zone="$1"
echo_i "setting up zone: $zone"
zonefile="${zone}.db"
- infile="${zone}.db.infile"
cp template.db.in "$zonefile"
}
for zn in nsec-to-nsec3 nsec3 nsec3-other nsec3-change nsec3-to-nsec \
nsec3-to-optout nsec3-from-optout nsec3-dynamic \
nsec3-dynamic-change nsec3-dynamic-to-inline \
- nsec3-inline-to-dynamic nsec3-dynamic-update-inline; do
+ nsec3-inline-to-dynamic nsec3-dynamic-update-inline \
+ nsec3-ent; do
setup "${zn}.kasp"
done
else
copy_setports ns3/named-fips.conf.in ns3/named-fips.conf
# includes named-fips.conf
- cp ns3/named.conf.in ns3/named.conf
+ cp ns3/named1.conf.in ns3/named.conf
fi
(
cd ns3
echo_i "check zone ${ZONE} after reload"
check_nsec3
+# Zone: nsec3-ent.kasp (regression test for #5108)
+n=$((n + 1))
+echo_i "check queries for newly empty names do not crash ($n)"
+set_zone_policy "nsec3-ent.kasp"
+set_server "ns3" "10.53.0.3"
+# confirm the pre-existing name still exists
+dig_with_opts +noquestion "@${SERVER}" c.$ZONE >"dig.out.$ZONE.test$n.1" || ret=1
+grep "c\.nsec3-ent\.kasp\..*IN.*A.*10\.0\.0\.3" "dig.out.$ZONE.test$n.1" >/dev/null || ret=1
+# remove a name, bump the SOA, reload, and try the query again
+sed -e 's/1 *; serial/2/' -e '/^c/d' ns3/template.db.in >ns3/nsec3-ent.kasp.db
+rndc_reload ns3 10.53.0.3
+dig_with_opts +noquestion "@${SERVER}" c.$ZONE >"dig.out.$ZONE.test$n.2" || ret=1
+grep "status: NXDOMAIN" "dig.out.$ZONE.test$n.2" >/dev/null || ret=1
+if [ "$ret" -ne 0 ]; then echo_i "failed"; fi
+status=$((status + ret))
+
echo_i "exit status: $status"
[ $status -eq 0 ] || exit 1
projects / thirdparty / bind9.git / commitdiff
