external/bsd/bind/dist/bin/tests/system/dsdigest/tests.sh

   1 #!/bin/sh
   2 #
   3 # Copyright (C) 2012  Internet Systems Consortium, Inc. ("ISC")
   4 #
   5 # Permission to use, copy, modify, and/or distribute this software for any
   6 # purpose with or without fee is hereby granted, provided that the above
   7 # copyright notice and this permission notice appear in all copies.
   8 #
   9 # THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
  10 # REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
  11 # AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
  12 # INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
  13 # LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
  14 # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
  15 # PERFORMANCE OF THIS SOFTWARE.
  16
  17 # Id
  18
  19 SYSTEMTESTTOP=..
  20 . $SYSTEMTESTTOP/conf.sh
  21
  22 status=0
  23
  24 rm -f dig.out.*
  25
  26 DIGOPTS="+tcp +noadd +nosea +nostat +nocmd +dnssec -p 5300"
  27
  28 # Check the good. domain
  29
  30 echo "I:checking that validation with enabled digest types works"
  31 ret=0
  32 $DIG $DIGOPTS a.good. @10.53.0.3 a > dig.out.good || ret=1
  33 grep "status: NOERROR" dig.out.good > /dev/null || ret=1
  34 grep "flags:[^;]* ad[ ;]" dig.out.good > /dev/null || ret=1
  35 if [ $ret != 0 ]; then echo "I:failed"; fi
  36 status=`expr $status + $ret`
  37
  38 # Check the bad. domain
  39
  40 echo "I:checking that validation with no supported digest types and must-be-secure results in SERVFAIL"
  41 ret=0
  42 $DIG $DIGOPTS a.bad. @10.53.0.3 a > dig.out.bad || ret=1
  43 grep "SERVFAIL" dig.out.bad > /dev/null || ret=1
  44 if [ $ret != 0 ]; then echo "I:failed"; fi
  45 status=`expr $status + $ret`
  46
  47 echo "I:checking that validation with no supported digest algorithms results in insecure"
  48 ret=0
  49 $DIG $DIGOPTS bad. @10.53.0.4 ds > dig.out.ds || ret=1
  50 grep "NOERROR" dig.out.ds > /dev/null || ret=1
  51 grep "flags:[^;]* ad[ ;]" dig.out.ds > /dev/null || ret=1
  52 $DIG $DIGOPTS a.bad. @10.53.0.4 a > dig.out.insecure || ret=1
  53 grep "NOERROR" dig.out.insecure > /dev/null || ret=1
  54 grep "flags:[^;]* ad[ ;]" dig.out.insecure > /dev/null && ret=1
  55 if [ $ret != 0 ]; then echo "I:failed"; fi
  56 status=`expr $status + $ret`
  57 echo "I:exit status: $status"
  58
  59 exit $status