--- /dev/null
+BaseName: 00-lint
+Version: 1.0
+Description: Put source into lint.
+CreationDate: Wed Jan 3 14:12:02 CET 2007
+Maintainer: dr. W.C.A. Wijngaards
+Category:
+Component:
+CmdDepends:
+Depends:
+Help:
+Pre:
+Post:
+Test: 00-lint.test
+AuxFiles:
+Passed:
+Failure:
--- /dev/null
+# #-- 00-lint.test --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+. ../common.sh
+PRE="../.."
+get_make
+
+(cd $PRE ; $MAKE lint)
+
--- /dev/null
+BaseName: 01-doc
+Version: 1.0
+Description: Check documentation
+CreationDate: Wed Jan 3 15:15:01 CET 2007
+Maintainer: dr. W.C.A. Wijngaards
+Category:
+Component:
+CmdDepends:
+Depends:
+Help:
+Pre:
+Post:
+Test: 01-doc.test
+AuxFiles:
+Passed:
+Failure:
--- /dev/null
+# #-- 01-doc.test --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+. ../common.sh
+
+set_doxygen_path
+
+PRE="../.."
+get_make
+(cd $PRE ; $MAKE doc) > mylog 2>&1
+
+bad=0
+if grep -e "Warning" -e "warning" -e "Error" -e "error" mylog >/dev/null 2>&1;
+then
+ cat mylog
+ bad=1
+else
+ # "doxygen ok"
+ cat mylog
+fi
+
+(cd $PRE; find . -name "*.h" -print) >hlist
+(cd $PRE; find . -name "*.c" -print) >>hlist
+# filter out config.h
+fgrep -v -e "config.h" hlist > ilist; mv ilist hlist
+fgrep -v -e "util/configparser" hlist > ilist; mv ilist hlist
+fgrep -v -e "util/configlexer" hlist > ilist; mv ilist hlist
+fgrep -v -e "util/configyyrename" hlist > ilist; mv ilist hlist
+fgrep -v -e "util/locks.h" hlist > ilist; mv ilist hlist
+fgrep -v -e "util/storage/lookup3.c" hlist > ilist; mv ilist hlist
+fgrep -v -e "ldns-src/" hlist > ilist; mv ilist hlist
+fgrep -v -e "libunbound/python/libunbound_wrap.c" hlist > ilist; mv ilist hlist
+fgrep -v -e "pythonmod/interface.h" hlist > ilist; mv ilist hlist
+fgrep -v -e "dnstap" hlist > ilist; mv ilist hlist
+# filter out compat
+fgrep -v -e "compat/" hlist > ilist; mv ilist hlist
+for h in `cat hlist`; do
+ if fgrep "`basename $h`" $PRE/doc/html/files.html >/dev/null; then
+ : # ok
+ else
+ echo "Warning: $h has no documentation."
+ bad=1
+ fi
+done
+exit $bad
--- /dev/null
+BaseName: 02-unittest
+Version: 1.0
+Description: Unit tests.
+CreationDate: Thu Jan 4 16:32:42 CET 2007
+Maintainer: dr. W.C.A. Wijngaards
+Category:
+Component:
+CmdDepends:
+Depends:
+Help:
+Pre:
+Post:
+Test: 02-unittest.test
+AuxFiles:
+Passed:
+Failure:
--- /dev/null
+# #-- 02-unittest.test --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+. ../common.sh
+PRE="../.."
+get_make
+(cd $PRE ; $MAKE unittest; $MAKE lock-verify)
+
+if (cd $PRE; ./unittest); then
+ echo "unit test worked."
+else
+ echo "unit test failed."
+ exit 1
+fi
+if test -f $PRE/ublocktrace.0; then
+ if (cd $PRE; ./lock-verify ublocktrace.*); then
+ echo "lock-verify test worked."
+ else
+ echo "lock-verify test failed."
+ exit 1
+ fi
+fi
+exit 0
--- /dev/null
+BaseName: 03-testbound
+Version: 1.0
+Description: Run testbound event replay scenarios.
+CreationDate: Tue Feb 13 16:36:18 CET 2007
+Maintainer: dr. W.C.A. Wijngaards
+Category:
+Component:
+CmdDepends:
+Depends:
+Help:
+Pre:
+Post:
+Test: 03-testbound.test
+AuxFiles:
+Passed:
+Failure:
--- /dev/null
+# #-- 03-testbound.test --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+. ../common.sh
+PRE="../.."
+get_make
+(cd $PRE ; $MAKE testbound)
+exitval=0
+# quiet="" to make verbose
+
+do_valgrind=no
+# valgrind mode for debug
+#if grep "staticexe=-static" $PRE/Makefile >/dev/null 2>&1; then
+# if test -x "`which valgrind`"; then
+# do_valgrind=yes
+# fi
+#fi
+
+# self-test (unit test of testbound)
+if test $do_valgrind = "yes"; then
+ if (valgrind $PRE/testbound -s >tmpout 2>&1;); then
+ echo "selftest OK "
+ else
+ echo "selftest FAILED"
+ exit 1
+ fi
+ if grep "All heap blocks were freed -- no leaks are possible." tmpout >/dev/null 2>&1; then
+ : # clean
+ else
+ echo "Memory leaked in selftest"
+ grep "in use at exit" tmpout
+ exit 1
+ fi
+else
+ if ($PRE/testbound -s >/dev/null 2>&1;); then
+ echo "selftest OK "
+ else
+ echo "selftest FAILED"
+ exit 1
+ fi
+fi
+
+
+# the .crpl are not always supported and need checking for SHA256 and GOST
+# support.
+# the .rpl should work on any system (portable).
+for input in $PRE/testdata/*.rpl $PRE/testdata/*.crpl; do
+ header=`grep SCENARIO_BEGIN $input | head -1 | sed -e 's/SCENARIO_BEGIN //'`
+ cleaninput=`echo $input | sed -e "s?$PRE/testdata/??"`
+
+ # detect if SHA256 is needed
+ if echo $cleaninput | grep sha2 >/dev/null 2>&1; then
+ if $PRE/testbound -2 >/dev/null 2>&1; then
+ : # the SHA256 is supported
+ else
+ continue
+ fi
+ fi
+
+ # detect if GOST is needed
+ if echo $cleaninput | grep gost >/dev/null 2>&1; then
+ if $PRE/testbound -g >/dev/null 2>&1; then
+ : # GOST is supported
+ else
+ continue
+ fi
+ fi
+
+ # detect if CLIENT_SUBNET is needed
+ if echo $cleaninput | grep subnet >/dev/null 2>&1; then
+ if $PRE/testbound -c >/dev/null 2>&1; then
+ : # CLIENT_SUBNET is supported
+ else
+ continue
+ fi
+ fi
+
+ # detect if IPSECMOD is needed
+ if echo $cleaninput | grep ipsecmod >/dev/null 2>&1; then
+ if $PRE/testbound -i >/dev/null 2>&1; then
+ : # IPSECMOD is supported
+ else
+ continue
+ fi
+ fi
+
+ if test $do_valgrind = "yes"; then
+ if (valgrind $PRE/testbound -p $input >tmpout 2>&1;); then
+ echo " OK $cleaninput: $header"
+ else
+ echo "FAILED $cleaninput: $header"
+ exitval=1
+ fi
+ if grep "All heap blocks were freed -- no leaks are possible." tmpout >/dev/null 2>&1; then
+ : # clean
+ else
+ echo "Memory leaked in $cleaninput"
+ grep "in use at exit" tmpout
+ exitval=1
+ fi
+ else
+ # do valgrind=no
+ if ($PRE/testbound -p $input >/dev/null 2>&1;); then
+ echo " OK $cleaninput: $header"
+ else
+ echo "FAILED $cleaninput: $header"
+ exitval=1
+ fi
+ fi
+ if test -f ublocktrace.0; then
+ if $PRE/lock-verify ublocktrace.*; then
+ #echo "lock-verify test $input worked."
+ i=i
+ else
+ echo "lock-verify test $input failed."
+ exitval=1
+ fi
+ fi
+done
+exit $exitval
--- /dev/null
+BaseName: 04-checkconf
+Version: 1.0
+Description: Test configuration checker.
+CreationDate: Fri Sep 28 15:46:27 CEST 2007
+Maintainer: dr. W.C.A. Wijngaards
+Category:
+Component:
+CmdDepends:
+Depends:
+Help:
+Pre:
+Post:
+Test: 04-checkconf.test
+AuxFiles:
+Passed:
+Failure:
--- /dev/null
+# #-- 04-checkconf.test --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+PRE="../.."
+# test that failed exit code is used
+$PRE/unbound-checkconf bla bla bla>/dev/null
+if test $? != 1; then
+ echo "exit code for usage wrong"
+ exit 1
+fi
+$PRE/unbound-checkconf -h >/dev/null
+if test $? != 1; then
+ echo "exit code for usage wrong"
+ exit 1
+fi
+$PRE/unbound-checkconf notexist_file
+if test $? != 1; then
+ echo "exit code for nofile wrong"
+ exit 1
+fi
+
+# detect windows
+if grep "define UB_ON_WINDOWS 1" ../../config.h; then
+ onwin=1
+else
+ onwin=0
+fi
+
+# test check of config files.
+for f in bad.*; do
+ echo
+ echo $PRE/unbound-checkconf $f
+ if test $f = "bad.user" -a $onwin -eq 1; then
+ echo "skipped on windows"
+ continue
+ fi
+
+ $PRE/unbound-checkconf $f
+ if test $? != 1; then
+ echo "exit code case $f wrong"
+ exit 1
+ fi
+done
+for f in good.*; do
+ echo
+ echo $PRE/unbound-checkconf $f
+ $PRE/unbound-checkconf $f
+ if test $? != 0; then
+ echo "exit code case $f wrong"
+ exit 1
+ fi
+done
+
+echo $PRE/unbound-checkconf warn.algo
+$PRE/unbound-checkconf warn.algo > outfile 2>&1
+if test $? != 0; then
+ cat outfile
+ echo "wrong exit code, warning should not fail with error"
+ exit 1
+fi
+cat outfile
+if grep "unsupported algo" outfile; then
+ echo "OK"
+else
+ echo "Failed, should print warning"
+ exit 1
+fi
+
+exit 0
--- /dev/null
+server:
+ # to make sure the check doesn't fail on username or chrootdir.
+ username: ""
+ chroot: ""
+
+forward-zone:
+ name: "example.com"
+ forward-addr: 123.123.AAAA.123
--- /dev/null
+# bad host and interface lines.
+server:
+ username: ""
+ interface: 127.0.0.1
+ interface: 127.0.0.1
+ interface: 127.0.0.1
+ outgoing-interface: ::1
+ outgoing-interface: ::1
+ outgoing-interface: ::1
+
+forward-zone:
+ name: root.
+ forward-host: 127.0.0.1
+
+stub-zone:
+ name: com.
+ stub-host: ::3
--- /dev/null
+server:
+ interface: 123.AAAA.123.123
--- /dev/null
+# test daemon
+options {
+ directory "/home/wouter/bla";
+ version "test BIND 24";
+ pid-file "/home/wouter/named_24.pid";
+ dnssec-enable yes;
+ listen-on-v6 { any; };
+};
+
+// logging clause
+logging {
+ channel mainlog {
+ file "named_24.log" size 10m;
+ severity info;
+ };
+ category default {
+ mainlog;
+ };
+};
+
+zone "." IN {
+ type hint;
+ file "root.servers";
+};
+
+zone "localhost" IN {
+ type master;
+ file "localhost.zone";
+ allow-update { none; };
+};
+zone "0.0.127.in-addr.arpa" IN {
+ type master;
+ file "localhost.rev";
+ allow-update { none; };
+};
--- /dev/null
+server:
+ username: blabla_noexist_user
--- /dev/null
+# To test, all options are used.
+#
+# Example configuration file.
+#
+# See unbound.conf(5) man page.
+#
+# this is a comment.
+
+#Use this to include other text into the file.
+#include: "otherfile.conf"
+
+# The server clause sets the main parameters.
+server:
+ # whitespace is not necessary, but looks cleaner.
+
+ # verbosity number, 0 is least verbose. 1 is default.
+ verbosity: 2
+
+ # number of threads to create. 1 disables threading.
+ num-threads: 1
+
+ # specify the interfaces to answer queries from by ip-address.
+ # If you give none the default (all) interface is used.
+ # specify every interface on a new 'interface:' labelled line.
+ interface: 192.0.2.153
+ interface: 192.0.2.154
+ interface: 2001:DB8::5
+
+ # port to answer queries from
+ port: 53
+
+ # number of port to allocate per thread, determines the size of the
+ # port range. A larger port range gives more resistance to certain
+ # spoof attacks, as it gets harder to guess which port is used.
+ # But also takes more system resources (for open sockets).
+ outgoing-range: 16
+
+ outgoing-port-permit: 1000-1020
+ outgoing-port-avoid: 2000-2048
+ outgoing-port-avoid: 3000
+
+ # number of outgoing simultaneous tcp buffers to hold per thread.
+ outgoing-num-tcp: 10
+
+ # number of incoming simultaneous tcp buffers to hold per thread.
+ incoming-num-tcp: 10
+
+ # buffer size for handling DNS data. No messages larger than this
+ # size can be sent or received, by UDP or TCP. In bytes.
+ msg-buffer-size: 65552
+
+ # the amount of memory to use for the message cache.
+ # in bytes. default is 4 Mb
+ msg-cache-size: 4194304
+
+ # the number of slabs to use for the message cache.
+ # the number of slabs must be a power of 2.
+ # more slabs reduce lock contention, but fragment memory usage.
+ msg-cache-slabs: 4
+
+ # the number of queries that a thread gets to service.
+ num-queries-per-thread: 1024
+
+ # the amount of memory to use for the RRset cache.
+ # in bytes. default is 4 Mb
+ rrset-cache-size: 4194304
+
+ # the number of slabs to use for the RRset cache.
+ # the number of slabs must be a power of 2.
+ # more slabs reduce lock contention, but fragment memory usage.
+ rrset-cache-slabs: 4
+
+ # the time to live (TTL) value for cached roundtrip times and
+ # EDNS version information for hosts. In seconds.
+ infra-host-ttl: 900
+
+ # the time to live (TTL) value for cached lame delegations. In sec.
+ infra-lame-ttl: 900
+
+ # the number of slabs to use for the Infrastructure cache.
+ # the number of slabs must be a power of 2.
+ # more slabs reduce lock contention, but fragment memory usage.
+ infra-cache-slabs: 4
+
+ # the maximum number of hosts that are cached (roundtrip times, EDNS).
+ infra-cache-numhosts: 10000
+
+ # the maximum size of the lame zones cached per host. in bytes.
+ infra-cache-lame-size: 10240
+
+ # Enable IPv4, "yes" or "no".
+ do-ip4: yes
+
+ # Enable IPv6, "yes" or "no".
+ do-ip6: yes
+
+ # Enable UDP, "yes" or "no".
+ do-udp: yes
+
+ # Enable TCP, "yes" or "no".
+ do-tcp: yes
+
+ # if given, a chroot(2) is done to the given directory.
+ # i.e. you can chroot to the working directory, for example,
+ # for extra security, but make sure all files are in that directory.
+ chroot: ""
+
+ # if given, user privileges are dropped (after binding port),
+ # and the given username is assumed. Default is nothing "".
+ username: "nobody"
+
+ # the working directory.
+ directory: "."
+
+ # the log file, "" means log to stderr.
+ # Use of this option sets use-syslog to "no".
+ logfile: ""
+
+ # Log to syslog(3) if yes. The log facility LOG_DAEMON is used to
+ # log to, with identity "unbound". If yes, it overrides the logfile.
+ use-syslog: no
+
+ # the pid file.
+ pidfile: "unbound.pid"
+
+ # enable to not answer id.server and hostname.bind queries.
+ hide-identity: no
+
+ # enable to not answer version.server and version.bind queries.
+ hide-version: no
+
+ # the identity to report. Leave "" or default to return hostname.
+ identity: ""
+
+ # the version to report. Leave "" or default to return package version.
+ version: ""
+
+ # the target fetch policy.
+ # series of integers describing the policy per dependency depth.
+ # The number of values in the list determines the maximum dependency
+ # depth the recursor will pursue before giving up. Each integer means:
+ # -1 : fetch all targets opportunistically,
+ # 0: fetch on demand,
+ # positive value: fetch that many targets opportunistically.
+ # Enclose the list of numbers between quotes ("").
+ target-fetch-policy: "3 2 1 0 0"
+
+ # Harden against very small EDNS buffer sizes.
+ harden-short-bufsize: yes
+
+ # Harden against unseemly large queries.
+ harden-large-queries: yes
+
+ # Harden against out of zone rrsets, to avoid spoofing attempts.
+ harden-glue: yes
+
+ # Do not query the following addresses. No DNS queries are sent there.
+ # List one address per entry. To block other ports than the default
+ # DNS port, use "1.2.3.4@123" to block port 123 for 1.2.3.4.
+ do-not-query-address: 127.0.0.1
+ do-not-query-address: 127.0.0.2
+ do-not-query-address: 127.255.255.255
+ do-not-query-address: ::1
+
+ # module configuration of the server. A string with identifiers
+ # separated by spaces. "iterator" or "validator iterator"
+ module-config: "validator iterator"
+
+ # File with trusted keys for validation. Specify more than one file
+ # with several entries, one file per entry.
+ # Zone file format, with DS and DNSKEY entries.
+ trust-anchor-file: ""
+
+ # Trusted key for validation. DS or DNSKEY. specify the RR on a
+ # single line, surrounded by "". TTL is ignored. class is IN default.
+ # (These examples are from August 2007 and may not be valid anymore).
+ trust-anchor: "nlnetlabs.nl. DNSKEY 257 3 5 AQPzzTWMz8qSWIQlfRnPckx2BiVmkVN6LPupO3mbz7FhLSnm26n6iG9N Lby97Ji453aWZY3M5/xJBSOS2vWtco2t8C0+xeO1bc/d6ZTy32DHchpW 6rDH1vp86Ll+ha0tmwyy9QP7y2bVw5zSbFCrefk8qCUBgfHm9bHzMG1U BYtEIQ=="
+ trust-anchor: "jelte.nlnetlabs.nl. DS 42860 5 1 14D739EB566D2B1A5E216A0BA4D17FA9B038BE4A"
+
+ # File with trusted keys for validation. Specify more than one file
+ # with several entries, one file per entry. Like trust-anchor-file
+ # but has a different file format. Format is BIND-9 style format,
+ # the trusted-keys { name flag proto algo "key"; }; clauses are read.
+ trusted-keys-file: ""
+
+ # Override the date for validation with a specific fixed date.
+ # Do not set this unless you are debugging signature inception
+ # and expiration. "" or "0" turns the feature off.
+ val-override-date: ""
+
+ # The time to live for bogus data, rrsets and messages. This avoids
+ # some of the revalidation, until the time interval expires. in secs.
+ val-bogus-ttl: 900
+
+ # Should additional section of secure message also be kept clean of
+ # unsecure data. Useful to shield the users of this validator from
+ # potential bogus data in the additional section. All unsigned data
+ # in the additional section is removed from secure messages.
+ val-clean-additional: yes
+
+ # Turn permissive mode on to permit bogus messages. Thus, messages
+ # for which security checks failed will be returned to clients,
+ # instead of SERVFAIL. It still performs the security checks, which
+ # result in interesting log files and possibly the AD bit in
+ # replies if the message is found secure. The default is off.
+ val-permissive-mode: no
+
+ # It is possible to configure NSEC3 maximum iteration counts per
+ # keysize. Keep this table very short, as linear search is done.
+ # A message with an NSEC3 with larger count is marked insecure.
+ # List in ascending order the keysize and count values.
+ val-nsec3-keysize-iterations: "1024 150 2048 500 4096 2500"
+
+ # the amount of memory to use for the key cache.
+ # in bytes. default is 4 Mb
+ key-cache-size: 4194304
+
+ # the number of slabs to use for the key cache.
+ # the number of slabs must be a power of 2.
+ # more slabs reduce lock contention, but fragment memory usage.
+ key-cache-slabs: 4
+
+
+# Stub zones.
+# Create entries like below, to make all queries for 'example.com' and
+# 'example.org' go to the given list of nameservers. list zero or more
+# nameservers by hostname or by ipaddress.
+stub-zone:
+ name: "example.com"
+ stub-addr: 192.0.2.68
+stub-zone:
+ name: "example.org"
+ stub-host: ns.example.com.
+
+# Forward zones
+# Create entries like below, to make all queries for 'example.com' and
+# 'example.org' go to the given list of servers. These servers have to handle
+# recursion to other nameservers. List zero or more nameservers by hostname
+# or by ipaddress. Use an entry with name "." to forward all queries.
+forward-zone:
+ name: "example.com"
+ forward-addr: 192.0.2.68
+ forward-addr: 192.0.2.73@5355 # forward to port 5355.
+forward-zone:
+ name: "example.org"
+ forward-host: fwd.example.com
--- /dev/null
+#
+# bug301 : unbound-checkconf cannot parse interface '0.0.0.0@5353'
+
+#Use this to include other text into the file.
+#include: "otherfile.conf"
+
+# The server clause sets the main parameters.
+server:
+ # specify the interfaces to answer queries from by ip-address.
+ # If you give none the default (all) interface is used.
+ # specify every interface on a new 'interface:' labelled line.
+ interface: 192.0.2.153
+ interface: 192.0.2.154
+ interface: 2001:DB8::5
+ interface: 0.0.0.0@5353
+
+ # config
+ chroot: ""
+ username: "nobody"
+ directory: "."
+ logfile: ""
+ use-syslog: no
+ pidfile: "unbound.pid"
--- /dev/null
+# include some file to test include functionality.
+
+include: "good.all"
+
+server:
+ identity: "my identity"
--- /dev/null
+server:
+ chroot: ""
+ directory: ""
+ pidfile: ""
+ username: ""
+ logfile: ""
+
+ trust-anchor: "jelte.nlnetlabs.nl. DS 42860 2000 1 14D739EB566D2B1A5E216A0BA4D17FA9B038BE4A"
+
--- /dev/null
+BaseName: 05-asynclook
+Version: 1.0
+Description: Test async lookup using libunbound
+CreationDate: Fri Jan 25 09:50:35 CET 2008
+Maintainer: dr. W.C.A. Wijngaards
+Category:
+Component:
+CmdDepends:
+Depends:
+Help:
+Pre: 05-asynclook.pre
+Post: 05-asynclook.post
+Test: 05-asynclook.test
+AuxFiles:
+Passed:
+Failure:
--- /dev/null
+# Host Database
+#
+# This file should contain the addresses and aliases for local hosts that
+# share this file. Replace 'my.domain' below with the domainname of your
+# machine.
+#
+::1 localhost localhost.my.domain
+127.0.0.1 localhost localhost.my.domain
+# Imaginary network.
+10.0.0.2 myname.my.domain myname
+10.0.0.3 myfriend.my.domain myfriend
+10.20.30.40 virtual.virtual.virtual.local
--- /dev/null
+# #-- 05-asynclook.post --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# source the test var file when it's there
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+#
+# do your teardown here
+
+. ../common.sh
+kill_pid $FWD_PID
--- /dev/null
+# #-- 05-asynclook.pre--#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+. ../common.sh
+get_random_port 2
+FWD_PORT=$(($RND_PORT + 1))
+echo "FWD_PORT=$FWD_PORT" >> .tpkg.var.test
+
+# start forwarder
+get_ldns_testns
+$LDNS_TESTNS -p $FWD_PORT 05-asynclook.testns >fwd.log 2>&1 &
+FWD_PID=$!
+echo "FWD_PID=$FWD_PID" >> .tpkg.var.test
+
+cat .tpkg.var.test
+
+wait_ldns_testns_up fwd.log
--- /dev/null
+# #-- 05-asynclook.test --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+PRE="../.."
+. ../common.sh
+# test if fwder is up
+echo "> dig @127.0.0.1 -p $FWD_PORT www.example.com | tee outfile"
+dig @127.0.0.1 -p $FWD_PORT www.example.com | tee outfile
+if grep "10.20.30.40" outfile; then
+ echo "fwder is up"
+else
+ cat fwd.log
+ echo "fwder not up"
+ exit 1
+fi
+rm outfile
+
+# create asynclook
+get_make
+echo "> (cd $PRE ; $MAKE asynclook)"
+(cd $PRE ; $MAKE asynclook)
+if test ! -x $PRE/asynclook; then
+ echo "cannot build asynclook test program"
+ exit 1
+fi
+(cd $PRE ; $MAKE lock-verify)
+
+# check the locks.
+function locktest() {
+ if test -x $PRE/lock-verify -a -f ublocktrace.0; then
+ $PRE/lock-verify ublocktrace.*
+ if test $? -ne 0; then
+ echo "lock-verify error"
+ exit 1
+ fi
+ fi
+}
+
+# detect if there is forking on this system.
+HAVE_FORK=yes
+if grep "undef HAVE_FORK" $PRE/config.h >/dev/null 2>&1; then
+ HAVE_FORK=no
+fi
+
+if test $HAVE_FORK = yes; then
+# test hosts reading (directed at local auth info)
+echo '> $PRE/asynclook -H 05-asynclook.hosts virtual.virtual.virtual.local 2>&1 | tee outfile'
+$PRE/asynclook -H 05-asynclook.hosts virtual.virtual.virtual.local 2>&1 | tee outfile
+if grep "virtual.virtual.virtual.local: 10.20.30.40" outfile; then
+ echo "OK"
+else
+ echo "Not OK"
+ exit 1
+fi
+locktest
+rm outfile
+
+# test async lookups (directed at testns)
+echo '> $PRE/asynclook -f "127.0.0.1@"$FWD_PORT www.example.com 2>&1 | tee outfile'
+$PRE/asynclook -f "127.0.0.1@"$FWD_PORT www.example.com 2>&1 | tee outfile
+if grep "www.example.com: 10.20.30.40" outfile; then
+ echo "OK"
+else
+ cat fwd.log
+ echo "Not OK"
+ exit 1
+fi
+locktest
+rm outfile
+
+echo '> $PRE/asynclook -f "127.0.0.1@"$FWD_PORT www.example.com www2.example.com 2>&1 | tee outfile'
+$PRE/asynclook -f "127.0.0.1@"$FWD_PORT www.example.com www2.example.com 2>&1 | tee outfile
+if grep "www.example.com: 10.20.30.40" outfile; then
+ echo "OK"
+else
+ cat fwd.log
+ echo "Not OK"
+ exit 1
+fi
+if grep "www2.example.com: 10.20.30.42" outfile; then
+ echo "OK"
+else
+ cat fwd.log
+ echo "Not OK"
+ exit 1
+fi
+locktest
+rm outfile
+
+fi #HAVE_FORK
+
+echo '> $PRE/asynclook -t -f "127.0.0.1@"$FWD_PORT www.example.com www2.example.com 2>&1 | tee outfile'
+$PRE/asynclook -t -f "127.0.0.1@"$FWD_PORT www.example.com www2.example.com 2>&1 | tee outfile
+if grep "www.example.com: 10.20.30.40" outfile; then
+ echo "OK"
+else
+ cat fwd.log
+ echo "Not OK"
+ exit 1
+fi
+if grep "www2.example.com: 10.20.30.42" outfile; then
+ echo "OK"
+else
+ cat fwd.log
+ echo "Not OK"
+ exit 1
+fi
+locktest
+rm outfile
+
+if test $HAVE_FORK = yes; then
+# test cancellation
+echo '> $PRE/asynclook -c -f "127.0.0.1@"$FWD_PORT www.example.com www2.example.com 2>&1 | tee outfile'
+$PRE/asynclook -c -f "127.0.0.1@"$FWD_PORT www.example.com www2.example.com 2>&1 | tee outfile
+if grep "www.example.com: cancelled" outfile; then
+ echo "OK"
+else
+ cat fwd.log
+ echo "Not OK"
+ exit 1
+fi
+if grep "www2.example.com: cancelled" outfile; then
+ echo "OK"
+else
+ cat fwd.log
+ echo "Not OK"
+ exit 1
+fi
+locktest
+rm outfile
+fi #HAVE_FORK
+
+echo '> $PRE/asynclook -t -c -f "127.0.0.1@"$FWD_PORT www.example.com www2.example.com 2>&1 | tee outfile'
+$PRE/asynclook -t -c -f "127.0.0.1@"$FWD_PORT www.example.com www2.example.com 2>&1 | tee outfile
+if grep "www.example.com: cancelled" outfile; then
+ echo "OK"
+else
+ cat fwd.log
+ echo "Not OK"
+ exit 1
+fi
+if grep "www2.example.com: cancelled" outfile; then
+ echo "OK"
+else
+ cat fwd.log
+ echo "Not OK"
+ exit 1
+fi
+locktest
+rm outfile
+
+if test $HAVE_FORK = yes; then
+# test blocking mode
+echo '> $PRE/asynclook -b -f "127.0.0.1@"$FWD_PORT www.example.com www2.example.com 2>&1 | tee outfile'
+$PRE/asynclook -b -f "127.0.0.1@"$FWD_PORT www.example.com www2.example.com 2>&1 | tee outfile
+if grep "www.example.com: 10.20.30.40" outfile; then
+ echo "OK"
+else
+ cat fwd.log
+ echo "Not OK"
+ exit 1
+fi
+if grep "www2.example.com: 10.20.30.42" outfile; then
+ echo "OK"
+else
+ cat fwd.log
+ echo "Not OK"
+ exit 1
+fi
+locktest
+rm outfile
+fi #HAVE_FORK
+
+echo '> $PRE/asynclook -t -b -f "127.0.0.1@"$FWD_PORT www.example.com www2.example.com 2>&1 | tee outfile'
+$PRE/asynclook -t -b -f "127.0.0.1@"$FWD_PORT www.example.com www2.example.com 2>&1 | tee outfile
+if grep "www.example.com: 10.20.30.40" outfile; then
+ echo "OK"
+else
+ cat fwd.log
+ echo "Not OK"
+ exit 1
+fi
+if grep "www2.example.com: 10.20.30.42" outfile; then
+ echo "OK"
+else
+ cat fwd.log
+ echo "Not OK"
+ exit 1
+fi
+locktest
+rm outfile
+
+echo "> cat logfiles"
+cat fwd.log
+exit 0
--- /dev/null
+; nameserver test file
+$ORIGIN example.com.
+$TTL 3600
+
+; for priming query
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id
+SECTION QUESTION
+@ IN NS
+SECTION ANSWER
+@ IN NS 127.0.0.1
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id
+SECTION QUESTION
+www IN A
+SECTION ANSWER
+www IN A 10.20.30.40
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id
+SECTION QUESTION
+www2 IN A
+SECTION ANSWER
+www2 IN A 10.20.30.42
+ENTRY_END
+
--- /dev/null
+BaseName: 06-ianaports
+Version: 1.0
+Description: check if iana assigned ports have changed.
+CreationDate: Thu Apr 10 12:42:40 CEST 2008
+Maintainer: dr. W.C.A. Wijngaards
+Category:
+Component:
+CmdDepends:
+Depends:
+Help:
+Pre:
+Post:
+Test: 06-ianaports.test
+AuxFiles:
+Passed:
+Failure:
--- /dev/null
+# #-- 06-ianaports.test --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+PRE="../.."
+. ../common.sh
+
+mkdir util
+get_make
+echo "> $MAKE -f $PRE/Makefile iana_update"
+$MAKE -f $PRE/Makefile iana_update
+if test $? -ne 0; then
+ echo "cannot iana update"
+ exit 1
+fi
+
+diff -u $PRE/util/iana_ports.inc util/iana_ports.inc
+if test $? -ne 0; then
+ echo "IANA assigned ports have updated, make iana_update and commit"
+ echo "cp util/iana_ports.inc $PRE/util/iana_ports.inc"
+ cp util/iana_ports.inc $PRE/util/iana_ports.inc
+ exit 1
+fi
+
+exit 0
--- /dev/null
+BaseName: 07-confroot
+Version: 1.0
+Description: test checkconf with chroot dir.
+CreationDate: Mon Apr 14 14:54:59 CEST 2008
+Maintainer: dr. W.C.A. Wijngaards
+Category:
+Component:
+CmdDepends:
+Depends:
+Help:
+Pre:
+Post:
+Test: 07-confroot.test
+AuxFiles:
+Passed:
+Failure:
--- /dev/null
+# #-- 07-confroot.test --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+PRE="../.."
+
+if uname | grep "MINGW" >/dev/null; then
+ # no chroot, no need to test.
+ # (test fails on / en \ comparisons, by the way).
+ echo "no chroot on windows, end test"
+ exit 0
+fi
+
+# create config file
+cwd=`pwd -P`
+subdir=$cwd/subdir
+user=`whoami`
+mkdir subdir
+if test $? -ne 0; then
+ echo "could not create subdir"
+ exit 1
+fi
+
+cat > test.conf <<EOF
+server:
+ chroot: $cwd
+ directory: $subdir
+ username: $user
+
+ pidfile: "/unbound.pid"
+ root-hints: "root.ca"
+ root-hints: "$subdir/root.cb"
+ root-hints: "/subdir/root.cc"
+
+ logfile: "output.log"
+
+ trust-anchor-file: "$subdir/trustanchor.conf"
+ trust-anchor-file: "/subdir/trustanchor.conf"
+ trust-anchor-file: "trustanchor.conf"
+
+ trusted-keys-file: "trustkeys.conf"
+ trusted-keys-file: "$subdir/trustkeys2.conf"
+ trusted-keys-file: "/subdir/trustkeys3.conf"
+EOF
+
+# fake root file
+echo ". NS a.root-servers.net." > subdir/root.ca
+echo "a.root-servers.net. IN A 127.0.0.1" >> subdir/root.ca
+echo ". CH NS b.root-servers.net." > subdir/root.cb
+echo "b.root-servers.net. CH A 127.0.0.1" >> subdir/root.cb
+echo ". HS NS c.root-servers.net." > subdir/root.cc
+echo "c.root-servers.net. HS A 127.0.0.1" >> subdir/root.cc
+echo "" > subdir/trustkeys.conf
+echo "" > subdir/trustkeys2.conf
+echo "" > subdir/trustkeys3.conf
+echo "" > subdir/trustanchor.conf
+echo "" > subdir/trustanchor2.conf
+echo "" > subdir/trustanchor3.conf
+
+$PRE/unbound-checkconf test.conf
+if test $? -ne 0; then
+ echo "Checkconf of config with chroot inside it failed"
+ exit 1
+fi
+echo "OK 1"
+
+### NEXT TEST
+
+cat > test.conf <<EOF
+server:
+ chroot: $cwd
+ directory: "subdir"
+ username: $user
+
+ pidfile: "/unbound.pid"
+ root-hints: "root.ca"
+ root-hints: "$subdir/root.cb"
+ root-hints: "/subdir/root.cc"
+
+ logfile: "output.log"
+
+ trust-anchor-file: "$subdir/trustanchor.conf"
+ trust-anchor-file: "/subdir/trustanchor.conf"
+ trust-anchor-file: "trustanchor.conf"
+
+ trusted-keys-file: "trustkeys.conf"
+ trusted-keys-file: "$subdir/trustkeys2.conf"
+ trusted-keys-file: "/subdir/trustkeys3.conf"
+EOF
+
+$PRE/unbound-checkconf test.conf
+if test $? -ne 0; then
+ echo "Checkconf of config with chroot inside it failed"
+ exit 1
+fi
+echo "OK 2"
+
+### NEXT TEST
+
+cat > test.conf <<EOF
+server:
+ chroot: $cwd
+ directory: "/subdir"
+ username: $user
+
+ pidfile: "/unbound.pid"
+ root-hints: "root.ca"
+ root-hints: "$subdir/root.cb"
+ root-hints: "/subdir/root.cc"
+
+ logfile: "output.log"
+
+ trust-anchor-file: "$subdir/trustanchor.conf"
+ trust-anchor-file: "/subdir/trustanchor.conf"
+ trust-anchor-file: "trustanchor.conf"
+
+ trusted-keys-file: "trustkeys.conf"
+ trusted-keys-file: "$subdir/trustkeys2.conf"
+ trusted-keys-file: "/subdir/trustkeys3.conf"
+EOF
+
+$PRE/unbound-checkconf test.conf
+if test $? -ne 0; then
+ echo "Checkconf of config with chroot inside it failed"
+ exit 1
+fi
+echo "OK 3"
+
+### NEXT TEST
+
+cat > test.conf <<EOF
+server:
+ chroot: "."
+ directory: "./subdir"
+ username: $user
+
+ pidfile: "/unbound.pid"
+ root-hints: "root.ca"
+ #root-hints: "$subdir/root.cb"
+ root-hints: "/subdir/root.cc"
+
+ logfile: "output.log"
+
+ #trust-anchor-file: "$subdir/trustanchor.conf"
+ trust-anchor-file: "/subdir/trustanchor.conf"
+ trust-anchor-file: "trustanchor.conf"
+
+ trusted-keys-file: "trustkeys.conf"
+ #trusted-keys-file: "$subdir/trustkeys2.conf"
+ trusted-keys-file: "/subdir/trustkeys3.conf"
+EOF
+
+$PRE/unbound-checkconf test.conf
+if test $? -ne 1; then
+ echo "Checkconf of config with chroot inside it failed"
+ exit 1
+fi
+echo "OK 4"
+
+### NEXT TEST
+
+cat > test.conf <<EOF
+server:
+ chroot: ""
+ directory: "subdir"
+ username: $user
+
+ pidfile: "/unbound.pid"
+ root-hints: "root.ca"
+ root-hints: "$subdir/root.cb"
+ #root-hints: "/subdir/root.cc"
+
+ logfile: "output.log"
+
+ trust-anchor-file: "$subdir/trustanchor.conf"
+ #trust-anchor-file: "/subdir/trustanchor.conf"
+ trust-anchor-file: "trustanchor.conf"
+
+ trusted-keys-file: "trustkeys.conf"
+ trusted-keys-file: "$subdir/trustkeys2.conf"
+ #trusted-keys-file: "/subdir/trustkeys3.conf"
+EOF
+
+$PRE/unbound-checkconf test.conf
+if test $? -ne 0; then
+ echo "Checkconf of config with chroot inside it failed"
+ exit 1
+fi
+echo "OK 5"
+
+### NEXT TEST
+
+cat > test.conf <<EOF
+server:
+ chroot: ""
+ directory: ""
+ username: $user
+
+ pidfile: "/unbound.pid"
+ #root-hints: "root.ca"
+ root-hints: "$subdir/root.cb"
+ root-hints: "subdir/root.cc"
+
+ logfile: "output.log"
+
+ trust-anchor-file: "$subdir/trustanchor.conf"
+ trust-anchor-file: "subdir/trustanchor.conf"
+ #trust-anchor-file: "trustanchor.conf"
+
+ #trusted-keys-file: "trustkeys.conf"
+ trusted-keys-file: "$subdir/trustkeys2.conf"
+ trusted-keys-file: "subdir/trustkeys3.conf"
+EOF
+
+$PRE/unbound-checkconf test.conf
+if test $? -ne 0; then
+ echo "Checkconf of config with chroot inside it failed"
+ exit 1
+fi
+echo "OK 6"
+
+### NEXT TEST
+
+cat > test.conf <<EOF
+server:
+ chroot: "."
+ directory: ""
+ username: $user
+
+ pidfile: "/nosubdir/unbound.pid"
+ #root-hints: "root.ca"
+ #root-hints: "$subdir/root.cb"
+ root-hints: "subdir/root.cc"
+
+ logfile: "output.log"
+
+ #trust-anchor-file: "$subdir/trustanchor.conf"
+ trust-anchor-file: "subdir/trustanchor.conf"
+ #trust-anchor-file: "trustanchor.conf"
+
+ #trusted-keys-file: "trustkeys.conf"
+ #trusted-keys-file: "$subdir/trustkeys2.conf"
+ trusted-keys-file: "subdir/trustkeys3.conf"
+EOF
+
+$PRE/unbound-checkconf test.conf
+if test $? -ne 1; then
+ echo "Checkconf of config with chroot inside it failed"
+ exit 1
+fi
+echo "OK 7"
+
+### NEXT TEST
+
+cat > test.conf <<EOF
+server:
+ chroot: $cwd
+ directory: ""
+ username: $user
+
+ pidfile: "/unbound.pid"
+ #root-hints: "root.ca"
+ root-hints: "$subdir/root.cb"
+ root-hints: "/subdir/root.cc"
+
+ logfile: "output.log"
+
+ trust-anchor-file: "$subdir/trustanchor.conf"
+ trust-anchor-file: "/subdir/trustanchor.conf"
+ #trust-anchor-file: "trustanchor.conf"
+
+ #trusted-keys-file: "trustkeys.conf"
+ trusted-keys-file: "$subdir/trustkeys2.conf"
+ trusted-keys-file: "/subdir/trustkeys3.conf"
+EOF
+
+$PRE/unbound-checkconf test.conf
+if test $? -ne 0; then
+ echo "Checkconf of config with chroot inside it failed"
+ exit 1
+fi
+echo "OK 8"
+
+
+exit 0
--- /dev/null
+BaseName: 08-host-lib
+Version: 1.0
+Description: Test async lookup using libunbound
+CreationDate: Fri May 16 13:21:58 CEST 2008
+Maintainer: dr. W.C.A. Wijngaards
+Category:
+Component:
+CmdDepends:
+Depends:
+Help:
+Pre: 08-host-lib.pre
+Post: 08-host-lib.post
+Test: 08-host-lib.test
+AuxFiles:
+Passed:
+Failure:
--- /dev/null
+# Host Database
+#
+# This file should contain the addresses and aliases for local hosts that
+# share this file. Replace 'my.domain' below with the domainname of your
+# machine.
+#
+::1 localhost localhost.my.domain
+127.0.0.1 localhost localhost.my.domain
+# Imaginary network.
+10.0.0.2 myname.my.domain myname
+10.0.0.3 myfriend.my.domain myfriend
+10.20.30.40 virtual.virtual.virtual.local
--- /dev/null
+# #-- 08-host-lib.post --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# source the test var file when it's there
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+#
+# do your teardown here
+
+. ../common.sh
+kill_pid $FWD_PID
--- /dev/null
+# #-- 08-host-lib.pre--#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+. ../common.sh
+get_random_port 2
+FWD_PORT=$(($RND_PORT + 1))
+echo "FWD_PORT=$FWD_PORT" >> .tpkg.var.test
+
+# start forwarder
+get_ldns_testns
+$LDNS_TESTNS -p $FWD_PORT 08-host-lib.testns >fwd.log 2>&1 &
+FWD_PID=$!
+echo "FWD_PID=$FWD_PID" >> .tpkg.var.test
+
+cat .tpkg.var.test
+wait_ldns_testns_up fwd.log
--- /dev/null
+# #-- 08-host-lib.test --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+PRE="../.."
+. ../common.sh
+
+if grep FORK $PRE/config.h | grep "define" >/dev/null 2>&1; then
+ # nothing
+ :
+else
+ echo "forking is not available; test skipped."
+ exit 0
+fi
+
+# test if fwder is up
+echo "> dig @127.0.0.1 -p $FWD_PORT www.example.com | tee outfile"
+dig @127.0.0.1 -p $FWD_PORT www.example.com | tee outfile
+if grep "10.20.30.40" outfile; then
+ echo "fwder is up"
+else
+ cat fwd.log
+ echo "fwder not up"
+ exit 1
+fi
+rm outfile
+
+# create asynclook
+get_make
+echo "> (cd $PRE ; $MAKE asynclook)"
+(cd $PRE ; $MAKE asynclook)
+if test ! -x $PRE/asynclook; then
+ echo "cannot build asynclook test program"
+ exit 1
+fi
+(cd $PRE ; $MAKE lock-verify)
+
+# check the locks.
+function locktest() {
+ if test -x $PRE/lock-verify -a -f ublocktrace.0; then
+ $PRE/lock-verify ublocktrace.*
+ if test $? -ne 0; then
+ echo "lock-verify error"
+ exit 1
+ fi
+ fi
+}
+
+# test hosts reading (directed at local auth info)
+echo '> $PRE/asynclook -H 08-host-lib.hosts virtual.virtual.virtual.local 2>&1 | tee outfile'
+$PRE/asynclook -H 08-host-lib.hosts virtual.virtual.virtual.local 2>&1 | tee outfile
+if grep "virtual.virtual.virtual.local: 10.20.30.40" outfile; then
+ echo "OK"
+else
+ echo "Not OK"
+ exit 1
+fi
+locktest
+rm outfile
+
+# test async lookups (directed at testns)
+echo '> $PRE/asynclook -f "127.0.0.1@"$FWD_PORT www.example.com 2>&1 | tee outfile'
+$PRE/asynclook -f "127.0.0.1@"$FWD_PORT www.example.com 2>&1 | tee outfile
+if grep "www.example.com: 10.20.30.40" outfile; then
+ echo "OK"
+else
+ cat fwd.log
+ echo "Not OK"
+ exit 1
+fi
+locktest
+rm outfile
+
+echo '> $PRE/asynclook -f "127.0.0.1@"$FWD_PORT www.example.com www2.example.com 2>&1 | tee outfile'
+$PRE/asynclook -f "127.0.0.1@"$FWD_PORT www.example.com www2.example.com 2>&1 | tee outfile
+if grep "www.example.com: 10.20.30.40" outfile; then
+ echo "OK"
+else
+ cat fwd.log
+ echo "Not OK"
+ exit 1
+fi
+if grep "www2.example.com: 10.20.30.42" outfile; then
+ echo "OK"
+else
+ cat fwd.log
+ echo "Not OK"
+ exit 1
+fi
+locktest
+rm outfile
+
+echo '> $PRE/asynclook -t -f "127.0.0.1@"$FWD_PORT www.example.com www2.example.com 2>&1 | tee outfile'
+$PRE/asynclook -t -f "127.0.0.1@"$FWD_PORT www.example.com www2.example.com 2>&1 | tee outfile
+if grep "www.example.com: 10.20.30.40" outfile; then
+ echo "OK"
+else
+ cat fwd.log
+ echo "Not OK"
+ exit 1
+fi
+if grep "www2.example.com: 10.20.30.42" outfile; then
+ echo "OK"
+else
+ cat fwd.log
+ echo "Not OK"
+ exit 1
+fi
+locktest
+rm outfile
+
+# test cancellation
+echo '> $PRE/asynclook -c -f "127.0.0.1@"$FWD_PORT www.example.com www2.example.com 2>&1 | tee outfile'
+$PRE/asynclook -c -f "127.0.0.1@"$FWD_PORT www.example.com www2.example.com 2>&1 | tee outfile
+if grep "www.example.com: cancelled" outfile; then
+ echo "OK"
+else
+ cat fwd.log
+ echo "Not OK"
+ exit 1
+fi
+if grep "www2.example.com: cancelled" outfile; then
+ echo "OK"
+else
+ cat fwd.log
+ echo "Not OK"
+ exit 1
+fi
+locktest
+rm outfile
+
+echo '> $PRE/asynclook -t -c -f "127.0.0.1@"$FWD_PORT www.example.com www2.example.com 2>&1 | tee outfile'
+$PRE/asynclook -t -c -f "127.0.0.1@"$FWD_PORT www.example.com www2.example.com 2>&1 | tee outfile
+if grep "www.example.com: cancelled" outfile; then
+ echo "OK"
+else
+ cat fwd.log
+ echo "Not OK"
+ exit 1
+fi
+if grep "www2.example.com: cancelled" outfile; then
+ echo "OK"
+else
+ cat fwd.log
+ echo "Not OK"
+ exit 1
+fi
+locktest
+rm outfile
+
+# test blocking mode
+echo '> $PRE/asynclook -b -f "127.0.0.1@"$FWD_PORT www.example.com www2.example.com 2>&1 | tee outfile'
+$PRE/asynclook -b -f "127.0.0.1@"$FWD_PORT www.example.com www2.example.com 2>&1 | tee outfile
+if grep "www.example.com: 10.20.30.40" outfile; then
+ echo "OK"
+else
+ cat fwd.log
+ echo "Not OK"
+ exit 1
+fi
+if grep "www2.example.com: 10.20.30.42" outfile; then
+ echo "OK"
+else
+ cat fwd.log
+ echo "Not OK"
+ exit 1
+fi
+locktest
+rm outfile
+
+echo '> $PRE/asynclook -t -b -f "127.0.0.1@"$FWD_PORT www.example.com www2.example.com 2>&1 | tee outfile'
+$PRE/asynclook -t -b -f "127.0.0.1@"$FWD_PORT www.example.com www2.example.com 2>&1 | tee outfile
+if grep "www.example.com: 10.20.30.40" outfile; then
+ echo "OK"
+else
+ cat fwd.log
+ echo "Not OK"
+ exit 1
+fi
+if grep "www2.example.com: 10.20.30.42" outfile; then
+ echo "OK"
+else
+ cat fwd.log
+ echo "Not OK"
+ exit 1
+fi
+locktest
+rm outfile
+
+echo "> cat logfiles"
+cat fwd.log
+exit 0
--- /dev/null
+; nameserver test file
+$ORIGIN example.com.
+$TTL 3600
+
+; for priming query
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id
+SECTION QUESTION
+@ IN NS
+SECTION ANSWER
+@ IN NS 127.0.0.1
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id
+SECTION QUESTION
+www IN A
+SECTION ANSWER
+www IN A 10.20.30.40
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id
+SECTION QUESTION
+www2 IN A
+SECTION ANSWER
+www2 IN A 10.20.30.42
+ENTRY_END
+
--- /dev/null
+server:
+ verbosity: 2
+ # num-threads: 1
+ interface: 127.0.0.1
+ port: @PORT@
+ use-syslog: no
+ directory: ""
+ pidfile: "unbound.pid"
+ chroot: ""
+ username: ""
+ do-not-query-localhost: no
+remote-control:
+ control-enable: yes
+ control-interface: 127.0.0.1
+ # control-interface: ::1
+ control-port: @CONTROL_PORT@
+ server-key-file: "unbound_server.key"
+ server-cert-file: "unbound_server.pem"
+ control-key-file: "unbound_control.key"
+ control-cert-file: "unbound_control.pem"
+forward-zone:
+ name: "."
+ forward-addr: "127.0.0.1@@TOPORT@"
+
--- /dev/null
+BaseName: 09-unbound-control
+Version: 1.0
+Description: 09 test unbound-control remote control tool
+CreationDate: Mon Sep 15 11:14:08 CEST 2008
+Maintainer: dr. W.C.A. Wijngaards
+Category:
+Component:
+CmdDepends:
+Depends:
+Help:
+Pre: 09-unbound-control.pre
+Post: 09-unbound-control.post
+Test: 09-unbound-control.test
+AuxFiles:
+Passed:
+Failure:
--- /dev/null
+# #-- 09-unbound-control.post --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# source the test var file when it's there
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+#
+# do your teardown here
+. ../common.sh
+kill_pid $FWD_PID
+# it was stopped with unbound-control (if the test succeeded)
+kill $UNBOUND_PID >/dev/null 2>&1
+kill $UNBOUND_PID >/dev/null 2>&1
+exit 0
--- /dev/null
+# #-- 09-unbound-control.pre--#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+. ../common.sh
+get_random_port 3
+UNBOUND_PORT=$RND_PORT
+FWD_PORT=$(($RND_PORT + 1))
+CONTROL_PORT=$(($RND_PORT + 2))
+echo "UNBOUND_PORT=$UNBOUND_PORT" >> .tpkg.var.test
+echo "FWD_PORT=$FWD_PORT" >> .tpkg.var.test
+echo "CONTROL_PORT=$CONTROL_PORT" >> .tpkg.var.test
+
+# start forwarder
+get_ldns_testns
+$LDNS_TESTNS -p $FWD_PORT 09-unbound-control.testns >fwd.log 2>&1 &
+FWD_PID=$!
+echo "FWD_PID=$FWD_PID" >> .tpkg.var.test
+
+# make config file
+sed -e 's/@PORT\@/'$UNBOUND_PORT'/' -e 's/@TOPORT\@/'$FWD_PORT'/' -e 's/@CONTROL_PORT\@/'$CONTROL_PORT'/' < 09-unbound-control.conf > ub.conf
+# start unbound in the background
+PRE="../.."
+$PRE/unbound -d -c ub.conf >unbound.log 2>&1 &
+UNBOUND_PID=$!
+echo "UNBOUND_PID=$UNBOUND_PID" >> .tpkg.var.test
+
+cat .tpkg.var.test
+wait_ldns_testns_up fwd.log
+wait_unbound_up unbound.log
+
--- /dev/null
+# #-- 09-unbound-control.test --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+PRE="../.."
+
+# exit value is 1 on usage
+$PRE/unbound-control -h
+if test $? -ne 1; then
+ echo "wrong exit value for usage."
+ exit 1
+else
+ echo "exit value for usage: OK"
+fi
+
+# use lock-verify if possible
+
+# test if the server is up.
+echo "> dig www.example.com."
+dig @127.0.0.1 -p $UNBOUND_PORT www.example.com. | tee outfile
+echo "> check answer"
+if grep "10.20.30.40" outfile; then
+ echo "OK"
+else
+ echo "> cat logfiles"
+ cat fwd.log
+ cat unbound.log
+ echo "Not OK"
+ exit 1
+fi
+
+# exit value is 1 when a bad command is given.
+echo "$PRE/unbound-control -c ub.conf blablargh"
+$PRE/unbound-control -c ub.conf blablargh
+if test $? -ne 1; then
+ echo "wrong exit value on error."
+ echo "> cat logfiles"
+ cat fwd.log
+ cat unbound.lo
+ exit 1
+else
+ echo "correct exit value on error"
+fi
+
+# reload the server. test if the server came up by putting a new
+# local-data element in the server.
+echo "server: local-data: 'afterreload. IN A 5.6.7.8'" >> ub.conf
+echo "$PRE/unbound-control -c ub.conf reload"
+$PRE/unbound-control -c ub.conf reload
+if test $? -ne 0; then
+ echo "wrong exit value after success"
+ exit 1
+fi
+
+echo "> dig afterreload."
+dig @127.0.0.1 -p $UNBOUND_PORT afterreload. | tee outfile
+echo "> check answer"
+if grep "5.6.7.8" outfile; then
+ echo "OK"
+else
+ echo "> cat logfiles"
+ cat fwd.log
+ cat unbound.log
+ echo "Not OK"
+ exit 1
+fi
+
+# must have had queries now. 1 since reload.
