Add inline test related to unsupported algorithms

author Matthijs Mekking <matthijs@isc.org>

Mon, 14 Jan 2019 15:02:30 +0000 (16:02 +0100)

committer Matthijs Mekking <matthijs@isc.org>

Thu, 18 Apr 2019 13:12:04 +0000 (15:12 +0200)
author Matthijs Mekking <matthijs@isc.org>
Mon, 14 Jan 2019 15:02:30 +0000 (16:02 +0100)
committer Matthijs Mekking <matthijs@isc.org>
Thu, 18 Apr 2019 13:12:04 +0000 (15:12 +0200)
diff --git a/bin/tests/system/inline/ns3/named.conf.in b/bin/tests/system/inline/ns3/named.conf.in

index 1dff0b5679a229705f75ce8fb273208b20ea8b28..a8c434dc025075900524b2ed86a41764566ea6df 100644 (file)
--- a/bin/tests/system/inline/ns3/named.conf.in
+++ b/bin/tests/system/inline/ns3/named.conf.in
@@ -168,3 +168,10 @@ zone "removedkeys-secondary" {
         auto-dnssec maintain;
         file "removedkeys-secondary.bk";
  };
+
+zone "unsupported" {
+       type master;
+       file "unsupported.db";
+       inline-signing yes;
+       auto-dnssec maintain;
+};
diff --git a/bin/tests/system/inline/ns3/sign.sh b/bin/tests/system/inline/ns3/sign.sh

index 735d8ea8bd22326fa3ee8c242cf980b9aa8dde8a..d114842e267f611377b8cb96f829c855da47f8c6 100755 (executable)
--- a/bin/tests/system/inline/ns3/sign.sh
+++ b/bin/tests/system/inline/ns3/sign.sh
@@ -12,6 +12,11 @@
  SYSTEMTESTTOP=../..
  . $SYSTEMTESTTOP/conf.sh
  
+# Fake an unsupported key
+unsupportedkey=$("$KEYGEN" -q -a "$DEFAULT_ALGORITHM" -b "$DEFAULT_BITS" -n zone unsupported)
+awk '$3 == "DNSKEY" { $6 = 255 } { print }' ${unsupportedkey}.key > ${unsupportedkey}.tmp
+mv ${unsupportedkey}.tmp ${unsupportedkey}.key
+
  zone=bits
  rm -f K${zone}.+*+*.key
  rm -f K${zone}.+*+*.private
diff --git a/bin/tests/system/inline/setup.sh b/bin/tests/system/inline/setup.sh

index 7248a4850a947bbdddef8b574a3755faf1457408..cc63df85a02935f1bf7f1463840b3abcbf4e9539 100644 (file)
--- a/bin/tests/system/inline/setup.sh
+++ b/bin/tests/system/inline/setup.sh
@@ -29,6 +29,7 @@ cp ns2/bits.db.in ns2/retransfer3.db
  cp ns3/master.db.in ns3/master.db
  cp ns3/master.db.in ns3/dynamic.db
  cp ns3/master.db.in ns3/updated.db
+cp ns3/master.db.in ns3/unsupported.db
  cp ns3/master.db.in ns3/expired.db
  cp ns3/master.db.in ns3/nsec3.db
  cp ns3/master.db.in ns3/externalkey.db
diff --git a/bin/tests/system/inline/tests.sh b/bin/tests/system/inline/tests.sh

index 2112f171700eca475a7e786cf942bb7409077c22..65a415447827e1067977f1a30c332c4ae3b10e46 100755 (executable)
--- a/bin/tests/system/inline/tests.sh
+++ b/bin/tests/system/inline/tests.sh
@@ -27,6 +27,13 @@ do
         sleep 1
  done
  
+n=`expr $n + 1`
+echo_i "checking that an unsupported algorithm is not used for signing ($n)"
+ret=0
+grep -q "algorithm is unsupported" ns3/named.run || ret=1
+if [ $ret != 0 ]; then echo_i "failed"; fi
+status=`expr $status + $ret`
+
  n=`expr $n + 1`
  echo_i "checking that rrsigs are replaced with ksk only ($n)"
  ret=0
author	Matthijs Mekking <matthijs@isc.org>
	Mon, 14 Jan 2019 15:02:30 +0000 (16:02 +0100)
committer	Matthijs Mekking <matthijs@isc.org>
	Thu, 18 Apr 2019 13:12:04 +0000 (15:12 +0200)
bin/tests/system/inline/ns3/named.conf.in		patch \| blob \| blame \| history
bin/tests/system/inline/ns3/sign.sh		patch \| blob \| blame \| history
bin/tests/system/inline/setup.sh		patch \| blob \| blame \| history
bin/tests/system/inline/tests.sh		patch \| blob \| blame \| history