1#!/bin/sh -x 2 3# Copyright (C) Internet Systems Consortium, Inc. ("ISC") 4# 5# SPDX-License-Identifier: MPL-2.0 6# 7# This Source Code Form is subject to the terms of the Mozilla Public 8# License, v. 2.0. If a copy of the MPL was not distributed with this 9# file, you can obtain one at https://mozilla.org/MPL/2.0/. 10# 11# See the COPYRIGHT file distributed with this work for additional 12# information regarding copyright ownership. 13 14set -e 15 16# shellcheck source=conf.sh 17. ../conf.sh 18 19dig_with_opts() { 20 "$DIG" -p "${PORT}" "$@" 21} 22 23rndccmd() ( 24 "$RNDC" -c ../_common/rndc.conf -p "${CONTROLPORT}" -s "$@" 25) 26 27_wait_for_message() ( 28 nextpartpeek "$1" >wait_for_message.$n 29 grep -F "$2" wait_for_message.$n >/dev/null 30) 31 32wait_for_message() ( 33 retry_quiet 20 _wait_for_message "$@" 34) 35 36_wait_for_rcode() ( 37 rcode="$1" 38 qtype="$2" 39 ns="$3" 40 qname="$4" 41 file="$5" 42 shift 5 43 dig_with_opts "$ns" "$qtype" "$qname" "$@" >"$file" || return 1 44 grep "status: $rcode" "$file" >/dev/null 45) 46 47wait_for_rcode() ( 48 retry_quiet 10 _wait_for_rcode "$@" 49) 50 51wait_for_soa() ( 52 wait_for_rcode NOERROR SOA "$@" 53) 54 55wait_for_a() ( 56 wait_for_rcode NOERROR A "$@" 57) 58 59wait_for_no_soa() { 60 wait_for_rcode REFUSED SOA "$@" 61} 62 63_wait_for_zonefile() ( 64 # shellcheck disable=SC2234 65 [ -f "$1" ] 66) 67 68wait_for_zonefile() ( 69 retry_quiet 10 _wait_for_zonefile "$@" 70) 71 72_wait_for_no_zonefile() ( 73 # shellcheck disable=SC2234 74 [ ! -f "$1" ] 75) 76 77wait_for_no_zonefile() ( 78 retry_quiet 10 _wait_for_no_zonefile "$@" 79) 80 81status=0 82n=0 83 84########################################################################## 85n=$((n + 1)) 86echo_i "checking that catalog-bad1.example (with no version) has failed to load ($n)" 87ret=0 88wait_for_message ns2/named.run "catz: zone 'catalog-bad1.example' has no 'version' record" \ 89 && wait_for_message ns2/named.run "catz: new catalog zone 'catalog-bad1.example' is broken and will not be processed" || ret=1 90if [ $ret -ne 0 ]; then echo_i "failed"; fi 91status=$((status + ret)) 92 93n=$((n + 1)) 94echo_i "checking that catalog-bad2.example (with unsupported version) has failed to load ($n)" 95ret=0 96wait_for_message ns2/named.run "catz: zone 'catalog-bad2.example' unsupported version '99'" \ 97 && wait_for_message ns2/named.run "catz: new catalog zone 'catalog-bad2.example' is broken and will not be processed" || ret=1 98if [ $ret -ne 0 ]; then echo_i "failed"; fi 99status=$((status + ret)) 100 101n=$((n + 1)) 102echo_i "checking that catalog-bad3.example (with two supported version records) has failed to load ($n)" 103ret=0 104wait_for_message ns2/named.run "catz: 'version' property TXT RRset contains more than one record, which is invalid" \ 105 && wait_for_message ns2/named.run "catz: invalid record in catalog zone - version.catalog-bad3.example IN TXT (failure) - ignoring" \ 106 && wait_for_message ns2/named.run "catz: zone 'catalog-bad3.example' version is not set" \ 107 && wait_for_message ns2/named.run "catz: new catalog zone 'catalog-bad3.example' is broken and will not be processed" || ret=1 108if [ $ret -ne 0 ]; then echo_i "failed"; fi 109status=$((status + ret)) 110 111n=$((n + 1)) 112echo_i "checking that catalog-bad4.example (with only spurious type A version record) has failed to load ($n)" 113ret=0 114wait_for_message ns2/named.run "catz: invalid record in catalog zone - version.catalog-bad4.example IN A (failure) - ignoring" \ 115 && wait_for_message ns2/named.run "catz: zone 'catalog-bad4.example' version is not set" \ 116 && wait_for_message ns2/named.run "catz: new catalog zone 'catalog-bad4.example' is broken and will not be processed" || ret=1 117if [ $ret -ne 0 ]; then echo_i "failed"; fi 118status=$((status + ret)) 119 120n=$((n + 1)) 121echo_i "checking that catalog-bad5.example (non-IN class) has failed to load ($n)" 122ret=0 123wait_for_message ns2/named.run "'catalog-zones' option is only supported for views with class IN" \ 124 && wait_for_message ns2/named.run "all zones loaded" || ret=1 125grep -F "catz: dns_catz_add_zone catalog-bad5.example" ns2/named.run && ret=1 126if [ $ret -ne 0 ]; then echo_i "failed"; fi 127status=$((status + ret)) 128 129nextpart ns2/named.run >/dev/null 130 131########################################################################## 132echo_i "Testing adding/removing of domain in catalog zone" 133n=$((n + 1)) 134echo_i "checking that dom1.example. is not served by primary ($n)" 135ret=0 136wait_for_no_soa @10.53.0.1 dom1.example. dig.out.test$n || ret=1 137if [ $ret -ne 0 ]; then echo_i "failed"; fi 138status=$((status + ret)) 139 140n=$((n + 1)) 141echo_i "Adding a domain dom1.example. to primary via RNDC ($n)" 142ret=0 143# enough initial content for IXFR response when TXT record is added below 144echo "@ 3600 IN SOA . . 1 3600 3600 3600 3600" >ns1/dom1.example.db 145echo "@ 3600 IN NS invalid." >>ns1/dom1.example.db 146echo "foo 3600 IN TXT some content here" >>ns1/dom1.example.db 147echo "bar 3600 IN TXT some content here" >>ns1/dom1.example.db 148echo "xxx 3600 IN TXT some content here" >>ns1/dom1.example.db 149echo "yyy 3600 IN TXT some content here" >>ns1/dom1.example.db 150rndccmd 10.53.0.1 addzone dom1.example. in default '{ type primary; file "dom1.example.db"; allow-update { any; }; notify explicit; also-notify { 10.53.0.2; }; };' || ret=1 151if [ $ret -ne 0 ]; then echo_i "failed"; fi 152status=$((status + ret)) 153 154n=$((n + 1)) 155echo_i "checking that dom1.example. is now served by primary ($n)" 156ret=0 157wait_for_soa @10.53.0.1 dom1.example. dig.out.test$n || ret=1 158if [ $ret -ne 0 ]; then echo_i "failed"; fi 159status=$((status + ret)) 160 161nextpart ns2/named.run >/dev/null 162 163n=$((n + 1)) 164echo_i "Adding domain dom1.example. to catalog1 zone ($n)" 165ret=0 166$NSUPDATE -d <<END >>nsupdate.out.test$n 2>&1 || ret=1 167 server 10.53.0.1 ${PORT} 168 update add e721433b6160b450260d4f54b3ec8bab30cb3b83.zones.catalog1.example. 3600 IN PTR dom1.example. 169 send 170END 171if [ $ret -ne 0 ]; then echo_i "failed"; fi 172status=$((status + ret)) 173 174n=$((n + 1)) 175echo_i "waiting for secondary to sync up ($n)" 176ret=0 177wait_for_message ns2/named.run "catz: adding zone 'dom1.example' from catalog 'catalog1.example'" \ 178 && wait_for_message ns2/named.run "transfer of 'dom1.example/IN/default' from 10.53.0.1#${PORT}: Transfer status: success" || ret=1 179if [ $ret -ne 0 ]; then echo_i "failed"; fi 180status=$((status + ret)) 181 182n=$((n + 1)) 183echo_i "checking that dom1.example. is served by secondary ($n)" 184ret=0 185wait_for_soa @10.53.0.2 dom1.example. dig.out.test$n || ret=1 186if [ $ret -ne 0 ]; then echo_i "failed"; fi 187status=$((status + ret)) 188 189n=$((n + 1)) 190echo_i "checking that zone-directory is populated ($n)" 191ret=0 192wait_for_zonefile "ns2/zonedir/__catz__default_catalog1.example_dom1.example.db" || ret=1 193if [ $ret -ne 0 ]; then echo_i "failed"; fi 194status=$((status + ret)) 195 196nextpart ns2/named.run >/dev/null 197 198n=$((n + 1)) 199echo_i "update dom1.example. ($n)" 200ret=0 201$NSUPDATE -d <<END >>nsupdate.out.test$n 2>&1 || ret=1 202 server 10.53.0.1 ${PORT} 203 update add dom1.example 0 IN TXT added record 204 send 205END 206if [ $ret -ne 0 ]; then echo_i "failed"; fi 207status=$((status + ret)) 208 209n=$((n + 1)) 210echo_i "wait for secondary to be updated ($n)" 211ret=0 212wait_for_txt() { 213 dig_with_opts @10.53.0.2 TXT dom1.example. >dig.out.test$n || return 1 214 grep "ANSWER: 1," dig.out.test$n >/dev/null || return 1 215 grep "status: NOERROR" dig.out.test$n >/dev/null || return 1 216 grep "IN.TXT." dig.out.test$n >/dev/null || return 1 217} 218retry_quiet 10 wait_for_txt || ret=1 219if [ $ret -ne 0 ]; then echo_i "failed"; fi 220status=$((status + ret)) 221 222n=$((n + 1)) 223echo_i "check that journal was created for cleanup test ($n)" 224ret=0 225test -f ns2/zonedir/__catz__default_catalog1.example_dom1.example.db.jnl || ret=1 226if [ $ret -ne 0 ]; then echo_i "failed"; fi 227status=$((status + ret)) 228 229nextpart ns2/named.run >/dev/null 230 231n=$((n + 1)) 232echo_i "update catalog zone serial ($n)" 233ret=0 234# default minimum update rate is once / 5 seconds 235sleep 5 236$NSUPDATE -d <<END >>nsupdate.out.test$n 2>&1 || ret=1 237 server 10.53.0.1 ${PORT} 238 update add catalog1.example 3600 SOA . . 20 86400 3600 86400 3600 239 send 240END 241if [ $ret -ne 0 ]; then echo_i "failed"; fi 242status=$((status + ret)) 243 244n=$((n + 1)) 245echo_i "wait for catalog zone to transfer ($n)" 246ret=0 247wait_for_soa_equal_20() { 248 dig_with_opts @10.53.0.2 SOA catalog1.example. >dig.out.test$n || return 1 249 grep "ANSWER: 1," dig.out.test$n >/dev/null || return 1 250 grep "status: NOERROR" dig.out.test$n >/dev/null || return 1 251 grep 'IN.SOA.\. \. 20 ' dig.out.test$n >/dev/null || return 1 252} 253retry_quiet 10 wait_for_soa_equal_20 || ret=1 254if [ $ret -ne 0 ]; then echo_i "failed"; fi 255status=$((status + ret)) 256 257nextpart ns2/named.run >/dev/null 258 259n=$((n + 1)) 260echo_i "update dom1.example. again ($n)" 261ret=0 262$NSUPDATE -d <<END >>nsupdate.out.test$n 2>&1 || ret=1 263 server 10.53.0.1 ${PORT} 264 update add foo.dom1.example 0 IN TXT added record 265 send 266END 267if [ $ret -ne 0 ]; then echo_i "failed"; fi 268status=$((status + ret)) 269 270n=$((n + 1)) 271echo_i "wait for secondary to be updated again ($n)" 272ret=0 273wait_for_txt() { 274 dig_with_opts @10.53.0.2 TXT foo.dom1.example. >dig.out.test$n || return 1 275 grep "ANSWER: 2," dig.out.test$n >/dev/null || return 1 276 grep "status: NOERROR" dig.out.test$n >/dev/null || return 1 277 grep "IN.TXT." dig.out.test$n >/dev/null || return 1 278} 279retry_quiet 10 wait_for_txt || ret=1 280if [ $ret -ne 0 ]; then echo_i "failed"; fi 281status=$((status + ret)) 282 283n=$((n + 1)) 284echo_i "removing domain dom1.example. from catalog1 zone ($n)" 285ret=0 286$NSUPDATE -d <<END >>nsupdate.out.test$n 2>&1 || ret=1 287 server 10.53.0.1 ${PORT} 288 update delete e721433b6160b450260d4f54b3ec8bab30cb3b83.zones.catalog1.example 289 send 290END 291if [ $ret -ne 0 ]; then echo_i "failed"; fi 292status=$((status + ret)) 293 294n=$((n + 1)) 295echo_i "waiting for secondary to sync up ($n)" 296ret=0 297wait_for_message ns2/named.run "zone_shutdown: zone dom1.example/IN/default: shutting down" || ret=1 298if [ $ret -ne 0 ]; then echo_i "failed"; fi 299status=$((status + ret)) 300 301n=$((n + 1)) 302echo_i "checking that dom1.example. is not served by secondary ($n)" 303ret=0 304wait_for_no_soa @10.53.0.2 dom1.example. dig.out.test$n || ret=1 305if [ $ret -ne 0 ]; then echo_i "failed"; fi 306status=$((status + ret)) 307 308n=$((n + 1)) 309echo_i "checking that zone-directory is emptied ($n)" 310ret=0 311wait_for_no_zonefile "ns2/zonedir/__catz__default_catalog1.example_dom1.example.db" || ret=1 312wait_for_no_zonefile "ns2/zonedir/__catz__default_catalog1.example_dom1.example.db.jnl" || ret=1 313if [ $ret -ne 0 ]; then echo_i "failed"; fi 314status=$((status + ret)) 315 316nextpart ns2/named.run >/dev/null 317 318########################################################################## 319echo_i "Testing various simple operations on domains, including using multiple catalog zones and garbage in zone" 320n=$((n + 1)) 321echo_i "adding domain dom2.example. to primary via RNDC ($n)" 322ret=0 323echo "@ 3600 IN SOA . . 1 3600 3600 3600 3600" >ns1/dom2.example.db 324echo "@ IN NS invalid." >>ns1/dom2.example.db 325echo "@ IN A 192.0.2.1" >>ns1/dom2.example.db 326rndccmd 10.53.0.1 addzone dom2.example. in default '{type primary; file "dom2.example.db";};' || ret=1 327if [ $ret -ne 0 ]; then echo_i "failed"; fi 328status=$((status + ret)) 329 330n=$((n + 1)) 331echo_i "adding domain dom2.example. to primary ns3 via RNDC ($n)" 332ret=0 333echo "@ 3600 IN SOA . . 