Use arithmetic expansion in system tests
Change the way arithmetic operations are performed in system test shell scripts from using `expr` to `$(())`. This ensures that updating the variable won't end up with a non-zero exit code, which would case the script to exit prematurely when `set -e` is in effect. The following replacements were performed using sed in all text files (git grep -Il '' | xargs sed -i): s/status=`expr $status + $ret`/status=$((status + ret))/g s/n=`expr $n + 1`/n=$((n + 1))/g s/t=`expr $t + 1`/t=$((t + 1))/g s/status=`expr $status + 1`/status=$((status + 1))/g s/try=`expr $try + 1`/try=$((try + 1))/g
This commit is contained in:
Tom Krizek
@@ -64,17 +64,17 @@ n=0
|
||||
nextpart ns2/named.run > /dev/null
|
||||
|
||||
# Test 1 - default, query allowed
|
||||
n=`expr $n + 1`
|
||||
n=$((n + 1))
|
||||
echo_i "test $n: default - query allowed"
|
||||
ret=0
|
||||
$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret=1
|
||||
grep 'status: NOERROR' dig.out.ns2.$n > /dev/null || ret=1
|
||||
grep '^a.normal.example' dig.out.ns2.$n > /dev/null || ret=1
|
||||
if [ $ret != 0 ]; then echo_i "failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
status=$((status + ret))
|
||||
|
||||
# Test 2 - explicit any, query allowed
|
||||
n=`expr $n + 1`
|
||||
n=$((n + 1))
|
||||
copy_setports ns2/named02.conf.in ns2/named.conf
|
||||
rndc_reload ns2 10.53.0.2
|
||||
|
||||
@@ -84,10 +84,10 @@ $DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret
|
||||
grep 'status: NOERROR' dig.out.ns2.$n > /dev/null || ret=1
|
||||
grep '^a.normal.example' dig.out.ns2.$n > /dev/null || ret=1
|
||||
if [ $ret != 0 ]; then echo_i "failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
status=$((status + ret))
|
||||
|
||||
# Test 3 - none, query refused
|
||||
n=`expr $n + 1`
|
||||
n=$((n + 1))
|
||||
copy_setports ns2/named03.conf.in ns2/named.conf
|
||||
rndc_reload ns2 10.53.0.2
|
||||
|
||||
@@ -99,9 +99,9 @@ grep 'EDE: 18 (Prohibited)' dig.out.ns2.$n > /dev/null || ret=1
|
||||
grep '^a.normal.example' dig.out.ns2.$n > /dev/null && ret=1
|
||||
nextpart ns2/named.run | grep 'recursion not enabled for view' > /dev/null || ret=1
|
||||
if [ $ret != 0 ]; then echo_i "failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
status=$((status + ret))
|
||||
|
||||
n=`expr $n + 1`
|
||||
n=$((n + 1))
|
||||
DIGNOEDNS="+tcp +nosea +nostat +nocmd +norec +noques +noauth +noadd +nostats +noedns -p ${PORT}"
|
||||
|
||||
echo_i "test $n: none - query refused (no edns)"
|
||||
@@ -111,10 +111,10 @@ grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1
|
||||
grep 'EDE: 18 (Prohibited)' dig.out.ns2.$n > /dev/null && ret=1
|
||||
grep '^a.normal.example' dig.out.ns2.$n > /dev/null && ret=1
|
||||
if [ $ret != 0 ]; then echo_i "failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
status=$((status + ret))
|
||||
|
||||
# Test 4 - address allowed, query allowed
|
||||
n=`expr $n + 1`
|
||||
n=$((n + 1))
|
||||
copy_setports ns2/named04.conf.in ns2/named.conf
|
||||
rndc_reload ns2 10.53.0.2
|
||||
|
||||
@@ -124,10 +124,10 @@ $DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret
|
||||
grep 'status: NOERROR' dig.out.ns2.$n > /dev/null || ret=1
|
||||
grep '^a.normal.example' dig.out.ns2.$n > /dev/null || ret=1
|
||||
if [ $ret != 0 ]; then echo_i "failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
status=$((status + ret))
|
||||
|
||||
# Test 5 - address not allowed, query refused
|
||||
n=`expr $n + 1`
|
||||
n=$((n + 1))
|
||||
copy_setports ns2/named05.conf.in ns2/named.conf
|
||||
rndc_reload ns2 10.53.0.2
|
||||
|
||||
