From: Matthijs Mekking <matthijs@isc.org>
Date: Wed, 12 Oct 2022 14:23:11 +0000 (+0200)
Subject: Add test that checks NSEC3PARAM TTL
X-Git-Tag: v9.19.8~63^2~3
X-Git-Url: http://git.ipfire.org/gitweb/index.cgi?a=commitdiff_plain;h=f51901eaca63b8445027cf018dafdd67f0dc1421;p=thirdparty%2Fbind9.git

Add test that checks NSEC3PARAM TTL

The TTL should be equal to the SOA MINIMUM by default.
---

diff --git a/bin/tests/system/nsec3/tests.sh b/bin/tests/system/nsec3/tests.sh
index 0abbbce71c9..1c66f0858c5 100644
--- a/bin/tests/system/nsec3/tests.sh
+++ b/bin/tests/system/nsec3/tests.sh
@@ -275,6 +275,14 @@ set_nsec3param "0" "0" "0"
 set_key_default_values "KEY1"
 echo_i "initial check zone ${ZONE}"
 check_nsec3
+# Test that NSEC3PARAM TTL is equal to SOA MINIMUM.
+n=$((n+1))
+echo_i "check TTL of NSEC3PARAM in zone $ZONE ($n)"
+ret=0
+dig_with_opts +noquestion "@${SERVER}" "$ZONE" NSEC3PARAM > "dig.out.test$n" || ret=1
+grep "${ZONE}\..*3600.*IN.*NSEC3PARAM" "dig.out.test$n" > /dev/null || ret=1
+test "$ret" -eq 0 || echo_i "failed"
+status=$((status+ret))
 
 # Zone: nsec3-dynamic.kasp.
 set_zone_policy "nsec3-dynamic.kasp" "nsec3" 1 3600