+echo "$PRE/unbound-control -c ub.conf stats"
+$PRE/unbound-control -c ub.conf stats > tmp.$$
+if test $? -ne 0; then
+ echo "wrong exit value after success"
+ exit 1
+fi
+if grep "^total.num.queries=[1-9][0-9]*$" tmp.$$; then
+ echo "OK"
+else
+ echo "bad stats"
+ cat tmp.$$
+ exit 1
+fi
+
+# verbosity
+echo "$PRE/unbound-control -c ub.conf verbosity 2"
+$PRE/unbound-control -c ub.conf verbosity 2
+if test $? -ne 0; then
+ echo "wrong exit value after success"
+ exit 1
+fi
+
+# check syntax error in parse
+echo "$PRE/unbound-control -c ub.conf verbosity jkdf"
+$PRE/unbound-control -c ub.conf verbosity jkdf
+if test $? -ne 1; then
+ echo "wrong exit value after failure"
+ exit 1
+fi
+
+# check bad credentials
+cp ub.conf bad.conf
+echo "remote-control:" >> bad.conf
+echo " server-key-file: bad_server.key" >> bad.conf
+echo " server-cert-file: bad_server.pem" >> bad.conf
+echo " control-key-file: bad_control.key" >> bad.conf
+echo " control-cert-file: bad_control.pem" >> bad.conf
+echo "$PRE/unbound-control -c bad.conf verbosity 2"
+$PRE/unbound-control -c bad.conf verbosity 2
+if test $? -ne 1; then
+ echo "wrong exit value after failure"
+ exit 1
+fi
+
+# check spoofedclient credentials
+rm -f bad.conf
+cp ub.conf bad.conf
+echo "remote-control:" >> bad.conf
+echo " server-key-file: unbound_server.key" >> bad.conf
+echo " server-cert-file: unbound_server.pem" >> bad.conf
+echo " control-key-file: bad_control.key" >> bad.conf
+echo " control-cert-file: bad_control.pem" >> bad.conf
+echo "$PRE/unbound-control -c bad.conf verbosity 2"
+$PRE/unbound-control -c bad.conf verbosity 2
+if test $? -ne 1; then
+ echo "wrong exit value after failure"
+ exit 1
+fi
+
+# create a new local zone
+echo "> test of local zone"
+echo "$PRE/unbound-control -c ub.conf local_zone example.net static"
+$PRE/unbound-control -c ub.conf local_zone example.net static
+if test $? -ne 0; then
+ echo "wrong exit value after success"
+ exit 1
+fi
+echo "$PRE/unbound-control -c ub.conf local_data www.example.net A 192.0.2.1"
+$PRE/unbound-control -c ub.conf local_data www.example.net A 192.0.2.1
+if test $? -ne 0; then
+ echo "wrong exit value after success"
+ exit 1
+fi
+
+# check that www.example.net exists
+echo "> dig www.example.net."
+dig @127.0.0.1 -p $UNBOUND_PORT www.example.net. | tee outfile
+echo "> check answer"
+if grep "192.0.2.1" outfile; then
+ echo "OK"
+else
+ echo "> cat logfiles"
+ cat fwd.log
+ cat unbound.log
+ echo "Not OK"
+ exit 1
+fi
+
+# check that mail.example.net has nxdomain
+echo "> dig mail.example.net."
+dig @127.0.0.1 -p $UNBOUND_PORT mail.example.net. | tee outfile
+echo "> check answer"
+if grep "NXDOMAIN" outfile; then
+ echo "OK"
+else
+ echo "> cat logfiles"
+ cat fwd.log
+ cat unbound.log
+ echo "Not OK"
+ exit 1
+fi
+
+# remove www.example.net - check it gets nxdomain
+echo "$PRE/unbound-control -c ub.conf local_data_remove www.example.net"
+$PRE/unbound-control -c ub.conf local_data_remove www.example.net
+if test $? -ne 0; then
+ echo "wrong exit value after success"
+ exit 1
+fi
+echo "> dig www.example.net."
+dig @127.0.0.1 -p $UNBOUND_PORT www.example.net. | tee outfile
+echo "> check answer"
+if grep "NXDOMAIN" outfile; then
+ echo "OK"
+else
+ echo "> cat logfiles"
+ cat fwd.log
+ cat unbound.log
+ echo "Not OK"
+ exit 1
+fi
+
+# remove nonexistent name - check bug#287(segfault) does not happen.
+echo "$PRE/unbound-control -c ub.conf local_data_remove test.example.net"
+$PRE/unbound-control -c ub.conf local_data_remove test.example.net
+# if crash then then we get: error: could not SSL_read from unbound-control
+if test $? -ne 0; then
+ echo "wrong exit value after success"
+ cat unbound.log
+ echo "Not OK"
+ exit 1
+fi
+
+# remove example.net - check its gone.
+echo "$PRE/unbound-control -c ub.conf local_zone_remove example.net"
+$PRE/unbound-control -c ub.conf local_zone_remove example.net
+if test $? -ne 0; then
+ echo "wrong exit value after success"
+ exit 1
+fi
+echo "> dig www.example.net."
+dig @127.0.0.1 -p $UNBOUND_PORT www.example.net. | tee outfile
+echo "> check answer"
+if grep "SERVFAIL" outfile; then
+ echo "OK"
+else
+ echo "> cat logfiles"
+ cat fwd.log
+ cat unbound.log
+ echo "Not OK"
+ exit 1
+fi
+
+# dump the cache
+echo "> test cache dump"
+# fillup cache
+echo "dig www.example.com"
+dig @127.0.0.1 -p $UNBOUND_PORT www.example.com.
+echo "$PRE/unbound-control -c ub.conf dump_cache"
+$PRE/unbound-control -c ub.conf dump_cache > tmp.$$
+if test $? -ne 0; then
+ echo "wrong exit value after success"
+ exit 1
+fi
+cat tmp.$$
+if grep 10.20.30.40 tmp.$$; then
+ echo "OK example.com is in cache dump"
+else
+ echo "Not OK cache dump"
+ exit 1
+fi
+
+# test lookup
+echo "$PRE/unbound-control -c ub.conf lookup www.example.com"
+$PRE/unbound-control -c ub.conf lookup www.example.com
+if test $? -ne 0; then
+ echo "wrong exit value after success"
+ exit 1
+fi
+# answer to lookup is meaningless because of use a forwarder, oh well.
+
+# load the cache dump.
+echo "$PRE/unbound-control -c ub.conf load_cache < tmp.$$"
+$PRE/unbound-control -c ub.conf load_cache < tmp.$$
+if test $? -ne 0; then
+ echo "wrong exit value after success"
+ exit 1
+fi
+echo "> dig www.example.com."
+dig @127.0.0.1 -p $UNBOUND_PORT www.example.com. | tee outfile
+echo "> check answer"
+if grep "10.20.30.40" outfile; then
+ echo "OK"
+else
+ echo "> cat logfiles"
+ cat fwd.log
+ cat unbound.log
+ echo "Not OK"
+ exit 1
+fi
+
+# load local-zones from file
+echo "$PRE/unbound-control -c ub.conf local_zones < local_zones"
+$PRE/unbound-control -c ub.conf local_zones < local_zones
+if test $? -ne 0; then
+ echo "wrong exit value after success"
+ exit 1
+fi
+echo "> dig localzonefromfile."
+dig @127.0.0.1 -p $UNBOUND_PORT localzonefromfile | tee outfile
+echo "> check answer"
+if grep "REFUSED" outfile; then
+ echo "OK"
+else
+ echo "Not OK"
+ exit 1
+fi
+
+# load local-data from file
+echo "$PRE/unbound-control -c ub.conf local_datas < local_data"
+$PRE/unbound-control -c ub.conf local_datas < local_data
+if test $? -ne 0; then
+ echo "wrong exit value after success"
+ exit 1
+fi
+echo "> dig localdatafromfile."
+dig @127.0.0.1 -p $UNBOUND_PORT -t txt localdatafromfile | tee outfile
+echo "> check answer"
+if grep "local data from file OK" outfile; then
+ echo "OK"
+else
+ echo "Not OK"
+ exit 1
+fi
+
+# remove local-zone and local-data from file
+echo "$PRE/unbound-control -c ub.conf local_zones_remove < local_zones_remove"
+$PRE/unbound-control -c ub.conf local_zones_remove < local_zones_remove
+if test $? -ne 0; then
+ echo "wrong exit value after success"
+ exit 1
+fi
+echo "$PRE/unbound-control -c ub.conf local_datas_remove < local_data_remove"
+$PRE/unbound-control -c ub.conf local_datas_remove < local_data_remove
+if test $? -ne 0; then
+ echo "wrong exit value after success"
+ exit 1
+fi
+echo "> check zone and data removal list_local_zones"
+$PRE/unbound-control -c ub.conf list_local_zones | tee outfile
+if grep "localzonefromfile" outfile; then
+ echo "Not OK"
+ exit 1
+fi
+if grep "local data from file OK" outfile; then
+ echo "Not OK"
+ exit 1
+fi
+if grep "otherlocalzone" outfile; then
+ echo "OK"
+else
+ echo "Not OK"
+ exit 1
+fi
+
+# flushing
+echo "$PRE/unbound-control -c ub.conf flush www.example.net"
+$PRE/unbound-control -c ub.conf flush www.example.net
+if test $? -ne 0; then
+ echo "wrong exit value after success"
+ exit 1
+fi
+
+echo "$PRE/unbound-control -c ub.conf flush_type www.example.net TXT"
+$PRE/unbound-control -c ub.conf flush_type www.example.net TXT
+if test $? -ne 0; then
+ echo "wrong exit value after success"
+ exit 1
+fi
+
+echo "$PRE/unbound-control -c ub.conf flush_zone example.net"
+$PRE/unbound-control -c ub.conf flush_zone example.net
+if test $? -ne 0; then
+ echo "wrong exit value after success"
+ exit 1
+fi
+
+# now stop the server
+echo "$PRE/unbound-control -c ub.conf stop"
+$PRE/unbound-control -c ub.conf stop
+if test $? -ne 0; then
+ echo "wrong exit value after success"
+ exit 1
+fi
+# see if the server has really exited.
+TRY_MAX=20
+for (( try=0 ; try <= $TRY_MAX ; try++ )) ; do
+ if kill -0 $UNBOUND_PID 2>&1 | tee tmp.$$; then
+ echo "not stopped yet, waiting"
+ sleep 1
+ else
+ echo "stopped OK; break"
+ break;
+ fi
+ if grep "No such process" tmp.$$; then
+ echo "stopped OK; break"
+ break;
+ fi
+done
+if kill -0 $UNBOUND_PID; then
+ echo "still up!"
+ echo "> cat logfiles"
+ cat fwd.log
+ cat unbound.log
+ echo "not stopped, failure"
+ exit 1
+else
+ echo "stopped OK"
+
+ if test -f ublocktrace.0; then
+ if $PRE/lock-verify ublocktrace.*; then
+ echo "lock-verify test worked."
+ else
+ echo "lock-verify test failed."
+ cat fwd.log
+ cat unbound.log
+ exit 1
+ fi
+ fi
+fi
+
+echo "> cat logfiles"
+cat fwd.log
+cat unbound.log
+echo "> OK"
+exit 0
--- /dev/null
+; nameserver test file
+$ORIGIN example.com.
+$TTL 3600
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id
+SECTION QUESTION
+www IN A
+SECTION ANSWER
+www IN A 10.20.30.40
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA SERVFAIL
+ADJUST copy_id
+SECTION QUESTION
+www.example.net. IN A
+ENTRY_END
+
--- /dev/null
+-----BEGIN RSA PRIVATE KEY-----
+MIICXAIBAAKBgQDti51Z6qASvAjPFFhLLlq8BwtsnmfqMPMn57dKAghb4OifeL4G
+SLOE02/hKDkdkOvaUG2UqDNh2OoPTuJk4A+mG2LJoziFhHKlIebo9v2YiFWOBVtO
+DWc3tXPT1IlSEN0xnAGelMmeLcPeCPe+A5IDlIHzF/+YiDgS38S9dL17owIDAQAB
+AoGAG3w/DatfMCu/nS5OdQx9BSqPgNbnUSqux9xA0fhgPTlN0T3oRtPcqa7JUDUW
+PryI/a62ry+zGkw98N2AxolCZg3N7Z3vuRx2FMcKKNwpTzDmcZW7TmMk5FPof6gE
+PnYl/ff0w+kxqA+L2EexH3Xi6ApLSZcjyzKWj+dL2AuT9gkCQQD3dPitwITxgCAD
+IaHw23e3FRkM/hw1Gp8bt6nbuxitVxxpO96q1EQ+fCy/mf0bMEJDp3xzMEIfP3r4
+GmNbaxa1AkEA9b8LeBLbQ2cm2+UMeUgygBsRirdUQ786auqH38Jbvi/j6S9sDl2x
+q1vRtikEBZJWfkhsOzrzwFDKe1bI/EEn9wJAAzOwRA9JqRZPU7sLrWIpmmTbfh+L
+neRKSsGFoSI6n4ORCouLxgoZF/XjXldPvxpQwS9ZnOPy9xSLMsqknno0QQJAeDtA
+IT8Yh6GwIWWu9KeeDY8wxe1sDLlCm4yjbZZpzGMh3rSU6XJtuqjxsW3fydoO9zn3
+ugLdvvnIFxAexUwbgQJBANyM13xcObfUJOj9rjlGCh0CDh/04ONl8SH8HBnM8guA
+RJI5S6vBHweVRopEZcF1sQm6wMf3ej/sGkyyNvJxRkY=
+-----END RSA PRIVATE KEY-----
--- /dev/null
+-----BEGIN CERTIFICATE-----
+MIIBozCCAQwCCQDd5/rocjG5vDANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwd1
+bmJvdW5kMB4XDTA4MDkyNjEyMjQ0NFoXDTI4MDYxMzEyMjQ0NFowGjEYMBYGA1UE
+AxMPdW5ib3VuZC1jb250cm9sMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDt
+i51Z6qASvAjPFFhLLlq8BwtsnmfqMPMn57dKAghb4OifeL4GSLOE02/hKDkdkOva
+UG2UqDNh2OoPTuJk4A+mG2LJoziFhHKlIebo9v2YiFWOBVtODWc3tXPT1IlSEN0x
+nAGelMmeLcPeCPe+A5IDlIHzF/+YiDgS38S9dL17owIDAQABMA0GCSqGSIb3DQEB
+BQUAA4GBAHpvcKqY48X9WsqogV16L+zT7iXhZ4tySA9EBk1a+0gud/iDPKSBi7mK
+4rzphVfb4S207dVmTG+1WNpa6l3pTGML6XLElxqIu/kr7w4cF0rKvZxWPsBRqYjH
+5HrK8CrQ0+YvUHXiu7IaACLGvKXY4Tqa3HQyvEtzLWJ4HhOrGx8F
+-----END CERTIFICATE-----
--- /dev/null
+-----BEGIN RSA PRIVATE KEY-----
+MIICWwIBAAKBgQC9hurNHBtB7QFEuPJOnCylUWUF2/US3v9yQQQXnstuXMQXRaq1
+1uviLmwaGurV9tngX59HITsBT74NQrtFKfEDLViLrm2arAM9Ozsn4tnv30HXPRDj
+UOc1M05Q7UzjaSrOv+TkPEqyhtUyaP1DYo0bcmbxtSkYc2ZEWCwhPklUwQIDAQAB
+AoGATjzZxN4ramWaNnJapJTX4U7eczK/0pB3xwSL2exVcjOdRzYdKH+WVIJxYb1m
+3/jNLFCNAeH356yxeevoPr73nG75YJ9I1ZWQWTnS3SDK6JD1+3pmAD0bQWFoitpf
+FoSH9H4X5gFB5vCZ99YVoYH1UXWPcgvUHwxz0voImt6lCKECQQD4YQ4A3M0+Ki8v
+Hl+5FKULnS0UtBkweCvkF/X1zZRjjYr6hLnqldFkkgTBKWe17pUXX0nwRMbP1YZX
+i+vDq5JNAkEAw1eYsmC0nVAMawo57N6LYavGv/n5u1cvpTpKDtn4cXH0Uqq13Kyu
+2FUTzan2NhCEK78UzbWaeewBJmxYda1+RQJAdShKk6uTAEyjnwUjv8h2JWlJN2fQ
+LeWxRlDrCruiz+aW9J4gl/99GoQpy/c83TshhjnDRZsbcDNWv/rXBZ/rTQJAFQva
+CtX6f7yBKgM3DHtJvyM3zbVMH9Ab9QxbsE/xwZ9KeKGl6Hm+eNZpxM3cFiUfaGs0
+/ZjkZOB1m0MvILaplQJAXC3PJ/E+87banGZRJl5qtS6/HoX5lH9TPkL8Essy7ANO
+2BT2OTQawD1A+VKIrQHXs085Of8tQUfrfHHt7s3Kqg==
+-----END RSA PRIVATE KEY-----
--- /dev/null
+-----BEGIN CERTIFICATE-----
+MIIBmzCCAQQCCQCDugnhq8B6LzANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwd1
+bmJvdW5kMB4XDTA4MDkyNjEyMjQ0M1oXDTI4MDYxMzEyMjQ0M1owEjEQMA4GA1UE
+AxMHdW5ib3VuZDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAvYbqzRwbQe0B
+RLjyTpwspVFlBdv1Et7/ckEEF57LblzEF0Wqtdbr4i5sGhrq1fbZ4F+fRyE7AU++
+DUK7RSnxAy1Yi65tmqwDPTs7J+LZ799B1z0Q41DnNTNOUO1M42kqzr/k5DxKsobV
+Mmj9Q2KNG3Jm8bUpGHNmRFgsIT5JVMECAwEAATANBgkqhkiG9w0BAQUFAAOBgQCy
+zGMW35/9xXoEWsuLFWUOaEKVq5DXuXtXbcMpDW6k2ELoraa305vh7Zwhj5JSqfcm
+O0xyqIzXvz/cYdyOTgEkdMDZ/EvQsxKTwvj6eA4614yB1r3Ju5eZd4Gpo6BHhSpu
+oqsrr0duJ+JOANTyaBplIxM1sjHbR4FGtmrFknBYBQ==
+-----END CERTIFICATE-----
--- /dev/null
+localdatafromfile 3600 TXT "local data from file OK"
--- /dev/null
+localdatafromfile
--- /dev/null
+localzonefromfile refuse
+otherlocalzone static
--- /dev/null
+localzonefromfile
--- /dev/null
+-----BEGIN RSA PRIVATE KEY-----
+MIICXAIBAAKBgQDD6DogNCsSeEa1u99+6PUVbGzjMzzei9MIK6s94+zcpp7OAOBa
+rzPA0vlyuNtUsEN3qwPomQQQmIgbT7OXkzC1wqioxwa609xoL8oW/I7e336rEyvH
+ST6JwUdIg0Lzg/USJ81eTwMnzYSd4Bpsqr9eP33ubaR7Gh/6o76loLOlcQIDAQAB
+AoGAFT3e35MIgI4uDJJ8X0RfHp2NCO2LUg4TKbWical/C0W9vlR1/x80G1pE1d2Z
+WotqJVWTrOq6eBox19RCgtLg2wPGk9uD62+9SDT37heWFlUCElWq50pQG6k9ThiG
+DDypkZyZ/52+DdWybiaQJkuK6O5qQXuNAtVJMpghu4GnHAECQQDsupnZUQDpapzr
+4FC4MSkL2+A1PRt6g4VhwoqOpJXaHfVnH6F7AwUuOLNwGdR5Cvv70pfJ7Jqg8L2m
+Kxyl5bORAkEA09rn34YQ0pHJdHidbl2kInIuYTz09+TO3LWwan17nISH9aaYvVDr
+p9x1B4Qzw9qyxT9oll7ze/5Rw/7C3AQj4QJAT2B2a+b8bkgAXBs4FbruL3rHoDJg
+P2FQXSpVOWU4lg2LlsuFYvDtUMVUbZdLplanjZXcral3Y9W1Ub2M+ped8QJAYQN+
+aRpge7ys7vwIw7B36Bo3aOncF+ScYe+FkM5Tm7II/JHEofT7ZQwMP1vnxIlSkgbe
+YvWqNB6a3NC99LikoQJBAM4UhDdRg63Tr6Idky6CQaH///zAN7nArJfffKGWFdw9
+DKrWpNqvYZtX/cfEJucKcRCm5YL8CKFYbQy4VoCxUcE=
+-----END RSA PRIVATE KEY-----
--- /dev/null
+-----BEGIN CERTIFICATE-----
+MIIBozCCAQwCCQD6XaN6FzW/4DANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwd1
+bmJvdW5kMB4XDTA4MDkxMTA5MDk0MFoXDTI4MDUyOTA5MDk0MFowGjEYMBYGA1UE
+AxMPdW5ib3VuZC1jb250cm9sMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDD
+6DogNCsSeEa1u99+6PUVbGzjMzzei9MIK6s94+zcpp7OAOBarzPA0vlyuNtUsEN3
+qwPomQQQmIgbT7OXkzC1wqioxwa609xoL8oW/I7e336rEyvHST6JwUdIg0Lzg/US
+J81eTwMnzYSd4Bpsqr9eP33ubaR7Gh/6o76loLOlcQIDAQABMA0GCSqGSIb3DQEB
+BQUAA4GBAGFAXmaQHuFgAuc6HVhYZJdToxLBhfxGpot4oZNjcb1Cdoz3OL34MU1B
+9E5psj2PpGPIi8/RwoqBtAJHJ+J5cWngo03o4ZmdwKNSzaxlp141z/3rUtFqEHEC
+iO6gPCT3U7dt6MyC7r6vdMqyW6aldP3CtwD0gQziKAMoj+TAfAcq
+-----END CERTIFICATE-----
--- /dev/null
+-----BEGIN RSA PRIVATE KEY-----
+MIICWwIBAAKBgQC3F7Jsv2u01pLL9rFnjsMU/IaCFUIz/624DcaE84Z4gjMl5kWA
+3axQcqul1wlwSrbKwrony+d9hH/+MX0tZwvl8w3OmhmOAiaQ+SHCsIuOjVwQjX0s
+RLB61Pz5+PAiVvnPa9JIYB5QrK6DVEsxIHj8MOc5JKORrnESsFDh6yeMeQIDAQAB
+AoGAAuWoGBprTOA8UGfl5LqYkaNxSWumsYXxLMFjC8WCsjN1NbtQDDr1uAwodSZS
+6ujzvX+ZTHnofs7y64XC8k34HTOCD2zlW7kijWbT8YjRYFU6o9F5zUGD9RCan0ds
+sVscT2psLSzfdsmFAcbmnGdxYkXk2PC1FHtaqExxehralGUCQQDcqrg9uQKXlhQi
+XAaPr8SiWvtRm2a9IMMZkRfUWZclPHq6fCWNuUaCD+cTat4wAuqeknAz33VEosw3
+fXGsok//AkEA1GjIHXrOcSlpfVJb6NeOBugjRtZ7ZDT5gbtnMS9ob0qntKV6saaL
+CNmJwuD9Q3XkU5j1+uHvYGP2NzcJd2CjhwJACV0hNlVMe9w9fHvFN4Gw6WbM9ViP
+0oS6YrJafYNTu5vGZXVxLoNnL4u3NYa6aPUmuZXjNwBLfJ8f5VboZPf6RwJAINd2
+oYA8bSi/A755MX4qmozH74r4Fx1Nuq5UHTm8RwDe/0Javx8F/j9MWpJY9lZDEF3l
+In5OebPa/NyInSmW/wJAZuP9aRn0nDBkHYri++1A7NykMiJ/nH0mDECbnk+wxx0S
+LwqIetBhxb8eQwMg45+iAH7CHAMQ8BQuF/nFE6eotg==
+-----END RSA PRIVATE KEY-----
--- /dev/null
+-----BEGIN CERTIFICATE-----
+MIIBmzCCAQQCCQDsNJ1UmphEFzANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwd1
+bmJvdW5kMB4XDTA4MDkxMTA5MDk0MFoXDTI4MDUyOTA5MDk0MFowEjEQMA4GA1UE
+AxMHdW5ib3VuZDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAtxeybL9rtNaS
+y/axZ47DFPyGghVCM/+tuA3GhPOGeIIzJeZFgN2sUHKrpdcJcEq2ysK6J8vnfYR/
+/jF9LWcL5fMNzpoZjgImkPkhwrCLjo1cEI19LESwetT8+fjwIlb5z2vSSGAeUKyu
+g1RLMSB4/DDnOSSjka5xErBQ4esnjHkCAwEAATANBgkqhkiG9w0BAQUFAAOBgQAZ
+9N0lnLENs4JMvPS+mn8C5m9bkkFITd32IiLjf0zgYpIUbFXH6XaEr9GNZBUG8feG
+l/6WRXnbnVSblI5odQ4XxGZ9inYY6qtW30uv76HvoKp+QZ1c3460ddR8NauhcCHH
+Z7S+QbLXi+r2JAhpPozZCjBHlRD0ixzA1mKQTJhJZg==
+-----END CERTIFICATE-----
--- /dev/null
+# test config to direct traffic to testns.
+server:
+ do-not-query-localhost: no
+ fake-sha1: yes
+forward-zone:
+ name: "."
+ forward-addr: "127.0.0.1@@TOPORT@"
+
--- /dev/null
+BaseName: 10-unbound-anchor
+Version: 1.0
+Description: Test unbound-anchor for 5011 and cert update.
+CreationDate: Thu Sep 30 15:35:09 CEST 2010
+Maintainer: dr. W.C.A. Wijngaards
+Category:
+Component:
+CmdDepends:
+Depends:
+Help:
+Pre: 10-unbound-anchor.pre
+Post: 10-unbound-anchor.post
+Test: 10-unbound-anchor.test
+AuxFiles:
+Passed:
+Failure:
--- /dev/null
+# #-- 10-unbound-anchor.post --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# source the test var file when it's there
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+#
+# do your teardown here
+. ../common.sh
+kill_pid $FWD_PID
+kill_pid $PETAL_PID
--- /dev/null
+# #-- 10-unbound-anchor.pre--#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+. ../common.sh
+PRE="../.."
+get_random_port 2
+PETAL_PORT=$RND_PORT
+FWD_PORT=$(($RND_PORT + 1))
+echo "PETAL_PORT=$PETAL_PORT" >> .tpkg.var.test
+echo "FWD_PORT=$FWD_PORT" >> .tpkg.var.test
+
+get_make
+(cd $PRE; $MAKE petal)
+
+# start forwarder
+get_ldns_testns
+$LDNS_TESTNS -p $FWD_PORT 10-unbound-anchor.testns >fwd.log 2>&1 &
+FWD_PID=$!
+echo "FWD_PID=$FWD_PID" >> .tpkg.var.test
+
+# start https daemon
+$PRE/petal -v -a "127.0.0.1" -p $PETAL_PORT >petal.log 2>&1 &
+PETAL_PID=$!
+echo "PETAL_PID=$PETAL_PID" >> .tpkg.var.test
+cat .tpkg.var.test
+sed -e "s/@TOPORT@/$FWD_PORT/" < 10-unbound-anchor.conf > ub.conf
+
+wait_ldns_testns_up fwd.log
+wait_petal_up petal.log
+
--- /dev/null
+# #-- 10-unbound-anchor.test --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+PRE="../.."
+OPTS="-u 127.0.0.1 -P $PETAL_PORT -C ub.conf -v -a root.key -c root.pem -n petal"
+DS=`cat K.+005+37348.ds`
+
+# check that the root.key file works.
+function check_works() {
+ if $PRE/unbound-host -C ub.conf -f root.key -t DNSKEY -v . | grep "(secure)" >/dev/null; then
+ echo OK
+ else
+ echo "not OK"
+ cat fwd.log
+ cat petal.log
+ exit 1
+ fi
+}
+
+# check that the root.key file works, but insecurely.
+function check_insecure() {
+ if $PRE/unbound-host -C ub.conf -f root.key -t DNSKEY -v . | grep "(insecure)" >/dev/null; then
+ echo OK
+ else
+ echo "not OK"
+ cat fwd.log
+ cat petal.log
+ exit 1
+ fi
+}
+
+# test with good start key, and must do 5011 (no URL possible)
+echo "*** TEST 1 ***"
+echo $DS > root.key
+$PRE/unbound-anchor -x "notexist.xml" -s "notexist.p7s" $OPTS
+if test $? != 0; then
+ echo "Exitcode not OK"
+ exit 1
+fi
+check_works
+# save for test 5
+cp root.key root.key.probed
+
+# force update with the cert.
+echo "*** TEST 2 ***"
+cp test_cert.pem root.pem
+$PRE/unbound-anchor -F -x "root.xml" -s "root.p7s" $OPTS
+if test $? != 1; then
+ echo "Exitcode not OK"
+ exit 1
+fi
+check_works
+
+# 5011 fails
+echo "*** TEST 3 ***"
+echo ". IN DS 37000 5 1 b00000000000000000000100f0000000000000b2" > root.key
+$PRE/unbound-anchor -x "root.xml" -s "root.p7s" $OPTS
+if test $? != 1; then
+ echo "Exitcode not OK"
+ exit 1
+fi
+check_works
+
+# cert fails (bad p7s).
+echo "*** TEST 4 ***"
+echo ". IN DS 44444 5 1 b00000000000000000000100f0000000000000b2" > root.key
+$PRE/unbound-anchor -F -x "bad.xml" -s "bad.p7s" $OPTS
+if test $? != 0; then
+ echo "Exitcode not OK"
+ exit 1
+fi
+if grep "DS 44444" root.key >/dev/null ; then
+ echo OK
+else
+ echo "keyfile changed"
+ exit 1
+fi
+
+# cert fails (bad name).
+echo "*** TEST 4b ***"
+echo ". IN DS 44444 5 1 b00000000000000000000100f0000000000000b2" > root.key
+$PRE/unbound-anchor -F -x "bad.xml" -s "bad.p7s" $OPTS -n "not-it"
+if test $? != 0; then
+ echo "Exitcode not OK"
+ exit 1
+fi
+if grep "DS 44444" root.key >/dev/null ; then
+ echo OK
+else
+ echo "keyfile changed"
+ exit 1
+fi
+
+# 5011 fails, and probe-time too recent.
+echo "*** TEST 5 ***"
+# break the probed key.
+sed -e 's/bp0KIK3J3/b00KIK0J0/' < root.key.probed > root.key
+$PRE/unbound-anchor -x "notexist.xml" -s "notexist.p7s" $OPTS
+if test $? != 0; then
+ echo "Exitcode not OK"
+ exit 1
+fi
+if grep "b00KIK0J0" root.key >/dev/null ; then
+ echo OK
+else
+ echo "keyfile changed"
+ exit 1
+fi
+
+# 5011 fails, and probe time is very, very old.
+echo "*** TEST 6 ***"
+mv root.key bla.key
+# last probe was Sun Sep 9 03:46:40 2001
+sed -e 's/;;last_success: .*$/;;last_success: 1000000000/' < bla.key > root.key
+rm bla.key
+$PRE/unbound-anchor -x "root.xml" -s "root.p7s" $OPTS
+if test $? != 1; then
+ echo "Exitcode not OK"
+ exit 1
+fi
+check_works
+
+# 5011 update probe is only needed.
+echo "*** TEST 7 ***"
+$PRE/unbound-anchor -x "notexist.xml" -s "notexist.p7s" $OPTS
+if test $? != 0; then
+ echo "Exitcode not OK"
+ exit 1
+fi
+check_works
+
+# root goes to insecure (0 anchors).
+echo "*** TEST 8 ***"
+$PRE/unbound-anchor -F -x "no_more_keys.xml" -s "no_more_keys.p7s" $OPTS
+if test $? != 1; then
+ echo "Exitcode not OK"
+ exit 1
+fi
+if grep ";;REVOKED" root.key >/dev/null; then echo "REVOKED"; else
+ echo "not revoked"; exit 1; fi
+check_insecure
+
+# insecure input file
+echo "*** TEST 9 ***"
+$PRE/unbound-anchor -x "notexist.xml" -s "notexist.p7s" $OPTS
+if test $? != 0; then
+ echo "Exitcode not OK"
+ exit 1
+fi
+if grep ";;REVOKED" root.key >/dev/null; then echo "REVOKED"; else
+ echo "not revoked"; exit 1; fi
+check_insecure
+
+
+echo "logs"
+cat fwd.log
+cat petal.log
+
+exit 0
--- /dev/null
+; nameserver test file
+$ORIGIN .
+$TTL 3600
+
+; for easy test: valid until 2030.
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id
+SECTION QUESTION
+. IN DNSKEY
+SECTION ANSWER
+. 3600 IN DNSKEY 257 3 5 AwEAAcjV/I6yYY0LGBEqBFZS0K6zcbCVAfarbOoCKBUEfsR/nVdy3pwMydXopUVhg4Z07tTu8w2gYTPALPv5E6EJFJebA34R0OcvTPRDr3671zVwZO9HyQK+RuT/0d7G/pdCeJX2gHHiVrG796nf078O/agtojZ8+HJ1V3oLnDZYBSDWv2oL2LB2Mpj+610W7RrmEmQQm2KaMP6aX3YMbAyBIrDjVzJTir4/WwJEHRHq59Xw91egJkS2bp0KIK3J3tQFqw== ;{id = 37348 (ksk), size = 1536b}
+. 3600 IN RRSIG DNSKEY 5 0 3600 20300930162500 20100530162500 37348 . tjIVLqaVr2o1pLYxNbozR8OxPnGnCJN/rROZoIVzjEgvofyHx24hGMXak6lIlLHZ9GSmOxUM/71MeunhSdMqfjsoktc7MkpB8eR6ATePjdaPTdRH519wHH7qEkHj5WJNKvJOvG7Q9xs6O3KANErr+iotHjOJYpgbmZFoENJvLzqj4FVJ0bIglgD+SZGJGv9/qA+eWAK7WuWSe+ulMU/WH/SnxB/NKDjSAa//TyjzLhlIRR5UTjLIUymWxG4D3TbJ ;{id = 37348}
+
+ENTRY_END
+
--- /dev/null
+<?xml version="1.0" encoding="UTF-8"?>
+<TrustAnchor id="AD42165F-3B1A-4778-8F42-D34A1D41FD93" source="http://data.iana.org/root-anchors/root-anchors.xml">
+<Zone>.</Zone>
+<KeyDigest id="Kjqmt7v" validFrom="2010-07-15T00:00:00+00:00">
+<KeyTag>37348</KeyTag>
+<Algorithm>5</Algorithm>
+<DigestType>1</DigestType>
+<Digest>b56a31943f14faa31224d147f8b1107b78590000</Digest>
+</KeyDigest>
+</TrustAnchor>
--- /dev/null
+<?xml version="1.0" encoding="UTF-8"?>
+<TrustAnchor id="AD42165F-3B1A-4778-8F42-D34A1D41FD93" source="http://data.iana.org/root-anchors/root-anchors.xml">
+<Zone>.</Zone>
+<KeyDigest id="Kjqmt7v" validFrom="2010-07-15T00:00:00+00:00" validUntil="2010-07-16T00:00:00+00:00">
+<KeyTag>37348</KeyTag>
+<Algorithm>5</Algorithm>
+<DigestType>1</DigestType>
+<Digest>b56a31943f14faa31224d147f8b1107b78598eb2</Digest>
+</KeyDigest>
+<KeyDigest id="Kjqmt7v" validFrom="2010-07-18T00:00:00+00:00" validUntil="2010-07-19T00:00:00+00:00">
+<KeyTag>37348</KeyTag>
+<Algorithm>5</Algorithm>
+<DigestType>1</DigestType>
+<Digest>b56a31943f14faa31224d147f8b1107b78598eb2</Digest>
+</KeyDigest>
+</TrustAnchor>
--- /dev/null
+<?xml version="1.0" encoding="UTF-8"?>
+<TrustAnchor id="AD42165F-3B1A-4778-8F42-D34A1D41FD93" source="http://data.iana.org/root-anchors/root-anchors.xml">
+<Zone>.</Zone>
+<KeyDigest id="Kjqmt7v" validFrom="2010-07-15T00:00:00+00:00">
+<KeyTag>37348</KeyTag>
+<Algorithm>5</Algorithm>
+<DigestType>1</DigestType>
+<Digest>b56a31943f14faa31224d147f8b1107b78598eb2</Digest>
+</KeyDigest>
+</TrustAnchor>
--- /dev/null
+. 3600 IN DS 37348 5 1 b56a31943f14faa31224d147f8b1107b78598eb2 ; xotek-pusin-gezoc-gevep-feged-gigyg-livor-cagil-riveh-nafar-duxix
--- /dev/null
+. 3600 IN DNSKEY 257 3 5 AwEAAcjV/I6yYY0LGBEqBFZS0K6zcbCVAfarbOoCKBUEfsR/nVdy3pwMydXopUVhg4Z07tTu8w2gYTPALPv5E6EJFJebA34R0OcvTPRDr3671zVwZO9HyQK+RuT/0d7G/pdCeJX2gHHiVrG796nf078O/agtojZ8+HJ1V3oLnDZYBSDWv2oL2LB2Mpj+610W7RrmEmQQm2KaMP6aX3YMbAyBIrDjVzJTir4/WwJEHRHq59Xw91egJkS2bp0KIK3J3tQFqw== ;{id = 37348 (ksk), size = 1536b}
--- /dev/null
+Private-key-format: v1.2
+Algorithm: 5 (RSASHA1)
+Modulus: yNX8jrJhjQsYESoEVlLQrrNxsJUB9qts6gIoFQR+xH+dV3LenAzJ1eilRWGDhnTu1O7zDaBhM8As+/kToQkUl5sDfhHQ5y9M9EOvfrvXNXBk70fJAr5G5P/R3sb+l0J4lfaAceJWsbv3qd/Tvw79qC2iNnz4cnVXegucNlgFINa/agvYsHYymP7rXRbtGuYSZBCbYpow/ppfdgxsDIEisONXMlOKvj9bAkQdEern1fD3V6AmRLZunQogrcne1AWr
+PublicExponent: AQAB
+PrivateExponent: XKH2f4rfW8LGMwSCQ56nCi1SPvQ7l56x+a1M94S/Q7row7ED5E4xuiw4LqwvkhDVJ/meuaZDry7wkLftydT6XoLtNXTaOgejIvclNvtE5C0XIRanLFC/OliUYIDAZNwPGVCYX8ZIfcbi1Sp5Ng9EofCb1haSGn/Wnar31knaweRdTrAUIPl49+QhJmaHCrTtHVuYEOZjIaOPSGIBvxZAk//3yF6FXY3RVRaNRTcELWvLclSdtt52etVV0/SEWhjh
+Prime1: 4wEpv8UVvqOkOKSxeu1ao42FWHwqzwUdFyNeKrUxg3E7ad5i9V0aaFhqbJKzQtVUreeEtoXsSRvjvbWJ4wSCwEay1qVD4xEJ4UFtasESxQvv1iVsBQ7zEywRkwSIT46/
+Prime2: 4n0h+1TXflSEqdxC4lPiwyIC/z+1iyq0kFru70SB395S44HAynbQBdsapZX29msfl+/tiu2DncIXe1oVaDDqPpbrOT5NZMH9xQnZDSCbM8l7Gyx5UB3MsbT+71J2VrAV
+Exponent1: p81LTDvmyAZ1NX3gyCq+TpolkPQwPNnd2CXHzTAlirFgJvFCG3gYNjvtZ5bFtki2ENtMShQTRzO7lJemds71zCY2ut5toWMN95oCxOA1/LzHLHh7Mf4MBwcTcqbuEElH
+Exponent2: w0ZyWxkuZxyF+VIQVMVQuT+E6ABNDX03i1LruV4OwC8WtlM0HxxLhREBK41eDd4UslJKM8NO/GDRECh+VoP+IxLKImPGJL5hh1ZTTs8zIXZw7t/shJf82acdOsiVgW51
+Coefficient: 10OZvNAPHe/wBO2+AO49EUohPksOxFy9dwspB1XUjlPB9zv93dUfZdou3pjZq1EkxnRChaAwmRMYxks3UiTmDuybMNzKlaFQajyB+UowjA1dStFYbDFpVrIqv6H0q7W2
--- /dev/null
+-----BEGIN RSA PRIVATE KEY-----
+MIIDfAIBAAKBwQC48GhhmIU66TZKc3QiyF4L5bsm8Aly/y2SzLP+GACepK0OcOtD
+i2sXrTtoJDvGOPZ9ICqmIy8u/Q/cK26txNEeZFcClLcYF/U+NaqjEwrwkHEIgc3g
+8qnKrhzM61I8foAWVT7cqxFHDKYuClNITXk1i//Yzpnf9wvVKQ51W9UOtm/WA7g4
+IDHCuAjocyyNC3B7XqYawFDOsdMI4ZW7hC0hIRQOvBkvbvY8WxmsSkdd30u1KmoI
+Sg4y6OvnikrEEQkCAwEAAQKBwQC3hQlv37RF82sGkm8qnP6Ge+AuEYCu9v44cJ4k
+hZkH1I5OiEtN6anKAwOyolIWsCwZmrP3zW5jCIiWiRr5oReLOzMEwqK2a//XTdYY
+oSr38b3ZHUY59VP8Zq75woMGuNed35kAmGxzDRP1gI/TmvTvaHlqYyvxBtxnZJij
+Za1CrT+a9JvR6hI8xXrE33CF0T6JO1v3v0HeBuve5+83cCHKo+GyqIBjL3FJgefZ
+EsPz6rGnPDKTYgMyaljFV3LI5ikCYQDlaBnyiWk1C7tYO5x3CRoHoiuiiREZCncK
+QkSxjiDoSP0rc+3BQp2kG3yy6S9mN4qMQPELEtBa6bORogxNK+Pxg8TRI/+xgeFt
+bod5Bd4pfl6Y5hXm21JwELFlOzPI3PMCYQDOYK6Z7vegiOJyyAJXMjcI07H8S0Gr
+SZW8f4tHRzO+RrRpR5ANzarELX7nF/Qj5mPXiZNiiMDGocxqkNzIa5HFLOqBhRkv
+o7yC1Cj582dUBFHyEbsZxR6UMTPLdE3UaRMCYACC1Nv3dmaJ2ib+KwEQ4h/2Ooao
+K4OUxGMfdqu2l1gtIXNBVNxDW7qL3SFA57wgj4x0cJUHu7MYJjBC3igl2uIk2wFk
+RSOOGIR35JFec/o/r9JDYPUcs/hP8TU6hokCBQJgHbH/rZqa+vh3TPjGjXFmRdjg
+JWNWwaTG7OaVTd5K7bgSwYtQiQvs5Gl/dxUVRg0ilKLxGB6BTpN9bGAHxLbltK9v
+1s8l/praxyBr/PsvBQHSILi4aU7ZxY0G3OGRSV0NAmBx28Msdgc0yHh3qSkbwVEr
+gr7av1iOH73ee+o4CmMWXYUBHOMW5Su0s0QHjNGDMiRiRoCvzYqdLcJj9/sFJxOT
+CM35WGGeKDMNubX7C6YroQ91q7kUmhi7HHY3QOyhCDU=
+-----END RSA PRIVATE KEY-----
--- /dev/null
+-----BEGIN CERTIFICATE-----
+MIICWTCCAYKgAwIBAgIJAN5YIkuCvJf5MA0GCSqGSIb3DQEBBQUAMCYxDjAMBgNV
+BAMTBXBldGFsMRQwEgYJKoZIhvcNAQkBFgVwZXRhbDAeFw0xMzAxMTcxMTUyNDVa
+Fw0zMjEwMDQxMTUyNDVaMCYxDjAMBgNVBAMTBXBldGFsMRQwEgYJKoZIhvcNAQkB
+FgVwZXRhbDCB3zANBgkqhkiG9w0BAQEFAAOBzQAwgckCgcEAuPBoYZiFOuk2SnN0
+IsheC+W7JvAJcv8tksyz/hgAnqStDnDrQ4trF607aCQ7xjj2fSAqpiMvLv0P3Ctu
+rcTRHmRXApS3GBf1PjWqoxMK8JBxCIHN4PKpyq4czOtSPH6AFlU+3KsRRwymLgpT
+SE15NYv/2M6Z3/cL1SkOdVvVDrZv1gO4OCAxwrgI6HMsjQtwe16mGsBQzrHTCOGV
+u4QtISEUDrwZL272PFsZrEpHXd9LtSpqCEoOMujr54pKxBEJAgMBAAGjDzANMAsG
+A1UdDwQEAwIChDANBgkqhkiG9w0BAQUFAAOBwQCaA3ys5hDPMNV1oXIxH6u2KfAX
+C9tYJId/SR0x8whsZuNaSEZAgImdM5dnyWdjey8Pio772E9/F2aUBGFkdadZx4My
+d7hBfEi/NECEKs86k9g0ijbin41NKtnajb6GwyNQ9vDx7Z5FS8BZ3CD0BZIdCQUE
+gKuDSWBROQU3tqrjdk2QTwGQkj2mgzT871Jn1MwZw0mczPjS1y469Ejym8wi3uCd
+EboDOoGBCpmUQbxBv6JI75cUCdmNNEwjQjZ0XQw=
+-----END CERTIFICATE-----
--- /dev/null
+#!/bin/sh
+#
+# unbound-control-setup.sh - set up SSL certificates for unbound-control
+#
+# Copyright (c) 2008, NLnet Labs. All rights reserved.
+#
+# This software is open source.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+#
+# Redistributions of source code must retain the above copyright notice,
+# this list of conditions and the following disclaimer.
+#
+# Redistributions in binary form must reproduce the above copyright notice,
+# this list of conditions and the following disclaimer in the documentation
+# and/or other materials provided with the distribution.
+#
+# Neither the name of the NLNET LABS nor the names of its contributors may
+# be used to endorse or promote products derived from this software without
+# specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+# TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE
+# LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+# POSSIBILITY OF SUCH DAMAGE.
+
+# settings:
+
+# directory for files
+DESTDIR=/usr/local/etc/unbound
+
+# issuer and subject name for certificates
+SERVERNAME=petal
+CLIENTNAME=unbound-anchor
+
+# validity period for certificates
+DAYS=7200
+
+# size of keys in bits
+BITS=1536
+
+# hash algorithm
+HASH=sha1
+
+# base name for unbound server keys
+SVR_BASE=test_cert
+
+# base name for unbound-control keys
+CTL_BASE=unbound_control
+
+# we want -rw-r--- access (say you run this as root: grp=yes (server), all=no).
+umask 0026
+
+# end of options
+
+# functions:
+error ( ) {
+ echo "$0 fatal error: $1"
+ exit 1
+}
+
+# check arguments:
+while test $# -ne 0; do
+ case $1 in
+ -d)
+ if test $# -eq 1; then error "need argument for -d"; fi
+ DESTDIR="$2"
+ shift
+ ;;
+ *)
+ echo "unbound-control-setup.sh - setup SSL keys for unbound-control"
+ echo " -d dir use directory to store keys and certificates."
+ echo " default: $DESTDIR"
+ echo "please run this command using the same user id that the "
+ echo "unboun daemon uses, it needs read privileges."
+ exit 1
+ ;;
+ esac
+ shift
+done
+
+# go!:
+echo "setup in directory $DESTDIR"
+cd "$DESTDIR" || error "could not cd to $DESTDIR"
+
+# create certificate keys; do not recreate if they already exist.
+if test -f $SVR_BASE.key; then
+ echo "$SVR_BASE.key exists"
+else
+ echo "generating $SVR_BASE.key"
+ openssl genrsa -out $SVR_BASE.key $BITS || error "could not genrsa"
+fi
+if test -f $CTL_BASE.key; then
+ echo "$CTL_BASE.key exists"
+else
+ echo "generating $CTL_BASE.key"
+ openssl genrsa -out $CTL_BASE.key $BITS || error "could not genrsa"
+fi
+
+# create self-signed cert for server
+cat >request.cfg <<EOF
+[req]
+default_bits=$BITS
+default_md=$HASH
+prompt=no
+distinguished_name=req_distinguished_name
+x509_extensions=v3_ca
+
+[req_distinguished_name]
+commonName=$SERVERNAME
+emailAddress=$SERVERNAME
+
+[v3_ca]
+keyUsage=digitalSignature, keyCertSign
+EOF
+test -f request.cfg || error "could not create request.cfg"
+
+echo "create $SVR_BASE.pem (self signed certificate)"
+openssl req -key $SVR_BASE.key -config request.cfg -new -x509 -days $DAYS -out $SVR_BASE.pem || error "could not create $SVR_BASE.pem"
+# create trusted usage pem
+openssl x509 -in $SVR_BASE.pem -addtrust serverAuth -out $SVR_BASE"_trust.pem"
+
+# create client request and sign it, piped
+cat >request.cfg <<EOF
+[req]
+default_bits=$BITS
+default_md=$HASH
+prompt=no
+distinguished_name=req_distinguished_name
+
+[req_distinguished_name]
+commonName=$CLIENTNAME
+EOF
+test -f request.cfg || error "could not create request.cfg"
+
+echo "create $CTL_BASE.pem (signed client certificate)"
+openssl req -key $CTL_BASE.key -config request.cfg -new | openssl x509 -req -days $DAYS -CA $SVR_BASE"_trust.pem" -CAkey $SVR_BASE.key -CAcreateserial -$HASH -out $CTL_BASE.pem
+test -f $CTL_BASE.pem || error "could not create $CTL_BASE.pem"
+# create trusted usage pem
+# openssl x509 -in $CTL_BASE.pem -addtrust clientAuth -out $CTL_BASE"_trust.pem"
+
+# see details with openssl x509 -noout -text < $SVR_BASE.pem
+# echo "create $CTL_BASE""_browser.pfx (web client certificate)"
+# echo "create webbrowser PKCS#12 .PFX certificate file. In Firefox import in:"
+# echo "preferences - advanced - encryption - view certificates - your certs"
+# echo "empty password is used, simply click OK on the password dialog box."