@@ -138,10 +138,10 @@ grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1
|
||||
grep 'EDE: 18 (Prohibited)' dig.out.ns2.$n > /dev/null || ret=1
|
||||
grep '^a.normal.example' dig.out.ns2.$n > /dev/null && ret=1
|
||||
if [ $ret != 0 ]; then echo_i "failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
status=$((status + ret))
|
||||
|
||||
# Test 6 - address disallowed, query refused
|
||||
n=`expr $n + 1`
|
||||
n=$((n + 1))
|
||||
copy_setports ns2/named06.conf.in ns2/named.conf
|
||||
rndc_reload ns2 10.53.0.2
|
||||
|
||||
@@ -152,10 +152,10 @@ grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1
|
||||
grep 'EDE: 18 (Prohibited)' dig.out.ns2.$n > /dev/null || ret=1
|
||||
grep '^a.normal.example' dig.out.ns2.$n > /dev/null && ret=1
|
||||
if [ $ret != 0 ]; then echo_i "failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
status=$((status + ret))
|
||||
|
||||
# Test 7 - acl allowed, query allowed
|
||||
n=`expr $n + 1`
|
||||
n=$((n + 1))
|
||||
copy_setports ns2/named07.conf.in ns2/named.conf
|
||||
rndc_reload ns2 10.53.0.2
|
||||
|
||||
@@ -165,10 +165,10 @@ $DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret
|
||||
grep 'status: NOERROR' dig.out.ns2.$n > /dev/null || ret=1
|
||||
grep '^a.normal.example' dig.out.ns2.$n > /dev/null || ret=1
|
||||
if [ $ret != 0 ]; then echo_i "failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
status=$((status + ret))
|
||||
|
||||
# Test 8 - acl not allowed, query refused
|
||||
n=`expr $n + 1`
|
||||
n=$((n + 1))
|
||||
copy_setports ns2/named08.conf.in ns2/named.conf
|
||||
rndc_reload ns2 10.53.0.2
|
||||
|
||||
@@ -179,11 +179,11 @@ grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1
|
||||
grep 'EDE: 18 (Prohibited)' dig.out.ns2.$n > /dev/null || ret=1
|
||||
grep '^a.normal.example' dig.out.ns2.$n > /dev/null && ret=1
|
||||
if [ $ret != 0 ]; then echo_i "failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
status=$((status + ret))
|
||||
|
||||
|
||||
# Test 9 - acl disallowed, query refused
|
||||
n=`expr $n + 1`
|
||||
n=$((n + 1))
|
||||
copy_setports ns2/named09.conf.in ns2/named.conf
|
||||
rndc_reload ns2 10.53.0.2
|
||||
|
||||
@@ -194,10 +194,10 @@ grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1
|
||||
grep 'EDE: 18 (Prohibited)' dig.out.ns2.$n > /dev/null || ret=1
|
||||
grep '^a.normal.example' dig.out.ns2.$n > /dev/null && ret=1
|
||||
if [ $ret != 0 ]; then echo_i "failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
status=$((status + ret))
|
||||
|
||||
# Test 10 - key allowed, query allowed
|
||||
n=`expr $n + 1`
|
||||
n=$((n + 1))
|
||||
copy_setports ns2/named10.conf.in ns2/named.conf
|
||||
rndc_reload ns2 10.53.0.2
|
||||
|
||||
@@ -207,10 +207,10 @@ $DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 -y "${DEFAULT_HMAC}:one:1234abcd8765" a.no
|
||||
grep 'status: NOERROR' dig.out.ns2.$n > /dev/null || ret=1
|
||||
grep '^a.normal.example' dig.out.ns2.$n > /dev/null || ret=1
|
||||
if [ $ret != 0 ]; then echo_i "failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
status=$((status + ret))
|
||||
|
||||
# Test 11 - key not allowed, query refused
|
||||
n=`expr $n + 1`
|
||||
n=$((n + 1))
|
||||
copy_setports ns2/named11.conf.in ns2/named.conf
|
||||
rndc_reload ns2 10.53.0.2
|
||||
|
||||
@@ -221,10 +221,10 @@ grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1
|
||||
grep 'EDE: 18 (Prohibited)' dig.out.ns2.$n > /dev/null || ret=1
|
||||
grep '^a.normal.example' dig.out.ns2.$n > /dev/null && ret=1
|
||||
if [ $ret != 0 ]; then echo_i "failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
