xref: /minix3/external/bsd/bind/dist/bin/tests/system/tkey/tests.sh (revision 00b67f09dd46474d133c95011a48590a8e8f94c7) 
1#!/bin/sh
2#
3# Copyright (C) 2004, 2007, 2009, 2011-2014  Internet Systems Consortium, Inc. ("ISC")
4# Copyright (C) 2001  Internet Software Consortium.
5#
6# Permission to use, copy, modify, and/or distribute this software for any
7# purpose with or without fee is hereby granted, provided that the above
8# copyright notice and this permission notice appear in all copies.
9#
10# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
11# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
12# AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
13# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
14# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
15# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
16# PERFORMANCE OF THIS SOFTWARE.
17
18# Id: tests.sh,v 1.11 2011/11/03 23:46:26 tbox Exp
19
20SYSTEMTESTTOP=..
21. $SYSTEMTESTTOP/conf.sh
22
23DIGOPTS="@10.53.0.1 -p 5300"
24
25status=0
26
27echo "I:generating new DH key"
28ret=0
29dhkeyname=`$KEYGEN -T KEY -a DH -b 768 -n host -r $RANDFILE client` || ret=1
30if [ $ret != 0 ]; then
31	echo "I:failed"
32	status=`expr $status + $ret`
33	echo "I:exit status: $status"
34	exit $status
35fi
36status=`expr $status + $ret`
37
38for owner in . foo.example.
39do
40	echo "I:creating new key using owner name \"$owner\""
41	ret=0
42	keyname=`./keycreate $dhkeyname $owner` || ret=1
43	if [ $ret != 0 ]; then
44		echo "I:failed"
45		status=`expr $status + $ret`
46		echo "I:exit status: $status"
47		exit $status
48	fi
49	status=`expr $status + $ret`
50
51	echo "I:checking the new key"
52	ret=0
53	$DIG $DIGOPTS . ns -k $keyname > dig.out.1 || ret=1
54	grep "status: NOERROR" dig.out.1 > /dev/null || ret=1
55	grep "TSIG.*hmac-md5.*NOERROR" dig.out.1 > /dev/null || ret=1
56	grep "Some TSIG could not be validated" dig.out.1 > /dev/null && ret=1
57	if [ $ret != 0 ]; then
58		echo "I:failed"
59	fi
60	status=`expr $status + $ret`
61
62	echo "I:deleting new key"
63	ret=0
64	./keydelete $keyname || ret=1
65	if [ $ret != 0 ]; then
66		echo "I:failed"
67	fi
68	status=`expr $status + $ret`
69
70	echo "I:checking that new key has been deleted"
71	ret=0
72	$DIG $DIGOPTS . ns -k $keyname > dig.out.2 || ret=1
73	grep "status: NOERROR" dig.out.2 > /dev/null && ret=1
74	grep "TSIG.*hmac-md5.*NOERROR" dig.out.2 > /dev/null && ret=1
75	grep "Some TSIG could not be validated" dig.out.2 > /dev/null || ret=1
76	if [ $ret != 0 ]; then
77		echo "I:failed"
78	fi
79	status=`expr $status + $ret`
80done
81
82echo "I:creating new key using owner name bar.example."
83ret=0
84keyname=`./keycreate $dhkeyname bar.example.` || ret=1
85if [ $ret != 0 ]; then
86        echo "I:failed"
87	status=`expr $status + $ret`
88        echo "I:exit status: $status"
89        exit $status
90fi
91status=`expr $status + $ret`
92
93echo "I:checking the key with 'rndc tsig-list'"
94ret=0
95$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 tsig-list > rndc.out.1
96grep "key \"bar.example.server" rndc.out.1 > /dev/null || ret=1
97if [ $ret != 0 ]; then
98        echo "I:failed"
99fi
100status=`expr $status + $ret`
101
102echo "I:using key in a request"
103ret=0
104$DIG $DIGOPTS -k $keyname txt.example txt > dig.out.3 || ret=1
105grep "status: NOERROR" dig.out.3 > /dev/null || ret=1
106if [ $ret != 0 ]; then
107        echo "I:failed"
108fi
109status=`expr $status + $ret`
110
111echo "I:deleting the key with 'rndc tsig-delete'"
112ret=0
113$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 tsig-delete bar.example.server > /dev/null || ret=1
114$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 tsig-list > rndc.out.2
115grep "key \"bar.example.server" rndc.out.2 > /dev/null && ret=1
116$DIG $DIGOPTS -k $keyname txt.example txt > dig.out.4 || ret=1
117grep "TSIG could not be validated" dig.out.4 > /dev/null || ret=1
118if [ $ret != 0 ]; then
119        echo "I:failed"
120fi
121status=`expr $status + $ret`
122
123echo "I:recreating the bar.example. key"
124ret=0
125keyname=`./keycreate $dhkeyname bar.example.` || ret=1
126if [ $ret != 0 ]; then
127        echo "I:failed"
128	status=`expr $status + $ret`
129        echo "I:exit status: $status"
130        exit $status
131fi
132status=`expr $status + $ret`
133
134echo "I:checking the new key with 'rndc tsig-list'"
135ret=0
136$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 tsig-list > rndc.out.3
137grep "key \"bar.example.server" rndc.out.3 > /dev/null || ret=1
138if [ $ret != 0 ]; then
139        echo "I:failed"
140fi
141status=`expr $status + $ret`
142
143echo "I:using the new key in a request"
144ret=0
145$DIG $DIGOPTS -k $keyname txt.example txt > dig.out.5 || ret=1
146grep "status: NOERROR" dig.out.5 > /dev/null || ret=1
147if [ $ret != 0 ]; then
148        echo "I:failed"
149fi
150status=`expr $status + $ret`
151
152echo "I:exit status: $status"
153exit $status
154