+# openssl pkcs12 -export -in $CTL_BASE"_trust.pem" -inkey $CTL_BASE.key -name "unbound remote control client cert" -out $CTL_BASE"_browser.pfx" -password "pass:" || error "could not create browser certificate"
+
+# remove unused permissions
+chmod o-rw $SVR_BASE.pem $SVR_BASE.key $CTL_BASE.pem $CTL_BASE.key
+
+# remove crap
+rm -f request.cfg
+rm -f $CTL_BASE"_trust.pem" $SVR_BASE"_trust.pem" $SVR_BASE"_trust.srl"
+
+echo "Setup success. Certificates created. Enable in unbound.conf file to use"
+
+exit 0
--- /dev/null
+-----BEGIN RSA PRIVATE KEY-----
+MIIDfAIBAAKBwQC2p0MTVVEfvOpaWlI6rLKGxaHfw/4JUxXCwDHRkkyB0hkISRMx
+8imB+io0aY2Uck9zl0BTgPaKtFeA0+lukZk75keOuATPFZwbCGs+6Tx5AoN4+NzI
+aVay5AuO8E1u6AVdmcAqByP+R92yz5f3T93/cSsYzqPZ6Y1wO9sabtrkGTYwnfMg
+nSttyvlBIhRDWbEO+rWL2CCi0JtrnpiK8sa2ysQCq9Y6ZiGjT9PEWIZwkxQ6y5TI
+WVtyitoknpDheZcCAwEAAQKBwAgeXSPh2e5ANmZ3t0n2XSUSacSJcKQ3djMm2dAH
+4bCvhv9QSDMjIWcumGul+W4Muq1XnrtXcx3tMCqAwNJyVE5OSQX19fjCbCLjd+je
+8xop23AoF6As1nazHjRnR/nTBD7QNx2xbaW8RNbaGpTe2G2lpdbg9myRpyqiB8Pk
+73x/AQcPqm4SHBJS+kU/Q9k9yZRHGQ/PhYlvAmY0SCndew28Pcs+IdCI32k7e/aP
+SCEQvVqKeIiSJ0Zj8RSk8Pz1cQJhANtNsvcEa2V8NxI9yL2zwvBXwoBuU+d9Pszt
+Ooqc/kmvU0FV06HgiIPtTSoHLI7Zh9h5Xn4DFGmtS8WeGhwSVCN1iwcW9F2ldgAw
+LXcoXjEK21KXYFNAYeo07vul/Ly/yQJhANU3lM8hAqq7FB4R5zgUCcp08FOVA8tl
+kEK1JoAdfp6Wv4M2xGJ6tmKcf92r0F8zBDV6oZX/dtPwFzWhBZUi+zaA8PcEqbwt
+CJtmM5ycoX6kkkIfXtAVNZiTIYHn01beXwJgQBFA+V03KtzREeku3gzIJILe9bpF
+lNlIIYIkmh4nQ8uOnQW/4AjCmRgYdPDHmav/PcSnUFUB/6V6/26i3hSUtA9A4H9a
+QIl4IbHxdmA6tEUhsc07fNbQRCXWs3nYjiPRAmEAjDe4MhsYYOUUzs2hTFzJL46F
+ucHGtA0/uM7e2eQLsAmdOpJaxhTDOsiGwmXKa8DmJLFX8IgHQkujR850GGbf5DEZ
+xqkXYrwO6/tjN7w97EYYNUniFV/NVmBz6bVmY7trAmAvvg7MoBlb/o6nwoCQqnUM
+QyjIy9A0t8+KHNMFSQwUldG+HIwiU4/7y2zCqBYJg8NOjrdj/3+73A24rP8wRp15
+zqQCS7mLLWmYx7pWE1ZHN8eY3xGoHmr7LzlB+dzYG+w=
+-----END RSA PRIVATE KEY-----
--- /dev/null
+-----BEGIN CERTIFICATE-----
+MIICNjCCAV8CCQCbt2WrJa/ewzANBgkqhkiG9w0BAQUFADAmMQ4wDAYDVQQDEwVw
+ZXRhbDEUMBIGCSqGSIb3DQEJARYFcGV0YWwwHhcNMTMwMTE3MTE1MjQ1WhcNMzIx
+MDA0MTE1MjQ1WjAZMRcwFQYDVQQDEw51bmJvdW5kLWFuY2hvcjCB3zANBgkqhkiG
+9w0BAQEFAAOBzQAwgckCgcEAtqdDE1VRH7zqWlpSOqyyhsWh38P+CVMVwsAx0ZJM
+gdIZCEkTMfIpgfoqNGmNlHJPc5dAU4D2irRXgNPpbpGZO+ZHjrgEzxWcGwhrPuk8
+eQKDePjcyGlWsuQLjvBNbugFXZnAKgcj/kfdss+X90/d/3ErGM6j2emNcDvbGm7a
+5Bk2MJ3zIJ0rbcr5QSIUQ1mxDvq1i9ggotCba56YivLGtsrEAqvWOmYho0/TxFiG
+cJMUOsuUyFlbcoraJJ6Q4XmXAgMBAAEwDQYJKoZIhvcNAQEFBQADgcEAhc3wYcbD
+Uu9Osbu3bhbxLCkhedq/3weEO8RDU3AyB8diioAikagIOb99UeVE3WIds+JIPD6J
+mK5UvS+lPR8SEOMRd0H91bEEp1Zn+gHAS/Z7k/x9t38Xk1N0jOnElc6n4vl42KLO
+z2laJWcte7YXjzFjaNxP9fsGgEx1vRxcjtpXQWSY+oj+RVm5kRs5WKX5MCyD/p+y
+Xitg7/a0ITKbW1GpVwaX6nPaeoze68m3qmy64l080XCna3igbhi3h2ay
+-----END CERTIFICATE-----
--- /dev/null
+-----BEGIN RSA PRIVATE KEY-----
+MIIDfQIBAAKBwQC1xQ/Kca6zszZbcCtdOTIH2Uy2gOy/DfabMUU7TmNPm0dVE0NJ
+RuN+Rm304SonpwghfP2/ULZNnuDgpG03/32yI7k/VzG6iA4hiF7tT/KAAWC/+2l1
+QCsawCV2bSrFK0VhcZr7ALqXd8vkDaQ867K029ypjOQtAJ85qdO3mERy7TGtdUcu
+O6hLeVet419YeQ2F8cfNxn63d7bOzNGLPW5xwaCd3UcgD+Ib0k4xfFvbinvPQUeU
+J/i4YDWexFYSL+ECAwEAAQKBwCLXXQl+9O+5AEhSnd1Go1Jh0pSA7eBJOuXQcebG
+Rb7ykp+6C4G2NtDziwwPRNdI6wQQQ0sym18RfyVQHydGr78/nbiIbB3HCn5e92Mh
+mefzW6ow9Kvm2txLzGKA1lvoyRbNm81jnG/eygi3u7Nqd5PNv+4dHj2RkTlmxOeh
+qnDMVP5md8uZPv6lYNnrnIzvLCR5vnPNdVwn89AqzI85IcDZdy0R9ZX4NBbsDgAU
+6ig6uXuRXvSGiyJ/OUXSrnogaQJhAOjvkHUhVZQkPOxO90TNH4j0GdKKtbSWxIdz
+lKfuJeBAEqs0TL+C6vbS81Xw3W1alyDdUBk3rJMOBqW6Ryq5HNL+j5H+Jfsh7fvc
+Yle+5wHGci0P9zCFZCrY8It7n9XFIwJhAMfEi6oJa2G8waPJ1bQhxka82Tf9pnKM
+XCn/1BBOFjVIx5F842cpA+zp5a62GENTGYPQTTRBB/2/ZwnW5aIkrlg54AtmbqBZ
+Oh+2kJdJQD/tfoVmc5soUE2ScTHadK5RKwJhAN4w9kjkXS+MSZjX0kIMsBIBVkhh
+C+aREjJqa9ir7/Ey7RvmLXdYuCxtGLRXp7/R8+rjcK49Tx6O+IRJZe042mfhbq3C
+EhS1Tr86f4xXix9EXlDhs9bSxrOgcAN9Dv/opQJhAK7eBcPaav0rVfYh/8emqQHS
+3fJ9Pu6WnzbEksWTFS2ff9KDGCx9YspIFJ5TF/oXDAaumGZdZrlgirm6O1kr8tGY
+F97i04PZl1+bWAaWQH+1TUNI43m2WFUPE7coG2tb8QJgcddDg9VlXliZqgcETZfJ
+kJmYETxrcSn3ao6v116N8yxhEgUgjkmsCTiFgx36iDVnXwK6PIt+sIu8MC7eYNa3
+berrv/M21K0LRn20IWRxvUobG070weHCAgkko7fTWgr2
+-----END RSA PRIVATE KEY-----
--- /dev/null
+-----BEGIN CERTIFICATE-----
+MIICFzCCAUACCQDO660L5y5LGDANBgkqhkiG9w0BAQUFADAQMQ4wDAYDVQQDEwVw
+ZXRhbDAeFw0xMDA5MzAxMzQzMDFaFw0zMDA2MTcxMzQzMDFaMBAxDjAMBgNVBAMT
+BXBldGFsMIHfMA0GCSqGSIb3DQEBAQUAA4HNADCByQKBwQC1xQ/Kca6zszZbcCtd
+OTIH2Uy2gOy/DfabMUU7TmNPm0dVE0NJRuN+Rm304SonpwghfP2/ULZNnuDgpG03
+/32yI7k/VzG6iA4hiF7tT/KAAWC/+2l1QCsawCV2bSrFK0VhcZr7ALqXd8vkDaQ8
+67K029ypjOQtAJ85qdO3mERy7TGtdUcuO6hLeVet419YeQ2F8cfNxn63d7bOzNGL
+PW5xwaCd3UcgD+Ib0k4xfFvbinvPQUeUJ/i4YDWexFYSL+ECAwEAATANBgkqhkiG
+9w0BAQUFAAOBwQBBkX9KDP2RXbg+xPmdJ4P6CwvA5x1LZwC++ydVx4NlvT0pWicD
+ZUnXjcWAJlkeOuUBAqFG7WHTrXpUUAjmdqFVq2yFjteUYBdrFz0RDB2jM9feeKYO
+mTgxdZyT9a6humxCxt5VfgT02axLjm/2AqCyFPMbf4PASoJDln01AEuZLZ8Xl2gV
+bYHMnHTGoD1Hu6FNEzRgkMC6XT8X3YjHvzQhpc/qL5wEfEsinQGdX4twsuWbf8xd
+q7miNnkO8vd0maw=
+-----END CERTIFICATE-----
--- /dev/null
+-----BEGIN RSA PRIVATE KEY-----
+MIIDfQIBAAKBwQC1xQ/Kca6zszZbcCtdOTIH2Uy2gOy/DfabMUU7TmNPm0dVE0NJ
+RuN+Rm304SonpwghfP2/ULZNnuDgpG03/32yI7k/VzG6iA4hiF7tT/KAAWC/+2l1
+QCsawCV2bSrFK0VhcZr7ALqXd8vkDaQ867K029ypjOQtAJ85qdO3mERy7TGtdUcu
+O6hLeVet419YeQ2F8cfNxn63d7bOzNGLPW5xwaCd3UcgD+Ib0k4xfFvbinvPQUeU
+J/i4YDWexFYSL+ECAwEAAQKBwCLXXQl+9O+5AEhSnd1Go1Jh0pSA7eBJOuXQcebG
+Rb7ykp+6C4G2NtDziwwPRNdI6wQQQ0sym18RfyVQHydGr78/nbiIbB3HCn5e92Mh
+mefzW6ow9Kvm2txLzGKA1lvoyRbNm81jnG/eygi3u7Nqd5PNv+4dHj2RkTlmxOeh
+qnDMVP5md8uZPv6lYNnrnIzvLCR5vnPNdVwn89AqzI85IcDZdy0R9ZX4NBbsDgAU
+6ig6uXuRXvSGiyJ/OUXSrnogaQJhAOjvkHUhVZQkPOxO90TNH4j0GdKKtbSWxIdz
+lKfuJeBAEqs0TL+C6vbS81Xw3W1alyDdUBk3rJMOBqW6Ryq5HNL+j5H+Jfsh7fvc
+Yle+5wHGci0P9zCFZCrY8It7n9XFIwJhAMfEi6oJa2G8waPJ1bQhxka82Tf9pnKM
+XCn/1BBOFjVIx5F842cpA+zp5a62GENTGYPQTTRBB/2/ZwnW5aIkrlg54AtmbqBZ
+Oh+2kJdJQD/tfoVmc5soUE2ScTHadK5RKwJhAN4w9kjkXS+MSZjX0kIMsBIBVkhh
+C+aREjJqa9ir7/Ey7RvmLXdYuCxtGLRXp7/R8+rjcK49Tx6O+IRJZe042mfhbq3C
+EhS1Tr86f4xXix9EXlDhs9bSxrOgcAN9Dv/opQJhAK7eBcPaav0rVfYh/8emqQHS
+3fJ9Pu6WnzbEksWTFS2ff9KDGCx9YspIFJ5TF/oXDAaumGZdZrlgirm6O1kr8tGY
+F97i04PZl1+bWAaWQH+1TUNI43m2WFUPE7coG2tb8QJgcddDg9VlXliZqgcETZfJ
+kJmYETxrcSn3ao6v116N8yxhEgUgjkmsCTiFgx36iDVnXwK6PIt+sIu8MC7eYNa3
+berrv/M21K0LRn20IWRxvUobG070weHCAgkko7fTWgr2
+-----END RSA PRIVATE KEY-----
--- /dev/null
+-----BEGIN CERTIFICATE-----
+MIICFzCCAUACCQDO660L5y5LGDANBgkqhkiG9w0BAQUFADAQMQ4wDAYDVQQDEwVw
+ZXRhbDAeFw0xMDA5MzAxMzQzMDFaFw0zMDA2MTcxMzQzMDFaMBAxDjAMBgNVBAMT
+BXBldGFsMIHfMA0GCSqGSIb3DQEBAQUAA4HNADCByQKBwQC1xQ/Kca6zszZbcCtd
+OTIH2Uy2gOy/DfabMUU7TmNPm0dVE0NJRuN+Rm304SonpwghfP2/ULZNnuDgpG03
+/32yI7k/VzG6iA4hiF7tT/KAAWC/+2l1QCsawCV2bSrFK0VhcZr7ALqXd8vkDaQ8
+67K029ypjOQtAJ85qdO3mERy7TGtdUcuO6hLeVet419YeQ2F8cfNxn63d7bOzNGL
+PW5xwaCd3UcgD+Ib0k4xfFvbinvPQUeUJ/i4YDWexFYSL+ECAwEAATANBgkqhkiG
+9w0BAQUFAAOBwQBBkX9KDP2RXbg+xPmdJ4P6CwvA5x1LZwC++ydVx4NlvT0pWicD
+ZUnXjcWAJlkeOuUBAqFG7WHTrXpUUAjmdqFVq2yFjteUYBdrFz0RDB2jM9feeKYO
+mTgxdZyT9a6humxCxt5VfgT02axLjm/2AqCyFPMbf4PASoJDln01AEuZLZ8Xl2gV
+bYHMnHTGoD1Hu6FNEzRgkMC6XT8X3YjHvzQhpc/qL5wEfEsinQGdX4twsuWbf8xd
+q7miNnkO8vd0maw=
+-----END CERTIFICATE-----
--- /dev/null
+# PKCS7 sign it
+#infile=127.0.0.1/no_more_keys.xml
+#outfile=127.0.0.1/no_more_keys.p7s
+infile=127.0.0.1/root.xml
+outfile=127.0.0.1/root.p7s
+set -v
+
+openssl smime -sign -in $infile -out $outfile -inkey test_cert.key -signer test_cert.pem -outform DER -binary || echo "could not sign"
+openssl smime -verify -content $infile -in $outfile -inform DER -CAfile test_cert.pem || echo "could not verify"
+openssl pkcs7 -print_certs -inform der -in $outfile -text
--- /dev/null
+-----BEGIN RSA PRIVATE KEY-----
+MIIDfAIBAAKBwQC48GhhmIU66TZKc3QiyF4L5bsm8Aly/y2SzLP+GACepK0OcOtD
+i2sXrTtoJDvGOPZ9ICqmIy8u/Q/cK26txNEeZFcClLcYF/U+NaqjEwrwkHEIgc3g
+8qnKrhzM61I8foAWVT7cqxFHDKYuClNITXk1i//Yzpnf9wvVKQ51W9UOtm/WA7g4
+IDHCuAjocyyNC3B7XqYawFDOsdMI4ZW7hC0hIRQOvBkvbvY8WxmsSkdd30u1KmoI
+Sg4y6OvnikrEEQkCAwEAAQKBwQC3hQlv37RF82sGkm8qnP6Ge+AuEYCu9v44cJ4k
+hZkH1I5OiEtN6anKAwOyolIWsCwZmrP3zW5jCIiWiRr5oReLOzMEwqK2a//XTdYY
+oSr38b3ZHUY59VP8Zq75woMGuNed35kAmGxzDRP1gI/TmvTvaHlqYyvxBtxnZJij
+Za1CrT+a9JvR6hI8xXrE33CF0T6JO1v3v0HeBuve5+83cCHKo+GyqIBjL3FJgefZ
+EsPz6rGnPDKTYgMyaljFV3LI5ikCYQDlaBnyiWk1C7tYO5x3CRoHoiuiiREZCncK
+QkSxjiDoSP0rc+3BQp2kG3yy6S9mN4qMQPELEtBa6bORogxNK+Pxg8TRI/+xgeFt
+bod5Bd4pfl6Y5hXm21JwELFlOzPI3PMCYQDOYK6Z7vegiOJyyAJXMjcI07H8S0Gr
+SZW8f4tHRzO+RrRpR5ANzarELX7nF/Qj5mPXiZNiiMDGocxqkNzIa5HFLOqBhRkv
+o7yC1Cj582dUBFHyEbsZxR6UMTPLdE3UaRMCYACC1Nv3dmaJ2ib+KwEQ4h/2Ooao
+K4OUxGMfdqu2l1gtIXNBVNxDW7qL3SFA57wgj4x0cJUHu7MYJjBC3igl2uIk2wFk
+RSOOGIR35JFec/o/r9JDYPUcs/hP8TU6hokCBQJgHbH/rZqa+vh3TPjGjXFmRdjg
+JWNWwaTG7OaVTd5K7bgSwYtQiQvs5Gl/dxUVRg0ilKLxGB6BTpN9bGAHxLbltK9v
+1s8l/praxyBr/PsvBQHSILi4aU7ZxY0G3OGRSV0NAmBx28Msdgc0yHh3qSkbwVEr
+gr7av1iOH73ee+o4CmMWXYUBHOMW5Su0s0QHjNGDMiRiRoCvzYqdLcJj9/sFJxOT
+CM35WGGeKDMNubX7C6YroQ91q7kUmhi7HHY3QOyhCDU=
+-----END RSA PRIVATE KEY-----
--- /dev/null
+-----BEGIN CERTIFICATE-----
+MIICWTCCAYKgAwIBAgIJAN5YIkuCvJf5MA0GCSqGSIb3DQEBBQUAMCYxDjAMBgNV
+BAMTBXBldGFsMRQwEgYJKoZIhvcNAQkBFgVwZXRhbDAeFw0xMzAxMTcxMTUyNDVa
+Fw0zMjEwMDQxMTUyNDVaMCYxDjAMBgNVBAMTBXBldGFsMRQwEgYJKoZIhvcNAQkB
+FgVwZXRhbDCB3zANBgkqhkiG9w0BAQEFAAOBzQAwgckCgcEAuPBoYZiFOuk2SnN0
+IsheC+W7JvAJcv8tksyz/hgAnqStDnDrQ4trF607aCQ7xjj2fSAqpiMvLv0P3Ctu
+rcTRHmRXApS3GBf1PjWqoxMK8JBxCIHN4PKpyq4czOtSPH6AFlU+3KsRRwymLgpT
+SE15NYv/2M6Z3/cL1SkOdVvVDrZv1gO4OCAxwrgI6HMsjQtwe16mGsBQzrHTCOGV
+u4QtISEUDrwZL272PFsZrEpHXd9LtSpqCEoOMujr54pKxBEJAgMBAAGjDzANMAsG
+A1UdDwQEAwIChDANBgkqhkiG9w0BAQUFAAOBwQCaA3ys5hDPMNV1oXIxH6u2KfAX
+C9tYJId/SR0x8whsZuNaSEZAgImdM5dnyWdjey8Pio772E9/F2aUBGFkdadZx4My
+d7hBfEi/NECEKs86k9g0ijbin41NKtnajb6GwyNQ9vDx7Z5FS8BZ3CD0BZIdCQUE
+gKuDSWBROQU3tqrjdk2QTwGQkj2mgzT871Jn1MwZw0mczPjS1y469Ejym8wi3uCd
+EboDOoGBCpmUQbxBv6JI75cUCdmNNEwjQjZ0XQw=
+-----END CERTIFICATE-----
--- /dev/null
+-----BEGIN RSA PRIVATE KEY-----
+MIICXAIBAAKBgQDti51Z6qASvAjPFFhLLlq8BwtsnmfqMPMn57dKAghb4OifeL4G
+SLOE02/hKDkdkOvaUG2UqDNh2OoPTuJk4A+mG2LJoziFhHKlIebo9v2YiFWOBVtO
+DWc3tXPT1IlSEN0xnAGelMmeLcPeCPe+A5IDlIHzF/+YiDgS38S9dL17owIDAQAB
+AoGAG3w/DatfMCu/nS5OdQx9BSqPgNbnUSqux9xA0fhgPTlN0T3oRtPcqa7JUDUW
+PryI/a62ry+zGkw98N2AxolCZg3N7Z3vuRx2FMcKKNwpTzDmcZW7TmMk5FPof6gE
+PnYl/ff0w+kxqA+L2EexH3Xi6ApLSZcjyzKWj+dL2AuT9gkCQQD3dPitwITxgCAD
+IaHw23e3FRkM/hw1Gp8bt6nbuxitVxxpO96q1EQ+fCy/mf0bMEJDp3xzMEIfP3r4
+GmNbaxa1AkEA9b8LeBLbQ2cm2+UMeUgygBsRirdUQ786auqH38Jbvi/j6S9sDl2x
+q1vRtikEBZJWfkhsOzrzwFDKe1bI/EEn9wJAAzOwRA9JqRZPU7sLrWIpmmTbfh+L
+neRKSsGFoSI6n4ORCouLxgoZF/XjXldPvxpQwS9ZnOPy9xSLMsqknno0QQJAeDtA
+IT8Yh6GwIWWu9KeeDY8wxe1sDLlCm4yjbZZpzGMh3rSU6XJtuqjxsW3fydoO9zn3
+ugLdvvnIFxAexUwbgQJBANyM13xcObfUJOj9rjlGCh0CDh/04ONl8SH8HBnM8guA
+RJI5S6vBHweVRopEZcF1sQm6wMf3ej/sGkyyNvJxRkY=
+-----END RSA PRIVATE KEY-----
--- /dev/null
+-----BEGIN CERTIFICATE-----
+MIIBozCCAQwCCQDd5/rocjG5vDANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwd1
+bmJvdW5kMB4XDTA4MDkyNjEyMjQ0NFoXDTI4MDYxMzEyMjQ0NFowGjEYMBYGA1UE
+AxMPdW5ib3VuZC1jb250cm9sMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDt
+i51Z6qASvAjPFFhLLlq8BwtsnmfqMPMn57dKAghb4OifeL4GSLOE02/hKDkdkOva
+UG2UqDNh2OoPTuJk4A+mG2LJoziFhHKlIebo9v2YiFWOBVtODWc3tXPT1IlSEN0x
+nAGelMmeLcPeCPe+A5IDlIHzF/+YiDgS38S9dL17owIDAQABMA0GCSqGSIb3DQEB
+BQUAA4GBAHpvcKqY48X9WsqogV16L+zT7iXhZ4tySA9EBk1a+0gud/iDPKSBi7mK
+4rzphVfb4S207dVmTG+1WNpa6l3pTGML6XLElxqIu/kr7w4cF0rKvZxWPsBRqYjH
+5HrK8CrQ0+YvUHXiu7IaACLGvKXY4Tqa3HQyvEtzLWJ4HhOrGx8F
+-----END CERTIFICATE-----
--- /dev/null
+-----BEGIN RSA PRIVATE KEY-----
+MIICWwIBAAKBgQC9hurNHBtB7QFEuPJOnCylUWUF2/US3v9yQQQXnstuXMQXRaq1
+1uviLmwaGurV9tngX59HITsBT74NQrtFKfEDLViLrm2arAM9Ozsn4tnv30HXPRDj
+UOc1M05Q7UzjaSrOv+TkPEqyhtUyaP1DYo0bcmbxtSkYc2ZEWCwhPklUwQIDAQAB
+AoGATjzZxN4ramWaNnJapJTX4U7eczK/0pB3xwSL2exVcjOdRzYdKH+WVIJxYb1m
+3/jNLFCNAeH356yxeevoPr73nG75YJ9I1ZWQWTnS3SDK6JD1+3pmAD0bQWFoitpf
+FoSH9H4X5gFB5vCZ99YVoYH1UXWPcgvUHwxz0voImt6lCKECQQD4YQ4A3M0+Ki8v
+Hl+5FKULnS0UtBkweCvkF/X1zZRjjYr6hLnqldFkkgTBKWe17pUXX0nwRMbP1YZX
+i+vDq5JNAkEAw1eYsmC0nVAMawo57N6LYavGv/n5u1cvpTpKDtn4cXH0Uqq13Kyu
+2FUTzan2NhCEK78UzbWaeewBJmxYda1+RQJAdShKk6uTAEyjnwUjv8h2JWlJN2fQ
+LeWxRlDrCruiz+aW9J4gl/99GoQpy/c83TshhjnDRZsbcDNWv/rXBZ/rTQJAFQva
+CtX6f7yBKgM3DHtJvyM3zbVMH9Ab9QxbsE/xwZ9KeKGl6Hm+eNZpxM3cFiUfaGs0
+/ZjkZOB1m0MvILaplQJAXC3PJ/E+87banGZRJl5qtS6/HoX5lH9TPkL8Essy7ANO
+2BT2OTQawD1A+VKIrQHXs085Of8tQUfrfHHt7s3Kqg==
+-----END RSA PRIVATE KEY-----
--- /dev/null
+-----BEGIN CERTIFICATE-----
+MIIBmzCCAQQCCQCDugnhq8B6LzANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwd1
+bmJvdW5kMB4XDTA4MDkyNjEyMjQ0M1oXDTI4MDYxMzEyMjQ0M1owEjEQMA4GA1UE
+AxMHdW5ib3VuZDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAvYbqzRwbQe0B
+RLjyTpwspVFlBdv1Et7/ckEEF57LblzEF0Wqtdbr4i5sGhrq1fbZ4F+fRyE7AU++
+DUK7RSnxAy1Yi65tmqwDPTs7J+LZ799B1z0Q41DnNTNOUO1M42kqzr/k5DxKsobV
+Mmj9Q2KNG3Jm8bUpGHNmRFgsIT5JVMECAwEAATANBgkqhkiG9w0BAQUFAAOBgQCy
+zGMW35/9xXoEWsuLFWUOaEKVq5DXuXtXbcMpDW6k2ELoraa305vh7Zwhj5JSqfcm
+O0xyqIzXvz/cYdyOTgEkdMDZ/EvQsxKTwvj6eA4614yB1r3Ju5eZd4Gpo6BHhSpu
+oqsrr0duJ+JOANTyaBplIxM1sjHbR4FGtmrFknBYBQ==
+-----END CERTIFICATE-----
--- /dev/null
+server:
+ verbosity: 2
+ # num-threads: 1
+ interface: 127.0.0.1
+ port: @PORT@
+ use-syslog: no
+ directory: ""
+ pidfile: "unbound.pid"
+ chroot: ""
+ username: ""
+ do-not-query-localhost: no
+ # disabled validator
+ module-config: "iterator"
+remote-control:
+ control-enable: yes
+ control-interface: 127.0.0.1
+ # control-interface: ::1
+ control-port: @CONTROL_PORT@
+ server-key-file: "unbound_server.key"
+ server-cert-file: "unbound_server.pem"
+ control-key-file: "unbound_control.key"
+ control-cert-file: "unbound_control.pem"
+forward-zone:
+ name: "."
+ forward-addr: "127.0.0.1@@TOPORT@"
+
--- /dev/null
+BaseName: ctrl_itr
+Version: 1.0
+Description: iterator only test unbound-control
+CreationDate: Thu Jan 16 14:08:12 CET 2014
+Maintainer: dr. W.C.A. Wijngaards
+Category:
+Component:
+CmdDepends:
+Depends:
+Help:
+Pre: ctrl_itr.pre
+Post: ctrl_itr.post
+Test: ctrl_itr.test
+AuxFiles:
+Passed:
+Failure:
--- /dev/null
+# #-- ctrl_itr.post --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# source the test var file when it's there
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+#
+# do your teardown here
+. ../common.sh
+kill_pid $FWD_PID
+# it was stopped with unbound-control (if the test succeeded)
+kill $UNBOUND_PID >/dev/null 2>&1
+kill $UNBOUND_PID >/dev/null 2>&1
+exit 0
--- /dev/null
+# #-- ctrl_itr.pre--#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+. ../common.sh
+get_random_port 3
+UNBOUND_PORT=$RND_PORT
+FWD_PORT=$(($RND_PORT + 1))
+CONTROL_PORT=$(($RND_PORT + 2))
+echo "UNBOUND_PORT=$UNBOUND_PORT" >> .tpkg.var.test
+echo "FWD_PORT=$FWD_PORT" >> .tpkg.var.test
+echo "CONTROL_PORT=$CONTROL_PORT" >> .tpkg.var.test
+
+# start forwarder
+get_ldns_testns
+$LDNS_TESTNS -p $FWD_PORT ctrl_itr.testns >fwd.log 2>&1 &
+FWD_PID=$!
+echo "FWD_PID=$FWD_PID" >> .tpkg.var.test
+
+# make config file
+sed -e 's/@PORT\@/'$UNBOUND_PORT'/' -e 's/@TOPORT\@/'$FWD_PORT'/' -e 's/@CONTROL_PORT\@/'$CONTROL_PORT'/' < ctrl_itr.conf > ub.conf
+# start unbound in the background
+PRE="../.."
+$PRE/unbound -d -c ub.conf >unbound.log 2>&1 &
+UNBOUND_PID=$!
+echo "UNBOUND_PID=$UNBOUND_PID" >> .tpkg.var.test
+
+cat .tpkg.var.test
+wait_ldns_testns_up fwd.log
+wait_unbound_up unbound.log
+
--- /dev/null
+# #-- ctrl_itr.test --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+PRE="../.."
+
+# exit value is 1 on usage
+$PRE/unbound-control -c ub.conf forward_add +i bla bla
+if test $? -ne 0; then
+ echo "wrong exit value."
+ cat fwd.log
+ cat unbound.log
+ exit 1
+else
+ echo "exit value: OK"
+fi
+
+
+# test if the server is up.
+echo "> dig www.example.com."
+dig @127.0.0.1 -p $UNBOUND_PORT www.example.com. | tee outfile
+echo "> check answer"
+if grep "10.20.30.40" outfile; then
+ echo "OK"
+else
+ echo "> cat logfiles"
+ cat fwd.log
+ cat unbound.log
+ echo "Not OK"
+ exit 1
+fi
+
+echo "> cat logfiles"
+cat fwd.log
+cat unbound.log
+echo "> OK"
+exit 0
--- /dev/null
+; nameserver test file
+$ORIGIN example.com.
+$TTL 3600
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id
+SECTION QUESTION
+www IN A
+SECTION ANSWER
+www IN A 10.20.30.40
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA SERVFAIL
+ADJUST copy_id
+SECTION QUESTION
+www.example.net. IN A
+ENTRY_END
+
--- /dev/null
+-----BEGIN RSA PRIVATE KEY-----
+MIICXAIBAAKBgQDD6DogNCsSeEa1u99+6PUVbGzjMzzei9MIK6s94+zcpp7OAOBa
+rzPA0vlyuNtUsEN3qwPomQQQmIgbT7OXkzC1wqioxwa609xoL8oW/I7e336rEyvH
+ST6JwUdIg0Lzg/USJ81eTwMnzYSd4Bpsqr9eP33ubaR7Gh/6o76loLOlcQIDAQAB
+AoGAFT3e35MIgI4uDJJ8X0RfHp2NCO2LUg4TKbWical/C0W9vlR1/x80G1pE1d2Z
+WotqJVWTrOq6eBox19RCgtLg2wPGk9uD62+9SDT37heWFlUCElWq50pQG6k9ThiG
+DDypkZyZ/52+DdWybiaQJkuK6O5qQXuNAtVJMpghu4GnHAECQQDsupnZUQDpapzr
+4FC4MSkL2+A1PRt6g4VhwoqOpJXaHfVnH6F7AwUuOLNwGdR5Cvv70pfJ7Jqg8L2m
+Kxyl5bORAkEA09rn34YQ0pHJdHidbl2kInIuYTz09+TO3LWwan17nISH9aaYvVDr
+p9x1B4Qzw9qyxT9oll7ze/5Rw/7C3AQj4QJAT2B2a+b8bkgAXBs4FbruL3rHoDJg
+P2FQXSpVOWU4lg2LlsuFYvDtUMVUbZdLplanjZXcral3Y9W1Ub2M+ped8QJAYQN+
+aRpge7ys7vwIw7B36Bo3aOncF+ScYe+FkM5Tm7II/JHEofT7ZQwMP1vnxIlSkgbe
+YvWqNB6a3NC99LikoQJBAM4UhDdRg63Tr6Idky6CQaH///zAN7nArJfffKGWFdw9
+DKrWpNqvYZtX/cfEJucKcRCm5YL8CKFYbQy4VoCxUcE=
+-----END RSA PRIVATE KEY-----
--- /dev/null
+-----BEGIN CERTIFICATE-----
+MIIBozCCAQwCCQD6XaN6FzW/4DANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwd1
+bmJvdW5kMB4XDTA4MDkxMTA5MDk0MFoXDTI4MDUyOTA5MDk0MFowGjEYMBYGA1UE
+AxMPdW5ib3VuZC1jb250cm9sMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDD
+6DogNCsSeEa1u99+6PUVbGzjMzzei9MIK6s94+zcpp7OAOBarzPA0vlyuNtUsEN3
+qwPomQQQmIgbT7OXkzC1wqioxwa609xoL8oW/I7e336rEyvHST6JwUdIg0Lzg/US
+J81eTwMnzYSd4Bpsqr9eP33ubaR7Gh/6o76loLOlcQIDAQABMA0GCSqGSIb3DQEB
+BQUAA4GBAGFAXmaQHuFgAuc6HVhYZJdToxLBhfxGpot4oZNjcb1Cdoz3OL34MU1B
+9E5psj2PpGPIi8/RwoqBtAJHJ+J5cWngo03o4ZmdwKNSzaxlp141z/3rUtFqEHEC
+iO6gPCT3U7dt6MyC7r6vdMqyW6aldP3CtwD0gQziKAMoj+TAfAcq
+-----END CERTIFICATE-----
--- /dev/null
+-----BEGIN RSA PRIVATE KEY-----
+MIICWwIBAAKBgQC3F7Jsv2u01pLL9rFnjsMU/IaCFUIz/624DcaE84Z4gjMl5kWA
+3axQcqul1wlwSrbKwrony+d9hH/+MX0tZwvl8w3OmhmOAiaQ+SHCsIuOjVwQjX0s
+RLB61Pz5+PAiVvnPa9JIYB5QrK6DVEsxIHj8MOc5JKORrnESsFDh6yeMeQIDAQAB
+AoGAAuWoGBprTOA8UGfl5LqYkaNxSWumsYXxLMFjC8WCsjN1NbtQDDr1uAwodSZS
+6ujzvX+ZTHnofs7y64XC8k34HTOCD2zlW7kijWbT8YjRYFU6o9F5zUGD9RCan0ds
+sVscT2psLSzfdsmFAcbmnGdxYkXk2PC1FHtaqExxehralGUCQQDcqrg9uQKXlhQi
+XAaPr8SiWvtRm2a9IMMZkRfUWZclPHq6fCWNuUaCD+cTat4wAuqeknAz33VEosw3
+fXGsok//AkEA1GjIHXrOcSlpfVJb6NeOBugjRtZ7ZDT5gbtnMS9ob0qntKV6saaL
+CNmJwuD9Q3XkU5j1+uHvYGP2NzcJd2CjhwJACV0hNlVMe9w9fHvFN4Gw6WbM9ViP
+0oS6YrJafYNTu5vGZXVxLoNnL4u3NYa6aPUmuZXjNwBLfJ8f5VboZPf6RwJAINd2
+oYA8bSi/A755MX4qmozH74r4Fx1Nuq5UHTm8RwDe/0Javx8F/j9MWpJY9lZDEF3l
+In5OebPa/NyInSmW/wJAZuP9aRn0nDBkHYri++1A7NykMiJ/nH0mDECbnk+wxx0S
+LwqIetBhxb8eQwMg45+iAH7CHAMQ8BQuF/nFE6eotg==
+-----END RSA PRIVATE KEY-----
--- /dev/null
+-----BEGIN CERTIFICATE-----
+MIIBmzCCAQQCCQDsNJ1UmphEFzANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwd1
+bmJvdW5kMB4XDTA4MDkxMTA5MDk0MFoXDTI4MDUyOTA5MDk0MFowEjEQMA4GA1UE
+AxMHdW5ib3VuZDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAtxeybL9rtNaS
+y/axZ47DFPyGghVCM/+tuA3GhPOGeIIzJeZFgN2sUHKrpdcJcEq2ysK6J8vnfYR/
+/jF9LWcL5fMNzpoZjgImkPkhwrCLjo1cEI19LESwetT8+fjwIlb5z2vSSGAeUKyu
+g1RLMSB4/DDnOSSjka5xErBQ4esnjHkCAwEAATANBgkqhkiG9w0BAQUFAAOBgQAZ
+9N0lnLENs4JMvPS+mn8C5m9bkkFITd32IiLjf0zgYpIUbFXH6XaEr9GNZBUG8feG
+l/6WRXnbnVSblI5odQ4XxGZ9inYY6qtW30uv76HvoKp+QZ1c3460ddR8NauhcCHH
+Z7S+QbLXi+r2JAhpPozZCjBHlRD0ixzA1mKQTJhJZg==
+-----END CERTIFICATE-----
--- /dev/null
+-----BEGIN RSA PRIVATE KEY-----
+MIICXAIBAAKBgQDti51Z6qASvAjPFFhLLlq8BwtsnmfqMPMn57dKAghb4OifeL4G
+SLOE02/hKDkdkOvaUG2UqDNh2OoPTuJk4A+mG2LJoziFhHKlIebo9v2YiFWOBVtO
+DWc3tXPT1IlSEN0xnAGelMmeLcPeCPe+A5IDlIHzF/+YiDgS38S9dL17owIDAQAB
+AoGAG3w/DatfMCu/nS5OdQx9BSqPgNbnUSqux9xA0fhgPTlN0T3oRtPcqa7JUDUW
+PryI/a62ry+zGkw98N2AxolCZg3N7Z3vuRx2FMcKKNwpTzDmcZW7TmMk5FPof6gE
+PnYl/ff0w+kxqA+L2EexH3Xi6ApLSZcjyzKWj+dL2AuT9gkCQQD3dPitwITxgCAD
+IaHw23e3FRkM/hw1Gp8bt6nbuxitVxxpO96q1EQ+fCy/mf0bMEJDp3xzMEIfP3r4
+GmNbaxa1AkEA9b8LeBLbQ2cm2+UMeUgygBsRirdUQ786auqH38Jbvi/j6S9sDl2x
+q1vRtikEBZJWfkhsOzrzwFDKe1bI/EEn9wJAAzOwRA9JqRZPU7sLrWIpmmTbfh+L
+neRKSsGFoSI6n4ORCouLxgoZF/XjXldPvxpQwS9ZnOPy9xSLMsqknno0QQJAeDtA
+IT8Yh6GwIWWu9KeeDY8wxe1sDLlCm4yjbZZpzGMh3rSU6XJtuqjxsW3fydoO9zn3
+ugLdvvnIFxAexUwbgQJBANyM13xcObfUJOj9rjlGCh0CDh/04ONl8SH8HBnM8guA
+RJI5S6vBHweVRopEZcF1sQm6wMf3ej/sGkyyNvJxRkY=
+-----END RSA PRIVATE KEY-----
--- /dev/null
+-----BEGIN CERTIFICATE-----
+MIIBozCCAQwCCQDd5/rocjG5vDANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwd1
+bmJvdW5kMB4XDTA4MDkyNjEyMjQ0NFoXDTI4MDYxMzEyMjQ0NFowGjEYMBYGA1UE
+AxMPdW5ib3VuZC1jb250cm9sMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDt
+i51Z6qASvAjPFFhLLlq8BwtsnmfqMPMn57dKAghb4OifeL4GSLOE02/hKDkdkOva
+UG2UqDNh2OoPTuJk4A+mG2LJoziFhHKlIebo9v2YiFWOBVtODWc3tXPT1IlSEN0x
+nAGelMmeLcPeCPe+A5IDlIHzF/+YiDgS38S9dL17owIDAQABMA0GCSqGSIb3DQEB
+BQUAA4GBAHpvcKqY48X9WsqogV16L+zT7iXhZ4tySA9EBk1a+0gud/iDPKSBi7mK
+4rzphVfb4S207dVmTG+1WNpa6l3pTGML6XLElxqIu/kr7w4cF0rKvZxWPsBRqYjH
+5HrK8CrQ0+YvUHXiu7IaACLGvKXY4Tqa3HQyvEtzLWJ4HhOrGx8F
+-----END CERTIFICATE-----
--- /dev/null
+-----BEGIN RSA PRIVATE KEY-----
+MIICWwIBAAKBgQC9hurNHBtB7QFEuPJOnCylUWUF2/US3v9yQQQXnstuXMQXRaq1
+1uviLmwaGurV9tngX59HITsBT74NQrtFKfEDLViLrm2arAM9Ozsn4tnv30HXPRDj
+UOc1M05Q7UzjaSrOv+TkPEqyhtUyaP1DYo0bcmbxtSkYc2ZEWCwhPklUwQIDAQAB
+AoGATjzZxN4ramWaNnJapJTX4U7eczK/0pB3xwSL2exVcjOdRzYdKH+WVIJxYb1m
+3/jNLFCNAeH356yxeevoPr73nG75YJ9I1ZWQWTnS3SDK6JD1+3pmAD0bQWFoitpf
+FoSH9H4X5gFB5vCZ99YVoYH1UXWPcgvUHwxz0voImt6lCKECQQD4YQ4A3M0+Ki8v
+Hl+5FKULnS0UtBkweCvkF/X1zZRjjYr6hLnqldFkkgTBKWe17pUXX0nwRMbP1YZX
+i+vDq5JNAkEAw1eYsmC0nVAMawo57N6LYavGv/n5u1cvpTpKDtn4cXH0Uqq13Kyu
+2FUTzan2NhCEK78UzbWaeewBJmxYda1+RQJAdShKk6uTAEyjnwUjv8h2JWlJN2fQ
+LeWxRlDrCruiz+aW9J4gl/99GoQpy/c83TshhjnDRZsbcDNWv/rXBZ/rTQJAFQva
+CtX6f7yBKgM3DHtJvyM3zbVMH9Ab9QxbsE/xwZ9KeKGl6Hm+eNZpxM3cFiUfaGs0
+/ZjkZOB1m0MvILaplQJAXC3PJ/E+87banGZRJl5qtS6/HoX5lH9TPkL8Essy7ANO
+2BT2OTQawD1A+VKIrQHXs085Of8tQUfrfHHt7s3Kqg==
+-----END RSA PRIVATE KEY-----
--- /dev/null
+-----BEGIN CERTIFICATE-----
+MIIBmzCCAQQCCQCDugnhq8B6LzANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwd1
+bmJvdW5kMB4XDTA4MDkyNjEyMjQ0M1oXDTI4MDYxMzEyMjQ0M1owEjEQMA4GA1UE
+AxMHdW5ib3VuZDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAvYbqzRwbQe0B
+RLjyTpwspVFlBdv1Et7/ckEEF57LblzEF0Wqtdbr4i5sGhrq1fbZ4F+fRyE7AU++
+DUK7RSnxAy1Yi65tmqwDPTs7J+LZ799B1z0Q41DnNTNOUO1M42kqzr/k5DxKsobV
+Mmj9Q2KNG3Jm8bUpGHNmRFgsIT5JVMECAwEAATANBgkqhkiG9w0BAQUFAAOBgQCy
+zGMW35/9xXoEWsuLFWUOaEKVq5DXuXtXbcMpDW6k2ELoraa305vh7Zwhj5JSqfcm
+O0xyqIzXvz/cYdyOTgEkdMDZ/EvQsxKTwvj6eA4614yB1r3Ju5eZd4Gpo6BHhSpu
+oqsrr0duJ+JOANTyaBplIxM1sjHbR4FGtmrFknBYBQ==
+-----END CERTIFICATE-----
--- /dev/null
+server:
+ verbosity: 4
+ # num-threads: 1
+ interface: 127.0.0.1
+ port: @PORT@
+ use-syslog: no
+ directory: ""
+ pidfile: "unbound.pid"
+ chroot: ""
+ username: ""
+ do-not-query-localhost: no
+remote-control:
+ control-enable: yes
+ control-interface: @PATH@/controlpipe.@PID@
+ control-use-cert: no
+ #server-key-file: "unbound_server.key"
+ #server-cert-file: "unbound_server.pem"
+ #control-key-file: "unbound_control.key"
+ #control-cert-file: "unbound_control.pem"
+forward-zone:
+ name: "."
+ forward-addr: "127.0.0.1@@TOPORT@"
+
--- /dev/null
+BaseName: ctrl_pipe
+Version: 1.0
+Description: unix pipe test unbound-control
+CreationDate: Fri 16 Jan 13:25:48 CET 2015
+Maintainer: dr. W.C.A. Wijngaards
+Category:
+Component:
+CmdDepends:
+Depends:
+Help:
+Pre: ctrl_pipe.pre
+Post: ctrl_pipe.post
+Test: ctrl_pipe.test
+AuxFiles:
+Passed:
+Failure:
--- /dev/null
+# #-- ctrl_pipe.post --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# source the test var file when it's there
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+#
+# do your teardown here
+. ../common.sh
+kill_pid $FWD_PID
+# it was stopped with unbound-control (if the test succeeded)
+kill $UNBOUND_PID >/dev/null 2>&1
+kill $UNBOUND_PID >/dev/null 2>&1
+
+rm -f $CONTROL_PATH/controlpipe.$CONTROL_PID
+exit 0
--- /dev/null
+# #-- ctrl_pipe.pre--#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+. ../common.sh
+get_random_port 2
+UNBOUND_PORT=$RND_PORT
+FWD_PORT=$(($RND_PORT + 1))
+echo "UNBOUND_PORT=$UNBOUND_PORT" >> .tpkg.var.test
+echo "FWD_PORT=$FWD_PORT" >> .tpkg.var.test
+
+# start forwarder
+get_ldns_testns
+$LDNS_TESTNS -p $FWD_PORT ctrl_pipe.testns >fwd.log 2>&1 &
+FWD_PID=$!
+echo "FWD_PID=$FWD_PID" >> .tpkg.var.test
+
+# make config file
+CONTROL_PATH=/tmp
+CONTROL_PID=$$
+sed -e 's/@PORT\@/'$UNBOUND_PORT'/' -e 's/@TOPORT\@/'$FWD_PORT'/' -e 's?@PATH\@?'$CONTROL_PATH'?' -e 's/@PID@/'$CONTROL_PID'/' < ctrl_pipe.conf > ub.conf
+# start unbound in the background
+PRE="../.."
+$PRE/unbound -d -c ub.conf >unbound.log 2>&1 &
+UNBOUND_PID=$!
+echo "UNBOUND_PID=$UNBOUND_PID" >> .tpkg.var.test
+echo "CONTROL_PATH=$CONTROL_PATH" >> .tpkg.var.test
+echo "CONTROL_PID=$CONTROL_PID" >> .tpkg.var.test
+
+cat .tpkg.var.test
+wait_ldns_testns_up fwd.log
+wait_unbound_up unbound.log
+
--- /dev/null
+# #-- ctrl_pipe.test --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+PRE="../.."
+
+# exit value is 1 on usage
+$PRE/unbound-control -c ub.conf status
+if test $? -ne 0; then
+ echo "wrong exit value."
+ cat fwd.log
+ cat unbound.log
+ exit 1
+else
+ echo "exit value: OK"
+fi
+$PRE/unbound-control -c ub.conf local_data froob.example.net A 192.0.2.1
+if test $? -ne 0; then
+ echo "wrong exit value."
+ cat fwd.log
+ cat unbound.log
+ exit 1
+else
+ echo "exit value: OK"
+fi
+
+
+# test if the server is up.
+echo "> dig www.example.com."
+dig @127.0.0.1 -p $UNBOUND_PORT www.example.com. | tee outfile
+echo "> check answer"
+if grep "10.20.30.40" outfile; then
+ echo "OK"
+else
+ echo "> cat logfiles"
+ cat fwd.log
+ cat unbound.log
+ echo "Not OK"
+ exit 1
+fi
+
+echo "> dig froob.example.net."
+dig @127.0.0.1 -p $UNBOUND_PORT froob.example.net. | tee outfile
+echo "> check answer"
+if grep "192.0.2.1" outfile; then
+ echo "OK"
+else
+ echo "> cat logfiles"
+ cat fwd.log
+ cat unbound.log
+ echo "Not OK"
+ exit 1
+fi
+
+echo "> cat logfiles"
+cat fwd.log
+cat unbound.log
+echo "> OK"
+exit 0
--- /dev/null
+; nameserver test file
+$ORIGIN example.com.
+$TTL 3600
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id
+SECTION QUESTION
+www IN A
+SECTION ANSWER
+www IN A 10.20.30.40
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA SERVFAIL
+ADJUST copy_id
+SECTION QUESTION
+www.example.net. IN A
+ENTRY_END
+
--- /dev/null
+-----BEGIN RSA PRIVATE KEY-----
+MIICXAIBAAKBgQDD6DogNCsSeEa1u99+6PUVbGzjMzzei9MIK6s94+zcpp7OAOBa
+rzPA0vlyuNtUsEN3qwPomQQQmIgbT7OXkzC1wqioxwa609xoL8oW/I7e336rEyvH
+ST6JwUdIg0Lzg/USJ81eTwMnzYSd4Bpsqr9eP33ubaR7Gh/6o76loLOlcQIDAQAB
+AoGAFT3e35MIgI4uDJJ8X0RfHp2NCO2LUg4TKbWical/C0W9vlR1/x80G1pE1d2Z
+WotqJVWTrOq6eBox19RCgtLg2wPGk9uD62+9SDT37heWFlUCElWq50pQG6k9ThiG
+DDypkZyZ/52+DdWybiaQJkuK6O5qQXuNAtVJMpghu4GnHAECQQDsupnZUQDpapzr
+4FC4MSkL2+A1PRt6g4VhwoqOpJXaHfVnH6F7AwUuOLNwGdR5Cvv70pfJ7Jqg8L2m
+Kxyl5bORAkEA09rn34YQ0pHJdHidbl2kInIuYTz09+TO3LWwan17nISH9aaYvVDr
+p9x1B4Qzw9qyxT9oll7ze/5Rw/7C3AQj4QJAT2B2a+b8bkgAXBs4FbruL3rHoDJg
+P2FQXSpVOWU4lg2LlsuFYvDtUMVUbZdLplanjZXcral3Y9W1Ub2M+ped8QJAYQN+
+aRpge7ys7vwIw7B36Bo3aOncF+ScYe+FkM5Tm7II/JHEofT7ZQwMP1vnxIlSkgbe
+YvWqNB6a3NC99LikoQJBAM4UhDdRg63Tr6Idky6CQaH///zAN7nArJfffKGWFdw9
+DKrWpNqvYZtX/cfEJucKcRCm5YL8CKFYbQy4VoCxUcE=
+-----END RSA PRIVATE KEY-----
--- /dev/null
+-----BEGIN CERTIFICATE-----
+MIIBozCCAQwCCQD6XaN6FzW/4DANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwd1
+bmJvdW5kMB4XDTA4MDkxMTA5MDk0MFoXDTI4MDUyOTA5MDk0MFowGjEYMBYGA1UE
+AxMPdW5ib3VuZC1jb250cm9sMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDD
+6DogNCsSeEa1u99+6PUVbGzjMzzei9MIK6s94+zcpp7OAOBarzPA0vlyuNtUsEN3
+qwPomQQQmIgbT7OXkzC1wqioxwa609xoL8oW/I7e336rEyvHST6JwUdIg0Lzg/US
+J81eTwMnzYSd4Bpsqr9eP33ubaR7Gh/6o76loLOlcQIDAQABMA0GCSqGSIb3DQEB
+BQUAA4GBAGFAXmaQHuFgAuc6HVhYZJdToxLBhfxGpot4oZNjcb1Cdoz3OL34MU1B
+9E5psj2PpGPIi8/RwoqBtAJHJ+J5cWngo03o4ZmdwKNSzaxlp141z/3rUtFqEHEC
+iO6gPCT3U7dt6MyC7r6vdMqyW6aldP3CtwD0gQziKAMoj+TAfAcq
+-----END CERTIFICATE-----
--- /dev/null
+-----BEGIN RSA PRIVATE KEY-----
+MIICWwIBAAKBgQC3F7Jsv2u01pLL9rFnjsMU/IaCFUIz/624DcaE84Z4gjMl5kWA
+3axQcqul1wlwSrbKwrony+d9hH/+MX0tZwvl8w3OmhmOAiaQ+SHCsIuOjVwQjX0s
+RLB61Pz5+PAiVvnPa9JIYB5QrK6DVEsxIHj8MOc5JKORrnESsFDh6yeMeQIDAQAB
+AoGAAuWoGBprTOA8UGfl5LqYkaNxSWumsYXxLMFjC8WCsjN1NbtQDDr1uAwodSZS
+6ujzvX+ZTHnofs7y64XC8k34HTOCD2zlW7kijWbT8YjRYFU6o9F5zUGD9RCan0ds
+sVscT2psLSzfdsmFAcbmnGdxYkXk2PC1FHtaqExxehralGUCQQDcqrg9uQKXlhQi
+XAaPr8SiWvtRm2a9IMMZkRfUWZclPHq6fCWNuUaCD+cTat4wAuqeknAz33VEosw3
+fXGsok//AkEA1GjIHXrOcSlpfVJb6NeOBugjRtZ7ZDT5gbtnMS9ob0qntKV6saaL
+CNmJwuD9Q3XkU5j1+uHvYGP2NzcJd2CjhwJACV0hNlVMe9w9fHvFN4Gw6WbM9ViP
+0oS6YrJafYNTu5vGZXVxLoNnL4u3NYa6aPUmuZXjNwBLfJ8f5VboZPf6RwJAINd2
+oYA8bSi/A755MX4qmozH74r4Fx1Nuq5UHTm8RwDe/0Javx8F/j9MWpJY9lZDEF3l
+In5OebPa/NyInSmW/wJAZuP9aRn0nDBkHYri++1A7NykMiJ/nH0mDECbnk+wxx0S
+LwqIetBhxb8eQwMg45+iAH7CHAMQ8BQuF/nFE6eotg==
+-----END RSA PRIVATE KEY-----
--- /dev/null
+-----BEGIN CERTIFICATE-----
+MIIBmzCCAQQCCQDsNJ1UmphEFzANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwd1
+bmJvdW5kMB4XDTA4MDkxMTA5MDk0MFoXDTI4MDUyOTA5MDk0MFowEjEQMA4GA1UE
+AxMHdW5ib3VuZDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAtxeybL9rtNaS
+y/axZ47DFPyGghVCM/+tuA3GhPOGeIIzJeZFgN2sUHKrpdcJcEq2ysK6J8vnfYR/
+/jF9LWcL5fMNzpoZjgImkPkhwrCLjo1cEI19LESwetT8+fjwIlb5z2vSSGAeUKyu
+g1RLMSB4/DDnOSSjka5xErBQ4esnjHkCAwEAATANBgkqhkiG9w0BAQUFAAOBgQAZ
+9N0lnLENs4JMvPS+mn8C5m9bkkFITd32IiLjf0zgYpIUbFXH6XaEr9GNZBUG8feG
+l/6WRXnbnVSblI5odQ4XxGZ9inYY6qtW30uv76HvoKp+QZ1c3460ddR8NauhcCHH
+Z7S+QbLXi+r2JAhpPozZCjBHlRD0ixzA1mKQTJhJZg==
+-----END CERTIFICATE-----
--- /dev/null
+°Ù`½\eéj0Èu¼\ 1x\82¶t[
+]Ù\13uRª³@\9d;f]Z<
\ No newline at end of file
--- /dev/null
+server:
+ verbosity: 2
+ # num-threads: 1
+ port: @PORT@
+ interface: 0.0.0.0
+ interface: 0.0.0.0@@DNSCRYPT_PORT@
+ use-syslog: no
+ directory: .
+ pidfile: "unbound.pid"
+ chroot: ""
+ username: ""
+ do-not-query-localhost: no
+
+forward-zone:
+ name: "."
+ forward-addr: "127.0.0.1@@TOPORT@"
+
+dnscrypt:
+ dnscrypt-enable: yes
+ dnscrypt-port: @DNSCRYPT_PORT@
+ dnscrypt-provider: 2.dnscrypt-cert.example.com.
+ dnscrypt-secret-key: 1.key
+ dnscrypt-secret-key: 2.key
+ dnscrypt-provider-cert: 1.cert
+ dnscrypt-provider-cert: 2.cert
+
--- /dev/null
+BaseName: dnscrypt_cert
+Version: 1.0
+Description: dnscrypt cert retrieval.
+CreationDate: Fri Mar 03 10:08:08 CEST 2017
+Maintainer: Emmanuel Bretelle
+Category:
+Component:
+CmdDepends:
+Depends:
+Help:
+Pre: dnscrypt_cert.pre
+Post: dnscrypt_cert.post
+Test: dnscrypt_cert.test
+AuxFiles:
+Passed:
+Failure:
--- /dev/null
+# #-- dnscrypt_cert.post --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# source the test var file when it's there
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+#
+# do your teardown here
+PRE="../.."
+. ../common.sh
+
+# Check if we can run the test.
+. ./precheck.sh
+
+kill_pid $FWD_PID
+kill_pid $UNBOUND_PID
+
--- /dev/null
+# #-- dnscrypt_cert.pre--#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+PRE="../.."
+. ../common.sh
+
+# Check if we can run the test.
+. ./precheck.sh
+
+get_random_port 3
+UNBOUND_PORT=$RND_PORT
+FWD_PORT=$(($RND_PORT + 1))
+DNSCRYPT_PORT=$(($RND_PORT + 2))
+echo "UNBOUND_PORT=$UNBOUND_PORT" >> .tpkg.var.test
+echo "FWD_PORT=$FWD_PORT" >> .tpkg.var.test
+echo "DNSCRYPT_PORT=$DNSCRYPT_PORT" >> .tpkg.var.test
+
+# start forwarder
+get_ldns_testns
+$LDNS_TESTNS -p $FWD_PORT dnscrypt_cert.testns >fwd.log 2>&1 &
+FWD_PID=$!
+echo "FWD_PID=$FWD_PID" >> .tpkg.var.test
+
+# make config file
+sed -e 's/@PORT\@/'$UNBOUND_PORT'/' -e 's/@TOPORT\@/'$FWD_PORT'/' \
+ -e 's/@DNSCRYPT_PORT\@/'$DNSCRYPT_PORT'/' < dnscrypt_cert.conf > ub.conf
+# start unbound in the background
+$PRE/unbound -d -c ub.conf >unbound.log 2>&1 &
+UNBOUND_PID=$!
+echo "UNBOUND_PID=$UNBOUND_PID" >> .tpkg.var.test
+
+cat .tpkg.var.test
+wait_ldns_testns_up fwd.log
+wait_unbound_up unbound.log
+
--- /dev/null
+# #-- dnscrypt_cert.test --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+PRE="../.."
+. ../common.sh
+
+# Check if we can run the test.
+. ./precheck.sh
+
+# do the test
+
+# Query plain request over DNSCrypt channel get closed
+# We use TCP to avoid hanging on waiting for UDP.
+# We expect `outfile` to contain no DNS payload
+echo "> dig TCP www.example.com. DNSCrypt port"
+dig +tcp @127.0.0.1 -p $DNSCRYPT_PORT www.example.com. A | tee outfile
+echo "> cat logfiles"
+cat fwd.log
+cat unbound.log
+echo "> check answer"
+if grep "QUESTION SECTION" outfile; then
+ echo "NOK"
+ exit 1
+else
+ echo "OK"
+fi
+
+
+# Plaintext query on unbound port works correctly.
+echo "> dig www.example.com."
+dig @127.0.0.1 -p $UNBOUND_PORT www.example.com. A | tee outfile
+echo "> cat logfiles"
+cat fwd.log
+cat unbound.log
+echo "> check answer"
+if grep "10.20.30.42" outfile; then
+ echo "OK"
+else
+ echo "Not OK"
+ exit 1
+fi
+
+# Plaintext query on unbound port works correctly with TCP.
+echo "> dig TCP www.example.com."
+dig +tcp @127.0.0.1 -p $UNBOUND_PORT www.example.com. A | tee outfile
+echo "> cat logfiles"
+cat fwd.log
+cat unbound.log
+echo "> check answer"
+if grep "10.20.30.42" outfile; then
+ echo "OK"
+else
+ echo "Not OK"
+ exit 1
+fi
+
+for opt in '' '+tcp'
+do
+ # Plaintext query on dnscrypt port returns cert when asking for providername/TXT.
+ # Check that it returns 1.cert.