status=$((status + ret))
|
||||
|
||||
# Test 12 - key disallowed, query refused
|
||||
n=`expr $n + 1`
|
||||
n=$((n + 1))
|
||||
copy_setports ns2/named12.conf.in ns2/named.conf
|
||||
rndc_reload ns2 10.53.0.2
|
||||
|
||||
@@ -235,13 +235,13 @@ grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1
|
||||
grep 'EDE: 18 (Prohibited)' dig.out.ns2.$n > /dev/null || ret=1
|
||||
grep '^a.normal.example' dig.out.ns2.$n > /dev/null && ret=1
|
||||
if [ $ret != 0 ]; then echo_i "failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
status=$((status + ret))
|
||||
|
||||
# The next set of tests check if allow-query works in a view
|
||||
|
||||
n=20
|
||||
# Test 21 - views default, query allowed
|
||||
n=`expr $n + 1`
|
||||
n=$((n + 1))
|
||||
copy_setports ns2/named21.conf.in ns2/named.conf
|
||||
rndc_reload ns2 10.53.0.2
|
||||
|
||||
@@ -251,10 +251,10 @@ $DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret
|
||||
grep 'status: NOERROR' dig.out.ns2.$n > /dev/null || ret=1
|
||||
grep '^a.normal.example' dig.out.ns2.$n > /dev/null || ret=1
|
||||
if [ $ret != 0 ]; then echo_i "failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
status=$((status + ret))
|
||||
|
||||
# Test 22 - views explicit any, query allowed
|
||||
n=`expr $n + 1`
|
||||
n=$((n + 1))
|
||||
copy_setports ns2/named22.conf.in ns2/named.conf
|
||||
rndc_reload ns2 10.53.0.2
|
||||
|
||||
@@ -264,10 +264,10 @@ $DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret
|
||||
grep 'status: NOERROR' dig.out.ns2.$n > /dev/null || ret=1
|
||||
grep '^a.normal.example' dig.out.ns2.$n > /dev/null || ret=1
|
||||
if [ $ret != 0 ]; then echo_i "failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
status=$((status + ret))
|
||||
|
||||
# Test 23 - views none, query refused
|
||||
n=`expr $n + 1`
|
||||
n=$((n + 1))
|
||||
copy_setports ns2/named23.conf.in ns2/named.conf
|
||||
rndc_reload ns2 10.53.0.2
|
||||
|
||||
@@ -278,10 +278,10 @@ grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1
|
||||
grep 'EDE: 18 (Prohibited)' dig.out.ns2.$n > /dev/null || ret=1
|
||||
grep '^a.normal.example' dig.out.ns2.$n > /dev/null && ret=1
|
||||
if [ $ret != 0 ]; then echo_i "failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
status=$((status + ret))
|
||||
|
||||
# Test 24 - views address allowed, query allowed
|
||||
n=`expr $n + 1`
|
||||
n=$((n + 1))
|
||||
copy_setports ns2/named24.conf.in ns2/named.conf
|
||||
rndc_reload ns2 10.53.0.2
|
||||
|
||||
@@ -291,10 +291,10 @@ $DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret
|
||||
grep 'status: NOERROR' dig.out.ns2.$n > /dev/null || ret=1
|
||||
grep '^a.normal.example' dig.out.ns2.$n > /dev/null || ret=1
|
||||
if [ $ret != 0 ]; then echo_i "failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
status=$((status + ret))
|
||||
|
||||
# Test 25 - views address not allowed, query refused
|
||||
n=`expr $n + 1`
|
||||
n=$((n + 1))
|
||||
copy_setports ns2/named25.conf.in ns2/named.conf
|
||||
rndc_reload ns2 10.53.0.2
|
||||
|
||||
@@ -305,10 +305,10 @@ grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1
|
||||
grep 'EDE: 18 (Prohibited)' dig.out.ns2.$n > /dev/null || ret=1
|
||||
grep '^a.normal.example' dig.out.ns2.$n > /dev/null && ret=1
|
||||
if [ $ret != 0 ]; then echo_i "failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
status=$((status + ret))
|
||||
|
||||
# Test 26 - views address disallowed, query refused
|
||||
n=`expr $n + 1`
|
||||
n=$((n + 1))
|
||||
copy_setports ns2/named26.conf.in ns2/named.conf
|
||||
rndc_reload ns2 10.53.0.2
|
||||
|
||||
