#!/bin/sh # # Copyright (C) 2011-2017 Internet Systems Consortium, Inc. ("ISC") # # This Source Code Form is subject to the terms of the Mozilla Public # License, v. 2.0. If a copy of the MPL was not distributed with this # file, You can obtain one at http://mozilla.org/MPL/2.0/. # $Id: tests.sh,v 1.4.154.1 2012/01/04 20:05:03 smann Exp $ SYSTEMTESTTOP=.. . $SYSTEMTESTTOP/conf.sh DIGOPTS="+tcp +noadd +nosea +nostat +noquest +nocomm +nocmd" DIGCMD="$DIG $DIGOPTS @10.53.0.2 -p 5300" RNDCCMD="$RNDC -s 10.53.0.2 -p 9953 -c ../common/rndc.conf" status=0 n=0 n=`expr $n + 1` echo "I:preparing ($n)" ret=0 $NSUPDATE -p 5300 -k ns2/session.key > /dev/null 2>&1 < /dev/null && break sleep 1 done grep "addition 1" ns2/nil.db > /dev/null 2>&1 || ret=1 if [ $ret != 0 ]; then echo "I:failed"; fi status=`expr $status + $ret` n=`expr $n + 1` echo "I:checking journal file is still present ($n)" ret=0 [ -s ns2/nil.db.jnl ] || { echo "I: 'test -s ns2/nil.db.jnl' failed when it shouldn't have"; ret=1; } if [ $ret != 0 ]; then echo "I:failed"; fi status=`expr $status + $ret` n=`expr $n + 1` echo "I:checking zone not writable ($n)" ret=0 $NSUPDATE -p 5300 -k ns2/session.key > /dev/null 2>&1 < dig.out.1.test$n grep 'addition 2' dig.out.1.test$n >/dev/null && ret=1 if [ $ret != 0 ]; then echo "I:failed"; fi status=`expr $status + $ret` echo "I:rndc thaw" $RNDCCMD thaw | sed 's/^/I:ns2 /' n=`expr $n + 1` echo "I:checking zone now writable ($n)" ret=0 $NSUPDATE -p 5300 -k ns2/session.key > nsupdate.out.1.test$n 2>&1 < dig.out.1.test$n grep 'addition 3' dig.out.1.test$n >/dev/null || ret=1 if [ $ret != 0 ]; then echo "I:failed"; fi status=`expr $status + $ret` echo "I:rndc sync" ret=0 $RNDCCMD sync nil | sed 's/^/I:ns2 /' n=`expr $n + 1` echo "I:checking zone was dumped ($n)" ret=0 for i in 1 2 3 4 5 6 7 8 9 10 do grep "addition 3" ns2/nil.db > /dev/null && break sleep 1 done grep "addition 3" ns2/nil.db > /dev/null 2>&1 || ret=1 if [ $ret != 0 ]; then echo "I:failed"; fi status=`expr $status + $ret` n=`expr $n + 1` echo "I:checking journal file is still present ($n)" ret=0 [ -s ns2/nil.db.jnl ] || { echo "I: 'test -s ns2/nil.db.jnl' failed when it shouldn't have"; ret=1; } if [ $ret != 0 ]; then echo "I:failed"; fi status=`expr $status + $ret` n=`expr $n + 1` echo "I:checking zone is still writable ($n)" ret=0 $NSUPDATE -p 5300 -k ns2/session.key > nsupdate.out.1.test$n 2>&1 < dig.out.1.test$n grep 'addition 4' dig.out.1.test$n > /dev/null || ret=1 if [ $ret != 0 ]; then echo "I:failed"; fi status=`expr $status + $ret` echo "I:rndc sync -clean" ret=0 $RNDCCMD sync -clean nil | sed 's/^/I:ns2 /' n=`expr $n + 1` echo "I:checking zone was dumped ($n)" ret=0 for i in 1 2 3 4 5 6 7 8 9 10 do grep "addition 4" ns2/nil.db > /dev/null && break sleep 1 done grep "addition 4" ns2/nil.db > /dev/null 2>&1 || ret=1 if [ $ret != 0 ]; then echo "I:failed"; fi status=`expr $status + $ret` n=`expr $n + 1` echo "I:checking journal file is deleted ($n)" ret=0 [ -s ns2/nil.db.jnl ] && { echo "I: 'test -s ns2/nil.db.jnl' failed when it shouldn't have"; ret=1; } if [ $ret != 0 ]; then echo "I:failed"; fi status=`expr $status + $ret` n=`expr $n + 1` echo "I:checking zone is still writable ($n)" ret=0 $NSUPDATE -p 5300 -k ns2/session.key > /dev/null 2>&1 < dig.out.1.test$n grep 'addition 4' dig.out.1.test$n >/dev/null || ret=1 if [ $ret != 0 ]; then echo "I:failed"; fi status=`expr $status + $ret` n=`expr $n + 1` echo "I:checking other journal files not removed ($n)" ret=0 [ -s ns2/other.db.jnl ] || { echo "I: 'test -s ns2/other.db.jnl' failed when it shouldn't have"; ret=1; } if [ $ret != 0 ]; then echo "I:failed"; fi status=`expr $status + $ret` echo "I:cleaning all zones ($n)" $RNDCCMD sync -clean | sed 's/^/I:ns2 /' n=`expr $n + 1` echo "I:checking all journals removed ($n)" ret=0 [ -s ns2/nil.db.jnl ] && { echo "I: 'test -s ns2/nil.db.jnl' succeeded when it shouldn't have"; ret=1; } [ -s ns2/other.db.jnl ] && { echo "I: 'test -s ns2/other.db.jnl' succeeded when it shouldn't have"; ret=1; } if [ $ret != 0 ]; then echo "I:failed"; fi status=`expr $status + $ret` n=`expr $n + 1` echo "I:checking that freezing static zones is not allowed ($n)" ret=0 $RNDCCMD freeze static > rndc.out.1.test$n 2>&1 grep 'not dynamic' rndc.out.1.test$n > /dev/null || ret=1 if [ $ret != 0 ]; then echo "I:failed"; fi status=`expr $status + $ret` n=`expr $n + 1` echo "I:checking that journal is removed when serial is changed before thaw ($n)" ret=0 sleep 1 $NSUPDATE -p 5300 -k ns2/session.key > nsupdate.out.1.test$n 2>&1 <&1 | sed 's/^/I:ns2 /' for i in 1 2 3 4 5 6 7 8 9 10 do grep "addition 6" ns2/other.db > /dev/null && break sleep 1 done serial=`awk '$3 == "serial" {print $1}' ns2/other.db` newserial=`expr $serial + 1` sed s/$serial/$newserial/ ns2/other.db > ns2/other.db.new echo 'frozen TXT "frozen addition"' >> ns2/other.db.new mv -f ns2/other.db.new ns2/other.db $RNDCCMD thaw 2>&1 | sed 's/^/I:ns2 /' sleep 1 [ -f ns2/other.db.jnl ] && { echo "I: 'test -f ns2/other.db.jnl' succeeded when it shouldn't have"; ret=1; } $NSUPDATE -p 5300 -k ns2/session.key > nsupdate.out.2.test$n 2>&1 < dig.out.1.test$n grep 'addition 6' dig.out.1.test$n >/dev/null || ret=1 $DIGCMD text7.other. TXT > dig.out.2.test$n grep 'addition 7' dig.out.2.test$n >/dev/null || ret=1 $DIGCMD frozen.other. TXT > dig.out.3.test$n grep 'frozen addition' dig.out.3.test$n >/dev/null || ret=1 if [ $ret != 0 ]; then echo "I:failed"; fi status=`expr $status + $ret` n=`expr $n + 1` echo "I:checking that journal is kept when ixfr-from-differences is in use ($n)" ret=0 $NSUPDATE -p 5300 -k ns2/session.key > nsupdate.out.1.test$n 2>&1 <&1 | sed 's/^/I:ns2 /' for i in 1 2 3 4 5 6 7 8 9 10 do grep "addition 6" ns2/nil.db > /dev/null && break sleep 1 done serial=`awk '$3 == "serial" {print $1}' ns2/nil.db` newserial=`expr $serial + 1` sed s/$serial/$newserial/ ns2/nil.db > ns2/nil.db.new echo 'frozen TXT "frozen addition"' >> ns2/nil.db.new