+ echo "> dig TXT 2.dnscrypt-cert.example.com. 1.CERT. DNSCrypt plaintext ${opt}"
+ dig ${opt} @127.0.0.1 -p $DNSCRYPT_PORT 2.dnscrypt-cert.example.com. TXT | tee outfile
+ echo "> cat logfiles"
+ cat fwd.log
+ cat unbound.log
+ echo "> check answer"
+ if grep 'DNSC\\000\\001\\000\\000+WS\\171'"'"'OMF\\003\\240:\\012`uD\\029\\147\\\\\\013\\027f^\\169\\247\\231\\132\\001\\238\\004\\205\\221\\028Z\\243MpaN4\\024\\212l\\177?\\240,\\129f\\028\\147Aj\\184S\\205}1\\176e\\226\\190:\\017\\011O\\157\\007\[s6q\\150\\128\\169\\016J5cD\\237\\242:\\2500\\005U\\203\\161\\146\\132\\133)js./O\\157\\007\[s6q\\150W\\1904\\234W\\1904\\234Y\\159hj' outfile; then
+ echo "OK"
+ else
+ echo "Not OK"
+ exit 1
+ fi
+
+ # Plaintext query on dnscrypt port returns cert when asking for providername/TXT.
+ # Check that it returns 2.cert.
+ echo "> dig TXT 2.dnscrypt-cert.example.com. 2.CERT. DNSCrypt plaintext ${opt}"
+ dig ${opt} @127.0.0.1 -p $DNSCRYPT_PORT 2.dnscrypt-cert.example.com. TXT | tee outfile
+ echo "> cat logfiles"
+ cat fwd.log
+ cat unbound.log
+ echo "> check answer"
+ if grep 'DNSC\\000\\001\\000\\000\\219\\128\\220\\027\\009\\177\\002\\188\\011\\1524\\005\\213\\014\\210\\004F8i\\190\\000\\004bU\\144\\141\\129bf\\179\\187a:\\174\\187\\005\\1596\\206\\005\\250\\247\\243\\242e\\226\\166\\161\\250\\184\\163w\\224xj\\134\\131h\\011\\209R<\\224\\003\\142v\\190R\\193\\167\\011g\\"\\206\\210\\234|\\209\\234\\023\\216\\249eE\\163p\\143\\023)4\\149\\177}0~6\\142v\\190R\\193\\167\\011gX.\\162\\232X.\\162\\232Z\\015\\214h' outfile; then
+ echo "OK"
+ else
+ echo "NOK"
+ exit 1
+ fi
+
+ # Certificates are local-data for unbound. We can also retrieve them from unbound
+ # port.
+ echo "> dig TXT 2.dnscrypt-cert.example.com. 1.CERT. Unbound ${opt}"
+ dig ${opt} @127.0.0.1 -p $UNBOUND_PORT 2.dnscrypt-cert.example.com. TXT | tee outfile
+ echo "> cat logfiles"
+ cat fwd.log
+ cat unbound.log
+ echo "> check answer"
+ if grep 'DNSC\\000\\001\\000\\000+WS\\171'"'"'OMF\\003\\240:\\012`uD\\029\\147\\\\\\013\\027f^\\169\\247\\231\\132\\001\\238\\004\\205\\221\\028Z\\243MpaN4\\024\\212l\\177?\\240,\\129f\\028\\147Aj\\184S\\205}1\\176e\\226\\190:\\017\\011O\\157\\007\[s6q\\150\\128\\169\\016J5cD\\237\\242:\\2500\\005U\\203\\161\\146\\132\\133)js./O\\157\\007\[s6q\\150W\\1904\\234W\\1904\\234Y\\159hj' outfile; then
+ echo "OK"
+ else
+ echo "Not OK"
+ exit 1
+ fi
+done
+
+exit 0
--- /dev/null
+; nameserver test file
+$ORIGIN example.com.
+$TTL 3600
+
+ENTRY_BEGIN
+MATCH opcode qtype qname UDP
+REPLY QR AA TC NOERROR
+ADJUST copy_id
+SECTION QUESTION
+www IN A
+SECTION ANSWER
+www IN A 10.20.30.40
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode qtype qname TCP
+REPLY QR AA NOERROR
+ADJUST copy_id
+SECTION QUESTION
+www IN A
+SECTION ANSWER
+www IN A 10.20.30.40
+www IN A 10.20.30.41
+www IN A 10.20.30.42
+ENTRY_END
+
--- /dev/null
+# dnscrypt precheck.sh
+
+# if no dnscrypt; exit
+if grep "define USE_DNSCRYPT 1" $PRE/config.h; then
+ echo "have dnscrypt"
+else
+ echo "no dnscrypt"
+ exit 0
+fi
+
+# if no xchacha20 support in unbound; exit
+if grep "define USE_DNSCRYPT_XCHACHA20 1" $PRE/config.h; then
+ xchacha20=1
+else
+ xchacha20=0
+fi
--- /dev/null
+°Ù`½\eéj0Èu¼\ 1x\82¶t[
+]Ù\13uRª³@\9d;f]Z<
\ No newline at end of file
--- /dev/null
+server:
+ verbosity: 2
+ # num-threads: 1
+ port: @PORT@
+ interface: 0.0.0.0
+ interface: 0.0.0.0@@DNSCRYPT_PORT@
+ use-syslog: no
+ directory: .
+ pidfile: "unbound.pid"
+ chroot: ""
+ username: ""
+ do-not-query-localhost: no
+
+forward-zone:
+ name: "."
+ forward-addr: "127.0.0.1@@TOPORT@"
+
+dnscrypt:
+ dnscrypt-enable: yes
+ dnscrypt-port: @DNSCRYPT_PORT@
+ dnscrypt-provider: 2.dnscrypt-cert.example.com.
+ dnscrypt-secret-key: 1.key
+ dnscrypt-secret-key: 2.key
+ dnscrypt-provider-cert: 1.cert
+ dnscrypt-provider-cert: 2_chacha.cert
+ dnscrypt-provider-cert: 2.cert
+
--- /dev/null
+BaseName: dnscrypt_cert_chacha
+Version: 1.0
+Description: dnscrypt cert retrieval.
+CreationDate: Fri Mar 03 10:08:08 CEST 2017
+Maintainer: Emmanuel Bretelle
+Category:
+Component:
+CmdDepends:
+Depends:
+Help:
+Pre: dnscrypt_cert_chacha.pre
+Post: dnscrypt_cert_chacha.post
+Test: dnscrypt_cert_chacha.test
+AuxFiles:
+Passed:
+Failure:
--- /dev/null
+# #-- dnscrypt_cert_chacha.post --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# source the test var file when it's there
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+#
+# do your teardown here
+PRE="../.."
+. ../common.sh
+
+# Check if we can run the test.
+. ./precheck.sh
+
+kill_pid $FWD_PID
+if [ $xchacha20 -ne 0 ]; then
+ kill_pid $UNBOUND_PID
+fi
--- /dev/null
+# #-- dnscrypt_cert_chacha.pre--#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+PRE="../.."
+. ../common.sh
+
+# Check if we can run the test.
+. ./precheck.sh
+
+get_random_port 3
+UNBOUND_PORT=$RND_PORT
+FWD_PORT=$(($RND_PORT + 1))
+DNSCRYPT_PORT=$(($RND_PORT + 2))
+echo "UNBOUND_PORT=$UNBOUND_PORT" >> .tpkg.var.test
+echo "FWD_PORT=$FWD_PORT" >> .tpkg.var.test
+echo "DNSCRYPT_PORT=$DNSCRYPT_PORT" >> .tpkg.var.test
+
+# start forwarder
+get_ldns_testns
+$LDNS_TESTNS -p $FWD_PORT dnscrypt_cert_chacha.testns >fwd.log 2>&1 &
+FWD_PID=$!
+echo "FWD_PID=$FWD_PID" >> .tpkg.var.test
+
+# make config file
+sed -e 's/@PORT\@/'$UNBOUND_PORT'/' -e 's/@TOPORT\@/'$FWD_PORT'/' \
+ -e 's/@DNSCRYPT_PORT\@/'$DNSCRYPT_PORT'/' < dnscrypt_cert_chacha.conf > ub.conf
+# start unbound in the background
+$PRE/unbound -d -c ub.conf >unbound.log 2>&1 &
+UNBOUND_PID=$!
+echo "UNBOUND_PID=$UNBOUND_PID" >> .tpkg.var.test
+
+cat .tpkg.var.test
+wait_ldns_testns_up fwd.log
+if [ $xchacha20 -eq 0 ]; then
+ # no xchacha20 support, we expect unbound to exit with an error message.
+ wait_server_up unbound.log "Certificate for XChacha20 but libsodium does not support it"
+else
+ wait_unbound_up unbound.log
+fi
+
--- /dev/null
+# #-- dnscrypt_cert_chacha.test --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+PRE="../.."
+. ../common.sh
+# Check if we can run the test.
+. ./precheck.sh
+
+# do the test
+
+if [ $xchacha20 -eq 0 ]; then
+ # Unbound would exit before we can attempt any tests.
+ echo "OK"
+ exit 0
+fi
+
+# Query plain request over DNSCrypt channel get closed
+# We use TCP to avoid hanging on waiting for UDP.
+# We expect `outfile` to contain no DNS payload
+echo "> dig TCP www.example.com. DNSCrypt port"
+dig +tcp @127.0.0.1 -p $DNSCRYPT_PORT www.example.com. A | tee outfile
+echo "> cat logfiles"
+cat fwd.log
+cat unbound.log
+echo "> check answer"
+if grep "QUESTION SECTION" outfile; then
+ echo "NOK"
+ exit 1
+else
+ echo "OK"
+fi
+
+
+# Plaintext query on unbound port works correctly.
+echo "> dig www.example.com."
+dig @127.0.0.1 -p $UNBOUND_PORT www.example.com. A | tee outfile
+echo "> cat logfiles"
+cat fwd.log
+cat unbound.log
+echo "> check answer"
+if grep "10.20.30.42" outfile; then
+ echo "OK"
+else
+ echo "Not OK"
+ exit 1
+fi
+
+# Plaintext query on unbound port works correctly with TCP.
+echo "> dig TCP www.example.com."
+dig +tcp @127.0.0.1 -p $UNBOUND_PORT www.example.com. A | tee outfile
+echo "> cat logfiles"
+cat fwd.log
+cat unbound.log
+echo "> check answer"
+if grep "10.20.30.42" outfile; then
+ echo "OK"
+else
+ echo "Not OK"
+ exit 1
+fi
+
+for opt in '' '+tcp'
+do
+ # Plaintext query on dnscrypt port returns cert when asking for providername/TXT.
+ # Check that it returns 1.cert.
+ echo "> dig TXT 2.dnscrypt-cert.example.com. 1.CERT. DNSCrypt plaintext ${opt}"
+ dig ${opt} @127.0.0.1 -p $DNSCRYPT_PORT 2.dnscrypt-cert.example.com. TXT | tee outfile
+ echo "> cat logfiles"
+ cat fwd.log
+ cat unbound.log
+ echo "> check answer"
+ if grep 'DNSC\\000\\001\\000\\000+WS\\171'"'"'OMF\\003\\240:\\012`uD\\029\\147\\\\\\013\\027f^\\169\\247\\231\\132\\001\\238\\004\\205\\221\\028Z\\243MpaN4\\024\\212l\\177?\\240,\\129f\\028\\147Aj\\184S\\205}1\\176e\\226\\190:\\017\\011O\\157\\007\[s6q\\150\\128\\169\\016J5cD\\237\\242:\\2500\\005U\\203\\161\\146\\132\\133)js./O\\157\\007\[s6q\\150W\\1904\\234W\\1904\\234Y\\159hj' outfile; then
+ echo "OK"
+ else
+ echo "Not OK"
+ exit 1
+ fi
+
+ # Plaintext query on dnscrypt port returns cert when asking for providername/TXT.
+ # Check that it returns 2.cert.
+ echo "> dig TXT 2.dnscrypt-cert.example.com. 2.CERT. DNSCrypt plaintext ${opt}"
+ dig ${opt} @127.0.0.1 -p $DNSCRYPT_PORT 2.dnscrypt-cert.example.com. TXT | tee outfile
+ echo "> cat logfiles"
+ cat fwd.log
+ cat unbound.log
+ echo "> check answer"
+ if grep 'DNSC\\000\\001\\000\\000\\219\\128\\220\\027\\009\\177\\002\\188\\011\\1524\\005\\213\\014\\210\\004F8i\\190\\000\\004bU\\144\\141\\129bf\\179\\187a:\\174\\187\\005\\1596\\206\\005\\250\\247\\243\\242e\\226\\166\\161\\250\\184\\163w\\224xj\\134\\131h\\011\\209R<\\224\\003\\142v\\190R\\193\\167\\011g\\"\\206\\210\\234|\\209\\234\\023\\216\\249eE\\163p\\143\\023)4\\149\\177}0~6\\142v\\190R\\193\\167\\011gX.\\162\\232X.\\162\\232Z\\015\\214h' outfile; then
+ echo "OK"
+ else
+ echo "NOK"
+ exit 1
+ fi
+
+ # Plaintext query on dnscrypt port returns cert when asking for providername/TXT.
+ # Check that it returns 2_chacha.cert
+ echo "> dig TXT 2.dnscrypt-cert.example.com. 2_CHACHA.CERT. DNSCrypt plaintext ${opt}"
+ dig ${opt} @127.0.0.1 -p $DNSCRYPT_PORT 2.dnscrypt-cert.example.com. TXT | tee outfile
+ echo "> cat logfiles"
+ cat fwd.log
+ cat unbound.log
+ echo "> check answer"
+ grep 'DNSC\\000\\002\\000\\000\\249\\143\\\?;\\160H$tX\\153\\239^\\171\\160\\204`\\012mjU\\214a\\142\\138u\\161\\160W_\\012\\207x2A\\243=B+\\171X\\167tN\\202\\016\\213\\183\\012\\138\\161\\182\\204\\158\.^\\011ZQ\\003\\0214Nz\\210\\001\\142v\\190R\\193\\167\\011g\\"\\206\\210\\234|\\209\\234\\023\\216\\249eE\\163p\\143\\023)4\\149\\177}0~6\\143v\\190R\\193\\167\\011gX\\200\\231\\160X\\200\\231\\160Z\\170\\027' outfile
+ cert_found=$?
+ if [ \( $cert_found -eq 0 -a $xchacha20 -eq 1 \) -o \( $cert_found -ne 0 -a $xchacha20 -eq 0 \) ]; then
+ echo "OK"
+ else
+ echo "Not OK"
+ exit 1
+ fi
+
+ # Certificates are local-data for unbound. We can also retrieve them from unbound
+ # port.
+ echo "> dig TXT 2.dnscrypt-cert.example.com. 1.CERT. Unbound ${opt}"
+ dig ${opt} @127.0.0.1 -p $UNBOUND_PORT 2.dnscrypt-cert.example.com. TXT | tee outfile
+ echo "> cat logfiles"
+ cat fwd.log
+ cat unbound.log
+ echo "> check answer"
+ if grep 'DNSC\\000\\001\\000\\000+WS\\171'"'"'OMF\\003\\240:\\012`uD\\029\\147\\\\\\013\\027f^\\169\\247\\231\\132\\001\\238\\004\\205\\221\\028Z\\243MpaN4\\024\\212l\\177?\\240,\\129f\\028\\147Aj\\184S\\205}1\\176e\\226\\190:\\017\\011O\\157\\007\[s6q\\150\\128\\169\\016J5cD\\237\\242:\\2500\\005U\\203\\161\\146\\132\\133)js./O\\157\\007\[s6q\\150W\\1904\\234W\\1904\\234Y\\159hj' outfile; then
+ echo "OK"
+ else
+ echo "Not OK"
+ exit 1
+ fi
+done
+
+exit 0
--- /dev/null
+; nameserver test file
+$ORIGIN example.com.
+$TTL 3600
+
+ENTRY_BEGIN
+MATCH opcode qtype qname UDP
+REPLY QR AA TC NOERROR
+ADJUST copy_id
+SECTION QUESTION
+www IN A
+SECTION ANSWER
+www IN A 10.20.30.40
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode qtype qname TCP
+REPLY QR AA NOERROR
+ADJUST copy_id
+SECTION QUESTION
+www IN A
+SECTION ANSWER
+www IN A 10.20.30.40
+www IN A 10.20.30.41
+www IN A 10.20.30.42
+ENTRY_END
+
--- /dev/null
+# dnscrypt precheck.sh
+
+# if no dnscrypt; exit
+if grep "define USE_DNSCRYPT 1" $PRE/config.h; then
+ echo "have dnscrypt"
+else
+ echo "no dnscrypt"
+ exit 0
+fi
+
+# if no xchacha20 support in unbound; exit
+if grep "define USE_DNSCRYPT_XCHACHA20 1" $PRE/config.h; then
+ xchacha20=1
+else
+ xchacha20=0
+fi
--- /dev/null
+°Ù`½\eéj0Èu¼\ 1x\82¶t[
+]Ù\13uRª³@\9d;f]Z<
\ No newline at end of file
--- /dev/null
+server:
+ verbosity: 2
+ # num-threads: 1
+ port: @PORT@
+ interface: 0.0.0.0
+ interface: 0.0.0.0@@DNSCRYPT_PORT@
+ use-syslog: no
+ directory: .
+ pidfile: "unbound.pid"
+ chroot: ""
+ username: ""
+ do-not-query-localhost: no
+
+forward-zone:
+ name: "."
+ forward-addr: "127.0.0.1@@TOPORT@"
+
+dnscrypt:
+ dnscrypt-enable: yes
+ dnscrypt-port: @DNSCRYPT_PORT@
+ dnscrypt-provider: 2.dnscrypt-cert.example.com.
+ dnscrypt-secret-key: 1.key
+ dnscrypt-secret-key: 2.key
+ dnscrypt-provider-cert: 1.cert
+ dnscrypt-provider-cert: 2.cert
+
--- /dev/null
+BaseName: dnscrypt_queries
+Version: 1.0
+Description: dnscrypt queries.
+CreationDate: Fri Mar 03 10:08:08 CEST 2017
+Maintainer: Emmanuel Bretelle
+Category:
+Component:
+CmdDepends:
+Depends:
+Help:
+Pre: dnscrypt_queries.pre
+Post: dnscrypt_queries.post
+Test: dnscrypt_queries.test
+AuxFiles:
+Passed:
+Failure:
--- /dev/null
+# #-- dnscrypt_queries.post --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# source the test var file when it's there
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+#
+# do your teardown here
+PRE="../.."
+. ../common.sh
+# if no dnscrypt; exit
+if grep "define USE_DNSCRYPT 1" $PRE/config.h; then
+ echo "have dnscrypt"
+else
+ echo "no dnscrypt"
+ exit 0
+fi
+
+kill_pid $FWD_PID
+kill_pid $UNBOUND_PID
+kill_pid $PROXY_PID
--- /dev/null
+# #-- dnscrypt_queries.pre--#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+PRE="../.."
+. ../common.sh
+# if no dnscrypt; exit
+if grep "define USE_DNSCRYPT 1" $PRE/config.h; then
+ echo "have dnscrypt"
+else
+ echo "no dnscrypt"
+ exit 0
+fi
+
+get_random_port 4
+UNBOUND_PORT=$RND_PORT
+FWD_PORT=$(($RND_PORT + 1))
+DNSCRYPT_PORT=$(($RND_PORT + 2))
+PROXY_PORT=$(($RND_PORT + 3))
+echo "UNBOUND_PORT=$UNBOUND_PORT" >> .tpkg.var.test
+echo "FWD_PORT=$FWD_PORT" >> .tpkg.var.test
+echo "DNSCRYPT_PORT=$DNSCRYPT_PORT" >> .tpkg.var.test
+echo "PROXY_PORT=$PROXY_PORT" >> .tpkg.var.test
+
+# start forwarder
+get_ldns_testns
+$LDNS_TESTNS -p $FWD_PORT dnscrypt_queries.testns >fwd.log 2>&1 &
+FWD_PID=$!
+echo "FWD_PID=$FWD_PID" >> .tpkg.var.test
+
+dnscrypt-proxy --local-address=127.0.0.1:${PROXY_PORT} \
+ --resolver-address=127.0.0.1:${DNSCRYPT_PORT} \
+ --provider-name=2.dnscrypt-cert.example.com \
+ --provider-key=B85F:41A1:4F23:F7DB:C866:F397:CC6F:44B6:5F9D:65C5:B629:7C27:5403:A6E9:DCF2:4F9D \
+ -m 32 \
+ >dnscryptproxy.log 2>&1 &
+PROXY_PID=$!
+echo "PROXY_PID=$PROXY_PID" >> .tpkg.var.test
+
+# make config file
+sed -e 's/@PORT\@/'$UNBOUND_PORT'/' -e 's/@TOPORT\@/'$FWD_PORT'/' \
+ -e 's/@DNSCRYPT_PORT\@/'$DNSCRYPT_PORT'/' < dnscrypt_queries.conf > ub.conf
+# start unbound in the background
+$PRE/unbound -d -c ub.conf >unbound.log 2>&1 &
+UNBOUND_PID=$!
+echo "UNBOUND_PID=$UNBOUND_PID" >> .tpkg.var.test
+
+cat .tpkg.var.test
+wait_ldns_testns_up fwd.log
+wait_unbound_up unbound.log
+wait_server_up dnscryptproxy.log "Proxying from"
--- /dev/null
+# #-- dnscrypt_queries.test --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+PRE="../.."
+. ../common.sh
+# if no dnscrypt; exit
+if grep "define USE_DNSCRYPT 1" $PRE/config.h; then
+ echo "have dnscrypt"
+else
+ echo "no dnscrypt"
+ exit 0
+fi
+
+
+# do the test
+for opt in '' '+tcp'
+do
+ echo "> do queries ${opt}"
+ dig @127.0.0.1 ${opt} -p $PROXY_PORT www1.example.com. >outfile1 &
+ digpid1=$!
+ dig @127.0.0.1 ${opt} -p $PROXY_PORT www2.example.com. >outfile2 &
+ digpid2=$!
+ dig @127.0.0.1 ${opt} -p $PROXY_PORT www3.example.com. >outfile3 &
+ digpid3=$!
+ dig @127.0.0.1 ${opt} -p $PROXY_PORT www4.example.com. >outfile4 &
+ digpid4=$!
+ dig @127.0.0.1 ${opt} -p $PROXY_PORT www5.example.com. >outfile5 &
+ digpid5=$!
+ dig @127.0.0.1 ${opt} -p $PROXY_PORT www6.example.com. >outfile6 &
+ digpid6=$!
+ sleep 1
+ kill -9 $digpid1
+ kill -9 $digpid2
+ kill -9 $digpid3
+ kill -9 $digpid4
+ kill -9 $digpid5
+ kill -9 $digpid6
+
+ echo "> cat outfile1"
+ cat outfile1
+ echo "> cat outfile2"
+ cat outfile2
+ echo "> cat outfile3"
+ cat outfile3
+ echo "> cat outfile4"
+ cat outfile4
+ echo "> cat outfile5"
+ cat outfile5
+ echo "> cat outfile6"
+ cat outfile6
+ echo "> cat logfiles"
+ cat fwd.log
+ cat unbound.log
+
+ echo "> check for ID bit collisions"
+ grep "pending reply" unbound.log > ids
+ numsend=`cat ids | wc -l`
+ cat ids | awk '{print $8};' | sort -u > ids2
+ numuniq=`cat ids2 | wc -l`
+ if test $numuniq -ne $numsend; then
+ echo "got a ID number clash. could not do test, sorry"
+ exit 0
+ fi
+
+ echo "> check answers for queries"
+ if grep "10.20.30.40" outfile1; then
+ echo "1 is OK"
+ else
+ echo "1 is not OK"
+ exit 1
+ fi
+ if grep "10.20.30.50" outfile2; then
+ echo "2 is OK"
+ else
+ echo "2 is not OK"
+ exit 1
+ fi
+ if grep "10.20.30.60" outfile3; then
+ echo "3 is OK"
+ else
+ echo "3 is not OK"
+ exit 1
+ fi
+ if grep "10.20.30.70" outfile4; then
+ echo "4 is OK"
+ else
+ echo "4 is not OK"
+ exit 1
+ fi
+ if grep "10.20.30.80" outfile5; then
+ echo "5 is OK"
+ else
+ echo "5 is not OK"
+ exit 1
+ fi
+ if grep "10.20.30.90" outfile6; then
+ echo "6 is OK"
+ else
+ echo "6 is not OK"
+ exit 1
+ fi
+done
+
+exit 0
--- /dev/null
+; nameserver test file
+$ORIGIN example.com.
+$TTL 3600
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id
+SECTION QUESTION
+www1 IN A
+SECTION ANSWER
+www1 IN A 10.20.30.40
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id
+SECTION QUESTION
+www2 IN A
+SECTION ANSWER
+www2 IN A 10.20.30.50
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id
+SECTION QUESTION
+www3 IN A
+SECTION ANSWER
+www3 IN A 10.20.30.60
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id
+SECTION QUESTION
+www4 IN A
+SECTION ANSWER
+www4 IN A 10.20.30.70
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id
+SECTION QUESTION
+www5 IN A
+SECTION ANSWER
+www5 IN A 10.20.30.80
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id
+SECTION QUESTION
+www6 IN A
+SECTION ANSWER
+www6 IN A 10.20.30.90
+ENTRY_END
--- /dev/null
+°Ù`½\eéj0Èu¼\ 1x\82¶t[
+]Ù\13uRª³@\9d;f]Z<
\ No newline at end of file
--- /dev/null
+server:
+ verbosity: 2
+ # num-threads: 1
+ port: @PORT@
+ interface: 0.0.0.0
+ interface: 0.0.0.0@@DNSCRYPT_PORT@
+ use-syslog: no
+ directory: .
+ pidfile: "unbound.pid"
+ chroot: ""
+ username: ""
+ do-not-query-localhost: no
+
+forward-zone:
+ name: "."
+ forward-addr: "127.0.0.1@@TOPORT@"
+
+dnscrypt:
+ dnscrypt-enable: yes
+ dnscrypt-port: @DNSCRYPT_PORT@
+ dnscrypt-provider: 2.dnscrypt-cert.example.com.
+ dnscrypt-secret-key: 2.key
+ dnscrypt-provider-cert: 2_salsa.cert
+ dnscrypt-provider-cert: 2_chacha.cert
--- /dev/null
+BaseName: dnscrypt_queries_chacha
+Version: 1.0
+Description: dnscrypt queries using xchacha
+CreationDate: Thu Jun 01 10:08:08 CEST 2017
+Maintainer: Emmanuel Bretelle
+Category:
+Component:
+CmdDepends:
+Depends:
+Help:
+Pre: dnscrypt_queries_chacha.pre
+Post: dnscrypt_queries_chacha.post
+Test: dnscrypt_queries_chacha.test
+AuxFiles:
+Passed:
+Failure:
--- /dev/null
+# #-- dnscrypt_queries_chacha.post --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# source the test var file when it's there
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+#
+# do your teardown here
+PRE="../.."
+. ../common.sh
+
+# Check if we can run the test.
+. ./precheck.sh
+
+
+kill_pid $FWD_PID
+kill_pid $UNBOUND_PID
+kill_pid $PROXY_PID
--- /dev/null
+# #-- dnscrypt_queries_chacha.pre--#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+PRE="../.."
+. ../common.sh
+# Check if we can run the test.
+. ./precheck.sh
+
+get_random_port 4
+UNBOUND_PORT=$RND_PORT
+FWD_PORT=$(($RND_PORT + 1))
+DNSCRYPT_PORT=$(($RND_PORT + 2))
+PROXY_PORT=$(($RND_PORT + 3))
+echo "UNBOUND_PORT=$UNBOUND_PORT" >> .tpkg.var.test
+echo "FWD_PORT=$FWD_PORT" >> .tpkg.var.test
+echo "DNSCRYPT_PORT=$DNSCRYPT_PORT" >> .tpkg.var.test
+echo "PROXY_PORT=$PROXY_PORT" >> .tpkg.var.test
+
+# start forwarder
+get_ldns_testns
+$LDNS_TESTNS -p $FWD_PORT dnscrypt_queries_chacha.testns >fwd.log 2>&1 &
+FWD_PID=$!
+echo "FWD_PID=$FWD_PID" >> .tpkg.var.test
+
+dnscrypt-proxy --local-address=127.0.0.1:${PROXY_PORT} \
+ --resolver-address=127.0.0.1:${DNSCRYPT_PORT} \
+ --provider-name=2.dnscrypt-cert.example.com \
+ --provider-key=C352:1F20:F2D2:FD65:B5F4:7BF6:6C1A:88C1:4BCB:80CE:1E3A:3572:5CB1:7D4B:12D3:E783 \
+ -m 32 \
+ >dnscryptproxy.log 2>&1 &
+PROXY_PID=$!
+echo "PROXY_PID=$PROXY_PID" >> .tpkg.var.test
+
+# make config file
+sed -e 's/@PORT\@/'$UNBOUND_PORT'/' -e 's/@TOPORT\@/'$FWD_PORT'/' \
+ -e 's/@DNSCRYPT_PORT\@/'$DNSCRYPT_PORT'/' < dnscrypt_queries_chacha.conf > ub.conf
+# start unbound in the background
+$PRE/unbound -d -c ub.conf >unbound.log 2>&1 &
+UNBOUND_PID=$!
+echo "UNBOUND_PID=$UNBOUND_PID" >> .tpkg.var.test
+
+cat .tpkg.var.test
+wait_ldns_testns_up fwd.log
+wait_unbound_up unbound.log
+wait_server_up dnscryptproxy.log "Proxying from"
+if ! grep 'Using version 2.0 of the DNSCrypt protocol' dnscryptproxy.log; then
+ echo "Failed to select xchacha cert"
+ exit 1
+fi
--- /dev/null
+# #-- dnscrypt_queries_chacha.test --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+PRE="../.."
+. ../common.sh
+# Check if we can run the test.
+. ./precheck.sh
+
+# do the test
+for opt in '' '+tcp'
+do
+ echo "> do queries ${opt}"
+ dig @127.0.0.1 ${opt} -p $PROXY_PORT www1.example.com. >outfile1 &
+ digpid1=$!
+ dig @127.0.0.1 ${opt} -p $PROXY_PORT www2.example.com. >outfile2 &
+ digpid2=$!
+ dig @127.0.0.1 ${opt} -p $PROXY_PORT www3.example.com. >outfile3 &
+ digpid3=$!
+ dig @127.0.0.1 ${opt} -p $PROXY_PORT www4.example.com. >outfile4 &
+ digpid4=$!
+ dig @127.0.0.1 ${opt} -p $PROXY_PORT www5.example.com. >outfile5 &
+ digpid5=$!
+ dig @127.0.0.1 ${opt} -p $PROXY_PORT www6.example.com. >outfile6 &
+ digpid6=$!
+ sleep 1
+ kill -9 $digpid1
+ kill -9 $digpid2
+ kill -9 $digpid3
+ kill -9 $digpid4
+ kill -9 $digpid5
+ kill -9 $digpid6
+
+ echo "> cat outfile1"
+ cat outfile1
+ echo "> cat outfile2"
+ cat outfile2
+ echo "> cat outfile3"
+ cat outfile3
+ echo "> cat outfile4"
+ cat outfile4
+ echo "> cat outfile5"
+ cat outfile5
+ echo "> cat outfile6"
+ cat outfile6
+ echo "> cat logfiles"
+ cat fwd.log
+ cat unbound.log
+
+ echo "> check for ID bit collisions"
+ grep "pending reply" unbound.log > ids
+ numsend=`cat ids | wc -l`
+ cat ids | awk '{print $8};' | sort -u > ids2
+ numuniq=`cat ids2 | wc -l`
+ if test $numuniq -ne $numsend; then
+ echo "got a ID number clash. could not do test, sorry"
+ exit 0
+ fi
+
+ echo "> check answers for queries"
+ if grep "10.20.30.40" outfile1; then
+ echo "1 is OK"
+ else
+ echo "1 is not OK"
+ exit 1
+ fi
+ if grep "10.20.30.50" outfile2; then
+ echo "2 is OK"
+ else
+ echo "2 is not OK"
+ exit 1
+ fi
+ if grep "10.20.30.60" outfile3; then
+ echo "3 is OK"
+ else
+ echo "3 is not OK"
+ exit 1
+ fi
+ if grep "10.20.30.70" outfile4; then
+ echo "4 is OK"
+ else
+ echo "4 is not OK"
+ exit 1
+ fi
+ if grep "10.20.30.80" outfile5; then
+ echo "5 is OK"
+ else
+ echo "5 is not OK"
+ exit 1
+ fi
+ if grep "10.20.30.90" outfile6; then
+ echo "6 is OK"
+ else
+ echo "6 is not OK"
+ exit 1
+ fi
+done
+
+exit 0
--- /dev/null
+; nameserver test file
+$ORIGIN example.com.
+$TTL 3600
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id
+SECTION QUESTION
+www1 IN A
+SECTION ANSWER
+www1 IN A 10.20.30.40
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id
+SECTION QUESTION
+www2 IN A
+SECTION ANSWER
+www2 IN A 10.20.30.50
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id
+SECTION QUESTION
+www3 IN A
+SECTION ANSWER
+www3 IN A 10.20.30.60
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id
+SECTION QUESTION
+www4 IN A
+SECTION ANSWER
+www4 IN A 10.20.30.70
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id
+SECTION QUESTION
+www5 IN A
+SECTION ANSWER
+www5 IN A 10.20.30.80
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id
+SECTION QUESTION
+www6 IN A
+SECTION ANSWER
+www6 IN A 10.20.30.90
+ENTRY_END
--- /dev/null
+# dnscrypt precheck.sh
+
+# if no dnscrypt; exit
+if grep "define USE_DNSCRYPT 1" $PRE/config.h; then
+ echo "have dnscrypt"
+else
+ echo "no dnscrypt"
+ exit 0
+fi
+
+# if no xchacha20 support in unbound; exit
+if grep "define USE_DNSCRYPT_XCHACHA20 1" $PRE/config.h; then
+ echo "have xchacha20"
+ xchacha20=1
+else
+ echo "no xchacha20"
+ xchacha20=0
+ exit 0
+fi
+
+# if dnscrypt-proxy does not support xchacha20; exit
+if (dnscrypt-proxy -h 2>&1 | grep -q 'XChaCha20-Poly1305 cipher: present'); then
+ echo "dnscrypt-proxy has xchacha20"
+else
+ echo "dnscrypt-proxy does not have xchacha20"
+ exit 0
+fi
--- /dev/null
+server:
+ verbosity: 2
+ # num-threads: 1
+ interface: ::1
+ port: @PORT@
+ use-syslog: no
+ directory: ""
+ pidfile: "unbound.pid"
+ chroot: ""
+ username: ""
+ do-not-query-localhost: no
+stub-zone:
+ name: "example.net"
+ stub-addr: "127.0.0.1@@STUB2_PORT@"
+stub-zone:
+ name: "example.com"
+ stub-addr: "127.0.0.1@@STUB2_PORT@"
+# a k a root hints
+stub-zone:
+ name: "."
+ stub-addr: "::1@@STUB1_PORT@"
--- /dev/null
+BaseName: edns_cache
+Version: 1.0
+Description: Server does not support EDNS and cache this.
+CreationDate: Tue Nov 30 12:34:37 CET 2010
+Maintainer: dr. W.C.A. Wijngaards
+Category:
+Component:
+CmdDepends:
+Depends:
+Help:
+Pre: edns_cache.pre
+Post: edns_cache.post
+Test: edns_cache.test
+AuxFiles:
+Passed:
+Failure:
--- /dev/null
+# #-- edns_cache.post --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# source the test var file when it's there
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+#
+# do your teardown here
+. ../common.sh
+kill_pid $STUB1_PID
+kill_pid $STUB2_PID
+kill_pid $UNBOUND_PID
--- /dev/null
+# #-- edns_cache.pre--#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+. ../common.sh
+get_random_port 3
+UNBOUND_PORT=$RND_PORT
+STUB1_PORT=$(($RND_PORT + 1))
+STUB2_PORT=$(($RND_PORT + 2))
+echo "UNBOUND_PORT=$UNBOUND_PORT" >> .tpkg.var.test
+echo "STUB1_PORT=$STUB1_PORT" >> .tpkg.var.test
+echo "STUB2_PORT=$STUB2_PORT" >> .tpkg.var.test
+
+# start stub1
+get_ldns_testns
+$LDNS_TESTNS -6 -p $STUB1_PORT edns_cache.stub1 >stub1.log 2>&1 &
+STUB1_PID=$!
+echo "STUB1_PID=$STUB1_PID" >> .tpkg.var.test
+
+# start stub2
+$LDNS_TESTNS -p $STUB2_PORT edns_cache.stub2 >stub2.log 2>&1 &
+STUB2_PID=$!
+echo "STUB2_PID=$STUB2_PID" >> .tpkg.var.test
+
+# make config file
+sed -e 's/@PORT\@/'$UNBOUND_PORT'/' -e 's/@STUB1_PORT\@/'$STUB1_PORT'/' -e 's/@STUB2_PORT\@/'$STUB2_PORT'/' < edns_cache.conf > ub.conf
+# start unbound in the background
+PRE="../.."
+$PRE/unbound -d -c ub.conf >unbound.log 2>&1 &
+UNBOUND_PID=$!
+echo "UNBOUND_PID=$UNBOUND_PID" >> .tpkg.var.test
+
+cat .tpkg.var.test
+
+# wait for stubs to come up
+wait_ldns_testns_up stub1.log
+wait_ldns_testns_up stub2.log
+
+# wait for unbound to come up
+wait_unbound_up unbound.log
+
--- /dev/null
+; nameserver test file
+; this is ::1 and the EDNS working server.
+$ORIGIN .
+$TTL 3600
+
+; root prime
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id
+SECTION QUESTION
+. IN NS
+SECTION ANSWER
+. IN NS root.server.
+SECTION AUTHORITY
+SECTION ADDITIONAL
+root.server. IN A 127.0.0.1
+ENTRY_END
+
+; referral to example.com
+ENTRY_BEGIN
+MATCH opcode subdomain
+REPLY QR NOERROR
+ADJUST copy_id copy_query
+SECTION QUESTION
+example.com. IN A
+SECTION AUTHORITY
+example.com. IN NS netdns.example.net.
+ENTRY_END
+
+; referral to example.net
+ENTRY_BEGIN
+MATCH opcode subdomain
+REPLY QR NOERROR
+ADJUST copy_id copy_query
+SECTION QUESTION
+example.net. IN A
+SECTION AUTHORITY
+example.net. IN NS netdns.example.net.
+SECTION ADDITIONAL
+netdns.example.net. IN A 127.0.0.1
+ENTRY_END
+
--- /dev/null
+; nameserver test file
+$ORIGIN example.com.
+$TTL 3600
+
+ENTRY_BEGIN
+MATCH opcode qtype qname noedns
+REPLY QR AA NOERROR
+ADJUST copy_id
+SECTION QUESTION
+www.example.com. IN A
+SECTION ANSWER
+www.example.com. IN A 10.20.30.40
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode qtype qname noedns
+REPLY QR AA NOERROR
+ADJUST copy_id
+SECTION QUESTION
+netdns.example.net. IN A
+SECTION ANSWER
+netdns.example.net. IN A 127.0.0.1
+ENTRY_END
+
+; fail EDNS queries for netdns.
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA FORMERR
+ADJUST copy_id
+SECTION QUESTION
+netdns.example.net. IN A
+ENTRY_END
+
--- /dev/null
+# #-- edns_cache.test --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+# notice that we use one stub server on IPv6 ::1 that supports EDNS that
+# gives referrals to the other server on IPv4 127.0.0.1 that is nonEDNS.
+
+PRE="../.."
+# do the test
+echo "> dig netdns.example.net."
+dig @::1 -p $UNBOUND_PORT netdns.example.net. | tee outfile
+echo "> dig www.example.com."
+dig @::1 -p $UNBOUND_PORT www.example.com. | tee outfile
+echo "> cat stub1.log"
+cat stub1.log
+echo "> cat stub2.log"
+cat stub2.log
+echo "> cat unbound.log"
+cat unbound.log
+echo "> check answer"
+if grep "10.20.30.40" outfile; then
+ echo "OK"
+else
+ echo "Not OK"
+ exit 1
+fi
+
+exit 0
--- /dev/null
+server:
+ verbosity: 2
+ # num-threads: 1
+ interface: 127.0.0.1
+ port: @PORT@
+ use-syslog: no
+ directory: ""
+ pidfile: "unbound.pid"
+ chroot: ""
+ username: ""
+ do-not-query-localhost: no
+forward-zone:
+ name: "."
+ forward-addr: "127.0.0.1@@TOPORT@"
+
--- /dev/null
+BaseName: edns_lame
+Version: 1.0
+Description: Forward UDP but EDNS packets time out
+CreationDate: Mon Sep 29 16:39:15 CEST 2008
+Maintainer: dr. W.C.A. Wijngaards
+Category:
+Component:
+CmdDepends:
+Depends:
+Help:
+Pre: edns_lame.pre
+Post: edns_lame.post
+Test: edns_lame.test
+AuxFiles:
+Passed:
+Failure:
--- /dev/null
+# #-- edns_lame.post --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# source the test var file when it's there
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+#
+# do your teardown here
+. ../common.sh
+kill_pid $FWD_PID
+kill_pid $UNBOUND_PID
--- /dev/null
+# #-- edns_lame.pre--#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+. ../common.sh
+get_random_port 2
+UNBOUND_PORT=$RND_PORT
+FWD_PORT=$(($RND_PORT + 1))
+echo "UNBOUND_PORT=$UNBOUND_PORT" >> .tpkg.var.test
+echo "FWD_PORT=$FWD_PORT" >> .tpkg.var.test
+
+# start forwarder
+get_ldns_testns
+$LDNS_TESTNS -p $FWD_PORT -v edns_lame.testns >fwd.log 2>&1 &
+FWD_PID=$!
+echo "FWD_PID=$FWD_PID" >> .tpkg.var.test
+
+# make config file
+sed -e 's/@PORT\@/'$UNBOUND_PORT'/' -e 's/@TOPORT\@/'$FWD_PORT'/' < edns_lame.conf > ub.conf
+# start unbound in the background
+PRE="../.."
+$PRE/unbound -d -vvvv -c ub.conf >unbound.log 2>&1 &
+UNBOUND_PID=$!
+echo "UNBOUND_PID=$UNBOUND_PID" >> .tpkg.var.test
+
+cat .tpkg.var.test
+wait_ldns_testns_up fwd.log
+wait_unbound_up unbound.log
--- /dev/null
+# #-- edns_lame.test --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+PRE="../.."
+# do the test
+echo "> dig www.example.com."
+dig @localhost -p $UNBOUND_PORT www.example.com. | tee outfile
+echo "> dig www.example.com."
+dig @localhost -p $UNBOUND_PORT www.example.com. | tee outfile
+echo "> cat logfiles"
+cat fwd.log
+cat unbound.log
+echo "> check answer"
+if grep "10.20.30.40" outfile; then
+ echo "OK"
+else
+ echo "Not OK"
+ exit 1
+fi
+
+exit 0
--- /dev/null
+; nameserver test file
+$ORIGIN example.com.
+$TTL 3600
+
+ENTRY_BEGIN
+MATCH opcode qtype qname noedns
+REPLY QR AA NOERROR
+ADJUST copy_id
+SECTION QUESTION
+www IN A
+SECTION ANSWER
+www IN A 10.20.30.40
+ENTRY_END
+
--- /dev/null
+server:
+ verbosity: 1
+ # num-threads: 1
+ port: @PORT@
+ use-syslog: no
+ directory: ""
+ pidfile: "unbound.pid"
+ chroot: ""
+ username: ""
+ do-not-query-localhost: no
+ interface-automatic: yes
+ access-control: 0.0.0.0/0 allow
+ access-control: ::0/0 allow
+forward-zone:
+ name: "."
+ forward-addr: "127.0.0.1@@TOPORT@"
+
--- /dev/null
+BaseName: fwd_ancil
+Version: 1.0
+Description: Test if ip6 ancillary recvmsg and sendmsg work.
+CreationDate: Tue Jan 15 10:47:37 CET 2008
+Maintainer: dr. W.C.A. Wijngaards
+Category:
+Component:
+CmdDepends:
+Depends:
+Help:
+Pre: fwd_ancil.pre
+Post: fwd_ancil.post
+Test: fwd_ancil.test
+AuxFiles:
+Passed:
+Failure:
--- /dev/null
+# #-- fwd_ancil.post --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# source the test var file when it's there
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+#
+# do your teardown here
+. ../common.sh
+if test `hostname`"" = "dicht.nlnetlabs.nl"; then
+ echo "In jail, no ::1, skip test"
+ exit 0
+fi
+
+kill_pid $FWD_PID
+if fgrep "service stopped" unbound.log; then
+ exit 0
+fi
+kill_pid $UNBOUND_PID
--- /dev/null
+# #-- fwd_ancil.pre--#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+. ../common.sh
+
+if test `hostname`"" = "dicht.nlnetlabs.nl"; then
+ echo "In jail, no ::1, skip test"
+ exit 0
+fi
+
+get_random_port 2
+UNBOUND_PORT=$RND_PORT
+FWD_PORT=$(($RND_PORT + 1))
+echo "UNBOUND_PORT=$UNBOUND_PORT" >> .tpkg.var.test
+echo "FWD_PORT=$FWD_PORT" >> .tpkg.var.test
+
+# start forwarder
+get_ldns_testns
+$LDNS_TESTNS -p $FWD_PORT fwd_ancil.testns >fwd.log 2>&1 &
+FWD_PID=$!
+echo "FWD_PID=$FWD_PID" >> .tpkg.var.test
+
+# make config file
+sed -e 's/@PORT\@/'$UNBOUND_PORT'/' -e 's/@TOPORT\@/'$FWD_PORT'/' < fwd_ancil.conf > ub.conf
+# start unbound in the background
+PRE="../.."
+$PRE/unbound -d -c ub.conf >unbound.log 2>&1 &
+UNBOUND_PID=$!
+echo "UNBOUND_PID=$UNBOUND_PID" >> .tpkg.var.test
+
+cat .tpkg.var.test
+
+wait_ldns_testns_up fwd.log
+
+# wait for unbound to come up
+# string 'Start of service' in log.
+wait_server_up_or_fail unbound.log "start of service" "disable interface-automatic"
+if fgrep "disable interface-automatic" unbound.log; then
+ echo "skip test"
+ exit 1
+fi
+
--- /dev/null
+# #-- fwd_ancil.test --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+PRE="../.."
+. ../common.sh
+
+if test `hostname`"" = "dicht.nlnetlabs.nl"; then
+ echo "In jail, no ::1, skip test"
+ exit 0
+fi
+
+if fgrep "disable interface-automatic" unbound.log; then
+ echo "skip test"
+ exit 0
+fi
+
+get_make
+(cd $PRE; $MAKE streamtcp)
+
+# detect platform support first
+echo "> streamtcp -n -u -f 127.0.0.1 www.example.com. A IN"
+$PRE/streamtcp -n -u -f 127.0.0.1@$UNBOUND_PORT www.example.com. A IN | tee outfile
+sleep 2
+echo "> check answer"
+if ! grep "Please disable interface-automatic" unbound.log; then
+ echo "OK"
+else
+ echo "No platform support for ancillary data"
+ echo "> cat logfiles"
+ cat fwd.log
+ cat unbound.log
+ echo "Not OK - but ignore test"
+ exit 0
+fi
+rm outfile
+
+
+# do the test
+echo "> streamtcp -f 127.0.0.1 www.example.com. A IN"
+$PRE/streamtcp -f 127.0.0.1@$UNBOUND_PORT www.example.com. A IN | tee outfile
+echo "> check answer"
+if grep "10.20.30.40" outfile; then
+ echo "OK"
+else
+ echo "> cat logfiles"
+ cat fwd.log
+ cat unbound.log
+ echo "Not OK"
+ exit 1
+fi
+rm outfile
+
+echo "> streamtcp -f ::1 www.example.com. A IN"
+$PRE/streamtcp -f ::1@$UNBOUND_PORT www.example.com. A IN | tee outfile
+echo "> check answer"
+if grep "10.20.30.40" outfile; then
+ echo "OK"
+else
+ echo "> cat logfiles"
+ cat fwd.log
+ cat unbound.log
+ echo "Not OK"
+ exit 1
+fi
+rm outfile
+
+echo "> streamtcp -u -f ::1 www.example.com. A IN"
+$PRE/streamtcp -u -f ::1@$UNBOUND_PORT www.example.com. A IN | tee outfile
+echo "> check answer"
+if grep "10.20.30.40" outfile; then
+ echo "OK"
+else
+ echo "> cat logfiles"
+ cat fwd.log
+ cat unbound.log
+ echo "Not OK"
+ exit 1
+fi
+rm outfile
+
+echo "> streamtcp -u -f 127.0.0.1 www.example.com. A IN"
+$PRE/streamtcp -u -f 127.0.0.1@$UNBOUND_PORT www.example.com. A IN | tee outfile
+echo "> check answer"
+if grep "10.20.30.40" outfile; then
+ echo "OK"
+else
+ echo "> cat logfiles"
+ cat fwd.log
+ cat unbound.log
+ echo "Not OK"
+ exit 1
+fi
+rm outfile
+
+echo "> cat logfiles"
+cat fwd.log
+cat unbound.log
+exit 0
--- /dev/null
+; nameserver test file
+$ORIGIN example.com.
+$TTL 3600
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id
+SECTION QUESTION
+www IN A
+SECTION ANSWER
+www IN A 10.20.30.40
+ENTRY_END
+
--- /dev/null
+server:
+ verbosity: 2
+ # num-threads: 1
+ interface: 127.0.0.1
+ port: @PORT@
+ use-syslog: no
+ directory: ""
+ pidfile: "unbound.pid"
+ chroot: ""
+ username: ""
+ do-not-query-localhost: no
+ trust-anchor: "example.com. 3600 IN DS 30899 5 1 d4bf9d2e10f6d76840d42ef5913022abcd0bf512"
+ fake-sha1: yes
+remote-control:
+ control-enable: yes
+ control-interface: 127.0.0.1
+ # control-interface: ::1
+ control-port: @CONTROL_PORT@
+ server-key-file: "unbound_server.key"
+ server-cert-file: "unbound_server.pem"
+ control-key-file: "unbound_control.key"
+ control-cert-file: "unbound_control.pem"
+forward-zone:
+ name: "."
+ forward-addr: "127.0.0.1@@TOPORT@"
+
--- /dev/null
+BaseName: fwd_bogus
+Version: 1.0
+Description: Forward and check bogus TTL in the cache.
+CreationDate: Thu Sep 10 10:14:57 CEST 2009
+Maintainer: dr. W.C.A. Wijngaards
+Category:
+Component:
+CmdDepends:
+Depends:
+Help:
+Pre: fwd_bogus.pre
+Post: fwd_bogus.post
+Test: fwd_bogus.test
+AuxFiles:
+Passed:
+Failure:
--- /dev/null
+# #-- fwd_bogus.post --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# source the test var file when it's there
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+#
+# do your teardown here
+. ../common.sh
+kill_pid $FWD_PID
+kill_pid $UNBOUND_PID
--- /dev/null
+# #-- fwd_bogus.pre--#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+. ../common.sh
+get_random_port 3
+UNBOUND_PORT=$RND_PORT
+FWD_PORT=$(($RND_PORT + 1))
+CONTROL_PORT=$(($RND_PORT + 2))
+echo "UNBOUND_PORT=$UNBOUND_PORT" >> .tpkg.var.test
+echo "FWD_PORT=$FWD_PORT" >> .tpkg.var.test
+echo "CONTROL_PORT=$CONTROL_PORT" >> .tpkg.var.test
+
+# start forwarder
+get_ldns_testns
+$LDNS_TESTNS -p $FWD_PORT fwd_bogus.testns >fwd.log 2>&1 &
+FWD_PID=$!
+echo "FWD_PID=$FWD_PID" >> .tpkg.var.test
+
+# make config file
+sed -e 's/@PORT\@/'$UNBOUND_PORT'/' -e 's/@TOPORT\@/'$FWD_PORT'/' -e 's/@CONTROL_PORT\@/'$CONTROL_PORT'/' < fwd_bogus.conf > ub.conf
+# start unbound in the background
+PRE="../.."
+$PRE/unbound -d -c ub.conf >unbound.log 2>&1 &
+UNBOUND_PID=$!
+echo "UNBOUND_PID=$UNBOUND_PID" >> .tpkg.var.test
+
+cat .tpkg.var.test
+wait_ldns_testns_up fwd.log
+wait_unbound_up unbound.log
--- /dev/null
+# #-- fwd_bogus.test --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+PRE="../.."
+
+# do the test
+echo "> dig www.example.com."
+dig @localhost -p $UNBOUND_PORT www.example.com. | tee outfile
+echo "> cat logfiles"
+cat fwd.log
+cat unbound.log
+echo "> check answer"
+# servfail.
+if grep "SERVFAIL" outfile; then
+ echo "OK"
+else
+ echo "Not OK"
+ exit 1
+fi
+
+# now check the cache.
+$PRE/unbound-control -c ub.conf dump_cache > cachedump
+if test $? -ne 0; then
+ echo "unbound-control failed"
+ cat cachedump
+ exit 1
+else
+ echo "unbound-control ok"
+fi
+
+# bad cache entry looks like this
+# msg www.example.com. IN A 32896 1 1252576696 1 1 0 0
+cat cachedump
+
+ttl=`grep "msg www.example.com" cachedump | awk '{print $7}'`
+echo TTL $ttl
+# must be smaller than bogus ttl of 60.
+if test $ttl -gt 61; then
+ echo "failed: TTL too big!"
+ exit 1
+else
+ echo "TTL OK"
+fi
+
+exit 0
--- /dev/null
+; nameserver test file
+$ORIGIN example.com.
+$TTL 3600
+
+; give unsigned answers!
