
- echo "Setting up test database..."
- # setup test database
- rm -f $testsdir/remote.sqlite3
- sqlite3 $testsdir/remote.sqlite3 < $testsdir/test-schema.sql
- chmod 0666 $testsdir/remote.sqlite3
-
- case $remotetype in
- http)
- connstr="http:url=http://localhost:62434/dns"
- rm -f remotebackend-server.log
- rm -f remotebackend-access.log
- $testsdir/http-backend.rb &
- echo $! > pdns-remotebackend.pid
- set +e
- # make sure it runs before continuing
- loopcount=0
- while [ $loopcount -lt 20 ]; do
- res=$(curl http://localhost:62434/ping 2>/dev/null)
- if [ "x$res" == "xpong" ]
- then
- break
- fi
- sleep 1
- let loopcount=loopcount+1
- done
- set -e
- ;;
- zeromq)
- connstr="zeromq:endpoint=ipc:///tmp/pdns.0"
- $testsdir/zeromq-backend.rb &
- echo $! > pdns-remotebackend.pid
- ;;
- unix)
- connstr="unix:path=/tmp/remote.socket"
- socat unix-listen:/tmp/remote.socket,fork exec:$testsdir/unix-backend.rb &
- echo $! > pdns-remotebackend.pid
- ;;
- pipe)
- connstr="pipe:command=$testsdir/pipe-backend.rb"
- ;;
- *)
- echo "Invalid usage"
- exit
- ;;
- esac
-
- skipreasons="nodnssec nodyndns"
-
- if [ "$remotesec" = "nsec3" ]
- then
- remotedosec="yes"
- if [ "$narrow" = "narrow" ]
- then
- extracontexts="dnssec nsec3 narrow"
- skipreasons="narrow nsec3 nodyndns"
- else
- extracontexts="dnssec nsec3"
- skipreasons="nsec3 nodyndns"
- fi
-
- remote_add_param="--remote-dnssec=yes"
- elif [ "$remotesec" = "dnssec" ]
- then
- remotedosec="yes"
- remote_add_param="--remote-dnssec=yes"
- extracontexts="dnssec"
- skipreasons="nonsec3 nonarrow nodyndns"
- fi
-
-
- # generate pdns.conf for pdnssec
- cat > pdns-remote.conf <<EOF
-launch=remote
-remote-connection-string=$connstr
-EOF
-
- if [ "$remotedosec" = "yes" ]
- then
- echo "remote-dnssec=yes" >> pdns-remote.conf
- ../pdns/pdnssec --config-dir=. --config-name=remote import-zone-key example.com $testsdir/example.com.ksk ksk
- ../pdns/pdnssec --config-dir=. --config-name=remote import-zone-key example.com $testsdir/example.com.zsk.1 zsk
- ../pdns/pdnssec --config-dir=. --config-name=remote import-zone-key example.com $testsdir/example.com.zsk.2 zsk
- ../pdns/pdnssec --config-dir=. --config-name=remote activate-zone-key example.com 1
- ../pdns/pdnssec --config-dir=. --config-name=remote activate-zone-key example.com 2
- ../pdns/pdnssec --config-dir=. --config-name=remote deactivate-zone-key example.com 3
-
- ../pdns/pdnssec --config-dir=. --config-name=remote import-zone-key up.example.com $testsdir/up.example.com.ksk ksk
- ../pdns/pdnssec --config-dir=. --config-name=remote import-zone-key up.example.com $testsdir/up.example.com.zsk.1 zsk
- ../pdns/pdnssec --config-dir=. --config-name=remote import-zone-key up.example.com $testsdir/up.example.com.zsk.2 zsk