@@ -319,10 +319,10 @@ grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1
|
||||
grep 'EDE: 18 (Prohibited)' dig.out.ns2.$n > /dev/null || ret=1
|
||||
grep '^a.normal.example' dig.out.ns2.$n > /dev/null && ret=1
|
||||
if [ $ret != 0 ]; then echo_i "failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
status=$((status + ret))
|
||||
|
||||
# Test 27 - views acl allowed, query allowed
|
||||
n=`expr $n + 1`
|
||||
n=$((n + 1))
|
||||
copy_setports ns2/named27.conf.in ns2/named.conf
|
||||
rndc_reload ns2 10.53.0.2
|
||||
|
||||
@@ -332,10 +332,10 @@ $DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret
|
||||
grep 'status: NOERROR' dig.out.ns2.$n > /dev/null || ret=1
|
||||
grep '^a.normal.example' dig.out.ns2.$n > /dev/null || ret=1
|
||||
if [ $ret != 0 ]; then echo_i "failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
status=$((status + ret))
|
||||
|
||||
# Test 28 - views acl not allowed, query refused
|
||||
n=`expr $n + 1`
|
||||
n=$((n + 1))
|
||||
copy_setports ns2/named28.conf.in ns2/named.conf
|
||||
rndc_reload ns2 10.53.0.2
|
||||
|
||||
@@ -346,10 +346,10 @@ grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1
|
||||
grep 'EDE: 18 (Prohibited)' dig.out.ns2.$n > /dev/null || ret=1
|
||||
grep '^a.normal.example' dig.out.ns2.$n > /dev/null && ret=1
|
||||
if [ $ret != 0 ]; then echo_i "failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
status=$((status + ret))
|
||||
|
||||
# Test 29 - views acl disallowed, query refused
|
||||
n=`expr $n + 1`
|
||||
n=$((n + 1))
|
||||
copy_setports ns2/named29.conf.in ns2/named.conf
|
||||
rndc_reload ns2 10.53.0.2
|
||||
|
||||
@@ -360,10 +360,10 @@ grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1
|
||||
grep 'EDE: 18 (Prohibited)' dig.out.ns2.$n > /dev/null || ret=1
|
||||
grep '^a.normal.example' dig.out.ns2.$n > /dev/null && ret=1
|
||||
if [ $ret != 0 ]; then echo_i "failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
status=$((status + ret))
|
||||
|
||||
# Test 30 - views key allowed, query allowed
|
||||
n=`expr $n + 1`
|
||||
n=$((n + 1))
|
||||
copy_setports ns2/named30.conf.in ns2/named.conf
|
||||
rndc_reload ns2 10.53.0.2
|
||||
|
||||
@@ -373,10 +373,10 @@ $DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 -y "${DEFAULT_HMAC}:one:1234abcd8765" a.no
|
||||
grep 'status: NOERROR' dig.out.ns2.$n > /dev/null || ret=1
|
||||
grep '^a.normal.example' dig.out.ns2.$n > /dev/null || ret=1
|
||||
if [ $ret != 0 ]; then echo_i "failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
status=$((status + ret))
|
||||
|
||||
# Test 31 - views key not allowed, query refused
|
||||
n=`expr $n + 1`
|
||||
n=$((n + 1))
|
||||
copy_setports ns2/named31.conf.in ns2/named.conf
|
||||
rndc_reload ns2 10.53.0.2
|
||||
|
||||
@@ -387,10 +387,10 @@ grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1
|
||||
grep 'EDE: 18 (Prohibited)' dig.out.ns2.$n > /dev/null || ret=1
|
||||
grep '^a.normal.example' dig.out.ns2.$n > /dev/null && ret=1
|
||||
if [ $ret != 0 ]; then echo_i "failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
status=$((status + ret))
|
||||
|
||||
# Test 32 - views key disallowed, query refused
|
||||
n=`expr $n + 1`
|
||||
n=$((n + 1))
|
||||
copy_setports ns2/named32.conf.in ns2/named.conf
|
||||
rndc_reload ns2 10.53.0.2
|
||||
|
||||
@@ -401,10 +401,10 @@ grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1
|
||||
grep 'EDE: 18 (Prohibited)' dig.out.ns2.$n > /dev/null || ret=1
|
||||
grep '^a.normal.example' dig.out.ns2.$n > /dev/null && ret=1
|
||||
if [ $ret != 0 ]; then echo_i "failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
