remove "dnssec-enable" from all system tests

2019-03-11 18:26:43 -07:00
parent b3ff3bf2e4
commit 885a3d208e
85 changed files with 4 additions and 110 deletions
--- a/bin/tests/system/dnssec/ns1/named.conf.in
+++ b/bin/tests/system/dnssec/ns1/named.conf.in
@@ -21,7 +21,6 @@ options {
 	listen-on-v6 { none; };
 	recursion no;
 	notify yes;
-	dnssec-enable yes;
 	dnssec-validation yes;
 	/* test that we can turn off trust-anchor-telemetry */
 	trust-anchor-telemetry no;
--- a/bin/tests/system/dnssec/ns2/named.conf.in
+++ b/bin/tests/system/dnssec/ns2/named.conf.in
@@ -21,7 +21,6 @@ options {
 	listen-on-v6 { none; };
 	recursion no;
 	notify yes;
-	dnssec-enable yes;
 	dnssec-validation yes;
 	notify-delay 1;
 	minimal-responses no;
--- a/bin/tests/system/dnssec/ns3/named.conf.in
+++ b/bin/tests/system/dnssec/ns3/named.conf.in
@@ -21,7 +21,6 @@ options {
 	listen-on-v6 { none; };
 	recursion no;
 	notify yes;
-	dnssec-enable yes;
 	dnssec-validation yes;
 	session-keyfile "session.key";
 	minimal-responses no;
--- a/bin/tests/system/dnssec/ns4/named1.conf.in
+++ b/bin/tests/system/dnssec/ns4/named1.conf.in
@@ -20,7 +20,6 @@ options {
 	listen-on { 10.53.0.4; };
 	listen-on-v6 { none; };
 	recursion yes;
-	dnssec-enable yes;
 	dnssec-validation yes;
 	dnssec-must-be-secure mustbesecure.example yes;
 	minimal-responses no;
--- a/bin/tests/system/dnssec/ns4/named2.conf.in
+++ b/bin/tests/system/dnssec/ns4/named2.conf.in
@@ -21,7 +21,6 @@ options {
 	listen-on { 10.53.0.4; };
 	listen-on-v6 { none; };
 	recursion yes;
-	dnssec-enable yes;
 	dnssec-validation auto;
 	bindkeys-file "managed.conf";
 	minimal-responses no;
--- a/bin/tests/system/dnssec/ns4/named3.conf.in
+++ b/bin/tests/system/dnssec/ns4/named3.conf.in
@@ -20,7 +20,6 @@ options {
 	listen-on { 10.53.0.4; };
 	listen-on-v6 { none; };
 	recursion yes;
-	dnssec-enable yes;
 	dnssec-validation auto;
 	bindkeys-file "managed.conf";
 	dnssec-accept-expired yes;
--- a/bin/tests/system/dnssec/ns4/named5.conf.in
+++ b/bin/tests/system/dnssec/ns4/named5.conf.in
@@ -20,7 +20,6 @@ options {
 	listen-on { 10.53.0.4; };
 	listen-on-v6 { none; };
 	bindkeys-file "managed.conf";
-	dnssec-enable no;
 };

 key rndc_key {
--- a/bin/tests/system/dnssec/ns5/named1.conf.in
+++ b/bin/tests/system/dnssec/ns5/named1.conf.in
@@ -20,7 +20,6 @@ options {
 	listen-on { 10.53.0.5; };
 	listen-on-v6 { none; };
 	recursion yes;
-	dnssec-enable yes;
 	dnssec-validation yes;
 };

--- a/bin/tests/system/dnssec/ns6/named.conf.in
+++ b/bin/tests/system/dnssec/ns6/named.conf.in
@@ -22,7 +22,6 @@ options {
 	recursion yes;
 	notify yes;
 	disable-algorithms . { @ALTERNATIVE_ALGORITHM@; };
-	dnssec-enable yes;
 	dnssec-validation yes;
 	dnssec-lookaside . trust-anchor dlv;
 };
--- a/bin/tests/system/dnssec/ns7/named.conf.in
+++ b/bin/tests/system/dnssec/ns7/named.conf.in
@@ -21,7 +21,6 @@ options {
 	listen-on-v6 { none; };
 	recursion no;
 	notify yes;
-	dnssec-enable yes;
 	dnssec-validation yes;
 	minimal-responses yes;
 };
--- a/bin/tests/system/dnssec/tests.sh
+++ b/bin/tests/system/dnssec/tests.sh
@@ -3648,20 +3648,5 @@ n=$((n+1))
 test "$ret" -eq 0 || echo_i "failed"
 status=$((status+ret))

-# Note: after this check, ns4 will not be validating any more; do not add any
-# further validation tests employing ns4 below this check.
-echo_i "check that validation defaults to off when dnssec-enable is off ($n)"
-ret=0
-# Sanity check - validation should be enabled.
-rndccmd 10.53.0.4 validation status | grep "enabled" > /dev/null || ret=1
-# Set "dnssec-enable" to "no" and reconfigure.
-copy_setports ns4/named5.conf.in ns4/named.conf
-rndccmd 10.53.0.4 reconfig 2>&1 | sed 's/^/ns4 /' | cat_i
-# Check validation status again.
-rndccmd 10.53.0.4 validation status | grep "disabled" > /dev/null || ret=1
-n=$((n+1))
-test "$ret" -eq 0 || echo_i "failed"
-status=$((status+ret))
-
 echo_i "exit status: $status"
 [ $status -eq 0 ] || exit 1