1 3600 3600 3600 3600" >ns3/dom2.example.db 334echo "@ IN NS invalid." >>ns3/dom2.example.db 335echo "@ IN A 192.0.2.2" >>ns3/dom2.example.db 336rndccmd 10.53.0.3 addzone dom2.example. '{type primary; file "dom2.example.db";};' || ret=1 337if [ $ret -ne 0 ]; then echo_i "failed"; fi 338status=$((status + ret)) 339 340n=$((n + 1)) 341echo_i "adding domain dom4.example. to primary via RNDC ($n)" 342ret=0 343echo "@ 3600 IN SOA . . 1 3600 3600 3600 3600" >ns1/dom4.example.db 344echo "@ IN NS invalid." >>ns1/dom4.example.db 345rndccmd 10.53.0.1 addzone dom4.example. in default '{type primary; file "dom4.example.db";};' || ret=1 346if [ $ret -ne 0 ]; then echo_i "failed"; fi 347status=$((status + ret)) 348 349n=$((n + 1)) 350echo_i "adding domains dom2.example, dom3.example. and some garbage to catalog1 zone ($n)" 351ret=0 352$NSUPDATE -d <<END >>nsupdate.out.test$n 2>&1 || ret=1 353 server 10.53.0.1 ${PORT} 354 update add 636722929740e507aaf27c502812fc395d30fb17.zones.catalog1.example. 3600 IN PTR dom2.example. 355 update add coo.636722929740e507aaf27c502812fc395d30fb17.zones.catalog1.example. 3600 IN TXT "catalog2.example." 356 update add b901f492f3ebf6c1e5b597e51766f02f0479eb03.zones.catalog1.example. 3600 IN PTR dom3.example. 357 update add e721433b6160b450260d4f54b3ec8bab30cb3b83.zones.catalog1.example. 3600 IN NS foo.bar. 358 update add trash.catalog1.example. 3600 IN A 1.2.3.4 359 update add trash2.foo.catalog1.example. 3600 IN A 1.2.3.4 360 update add trash3.zones.catalog1.example. 3600 IN NS a.dom2.example. 361 update add foobarbaz.b901f492f3ebf6c1e5b597e51766f02f0479eb03.zones.catalog1.example. 3600 IN PTR dom3.example. 362 update add blahblah.636722929740e507aaf27c502812fc395d30fb17.zones.catalog1.example. 3600 IN PTR dom2.example. 363 update add foobarbaz.b901f492f3ebf6c1e5b597e51766f02f0479eb03.zones.catalog1.example. 3600 IN APL 1:1.2.3.4/30 364 update add blahblah.636722929740e507aaf27c502812fc395d30fb17.zones.catalog1.example. 3600 IN TXT "blah blah" 365 update add version.catalog1.example. 3600 IN A 1.2.3.4 366 send 367END 368if [ $ret -ne 0 ]; then echo_i "failed"; fi 369status=$((status + ret)) 370 371n=$((n + 1)) 372echo_i "adding domain dom4.example. to catalog2 zone ($n)" 373ret=0 374$NSUPDATE -d <<END >>nsupdate.out.test$n 2>&1 || ret=1 375 server 10.53.0.3 ${PORT} 376 update add de26b88d855397a03f77ff1162fd055d8b419584.zones.catalog2.example. 3600 IN PTR dom4.example. 377 send 378END 379if [ $ret -ne 0 ]; then echo_i "failed"; fi 380status=$((status + ret)) 381 382n=$((n + 1)) 383echo_i "waiting for secondary to sync up ($n)" 384ret=0 385wait_for_message ns2/named.run "catz: updating catalog zone 'catalog2.example' with serial 2670950425" \ 386 && wait_for_message ns2/named.run "catz: adding zone 'dom2.example' from catalog 'catalog1.example'" \ 387 && wait_for_message ns2/named.run "catz: adding zone 'dom3.example' from catalog 'catalog1.example'" \ 388 && wait_for_message ns2/named.run "catz: adding zone 'dom4.example' from catalog 'catalog2.example'" \ 389 && wait_for_message ns2/named.run "transfer of 'dom4.example/IN/default' from 10.53.0.1#${EXTRAPORT1}: Transfer status: success" || ret=1 390if [ $ret -ne 0 ]; then echo_i "failed"; fi 391status=$((status + ret)) 392 393n=$((n + 1)) 394echo_i "checking that dom4.example. is served by secondary ($n)" 395ret=0 396wait_for_soa @10.53.0.2 dom4.example. dig.out.test$n || ret=1 397if [ $ret -ne 0 ]; then echo_i "failed"; fi 398status=$((status + ret)) 399 400n=$((n + 1)) 401echo_i "checking that dom3.example. is not served by primary ($n)" 402ret=0 403wait_for_no_soa @10.53.0.1 dom3.example. dig.out.test$n || ret=1 404if [ $ret -ne 0 ]; then echo_i "failed"; fi 405status=$((status + ret)) 406 407n=$((n + 1)) 408echo_i "adding a domain dom3.example. to primary via RNDC ($n)" 409ret=0 410echo "@ 3600 IN SOA . . 1 3600 3600 3600 3600" >ns1/dom3.example.db 411echo "@ IN NS invalid." >>ns1/dom3.example.db 412rndccmd 10.53.0.1 addzone dom3.example. in default '{type primary; file "dom3.example.db"; also-notify { 10.53.0.2; }; notify explicit; };' || ret=1 413if [ $ret -ne 0 ]; then echo_i "failed"; fi 414status=$((status + ret)) 415 416n=$((n + 1)) 417echo_i "checking that dom3.example. is served by primary ($n)" 418ret=0 419wait_for_soa @10.53.0.1 dom3.example. dig.out.test$n || ret=1 420if [ $ret -ne 0 ]; then echo_i "failed"; fi 421status=$((status + ret)) 422 423n=$((n + 1)) 424echo_i "waiting for secondary to sync up ($n)" 425ret=0 426wait_for_message ns2/named.run "transfer of 'dom2.example/IN/default' from 10.53.0.1#${PORT}: Transfer status: success" \ 427 && wait_for_message ns2/named.run "transfer of 'dom3.example/IN/default' from 10.53.0.1#${PORT}: Transfer status: success" || ret=1 428if [ $ret -ne 0 ]; then echo_i "failed"; fi 429status=$((status + ret)) 430 431n=$((n + 1)) 432echo_i "checking that dom3.example. is served by secondary ($n)" 433ret=0 434wait_for_soa @10.53.0.2 dom3.example. dig.out.test$n || ret=1 435if [ $ret -ne 0 ]; then echo_i "failed"; fi 436status=$((status + ret)) 437 438nextpart ns2/named.run >/dev/null 439 440# The member zone's PTR RRset must have only one record in it. 441# Check that adding a second record to the RRset is caught and such a 442# catalog zone is not processed. 443n=$((n + 1)) 444echo_i "adding domain dom4-reused-label.example. to catalog2 zone, reusing a label ($n)" 445ret=0 446$NSUPDATE -d <<END >>nsupdate.out.test$n 2>&1 || ret=1 447 server 10.53.0.3 ${PORT} 448 update add de26b88d855397a03f77ff1162fd055d8b419584.zones.catalog2.example. 3600 IN PTR dom4-reused-label.example. 449 send 450END 451if [ $ret -ne 0 ]; then echo_i "failed"; fi 452status=$((status + ret)) 453 454n=$((n + 1)) 455echo_i "waiting for secondary to sync up, and checking that the reused label has been caught ($n)" 456ret=0 457wait_for_message ns2/named.run "de26b88d855397a03f77ff1162fd055d8b419584.zones.catalog2.example IN PTR (failure)" \ 458 && wait_for_message ns2/named.run "catz: new catalog zone 'catalog2.example' is broken and will not be processed" || ret=1 459if [ $ret -ne 0 ]; then echo_i "failed"; fi 460status=$((status + ret)) 461 462nextpart ns2/named.run >/dev/null 463 464n=$((n + 1)) 465echo_i "deleting domain dom4-reused-label.example. from catalog2 zone ($n)" 466ret=0 467$NSUPDATE -d <<END >>nsupdate.out.test$n 2>&1 || ret=1 468 server 10.53.0.3 ${PORT} 469 update delete de26b88d855397a03f77ff1162fd055d8b419584.zones.catalog2.example. 3600 IN PTR dom4-reused-label.example. 470 send 471END 472if [ $ret -ne 0 ]; then echo_i "failed"; fi 473status=$((status + ret)) 474 475nextpart ns2/named.run >/dev/null 476 477# Test zone associated state reset. 478n=$((n + 1)) 479echo_i "renaming the label of domain dom4.example. in catalog2 zone ($n)" 480ret=0 481$NSUPDATE -d <<END >>nsupdate.out.test$n 2>&1 || ret=1 482 server 10.53.0.3 ${PORT} 483 update delete de26b88d855397a03f77ff1162fd055d8b419584.zones.catalog2.example. 3600 IN PTR dom4.example. 484 update add dom4-renamed-label.zones.catalog2.example. 3600 IN PTR dom4.example. 485 send 486END 487if [ $ret -ne 0 ]; then echo_i "failed"; fi 488status=$((status + ret)) 489 490n=$((n + 1)) 491echo_i "waiting for secondary to sync up, and checking that the zone has been reset ($n)" 492ret=0 493wait_for_message ns2/named.run "catz: zone 'dom4.example' unique label has changed, reset state" \ 494 && wait_for_message ns2/named.run "catz: deleting zone 'dom4.example' from catalog 'catalog2.example' - success" \ 495 && wait_for_message ns2/named.run "catz: adding zone 'dom4.example' from catalog 'catalog2.example' - success" || ret=1 496if [ $ret -ne 0 ]; then echo_i "failed"; fi 497status=$((status + ret)) 498 499nextpart ns2/named.run >/dev/null 500 501n=$((n + 1)) 502echo_i "adding domain dom2.example. to catalog2 zone to test change of ownership ($n)" 503ret=0 504$NSUPDATE -d <<END >>nsupdate.out.test$n 2>&1 || ret=1 505 server 10.53.0.3 ${PORT} 506 update add dom2-without-coo.zones.catalog2.example. 3600 IN PTR dom2.example. 507 update add primaries.dom2-without-coo.zones.catalog2.example. 3600 IN A 10.53.0.3 508 send 509END 510if [ $ret -ne 0 ]; then echo_i "failed"; fi 511status=$((status + ret)) 512 513n=$((n + 1)) 514echo_i "waiting for secondary to sync up ($n)" 515ret=0 516wait_for_message ns2/named.run "catz: adding zone 'dom2.example' from catalog 'catalog2.example'" || ret=1 517if [ $ret -ne 0 ]; then echo_i "failed"; fi 518status=$((status + ret)) 519 520n=$((n + 1)) 521echo_i "checking that unpermitted change of ownership did not happen ($n)" 522ret=0 523wait_for_message ns2/named.run "catz_addmodzone_taskaction: zone 'dom2.example' will not be added because another catalog zone already contains an entry with that zone" || ret=1 524if [ $ret -ne 0 ]; then echo_i "failed"; fi 525status=$((status + ret)) 526 527n=$((n + 1)) 528echo_i "checking that dom2.example. is served by secondary and that it's the one from ns1 ($n)" 529ret=0 530wait_for_a @10.53.0.2 dom2.example. dig.out.test$n || ret=1 531grep "192.0.2.1" dig.out.test$n >/dev/null || ret=1 532if [ $ret -ne 0 ]; then echo_i "failed"; fi 533status=$((status + ret)) 534 535nextpart ns2/named.run >/dev/null 536 537n=$((n + 1)) 538echo_i "adding change of ownership permission record for dom2.example. into catalog1 zone ($n)" 539ret=0 540$NSUPDATE -d <<END >>nsupdate.out.test$n 2>&1 || ret=1 541 server 10.53.0.1 ${PORT} 542 update add coo.636722929740e507aaf27c502812fc395d30fb17.zones.catalog1.example. 3600 IN PTR catalog2.example. 543 send 544END 545if [ $ret -ne 0 ]; then echo_i "failed"; fi 546status=$((status + ret)) 547 548n=$((n + 1)) 549echo_i "waiting for secondary to sync up ($n)" 550ret=0 551wait_for_message ns2/named.run "catz: updating catalog zone 'catalog1.example'" \ 552 && wait_for_message ns2/named.run "catz: update_from_db: new zone merged" || ret=1 553if [ $ret -ne 0 ]; then echo_i "failed"; fi 554status=$((status + ret)) 555 556n=$((n + 1)) 557echo_i "updating catalog2 zone to initiate a zone transfer ($n)" 558ret=0 559$NSUPDATE -d <<END >>nsupdate.out.test$n 2>&1 || ret=1 560 server 10.53.0.3 ${PORT} 561 update delete dom2-without-coo.zones.catalog2.example. 3600 IN PTR dom2.example. 562 update delete primaries.dom2-without-coo.zones.catalog2.example. 3600 IN A 10.53.0.3 563 update add dom2-with-coo.zones.catalog2.example. 3600 IN PTR dom2.example. 564 update add primaries.dom2-with-coo.zones.catalog2.example. 3600 IN A 10.53.0.3 565 send 566END 567if [ $ret -ne 0 ]; then echo_i "failed"; fi 568status=$((status + ret)) 569 570n=$((n + 1)) 571echo_i "waiting for secondary to sync up and checking that the change of ownership was successful ($n)" 572ret=0 573wait_for_message ns2/named.run "catz: zone 'dom2.example' change of ownership from 'catalog1.example' to 'catalog2.example'" \ 574 && wait_for_message ns2/named.run "catz: deleting zone 'dom2.example' from catalog 'catalog1.example' - success" \ 575 && wait_for_message ns2/named.run "catz: adding zone 'dom2.example' from catalog 'catalog2.example'" \ 576 && wait_for_message ns2/named.run "transfer of 'dom2.example/IN/default' from 10.53.0.3#${PORT}: Transfer status: success" || ret=1 577if [ $ret -ne 0 ]; then echo_i "failed"; fi 578status=$((status + ret)) 579 580n=$((n + 1)) 581echo_i "checking that dom2.example. is served by secondary and that it's now the one from ns3 ($n)" 582ret=0 583wait_for_a @10.53.0.2 dom2.example. dig.out.test$n || ret=1 584grep "192.0.2.2" dig.out.test$n >/dev/null || ret=1 585if [ $ret -ne 0 ]; then echo_i "failed"; fi 586status=$((status + ret)) 587 588nextpart ns2/named.run >/dev/null 589 590n=$((n + 1)) 591echo_i "removing dom2.example. and its change of ownership permission record from catalog1 zone ($n)" 592ret=0 593$NSUPDATE -d <<END >>nsupdate.out.test$n 2>&1 || ret=1 594 server 10.53.0.1 ${PORT} 595 update delete 636722929740e507aaf27c502812fc395d30fb17.zones.catalog1.example. 3600 IN PTR dom2.example. 596 update delete coo.636722929740e507aaf27c502812fc395d30fb17.zones.catalog1.example. 3600 IN PTR catalog2.example. 