54a682ea50
this adds functions in conf.sh.common to create DS-style trust anchor files. those functions are then used to create nearly all of the trust anchors in the system tests. there are a few exceptions: - some tests in dnssec and mkeys rely on detection of unsupported algorithms, which only works with key-style trust anchors, so those are used for those tests in particular. - the mirror test had a problem with the use of a CSK without a SEP bit, which still needs addressing in the future, some of these tests should be changed back to using traditional trust anchors, so that both types will be exercised going forward.
Copyright (C) Internet Systems Consortium, Inc. ("ISC")
See COPYRIGHT in the source root or http://isc.org/copyright.html for terms.
The test setup for the SERVFAIL ncache tests has a secure root.
ns1 is the root server.
ns2 is an authoritative server for the various test domains.
ns5 is a caching-only server, configured with the an incorrect trusted
key for the root. It is used for testing failure cases.