From: Mark Andrews <marka@isc.org>
Date: Mon, 3 Jun 2019 01:44:18 +0000 (+1000)
Subject: check that example/DS is not fetched when validating a.example
X-Git-Tag: v9.11.10~8^2~1
X-Git-Url: http://git.ipfire.org/gitweb/?a=commitdiff_plain;h=153512960bde6d31c243608f40d14587a9c22951;p=thirdparty%2Fbind9.git

check that example/DS is not fetched when validating a.example

(cherry picked from commit 4293a2f4bfc87b8188d69c46e2457d07ca2f5776)
---

diff --git a/bin/tests/system/dnssec/tests.sh b/bin/tests/system/dnssec/tests.sh
index d07881d7fe8..7cf27a9c532 100644
--- a/bin/tests/system/dnssec/tests.sh
+++ b/bin/tests/system/dnssec/tests.sh
@@ -164,6 +164,15 @@ n=`expr $n + 1`
 if [ $ret != 0 ]; then echo_i "failed"; fi
 status=`expr $status + $ret`
 
+echo_i "checking that 'example/DS' from the referral was used in previous validation ($n)"
+ret=0
+grep "query 'example/DS/IN' approved" ns1/named.run > /dev/null && ret=1
+grep "fetch: example/DS" ns4/named.run > /dev/null && ret=1
+grep "validating example/DS: starting" ns4/named.run > /dev/null || ret=1
+n=$((n+1))
+test "$ret" -eq 0 || echo_i "failed"
+status=$((status+ret))
+
 if [ -x ${DELV} ] ; then
    ret=0
    echo_i "checking postive validation NSEC using dns_client ($n)"