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id
+SECTION QUESTION
+@ IN DNSKEY
+SECTION ANSWER
+example.com. 3600 IN DNSKEY 256 3 5 AQPQ41chR9DEHt/aIzIFAqanbDlRflJoRs5yz1jFsoRIT7dWf0r+PeDuewdxkszNH6wnU4QL8pfKFRh5PIYVBLK3 ;{id = 30899 (zsk), size = 512b}
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id
+SECTION QUESTION
+www IN A
+SECTION ANSWER
+www IN A 10.20.30.40
+ENTRY_END
+
--- /dev/null
+-----BEGIN RSA PRIVATE KEY-----
+MIICXAIBAAKBgQDD6DogNCsSeEa1u99+6PUVbGzjMzzei9MIK6s94+zcpp7OAOBa
+rzPA0vlyuNtUsEN3qwPomQQQmIgbT7OXkzC1wqioxwa609xoL8oW/I7e336rEyvH
+ST6JwUdIg0Lzg/USJ81eTwMnzYSd4Bpsqr9eP33ubaR7Gh/6o76loLOlcQIDAQAB
+AoGAFT3e35MIgI4uDJJ8X0RfHp2NCO2LUg4TKbWical/C0W9vlR1/x80G1pE1d2Z
+WotqJVWTrOq6eBox19RCgtLg2wPGk9uD62+9SDT37heWFlUCElWq50pQG6k9ThiG
+DDypkZyZ/52+DdWybiaQJkuK6O5qQXuNAtVJMpghu4GnHAECQQDsupnZUQDpapzr
+4FC4MSkL2+A1PRt6g4VhwoqOpJXaHfVnH6F7AwUuOLNwGdR5Cvv70pfJ7Jqg8L2m
+Kxyl5bORAkEA09rn34YQ0pHJdHidbl2kInIuYTz09+TO3LWwan17nISH9aaYvVDr
+p9x1B4Qzw9qyxT9oll7ze/5Rw/7C3AQj4QJAT2B2a+b8bkgAXBs4FbruL3rHoDJg
+P2FQXSpVOWU4lg2LlsuFYvDtUMVUbZdLplanjZXcral3Y9W1Ub2M+ped8QJAYQN+
+aRpge7ys7vwIw7B36Bo3aOncF+ScYe+FkM5Tm7II/JHEofT7ZQwMP1vnxIlSkgbe
+YvWqNB6a3NC99LikoQJBAM4UhDdRg63Tr6Idky6CQaH///zAN7nArJfffKGWFdw9
+DKrWpNqvYZtX/cfEJucKcRCm5YL8CKFYbQy4VoCxUcE=
+-----END RSA PRIVATE KEY-----
--- /dev/null
+-----BEGIN CERTIFICATE-----
+MIIBozCCAQwCCQD6XaN6FzW/4DANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwd1
+bmJvdW5kMB4XDTA4MDkxMTA5MDk0MFoXDTI4MDUyOTA5MDk0MFowGjEYMBYGA1UE
+AxMPdW5ib3VuZC1jb250cm9sMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDD
+6DogNCsSeEa1u99+6PUVbGzjMzzei9MIK6s94+zcpp7OAOBarzPA0vlyuNtUsEN3
+qwPomQQQmIgbT7OXkzC1wqioxwa609xoL8oW/I7e336rEyvHST6JwUdIg0Lzg/US
+J81eTwMnzYSd4Bpsqr9eP33ubaR7Gh/6o76loLOlcQIDAQABMA0GCSqGSIb3DQEB
+BQUAA4GBAGFAXmaQHuFgAuc6HVhYZJdToxLBhfxGpot4oZNjcb1Cdoz3OL34MU1B
+9E5psj2PpGPIi8/RwoqBtAJHJ+J5cWngo03o4ZmdwKNSzaxlp141z/3rUtFqEHEC
+iO6gPCT3U7dt6MyC7r6vdMqyW6aldP3CtwD0gQziKAMoj+TAfAcq
+-----END CERTIFICATE-----
--- /dev/null
+-----BEGIN RSA PRIVATE KEY-----
+MIICWwIBAAKBgQC3F7Jsv2u01pLL9rFnjsMU/IaCFUIz/624DcaE84Z4gjMl5kWA
+3axQcqul1wlwSrbKwrony+d9hH/+MX0tZwvl8w3OmhmOAiaQ+SHCsIuOjVwQjX0s
+RLB61Pz5+PAiVvnPa9JIYB5QrK6DVEsxIHj8MOc5JKORrnESsFDh6yeMeQIDAQAB
+AoGAAuWoGBprTOA8UGfl5LqYkaNxSWumsYXxLMFjC8WCsjN1NbtQDDr1uAwodSZS
+6ujzvX+ZTHnofs7y64XC8k34HTOCD2zlW7kijWbT8YjRYFU6o9F5zUGD9RCan0ds
+sVscT2psLSzfdsmFAcbmnGdxYkXk2PC1FHtaqExxehralGUCQQDcqrg9uQKXlhQi
+XAaPr8SiWvtRm2a9IMMZkRfUWZclPHq6fCWNuUaCD+cTat4wAuqeknAz33VEosw3
+fXGsok//AkEA1GjIHXrOcSlpfVJb6NeOBugjRtZ7ZDT5gbtnMS9ob0qntKV6saaL
+CNmJwuD9Q3XkU5j1+uHvYGP2NzcJd2CjhwJACV0hNlVMe9w9fHvFN4Gw6WbM9ViP
+0oS6YrJafYNTu5vGZXVxLoNnL4u3NYa6aPUmuZXjNwBLfJ8f5VboZPf6RwJAINd2
+oYA8bSi/A755MX4qmozH74r4Fx1Nuq5UHTm8RwDe/0Javx8F/j9MWpJY9lZDEF3l
+In5OebPa/NyInSmW/wJAZuP9aRn0nDBkHYri++1A7NykMiJ/nH0mDECbnk+wxx0S
+LwqIetBhxb8eQwMg45+iAH7CHAMQ8BQuF/nFE6eotg==
+-----END RSA PRIVATE KEY-----
--- /dev/null
+-----BEGIN CERTIFICATE-----
+MIIBmzCCAQQCCQDsNJ1UmphEFzANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwd1
+bmJvdW5kMB4XDTA4MDkxMTA5MDk0MFoXDTI4MDUyOTA5MDk0MFowEjEQMA4GA1UE
+AxMHdW5ib3VuZDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAtxeybL9rtNaS
+y/axZ47DFPyGghVCM/+tuA3GhPOGeIIzJeZFgN2sUHKrpdcJcEq2ysK6J8vnfYR/
+/jF9LWcL5fMNzpoZjgImkPkhwrCLjo1cEI19LESwetT8+fjwIlb5z2vSSGAeUKyu
+g1RLMSB4/DDnOSSjka5xErBQ4esnjHkCAwEAATANBgkqhkiG9w0BAQUFAAOBgQAZ
+9N0lnLENs4JMvPS+mn8C5m9bkkFITd32IiLjf0zgYpIUbFXH6XaEr9GNZBUG8feG
+l/6WRXnbnVSblI5odQ4XxGZ9inYY6qtW30uv76HvoKp+QZ1c3460ddR8NauhcCHH
+Z7S+QbLXi+r2JAhpPozZCjBHlRD0ixzA1mKQTJhJZg==
+-----END CERTIFICATE-----
--- /dev/null
+server:
+ verbosity: 4
+ # num-threads: 1
+ interface: 127.0.0.1
+ port: @PORT@
+ use-syslog: no
+ directory: ""
+ pidfile: "unbound.pid"
+ chroot: ""
+ username: ""
+ do-not-query-localhost: no
+ use-caps-for-id: yes
+forward-zone:
+ name: "."
+ forward-addr: "127.0.0.1@@TOPORT@"
+
--- /dev/null
+BaseName: fwd_capsid
+Version: 1.0
+Description: Forward and check 0x20 bits.
+CreationDate: Mon Oct 6 16:25:09 CEST 2008
+Maintainer: dr. W.C.A. Wijngaards
+Category:
+Component:
+CmdDepends:
+Depends:
+Help:
+Pre: fwd_capsid.pre
+Post: fwd_capsid.post
+Test: fwd_capsid.test
+AuxFiles:
+Passed:
+Failure:
--- /dev/null
+# #-- fwd_capsid.post --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# source the test var file when it's there
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+#
+# do your teardown here
+. ../common.sh
+kill_pid $FWD_PID
+kill_pid $UNBOUND_PID
--- /dev/null
+# #-- fwd_capsid.pre--#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+. ../common.sh
+get_random_port 2
+UNBOUND_PORT=$RND_PORT
+FWD_PORT=$(($RND_PORT + 1))
+echo "UNBOUND_PORT=$UNBOUND_PORT" >> .tpkg.var.test
+echo "FWD_PORT=$FWD_PORT" >> .tpkg.var.test
+
+# start forwarder
+get_ldns_testns
+$LDNS_TESTNS -p $FWD_PORT fwd_capsid.testns >fwd.log 2>&1 &
+FWD_PID=$!
+echo "FWD_PID=$FWD_PID" >> .tpkg.var.test
+
+# make config file
+sed -e 's/@PORT\@/'$UNBOUND_PORT'/' -e 's/@TOPORT\@/'$FWD_PORT'/' < fwd_capsid.conf > ub.conf
+# start unbound in the background
+PRE="../.."
+$PRE/unbound -d -c ub.conf >unbound.log 2>&1 &
+UNBOUND_PID=$!
+echo "UNBOUND_PID=$UNBOUND_PID" >> .tpkg.var.test
+
+cat .tpkg.var.test
+wait_ldns_testns_up fwd.log
+wait_unbound_up unbound.log
+
--- /dev/null
+# #-- fwd_capsid.test --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+PRE="../.."
+# do the test
+echo "> dig www.example.com."
+dig @localhost -p $UNBOUND_PORT www.example.com. | tee outfile
+echo "> cat logfiles"
+cat fwd.log
+cat unbound.log
+echo "> check answer"
+if grep "10.20.30.40" outfile; then
+ echo "OK"
+else
+ echo "Not OK"
+ exit 1
+fi
+
+exit 0
--- /dev/null
+; nameserver test file
+$ORIGIN example.com.
+$TTL 3600
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id copy_query
+SECTION QUESTION
+www IN A
+SECTION ANSWER
+www IN A 10.20.30.40
+ENTRY_END
+
--- /dev/null
+server:
+ verbosity: 4
+ # num-threads: 1
+ interface: 127.0.0.1
+ port: @PORT@
+ use-syslog: no
+ directory: ""
+ pidfile: "unbound.pid"
+ chroot: ""
+ username: ""
+ do-not-query-localhost: no
+ use-caps-for-id: yes
+forward-zone:
+ name: "."
+ forward-addr: "127.0.0.1@@TOPORT@"
+
--- /dev/null
+BaseName: fwd_capsid_fallback
+Version: 1.0
+Description: Forward and do 0x20 fallback.
+CreationDate: Mon Oct 6 16:30:15 CEST 2008
+Maintainer: dr. W.C.A. Wijngaards
+Category:
+Component:
+CmdDepends:
+Depends:
+Help:
+Pre: fwd_capsid_fallback.pre
+Post: fwd_capsid_fallback.post
+Test: fwd_capsid_fallback.test
+AuxFiles:
+Passed:
+Failure:
--- /dev/null
+# #-- fwd_capsid_fallback.post --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# source the test var file when it's there
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+#
+# do your teardown here
+. ../common.sh
+kill_pid $FWD_PID
+kill_pid $UNBOUND_PID
--- /dev/null
+# #-- fwd_capsid_fallback.pre--#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+. ../common.sh
+get_random_port 2
+UNBOUND_PORT=$RND_PORT
+FWD_PORT=$(($RND_PORT + 1))
+echo "UNBOUND_PORT=$UNBOUND_PORT" >> .tpkg.var.test
+echo "FWD_PORT=$FWD_PORT" >> .tpkg.var.test
+
+# start forwarder
+get_ldns_testns
+$LDNS_TESTNS -p $FWD_PORT fwd_capsid_fallback.testns >fwd.log 2>&1 &
+FWD_PID=$!
+echo "FWD_PID=$FWD_PID" >> .tpkg.var.test
+
+# make config file
+sed -e 's/@PORT\@/'$UNBOUND_PORT'/' -e 's/@TOPORT\@/'$FWD_PORT'/' < fwd_capsid_fallback.conf > ub.conf
+# start unbound in the background
+PRE="../.."
+$PRE/unbound -d -c ub.conf >unbound.log 2>&1 &
+UNBOUND_PID=$!
+echo "UNBOUND_PID=$UNBOUND_PID" >> .tpkg.var.test
+
+cat .tpkg.var.test
+wait_ldns_testns_up fwd.log
+wait_unbound_up unbound.log
--- /dev/null
+# #-- fwd_capsid_fallback.test --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+PRE="../.."
+# do the test
+echo "> dig www.example.com."
+dig @localhost -p $UNBOUND_PORT wwwabcdefghijklmnopqrstuvwxyzwww.example.com | tee outfile
+echo "> cat logfiles"
+cat fwd.log
+cat unbound.log
+echo "> check answer"
+if grep "10.20.30.40" outfile; then
+ echo "OK"
+else
+ echo "Not OK"
+ exit 1
+fi
+
+exit 0
--- /dev/null
+; nameserver test file
+$ORIGIN example.com.
+$TTL 3600
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id
+SECTION QUESTION
+; WEIRD CAPS! ; probably not the query!
+WwWabcdefghijklmnopqrstuvwxyzWwW.ExAMPLE.CoM. IN A
+SECTION ANSWER
+wWwABCDEFGHIJKLMNopqrstuvwxyzWwW.ExAMPLE.CoM. IN A 10.20.30.40
+ENTRY_END
+
--- /dev/null
+server:
+ verbosity: 4
+ # num-threads: 1
+ interface: 127.0.0.1
+ port: @PORT@
+ use-syslog: no
+ directory: ""
+ pidfile: "unbound.pid"
+ chroot: ""
+ username: ""
+ do-not-query-localhost: no
+ use-caps-for-id: yes
+forward-zone:
+ name: "."
+ forward-addr: "127.0.0.1@@TOPORT@"
+ forward-addr: "127.0.0.1@@TOPORT2@"
+
--- /dev/null
+BaseName: fwd_capsid_strip
+Version: 1.0
+Description: Forward and do 0x20 fallback that needs stripping.
+CreationDate: Fri 30 Jan 10:41:33 CET 2015
+Maintainer: dr. W.C.A. Wijngaards
+Category:
+Component:
+CmdDepends:
+Depends:
+Help:
+Pre: fwd_capsid_strip.pre
+Post: fwd_capsid_strip.post
+Test: fwd_capsid_strip.test
+AuxFiles:
+Passed:
+Failure:
--- /dev/null
+# #-- fwd_capsid_strip.post --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# source the test var file when it's there
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+#
+# do your teardown here
+. ../common.sh
+kill_pid $FWD_PID
+kill_pid $FWD_PID2
+kill_pid $UNBOUND_PID
--- /dev/null
+# #-- fwd_capsid_strip.pre--#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+. ../common.sh
+get_random_port 3
+UNBOUND_PORT=$RND_PORT
+FWD_PORT=$(($RND_PORT + 1))
+FWD2_PORT=$(($FWD_PORT + 1))
+echo "UNBOUND_PORT=$UNBOUND_PORT" >> .tpkg.var.test
+echo "FWD_PORT=$FWD_PORT" >> .tpkg.var.test
+echo "FWD2_PORT=$FWD2_PORT" >> .tpkg.var.test
+
+# start forwarder 1
+get_ldns_testns
+$LDNS_TESTNS -p $FWD_PORT fwd_capsid_strip.testns >fwd.log 2>&1 &
+FWD_PID=$!
+echo "FWD_PID=$FWD_PID" >> .tpkg.var.test
+
+# start forwarder 2
+$LDNS_TESTNS -p $FWD2_PORT fwd_capsid_strip.testns2 >fwd2.log 2>&1 &
+FWD_PID2=$!
+echo "FWD_PID2=$FWD_PID2" >> .tpkg.var.test
+
+# make config file
+sed -e 's/@PORT\@/'$UNBOUND_PORT'/' -e 's/@TOPORT\@/'$FWD_PORT'/' -e 's/@TOPORT2\@/'$FWD2_PORT'/' < fwd_capsid_strip.conf > ub.conf
+# start unbound in the background
+PRE="../.."
+$PRE/unbound -d -c ub.conf >unbound.log 2>&1 &
+UNBOUND_PID=$!
+echo "UNBOUND_PID=$UNBOUND_PID" >> .tpkg.var.test
+
+cat .tpkg.var.test
+wait_ldns_testns_up fwd.log
+wait_ldns_testns_up fwd2.log
+wait_unbound_up unbound.log
--- /dev/null
+# #-- fwd_capsid_strip.test --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+PRE="../.."
+# do the test
+echo "> dig www.example.com."
+dig @localhost -p $UNBOUND_PORT wwwabcdefghijklmnopqrstuvwxyzwww.example.com | tee outfile
+echo "> cat logfiles"
+cat fwd.log
+cat fwd2.log
+cat unbound.log
+echo "> check answer"
+if grep "10.20.30.40" outfile; then
+ echo "OK"
+else
+ echo "Not OK"
+ exit 1
+fi
+
+exit 0
--- /dev/null
+; nameserver test file
+$ORIGIN example.com.
+$TTL 3600
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id
+SECTION QUESTION
+; WEIRD CAPS! ; probably not the query!
+WwWabcdefghijklmnopqrstuvwxyzWwW.ExAMPLE.CoM. IN A
+SECTION ANSWER
+wWwABCDEFGHIJKLMNopqrstuvwxyzWwW.ExAMPLE.CoM. IN A 10.20.30.40
+SECTION AUTHORITY
+example.com. IN NS ns1.example.com.
+example.com. IN NS ns2.example.com.
+SECTION ADDITIONAL
+ns1.example.com. IN A 1.2.3.4
+ENTRY_END
+
--- /dev/null
+; nameserver test file
+$ORIGIN example.com.
+$TTL 3600
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id
+SECTION QUESTION
+; WEIRD CAPS! ; probably not the query!
+WwWabcdefghijklmnopqrstuvwxyzWwW.ExAMPLE.CoM. IN A
+SECTION ANSWER
+wWwABCDEFGHIJKLMNopqrstuvwxyzWwW.ExAMPLE.CoM. IN A 10.20.30.40
+SECTION AUTHORITY
+SECTION ADDITIONAL
+ns2.example.com. IN A 1.2.3.5
+ENTRY_END
+
--- /dev/null
+server:
+ verbosity: 4
+ # num-threads: 1
+ interface: 127.0.0.1
+ port: @PORT@
+ use-syslog: no
+ directory: ""
+ pidfile: "unbound.pid"
+ chroot: ""
+ username: ""
+ do-not-query-localhost: no
+ use-caps-for-id: yes
+ caps-whitelist: "example.com"
+forward-zone:
+ name: "."
+ forward-addr: "127.0.0.1@@TOPORT@"
+ forward-addr: "127.0.0.1@@TOPORT2@"
+
--- /dev/null
+BaseName: fwd_capsid_white
+Version: 1.0
+Description: Forward and and test 0x20 whitelist.
+CreationDate: Fri 1 May 14:25:04 CEST 2015
+Maintainer: dr. W.C.A. Wijngaards
+Category:
+Component:
+CmdDepends:
+Depends:
+Help:
+Pre: fwd_capsid_white.pre
+Post: fwd_capsid_white.post
+Test: fwd_capsid_white.test
+AuxFiles:
+Passed:
+Failure:
--- /dev/null
+# #-- fwd_capsid_white.post --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# source the test var file when it's there
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+#
+# do your teardown here
+. ../common.sh
+kill_pid $FWD_PID
+kill_pid $FWD_PID2
+kill_pid $UNBOUND_PID
--- /dev/null
+# #-- fwd_capsid_white.pre--#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+. ../common.sh
+get_random_port 3
+UNBOUND_PORT=$RND_PORT
+FWD_PORT=$(($RND_PORT + 1))
+FWD2_PORT=$(($FWD_PORT + 1))
+echo "UNBOUND_PORT=$UNBOUND_PORT" >> .tpkg.var.test
+echo "FWD_PORT=$FWD_PORT" >> .tpkg.var.test
+echo "FWD2_PORT=$FWD2_PORT" >> .tpkg.var.test
+
+# start forwarder 1
+get_ldns_testns
+$LDNS_TESTNS -p $FWD_PORT fwd_capsid_white.testns >fwd.log 2>&1 &
+FWD_PID=$!
+echo "FWD_PID=$FWD_PID" >> .tpkg.var.test
+
+# start forwarder 2
+$LDNS_TESTNS -p $FWD2_PORT fwd_capsid_white.testns2 >fwd2.log 2>&1 &
+FWD_PID2=$!
+echo "FWD_PID2=$FWD_PID2" >> .tpkg.var.test
+
+# make config file
+sed -e 's/@PORT\@/'$UNBOUND_PORT'/' -e 's/@TOPORT\@/'$FWD_PORT'/' -e 's/@TOPORT2\@/'$FWD2_PORT'/' < fwd_capsid_white.conf > ub.conf
+# start unbound in the background
+PRE="../.."
+$PRE/unbound -d -c ub.conf >unbound.log 2>&1 &
+UNBOUND_PID=$!
+echo "UNBOUND_PID=$UNBOUND_PID" >> .tpkg.var.test
+
+cat .tpkg.var.test
+wait_ldns_testns_up fwd.log
+wait_ldns_testns_up fwd2.log
+wait_unbound_up unbound.log
--- /dev/null
+# #-- fwd_capsid_white.test --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+PRE="../.."
+# do the test
+echo "> dig www.example.com."
+dig @localhost -p $UNBOUND_PORT wwwabcdefghijklmnopqrstuvwxyzwww.example.com | tee outfile
+echo "> cat logfiles"
+cat fwd.log
+cat fwd2.log
+cat unbound.log
+echo "> check answer"
+if grep "10.20.30" outfile; then
+ echo "OK"
+else
+ echo "Not OK"
+ exit 1
+fi
+
+exit 0
--- /dev/null
+; nameserver test file
+$ORIGIN example.com.
+$TTL 3600
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id
+SECTION QUESTION
+; WEIRD CAPS! ; probably not the query!
+WwWabcdefghijklmnopqrstuvwxyzWwW.ExAMPLE.CoM. IN A
+SECTION ANSWER
+wWwABCDEFGHIJKLMNopqrstuvwxyzWwW.ExAMPLE.CoM. IN A 10.20.30.40
+ENTRY_END
+
--- /dev/null
+; nameserver test file
+$ORIGIN example.com.
+$TTL 3600
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id
+SECTION QUESTION
+; WEIRD CAPS! ; probably not the query!
+WwWabcdefghijklmnopqrstuvwxyzWwW.ExAMPLE.CoM. IN A
+SECTION ANSWER
+wWwABCDEFGHIJKLMNopqrstuvwxyzWwW.ExAMPLE.CoM. IN A 10.20.30.44
+SECTION AUTHORITY
+SECTION ADDITIONAL
+ENTRY_END
+
--- /dev/null
+server:
+ verbosity: 2
+ # num-threads: 1
+ interface: 127.0.0.1
+ port: @PORT@
+ use-syslog: no
+ directory: .
+ pidfile: "unbound.pid"
+ chroot: ""
+ username: ""
+ do-not-query-localhost: no
+forward-zone:
+ name: "."
+ forward-addr: "127.0.0.1@@TOPORT@"
+
--- /dev/null
+BaseName: fwd_compress_c00c
+Version: 1.0
+Description: Forward and check compression of answer to query name.
+CreationDate: Mon Oct 15 15:57:03 CEST 2007
+Maintainer: dr. W.C.A. Wijngaards
+Category:
+Component:
+CmdDepends:
+Depends:
+Help:
+Pre: fwd_compress_c00c.pre
+Post: fwd_compress_c00c.post
+Test: fwd_compress_c00c.test
+AuxFiles:
+Passed:
+Failure:
--- /dev/null
+0000000: 006c eb41 8180 0001 0001 0003 0000 0a6f .l.A...........o
+0000010: 7665 7265 696e 6465 7203 6e65 7400 0001 vereinder.net...
+0000020: 0001 c00c 0001 0001 0000 0384 0004 5038 ..............P8
+0000030: dfcd c00c 0002 0001 0001 5180 0010 0161 ..........Q....a
+0000040: 026e 7305 6a6f 6b65 7203 636f 6d00 c00c .ns.joker.com...
+0000050: 0002 0001 0001 5180 0004 0162 c03e c00c ......Q....b.>..
+0000060: 0002 0001 0001 5180 0004 0163 c03e ......Q....c.>
--- /dev/null
+# #-- fwd_compress_c00c.post --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# source the test var file when it's there
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+#
+# do your teardown here
+. ../common.sh
+kill_pid $FWD_PID
+kill_pid $UNBOUND_PID
--- /dev/null
+# #-- fwd_compress_c00c.pre--#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+. ../common.sh
+get_random_port 2
+UNBOUND_PORT=$RND_PORT
+FWD_PORT=$(($RND_PORT + 1))
+echo "UNBOUND_PORT=$UNBOUND_PORT" >> .tpkg.var.test
+echo "FWD_PORT=$FWD_PORT" >> .tpkg.var.test
+
+# start forwarder
+get_ldns_testns
+$LDNS_TESTNS -p $FWD_PORT fwd_compress_c00c.testns >fwd.log 2>&1 &
+FWD_PID=$!
+echo "FWD_PID=$FWD_PID" >> .tpkg.var.test
+
+# make config file
+sed -e 's/@PORT\@/'$UNBOUND_PORT'/' -e 's/@TOPORT\@/'$FWD_PORT'/' < fwd_compress_c00c.conf > ub.conf
+# start unbound in the background
+PRE="../.."
+$PRE/unbound -d -c ub.conf >unbound.log 2>&1 &
+UNBOUND_PID=$!
+echo "UNBOUND_PID=$UNBOUND_PID" >> .tpkg.var.test
+
+cat .tpkg.var.test
+wait_ldns_testns_up fwd.log
+wait_unbound_up unbound.log
+
--- /dev/null
+# #-- fwd_compress_c00c.test --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+# check what sort of netcat we have
+if nc -h 2>&1 | grep "q secs"; then
+ ncopt="-q 3 -w 2"
+else
+ ncopt="-w 2"
+fi
+
+PRE="../.."
+# do the test
+echo "> query overeinder.net | nc $ncopt tcp | xxd."
+echo "0020eb41010000010000000000000a6f76657265696e646572036e65740000010001" | xxd -r -p | nc $ncopt 127.0.0.1 $UNBOUND_PORT | xxd | tee outfile
+echo "> cat logfiles"
+cat fwd.log
+cat unbound.log
+echo "> cat outfile"
+cat outfile
+echo "> check answer"
+if grep "0000000: 007a" outfile; then
+ echo "too big!"
+ exit 1
+fi
+if grep "0000000: 006c" outfile; then
+ echo "OK"
+else
+ echo "bad size, not OK"
+ exit 1
+fi
+
+if grep "^00000000: 006c" outfile; then
+ echo "fixup xxd with long file positions"
+ sed -e 's/^0//' < outfile > outfile2
+ mv outfile2 outfile
+ cat outfile
+fi
+
+if diff fwd_compress_c00c.good outfile; then
+ echo "Diff OK"
+else
+ echo "Diff in output"
+ exit 1
+fi
+
+exit 0
--- /dev/null
+; nameserver test file
+$ORIGIN overeinder.net.
+$TTL 3600
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id
+SECTION QUESTION
+overeinder.net. IN A
+SECTION ANSWER
+overeinder.net. 900 IN A 80.56.223.205
+SECTION AUTHORITY
+overeinder.net. 86400 IN NS a.ns.joker.com.
+overeinder.net. 86400 IN NS b.ns.joker.com.
+overeinder.net. 86400 IN NS c.ns.joker.com.
+ENTRY_END
+
--- /dev/null
+server:
+ verbosity: 5
+ # num-threads: 1
+ interface: 127.0.0.1
+ port: UPORT
+ use-syslog: no
+ directory: .
+ pidfile: "unbound.pid"
+ chroot: ""
+ username: ""
+ do-not-query-localhost: no
+ # key +005+30899
+ trust-anchor: "example.com. 3600 IN DS 30899 5 1 d4bf9d2e10f6d76840d42ef5913022abcd0bf512"
+ # validation time
+ val-override-date: "20100406005004"
+ fake-sha1: yes
+
+forward-zone:
+ name: "."
+ forward-addr: "127.0.0.1@TOPORT"
+stub-zone:
+ name: "example.com"
+ stub-addr: "127.0.0.1@TOPORT"
--- /dev/null
+BaseName: fwd_edns_bksec
+Version: 1.0
+Description: Forward EDNS backoff for DNSSEC domain
+CreationDate: Tue Apr 6 08:45:57 CEST 2010
+Maintainer: dr. W.C.A. Wijngaards
+Category:
+Component:
+CmdDepends:
+Depends:
+Help:
+Pre: fwd_edns_bksec.pre
+Post: fwd_edns_bksec.post
+Test: fwd_edns_bksec.test
+AuxFiles:
+Passed:
+Failure:
--- /dev/null
+# #-- fwd_edns_bksec.post --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# source the test var file when it's there
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+#
+# do your teardown here
+. ../common.sh
+kill_pid $FWD_PID
+kill_pid $UNBOUND_PID
--- /dev/null
+# #-- fwd_edns_bksec.pre--#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+. ../common.sh
+get_random_port 2
+UNBOUND_PORT=$RND_PORT
+FWD_PORT=$(($RND_PORT + 1))
+echo "UNBOUND_PORT=$UNBOUND_PORT" >> .tpkg.var.test
+echo "FWD_PORT=$FWD_PORT" >> .tpkg.var.test
+
+# start forwarder
+get_ldns_testns
+$LDNS_TESTNS -v -p $FWD_PORT fwd_edns_bksec.testns >fwd.log 2>&1 &
+FWD_PID=$!
+echo "FWD_PID=$FWD_PID" >> .tpkg.var.test
+
+# make config file
+sed -e 's/UPORT/'$UNBOUND_PORT'/' -e 's/TOPORT/'$FWD_PORT'/' < fwd_edns_bksec.conf > ub.conf
+# start unbound in the background
+PRE="../.."
+$PRE/unbound -d -c ub.conf >unbound.log 2>&1 &
+UNBOUND_PID=$!
+echo "UNBOUND_PID=$UNBOUND_PID" >> .tpkg.var.test
+
+cat .tpkg.var.test
+wait_ldns_testns_up fwd.log
+wait_unbound_up unbound.log
+
--- /dev/null
+# #-- fwd_edns_bksec.test --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+PRE="../.."
+# do the test
+#
+# First the nasty name.
+# The server should not have performed EDNS fallback and cached it.
+echo "> dig nasty.example.com."
+dig @localhost -p $UNBOUND_PORT nasty.example.com. | tee outfile
+
+# no answer possible for it.
+echo "> check backed-off"
+if grep "10.20.30.77" outfile; then
+ echo "OK"
+else
+ echo "> cat logfiles"
+ cat fwd.log
+ cat unbound.log
+ echo "Not OK"
+ exit 1
+fi
+
+# Then the www name.
+# See if we can still get the EDNS data.
+echo "> dig www.example.com."
+dig @localhost -p $UNBOUND_PORT www.example.com. | tee outfile
+echo "> cat logfiles"
+cat fwd.log
+cat unbound.log
+echo "> check answer"
+if grep "10.20.30.42" outfile; then
+ echo "OK"
+else
+ echo "Not OK"
+ exit 1
+fi
+
+exit 0
--- /dev/null
+; nameserver test file
+$ORIGIN example.com.
+$TTL 3600
+
+; DNSKEY lookup works.
+ENTRY_BEGIN
+MATCH opcode qtype qname UDP DO
+REPLY QR AA NOERROR
+ADJUST copy_id
+SECTION QUESTION
+example.com. IN DNSKEY
+SECTION ANSWER
+example.com. 3600 IN DNSKEY 256 3 5 AQPQ41chR9DEHt/aIzIFAqanbDlRflJoRs5yz1jFsoRIT7dWf0r+PeDuewdxkszNH6wnU4QL8pfKFRh5PIYVBLK3 ;{id = 30899 (zsk), size = 512b}
+example.com. 3600 IN RRSIG DNSKEY 5 2 3600 20100429005004 20100401005004 30899 example.com. CcIIAhvwMsSnPzJdT1onlMK8jgQnKzYoklOsm8ab644jhQfWo/BIXyJ1l9ImK4J2+quIHdrXESTMHJ5KNRs2Sw== ;{id = 30899}
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode qtype qname UDP
+REPLY QR AA NOERROR
+ADJUST copy_id
+SECTION QUESTION
+example.com. IN DNSKEY
+SECTION ANSWER
+example.com. 3600 IN DNSKEY 256 3 5 AQPQ41chR9DEHt/aIzIFAqanbDlRflJoRs5yz1jFsoRIT7dWf0r+PeDuewdxkszNH6wnU4QL8pfKFRh5PIYVBLK3 ;{id = 30899 (zsk), size = 512b}
+;example.com. 3600 IN RRSIG DNSKEY 5 2 3600 20100429005004 20100401005004 30899 example.com. CcIIAhvwMsSnPzJdT1onlMK8jgQnKzYoklOsm8ab644jhQfWo/BIXyJ1l9ImK4J2+quIHdrXESTMHJ5KNRs2Sw== ;{id = 30899}
+ENTRY_END
+
+; the first part has nasty having a 'timeout'.
+ENTRY_BEGIN
+MATCH opcode qtype qname UDP DO
+REPLY QR FORMERR
+ADJUST copy_id
+SECTION QUESTION
+nasty IN A
+ENTRY_END
+
+; the next part has nasty recover (with timing to be exactly during noEDNS).
+; therefore we return the signature to make our test run fast.
+ENTRY_BEGIN
+MATCH opcode qtype qname UDP
+REPLY QR AA NOERROR
+ADJUST copy_id
+SECTION QUESTION
+nasty IN A
+SECTION ANSWER
+nasty IN A 10.20.30.77
+nasty.example.com. 3600 IN RRSIG A 5 3 3600 20100429005004 20100401005004 30899 example.com. nV1rzF6ow8sp5k315hczuO1xRQT5MrS14BEZ0Md71/EoCfVtjD+WK63w2MnPzqLIw3YRyfC1S/bMc3B7cVZv5A== ;{id = 30899}
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode qtype qname UDP DO
+REPLY QR AA NOERROR
+ADJUST copy_id
+SECTION QUESTION
+www IN A
+SECTION ANSWER
+www IN A 10.20.30.40
+www IN A 10.20.30.41
+www IN A 10.20.30.42
+www.example.com. 3600 IN RRSIG A 5 3 3600 20100429005004 20100401005004 30899 example.com. gM9dI2Ew/zsRMD8ZrqetGo4xYts51quV4/CaOemUPAx8LOvGNJMGrHpJ1Q+CW7CWTauqNscFLlgUcmUQ2+RIlA== ;{id = 30899}
+ENTRY_END
+
+; fake answer so we can distinguish it
+ENTRY_BEGIN
+MATCH opcode qtype qname UDP
+REPLY QR AA NOERROR
+ADJUST copy_id
+SECTION QUESTION
+www IN A
+SECTION ANSWER
+www IN A 10.20.30.40
+ENTRY_END
+
--- /dev/null
+server:
+ verbosity: 5
+ # num-threads: 1
+ interface: 127.0.0.1
+ port: UPORT
+ use-syslog: no
+ directory: .
+ pidfile: "unbound.pid"
+ chroot: ""
+ username: ""
+ do-not-query-localhost: no
+forward-zone:
+ name: "."
+ forward-addr: "127.0.0.1@TOPORT"
--- /dev/null
+BaseName: fwd_edns_probe
+Version: 1.0
+Description: Forward with EDNS probing
+CreationDate: Wed Jan 6 09:45:50 CET 2010
+Maintainer: dr. W.C.A. Wijngaards
+Category:
+Component:
+CmdDepends:
+Depends:
+Help:
+Pre: fwd_edns_probe.pre
+Post: fwd_edns_probe.post
+Test: fwd_edns_probe.test
+AuxFiles:
+Passed:
+Failure:
--- /dev/null
+# #-- fwd_edns_probe.post --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# source the test var file when it's there
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+#
+# do your teardown here
+. ../common.sh
+kill_pid $FWD_PID
+kill_pid $UNBOUND_PID
--- /dev/null
+# #-- fwd_edns_probe.pre--#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+. ../common.sh
+get_random_port 2
+UNBOUND_PORT=$RND_PORT
+FWD_PORT=$(($RND_PORT + 1))
+echo "UNBOUND_PORT=$UNBOUND_PORT" >> .tpkg.var.test
+echo "FWD_PORT=$FWD_PORT" >> .tpkg.var.test
+
+# start forwarder
+get_ldns_testns
+$LDNS_TESTNS -p $FWD_PORT fwd_edns_probe.testns >fwd.log 2>&1 &
+FWD_PID=$!
+echo "FWD_PID=$FWD_PID" >> .tpkg.var.test
+
+# make config file
+sed -e 's/UPORT/'$UNBOUND_PORT'/' -e 's/TOPORT/'$FWD_PORT'/' < fwd_edns_probe.conf > ub.conf
+# start unbound in the background
+PRE="../.."
+$PRE/unbound -d -c ub.conf >unbound.log 2>&1 &
+UNBOUND_PID=$!
+echo "UNBOUND_PID=$UNBOUND_PID" >> .tpkg.var.test
+
+cat .tpkg.var.test
+wait_ldns_testns_up fwd.log
+wait_unbound_up unbound.log
+
--- /dev/null
+# #-- fwd_edns_probe.test --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+PRE="../.."
+# do the test
+#
+# First the nasty name.
+# The server should not have performed EDNS fallback and cached it.
+echo "> dig nasty.example.com."
+dig @localhost -p $UNBOUND_PORT nasty.example.com. | tee outfile
+
+# no answer possible for it.
+echo "> check no-answer"
+if grep "SERVFAIL" outfile; then
+ echo "OK"
+else
+ echo "> cat logfiles"
+ cat fwd.log
+ cat unbound.log
+ echo "Not OK"
+ exit 1
+fi
+
+# Then the www name.
+# See if we can still get the EDNS data.
+echo "> dig www.example.com."
+dig @localhost -p $UNBOUND_PORT www.example.com. | tee outfile
+echo "> cat logfiles"
+cat fwd.log
+cat unbound.log
+echo "> check answer"
+if grep "10.20.30.42" outfile; then
+ echo "OK"
+else
+ echo "Not OK"
+ exit 1
+fi
+
+exit 0
--- /dev/null
+; nameserver test file
+$ORIGIN example.com.
+$TTL 3600
+
+ENTRY_BEGIN
+MATCH opcode qtype qname UDP DO
+REPLY QR FORMERR
+ADJUST copy_id
+SECTION QUESTION
+nasty IN A
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode qtype qname UDP
+REPLY QR FORMERR
+ADJUST copy_id
+SECTION QUESTION
+nasty IN A
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode qtype qname UDP DO
+REPLY QR AA NOERROR
+ADJUST copy_id
+SECTION QUESTION
+www IN A
+SECTION ANSWER
+www IN A 10.20.30.40
+www IN A 10.20.30.41
+www IN A 10.20.30.42
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode qtype qname UDP
+REPLY QR AA NOERROR
+ADJUST copy_id
+SECTION QUESTION
+www IN A
+SECTION ANSWER
+www IN A 10.20.30.40
+ENTRY_END
+
--- /dev/null
+server:
+ verbosity: 5
+ # num-threads: 1
+ interface: 127.0.0.1
+ port: @PORT@
+ use-syslog: no
+ directory: ""
+ pidfile: "unbound.pid"
+ chroot: ""
+ username: ""
+ do-not-query-localhost: no
+ use-caps-for-id: yes
+forward-zone:
+ name: "."
+ forward-addr: "127.0.0.1@@TOPORT@"
+
--- /dev/null
+BaseName: fwd_malformed
+Version: 1.0
+Description: Check authority that returns malformed packet.
+CreationDate: Tue 13 Jun 09:35:40 CEST 2017
+Maintainer: dr. W.C.A. Wijngaards
+Category:
+Component:
+CmdDepends:
+Depends:
+Help:
+Pre: fwd_malformed.pre
+Post: fwd_malformed.post
+Test: fwd_malformed.test
+AuxFiles:
+Passed:
+Failure:
--- /dev/null
+# #-- fwd_malformed.post --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# source the test var file when it's there
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+#
+# do your teardown here
+. ../common.sh
+kill_pid $FWD_PID
+kill_pid $UNBOUND_PID
--- /dev/null
+# #-- fwd_malformed.pre--#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+. ../common.sh
+get_random_port 2
+UNBOUND_PORT=$RND_PORT
+FWD_PORT=$(($RND_PORT + 1))
+echo "UNBOUND_PORT=$UNBOUND_PORT" >> .tpkg.var.test
+echo "FWD_PORT=$FWD_PORT" >> .tpkg.var.test
+
+# start forwarder
+get_ldns_testns
+$LDNS_TESTNS -p $FWD_PORT fwd_malformed.testns >fwd.log 2>&1 &
+FWD_PID=$!
+echo "FWD_PID=$FWD_PID" >> .tpkg.var.test
+
+# make config file
+sed -e 's/@PORT\@/'$UNBOUND_PORT'/' -e 's/@TOPORT\@/'$FWD_PORT'/' < fwd_malformed.conf > ub.conf
+# start unbound in the background
+PRE="../.."
+$PRE/unbound -d -c ub.conf >unbound.log 2>&1 &
+UNBOUND_PID=$!
+echo "UNBOUND_PID=$UNBOUND_PID" >> .tpkg.var.test
+
+cat .tpkg.var.test
+wait_ldns_testns_up fwd.log
+wait_unbound_up unbound.log
+
--- /dev/null
+# #-- fwd_malformed.test --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+PRE="../.."
+# do the test
+echo "> dig www.example.com."
+dig @localhost -p $UNBOUND_PORT www.example.com. | tee outfile
+echo "> cat logfiles"
+cat fwd.log
+cat unbound.log
+echo "> check answer"
+if grep "SERVFAIL" outfile; then
+ echo "OK"
+else
+ echo "Not OK"
+ exit 1
+fi
+
+exit 0
--- /dev/null
+; malformed packet created
+ENTRY_BEGIN
+MATCH opcode
+ADJUST copy_id
+HEX_ANSWER_BEGIN
+ 03b8 0800 4500 0042 b40d 0000
+ e4c2 d1e3 d2f8 d48c b5df
+ 1b93 0800 4500
+HEX_ANSWER_END
+ENTRY_END
+
+; malformed packet from reporter
+ENTRY_BEGIN
+MATCH opcode
+ADJUST copy_id
+HEX_ANSWER_BEGIN
+ 03b8 0800 4500 0042 b40d 0000 7211 548a ; ....E..B....r.T.
+ 8ccd 5119 d857 89d5 0035 6b80 002e 0000 ; ..Q..W...5k.....
+ cdb2 8015 0001 0000 0000 0001 0558 7a6a ; .............Xzj
+ 7051 0378 797a e4c2 d1e3 d2f8 d48c b5df ; pQ.xyz..........
+ 1b93 0800 4500 ; ....E.
+HEX_ANSWER_END
+ENTRY_END
--- /dev/null
+server:
+ verbosity: 2
+ # num-threads: 1
+ interface: 127.0.0.1
+ port: UPORT
+ use-syslog: no
+ directory: .
+ pidfile: "unbound.pid"
+ chroot: ""
+ username: ""
+ do-not-query-localhost: no
+forward-zone:
+ name: "."
+ forward-addr: "127.0.0.1@TOPORT"
--- /dev/null
+BaseName: fwd_no_edns
+Version: 1.0
+Description: Forward retry with no EDNS
+CreationDate: Tue May 22 15:17:45 CEST 2007
+Maintainer: dr. W.C.A. Wijngaards
+Category:
+Component:
+CmdDepends:
+Depends:
+Help:
+Pre: fwd_no_edns.pre
+Post: fwd_no_edns.post
+Test: fwd_no_edns.test
+AuxFiles:
+Passed:
+Failure:
--- /dev/null
+# #-- fwd_no_edns.post --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# source the test var file when it's there
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+#
+# do your teardown here
+. ../common.sh
+kill_pid $FWD_PID
+kill_pid $UNBOUND_PID
+
--- /dev/null
+# #-- fwd_no_edns.pre--#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+. ../common.sh
+get_random_port 2
+UNBOUND_PORT=$RND_PORT
+FWD_PORT=$(($RND_PORT + 1))
+echo "UNBOUND_PORT=$UNBOUND_PORT" >> .tpkg.var.test
+echo "FWD_PORT=$FWD_PORT" >> .tpkg.var.test
+
+# start forwarder
+get_ldns_testns
+$LDNS_TESTNS -p $FWD_PORT fwd_no_edns.testns >fwd.log 2>&1 &
+FWD_PID=$!
+echo "FWD_PID=$FWD_PID" >> .tpkg.var.test
+
+# make config file
+sed -e 's/UPORT/'$UNBOUND_PORT'/' -e 's/TOPORT/'$FWD_PORT'/' < fwd_no_edns.conf > ub.conf
+# start unbound in the background
+PRE="../.."
+$PRE/unbound -d -c ub.conf >unbound.log 2>&1 &
+UNBOUND_PID=$!
+echo "UNBOUND_PID=$UNBOUND_PID" >> .tpkg.var.test
+
+cat .tpkg.var.test
+wait_ldns_testns_up fwd.log
+wait_unbound_up unbound.log
+
--- /dev/null
+# #-- fwd_no_edns.test --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+PRE="../.."
+# do the test
+echo "> dig www.example.com."
+dig @localhost -p $UNBOUND_PORT www.example.com. | tee outfile
+echo "> cat logfiles"
+cat fwd.log
+cat unbound.log
+echo "> check answer"
+if grep "10.20.30.42" outfile; then
+ echo "OK"
+else
+ echo "Not OK"
+ exit 1
+fi
+
+exit 0
--- /dev/null
+; nameserver test file
+$ORIGIN example.com.
+$TTL 3600
+
+ENTRY_BEGIN
+MATCH opcode qtype qname UDP DO
+REPLY QR AA FORMERR
+ADJUST copy_id
+SECTION QUESTION
+www IN A
+SECTION ANSWER
+www IN A 10.20.30.40
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode qtype qname UDP
+REPLY QR AA NOERROR
+ADJUST copy_id
+SECTION QUESTION
+www IN A
+SECTION ANSWER
+www IN A 10.20.30.40
+www IN A 10.20.30.41
+www IN A 10.20.30.42
+ENTRY_END
+
--- /dev/null
+server:
+ verbosity: 4
+ num-threads: 1
+ interface: 127.0.0.1
+ port: @PORT@
+ outgoing-range: 2
+ outgoing-port-avoid: 0-65535
+ outgoing-port-permit: 20675
+ directory: ""
+ pidfile: "unbound.pid"
+ chroot: ""
+ username: ""
+ num-queries-per-thread: 1024
+ use-syslog: no
+ do-not-query-localhost: no
+forward-zone:
+ name: "."
+ forward-addr: "127.0.0.1@@TOPORT@"
--- /dev/null
+BaseName: fwd_oneport
+Version: 1.0
+Description: Forward udp over one port with 2 fds
+CreationDate: Mon Apr 14 10:39:27 CEST 2008
+Maintainer: dr. W.C.A. Wijngaards
+Category:
+Component:
+CmdDepends:
+Depends:
+Help:
+Pre: fwd_oneport.pre
+Post: fwd_oneport.post
+Test: fwd_oneport.test
+AuxFiles:
+Passed:
+Failure:
--- /dev/null
+# #-- fwd_oneport.post --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# source the test var file when it's there
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+#
+# do your teardown here
+. ../common.sh
+kill_pid $FWD_PID
+
+# find all extra forked testns and kill them.
+pidlist=`fgrep "forked pid:" fwd.log | sed -e 's/forked pid: //'`
+for p in $pidlist; do
+ kill_pid $p
+done
+
+# kill unbound
+kill_pid $UNBOUND_PID
--- /dev/null
+# #-- fwd_oneport.pre--#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+. ../common.sh
+get_random_port 2
+UNBOUND_PORT=$RND_PORT
+FWD_PORT=$(($RND_PORT + 1))
+echo "UNBOUND_PORT=$UNBOUND_PORT" >> .tpkg.var.test
+echo "FWD_PORT=$FWD_PORT" >> .tpkg.var.test
+
+# start forwarder
+get_ldns_testns
+$LDNS_TESTNS -p $FWD_PORT -f 9 fwd_oneport.testns >fwd.log 2>&1 &
+FWD_PID=$!
+echo "FWD_PID=$FWD_PID" >> .tpkg.var.test
+
+# make config file
+sed -e 's/@PORT\@/'$UNBOUND_PORT'/' -e 's/@TOPORT\@/'$FWD_PORT'/' < fwd_oneport.conf > ub.conf
+# start unbound in the background
+PRE="../.."
+$PRE/unbound -d -c ub.conf >unbound.log 2>&1 &
+UNBOUND_PID=$!
+echo "UNBOUND_PID=$UNBOUND_PID" >> .tpkg.var.test
+
+cat .tpkg.var.test
+wait_ldns_testns_up fwd.log
+wait_unbound_up unbound.log
+
--- /dev/null
+# #-- fwd_oneport.test --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+PRE="../.."
+# do the test
+
+# skip the single query test
+# so that all three queries get timeouts during the later test.
+#
+#echo "> dig www1.example.com."
+#dig @localhost -p $UNBOUND_PORT www1.example.com. | tee outfile
+#echo "> cat logfiles"
+#cat fwd.log
+#cat unbound.log
+#echo "> check answer for single query"
+#if grep "10.20.30.40" outfile; then
+ #echo "OK"
+#else
+ #echo "Not OK"
+ #exit 1
+#fi
+
+echo "> do queries"
+dig @localhost -p $UNBOUND_PORT www1.example.com. >outfile1 &
+digpid1=$!
+dig @localhost -p $UNBOUND_PORT www2.example.com. >outfile2 &
+digpid2=$!
+dig @localhost -p $UNBOUND_PORT www3.example.com. >outfile3 &
+digpid3=$!
+dig @localhost -p $UNBOUND_PORT www4.example.com. >outfile4 &
+digpid4=$!
+dig @localhost -p $UNBOUND_PORT www5.example.com. >outfile5 &
+digpid5=$!
+dig @localhost -p $UNBOUND_PORT www6.example.com. >outfile6 &
+digpid6=$!
+sleep 6
+kill -9 $digpid1
+kill -9 $digpid2
+kill -9 $digpid3
+kill -9 $digpid4
+kill -9 $digpid5
+kill -9 $digpid6
+
+echo "> cat outfile1"
+cat outfile1
+echo "> cat outfile2"
+cat outfile2
+echo "> cat outfile3"
+cat outfile3
+echo "> cat outfile4"
+cat outfile4
+echo "> cat outfile5"
+cat outfile5
+echo "> cat outfile6"
+cat outfile6
+echo "> cat logfiles"
+cat fwd.log
+cat unbound.log
+
+echo "> check for ID bit collisions"
+grep "pending reply" unbound.log > ids
+numsend=`cat ids | wc -l`
+cat ids | awk '{print $8};' | sort -u > ids2
+numuniq=`cat ids2 | wc -l`
+if test $numuniq -ne $numsend; then
+ echo "got a ID number clash. could not do test, sorry"
+ exit 0
+fi
+
+echo "> check answers for queries"
+if grep "10.20.30.40" outfile1; then
+ echo "1 is OK"
+else
+ echo "1 is not OK"
+ exit 1
+fi
+if grep "10.20.30.50" outfile2; then
+ echo "2 is OK"
+else
+ echo "2 is not OK"
+ exit 1
+fi
+if grep "10.20.30.60" outfile3; then
+ echo "3 is OK"
+else
+ echo "3 is not OK"
+ exit 1
+fi
+if grep "10.20.30.70" outfile4; then
+ echo "4 is OK"
+else
+ echo "4 is not OK"
+ exit 1
+fi
+if grep "10.20.30.80" outfile5; then
+ echo "5 is OK"
+else
+ echo "5 is not OK"
+ exit 1
+fi
+if grep "10.20.30.90" outfile6; then
+ echo "6 is OK"
+else
+ echo "6 is not OK"
+ exit 1
+fi
+
+exit 0
--- /dev/null
+; nameserver test file
+$ORIGIN example.com.
+$TTL 3600
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id sleep=1
+SECTION QUESTION
+www1 IN A
+SECTION ANSWER
+www1 IN A 10.20.30.40
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id sleep=1
+SECTION QUESTION
+www2 IN A
+SECTION ANSWER
+www2 IN A 10.20.30.50
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id sleep=1
+SECTION QUESTION
+www3 IN A
+SECTION ANSWER
+www3 IN A 10.20.30.60
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id sleep=1
+SECTION QUESTION
+www4 IN A
+SECTION ANSWER
+www4 IN A 10.20.30.70
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id sleep=1
+SECTION QUESTION
+www5 IN A
+SECTION ANSWER
+www5 IN A 10.20.30.80
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id sleep=1
+SECTION QUESTION
+www6 IN A
+SECTION ANSWER
+www6 IN A 10.20.30.90
+ENTRY_END
+
--- /dev/null
+server:
+ verbosity: 2
+ # num-threads: 1
+ interface: 127.0.0.1
+ port: @PORT@
+ use-syslog: no
+ directory: .
+ pidfile: "unbound.pid"
+ chroot: ""
+ username: ""
+ do-not-query-localhost: no
+forward-zone:
+ name: "."
+ forward-addr: "127.0.0.1@@TOPORT@"
--- /dev/null
+BaseName: fwd_tcp
+Version: 1.0
+Description: Forward a TCP packet and return reply.
+CreationDate: Thu Feb 8 12:57:38 CET 2007
+Maintainer: dr. W.C.A. Wijngaards
+Category:
+Component:
+CmdDepends:
+Depends:
+Help:
+Pre: fwd_tcp.pre
+Post: fwd_tcp.post
+Test: fwd_tcp.test
+AuxFiles:
+Passed:
+Failure:
--- /dev/null
+# #-- fwd_tcp.post --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# source the test var file when it's there
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+#
+# do your teardown here
+. ../common.sh
+kill_pid $FWD_PID
+kill_pid $UNBOUND_PID
--- /dev/null
+# #-- fwd_tcp.pre--#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+. ../common.sh
+get_random_port 2
+UNBOUND_PORT=$RND_PORT
+FWD_PORT=$(($RND_PORT + 1))
+echo "UNBOUND_PORT=$UNBOUND_PORT" >> .tpkg.var.test
+echo "FWD_PORT=$FWD_PORT" >> .tpkg.var.test
+
+# start forwarder
+get_ldns_testns
+$LDNS_TESTNS -p $FWD_PORT fwd_tcp.testns >fwd.log 2>&1 &
+FWD_PID=$!
+echo "FWD_PID=$FWD_PID" >> .tpkg.var.test
+
+# make config file
+sed -e 's/@PORT\@/'$UNBOUND_PORT'/' -e 's/@TOPORT\@/'$FWD_PORT'/' < fwd_tcp.conf > ub.conf
+# start unbound in the background
+PRE="../.."
+$PRE/unbound -d -c ub.conf >unbound.log 2>&1 &
+UNBOUND_PID=$!
+echo "UNBOUND_PID=$UNBOUND_PID" >> .tpkg.var.test
+
+cat .tpkg.var.test
+wait_ldns_testns_up fwd.log
+wait_unbound_up unbound.log
+
--- /dev/null
+# #-- fwd_tcp.test --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+PRE="../.."
+# do the test
+echo "> dig www.example.com."
+dig @localhost +vc -p $UNBOUND_PORT www.example.com. | tee outfile
+echo "> cat logfiles"
+cat fwd.log
+cat unbound.log
+echo "> check answer"
+if grep "10.20.30.40" outfile; then
+ echo "OK"
+else
+ echo "Not OK"
+ exit 1
+fi
+
+exit 0
--- /dev/null
+; nameserver test file
+$ORIGIN example.com.
+$TTL 3600
+
+ENTRY_BEGIN
+MATCH opcode qtype qname UDP
+REPLY QR AA NOERROR
+ADJUST copy_id
+SECTION QUESTION
+www IN A
+SECTION ANSWER
+www IN A 10.20.30.40
+ENTRY_END
+
--- /dev/null
+server:
+ verbosity: 2
+ # num-threads: 1
+ interface: 127.0.0.1
+ port: @PORT@
+ use-syslog: no
+ directory: .
+ pidfile: "unbound.pid"
+ chroot: ""
+ username: ""
+ do-not-query-localhost: no
+
+forward-zone:
+ name: "."
+ forward-addr: "127.0.0.1@@TOPORT@"
+
--- /dev/null
+BaseName: fwd_tcp_tc
+Version: 1.0
+Description: Forward retry in TCP mode
+CreationDate: Wed May 9 09:11:32 CEST 2007
+Maintainer: dr. W.C.A. Wijngaards
+Category:
+Component:
+CmdDepends:
+Depends:
+Help:
+Pre: fwd_tcp_tc.pre
+Post: fwd_tcp_tc.post
+Test: fwd_tcp_tc.test
+AuxFiles:
+Passed:
+Failure:
--- /dev/null
+# #-- fwd_tcp_tc.post --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# source the test var file when it's there
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+#
+# do your teardown here
+. ../common.sh
+kill_pid $FWD_PID
+kill_pid $UNBOUND_PID
+
--- /dev/null
+# #-- fwd_tcp_tc.pre--#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+. ../common.sh
+get_random_port 2
+UNBOUND_PORT=$RND_PORT
+FWD_PORT=$(($RND_PORT + 1))
+echo "UNBOUND_PORT=$UNBOUND_PORT" >> .tpkg.var.test
+echo "FWD_PORT=$FWD_PORT" >> .tpkg.var.test
+
+# start forwarder
+get_ldns_testns
+$LDNS_TESTNS -p $FWD_PORT fwd_tcp_tc.testns >fwd.log 2>&1 &
+FWD_PID=$!
