-Private-key-format: v1.2
-Algorithm: 8 (RSASHA256)
-Modulus: l31HtJZYaoDXagbsuz6HdvT8gDIyP8+qf9m4pYz852nFP9yfbHAsOGR2ao/+lSoDO/IU/J3iROquYt9uiEHADv7TukFVrip/+PGUeK90w1QPvYf51RioGWaEILqXd4b7wVmLa2R3CfyRShr2TIsy2sRoWc53+hRBuY28gOn7xVa/VxKdEnxRcp1cuXSyam8LuHUrYBSILmgYhhBMJhbBhEzXAJtv6rV9sUJ2Rsjs5Bb+Hs+PfR4uki7PRsmPi90pddkcrxyVJ1MwAWbqtCw0MjTDtB0KBoOZOfdvpMXZQmLh4OeHu4NtKlR3WYjldY3DgLpatSZ5sUt+KvLq+p2Ihw==
-PublicExponent: AQAB
-PrivateExponent: DZWxeXNGCH73Uk2+qufnk/ZSMljOAsTnoEFw+n+TKllk094/+aRxgrkXmWTCSrQSyCxkT2cFJHL7Imiw680hoPafHAPB4DV1dmiLjOsHCIEgTDnGYKKuaGC2Fo1FCfXz25nhE8dVmXKpwMB8N87/x3h3dx45yhZI8o/QSKsy5bZGqLISiYqiAlOs0Gqxdqt6t+r7akxeVcs8xitMtKgvf5bmgulJZQlqT5aL32yzTZud7Miy71vmlPGwWlWwzZxW7o2sVIWRptimGPflpmV/SRdD16SlLBUkvzUctchkT95kqXDqdgBchl2ff/UKyg5GuUeuwrAA0lwlOoPthvMfcQ==
-Prime1: 8qckzuOEAmauNtQBDShkOPjE8mH7f84K47TcDNb6Ye6X+xNyeqJQ/ceFuSWUOQJogIjAmfCRQxh7TiP/31EsW4fbr8K2bKq/mUR3xBKU7O2o2aR2hDUv/WiVKHusPgpNwYJouK5NJKw4lM9/1cis/DwINi007wJZ8wkYTyjVIuk=
-Prime2: n9JwmtfuLc/3X+nqkY2e6LqmA+GTXTk4+8epTCk3+8GClj07PWdI3iHkUH5EkfqOwYWQ0pyWaxylYNBIs8m7+cFbx94ShB42l2h45zISZEviVuuxSj1tiLk25WrTu4dq30xZcFtHVeu9+efLsl3FWG2q9B7B3YSa4LK5+wvRye8=
-Exponent1: tF19RLNlCovcbzDC307owFhZvHkMgoFbIsrqzjh1wJmjKqPX8kP4w8qtIWRHeuDJYNFFqKdismbeMMUdipdBy39+0nR/OOLqrDhydbICNOKrIavX1IncdBZq2L6k1zC9f1s6EByvhtTk8egS84vI2WyeBfcwY4Bx7+8QvLZzRxE=
-Exponent2: kr24UCPEd2HEQtdWXTAH4K1HMrcSA/0/OcXXxqrt0QSarvEnjDhh6jp6FAHrWZERM9Q75XSKk2wo2BxFNHYcVrPXXkqi+5V2EEyG/de2lUorVh1vmbeO84MDSV9tanhqgv3p/MSCWfxqYKMYHvwD7y46UYxP+eEAByFyq3Ltuxc=
-Coefficient: C/xjNwvVWlrWX/NCxT80eW09sWsqvxUlwsMlGK4irzRVSBz2u+/0qkNHoWAjaHlllHAjJAmkKoHgRdl7blxn2C5EOuCtTQJvKO0xcyZgtaCyJpKOwHE3kKv+TIErBPHYxPk0exkyEf4s9REhKlYdV8p92AZWLVwGOMRfAPNuryY=
-
+secure-delegated.dnssec-parent.com. IN DNSKEY 257 3 8 AwEAAZd9R7SWWGqA12oG7Ls+h3b0/IAyMj/Pqn/ZuKWM/OdpxT/cn2xwLDhkdmqP/pUqAzvyFPyd4kTqrmLfbohBwA7+07pBVa4qf/jxlHivdMNUD72H+dUYqBlmhCC6l3eG+8FZi2tkdwn8kUoa9kyLMtrEaFnOd/oUQbmNvIDp+8VWv1cSnRJ8UXKdXLl0smpvC7h1K2AUiC5oGIYQTCYWwYRM1wCbb+q1fbFCdkbI7OQW/h7Pj30eLpIuz0bJj4vdKXXZHK8clSdTMAFm6rQsNDI0w7QdCgaDmTn3b6TF2UJi4eDnh7uDbSpUd1mI5XWNw4C6WrUmebFLfiry6vqdiIc=
