xref: /netbsd-src/external/mpl/bind/dist/bin/tests/system/addzone/tests.sh (revision 8ecbf5f02b752fcb7debe1a8fab1dc82602bc760) 
1#!/bin/sh
2#
3# Copyright (C) Internet Systems Consortium, Inc. ("ISC")
4#
5# This Source Code Form is subject to the terms of the Mozilla Public
6# License, v. 2.0. If a copy of the MPL was not distributed with this
7# file, You can obtain one at http://mozilla.org/MPL/2.0/.
8#
9# See the COPYRIGHT file distributed with this work for additional
10# information regarding copyright ownership.
11
12SYSTEMTESTTOP=..
13. $SYSTEMTESTTOP/conf.sh
14
15DIGOPTS="+tcp +nosea +nostat +nocmd +norec +noques +noauth +noadd +nostats +dnssec -p ${PORT}"
16RNDCCMD="$RNDC -c $SYSTEMTESTTOP/common/rndc.conf -p ${CONTROLPORT} -s"
17
18check_zonestatus() (
19    $RNDCCMD "10.53.0.$1" zonestatus -redirect > "zonestatus.out.ns$1.$n" &&
20    grep "type: redirect" "zonestatus.out.ns$1.$n" > /dev/null &&
21    grep "serial: 1" "zonestatus.out.ns$1.$n" > /dev/null
22)
23
24status=0
25n=0
26
27echo_i "checking normally loaded zone ($n)"
28ret=0
29$DIG $DIGOPTS @10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret=1
30grep 'status: NOERROR' dig.out.ns2.$n > /dev/null || ret=1
31grep '^a.normal.example' dig.out.ns2.$n > /dev/null || ret=1
32n=`expr $n + 1`
33if [ $ret != 0 ]; then echo_i "failed"; fi
34status=`expr $status + $ret`
35
36# When LMDB support is compiled in, this tests that migration from
37# NZF to NZD occurs during named startup
38echo_i "checking previously added zone ($n)"
39ret=0
40$DIG $DIGOPTS @10.53.0.2 a.previous.example a > dig.out.ns2.$n || ret=1
41grep 'status: NOERROR' dig.out.ns2.$n > /dev/null || ret=1
42grep '^a.previous.example' dig.out.ns2.$n > /dev/null || ret=1
43n=`expr $n + 1`
44if [ $ret != 0 ]; then echo_i "failed"; fi
45status=`expr $status + $ret`
46
47if [ -n "$NZD" ]; then
48    echo_i "checking that existing NZF file was renamed after migration ($n)"
49    [ -e ns2/3bf305731dd26307.nzf~ ] || ret=1
50    n=`expr $n + 1`
51    if [ $ret != 0 ]; then echo_i "failed"; fi
52    status=`expr $status + $ret`
53fi
54
55echo_i "adding new zone ($n)"
56ret=0
57$RNDCCMD 10.53.0.2 addzone 'added.example { type master; file "added.db"; };' 2>&1 | sed 's/^/I:ns2 /'
58_check_adding_new_zone () (
59	$DIG $DIGOPTS @10.53.0.2 a.added.example a > dig.out.ns2.$n &&
60	grep 'status: NOERROR' dig.out.ns2.$n > /dev/null &&
61	grep '^a.added.example' dig.out.ns2.$n > /dev/null
62)
63retry_quiet 10 _check_adding_new_zone || ret=1
64n=`expr $n + 1`
65if [ $ret != 0 ]; then echo_i "failed"; fi
66status=`expr $status + $ret`
67
68nextpart ns2/named.run >/dev/null
69echo_i "checking addzone errors are logged correctly"
70ret=0
71$RNDCCMD 10.53.0.2 addzone bad.example '{ type mister; };' 2>&1 | grep 'unexpected token' > /dev/null 2>&1 || ret=1
72wait_for_log_peek 20 "addzone: 'mister' unexpected" ns2/named.run || ret=1
73n=`expr $n + 1`
74if [ $ret != 0 ]; then echo_i "failed"; fi
75status=`expr $status + $ret`
76
77nextpart ns2/named.run >/dev/null
78echo_i "checking modzone errors are logged correctly"
79ret=0
80$RNDCCMD 10.53.0.2 modzone added.example '{ type mister; };' 2>&1 | grep 'unexpected token' > /dev/null 2>&1 || ret=1
81wait_for_log_peek 20 "modzone: 'mister' unexpected" ns2/named.run || ret=1
82n=`expr $n + 1`
83if [ $ret != 0 ]; then echo_i "failed"; fi
84status=`expr $status + $ret`
85
86echo_i "adding a zone that requires quotes ($n)"
87ret=0
88$RNDCCMD 10.53.0.2 addzone '"32/1.0.0.127-in-addr.added.example" { check-names ignore; type master; file "added.db"; };' 2>&1 | sed 's/^/I:ns2 /'
89_check_zone_that_requires_quotes() (
90	$DIG $DIGOPTS @10.53.0.2 "a.32/1.0.0.127-in-addr.added.example" a > dig.out.ns2.$n &&
91	grep 'status: NOERROR' dig.out.ns2.$n > /dev/null &&
92	grep '^a.32/1.0.0.127-in-addr.added.example' dig.out.ns2.$n > /dev/null
93)
94retry_quiet 10 _check_zone_that_requires_quotes || ret=1
95n=`expr $n + 1`
96if [ $ret != 0 ]; then echo_i "failed"; fi
97status=`expr $status + $ret`
98
99echo_i "adding a zone with a quote in the name ($n)"
100ret=0
101$RNDCCMD 10.53.0.2 addzone '"foo\"bar.example" { check-names ignore; type master; file "added.db"; };' 2>&1 | sed 's/^/I:ns2 /'
102_check_zone_with_a_quote() (
103	$DIG $DIGOPTS @10.53.0.2 "a.foo\"bar.example" a > dig.out.ns2.$n &&