597 send 598END 599if [ $ret -ne 0 ]; then echo_i "failed"; fi 600status=$((status + ret)) 601 602n=$((n + 1)) 603echo_i "waiting for secondary to sync up ($n)" 604ret=0 605wait_for_message ns2/named.run "catz: update_from_db: iteration finished" || ret=1 606if [ $ret -ne 0 ]; then echo_i "failed"; fi 607status=$((status + ret)) 608 609nextpart ns2/named.run >/dev/null 610 611n=$((n + 1)) 612echo_i "adding change of ownership permission record for dom2.example. into catalog2 zone ($n)" 613ret=0 614$NSUPDATE -d <<END >>nsupdate.out.test$n 2>&1 || ret=1 615 server 10.53.0.3 ${PORT} 616 update add coo.dom2-with-coo.zones.catalog2.example. 3600 IN PTR catalog1.example. 617 send 618END 619if [ $ret -ne 0 ]; then echo_i "failed"; fi 620status=$((status + ret)) 621 622n=$((n + 1)) 623echo_i "waiting for secondary to sync up ($n)" 624ret=0 625wait_for_message ns2/named.run "catz: update_from_db: iteration finished" || ret=1 626if [ $ret -ne 0 ]; then echo_i "failed"; fi 627status=$((status + ret)) 628 629nextpart ns2/named.run >/dev/null 630 631n=$((n + 1)) 632echo_i "adding back dom2.example. into catalog1 zone ($n)" 633ret=0 634$NSUPDATE -d <<END >>nsupdate.out.test$n 2>&1 || ret=1 635 server 10.53.0.1 ${PORT} 636 update add 636722929740e507aaf27c502812fc395d30fb17.zones.catalog1.example. 3600 IN PTR dom2.example. 637 send 638END 639if [ $ret -ne 0 ]; then echo_i "failed"; fi 640status=$((status + ret)) 641 642n=$((n + 1)) 643echo_i "checking that the change of ownership did not happen because version '1' catalog2 zone does not support the 'coo' property ($n)" 644ret=0 645wait_for_message ns2/named.run "catz_addmodzone_taskaction: zone 'dom2.example' will not be added because another catalog zone already contains an entry with that zone" || ret=1 646if [ $ret -ne 0 ]; then echo_i "failed"; fi 647status=$((status + ret)) 648 649n=$((n + 1)) 650echo_i "checking that dom2.example. is still served by secondary and that it's still the one from ns3 ($n)" 651ret=0 652wait_for_a @10.53.0.2 dom2.example. dig.out.test$n || ret=1 653grep "192.0.2.2" dig.out.test$n >/dev/null || ret=1 654if [ $ret -ne 0 ]; then echo_i "failed"; fi 655status=$((status + ret)) 656 657nextpart ns2/named.run >/dev/null 658 659# GL #3060 660n=$((n + 1)) 661echo_i "reconfiguring secondary - checking if catz survives a certain class of failed reconfiguration attempts ($n)" 662ret=0 663sed -e "s/^#T3//" <ns2/named1.conf.in >ns2/named.conf.tmp 664copy_setports ns2/named.conf.tmp ns2/named.conf 665$RNDC -c ../_common/rndc.conf -s 10.53.0.2 -p "${CONTROLPORT}" reconfig >/dev/null 2>&1 && ret=1 666if [ $ret -ne 0 ]; then echo_i "failed"; fi 667status=$((status + ret)) 668 669n=$((n + 1)) 670echo_i "checking again that dom3.example. is served by secondary ($n)" 671ret=0 672wait_for_soa @10.53.0.2 dom3.example. dig.out.test$n || ret=1 673if [ $ret -ne 0 ]; then echo_i "failed"; fi 674status=$((status + ret)) 675 676n=$((n + 1)) 677echo_i "reconfiguring secondary - reverting the bad configuration ($n)" 678ret=0 679copy_setports ns2/named1.conf.in ns2/named.conf 680rndccmd 10.53.0.2 reconfig || ret=1 681if [ $ret -ne 0 ]; then echo_i "failed"; fi 682status=$((status + ret)) 683 684nextpart ns2/named.run >/dev/null 685 686# GL #3911 687n=$((n + 1)) 688echo_i "reconfiguring secondary - checking if catz survives another type of failed reconfiguration attempts ($n)" 689ret=0 690sed -e "s/^#T4//" <ns2/named1.conf.in >ns2/named.conf.tmp 691copy_setports ns2/named.conf.tmp ns2/named.conf 692$RNDC -c ../_common/rndc.conf -s 10.53.0.2 -p "${CONTROLPORT}" reconfig >/dev/null 2>&1 && ret=1 693if [ $ret -ne 0 ]; then echo_i "failed"; fi 694status=$((status + ret)) 695 696# catalog zone update can be deferred 697sleep 2 698 699n=$((n + 1)) 700echo_i "checking again that dom3.example. is served by secondary ($n)" 701ret=0 702wait_for_soa @10.53.0.2 dom3.example. dig.out.test$n || ret=1 703if [ $ret -ne 0 ]; then echo_i "failed"; fi 704status=$((status + ret)) 705 706n=$((n + 1)) 707echo_i "reconfiguring secondary - reverting the bad configuration ($n)" 708ret=0 709copy_setports ns2/named1.conf.in ns2/named.conf 710rndccmd 10.53.0.2 reconfig || ret=1 711if [ $ret -ne 0 ]; then echo_i "failed"; fi 712status=$((status + ret)) 713 714nextpart ns2/named.run >/dev/null 715 716n=$((n + 1)) 717echo_i "adding a domain dom-existing.example. to primary via RNDC ($n)" 718ret=0 719echo "@ 3600 IN SOA . . 1 3600 3600 3600 3600" >ns1/dom-existing.example.db 720echo "@ IN NS invalid." >>ns1/dom-existing.example.db 721echo "@ IN A 192.0.2.1" >>ns1/dom-existing.example.db 722rndccmd 10.53.0.1 addzone dom-existing.example. in default '{type primary; file "dom-existing.example.db"; also-notify { 10.53.0.2; }; notify explicit; };' || ret=1 723if [ $ret -ne 0 ]; then echo_i "failed"; fi 724status=$((status + ret)) 725 726n=$((n + 1)) 727echo_i "checking that dom-existing.example. is served by primary ($n)" 728ret=0 729wait_for_a @10.53.0.1 dom-existing.example. dig.out.test$n || ret=1 730if [ $ret -ne 0 ]; then echo_i "failed"; fi 731status=$((status + ret)) 732 733n=$((n + 1)) 734echo_i "adding domain dom-existing.example. to catalog1 zone to test that existing zones don't get overwritten ($n)" 735ret=0 736$NSUPDATE -d <<END >>nsupdate.out.test$n 2>&1 || ret=1 737 server 10.53.0.1 ${PORT} 738 update add dom-existing.zones.catalog1.example. 3600 IN PTR dom-existing.example. 739 send 740END 741if [ $ret -ne 0 ]; then echo_i "failed"; fi 742status=$((status + ret)) 743 744n=$((n + 1)) 745echo_i "waiting for secondary to sync up ($n)" 746ret=0 747wait_for_message ns2/named.run "catz: adding zone 'dom-existing.example' from catalog 'catalog1.example'" \ 748 && wait_for_message ns2/named.run "catz_addmodzone_taskaction: zone 'dom-existing.example' will not be added because it is an explicitly configured zone" || ret=1 749if [ $ret -ne 0 ]; then echo_i "failed"; fi 750status=$((status + ret)) 751 752n=$((n + 1)) 753echo_i "checking that dom-existing.example. is served by secondary and that it's not the one from the primary ns1 ($n)" 754ret=0 755wait_for_a @10.53.0.2 dom-existing.example. dig.out.test$n || ret=1 756grep "192.0.2.1" dig.out.test$n >/dev/null && ret=1 757if [ $ret -ne 0 ]; then echo_i "failed"; fi 758status=$((status + ret)) 759 760nextpart ns2/named.run >/dev/null 761 762n=$((n + 1)) 763echo_i "adding a domain dom-existing-forward.example. to primary via RNDC ($n)" 764ret=0 765echo "@ 3600 IN SOA . . 1 3600 3600 3600 3600" >ns1/dom-existing-forward.example.db 766echo "@ IN NS invalid." >>ns1/dom-existing-forward.example.db 767echo "@ IN A 192.0.2.1" >>ns1/dom-existing-forward.example.db 768rndccmd 10.53.0.1 addzone dom-existing-forward.example. in default '{type primary; file "dom-existing-forward.example.db"; also-notify { 10.53.0.2; }; notify explicit; };' || ret=1 769if [ $ret -ne 0 ]; then echo_i "failed"; fi 770status=$((status + ret)) 771 772n=$((n + 1)) 773echo_i "checking that dom-existing-forward.example. is served by primary ($n)" 774ret=0 775wait_for_a @10.53.0.1 dom-existing-forward.example. dig.out.test$n || ret=1 776if [ $ret -ne 0 ]; then echo_i "failed"; fi 777status=$((status + ret)) 778 779n=$((n + 1)) 780echo_i "adding domain dom-existing-forward.example. to catalog1 zone to test that existing forward zones don't get overwritten ($n)" 781ret=0 782$NSUPDATE -d <<END >>nsupdate.out.test$n 2>&1 || ret=1 783 server 10.53.0.1 ${PORT} 784 update add dom-existing-forward.zones.catalog1.example. 3600 IN PTR dom-existing-forward.example. 785 send 786END 787if [ $ret -ne 0 ]; then echo_i "failed"; fi 788status=$((status + ret)) 789 790n=$((n + 1)) 791echo_i "waiting for secondary to sync up ($n)" 792ret=0 793wait_for_message ns2/named.run "catz: adding zone 'dom-existing-forward.example' from catalog 'catalog1.example'" \ 794 && wait_for_message ns2/named.run "catz_addmodzone_taskaction: zone 'dom-existing-forward.example' will not be processed because of the explicitly configured forwarding for that zone" || ret=1 795if [ $ret -ne 0 ]; then echo_i "failed"; fi 796status=$((status + ret)) 797 798n=$((n + 1)) 799echo_i "checking that dom-existing-forward.example. is not served by secondary ($n)" 800ret=0 801wait_for_no_soa @10.53.0.2 dom-existing-forward.example. dig.out.test$n || ret=1 802if [ $ret -ne 0 ]; then echo_i "failed"; fi 803status=$((status + ret)) 804 805nextpart ns2/named.run >/dev/null 806 807n=$((n + 1)) 808echo_i "adding a domain dom-existing-forward-off.example. to primary via RNDC ($n)" 809ret=0 810echo "@ 3600 IN SOA . . 1 3600 3600 3600 3600" >ns1/dom-existing-forward-off.example.db 811echo "@ IN NS invalid." >>ns1/dom-existing-forward-off.example.db 812echo "@ IN A 192.0.2.1" >>ns1/dom-existing-forward-off.example.db 813rndccmd 10.53.0.1 addzone dom-existing-forward-off.example. in default '{type primary; file "dom-existing-forward-off.example.db"; also-notify { 10.53.0.2; }; notify explicit; };' || ret=1 814if [ $ret -ne 0 ]; then echo_i "failed"; fi 815status=$((status + ret)) 816 817n=$((n + 1)) 818echo_i "checking that dom-existing-forward-off.example. is served by primary ($n)" 819ret=0 820wait_for_a @10.53.0.1 dom-existing-forward-off.example. dig.out.test$n || ret=1 821if [ $ret -ne 0 ]; then echo_i "failed"; fi 822status=$((status + ret)) 823 824n=$((n + 1)) 825echo_i "adding domain dom-existing-forward-off.example. to catalog1 zone to test that a zone with turned off forwarding can be used in a catalog zone ($n)" 826ret=0 827$NSUPDATE -d <<END >>nsupdate.out.test$n 2>&1 || ret=1 828 server 10.53.0.1 ${PORT} 829 update add dom-existing-forward-off.zones.catalog1.example. 3600 IN PTR dom-existing-forward-off.example. 830 send 831END 832if [ $ret -ne 0 ]; then echo_i "failed"; fi 833status=$((status + ret)) 834 835n=$((n + 1)) 836echo_i "waiting for secondary to sync up ($n)" 837ret=0 838wait_for_message ns2/named.run "catz: adding zone 'dom-existing-forward-off.example' from catalog 'catalog1.example'" \ 839 && if [ $ret -ne 0 ]; then echo_i "failed"; fi 840status=$((status + ret)) 841 842n=$((n + 1)) 843echo_i "checking that dom-existing-forward-off.example. is served by secondary ($n)" 844ret=0 845wait_for_soa @10.53.0.2 dom-existing-forward-off.example. dig.out.test$n || ret=1 846if [ $ret -ne 0 ]; then echo_i "failed"; fi 847status=$((status + ret)) 848 849n=$((n + 1)) 850echo_i "removing all records from catalog1 zone ($n)" 851ret=0 852$NSUPDATE -d <<END >>nsupdate.out.test$n 2>&1 || ret=1 853 server 10.53.0.1 ${PORT} 854 update delete 636722929740e507aaf27c502812fc395d30fb17.zones.catalog1.example. 3600 IN PTR dom2.example. 855 update delete coo.636722929740e507aaf27c502812fc395d30fb17.zones.catalog1.example. 3600 IN TXT "catalog2.example." 856 update delete b901f492f3ebf6c1e5b597e51766f02f0479eb03.zones.catalog1.example. 3600 IN PTR dom3.example. 857 update delete e721433b6160b450260d4f54b3ec8bab30cb3b83.zones.catalog1.example. 3600 IN NS foo.bar. 858 update delete trash.catalog1.example. 3600 IN A 1.2.3.4 859 update delete trash2.foo.catalog1.example. 3600 IN A 1.2.3.4 860 update delete trash3.zones.catalog1.example. 3600 IN NS a.dom2.example. 861 update delete foobarbaz.b901f492f3ebf6c1e5b597e51766f02f0479eb03.zones.catalog1.example. 3600 IN PTR dom3.example. 862 update delete blahblah.636722929740e507aaf27c502812fc395d30fb17.zones.catalog1.example. 3600 IN PTR dom2.example. 863 update delete foobarbaz.b901f492f3ebf6c1e5b597e51766f02f0479eb03.zones.catalog1.example. 3600 IN APL 1:1.2.3.4/30 864 update delete blahblah.636722929740e507aaf27c502812fc395d30fb17.zones.catalog1.example. 3600 IN TXT "blah blah" 865 update delete version.catalog1.example. 3600 IN A 1.2.3.4 866 update delete dom-existing.zones.catalog1.example. 3600 IN PTR dom-existing.example. 867 update delete dom-existing-forward.zones.catalog1.example. 3600 IN PTR dom-existing-forward.example. 868 update delete dom-existing-forward-off.zones.catalog1.example. 3600 IN PTR dom-existing-forward.example. 