mv -f ns2/nil.db.new ns2/nil.db $RNDCCMD thaw 2>&1 | sed 's/^/I:ns2 /' sleep 1 [ -s ns2/nil.db.jnl ] || { echo "I: 'test -s ns2/nil.db.jnl' failed when it shouldn't have"; ret=1; } $NSUPDATE -p 5300 -k ns2/session.key > nsupdate.out.2.test$n 2>&1 < dig.out.1.test$n grep 'addition 6' dig.out.1.test$n > /dev/null || ret=1 $DIGCMD text7.nil. TXT > dig.out.2.test$n grep 'addition 7' dig.out.2.test$n > /dev/null || ret=1 $DIGCMD frozen.nil. TXT > dig.out.3.test$n grep 'frozen addition' dig.out.3.test$n >/dev/null || ret=1 if [ $ret != 0 ]; then echo "I:failed"; fi status=`expr $status + $ret` # temp test echo "I:dumping stats ($n)" $RNDCCMD stats n=`expr $n + 1` echo "I: verifying adb records in named.stats ($n)" grep "ADB stats" ns2/named.stats > /dev/null || ret=1 if [ $ret != 0 ]; then echo "I:failed"; fi status=`expr $status + $ret` n=`expr $n + 1` echo "I:test using second key ($n)" ret=0 $RNDC -s 10.53.0.2 -p 9953 -c ns2/secondkey.conf status > /dev/null || ret=1 if [ $ret != 0 ]; then echo "I:failed"; fi status=`expr $status + $ret` n=`expr $n + 1` echo "I:test 'rndc dumpdb' on a empty cache ($n)" ret=0 $RNDC -s 10.53.0.3 -p 9953 -c ../common/rndc.conf dumpdb > /dev/null || ret=1 for i in 1 2 3 4 5 6 7 8 9 do tmp=0 grep "Dump complete" ns3/named_dump.db > /dev/null || tmp=1 [ $tmp -eq 0 ] && break sleep 1 done [ $tmp -eq 1 ] && ret=1 if [ $ret != 0 ]; then echo "I:failed"; fi status=`expr $status + $ret` n=`expr $n + 1` echo "I:test 'rndc reload' on a zone with include files ($n)" ret=0 grep "incl/IN: skipping load" ns2/named.run > /dev/null && ret=1 loads=`grep "incl/IN: starting load" ns2/named.run | wc -l` [ "$loads" -eq 1 ] || ret=1 $RNDC -s 10.53.0.2 -p 9953 -c ../common/rndc.conf reload > /dev/null || ret=1 for i in 1 2 3 4 5 6 7 8 9 do tmp=0 grep "incl/IN: skipping load" ns2/named.run > /dev/null || tmp=1 [ $tmp -eq 0 ] && break sleep 1 done [ $tmp -eq 1 ] && ret=1 touch ns2/static.db $RNDC -s 10.53.0.2 -p 9953 -c ../common/rndc.conf reload > /dev/null || ret=1 for i in 1 2 3 4 5 6 7 8 9 do tmp=0 loads=`grep "incl/IN: starting load" ns2/named.run | wc -l` [ "$loads" -eq 2 ] || tmp=1 [ $tmp -eq 0 ] && break sleep 1 done [ $tmp -eq 1 ] && ret=1 if [ $ret != 0 ]; then echo "I:failed"; fi status=`expr $status + $ret` n=`expr $n + 1` echo "I:testing rndc with hmac-md5 ($n)" ret=0 $RNDC -s 10.53.0.4 -p 9951 -c ns4/key1.conf status > /dev/null 2>&1 || ret=1 for i in 2 3 4 5 6 do $RNDC -s 10.53.0.4 -p 9951 -c ns4/key${i}.conf status > /dev/null 2>&1 && ret=1 done if [ $ret != 0 ]; then echo "I:failed"; fi status=`expr $status + $ret` n=`expr $n + 1` echo "I:testing rndc with hmac-sha1 ($n)" ret=0 $RNDC -s 10.53.0.4 -p 9952 -c ns4/key2.conf status > /dev/null 2>&1 || ret=1 for i in 1 3 4 5 6 do $RNDC -s 10.53.0.4 -p 9952 -c ns4/key${i}.conf status > /dev/null 2>&1 && ret=1 done if [ $ret != 0 ]; then echo "I:failed"; fi status=`expr $status + $ret` n=`expr $n + 1` echo "I:testing rndc with hmac-sha224 ($n)" ret=0 $RNDC -s 10.53.0.4 -p 9953 -c ns4/key3.conf status > /dev/null 2>&1 || ret=1 for i in 1 2 4 5 6 do $RNDC -s 10.53.0.4 -p 9953 -c ns4/key${i}.conf status > /dev/null 2>&1 && ret=1 done if [ $ret != 0 ]; then echo "I:failed"; fi status=`expr $status + $ret` n=`expr $n + 1` echo "I:testing rndc with hmac-sha256 ($n)" ret=0 $RNDC -s 10.53.0.4 -p 9954 -c ns4/key4.conf status > /dev/null 2>&1 || ret=1 for i in 1 2 3 5 6 do $RNDC -s 10.53.0.4 -p 9954 -c ns4/key${i}.conf status > /dev/null 2>&1 && ret=1 done if [ $ret != 0 ]; then echo "I:failed"; fi status=`expr $status + $ret` n=`expr $n + 1` echo "I:testing rndc with hmac-sha384 ($n)" ret=0 $RNDC -s 10.53.0.4 -p 9955 -c ns4/key5.conf status > /dev/null 2>&1 || ret=1 for i in 1 2 3 4 6 do $RNDC -s 10.53.0.4 -p 9955 -c ns4/key${i}.conf status > /dev/null 2>&1 && ret=1 done if [ $ret != 0 ]; then echo "I:failed"; fi status=`expr $status + $ret` n=`expr $n + 1` echo "I:testing rndc with hmac-sha512 ($n)" ret=0 $RNDC -s 10.53.0.4 -p 9956 -c ns4/key6.conf status > /dev/null 2>&1 || ret=1 for i in 1 2 3 4 5 do $RNDC -s 10.53.0.4 -p 9956 -c ns4/key${i}.conf status > /dev/null 2>&1 2>&1 && ret=1 done if [ $ret != 0 ]; then echo "I:failed"; fi status=`expr $status + $ret` n=`expr $n + 1` echo "I:testing automatic zones are reported ($n)" ret=0 $RNDC -s 10.53.0.4 -p 9956 -c ns4/key6.conf status > rndc.out.1.test$n || ret=1 grep "number of zones: 198 (196 automatic)" rndc.out.1.test$n > /dev/null || ret=1 if [ $ret != 0 ]; then echo "I:failed"; fi status=`expr $status + $ret` n=`expr $n + 1` echo "I:testing rndc with null command ($n)" ret=0 $RNDC -s 10.53.0.4 -p 9956 -c ns4/key6.conf null || ret=1 if [ $ret != 0 ]; then echo "I:failed"; fi status=`expr $status + $ret` n=`expr $n + 1` echo "I:testing rndc with unknown control channel command ($n)" ret=0 $RNDC -s 10.53.0.4 -p 9956 -c ns4/key6.conf obviouslynotacommand >/dev/null 2>&1 && ret=1 # rndc: 'obviouslynotacommand' failed: unknown command if [ $ret != 0 ]; then echo "I:failed"; fi status=`expr $status + $ret` n=`expr $n + 1` echo "I:testing rndc with querylog command ($n)" ret=0 # first enable it with querylog on option $RNDC -s 10.53.0.4 -p 9956 -c ns4/key6.conf querylog on >/dev/null 2>&1 || ret=1 grep "query logging is now on" ns4/named.run > /dev/null || ret=1 # query for builtin and check if query was logged $DIG @10.53.0.4 -p 5300 -c ch -t txt foo12345.bind > /dev/null || ret 1 grep "query: foo12345.bind CH TXT" ns4/named.run > /dev/null || ret=1 # toggle query logging and check again $RNDC -s 10.53.0.4 -p 9956 -c ns4/key6.conf querylog > /dev/null 2>&1 || ret=1 grep "query logging is now off" ns4/named.run > /dev/null || ret=1 # query for another builtin zone and check if query was logged $DIG @10.53.0.4 -p 5300 -c ch -t txt foo9876.bind > /dev/null || ret 1 grep "query: foo9876.bind CH TXT" ns4/named.run > /dev/null && ret=1 if [ $ret != 0 ]; then echo "I:failed"; fi status=`expr $status + $ret` RNDCCMD4="$RNDC -s 