104	grep 'status: NOERROR' dig.out.ns2.$n > /dev/null &&
105	grep '^a.foo\\"bar.example' dig.out.ns2.$n > /dev/null
106)
107retry_quiet 10 _check_zone_with_a_quote || ret=1
108n=`expr $n + 1`
109if [ $ret != 0 ]; then echo_i "failed"; fi
110status=`expr $status + $ret`
111
112echo_i "adding new zone with missing master file ($n)"
113ret=0
114$DIG $DIGOPTS +all @10.53.0.2 a.missing.example a > dig.out.ns2.pre.$n || ret=1
115grep "status: REFUSED" dig.out.ns2.pre.$n > /dev/null || ret=1
116$RNDCCMD 10.53.0.2 addzone 'missing.example { type master; file "missing.db"; };' 2> rndc.out.ns2.$n
117grep "file not found" rndc.out.ns2.$n > /dev/null || ret=1
118$DIG $DIGOPTS +all @10.53.0.2 a.missing.example a > dig.out.ns2.post.$n || ret=1
119grep "status: REFUSED" dig.out.ns2.post.$n > /dev/null || ret=1
120digcomp dig.out.ns2.pre.$n dig.out.ns2.post.$n || ret=1
121n=`expr $n + 1`
122if [ $ret != 0 ]; then echo_i "failed"; fi
123status=`expr $status + $ret`
124
125if [ -z "$NZD" ]; then
126    echo_i "verifying no comments in NZF file ($n)"
127    ret=0
128    hcount=`grep "^# New zone file for view: _default" ns2/3bf305731dd26307.nzf | wc -l`
129    [ $hcount -eq 0 ] || ret=1
130    n=`expr $n + 1`
131    if [ $ret != 0 ]; then echo_i "failed"; fi
132    status=`expr $status + $ret`
133fi
134
135echo_i "checking rndc showzone with previously added zone ($n)"
136ret=0
137$RNDCCMD 10.53.0.2 showzone previous.example > rndc.out.ns2.$n
138expected='zone "previous.example" { type master; file "previous.db"; };'
139[ "`cat rndc.out.ns2.$n`" = "$expected" ] || ret=1
140n=`expr $n + 1`
141if [ $ret != 0 ]; then echo_i "failed"; fi
142status=`expr $status + $ret`
143
144if [ -n "$NZD" ]; then
145    echo_i "checking zone is present in NZD ($n)"
146    ret=0
147    $NZD2NZF ns2/_default.nzd | grep previous.example > /dev/null || ret=1
148    if [ $ret != 0 ]; then echo_i "failed"; fi
149    status=`expr $status + $ret`
150fi
151
152echo_i "deleting previously added zone ($n)"
153ret=0
154$RNDCCMD 10.53.0.2 delzone previous.example 2>&1 | sed 's/^/I:ns2 /'
155_check_deleting_previously_added_zone() (
156	$DIG $DIGOPTS @10.53.0.2 a.previous.example a > dig.out.ns2.$n &&
157	grep 'status: REFUSED' dig.out.ns2.$n > /dev/null &&
158	! grep '^a.previous.example' dig.out.ns2.$n > /dev/null
159)
160retry_quiet 10 _check_deleting_previously_added_zone || ret=1
161n=`expr $n + 1`
162if [ $ret != 0 ]; then echo_i "failed"; fi
163status=`expr $status + $ret`
164
165check_nzd2nzf() (
166	$NZD2NZF ns2/_default.nzd > nzd2nzf.out.$n &&
167	! grep previous.example nzd2nzf.out.$n > /dev/null
168)
169
170if [ -n "$NZD" ]; then
171    echo_i "checking zone was deleted from NZD ($n)"
172    retry_quiet 10 check_nzd2nzf || ret=1
173    if [ $ret != 0 ]; then echo_i "failed"; fi
174    status=`expr $status + $ret`
175fi
176
177if [ -z "$NZD" ]; then
178    echo_i "checking NZF file now has comment ($n)"
179    ret=0
180    hcount=`grep "^# New zone file for view: _default" ns2/3bf305731dd26307.nzf | wc -l`
181    [ $hcount -eq 1 ] || ret=1
182    n=`expr $n + 1`
183    if [ $ret != 0 ]; then echo_i "failed"; fi
184    status=`expr $status + $ret`
185fi
186
187echo_i "deleting newly added zone added.example ($n)"
188ret=0
189$RNDCCMD 10.53.0.2 delzone added.example 2>&1 | sed 's/^/I:ns2 /'
190_check_deleting_newly_added_zone() (
191	$DIG $DIGOPTS @10.53.0.2 a.added.example a > dig.out.ns2.$n &&
192	grep 'status: REFUSED' dig.out.ns2.$n > /dev/null &&
193	! grep '^a.added.example' dig.out.ns2.$n > /dev/null
194)
195retry_quiet 10 _check_deleting_newly_added_zone || ret=1
196n=`expr $n + 1`
197if [ $ret != 0 ]; then echo_i "failed"; fi
198status=`expr $status + $ret`
199
200echo_i "deleting newly added zone with escaped quote ($n)"
201ret=0
202$RNDCCMD 10.53.0.2 delzone "foo\\\"bar.example" 2>&1 | sed 's/^/I:ns2 /'
203_check_deleting_newly_added_zone_quote() (
204	$DIG $DIGOPTS @10.53.0.2 "a.foo\"bar.example" a > dig.out.ns2.$n &&
205	grep 'status: REFUSED' dig.out.ns2.$n > /dev/null &&
206	! grep "^a.foo\"bar.example" dig.out.ns2.$n > /dev/null
207)
208retry_quiet 10 _check_deleting_newly_added_zone_quote || ret=1
209n=`expr $n + 1`
210if [ $ret != 0 ]; then echo_i "failed"; fi
211status=`expr $status + $ret`
212