status=$((status + ret))
|
||||
|
||||
# Test 33 - views over options, views allow, query allowed
|
||||
n=`expr $n + 1`
|
||||
n=$((n + 1))
|
||||
copy_setports ns2/named33.conf.in ns2/named.conf
|
||||
rndc_reload ns2 10.53.0.2
|
||||
|
||||
@@ -414,10 +414,10 @@ $DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret
|
||||
grep 'status: NOERROR' dig.out.ns2.$n > /dev/null || ret=1
|
||||
grep '^a.normal.example' dig.out.ns2.$n > /dev/null || ret=1
|
||||
if [ $ret != 0 ]; then echo_i "failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
status=$((status + ret))
|
||||
|
||||
# Test 34 - views over options, views disallow, query refused
|
||||
n=`expr $n + 1`
|
||||
n=$((n + 1))
|
||||
copy_setports ns2/named34.conf.in ns2/named.conf
|
||||
rndc_reload ns2 10.53.0.2
|
||||
|
||||
@@ -428,14 +428,14 @@ grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1
|
||||
grep 'EDE: 18 (Prohibited)' dig.out.ns2.$n > /dev/null || ret=1
|
||||
grep '^a.normal.example' dig.out.ns2.$n > /dev/null && ret=1
|
||||
if [ $ret != 0 ]; then echo_i "failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
status=$((status + ret))
|
||||
|
||||
# Tests for allow-query in the zone statements
|
||||
|
||||
n=40
|
||||
|
||||
# Test 41 - zone default, query allowed
|
||||
n=`expr $n + 1`
|
||||
n=$((n + 1))
|
||||
copy_setports ns2/named40.conf.in ns2/named.conf
|
||||
rndc_reload ns2 10.53.0.2
|
||||
|
||||
@@ -445,20 +445,20 @@ $DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret
|
||||
grep 'status: NOERROR' dig.out.ns2.$n > /dev/null || ret=1
|
||||
grep '^a.normal.example' dig.out.ns2.$n > /dev/null || ret=1
|
||||
if [ $ret != 0 ]; then echo_i "failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
status=$((status + ret))
|
||||
|
||||
# Test 42 - zone explicit any, query allowed
|
||||
n=`expr $n + 1`
|
||||
n=$((n + 1))
|
||||
echo_i "test $n: zone explicit any - query allowed"
|
||||
ret=0
|
||||
$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.any.example a > dig.out.ns2.$n || ret=1
|
||||
grep 'status: NOERROR' dig.out.ns2.$n > /dev/null || ret=1
|
||||
grep '^a.any.example' dig.out.ns2.$n > /dev/null || ret=1
|
||||
if [ $ret != 0 ]; then echo_i "failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
status=$((status + ret))
|
||||
|
||||
# Test 43 - zone none, query refused
|
||||
n=`expr $n + 1`
|
||||
n=$((n + 1))
|
||||
echo_i "test $n: zone none - query refused"
|
||||
ret=0
|
||||
$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.none.example a > dig.out.ns2.$n || ret=1
|
||||
@@ -466,20 +466,20 @@ grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1
|
||||
grep 'EDE: 18 (Prohibited)' dig.out.ns2.$n > /dev/null || ret=1
|
||||
grep '^a.none.example' dig.out.ns2.$n > /dev/null && ret=1
|
||||
if [ $ret != 0 ]; then echo_i "failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
status=$((status + ret))
|
||||
|
||||
# Test 44 - zone address allowed, query allowed
|
||||
n=`expr $n + 1`
|
||||
n=$((n + 1))
|
||||
echo_i "test $n: zone address allowed - query allowed"
|
||||
ret=0
|
||||
$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.addrallow.example a > dig.out.ns2.$n || ret=1
|
||||
grep 'status: NOERROR' dig.out.ns2.$n > /dev/null || ret=1
|
||||
grep '^a.addrallow.example' dig.out.ns2.$n > /dev/null || ret=1
|
||||
if [ $ret != 0 ]; then echo_i "failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
status=$((status + ret))
|
||||
|
||||
# Test 45 - zone address not allowed, query refused
|
||||
n=`expr $n + 1`
|
||||
n=$((n + 1))
|
||||
echo_i "test $n: zone address not allowed - query refused"
