From: Willem Toorop Date: Wed, 20 Jan 2021 21:19:44 +0000 (+0100) Subject: Test for ZONEMD verification X-Git-Tag: 1.8.0-rc.1~39 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=70b4e3e636aedd57ee338e32af26b857742d6d2d;p=thirdparty%2Fldns.git Test for ZONEMD verification --- diff --git a/test/25-ZONEMD.tpkg/25-ZONEMD.dsc b/test/25-ZONEMD.tpkg/25-ZONEMD.dsc new file mode 100644 index 00000000..8ab66b85 --- /dev/null +++ b/test/25-ZONEMD.tpkg/25-ZONEMD.dsc @@ -0,0 +1,15 @@ +BaseName: 25-ZONEMD +Version: 1.0 +Description: Check ldns-verify-zone on RFC8976 Appendix A example zones +CreationDate: Wed Jan 20 16:41:56 CET 2021 +Maintainer: Willem +Category: +Component: +Depends: +Help: 25-ZONEMD.help +Pre: +Post: +Test: 25-ZONEMD.test +AuxFiles: A.1.Simple-EXAMPLE-Zone A.2.Complex-EXAMPLE-Zone A.3.EXAMPLE-Zone-with-multiple-digests A.5.The-ROOT-SERVERS.NET-Zone repeated-ZONEMD-scheme-and-algorithm +Passed: +Failure: diff --git a/test/25-ZONEMD.tpkg/25-ZONEMD.help b/test/25-ZONEMD.tpkg/25-ZONEMD.help new file mode 100644 index 00000000..ae40c17e --- /dev/null +++ b/test/25-ZONEMD.tpkg/25-ZONEMD.help @@ -0,0 +1 @@ +No arguments are needed diff --git a/test/25-ZONEMD.tpkg/25-ZONEMD.test b/test/25-ZONEMD.tpkg/25-ZONEMD.test new file mode 100644 index 00000000..49b88b9a --- /dev/null +++ b/test/25-ZONEMD.tpkg/25-ZONEMD.test @@ -0,0 +1,35 @@ +[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master + +export LD_LIBRARY_PATH="../../lib:${LD_LIBRARY_PATH}" + +# These must succeed +# +for ZONE in A.1.Simple-EXAMPLE-Zone \ + A.2.Complex-EXAMPLE-Zone \ + A.3.EXAMPLE-Zone-with-multiple-digests \ + A.5.The-ROOT-SERVERS.NET-Zone +do + echo Verifying ${ZONE} + ../../examples/ldns-verify-zone -ZV 4 ${ZONE} + + if [[ $? -ne 0 ]]; then + echo "ZONE ${ZONE} failed" + exit 1 + fi +done + +# These must fail +# +for ZONE in repeated-ZONEMD-scheme-and-algorithm +do + echo Verifying ${ZONE} + ../../examples/ldns-verify-zone -ZV 4 ${ZONE} + + if [[ $? -eq 0 ]]; then + echo "ZONE ${ZONE} validated (which it should not)" + exit 1 + fi +done + + +exit 0 diff --git a/test/25-ZONEMD.tpkg/A.1.Simple-EXAMPLE-Zone b/test/25-ZONEMD.tpkg/A.1.Simple-EXAMPLE-Zone new file mode 100644 index 00000000..cfdb1d72 --- /dev/null +++ b/test/25-ZONEMD.tpkg/A.1.Simple-EXAMPLE-Zone @@ -0,0 +1,13 @@ +example. 86400 IN SOA ns1 admin 2018031900 ( + 1800 900 604800 86400 ) + 86400 IN NS ns1 + 86400 IN NS ns2 + 86400 IN ZONEMD 2018031900 1 1 ( + c68090d90a7aed71 + 6bc459f9340e3d7c + 1370d4d24b7e2fc3 + a1ddc0b9a87153b9 + a9713b3c9ae5cc27 + 777f98b8e730044c ) +ns1 3600 IN A 203.0.113.63 +ns2 3600 IN AAAA 2001:db8::63 diff --git a/test/25-ZONEMD.tpkg/A.2.Complex-EXAMPLE-Zone b/test/25-ZONEMD.tpkg/A.2.Complex-EXAMPLE-Zone new file mode 100644 index 00000000..54a085f3 --- /dev/null +++ b/test/25-ZONEMD.tpkg/A.2.Complex-EXAMPLE-Zone @@ -0,0 +1,25 @@ +example. 