3967. [test] Add test for inlined signed zone in multiple views

with different DNSKEY sets. [RT #35759]

CHANGES

@@ -1,3 +1,6 @@
+3967.	[test]		Add test for inlined signed zone in multiple views
+			with different DNSKEY sets. [RT #35759]
+
 3966.	[bug]		Missing dns_db_closeversion call in receive_secure_db.
 			[RT #35746]
 

bin/tests/system/views/clean.sh

@@ -25,3 +25,12 @@ rm -f ns3/example.bk dig.out.ns?.?
 rm -f ns2/named.conf ns2/example.db ns3/named.conf ns3/internal.bk
 rm -f */*.jnl
 rm -f */named.memstats
+rm -f ns2/external/K*
+rm -f ns2/external/inline.db.jbk
+rm -f ns2/external/inline.db.signed
+rm -f ns2/external/inline.db.signed.jnl
+rm -f ns2/internal/K*
+rm -f ns2/internal/inline.db.jbk
+rm -f ns2/internal/inline.db.signed
+rm -f ns2/internal/inline.db.signed.jnl
+rm -f dig.out.external dig.out.internal

bin/tests/system/views/ns2/external/inline.db

@@ -0,0 +1,33 @@
+; Copyright (C) 2004, 2007  Internet Systems Consortium, Inc. ("ISC")
+; Copyright (C) 2000, 2001  Internet Software Consortium.
+;
+; Permission to use, copy, modify, and/or distribute this software for any
+; purpose with or without fee is hereby granted, provided that the above
+; copyright notice and this permission notice appear in all copies.
+;
+; THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
+; REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
+; AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
+; INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
+; LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
+; OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+; PERFORMANCE OF THIS SOFTWARE.
+
+$TTL 300	; 5 minutes
+inline.			IN SOA	mname1. . (
+				2          ; serial
+				20         ; refresh (20 seconds)
+				20         ; retry (20 seconds)
+				1814400    ; expire (3 weeks)
+				3600       ; minimum (1 hour)
+				)
+inline.			NS	ns2.inline.
+ns2.inline.		A	10.53.0.2
+inline.			NS	ns3.inline.
+ns3.inline.		A	10.53.0.3
+
+$ORIGIN inline.
+a			A	10.1.0.1
+			MX	10 extmail.inline.
+
+extmail			A	10.1.0.2

bin/tests/system/views/ns2/internal/inline.db

@@ -0,0 +1,33 @@
+; Copyright (C) 2004, 2007  Internet Systems Consortium, Inc. ("ISC")
+; Copyright (C) 2000, 2001  Internet Software Consortium.
+;
+; Permission to use, copy, modify, and/or distribute this software for any
+; purpose with or without fee is hereby granted, provided that the above
+; copyright notice and this permission notice appear in all copies.
+;
+; THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
+; REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
+; AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
+; INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
+; LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
+; OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+; PERFORMANCE OF THIS SOFTWARE.
+
+$TTL 300	; 5 minutes
+inline.			IN SOA	mname1. . (
+				2          ; serial
+				20         ; refresh (20 seconds)
+				20         ; retry (20 seconds)
+				1814400    ; expire (3 weeks)
+				3600       ; minimum (1 hour)
+				)
+inline.			NS	ns2.inline.
+ns2.inline.		A	10.53.0.2
+inline.			NS	ns3.inline.
+ns3.inline.		A	10.53.0.3
+
+$ORIGIN inline.
+a			A	10.1.0.1
+			MX	10 intmail.inline.
+
+intmail			A	10.1.0.2

bin/tests/system/views/ns2/named2.conf

@@ -53,6 +53,14 @@ view "internal" {
 		file "clone.db";
 		allow-update { any; };
 	};
+
+	zone "inline" {
+		type master;
+		file "internal/inline.db";
+		key-directory "internal";
+		auto-dnssec maintain;
+		inline-signing yes;
+	};
 };
 
 view "external" {
@@ -73,4 +81,12 @@ view "external" {
 		forward only;
 		forwarders { 10.53.0.5; };
 	};
+
+	zone "inline" {
+		type master;
+		file "external/inline.db";
+		key-directory "external";
+		auto-dnssec maintain;
+		inline-signing yes;
+	};
 };

bin/tests/system/views/setup.sh

@@ -15,9 +15,31 @@
 # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
 # PERFORMANCE OF THIS SOFTWARE.
 
-# $Id: setup.sh,v 1.10 2007/06/19 23:47:06 tbox Exp $
-
-
 cp -f ns2/example1.db ns2/example.db
 cp -f ns2/named1.conf ns2/named.conf
 cp -f ns3/named1.conf ns3/named.conf
+rm -f ns2/external/K*
+rm -f ns2/external/inline.db.signed
+rm -f ns2/external/inline.db.signed.jnl
+rm -f ns2/internal/K*
+rm -f ns2/internal/inline.db.signed
+rm -f ns2/internal/inline.db.signed.jnl
+
+SYSTEMTESTTOP=..
+. $SYSTEMTESTTOP/conf.sh
+
+test -r $RANDFILE || $GENRANDOM 400 $RANDFILE
+
+#
+# We remove k1 and k2 as KEYGEN is deterministic when given the
+# same source of "random" data and we want different keys for
+# internal and external instances of inline.
+#
+$KEYGEN -K ns2/internal -r $RANDFILE -3q inline > /dev/null 2>&1
+$KEYGEN -K ns2/internal -r $RANDFILE -3qfk inline > /dev/null 2>&1
+k1=`$KEYGEN -K ns2/external -r $RANDFILE -3q inline`
+k2=`$KEYGEN -K ns2/external -r $RANDFILE -3qfk inline`
+$KEYGEN -K ns2/external -r $RANDFILE -3q inline > /dev/null 2>&1
+$KEYGEN -K ns2/external -r $RANDFILE -3qfk inline > /dev/null 2>&1
+test -n "$k1" && rm -f ns2/external/$k1.*
+test -n "$k2" && rm -f ns2/external/$k2.*

bin/tests/system/views/tests.sh

@@ -123,5 +123,17 @@ fi
 if [ $ret != 0 ]; then echo "I:failed"; fi
 status=`expr $status + $ret`
 
+echo "I:verifying inline zones work with views"
+ret=0
+$DIG @10.53.0.2 -p 5300 -b 10.53.0.2 +dnssec DNSKEY inline > dig.out.internal
+$DIG @10.53.0.2 -p 5300 -b 10.53.0.5 +dnssec DNSKEY inline > dig.out.external
+grep "ANSWER: 4," dig.out.internal > /dev/null || ret=1
+grep "ANSWER: 4," dig.out.external > /dev/null || ret=1
+int=`awk '$4 == "DNSKEY" { print $8 }' dig.out.internal | sort`
+ext=`awk '$4 == "DNSKEY" { print $8 }' dig.out.external | sort`
+test "$int" != "$ext" || ret=1
+if [ $ret != 0 ]; then echo "I:failed"; fi
+status=`expr $status + $ret`
+
 echo "I:exit status: $status"
 exit $status