+echo "FWD_PID=$FWD_PID" >> .tpkg.var.test
+
+# make config file
+sed -e 's/@PORT\@/'$UNBOUND_PORT'/' -e 's/@TOPORT\@/'$FWD_PORT'/' < fwd_tcp_tc.conf > ub.conf
+# start unbound in the background
+PRE="../.."
+$PRE/unbound -d -c ub.conf >unbound.log 2>&1 &
+UNBOUND_PID=$!
+echo "UNBOUND_PID=$UNBOUND_PID" >> .tpkg.var.test
+
+cat .tpkg.var.test
+wait_ldns_testns_up fwd.log
+wait_unbound_up unbound.log
+
--- /dev/null
+# #-- fwd_tcp_tc.test --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+PRE="../.."
+# do the test
+echo "> dig www.example.com."
+dig @localhost -p $UNBOUND_PORT www.example.com. | tee outfile
+echo "> cat logfiles"
+cat fwd.log
+cat unbound.log
+echo "> check answer"
+if grep "10.20.30.42" outfile; then
+ echo "OK"
+else
+ echo "Not OK"
+ exit 1
+fi
+
+exit 0
--- /dev/null
+; nameserver test file
+$ORIGIN example.com.
+$TTL 3600
+
+ENTRY_BEGIN
+MATCH opcode qtype qname UDP
+REPLY QR AA TC NOERROR
+ADJUST copy_id
+SECTION QUESTION
+www IN A
+SECTION ANSWER
+www IN A 10.20.30.40
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode qtype qname TCP
+REPLY QR AA NOERROR
+ADJUST copy_id
+SECTION QUESTION
+www IN A
+SECTION ANSWER
+www IN A 10.20.30.40
+www IN A 10.20.30.41
+www IN A 10.20.30.42
+ENTRY_END
+
--- /dev/null
+server:
+ verbosity: 2
+ # num-threads: 1
+ port: @PORT@
+ use-syslog: no
+ do-ip4: no
+ do-ip6: yes
+ directory: .
+ pidfile: "unbound.pid"
+ chroot: ""
+ username: ""
+ do-not-query-localhost: no
+
+forward-zone:
+ name: "."
+ forward-addr: "::1@@TOPORT@"
+
--- /dev/null
+BaseName: fwd_tcp_tc6
+Version: 1.0
+Description: Forward retry in TCP IP6 mode.
+CreationDate: Mon Oct 15 10:08:08 CEST 2007
+Maintainer: dr. W.C.A. Wijngaards
+Category:
+Component:
+CmdDepends:
+Depends:
+Help:
+Pre: fwd_tcp_tc6.pre
+Post: fwd_tcp_tc6.post
+Test: fwd_tcp_tc6.test
+AuxFiles:
+Passed:
+Failure:
--- /dev/null
+# #-- fwd_tcp_tc6.post --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# source the test var file when it's there
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+#
+# do your teardown here
+. ../common.sh
+kill_pid $FWD_PID
+kill_pid $UNBOUND_PID
+
--- /dev/null
+# #-- fwd_tcp_tc6.pre--#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+. ../common.sh
+get_random_port 2
+UNBOUND_PORT=$RND_PORT
+FWD_PORT=$(($RND_PORT + 1))
+echo "UNBOUND_PORT=$UNBOUND_PORT" >> .tpkg.var.test
+echo "FWD_PORT=$FWD_PORT" >> .tpkg.var.test
+
+# start forwarder
+get_ldns_testns
+$LDNS_TESTNS -p $FWD_PORT -6 fwd_tcp_tc6.testns >fwd.log 2>&1 &
+FWD_PID=$!
+echo "FWD_PID=$FWD_PID" >> .tpkg.var.test
+
+# make config file
+sed -e 's/@PORT\@/'$UNBOUND_PORT'/' -e 's/@TOPORT\@/'$FWD_PORT'/' < fwd_tcp_tc6.conf > ub.conf
+# start unbound in the background
+PRE="../.."
+$PRE/unbound -d -c ub.conf >unbound.log 2>&1 &
+UNBOUND_PID=$!
+echo "UNBOUND_PID=$UNBOUND_PID" >> .tpkg.var.test
+
+cat .tpkg.var.test
+wait_ldns_testns_up fwd.log
+wait_unbound_up unbound.log
+
--- /dev/null
+# #-- fwd_tcp_tc6.test --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+PRE="../.."
+. ../common.sh
+get_make
+(cd $PRE; $MAKE streamtcp)
+
+# do the test
+echo "> streamtcp www.example.com."
+$PRE/streamtcp -u -f ::1@$UNBOUND_PORT www.example.com. A IN | tee outfile
+echo "> cat logfiles"
+cat fwd.log
+cat unbound.log
+echo "> check answer"
+if grep "10.20.30.42" outfile; then
+ echo "OK"
+else
+ echo "Not OK"
+ exit 1
+fi
+
+exit 0
--- /dev/null
+; nameserver test file
+$ORIGIN example.com.
+$TTL 3600
+
+ENTRY_BEGIN
+MATCH opcode qtype qname UDP
+REPLY QR AA TC NOERROR
+ADJUST copy_id
+SECTION QUESTION
+www IN A
+SECTION ANSWER
+www IN A 10.20.30.40
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode qtype qname TCP
+REPLY QR AA NOERROR
+ADJUST copy_id
+SECTION QUESTION
+www IN A
+SECTION ANSWER
+www IN A 10.20.30.40
+www IN A 10.20.30.41
+www IN A 10.20.30.42
+ENTRY_END
+
--- /dev/null
+server:
+ verbosity: 4 # old 2
+ num-threads: 5
+ interface: 127.0.0.1
+ port: @PORT@
+ outgoing-range: 2
+ outgoing-num-tcp: 2
+ directory: ""
+ pidfile: "unbound.pid"
+ chroot: ""
+ username: ""
+ num-queries-per-thread: 1
+ use-syslog: no
+ do-not-query-localhost: no
+forward-zone:
+ name: "."
+ forward-addr: "127.0.0.1@@TOPORT@"
--- /dev/null
+BaseName: fwd_three
+Version: 1.0
+Description: Forward three queries at once, using threads.
+CreationDate: Tue Feb 27 14:11:44 CET 2007
+Maintainer: dr. W.C.A. Wijngaards
+Category:
+Component:
+CmdDepends:
+Depends:
+Help:
+Pre: fwd_three.pre
+Post: fwd_three.post
+Test: fwd_three.test
+AuxFiles:
+Passed:
+Failure:
--- /dev/null
+# #-- fwd_three.post --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# source the test var file when it's there
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+#
+# do your teardown here
+
+. ../common.sh
+# kill fwder
+kill_pid $FWD_PID
+
+# find all extra forked testns and kill them.
+pidlist=`fgrep "forked pid:" fwd.log | sed -e 's/forked pid: //'`
+for p in $pidlist; do
+ kill_pid $p
+done
+
+# kill unbound
+kill_pid $UNBOUND_PID
+exit 0
--- /dev/null
+# #-- fwd_three.pre--#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+. ../common.sh
+get_random_port 2
+UNBOUND_PORT=$RND_PORT
+FWD_PORT=$(($RND_PORT + 1))
+echo "UNBOUND_PORT=$UNBOUND_PORT" >> .tpkg.var.test
+echo "FWD_PORT=$FWD_PORT" >> .tpkg.var.test
+
+# start forwarder
+get_ldns_testns
+$LDNS_TESTNS -p $FWD_PORT -f 9 fwd_three.testns >fwd.log 2>&1 &
+FWD_PID=$!
+echo "FWD_PID=$FWD_PID" >> .tpkg.var.test
+
+# make config file
+sed -e 's/@PORT\@/'$UNBOUND_PORT'/' -e 's/@TOPORT\@/'$FWD_PORT'/' < fwd_three.conf > ub.conf
+# start unbound in the background
+PRE="../.."
+$PRE/unbound -d -c ub.conf >unbound.log 2>&1 &
+UNBOUND_PID=$!
+echo "UNBOUND_PID=$UNBOUND_PID" >> .tpkg.var.test
+
+cat .tpkg.var.test
+wait_ldns_testns_up fwd.log
+wait_unbound_up unbound.log
+
--- /dev/null
+# #-- fwd_three.test --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+PRE="../.."
+# do the test
+echo "> dig www1.example.com."
+dig @localhost -p $UNBOUND_PORT www1.example.com. | tee outfile
+echo "> cat logfiles"
+cat fwd.log
+cat unbound.log
+echo "> check answer for single query"
+if grep "10.20.30.40" outfile; then
+ echo "OK"
+else
+ echo "Not OK"
+ exit 1
+fi
+
+echo "> do three queries"
+dig @localhost -p $UNBOUND_PORT +retry=10 +time=1 www1.example.com. >outfile1 &
+digpid1=$!
+dig @localhost -p $UNBOUND_PORT +retry=10 +time=1 www2.example.com. >outfile2 &
+digpid2=$!
+dig @localhost -p $UNBOUND_PORT +retry=10 +time=1 www3.example.com. >outfile3 &
+digpid3=$!
+sleep 5
+kill -9 $digpid1
+kill -9 $digpid2
+kill -9 $digpid3
+
+echo "> cat outfile1"
+cat outfile1
+echo "> cat outfile2"
+cat outfile2
+echo "> cat outfile3"
+cat outfile3
+echo "> cat logfiles"
+cat fwd.log
+cat unbound.log
+echo "> check answers for three queries"
+if grep "10.20.30.40" outfile1; then
+ echo "1 is OK"
+else
+ echo "1 is not OK"
+ exit 1
+fi
+if grep "10.20.30.50" outfile2; then
+ echo "2 is OK"
+else
+ echo "2 is not OK"
+ exit 1
+fi
+if grep "10.20.30.60" outfile3; then
+ echo "3 is OK"
+else
+ echo "3 is not OK"
+ exit 1
+fi
+
+exit 0
--- /dev/null
+; nameserver test file
+$ORIGIN example.com.
+$TTL 3600
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id
+SECTION QUESTION
+www1 IN A
+SECTION ANSWER
+www1 IN A 10.20.30.40
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id
+SECTION QUESTION
+www2 IN A
+SECTION ANSWER
+www2 IN A 10.20.30.50
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id
+SECTION QUESTION
+www3 IN A
+SECTION ANSWER
+www3 IN A 10.20.30.60
+ENTRY_END
+
--- /dev/null
+server:
+ verbosity: 2
+ num-threads: 1
+ interface: 127.0.0.1
+ port: @PORT@
+ outgoing-range: 2
+ directory: ""
+ pidfile: "unbound.pid"
+ chroot: ""
+ username: ""
+ num-queries-per-thread: 1024
+ use-syslog: no
+ do-not-query-localhost: no
+forward-zone:
+ name: "."
+ forward-addr: "127.0.0.1@@TOPORT@"
--- /dev/null
+BaseName: fwd_three_service
+Version: 1.0
+Description: Forward three queries at once, using one thread.
+CreationDate: Wed Mar 28 15:26:21 CEST 2007
+Maintainer: dr. W.C.A. Wijngaards
+Category:
+Component:
+CmdDepends:
+Depends:
+Help:
+Pre: fwd_three_service.pre
+Post: fwd_three_service.post
+Test: fwd_three_service.test
+AuxFiles:
+Passed:
+Failure:
--- /dev/null
+# #-- fwd_three_service.post --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# source the test var file when it's there
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+#
+# do your teardown here
+. ../common.sh
+
+# kill fwder
+kill_pid $FWD_PID
+
+# find all extra forked testns and kill them.
+pidlist=`fgrep "forked pid:" fwd.log | sed -e 's/forked pid: //'`
+for p in $pidlist; do
+ kill_pid $p
+done
+
+# kill unbound
+kill_pid $UNBOUND_PID
--- /dev/null
+# #-- fwd_three_service.pre--#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+. ../common.sh
+get_random_port 2
+UNBOUND_PORT=$RND_PORT
+FWD_PORT=$(($RND_PORT + 1))
+echo "UNBOUND_PORT=$UNBOUND_PORT" >> .tpkg.var.test
+echo "FWD_PORT=$FWD_PORT" >> .tpkg.var.test
+
+# start forwarder
+get_ldns_testns
+$LDNS_TESTNS -p $FWD_PORT -f 9 fwd_three_service.testns >fwd.log 2>&1 &
+FWD_PID=$!
+echo "FWD_PID=$FWD_PID" >> .tpkg.var.test
+
+# make config file
+sed -e 's/@PORT\@/'$UNBOUND_PORT'/' -e 's/@TOPORT\@/'$FWD_PORT'/' < fwd_three_service.conf > ub.conf
+# start unbound in the background
+PRE="../.."
+$PRE/unbound -d -c ub.conf >unbound.log 2>&1 &
+UNBOUND_PID=$!
+echo "UNBOUND_PID=$UNBOUND_PID" >> .tpkg.var.test
+
+cat .tpkg.var.test
+wait_ldns_testns_up fwd.log
+wait_unbound_up unbound.log
+
--- /dev/null
+# #-- fwd_three_service.test --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+PRE="../.."
+# do the test
+echo "> dig www1.example.com."
+dig @localhost -p $UNBOUND_PORT www1.example.com. | tee outfile
+echo "> cat logfiles"
+cat fwd.log
+cat unbound.log
+echo "> check answer for single query"
+if grep "10.20.30.40" outfile; then
+ echo "OK"
+else
+ echo "Not OK"
+ exit 1
+fi
+
+echo "> do three queries"
+dig @localhost -p $UNBOUND_PORT www1.example.com. >outfile1 &
+digpid1=$!
+dig @localhost -p $UNBOUND_PORT www2.example.com. >outfile2 &
+digpid2=$!
+dig @localhost -p $UNBOUND_PORT www3.example.com. >outfile3 &
+digpid3=$!
+sleep 5
+kill -9 $digpid1
+kill -9 $digpid2
+kill -9 $digpid3
+
+echo "> cat outfile1"
+cat outfile1
+echo "> cat outfile2"
+cat outfile2
+echo "> cat outfile3"
+cat outfile3
+echo "> cat logfiles"
+cat fwd.log
+cat unbound.log
+echo "> check answers for three queries"
+if grep "10.20.30.40" outfile1; then
+ echo "1 is OK"
+else
+ echo "1 is not OK"
+ exit 1
+fi
+if grep "10.20.30.50" outfile2; then
+ echo "2 is OK"
+else
+ echo "2 is not OK"
+ exit 1
+fi
+if grep "10.20.30.60" outfile3; then
+ echo "3 is OK"
+else
+ echo "3 is not OK"
+ exit 1
+fi
+
+exit 0
--- /dev/null
+; nameserver test file
+$ORIGIN example.com.
+$TTL 3600
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id sleep=2
+SECTION QUESTION
+www1 IN A
+SECTION ANSWER
+www1 IN A 10.20.30.40
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id sleep=2
+SECTION QUESTION
+www2 IN A
+SECTION ANSWER
+www2 IN A 10.20.30.50
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id sleep=2
+SECTION QUESTION
+www3 IN A
+SECTION ANSWER
+www3 IN A 10.20.30.60
+ENTRY_END
+
--- /dev/null
+server:
+ verbosity: 2
+ # num-threads: 1
+ interface: 127.0.0.1
+ port: @PORT@
+ use-syslog: no
+ directory: ""
+ pidfile: "unbound.pid"
+ chroot: ""
+ username: ""
+ do-not-query-localhost: no
+forward-zone:
+ name: "."
+ forward-addr: "127.0.0.1@@TOPORT@"
+
--- /dev/null
+BaseName: fwd_ttlexpire
+Version: 1.0
+Description: forward UDP and TTL expires in the cache
+CreationDate: Wed May 9 11:08:02 CEST 2007
+Maintainer: dr. W.C.A. Wijngaards
+Category:
+Component:
+CmdDepends:
+Depends:
+Help:
+Pre: fwd_ttlexpire.pre
+Post: fwd_ttlexpire.post
+Test: fwd_ttlexpire.test
+AuxFiles:
+Passed:
+Failure:
--- /dev/null
+# #-- fwd_ttlexpire.post --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# source the test var file when it's there
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+#
+# do your teardown here
+. ../common.sh
+kill_pid $FWD_PID
+kill_pid $UNBOUND_PID
+
--- /dev/null
+# #-- fwd_ttlexpire.pre--#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+. ../common.sh
+get_random_port 2
+UNBOUND_PORT=$RND_PORT
+FWD_PORT=$(($RND_PORT + 1))
+echo "UNBOUND_PORT=$UNBOUND_PORT" >> .tpkg.var.test
+echo "FWD_PORT=$FWD_PORT" >> .tpkg.var.test
+
+# start forwarder
+get_ldns_testns
+$LDNS_TESTNS -p $FWD_PORT fwd_ttlexpire.testns >fwd.log 2>&1 &
+FWD_PID=$!
+echo "FWD_PID=$FWD_PID" >> .tpkg.var.test
+
+# make config file
+sed -e 's/@PORT\@/'$UNBOUND_PORT'/' -e 's/@TOPORT\@/'$FWD_PORT'/' < fwd_ttlexpire.conf > ub.conf
+# start unbound in the background
+PRE="../.."
+$PRE/unbound -d -c ub.conf >unbound.log 2>&1 &
+UNBOUND_PID=$!
+echo "UNBOUND_PID=$UNBOUND_PID" >> .tpkg.var.test
+
+cat .tpkg.var.test
+wait_ldns_testns_up fwd.log
+wait_unbound_up unbound.log
+
--- /dev/null
+# #-- fwd_ttlexpire.test --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+PRE="../.."
+# do the test
+echo "> dig www.example.com."
+dig @localhost -p $UNBOUND_PORT www.example.com. | tee outfile
+echo "> check answer"
+if grep "10.20.30.40" outfile; then
+ echo "OK"
+else
+ echo "Not OK"
+ exit 1
+fi
+# wait for query to expire.
+sleep 4
+# query again
+rm outfile
+echo "> dig www.example.com."
+dig @localhost -p $UNBOUND_PORT www.example.com. | tee outfile
+echo "> check answer"
+if grep "10.20.30.40" outfile; then
+ echo "OK"
+else
+ echo "Not OK"
+ exit 1
+fi
+echo "> cat logfiles"
+cat fwd.log
+cat unbound.log
+
+exit 0
--- /dev/null
+; nameserver test file
+$ORIGIN example.com.
+$TTL 3600
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id
+SECTION QUESTION
+www IN A
+SECTION ANSWER
+www 2 IN A 10.20.30.40
+ENTRY_END
+
--- /dev/null
+server:
+ verbosity: 5
+ # num-threads: 1
+ interface: 127.0.0.1
+ port: @PORT@
+ use-syslog: no
+ directory: ""
+ pidfile: "unbound.pid"
+ chroot: ""
+ username: ""
+ do-not-query-localhost: no
+forward-zone:
+ name: "."
+ forward-addr: "127.0.0.1@@TOPORT@"
+
--- /dev/null
+BaseName: fwd_udp
+Version: 1.0
+Description: Forward an UDP packet and return reply.
+CreationDate: Wed Feb 7 09:01:25 CET 2007
+Maintainer: dr. W.C.A. Wijngaards
+Category:
+Component:
+CmdDepends:
+Depends:
+Help:
+Pre: fwd_udp.pre
+Post: fwd_udp.post
+Test: fwd_udp.test
+AuxFiles:
+Passed:
+Failure:
--- /dev/null
+# #-- fwd_udp.post --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# source the test var file when it's there
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+#
+# do your teardown here
+. ../common.sh
+kill_pid $FWD_PID
+kill_pid $UNBOUND_PID
--- /dev/null
+# #-- fwd_udp.pre--#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+. ../common.sh
+get_random_port 2
+UNBOUND_PORT=$RND_PORT
+FWD_PORT=$(($RND_PORT + 1))
+echo "UNBOUND_PORT=$UNBOUND_PORT" >> .tpkg.var.test
+echo "FWD_PORT=$FWD_PORT" >> .tpkg.var.test
+
+# start forwarder
+get_ldns_testns
+$LDNS_TESTNS -p $FWD_PORT fwd_udp.testns >fwd.log 2>&1 &
+FWD_PID=$!
+echo "FWD_PID=$FWD_PID" >> .tpkg.var.test
+
+# make config file
+sed -e 's/@PORT\@/'$UNBOUND_PORT'/' -e 's/@TOPORT\@/'$FWD_PORT'/' < fwd_udp.conf > ub.conf
+# start unbound in the background
+PRE="../.."
+$PRE/unbound -d -c ub.conf >unbound.log 2>&1 &
+UNBOUND_PID=$!
+echo "UNBOUND_PID=$UNBOUND_PID" >> .tpkg.var.test
+
+cat .tpkg.var.test
+wait_ldns_testns_up fwd.log
+wait_unbound_up unbound.log
+
--- /dev/null
+# #-- fwd_udp.test --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+PRE="../.."
+# do the test
+echo "> dig www.example.com."
+dig @localhost -p $UNBOUND_PORT www.example.com. | tee outfile
+echo "> cat logfiles"
+cat fwd.log
+cat unbound.log
+echo "> check answer"
+if grep "10.20.30.40" outfile; then
+ echo "OK"
+else
+ echo "Not OK"
+ exit 1
+fi
+
+exit 0
--- /dev/null
+; nameserver test file
+$ORIGIN example.com.
+$TTL 3600
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id
+SECTION QUESTION
+www IN A
+SECTION ANSWER
+www IN A 10.20.30.40
+ENTRY_END
+
--- /dev/null
+server:
+ verbosity: 4
+ num-threads: 1
+ interface: 127.0.0.1
+ port: @PORT@
+ outgoing-range: 3
+ directory: ""
+ pidfile: "unbound.pid"
+ chroot: ""
+ username: ""
+ num-queries-per-thread: 1024
+ use-syslog: no
+ do-not-query-localhost: no
+forward-zone:
+ name: "."
+ forward-addr: "127.0.0.1@@TOPORT@"
--- /dev/null
+BaseName: fwd_udptmout
+Version: 1.0
+Description: Forward udp queries with timeouts and multiple fds
+CreationDate: Mon Apr 14 10:26:48 CEST 2008
+Maintainer: dr. W.C.A. Wijngaards
+Category:
+Component:
+CmdDepends:
+Depends:
+Help:
+Pre: fwd_udptmout.pre
+Post: fwd_udptmout.post
+Test: fwd_udptmout.test
+AuxFiles:
+Passed:
+Failure:
--- /dev/null
+# #-- fwd_udptmout.post --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# source the test var file when it's there
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+#
+# do your teardown here
+. ../common.sh
+# kill fwder
+kill_pid $FWD_PID
+
+# find all extra forked testns and kill them.
+pidlist=`fgrep "forked pid:" fwd.log | sed -e 's/forked pid: //'`
+for p in $pidlist; do
+ kill_pid $p
+done
+
+# kill unbound
+kill_pid $UNBOUND_PID
--- /dev/null
+# #-- fwd_udptmout.pre--#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+. ../common.sh
+get_random_port 2
+UNBOUND_PORT=$RND_PORT
+FWD_PORT=$(($RND_PORT + 1))
+echo "UNBOUND_PORT=$UNBOUND_PORT" >> .tpkg.var.test
+echo "FWD_PORT=$FWD_PORT" >> .tpkg.var.test
+
+# start forwarder
+get_ldns_testns
+$LDNS_TESTNS -p $FWD_PORT -f 9 fwd_udptmout.testns >fwd.log 2>&1 &
+FWD_PID=$!
+echo "FWD_PID=$FWD_PID" >> .tpkg.var.test
+
+# make config file
+sed -e 's/@PORT\@/'$UNBOUND_PORT'/' -e 's/@TOPORT\@/'$FWD_PORT'/' < fwd_udptmout.conf > ub.conf
+# start unbound in the background
+PRE="../.."
+$PRE/unbound -d -c ub.conf >unbound.log 2>&1 &
+UNBOUND_PID=$!
+echo "UNBOUND_PID=$UNBOUND_PID" >> .tpkg.var.test
+
+cat .tpkg.var.test
+wait_ldns_testns_up fwd.log
+wait_unbound_up unbound.log
+
--- /dev/null
+# #-- fwd_udptmout.test --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+PRE="../.."
+# do the test
+
+# skip the single query test
+# so that all three queries get timeouts during the later test.
+#
+#echo "> dig www1.example.com."
+#dig @localhost -p $UNBOUND_PORT www1.example.com. | tee outfile
+#echo "> cat logfiles"
+#cat fwd.log
+#cat unbound.log
+#echo "> check answer for single query"
+#if grep "10.20.30.40" outfile; then
+ #echo "OK"
+#else
+ #echo "Not OK"
+ #exit 1
+#fi
+
+echo "> do queries"
+dig @localhost -p $UNBOUND_PORT www1.example.com. >outfile1 &
+digpid1=$!
+dig @localhost -p $UNBOUND_PORT www2.example.com. >outfile2 &
+digpid2=$!
+dig @localhost -p $UNBOUND_PORT www3.example.com. >outfile3 &
+digpid3=$!
+dig @localhost -p $UNBOUND_PORT www4.example.com. >outfile4 &
+digpid4=$!
+dig @localhost -p $UNBOUND_PORT www5.example.com. >outfile5 &
+digpid5=$!
+dig @localhost -p $UNBOUND_PORT www6.example.com. >outfile6 &
+digpid6=$!
+
+sleep 15
+
+# some slow systems need more for processing
+if grep "10.20.30.40" outfile1 >/dev/null; then :; else sleep 2; fi
+if grep "10.20.30.50" outfile2 >/dev/null; then :; else sleep 2; fi
+if grep "10.20.30.60" outfile3 >/dev/null; then :; else sleep 2; fi
+if grep "10.20.30.70" outfile4 >/dev/null; then :; else sleep 2; fi
+if grep "10.20.30.80" outfile5 >/dev/null; then :; else sleep 2; fi
+if grep "10.20.30.90" outfile6 >/dev/null; then :; else sleep 2; fi
+
+kill -9 $digpid1
+kill -9 $digpid2
+kill -9 $digpid3
+kill -9 $digpid4
+kill -9 $digpid5
+kill -9 $digpid6
+
+echo "> cat outfile1"
+cat outfile1
+echo "> cat outfile2"
+cat outfile2
+echo "> cat outfile3"
+cat outfile3
+echo "> cat outfile4"
+cat outfile4
+echo "> cat outfile5"
+cat outfile5
+echo "> cat outfile6"
+cat outfile6
+echo "> cat logfiles"
+cat fwd.log
+cat unbound.log
+echo "> check answers for queries"
+if grep "10.20.30.40" outfile1; then
+ echo "1 is OK"
+else
+ echo "1 is not OK"
+ exit 1
+fi
+if grep "10.20.30.50" outfile2; then
+ echo "2 is OK"
+else
+ echo "2 is not OK"
+ exit 1
+fi
+if grep "10.20.30.60" outfile3; then
+ echo "3 is OK"
+else
+ echo "3 is not OK"
+ exit 1
+fi
+if grep "10.20.30.70" outfile4; then
+ echo "4 is OK"
+else
+ echo "4 is not OK"
+ exit 1
+fi
+if grep "10.20.30.80" outfile5; then
+ echo "5 is OK"
+else
+ echo "5 is not OK"
+ exit 1
+fi
+if grep "10.20.30.90" outfile6; then
+ echo "6 is OK"
+else
+ echo "6 is not OK"
+ exit 1
+fi
+
+exit 0
--- /dev/null
+; nameserver test file
+$ORIGIN example.com.
+$TTL 3600
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id sleep=2
+SECTION QUESTION
+www1 IN A
+SECTION ANSWER
+www1 IN A 10.20.30.40
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id sleep=2
+SECTION QUESTION
+www2 IN A
+SECTION ANSWER
+www2 IN A 10.20.30.50
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id sleep=2
+SECTION QUESTION
+www3 IN A
+SECTION ANSWER
+www3 IN A 10.20.30.60
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id sleep=2
+SECTION QUESTION
+www4 IN A
+SECTION ANSWER
+www4 IN A 10.20.30.70
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id sleep=2
+SECTION QUESTION
+www5 IN A
+SECTION ANSWER
+www5 IN A 10.20.30.80
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id sleep=2
+SECTION QUESTION
+www6 IN A
+SECTION ANSWER
+www6 IN A 10.20.30.90
+ENTRY_END
+
--- /dev/null
+server:
+ verbosity: 4
+ num-threads: 1
+ interface: 127.0.0.1
+ port: @PORT@
+ outgoing-range: 1
+ directory: ""
+ pidfile: "unbound.pid"
+ chroot: ""
+ username: ""
+ num-queries-per-thread: 1024
+ use-syslog: no
+ do-not-query-localhost: no
+forward-zone:
+ name: "."
+ forward-addr: "127.0.0.1@@TOPORT@"
--- /dev/null
+BaseName: fwd_waitudp
+Version: 1.0
+Description: Forward 3 queries, 1thr, 1fd and force a udp wait list.
+CreationDate: Mon Apr 14 10:03:28 CEST 2008
+Maintainer: dr. W.C.A. Wijngaards
+Category:
+Component:
+CmdDepends:
+Depends:
+Help:
+Pre: fwd_waitudp.pre
+Post: fwd_waitudp.post
+Test: fwd_waitudp.test
+AuxFiles:
+Passed:
+Failure:
--- /dev/null
+# #-- fwd_waitudp.post --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# source the test var file when it's there
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+#
+# do your teardown here
+. ../common.sh
+
+# kill fwder
+kill_pid $FWD_PID
+
+# find all extra forked testns and kill them.
+pidlist=`fgrep "forked pid:" fwd.log | sed -e 's/forked pid: //'`
+for p in $pidlist; do
+ kill_pid $p
+done
+
+# kill unbound
+kill_pid $UNBOUND_PID
+exit 0
--- /dev/null
+# #-- fwd_waitudp.pre--#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+. ../common.sh
+get_random_port 2
+UNBOUND_PORT=$RND_PORT
+FWD_PORT=$(($RND_PORT + 1))
+echo "UNBOUND_PORT=$UNBOUND_PORT" >> .tpkg.var.test
+echo "FWD_PORT=$FWD_PORT" >> .tpkg.var.test
+
+# start forwarder
+get_ldns_testns
+$LDNS_TESTNS -p $FWD_PORT -f 9 fwd_waitudp.testns >fwd.log 2>&1 &
+FWD_PID=$!
+echo "FWD_PID=$FWD_PID" >> .tpkg.var.test
+
+# make config file
+sed -e 's/@PORT\@/'$UNBOUND_PORT'/' -e 's/@TOPORT\@/'$FWD_PORT'/' < fwd_waitudp.conf > ub.conf
+# start unbound in the background
+PRE="../.."
+$PRE/unbound -d -c ub.conf >unbound.log 2>&1 &
+UNBOUND_PID=$!
+echo "UNBOUND_PID=$UNBOUND_PID" >> .tpkg.var.test
+
+cat .tpkg.var.test
+wait_ldns_testns_up fwd.log
+wait_unbound_up unbound.log
+
--- /dev/null
+# #-- fwd_waitudp.test --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+PRE="../.."
+# do the test
+
+# skip the single query test
+# so that all three queries get timeouts during the later test.
+#
+#echo "> dig www1.example.com."
+#dig @localhost -p $UNBOUND_PORT www1.example.com. | tee outfile
+#echo "> cat logfiles"
+#cat fwd.log
+#cat unbound.log
+#echo "> check answer for single query"
+#if grep "10.20.30.40" outfile; then
+ #echo "OK"
+#else
+ #echo "Not OK"
+ #exit 1
+#fi
+
+echo "> do three queries"
+dig @localhost -p $UNBOUND_PORT www1.example.com. >outfile1 &
+digpid1=$!
+dig @localhost -p $UNBOUND_PORT www2.example.com. >outfile2 &
+digpid2=$!
+dig @localhost -p $UNBOUND_PORT www3.example.com. >outfile3 &
+digpid3=$!
+sleep 15
+kill -9 $digpid1
+kill -9 $digpid2
+kill -9 $digpid3
+
+echo "> cat outfile1"
+cat outfile1
+echo "> cat outfile2"
+cat outfile2
+echo "> cat outfile3"
+cat outfile3
+echo "> cat logfiles"
+cat fwd.log
+cat unbound.log
+echo "> check answers for three queries"
+if grep "10.20.30.40" outfile1; then
+ echo "1 is OK"
+else
+ echo "1 is not OK"
+ exit 1
+fi
+if grep "10.20.30.50" outfile2; then
+ echo "2 is OK"
+else
+ echo "2 is not OK"
+ exit 1
+fi
+if grep "10.20.30.60" outfile3; then
+ echo "3 is OK"
+else
+ echo "3 is not OK"
+ exit 1
+fi
+
+exit 0
--- /dev/null
+; nameserver test file
+$ORIGIN example.com.
+$TTL 3600
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id sleep=1
+SECTION QUESTION
+www1 IN A
+SECTION ANSWER
+www1 IN A 10.20.30.40
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id sleep=1
+SECTION QUESTION
+www2 IN A
+SECTION ANSWER
+www2 IN A 10.20.30.50
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id sleep=1
+SECTION QUESTION
+www3 IN A
+SECTION ANSWER
+www3 IN A 10.20.30.60
+ENTRY_END
+
--- /dev/null
+server:
+ verbosity: 2
+ # num-threads: 1
+ interface: 127.0.0.1
+ port: @PORT@
+ use-syslog: no
+ directory: ""
+ pidfile: "unbound.pid"
+ chroot: ""
+ username: ""
+ do-not-query-localhost: no
+forward-zone:
+ name: "."
+ forward-addr: "127.0.0.1@@TOPORT@"
+
--- /dev/null
+BaseName: fwd_zero
+Version: 1.0
+Description: Test for zero byte UDP reply assertion fail
+CreationDate: Tue Jan 6 10:39:28 CET 2009
+Maintainer: dr. W.C.A. Wijngaards
+Category:
+Component:
+CmdDepends:
+Depends:
+Help:
+Pre: fwd_zero.pre
+Post: fwd_zero.post
+Test: fwd_zero.test
+AuxFiles:
+Passed:
+Failure:
--- /dev/null
+# #-- fwd_zero.post --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# source the test var file when it's there
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+#
+# do your teardown here
+. ../common.sh
+kill_pid $FWD_PID
+kill_pid $UNBOUND_PID
--- /dev/null
+# #-- fwd_zero.pre--#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+. ../common.sh
+get_random_port 2
+UNBOUND_PORT=$RND_PORT
+FWD_PORT=$(($RND_PORT + 1))
+echo "UNBOUND_PORT=$UNBOUND_PORT" >> .tpkg.var.test
+echo "FWD_PORT=$FWD_PORT" >> .tpkg.var.test
+
+# start forwarder
+get_ldns_testns
+$LDNS_TESTNS -p $FWD_PORT fwd_zero.testns >fwd.log 2>&1 &
+FWD_PID=$!
+echo "FWD_PID=$FWD_PID" >> .tpkg.var.test
+
+# make config file
+sed -e 's/@PORT\@/'$UNBOUND_PORT'/' -e 's/@TOPORT\@/'$FWD_PORT'/' < fwd_zero.conf > ub.conf
+# start unbound in the background
+PRE="../.."
+$PRE/unbound -d -c ub.conf >unbound.log 2>&1 &
+UNBOUND_PID=$!
+echo "UNBOUND_PID=$UNBOUND_PID" >> .tpkg.var.test
+
+cat .tpkg.var.test
+wait_ldns_testns_up fwd.log
+wait_unbound_up unbound.log
+
--- /dev/null
+# #-- fwd_zero.test --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+PRE="../.."
+
+OPT="-i"
+if nc -h 2>&1 | grep -- "-w secs" >/dev/null; then
+ OPT="-w"
+fi
+
+# send query with qname but not qtype , qclass (malformed query)
+echo "> nc www.example.com. (malformed)"
+echo "b4380100000100000000000003777777076578616d706c6503636f6d00" | xxd -r -p | nc -un $OPT 2 127.0.0.1 $UNBOUND_PORT 2>/dev/null | xxd | tee outfile
+
+# now test that server is still up
+echo "> dig www.example.com."
+dig @localhost -p $UNBOUND_PORT www.example.com. | tee outfile
+echo "> cat logfiles"
+cat fwd.log
+cat unbound.log
+echo "> check answer"
+if grep "10.20.30.40" outfile; then
+ echo "OK"
+else
+ echo "Not OK"
+ exit 1
+fi
+
+exit 0
--- /dev/null
+; nameserver test file
+$ORIGIN example.com.
+$TTL 3600
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id
+SECTION QUESTION
+www IN A
+SECTION ANSWER
+www IN A 10.20.30.40
+ENTRY_END
+
--- /dev/null
+BaseName: hostsfileosx
+Version: 1.0
+Description: Test lookup using libunbound with osx hosts file
+CreationDate: Fri May 16 13:29:39 CEST 2008
+Maintainer: dr. W.C.A. Wijngaards
+Category:
+Component:
+CmdDepends:
+Depends:
+Help:
+Pre: hostsfileosx.pre
+Post: hostsfileosx.post
+Test: hostsfileosx.test
+AuxFiles:
+Passed:
+Failure:
--- /dev/null
+# Host Database
+#
+# This file should contain the addresses and aliases for local hosts that
+# share this file. Replace 'my.domain' below with the domainname of your
+# machine.
+#
+::1 localhost localhost.my.domain
+127.0.0.1 localhost localhost.my.domain
+# from MacOSX.
+fe80::1%lo0 localhost
+255.255.255.255 broadcasthost
+# Imaginary network.
+10.0.0.2 myname.my.domain myname
+10.0.0.3 myfriend.my.domain myfriend
+10.20.30.40 virtual.virtual.virtual.local
--- /dev/null
+# #-- hostsfileosx.post --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# source the test var file when it's there
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+#
+# do your teardown here
+. ../common.sh
+kill_pid $FWD_PID
--- /dev/null
+# #-- hostsfileosx.pre--#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+. ../common.sh
+get_random_port 2
+FWD_PORT=$(($RND_PORT + 1))
+echo "FWD_PORT=$FWD_PORT" >> .tpkg.var.test
+
+# start forwarder
+get_ldns_testns
+$LDNS_TESTNS -p $FWD_PORT hostsfileosx.testns >fwd.log 2>&1 &
+FWD_PID=$!
+echo "FWD_PID=$FWD_PID" >> .tpkg.var.test
+
+cat .tpkg.var.test
+wait_ldns_testns_up fwd.log
+
--- /dev/null
+# #-- hostsfileosx.test --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+PRE="../.."
+. ../common.sh
+
+# test if fwder is up
+echo "> dig @127.0.0.1 -p $FWD_PORT www.example.com | tee outfile"
+dig @127.0.0.1 -p $FWD_PORT www.example.com | tee outfile
+if grep "10.20.30.40" outfile; then
+ echo "fwder is up"
+else
+ cat fwd.log
+ echo "fwder not up"
+ exit 1
+fi
+rm outfile
+
+# create asynclook
+get_make
+echo "> (cd $PRE ; $MAKE asynclook)"
+(cd $PRE ; $MAKE asynclook)
+if test ! -x $PRE/asynclook; then
+ echo "cannot build asynclook test program"
+ exit 1
+fi
+(cd $PRE ; $MAKE lock-verify)
+
+# check the locks.
+function locktest() {
+ if test -x $PRE/lock-verify -a -f ublocktrace.0; then
+ $PRE/lock-verify ublocktrace.*
+ if test $? -ne 0; then
+ echo "lock-verify error"
+ exit 1
+ fi
+ fi
+}
+
+
+THR=""
+if grep "undef HAVE_FORK" $PRE/config.h; then
+ THR="-t"
+fi
+
+# test hosts reading (directed at local auth info)
+echo '> $PRE/asynclook $THR -H hostsfileosx.hosts virtual.virtual.virtual.local 2>&1 | tee outfile'
+$PRE/asynclook $THR -H hostsfileosx.hosts virtual.virtual.virtual.local 2>&1 | tee outfile
+if grep "virtual.virtual.virtual.local: 10.20.30.40" outfile; then
+ echo "OK"
+else
+ echo "Not OK"
+ exit 1
+fi
+locktest
+rm outfile
+
+echo "> cat logfiles"
+cat fwd.log
+exit 0
--- /dev/null
+; nameserver test file
+$ORIGIN example.com.
+$TTL 3600
+
+; for priming query
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id
+SECTION QUESTION
+@ IN NS
+SECTION ANSWER
+@ IN NS 127.0.0.1
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id
+SECTION QUESTION
+www IN A
+SECTION ANSWER
+www IN A 10.20.30.40
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id
+SECTION QUESTION
+www2 IN A
+SECTION ANSWER
+www2 IN A 10.20.30.42
+ENTRY_END
+
--- /dev/null
+server:
+ verbosity: 2
+ # num-threads: 1
+ interface: 127.0.0.1
+ port: @PORT@
+ use-syslog: no
+ directory: ""
+ pidfile: "unbound.pid"
+ chroot: ""
+ username: ""
+ do-not-query-localhost: no
+ # trailing .
+ local-zone: "30.172.in-addr.arpa." nodefault
+ # no trailing .
+ local-zone: "29.172.in-addr.arpa" nodefault
+
+forward-zone:
+ name: "."
+ # invalid address to be sure it fails.
+ forward-addr: "127.0.0.5@@TOPORT@"
+forward-zone:
+ name: "30.172.in-addr.arpa"
+ forward-addr: "127.0.0.1@@TOPORT@"
+forward-zone:
+ name: "29.172.in-addr.arpa"
+ forward-addr: "127.0.0.1@@TOPORT@"
+
--- /dev/null
+BaseName: local_nodefault
+Version: 1.0
+Description: Create a stub zone to replace a default local zone
+CreationDate: Tue Jun 3 14:08:00 CEST 2008
+Maintainer: dr. W.C.A. Wijngaards
+Category:
+Component:
+CmdDepends:
+Depends:
+Help:
+Pre: local_nodefault.pre
+Post: local_nodefault.post
+Test: local_nodefault.test
+AuxFiles:
+Passed:
+Failure:
--- /dev/null
+# #-- local_nodefault.post --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# source the test var file when it's there
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+#
+# do your teardown here
+. ../common.sh
+kill_pid $FWD_PID
+kill_pid $UNBOUND_PID
+
--- /dev/null
+# #-- local_nodefault.pre--#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+. ../common.sh
+get_random_port 2
+UNBOUND_PORT=$RND_PORT
+FWD_PORT=$(($RND_PORT + 1))
+echo "UNBOUND_PORT=$UNBOUND_PORT" >> .tpkg.var.test
+echo "FWD_PORT=$FWD_PORT" >> .tpkg.var.test
+
+# start forwarder
+get_ldns_testns
+$LDNS_TESTNS -p $FWD_PORT local_nodefault.testns >fwd.log 2>&1 &
+FWD_PID=$!
+echo "FWD_PID=$FWD_PID" >> .tpkg.var.test
+
+# make config file
+sed -e 's/@PORT\@/'$UNBOUND_PORT'/' -e 's/@TOPORT\@/'$FWD_PORT'/' < local_nodefault.conf > ub.conf
+# start unbound in the background
+PRE="../.."
+$PRE/unbound -d -c ub.conf >unbound.log 2>&1 &
+UNBOUND_PID=$!
+echo "UNBOUND_PID=$UNBOUND_PID" >> .tpkg.var.test
+
+cat .tpkg.var.test
+wait_ldns_testns_up fwd.log
+wait_unbound_up unbound.log
+
--- /dev/null
+# #-- local_nodefault.test --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+PRE="../.."
+
+# this one should have NXDOMAIN builtin
+#
+echo "> dig 1.0.31.172.in-addr.arpa."
+dig @localhost -p $UNBOUND_PORT 1.0.31.172.in-addr.arpa. | tee outfile
+echo "> cat logfiles"
+cat fwd.log
+cat unbound.log
+echo "> check answer"
+if grep "NXDOMAIN" outfile; then
+ echo "OK for a blocked by default zone"
+else
+ echo "Not OK"
+ exit 1
+fi
+
+# this one should give our own data as the reply
+echo "> dig 1.0.30.172.in-addr.arpa."
+dig @localhost -p $UNBOUND_PORT 1.0.30.172.in-addr.arpa. | tee outfile
+echo "> cat logfiles"
+cat fwd.log
+cat unbound.log
+echo "> check answer"
+if grep "10.20.30.40" outfile; then
+ echo "OK for nodefault zone"
+else
+ echo "Not OK"
+ exit 1
+fi
+
+# this one should give our own data as the reply
+# but different trailing dot in unbound.conf file
+echo "> dig 1.0.29.172.in-addr.arpa."
+dig @localhost -p $UNBOUND_PORT 1.0.29.172.in-addr.arpa. | tee outfile
+echo "> cat logfiles"
+cat fwd.log
+cat unbound.log
+echo "> check answer"
+if grep "10.20.30.42" outfile; then
+ echo "OK for nodefault zone"
+else
+ echo "Not OK"
+ exit 1
+fi
+
+exit 0
--- /dev/null
+; nameserver test file
+$ORIGIN 30.172.in-addr.arpa.
+$TTL 3600
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id
+SECTION QUESTION
+1.0 IN A
+SECTION ANSWER
+1.0 IN A 10.20.30.40
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id
+SECTION QUESTION
+1.0.29.172.in-addr.arpa. IN A
+SECTION ANSWER
+1.0.29.172.in-addr.arpa. IN A 10.20.30.42
+ENTRY_END
+
--- /dev/null
+server:
+ verbosity: 2
+ # num-threads: 1
+ interface: 127.0.0.1
+ port: @PORT@
+ use-syslog: no
+ directory: ""
+ pidfile: "unbound.pid"
+ chroot: ""
+ username: ""
+ do-not-query-localhost: no
+
+ local-data: "foo.example.com. A 1.1.1.1"
+
+ access-control: 0.0.0.0/0 allow_snoop
+ access-control: 127.0.0.0/8 allow_snoop
+ access-control: ::0/0 allow_snoop
+ access-control: ::1 allow_snoop
+ access-control: ::ffff:127.0.0.1 allow_snoop
+
+forward-zone:
+ name: "."
+ forward-addr: "127.0.0.1@@TOPORT@"
+
--- /dev/null
+BaseName: local_norec
+Version: 1.0
+Description: Local-data and access control allow_snoop test.
+CreationDate: Mon Sep 1 14:26:00 CEST 2008
+Maintainer: dr. W.C.A. Wijngaards
+Category:
+Component:
+CmdDepends:
+Depends:
+Help:
+Pre: local_norec.pre
+Post: local_norec.post
+Test: local_norec.test
+AuxFiles:
+Passed:
+Failure:
--- /dev/null
+# #-- local_norec.post --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# source the test var file when it's there
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+#
+# do your teardown here
+. ../common.sh
+kill_pid $FWD_PID
+kill_pid $UNBOUND_PID
--- /dev/null
+# #-- local_norec.pre--#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+. ../common.sh
+get_random_port 2
+UNBOUND_PORT=$RND_PORT
+FWD_PORT=$(($RND_PORT + 1))
+echo "UNBOUND_PORT=$UNBOUND_PORT" >> .tpkg.var.test
+echo "FWD_PORT=$FWD_PORT" >> .tpkg.var.test
+
+# start forwarder
+get_ldns_testns
+$LDNS_TESTNS -p $FWD_PORT local_norec.testns >fwd.log 2>&1 &
+FWD_PID=$!
+echo "FWD_PID=$FWD_PID" >> .tpkg.var.test
+
+# make config file
+sed -e 's/@PORT\@/'$UNBOUND_PORT'/' -e 's/@TOPORT\@/'$FWD_PORT'/' < local_norec.conf > ub.conf
+# start unbound in the background
+PRE="../.."
+$PRE/unbound -d -c ub.conf >unbound.log 2>&1 &
+UNBOUND_PID=$!
+echo "UNBOUND_PID=$UNBOUND_PID" >> .tpkg.var.test
+
+cat .tpkg.var.test
+wait_ldns_testns_up fwd.log
+wait_unbound_up unbound.log
+
--- /dev/null
+# #-- local_norec.test --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+PRE="../.."
+# do the test
+#
+# www.example.com is available through recursion.
+# foo.example.com is available through local-data (and recursion...).
+#
+echo "> dig www.example.com. +RD"
+dig @localhost -p $UNBOUND_PORT www.example.com. | tee outfile
+echo "> cat logfiles"
+cat fwd.log
+cat unbound.log
+echo "> check answer"
+if grep "10.20.30.40" outfile; then
+ echo "OK"
+else
+ echo "Not OK"
+ exit 1
+fi
+
+echo "> dig www.example.com. +norec"
+dig @localhost +norec -p $UNBOUND_PORT www.example.com. | tee outfile
+echo "> cat logfiles"
+cat fwd.log
+cat unbound.log
+echo "> check answer"
+if grep "10.20.30.40" outfile; then
+ echo "OK"
+else
+ echo "Not OK"
+ exit 1
+fi
+
+echo "> dig foo.example.com. +RD"
+dig @localhost -p $UNBOUND_PORT foo.example.com. | tee outfile
+echo "> cat logfiles"
+cat fwd.log
+cat unbound.log
+echo "> check answer"
+if grep "1.1.1.1" outfile; then
+ echo "OK"
+else
+ echo "Not OK"
+ exit 1
+fi
+
+echo "> dig foo.example.com. +norec"
+dig @localhost +norec -p $UNBOUND_PORT foo.example.com. | tee outfile
+echo "> cat logfiles"
+cat fwd.log
+cat unbound.log
+echo "> check answer"
+if grep "1.1.1.1" outfile; then
+ echo "OK"
+else
+ echo "Not OK"
+ exit 1
+fi
+
+exit 0
--- /dev/null
+; nameserver test file
+$ORIGIN example.com.
+$TTL 3600
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id
+SECTION QUESTION
+www IN A
+SECTION ANSWER
+www IN A 10.20.30.40
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id
+SECTION QUESTION
+foo IN A
+SECTION ANSWER
+foo IN A 10.20.30.50
+ENTRY_END
+
--- /dev/null
+server:
+ verbosity: 2
+ # num-threads: 1
+ interface: 127.0.0.1
+ port: @PORT@
+ use-syslog: no
+ directory: ""
+ pidfile: "unbound.pid"
+ chroot: ""
+ username: ""
+ do-not-query-localhost: no
+
+ local-data: "foo.example.com. A 1.1.1.1"
+
+ access-control: 0.0.0.0/0 allow
+ access-control: 127.0.0.0/8 allow
+ access-control: ::0/0 allow
+ access-control: ::1 allow
+ access-control: ::ffff:127.0.0.1 allow
+
+forward-zone:
+ name: "."
+ forward-addr: "127.0.0.1@@TOPORT@"
+
--- /dev/null
+BaseName: local_nosnoop
+Version: 1.0
+Description: Local-data and access control allow no snoop test.
+CreationDate: Mon Sep 1 14:36:53 CEST 2008
+Maintainer: dr. W.C.A. Wijngaards
+Category:
+Component:
+CmdDepends:
+Depends:
+Help:
+Pre: local_nosnoop.pre
+Post: local_nosnoop.post
+Test: local_nosnoop.test
+AuxFiles:
+Passed:
+Failure:
--- /dev/null
+# #-- local_nosnoop.post --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# source the test var file when it's there
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+#
+# do your teardown here
+. ../common.sh
+kill_pid $FWD_PID
+kill_pid $UNBOUND_PID
--- /dev/null
+# #-- local_nosnoop.pre--#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+. ../common.sh
+get_random_port 2
+UNBOUND_PORT=$RND_PORT
+FWD_PORT=$(($RND_PORT + 1))
+echo "UNBOUND_PORT=$UNBOUND_PORT" >> .tpkg.var.test
+echo "FWD_PORT=$FWD_PORT" >> .tpkg.var.test
+
+# start forwarder
+get_ldns_testns
+$LDNS_TESTNS -p $FWD_PORT local_nosnoop.testns >fwd.log 2>&1 &
+FWD_PID=$!
+echo "FWD_PID=$FWD_PID" >> .tpkg.var.test
+
+# make config file
+sed -e 's/@PORT\@/'$UNBOUND_PORT'/' -e 's/@TOPORT\@/'$FWD_PORT'/' < local_nosnoop.conf > ub.conf
+# start unbound in the background
+PRE="../.."
+$PRE/unbound -d -c ub.conf >unbound.log 2>&1 &
+UNBOUND_PID=$!
+echo "UNBOUND_PID=$UNBOUND_PID" >> .tpkg.var.test
+
+cat .tpkg.var.test
+wait_ldns_testns_up fwd.log
+wait_unbound_up unbound.log
+
--- /dev/null
+# #-- local_nosnoop.test --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+PRE="../.."
+# do the test
+#
+# www.example.com is available through recursion.
+# foo.example.com is available through local-data (and recursion...).
+#
+# so, with 'allow' the cache snoop stops working:
+# dig +norec for www does not work any more.
+#
+echo "> dig www.example.com. +RD"
+dig @localhost -p $UNBOUND_PORT www.example.com. | tee outfile
+echo "> cat logfiles"
+cat fwd.log
+cat unbound.log
+echo "> check answer"
+if grep "10.20.30.40" outfile; then
+ echo "OK"
+else
+ echo "Not OK"
+ exit 1
+fi
+
+echo "> dig www.example.com. +norec"
+dig @localhost +norec -p $UNBOUND_PORT www.example.com. | tee outfile
+echo "> cat logfiles"
+cat fwd.log
+cat unbound.log
+echo "> check answer"
+if grep "REFUSED" outfile; then
+ echo "OK rcode"
+else
+ echo "Not OK rcode"
+ exit 1
+fi
+
+if grep "10.20.30.40" outfile; then
+ echo "Not OK"
+ exit 1
+else
+ echo "OK"
+fi
+
+echo "> dig foo.example.com. +RD"
+dig @localhost -p $UNBOUND_PORT foo.example.com. | tee outfile
+echo "> cat logfiles"
+cat fwd.log
+cat unbound.log
+echo "> check answer"
+if grep "1.1.1.1" outfile; then
+ echo "OK"
+else
+ echo "Not OK"
+ exit 1
+fi
+
+echo "> dig foo.example.com. +norec"
+dig @localhost +norec -p $UNBOUND_PORT foo.example.com. | tee outfile
+echo "> cat logfiles"
+cat fwd.log
+cat unbound.log
+echo "> check answer"
+if grep "1.1.1.1" outfile; then
+ echo "OK"
+else
+ echo "Not OK"
+ exit 1
+fi
+
+exit 0
--- /dev/null
+; nameserver test file
+$ORIGIN example.com.
+$TTL 3600
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id
+SECTION QUESTION
+www IN A
+SECTION ANSWER
+www IN A 10.20.30.40
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id
+SECTION QUESTION
+foo IN A
+SECTION ANSWER
+foo IN A 10.20.30.50
+ENTRY_END
+
--- /dev/null
+BaseName: nss_compile
+Version: 1.0
+Description: Compile with NSS
+CreationDate: Fri Feb 8 14:40:28 CET 2013
+Maintainer: Wouter Wijngaards
+Category:
+Component:
+CmdDepends:
+Depends:
+Help:
+Pre:
+Post:
+Test: nss_compile.test
+AuxFiles:
+Passed:
+Failure:
--- /dev/null
+# #-- nss_compile.test --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+if test "`hostname`" = "open.nlnetlabs.nl"; then
+ echo "on open, continue test"
+else
+ echo "not on open, no test, do this explicitly"
+ exit 0
+fi
+
+. ../common.sh
+get_make
+PRE="../.."
