]> git.ipfire.org Git - thirdparty/bind9.git/commitdiff
projects / thirdparty / bind9.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: cee0c23)
Do not use IANA DNSSEC keys in the "rpz" system test
authorMichał Kępień <michal@isc.org>
Tue, 26 Jun 2018 10:19:41 +0000 (12:19 +0200)
committerMichał Kępień <michal@isc.org>
Tue, 26 Jun 2018 10:43:47 +0000 (12:43 +0200)
With "dnssec-validation" now defaulting to "auto", it needs to be
explicitly set to "yes" (the previous default value) for all validating
resolvers used in system tests.  Ensure that requirement is satisfied by
the resolvers used in the "rpz" system test.

(cherry picked from commit ff6b717955dda877d202779d7763edd19c0e15a9)

bin/tests/system/rpz/ns2/named.conf.in patch | blob | blame | history
bin/tests/system/rpz/ns3/named.conf.in patch | blob | blame | history
bin/tests/system/rpz/ns4/named.conf.in patch | blob | blame | history
bin/tests/system/rpz/ns5/named.conf.in patch | blob | blame | history
bin/tests/system/rpz/ns6/named.conf.in patch | blob | blame | history
bin/tests/system/rpz/ns7/named.conf.in patch | blob | blame | history

diff --git a/bin/tests/system/rpz/ns2/named.conf.in b/bin/tests/system/rpz/ns2/named.conf.in
index f4f4550ddb7593bdeb07af6b62d1bd9393d27c0d..15226401e9bc7d25ed9d262c027ef3e3ab54ff27 100644 (file)
--- a/bin/tests/system/rpz/ns2/named.conf.in
+++ b/bin/tests/system/rpz/ns2/named.conf.in
@@ -20,6 +20,8 @@ options {
        listen-on-v6 { none; };
        notify no;
        minimal-responses no;
+       recursion yes;
+       dnssec-validation yes;
 };
 
 key rndc_key {
diff --git a/bin/tests/system/rpz/ns3/named.conf.in b/bin/tests/system/rpz/ns3/named.conf.in
index 091cceaa531a61fc1856e5ebfc7db694433cee7c..851a055bc9d2e6125cbb56b9bbcbc14c07569c30 100644 (file)
--- a/bin/tests/system/rpz/ns3/named.conf.in
+++ b/bin/tests/system/rpz/ns3/named.conf.in
@@ -26,6 +26,8 @@ options {
        listen-on-v6 { none; };
        notify yes;
        minimal-responses no;
+       recursion yes;
+       dnssec-validation yes;
 
        response-policy {
            zone "bl"                                   max-policy-ttl 100;
diff --git a/bin/tests/system/rpz/ns4/named.conf.in b/bin/tests/system/rpz/ns4/named.conf.in
index 03d0ca0abda38b9ac9c031e1341702a6f01e70b3..04d6d188fd0367ab0b574b471542bbbf689597c5 100644 (file)
--- a/bin/tests/system/rpz/ns4/named.conf.in
+++ b/bin/tests/system/rpz/ns4/named.conf.in
@@ -20,6 +20,8 @@ options {
        listen-on-v6 { none; };
        notify no;
        minimal-responses no;
+       recursion yes;
+       dnssec-validation yes;
 };
 
 include "../trusted.conf";
diff --git a/bin/tests/system/rpz/ns5/named.conf.in b/bin/tests/system/rpz/ns5/named.conf.in
index 025cff5ff9b355a4a1f308b8230513b669069e5f..00d072529392de3ad21476e4ca55e122a938b117 100644 (file)
--- a/bin/tests/system/rpz/ns5/named.conf.in
+++ b/bin/tests/system/rpz/ns5/named.conf.in
@@ -28,6 +28,8 @@ options {
        notify-delay 0;
        notify yes;
        minimal-responses no;
+       recursion yes;
+       dnssec-validation yes;
 
        # turn rpz on or off
        include "rpz-switch";
diff --git a/bin/tests/system/rpz/ns6/named.conf.in b/bin/tests/system/rpz/ns6/named.conf.in
index ccd177f1b2f5520a05d0166a1501fdbc0a0be3a9..1cf738399b59ee33e975c09205fa828d413926fa 100644 (file)
--- a/bin/tests/system/rpz/ns6/named.conf.in
+++ b/bin/tests/system/rpz/ns6/named.conf.in
@@ -22,6 +22,8 @@ options {
        forward only;
        forwarders { 10.53.0.3; };
        minimal-responses no;
+       recursion yes;
+       dnssec-validation yes;
 
        response-policy {
            zone "policy1" min-update-interval 0;
diff --git a/bin/tests/system/rpz/ns7/named.conf.in b/bin/tests/system/rpz/ns7/named.conf.in
index 8c5c15d10e25d6544decd5c563599ea91b2999fe..842f709923ddc72850b03941948fd90b8f148948 100644 (file)
--- a/bin/tests/system/rpz/ns7/named.conf.in
+++ b/bin/tests/system/rpz/ns7/named.conf.in
@@ -20,6 +20,8 @@ options {
        listen-on { 10.53.0.7; };
        listen-on-v6 { none; };
        minimal-responses no;
+       recursion yes;
+       dnssec-validation yes;
 
        response-policy {
            zone "policy2";
Mirror of https://gitlab.isc.org/isc-projects/bind9.git