3 cat > pdns-bind.conf << __EOF__
6 bind-config=./named.conf
7 bind-ignore-broken-records=yes
10 $RUNWRAPPER $PDNS --daemon=no --local-address=$address --local-port=$port --config-dir=. \
11 --config-name=bind --socket-dir=./ --no-shuffle \
12 --cache-ttl=$cachettl --dname-processing \
13 --disable-axfr-rectify=yes &
14 skipreasons="nodnssec nodyndns nometa noalias"
18 bind-dnssec | bind-dnssec-nsec3 | bind-hybrid-nsec3 | bind-dnssec-nsec3-optout | bind-dnssec-nsec3-narrow)
20 cat > pdns-bind.conf << __EOF__
23 bind-config=./named.conf
24 bind-ignore-broken-records=yes
26 if [ $context = bind-hybrid-nsec3 ]
28 [ -z "$GMYSQLDB" ] && GMYSQLDB=pdnstest
29 [ -z "$GMYSQLUSER" ] && GMYSQLUSER=root
30 [ -z "$GMYSQLHOST" ] && GMYSQLHOST=localhost
31 [ -z "$GMYSQLPASSWD" ] && GMYSQLPASSWD=''
33 mysqladmin --user="$GMYSQLUSER" --password="$GMYSQLPASSWD" --host="$GMYSQLHOST" --force drop "$GMYSQLDB" \
34 || echo ignoring mysqladmin drop failure
35 mysqladmin --user="$GMYSQLUSER" --password="$GMYSQLPASSWD" --host="$GMYSQLHOST" create "$GMYSQLDB"
36 mysql --user="$GMYSQLUSER" --password="$GMYSQLPASSWD" --host="$GMYSQLHOST" \
37 "$GMYSQLDB" < ../modules/gmysqlbackend/schema.mysql.sql
39 cat >> pdns-bind.conf << __EOF__
42 gmysql-dbname=$GMYSQLDB
43 gmysql-user=$GMYSQLUSER
44 gmysql-host=$GMYSQLHOST
45 gmysql-password=$GMYSQLPASSWD
47 zone-cache-refresh-interval=0
50 echo "bind-dnssec-db=./dnssec.sqlite3" >> pdns-bind.conf
51 $PDNSUTIL --config-dir=. --config-name=bind create-bind-db dnssec.sqlite3
54 for zone in $(grep 'zone ' named.conf | cut -f2 -d\")
56 if [ $context = bind-hybrid-nsec3 ]
58 mysql --user="$GMYSQLUSER" --password="$GMYSQLPASSWD" --host="$GMYSQLHOST" \
59 "$GMYSQLDB" -e "INSERT INTO domains (name, type, master) VALUES('$zone','SLAVE','127.0.0.1:$port')"
61 if [ $zone != insecure.dnssec-parent.com ]
64 if [ $zone = hiddencryptokeys.org ]
66 keyid=$($PDNSUTIL --config-dir=. --config-name=bind list-keys $zone | grep hiddencryptokeys.org | awk '{ print $7 }')
67 $PDNSUTIL --config-dir=. --config-name=bind unpublish-zone-key $zone $keyid
69 if [ $context = bind-dnssec-nsec3 ] || [ $context = bind-dnssec-nsec3-optout ] || [ $context = bind-hybrid-nsec3 ]
71 $PDNSUTIL --config-dir=. --config-name=bind set-nsec3 $zone "1 $optout 1 abcd" 2>&1
72 elif [ $context = bind-dnssec-nsec3-narrow ]
74 $PDNSUTIL --config-dir=. --config-name=bind set-nsec3 $zone '1 1 1 abcd' narrow 2>&1
76 if [ $zone = cryptokeys.org ]
78 $PDNSUTIL --config-dir=. --config-name=bind add-zone-key $zone zsk 384 active unpublished ecdsa384
79 $PDNSUTIL --config-dir=. --config-name=bind add-zone-key $zone zsk 2048 inactive published rsasha512
80 $PDNSUTIL --config-dir=. --config-name=bind add-zone-key $zone zsk 2048 inactive unpublished rsasha256
83 if [ "$zone" = "tsig.com" ]; then
84 $PDNSUTIL --config-dir=. --config-name=bind import-tsig-key test $ALGORITHM $KEY
85 $PDNSUTIL --config-dir=. --config-name=bind activate-tsig-key tsig.com test primary
89 if [ $context = bind-dnssec-nsec3 ] || [ $context = bind-hybrid-nsec3 ]
91 extracontexts="bind dnssec nsec3"
92 skipreasons="nsec3 nodyndns noalias"
93 elif [ $context = bind-dnssec-nsec3-optout ]
95 extracontexts="bind dnssec nsec3 nsec3-optout"
96 skipreasons="optout nodyndns noalias"
97 elif [ $context = bind-dnssec-nsec3-narrow ]
99 extracontexts="bind dnssec narrow"
100 skipreasons="narrow nodyndns noalias"
102 extracontexts="bind dnssec"
103 skipreasons="nodyndns noalias nsec"
106 $RUNWRAPPER $PDNS --daemon=no --local-address=$address --local-port=$port --config-dir=. \
107 --config-name=bind --socket-dir=./ --no-shuffle \
108 --cache-ttl=$cachettl --dname-processing \
109 --disable-axfr-rectify=yes $lua_prequery &