git.ipfire.org Git - thirdparty/bind9.git/commit

author	Matthijs Mekking <matthijs@isc.org>
	Thu, 3 Dec 2020 07:53:34 +0000 (08:53 +0100)
committer	Matthijs Mekking <matthijs@isc.org>
	Wed, 23 Dec 2020 08:02:11 +0000 (09:02 +0100)
commit	fa2e4e66b04dfdc2fccfdacaa6ab7cbded035586
tree	ebbefc08ccd126e05287fedd9f8bb79ef9700270	tree \| snapshot
parent	89c35b71648c3a25023a38165f25f5e7c1ebe4a7	commit \| diff

Add tests for going from secure to insecure

Add two test zones that will be reconfigured to go insecure, by
setting the 'dnssec-policy' option to 'none'.

One zone was using inline-signing (implicitly through dnssec-policy),
the other is a dynamic zone.

Two tweaks to the kasp system test are required: we need to set
when to except the CDS/CDS Delete Records, and we need to know
when we are dealing with a dynamic zone (because the logs to look for
are slightly different, inline-signing prints "(signed)" after the
zone name, dynamic zones do not).

bin/tests/system/kasp/ns6/named.conf.in		diff \| blob \| blame \| history
bin/tests/system/kasp/ns6/named2.conf.in		diff \| blob \| blame \| history
bin/tests/system/kasp/ns6/setup.sh		diff \| blob \| blame \| history
bin/tests/system/kasp/tests.sh		diff \| blob \| blame \| history