|
||||
ret=0
|
||||
$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.addrnotallow.example a > dig.out.ns2.$n || ret=1
|
||||
@@ -487,10 +487,10 @@ grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1
|
||||
grep 'EDE: 18 (Prohibited)' dig.out.ns2.$n > /dev/null || ret=1
|
||||
grep '^a.addrnotallow.example' dig.out.ns2.$n > /dev/null && ret=1
|
||||
if [ $ret != 0 ]; then echo_i "failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
status=$((status + ret))
|
||||
|
||||
# Test 46 - zone address disallowed, query refused
|
||||
n=`expr $n + 1`
|
||||
n=$((n + 1))
|
||||
echo_i "test $n: zone address disallowed - query refused"
|
||||
ret=0
|
||||
$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.addrdisallow.example a > dig.out.ns2.$n || ret=1
|
||||
@@ -498,20 +498,20 @@ grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1
|
||||
grep 'EDE: 18 (Prohibited)' dig.out.ns2.$n > /dev/null || ret=1
|
||||
grep '^a.addrdisallow.example' dig.out.ns2.$n > /dev/null && ret=1
|
||||
if [ $ret != 0 ]; then echo_i "failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
status=$((status + ret))
|
||||
|
||||
# Test 47 - zone acl allowed, query allowed
|
||||
n=`expr $n + 1`
|
||||
n=$((n + 1))
|
||||
echo_i "test $n: zone acl allowed - query allowed"
|
||||
ret=0
|
||||
$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.aclallow.example a > dig.out.ns2.$n || ret=1
|
||||
grep 'status: NOERROR' dig.out.ns2.$n > /dev/null || ret=1
|
||||
grep '^a.aclallow.example' dig.out.ns2.$n > /dev/null || ret=1
|
||||
if [ $ret != 0 ]; then echo_i "failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
status=$((status + ret))
|
||||
|
||||
# Test 48 - zone acl not allowed, query refused
|
||||
n=`expr $n + 1`
|
||||
n=$((n + 1))
|
||||
echo_i "test $n: zone acl not allowed - query refused"
|
||||
ret=0
|
||||
$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.aclnotallow.example a > dig.out.ns2.$n || ret=1
|
||||
@@ -519,10 +519,10 @@ grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1
|
||||
grep 'EDE: 18 (Prohibited)' dig.out.ns2.$n > /dev/null || ret=1
|
||||
grep '^a.aclnotallow.example' dig.out.ns2.$n > /dev/null && ret=1
|
||||
if [ $ret != 0 ]; then echo_i "failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
status=$((status + ret))
|
||||
|
||||
# Test 49 - zone acl disallowed, query refused
|
||||
n=`expr $n + 1`
|
||||
n=$((n + 1))
|
||||
echo_i "test $n: zone acl disallowed - query refused"
|
||||
ret=0
|
||||
$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.acldisallow.example a > dig.out.ns2.$n || ret=1
|
||||
@@ -530,20 +530,20 @@ grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1
|
||||
grep 'EDE: 18 (Prohibited)' dig.out.ns2.$n > /dev/null || ret=1
|
||||
grep '^a.acldisallow.example' dig.out.ns2.$n > /dev/null && ret=1
|
||||
if [ $ret != 0 ]; then echo_i "failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
status=$((status + ret))
|
||||
|
||||
# Test 50 - zone key allowed, query allowed
|
||||
n=`expr $n + 1`
|
||||
n=$((n + 1))
|
||||
echo_i "test $n: zone key allowed - query allowed"
|
||||
ret=0
|
||||
$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 -y "${DEFAULT_HMAC}:one:1234abcd8765" a.keyallow.example a > dig.out.ns2.$n || ret=1
|
||||
grep 'status: NOERROR' dig.out.ns2.$n > /dev/null || ret=1
|
||||
grep '^a.keyallow.example' dig.out.ns2.$n > /dev/null || ret=1
|
||||
if [ $ret != 0 ]; then echo_i "failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
status=$((status + ret))
|
||||
|
||||
# Test 51 - zone key not allowed, query refused
|
||||
n=`expr $n + 1`
|
