]>
Commit | Line | Data |
---|---|---|
cf4d037d | 1 | #!/usr/bin/env bash |
15a35f44 | 2 | for zone in $(grep 'zone ' named.conf | cut -f2 -d\" | grep -v '^\(example.com\|nztest.com\|insecure.dnssec-parent.com\)$') |
fc0bbb94 | 3 | do |
922bba7f | 4 | TFILE=$(mktemp tmp.XXXXXXXXXX) |
60ff7e5a | 5 | drill -p $port axfr $zone @$nameserver | ldns-read-zone -z -u CDS -u CDNSKEY > $TFILE |
c5791798 | 6 | for validator in "ldns-verify-zone -V2" validns jdnssec-verifyzone named-checkzone |
fc0bbb94 | 7 | do |
c5791798 PD |
8 | if [ "$validator" = "validns" ] && [ "$zone" = "." ] |
9 | then | |
10 | continue | |
11 | fi | |
fc0bbb94 | 12 | echo --- $validator $zone |
e62ba1c9 PD |
13 | if [ "$validator" = "named-checkzone" ] |
14 | then | |
15 | named-checkzone -i local $zone $TFILE 2>&1 | grep -v 'addnode: NSEC node already exists' | |
16 | else | |
55b3da69 KM |
17 | if [ ! -e ${testsdir}/${testname}/allow-missing ] || [[ $(type -P "$validator") ]] |
18 | then | |
19 | $validator $TFILE 2>&1 | |
20 | else | |
21 | #fake output for missing validators | |
22 | if [ "$validator" = "jdnssec-verifyzone" ] | |
23 | then | |
24 | echo zone verified. | |
25 | fi | |
26 | fi | |
e62ba1c9 | 27 | fi |
fc0bbb94 PD |
28 | RETVAL=$? |
29 | echo RETVAL: $RETVAL | |
8ded0828 | 30 | if [ $RETVAL -gt 0 ] && { [[ $validator != ldns-verify-zone* ]] || { [[ $skipreasons != *nsec3* ]] && [[ $skipreasons != *optout* ]]; }; } |
fc0bbb94 PD |
31 | then |
32 | echo $validator reported error, full zone content: | |
33 | echo --- | |
34 | cat $TFILE | |
35 | echo --- end of zone content | |
36 | fi | |
37 | echo | |
38 | done | |
39 | ||
40 | rm -f $TFILE | |
41 | done |