Add tests for DNSSEC sign statistics

This adds tests to the statschannel system test for testing if the dnskey sign operation counters are incremented correctly. It tests three cases: 1. A zone maintenance event where all the signatures that are about to expire are resigned. 2. A dynamic update event where the new RR and other relevant records (SOA, NSEC) are resigned. 3. Adding a standby key, that means the DNSKEY and SOA RRset are resigned.
2019-06-20 13:10:33 +02:00
parent 312fa7f65e
commit a8750a8805
9 changed files with 275 additions and 7 deletions
--- a/bin/tests/system/statschannel/ns2/dnssec.db.in
+++ b/bin/tests/system/statschannel/ns2/dnssec.db.in
@@ -0,0 +1,26 @@
+; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+;
+; This Source Code Form is subject to the terms of the Mozilla Public
+; License, v. 2.0. If a copy of the MPL was not distributed with this
+; file, You can obtain one at http://mozilla.org/MPL/2.0/.
+;
+; See the COPYRIGHT file distributed with this work for additional
+; information regarding copyright ownership.
+
+$ORIGIN .
+$TTL 300
+
+dnssec.			IN SOA	mname1. . (
+				1          ; serial
+				20         ; refresh (20 seconds)
+				20         ; retry (20 seconds)
+				1814400    ; expire (3 weeks)
+				3600       ; minimum (1 hour)
+				)
+dnssec.			NS	ns2.dnssec.
+ns2.dnssec.		A	10.53.0.2
+
+$ORIGIN dnssec.
+a			A	10.0.0.1
+			MX	10 mail.dnssec.
+mail			A	10.0.0.2