- ../pdns/pdnssec --config-dir=. --config-name=remote activate-zone-key example.com 4
- ../pdns/pdnssec --config-dir=. --config-name=remote activate-zone-key example.com 5
- ../pdns/pdnssec --config-dir=. --config-name=remote deactivate-zone-key example.com 6
-
- if [ "$remotesec" = "nsec3" ]
- then
- ../pdns/pdnssec --config-dir=. --config-name=remote set-nsec3 example.com
- ../pdns/pdnssec --config-dir=. --config-name=remote set-nsec3 up.example.com
- fi
- fi
-
- $RUNWRAPPER $PDNS --daemon=no --local-port=$port --socket-dir=./ \
- --no-shuffle --launch=remote \
- --query-logging --loglevel=9 --cache-ttl=$cachettl --no-config \
- --send-root-referral --distributor-threads=1 \
- --allow-2136-from=127.0.0.0/8 --experimental-rfc2136=yes \
- --remote-connection-string="$connstr" $remote_add_param &
-
- ;;
- *)
- echo unknown context $context
- : > passed_tests
- echo 'unknown-context-'"$context" > failed_tests
- ./toxml $context
- exit
-esac
+start_master
if [ "$skiplua" == "1" ]; then
skipreasons="$skipreasons nolua"
check_process
-startslave ()
-{
- skipreasons="$skipreasons presigned nodyndns"
- if [ ${presignedcontext:0:6} = gmysql ]
- then
- context=${context}-presigned
- [ -z "$GMYSQL2DB" ] && GMYSQL2DB=pdnstest2
- [ -z "$GMYSQL2USER" ] && GMYSQL2USER=root
- [ -z "$GMYSQL2HOST" ] && GMYSQL2HOST=localhost
- [ -z "$GMYSQL2PASSWD" ] && GMYSQL2PASSWD=''
-
- mysqladmin --user="$GMYSQL2USER" --password="$GMYSQL2PASSWD" --host="$GMYSQL2HOST" --force drop "$GMYSQL2DB" \
- || echo ignoring mysqladmin drop failure
- mysqladmin --user="$GMYSQL2USER" --password="$GMYSQL2PASSWD" --host="$GMYSQL2HOST" create "$GMYSQL2DB"
- mysql --user="$GMYSQL2USER" --password="$GMYSQL2PASSWD" --host="$GMYSQL2HOST" \
- "$GMYSQL2DB" < ../modules/gmysqlbackend/no-dnssec.schema.mysql.sql
- mysql --user="$GMYSQL2USER" --password="$GMYSQL2PASSWD" --host="$GMYSQL2HOST" \
- "$GMYSQL2DB" < ../modules/gmysqlbackend/dnssec.schema.mysql.sql
-
- for zone in $(grep zone named.conf | cut -f2 -d\" | tac)
- do
- mysql --user="$GMYSQL2USER" --password="$GMYSQL2PASSWD" --host="$GMYSQL2HOST" \
- "$GMYSQL2DB" \
- -e "INSERT INTO domains (name, type, master) VALUES('$zone','SLAVE','127.0.0.1:$port')"
- done
-
- set +e
- echo $skipreasons | grep -q nodnssec
- if [ $? -ne 0 ]; then
- mysql --user="$GMYSQL2USER" --password="$GMYSQL2PASSWD" --host="$GMYSQL2HOST" "$GMYSQL2DB" \
- -e "INSERT INTO tsigkeys (name, algorithm,secret) VALUES('test', '$ALGORITHM', '$KEY')"
- mysql --user="$GMYSQL2USER" --password="$GMYSQL2PASSWD" --host="$GMYSQL2HOST" "$GMYSQL2DB" \
- -e "INSERT INTO domainmetadata (domain_id, kind, content) SELECT id, 'AXFR-MASTER-TSIG', 'test' FROM domains WHERE name = 'tsig.com'"
- echo $skipreasons | grep -q nolua
- if [ $? -ne 0 ]; then
- mysql --user="$GMYSQL2USER" --password="$GMYSQL2PASSWD" --host="$GMYSQL2HOST" "$GMYSQL2DB" \