+
+opts=`$PRE/unbound -h | grep configured | sed -e 's/^.*options: //' | sed -e "s/'//g" `
+
+function error_exit ()
+{
+ cat config.log
+ echo "$1"
+ exit 1
+}
+
+mkdir testdata
+cp $PRE/testdata/*.rpl testdata/.
+cp $PRE/testdata/test* testdata/.
+
+echo ">>> $PRE/configure $opts --without-ssl --with-nss --with-libunbound-only LDFLAGS=-L/usr/local/lib/nss" 'CPPFLAGS="-I/usr/local/include/nss/nss -I/usr/local/include/nspr"'
+$PRE/configure $opts --without-ssl --with-nss --with-libunbound-only LDFLAGS=-L/usr/local/lib/nss CPPFLAGS="-I/usr/local/include/nss/nss -I/usr/local/include/nspr" || error_exit "could not configure"
+echo ">>> $MAKE"
+$MAKE || error_exit "could not make"
+echo ">>> $MAKE test"
+$MAKE test || error_exit "could not make test"
+
+exit 0
--- /dev/null
+server:
+ verbosity: 2
+ # num-threads: 1
+ #port: @PORT@
+ use-syslog: no
+ directory: ""
+ pidfile: "unbound.pid"
+ chroot: ""
+ username: ""
+ do-not-query-localhost: no
+ module-config: "validator iterator"
+
+#python:
+ #python-script: "pylib.py"
+
+forward-zone:
+ name: "."
+ forward-addr: "127.0.0.1@@TOPORT@"
+
--- /dev/null
+BaseName: pylib
+Version: 1.0
+Description: Test python wrapper for libunbound
+CreationDate: Mon Apr 6 12:33:31 CEST 2009
+Maintainer: dr. W.C.A. Wijngaards
+Category:
+Component:
+CmdDepends:
+Depends:
+Help:
+Pre: pylib.pre
+Post: pylib.post
+Test: pylib.test
+AuxFiles:
+Passed:
+Failure:
--- /dev/null
+#!/usr/bin/env python
+'''
+Test for unbound lookup.
+BSD licensed.
+'''
+import unbound
+
+ctx = unbound.ub_ctx()
+status = ctx.config("ub.conf")
+if status != 0:
+ print "read config failed ", status
+ exit(1)
+
+print "config created"
+
+status, result = ctx.resolve("www.example.com", unbound.RR_TYPE_A, unbound.RR_CLASS_IN);
+if status == 0 and result.havedata:
+ print "Result: ", result.data.address_list
+else:
+ print "Failed ", status, " and data ", result
+
+ctx = None
+
+exit(0)
--- /dev/null
+# #-- pylib.post --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# source the test var file when it's there
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+#
+# do your teardown here
+
+PRE="../.."
+. ../common.sh
+# if no python; exit
+if grep "define WITH_PYUNBOUND 1" $PRE/config.h; then
+ echo "have python module"
+else
+ echo "no python module"
+ exit 0
+fi
+
+# kill fwder
+kill_pid $FWD_PID
--- /dev/null
+# #-- pylib.pre--#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+PRE="../.."
+. ../common.sh
+# if no python; exit
+if grep "define WITH_PYUNBOUND 1" $PRE/config.h; then
+ echo "have python module"
+else
+ echo "no python module"
+ exit 0
+fi
+# get module python local
+cp $PRE/pythonmod/unboundmodule.py .
+
+get_random_port 2
+UNBOUND_PORT=$RND_PORT
+FWD_PORT=$(($RND_PORT + 1))
+echo "UNBOUND_PORT=$UNBOUND_PORT" >> .tpkg.var.test
+echo "FWD_PORT=$FWD_PORT" >> .tpkg.var.test
+
+# start forwarder
+get_ldns_testns
+$LDNS_TESTNS -p $FWD_PORT pylib.testns >fwd.log 2>&1 &
+FWD_PID=$!
+echo "FWD_PID=$FWD_PID" >> .tpkg.var.test
+
+# modify config file
+sed -e 's/@PORT\@/'$UNBOUND_PORT'/' -e 's/@TOPORT\@/'$FWD_PORT'/' < pylib.conf > ub.conf
+
+cat .tpkg.var.test
+wait_ldns_testns_up fwd.log
+
--- /dev/null
+# -*- coding: utf-8 -*-
+'''
+ ubmodule-msg.py: simple response packet logger
+
+ Authors: Zdenek Vasicek (vasicek AT fit.vutbr.cz)
+ Marek Vavrusa (xvavru00 AT stud.fit.vutbr.cz)
+
+ Copyright (c) 2008. All rights reserved.
+
+ This software is open source.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+
+ Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ Redistributions in binary form must reproduce the above copyright notice,
+ this list of conditions and the following disclaimer in the documentation
+ and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE
+ LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+
+ Modified for unit test by Wouter Wijngaards, NLnet Labs, 2009.
+'''
+import os
+
+def init(id, cfg):
+ log_info("pythonmod: init called, module id is %d port: %d script: %s" % (id, cfg.port, cfg.python_script))
+ return True
+
+def deinit(id):
+ log_info("pythonmod: deinit called, module id is %d" % id)
+ return True
+
+def inform_super(id, qstate, superqstate, qdata):
+ return True
+
+def setTTL(qstate, ttl):
+ """Sets return_msg TTL and all the RRs TTL"""
+ if qstate.return_msg:
+ qstate.return_msg.rep.ttl = ttl
+ if (qstate.return_msg.rep):
+ for i in range(0,qstate.return_msg.rep.rrset_count):
+ d = qstate.return_msg.rep.rrsets[i].entry.data
+ for j in range(0,d.count+d.rrsig_count):
+ d.rr_ttl[j] = ttl
+
+def dataHex(data, prefix=""):
+ res = ""
+ for i in range(0, (len(data)+15)/16):
+ res += "%s0x%02X | " % (prefix, i*16)
+ d = map(lambda x:ord(x), data[i*16:i*16+17])
+ for ch in d:
+ res += "%02X " % ch
+ for i in range(0,17-len(d)):
+ res += " "
+ res += "| "
+ for ch in d:
+ if (ch < 32) or (ch > 127):
+ res += ". "
+ else:
+ res += "%c " % ch
+ res += "\n"
+ return res
+
+def printReturnMsg(qstate):
+ print "Return MSG rep :: flags: %04X, QDcount: %d, Security:%d, TTL=%d" % (qstate.return_msg.rep.flags, qstate.return_msg.rep.qdcount,qstate.return_msg.rep.security, qstate.return_msg.rep.ttl)
+ print " qinfo :: qname:",qstate.return_msg.qinfo.qname_list, qstate.return_msg.qinfo.qname_str, "type:",qstate.return_msg.qinfo.qtype_str, "class:",qstate.return_msg.qinfo.qclass_str
+ if (qstate.return_msg.rep):
+ print "RRSets:",qstate.return_msg.rep.rrset_count
+ prevkey = None
+ for i in range(0,qstate.return_msg.rep.rrset_count):
+ r = qstate.return_msg.rep.rrsets[i]
+ rk = r.rk
+ print i,":",rk.dname_list, rk.dname_str, "flags: %04X" % rk.flags,
+ print "type:",rk.type_str,"(%d)" % ntohs(rk.type), "class:",rk.rrset_class_str,"(%d)" % ntohs(rk.rrset_class)
+
+ d = r.entry.data
+ print " RRDatas:",d.count+d.rrsig_count
+ for j in range(0,d.count+d.rrsig_count):
+ print " ",j,":","TTL=",d.rr_ttl[j],"RR data:"
+ print dataHex(d.rr_data[j]," ")
+
+
+def operate(id, event, qstate, qdata):
+ log_info("pythonmod: operate called, id: %d, event:%s" % (id, strmodulevent(event)))
+ #print "pythonmod: per query data", qdata
+
+ print "Query:", ''.join(map(lambda x:chr(max(32,ord(x))),qstate.qinfo.qname)), qstate.qinfo.qname_list, qstate.qinfo.qname_str,
+ print "Type:",qstate.qinfo.qtype_str,"(%d)" % qstate.qinfo.qtype,
+ print "Class:",qstate.qinfo.qclass_str,"(%d)" % qstate.qinfo.qclass
+ print
+
+ if (event == MODULE_EVENT_NEW or event == MODULE_EVENT_PASS) and (qstate.qinfo.qname_str.endswith("www2.example.com.")):
+ print qstate.qinfo.qname_str
+
+ qstate.ext_state[id] = MODULE_FINISHED
+
+ msg = DNSMessage(qstate.qinfo.qname_str, RR_TYPE_A, RR_CLASS_IN, PKT_QR | PKT_RA | PKT_AA) #, 300)
+ #msg.authority.append("xxx.seznam.cz. 10 IN A 192.168.1.1")
+ #msg.additional.append("yyy.seznam.cz. 10 IN A 1.1.1.2.")
+
+ # answer can be returned to the client without further checking.
+
+ if qstate.qinfo.qtype == RR_TYPE_A:
+ msg.answer.append("%s 10 IN A 192.168.1.1" % qstate.qinfo.qname_str)
+ if (qstate.qinfo.qtype == RR_TYPE_SRV) or (qstate.qinfo.qtype == RR_TYPE_ANY):
+ msg.answer.append("%s 10 IN SRV 0 0 80 neinfo.example.com." % qstate.qinfo.qname_str)
+ if (qstate.qinfo.qtype == RR_TYPE_TXT) or (qstate.qinfo.qtype == RR_TYPE_ANY):
+ msg.answer.append("%s 10 IN TXT path=/" % qstate.qinfo.qname_str)
+
+ if not msg.set_return_msg(qstate):
+ qstate.ext_state[id] = MODULE_ERROR
+ return True
+
+ #qstate.return_msg.rep.security = 2 #pokud nebude nasledovat validator, je zapotrebi nastavit security, aby nebyl paket zahozen v mesh_send_reply
+ printReturnMsg(qstate)
+
+ #Authoritative result can't be stored in cache
+ #if (not storeQueryInCache(qstate, qstate.return_msg.qinfo, qstate.return_msg.rep, 0)):
+ # print "Can't store in cache"
+ # qstate.ext_state[id] = MODULE_ERROR
+ # return False
+ #print "Store OK"
+
+ qstate.return_rcode = RCODE_NOERROR
+ return True
+
+ if event == MODULE_EVENT_NEW:
+ qstate.ext_state[id] = MODULE_WAIT_MODULE
+ return True
+
+ if event == MODULE_EVENT_MODDONE:
+ log_info("pythonmod: previous module done")
+ qstate.ext_state[id] = MODULE_FINISHED
+ return True
+
+ if event == MODULE_EVENT_PASS:
+ log_info("pythonmod: event_pass")
+ qstate.ext_state[id] = MODULE_WAIT_MODULE
+ return True
+
+ log_err("pythonmod: BAD event")
+ qstate.ext_state[id] = MODULE_ERROR
+ return True
+
+log_info("pythonmod: script loaded.")
--- /dev/null
+# #-- pylib.test --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+PRE="../.."
+if grep "define WITH_PYUNBOUND 1" $PRE/config.h; then
+ echo "have python module"
+else
+ echo "no python module"
+ exit 0
+fi
+
+if test "`uname 2>&1`" = "Darwin"; then
+ echo export DYLD_LIBRARY_PATH="$DYLD_LIBRARY_PATH:../../.libs"
+ export DYLD_LIBRARY_PATH="$DYLD_LIBRARY_PATH:../../.libs"
+fi
+#echo export LD_LIBRARY_PATH="$LD_LIBRARY_PATH:../../.libs:."
+#export LD_LIBRARY_PATH="$LD_LIBRARY_PATH:../../.libs:."
+
+cp $PRE/libunbound/python/unbound.py .
+cp $PRE/.libs/_unbound* .
+cp $PRE/.libs/libunbound* .
+
+# do the test
+echo "> pylib.lookup.py www.example.com."
+./pylib.lookup.py www.example.com. | tee outfile
+
+echo "> cat logfiles"
+cat fwd.log
+echo "> check answer"
+if grep "10.20.30.40" outfile; then
+ echo "OK"
+else
+ echo "Not OK"
+ exit 1
+fi
+
+exit 0
--- /dev/null
+; nameserver test file
+$ORIGIN example.com.
+$TTL 3600
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id
+SECTION QUESTION
+www IN A
+SECTION ANSWER
+www IN A 10.20.30.40
+ENTRY_END
+
--- /dev/null
+server:
+ verbosity: 2
+ # num-threads: 1
+ port: @PORT@
+ use-syslog: no
+ directory: ""
+ pidfile: "unbound.pid"
+ chroot: ""
+ username: ""
+ do-not-query-localhost: no
+ module-config: "validator python iterator"
+
+python:
+ python-script: "pymod.py"
+
+forward-zone:
+ name: "."
+ forward-addr: "127.0.0.1@@TOPORT@"
+
--- /dev/null
+BaseName: pymod
+Version: 1.0
+Description: Test python module
+CreationDate: Thu Apr 2 12:50:50 CEST 2009
+Maintainer: dr. W.C.A. Wijngaards
+Category:
+Component:
+CmdDepends:
+Depends:
+Help:
+Pre: pymod.pre
+Post: pymod.post
+Test: pymod.test
+AuxFiles:
+Passed:
+Failure:
--- /dev/null
+# #-- pymod.post --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# source the test var file when it's there
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+#
+# do your teardown here
+
+PRE="../.."
+. ../common.sh
+# if no python; exit
+if grep "define WITH_PYTHONMODULE 1" $PRE/config.h; then
+ echo "have python module"
+else
+ echo "no python module"
+ exit 0
+fi
+
+kill_pid $FWD_PID
+kill_pid $UNBOUND_PID
--- /dev/null
+# #-- pymod.pre--#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+PRE="../.."
+. ../common.sh
+# if no python; exit
+if grep "define WITH_PYTHONMODULE 1" $PRE/config.h; then
+ echo "have python module"
+else
+ echo "no python module"
+ exit 0
+fi
+# get module python local
+cp $PRE/pythonmod/unboundmodule.py .
+
+if test "`uname 2>&1`" = "Darwin"; then
+ ldnsdir=`grep ldnsdir= ../../Makefile | sed -e 's/ldnsdir=//'`
+ echo export DYLD_LIBRARY_PATH="$DYLD_LIBRARY_PATH:$ldnsdir/lib:../../.libs"
+ export DYLD_LIBRARY_PATH="$DYLD_LIBRARY_PATH:$ldnsdir/lib:../../.libs"
+fi
+
+get_random_port 2
+UNBOUND_PORT=$RND_PORT
+FWD_PORT=$(($RND_PORT + 1))
+echo "UNBOUND_PORT=$UNBOUND_PORT" >> .tpkg.var.test
+echo "FWD_PORT=$FWD_PORT" >> .tpkg.var.test
+
+# make config file
+sed -e 's/@PORT\@/'$UNBOUND_PORT'/' -e 's/@TOPORT\@/'$FWD_PORT'/' < pymod.conf > ub.conf
+
+# see if config file verifies
+if $PRE/unbound-checkconf ub.conf 2>&1; then
+ echo "checkconf OK"
+else
+ echo "checkconf failed"
+ exit 1
+fi
+
+# start forwarder
+get_ldns_testns
+$LDNS_TESTNS -p $FWD_PORT pymod.testns >fwd.log 2>&1 &
+FWD_PID=$!
+echo "FWD_PID=$FWD_PID" >> .tpkg.var.test
+
+# start unbound in the background
+$PRE/unbound -d -c ub.conf >unbound.log 2>&1 &
+UNBOUND_PID=$!
+echo "UNBOUND_PID=$UNBOUND_PID" >> .tpkg.var.test
+
+cat .tpkg.var.test
+wait_ldns_testns_up fwd.log
+wait_unbound_up unbound.log
+
--- /dev/null
+# -*- coding: utf-8 -*-
+'''
+ ubmodule-msg.py: simple response packet logger
+
+ Authors: Zdenek Vasicek (vasicek AT fit.vutbr.cz)
+ Marek Vavrusa (xvavru00 AT stud.fit.vutbr.cz)
+
+ Copyright (c) 2008. All rights reserved.
+
+ This software is open source.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+
+ Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ Redistributions in binary form must reproduce the above copyright notice,
+ this list of conditions and the following disclaimer in the documentation
+ and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE
+ LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+
+ Modified for unit test by Wouter Wijngaards, NLnet Labs, 2009.
+'''
+import os
+
+def init(id, cfg):
+ log_info("pythonmod: init called, module id is %d port: %d script: %s" % (id, cfg.port, cfg.python_script))
+ return True
+
+def deinit(id):
+ log_info("pythonmod: deinit called, module id is %d" % id)
+ return True
+
+def inform_super(id, qstate, superqstate, qdata):
+ return True
+
+def setTTL(qstate, ttl):
+ """Sets return_msg TTL and all the RRs TTL"""
+ if qstate.return_msg:
+ qstate.return_msg.rep.ttl = ttl
+ if (qstate.return_msg.rep):
+ for i in range(0,qstate.return_msg.rep.rrset_count):
+ d = qstate.return_msg.rep.rrsets[i].entry.data
+ for j in range(0,d.count+d.rrsig_count):
+ d.rr_ttl[j] = ttl
+
+def dataHex(data, prefix=""):
+ res = ""
+ for i in range(0, (len(data)+15)/16):
+ res += "%s0x%02X | " % (prefix, i*16)
+ d = map(lambda x:ord(x), data[i*16:i*16+17])
+ for ch in d:
+ res += "%02X " % ch
+ for i in range(0,17-len(d)):
+ res += " "
+ res += "| "
+ for ch in d:
+ if (ch < 32) or (ch > 127):
+ res += ". "
+ else:
+ res += "%c " % ch
+ res += "\n"
+ return res
+
+def printReturnMsg(qstate):
+ print "Return MSG rep :: flags: %04X, QDcount: %d, Security:%d, TTL=%d" % (qstate.return_msg.rep.flags, qstate.return_msg.rep.qdcount,qstate.return_msg.rep.security, qstate.return_msg.rep.ttl)
+ print " qinfo :: qname:",qstate.return_msg.qinfo.qname_list, qstate.return_msg.qinfo.qname_str, "type:",qstate.return_msg.qinfo.qtype_str, "class:",qstate.return_msg.qinfo.qclass_str
+ if (qstate.return_msg.rep):
+ print "RRSets:",qstate.return_msg.rep.rrset_count
+ prevkey = None
+ for i in range(0,qstate.return_msg.rep.rrset_count):
+ r = qstate.return_msg.rep.rrsets[i]
+ rk = r.rk
+ print i,":",rk.dname_list, rk.dname_str, "flags: %04X" % rk.flags,
+ print "type:",rk.type_str,"(%d)" % ntohs(rk.type), "class:",rk.rrset_class_str,"(%d)" % ntohs(rk.rrset_class)
+
+ d = r.entry.data
+ print " RRDatas:",d.count+d.rrsig_count
+ for j in range(0,d.count+d.rrsig_count):
+ print " ",j,":","TTL=",d.rr_ttl[j],"RR data:"
+ print dataHex(d.rr_data[j]," ")
+
+
+def operate(id, event, qstate, qdata):
+ log_info("pythonmod: operate called, id: %d, event:%s" % (id, strmodulevent(event)))
+ #print "pythonmod: per query data", qdata
+
+ print "Query:", ''.join(map(lambda x:chr(max(32,ord(x))),qstate.qinfo.qname)), qstate.qinfo.qname_list, qstate.qinfo.qname_str,
+ print "Type:",qstate.qinfo.qtype_str,"(%d)" % qstate.qinfo.qtype,
+ print "Class:",qstate.qinfo.qclass_str,"(%d)" % qstate.qinfo.qclass
+ print
+
+ if (event == MODULE_EVENT_NEW or event == MODULE_EVENT_PASS) and (qstate.qinfo.qname_str.endswith("www2.example.com.")):
+ print qstate.qinfo.qname_str
+
+ qstate.ext_state[id] = MODULE_FINISHED
+
+ msg = DNSMessage(qstate.qinfo.qname_str, RR_TYPE_A, RR_CLASS_IN, PKT_QR | PKT_RA | PKT_AA) #, 300)
+ #msg.authority.append("xxx.seznam.cz. 10 IN A 192.168.1.1")
+ #msg.additional.append("yyy.seznam.cz. 10 IN A 1.1.1.2.")
+
+ # answer can be returned to the client without further checking.
+
+ if qstate.qinfo.qtype == RR_TYPE_A:
+ msg.answer.append("%s 10 IN A 192.168.1.1" % qstate.qinfo.qname_str)
+ if (qstate.qinfo.qtype == RR_TYPE_SRV) or (qstate.qinfo.qtype == RR_TYPE_ANY):
+ msg.answer.append("%s 10 IN SRV 0 0 80 neinfo.example.com." % qstate.qinfo.qname_str)
+ if (qstate.qinfo.qtype == RR_TYPE_TXT) or (qstate.qinfo.qtype == RR_TYPE_ANY):
+ msg.answer.append("%s 10 IN TXT path=/" % qstate.qinfo.qname_str)
+
+ if not msg.set_return_msg(qstate):
+ qstate.ext_state[id] = MODULE_ERROR
+ return True
+
+ #qstate.return_msg.rep.security = 2 #pokud nebude nasledovat validator, je zapotrebi nastavit security, aby nebyl paket zahozen v mesh_send_reply
+ printReturnMsg(qstate)
+
+ #Authoritative result can't be stored in cache
+ #if (not storeQueryInCache(qstate, qstate.return_msg.qinfo, qstate.return_msg.rep, 0)):
+ # print "Can't store in cache"
+ # qstate.ext_state[id] = MODULE_ERROR
+ # return False
+ #print "Store OK"
+
+ qstate.return_rcode = RCODE_NOERROR
+ return True
+
+ if event == MODULE_EVENT_NEW:
+ qstate.ext_state[id] = MODULE_WAIT_MODULE
+ return True
+
+ if event == MODULE_EVENT_MODDONE:
+ log_info("pythonmod: previous module done")
+ qstate.ext_state[id] = MODULE_FINISHED
+ return True
+
+ if event == MODULE_EVENT_PASS:
+ log_info("pythonmod: event_pass")
+ qstate.ext_state[id] = MODULE_WAIT_MODULE
+ return True
+
+ log_err("pythonmod: BAD event")
+ qstate.ext_state[id] = MODULE_ERROR
+ return True
+
+log_info("pythonmod: script loaded.")
--- /dev/null
+# #-- pymod.test --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+PRE="../.."
+if grep "define WITH_PYTHONMODULE 1" $PRE/config.h; then
+ echo "have python module"
+else
+ echo "no python module"
+ exit 0
+fi
+
+if test "`uname 2>&1`" = "Darwin"; then
+ ldnsdir=`grep ldnsdir= ../../Makefile | sed -e 's/ldnsdir=//'`
+ echo export DYLD_LIBRARY_PATH="$DYLD_LIBRARY_PATH:$ldnsdir/lib:../../.libs"
+ export DYLD_LIBRARY_PATH="$DYLD_LIBRARY_PATH:$ldnsdir/lib:../../.libs"
+fi
+
+# see if config file verifies
+if $PRE/unbound-checkconf ub.conf; then
+ echo "checkconf OK"
+else
+ echo "checkconf failed"
+ exit 1
+fi
+
+# do the test
+echo "> dig www.example.com."
+dig @localhost -p $UNBOUND_PORT www.example.com. | tee outfile
+echo "> cat logfiles"
+cat fwd.log
+cat unbound.log
+echo "> check answer"
+if grep "10.20.30.40" outfile; then
+ echo "OK"
+else
+ echo "Not OK"
+ exit 1
+fi
+
+echo "> dig www2.example.com."
+dig @localhost -p $UNBOUND_PORT www2.example.com. | tee outfile
+echo "> cat logfiles"
+cat fwd.log
+cat unbound.log
+echo "> check answer"
+if grep "192.168.1.1" outfile; then
+ echo "OK"
+else
+ echo "Not OK"
+ exit 1
+fi
+
+exit 0
--- /dev/null
+; nameserver test file
+$ORIGIN example.com.
+$TTL 3600
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id
+SECTION QUESTION
+www IN A
+SECTION ANSWER
+www IN A 10.20.30.40
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id
+SECTION QUESTION
+www2 IN A
+SECTION ANSWER
+www2 IN A 10.20.30.40
+ENTRY_END
+
--- /dev/null
+server:
+ verbosity: 2
+ num-threads: 3
+ port: @PORT@
+ use-syslog: no
+ directory: ""
+ pidfile: "unbound.pid"
+ chroot: ""
+ username: ""
+ do-not-query-localhost: no
+ module-config: "validator python iterator"
+
+python:
+ python-script: "pymod_thread.py"
+
+forward-zone:
+ name: "."
+ forward-addr: "127.0.0.1@@TOPORT@"
+
--- /dev/null
+BaseName: pymod_thread
+Version: 1.0
+Description: Test python module threaded
+CreationDate: Fri Mar 12 11:41:03 CET 2010
+Maintainer: dr. W.C.A. Wijngaards
+Category:
+Component:
+CmdDepends:
+Depends:
+Help:
+Pre: pymod_thread.pre
+Post: pymod_thread.post
+Test: pymod_thread.test
+AuxFiles:
+Passed:
+Failure:
--- /dev/null
+# #-- pymod_thread.post --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# source the test var file when it's there
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+#
+# do your teardown here
+
+PRE="../.."
+. ../common.sh
+# if no python; exit
+if grep "define WITH_PYTHONMODULE 1" $PRE/config.h; then
+ echo "have python module"
+else
+ echo "no python module"
+ exit 0
+fi
+
+kill_pid $FWD_PID
+kill_pid $UNBOUND_PID
+exit 0
--- /dev/null
+# #-- pymod_thread.pre--#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+PRE="../.."
+. ../common.sh
+# if no python; exit
+if grep "define WITH_PYTHONMODULE 1" $PRE/config.h; then
+ echo "have python module"
+else
+ echo "no python module"
+ exit 0
+fi
+# get module python local
+cp $PRE/pythonmod/unboundmodule.py .
+
+if test "`uname 2>&1`" = "Darwin"; then
+ ldnsdir=`grep ldnsdir= ../../Makefile | sed -e 's/ldnsdir=//'`
+ echo export DYLD_LIBRARY_PATH="$DYLD_LIBRARY_PATH:$ldnsdir/lib:../../.libs"
+ export DYLD_LIBRARY_PATH="$DYLD_LIBRARY_PATH:$ldnsdir/lib:../../.libs"
+fi
+
+get_random_port 2
+UNBOUND_PORT=$RND_PORT
+FWD_PORT=$(($RND_PORT + 1))
+echo "UNBOUND_PORT=$UNBOUND_PORT" >> .tpkg.var.test
+echo "FWD_PORT=$FWD_PORT" >> .tpkg.var.test
+
+# make config file
+sed -e 's/@PORT\@/'$UNBOUND_PORT'/' -e 's/@TOPORT\@/'$FWD_PORT'/' < pymod_thread.conf > ub.conf
+
+# see if config file verifies
+if $PRE/unbound-checkconf ub.conf 2>&1; then
+ echo "checkconf OK"
+else
+ echo "checkconf failed"
+ exit 1
+fi
+
+# start forwarder
+get_ldns_testns
+$LDNS_TESTNS -p $FWD_PORT pymod_thread.testns >fwd.log 2>&1 &
+FWD_PID=$!
+echo "FWD_PID=$FWD_PID" >> .tpkg.var.test
+
+# start unbound in the background
+$PRE/unbound -d -c ub.conf >unbound.log 2>&1 &
+UNBOUND_PID=$!
+echo "UNBOUND_PID=$UNBOUND_PID" >> .tpkg.var.test
+
+cat .tpkg.var.test
+wait_ldns_testns_up fwd.log
+wait_unbound_up unbound.log
+
--- /dev/null
+# -*- coding: utf-8 -*-
+'''
+ ubmodule-msg.py: simple response packet logger
+
+ Authors: Zdenek Vasicek (vasicek AT fit.vutbr.cz)
+ Marek Vavrusa (xvavru00 AT stud.fit.vutbr.cz)
+
+ Copyright (c) 2008. All rights reserved.
+
+ This software is open source.
+
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions
+ are met:
+
+ Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+ Redistributions in binary form must reproduce the above copyright notice,
+ this list of conditions and the following disclaimer in the documentation
+ and/or other materials provided with the distribution.
+
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE
+ LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ POSSIBILITY OF SUCH DAMAGE.
+
+ Modified for unit test by Wouter Wijngaards, NLnet Labs, 2009.
+'''
+import os
+
+def init(id, cfg):
+ log_info("pythonmod: init called, module id is %d port: %d script: %s" % (id, cfg.port, cfg.python_script))
+ return True
+
+def deinit(id):
+ log_info("pythonmod: deinit called, module id is %d" % id)
+ return True
+
+def inform_super(id, qstate, superqstate, qdata):
+ return True
+
+def setTTL(qstate, ttl):
+ """Sets return_msg TTL and all the RRs TTL"""
+ if qstate.return_msg:
+ qstate.return_msg.rep.ttl = ttl
+ if (qstate.return_msg.rep):
+ for i in range(0,qstate.return_msg.rep.rrset_count):
+ d = qstate.return_msg.rep.rrsets[i].entry.data
+ for j in range(0,d.count+d.rrsig_count):
+ d.rr_ttl[j] = ttl
+
+def dataHex(data, prefix=""):
+ res = ""
+ for i in range(0, (len(data)+15)/16):
+ res += "%s0x%02X | " % (prefix, i*16)
+ d = map(lambda x:ord(x), data[i*16:i*16+17])
+ for ch in d:
+ res += "%02X " % ch
+ for i in range(0,17-len(d)):
+ res += " "
+ res += "| "
+ for ch in d:
+ if (ch < 32) or (ch > 127):
+ res += ". "
+ else:
+ res += "%c " % ch
+ res += "\n"
+ return res
+
+def printReturnMsg(qstate):
+ print "Return MSG rep :: flags: %04X, QDcount: %d, Security:%d, TTL=%d" % (qstate.return_msg.rep.flags, qstate.return_msg.rep.qdcount,qstate.return_msg.rep.security, qstate.return_msg.rep.ttl)
+ print " qinfo :: qname:",qstate.return_msg.qinfo.qname_list, qstate.return_msg.qinfo.qname_str, "type:",qstate.return_msg.qinfo.qtype_str, "class:",qstate.return_msg.qinfo.qclass_str
+ if (qstate.return_msg.rep):
+ print "RRSets:",qstate.return_msg.rep.rrset_count
+ prevkey = None
+ for i in range(0,qstate.return_msg.rep.rrset_count):
+ r = qstate.return_msg.rep.rrsets[i]
+ rk = r.rk
+ print i,":",rk.dname_list, rk.dname_str, "flags: %04X" % rk.flags,
+ print "type:",rk.type_str,"(%d)" % ntohs(rk.type), "class:",rk.rrset_class_str,"(%d)" % ntohs(rk.rrset_class)
+
+ d = r.entry.data
+ print " RRDatas:",d.count+d.rrsig_count
+ for j in range(0,d.count+d.rrsig_count):
+ print " ",j,":","TTL=",d.rr_ttl[j],"RR data:"
+ print dataHex(d.rr_data[j]," ")
+
+
+def operate(id, event, qstate, qdata):
+ log_info("pythonmod: operate called, id: %d, event:%s" % (id, strmodulevent(event)))
+ #print "pythonmod: per query data", qdata
+
+ print "Query:", ''.join(map(lambda x:chr(max(32,ord(x))),qstate.qinfo.qname)), qstate.qinfo.qname_list, qstate.qinfo.qname_str,
+ print "Type:",qstate.qinfo.qtype_str,"(%d)" % qstate.qinfo.qtype,
+ print "Class:",qstate.qinfo.qclass_str,"(%d)" % qstate.qinfo.qclass
+ print
+
+ if (event == MODULE_EVENT_NEW or event == MODULE_EVENT_PASS) and (qstate.qinfo.qname_str.endswith("example.com.")):
+ print qstate.qinfo.qname_str
+
+ qstate.ext_state[id] = MODULE_FINISHED
+
+ # eat time
+ y = 20
+ for z in range(2, 10000):
+ y = y*2 - z/2
+ y = y/2 + z
+
+ msg = DNSMessage(qstate.qinfo.qname_str, RR_TYPE_A, RR_CLASS_IN, PKT_QR | PKT_RA | PKT_AA) #, 300)
+ #msg.authority.append("xxx.seznam.cz. 10 IN A 192.168.1.1")
+ #msg.additional.append("yyy.seznam.cz. 10 IN A 1.1.1.2.")
+
+ # answer can be returned to the client without further checking.
+
+ if qstate.qinfo.qtype == RR_TYPE_A:
+ msg.answer.append("%s 10 IN A 192.168.1.1" % qstate.qinfo.qname_str)
+ if (qstate.qinfo.qtype == RR_TYPE_SRV) or (qstate.qinfo.qtype == RR_TYPE_ANY):
+ msg.answer.append("%s 10 IN SRV 0 0 80 neinfo.example.com." % qstate.qinfo.qname_str)
+ if (qstate.qinfo.qtype == RR_TYPE_TXT) or (qstate.qinfo.qtype == RR_TYPE_ANY):
+ msg.answer.append("%s 10 IN TXT path=/" % qstate.qinfo.qname_str)
+
+ if not msg.set_return_msg(qstate):
+ qstate.ext_state[id] = MODULE_ERROR
+ return True
+
+ #qstate.return_msg.rep.security = 2 #pokud nebude nasledovat validator, je zapotrebi nastavit security, aby nebyl paket zahozen v mesh_send_reply
+ printReturnMsg(qstate)
+
+ #Authoritative result can't be stored in cache
+ #if (not storeQueryInCache(qstate, qstate.return_msg.qinfo, qstate.return_msg.rep, 0)):
+ # print "Can't store in cache"
+ # qstate.ext_state[id] = MODULE_ERROR
+ # return False
+ #print "Store OK"
+
+ qstate.return_rcode = RCODE_NOERROR
+ return True
+
+ if event == MODULE_EVENT_NEW:
+ qstate.ext_state[id] = MODULE_WAIT_MODULE
+ return True
+
+ if event == MODULE_EVENT_MODDONE:
+ log_info("pythonmod: previous module done")
+ qstate.ext_state[id] = MODULE_FINISHED
+ return True
+
+ if event == MODULE_EVENT_PASS:
+ log_info("pythonmod: event_pass")
+ qstate.ext_state[id] = MODULE_WAIT_MODULE
+ return True
+
+ log_err("pythonmod: BAD event")
+ qstate.ext_state[id] = MODULE_ERROR
+ return True
+
+log_info("pythonmod: script loaded.")
--- /dev/null
+# #-- pymod_thread.test --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+PRE="../.."
+if grep "define WITH_PYTHONMODULE 1" $PRE/config.h; then
+ echo "have python module"
+else
+ echo "no python module"
+ exit 0
+fi
+
+if test "`uname 2>&1`" = "Darwin"; then
+ ldnsdir=`grep ldnsdir= ../../Makefile | sed -e 's/ldnsdir=//'`
+ echo export DYLD_LIBRARY_PATH="$DYLD_LIBRARY_PATH:$ldnsdir/lib:../../.libs"
+ export DYLD_LIBRARY_PATH="$DYLD_LIBRARY_PATH:$ldnsdir/lib:../../.libs"
+fi
+
+# see if config file verifies
+if $PRE/unbound-checkconf ub.conf; then
+ echo "checkconf OK"
+else
+ echo "checkconf failed"
+ exit 1
+fi
+
+# do the test
+# generate some load.
+echo "> dig www[1-10].example.com."
+dig @localhost -p $UNBOUND_PORT www.example.com. | tee outfile1 &
+dig @localhost -p $UNBOUND_PORT www2.example.com. | tee outfile3 &
+dig @localhost -p $UNBOUND_PORT www3.example.com. | tee outfile2 &
+dig @localhost -p $UNBOUND_PORT www4.example.com. | tee outfile4 &
+dig @localhost -p $UNBOUND_PORT www5.example.com. | tee outfile5 &
+dig @localhost -p $UNBOUND_PORT www6.example.com. | tee outfile6 &
+dig @localhost -p $UNBOUND_PORT www7.example.com. | tee outfile7 &
+dig @localhost -p $UNBOUND_PORT www8.example.com. | tee outfile8 &
+dig @localhost -p $UNBOUND_PORT www9.example.com. | tee outfile9 &
+dig @localhost -p $UNBOUND_PORT www10.example.com. | tee outfile10 &
+
+wait # wait for all jobs to complete.
+
+echo "> cat logfiles"
+cat fwd.log
+cat unbound.log
+echo "> check answer"
+for x in outfile1 outfile2 outfile3 outfile4 outfile5; do
+if grep "192.168.1.1" $x; then
+ echo "$x OK"
+else
+ echo "$x Not OK"
+ exit 1
+fi
+done
+
+for x in outfile6 outfile7 outfile8 outfile9 outfile10; do
+if grep "192.168.1.1" $x; then
+ echo "$x OK"
+else
+ echo "$x Not OK"
+ exit 1
+fi
+done
+
+exit 0
--- /dev/null
+; nameserver test file
+$ORIGIN example.com.
+$TTL 3600
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id
+SECTION QUESTION
+www IN A
+SECTION ANSWER
+www IN A 10.20.30.40
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id
+SECTION QUESTION
+www2 IN A
+SECTION ANSWER
+www2 IN A 10.20.30.40
+ENTRY_END
+
--- /dev/null
+-----BEGIN RSA PRIVATE KEY-----
+MIICXAIBAAKBgQDti51Z6qASvAjPFFhLLlq8BwtsnmfqMPMn57dKAghb4OifeL4G
+SLOE02/hKDkdkOvaUG2UqDNh2OoPTuJk4A+mG2LJoziFhHKlIebo9v2YiFWOBVtO
+DWc3tXPT1IlSEN0xnAGelMmeLcPeCPe+A5IDlIHzF/+YiDgS38S9dL17owIDAQAB
+AoGAG3w/DatfMCu/nS5OdQx9BSqPgNbnUSqux9xA0fhgPTlN0T3oRtPcqa7JUDUW
+PryI/a62ry+zGkw98N2AxolCZg3N7Z3vuRx2FMcKKNwpTzDmcZW7TmMk5FPof6gE
+PnYl/ff0w+kxqA+L2EexH3Xi6ApLSZcjyzKWj+dL2AuT9gkCQQD3dPitwITxgCAD
+IaHw23e3FRkM/hw1Gp8bt6nbuxitVxxpO96q1EQ+fCy/mf0bMEJDp3xzMEIfP3r4
+GmNbaxa1AkEA9b8LeBLbQ2cm2+UMeUgygBsRirdUQ786auqH38Jbvi/j6S9sDl2x
+q1vRtikEBZJWfkhsOzrzwFDKe1bI/EEn9wJAAzOwRA9JqRZPU7sLrWIpmmTbfh+L
+neRKSsGFoSI6n4ORCouLxgoZF/XjXldPvxpQwS9ZnOPy9xSLMsqknno0QQJAeDtA
+IT8Yh6GwIWWu9KeeDY8wxe1sDLlCm4yjbZZpzGMh3rSU6XJtuqjxsW3fydoO9zn3
+ugLdvvnIFxAexUwbgQJBANyM13xcObfUJOj9rjlGCh0CDh/04ONl8SH8HBnM8guA
+RJI5S6vBHweVRopEZcF1sQm6wMf3ej/sGkyyNvJxRkY=
+-----END RSA PRIVATE KEY-----
--- /dev/null
+-----BEGIN CERTIFICATE-----
+MIIBozCCAQwCCQDd5/rocjG5vDANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwd1
+bmJvdW5kMB4XDTA4MDkyNjEyMjQ0NFoXDTI4MDYxMzEyMjQ0NFowGjEYMBYGA1UE
+AxMPdW5ib3VuZC1jb250cm9sMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDt
+i51Z6qASvAjPFFhLLlq8BwtsnmfqMPMn57dKAghb4OifeL4GSLOE02/hKDkdkOva
+UG2UqDNh2OoPTuJk4A+mG2LJoziFhHKlIebo9v2YiFWOBVtODWc3tXPT1IlSEN0x
+nAGelMmeLcPeCPe+A5IDlIHzF/+YiDgS38S9dL17owIDAQABMA0GCSqGSIb3DQEB
+BQUAA4GBAHpvcKqY48X9WsqogV16L+zT7iXhZ4tySA9EBk1a+0gud/iDPKSBi7mK
+4rzphVfb4S207dVmTG+1WNpa6l3pTGML6XLElxqIu/kr7w4cF0rKvZxWPsBRqYjH
+5HrK8CrQ0+YvUHXiu7IaACLGvKXY4Tqa3HQyvEtzLWJ4HhOrGx8F
+-----END CERTIFICATE-----
--- /dev/null
+-----BEGIN RSA PRIVATE KEY-----
+MIICWwIBAAKBgQC9hurNHBtB7QFEuPJOnCylUWUF2/US3v9yQQQXnstuXMQXRaq1
+1uviLmwaGurV9tngX59HITsBT74NQrtFKfEDLViLrm2arAM9Ozsn4tnv30HXPRDj
+UOc1M05Q7UzjaSrOv+TkPEqyhtUyaP1DYo0bcmbxtSkYc2ZEWCwhPklUwQIDAQAB
+AoGATjzZxN4ramWaNnJapJTX4U7eczK/0pB3xwSL2exVcjOdRzYdKH+WVIJxYb1m
+3/jNLFCNAeH356yxeevoPr73nG75YJ9I1ZWQWTnS3SDK6JD1+3pmAD0bQWFoitpf
+FoSH9H4X5gFB5vCZ99YVoYH1UXWPcgvUHwxz0voImt6lCKECQQD4YQ4A3M0+Ki8v
+Hl+5FKULnS0UtBkweCvkF/X1zZRjjYr6hLnqldFkkgTBKWe17pUXX0nwRMbP1YZX
+i+vDq5JNAkEAw1eYsmC0nVAMawo57N6LYavGv/n5u1cvpTpKDtn4cXH0Uqq13Kyu
+2FUTzan2NhCEK78UzbWaeewBJmxYda1+RQJAdShKk6uTAEyjnwUjv8h2JWlJN2fQ
+LeWxRlDrCruiz+aW9J4gl/99GoQpy/c83TshhjnDRZsbcDNWv/rXBZ/rTQJAFQva
+CtX6f7yBKgM3DHtJvyM3zbVMH9Ab9QxbsE/xwZ9KeKGl6Hm+eNZpxM3cFiUfaGs0
+/ZjkZOB1m0MvILaplQJAXC3PJ/E+87banGZRJl5qtS6/HoX5lH9TPkL8Essy7ANO
+2BT2OTQawD1A+VKIrQHXs085Of8tQUfrfHHt7s3Kqg==
+-----END RSA PRIVATE KEY-----
--- /dev/null
+-----BEGIN CERTIFICATE-----
+MIIBmzCCAQQCCQCDugnhq8B6LzANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwd1
+bmJvdW5kMB4XDTA4MDkyNjEyMjQ0M1oXDTI4MDYxMzEyMjQ0M1owEjEQMA4GA1UE
+AxMHdW5ib3VuZDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAvYbqzRwbQe0B
+RLjyTpwspVFlBdv1Et7/ckEEF57LblzEF0Wqtdbr4i5sGhrq1fbZ4F+fRyE7AU++
+DUK7RSnxAy1Yi65tmqwDPTs7J+LZ799B1z0Q41DnNTNOUO1M42kqzr/k5DxKsobV
+Mmj9Q2KNG3Jm8bUpGHNmRFgsIT5JVMECAwEAATANBgkqhkiG9w0BAQUFAAOBgQCy
+zGMW35/9xXoEWsuLFWUOaEKVq5DXuXtXbcMpDW6k2ELoraa305vh7Zwhj5JSqfcm
+O0xyqIzXvz/cYdyOTgEkdMDZ/EvQsxKTwvj6eA4614yB1r3Ju5eZd4Gpo6BHhSpu
+oqsrr0duJ+JOANTyaBplIxM1sjHbR4FGtmrFknBYBQ==
+-----END CERTIFICATE-----
--- /dev/null
+server:
+ verbosity: 2
+ num-threads: 4
+ outgoing-range: 16
+ interface: 127.0.0.1
+ port: @PORT@
+ use-syslog: no
+ directory: ""
+ pidfile: "unbound.pid"
+ chroot: ""
+ username: ""
+ do-not-query-localhost: no
+remote-control:
+ control-enable: yes
+ control-interface: 127.0.0.1
+ # control-interface: ::1
+ control-port: @CONTROL_PORT@
+ server-key-file: "unbound_server.key"
+ server-cert-file: "unbound_server.pem"
+ control-key-file: "unbound_control.key"
+ control-cert-file: "unbound_control.pem"
+forward-zone:
+ name: "."
+ forward-addr: "127.0.0.1@@TOPORT@"
+
--- /dev/null
+BaseName: remote-threaded
+Version: 1.0
+Description: remote control test with thread communication
+CreationDate: Wed Dec 3 15:00:38 CET 2008
+Maintainer: dr. W.C.A. Wijngaards
+Category:
+Component:
+CmdDepends:
+Depends:
+Help:
+Pre: remote-threaded.pre
+Post: remote-threaded.post
+Test: remote-threaded.test
+AuxFiles:
+Passed:
+Failure:
--- /dev/null
+# #-- remote-threaded.post --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# source the test var file when it's there
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+#
+# do your teardown here
+. ../common.sh
+kill_pid $FWD_PID
+# unbound stopped by test (if successful)
+kill $UNBOUND_PID >/dev/null 2>&1
+kill $UNBOUND_PID >/dev/null 2>&1
+exit 0
--- /dev/null
+# #-- remote-threaded.pre--#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+. ../common.sh
+get_random_port 3
+UNBOUND_PORT=$RND_PORT
+FWD_PORT=$(($RND_PORT + 1))
+CONTROL_PORT=$(($RND_PORT + 2))
+echo "UNBOUND_PORT=$UNBOUND_PORT" >> .tpkg.var.test
+echo "FWD_PORT=$FWD_PORT" >> .tpkg.var.test
+echo "CONTROL_PORT=$CONTROL_PORT" >> .tpkg.var.test
+
+# start forwarder
+get_ldns_testns
+$LDNS_TESTNS -p $FWD_PORT remote-threaded.testns >fwd.log 2>&1 &
+FWD_PID=$!
+echo "FWD_PID=$FWD_PID" >> .tpkg.var.test
+
+# make config file
+sed -e 's/@PORT\@/'$UNBOUND_PORT'/' -e 's/@TOPORT\@/'$FWD_PORT'/' -e 's/@CONTROL_PORT\@/'$CONTROL_PORT'/' < remote-threaded.conf > ub.conf
+# start unbound in the background
+PRE="../.."
+$PRE/unbound -d -c ub.conf >unbound.log 2>&1 &
+UNBOUND_PID=$!
+echo "UNBOUND_PID=$UNBOUND_PID" >> .tpkg.var.test
+
+cat .tpkg.var.test
+wait_ldns_testns_up fwd.log
+wait_unbound_up unbound.log
+
--- /dev/null
+# #-- remote-threaded.test --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+PRE="../.."
+
+# exit value is 1 on usage
+$PRE/unbound-control -h
+if test $? -ne 1; then
+ echo "wrong exit value for usage."
+ exit 1
+else
+ echo "exit value for usage: OK"
+fi
+
+# use lock-verify if possible
+
+# test if the server is up.
+echo "> dig www.example.com."
+dig @127.0.0.1 -p $UNBOUND_PORT www.example.com. | tee outfile
+echo "> check answer"
+if grep "10.20.30.40" outfile; then
+ echo "OK"
+else
+ echo "> cat logfiles"
+ cat fwd.log
+ cat unbound.log
+ echo "Not OK"
+ exit 1
+fi
+
+# exit value is 1 when a bad command is given.
+echo "$PRE/unbound-control -c ub.conf blablargh"
+$PRE/unbound-control -c ub.conf blablargh
+if test $? -ne 1; then
+ echo "wrong exit value on error."
+ echo "> cat logfiles"
+ cat fwd.log
+ cat unbound.log
+ exit 1
+else
+ echo "correct exit value on error"
+fi
+
+# reload the server. test if the server came up by putting a new
+# local-data element in the server.
+echo "server: local-data: 'afterreload. IN A 5.6.7.8'" >> ub.conf
+echo "$PRE/unbound-control -c ub.conf reload"
+$PRE/unbound-control -c ub.conf reload
+if test $? -ne 0; then
+ echo "wrong exit value after success"
+ exit 1
+fi
+
+echo "> dig afterreload."
+dig @127.0.0.1 -p $UNBOUND_PORT afterreload. | tee outfile
+echo "> check answer"
+if grep "5.6.7.8" outfile; then
+ echo "OK"
+else
+ echo "> cat logfiles"
+ cat fwd.log
+ cat unbound.log
+ echo "Not OK"
+ exit 1
+fi
+
+# must have had queries now. 1 since reload.
+echo "$PRE/unbound-control -c ub.conf stats"
+$PRE/unbound-control -c ub.conf stats > tmp.$$
+if test $? -ne 0; then
+ echo "wrong exit value after success"
+ exit 1
+fi
+if grep "^total.num.queries=[1-9][0-9]*$" tmp.$$; then
+ echo "OK"
+else
+ echo "bad stats"
+ cat tmp.$$
+ exit 1
+fi
+
+# verbosity
+echo "$PRE/unbound-control -c ub.conf verbosity 4"
+$PRE/unbound-control -c ub.conf verbosity 4
+if test $? -ne 0; then
+ echo "wrong exit value after success"
+ exit 1
+fi
+
+# check syntax error in parse
+echo "$PRE/unbound-control -c ub.conf verbosity jkdf"
+$PRE/unbound-control -c ub.conf verbosity jkdf
+if test $? -ne 1; then
+ echo "wrong exit value after failure"
+ exit 1
+fi
+
+# check bad credentials
+cp ub.conf bad.conf
+echo "remote-control:" >> bad.conf
+echo " server-key-file: bad_server.key" >> bad.conf
+echo " server-cert-file: bad_server.pem" >> bad.conf
+echo " control-key-file: bad_control.key" >> bad.conf
+echo " control-cert-file: bad_control.pem" >> bad.conf
+echo "$PRE/unbound-control -c bad.conf verbosity 2"
+$PRE/unbound-control -c bad.conf verbosity 2
+if test $? -ne 1; then
+ echo "wrong exit value after failure"
+ exit 1
+fi
+
+# create a new local zone
+echo "> test of local zone"
+echo "$PRE/unbound-control -c ub.conf local_zone example.net static"
+$PRE/unbound-control -c ub.conf local_zone example.net static
+if test $? -ne 0; then
+ echo "wrong exit value after success"
+ exit 1
+fi
+echo "$PRE/unbound-control -c ub.conf local_data www.example.net A 192.0.2.1"
+$PRE/unbound-control -c ub.conf local_data www.example.net A 192.0.2.1
+if test $? -ne 0; then
+ echo "wrong exit value after success"
+ exit 1
+fi
+
+# check that www.example.net exists
+echo "> dig www.example.net."
+dig @127.0.0.1 -p $UNBOUND_PORT www.example.net. | tee outfile
+echo "> check answer"
+if grep "192.0.2.1" outfile; then
+ echo "OK"
+else
+ echo "> cat logfiles"
+ cat fwd.log
+ cat unbound.log
+ echo "Not OK"
+ exit 1
+fi
+
+# check that mail.example.net has nxdomain
+echo "> dig mail.example.net."
+dig @127.0.0.1 -p $UNBOUND_PORT mail.example.net. | tee outfile
+echo "> check answer"
+if grep "NXDOMAIN" outfile; then
+ echo "OK"
+else
+ echo "> cat logfiles"
+ cat fwd.log
+ cat unbound.log
+ echo "Not OK"
+ exit 1
+fi
+
+# remove www.example.net - check it gets nxdomain
+echo "$PRE/unbound-control -c ub.conf local_data_remove www.example.net"
+$PRE/unbound-control -c ub.conf local_data_remove www.example.net
+if test $? -ne 0; then
+ echo "wrong exit value after success"
+ exit 1
+fi
+echo "> dig www.example.net."
+dig @127.0.0.1 -p $UNBOUND_PORT www.example.net. | tee outfile
+echo "> check answer"
+if grep "NXDOMAIN" outfile; then
+ echo "OK"
+else
+ echo "> cat logfiles"
+ cat fwd.log
+ cat unbound.log
+ echo "Not OK"
+ exit 1
+fi
+
+# remove example.net - check its gone.
+echo "$PRE/unbound-control -c ub.conf local_zone_remove example.net"
+$PRE/unbound-control -c ub.conf local_zone_remove example.net
+if test $? -ne 0; then
+ echo "wrong exit value after success"
+ exit 1
+fi
+echo "> dig www.example.net."
+dig @127.0.0.1 -p $UNBOUND_PORT www.example.net. | tee outfile
+echo "> check answer"
+if grep "SERVFAIL" outfile; then
+ echo "OK"
+else
+ echo "> cat logfiles"
+ cat fwd.log
+ cat unbound.log
+ echo "Not OK"
+ exit 1
+fi
+
+# dump the cache
+echo "> test cache dump"
+# fillup cache
+echo "dig www.example.com"
+dig @127.0.0.1 -p $UNBOUND_PORT www.example.com.
+echo "$PRE/unbound-control -c ub.conf dump_cache"
+$PRE/unbound-control -c ub.conf dump_cache > tmp.$$
+if test $? -ne 0; then
+ echo "wrong exit value after success"
+ exit 1
+fi
+cat tmp.$$
+# we do not look at content. Only thread 0 content.
+# because it may not be there when it is compiled with processes only.
+if grep MSG_CACHE tmp.$$; then
+ echo "OK this is a cache dump"
+else
+ echo "Not OK cache dump"
+ exit 1
+fi
+
+# test lookup
+echo "$PRE/unbound-control -c ub.conf lookup www.example.com"
+$PRE/unbound-control -c ub.conf lookup www.example.com
+if test $? -ne 0; then
+ echo "wrong exit value after success"
+ exit 1
+fi
+# answer to lookup is meaningless because of use a forwarder, oh well.
+
+# load the cache dump.
+echo "$PRE/unbound-control -c ub.conf load_cache < tmp.$$"
+$PRE/unbound-control -c ub.conf load_cache < tmp.$$
+if test $? -ne 0; then
+ echo "wrong exit value after success"
+ exit 1
+fi
+# do not check if cache dump contents are present ; other threads
+# may not have gotten it when it is compiled with processes only.
+
+# flushing
+echo "$PRE/unbound-control -c ub.conf flush www.example.net"
+$PRE/unbound-control -c ub.conf flush www.example.net
+if test $? -ne 0; then
+ echo "wrong exit value after success"
+ exit 1
+fi
+
+echo "$PRE/unbound-control -c ub.conf flush_type www.example.net TXT"
+$PRE/unbound-control -c ub.conf flush_type www.example.net TXT
+if test $? -ne 0; then
+ echo "wrong exit value after success"
+ exit 1
+fi
+
+echo "$PRE/unbound-control -c ub.conf flush_zone example.net"
+$PRE/unbound-control -c ub.conf flush_zone example.net
+if test $? -ne 0; then
+ echo "wrong exit value after success"
+ exit 1
+fi
+
+# now stop the server
+echo "$PRE/unbound-control -c ub.conf stop"
+$PRE/unbound-control -c ub.conf stop
+if test $? -ne 0; then
+ echo "wrong exit value after success"
+ exit 1
+fi
+# see if the server has really exited.