869 send 870END 871if [ $ret -ne 0 ]; then echo_i "failed"; fi 872status=$((status + ret)) 873 874n=$((n + 1)) 875echo_i "removing all records from catalog2 zone ($n)" 876ret=0 877$NSUPDATE -d <<END >>nsupdate.out.test$n 2>&1 || ret=1 878 server 10.53.0.3 ${PORT} 879 update delete dom2-with-coo.zones.catalog2.example. 3600 IN PTR dom2.example. 880 update delete primaries.dom2-with-coo.zones.catalog2.example. 3600 IN A 10.53.0.3 881 update delete coo.dom2-with-coo.zones.catalog2.example. 3600 IN PTR catalog1.example. 882 update delete dom4-renamed-label.zones.catalog2.example. 3600 IN PTR dom4.example. 883 send 884END 885if [ $ret -ne 0 ]; then echo_i "failed"; fi 886status=$((status + ret)) 887 888########################################################################## 889echo_i "Testing primaries suboption and random labels" 890n=$((n + 1)) 891echo_i "adding dom5.example. with a valid primaries suboption (IP without TSIG) and a random label ($n)" 892ret=0 893$NSUPDATE -d <<END >>nsupdate.out.test$n 2>&1 || ret=1 894 server 10.53.0.1 ${PORT} 895 update add somerandomlabel.zones.catalog1.example. 3600 IN PTR dom5.example. 896 update add primaries.ext.somerandomlabel.zones.catalog1.example. 3600 IN A 10.53.0.3 897 send 898END 899if [ $ret -ne 0 ]; then echo_i "failed"; fi 900status=$((status + ret)) 901 902n=$((n + 1)) 903echo_i "waiting for secondary to sync up ($n)" 904ret=0 905wait_for_message ns2/named.run "catz: adding zone 'dom5.example' from catalog 'catalog1.example'" \ 906 && wait_for_message ns2/named.run "transfer of 'dom5.example/IN/default' from 10.53.0.3#${PORT}: Transfer status: success" || ret=1 907if [ $ret -ne 0 ]; then echo_i "failed"; fi 908status=$((status + ret)) 909 910n=$((n + 1)) 911echo_i "checking that dom5.example. is served by secondary ($n)" 912ret=0 913wait_for_soa @10.53.0.2 dom5.example. dig.out.test$n || ret=1 914if [ $ret -ne 0 ]; then echo_i "failed"; fi 915status=$((status + ret)) 916 917n=$((n + 1)) 918echo_i "removing dom5.example. ($n)" 919ret=0 920$NSUPDATE -d <<END >>nsupdate.out.test$n 2>&1 || ret=1 921 server 10.53.0.1 ${PORT} 922 update delete somerandomlabel.zones.catalog1.example. 3600 IN PTR dom5.example. 923 update delete primaries.somerandomlabel.zones.catalog1.example. 3600 IN A 10.53.0.3 924 send 925END 926if [ $ret -ne 0 ]; then echo_i "failed"; fi 927status=$((status + ret)) 928 929n=$((n + 1)) 930echo_i "waiting for secondary to sync up ($n)" 931ret=0 932wait_for_message ns2/named.run "zone_shutdown: zone dom5.example/IN/default: shutting down" || ret=1 933if [ $ret -ne 0 ]; then echo_i "failed"; fi 934status=$((status + ret)) 935 936n=$((n + 1)) 937echo_i "checking that dom5.example. is no longer served by secondary ($n)" 938ret=0 939wait_for_no_soa @10.53.0.2 dom5.example. dig.out.test$n || ret=1 940if [ $ret -ne 0 ]; then echo_i "failed"; fi 941status=$((status + ret)) 942 943########################################################################## 944echo_i "Testing primaries global option" 945n=$((n + 1)) 946echo_i "adding dom6.example. and a valid global primaries option (IP without TSIG) ($n)" 947ret=0 948$NSUPDATE -d <<END >>nsupdate.out.test$n 2>&1 || ret=1 949 server 10.53.0.1 ${PORT} 950 update add primaries.ext.catalog1.example. 3600 IN A 10.53.0.3 951 update add primaries.ext.catalog1.example. 3600 IN AAAA fd92:7065:b8e:ffff::3 952 update add 4346f565b4d63ddb99e5d2497ff22d04e878e8f8.zones.catalog1.example. 3600 IN PTR dom6.example. 953 send 954END 955if [ $ret -ne 0 ]; then echo_i "failed"; fi 956status=$((status + ret)) 957 958n=$((n + 1)) 959echo_i "waiting for secondary to sync up ($n)" 960ret=0 961wait_for_message ns2/named.run "catz: adding zone 'dom6.example' from catalog 'catalog1.example'" \ 962 && wait_for_message ns2/named.run "transfer of 'dom6.example/IN/default' from " >/dev/null || ret=1 963if [ $ret -ne 0 ]; then echo_i "failed"; fi 964status=$((status + ret)) 965 966n=$((n + 1)) 967echo_i "checking that dom6.example. is served by secondary ($n)" 968ret=0 969wait_for_soa @10.53.0.2 dom6.example. dig.out.test$n || ret=1 970if [ $ret -ne 0 ]; then echo_i "failed"; fi 971status=$((status + ret)) 972 973n=$((n + 1)) 974echo_i "removing dom6.example. ($n)" 975ret=0 976$NSUPDATE -d <<END >>nsupdate.out.test$n 2>&1 || ret=1 977 server 10.53.0.1 ${PORT} 978 update delete primaries.ext.catalog1.example. 3600 IN A 10.53.0.3 979 update delete primaries.ext.catalog1.example. 3600 IN AAAA fd92:7065:b8e:ffff::3 980 update delete 4346f565b4d63ddb99e5d2497ff22d04e878e8f8.zones.catalog1.example. 3600 IN PTR dom6.example. 981 send 982END 983if [ $ret -ne 0 ]; then echo_i "failed"; fi 984status=$((status + ret)) 985 986n=$((n + 1)) 987echo_i "waiting for secondary to sync up ($n)" 988ret=0 989wait_for_message ns2/named.run "zone_shutdown: zone dom6.example/IN/default: shutting down" || ret=1 990if [ $ret -ne 0 ]; then echo_i "failed"; fi 991status=$((status + ret)) 992 993n=$((n + 1)) 994echo_i "checking that dom6.example. is no longer served by secondary ($n)" 995ret=0 996wait_for_no_soa @10.53.0.2 dom6.example. dig.out.test$n || ret=1 997if [ $ret -ne 0 ]; then echo_i "failed"; fi 998status=$((status + ret)) 999 1000nextpart ns2/named.run >/dev/null 1001 1002n=$((n + 1)) 1003echo_i "adding dom6.example. and an invalid global primaries option (TSIG without IP) ($n)" 1004ret=0 1005$NSUPDATE -d <<END >>nsupdate.out.test$n 2>&1 || ret=1 1006 server 10.53.0.1 ${PORT} 1007 update add label1.primaries.ext.catalog1.example. 3600 IN TXT "tsig_key" 1008 update add 4346f565b4d63ddb99e5d2497ff22d04e878e8f8.zones.catalog1.example. 3600 IN PTR dom6.example. 1009 send 1010END 1011if [ $ret -ne 0 ]; then echo_i "failed"; fi 1012status=$((status + ret)) 1013 1014n=$((n + 1)) 1015echo_i "waiting for secondary to sync up ($n)" 1016ret=0 1017wait_for_message ns2/named.run "catz: adding zone 'dom6.example' from catalog 'catalog1.example'" \ 1018 && wait_for_message ns2/named.run "error \"failure\" while trying to generate config for zone 'dom6.example'" || ret=1 1019if [ $ret -ne 0 ]; then echo_i "failed"; fi 1020status=$((status + ret)) 1021 1022n=$((n + 1)) 1023echo_i "removing dom6.example. ($n)" 1024ret=0 1025$NSUPDATE -d <<END >>nsupdate.out.test$n 2>&1 || ret=1 1026 server 10.53.0.1 ${PORT} 1027 update delete label1.primaries.ext.catalog1.example. 3600 IN TXT "tsig_key" 1028 update delete 4346f565b4d63ddb99e5d2497ff22d04e878e8f8.zones.catalog1.example. 3600 IN PTR dom6.example. 1029 send 1030END 1031if [ $ret -ne 0 ]; then echo_i "failed"; fi 1032status=$((status + ret)) 1033 1034n=$((n + 1)) 1035echo_i "waiting for secondary to sync up ($n)" 1036ret=0 1037wait_for_message ns2/named.run "catz: deleting zone 'dom6.example' from catalog 'catalog1.example' - success" >/dev/null || ret=1 1038if [ $ret -ne 0 ]; then echo_i "failed"; fi 1039status=$((status + ret)) 1040 1041########################################################################## 1042n=$((n + 1)) 1043echo_i "Checking that a missing zone directory forces in-memory ($n)" 1044ret=0 1045grep "'nonexistent' not found; zone files will not be saved" ns2/named.run >/dev/null || ret=1 1046if [ $ret -ne 0 ]; then echo_i "failed"; fi 1047status=$((status + ret)) 1048 1049########################################################################## 1050echo_i "Testing allow-query and allow-transfer ACLs" 1051n=$((n + 1)) 1052echo_i "adding domains dom7.example. and dom8.example. to primary via RNDC ($n)" 1053ret=0 1054echo "@ 3600 IN SOA . . 1 3600 3600 3600 3600" >ns1/dom7.example.db 1055echo "@ IN NS invalid." >>ns1/dom7.example.db 1056rndccmd 10.53.0.1 addzone dom7.example. in default '{type primary; file "dom7.example.db";};' || ret=1 1057if [ $ret -ne 0 ]; then echo_i "failed"; fi 1058status=$((status + ret)) 1059echo "@ 3600 IN SOA . . 1 3600 3600 3600 3600" >ns1/dom8.example.db 1060echo "@ IN NS invalid." >>ns1/dom8.example.db 1061rndccmd 10.53.0.1 addzone dom8.example. in default '{type primary; file "dom8.example.db";};' || ret=1 1062if [ $ret -ne 0 ]; then echo_i "failed"; fi 1063status=$((status + ret)) 1064 1065n=$((n + 1)) 1066echo_i "checking that dom7.example. is now served by primary ($n)" 1067ret=0 1068wait_for_soa @10.53.0.1 dom7.example. dig.out.test$n || ret=1 1069if [ $ret -ne 0 ]; then echo_i "failed"; fi 1070status=$((status + ret)) 1071 1072nextpart ns2/named.run >/dev/null 1073 1074n=$((n + 1)) 1075echo_i "adding domain dom7.example. to catalog1 zone with an allow-query statement ($n)" 1076ret=0 1077$NSUPDATE -d <<END >>nsupdate.out.test$n 2>&1 || ret=1 1078 server 10.53.0.1 ${PORT} 1079 update add 78833ec3c0059fd4540fee81c7eaddce088e7cd7.zones.catalog1.example. 3600 IN PTR dom7.example. 1080 update add allow-query.ext.78833ec3c0059fd4540fee81c7eaddce088e7cd7.zones.catalog1.example. 3600 IN APL 1:10.53.0.1/32 !1:10.53.0.0/30 1:0.0.0.0/0 1081 send 1082END 1083if [ $ret -ne 0 ]; then echo_i "failed"; fi 1084status=$((status + ret)) 1085 1086n=$((n + 1)) 1087echo_i "waiting for secondary to sync up ($n)" 1088ret=0 1089wait_for_message ns2/named.run "catz: adding zone 'dom7.example' from catalog 'catalog1.example'" >/dev/null \ 1090 && wait_for_message ns2/named.run "transfer of 'dom7.example/IN/default' from 10.53.0.1#${PORT}: Transfer status: success" || ret=1 1091if [ $ret -ne 0 ]; then echo_i "failed"; fi 1092status=$((status + ret)) 1093 1094n=$((n + 1)) 1095echo_i "checking that dom7.example. is accessible from 10.53.0.1 ($n)" 1096ret=0 1097wait_for_soa @10.53.0.2 dom7.example. dig.out.test$n -b 10.53.0.1 || ret=1 1098if [ $ret -ne 0 ]; then echo_i "failed"; fi 1099status=$((status + ret)) 1100 1101n=$((n + 1)) 1102echo_i "checking that dom7.example. is not accessible from 10.53.0.2 ($n)" 1103ret=0 1104wait_for_no_soa @10.53.0.2 dom7.example. dig.out.test$n -b 10.53.0.2 || ret=1 1105if [ $ret -ne 0 ]; then echo_i "failed"; fi 1106status=$((status + ret)) 1107 1108n=$((n + 1)) 1109echo_i "checking that dom7.example. is accessible from 10.53.0.5 ($n)" 1110ret=0 1111wait_for_soa @10.53.0.2 dom7.example. dig.out.test$n -b 10.53.0.5 || ret=1 1112if [ $ret -ne 0 ]; then echo_i "failed"; fi 1113status=$((status + ret)) 1114 1115nextpart ns2/named.run >/dev/null 1116n=$((n + 1)) 1117echo_i "adding dom8.example. domain and global allow-query and allow-transfer ACLs ($n)" 1118ret=0 1119$NSUPDATE -d <<END >>nsupdate.out.test$n 2>&1 || ret=1 1120 server 10.53.0.1 ${PORT} 1121 update add cba95222e308baba42417be6021026fdf20827b6.zones.catalog1.example. 3600 IN PTR dom8.example 1122 update add allow-query.ext.catalog1.example. 3600 IN APL 1:10.53.0.1/32 1123 update add allow-transfer.ext.catalog1.example. 3600 IN APL 1:10.53.0.2/32 1124 send 1125END 1126if [ $ret -ne 0 ]; then echo_i "failed"; fi 1127status=$((status + ret)) 1128 1129n=$((n + 1)) 1130echo_i "waiting for secondary to sync up ($n)" 1131ret=0 1132wait_for_message ns2/named.run "catz: update_from_db: new zone merged" \ 1133 && wait_for_message ns2/named.run "transfer of 'dom8.example/IN/default' from 10.53.0.1#${PORT}: Transfer status: success" || ret=1 1134if [ $ret -ne 0 ]; then echo_i "failed"; fi 1135status=$((status + ret)) 1136 1137n=$((n + 1)) 1138echo_i "checking that dom8.example. is accessible from 10.53.0.1 ($n)" 1139ret=0 1140wait_for_soa @10.53.0.2 dom8.example. dig.out.test$n -b 10.53.0.1 || ret=1 1141if [ $ret -ne 0 ]; then echo_i "failed"; fi 1142status=$((status + ret)) 1143 1144n=$((n + 1)) 1145echo_i "checking that dom8.example. is not accessible from 10.53.0.2 ($n)" 1146ret=0 1147wait_for_no_soa @10.53.0.2 dom8.example. dig.out.test$n -b 10.53.0.2 || ret=1 1148if [ $ret -ne 0 ]; then echo_i "failed"; fi 1149status=$((status + ret)) 1150 1151n=$((n + 1)) 1152echo_i "checking that dom8.example. is not AXFR accessible from 10.53.0.1 ($n)" 1153ret=0 1154dig_with_opts @10.53.0.2 axfr dom8.example. -b 10.53.0.1 >dig.out.test$n || ret=1 1155grep "Transfer failed." dig.out.test$n >/dev/null || ret=1 1156if [ $ret -ne 0 ]; then echo_i "failed"; fi 1157status=$((status + ret)) 1158 1159n=$((n + 1)) 1160echo_i "checking that dom8.example. is AXFR accessible from 10.53.0.2 ($n)" 1161ret=0 1162dig_with_opts @10.53.0.2 axfr dom8.example. -b 10.53.0.2 >dig.out.test$n || ret=1 1163grep -v "Transfer failed." dig.out.test$n >/dev/null || ret=1 1164if [ $ret -ne 0 ]; then echo_i "failed"; fi 1165status=$((status + ret)) 1166 1167nextpart ns2/named.run >/dev/null 1168n=$((n + 1)) 1169echo_i "deleting global allow-query and allow-domain ACLs ($n)" 1170ret=0 1171$NSUPDATE -d <<END >>nsupdate.out.test$n 2>&1 || ret=1 1172 server 10.53.0.1 ${PORT} 1173 update delete allow-query.ext.catalog1.example. 