xref: /minix3/external/bsd/bind/dist/bin/tests/system/coverage/setup.sh (revision 00b67f09dd46474d133c95011a48590a8e8f94c7) 
1#!/bin/sh
2#
3# Copyright (C) 2013, 2014  Internet Systems Consortium, Inc. ("ISC")
4#
5# Permission to use, copy, modify, and/or distribute this software for any
6# purpose with or without fee is hereby granted, provided that the above
7# copyright notice and this permission notice appear in all copies.
8#
9# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
10# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
11# AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
12# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
13# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
14# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
15# PERFORMANCE OF THIS SOFTWARE.
16
17SYSTEMTESTTOP=..
18. $SYSTEMTESTTOP/conf.sh
19
20KEYGEN="$KEYGEN -qr $RANDFILE"
21
22$SHELL clean.sh
23
24ln -s $CHECKZONE named-compilezone
25
26# Test 1: KSK goes inactive before successor is active
27dir=01-ksk-inactive
28rm -f $dir/K*.key
29rm -f $dir/K*.private
30ksk1=`$KEYGEN -K $dir -3fk example.com`
31$SETTIME -K $dir -I +9mo -D +1y $ksk1 > /dev/null 2>&1
32ksk2=`$KEYGEN -K $dir -S $ksk1`
33$SETTIME -K $dir -I +7mo $ksk1 > /dev/null 2>&1
34zsk1=`$KEYGEN -K $dir -3 example.com`
35
36# Test 2: ZSK goes inactive before successor is active
37dir=02-zsk-inactive
38rm -f $dir/K*.key
39rm -f $dir/K*.private
40zsk1=`$KEYGEN -K $dir -3 example.com`
41$SETTIME -K $dir -I +9mo -D +1y $zsk1 > /dev/null 2>&1
42zsk2=`$KEYGEN -K $dir -S $zsk1`
43$SETTIME -K $dir -I +7mo $zsk1 > /dev/null 2>&1
44ksk1=`$KEYGEN -K $dir -3fk example.com`
45
46# Test 3: KSK is unpublished before its successor is published
47dir=03-ksk-unpublished
48rm -f $dir/K*.key
49rm -f $dir/K*.private
50ksk1=`$KEYGEN -K $dir -3fk example.com`
51$SETTIME -K $dir -I +9mo -D +1y $ksk1 > /dev/null 2>&1
52ksk2=`$KEYGEN -K $dir -S $ksk1`
53$SETTIME -K $dir -D +6mo $ksk1 > /dev/null 2>&1
54zsk1=`$KEYGEN -K $dir -3 example.com`
55
56# Test 4: ZSK is unpublished before its successor is published
57dir=04-zsk-unpublished
58rm -f $dir/K*.key
59rm -f $dir/K*.private
60zsk1=`$KEYGEN -K $dir -3 example.com`
61$SETTIME -K $dir -I +9mo -D +1y $zsk1 > /dev/null 2>&1
62zsk2=`$KEYGEN -K $dir -S $zsk1`
63$SETTIME -K $dir -D +6mo $zsk1 > /dev/null 2>&1
64ksk1=`$KEYGEN -K $dir -3fk example.com`
65
66# Test 5: KSK deleted and successor published before KSK is deactivated
67# and successor activated.
68dir=05-ksk-unpub-active
69rm -f $dir/K*.key
70rm -f $dir/K*.private
71ksk1=`$KEYGEN -K $dir -3fk example.com`
72$SETTIME -K $dir -I +9mo -D +8mo $ksk1 > /dev/null 2>&1
73ksk2=`$KEYGEN -K $dir -S $ksk1`
74zsk1=`$KEYGEN -K $dir -3 example.com`
75
76# Test 6: ZSK deleted and successor published before ZSK is deactivated
77# and successor activated.
78dir=06-zsk-unpub-active
79rm -f $dir/K*.key
80rm -f $dir/K*.private
81zsk1=`$KEYGEN -K $dir -3 example.com`
82$SETTIME -K $dir -I +9mo -D +8mo $zsk1 > /dev/null 2>&1
83zsk2=`$KEYGEN -K $dir -S $zsk1`
84ksk1=`$KEYGEN -K $dir -3fk example.com`
85
86# Test 7: KSK rolled with insufficient delay after prepublication.
87dir=07-ksk-ttl
88rm -f $dir/K*.key
89rm -f $dir/K*.private
90ksk1=`$KEYGEN -K $dir -3fk example.com`
91$SETTIME -K $dir -I +9mo -D +1y $ksk1 > /dev/null 2>&1
92ksk2=`$KEYGEN -K $dir -S $ksk1`
93# allow only 1 day between publication and activation
94$SETTIME -K $dir -P +269d $ksk2 > /dev/null 2>&1
95zsk1=`$KEYGEN -K $dir -3 example.com`
96
97# Test 8: ZSK rolled with insufficient delay after prepublication.
98dir=08-zsk-ttl
99rm -f $dir/K*.key
100rm -f $dir/K*.private
101zsk1=`$KEYGEN -K $dir -3 example.com`
102$SETTIME -K $dir -I +9mo -D +1y $zsk1 > /dev/null 2>&1
103zsk2=`$KEYGEN -K $dir -S $zsk1`
104# allow only 1 day between publication and activation
105$SETTIME -K $dir -P +269d $zsk2 > /dev/null 2>&1
106ksk1=`$KEYGEN -K $dir -3fk example.com`
107
108# Test 9: KSK goes inactive before successor is active, but checking ZSKs
109dir=09-check-zsk
110rm -f $dir/K*.key
111rm -f $dir/K*.private
112ksk1=`$KEYGEN -K $dir -3fk example.com`
113$SETTIME -K $dir -I +9mo -D +1y $ksk1 > /dev/null 2>&1
114ksk2=`$KEYGEN -K $dir -S $ksk1`
115$SETTIME -K $dir -I +7mo $ksk1 > /dev/null 2>&1
116zsk1=`$KEYGEN -K $dir -3 example.com`
117
118# Test 10: ZSK goes inactive before successor is active, but checking KSKs
119dir=10-check-ksk
120rm -f $dir/K*.key
121rm -f $dir/K*.private
122zsk1=`$KEYGEN -K $dir -3 example.com`
123$SETTIME -K $dir -I +9mo -D +1y $zsk1 > /dev/null 2>&1
124zsk2=`$KEYGEN -K $dir -S $zsk1`
125$SETTIME -K $dir -I +7mo $zsk1 > /dev/null 2>&1
126ksk1=`$KEYGEN -K $dir -3fk example.com`
127
128# Test 11: ZSK goes inactive before successor is active, but after cutoff
129dir=11-cutoff
130rm -f $dir/K*.key
131rm -f $dir/K*.private
132zsk1=`$KEYGEN -K $dir -3 example.com`
133$SETTIME -K $dir -I +18mo -D +2y $zsk1 > /dev/null 2>&1
134zsk2=`$KEYGEN -K $dir -S $zsk1`
135$SETTIME -K $dir -I +16mo $zsk1 > /dev/null 2>&1
136ksk1=`$KEYGEN -K $dir -3fk example.com`
137