||||
n=$((n + 1))
|
||||
echo_i "test $n: zone key not allowed - query refused"
|
||||
ret=0
|
||||
$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 -y "${DEFAULT_HMAC}:two:1234efgh8765" a.keyallow.example a > dig.out.ns2.$n || ret=1
|
||||
@@ -551,10 +551,10 @@ grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1
|
||||
grep 'EDE: 18 (Prohibited)' dig.out.ns2.$n > /dev/null || ret=1
|
||||
grep '^a.keyallow.example' dig.out.ns2.$n > /dev/null && ret=1
|
||||
if [ $ret != 0 ]; then echo_i "failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
status=$((status + ret))
|
||||
|
||||
# Test 52 - zone key disallowed, query refused
|
||||
n=`expr $n + 1`
|
||||
n=$((n + 1))
|
||||
echo_i "test $n: zone key disallowed - query refused"
|
||||
ret=0
|
||||
$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 -y "${DEFAULT_HMAC}:one:1234abcd8765" a.keydisallow.example a > dig.out.ns2.$n || ret=1
|
||||
@@ -562,10 +562,10 @@ grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1
|
||||
grep 'EDE: 18 (Prohibited)' dig.out.ns2.$n > /dev/null || ret=1
|
||||
grep '^a.keydisallow.example' dig.out.ns2.$n > /dev/null && ret=1
|
||||
if [ $ret != 0 ]; then echo_i "failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
status=$((status + ret))
|
||||
|
||||
# Test 53 - zones over options, zones allow, query allowed
|
||||
n=`expr $n + 1`
|
||||
n=$((n + 1))
|
||||
copy_setports ns2/named53.conf.in ns2/named.conf
|
||||
rndc_reload ns2 10.53.0.2
|
||||
|
||||
@@ -575,10 +575,10 @@ $DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret
|
||||
grep 'status: NOERROR' dig.out.ns2.$n > /dev/null || ret=1
|
||||
grep '^a.normal.example' dig.out.ns2.$n > /dev/null || ret=1
|
||||
if [ $ret != 0 ]; then echo_i "failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
status=$((status + ret))
|
||||
|
||||
# Test 54 - zones over options, zones disallow, query refused
|
||||
n=`expr $n + 1`
|
||||
n=$((n + 1))
|
||||
copy_setports ns2/named54.conf.in ns2/named.conf
|
||||
rndc_reload ns2 10.53.0.2
|
||||
|
||||
@@ -589,10 +589,10 @@ grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1
|
||||
grep 'EDE: 18 (Prohibited)' dig.out.ns2.$n > /dev/null || ret=1
|
||||
grep '^a.normal.example' dig.out.ns2.$n > /dev/null && ret=1
|
||||
if [ $ret != 0 ]; then echo_i "failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
status=$((status + ret))
|
||||
|
||||
# Test 55 - zones over views, zones allow, query allowed
|
||||
n=`expr $n + 1`
|
||||
n=$((n + 1))
|
||||
copy_setports ns2/named55.conf.in ns2/named.conf
|
||||
rndc_reload ns2 10.53.0.2
|
||||
|
||||
@@ -602,10 +602,10 @@ $DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret
|
||||
grep 'status: NOERROR' dig.out.ns2.$n > /dev/null || ret=1
|
||||
grep '^a.normal.example' dig.out.ns2.$n > /dev/null || ret=1
|
||||
if [ $ret != 0 ]; then echo_i "failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
status=$((status + ret))
|
||||
|
||||
# Test 56 - zones over views, zones disallow, query refused
|
||||
n=`expr $n + 1`
|
||||
n=$((n + 1))
|
||||
copy_setports ns2/named56.conf.in ns2/named.conf
|
||||
rndc_reload ns2 10.53.0.2
|
||||
|
||||
@@ -616,10 +616,10 @@ grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1
|
||||
grep 'EDE: 18 (Prohibited)' dig.out.ns2.$n > /dev/null || ret=1
|
||||
grep '^a.normal.example' dig.out.ns2.$n > /dev/null && ret=1
|
||||
if [ $ret != 0 ]; then echo_i "failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
status=$((status + ret))
|
||||
|
||||
# Test 57 - zones over views, zones disallow, query refused (allow-query-on)
|
||||
n=`expr $n + 1`