3600 IN APL 1:10.53.0.1/32 1174 update delete allow-transfer.ext.catalog1.example. 3600 IN APL 1:10.53.0.2/32 1175 send 1176END 1177if [ $ret -ne 0 ]; then echo_i "failed"; fi 1178status=$((status + ret)) 1179ret=0 1180wait_for_message ns2/named.run "catz: update_from_db: new zone merged" || ret=1 1181if [ $ret -ne 0 ]; then echo_i "failed"; fi 1182status=$((status + ret)) 1183 1184n=$((n + 1)) 1185echo_i "checking that dom8.example. is accessible from 10.53.0.1 ($n)" 1186ret=0 1187wait_for_soa @10.53.0.2 dom8.example. dig.out.test$n -b 10.53.0.1 || ret=1 1188if [ $ret -ne 0 ]; then echo_i "failed"; fi 1189status=$((status + ret)) 1190 1191n=$((n + 1)) 1192echo_i "checking that dom8.example. is accessible from 10.53.0.2 ($n)" 1193ret=0 1194wait_for_soa @10.53.0.2 dom8.example. dig.out.test$n -b 10.53.0.2 || ret=1 1195if [ $ret -ne 0 ]; then echo_i "failed"; fi 1196status=$((status + ret)) 1197 1198n=$((n + 1)) 1199echo_i "checking that dom8.example. is AXFR accessible from 10.53.0.1 ($n)" 1200ret=0 1201dig_with_opts @10.53.0.2 axfr dom8.example. -b 10.53.0.1 >dig.out.test$n || ret=1 1202grep -v "Transfer failed." dig.out.test$n >/dev/null || ret=1 1203if [ $ret -ne 0 ]; then echo_i "failed"; fi 1204status=$((status + ret)) 1205 1206n=$((n + 1)) 1207echo_i "checking that dom8.example. is AXFR accessible from 10.53.0.2 ($n)" 1208ret=0 1209dig_with_opts @10.53.0.2 axfr dom8.example. -b 10.53.0.2 >dig.out.test$n || ret=1 1210grep -v "Transfer failed." dig.out.test$n >/dev/null || ret=1 1211if [ $ret -ne 0 ]; then echo_i "failed"; fi 1212status=$((status + ret)) 1213 1214########################################################################## 1215echo_i "Testing TSIG keys for primaries set per-domain" 1216n=$((n + 1)) 1217echo_i "adding a domain dom9.example. to primary via RNDC, with transfers allowed only with TSIG key ($n)" 1218ret=0 1219echo "@ 3600 IN SOA . . 1 3600 3600 3600 3600" >ns1/dom9.example.db 1220echo "@ IN NS invalid." >>ns1/dom9.example.db 1221rndccmd 10.53.0.1 addzone dom9.example. in default '{type primary; file "dom9.example.db"; allow-transfer { key tsig_key; }; };' || ret=1 1222if [ $ret -ne 0 ]; then echo_i "failed"; fi 1223status=$((status + ret)) 1224 1225n=$((n + 1)) 1226echo_i "checking that dom9.example. is now served by primary ($n)" 1227ret=0 1228wait_for_soa @10.53.0.1 dom9.example. dig.out.test$n || ret=1 1229if [ $ret -ne 0 ]; then echo_i "failed"; fi 1230status=$((status + ret)) 1231 1232nextpart ns2/named.run >/dev/null 1233 1234n=$((n + 1)) 1235echo_i "adding domain dom9.example. to catalog1 zone with a valid primaries suboption (IP with TSIG) ($n)" 1236ret=0 1237$NSUPDATE -d <<END >>nsupdate.out.test$n 2>&1 || ret=1 1238 server 10.53.0.1 ${PORT} 1239 update add f0f989bc71c5c8ca3a1eb9c9ab5246521907e3af.zones.catalog1.example. 3600 IN PTR dom9.example. 1240 update add label1.primaries.ext.f0f989bc71c5c8ca3a1eb9c9ab5246521907e3af.zones.catalog1.example. 3600 IN A 10.53.0.1 1241 update add label1.primaries.ext.f0f989bc71c5c8ca3a1eb9c9ab5246521907e3af.zones.catalog1.example. 3600 IN TXT "tsig_key" 1242 send 1243END 1244if [ $ret -ne 0 ]; then echo_i "failed"; fi 1245status=$((status + ret)) 1246 1247n=$((n + 1)) 1248echo_i "waiting for secondary to sync up ($n)" 1249ret=0 1250wait_for_message ns2/named.run "catz: adding zone 'dom9.example' from catalog 'catalog1.example'" \ 1251 && wait_for_message ns2/named.run "transfer of 'dom9.example/IN/default' from 10.53.0.1#${PORT}: Transfer status: success" || ret=1 1252if [ $ret -ne 0 ]; then echo_i "failed"; fi 1253status=$((status + ret)) 1254 1255n=$((n + 1)) 1256echo_i "checking that dom9.example. is accessible on secondary ($n)" 1257ret=0 1258wait_for_soa @10.53.0.2 dom9.example. dig.out.test$n || ret=1 1259if [ $ret -ne 0 ]; then echo_i "failed"; fi 1260status=$((status + ret)) 1261 1262n=$((n + 1)) 1263echo_i "change TSIG key name on primary ($n)" 1264ret=0 1265rndccmd 10.53.0.1 modzone dom9.example. in default '{type primary; notify yes; file "dom9.example.db"; allow-transfer { key next_key; }; };' || ret=1 1266if [ $ret -ne 0 ]; then echo_i "failed"; fi 1267status=$((status + ret)) 1268 1269n=$((n + 1)) 1270echo_i "update TSIG key name in catalog zone ($n)" 1271ret=0 1272$NSUPDATE -d <<END >>nsupdate.out.test$n 2>&1 || ret=1 1273 server 10.53.0.1 ${PORT} 1274 update del label1.primaries.ext.f0f989bc71c5c8ca3a1eb9c9ab5246521907e3af.zones.catalog1.example. 3600 IN TXT "tsig_key" 1275 update add label1.primaries.ext.f0f989bc71c5c8ca3a1eb9c9ab5246521907e3af.zones.catalog1.example. 3600 IN TXT "next_key" 1276 send 1277END 1278if [ $ret -ne 0 ]; then echo_i "failed"; fi 1279status=$((status + ret)) 1280 1281n=$((n + 1)) 1282echo_i "waiting for secondary to sync up ($n)" 1283ret=0 1284wait_for_message ns2/named.run "catz: modifying zone 'dom9.example' from catalog 'catalog1.example'" || ret=1 1285if [ $ret -ne 0 ]; then echo_i "failed"; fi 1286status=$((status + ret)) 1287 1288n=$((n + 1)) 1289echo_i "update zone contents and reload ($n)" 1290ret=0 1291echo "@ 3600 IN SOA . . 2 3600 3600 3600 3600" >ns1/dom9.example.db 1292echo "@ IN NS ns2" >>ns1/dom9.example.db 1293echo "ns2 IN A 10.53.0.2" >>ns1/dom9.example.db 1294rndccmd 10.53.0.1 reload dom9.example. || ret=1 1295if [ $ret -ne 0 ]; then echo_i "failed"; fi 1296status=$((status + ret)) 1297 1298n=$((n + 1)) 1299echo_i "wait for primary to update zone ($n)" 1300ret=0 1301wait_for_a @10.53.0.1 ns2.dom9.example. dig.out.test$n || ret=1 1302if [ $ret -ne 0 ]; then echo_i "failed"; fi 1303status=$((status + ret)) 1304 1305n=$((n + 1)) 1306echo_i "wait for secondary to update zone ($n)" 1307ret=0 1308wait_for_a @10.53.0.2 ns2.dom9.example. dig.out.test$n || ret=1 1309if [ $ret -ne 0 ]; then echo_i "failed"; fi 1310status=$((status + ret)) 1311 1312n=$((n + 1)) 1313echo_i "deleting domain dom9.example. from catalog1 zone ($n)" 1314ret=0 1315$NSUPDATE -d <<END >>nsupdate.out.test$n 2>&1 || ret=1 1316 server 10.53.0.1 ${PORT} 1317 update delete f0f989bc71c5c8ca3a1eb9c9ab5246521907e3af.zones.catalog1.example. 3600 IN PTR dom9.example. 1318 update delete label1.primaries.ext.f0f989bc71c5c8ca3a1eb9c9ab5246521907e3af.zones.catalog1.example. 3600 IN A 10.53.0.1 1319 update delete label1.primaries.ext.f0f989bc71c5c8ca3a1eb9c9ab5246521907e3af.zones.catalog1.example. 3600 IN TXT "next_key" 1320 send 1321END 1322if [ $ret -ne 0 ]; then echo_i "failed"; fi 1323status=$((status + ret)) 1324 1325n=$((n + 1)) 1326echo_i "waiting for secondary to sync up ($n)" 1327ret=0 1328wait_for_message ns2/named.run "catz: deleting zone 'dom9.example' from catalog 'catalog1.example' - success" || ret=1 1329if [ $ret -ne 0 ]; then echo_i "failed"; fi 1330status=$((status + ret)) 1331 1332n=$((n + 1)) 1333echo_i "checking that dom9.example. is no longer accessible on secondary ($n)" 1334ret=0 1335wait_for_no_soa @10.53.0.2 dom9.example. dig.out.test$n || ret=1 1336if [ $ret -ne 0 ]; then echo_i "failed"; fi 1337status=$((status + ret)) 1338 1339nextpart ns2/named.run >/dev/null 1340 1341n=$((n + 1)) 1342echo_i "adding domain dom9.example. to catalog1 zone with an invalid primaries suboption (TSIG without IP) ($n)" 1343ret=0 1344$NSUPDATE -d <<END >>nsupdate.out.test$n 2>&1 || ret=1 1345 server 10.53.0.1 ${PORT} 1346 update add f0f989bc71c5c8ca3a1eb9c9ab5246521907e3af.zones.catalog1.example. 3600 IN PTR dom9.example. 1347 update add label1.primaries.ext.f0f989bc71c5c8ca3a1eb9c9ab5246521907e3af.zones.catalog1.example. 3600 IN TXT "tsig_key" 1348 send 1349END 1350if [ $ret -ne 0 ]; then echo_i "failed"; fi 1351status=$((status + ret)) 1352 1353n=$((n + 1)) 1354echo_i "waiting for secondary to sync up ($n)" 1355ret=0 1356wait_for_message ns2/named.run "catz: adding zone 'dom9.example' from catalog 'catalog1.example'" \ 1357 && wait_for_message ns2/named.run "error \"failure\" while trying to generate config for zone 'dom9.example'" || ret=1 1358if [ $ret -ne 0 ]; then echo_i "failed"; fi 1359status=$((status + ret)) 1360 1361n=$((n + 1)) 1362echo_i "deleting domain dom9.example. from catalog1 zone ($n)" 1363ret=0 1364$NSUPDATE -d <<END >>nsupdate.out.test$n 2>&1 || ret=1 1365 server 10.53.0.1 ${PORT} 1366 update delete f0f989bc71c5c8ca3a1eb9c9ab5246521907e3af.zones.catalog1.example. 3600 IN PTR dom9.example. 1367 update delete label1.primaries.ext.f0f989bc71c5c8ca3a1eb9c9ab5246521907e3af.zones.catalog1.example. 3600 IN TXT "tsig_key" 1368 send 1369END 1370if [ $ret -ne 0 ]; then echo_i "failed"; fi 1371status=$((status + ret)) 1372 1373n=$((n + 1)) 1374echo_i "waiting for secondary to sync up ($n)" 1375ret=0 1376wait_for_message ns2/named.run "catz: deleting zone 'dom9.example' from catalog 'catalog1.example'" || ret=1 1377if [ $ret -ne 0 ]; then echo_i "failed"; fi 1378status=$((status + ret)) 1379 1380########################################################################## 1381echo_i "Testing catalog entries that can't be represented as filenames" 1382# note: we need 4 backslashes in the shell to get 2 backslashes in DNS 1383# presentation format, which is 1 backslash on the wire. 1384for special in \ 1385 this.is.a.very.very.long.long.long.domain.that.will.cause.catalog.zones.to.generate.hash.instead.of.using.regular.filename.dom10.example \ 1386 this.zone/domain.has.a.slash.dom10.example \ 1387 this.zone\\\\domain.has.backslash.dom10.example \ 1388 this.zone:domain.has.a.colon.dom.10.example; do 1389 # hashes below are generated by: 1390 # python ${TOP}/contrib/scripts/catzhash.py "${special}" 1391 1392 case "$special" in 1393 this.is.a.very.very.long.long.long.domain.that.will.cause.catalog.zones.to.generate.hash.instead.of.using.regular.filename.dom10.example) 1394 hash=825f48b1ce1b4cf5a041d20255a0c8e98d114858 1395 db=__catz__a35e0a044ff9f37436068e1e83e9b99fb9da51b0fe7b699bdb404f7755d68276.db 1396 ;; 1397 this.zone/domain.has.a.slash.dom10.example) 1398 hash=e64cc64c99bf52d0a77fb16dd7ed57cf925a36aa 1399 db=__catz__765197c8050c794f4ec5bbf5dbdf64d0551459c08a91a4217768fcd16cd3b7ce.db 1400 ;; 1401 this.zone\\\\domain.has.backslash.dom10.example) 1402 hash=91e27e02153d38cf656a9b376d7747fbcd19f985 1403 db=__catz__0f2f3beaf2ef70e0086063ae28a69444cdf3847cb85e668bfe52c89f7f756b29.db 1404 ;; 1405 this.zone:domain.has.a.colon.dom.10.example) 1406 hash=8b7238bf4c34045834c573ba4116557ebb24d33c 1407 db=__catz__ba75ab860533508a62b0937c5c6b8537e4186e4d5e7685161287260d07418251.db 1408 ;; 1409 esac 1410 1411 n=$((n + 1)) 1412 echo_i "checking that ${special}. is not served by primary ($n)" 1413 ret=0 1414 wait_for_no_soa @10.53.0.1 "${special}" dig.out.test$n || ret=1 1415 if [ $ret -ne 0 ]; then echo_i "failed"; fi 1416 status=$((status + ret)) 1417 1418 n=$((n + 1)) 1419 echo_i "Adding a domain ${special}. to primary via RNDC ($n)" 1420 ret=0 1421 echo "@ 3600 IN SOA . . 1 3600 3600 3600 3600" >ns1/dom10.example.db 1422 echo "@ IN NS invalid." >>ns1/dom10.example.db 1423 rndccmd 10.53.0.1 addzone '"'"${special}"'"' in default '{type primary; file "dom10.example.db";};' || ret=1 1424 if [ $ret -ne 0 ]; then echo_i "failed"; fi 1425 status=$((status + ret)) 1426 1427 n=$((n + 1)) 1428 echo_i "checking that ${special}. is now served by primary ($n)" 1429 ret=0 1430 wait_for_soa @10.53.0.1 "${special}." dig.out.test$n || ret=1 1431 if [ $ret -ne 0 ]; then echo_i "failed"; fi 1432 status=$((status + ret)) 1433 1434 nextpart ns2/named.run >/dev/null 1435 1436 n=$((n + 1)) 1437 echo_i "Adding domain ${special}. to catalog1 zone ($n)" 1438 ret=0 1439 $NSUPDATE -d <<END >>nsupdate.out.test$n 2>&1 || ret=1 1440 server 10.53.0.1 ${PORT} 1441 update add ${hash}.zones.catalog1.example 3600 IN PTR ${special}. 