- -e "INSERT INTO domainmetadata (domain_id,kind,content) SELECT id,'AXFR-SOURCE','127.0.0.2' FROM domains WHERE name = 'stest.com'"
- fi
- fi
- set -e
-
- port=$((port+100))
-
- $RUNWRAPPER $PDNS2 --daemon=no --local-port=$port --socket-dir=./ \
- --no-shuffle --launch=gmysql --gmysql-dnssec \
- --send-root-referral \
- --allow-2136-from=127.0.0.0/8 --experimental-rfc2136=yes \
- --cache-ttl=$cachettl --query-cache-ttl=$cachettl --no-config --slave --retrieval-threads=4 \
- --gmysql-dbname="$GMYSQL2DB" \
- --gmysql-user="$GMYSQL2USER" \
- --gmysql-host="$GMYSQL2HOST" \
- --gmysql-password="$GMYSQL2PASSWD" \
- --config-name=gmysql2 |& egrep -v "update records set ordername|insert into records" &
- echo 'waiting for zones to be slaved'
- loopcount=0
- while [ $loopcount -lt 20 ]
- do
- sleep 5
- todo=$(mysql --user="$GMYSQL2USER" --password="$GMYSQL2PASSWD" --host="$GMYSQl2HOST" \
- "$GMYSQL2DB" -ss -e 'SELECT COUNT(id) FROM domains WHERE last_check IS NULL')
- if [ $todo = 0 ]
- then
- break
- fi
- let loopcount=loopcount+1
- done
- if [ $todo -ne 0 ]; then
- echo "AXFR FAILED" >> failed_tests
- fi
- elif [ ${presignedcontext:0:8} = gsqlite3 ]
- then
- context=${context}-presigned
- rm -f pdns.sqlite31
- sqlite3 pdns.sqlite31 < ../modules/gsqlite3backend/no-dnssec.schema.sqlite3.sql
- sqlite3 pdns.sqlite31 < ../modules/gsqlite3backend/dnssec.schema.sqlite3.sql
-
- for zone in $(grep zone named.conf | cut -f2 -d\" | tac)
- do
- sqlite3 pdns.sqlite31 "INSERT INTO domains (name, type, master) VALUES('$zone','SLAVE','127.0.0.1:$port');"
- done
-
- set +e
- echo $skipreasons | grep -q nodnssec
- if [ $? -ne 0 ]; then
- sqlite3 pdns.sqlite31 "INSERT INTO tsigkeys (name,algorithm,secret) VALUES('test','$ALGORITHM', '$KEY')"
- sqlite3 pdns.sqlite31 "INSERT INTO domainmetadata (domain_id, kind, content) SELECT id, 'AXFR-MASTER-TSIG', 'test' FROM domains WHERE name = 'tsig.com'"
- echo $skipreasons | grep -q nolua
- if [ $? -ne 0 ]; then
- sqlite3 pdns.sqlite31 "INSERT INTO domainmetadata (domain_id,kind,content) SELECT id,'AXFR-SOURCE','127.0.0.2' FROM domains WHERE name = 'stest.com'"
- fi
- fi
- set -e
-
- port=$((port+100))
-
- $RUNWRAPPER $PDNS2 --daemon=no --local-port=$port --socket-dir=./ \
- --no-shuffle --launch=gsqlite3 --gsqlite3-dnssec \
- --fancy-records --send-root-referral \
- --cache-ttl=0 --query-cache-ttl=0 --no-config --slave --retrieval-threads=4 \
- --gsqlite3-database=pdns.sqlite31 --gsqlite3-pragma-synchronous=0 \
- --config-name=gsqlite32 |& egrep -v "update records set ordername|insert into records" &
- echo 'waiting for zones to be slaved'
- set +e
- loopcount=0
- while [ $loopcount -lt 20 ]
- do
- sleep 5
- todo=$(sqlite3 pdns.sqlite31 'SELECT COUNT(id) FROM domains WHERE last_check IS NULL')