--- /dev/null
+Private-key-format: v1.2
+Algorithm: 8 (RSASHA256)
+Modulus: l31HtJZYaoDXagbsuz6HdvT8gDIyP8+qf9m4pYz852nFP9yfbHAsOGR2ao/+lSoDO/IU/J3iROquYt9uiEHADv7TukFVrip/+PGUeK90w1QPvYf51RioGWaEILqXd4b7wVmLa2R3CfyRShr2TIsy2sRoWc53+hRBuY28gOn7xVa/VxKdEnxRcp1cuXSyam8LuHUrYBSILmgYhhBMJhbBhEzXAJtv6rV9sUJ2Rsjs5Bb+Hs+PfR4uki7PRsmPi90pddkcrxyVJ1MwAWbqtCw0MjTDtB0KBoOZOfdvpMXZQmLh4OeHu4NtKlR3WYjldY3DgLpatSZ5sUt+KvLq+p2Ihw==
+PublicExponent: AQAB
+PrivateExponent: DZWxeXNGCH73Uk2+qufnk/ZSMljOAsTnoEFw+n+TKllk094/+aRxgrkXmWTCSrQSyCxkT2cFJHL7Imiw680hoPafHAPB4DV1dmiLjOsHCIEgTDnGYKKuaGC2Fo1FCfXz25nhE8dVmXKpwMB8N87/x3h3dx45yhZI8o/QSKsy5bZGqLISiYqiAlOs0Gqxdqt6t+r7akxeVcs8xitMtKgvf5bmgulJZQlqT5aL32yzTZud7Miy71vmlPGwWlWwzZxW7o2sVIWRptimGPflpmV/SRdD16SlLBUkvzUctchkT95kqXDqdgBchl2ff/UKyg5GuUeuwrAA0lwlOoPthvMfcQ==
+Prime1: 8qckzuOEAmauNtQBDShkOPjE8mH7f84K47TcDNb6Ye6X+xNyeqJQ/ceFuSWUOQJogIjAmfCRQxh7TiP/31EsW4fbr8K2bKq/mUR3xBKU7O2o2aR2hDUv/WiVKHusPgpNwYJouK5NJKw4lM9/1cis/DwINi007wJZ8wkYTyjVIuk=
+Prime2: n9JwmtfuLc/3X+nqkY2e6LqmA+GTXTk4+8epTCk3+8GClj07PWdI3iHkUH5EkfqOwYWQ0pyWaxylYNBIs8m7+cFbx94ShB42l2h45zISZEviVuuxSj1tiLk25WrTu4dq30xZcFtHVeu9+efLsl3FWG2q9B7B3YSa4LK5+wvRye8=
+Exponent1: tF19RLNlCovcbzDC307owFhZvHkMgoFbIsrqzjh1wJmjKqPX8kP4w8qtIWRHeuDJYNFFqKdismbeMMUdipdBy39+0nR/OOLqrDhydbICNOKrIavX1IncdBZq2L6k1zC9f1s6EByvhtTk8egS84vI2WyeBfcwY4Bx7+8QvLZzRxE=
+Exponent2: kr24UCPEd2HEQtdWXTAH4K1HMrcSA/0/OcXXxqrt0QSarvEnjDhh6jp6FAHrWZERM9Q75XSKk2wo2BxFNHYcVrPXXkqi+5V2EEyG/de2lUorVh1vmbeO84MDSV9tanhqgv3p/MSCWfxqYKMYHvwD7y46UYxP+eEAByFyq3Ltuxc=
+Coefficient: C/xjNwvVWlrWX/NCxT80eW09sWsqvxUlwsMlGK4irzRVSBz2u+/0qkNHoWAjaHlllHAjJAmkKoHgRdl7blxn2C5EOuCtTQJvKO0xcyZgtaCyJpKOwHE3kKv+TIErBPHYxPk0exkyEf4s9REhKlYdV8p92AZWLVwGOMRfAPNuryY=
+
PDNS=${PDNS:-../pdns/pdns_server}
PDNS2=${PDNS2:-../pdns/pdns_server}
+cleanlongtxt ()
+{
+ sed -e 's/"A very .*"/"shorter"/' < test.com > test.com.shorttxt
+}
+
+tonsd ()
+{
+ cat > nsd.conf << __EOF__
+server:
+ ip-address: 127.0.0.1@$port
+ database: ./nsd.db
+ zonesdir: .