1442 send 1443END 1444 if [ $ret -ne 0 ]; then echo_i "failed"; fi 1445 status=$((status + ret)) 1446 1447 n=$((n + 1)) 1448 echo_i "waiting for secondary to sync up ($n)" 1449 ret=0 1450 wait_for_message ns2/named.run "catz: adding zone '$special' from catalog 'catalog1.example'" \ 1451 && wait_for_message ns2/named.run "transfer of '$special/IN/default' from 10.53.0.1#${PORT}: Transfer status: success" || ret=1 1452 if [ $ret -ne 0 ]; then echo_i "failed"; fi 1453 status=$((status + ret)) 1454 1455 n=$((n + 1)) 1456 echo_i "checking that ${special}. is served by secondary ($n)" 1457 ret=0 1458 wait_for_soa @10.53.0.2 "${special}." dig.out.test$n || ret=1 1459 if [ $ret -ne 0 ]; then echo_i "failed"; fi 1460 status=$((status + ret)) 1461 1462 n=$((n + 1)) 1463 echo_i "checking that zone-directory is populated with a hashed filename ($n)" 1464 ret=0 1465 wait_for_zonefile "ns2/zonedir/$db" || ret=1 1466 if [ $ret -ne 0 ]; then echo_i "failed"; fi 1467 status=$((status + ret)) 1468 1469 n=$((n + 1)) 1470 echo_i "removing domain ${special}. from catalog1 zone ($n)" 1471 ret=0 1472 $NSUPDATE -d <<END >>nsupdate.out.test$n 2>&1 || ret=1 1473 server 10.53.0.1 ${PORT} 1474 update delete ${hash}.zones.catalog1.example 1475 send 1476END 1477 if [ $ret -ne 0 ]; then echo_i "failed"; fi 1478 status=$((status + ret)) 1479 1480 n=$((n + 1)) 1481 echo_i "waiting for secondary to sync up ($n)" 1482 ret=0 1483 wait_for_message ns2/named.run "zone_shutdown: zone ${special}/IN/default: shutting down" || ret=1 1484 if [ $ret -ne 0 ]; then echo_i "failed"; fi 1485 status=$((status + ret)) 1486 1487 n=$((n + 1)) 1488 echo_i "checking that ${special}. is not served by secondary ($n)" 1489 ret=0 1490 wait_for_no_soa @10.53.0.2 "${special}." dig.out.test$n || ret=1 1491 if [ $ret -ne 0 ]; then echo_i "failed"; fi 1492 status=$((status + ret)) 1493 1494 n=$((n + 1)) 1495 echo_i "checking that zone-directory is emptied ($n)" 1496 ret=0 1497 wait_for_no_zonefile "ns2/zonedir/$db" || ret=1 1498 wait_for_no_zonefile "ns2/zonedir/$db.jnl" || ret=1 1499 if [ $ret -ne 0 ]; then echo_i "failed"; fi 1500 status=$((status + ret)) 1501done 1502 1503########################################################################## 1504echo_i "Testing adding a domain and a subdomain of it" 1505n=$((n + 1)) 1506echo_i "checking that dom11.example. is not served by primary ($n)" 1507ret=0 1508wait_for_no_soa @10.53.0.1 dom11.example. dig.out.test$n || ret=1 1509if [ $ret -ne 0 ]; then echo_i "failed"; fi 1510status=$((status + ret)) 1511 1512n=$((n + 1)) 1513echo_i "Adding a domain dom11.example. to primary via RNDC ($n)" 1514ret=0 1515echo "@ 3600 IN SOA . . 1 3600 3600 3600 3600" >ns1/dom11.example.db 1516echo "@ IN NS invalid." >>ns1/dom11.example.db 1517rndccmd 10.53.0.1 addzone dom11.example. in default '{type primary; file "dom11.example.db";};' || ret=1 1518if [ $ret -ne 0 ]; then echo_i "failed"; fi 1519status=$((status + ret)) 1520 1521n=$((n + 1)) 1522echo_i "checking that dom11.example. is now served by primary ($n)" 1523ret=0 1524wait_for_soa @10.53.0.1 dom11.example. dig.out.test$n || ret=1 1525if [ $ret -ne 0 ]; then echo_i "failed"; fi 1526status=$((status + ret)) 1527 1528nextpart ns2/named.run >/dev/null 1529 1530n=$((n + 1)) 1531echo_i "Adding domain dom11.example. to catalog1 zone ($n)" 1532ret=0 1533$NSUPDATE -d <<END >>nsupdate.out.test$n 2>&1 || ret=1 1534 server 10.53.0.1 ${PORT} 1535 update add 0580d70e769c86c8b951a488d8b776627f427d7a.zones.catalog1.example. 3600 IN PTR dom11.example. 1536 send 1537END 1538if [ $ret -ne 0 ]; then echo_i "failed"; fi 1539status=$((status + ret)) 1540 1541n=$((n + 1)) 1542echo_i "waiting for secondary to sync up ($n)" 1543ret=0 1544wait_for_message ns2/named.run "catz: adding zone 'dom11.example' from catalog 'catalog1.example'" \ 1545 && wait_for_message ns2/named.run "transfer of 'dom11.example/IN/default' from 10.53.0.1#${PORT}: Transfer status: success" || ret=1 1546if [ $ret -ne 0 ]; then echo_i "failed"; fi 1547status=$((status + ret)) 1548 1549n=$((n + 1)) 1550echo_i "checking that dom11.example. is served by secondary ($n)" 1551ret=0 1552wait_for_soa @10.53.0.2 dom11.example. dig.out.test$n || ret=1 1553if [ $ret -ne 0 ]; then echo_i "failed"; fi 1554status=$((status + ret)) 1555 1556n=$((n + 1)) 1557echo_i "checking that subdomain.of.dom11.example. is not served by primary ($n)" 1558ret=0 1559wait_for_rcode NXDOMAIN SOA @10.53.0.1 subdomain.of.dom11.example. dig.out.test$n || ret=1 1560if [ $ret -ne 0 ]; then echo_i "failed"; fi 1561status=$((status + ret)) 1562 1563n=$((n + 1)) 1564echo_i "Adding a domain subdomain.of.dom11.example. to primary via RNDC ($n)" 1565ret=0 1566echo "@ 3600 IN SOA . . 1 3600 3600 3600 3600" >ns1/subdomain.of.dom11.example.db 1567echo "@ IN NS invalid." >>ns1/subdomain.of.dom11.example.db 1568rndccmd 10.53.0.1 addzone subdomain.of.dom11.example. in default '{type primary; file "subdomain.of.dom11.example.db";};' || ret=1 1569if [ $ret -ne 0 ]; then echo_i "failed"; fi 1570status=$((status + ret)) 1571 1572n=$((n + 1)) 1573echo_i "checking that subdomain.of.dom11.example. is now served by primary ($n)" 1574ret=0 1575wait_for_soa @10.53.0.1 subdomain.of.dom11.example. dig.out.test$n || ret=1 1576if [ $ret -ne 0 ]; then echo_i "failed"; fi 1577status=$((status + ret)) 1578 1579nextpart ns2/named.run >/dev/null 1580 1581n=$((n + 1)) 1582echo_i "Adding domain subdomain.of.dom11.example. to catalog1 zone ($n)" 1583ret=0 1584$NSUPDATE -d <<END >>nsupdate.out.test$n 2>&1 || ret=1 1585 server 10.53.0.1 ${PORT} 1586 update add 25557e0bdd10cb3710199bb421b776df160f241e.zones.catalog1.example. 3600 IN PTR subdomain.of.dom11.example. 1587 send 1588END 1589if [ $ret -ne 0 ]; then echo_i "failed"; fi 1590status=$((status + ret)) 1591 1592n=$((n + 1)) 1593echo_i "waiting for secondary to sync up ($n)" 1594ret=0 1595wait_for_message ns2/named.run "catz: adding zone 'subdomain.of.dom11.example' from catalog 'catalog1.example'" \ 1596 && wait_for_message ns2/named.run "transfer of 'subdomain.of.dom11.example/IN/default' from 10.53.0.1#${PORT}: Transfer status: success" || ret=1 1597if [ $ret -ne 0 ]; then echo_i "failed"; fi 1598status=$((status + ret)) 1599 1600n=$((n + 1)) 1601echo_i "checking that subdomain.of.dom11.example. is served by secondary ($n)" 1602ret=0 1603wait_for_soa @10.53.0.2 subdomain.of.dom11.example. dig.out.test$n || ret=1 1604if [ $ret -ne 0 ]; then echo_i "failed"; fi 1605status=$((status + ret)) 1606 1607n=$((n + 1)) 1608echo_i "removing domain dom11.example. from catalog1 zone ($n)" 1609ret=0 1610$NSUPDATE -d <<END >>nsupdate.out.test$n 2>&1 || ret=1 1611 server 10.53.0.1 ${PORT} 1612 update delete 0580d70e769c86c8b951a488d8b776627f427d7a.zones.catalog1.example 1613 send 1614END 1615if [ $ret -ne 0 ]; then echo_i "failed"; fi 1616status=$((status + ret)) 1617 1618n=$((n + 1)) 1619echo_i "waiting for secondary to sync up ($n)" 1620ret=0 1621wait_for_message ns2/named.run "zone_shutdown: zone dom11.example/IN/default: shutting down" || ret=1 1622if [ $ret -ne 0 ]; then echo_i "failed"; fi 1623status=$((status + ret)) 1624 1625n=$((n + 1)) 1626echo_i "checking that dom11.example. is not served by secondary ($n)" 1627ret=0 1628wait_for_no_soa @10.53.0.2 dom11.example. dig.out.test$n || ret=1 1629if [ $ret -ne 0 ]; then echo_i "failed"; fi 1630status=$((status + ret)) 1631 1632n=$((n + 1)) 1633echo_i "checking that subdomain.of.dom11.example. is still served by secondary ($n)" 1634ret=0 1635wait_for_soa @10.53.0.2 subdomain.of.dom11.example. dig.out.test$n || ret=1 1636if [ $ret -ne 0 ]; then echo_i "failed"; fi 1637status=$((status + ret)) 1638 1639n=$((n + 1)) 1640echo_i "removing domain subdomain.of.dom11.example. from catalog1 zone ($n)" 1641ret=0 1642$NSUPDATE -d <<END >>nsupdate.out.test$n 2>&1 || ret=1 1643 server 10.53.0.1 ${PORT} 1644 update delete 25557e0bdd10cb3710199bb421b776df160f241e.zones.catalog1.example 1645 send 1646END 1647if [ $ret -ne 0 ]; then echo_i "failed"; fi 1648status=$((status + ret)) 1649 1650n=$((n + 1)) 1651echo_i "waiting for secondary to sync up ($n)" 1652ret=0 1653wait_for_message ns2/named.run "zone_shutdown: zone subdomain.of.dom11.example/IN/default: shutting down" || ret=1 1654if [ $ret -ne 0 ]; then echo_i "failed"; fi 1655status=$((status + ret)) 1656 1657n=$((n + 1)) 1658echo_i "checking that subdomain.of.dom11.example. is not served by secondary ($n)" 1659ret=0 1660wait_for_no_soa @10.53.0.2 subdomain.of.d11.example. dig.out.test$n || ret=1 1661if [ $ret -ne 0 ]; then echo_i "failed"; fi 1662status=$((status + ret)) 1663 1664########################################################################## 1665echo_i "Testing adding a catalog zone at runtime with rndc reconfig" 1666n=$((n + 1)) 1667echo_i "checking that dom12.example. is not served by primary ($n)" 1668ret=0 1669wait_for_no_soa @10.53.0.1 dom12.example. dig.out.test$n || ret=1 1670if [ $ret -ne 0 ]; then echo_i "failed"; fi 1671status=$((status + ret)) 1672 1673n=$((n + 1)) 1674echo_i "Adding a domain dom12.example. to primary via RNDC ($n)" 1675ret=0 1676echo "@ 3600 IN SOA . . 1 3600 3600 3600 3600" >ns1/dom12.example.db 1677echo "@ IN NS invalid." >>ns1/dom12.example.db 1678rndccmd 10.53.0.1 addzone dom12.example. in default '{type primary; file "dom12.example.db";};' || ret=1 1679if [ $ret -ne 0 ]; then echo_i "failed"; fi 1680status=$((status + ret)) 1681 1682n=$((n + 1)) 1683echo_i "checking that dom12.example. is now served by primary ($n)" 1684ret=0 1685wait_for_soa @10.53.0.1 dom12.example. dig.out.test$n || ret=1 1686if [ $ret -ne 0 ]; then echo_i "failed"; fi 1687status=$((status + ret)) 1688 1689nextpart ns2/named.run >/dev/null 1690 1691n=$((n + 1)) 1692echo_i "Adding domain dom12.example. to catalog4 zone ($n)" 1693ret=0 1694$NSUPDATE -d <<END >>nsupdate.out.test$n 2>&1 || ret=1 1695 server 10.53.0.1 ${PORT} 1696 update add 871d51e5433543c0f6fb263c40f359fbc152c8ae.zones.catalog4.example. 3600 IN PTR dom12.example. 1697 send 1698END 1699if [ $ret -ne 0 ]; then echo_i "failed"; fi 1700status=$((status + ret)) 1701 1702n=$((n + 1)) 1703echo_i "checking that dom12.example. is not served by secondary ($n)" 1704ret=0 1705wait_for_no_soa @10.53.0.2 dom12.example. dig.out.test$n || ret=1 1706if [ $ret -ne 0 ]; then echo_i "failed"; fi 1707status=$((status + ret)) 1708 1709n=$((n + 1)) 1710echo_i "reconfiguring secondary - adding catalog4 catalog zone ($n)" 1711ret=0 1712sed -e "s/^#T1//g" <ns2/named1.conf.in >ns2/named.conf.tmp 1713copy_setports ns2/named.conf.tmp ns2/named.conf 1714rndccmd 10.53.0.2 reconfig || ret=1 1715if [ $ret -ne 0 ]; then echo_i "failed"; fi 1716status=$((status + ret)) 1717 1718n=$((n + 1)) 1719echo_i "waiting for secondary to sync up ($n)" 1720ret=0 1721wait_for_message ns2/named.run "catz: adding zone 'dom12.example' from catalog 'catalog4.example'" \ 1722 && wait_for_message ns2/named.run "transfer of 'dom12.example/IN/default' from 10.53.0.1#${PORT}: Transfer status: success" || ret=1 1723if [ $ret -ne 0 ]; then echo_i "failed"; fi 1724status=$((status + ret)) 1725 1726n=$((n + 1)) 1727echo_i "checking that dom7.example. is still served by secondary after reconfiguration ($n)" 1728ret=0 1729wait_for_soa @10.53.0.2 dom7.example. dig.out.test$n -b 10.53.0.1 || ret=1 1730if [ $ret -ne 0 ]; then echo_i "failed"; fi 1731status=$((status + ret)) 1732n=$((n + 1)) 1733 1734echo_i "checking that dom12.example. is served by secondary ($n)" 1735ret=0 1736wait_for_soa @10.53.0.2 dom12.example. dig.out.test$n || ret=1 1737if [ $ret -ne 0 ]; then echo_i "failed"; fi 1738status=$((status + ret)) 1739 1740n=$((n + 1)) 1741echo_i "reconfiguring secondary - removing catalog4 catalog zone, adding non-existent catalog5 catalog zone ($n)" 1742ret=0 1743sed -e "s/^#T2//" <ns2/named1.conf.in >ns2/named.conf.tmp 1744copy_setports ns2/named.conf.tmp ns2/named.conf 1745$RNDC -c ../_common/rndc.conf -s 10.53.0.2 -p "${CONTROLPORT}" reconfig >/dev/null 2>&1 && ret=1 1746if [ $ret -ne 0 ]; then echo_i "failed"; fi 1747status=$((status + ret)) 1748 1749n=$((n + 1)) 1750echo_i "reconfiguring secondary - removing non-existent catalog5 catalog zone ($n)" 1751ret=0 1752copy_setports ns2/named1.conf.in ns2/named.conf 1753rndccmd 10.53.0.2 reconfig || ret=1 1754if [ $ret -ne 0 ]; then echo_i "failed"; fi 1755status=$((status + ret)) 1756 1757n=$((n + 1)) 1758echo_i "checking that dom12.example. is not served by secondary ($n)" 1759ret=0 1760wait_for_no_soa @10.53.0.2 dom12.example. dig.out.test$n || ret=1 1761if [ $ret -ne 0 ]; then echo_i "failed"; fi 1762status=$((status + ret)) 1763 1764n=$((n + 1)) 1765echo_i "removing domain dom12.example. from catalog4 zone ($n)" 1766ret=0 1767$NSUPDATE -d <<END >>nsupdate.out.test$n 2>&1 || ret=1 1768 server 10.53.0.1 ${PORT} 1769 update delete 871d51e5433543c0f6fb263c40f359fbc152c8ae.zones.catalog4.example. 