213echo_i "checking rndc showzone with a normally-loaded zone ($n)"
214ret=0
215$RNDCCMD 10.53.0.2 showzone normal.example > rndc.out.ns2.$n
216expected='zone "normal.example" { type master; file "normal.db"; };'
217[ "`cat rndc.out.ns2.$n`" = "$expected" ] || ret=1
218n=`expr $n + 1`
219if [ $ret != 0 ]; then echo_i "failed"; fi
220status=`expr $status + $ret`
221
222echo_i "checking rndc showzone with a normally-loaded zone with trailing dot ($n)"
223ret=0
224$RNDCCMD 10.53.0.2 showzone finaldot.example > rndc.out.ns2.$n
225expected='zone "finaldot.example." { type master; file "normal.db"; };'
226[ "`cat rndc.out.ns2.$n`" = "$expected" ] || ret=1
227n=`expr $n + 1`
228if [ $ret != 0 ]; then echo_i "failed"; fi
229status=`expr $status + $ret`
230
231echo_i "checking rndc showzone with a normally-loaded redirect zone ($n)"
232ret=0
233$RNDCCMD 10.53.0.1 showzone -redirect > rndc.out.ns1.$n
234expected='zone "." { type redirect; file "redirect.db"; };'
235[ "`cat rndc.out.ns1.$n`" = "$expected" ] || ret=1
236n=`expr $n + 1`
237if [ $ret != 0 ]; then echo_i "failed"; fi
238status=`expr $status + $ret`
239
240echo_i "checking rndc zonestatus with a normally-loaded redirect zone ($n)"
241ret=0
242$RNDCCMD 10.53.0.1 zonestatus -redirect > rndc.out.ns1.$n
243grep "type: redirect" rndc.out.ns1.$n > /dev/null || ret=1
244grep "serial: 0" rndc.out.ns1.$n > /dev/null || ret=1
245n=`expr $n + 1`
246if [ $ret != 0 ]; then echo_i "failed"; fi
247status=`expr $status + $ret`
248
249echo_i "checking rndc reload with a normally-loaded redirect zone ($n)"
250ret=0
251sleep 1
252cp -f ns1/redirect.db.2 ns1/redirect.db
253$RNDCCMD 10.53.0.1 reload -redirect > rndc.out.ns1.$n
254retry_quiet 5 check_zonestatus 1 || ret=1
255n=`expr $n + 1`
256if [ $ret != 0 ]; then echo_i "failed"; fi
257status=`expr $status + $ret`
258
259echo_i "delete a normally-loaded zone ($n)"
260ret=0
261$RNDCCMD 10.53.0.2 delzone normal.example > rndc.out.ns2.$n 2>&1
262grep "is no longer active and will be deleted" rndc.out.ns2.$n > /dev/null || ret=11
263grep "To keep it from returning when the server is restarted" rndc.out.ns2.$n > /dev/null || ret=1
264grep "must also be removed from named.conf." rndc.out.ns2.$n > /dev/null || ret=1
265_check_delete_normally_loaded_zone() (
266	$DIG $DIGOPTS @10.53.0.2 a.normal.example a > dig.out.ns2.$n &&
267	grep 'status: REFUSED' dig.out.ns2.$n > /dev/null
268)
269retry_quiet 5 _check_delete_normally_loaded_zone || ret=1
270
271n=`expr $n + 1`
272if [ $ret != 0 ]; then echo_i "failed"; fi
273status=`expr $status + $ret`
274
275echo_i "attempting to add master zone with inline signing ($n)"
276$RNDCCMD 10.53.0.2 addzone 'inline.example { type master; file "inline.db"; inline-signing yes; };' 2>&1 | sed 's/^/I:ns2 /'
277_check_add_master_zone_with_inline() (
278	$DIG $DIGOPTS @10.53.0.2 a.inline.example a > dig.out.ns2.$n &&
279	grep 'status: NOERROR' dig.out.ns2.$n > /dev/null &&
280	grep '^a.inline.example' dig.out.ns2.$n > /dev/null
281)
282retry_quiet 5 _check_add_master_zone_with_inline || ret=1
283n=`expr $n + 1`
284if [ $ret != 0 ]; then echo_i "failed"; fi
285status=`expr $status + $ret`
286
287echo_i "attempting to add master zone with inline signing and missing master ($n)"
288ret=0
289$RNDCCMD 10.53.0.2 addzone 'inlinemissing.example { type master; file "missing.db"; inline-signing yes; };' 2> rndc.out.ns2.$n
290grep "file not found" rndc.out.ns2.$n > /dev/null || ret=1
291n=`expr $n + 1`
292if [ $ret != 0 ]; then echo_i "failed"; fi
293status=`expr $status + $ret`
294
295echo_i "attempting to add slave zone with inline signing ($n)"
296$RNDCCMD 10.53.0.2 addzone 'inlineslave.example { type slave; masters { 10.53.0.1; }; file "inlineslave.bk"; inline-signing yes; };' 2>&1 | sed 's/^/I:ns2 /'
297_check_add_slave_with_inline() (
298	$DIG $DIGOPTS @10.53.0.2 a.inlineslave.example a > dig.out.ns2.$n &&
299	grep 'status: NOERROR' dig.out.ns2.$n > /dev/null &&
300	grep '^a.inlineslave.example' dig.out.ns2.$n > /dev/null
301)
302retry_quiet 5 _check_add_slave_with_inline || ret=1
303n=`expr $n + 1`
304if [ $ret != 0 ]; then echo_i "failed"; fi
305status=`expr $status + $ret`
306
307echo_i "attempting to delete slave zone with inline signing ($n)"
308ret=0
309retry_quiet 10 test -f ns2/inlineslave.bk.signed -a -f ns2/inlineslave.bk || ret=1