|
||||
n=$((n + 1))
|
||||
copy_setports ns2/named57.conf.in ns2/named.conf
|
||||
rndc_reload ns2 10.53.0.2
|
||||
|
||||
@@ -633,10 +633,10 @@ grep 'status: REFUSED' dig.out.ns2.2.$n > /dev/null || ret=1
|
||||
grep 'EDE: 18 (Prohibited)' dig.out.ns2.2.$n > /dev/null || ret=1
|
||||
grep '^a.aclnotallow.example' dig.out.ns2.2.$n > /dev/null && ret=1
|
||||
if [ $ret != 0 ]; then echo_i "failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
status=$((status + ret))
|
||||
|
||||
# Test 58 - allow-recursion default
|
||||
n=`expr $n + 1`
|
||||
n=$((n + 1))
|
||||
echo_i "test $n: default allow-recursion configuration"
|
||||
ret=0
|
||||
nextpart ns3/named.run > /dev/null
|
||||
@@ -647,10 +647,10 @@ grep 'status: REFUSED' dig.out.ns3.2.$n > /dev/null || ret=1
|
||||
grep 'EDE: 18 (Prohibited)' dig.out.ns3.2.$n > /dev/null || ret=1
|
||||
nextpart ns3/named.run | grep 'allow-recursion did not match' > /dev/null || ret=1
|
||||
if [ $ret != 0 ]; then echo_i "failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
status=$((status + ret))
|
||||
|
||||
# Test 59 - allow-query-cache default
|
||||
n=`expr $n + 1`
|
||||
n=$((n + 1))
|
||||
echo_i "test $n: default allow-query-cache configuration"
|
||||
ret=0
|
||||
$DIG -p ${PORT} @10.53.0.3 -b 127.0.0.1 ns . > dig.out.ns3.1.$n
|
||||
@@ -660,10 +660,10 @@ grep 'status: REFUSED' dig.out.ns3.2.$n > /dev/null || ret=1
|
||||
grep 'EDE: 18 (Prohibited)' dig.out.ns3.2.$n > /dev/null || ret=1
|
||||
nextpart ns3/named.run | grep 'allow-recursion did not match' > /dev/null || ret=1
|
||||
if [ $ret != 0 ]; then echo_i "failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
status=$((status + ret))
|
||||
|
||||
# Test 60 - block recursion-on, allow query-cache-on
|
||||
n=`expr $n + 1`
|
||||
n=$((n + 1))
|
||||
copy_setports ns3/named2.conf.in ns3/named.conf
|
||||
rndc_reload ns3 10.53.0.3
|
||||
|
||||
@@ -679,10 +679,10 @@ grep 'recursion requested but not available' dig.out.ns3.2.$n > /dev/null || ret
|
||||
grep 'ANSWER: 0' dig.out.ns3.2.$n > /dev/null || ret=1
|
||||
nextpart ns3/named.run | grep 'allow-recursion-on did not match' > /dev/null || ret=1
|
||||
if [ $ret != 0 ]; then echo_i "failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
status=$((status + ret))
|
||||
|
||||
# Test 61 - inheritance of allow-query-cache-on from allow-recursion-on
|
||||
n=`expr $n + 1`
|
||||
n=$((n + 1))
|
||||
copy_setports ns3/named3.conf.in ns3/named.conf
|
||||
rndc_reload ns3 10.53.0.3
|
||||
|
||||
@@ -706,10 +706,10 @@ grep 'status: REFUSED' dig.out.ns3.4.$n > /dev/null || ret=1
|
||||
grep 'EDE: 18 (Prohibited)' dig.out.ns3.4.$n > /dev/null || ret=1
|
||||
nextpart ns3/named.run | grep 'allow-recursion-on did not match' > /dev/null || ret=1
|
||||
if [ $ret != 0 ]; then echo_i "failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
status=$((status + ret))
|
||||
|
||||
# Test 62 - inheritance of allow-recursion-on from allow-query-cache-on
|
||||
n=`expr $n + 1`
|
||||
n=$((n + 1))
|
||||
copy_setports ns3/named4.conf.in ns3/named.conf
|
||||
rndc_reload ns3 10.53.0.3
|
||||
|
||||
@@ -733,7 +733,7 @@ grep 'status: REFUSED' dig.out.ns3.4.$n > /dev/null || ret=1
|
||||
grep 'EDE: 18 (Prohibited)' dig.out.ns3.4.$n > /dev/null || ret=1
|
||||
nextpart ns3/named.run | grep 'allow-recursion-on did not match' > /dev/null || ret=1
|
||||
if [ $ret != 0 ]; then echo_i "failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
status=$((status + ret))
|
||||
|
||||
echo_i "exit status: $status"
|
||||
[ $status -eq 0 ] || exit 1
|
||||
|
||||
Reference in New Issue
Block a user