3600 IN PTR dom12.example. 1770 send 1771END 1772if [ $ret -ne 0 ]; then echo_i "failed"; fi 1773status=$((status + ret)) 1774 1775########################################################################## 1776echo_i "Testing having a zone in two different catalogs" 1777n=$((n + 1)) 1778echo_i "checking that dom13.example. is not served by primary ($n)" 1779ret=0 1780wait_for_no_soa @10.53.0.1 dom13.example. dig.out.test$n || ret=1 1781if [ $ret -ne 0 ]; then echo_i "failed"; fi 1782status=$((status + ret)) 1783 1784n=$((n + 1)) 1785echo_i "Adding a domain dom13.example. to primary ns1 via RNDC ($n)" 1786ret=0 1787echo "@ 3600 IN SOA . . 1 3600 3600 3600 3600" >ns1/dom13.example.db 1788echo "@ IN NS invalid." >>ns1/dom13.example.db 1789echo "@ IN A 192.0.2.1" >>ns1/dom13.example.db 1790rndccmd 10.53.0.1 addzone dom13.example. in default '{type primary; file "dom13.example.db";};' || ret=1 1791if [ $ret -ne 0 ]; then echo_i "failed"; fi 1792status=$((status + ret)) 1793 1794n=$((n + 1)) 1795echo_i "checking that dom13.example. is now served by primary ns1 ($n)" 1796ret=0 1797wait_for_soa @10.53.0.1 dom13.example. dig.out.test$n || ret=1 1798if [ $ret -ne 0 ]; then echo_i "failed"; fi 1799status=$((status + ret)) 1800 1801n=$((n + 1)) 1802echo_i "Adding a domain dom13.example. to primary ns3 via RNDC ($n)" 1803ret=0 1804echo "@ 3600 IN SOA . . 1 3600 3600 3600 3600" >ns3/dom13.example.db 1805echo "@ IN NS invalid." >>ns3/dom13.example.db 1806echo "@ IN A 192.0.2.2" >>ns3/dom13.example.db 1807rndccmd 10.53.0.3 addzone dom13.example. '{type primary; file "dom13.example.db";};' || ret=1 1808if [ $ret -ne 0 ]; then echo_i "failed"; fi 1809status=$((status + ret)) 1810 1811n=$((n + 1)) 1812echo_i "checking that dom13.example. is now served by primary ns3 ($n)" 1813ret=0 1814wait_for_soa @10.53.0.3 dom13.example. dig.out.test$n || ret=1 1815if [ $ret -ne 0 ]; then echo_i "failed"; fi 1816status=$((status + ret)) 1817 1818nextpart ns2/named.run >/dev/null 1819 1820n=$((n + 1)) 1821echo_i "Adding domain dom13.example. to catalog1 zone with ns1 as primary ($n)" 1822ret=0 1823$NSUPDATE -d <<END >>nsupdate.out.test$n 2>&1 || ret=1 1824 server 10.53.0.1 ${PORT} 1825 update add 8d7989c746b3f92b3bba2479e72afd977198363f.zones.catalog1.example. 3600 IN PTR dom13.example. 1826 update add primaries.ext.8d7989c746b3f92b3bba2479e72afd977198363f.zones.catalog1.example. 3600 IN A 10.53.0.1 1827 send 1828END 1829if [ $ret -ne 0 ]; then echo_i "failed"; fi 1830status=$((status + ret)) 1831 1832n=$((n + 1)) 1833echo_i "waiting for secondary to sync up ($n)" 1834ret=0 1835wait_for_message ns2/named.run "catz: adding zone 'dom13.example' from catalog 'catalog1.example'" \ 1836 && wait_for_message ns2/named.run "transfer of 'dom13.example/IN/default' from 10.53.0.1#${PORT}: Transfer status: success" || ret=1 1837if [ $ret -ne 0 ]; then echo_i "failed"; fi 1838status=$((status + ret)) 1839 1840nextpart ns2/named.run >/dev/null 1841 1842n=$((n + 1)) 1843echo_i "checking that dom13.example. is served by secondary and that it's the one from ns1 ($n)" 1844ret=0 1845wait_for_a @10.53.0.2 dom13.example. dig.out.test$n || ret=1 1846grep "192.0.2.1" dig.out.test$n >/dev/null || ret=1 1847if [ $ret -ne 0 ]; then echo_i "failed"; fi 1848status=$((status + ret)) 1849 1850n=$((n + 1)) 1851echo_i "Adding domain dom13.example. to catalog2 zone with ns3 as primary ($n)" 1852ret=0 1853$NSUPDATE -d <<END >>nsupdate.out.test$n 2>&1 || ret=1 1854 server 10.53.0.3 ${PORT} 1855 update add 8d7989c746b3f92b3bba2479e72afd977198363f.zones.catalog2.example. 3600 IN PTR dom13.example. 1856 update add primaries.8d7989c746b3f92b3bba2479e72afd977198363f.zones.catalog2.example. 3600 IN A 10.53.0.3 1857 send 1858END 1859if [ $ret -ne 0 ]; then echo_i "failed"; fi 1860status=$((status + ret)) 1861 1862n=$((n + 1)) 1863echo_i "waiting for secondary to sync up ($n)" 1864ret=0 1865wait_for_message ns2/named.run "catz: update_from_db: new zone merged" || ret=1 1866if [ $ret -ne 0 ]; then echo_i "failed"; fi 1867status=$((status + ret)) 1868 1869n=$((n + 1)) 1870echo_i "checking that dom13.example. is served by secondary and that it's still the one from ns1 ($n)" 1871ret=0 1872wait_for_a @10.53.0.2 dom13.example. dig.out.test$n || ret=1 1873grep "192.0.2.1" dig.out.test$n >/dev/null || ret=1 1874if [ $ret -ne 0 ]; then echo_i "failed"; fi 1875status=$((status + ret)) 1876 1877nextpart ns2/named.run >/dev/null 1878 1879n=$((n + 1)) 1880echo_i "Deleting domain dom13.example. from catalog2 ($n)" 1881ret=0 1882$NSUPDATE -d <<END >>nsupdate.out.test$n 2>&1 || ret=1 1883 server 10.53.0.3 ${PORT} 1884 update delete 8d7989c746b3f92b3bba2479e72afd977198363f.zones.catalog2.example. 3600 IN PTR dom13.example. 1885 update delete primaries.8d7989c746b3f92b3bba2479e72afd977198363f.zones.catalog2.example. 3600 IN A 10.53.0.3 1886 send 1887END 1888if [ $ret -ne 0 ]; then echo_i "failed"; fi 1889status=$((status + ret)) 1890 1891n=$((n + 1)) 1892echo_i "waiting for secondary to sync up ($n)" 1893ret=0 1894wait_for_message ns2/named.run "catz: update_from_db: new zone merged" || ret=1 1895if [ $ret -ne 0 ]; then echo_i "failed"; fi 1896status=$((status + ret)) 1897 1898n=$((n + 1)) 1899echo_i "checking that dom13.example. is served by secondary and that it's still the one from ns1 ($n)" 1900ret=0 1901wait_for_a @10.53.0.2 dom13.example. dig.out.test$n || ret=1 1902grep "192.0.2.1" dig.out.test$n >/dev/null || ret=1 1903if [ $ret -ne 0 ]; then echo_i "failed"; fi 1904status=$((status + ret)) 1905 1906n=$((n + 1)) 1907echo_i "Deleting domain dom13.example. from catalog1 ($n)" 1908ret=0 1909$NSUPDATE -d <<END >>nsupdate.out.test$n 2>&1 || ret=1 1910 server 10.53.0.1 ${PORT} 1911 update delete 8d7989c746b3f92b3bba2479e72afd977198363f.zones.catalog1.example. 3600 IN PTR dom13.example. 1912 update delete primaries.ext.8d7989c746b3f92b3bba2479e72afd977198363f.zones.catalog1.example. 3600 IN A 10.53.0.2 1913 send 1914END 1915if [ $ret -ne 0 ]; then echo_i "failed"; fi 1916status=$((status + ret)) 1917 1918n=$((n + 1)) 1919echo_i "waiting for secondary to sync up ($n)" 1920ret=0 1921wait_for_message ns2/named.run "catz: update_from_db: new zone merged" || ret=1 1922if [ $ret -ne 0 ]; then echo_i "failed"; fi 1923status=$((status + ret)) 1924 1925n=$((n + 1)) 1926echo_i "checking that dom13.example. is no longer served by secondary ($n)" 1927ret=0 1928wait_for_no_soa @10.53.0.2 dom13.example. dig.out.test$n || ret=1 1929if [ $ret -ne 0 ]; then echo_i "failed"; fi 1930status=$((status + ret)) 1931 1932########################################################################## 1933echo_i "Testing recreation of a manually deleted zone after a reload" 1934n=$((n + 1)) 1935echo_i "checking that dom16.example. is not served by primary ($n)" 1936ret=0 1937wait_for_no_soa @10.53.0.1 dom16.example. dig.out.test$n || ret=1 1938if [ $ret -ne 0 ]; then echo_i "failed"; fi 1939status=$((status + ret)) 1940 1941n=$((n + 1)) 1942echo_i "Adding a domain dom16.example. to primary ns1 via RNDC ($n)" 1943ret=0 1944echo "@ 3600 IN SOA . . 1 3600 3600 3600 3600" >ns1/dom16.example.db 1945echo "@ IN NS invalid." >>ns1/dom16.example.db 1946echo "@ IN A 192.0.2.1" >>ns1/dom16.example.db 1947rndccmd 10.53.0.1 addzone dom16.example. in default '{type primary; file "dom16.example.db";};' || ret=1 1948if [ $ret -ne 0 ]; then echo_i "failed"; fi 1949status=$((status + ret)) 1950 1951n=$((n + 1)) 1952echo_i "checking that dom16.example. is now served by primary ns1 ($n)" 1953ret=0 1954wait_for_soa @10.53.0.1 dom16.example. dig.out.test$n || ret=1 1955if [ $ret -ne 0 ]; then echo_i "failed"; fi 1956status=$((status + ret)) 1957 1958nextpart ns2/named.run >/dev/null 1959 1960n=$((n + 1)) 1961echo_i "Adding domain dom16.example. to catalog1 zone with ns1 as primary ($n)" 1962ret=0 1963$NSUPDATE -d <<END >>nsupdate.out.test$n 2>&1 || ret=1 1964 server 10.53.0.1 ${PORT} 1965 update add efe725d0cf430ffb113b9bcf59266f066a21216b.zones.catalog1.example. 3600 IN PTR dom16.example. 1966 update add masters.efe725d0cf430ffb113b9bcf59266f066a21216b.zones.catalog1.example. 3600 IN A 10.53.0.1 1967 send 1968END 1969if [ $ret -ne 0 ]; then echo_i "failed"; fi 1970status=$((status + ret)) 1971 1972n=$((n + 1)) 1973echo_i "waiting for secondary to sync up ($n)" 1974ret=0 1975wait_for_message ns2/named.run "catz: adding zone 'dom16.example' from catalog 'catalog1.example'" \ 1976 && wait_for_message ns2/named.run "transfer of 'dom16.example/IN/default' from 10.53.0.1#${PORT}: Transfer status: success" || ret=1 1977if [ $ret -ne 0 ]; then echo_i "failed"; fi 1978status=$((status + ret)) 1979 1980nextpart ns2/named.run >/dev/null 1981 1982n=$((n + 1)) 1983echo_i "checking that dom16.example. is served by secondary and that it's the one from ns1 ($n)" 1984ret=0 1985wait_for_a @10.53.0.2 dom16.example. dig.out.test$n || ret=1 1986grep "192.0.2.1" dig.out.test$n >/dev/null || ret=1 1987if [ $ret -ne 0 ]; then echo_i "failed"; fi 1988status=$((status + ret)) 1989 1990nextpart ns2/named.run >/dev/null 1991 1992echo_i "Deleting dom16.example. from secondary ns2 via RNDC ($n)" 1993ret=0 1994rndccmd 10.53.0.2 delzone dom16.example. in default >/dev/null 2>&1 || ret=1 1995if [ $ret -ne 0 ]; then echo_i "failed"; fi 1996status=$((status + ret)) 1997 1998n=$((n + 1)) 1999echo_i "checking that dom16.example. is no longer served by secondary ($n)" 2000ret=0 2001wait_for_no_soa @10.53.0.2 dom16.example. dig.out.test$n || ret=1 2002if [ $ret -ne 0 ]; then echo_i "failed"; fi 2003status=$((status + ret)) 2004 2005nextpart ns2/named.run >/dev/null 2006 2007echo_i "Reloading secondary ns2 via RNDC ($n)" 2008ret=0 2009rndccmd 10.53.0.2 reload >/dev/null 2>&1 || ret=1 2010if [ $ret -ne 0 ]; then echo_i "failed"; fi 2011status=$((status + ret)) 2012 2013n=$((n + 1)) 2014echo_i "waiting for secondary to sync up ($n)" 2015ret=0 2016wait_for_message ns2/named.run "catz: update_from_db: new zone merged" || ret=1 2017if [ $ret -ne 0 ]; then echo_i "failed"; fi 2018status=$((status + ret)) 2019 2020n=$((n + 1)) 2021echo_i "checking that dom16.example. is served by secondary and that it's the one from ns1 ($n)" 2022ret=0 2023wait_for_a @10.53.0.2 dom16.example. dig.out.test$n || ret=1 2024grep "192.0.2.1" dig.out.test$n >/dev/null || ret=1 2025if [ $ret -ne 0 ]; then echo_i "failed"; fi 2026status=$((status + ret)) 2027 2028nextpart ns2/named.run >/dev/null 2029 2030n=$((n + 1)) 2031echo_i "Deleting domain dom16.example. from catalog1 ($n)" 2032ret=0 2033$NSUPDATE -d <<END >>nsupdate.out.test$n 2>&1 || ret=1 2034 server 10.53.0.1 ${PORT} 2035 update delete efe725d0cf430ffb113b9bcf59266f066a21216b.zones.catalog1.example. 3600 IN PTR dom16.example. 2036 update delete masters.efe725d0cf430ffb113b9bcf59266f066a21216b.zones.catalog1.example. 