8 December 2023: Yorgos
- Merge PR #973: Use the origin (DNAME) TTL for synthesized CNAMEs as
per RFC 6672.
+ - Fix root_zonemd unit test, it checks that the root ZONEMD verifies,
+ now that the root has a valid ZONEMD.
7 December 2023: Wouter
- Fix #974: doc: default number of outgoing ports without libevent.
PRE="../.."
# do the test
-echo "> dig www.example.com."
+echo "> dig . SOA"
dig @127.0.0.1 -p $UNBOUND_PORT . SOA | tee outfile
echo "> check answer"
if grep root-servers outfile | grep "nstld.verisign-grs.com"; then
fi
# This is the output when an unsupported algorithm is used.
-if grep "auth zone . ZONEMD unsupported algorithm" unbound.log; then
+if grep "auth zone . zonemd DNSSEC verification of SOA and ZONEMD RRsets secure" unbound.log; then
+ echo "OK"
+else
+ echo "ZONEMD verification not OK"
+ exit 1
+fi
+if grep "auth-zone . ZONEMD hash is correct" unbound.log; then
+ echo "OK"
+else
+ echo "ZONEMD verification not OK"
+ exit 1
+fi
+if grep "auth zone . ZONEMD verification successful" unbound.log; then
echo "OK"
else
echo "ZONEMD verification not OK"
exit 1
fi
# The output of the reload can be checked.
-#echo "> check unbound-control output"
-#if grep "example.com: ZONEMD verification successful" outfile; then
- #echo "OK"
-#else
- #echo "Not OK"
- #exit 1
-#fi
+echo "> check unbound-control output"
+if grep ".: ZONEMD verification successful" outfile; then
+ echo "OK"
+else
+ echo "Not OK"
+ exit 1
+fi
exit 0
projects / thirdparty / unbound.git / commitdiff
