2448. [func] Add NSEC3 support. [RT #15452]
This commit is contained in:
Mark Andrews
@@ -15,7 +15,10 @@
|
||||
# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
|
||||
# PERFORMANCE OF THIS SOFTWARE.
|
||||
|
||||
# $Id: sign.sh,v 1.23 2007/06/19 23:47:02 tbox Exp $
|
||||
# $Id: sign.sh,v 1.24 2008/09/24 02:46:21 marka Exp $
|
||||
|
||||
SYSTEMTESTTOP=../..
|
||||
. $SYSTEMTESTTOP/conf.sh
|
||||
|
||||
RANDFILE=../random.data
|
||||
|
||||
@@ -66,3 +69,156 @@ mv $zonefile.signed $zonefile.tmp
|
||||
<$zonefile.tmp perl -p -e 's/ keyless.example/ b.keyless.example/
|
||||
if /^a.b.keyless.example/../NXT/;' >$zonefile.signed
|
||||
rm -f $zonefile.tmp
|
||||
|
||||
#
|
||||
# NSEC3/NSEC test zone
|
||||
#
|
||||
zone=secure.nsec3.example.
|
||||
infile=secure.nsec3.example.db.in
|
||||
zonefile=secure.nsec3.example.db
|
||||
|
||||
keyname=`$KEYGEN -r $RANDFILE -a RSAMD5 -b 768 -n zone $zone`
|
||||
|
||||
cat $infile $keyname.key >$zonefile
|
||||
|
||||
$SIGNER -r $RANDFILE -o $zone $zonefile > /dev/null
|
||||
|
||||
#
|
||||
# NSEC3/NSEC3 test zone
|
||||
#
|
||||
zone=nsec3.nsec3.example.
|
||||
infile=nsec3.nsec3.example.db.in
|
||||
zonefile=nsec3.nsec3.example.db
|
||||
|
||||
keyname=`$KEYGEN -r $RANDFILE -a NSEC3RSASHA1 -b 768 -n zone $zone`
|
||||
|
||||
cat $infile $keyname.key >$zonefile
|
||||
|
||||
$SIGNER -3 - -r $RANDFILE -o $zone $zonefile > /dev/null
|
||||
|
||||
#
|
||||
# OPTOUT/NSEC3 test zone
|
||||
#
|
||||
zone=optout.nsec3.example.
|
||||
infile=optout.nsec3.example.db.in
|
||||
zonefile=optout.nsec3.example.db
|
||||
|
||||
keyname=`$KEYGEN -r $RANDFILE -a NSEC3RSASHA1 -b 768 -n zone $zone`
|
||||
|
||||
cat $infile $keyname.key >$zonefile
|
||||
|
||||
$SIGNER -3 - -A -r $RANDFILE -o $zone $zonefile > /dev/null
|
||||
|
||||
#
|
||||
# A nsec3 zone (non-optout).
|
||||
#
|
||||
zone=nsec3.example.
|
||||
infile=nsec3.example.db.in
|
||||
zonefile=nsec3.example.db
|
||||
|
||||
keyname=`$KEYGEN -r $RANDFILE -a NSEC3RSASHA1 -b 768 -n zone $zone`
|
||||
|
||||
cat $infile $keyname.key >$zonefile
|
||||
|
||||
$SIGNER -g -3 - -r $RANDFILE -o $zone $zonefile > /dev/null
|
||||
|
||||
#
|
||||
# OPTOUT/NSEC test zone
|
||||
#
|
||||
zone=secure.optout.example.
|
||||
infile=secure.optout.example.db.in
|
||||
zonefile=secure.optout.example.db
|
||||
|
||||
keyname=`$KEYGEN -r $RANDFILE -a RSAMD5 -b 768 -n zone $zone`
|
||||
|
||||
cat $infile $keyname.key >$zonefile
|
||||
|
||||
$SIGNER -r $RANDFILE -o $zone $zonefile > /dev/null
|
||||
|
||||
#
|
||||
# OPTOUT/NSEC3 test zone
|
||||
#
|
||||
zone=nsec3.optout.example.