- if [ $todo -eq 0 ]
- then
- if [ $todo = 0 ]
- then
- break
- fi
- fi
- let loopcount=loopcount+1
- done
- if [ $todo -ne 0 ]; then
- echo "AXFR FAILED" >> failed_tests
- fi
- set -e
- sqlite3 pdns.sqlite31 ANALYZE;
- elif [ ${presignedcontext:0:7} = goracle ]
- then
- context=${context}-presigned
- [ -z "$GORACLE2USER" ] && GORACLE2USER=pdns2
- [ -z "$GORACLE2PASSWD" ] && GORACLE2PASSWD=pdns
-
- echo "START ../modules/goraclebackend/goracle-drop-schema;" | sqlplus -S $GORACLE2USER/$GORACLE2PASSWD@xe > goracle2.log
- echo "START ../modules/goraclebackend/goracle-schema;" | sqlplus -S $GORACLE2USER/$GORACLE2PASSWD@xe >> goracle2.log
-
- cat > pdns-goracle2.conf << __EOF__
-launch=goracle
-goracle-home=$ORACLE_HOME
-goracle-sid=$ORACLE_SID
-goracle-nls-lang=$NLS_LANG
-
-goracle-tnsname=xe
-goracle-user=$GORACLE2USER
-goracle-password=$GORACLE2PASSWD
-goracle-dnssec
-__EOF__
-
- for zone in $(grep zone named.conf | cut -f2 -d\" | tac)
- do
- echo "INSERT INTO domains (id, name, type, master) VALUES(domains_id_sequence.nextval, '$zone', 'SLAVE', '127.0.0.1:$port');" | sqlplus -S $GORACLE2USER/$GORACLE2PASSWD@xe >> goracle2.log
- done
-
- set +e
- echo $skipreasons | grep -q nodnssec
- if [ $? -ne 0 ]; then
- ../pdns/pdnssec --config-dir=. --config-name=goracle2 import-tsig-key test $ALGORITHM $KEY
- ../pdns/pdnssec --config-dir=. --config-name=goracle2 activate-tsig-key tsig.com test master
- echo $skipreasons | grep -q nolua
- if [ $? -ne 0 ]; then
- ../pdns/pdnssec --config-dir=. --config-name=goracle2 set-meta stest.com AXFR-SOURCE 127.0.0.2
- fi
- fi
- set -e
-
- port=$((port+100))
-
- $RUNWRAPPER $PDNS2 --daemon=no --local-port=$port --config-dir=. \
- --config-name=goracle2 --socket-dir=./ --no-shuffle \
- --send-root-referral --slave --retrieval-threads=4 \
- --slave-cycle-interval=300 --config-name=goracle2 &
- echo 'waiting for zones to be slaved'
-
- loopcount=0
- while [ $loopcount -lt 40 ]
- do
- sleep 5
- todo=$(sqlplus -S $GORACLE2USER/$GORACLE2PASSWD@xe << __EOF__
-set pagesize 0 feedback off verify off heading off echo off;
-SELECT COUNT(id) FROM domains WHERE last_check IS NULL;
-exit;
-__EOF__
-)
- if [ $todo = 0 ]
- then
- break
- fi
- let loopcount=loopcount+1
- done
- if [ $todo -ne 0 ]; then
- echo "AXFR FAILED" >> failed_tests
- fi
-
- elif [ ${presignedcontext:0:4} = bind ]
- then
- context=${context}-presigned
- sed -e 's/type master;/type slave;\n\tmasters { 127.0.0.1:'$port'; };/' -e 's/file "\([^"]\+\)/file "\1-slave/' < named.conf > named-slave.conf
-
- for zone in $(grep zone named.conf | cut -f2 -d\")
- do
- rm -rf $zone-slave
- done
-
- rm -f dnssec-slave.sqlite3
-
- ../pdns/pdnssec --config-dir=. create-bind-db dnssec-slave.sqlite3
-
- set +e
- echo $skipreasons | grep -q nodnssec
- if [ $? -ne 0 ]; then
