From: Mark Andrews <marka@isc.org>
Date: Fri, 15 Sep 2023 04:27:31 +0000 (+1000)
Subject: Check RRSIG covered type in negative cache entry
X-Git-Tag: v9.19.18~82^2~1
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=8ce359652a3e0c873520b319e9ee4d17e048d75c;p=thirdparty%2Fbind9.git

Check RRSIG covered type in negative cache entry

The covered type previously displayed as TYPE0 when it should
have reflected the records that was actually covered.
---

diff --git a/bin/tests/system/dnssec/tests.sh b/bin/tests/system/dnssec/tests.sh
index f3e579d1fd2..5daa9bff505 100644
--- a/bin/tests/system/dnssec/tests.sh
+++ b/bin/tests/system/dnssec/tests.sh
@@ -377,6 +377,14 @@ if [ -x "${DELV}" ] ; then
    status=$((status+ret))
 fi
 
+echo_i "checking RRSIG covered type in negative cache entry ($n)"
+ret=0
+rndc_dumpdb ns4
+grep -F '; example. RRSIG NSEC ...' ns4/named_dump.db.test$n > /dev/null || ret=1
+n=$((n+1))
+test "$ret" -eq 0 || echo_i "failed"
+status=$((status+ret))
+
 echo_i "checking negative validation NXDOMAIN NSEC3 ($n)"
 ret=0
 dig_with_opts +noauth q.nsec3.example. \