Check conf dnssec-policy inline-signing secondary

Add a variant of checking configuration where inline-signing is
enabled on the secondary, requiring the 'file' entry. This time,
inline-signing is implicitly enabled via dnssec-policy.

(cherry picked from commit 43bbfbeb3c27e5e1402237ac6a90c2ade6ed2cb5)

diff --git a/bin/tests/system/checkconf/inline-inherit.conf b/bin/tests/system/checkconf/inline-inherit.conf
new file mode 100644 (file)
index 0000000..5686967
--- /dev/null
+++ b/bin/tests/system/checkconf/inline-inherit.conf
@@ -0,0 +1,8 @@
+remote-servers "stealthPrimaries" {127.0.0.1;};
+zone "example.net" {
+       type secondary;
+       dnssec-policy default;
+       inline-signing yes;
+       primaries { stealthPrimaries; };
+};
+

diff --git a/bin/tests/system/checkconf/tests.sh b/bin/tests/system/checkconf/tests.sh
index 52666671a54d719ae0055a0c025461afe1c5755a..0e45144897ba79ce953774bf81b4bb8a615e0bc5 100644 (file)
--- a/bin/tests/system/checkconf/tests.sh
+++ b/bin/tests/system/checkconf/tests.sh
@@ -297,6 +297,9 @@ l=$(grep "missing 'file' entry" <checkconf.out$n.2 | wc -l)
 $CHECKCONF inline-bad.conf >checkconf.out$n.3 2>&1 && ret=1
 l=$(grep "missing 'file' entry" <checkconf.out$n.3 | wc -l)
 [ $l -eq 1 ] || ret=1
+$CHECKCONF inline-inherit.conf >checkconf.out$n.3 2>&1 && ret=1
+l=$(grep "missing 'file' entry" <checkconf.out$n.3 | wc -l)
+[ $l -eq 1 ] || ret=1
 if [ $ret -ne 0 ]; then echo_i "failed"; fi
 status=$((status + ret))