--- /dev/null
+#!/bin/sh
+
+NSEC3=`cleandig test.dyndns NSEC3PARAM hidesoadetails dnssec`
+echo $NSEC3
+HAVENSEC3=`echo $NSEC3 | egrep 'IN[[:space:]]NSEC3PARAM' | wc -l`
+
+cleandig c.host.test.dyndns A hidesoadetails dnssec
+
+cleannsupdate <<!
+server $nameserver $port
+zone test.dyndns
+update add test.dyndns. 3600 NSEC3PARAM 1 1 10 DCBE
+update add b.host.test.dyndns. 3600 A 127.0.0.1
+send
+answer
+!
+
+cleandig test.dyndns NSEC3PARAM hidesoadetails dnssec
+cleandig c.host.test.dyndns A hidesoadetails dnssec
+
+cleannsupdate <<!
+server $nameserver $port
+zone test.dyndns
+update DELETE test.dyndns. NSEC3PARAM
+update DELETE b.host.test.dyndns. 3600 A 127.0.0.1
+send
+answer
+!
+
+cleandig test.dyndns NSEC3PARAM hidesoadetails dnssec
+cleandig c.host.test.dyndns A hidesoadetails dnssec
+
+if [ $HAVENSEC3 != 0 ]
+then
+ cleannsupdate <<!
+ server $nameserver $port
+ zone test.dyndns
+ update add test.dyndns. 3600 NSEC3PARAM 1 1 1 abcd
+ send
+ answer
+!
+
+ cleandig test.dyndns NSEC3PARAM hidesoadetails dnssec
+ cleandig c.host.test.dyndns A hidesoadetails dnssec
+fi
--- /dev/null
+This test checks if adding/updating an NSEC3PARAM with other records in one go works.
+When adding/updating the NSEC3PARAM, the new values must also be used on the other records as well.
--- /dev/null
+1 test.dyndns. IN NSEC 86400 cname1.test.dyndns. NS SOA MX RRSIG NSEC DNSKEY 1 test.dyndns. IN RRSIG 3600 SOA 8 2 3600 [expiry] [inception] [keytag] test.dyndns. ... 1 test.dyndns. IN RRSIG 86400 NSEC 8 2 86400 [expiry] [inception] [keytag] test.dyndns. ... 1 test.dyndns. IN SOA 3600 ns1.test.dyndns. ahu.example.dyndns. [serial] 28800 7200 604800 86400 2 . IN OPT 32768 Rcode: 0, RD: 0, QR: 1, TC: 0, AA: 1, opcode: 0 Reply to question for qname='test.dyndns.', qtype=NSEC3PARAM
+1 a.host.test.dyndns. IN NSEC 86400 e.host.test.dyndns. A RRSIG NSEC
+1 a.host.test.dyndns. IN RRSIG 86400 NSEC 8 4 86400 [expiry] [inception] [keytag] test.dyndns. ...
+1 test.dyndns. IN NSEC 86400 cname1.test.dyndns. NS SOA MX RRSIG NSEC DNSKEY
+1 test.dyndns. IN RRSIG 3600 SOA 8 2 3600 [expiry] [inception] [keytag] test.dyndns. ...
+1 test.dyndns. IN RRSIG 86400 NSEC 8 2 86400 [expiry] [inception] [keytag] test.dyndns. ...
+1 test.dyndns. IN SOA 3600 ns1.test.dyndns. ahu.example.dyndns. [serial] 28800 7200 604800 86400
+2 . IN OPT 32768
+Rcode: 3, RD: 0, QR: 1, TC: 0, AA: 1, opcode: 0
+Reply to question for qname='c.host.test.dyndns.', qtype=A
+Answer:
+;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: [id]
+;; flags: qr aa; ZONE: 1, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
+;; ZONE SECTION:
+;test.dyndns. IN SOA
+
+0 test.dyndns. IN NSEC3PARAM 86400 1 0 10 dcbe
+0 test.dyndns. IN RRSIG 86400 NSEC3PARAM 8 2 86400 [expiry] [inception] [keytag] test.dyndns. ...
+2 . IN OPT 32768
+Rcode: 0, RD: 0, QR: 1, TC: 0, AA: 1, opcode: 0
+Reply to question for qname='test.dyndns.', qtype=NSEC3PARAM
+1 ac2jl1kik929tr9i5rfcmbucm547n51a.test.dyndns. IN NSEC3 86400 1 1 10 dcbe EE295AK1NDT9O0RLL1A4RPPB4NAOV4QM
+1 ac2jl1kik929tr9i5rfcmbucm547n51a.test.dyndns. IN RRSIG 86400 NSEC3 8 3 86400 [expiry] [inception] [keytag] test.dyndns. ...
