[master] address TKEY bugs

3486. [bug] named could crash when using TKEY-negotiated keys that had been deleted and then recreated. [RT #32506] commit 6a48b9999766d26cddc7cef275cd984b7d53c014 Author: Evan Hunt <each@isc.org> Date: Tue Jan 29 14:59:46 2013 -0800 [rt32506] don't dump key if dump is unimplemented commit d0ae0f44b460bab2e8bb24bba683d3ef69ec1765 Author: Evan Hunt <each@isc.org> Date: Tue Jan 29 14:42:25 2013 -0800 [rt32506] make sure LRU needs adjusting before adjusting it commit 0437f8f06b1cb72a6d5e3c30f27febca23846d95 Author: Evan Hunt <each@isc.org> Date: Tue Jan 29 12:28:28 2013 -0800 [rt32506] demonstrate bugs in tkey test
2013-02-15 10:19:50 -08:00
parent 6330174f80
commit 0b8bd3a4ae
8 changed files with 93 additions and 10 deletions
--- a/bin/tests/system/tkey/tests.sh
+++ b/bin/tests/system/tkey/tests.sh
@@ -91,8 +91,17 @@ status=`expr $status + $ret`

 echo "I:checking the key with 'rndc tsig-list'"
 ret=0
-$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 tsig-list > rndc.out
-grep "key \"bar.example.server" rndc.out > /dev/null || ret=1
+$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 tsig-list > rndc.out.1
+grep "key \"bar.example.server" rndc.out.1 > /dev/null || ret=1
+if [ $ret != 0 ]; then
+        echo "I:failed"
+fi
+status=`expr $status + $ret`
+
+echo "I:using key in a request"
+ret=0
+$DIG $DIGOPTS -k $keyname txt.example txt > dig.out.3 || ret=1
+grep "status: NOERROR" dig.out.3 > /dev/null || ret=1
 if [ $ret != 0 ]; then
        echo "I:failed"
 fi
@@ -101,8 +110,38 @@ status=`expr $status + $ret`
 echo "I:deleting the key with 'rndc tsig-delete'"
 ret=0
 $RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 tsig-delete bar.example.server > /dev/null || ret=1
-$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 tsig-list > rndc.out
-grep "key \"bar.example.server" rndc.out > /dev/null && ret=1
+$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 tsig-list > rndc.out.2
+grep "key \"bar.example.server" rndc.out.2 > /dev/null && ret=1
+$DIG $DIGOPTS -k $keyname txt.example txt > dig.out.4 || ret=1
+grep "TSIG could not be validated" dig.out.4 > /dev/null || ret=1
+if [ $ret != 0 ]; then
+        echo "I:failed"
+fi
+status=`expr $status + $ret`
+
+echo "I:recreating the bar.example. key"
+ret=0
+keyname=`./keycreate $dhkeyname bar.example.` || ret=1
+if [ $ret != 0 ]; then
+        echo "I:failed"
+        echo "I:exit status: $status"
+        exit $status
+fi
+status=`expr $status + $ret`
+
+echo "I:checking the new key with 'rndc tsig-list'"
+ret=0
+$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 tsig-list > rndc.out.3
+grep "key \"bar.example.server" rndc.out.3 > /dev/null || ret=1
+if [ $ret != 0 ]; then
+        echo "I:failed"
+fi
+status=`expr $status + $ret`
+
+echo "I:using the new key in a request"
+ret=0
+$DIG $DIGOPTS -k $keyname txt.example txt > dig.out.5 || ret=1
+grep "status: NOERROR" dig.out.5 > /dev/null || ret=1
 if [ $ret != 0 ]; then
        echo "I:failed"
 fi