From bb653d37e007ed3f35116b747262d187a3ee2f60 Mon Sep 17 00:00:00 2001 From: Mark Andrews Date: Tue, 13 Aug 2024 10:32:19 +1000 Subject: [PATCH] Add bad dnssec-policy range variants test examples --- .../checkconf/bad-dnssec-policy-range1.conf | 18 ++++++++++++++++++ .../checkconf/bad-dnssec-policy-range2.conf | 18 ++++++++++++++++++ .../checkconf/bad-dnssec-policy-range3.conf | 18 ++++++++++++++++++ .../checkconf/bad-dnssec-policy-range4.conf | 18 ++++++++++++++++++ 4 files changed, 72 insertions(+) create mode 100644 bin/tests/system/checkconf/bad-dnssec-policy-range1.conf create mode 100644 bin/tests/system/checkconf/bad-dnssec-policy-range2.conf create mode 100644 bin/tests/system/checkconf/bad-dnssec-policy-range3.conf create mode 100644 bin/tests/system/checkconf/bad-dnssec-policy-range4.conf diff --git a/bin/tests/system/checkconf/bad-dnssec-policy-range1.conf b/bin/tests/system/checkconf/bad-dnssec-policy-range1.conf new file mode 100644 index 00000000000..a4398438d5e --- /dev/null +++ b/bin/tests/system/checkconf/bad-dnssec-policy-range1.conf @@ -0,0 +1,18 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * SPDX-License-Identifier: MPL-2.0 + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, you can obtain one at https://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +dnssec-policy reverse-order { + keys { + csk lifetime unlimited algorithm rsasha256 tag-range 32767 0 2048; + }; +}; diff --git a/bin/tests/system/checkconf/bad-dnssec-policy-range2.conf b/bin/tests/system/checkconf/bad-dnssec-policy-range2.conf new file mode 100644 index 00000000000..f2d29116626 --- /dev/null +++ b/bin/tests/system/checkconf/bad-dnssec-policy-range2.conf @@ -0,0 +1,18 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * SPDX-License-Identifier: MPL-2.0 + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, you can obtain one at https://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +dnssec-policy too-big-start { + keys { + csk lifetime unlimited algorithm rsasha256 tag-range 65536 0 2048; + }; +}; diff --git a/bin/tests/system/checkconf/bad-dnssec-policy-range3.conf b/bin/tests/system/checkconf/bad-dnssec-policy-range3.conf new file mode 100644 index 00000000000..131a98d1a3e --- /dev/null +++ b/bin/tests/system/checkconf/bad-dnssec-policy-range3.conf @@ -0,0 +1,18 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * SPDX-License-Identifier: MPL-2.0 + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, you can obtain one at https://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +dnssec-policy too-big-end { + keys { + csk lifetime unlimited algorithm rsasha256 tag-range 0 65536 2048; + }; +}; diff --git a/bin/tests/system/checkconf/bad-dnssec-policy-range4.conf b/bin/tests/system/checkconf/bad-dnssec-policy-range4.conf new file mode 100644 index 00000000000..2b3232ca7a1 --- /dev/null +++ b/bin/tests/system/checkconf/bad-dnssec-policy-range4.conf @@ -0,0 +1,18 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * SPDX-License-Identifier: MPL-2.0 + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, you can obtain one at https://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +dnssec-policy start-equals-end { + keys { + csk lifetime unlimited algorithm rsasha256 tag-range 0 0 2048; + }; +}; -- 2.47.3