- sqlite3 dnssec-slave.sqlite3 "INSERT INTO tsigkeys (name, algorithm,secret) VALUES('test', '$ALGORITHM', '$KEY')"
- sqlite3 dnssec-slave.sqlite3 "INSERT INTO domainmetadata (domain, kind, content) SELECT 'tsig.com', 'AXFR-MASTER-TSIG', 'test'"
- echo $skipreasons | grep -q nolua
- if [ $? -ne 0 ]; then
- sqlite3 dnssec-slave.sqlite3 "INSERT INTO domainmetadata (domain,kind,content) SELECT 'stest.com','AXFR-SOURCE','127.0.0.2'"
- fi
- fi
- set -e
-
- port=$((port+100))
-
- $RUNWRAPPER $PDNS2 --daemon=no --local-port=$port --socket-dir=./ \
- --no-shuffle --launch=bind --bind-config=./named-slave.conf --slave \
- --send-root-referral --retrieval-threads=1 --config-name=bind-slave \
- --allow-2136-from=127.0.0.0/8 --experimental-rfc2136=yes \
- --cache-ttl=$cachettl --no-config --bind-dnssec-db=./dnssec-slave.sqlite3 &
- echo 'waiting for zones to be loaded'
- bindwait bind-slave
- elif [ ${presignedcontext:0:7} = ext-nsd ]
- then
- skipreasons="$skipreasons nsd"
- context=$context-presigned
- cat > nsd-slave.conf << __EOF__
-server:
- ip-address: 127.0.0.1@$((port+100))
- database: ./nsd-slave.db
- difffile: ./ixfr-slave.db
- xfrdfile: ./ixfr-slave.state
- zonesdir: .
- username: ""
-
-key:
- name: test
- algorithm: $ALGORITHM
- secret: "$KEY"
-__EOF__
-
- rm -f ixfr-slave.db
- rm -f ixfr-slave.state
-
- for zone in $(grep zone named.conf | cut -f2 -d\")
- do
- rm -f $zone-slave
-
- echo "" >> nsd-slave.conf
- echo "zone:" >> nsd-slave.conf
- echo " name: \"${zone}\"" >> nsd-slave.conf
- echo " zonefile: \"${zone}-slave\"" >> nsd-slave.conf
- if [ "${zone}" = "tsig.com" ]
- then
- echo " allow-notify: 127.0.0.1 test" >> nsd-slave.conf
- echo " request-xfr: AXFR 127.0.0.1@$port test" >> nsd-slave.conf
- echo " provide-xfr: 0.0.0.0/0 test" >> nsd-slave.conf
- echo " provide-xfr: ::0/0 test" >> nsd-slave.conf
- else
- echo " allow-notify: 127.0.0.1 NOKEY" >> nsd-slave.conf
- echo " request-xfr: AXFR 127.0.0.1@$port NOKEY" >> nsd-slave.conf
- echo " provide-xfr: 0.0.0.0/0 NOKEY" >> nsd-slave.conf
- echo " provide-xfr: ::0/0 NOKEY" >> nsd-slave.conf
- fi
- done
-
- port=$((port+100))
- nsdc -c nsd-slave.conf rebuild
-
- nsd -c nsd-slave.conf -P pdns-slave.pid -d &
- sleep 20
- elif [ ${presignedcontext:0:8} = ext-bind ]
- then
- skipreasons="$skipreasons bind"
- context=$context-presigned
- cat > bind-slave.conf << __EOF__
-options {
- dnssec-enable yes;
- listen-on port $(($port+100)) { 127.0.0.1; };
- minimal-responses yes;
- pid-file "pdns-slave.pid";
-};
-
-key test {
- algorithm $ALGORITHM;
- secret "$KEY";
-};
-__EOF__
-
- rm -f ixfr-slave.db
- rm -f ixfr-slave.state
-
- for zone in $(grep zone named.conf | cut -f2 -d\")
- do
- rm -f $zone-slave
-
- echo "" >> bind-slave.conf
- echo "zone \"${zone}\" {" >> bind-slave.conf
