# See the COPYRIGHT file distributed with this work for additional
# information regarding copyright ownership.
-SYSTEMTESTTOP=../..
-. $SYSTEMTESTTOP/conf.sh
+# shellcheck source=conf.sh
+. "$SYSTEMTESTTOP/conf.sh"
zone=example
infile=example.db.in
zonefile=example.db
-keyname=`$KEYGEN -q -a RSASHA256 -b 2048 -n zone $zone`
-cat $infile $keyname.key > $zonefile
+keyname=$($KEYGEN -q -a RSASHA256 -b 2048 -n zone $zone)
+cat "$infile" "$keyname.key" > "$zonefile"
-$SIGNER -P -o $zone $zonefile > /dev/null
+$SIGNER -P -o $zone $zonefile > /dev/null 2>&1
zone=dnamed
infile=dnamed.db.in
zonefile=dnamed.db
-keyname=`$KEYGEN -q -a RSASHA256 -b 2048 -n zone $zone`
-cat $infile $keyname.key > $zonefile
+keyname=$($KEYGEN -q -a RSASHA256 -b 2048 -n zone $zone)
+cat "$infile" "$keyname.key" > "$zonefile"
-$SIGNER -P -o $zone $zonefile > /dev/null
+$SIGNER -P -o $zone $zonefile > /dev/null 2>&1
zone=.
infile=root.db.in
zonefile=root.db
-keyname=`$KEYGEN -q -a RSAMD5 -b 1024 -n zone $zone`
+keyname=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -b ${DEFAULT_BITS} -n zone $zone)
+cat "$infile" "$keyname.key" > "$zonefile"
-cat $infile $keyname.key > $zonefile
-
-$SIGNER -P -g -o $zone $zonefile > /dev/null
+$SIGNER -P -g -o $zone $zonefile > /dev/null 2>&1
# Configure the resolving server with a trusted key.
-keyfile_to_trusted_keys $keyname > trusted.conf
+keyfile_to_trusted_keys "$keyname" > trusted.conf
# See the COPYRIGHT file distributed with this work for additional
# information regarding copyright ownership.
-SYSTEMTESTTOP=..
-. $SYSTEMTESTTOP/conf.sh
+# shellcheck source=conf.sh
+. "$SYSTEMTESTTOP/conf.sh"
+
+set -e
status=0
n=1
rm -f dig.out.*
-DIGOPTS="+tcp +noadd +nosea +nostat +nocmd +dnssec -p ${PORT}"
-DELVOPTS="-a ns1/trusted.conf -p ${PORT}"
+dig_with_opts() {
+ "$DIG" +tcp +noadd +nosea +nostat +nocmd +dnssec -p "$PORT" "$@"
+}
for ns in 2 4 5
do
esac
echo_i "prime negative NXDOMAIN response (synth-from-dnssec ${description};) ($n)"
ret=0
- $DIG $DIGOPTS a.example. @10.53.0.${ns} a > dig.out.ns${ns}.test$n || ret=1
+ dig_with_opts a.example. @10.53.0.${ns} a > dig.out.ns${ns}.test$n || ret=1
grep "flags:[^;]* ad[ ;]" dig.out.ns${ns}.test$n > /dev/null || ret=1
grep "status: NXDOMAIN," dig.out.ns${ns}.test$n > /dev/null || ret=1
grep "example.*3600.IN.SOA" dig.out.ns${ns}.test$n > /dev/null || ret=1
[ $ns -eq ${ns} ] && nxdomain=dig.out.ns${ns}.test$n
- n=`expr $n + 1`
+ n=$((n+1))
if [ $ret != 0 ]; then echo_i "failed"; fi
- status=`expr $status + $ret`
+ status=$((status+ret))
echo_i "prime negative NODATA response (synth-from-dnssec ${description};) ($n)"
ret=0
- $DIG $DIGOPTS nodata.example. @10.53.0.${ns} a > dig.out.ns${ns}.test$n || ret=1
+ dig_with_opts nodata.example. @10.53.0.${ns} a > dig.out.ns${ns}.test$n || ret=1
grep "flags:[^;]* ad[ ;]" dig.out.ns${ns}.test$n > /dev/null || ret=1
grep "status: NOERROR," dig.out.ns${ns}.test$n > /dev/null || ret=1
grep "example.*3600.IN.SOA" dig.out.ns${ns}.test$n > /dev/null || ret=1
[ $ns -eq 2 ] && nodata=dig.out.ns${ns}.test$n
- n=`expr $n + 1`
+ n=$((n+1))
if [ $ret != 0 ]; then echo_i "failed"; fi
- status=`expr $status + $ret`
+ status=$((status+ret))