86400 IN SOA ns1 admin 2018031900 ( + 1800 900 604800 86400 ) + 86400 IN NS ns1 + 86400 IN NS ns2 + 86400 IN ZONEMD 2018031900 1 1 ( + 31cefb03814f5062 + ad12fa951ba0ef5f + 8da6ae354a415767 + 246f7dc932ceb1e7 + 42a2108f529db6a3 + 3a11c01493de358d ) +ns1 3600 IN A 203.0.113.63 +ns2 3600 IN AAAA 2001:db8::63 +occluded.sub 7200 IN TXT "I'm occluded but must be digested" +sub 7200 IN NS ns1 +duplicate 300 IN TXT "I must be digested just once" +duplicate 300 IN TXT "I must be digested just once" +foo.test. 555 IN TXT "out-of-zone data must be excluded" +non-apex 900 IN ZONEMD 2018031900 1 1 ( + 616c6c6f77656420 + 6275742069676e6f + 7265642e20616c6c + 6f77656420627574 + 2069676e6f726564 + 2e20616c6c6f7765 ) diff --git a/test/25-ZONEMD.tpkg/A.3.EXAMPLE-Zone-with-multiple-digests b/test/25-ZONEMD.tpkg/A.3.EXAMPLE-Zone-with-multiple-digests new file mode 100644 index 00000000..45c47ad0 --- /dev/null +++ b/test/25-ZONEMD.tpkg/A.3.EXAMPLE-Zone-with-multiple-digests @@ -0,0 +1,30 @@ +example. 86400 IN SOA ns1 admin 2018031900 ( + 1800 900 604800 86400 ) +example. 86400 IN NS ns1.example. +example. 86400 IN NS ns2.example. +example. 86400 IN ZONEMD 2018031900 1 1 ( + 62e6cf51b02e54b9 + b5f967d547ce4313 + 6792901f9f88e637 + 493daaf401c92c27 + 9dd10f0edb1c56f8 + 080211f8480ee306 ) +example. 86400 IN ZONEMD 2018031900 1 2 ( + 08cfa1115c7b948c + 4163a901270395ea + 226a930cd2cbcf2f + a9a5e6eb85f37c8a + 4e114d884e66f176 + eab121cb02db7d65 + 2e0cc4827e7a3204 + f166b47e5613fd27 ) +example. 86400 IN ZONEMD 2018031900 1 240 ( + e2d523f654b9422a + 96c5a8f44607bbee ) +example. 86400 IN ZONEMD 2018031900 241 1 ( + e1846540e33a9e41 + 89792d18d5d131f6 + 05fc283e ) +ns1.example. 3600 IN A 203.0.113.63 +ns2.example. 86400 IN TXT "This example has multiple digests" +ns2.example. 3600 IN AAAA 2001:db8::63 diff --git a/test/25-ZONEMD.tpkg/A.5.The-ROOT-SERVERS.NET-Zone b/test/25-ZONEMD.tpkg/A.5.The-ROOT-SERVERS.NET-Zone new file mode 100644 index 00000000..246f5e23 --- /dev/null +++ b/test/25-ZONEMD.tpkg/A.5.The-ROOT-SERVERS.NET-Zone @@ -0,0 +1,48 @@ +root-servers.net. 3600000 IN SOA a.root-servers.net. ( + nstld.verisign-grs.com. 2018091100 14400 7200 1209600 3600000 ) +root-servers.net. 3600000 IN NS a.root-servers.net. +root-servers.net. 3600000 IN NS b.root-servers.net. +root-servers.net. 3600000 IN NS c.root-servers.net. +root-servers.net. 3600000 IN NS d.root-servers.net. +root-servers.net. 3600000 IN NS e.root-servers.net. +root-servers.net. 3600000 IN NS f.root-servers.net. +root-servers.net. 3600000 IN NS