10.53.0.4 -p 9956 -c ns4/key6.conf" n=`expr $n + 1` echo "I:testing rndc nta time limits ($n)" ret=0 $RNDCCMD4 nta -l 2h nta1.example > rndc.out.1.test$n 2>&1 grep "Negative trust anchor added" rndc.out.1.test$n > /dev/null || ret=1 $RNDCCMD4 nta -l 1d nta2.example > rndc.out.2.test$n 2>&1 grep "Negative trust anchor added" rndc.out.2.test$n > /dev/null || ret=1 $RNDCCMD4 nta -l 1w nta3.example > rndc.out.3.test$n 2>&1 grep "Negative trust anchor added" rndc.out.3.test$n > /dev/null || ret=1 $RNDCCMD4 nta -l 8d nta4.example > rndc.out.4.test$n 2>&1 grep "NTA lifetime cannot exceed one week" rndc.out.4.test$n > /dev/null || ret=1 if [ $ret != 0 ]; then echo "I:failed"; fi status=`expr $status + $ret` for i in 512 1024 2048 4096 8192 16384 32768 65536 131072 262144 524288 do n=`expr $n + 1` echo "I:testing rndc buffer size limits (size=${i}) ($n)" ret=0 $RNDC -s 10.53.0.4 -p 9956 -c ns4/key6.conf testgen ${i} 2>&1 > rndc.out.$i.test$n || ret=1 actual_size=`$GENCHECK rndc.out.$i.test$n` if [ "$?" = "0" ]; then expected_size=`expr $i + 1` if [ $actual_size != $expected_size ]; then ret=1; fi else ret=1 fi if [ $ret != 0 ]; then echo "I:failed"; fi status=`expr $status + $ret` done n=`expr $n + 1` echo "I:testing rndc -r (show result) ($n)" ret=0 $RNDC -s 10.53.0.4 -p 9956 -c ns4/key6.conf -r testgen 0 2>&1 > rndc.out.1.test$n || ret=1 grep "ISC_R_SUCCESS 0" rndc.out.1.test$n > /dev/null || ret=1 if [ $ret != 0 ]; then echo "I:failed"; fi status=`expr $status + $ret` n=`expr $n + 1` echo "I:testing rndc with a token containing a space ($n)" ret=0 $RNDC -s 10.53.0.4 -p 9956 -c ns4/key6.conf -r flush '"view with a space"' 2>&1 > rndc.out.1.test$n || ret=1 grep "not found" rndc.out.1.test$n > /dev/null && ret=1 if [ $ret != 0 ]; then echo "I:failed"; fi status=`expr $status + $ret` n=`expr $n + 1` echo "I:test 'rndc reconfig' with a broken config ($n)" ret=0 $RNDC -s 10.53.0.4 -p 9956 -c ns4/key6.conf reconfig > /dev/null || ret=1 sleep 1 mv ns4/named.conf ns4/named.conf.save echo "error error error" >> ns4/named.conf $RNDC -s 10.53.0.4 -p 9956 -c ns4/key6.conf reconfig > rndc.out.1.test$n 2>&1 && ret=1 grep "rndc: 'reconfig' failed: unexpected token" rndc.out.1.test$n > /dev/null || ret=1 mv ns4/named.conf.save ns4/named.conf sleep 1 $RNDC -s 10.53.0.4 -p 9956 -c ns4/key6.conf reconfig > /dev/null || ret=1 sleep 1 if [ $ret != 0 ]; then echo "I:failed"; fi status=`expr $status + $ret` n=`expr $n + 1` echo "I:test read-only control channel access ($n)" ret=0 $RNDC -s 10.53.0.5 -p 9953 -c ../common/rndc.conf status > /dev/null 2>&1 || ret=1 $RNDC -s 10.53.0.5 -p 9953 -c ../common/rndc.conf nta -dump > /dev/null 2>&1 || ret=1 $RNDC -s 10.53.0.5 -p 9953 -c ../common/rndc.conf reconfig > /dev/null 2>&1 && ret=1 if [ $ret != 0 ]; then echo "I:failed"; fi status=`expr $status + $ret` n=`expr $n + 1` echo "I:test rndc status shows running on ($n)" ret=0 $RNDC -s 10.53.0.5 -p 9953 -c ../common/rndc.conf status > rndc.out.1.test$n 