For consistency between all system tests, add missing setup.sh scripts
for tests which do not have one yet and ensure every setup.sh script
calls its respective clean.sh script.
(cherry picked from commit e410803919)
Temporary files created by a given system test should be removed by its
clean.sh script, not its setup.sh script. Remove redundant "rm"
invocations from setup.sh scripts. Move required "rm" invocations from
setup.sh scripts to their corresponding clean.sh scripts.
(cherry picked from commit c64ed484c8)
If dots are not escaped in the "1.2.3.4" regular expressions used for
checking whether IP address 1.2.3.4 is present in the tested resolver's
answers, a COOKIE that matches such a regular expression will trigger a
false positive for the "resolver" system test. Properly escape dots in
the aforementioned regular expressions to prevent that from happening.
(cherry picked from commit 70ae48e5cb)
For all system tests utilizing named instances, call clean.sh from each
test's setup.sh script in a consistent way to make sure running the same
system test multiple times using run.sh does not trigger false positives
caused by stale files created by previous runs.
Ideally we would just call clean.sh from run.sh, but that would break
some quirky system tests like "rpz" or "rpzrecurse" and being consistent
for the time being does not hurt.
(cherry picked from commit a077a3ae8a)
These tests check if a key with an unsupported algorithm in
managed-keys is ignored and when seeing an algorithm rollover to
an unsupported algorithm, the new key will be ignored too.
(cherry picked from commit 144cb53d0ae3aa5e6e3123720b603f9ab2bd1fa9)
- dig command had the @ parameter in the wrong place
- private-dnskey and private-cdnskey are queried in a separate
loop, which strips 'private-' from the name to determine the qtype
(cherry picked from commit bc7b34d6ef)
Illustrate the syntax for the policy options, with semicolons.
Explicitly mention the "default" policy.
Fix a few typos and remove some redundant wording.
(cherry picked from commit 7ee56e2abd)
* Alphabetize the option lists in the man page and help text
* Make the synopses more consistent between the man page and help
text, in particular the number of different modes
* Group mutually exclusive options in the man page synopses, and order
options so that it is more clear which are available in every mode
* Expand the DESCRIPTION to provide an overview of the output modes
and input modes
* Improve cross-references between options
* Leave RFC citations to the SEE ALSO section, and clarify which RFC
specifies what
* Clarify list of digest algorithms in dnssec-dsfromkey man page
(cherry picked from commit 6ca8e130ac)
(cherry picked from commit fb9bc8f871)
the occluded-key test creates both a KEY and a DNSKEY. the second
call to dnssec-keygen calls dns_dnssec_findmatchingkeys(), which causes
a spurious warning to be printed when it sees the type KEY record.
this should be fixed in dnssec.c, but the meantime this change silences
the warning by reversing the order in which the keys are created.
(cherry picked from commit 6661db9564)
this prevents servers that use arguments specified in named.args
from appearing different in 'ps' output from servers run with arguments
from start.pl
(cherry picked from commit 175d6e9bfb)
use a lame server configuration to force SERVFAILs instead of killing ns2.
this prevents test failures that occurred due to a different behavior of
the netowrking stack in windows.