Add a system test for mixed-case data for the same owner

We were missing a test where a single owner name would have multiple
types with a different case.  The generated RRSIGs and NSEC records will
then have different case than the signed records and message parser have
to cope with that and treat everything as the same owner.

(cherry picked from commit 14e435b8140ce850aa03233b2144b8997d95eaf7)

diff --git a/bin/tests/system/dnssec/ns3/secure.example.db.in b/bin/tests/system/dnssec/ns3/secure.example.db.in
index ec39308e9a478262eeba57ef0249753eaef7c7f3..883e06790bbc8c2696fbdece099160774ce078ce 100644 (file)
--- a/bin/tests/system/dnssec/ns3/secure.example.db.in
+++ b/bin/tests/system/dnssec/ns3/secure.example.db.in
@@ -47,3 +47,8 @@ rrsigonly             A       10.0.0.29
 cnameandkey            CNAME   @
 cnamenokey             CNAME   @
 dnameandkey            DNAME   @
+
+mixedcase              A       10.0.0.30
+mixedCASE              TXT     "mixed case"
+MIXEDcase              AAAA    2002::
+mIxEdCaSe              LOC     37 52 56.788 N 121 54 55.02 W 1120m 10m 100m 10m

diff --git a/bin/tests/system/dnssec/ns3/sign.sh b/bin/tests/system/dnssec/ns3/sign.sh
index 2f3b0de9235803aed233ec4091f6c18c1a838857..14fc709bfb27e10c8891dc463ab0d4de035408fb 100644 (file)
--- a/bin/tests/system/dnssec/ns3/sign.sh
+++ b/bin/tests/system/dnssec/ns3/sign.sh
@@ -87,7 +87,9 @@ keyname=$("$KEYGEN" -q -a "$DEFAULT_ALGORITHM" -b "$DEFAULT_BITS" -n zone "$zone
 
 cat "$infile" "$cnameandkey.key" "$dnameandkey.key" "$keyname.key" >"$zonefile"
 
-"$SIGNER" -z -o "$zone" "$zonefile" >/dev/null
+"$SIGNER" -z -D -o "$zone" "$zonefile" >/dev/null
+cat "$zonefile" "$zonefile".signed >"$zonefile".tmp
+mv "$zonefile".tmp "$zonefile".signed
 
 zone=bogus.example.
 infile=bogus.example.db.in

diff --git a/bin/tests/system/dnssec/tests.sh b/bin/tests/system/dnssec/tests.sh
index bdaac667e0f14ea8a4f878dca4ffb0deb96e416d..02040b914d76a40e94b07f48fc0cf876126fe9c6 100644 (file)
--- a/bin/tests/system/dnssec/tests.sh
+++ b/bin/tests/system/dnssec/tests.sh
@@ -766,6 +766,21 @@ n=$((n + 1))
 test "$ret" -eq 0 || echo_i "failed"
 status=$((status + ret))
 
+echo_i "checking mixed-case positive validation ($n)"
+ret=0
+for type in a txt aaaa loc; do
+  dig_with_opts +noauth mixedcase.secure.example. \
+    @10.53.0.3 $type >dig.out.$type.ns3.test$n || ret=1
+  dig_with_opts +noauth mixedcase.secure.example. \
+    @10.53.0.4 $type >dig.out.$type.ns4.test$n || ret=1
+  digcomp --lc dig.out.$type.ns3.test$n dig.out.$type.ns4.test$n || ret=1
+  grep "status: NOERROR" dig.out.$type.ns4.test$n >/dev/null || ret=1
+  grep "flags:.*ad.*QUERY" dig.out.$type.ns4.test$n >/dev/null || ret=1
+done
+n=$((n + 1))
+test "$ret" -eq 0 || echo_i "failed"
+status=$((status + ret))
+
 echo_i "checking multi-stage positive validation NSEC/NSEC3 ($n)"
 ret=0
 dig_with_opts +noauth a.nsec3.example. \