+1 lavvds84bcal6n6qnavn3q1u4jcpjev9.test.dyndns. IN NSEC3 86400 1 1 10 dcbe PE3H59F3RU6VID4OK0T4TSU6D0NDRVHS A RRSIG
+1 lavvds84bcal6n6qnavn3q1u4jcpjev9.test.dyndns. IN RRSIG 86400 NSEC3 8 3 86400 [expiry] [inception] [keytag] test.dyndns. ...
+1 test.dyndns. IN RRSIG 3600 SOA 8 2 3600 [expiry] [inception] [keytag] test.dyndns. ...
+1 test.dyndns. IN SOA 3600 ns1.test.dyndns. ahu.example.dyndns. [serial] 28800 7200 604800 86400
+2 . IN OPT 32768
+Rcode: 3, RD: 0, QR: 1, TC: 0, AA: 1, opcode: 0
+Reply to question for qname='c.host.test.dyndns.', qtype=A
+Answer:
+;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: [id]
+;; flags: qr aa; ZONE: 1, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
+;; ZONE SECTION:
+;test.dyndns. IN SOA
+
+1 test.dyndns. IN NSEC 86400 cname1.test.dyndns. NS SOA MX RRSIG NSEC DNSKEY
+1 test.dyndns. IN RRSIG 3600 SOA 8 2 3600 [expiry] [inception] [keytag] test.dyndns. ...
+1 test.dyndns. IN RRSIG 86400 NSEC 8 2 86400 [expiry] [inception] [keytag] test.dyndns. ...
+1 test.dyndns. IN SOA 3600 ns1.test.dyndns. ahu.example.dyndns. [serial] 28800 7200 604800 86400
+2 . IN OPT 32768
+Rcode: 0, RD: 0, QR: 1, TC: 0, AA: 1, opcode: 0
+Reply to question for qname='test.dyndns.', qtype=NSEC3PARAM
+1 a.host.test.dyndns. IN NSEC 86400 e.host.test.dyndns. A RRSIG NSEC
+1 a.host.test.dyndns. IN RRSIG 86400 NSEC 8 4 86400 [expiry] [inception] [keytag] test.dyndns. ...
+1 test.dyndns. IN NSEC 86400 cname1.test.dyndns. NS SOA MX RRSIG NSEC DNSKEY
+1 test.dyndns. IN RRSIG 3600 SOA 8 2 3600 [expiry] [inception] [keytag] test.dyndns. ...
+1 test.dyndns. IN RRSIG 86400 NSEC 8 2 86400 [expiry] [inception] [keytag] test.dyndns. ...
+1 test.dyndns. IN SOA 3600 ns1.test.dyndns. ahu.example.dyndns. [serial] 28800 7200 604800 86400
+2 . IN OPT 32768
+Rcode: 3, RD: 0, QR: 1, TC: 0, AA: 1, opcode: 0
+Reply to question for qname='c.host.test.dyndns.', qtype=A
--- /dev/null
+0 test.dyndns. IN NSEC3PARAM 86400 1 0 1 abcd 0 test.dyndns. IN RRSIG 86400 NSEC3PARAM 8 2 86400 [expiry] [inception] [keytag] test.dyndns. ... 2 . IN OPT 32768 Rcode: 0, RD: 0, QR: 1, TC: 0, AA: 1, opcode: 0 Reply to question for qname='test.dyndns.', qtype=NSEC3PARAM
+1 4i84rosksbmegcqfnkf6n6ci093h7rq4.test.dyndns. IN NSEC3 86400 1 1 1 abcd 8PQJV4B3M0LCFMVAE0HP394LC154L1I7 CNAME RRSIG
+1 4i84rosksbmegcqfnkf6n6ci093h7rq4.test.dyndns. IN RRSIG 86400 NSEC3 8 3 86400 [expiry] [inception] [keytag] test.dyndns. ...
+1 dsa3ti9nu3apdsvl3f63qlvakv555sr6.test.dyndns. IN NSEC3 86400 1 1 1 abcd FQU365VN7BR5CSV8CG6NE9V8HA6D008P A RRSIG
+1 dsa3ti9nu3apdsvl3f63qlvakv555sr6.test.dyndns. IN RRSIG 86400 NSEC3 8 3 86400 [expiry] [inception] [keytag] test.dyndns. ...
+1 lmrsadk2bb62qpruaules5i5ap06cp55.test.dyndns. IN NSEC3 86400 1 1 1 abcd LRESBBP3LV8BLGJ9FSGTDMM4Q7VJ3D6J
+1 lmrsadk2bb62qpruaules5i5ap06cp55.test.dyndns. IN RRSIG 86400 NSEC3 8 3 86400 [expiry] [inception] [keytag] test.dyndns. ...