310$RNDCCMD 10.53.0.2 delzone inlineslave.example > rndc.out2.test$n 2>&1 || ret=1
311test -f inlineslave.bk ||
312grep '^inlineslave.bk$' rndc.out2.test$n > /dev/null || {
313	echo_i "failed to report inlineslave.bk"; ret=1;
314}
315test ! -f inlineslave.bk.signed ||
316grep '^inlineslave.bk.signed$' rndc.out2.test$n > /dev/null || {
317	echo_i "failed to report inlineslave.bk.signed"; ret=1;
318}
319n=`expr $n + 1`
320status=`expr $status + $ret`
321
322echo_i "restoring slave zone with inline signing ($n)"
323$RNDCCMD 10.53.0.2 addzone 'inlineslave.example { type slave; masters { 10.53.0.1; }; file "inlineslave.bk"; inline-signing yes; };' 2>&1 | sed 's/^/I:ns2 /'
324_check_restoring_slave_with_inline() (
325	$DIG $DIGOPTS @10.53.0.2 a.inlineslave.example a > dig.out.ns2.$n &&
326	grep 'status: NOERROR' dig.out.ns2.$n > /dev/null &&
327	grep '^a.inlineslave.example' dig.out.ns2.$n > /dev/null
328)
329retry_quiet 5 _check_restoring_slave_with_inline || ret=1
330n=`expr $n + 1`
331if [ $ret != 0 ]; then echo_i "failed"; fi
332status=`expr $status + $ret`
333
334echo_i "deleting slave zone with automatic zone file removal ($n)"
335ret=0
336retry_quiet 10 test -f ns2/inlineslave.bk.signed -a -f ns2/inlineslave.bk || ret=1
337$RNDCCMD 10.53.0.2 delzone -clean inlineslave.example > /dev/null 2>&1
338retry_quiet 10 test ! -f ns2/inlineslave.bk.signed -a ! -f ns2/inlineslave.bk
339n=`expr $n + 1`
340status=`expr $status + $ret`
341
342echo_i "modifying zone configuration ($n)"
343ret=0
344$RNDCCMD 10.53.0.2 addzone 'mod.example { type master; file "added.db"; };' 2>&1 | sed 's/^/ns2 /' | cat_i
345$DIG +norec $DIGOPTS @10.53.0.2 mod.example ns > dig.out.ns2.1.$n || ret=1
346grep 'status: NOERROR' dig.out.ns2.1.$n > /dev/null || ret=1
347$RNDCCMD 10.53.0.2 modzone 'mod.example { type master; file "added.db"; allow-query { none; }; };' 2>&1 | sed 's/^/ns2 /' | cat_i
348$DIG +norec $DIGOPTS @10.53.0.2 mod.example ns > dig.out.ns2.2.$n || ret=1
349$RNDCCMD 10.53.0.2 showzone mod.example | grep 'allow-query { "none"; };' > /dev/null 2>&1 || ret=1
350n=`expr $n + 1`
351if [ $ret != 0 ]; then echo_i "failed"; fi
352status=`expr $status + $ret`
353
354echo_i "check that adding a 'stub' zone works ($n)"
355ret=0
356$RNDCCMD 10.53.0.2 addzone 'stub.example { type stub; masters { 1.2.3.4; }; file "stub.example.bk"; };' > rndc.out.ns2.$n 2>&1 || ret=1
357n=`expr $n + 1`
358if [ $ret != 0 ]; then echo_i "failed"; fi
359status=`expr $status + $ret`
360
361echo_i "check that adding a 'static-stub' zone works ($n)"
362ret=0
363$RNDCCMD 10.53.0.2 addzone 'static-stub.example { type static-stub; server-addresses { 1.2.3.4; }; };' > rndc.out.ns2.$n 2>&1 || ret=1
364n=`expr $n + 1`
365if [ $ret != 0 ]; then echo_i "failed"; fi
366status=`expr $status + $ret`
367
368echo_i "check that adding a 'master redirect' zone works ($n)"
369ret=0
370$RNDCCMD 10.53.0.2 addzone '"." { type redirect; file "redirect.db"; };' > rndc.out.ns2.$n 2>&1 || ret=1
371_check_add_master_redirect() (
372	$RNDCCMD 10.53.0.2 showzone -redirect > showzone.out.ns2.$n 2>&1 &&
373	grep "type redirect;" showzone.out.ns2.$n > /dev/null &&
374	$RNDCCMD 10.53.0.2 zonestatus -redirect > zonestatus.out.ns2.$n 2>&1 &&
375	grep "type: redirect" zonestatus.out.ns2.$n > /dev/null &&
376	grep "serial: 0" zonestatus.out.ns2.$n > /dev/null
377)
378retry_quiet 10 _check_add_master_redirect || ret=1
379n=`expr $n + 1`
380if [ $ret != 0 ]; then echo_i "failed"; fi
381status=`expr $status + $ret`
382
383echo_i "check that reloading a added 'master redirect' zone works ($n)"
384ret=0
385sleep 1
386cp -f ns2/redirect.db.2 ns2/redirect.db
387$RNDCCMD 10.53.0.2 reload -redirect > rndc.out.ns2.$n
388retry_quiet 10 check_zonestatus 2 || ret=1
389n=`expr $n + 1`
390if [ $ret != 0 ]; then echo_i "failed"; fi
391status=`expr $status + $ret`
392
393echo_i "check that retransfer of a added 'master redirect' zone fails ($n)"
394ret=0
395$RNDCCMD 10.53.0.2 retransfer -redirect > rndc.out.ns2.$n 2>&1 && ret=1
396n=`expr $n + 1`
397if [ $ret != 0 ]; then echo_i "failed"; fi
398status=`expr $status + $ret`
399
400echo_i "check that deleting a 'master redirect' zone works ($n)"
401ret=0
402$RNDCCMD 10.53.0.2 delzone -redirect > rndc.out.ns2.$n 2>&1 || ret=1
403_check_deleting_master_redirect() (