- echo " type slave;" >> bind-slave.conf
- echo " file \"${zone}-slave\";" >> bind-slave.conf
- if [ "${zone}" = "tsig.com" ]
- then
- echo " masters port $port { 127.0.0.1 key test; };" >> bind-slave.conf
- echo " allow-transfer { key test; none; };" >> bind-slave.conf
- else
- echo " masters port $port { 127.0.0.1; };" >> bind-slave.conf
- fi
- echo "};" >> bind-slave.conf
- done
-
- port=$((port+100))
-
- named -c bind-slave.conf -g &
- sleep 20
- fi
-}
-
dotests () {
nameserver=127.0.0.1 ./runtests $spectest
./toxml
fi
}
-## TODO: give pdns a few seconds to startup or fail, then check if it did not fail
## TODO: give sdig a timeout
RETVAL=0
if [ $presigned = yes ] || [ $both = yes ]
then
- startslave
+ start_slave
export port
export context
--- /dev/null
+diff
+real_result
+*.out
+start
+step.*
rm -f trustedkeys
rm -f unbound-host.conf
-for zone in $(grep zone named.conf | cut -f2 -d\")
+for zone in $(grep 'zone ' named.conf | cut -f2 -d\")
do
if [ "${zone: 0:16}" != "secure-delegated" ]
then
#!/bin/sh
cleandig host-invalid.test.dyndns ANY hidesoadetails
-$testname/sendupdate.pl $nameserver $port
+tests/$testname/sendupdate.pl $nameserver $port
cleandig host-invalid.test.dyndns ANY hidesoadetails
cleandig ns1.addzone.com A
cleandig ns1.test.com A
-../pdns/pdns_control --config-dir=. bind-add-zone addzone.com addzone.com
+../pdns/pdns_control --config-dir=. bind-add-zone addzone.com zones/addzone.com
../pdns/pdns_control --config-dir=. purge addzone.com
sleep 1
-../pdns/pdns_control --config-dir=. bind-add-zone addzone.com addzone.com
+../pdns/pdns_control --config-dir=. bind-add-zone addzone.com zones/addzone.com
sleep 1
cleandig ns1.addzone.com A
sleep 1
0 ns1.test.com. IN A 3600 1.1.1.1
Rcode: 0, RD: 0, QR: 1, TC: 0, AA: 1, opcode: 0
Reply to question for qname='ns1.test.com.', qtype=A
-Loaded zone addzone.com from addzone.com
+Loaded zone addzone.com from zones/addzone.com
0
Already loaded
Rcode: 2, RD: 0, QR: 1, TC: 0, AA: 1, opcode: 0
2 . IN OPT 32768
Rcode: 0, RD: 0, QR: 1, TC: 0, AA: 1, opcode: 0
Reply to question for qname='sub.host.sub.example.com.', qtype=A
-./ent-asterisk/unbound-host.out:sub.host.sub.example.com has no address (BOGUS (security failure))
+./tests/ent-asterisk/unbound-host.out:sub.host.sub.example.com has no address (BOGUS (security failure))
#!/usr/bin/env bash
-for zone in $(grep zone named.conf | cut -f2 -d\" | grep -v '^\(example.com\|nztest.com\)$')
+for zone in $(grep 'zone ' named.conf | cut -f2 -d\" | grep -v '^\(example.com\|nztest.com\)$')
do
TFILE=$(mktemp)
dig axfr $zone @$nameserver -p $port | ldns-read-zone -z > $TFILE
--- /dev/null
+/test.dyndns
+/*.com-slave
+/*.dyndns-slave
+/*.signed
+/*.nsd
+/ixfr.state
+/nsd.db
+/ixfr-slave.db
+/ixfr-slave.state
+/nsd-slave.db
projects / pdns / commitdiff