+1 test.dyndns. IN RRSIG 3600 SOA 8 2 3600 [expiry] [inception] [keytag] test.dyndns. ...
+1 test.dyndns. IN SOA 3600 ns1.test.dyndns. ahu.example.dyndns. [serial] 28800 7200 604800 86400
+2 . IN OPT 32768
+Rcode: 3, RD: 0, QR: 1, TC: 0, AA: 1, opcode: 0
+Reply to question for qname='c.host.test.dyndns.', qtype=A
+Answer:
+;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: [id]
+;; flags: qr aa; ZONE: 1, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
+;; ZONE SECTION:
+;test.dyndns. IN SOA
+
+0 test.dyndns. IN NSEC3PARAM 86400 1 0 10 dcbe
+0 test.dyndns. IN RRSIG 86400 NSEC3PARAM 8 2 86400 [expiry] [inception] [keytag] test.dyndns. ...
+2 . IN OPT 32768
+Rcode: 0, RD: 0, QR: 1, TC: 0, AA: 1, opcode: 0
+Reply to question for qname='test.dyndns.', qtype=NSEC3PARAM
+1 ac2jl1kik929tr9i5rfcmbucm547n51a.test.dyndns. IN NSEC3 86400 1 1 10 dcbe EE295AK1NDT9O0RLL1A4RPPB4NAOV4QM
+1 ac2jl1kik929tr9i5rfcmbucm547n51a.test.dyndns. IN RRSIG 86400 NSEC3 8 3 86400 [expiry] [inception] [keytag] test.dyndns. ...
+1 lavvds84bcal6n6qnavn3q1u4jcpjev9.test.dyndns. IN NSEC3 86400 1 1 10 dcbe PE3H59F3RU6VID4OK0T4TSU6D0NDRVHS A RRSIG
+1 lavvds84bcal6n6qnavn3q1u4jcpjev9.test.dyndns. IN RRSIG 86400 NSEC3 8 3 86400 [expiry] [inception] [keytag] test.dyndns. ...
+1 test.dyndns. IN RRSIG 3600 SOA 8 2 3600 [expiry] [inception] [keytag] test.dyndns. ...
+1 test.dyndns. IN SOA 3600 ns1.test.dyndns. ahu.example.dyndns. [serial] 28800 7200 604800 86400
+2 . IN OPT 32768
+Rcode: 3, RD: 0, QR: 1, TC: 0, AA: 1, opcode: 0
+Reply to question for qname='c.host.test.dyndns.', qtype=A
+Answer:
+;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: [id]
+;; flags: qr aa; ZONE: 1, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
+;; ZONE SECTION:
+;test.dyndns. IN SOA
+
+1 test.dyndns. IN NSEC 86400 cname1.test.dyndns. NS SOA MX RRSIG NSEC DNSKEY
+1 test.dyndns. IN RRSIG 3600 SOA 8 2 3600 [expiry] [inception] [keytag] test.dyndns. ...
+1 test.dyndns. IN RRSIG 86400 NSEC 8 2 86400 [expiry] [inception] [keytag] test.dyndns. ...
+1 test.dyndns. IN SOA 3600 ns1.test.dyndns. ahu.example.dyndns. [serial] 28800 7200 604800 86400
+2 . IN OPT 32768
+Rcode: 0, RD: 0, QR: 1, TC: 0, AA: 1, opcode: 0
+Reply to question for qname='test.dyndns.', qtype=NSEC3PARAM
+1 a.host.test.dyndns. IN NSEC 86400 e.host.test.dyndns. A RRSIG NSEC
+1 a.host.test.dyndns. IN RRSIG 86400 NSEC 8 4 86400 [expiry] [inception] [keytag] test.dyndns. ...
+1 test.dyndns. IN NSEC 86400 cname1.test.dyndns. NS SOA MX RRSIG NSEC DNSKEY
+1 test.dyndns. IN RRSIG 3600 SOA 8 2 3600 [expiry] [inception] [keytag] test.dyndns. ...
+1 test.dyndns. IN RRSIG 86400 NSEC 8 2 86400 [expiry] [inception] [keytag] test.dyndns. ...
