-
-
Notifications
You must be signed in to change notification settings - Fork 104
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
test: tell delv to load anchors from /etc/bind.keys explicitly
Since [0] delv no longer does that automagically, so we have to that explicitly with each delv invocation. Resolves: #30477 [0] isc-projects/bind9@c144fd2 (cherry picked from commit 438c7cb)
- Loading branch information
Showing
1 changed file
with
18 additions
and
12 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -20,6 +20,12 @@ run() { | |
"$@" |& tee "$RUN_OUT" | ||
} | ||
|
||
run_delv() { | ||
# Since [0] delv no longer loads /etc/(bind/)bind.keys by default, so we | ||
# have to do that explicitly for each invocation | ||
run delv -a /etc/bind.keys "$@" | ||
} | ||
|
||
disable_ipv6() { | ||
sysctl -w net.ipv6.conf.all.disable_ipv6=1 | ||
} | ||
|
@@ -359,15 +365,15 @@ grep -qF "unsigned.test IN MX 15 mail.unsigned.test" "$RUN_OUT" | |
# Check the trust chain (with and without systemd-resolved in between | ||
# Issue: https://github.com/systemd/systemd/issues/22002 | ||
# PR: https://github.com/systemd/systemd/pull/23289 | ||
run delv @ns1.unsigned.test signed.test | ||
run_delv @ns1.unsigned.test signed.test | ||
grep -qF "; fully validated" "$RUN_OUT" | ||
run delv signed.test | ||
run_delv signed.test | ||
grep -qF "; fully validated" "$RUN_OUT" | ||
|
||
for addr in "${DNS_ADDRESSES[@]}"; do | ||
run delv "@$addr" -t A mail.signed.test | ||
run_delv "@$addr" -t A mail.signed.test | ||
grep -qF "; fully validated" "$RUN_OUT" | ||
run delv "@$addr" -t AAAA mail.signed.test | ||
run_delv "@$addr" -t AAAA mail.signed.test | ||
grep -qF "; fully validated" "$RUN_OUT" | ||
done | ||
run resolvectl query mail.signed.test | ||
|
@@ -405,7 +411,7 @@ grep -qF "10.0.0.123" "$RUN_OUT" | |
grep -qF "fd00:dead:beef:cafe::123" "$RUN_OUT" | ||
grep -qF "authenticated: yes" "$RUN_OUT" | ||
# Check OPENPGPKEY support | ||
run delv -t OPENPGPKEY 5a786cdc59c161cdafd818143705026636962198c66ed4c5b3da321e._openpgpkey.signed.test | ||
run_delv -t OPENPGPKEY 5a786cdc59c161cdafd818143705026636962198c66ed4c5b3da321e._openpgpkey.signed.test | ||
grep -qF "; fully validated" "$RUN_OUT" | ||
run resolvectl openpgp [email protected] | ||
grep -qF "5a786cdc59c161cdafd818143705026636962198c66ed4c5b3da321e._openpgpkey.signed.test" "$RUN_OUT" | ||
|
@@ -421,11 +427,11 @@ check_domain() { | |
local addr | ||
|
||
for addr in "${DNS_ADDRESSES[@]}"; do | ||
run delv "@$addr" -t "$record" "$domain" | ||
run_delv "@$addr" -t "$record" "$domain" | ||
grep -qF "$message" "$RUN_OUT" | ||
done | ||
|
||
run delv -t "$record" "$domain" | ||
run_delv -t "$record" "$domain" | ||
grep -qF "$message" "$RUN_OUT" | ||
|
||
run resolvectl query "$domain" | ||
|
@@ -461,9 +467,9 @@ grep -qE "^follow14\.final\.signed\.test\..+IN\s+NSEC\s+" "$RUN_OUT" | |
# Check the trust chain (with and without systemd-resolved in between | ||
# Issue: https://github.com/systemd/systemd/issues/22002 | ||
# PR: https://github.com/systemd/systemd/pull/23289 | ||
run delv @ns1.unsigned.test sub.onlinesign.test | ||
run_delv @ns1.unsigned.test sub.onlinesign.test | ||
grep -qF "; fully validated" "$RUN_OUT" | ||
run delv sub.onlinesign.test | ||
run_delv sub.onlinesign.test | ||
grep -qF "; fully validated" "$RUN_OUT" | ||
|
||
run dig +short sub.onlinesign.test | ||
|
@@ -477,11 +483,11 @@ run resolvectl query --legend=no -t TXT onlinesign.test | |
grep -qF 'onlinesign.test IN TXT "hello from onlinesign"' "$RUN_OUT" | ||
|
||
for addr in "${DNS_ADDRESSES[@]}"; do | ||
run delv "@$addr" -t A dual.onlinesign.test | ||
run_delv "@$addr" -t A dual.onlinesign.test | ||
grep -qF "10.0.0.135" "$RUN_OUT" | ||
run delv "@$addr" -t AAAA dual.onlinesign.test | ||
run_delv "@$addr" -t AAAA dual.onlinesign.test | ||
grep -qF "fd00:dead:beef:cafe::135" "$RUN_OUT" | ||
run delv "@$addr" -t ANY ipv6.onlinesign.test | ||
run_delv "@$addr" -t ANY ipv6.onlinesign.test | ||
grep -qF "fd00:dead:beef:cafe::136" "$RUN_OUT" | ||
done | ||
run resolvectl query dual.onlinesign.test | ||
|