404	$RNDCCMD 10.53.0.2 showzone -redirect > showzone.out.ns2.$n 2>&1 || true
405	grep 'not found' showzone.out.ns2.$n > /dev/null
406)
407retry_quiet 10 _check_deleting_master_redirect || ret=1
408n=`expr $n + 1`
409if [ $ret != 0 ]; then echo_i "failed"; fi
410status=`expr $status + $ret`
411
412echo_i "check that adding a 'slave redirect' zone works ($n)"
413ret=0
414$RNDCCMD 10.53.0.2 addzone '"." { type redirect; masters { 10.53.0.3;}; file "redirect.bk"; };' > rndc.out.ns2.$n 2>&1 || ret=1
415_check_adding_slave_redirect() (
416	$RNDCCMD 10.53.0.2 showzone -redirect > showzone.out.ns2.$n 2>&1 &&
417	grep "type redirect;" showzone.out.ns2.$n > /dev/null &&
418	$RNDCCMD 10.53.0.2 zonestatus -redirect > zonestatus.out.ns2.$n 2>&1 &&
419	grep "type: redirect" zonestatus.out.ns2.$n > /dev/null &&
420	grep "serial: 0" zonestatus.out.ns2.$n > /dev/null
421)
422retry_quiet 10 _check_adding_slave_redirect || ret=1
423n=`expr $n + 1`
424if [ $ret != 0 ]; then echo_i "failed"; fi
425status=`expr $status + $ret`
426
427echo_i "check that retransfering a added 'slave redirect' zone works ($n)"
428ret=0
429cp -f ns3/redirect.db.2 ns3/redirect.db
430$RNDCCMD 10.53.0.3 reload . > showzone.out.ns3.$n 2>&1 || ret=1
431_check_retransfering_slave_redirect() (
432	$RNDCCMD 10.53.0.2 retransfer -redirect > rndc.out.ns2.$n 2>&1 &&
433	$RNDCCMD 10.53.0.2 zonestatus -redirect > zonestatus.out.ns2.$n 2>&1 &&
434	grep "type: redirect" zonestatus.out.ns2.$n > /dev/null &&
435	grep "serial: 1" zonestatus.out.ns2.$n > /dev/null
436)
437retry_quiet 10 _check_retransfering_slave_redirect || ret=1
438n=`expr $n + 1`
439if [ $ret != 0 ]; then echo_i "failed"; fi
440status=`expr $status + $ret`
441
442echo_i "check that deleting a 'slave redirect' zone works ($n)"
443ret=0
444$RNDCCMD 10.53.0.2 delzone -redirect > rndc.out.ns2.$n 2>&1 || ret=1
445_check_deleting_slave_redirect() (
446	$RNDCCMD 10.53.0.2 showzone -redirect > showzone.out.ns2.$n 2>&1 || true
447	grep 'not found' showzone.out.ns2.$n > /dev/null
448)
449retry_quiet 10 _check_deleting_slave_redirect || ret=1
450n=`expr $n + 1`
451if [ $ret != 0 ]; then echo_i "failed"; fi
452status=`expr $status + $ret`
453
454echo_i "check that zone type 'hint' is properly rejected ($n)"
455ret=0
456$RNDCCMD 10.53.0.2 addzone '"." { type hint; file "hints.db"; };' > rndc.out.ns2.$n 2>&1 && ret=1
457grep "zones not supported by addzone" rndc.out.ns2.$n > /dev/null || ret=1
458n=`expr $n + 1`
459if [ $ret != 0 ]; then echo_i "failed"; fi
460status=`expr $status + $ret`
461
462echo_i "check that zone type 'forward' is properly rejected ($n)"
463ret=0
464$RNDCCMD 10.53.0.2 addzone 'forward.example { type forward; forwarders { 1.2.3.4; }; forward only; };' > rndc.out.ns2.$n 2>&1 && ret=1
465grep "zones not supported by addzone" rndc.out.ns2.$n > /dev/null || ret=1
466n=`expr $n + 1`
467if [ $ret != 0 ]; then echo_i "failed"; fi
468status=`expr $status + $ret`
469
470echo_i "check that zone type 'delegation-only' is properly rejected ($n)"
471ret=0
472$RNDCCMD 10.53.0.2 addzone 'delegation-only.example { type delegation-only; };' > rndc.out.ns2.$n 2>&1 && ret=1
473grep "zones not supported by addzone" rndc.out.ns2.$n > /dev/null || ret=1
474n=`expr $n + 1`
475if [ $ret != 0 ]; then echo_i "failed"; fi
476status=`expr $status + $ret`
477
478echo_i "check that 'in-view' zones are properly rejected ($n)"
479ret=0
480$RNDCCMD 10.53.0.2 addzone 'in-view.example { in-view "_default"; };' > rndc.out.ns2.$n 2>&1 && ret=1
481grep "zones not supported by addzone" rndc.out.ns2.$n > /dev/null || ret=1
482n=`expr $n + 1`
483if [ $ret != 0 ]; then echo_i "failed"; fi
484status=`expr $status + $ret`
485
486echo_i "reconfiguring server with multiple views"
487rm -f ns2/named.conf
488copy_setports ns2/named2.conf.in ns2/named.conf
489rndc_reconfig ns2 10.53.0.2
490
491echo_i "adding new zone to external view ($n)"
492# NOTE: The internal view has "recursion yes" set, and so queries for
493# nonexistent zones should return NOERROR.  The external view is
494# "recursion no", so queries for nonexistent zones should return
495# REFUSED.  This behavior should be the same regardless of whether
496# the zone does not exist because a) it has not yet been loaded, b)
497# it failed to load, or c) it has been deleted.
