Check conf dnssec-policy inline-signing secondary

Add a variant of checking configuration where inline-signing is
enabled on the secondary, requiring the 'file' entry. This time,
inline-signing is implicitly enabled via dnssec-policy.

diff --git a/bin/tests/system/checkconf/inline-inherit.conf b/bin/tests/system/checkconf/inline-inherit.conf
new file mode 100644 (file)
index 0000000..8cc7da6
--- /dev/null
+++ b/bin/tests/system/checkconf/inline-inherit.conf
@@ -0,0 +1,7 @@
+remote-servers "stealthPrimaries" {127.0.0.1;};
+zone "example.net" {
+       type secondary;
+       dnssec-policy default;
+       primaries { stealthPrimaries; };
+};
+

diff --git a/bin/tests/system/checkconf/tests.sh b/bin/tests/system/checkconf/tests.sh
index 330da510e3c84aadb7cbc31ae65eade53f67f732..539afaf56a6e1214a6b50e6960acbf0ecb6c079b 100644 (file)
--- a/bin/tests/system/checkconf/tests.sh
+++ b/bin/tests/system/checkconf/tests.sh
@@ -277,6 +277,9 @@ l=$(grep "missing 'file' entry" <checkconf.out$n.2 | wc -l)
 $CHECKCONF inline-bad.conf >checkconf.out$n.3 2>&1 && ret=1
 l=$(grep "missing 'file' entry" <checkconf.out$n.3 | wc -l)
 [ $l -eq 1 ] || ret=1
+$CHECKCONF inline-inherit.conf >checkconf.out$n.3 2>&1 && ret=1
+l=$(grep "missing 'file' entry" <checkconf.out$n.3 | wc -l)
+[ $l -eq 1 ] || ret=1
 if [ $ret -ne 0 ]; then echo_i "failed"; fi
 status=$((status + ret))