echo_i "prime wildcard response (synth-from-dnssec ${description};) ($n)"
ret=0
- $DIG $DIGOPTS a.wild-a.example. @10.53.0.${ns} a > dig.out.ns${ns}.test$n || ret=1
+ dig_with_opts a.wild-a.example. @10.53.0.${ns} a > dig.out.ns${ns}.test$n || ret=1
grep "flags:[^;]* ad[ ;]" dig.out.ns${ns}.test$n > /dev/null || ret=1
grep "status: NOERROR," dig.out.ns${ns}.test$n > /dev/null || ret=1
grep "a.wild-a.example.*3600.IN.A" dig.out.ns${ns}.test$n > /dev/null || ret=1
- n=`expr $n + 1`
+ n=$((n+1))
if [ $ret != 0 ]; then echo_i "failed"; fi
- status=`expr $status + $ret`
+ status=$((status+ret))
echo_i "prime wildcard CNAME response (synth-from-dnssec ${description};) ($n)"
ret=0
- $DIG $DIGOPTS a.wild-cname.example. @10.53.0.${ns} a > dig.out.ns${ns}.test$n || ret=1
+ dig_with_opts a.wild-cname.example. @10.53.0.${ns} a > dig.out.ns${ns}.test$n || ret=1
grep "flags:[^;]* ad[ ;]" dig.out.ns${ns}.test$n > /dev/null || ret=1
grep "status: NOERROR," dig.out.ns${ns}.test$n > /dev/null || ret=1
grep "a.wild-cname.example.*3600.IN.CNAME" dig.out.ns${ns}.test$n > /dev/null || ret=1
- n=`expr $n + 1`
+ n=$((n+1))
if [ $ret != 0 ]; then echo_i "failed"; fi
- status=`expr $status + $ret`
+ status=$((status+ret))
done
echo_i "prime redirect response (+nodnssec) (synth-from-dnssec <default>;) ($n)"
ret=0
-$DIG $DIGOPTS +nodnssec a.redirect. @10.53.0.3 a > dig.out.ns2.test$n || ret=1
+dig_with_opts +nodnssec a.redirect. @10.53.0.3 a > dig.out.ns2.test$n || ret=1
grep "flags:[^;]* ad[ ;]" dig.out.ns2.test$n > /dev/null && ret=1
grep "status: NOERROR," dig.out.ns2.test$n > /dev/null || ret=1
grep 'a\.redirect\..*300.IN.A.100\.100\.100\.2' dig.out.ns2.test$n > /dev/null || ret=1
-n=`expr $n + 1`
+n=$((n+1))
if [ $ret != 0 ]; then echo_i "failed"; fi
-status=`expr $status + $ret`
+status=$((status+ret))
#
# ensure TTL of synthesised answers differs from direct answers.
esac
echo_i "check synthesized NXDOMAIN response (synth-from-dnssec ${description};) ($n)"
ret=0
- $DIG $DIGOPTS b.example. @10.53.0.${ns} a > dig.out.ns${ns}.test$n || ret=1
+ dig_with_opts b.example. @10.53.0.${ns} a > dig.out.ns${ns}.test$n || ret=1
grep "flags:[^;]* ad[ ;]" dig.out.ns${ns}.test$n > /dev/null || ret=1
grep "status: NXDOMAIN," dig.out.ns${ns}.test$n > /dev/null || ret=1
if [ ${synth} = yes ]
grep "example.*3600.IN.SOA" dig.out.ns${ns}.test$n > /dev/null || ret=1
fi
digcomp $nxdomain dig.out.ns${ns}.test$n || ret=1
- n=`expr $n + 1`
+ n=$((n+1))
if [ $ret != 0 ]; then echo_i "failed"; fi
- status=`expr $status + $ret`
+ status=$((status+ret))
echo_i "check synthesized NODATA response (synth-from-dnssec ${description};) ($n)"
ret=0
- $DIG $DIGOPTS nodata.example. @10.53.0.${ns} aaaa > dig.out.ns${ns}.test$n || ret=1
+ dig_with_opts nodata.example. @10.53.0.${ns} aaaa > dig.out.ns${ns}.test$n || ret=1
grep "flags:[^;]* ad[ ;]" dig.out.ns${ns}.test$n > /dev/null || ret=1
grep "status: NOERROR," dig.out.ns${ns}.test$n > /dev/null || ret=1
if [ ${synth} = yes ]
grep "example.*3600.IN.SOA" dig.out.ns${ns}.test$n > /dev/null || ret=1
fi
digcomp $nodata dig.out.ns${ns}.test$n || ret=1
- n=`expr $n + 1`
+ n=$((n+1))
if [ $ret != 0 ]; then echo_i "failed"; fi
- status=`expr $status + $ret`