498ret=0
499$DIG +norec $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.added.example a > dig.out.ns2.intpre.$n || ret=1
500grep 'status: NOERROR' dig.out.ns2.intpre.$n > /dev/null || ret=1
501$DIG +norec $DIGOPTS @10.53.0.4 -b 10.53.0.4 a.added.example a > dig.out.ns2.extpre.$n || ret=1
502grep 'status: REFUSED' dig.out.ns2.extpre.$n > /dev/null || ret=1
503$RNDCCMD 10.53.0.2 addzone 'added.example in external { type master; file "added.db"; };' 2>&1 | sed 's/^/I:ns2 /'
504$DIG +norec $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.added.example a > dig.out.ns2.int.$n || ret=1
505grep 'status: NOERROR' dig.out.ns2.int.$n > /dev/null || ret=1
506$DIG +norec $DIGOPTS @10.53.0.4 -b 10.53.0.4 a.added.example a > dig.out.ns2.ext.$n || ret=1
507grep 'status: NOERROR' dig.out.ns2.ext.$n > /dev/null || ret=1
508grep '^a.added.example' dig.out.ns2.ext.$n > /dev/null || ret=1
509n=`expr $n + 1`
510if [ $ret != 0 ]; then echo_i "failed"; fi
511status=`expr $status + $ret`
512
513if [ -z "$NZD" ]; then
514    echo_i "checking new NZF file has comment ($n)"
515    ret=0
516    hcount=`grep "^# New zone file for view: external" ns2/external.nzf | wc -l`
517    [ $hcount -eq 1 ] || ret=1
518    n=`expr $n + 1`
519    if [ $ret != 0 ]; then echo_i "failed"; fi
520    status=`expr $status + $ret`
521fi
522
523if [ -n "$NZD" ]; then
524    echo_i "verifying added.example in external view created an external.nzd DB ($n)"
525    ret=0
526    [ -e ns2/external.nzd ] || ret=1
527    n=`expr $n + 1`
528    if [ $ret != 0 ]; then echo_i "failed"; fi
529    status=`expr $status + $ret`
530fi
531
532echo_i "checking rndc reload causes named to reload the external view's new zone config ($n)"
533ret=0
534$RNDCCMD 10.53.0.2 reload 2>&1 | sed 's/^/ns2 /' | cat_i
535_check_rndc_reload_external_view_config() (
536	$DIG +norec $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.added.example a > dig.out.ns2.int.$n &&
537	grep 'status: NOERROR' dig.out.ns2.int.$n > /dev/null &&
538	$DIG +norec $DIGOPTS @10.53.0.4 -b 10.53.0.4 a.added.example a > dig.out.ns2.ext.$n &&
539	grep 'status: NOERROR' dig.out.ns2.ext.$n > /dev/null &&
540	grep '^a.added.example' dig.out.ns2.ext.$n > /dev/null
541)
542retry_quiet 10 _check_rndc_reload_external_view_config || ret=1
543n=`expr $n + 1`
544if [ $ret != 0 ]; then echo_i "failed"; fi
545status=`expr $status + $ret`
546
547echo_i "checking rndc showzone with newly added zone ($n)"
548_check_rndc_showzone_newly_added() (
549	if [ -z "$NZD" ]; then
550		expected='zone "added.example" in external { type master; file "added.db"; };'
551	else
552		expected='zone "added.example" { type master; file "added.db"; };'
553	fi
554	$RNDCCMD 10.53.0.2 showzone added.example in external > rndc.out.ns2.$n 2>/dev/null &&
555	[ "`cat rndc.out.ns2.$n`" = "$expected" ]
556)
557retry_quiet 10  _check_rndc_showzone_newly_added || ret=1
558n=`expr $n + 1`
559if [ $ret != 0 ]; then echo_i "failed"; fi
560status=`expr $status + $ret`
561
562echo_i "deleting newly added zone ($n)"
563ret=0
564$RNDCCMD 10.53.0.2 delzone 'added.example in external' 2>&1 | sed 's/^/I:ns2 /'
565_check_deleting_newly_added_zone() (
566	$DIG $DIGOPTS @10.53.0.4 -b 10.53.0.4 a.added.example a > dig.out.ns2.$n &&
567	grep 'status: REFUSED' dig.out.ns2.$n > /dev/null &&
568	! grep '^a.added.example' dig.out.ns2.$n > /dev/null
569)
570retry_quiet 10 _check_deleting_newly_added_zone || ret=1
571n=`expr $n + 1`
572if [ $ret != 0 ]; then echo_i "failed"; fi
573status=`expr $status + $ret`
574
575echo_i "attempting to add zone to internal view ($n)"
576ret=0
577$DIG +norec $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.added.example a > dig.out.ns2.pre.$n || ret=1
578grep 'status: NOERROR' dig.out.ns2.pre.$n > /dev/null || ret=1
579$RNDCCMD 10.53.0.2 addzone 'added.example in internal { type master; file "added.db"; };' 2> rndc.out.ns2.$n
580grep "permission denied" rndc.out.ns2.$n > /dev/null || ret=1
581$DIG $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.added.example a > dig.out.ns2.int.$n || ret=1
582grep 'status: NOERROR' dig.out.ns2.int.$n > /dev/null || ret=1
583$DIG $DIGOPTS @10.53.0.4 -b 10.53.0.4 a.added.example a > dig.out.ns2.ext.$n || ret=1
584grep 'status: REFUSED' dig.out.ns2.ext.$n > /dev/null || ret=1
585n=`expr $n + 1`