+1 test.dyndns. IN SOA 3600 ns1.test.dyndns. ahu.example.dyndns. [serial] 28800 7200 604800 86400
+2 . IN OPT 32768
+Rcode: 3, RD: 0, QR: 1, TC: 0, AA: 1, opcode: 0
+Reply to question for qname='c.host.test.dyndns.', qtype=A
+Answer:
+;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: [id]
+;; flags: qr aa; ZONE: 1, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
+;; ZONE SECTION:
+;test.dyndns. IN SOA
+
+0 test.dyndns. IN NSEC3PARAM 86400 1 0 1 abcd
+0 test.dyndns. IN RRSIG 86400 NSEC3PARAM 8 2 86400 [expiry] [inception] [keytag] test.dyndns. ...
+2 . IN OPT 32768
+Rcode: 0, RD: 0, QR: 1, TC: 0, AA: 1, opcode: 0
+Reply to question for qname='test.dyndns.', qtype=NSEC3PARAM
+1 4i84rosksbmegcqfnkf6n6ci093h7rq4.test.dyndns. IN NSEC3 86400 1 1 1 abcd 8PQJV4B3M0LCFMVAE0HP394LC154L1I7 CNAME RRSIG
+1 4i84rosksbmegcqfnkf6n6ci093h7rq4.test.dyndns. IN RRSIG 86400 NSEC3 8 3 86400 [expiry] [inception] [keytag] test.dyndns. ...
+1 dsa3ti9nu3apdsvl3f63qlvakv555sr6.test.dyndns. IN NSEC3 86400 1 1 1 abcd FQU365VN7BR5CSV8CG6NE9V8HA6D008P A RRSIG
+1 dsa3ti9nu3apdsvl3f63qlvakv555sr6.test.dyndns. IN RRSIG 86400 NSEC3 8 3 86400 [expiry] [inception] [keytag] test.dyndns. ...
+1 lmrsadk2bb62qpruaules5i5ap06cp55.test.dyndns. IN NSEC3 86400 1 1 1 abcd LRESBBP3LV8BLGJ9FSGTDMM4Q7VJ3D6J
+1 lmrsadk2bb62qpruaules5i5ap06cp55.test.dyndns. IN RRSIG 86400 NSEC3 8 3 86400 [expiry] [inception] [keytag] test.dyndns. ...
+1 test.dyndns. IN RRSIG 3600 SOA 8 2 3600 [expiry] [inception] [keytag] test.dyndns. ...
+1 test.dyndns. IN SOA 3600 ns1.test.dyndns. ahu.example.dyndns. [serial] 28800 7200 604800 86400
+2 . IN OPT 32768
+Rcode: 3, RD: 0, QR: 1, TC: 0, AA: 1, opcode: 0
+Reply to question for qname='c.host.test.dyndns.', qtype=A
--- /dev/null
+This test is skipped in narrow mode as we cannot set narrow via nsec3param.
+So, this test could impact other tests, as after this test has run, narrow mode would be off.
--- /dev/null
+Test requires rfc2136.
then
mysql --user="$GMYSQLUSER" --password="$GMYSQLPASSWD" --host="$GMYSQLHOST" \
"$GMYSQLDB" \
- -e "SELECT r.name, r.type, r.prio, r.content, r.ttl FROM domains d JOIN records r ON d.id=r.domain_id WHERE d.name='test.dyndns' AND r.type != 'SOA' ORDER BY r.name, r.type, r.content, r.ttl, r.prio" > ${testsdir}/${testname}/$step
+ -e "SELECT r.name, r.type, r.prio, r.content, r.ttl FROM domains d JOIN records r ON d.id=r.domain_id WHERE d.name='test.dyndns' AND(r.type != 'SOA' OR r.type IS NULL) ORDER BY r.name, r.type, r.content, r.ttl, r.prio" > ${testsdir}/${testname}/$step
else
mysql --user="$GMYSQLUSER" --password="$GMYSQLPASSWD" --host="$GMYSQLHOST" \
"$GMYSQLDB" \
- -e "SELECT r.name, r.type, r.prio, r.content, r.ttl, CONCAT('''', CONCAT(r.ordername, '''')), r.auth FROM domains d JOIN records r ON d.id=r.domain_id WHERE d.name='test.dyndns' AND r.type != 'SOA' ORDER BY r.name, r.type, r.content, r.ttl, r.prio" > ${testsdir}/${testname}/$step
+ -e "SELECT r.name, r.type, r.prio, r.content, r.ttl, CONCAT('''', CONCAT(r.ordername, '''')), r.auth FROM domains d JOIN records r ON d.id=r.domain_id WHERE d.name='test.dyndns' AND(r.type != 'SOA' OR r.type IS NULL) ORDER BY r.name, r.type, r.content, r.ttl, r.prio" > ${testsdir}/${testname}/$step
fi
if [ ! "$step" == "start" ]
projects / thirdparty / pdns.git / commitdiff