+ status=$((status+ret))
echo_i "check synthesized wildcard response (synth-from-dnssec ${description};) ($n)"
ret=0
- $DIG $DIGOPTS b.wild-a.example. @10.53.0.${ns} a > dig.out.ns${ns}.test$n || ret=1
+ dig_with_opts b.wild-a.example. @10.53.0.${ns} a > dig.out.ns${ns}.test$n || ret=1
grep "flags:[^;]* ad[ ;]" dig.out.ns${ns}.test$n > /dev/null || ret=1
grep "status: NOERROR," dig.out.ns${ns}.test$n > /dev/null || ret=1
if [ ${synth} = yes ]
else
grep "b\.wild-a\.example\..*3600.IN.A" dig.out.ns${ns}.test$n > /dev/null || ret=1
fi
- n=`expr $n + 1`
+ n=$((n+1))
if [ $ret != 0 ]; then echo_i "failed"; fi
- status=`expr $status + $ret`
+ status=$((status+ret))
echo_i "check synthesized wildcard CNAME response (synth-from-dnssec ${description};) ($n)"
ret=0
- $DIG $DIGOPTS b.wild-cname.example. @10.53.0.${ns} a > dig.out.ns${ns}.test$n || ret=1
+ dig_with_opts b.wild-cname.example. @10.53.0.${ns} a > dig.out.ns${ns}.test$n || ret=1
grep "flags:[^;]* ad[ ;]" dig.out.ns${ns}.test$n > /dev/null || ret=1
grep "status: NOERROR," dig.out.ns${ns}.test$n > /dev/null || ret=1
if [ ${synth} = yes ]
grep "b.wild-cname.example.*3600.IN.CNAME" dig.out.ns${ns}.test$n > /dev/null || ret=1
fi
grep "ns1.example.*.IN.A" dig.out.ns${ns}.test$n > /dev/null || ret=1
- n=`expr $n + 1`
+ n=$((n+1))
if [ $ret != 0 ]; then echo_i "failed"; fi
- status=`expr $status + $ret`
+ status=$((status+ret))
done
echo_i "check redirect response (+dnssec) (synth-from-dnssec <default>;) ($n)"
ret=0
-$DIG $DIGOPTS b.redirect. @10.53.0.3 a > dig.out.ns2.test$n || ret=1
+dig_with_opts b.redirect. @10.53.0.3 a > dig.out.ns2.test$n || ret=1
grep "flags:[^;]* ad[ ;]" dig.out.ns2.test$n > /dev/null || ret=1
grep "status: NXDOMAIN," dig.out.ns2.test$n > /dev/null || ret=1
grep "\..*3600.IN.SOA" dig.out.ns2.test$n > /dev/null && ret=1
-n=`expr $n + 1`
+n=$((n+1))
if [ $ret != 0 ]; then echo_i "failed"; fi
-status=`expr $status + $ret`
+status=$((status+ret))
echo_i "check redirect response (+nodnssec) (synth-from-dnssec <default>;) ($n)"
ret=0
-$DIG $DIGOPTS +nodnssec b.redirect. @10.53.0.3 a > dig.out.ns2.test$n || ret=1
+dig_with_opts +nodnssec b.redirect. @10.53.0.3 a > dig.out.ns2.test$n || ret=1
grep "flags:[^;]* ad[ ;]" dig.out.ns2.test$n > /dev/null && ret=1
grep "status: NOERROR," dig.out.ns2.test$n > /dev/null || ret=1
grep 'b\.redirect\..*300.IN.A.100\.100\.100\.2' dig.out.ns2.test$n > /dev/null || ret=1
-n=`expr $n + 1`
+n=$((n+1))
if [ $ret != 0 ]; then echo_i "failed"; fi
-status=`expr $status + $ret`
+status=$((status+ret))
echo_i "check DNAME handling (synth-from-dnssec yes;) ($n)"
ret=0
-$DIG $DIGOPTS dnamed.example. ns @10.53.0.5 > dig.out.ns5.test$n || ret=1
-$DIG $DIGOPTS a.dnamed.example. a @10.53.0.5 > dig.out.ns5-1.test$n || ret=1
+dig_with_opts dnamed.example. ns @10.53.0.5 > dig.out.ns5.test$n || ret=1
+dig_with_opts a.dnamed.example. a @10.53.0.5 > dig.out.ns5-1.test$n || ret=1
grep "status: NOERROR," dig.out.ns5-1.test$n > /dev/null || ret=1
-n=`expr $n + 1`
+n=$((n+1))
if [ $ret != 0 ]; then echo_i "failed"; fi
-status=`expr $status + $ret`
+status=$((status+ret))
echo_i "exit status: $status"
[ $status -eq 0 ] || exit 1
projects / thirdparty / bind9.git / commitdiff