+ username: ""
+__EOF__
+
+ cleanlongtxt
+ rm -f K*
+ for zone in $(grep zone named.conf | cut -f2 -d\")
+ do
+ if [ ! "${zone: 0:16}" = "secure-delegated" ]
+ then
+ ksk=$(ldns-keygen -r /dev/urandom -a RSASHA256 -k $zone)
+ else
+ ksk="secure-delegated.dnssec-parent.com"
+ fi
+ zsk=$(ldns-keygen -r /dev/urandom -a RSASHA256 $zone)
+ if [ $zone = test.com ]
+ then
+ zonefile=test.com.shorttxt
+ else
+ zonefile=${zone}
+ fi
+
+ case $1 in
+ nsec)
+ ldns-signzone -f ${zone}.signed ${zonefile} $ksk $zsk
+ ;;
+ nsec3)
+ ldns-signzone -n -a 1 -s abcd -t 1 -f ${zone}.signed ${zonefile} $ksk $zsk
+ ;;
+ nsec3-optout)
+ ldns-signzone -n -p -a 1 -s abcd -t 1 -f ${zone}.signed ${zonefile} $ksk $zsk
+ ;;
+ unsigned)
+ cp ${zonefile} ${zone}.signed
+ ;;
+ *)
+ echo 'tonsd called with wrong param'
+ exit 1
+ esac
+ echo "" >> nsd.conf
+ echo "zone:" >> nsd.conf
+ echo " name: \"${zone}\"" >> nsd.conf
+ echo " zonefile: \"${zone}.signed\"" >> nsd.conf
+ echo " provide-xfr: 0.0.0.0/0 NOKEY" >> nsd.conf
+ echo " provide-xfr: ::0/0 NOKEY" >> nsd.conf
+ done
+ nsdc -c nsd.conf rebuild
+}
+
tosql ()
{
make -C ../pdns/backends/bind zone2sql > /dev/null
../pdns/backends/bind/zone2sql --transactions --$1 --named-conf=./named.conf
-
}
bindwait ()
fi
if [ "${zone: 0:16}" = "secure-delegated" ]
then
- ../pdns/pdnssec --config-dir=. $configname import-zone-key $zone $zone.key ksk 2>&1
+ ../pdns/pdnssec --config-dir=. $configname import-zone-key $zone $zone.private ksk 2>&1
../pdns/pdnssec --config-dir=. $configname add-zone-key $zone 1024 zsk 2>&1
keyid=`../pdns/pdnssec --config-dir=. $configname show-zone $zone | grep ZSK | cut -d' ' -f3`
../pdns/pdnssec --config-dir=. $configname activate-zone-key $zone $keyid 2>&1
Usage: ./start-test-stop <port> [<context>] [wait|nowait] [<cachettl>] [<specifictest>]
context is one of:
+ext-nsd ext-nsd-nsec ext-nsd-nsec3
bind bind-dnssec bind-dnssec-nsec3 bind-dnssec-nsec3-optout bind-dnssec-nsec3-narrow
gmysql-nodnssec gmysql gmysql-nsec3 gmysql-nsec3-optout gmysql-nsec3-narrow
gpgsql-nodnssec gpgsql gpgsql-nsec3
#remotebackend-pipe-nsec3 remotebackend-unix-nsec3 remotebackend-http-nsec3
#remotebackend-pipe-nsec3-narrow remotebackend-unix-nsec3-narrow remotebackend-http-nsec3-narrow
-* Add -presigned to any gmysql test (except narrow) to
- test presigned operation
+add -presigned to any ext-nsd bind, gmysql or gsqlite3 test (except narrow)
+to test presigned operation
* Add 'wait' (literally) after the context to not kill
pdns_server immediately after testing. 'nowait' will kill it.
case $context in
+ ext-nsd | ext-nsd-nsec | ext-nsd-nsec3 | ext-nsd-nsec3-optout)
+ case $context in
+ ext-nsd)
+ tonsd unsigned
+ extracontexts="extnsd"
+ skipreasons=nodnssec
+ ;;
+ ext-nsd-nsec)
+ tonsd nsec
+ extracontexts="extnsd dnssec"
+ ;;
+ ext-nsd-nsec3)
+ tonsd nsec3
+ extracontexts="extnsd dnssec nsec3"
+ skipreasons="nsec3"
+ ;;
+ ext-nsd-nsec3-optout)
+ tonsd nsec3-optout
+ extracontexts="extnsd dnssec nsec3 nsec3-optout"
+ skipreasons="optout"
+ ;;
+ esac
+ nsd -c nsd.conf -P pdns.pid -d &
+ sleep 5
+ ;;
+
bind)
$RUNWRAPPER $PDNS --daemon=no --local-port=$port --socket-dir=./ \
--no-shuffle --launch=bind --bind-config=./named.conf \
if [ $presigned = yes ]
then
skipreasons="$skipreasons presigned nodyndns"
- if [ ${context:0:6} = gmysql ]
+ if [ ${context:0:6} = gmysql ] | [ ${context:0:7} = ext-nsd ]
then
context=${context}-presigned
[ -z "$GMYSQL2DB" ] && GMYSQL2DB=pdnstest2
read l
fi
kill $(cat pdns*.pid)
-rm pdns*.pid
+rm pdns*.pid || true
if [ -s "./failed_tests" ]
then
+ set +x
for t in `cat failed_tests`
do
- echo $t
+ echo -e "\n\n$t"
cat $t/diff
done
exit 1