2>&1 || ret=1 grep "^running on " rndc.out.1.test$n > /dev/null || ret=1 if [ $ret != 0 ]; then echo "I:failed"; fi status=`expr $status + $ret` n=`expr $n + 1` echo "I:test 'rndc reconfig' with loading of a large zone ($n)" ret=0 cur=`awk 'BEGIN {l=0} /^/ {l++} END { print l }' ns6/named.run` cp ns6/named.conf ns6/named.conf.save echo "zone \"huge.zone\" { type master; file \"huge.zone.db\"; };" >> ns6/named.conf echo " I:reloading config" $RNDC -s 10.53.0.6 -p 9953 -c ../common/rndc.conf reconfig > rndc.out.1.test$n 2>&1 || ret=1 if [ $ret != 0 ]; then echo " I:failed"; fi status=`expr $status + $ret` sleep 1 n=`expr $n + 1` echo " I:check if zone load was scheduled ($n)" grep "scheduled loading new zones" ns6/named.run > /dev/null || ret=1 if [ $ret != 0 ]; then echo " I:failed"; fi status=`expr $status + $ret` n=`expr $n + 1` echo " I:check if query for the zone returns SERVFAIL ($n)" $DIG @10.53.0.6 -p 5300 -t soa huge.zone > dig.out.1.test$n grep "SERVFAIL" dig.out.1.test$n > /dev/null || ret=1 if [ $ret != 0 ]; then echo " I:failed (ignored)"; ret=0; fi status=`expr $status + $ret` n=`expr $n + 1` echo " I:wait for the zones to be loaded ($n)" ret=1 try=0 while test $try -lt 45 do sleep 1 sed -n "$cur,"'$p' < ns6/named.run | grep "any newly configured zones are now loaded" > /dev/null && { ret=0 break } try=`expr $try + 1` done if [ $ret != 0 ]; then echo " I:failed"; fi status=`expr $status + $ret` n=`expr $n + 1` echo " I:check if query for the zone returns NOERROR ($n)" $DIG @10.53.0.6 -p 5300 -t soa huge.zone > dig.out.1.test$n grep "NOERROR" dig.out.1.test$n > /dev/null || ret=1 if [ $ret != 0 ]; then echo " I:failed"; fi status=`expr $status + $ret` n=`expr $n + 1` echo "I:verify that the full command is logged ($n)" ret=0 $RNDCCMD null with extra arguments > /dev/null 2>&1 grep "received control channel command 'null with extra arguments'" ns2/named.run > /dev/null || ret=1 if [ $ret != 0 ]; then echo "I:failed"; fi status=`expr $status + $ret` mv ns6/named.conf.save ns6/named.conf sleep 1 $RNDC -s 10.53.0.6 -p 9953 -c ../common/rndc.conf reconfig > /dev/null || ret=1 sleep 1 if [ $ret != 0 ]; then echo "I:failed"; fi status=`expr $status + $ret` if [ -x "$PYTHON" ]; then n=`expr $n + 1` echo "I:test rndc python bindings ($n)" ret=0 $PYTHON > python.out.1.test$n << EOF import sys sys.path.insert(0, '../../../../bin/python') from isc import * r = rndc(('10.53.0.5', 9953), 'hmac-sha256', '1234abcd8765') result = r.call('status') print(result['text']) EOF grep 'server is up and running' python.out.1.test$n > /dev/null 2>&1 || ret=1 if [ $ret != 0 ]; then echo "I:failed"; fi status=`expr $status + $ret` fi n=`expr $n + 1` echo "I:check 'rndc \"\"' is handled ($n)" ret=0 $RNDCCMD "" > rndc.out.1.test$n 2>&1 && ret=1 grep "rndc: '' failed: failure" rndc.out.1.test$n > /dev/null if [ $ret != 0 ]; then echo "I:failed"; fi status=`expr $status + $ret` echo "I:exit status: $status" [ $status -eq 0 ] || exit 1