586if [ $ret != 0 ]; then echo_i "failed"; fi
587status=`expr $status + $ret`
588
589echo_i "attempting to delete a policy zone ($n)"
590ret=0
591$RNDCCMD 10.53.0.2 delzone 'policy in internal' 2> rndc.out.ns2.$n >&1
592grep 'cannot be deleted' rndc.out.ns2.$n > /dev/null || ret=1
593n=`expr $n + 1`
594if [ $ret != 0 ]; then echo_i "failed"; fi
595status=`expr $status + $ret`
596
597echo_i "adding new zone again to external view ($n)"
598ret=0
599$RNDCCMD 10.53.0.2 addzone 'added.example in external { type master; file "added.db"; };' 2>&1 | sed 's/^/I:ns2 /'
600_check_adding_new_zone_again_external() (
601	$DIG +norec $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.added.example a > dig.out.ns2.int.$n &&
602	grep 'status: NOERROR' dig.out.ns2.int.$n > /dev/null &&
603	$DIG +norec $DIGOPTS @10.53.0.4 -b 10.53.0.4 a.added.example a > dig.out.ns2.ext.$n &&
604	grep 'status: NOERROR' dig.out.ns2.ext.$n > /dev/null &&
605	grep '^a.added.example' dig.out.ns2.ext.$n > /dev/null
606)
607retry_quiet 10 _check_adding_new_zone_again_external || ret=1
608n=`expr $n + 1`
609if [ $ret != 0 ]; then echo_i "failed"; fi
610status=`expr $status + $ret`
611
612echo_i "reconfiguring server with multiple views and new-zones-directory"
613rm -f ns2/named.conf
614copy_setports ns2/named3.conf.in ns2/named.conf
615rndc_reconfig ns2 10.53.0.2
616
617echo_i "checking new zone is still loaded after dir change ($n)"
618ret=0
619$DIG +norec $DIGOPTS @10.53.0.4 -b 10.53.0.4 a.added.example a > dig.out.ns2.ext.$n || ret=1
620grep 'status: NOERROR' dig.out.ns2.ext.$n > /dev/null || ret=1
621grep '^a.added.example' dig.out.ns2.ext.$n > /dev/null || ret=1
622n=`expr $n + 1`
623if [ $ret != 0 ]; then echo_i "failed"; fi
624status=`expr $status + $ret`
625
626echo_i "deleting newly added zone from external ($n)"
627ret=0
628$RNDCCMD 10.53.0.2 delzone 'added.example in external' 2>&1 | sed 's/^/I:ns2 /'
629$DIG $DIGOPTS @10.53.0.4 -b 10.53.0.4 a.added.example a > dig.out.ns2.$n || ret=1
630grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1
631grep '^a.added.example' dig.out.ns2.$n > /dev/null && ret=1
632n=`expr $n + 1`
633if [ $ret != 0 ]; then echo_i "failed"; fi
634status=`expr $status + $ret`
635
636echo_i "adding new zone to directory view ($n)"
637ret=0
638$DIG +norec $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.added.example a > dig.out.ns2.intpre.$n || ret=1
639grep 'status: NOERROR' dig.out.ns2.intpre.$n > /dev/null || ret=1
640$DIG +norec $DIGOPTS @10.53.0.4 -b 10.53.0.4 a.added.example a > dig.out.ns2.extpre.$n || ret=1
641grep 'status: REFUSED' dig.out.ns2.extpre.$n > /dev/null || ret=1
642$DIG +norec $DIGOPTS @10.53.0.5 -b 10.53.0.5 a.added.example a > dig.out.ns2.dirpre.$n || ret=1
643grep 'status: REFUSED' dig.out.ns2.dirpre.$n > /dev/null || ret=1
644$RNDCCMD 10.53.0.2 addzone 'added.example in directory { type master; file "added.db"; };' 2>&1 | sed 's/^/I:ns2 /'
645$DIG +norec $DIGOPTS @10.53.0.2 -b 10.53.0.2 a.added.example a > dig.out.ns2.int.$n || ret=1
646grep 'status: NOERROR' dig.out.ns2.int.$n > /dev/null || ret=1
647$DIG +norec $DIGOPTS @10.53.0.4 -b 10.53.0.4 a.added.example a > dig.out.ns2.ext.$n || ret=1
648grep 'status: REFUSED' dig.out.ns2.ext.$n > /dev/null || ret=1
649$DIG +norec $DIGOPTS @10.53.0.5 -b 10.53.0.5 a.added.example a > dig.out.ns2.dir.$n || ret=1
650grep 'status: NOERROR' dig.out.ns2.dir.$n > /dev/null || ret=1
651grep '^a.added.example' dig.out.ns2.dir.$n > /dev/null || ret=1
652n=`expr $n + 1`
653if [ $ret != 0 ]; then echo_i "failed"; fi
654status=`expr $status + $ret`
655
656if [ -n "$NZD" ]; then
657    echo_i "checking NZD file was created in new-zones-directory ($n)"
658    expect=ns2/new-zones/directory.nzd
659else
660    echo_i "checking NZF file was created in new-zones-directory ($n)"
661    expect=ns2/new-zones/directory.nzf
662fi
663$RNDCCMD 10.53.0.2 sync 'added.example IN directory' 2>&1 | sed 's/^/I:ns2 /'
664sleep 2
665[ -e "$expect" ] || ret=1
666n=`expr $n + 1`
667if [ $ret != 0 ]; then echo_i "failed"; fi
668status=`expr $status + $ret`
669
670echo_i "deleting newly added zone from directory ($n)"
671ret=0
672$RNDCCMD 10.53.0.2 delzone 'added.example in directory' 2>&1 | sed 's/^/I:ns2 /'
673$DIG $DIGOPTS @10.53.0.5 -b 10.53.0.5 a.added.example a > dig.out.ns2.$n || ret=1
