ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity

Check that a zone in the process of being signed resolves

Browse Source 
ans10 simulates a local anycast server which has both signed and
unsigned instances of a zone.  'A' queries get answered from the
signed instance.  Everything else gets answered from the unsigned
instance.  The resulting answer should be insecure.
This commit is contained in:
Mark Andrews
2020-10-28 16:40:36 +11:00
parent 718e597def
commit d7840f4b93
5 changed files with 159 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
bin/tests/system/dnssec/tests.sh
View File

@@ -4281,5 +4281,15 @@ n=$((n+1))
test "$ret" -eq 0 || echo_i "failed"
status=$((status+ret))
echo_i "checking validation succeeds during transition to signed ($n)"
ret=0
dig_with_opts @10.53.0.4 inprogress A > dig.out.ns4.test$n || ret=1
grep "flags: qr rd ra;" dig.out.ns4.test$n >/dev/null || ret=1
grep "status: NOERROR" dig.out.ns4.test$n >/dev/null || ret=1
grep 'A.10\.53\.0\.10' dig.out.ns4.test$n >/dev/null || ret=1
n=$((n+1))
test "$ret" -eq 0 || echo_i "failed"
status=$((status+ret))
echo_i "exit status: $status"
[ $status -eq 0 ] || exit 1