+TRY_MAX=20
+for (( try=0 ; try <= $TRY_MAX ; try++ )) ; do
+ if kill -0 $UNBOUND_PID 2>&1 | tee tmp.$$; then
+ echo "not stopped yet, waiting"
+ sleep 1
+ else
+ echo "stopped OK; break"
+ break;
+ fi
+ if grep "No such process" tmp.$$; then
+ echo "stopped OK; break"
+ break;
+ fi
+done
+if kill -0 $UNBOUND_PID; then
+ echo "still up!"
+ echo "> cat logfiles"
+ cat fwd.log
+ cat unbound.log
+ echo "not stopped, failure"
+ exit 1
+else
+ echo "stopped OK"
+
+ if test -f ublocktrace.0; then
+ if $PRE/lock-verify ublocktrace.*; then
+ echo "lock-verify test worked."
+ else
+ echo "lock-verify test failed."
+ cat fwd.log
+ cat unbound.log
+ exit 1
+ fi
+ fi
+fi
+
+echo "> cat logfiles"
+cat fwd.log
+cat unbound.log
+echo "> OK"
+exit 0
--- /dev/null
+; nameserver test file
+$ORIGIN example.com.
+$TTL 3600
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id
+SECTION QUESTION
+www IN A
+SECTION ANSWER
+www IN A 10.20.30.40
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA SERVFAIL
+ADJUST copy_id
+SECTION QUESTION
+www.example.net. IN A
+ENTRY_END
+
--- /dev/null
+-----BEGIN RSA PRIVATE KEY-----
+MIICXAIBAAKBgQDD6DogNCsSeEa1u99+6PUVbGzjMzzei9MIK6s94+zcpp7OAOBa
+rzPA0vlyuNtUsEN3qwPomQQQmIgbT7OXkzC1wqioxwa609xoL8oW/I7e336rEyvH
+ST6JwUdIg0Lzg/USJ81eTwMnzYSd4Bpsqr9eP33ubaR7Gh/6o76loLOlcQIDAQAB
+AoGAFT3e35MIgI4uDJJ8X0RfHp2NCO2LUg4TKbWical/C0W9vlR1/x80G1pE1d2Z
+WotqJVWTrOq6eBox19RCgtLg2wPGk9uD62+9SDT37heWFlUCElWq50pQG6k9ThiG
+DDypkZyZ/52+DdWybiaQJkuK6O5qQXuNAtVJMpghu4GnHAECQQDsupnZUQDpapzr
+4FC4MSkL2+A1PRt6g4VhwoqOpJXaHfVnH6F7AwUuOLNwGdR5Cvv70pfJ7Jqg8L2m
+Kxyl5bORAkEA09rn34YQ0pHJdHidbl2kInIuYTz09+TO3LWwan17nISH9aaYvVDr
+p9x1B4Qzw9qyxT9oll7ze/5Rw/7C3AQj4QJAT2B2a+b8bkgAXBs4FbruL3rHoDJg
+P2FQXSpVOWU4lg2LlsuFYvDtUMVUbZdLplanjZXcral3Y9W1Ub2M+ped8QJAYQN+
+aRpge7ys7vwIw7B36Bo3aOncF+ScYe+FkM5Tm7II/JHEofT7ZQwMP1vnxIlSkgbe
+YvWqNB6a3NC99LikoQJBAM4UhDdRg63Tr6Idky6CQaH///zAN7nArJfffKGWFdw9
+DKrWpNqvYZtX/cfEJucKcRCm5YL8CKFYbQy4VoCxUcE=
+-----END RSA PRIVATE KEY-----
--- /dev/null
+-----BEGIN CERTIFICATE-----
+MIIBozCCAQwCCQD6XaN6FzW/4DANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwd1
+bmJvdW5kMB4XDTA4MDkxMTA5MDk0MFoXDTI4MDUyOTA5MDk0MFowGjEYMBYGA1UE
+AxMPdW5ib3VuZC1jb250cm9sMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDD
+6DogNCsSeEa1u99+6PUVbGzjMzzei9MIK6s94+zcpp7OAOBarzPA0vlyuNtUsEN3
+qwPomQQQmIgbT7OXkzC1wqioxwa609xoL8oW/I7e336rEyvHST6JwUdIg0Lzg/US
+J81eTwMnzYSd4Bpsqr9eP33ubaR7Gh/6o76loLOlcQIDAQABMA0GCSqGSIb3DQEB
+BQUAA4GBAGFAXmaQHuFgAuc6HVhYZJdToxLBhfxGpot4oZNjcb1Cdoz3OL34MU1B
+9E5psj2PpGPIi8/RwoqBtAJHJ+J5cWngo03o4ZmdwKNSzaxlp141z/3rUtFqEHEC
+iO6gPCT3U7dt6MyC7r6vdMqyW6aldP3CtwD0gQziKAMoj+TAfAcq
+-----END CERTIFICATE-----
--- /dev/null
+-----BEGIN RSA PRIVATE KEY-----
+MIICWwIBAAKBgQC3F7Jsv2u01pLL9rFnjsMU/IaCFUIz/624DcaE84Z4gjMl5kWA
+3axQcqul1wlwSrbKwrony+d9hH/+MX0tZwvl8w3OmhmOAiaQ+SHCsIuOjVwQjX0s
+RLB61Pz5+PAiVvnPa9JIYB5QrK6DVEsxIHj8MOc5JKORrnESsFDh6yeMeQIDAQAB
+AoGAAuWoGBprTOA8UGfl5LqYkaNxSWumsYXxLMFjC8WCsjN1NbtQDDr1uAwodSZS
+6ujzvX+ZTHnofs7y64XC8k34HTOCD2zlW7kijWbT8YjRYFU6o9F5zUGD9RCan0ds
+sVscT2psLSzfdsmFAcbmnGdxYkXk2PC1FHtaqExxehralGUCQQDcqrg9uQKXlhQi
+XAaPr8SiWvtRm2a9IMMZkRfUWZclPHq6fCWNuUaCD+cTat4wAuqeknAz33VEosw3
+fXGsok//AkEA1GjIHXrOcSlpfVJb6NeOBugjRtZ7ZDT5gbtnMS9ob0qntKV6saaL
+CNmJwuD9Q3XkU5j1+uHvYGP2NzcJd2CjhwJACV0hNlVMe9w9fHvFN4Gw6WbM9ViP
+0oS6YrJafYNTu5vGZXVxLoNnL4u3NYa6aPUmuZXjNwBLfJ8f5VboZPf6RwJAINd2
+oYA8bSi/A755MX4qmozH74r4Fx1Nuq5UHTm8RwDe/0Javx8F/j9MWpJY9lZDEF3l
+In5OebPa/NyInSmW/wJAZuP9aRn0nDBkHYri++1A7NykMiJ/nH0mDECbnk+wxx0S
+LwqIetBhxb8eQwMg45+iAH7CHAMQ8BQuF/nFE6eotg==
+-----END RSA PRIVATE KEY-----
--- /dev/null
+-----BEGIN CERTIFICATE-----
+MIIBmzCCAQQCCQDsNJ1UmphEFzANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwd1
+bmJvdW5kMB4XDTA4MDkxMTA5MDk0MFoXDTI4MDUyOTA5MDk0MFowEjEQMA4GA1UE
+AxMHdW5ib3VuZDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAtxeybL9rtNaS
+y/axZ47DFPyGghVCM/+tuA3GhPOGeIIzJeZFgN2sUHKrpdcJcEq2ysK6J8vnfYR/
+/jF9LWcL5fMNzpoZjgImkPkhwrCLjo1cEI19LESwetT8+fjwIlb5z2vSSGAeUKyu
+g1RLMSB4/DDnOSSjka5xErBQ4esnjHkCAwEAATANBgkqhkiG9w0BAQUFAAOBgQAZ
+9N0lnLENs4JMvPS+mn8C5m9bkkFITd32IiLjf0zgYpIUbFXH6XaEr9GNZBUG8feG
+l/6WRXnbnVSblI5odQ4XxGZ9inYY6qtW30uv76HvoKp+QZ1c3460ddR8NauhcCHH
+Z7S+QbLXi+r2JAhpPozZCjBHlRD0ixzA1mKQTJhJZg==
+-----END CERTIFICATE-----
--- /dev/null
+BaseName: root_anchor
+Version: 1.0
+Description: check if root anchor has changed.
+CreationDate: Tue Sep 28 12:43:09 CEST 2010
+Maintainer: dr. W.C.A. Wijngaards
+Category:
+Component:
+CmdDepends:
+Depends:
+Help:
+Pre:
+Post:
+Test: root_anchor.test
+AuxFiles:
+Passed:
+Failure:
--- /dev/null
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+PRE="../.."
+
+# only do this test if the network is up.
+echo "is the net up?"
+if dig @k.root-servers.net . SOA 2>&1 | grep NOERROR ; then
+ echo yes
+else
+ echo no
+ exit 0
+fi
+
+# test that unbound-anchor, its builtin DNSKEY, works.
+# so the https is disabled (go to 127.0.0.1@10099).
+$PRE/unbound-anchor -u "127.0.0.1" -P 10099 -a test.ds -v
+# check that the test.ds file is OK.
+if $PRE/unbound-host -f test.ds -t SOA -v . 2>&1 | grep "(secure)"; then
+ echo "The builtin DS root anchors work"
+else
+ echo "The builtin DS root anchors do not work"
+ exit 1
+fi
+
+echo ""
+# test that unbound-anchor, the builtin certificate, works
+# so, force https with -F and the -c is a nonexistant file
+$PRE/unbound-anchor -a test.cert -c test.pem -v -F
+# check that the test.cert file is OK.
+if $PRE/unbound-host -f test.cert -t SOA -v . 2>&1 | grep "(secure)"; then
+ echo "The builtin root update certificate works"
+else
+ echo "The builtin root update certificate does not work"
+ exit 1
+fi
+
+# use curl to see if the PGP certificate has been updated.
+curl --time-cond "20170203 10:00:00" https://data.iana.org/root-anchors/icannbundle.pem > newcert
+if test -n "`cat newcert`"; then
+ echo "icannbundle.pem has been updated"
+ cat newcert
+ echo "icannbundle.pem has been updated"
+ exit 1
+else
+ echo "icannbundle.pem has not been updated"
+fi
+
+exit 0
--- /dev/null
+BaseName: root_hints
+Version: 1.0
+Description: check if root hints have changed.
+CreationDate: Thu Oct 22 12:42:40 CEST 2008
+Maintainer: dr. W.C.A. Wijngaards
+Category:
+Component:
+CmdDepends:
+Depends:
+Help:
+Pre:
+Post:
+Test: root_hints.test
+AuxFiles:
+Passed:
+Failure:
--- /dev/null
+# #-- 06-ianaports.test --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+PRE="../.."
+
+# dig 9 ?
+digv=`dig -v 2>&1 | wc -l`
+if test $digv -ne 1; then
+ echo "Dig too old. skip test"
+ exit 0
+fi
+
+eval `grep ^srcdir= $PRE/Makefile`
+echo "srcdir="$srcdir
+
+# obtain list from compiled in settings:
+grep "ROOT-SERVERS.NET." $PRE/$srcdir/iterator/iter_hints.c > curlist
+echo "Current list:"
+cat curlist
+
+result="0"
+
+# dig all servers and check if same
+for rs in A.ROOT-SERVERS.NET. B.ROOT-SERVERS.NET. C.ROOT-SERVERS.NET. D.ROOT-SERVERS.NET. E.ROOT-SERVERS.NET. F.ROOT-SERVERS.NET. G.ROOT-SERVERS.NET. H.ROOT-SERVERS.NET. I.ROOT-SERVERS.NET. J.ROOT-SERVERS.NET. K.ROOT-SERVERS.NET. L.ROOT-SERVERS.NET. M.ROOT-SERVERS.NET.; do
+
+ addr4=`dig +short $rs A`
+ addr6=`dig +short $rs AAAA`
+
+ # all IP4 must be present as listed.
+ if test -z "$addr4" ; then
+ echo "$rs A is removed! It has changed!"
+ result="1"
+ fi
+ if grep $rs curlist | grep "$addr4" >/dev/null; then
+ echo "$rs is OK: A $addr4"
+ else
+ echo "$rs A now $addr4, it has changed!"
+ result="1"
+ fi
+ # if IP6 is "" then it must be "" as well in the compiled hints
+ if test -z "$addr6" ; then
+ if grep $rs curlist | grep ":" >/dev/null; then
+ echo "$rs AAAA now removed, it has changed!"
+ result="1"
+ else
+ echo $rs' is OK: AAAA ""'
+ fi
+ else
+ # root server has an IP6.
+ if grep $rs curlist | grep "$addr6" >/dev/null; then
+ echo "$rs is OK: AAAA $addr6"
+ else
+ echo "$rs AAAA now $addr6, it has changed!"
+ result="1"
+ fi
+ fi
+done
+
+exit $result
--- /dev/null
+#include <stdio.h>
+#include <stdlib.h>
+int main(int argc, char** argv) {
+ int i;
+ int max = atoi(argv[1]);
+ for(i=0; i<max; i++)
+ printf("a%8.8d.example.com IN A\n", i);
+ return 0;
+}
--- /dev/null
+# generate query file, $1=number $2=filename.
+
+cat >makeqs.c <<EOF
+#include <stdio.h>
+#include <stdlib.h>
+int main(int argc, char** argv) {
+ int i;
+ int max = atoi(argv[1]);
+ for(i=0; i<max; i++)
+ printf("a%8.8d.example.com IN A\n", i);
+ return 0;
+}
+EOF
+
+gcc -o makeqs makeqs.c
+
+#function makeqs() {
+ #i=0
+ #echo "; generated by makeqs" > $2
+ #while test $i -lt $1; do
+ #echo "a$i.example.com IN A" >> $2
+ #i=`expr $i + 1`
+ #done
+#}
+
+./makeqs 10 > q10.txt
+cat q10.txt
+./makeqs 100 > q100.txt
+./makeqs 1000 > q1000.txt
+./makeqs 10000 > q10000.txt
+./makeqs 100000 > q100000.txt
+#./makeqs 1000000 > q1000000.txt
+#./makeqs 10000000 > q10000000.txt
--- /dev/null
+server:
+ verbosity: 0
+ # num-threads: 1
+ interface: 127.0.0.1
+ port: @PORT@
+ use-syslog: no
+ directory: ""
+ pidfile: "unbound.pid"
+ chroot: ""
+ username: ""
+ do-not-query-localhost: no
+ rrset-cache-size: 100k
+ msg-cache-size: 100k
+forward-zone:
+ name: "."
+ forward-addr: "127.0.0.1@@TOPORT@"
+
--- /dev/null
+BaseName: speed_cache
+Version: 1.0
+Description: Speed test with cache sizes
+CreationDate: Fri Feb 15 15:46:25 CET 2008
+Maintainer: dr. W.C.A. Wijngaards
+Category:
+Component:
+CmdDepends:
+Depends:
+Help:
+Pre: speed_cache.pre
+Post: speed_cache.post
+Test: speed_cache.test
+AuxFiles:
+Passed:
+Failure:
--- /dev/null
+# #-- speed_cache.post --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# source the test var file when it's there
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+#
+# do your teardown here
+. ../common.sh
+kill_pid $FWD_PID
+kill_pid $UNBOUND_PID
--- /dev/null
+# #-- speed_cache.pre--#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+. ../common.sh
+get_random_port 2
+UNBOUND_PORT=$RND_PORT
+FWD_PORT=$(($RND_PORT + 1))
+echo "UNBOUND_PORT=$UNBOUND_PORT" >> .tpkg.var.test
+echo "FWD_PORT=$FWD_PORT" >> .tpkg.var.test
+
+# start forwarder
+get_ldns_testns
+$LDNS_TESTNS -p $FWD_PORT speed_cache.testns >fwd.log 2>&1 &
+FWD_PID=$!
+echo "FWD_PID=$FWD_PID" >> .tpkg.var.test
+
+# make config file
+sed -e 's/@PORT\@/'$UNBOUND_PORT'/' -e 's/@TOPORT\@/'$FWD_PORT'/' < speed_cache.conf > ub.conf
+# start unbound in the background
+PRE="../.."
+$PRE/unbound -d -c ub.conf >unbound.log 2>&1 &
+UNBOUND_PID=$!
+echo "UNBOUND_PID=$UNBOUND_PID" >> .tpkg.var.test
+
+cat .tpkg.var.test
+wait_ldns_testns_up fwd.log
+wait_unbound_up unbound.log
+
--- /dev/null
+# #-- speed_cache.test --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+PRE="../.."
+. ../common.sh
+
+# make tool
+get_make
+(cd $PRE; $MAKE perf)
+
+get_gcc
+$CC -o makeqs makeqs.c
+if test $? -ne 0; then
+ echo "could not compile makeqs"
+ exit 1
+fi
+
+./makeqs 10 > q10.txt
+cat q10.txt
+./makeqs 100 > q100.txt
+./makeqs 1000 > q1000.txt
+./makeqs 10000 > q10000.txt
+#./makeqs 100000 > q100000.txt
+#./makeqs 1000000 > q1000000.txt
+#./makeqs 10000000 > q10000000.txt
+
+# seconds per test
+dur=1
+
+# do the test
+echo "> perf test ldns-testns"
+$PRE/perf -d $dur -a "www.example.com IN A" 127.0.0.1@$FWD_PORT 2>&1 | tee outfile
+
+echo "> perf test cache-1"
+$PRE/perf -d $dur -a "www.example.com IN A" 127.0.0.1@$UNBOUND_PORT 2>&1 | tee outfile
+echo -n "cache-size-1 " >> ../.perfstats.txt
+grep "average qps" outfile >> ../.perfstats.txt
+
+# with $1=number $2=pretty-str $3=queryfile
+function perfnum() {
+ echo ""
+ echo "> perf test $1 $2"
+ $PRE/perf -d $dur -f $3 127.0.0.1@$UNBOUND_PORT 2>&1 | tee outfile
+ if test -n "$2"; then
+ echo -n "$2 " >> ../.perfstats.txt
+ grep "average qps" outfile >> ../.perfstats.txt
+ fi
+}
+
+function perftns() {
+ echo ""
+ echo "> perf testns $1 $2"
+ $PRE/perf -d $dur -f $3 127.0.0.1@$FWD_PORT 2>&1 | tee outfile
+}
+
+#perfnum 10 "" q10.txt
+perfnum 100 "cache-suffices" q100.txt
+#perfnum 1000 "" q1000.txt
+perfnum 10000 "cache-toosmall" q10000.txt
+#perfnum 100000 "100k" q100000.txt
+#perfnum 1000000 "1m" q1000000.txt
+#perfnum 1000000 "10m" q10000000.txt
+
+#perftns 10 "10" q10.txt
+#perftns 100 "100" q100.txt
+perftns 1000 "1k" q1000.txt
+#perftns 10000 "10k" q10000.txt
+#perftns 100000 "100k" q100000.txt
+#perftns 1000000 "1m" q1000000.txt
+#perftns 1000000 "10m" q10000000.txt
+
+echo "> cat logfiles"
+cat fwd.log
+cat unbound.log
+rm -f q*.txt
+exit 0
--- /dev/null
+; nameserver test file
+$ORIGIN example.com.
+$TTL 3600
+
+ENTRY_BEGIN
+MATCH opcode qtype
+REPLY QR AA NOERROR
+ADJUST copy_id copy_query
+SECTION QUESTION
+www IN A
+SECTION AUTHORITY
+@ IN SOA ns hostmaster 2008021401 1800 900 604800 86400
+ENTRY_END
+
--- /dev/null
+server:
+ verbosity: 1
+ # num-threads: 1
+ interface: 127.0.0.1
+ port: @PORT@
+ use-syslog: no
+ directory: ""
+ pidfile: "unbound.pid"
+ chroot: ""
+ username: ""
+ do-not-query-localhost: no
+forward-zone:
+ name: "."
+ forward-addr: "127.0.0.1@@TOPORT@"
+
--- /dev/null
+BaseName: speed_local
+Version: 1.0
+Description: Speed test with localhost query.
+CreationDate: Thu Feb 14 16:51:55 CET 2008
+Maintainer: dr. W.C.A. Wijngaards
+Category:
+Component:
+CmdDepends:
+Depends:
+Help:
+Pre: speed_local.pre
+Post: speed_local.post
+Test: speed_local.test
+AuxFiles:
+Passed:
+Failure:
--- /dev/null
+# #-- speed_local.post --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# source the test var file when it's there
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+#
+# do your teardown here
+. ../common.sh
+kill_pid $UNBOUND_PID
--- /dev/null
+# #-- speed_local.pre--#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+. ../common.sh
+get_random_port 2
+UNBOUND_PORT=$RND_PORT
+FWD_PORT=$(($RND_PORT + 1))
+echo "UNBOUND_PORT=$UNBOUND_PORT" >> .tpkg.var.test
+
+# make config file
+sed -e 's/@PORT\@/'$UNBOUND_PORT'/' -e 's/@TOPORT\@/'$FWD_PORT'/' < speed_local.conf > ub.conf
+# start unbound in the background
+PRE="../.."
+$PRE/unbound -d -c ub.conf >unbound.log 2>&1 &
+UNBOUND_PID=$!
+echo "UNBOUND_PID=$UNBOUND_PID" >> .tpkg.var.test
+
+cat .tpkg.var.test
+wait_unbound_up unbound.log
+
--- /dev/null
+# #-- speed_local.test --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+PRE="../.."
+. ../common.sh
+get_make
+(cd $PRE; $MAKE perf)
+
+echo "> perf version.server"
+$PRE/perf -d 1 -a "version.server CH TXT -" 127.0.0.1@$UNBOUND_PORT 2>&1 |
+tee outfile
+
+echo -n "version-server " > line.txt
+if grep "average qps" outfile >> line.txt 2>&1; then
+ echo "OK"
+else
+ echo "> cat logfiles"
+ cat unbound.log
+ echo "Not OK"
+ exit 1
+fi
+
+
+echo "> perf localhost"
+$PRE/perf -d 1 -a "localhost IN A -" 127.0.0.1@$UNBOUND_PORT 2>&1 |
+tee outfile
+
+echo -n "localhost-addr " >> line.txt
+if grep "average qps" outfile >> line.txt 2>&1; then
+ echo "OK"
+else
+ echo "> cat logfiles"
+ cat unbound.log
+ echo "Not OK"
+ exit 1
+fi
+
+cat line.txt >> ../.perfstats.txt
+
+exit 0
--- /dev/null
+; nameserver test file
+$ORIGIN example.com.
+$TTL 3600
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id
+SECTION QUESTION
+www IN A
+SECTION ANSWER
+www IN A 10.20.30.40
+ENTRY_END
+
--- /dev/null
+server:
+ verbosity: 2
+ # num-threads: 1
+ interface: 127.0.0.1
+ port: @PORT@
+ use-syslog: no
+ directory: ""
+ pidfile: "unbound.pid"
+ chroot: ""
+ username: ""
+ do-not-query-localhost: no
+ statistics-interval: 1
+forward-zone:
+ name: "."
+ forward-addr: "127.0.0.1@@TOPORT@"
+
--- /dev/null
+BaseName: stat_timer
+Version: 1.0
+Description: Test statistics-interval timer.
+CreationDate: Tue Feb 5 14:41:10 CET 2008
+Maintainer: dr. W.C.A. Wijngaards
+Category:
+Component:
+CmdDepends:
+Depends:
+Help:
+Pre: stat_timer.pre
+Post: stat_timer.post
+Test: stat_timer.test
+AuxFiles:
+Passed:
+Failure:
--- /dev/null
+# #-- stat_timer.post --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# source the test var file when it's there
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+#
+# do your teardown here
+. ../common.sh
+kill_pid $FWD_PID
+kill_pid $UNBOUND_PID
+
--- /dev/null
+# #-- stat_timer.pre--#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+. ../common.sh
+get_random_port 2
+UNBOUND_PORT=$RND_PORT
+FWD_PORT=$(($RND_PORT + 1))
+echo "UNBOUND_PORT=$UNBOUND_PORT" >> .tpkg.var.test
+echo "FWD_PORT=$FWD_PORT" >> .tpkg.var.test
+
+# start forwarder
+get_ldns_testns
+$LDNS_TESTNS -p $FWD_PORT stat_timer.testns >fwd.log 2>&1 &
+FWD_PID=$!
+echo "FWD_PID=$FWD_PID" >> .tpkg.var.test
+
+# make config file
+sed -e 's/@PORT\@/'$UNBOUND_PORT'/' -e 's/@TOPORT\@/'$FWD_PORT'/' < stat_timer.conf > ub.conf
+# start unbound in the background
+PRE="../.."
+$PRE/unbound -d -c ub.conf >unbound.log 2>&1 &
+UNBOUND_PID=$!
+echo "UNBOUND_PID=$UNBOUND_PID" >> .tpkg.var.test
+
+cat .tpkg.var.test
+wait_ldns_testns_up fwd.log
+wait_unbound_up unbound.log
+
--- /dev/null
+# #-- stat_timer.test --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+PRE="../.."
+# test if unbound is up
+echo "> dig www.example.com."
+dig @localhost -p $UNBOUND_PORT www.example.com. | tee outfile
+echo "> check answer"
+if grep "10.20.30.40" outfile; then
+ echo "OK"
+else
+ echo "> cat logfiles"
+ cat fwd.log
+ cat unbound.log
+ echo "Not OK"
+ exit 1
+fi
+
+# wait for statistics timer to go off a couple times.
+sleep 5
+
+n=`grep "server stats" unbound.log | wc | awk '{print $1}'`
+echo "counted $n stat lines"
+if test $n -gt 6; then
+ echo "OK"
+else
+ echo "> cat logfiles"
+ cat fwd.log
+ cat unbound.log
+ echo "Not OK"
+ exit 1
+fi
+
+echo "> cat logfiles"
+cat fwd.log
+cat unbound.log
+exit 0
--- /dev/null
+; nameserver test file
+$ORIGIN example.com.
+$TTL 3600
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id
+SECTION QUESTION
+www IN A
+SECTION ANSWER
+www IN A 10.20.30.40
+ENTRY_END
+
--- /dev/null
+server:
+ verbosity: 2
+ # num-threads: 1
+ interface: 127.0.0.1
+ port: @CLIEPORT@
+ use-syslog: no
+ directory: .
+ pidfile: "unbound-clie.pid"
+ chroot: ""
+ username: ""
+ do-not-query-localhost: no
+
+ ssl-upstream: yes
+
+forward-zone:
+ name: "."
+ forward-addr: "127.0.0.1@@SERVPORT@"
--- /dev/null
+BaseName: stream_ssl
+Version: 1.0
+Description: Stream queries over SSL channel.
+CreationDate: Wed Nov 9 14:02:31 CET 2011
+Maintainer: dr. W.C.A. Wijngaards
+Category:
+Component:
+CmdDepends:
+Depends:
+Help:
+Pre: stream_ssl.pre
+Post: stream_ssl.post
+Test: stream_ssl.test
+AuxFiles:
+Passed:
+Failure:
--- /dev/null
+# #-- stream_ssl.post --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# source the test var file when it's there
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+#
+# do your teardown here
+. ../common.sh
+kill_pid $UNBOUNDSERV_PID
+kill_pid $UNBOUNDCLIE_PID
--- /dev/null
+# #-- stream_ssl.pre--#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+. ../common.sh
+get_random_port 2
+SERV_PORT=$RND_PORT
+CLIE_PORT=$(($RND_PORT + 1))
+echo "SERV_PORT=$SERV_PORT" >> .tpkg.var.test
+echo "CLIE_PORT=$CLIE_PORT" >> .tpkg.var.test
+
+# make config files
+sed -e 's/@SERVPORT\@/'$SERV_PORT'/' -e 's/@CLIEPORT\@/'$CLIE_PORT'/' < stream_ssl.serv.conf > ubserv.conf
+sed -e 's/@SERVPORT\@/'$SERV_PORT'/' -e 's/@CLIEPORT\@/'$CLIE_PORT'/' < stream_ssl.clie.conf > ubclie.conf
+
+# start unbound in the background
+PRE="../.."
+$PRE/unbound -d -v -v -v -v -c ubserv.conf >unboundserv.log 2>&1 &
+UNBOUNDSERV_PID=$!
+echo "UNBOUNDSERV_PID=$UNBOUNDSERV_PID" >> .tpkg.var.test
+$PRE/unbound -d -v -v -v -v -c ubclie.conf >unboundclie.log 2>&1 &
+UNBOUNDCLIE_PID=$!
+echo "UNBOUNDCLIE_PID=$UNBOUNDCLIE_PID" >> .tpkg.var.test
+
+cat .tpkg.var.test
+wait_unbound_up unboundserv.log
+wait_unbound_up unboundclie.log
--- /dev/null
+server:
+ verbosity: 2
+ # num-threads: 1
+ interface: 127.0.0.1
+ port: @SERVPORT@
+ use-syslog: no
+ directory: .
+ pidfile: "unbound-serv.pid"
+ chroot: ""
+ username: ""
+ do-not-query-localhost: yes
+ local-data: "www.example.com. IN A 10.20.30.40"
+ ssl-port: @SERVPORT@
+ ssl-service-key: "unbound_server.key"
+ ssl-service-pem: "unbound_server.pem"
+
+# no other queries should reach here.
+forward-zone:
+ name: "."
+ forward-addr: "127.0.0.1"
--- /dev/null
+# #-- stream_ssl.test --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+PRE="../.."
+. ../common.sh
+get_make
+(cd $PRE; $MAKE streamtcp)
+
+# first test streamtcp against the server unbound.
+echo "> streamtcp -s www.example.com A IN"
+$PRE/streamtcp -s -f 127.0.0.1@$SERV_PORT www.example.com. A IN >outfile 2>&1
+if test "$?" -ne 0; then
+ echo "exit status not OK"
+ echo "> cat logfiles"
+ cat outfile
+ echo "SSLSERVICE"
+ cat unboundserv.log
+ echo "SSLCLIENT"
+ cat unboundclie.log
+ echo "Not OK"
+ exit 1
+else
+ echo "exit status OK"
+fi
+echo "> cat logfiles"
+cat outfile
+echo "SSLSERVICE"
+cat unboundserv.log
+echo "SSLCLIENT"
+cat unboundclie.log
+echo "> check answer"
+if grep "10.20.30.40" outfile; then
+ echo "OK"
+else
+ echo "Not OK"
+ exit 1
+fi
+
+rm -f outfile
+
+# test client unbound (no SSL towards it, but it does SSL to the SSL service)
+echo "> dig www.example.com A IN"
+dig @127.0.0.1 -p $CLIE_PORT www.example.com. >outfile 2>&1
+if test "$?" -ne 0; then
+ echo "exit status not OK"
+ echo "> cat logfiles"
+ cat outfile
+ echo "SSLSERVICE"
+ cat unboundserv.log
+ echo "SSLCLIENT"
+ cat unboundclie.log
+ echo "Not OK"
+ exit 1
+else
+ echo "exit status OK"
+fi
+echo "> cat logfiles"
+cat outfile
+echo "SSLSERVICE"
+cat unboundserv.log
+echo "SSLCLIENT"
+cat unboundclie.log
+echo "> check answer"
+if grep "10.20.30.40" outfile; then
+ echo "OK"
+else
+ echo "Not OK"
+ exit 1
+fi
+
+exit 0
--- /dev/null
+-----BEGIN RSA PRIVATE KEY-----
+MIICXAIBAAKBgQDD6DogNCsSeEa1u99+6PUVbGzjMzzei9MIK6s94+zcpp7OAOBa
+rzPA0vlyuNtUsEN3qwPomQQQmIgbT7OXkzC1wqioxwa609xoL8oW/I7e336rEyvH
+ST6JwUdIg0Lzg/USJ81eTwMnzYSd4Bpsqr9eP33ubaR7Gh/6o76loLOlcQIDAQAB
+AoGAFT3e35MIgI4uDJJ8X0RfHp2NCO2LUg4TKbWical/C0W9vlR1/x80G1pE1d2Z
+WotqJVWTrOq6eBox19RCgtLg2wPGk9uD62+9SDT37heWFlUCElWq50pQG6k9ThiG
+DDypkZyZ/52+DdWybiaQJkuK6O5qQXuNAtVJMpghu4GnHAECQQDsupnZUQDpapzr
+4FC4MSkL2+A1PRt6g4VhwoqOpJXaHfVnH6F7AwUuOLNwGdR5Cvv70pfJ7Jqg8L2m
+Kxyl5bORAkEA09rn34YQ0pHJdHidbl2kInIuYTz09+TO3LWwan17nISH9aaYvVDr
+p9x1B4Qzw9qyxT9oll7ze/5Rw/7C3AQj4QJAT2B2a+b8bkgAXBs4FbruL3rHoDJg
+P2FQXSpVOWU4lg2LlsuFYvDtUMVUbZdLplanjZXcral3Y9W1Ub2M+ped8QJAYQN+
+aRpge7ys7vwIw7B36Bo3aOncF+ScYe+FkM5Tm7II/JHEofT7ZQwMP1vnxIlSkgbe
+YvWqNB6a3NC99LikoQJBAM4UhDdRg63Tr6Idky6CQaH///zAN7nArJfffKGWFdw9
+DKrWpNqvYZtX/cfEJucKcRCm5YL8CKFYbQy4VoCxUcE=
+-----END RSA PRIVATE KEY-----
--- /dev/null
+-----BEGIN CERTIFICATE-----
+MIIBozCCAQwCCQD6XaN6FzW/4DANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwd1
+bmJvdW5kMB4XDTA4MDkxMTA5MDk0MFoXDTI4MDUyOTA5MDk0MFowGjEYMBYGA1UE
+AxMPdW5ib3VuZC1jb250cm9sMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDD
+6DogNCsSeEa1u99+6PUVbGzjMzzei9MIK6s94+zcpp7OAOBarzPA0vlyuNtUsEN3
+qwPomQQQmIgbT7OXkzC1wqioxwa609xoL8oW/I7e336rEyvHST6JwUdIg0Lzg/US
+J81eTwMnzYSd4Bpsqr9eP33ubaR7Gh/6o76loLOlcQIDAQABMA0GCSqGSIb3DQEB
+BQUAA4GBAGFAXmaQHuFgAuc6HVhYZJdToxLBhfxGpot4oZNjcb1Cdoz3OL34MU1B
+9E5psj2PpGPIi8/RwoqBtAJHJ+J5cWngo03o4ZmdwKNSzaxlp141z/3rUtFqEHEC
+iO6gPCT3U7dt6MyC7r6vdMqyW6aldP3CtwD0gQziKAMoj+TAfAcq
+-----END CERTIFICATE-----
--- /dev/null
+-----BEGIN RSA PRIVATE KEY-----
+MIICWwIBAAKBgQC3F7Jsv2u01pLL9rFnjsMU/IaCFUIz/624DcaE84Z4gjMl5kWA
+3axQcqul1wlwSrbKwrony+d9hH/+MX0tZwvl8w3OmhmOAiaQ+SHCsIuOjVwQjX0s
+RLB61Pz5+PAiVvnPa9JIYB5QrK6DVEsxIHj8MOc5JKORrnESsFDh6yeMeQIDAQAB
+AoGAAuWoGBprTOA8UGfl5LqYkaNxSWumsYXxLMFjC8WCsjN1NbtQDDr1uAwodSZS
+6ujzvX+ZTHnofs7y64XC8k34HTOCD2zlW7kijWbT8YjRYFU6o9F5zUGD9RCan0ds
+sVscT2psLSzfdsmFAcbmnGdxYkXk2PC1FHtaqExxehralGUCQQDcqrg9uQKXlhQi
+XAaPr8SiWvtRm2a9IMMZkRfUWZclPHq6fCWNuUaCD+cTat4wAuqeknAz33VEosw3
+fXGsok//AkEA1GjIHXrOcSlpfVJb6NeOBugjRtZ7ZDT5gbtnMS9ob0qntKV6saaL
+CNmJwuD9Q3XkU5j1+uHvYGP2NzcJd2CjhwJACV0hNlVMe9w9fHvFN4Gw6WbM9ViP
+0oS6YrJafYNTu5vGZXVxLoNnL4u3NYa6aPUmuZXjNwBLfJ8f5VboZPf6RwJAINd2
+oYA8bSi/A755MX4qmozH74r4Fx1Nuq5UHTm8RwDe/0Javx8F/j9MWpJY9lZDEF3l
+In5OebPa/NyInSmW/wJAZuP9aRn0nDBkHYri++1A7NykMiJ/nH0mDECbnk+wxx0S
+LwqIetBhxb8eQwMg45+iAH7CHAMQ8BQuF/nFE6eotg==
+-----END RSA PRIVATE KEY-----
--- /dev/null
+-----BEGIN CERTIFICATE-----
+MIIBmzCCAQQCCQDsNJ1UmphEFzANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwd1
+bmJvdW5kMB4XDTA4MDkxMTA5MDk0MFoXDTI4MDUyOTA5MDk0MFowEjEQMA4GA1UE
+AxMHdW5ib3VuZDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAtxeybL9rtNaS
+y/axZ47DFPyGghVCM/+tuA3GhPOGeIIzJeZFgN2sUHKrpdcJcEq2ysK6J8vnfYR/
+/jF9LWcL5fMNzpoZjgImkPkhwrCLjo1cEI19LESwetT8+fjwIlb5z2vSSGAeUKyu
+g1RLMSB4/DDnOSSjka5xErBQ4esnjHkCAwEAATANBgkqhkiG9w0BAQUFAAOBgQAZ
+9N0lnLENs4JMvPS+mn8C5m9bkkFITd32IiLjf0zgYpIUbFXH6XaEr9GNZBUG8feG
+l/6WRXnbnVSblI5odQ4XxGZ9inYY6qtW30uv76HvoKp+QZ1c3460ddR8NauhcCHH
+Z7S+QbLXi+r2JAhpPozZCjBHlRD0ixzA1mKQTJhJZg==
+-----END CERTIFICATE-----
--- /dev/null
+server:
+ verbosity: 2
+ # num-threads: 1
+ interface: 127.0.0.1
+ port: @PORT@
+ use-syslog: no
+ directory: .
+ pidfile: "unbound.pid"
+ chroot: ""
+ username: ""
+ do-not-query-localhost: no
+forward-zone:
+ name: "."
+ forward-addr: "127.0.0.1@@TOPORT@"
--- /dev/null
+BaseName: stream_tcp
+Version: 1.0
+Description: Stream several queries over a TCP channel.
+CreationDate: Fri Feb 8 11:09:09 CET 2008
+Maintainer: dr. W.C.A. Wijngaards
+Category:
+Component:
+CmdDepends:
+Depends:
+Help:
+Pre: stream_tcp.pre
+Post: stream_tcp.post
+Test: stream_tcp.test
+AuxFiles:
+Passed:
+Failure:
--- /dev/null
+# #-- stream_tcp.post --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# source the test var file when it's there
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+#
+# do your teardown here
+. ../common.sh
+kill_pid $FWD_PID
+kill_pid $UNBOUND_PID
--- /dev/null
+# #-- stream_tcp.pre--#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+. ../common.sh
+get_random_port 2
+UNBOUND_PORT=$RND_PORT
+FWD_PORT=$(($RND_PORT + 1))
+echo "UNBOUND_PORT=$UNBOUND_PORT" >> .tpkg.var.test
+echo "FWD_PORT=$FWD_PORT" >> .tpkg.var.test
+
+# start forwarder
+get_ldns_testns
+$LDNS_TESTNS -p $FWD_PORT stream_tcp.testns >fwd.log 2>&1 &
+FWD_PID=$!
+echo "FWD_PID=$FWD_PID" >> .tpkg.var.test
+
+# make config file
+sed -e 's/@PORT\@/'$UNBOUND_PORT'/' -e 's/@TOPORT\@/'$FWD_PORT'/' < stream_tcp.conf > ub.conf
+# start unbound in the background
+PRE="../.."
+$PRE/unbound -d -v -v -v -v -c ub.conf >unbound.log 2>&1 &
+UNBOUND_PID=$!
+echo "UNBOUND_PID=$UNBOUND_PID" >> .tpkg.var.test
+
+cat .tpkg.var.test
+wait_ldns_testns_up fwd.log
+wait_unbound_up unbound.log
--- /dev/null
+# #-- stream_tcp.test --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+PRE="../.."
+. ../common.sh
+get_make
+(cd $PRE; $MAKE streamtcp)
+
+# first test a single TCP query.
+echo "> query www.example.com."
+$PRE/streamtcp -f 127.0.0.1@$UNBOUND_PORT www.example.com. A IN >outfile 2>&1
+if test "$?" -ne 0; then
+ echo "exit status not OK"
+ echo "> cat logfiles"
+ cat outfile
+ cat fwd.log
+ cat unbound.log
+ echo "Not OK"
+ exit 1
+else
+ echo "exit status OK"
+fi
+echo "> cat logfiles"
+cat outfile
+cat fwd.log
+cat unbound.log
+echo "> check answer"
+if grep "10.20.30.40" outfile; then
+ echo "OK"
+else
+ echo "Not OK"
+ exit 1
+fi
+
+# test more
+echo ""
+echo ""
+echo "> query www.example.com www2.example.com www3.example.com"
+$PRE/streamtcp -f 127.0.0.1@$UNBOUND_PORT www.example.com. A IN www2.example.com. A IN www3.example.com A IN >outfile 2>&1
+if test "$?" -ne 0; then
+ echo "exit status not OK"
+ echo "> cat logfiles"
+ cat outfile
+ cat fwd.log
+ cat unbound.log
+ echo "Not OK"
+ exit 1
+else
+ echo "exit status OK"
+fi
+echo "> cat logfiles"
+cat outfile
+cat fwd.log
+cat unbound.log
+echo "> check answer"
+if grep "10.20.30.40" outfile; then
+ echo "OK"
+else
+ echo "Not OK"
+ exit 1
+fi
+if grep "10.20.30.42" outfile; then
+ echo "OK"
+else
+ echo "Not OK"
+ exit 1
+fi
+
+if grep "10.20.30.43" outfile; then
+ echo "OK"
+else
+ echo "Not OK"
+ exit 1
+fi
+
+exit 0
--- /dev/null
+; nameserver test file
+$ORIGIN example.com.
+$TTL 3600
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id
+SECTION QUESTION
+www IN A
+SECTION ANSWER
+www IN A 10.20.30.40
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id
+SECTION QUESTION
+www2 IN A
+SECTION ANSWER
+www2 IN A 10.20.30.42
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id
+SECTION QUESTION
+www3 IN A
+SECTION ANSWER
+www3 IN A 10.20.30.43
+ENTRY_END
+
--- /dev/null
+server:
+ verbosity: 2
+ # num-threads: 1
+ interface: 127.0.0.1
+ port: @PORT@
+ use-syslog: no
+ directory: ""
+ pidfile: "unbound.pid"
+ chroot: ""
+ username: ""
+ do-not-query-localhost: no
+stub-zone:
+ name: "example.com"
+ stub-addr: "127.0.0.1@@TOPORT@"
+# a k a root hints
+stub-zone:
+ name: "."
+ stub-addr: "127.0.0.1@@TOPORT@"
--- /dev/null
+BaseName: stub_udp
+Version: 1.0
+Description: Stub server contacted via UDP.
+CreationDate: Tue Sep 30 15:10:00 CEST 2008
+Maintainer: dr. W.C.A. Wijngaards
+Category:
+Component:
+CmdDepends:
+Depends:
+Help:
+Pre: stub_udp.pre
+Post: stub_udp.post
+Test: stub_udp.test
+AuxFiles:
+Passed:
+Failure:
--- /dev/null
+# #-- stub_udp.post --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# source the test var file when it's there
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+#
+# do your teardown here
+. ../common.sh
+kill_pid $FWD_PID
+kill_pid $UNBOUND_PID
--- /dev/null
+# #-- stub_udp.pre--#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+. ../common.sh
+
+get_random_port 2
+UNBOUND_PORT=$RND_PORT
+FWD_PORT=$(($RND_PORT + 1))
+echo "UNBOUND_PORT=$UNBOUND_PORT" >> .tpkg.var.test
+echo "FWD_PORT=$FWD_PORT" >> .tpkg.var.test
+
+# start forwarder
+get_ldns_testns
+$LDNS_TESTNS -p $FWD_PORT stub_udp.testns >fwd.log 2>&1 &
+FWD_PID=$!
+echo "FWD_PID=$FWD_PID" >> .tpkg.var.test
+
+# make config file
+sed -e 's/@PORT\@/'$UNBOUND_PORT'/' -e 's/@TOPORT\@/'$FWD_PORT'/' < stub_udp.conf > ub.conf
+# start unbound in the background
+PRE="../.."
+$PRE/unbound -d -c ub.conf >unbound.log 2>&1 &
+UNBOUND_PID=$!
+echo "UNBOUND_PID=$UNBOUND_PID" >> .tpkg.var.test
+
+cat .tpkg.var.test
+
+# wait for forwarder to come up
+wait_ldns_testns_up fwd.log
+
+# wait for unbound to come up
+wait_unbound_up unbound.log
+
--- /dev/null
+# #-- stub_udp.test --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+PRE="../.."
+# do the test
+echo "> dig www.example.com."
+dig @127.0.0.1 -p $UNBOUND_PORT www.example.com. | tee outfile
+echo "> cat logfiles"
+cat fwd.log
+cat unbound.log
+echo "> check answer"
+if grep "10.20.30.40" outfile; then
+ echo "OK"
+else
+ echo "Not OK"
+ exit 1
+fi
+
+
+# check delegations from cache by doing second test
+echo "> dig mail.example.com."
+dig @127.0.0.1 -p $UNBOUND_PORT mail.example.com. | tee outfile
+echo "> cat logfiles"
+cat fwd.log
+cat unbound.log
+echo "> check answer"
+if grep "10.20.30.66" outfile; then
+ echo "OK"
+else
+ echo "Not OK"
+ exit 1
+fi
+
+exit 0
--- /dev/null
+; nameserver test file
+$ORIGIN example.com.
+$TTL 3600
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id
+SECTION QUESTION
+www IN A
+SECTION ANSWER
+www IN A 10.20.30.40
+SECTION AUTHORITY
+@ IN NS ns.example.com.
+SECTION ADDITIONAL
+ns IN A 127.0.0.1
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id
+SECTION QUESTION
+mail IN A
+SECTION ANSWER
+mail IN A 10.20.30.66
+SECTION AUTHORITY
+@ IN NS ns.example.com.
+SECTION ADDITIONAL
+ns IN A 127.0.0.1
+ENTRY_END
+
+; root prime
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id
+SECTION QUESTION
+. IN NS
+SECTION ANSWER
+. IN NS root.server.
+SECTION AUTHORITY
+SECTION ADDITIONAL
+root.server. IN A 127.0.0.1
+ENTRY_END
+
--- /dev/null
+server:
+ verbosity: 2
+ # num-threads: 1
+ interface: ::1
+ outgoing-interface: ::1
+ port: @PORT@
+ use-syslog: no
+ directory: ""
+ pidfile: "unbound.pid"
+ chroot: ""
+ username: ""
+ do-not-query-localhost: no
+stub-zone:
+ name: "example.com"
+ stub-addr: "::1@@TOPORT@"
+# a k a root hints
+stub-zone:
+ name: "."
+ stub-addr: "::1@@TOPORT@"
--- /dev/null
+BaseName: stub_udp6
+Version: 1.0
+Description: Stub server contacted via UDP over IPv6.
+CreationDate: Wed Mar 10 13:33:06 CET 2010
+Maintainer: dr. W.C.A. Wijngaards
+Category:
+Component:
+CmdDepends:
+Depends:
+Help:
+Pre: stub_udp6.pre
+Post: stub_udp6.post
+Test: stub_udp6.test
+AuxFiles:
+Passed:
+Failure:
--- /dev/null
+# #-- stub_udp6.post --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# source the test var file when it's there
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+#
+# do your teardown here
+. ../common.sh
+kill_pid $FWD_PID
+kill_pid $UNBOUND_PID
--- /dev/null
+# #-- stub_udp6.pre--#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+. ../common.sh
+get_random_port 2
+UNBOUND_PORT=$RND_PORT
+FWD_PORT=$(($RND_PORT + 1))
+echo "UNBOUND_PORT=$UNBOUND_PORT" >> .tpkg.var.test
+echo "FWD_PORT=$FWD_PORT" >> .tpkg.var.test
+
+# start forwarder
+get_ldns_testns
+$LDNS_TESTNS -6 -p $FWD_PORT stub_udp6.testns >fwd.log 2>&1 &
+FWD_PID=$!
+echo "FWD_PID=$FWD_PID" >> .tpkg.var.test
+
+# make config file
+sed -e 's/@PORT\@/'$UNBOUND_PORT'/' -e 's/@TOPORT\@/'$FWD_PORT'/' < stub_udp6.conf > ub.conf
+# start unbound in the background
+PRE="../.."
+$PRE/unbound -d -c ub.conf >unbound.log 2>&1 &
+UNBOUND_PID=$!
+echo "UNBOUND_PID=$UNBOUND_PID" >> .tpkg.var.test
+
+cat .tpkg.var.test
+wait_ldns_testns_up fwd.log
+wait_unbound_up unbound.log
+
--- /dev/null
+# #-- stub_udp6.test --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+PRE="../.."
+# do the test
+echo "> dig www.example.com."
+dig @::1 -p $UNBOUND_PORT www.example.com. | tee outfile
+echo "> cat logfiles"
+cat fwd.log
+cat unbound.log
+echo "> check answer"
+if grep "10.20.30.40" outfile; then
+ echo "OK"
+else
+ echo "Not OK"
+ exit 1
+fi
+
+
+# check delegations from cache by doing second test
+echo "> dig mail.example.com."
+dig @::1 -p $UNBOUND_PORT mail.example.com. | tee outfile
+echo "> cat logfiles"
+cat fwd.log
+cat unbound.log
+echo "> check answer"
+if grep "10.20.30.66" outfile; then
+ echo "OK"
+else
+ echo "Not OK"
+ exit 1
+fi
+
+exit 0
--- /dev/null
+; nameserver test file
+$ORIGIN example.com.
+$TTL 3600
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id
+SECTION QUESTION
+www IN A
+SECTION ANSWER
+www IN A 10.20.30.40
+SECTION AUTHORITY
+@ IN NS ns.example.com.
+SECTION ADDITIONAL
+ns IN A 127.0.0.1
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id
+SECTION QUESTION
+mail IN A
+SECTION ANSWER
+mail IN A 10.20.30.66
+SECTION AUTHORITY
+@ IN NS ns.example.com.
+SECTION ADDITIONAL
+ns IN A 127.0.0.1
+ENTRY_END
+
+; root prime
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id
+SECTION QUESTION
+. IN NS
+SECTION ANSWER
+. IN NS root.server.
+SECTION AUTHORITY
+SECTION ADDITIONAL
+root.server. IN A 127.0.0.1
+ENTRY_END
+
--- /dev/null
+server:
+ verbosity: 2
+ # num-threads: 1
+ interface: 127.0.0.1
+ port: @PORT@
+ use-syslog: no
+ directory: .
+ pidfile: "unbound.pid"
+ chroot: ""
+ username: ""
+ do-not-query-localhost: no
+
+forward-zone:
+ name: "."
+ forward-addr: "127.0.0.1@@TOPORT@"
--- /dev/null
+BaseName: tcp_sigpipe
+Version: 1.0
+Description: Generate SIGPIPE over a TCP channel.
+CreationDate: Tue Apr 22 13:45:04 CEST 2008
+Maintainer: dr. W.C.A. Wijngaards
+Category:
+Component:
+CmdDepends:
+Depends:
+Help:
+Pre: tcp_sigpipe.pre
+Post: tcp_sigpipe.post
+Test: tcp_sigpipe.test
+AuxFiles:
+Passed:
+Failure:
--- /dev/null
+# #-- tcp_sigpipe.post --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# source the test var file when it's there
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+#
+# do your teardown here
+. ../common.sh
+kill_pid $FWD_PID
+kill_pid $UNBOUND_PID
--- /dev/null
+# #-- tcp_sigpipe.pre--#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+. ../common.sh
+get_random_port 2
+UNBOUND_PORT=$RND_PORT
+FWD_PORT=$(($RND_PORT + 1))
+echo "UNBOUND_PORT=$UNBOUND_PORT" >> .tpkg.var.test
+echo "FWD_PORT=$FWD_PORT" >> .tpkg.var.test
+
+# start forwarder
+get_ldns_testns
+$LDNS_TESTNS -p $FWD_PORT tcp_sigpipe.testns >fwd.log 2>&1 &
+FWD_PID=$!
+echo "FWD_PID=$FWD_PID" >> .tpkg.var.test
+
+# make config file
+sed -e 's/@PORT\@/'$UNBOUND_PORT'/' -e 's/@TOPORT\@/'$FWD_PORT'/' < tcp_sigpipe.conf > ub.conf
+# start unbound in the background
+PRE="../.."
+$PRE/unbound -d -c ub.conf >unbound.log 2>&1 &
+UNBOUND_PID=$!
+echo "UNBOUND_PID=$UNBOUND_PID" >> .tpkg.var.test
+
+cat .tpkg.var.test
+wait_ldns_testns_up fwd.log
+wait_unbound_up unbound.log
+
--- /dev/null
+# #-- tcp_sigpipe.test --#
+# source the master var file when it's there
+[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
+# use .tpkg.var.test for in test variable passing
+[ -f .tpkg.var.test ] && source .tpkg.var.test
+
+if uname | grep MINGW >/dev/null; then
+ echo "no job control in shell on windows. end test"
+ exit 0
+fi
+
+PRE="../.."
+. ../common.sh
+get_make
+(cd $PRE; $MAKE streamtcp)
+
+# first test a single TCP query.
+echo "> query www.example.com."
+$PRE/streamtcp -f 127.0.0.1@$UNBOUND_PORT www.example.com. A IN >outfile 2>&1 &
+kill -PIPE $UNBOUND_PID
+wait
+if test "$?" -ne 0; then
+ echo "exit status not OK"
+ echo "> cat logfiles"
+ cat outfile
+ cat fwd.log
+ cat unbound.log
+ echo "Not OK"
+ exit 1
+else
+ echo "exit status OK"
+fi
+echo "> cat logfiles"
+cat outfile
+cat fwd.log
+cat unbound.log
+echo "> check answer"
+if grep "10.20.30.40" outfile; then
+ echo "OK"
+else
+ echo "Not OK"
+ exit 1
+fi
+
+exit 0
--- /dev/null
+; nameserver test file
+$ORIGIN example.com.
+$TTL 3600
+
+ENTRY_BEGIN
+MATCH UDP opcode qtype qname
+REPLY QR AA NOERROR TC
+ADJUST copy_id
+SECTION QUESTION
+www IN A
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH TCP opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id sleep=3
+SECTION QUESTION
+www IN A
+SECTION ANSWER
+www IN A 10.20.30.40
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id
+SECTION QUESTION
+www2 IN A
+SECTION ANSWER
+www2 IN A 10.20.30.42
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode qtype qname
+REPLY QR AA NOERROR
+ADJUST copy_id
+SECTION QUESTION
+www3 IN A
+SECTION ANSWER
+www3 IN A 10.20.30.43
+ENTRY_END
+
projects / thirdparty / unbound.git / commitdiff