g.root-servers.net. +root-servers.net. 3600000 IN NS h.root-servers.net. +root-servers.net. 3600000 IN NS i.root-servers.net. +root-servers.net. 3600000 IN NS j.root-servers.net. +root-servers.net. 3600000 IN NS k.root-servers.net. +root-servers.net. 3600000 IN NS l.root-servers.net. +root-servers.net. 3600000 IN NS m.root-servers.net. +a.root-servers.net. 3600000 IN AAAA 2001:503:ba3e::2:30 +a.root-servers.net. 3600000 IN A 198.41.0.4 +b.root-servers.net. 3600000 IN MX 20 mail.isi.edu. +b.root-servers.net. 3600000 IN AAAA 2001:500:200::b +b.root-servers.net. 3600000 IN A 199.9.14.201 +c.root-servers.net. 3600000 IN AAAA 2001:500:2::c +c.root-servers.net. 3600000 IN A 192.33.4.12 +d.root-servers.net. 3600000 IN AAAA 2001:500:2d::d +d.root-servers.net. 3600000 IN A 199.7.91.13 +e.root-servers.net. 3600000 IN AAAA 2001:500:a8::e +e.root-servers.net. 3600000 IN A 192.203.230.10 +f.root-servers.net. 3600000 IN AAAA 2001:500:2f::f +f.root-servers.net. 3600000 IN A 192.5.5.241 +g.root-servers.net. 3600000 IN AAAA 2001:500:12::d0d +g.root-servers.net. 3600000 IN A 192.112.36.4 +h.root-servers.net. 3600000 IN AAAA 2001:500:1::53 +h.root-servers.net. 3600000 IN A 198.97.190.53 +i.root-servers.net. 3600000 IN MX 10 mx.i.root-servers.org. +i.root-servers.net. 3600000 IN AAAA 2001:7fe::53 +i.root-servers.net. 3600000 IN A 192.36.148.17 +j.root-servers.net. 3600000 IN AAAA 2001:503:c27::2:30 +j.root-servers.net. 3600000 IN A 192.58.128.30 +k.root-servers.net. 3600000 IN AAAA 2001:7fd::1 +k.root-servers.net. 3600000 IN A 193.0.14.129 +l.root-servers.net. 3600000 IN AAAA 2001:500:9f::42 +l.root-servers.net. 3600000 IN A 199.7.83.42 +m.root-servers.net. 3600000 IN AAAA 2001:dc3::35 +m.root-servers.net. 3600000 IN A 202.12.27.33 +root-servers.net. 3600000 IN SOA a.root-servers.net. ( + nstld.verisign-grs.com. 2018091100 14400 7200 1209600 3600000 ) +root-servers.net. 3600000 IN ZONEMD 2018091100 1 1 ( + f1ca0ccd91bd5573d9f431c00ee0101b2545c97602be0a97 + 8a3b11dbfc1c776d5b3e86ae3d973d6b5349ba7f04340f79 ) diff --git a/test/25-ZONEMD.tpkg/repeated-ZONEMD-scheme-and-algorithm b/test/25-ZONEMD.tpkg/repeated-ZONEMD-scheme-and-algorithm new file mode 100644 index 00000000..8b1bc0a1 --- /dev/null +++ b/test/25-ZONEMD.tpkg/repeated-ZONEMD-scheme-and-algorithm @@ -0,0 +1,9 @@ +example. 86400 IN NS ns.example. +example. 86400 IN SOA ns.example. admin.example. 2018031900 1800 900 604800 86400 +example. 86400 IN ZONEMD 2018031900 1 1 8ee54f64ce0d57fd70e1a4811a9ca9e849e2e50cb5 ( + 98edf3ba9c2a58625335c1f966835f0d4338d9f78f + 557227d63bf6 ) + ZONEMD 2018031900 1 1 000000000000000000000000000000000000000000 ( + 000000000000000000000000000000000000000000 + 000000000000 ) +ns.example. 3600 IN A 127.0.0.1