ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity
Files
f563cd570c8a4e24e0c6a1cf7cf6e11da1b090fb
bind9/bin/tests/system/nsupdate/ns3/named.conf.in
Matthijs Mekking 6b79db1fdd Add test for allowing update CDS/CDNSKEY 
Add tests to the nsupdate system test to make sure that CDS and/or
CDNSKEY that match an algorithm in the DNSKEY RRset are allowed. Also
add tests that updates are rejected if the algorithm does not match.

Remove the now redundant test cases from the dnssec system test.

Update the checkzone system test: Change the algorithm of the CDS and
CDNSKEY records so that the zone is still rejected.
2021-07-14 12:10:11 -07:00

72 lines
1.4 KiB
Plaintext
Raw Blame History

/*
* Copyright (C) Internet Systems Consortium, Inc. ("ISC")
*
* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
*
* See the COPYRIGHT file distributed with this work for additional
* information regarding copyright ownership.
*/
// NS3
options {
query-source address 10.53.0.3 dscp 7;
notify-source 10.53.0.3 dscp 8;
transfer-source 10.53.0.3 dscp 9;
port @PORT@;
pid-file "named.pid";
listen-on { 10.53.0.3; };
listen-on-v6 { none; };
recursion no;
notify yes;
dnssec-validation yes;
};
zone "example" {
type primary;
allow-update { any; };
file "example.db";
};
zone "nsec3param.test" {
type primary;
allow-update { any; };
file "nsec3param.test.db.signed";
};
zone "dnskey.test" {
type primary;
allow-update { any; };
file "dnskey.test.db.signed";
};
zone "many.test" {
type secondary;
primaries { 10.53.0.1; };
allow-update-forwarding { any; };
file "many.test.bk";
};
zone "delegation.test" {
type primary;
allow-update { any; };
file "delegation.test.db.signed";
};
zone "too-big.test" {
type primary;
allow-update { any; };
max-records 3;
file "too-big.test.db";
};
/* Zone for testing CDS and CDNSKEY updates from other provider */
zone "multisigner.test" {
type primary;
allow-update { any; };
dnssec-policy "default";
file "multisigner.test.db";
};
View Git Blame Copy Permalink