ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity
Files
df31bdf239f5e09b19e28fc332008aa883442fec
bind9/bin/tests/system/dnssec
History
Evan Hunt 54a682ea50 use DS style trust anchors in all system tests 
this adds functions in conf.sh.common to create DS-style trust anchor
files. those functions are then used to create nearly all of the trust
anchors in the system tests.

there are a few exceptions:
 - some tests in dnssec and mkeys rely on detection of unsupported
   algorithms, which only works with key-style trust anchors, so those
   are used for those tests in particular.
 - the mirror test had a problem with the use of a CSK without a
   SEP bit, which still needs addressing

in the future, some of these tests should be changed back to using
traditional trust anchors, so that both types will be exercised going
forward.
2019-11-15 15:47:57 -08:00
..
ns1
use DS style trust anchors in all system tests
2019-11-15 15:47:57 -08:00
ns2
fix dnssec system tests that fail now that we call dns_zone_cdscheck
2019-08-28 15:46:41 +10:00
ns3
Remove 2>&1 from the dnssec-signzone invocation in tests
2019-07-31 10:05:52 +02:00
ns4
remove "dnssec-enable" from all system tests
2019-03-14 23:30:13 -07:00
ns5
use DS style trust anchors in all system tests
2019-11-15 15:47:57 -08:00
ns6
convert ns_client and related objects to use netmgr
2019-11-07 11:55:37 -08:00
ns7
Ignore trust anchors using disabled algorithm
2019-03-19 17:14:18 +01:00
ns8
add "static-ds" and "initial-ds" keywords to config parser
2019-11-15 15:47:17 -08:00
ns9
add "static-ds" and "initial-ds" keywords to config parser
2019-11-15 15:47:17 -08:00
signer
clean.sh
remove DLV system tests
2019-08-09 09:18:02 -07:00
dnssec_update_test.pl
ntadiff.pl
prereq.sh
Run the dnssec system tests with set -e enabled
2018-12-10 19:47:32 +01:00
README
remove DLV system tests
2019-08-09 09:18:02 -07:00
setup.sh
Make NTAs work with validating forwarders
2019-05-09 19:55:35 -07:00
tests.sh
Nit: fix typo (dnsssec-signzone)
2019-11-06 22:31:44 +01:00

README 

Copyright (C) Internet Systems Consortium, Inc. ("ISC")

See COPYRIGHT in the source root or http://isc.org/copyright.html for terms.

The test setup for the DNSSEC tests has a secure root.

ns1 is the root server.

ns2 and ns3 are authoritative servers for the various test domains.

ns4 is a caching-only server, configured with the correct trusted key
for the root.

ns5 is a caching-only server, configured with the an incorrect trusted
key for the root.  It is used for testing failure cases.

ns6 is an caching and authoritative server used for testing unusual
server behaviors such as disabled DNSSEC algorithms.

ns7 is used for checking non-cacheable answers.

ns8 is a caching-only server, configured with unsupported and disabled
algorithms.  It is used for testing failure cases.

ns9 is a forwarding-only server.
View Git Blame Copy Permalink