|
||||
infile=nsec3.optout.example.db.in
|
||||
zonefile=nsec3.optout.example.db
|
||||
|
||||
keyname=`$KEYGEN -r $RANDFILE -a NSEC3RSASHA1 -b 768 -n zone $zone`
|
||||
|
||||
cat $infile $keyname.key >$zonefile
|
||||
|
||||
$SIGNER -3 - -r $RANDFILE -o $zone $zonefile > /dev/null
|
||||
|
||||
#
|
||||
# OPTOUT/OPTOUT test zone
|
||||
#
|
||||
zone=optout.optout.example.
|
||||
infile=optout.optout.example.db.in
|
||||
zonefile=optout.optout.example.db
|
||||
|
||||
keyname=`$KEYGEN -r $RANDFILE -a NSEC3RSASHA1 -b 768 -n zone $zone`
|
||||
|
||||
cat $infile $keyname.key >$zonefile
|
||||
|
||||
$SIGNER -3 - -A -r $RANDFILE -o $zone $zonefile > /dev/null
|
||||
|
||||
#
|
||||
# A optout nsec3 zone.
|
||||
#
|
||||
zone=optout.example.
|
||||
infile=optout.example.db.in
|
||||
zonefile=optout.example.db
|
||||
|
||||
keyname=`$KEYGEN -r $RANDFILE -a NSEC3RSASHA1 -b 768 -n zone $zone`
|
||||
|
||||
cat $infile $keyname.key >$zonefile
|
||||
|
||||
$SIGNER -g -3 - -A -r $RANDFILE -o $zone $zonefile > /dev/null
|
||||
|
||||
#
|
||||
# A nsec3 zone (non-optout) with unknown hash algorithm.
|
||||
#
|
||||
zone=nsec3-unknown.example.
|
||||
infile=nsec3-unknown.example.db.in
|
||||
zonefile=nsec3-unknown.example.db
|
||||
|
||||
keyname=`$KEYGEN -r $RANDFILE -a NSEC3RSASHA1 -b 768 -n zone $zone`
|
||||
|
||||
cat $infile $keyname.key >$zonefile
|
||||
|
||||
$SIGNER -3 - -U -r $RANDFILE -o $zone $zonefile > /dev/null
|
||||
|
||||
#
|
||||
# A optout nsec3 zone.
|
||||
#
|
||||
zone=optout-unknown.example.
|
||||
infile=optout-unknown.example.db.in
|
||||
zonefile=optout-unknown.example.db
|
||||
|
||||
keyname=`$KEYGEN -r $RANDFILE -a NSEC3RSASHA1 -b 768 -n zone $zone`
|
||||
|
||||
cat $infile $keyname.key >$zonefile
|
||||
|
||||
$SIGNER -3 - -U -A -r $RANDFILE -o $zone $zonefile > /dev/null
|
||||
|
||||
#
|
||||
# A multiple parameter nsec3 zone.
|
||||
#
|
||||
zone=multiple.example.
|
||||
infile=multiple.example.db.in
|
||||
zonefile=multiple.example.db
|
||||
|
||||
keyname=`$KEYGEN -r $RANDFILE -a NSEC3RSASHA1 -b 768 -n zone $zone`
|
||||
|
||||
cat $infile $keyname.key >$zonefile
|
||||
|
||||
$SIGNER -r $RANDFILE -o $zone $zonefile > /dev/null
|
||||
mv $zonefile.signed $zonefile
|
||||
$SIGNER -3 - -r $RANDFILE -o $zone $zonefile > /dev/null
|
||||
mv $zonefile.signed $zonefile
|
||||
$SIGNER -3 AAAA -r $RANDFILE -o $zone $zonefile > /dev/null
|
||||
mv $zonefile.signed $zonefile
|
||||
$SIGNER -3 BBBB -r $RANDFILE -o $zone $zonefile > /dev/null
|
||||
mv $zonefile.signed $zonefile
|
||||
$SIGNER -3 CCCC -r $RANDFILE -o $zone $zonefile > /dev/null
|
||||
mv $zonefile.signed $zonefile
|
||||
$SIGNER -3 DDDD -r $RANDFILE -o $zone $zonefile > /dev/null
|
||||
|
||||
Reference in New Issue
Block a user