674grep 'status: REFUSED' dig.out.ns2.$n > /dev/null || ret=1
675grep '^a.added.example' dig.out.ns2.$n > /dev/null && ret=1
676n=`expr $n + 1`
677if [ $ret != 0 ]; then echo_i "failed"; fi
678status=`expr $status + $ret`
679
680echo_i "ensure the configuration context is cleaned up correctly ($n)"
681ret=0
682rndc_reconfig ns2 10.53.0.2
683$RNDCCMD 10.53.0.2 status > /dev/null 2>&1 || ret=1
684n=`expr $n + 1`
685if [ $ret != 0 ]; then echo_i "failed"; fi
686status=`expr $status + $ret`
687
688echo_i "check delzone after reconfig failure ($n)"
689ret=0
690$RNDCCMD 10.53.0.3 addzone 'inlineslave.example. IN { type slave; file "inlineslave.db"; masterfile-format text; masters { testmaster; }; };' > /dev/null 2>&1 || ret=1
691copy_setports ns3/named2.conf.in ns3/named.conf
692rndc_reconfig ns3 10.53.0.3
693$RNDCCMD 10.53.0.3 delzone inlineslave.example > /dev/null 2>&1 || ret=1
694n=`expr $n + 1`
695if [ $ret != 0 ]; then echo_i "failed"; fi
696status=`expr $status + $ret`
697
698if ! $FEATURETEST --with-lmdb
699then
700    echo_i "check that addzone is fully reversed on failure (--with-lmdb=no) ($n)"
701    ret=0
702    $RNDCCMD 10.53.0.3 addzone "test1.baz" '{ type master; file "e.db"; };' > /dev/null 2>&1 || ret=1
703    $RNDCCMD 10.53.0.3 addzone "test2.baz" '{ type master; file "dne.db"; };' > /dev/null 2>&1 && ret=1
704    $RNDCCMD 10.53.0.3 addzone "test3.baz" '{ type master; file "e.db"; };' > /dev/null 2>&1 || ret=1
705    $RNDCCMD 10.53.0.3 delzone "test3.baz" > /dev/null 2>&1 || ret=1
706    grep test2.baz ns3/_default.nzf > /dev/null && ret=1
707    n=`expr $n + 1`
708    if [ $ret != 0 ]; then echo_i "failed"; fi
709    status=`expr $status + $ret`
710fi
711
712_check_version_bind() (
713	$DIG $DIGOPTS @10.53.0.3 version.bind txt ch > dig.out.test$n &&
714	grep "status: NOERROR" dig.out.test$n > /dev/null
715)
716
717echo_i "check that named restarts with multiple added zones ($n)"
718ret=0
719$RNDCCMD 10.53.0.3 addzone "test4.baz" '{ type master; file "e.db"; };' > /dev/null 2>&1 || ret=1
720$RNDCCMD 10.53.0.3 addzone "test5.baz" '{ type master; file "e.db"; };' > /dev/null 2>&1 || ret=1
721$RNDCCMD 10.53.0.3 addzone '"test/.baz"' '{ type master; check-names ignore; file "e.db"; };' > /dev/null 2>&1 || ret=1
722$RNDCCMD 10.53.0.3 addzone '"test\".baz"' '{ type master; check-names ignore; file "e.db"; };' > /dev/null 2>&1 || ret=1
723$RNDCCMD 10.53.0.3 addzone '"test\\.baz"' '{ type master; check-names ignore; file "e.db"; };' > /dev/null 2>&1 || ret=1
724$RNDCCMD 10.53.0.3 addzone '"test\032.baz"' '{ type master; check-names ignore; file "e.db"; };' > /dev/null 2>&1 || ret=1
725$RNDCCMD 10.53.0.3 addzone '"test\010.baz"' '{ type master; check-names ignore; file "e.db"; };' > /dev/null 2>&1 || ret=1
726$PERL $SYSTEMTESTTOP/stop.pl addzone ns3
727$PERL $SYSTEMTESTTOP/start.pl --noclean --restart --port ${PORT} addzone ns3 || ret=1
728retry_quiet 10 _check_version_bind || ret=1
729$DIG $DIGOPTS @10.53.0.3 SOA  "test4.baz" > dig.out.1.test$n || ret=1
730grep "status: NOERROR" dig.out.1.test$n > /dev/null || ret=1
731grep "ANSWER: 1," dig.out.1.test$n > /dev/null || ret=1
732$DIG $DIGOPTS @10.53.0.3 SOA  "test5.baz" > dig.out.2.test$n || ret=1
733grep "status: NOERROR" dig.out.2.test$n > /dev/null || ret=1
734grep "ANSWER: 1," dig.out.2.test$n > /dev/null || ret=1
735$DIG $DIGOPTS @10.53.0.3 SOA  'test/.baz' > dig.out.3.test$n || ret=1
736grep "status: NOERROR" dig.out.3.test$n > /dev/null || ret=1
737grep "ANSWER: 1," dig.out.3.test$n > /dev/null || ret=1
738$DIG $DIGOPTS @10.53.0.3 SOA  'test\\.baz' > dig.out.4.test$n || ret=1
739grep "status: NOERROR" dig.out.4.test$n > /dev/null || ret=1
740grep "ANSWER: 1," dig.out.4.test$n > /dev/null || ret=1
741$DIG $DIGOPTS @10.53.0.3 SOA  'test\032.baz' > dig.out.5.test$n || ret=1
742grep "status: NOERROR" dig.out.5.test$n > /dev/null || ret=1
743grep "ANSWER: 1," dig.out.5.test$n > /dev/null || ret=1
744$DIG $DIGOPTS @10.53.0.3 SOA  'test\010.baz' > dig.out.6.test$n || ret=1
745grep "status: NOERROR" dig.out.6.test$n > /dev/null || ret=1
746grep "ANSWER: 1," dig.out.6.test$n > /dev/null || ret=1
747if [ $ret != 0 ]; then echo_i "failed"; fi
748status=`expr $status + $ret`
749n=`expr $n + 1`
750
751echo_i "exit status: $status"
752[ $status -eq 0 ] || exit 1
753