From: George Thessalonikefs Date: Wed, 2 Feb 2022 11:54:09 +0000 (+0100) Subject: - Update stream_ssl.tdir test to also use the new forward-host notation. X-Git-Tag: release-1.15.0rc1~7 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=b1feb9fb1e33e19e9232e4de6cf11f0ec9c8c3aa;p=thirdparty%2Funbound.git - Update stream_ssl.tdir test to also use the new forward-host notation. --- diff --git a/doc/Changelog b/doc/Changelog index b978e1da7..dd405b1cf 100644 --- a/doc/Changelog +++ b/doc/Changelog @@ -5,6 +5,7 @@ - Change aggressive-nsec default to yes. - Merge PR #617: Update stub/forward-host notation to accept port and tls-auth-name. + - Update stream_ssl test to also use the new forward-host notation. 1 February 2022: George - Merge PR #603 from fobser: Use OpenSSL 1.1 API to access DSA and RSA diff --git a/testdata/stream_ssl.tdir/stream_ssl.clie.conf b/testdata/stream_ssl.tdir/stream_ssl.clie.conf index 4643c6d55..923ab1fb5 100644 --- a/testdata/stream_ssl.tdir/stream_ssl.clie.conf +++ b/testdata/stream_ssl.tdir/stream_ssl.clie.conf @@ -16,3 +16,7 @@ server: forward-zone: name: "." forward-addr: "127.0.0.1@@SERVPORT@#unbound" + +forward-zone: + name: "test.host." + forward-host: "unbound.server@@SERVPORT@#unbound" diff --git a/testdata/stream_ssl.tdir/stream_ssl.serv.conf b/testdata/stream_ssl.tdir/stream_ssl.serv.conf index c77e39fc5..a5dfcf364 100644 --- a/testdata/stream_ssl.tdir/stream_ssl.serv.conf +++ b/testdata/stream_ssl.tdir/stream_ssl.serv.conf @@ -10,6 +10,8 @@ server: username: "" do-not-query-localhost: yes local-data: "www.example.com. IN A 10.20.30.40" + local-data: "unbound.server. IN A 127.0.0.1" + local-data: "test.host. IN A 1.2.3.4" ssl-port: @SERVPORT@ ssl-service-key: "unbound_server.key" ssl-service-pem: "unbound_server.pem" diff --git a/testdata/stream_ssl.tdir/stream_ssl.test b/testdata/stream_ssl.tdir/stream_ssl.test index b5bc2d911..39972a844 100644 --- a/testdata/stream_ssl.tdir/stream_ssl.test +++ b/testdata/stream_ssl.tdir/stream_ssl.test @@ -73,4 +73,38 @@ else exit 1 fi +rm -f outfile + +# test client unbound (no SSL towards it, but it does SSL to the SSL service) +# test that forward-host notation also works. +echo "> dig test.host. A IN" +dig @127.0.0.1 -p $CLIE_PORT test.host. >outfile 2>&1 +if test "$?" -ne 0; then + echo "exit status not OK" + echo "> cat logfiles" + cat outfile + echo "SSLSERVICE" + cat unboundserv.log + echo "SSLCLIENT" + cat unboundclie.log + echo "Not OK" + exit 1 +else + echo "exit status OK" +fi +echo "> cat logfiles" +cat outfile +echo "SSLSERVICE" +cat unboundserv.log +echo "SSLCLIENT" +cat unboundclie.log +echo "> check answer" +if grep "1.2.3.4" outfile; then + echo "OK" +else + echo "Not OK" + exit 1 +fi + +rm -f outfile exit 0