added system tests

2000-05-15 22:53:15 +00:00
parent 43383a70d3
commit 0e9dcd5480
35 changed files with 814 additions and 0 deletions
--- a/bin/tests/system/dnssec/ns2/example.db.in
+++ b/bin/tests/system/dnssec/ns2/example.db.in
@@ -0,0 +1,24 @@
+$TTL 300	; 5 minutes
+@			IN SOA	mname1. . (
+				2000042407 ; serial
+				20         ; refresh (20 seconds)
+				20         ; retry (20 seconds)
+				1814400    ; expire (3 weeks)
+				3600       ; minimum (1 hour)
+				)
+			NS	ns2
+ns2			A	10.53.0.2
+
+a			A	10.0.0.1
+b			A	10.0.0.2
+d			A	10.0.0.4
+
+; A secure subdomain
+secure			NS	ns.secure
+ns.secure		A	10.53.0.3
+
+; An insecure subdomain
+insecure		NS	ns.secure
+ns.insecure		A	10.53.0.3
+
+z			A	10.0.0.26
--- a/bin/tests/system/dnssec/ns2/named.conf
+++ b/bin/tests/system/dnssec/ns2/named.conf
@@ -0,0 +1,18 @@
+options {
+	pid-file "named.pid";
+	listen-on { 10.53.0.2; };
+	recursion no;
+	notify yes;
+};
+
+zone "." {
+	type hint;
+	file "root.hint";
+};
+
+zone "example" {
+	type master;
+	file "example.db.signed";
+	allow-update { any; };
+};
+
--- a/bin/tests/system/dnssec/ns2/root.hint
+++ b/bin/tests/system/dnssec/ns2/root.hint
@@ -0,0 +1,3 @@
+$TTL 999999
+.			 IN NS	a.root-servers.nil.
+a.root-servers.nil.	 IN A	10.53.0.1
--- a/bin/tests/system/dnssec/ns2/sign.sh
+++ b/bin/tests/system/dnssec/ns2/sign.sh
@@ -0,0 +1,42 @@
+#!/bin/sh
+
+zone=example.
+infile=example.db.in
+zonefile=example.db
+
+keyname=`$KEYGEN -a RSA -b 768 -n zone $zone`
+
+tag=`echo $keykname | sed -n 's/^.*\+\([0-9][0-9]*\)$/\1/p'`
+
+echo "key=$keyname, tag=$tag"
+
+# Have the child generate a zone key and pass it to us,
+# sign it, and pass it back
+
+( cd ../ns3 && sh sign.sh )
+cp ../ns3/secure.example.keyset .
+/local/bind9/bin/tests/keysigner -v 9 secure.example.keyset example./$tag/001
+# This will leave two copies of the child's zone key in the signed db file;
+# that shouldn't cause any problems.
+cat secure.example.signedkey >>../ns3/secure.example.db.signed
+
+pubkeyfile="$keyname.key"
+
+$KEYSETTOOL $zone $tag/001
+
+cat $infile $pubkeyfile >$zonefile
+
+$SIGNER -v 1 -o $zone $zonefile
+
+# Configure the resolving server with a trusted key.
+
+cat $pubkeyfile | perl -n -e '
+my ($dn, $class, $type, $flags, $proto, $alg, @rest) = split;
+my $key = join("", @rest);
+print <<EOF
+trusted-keys {
+    "$dn" $flags $proto $alg "$key";
+};
+EOF
+' >../ns4/trusted.conf
+