3600 IN A 10.53.0.1 2037 send 2038END 2039if [ $ret -ne 0 ]; then echo_i "failed"; fi 2040status=$((status + ret)) 2041 2042n=$((n + 1)) 2043echo_i "waiting for secondary to sync up ($n)" 2044ret=0 2045wait_for_message ns2/named.run "catz: update_from_db: new zone merged" || ret=1 2046if [ $ret -ne 0 ]; then echo_i "failed"; fi 2047status=$((status + ret)) 2048 2049n=$((n + 1)) 2050echo_i "checking that dom16.example. is no longer served by secondary ($n)" 2051ret=0 2052wait_for_no_soa @10.53.0.2 dom16.example. dig.out.test$n || ret=1 2053if [ $ret -ne 0 ]; then echo_i "failed"; fi 2054status=$((status + ret)) 2055 2056########################################################################## 2057echo_i "Testing having a regular zone and a zone in catalog zone of the same name" 2058n=$((n + 1)) 2059echo_i "checking that dom14.example. is not served by primary ($n)" 2060ret=0 2061wait_for_no_soa @10.53.0.1 dom14.example. dig.out.test$n || ret=1 2062if [ $ret -ne 0 ]; then echo_i "failed"; fi 2063status=$((status + ret)) 2064 2065n=$((n + 1)) 2066echo_i "Adding a domain dom14.example. to primary ns1 via RNDC ($n)" 2067ret=0 2068echo "@ 3600 IN SOA . . 1 3600 3600 3600 3600" >ns1/dom14.example.db 2069echo "@ IN NS invalid." >>ns1/dom14.example.db 2070echo "@ IN A 192.0.2.1" >>ns1/dom14.example.db 2071rndccmd 10.53.0.1 addzone dom14.example. in default '{type primary; file "dom14.example.db";};' || ret=1 2072if [ $ret -ne 0 ]; then echo_i "failed"; fi 2073status=$((status + ret)) 2074 2075n=$((n + 1)) 2076echo_i "checking that dom14.example. is now served by primary ns1 ($n)" 2077ret=0 2078wait_for_soa @10.53.0.1 dom14.example. dig.out.test$n || ret=1 2079if [ $ret -ne 0 ]; then echo_i "failed"; fi 2080status=$((status + ret)) 2081 2082n=$((n + 1)) 2083echo_i "Adding a domain dom14.example. to primary ns3 via RNDC ($n)" 2084ret=0 2085echo "@ 3600 IN SOA . . 1 3600 3600 3600 3600" >ns3/dom14.example.db 2086echo "@ IN NS invalid." >>ns3/dom14.example.db 2087echo "@ IN A 192.0.2.2" >>ns3/dom14.example.db 2088rndccmd 10.53.0.3 addzone dom14.example. '{type primary; file "dom14.example.db";};' || ret=1 2089if [ $ret -ne 0 ]; then echo_i "failed"; fi 2090status=$((status + ret)) 2091 2092n=$((n + 1)) 2093echo_i "checking that dom14.example. is now served by primary ns3 ($n)" 2094ret=0 2095wait_for_soa @10.53.0.3 dom14.example. dig.out.test$n || ret=1 2096if [ $ret -ne 0 ]; then echo_i "failed"; fi 2097status=$((status + ret)) 2098 2099nextpart ns2/named.run >/dev/null 2100 2101n=$((n + 1)) 2102echo_i "Adding domain dom14.example. with rndc with ns1 as primary ($n)" 2103ret=0 2104rndccmd 10.53.0.2 addzone dom14.example. in default '{type secondary; primaries {10.53.0.1;};};' || ret=1 2105if [ $ret -ne 0 ]; then echo_i "failed"; fi 2106status=$((status + ret)) 2107 2108n=$((n + 1)) 2109echo_i "waiting for secondary to sync up ($n)" 2110ret=0 2111wait_for_message ns2/named.run "transfer of 'dom14.example/IN/default' from 10.53.0.1#${PORT}: Transfer status: success" || ret=1 2112if [ $ret -ne 0 ]; then echo_i "failed"; fi 2113status=$((status + ret)) 2114 2115nextpart ns2/named.run >/dev/null 2116 2117n=$((n + 1)) 2118echo_i "checking that dom14.example. is served by secondary and that it's the one from ns1 ($n)" 2119ret=0 2120wait_for_a @10.53.0.2 dom14.example. dig.out.test$n || ret=1 2121grep "192.0.2.1" dig.out.test$n >/dev/null || ret=1 2122if [ $ret -ne 0 ]; then echo_i "failed"; fi 2123status=$((status + ret)) 2124 2125n=$((n + 1)) 2126echo_i "Adding domain dom14.example. to catalog2 zone with ns3 as primary ($n)" 2127ret=0 2128$NSUPDATE -d <<END >>nsupdate.out.test$n 2>&1 || ret=1 2129 server 10.53.0.3 ${PORT} 2130 update add 45e3d45ea5f7bd01c395ccbde6ae2e750a3ee8ab.zones.catalog2.example. 3600 IN PTR dom14.example. 2131 update add primaries.45e3d45ea5f7bd01c395ccbde6ae2e750a3ee8ab.zones.catalog2.example. 3600 IN A 10.53.0.3 2132 send 2133END 2134if [ $ret -ne 0 ]; then echo_i "failed"; fi 2135status=$((status + ret)) 2136 2137n=$((n + 1)) 2138echo_i "waiting for secondary to sync up ($n)" 2139ret=0 2140wait_for_message ns2/named.run "catz: update_from_db: new zone merged" || ret=1 2141if [ $ret -ne 0 ]; then echo_i "failed"; fi 2142status=$((status + ret)) 2143 2144n=$((n + 1)) 2145echo_i "checking that dom14.example. is served by secondary and that it's still the one from ns1 ($n)" 2146ret=0 2147wait_for_a @10.53.0.2 dom14.example. dig.out.test$n || ret=1 2148grep "192.0.2.1" dig.out.test$n >/dev/null || ret=1 2149if [ $ret -ne 0 ]; then echo_i "failed"; fi 2150status=$((status + ret)) 2151 2152nextpart ns2/named.run >/dev/null 2153 2154n=$((n + 1)) 2155echo_i "Deleting domain dom14.example. from catalog2 ($n)" 2156ret=0 2157$NSUPDATE -d <<END >>nsupdate.out.test$n 2>&1 || ret=1 2158 server 10.53.0.3 ${PORT} 2159 update delete 45e3d45ea5f7bd01c395ccbde6ae2e750a3ee8ab.zones.catalog2.example. 3600 IN PTR dom14.example. 2160 update delete primaries.45e3d45ea5f7bd01c395ccbde6ae2e750a3ee8ab.zones.catalog2.example. 3600 IN A 10.53.0.3 2161 send 2162END 2163if [ $ret -ne 0 ]; then echo_i "failed"; fi 2164status=$((status + ret)) 2165 2166n=$((n + 1)) 2167echo_i "waiting for secondary to sync up ($n)" 2168ret=0 2169wait_for_message ns2/named.run "catz: update_from_db: new zone merged" || ret=1 2170if [ $ret -ne 0 ]; then echo_i "failed"; fi 2171status=$((status + ret)) 2172 2173n=$((n + 1)) 2174echo_i "checking that dom14.example. is served by secondary and that it's still the one from ns1 ($n)" 2175ret=0 2176wait_for_a @10.53.0.2 dom14.example. dig.out.test$n || ret=1 2177grep "192.0.2.1" dig.out.test$n >/dev/null || ret=1 2178if [ $ret -ne 0 ]; then echo_i "failed"; fi 2179status=$((status + ret)) 2180 2181########################################################################## 2182echo_i "Testing changing label for a member zone" 2183n=$((n + 1)) 2184echo_i "checking that dom15.example. is not served by primary ($n)" 2185ret=0 2186wait_for_no_soa @10.53.0.1 dom15.example. dig.out.test$n || ret=1 2187if [ $ret -ne 0 ]; then echo_i "failed"; fi 2188status=$((status + ret)) 2189 2190n=$((n + 1)) 2191echo_i "Adding a domain dom15.example. to primary ns1 via RNDC ($n)" 2192ret=0 2193echo "@ 3600 IN SOA . . 1 3600 3600 3600 3600" >ns1/dom15.example.db 2194echo "@ IN NS invalid." >>ns1/dom15.example.db 2195rndccmd 10.53.0.1 addzone dom15.example. in default '{type primary; file "dom15.example.db";};' || ret=1 2196if [ $ret -ne 0 ]; then echo_i "failed"; fi 2197status=$((status + ret)) 2198 2199n=$((n + 1)) 2200echo_i "checking that dom15.example. is now served by primary ns1 ($n)" 2201ret=0 2202wait_for_soa @10.53.0.1 dom15.example. dig.out.test$n || ret=1 2203if [ $ret -ne 0 ]; then echo_i "failed"; fi 2204status=$((status + ret)) 2205 2206nextpart ns2/named.run >/dev/null 2207 2208echo_i "Adding domain dom15.example. to catalog1 zone with 'dom15label1' label ($n)" 2209ret=0 2210$NSUPDATE -d <<END >>nsupdate.out.test$n 2>&1 || ret=1 2211 server 10.53.0.1 ${PORT} 2212 update add dom15label1.zones.catalog1.example. 3600 IN PTR dom15.example. 2213 send 2214END 2215if [ $ret -ne 0 ]; then echo_i "failed"; fi 2216status=$((status + ret)) 2217 2218n=$((n + 1)) 2219echo_i "waiting for secondary to sync up ($n)" 2220ret=0 2221wait_for_message ns2/named.run "catz: update_from_db: new zone merged" || ret=1 2222if [ $ret -ne 0 ]; then echo_i "failed"; fi 2223status=$((status + ret)) 2224 2225sleep 3 2226 2227n=$((n + 1)) 2228echo_i "checking that dom15.example. is served by secondary ($n)" 2229ret=0 2230wait_for_soa @10.53.0.2 dom15.example. dig.out.test$n || ret=1 2231if [ $ret -ne 0 ]; then echo_i "failed"; fi 2232status=$((status + ret)) 2233 2234nextpart ns2/named.run >/dev/null 2235 2236n=$((n + 1)) 2237echo_i "Changing label of domain dom15.example. from 'dom15label1' to 'dom15label2' ($n)" 2238ret=0 2239$NSUPDATE -d <<END >>nsupdate.out.test$n 2>&1 || ret=1 2240 server 10.53.0.1 ${PORT} 2241 update delete dom15label1.zones.catalog1.example. 3600 IN PTR dom15.example. 2242 update add dom15label2.zones.catalog1.example. 3600 IN PTR dom15.example. 2243 send 2244END 2245if [ $ret -ne 0 ]; then echo_i "failed"; fi 2246status=$((status + ret)) 2247 2248n=$((n + 1)) 2249echo_i "waiting for secondary to sync up ($n)" 2250ret=0 2251wait_for_message ns2/named.run "catz: update_from_db: new zone merged" || ret=1 2252if [ $ret -ne 0 ]; then echo_i "failed"; fi 2253status=$((status + ret)) 2254 2255n=$((n + 1)) 2256echo_i "checking that dom15.example. is served by secondary ($n)" 2257ret=0 2258wait_for_soa @10.53.0.2 dom15.example. dig.out.test$n || ret=1 2259if [ $ret -ne 0 ]; then echo_i "failed"; fi 2260status=$((status + ret)) 2261 2262########################################################################## 2263echo_i "Testing custom properties version '1' and version '2' syntaxes" 2264n=$((n + 1)) 2265echo_i "checking that dom17.example. is not served by primary ($n)" 2266ret=0 2267wait_for_no_soa @10.53.0.1 dom17.example. dig.out.test$n || ret=1 2268if [ $ret -ne 0 ]; then echo_i "failed"; fi 2269status=$((status + ret)) 2270 2271n=$((n + 1)) 2272echo_i "checking that dom18.example. is not served by primary ($n)" 2273ret=0 2274wait_for_no_soa @10.53.0.1 dom18.example. dig.out.test$n || ret=1 2275if [ $ret -ne 0 ]; then echo_i "failed"; fi 2276status=$((status + ret)) 2277 2278n=$((n + 1)) 2279echo_i "adding domains dom17.example. and dom18.example. to primary ns1 via RNDC ($n)" 2280ret=0 2281echo "@ 3600 IN SOA . . 1 3600 3600 3600 3600" >ns1/dom17.example.db 2282echo "@ IN NS invalid." >>ns1/dom17.example.db 2283echo "@ IN A 192.0.2.1" >>ns1/dom17.example.db 2284rndccmd 10.53.0.1 addzone dom17.example. in default '{type primary; file "dom17.example.db";};' || ret=1 2285if [ $ret -ne 0 ]; then echo_i "failed"; fi 2286status=$((status + ret)) 2287echo "@ 3600 IN SOA . . 1 3600 3600 3600 3600" >ns1/dom18.example.db 2288echo "@ IN NS invalid." >>ns1/dom18.example.db 2289echo "@ IN A 192.0.2.1" >>ns1/dom18.example.db 2290rndccmd 10.53.0.1 addzone dom18.example. in default '{type primary; file "dom18.example.db";};' || ret=1 2291if [ $ret -ne 0 ]; then echo_i "failed"; fi 2292status=$((status + ret)) 2293 2294n=$((n + 1)) 2295echo_i "checking that dom17.example. is now served by primary ns1 ($n)" 2296ret=0 2297wait_for_soa @10.53.0.1 dom17.example. dig.out.test$n || ret=1 2298if [ $ret -ne 0 ]; then echo_i "failed"; fi 2299status=$((status + ret)) 2300 2301n=$((n + 1)) 2302echo_i "checking that dom18.example. is now served by primary ns1 ($n)" 2303ret=0 2304wait_for_soa @10.53.0.1 dom18.example. dig.out.test$n || ret=1 2305if [ $ret -ne 0 ]; then echo_i "failed"; fi 2306status=$((status + ret)) 2307 2308n=$((n + 1)) 2309echo_i "checking that dom17.example. is not served by primary ns3 ($n)" 2310ret=0 2311wait_for_no_soa @10.53.0.3 dom17.example. dig.out.test$n || ret=1 2312if [ $ret -ne 0 ]; then echo_i "failed"; fi 2313status=$((status + ret)) 2314 2315n=$((n + 1)) 2316echo_i "checking that dom18.example. is not served by primary ns3 ($n)" 2317ret=0 2318wait_for_no_soa @10.53.0.3 dom18.example. dig.out.test$n || ret=1 2319if [ $ret -ne 0 ]; then echo_i "failed"; fi 2320status=$((status + ret)) 2321 2322n=$((n + 1)) 2323echo_i "adding domains dom17.example. and dom18.example. to primary ns3 via RNDC ($n)" 2324ret=0 2325echo "@ 3600 IN SOA . . 1 3600 3600 3600 3600" >ns3/dom17.example.db 2326echo "@ IN NS invalid." >>ns3/dom17.example.db 2327echo "@ IN A 192.0.2.2" >>ns3/dom17.example.db 2328rndccmd 10.53.0.3 addzone dom17.example. '{type primary; file "dom17.example.db";};' || ret=1 2329if [ $ret -ne 0 ]; then echo_i "failed"; fi 2330status=$((status + ret)) 2331echo "@ 3600 IN SOA . . 1 3600 3600 3600 3600" >ns3/dom18.example.db 2332echo "@ IN NS invalid." >>ns3/dom18.example.db 2333echo "@ IN A 192.0.2.2" >>ns3/dom18.example.db 2334rndccmd 10.53.0.3 addzone dom18.example. '{type primary; file "dom18.example.db";};' || ret=1 2335if [ $ret -ne 0 ]; then echo_i "failed"; fi 2336status=$((status + ret)) 2337 2338n=$((n + 1)) 2339echo_i "checking that dom17.example. is now served by primary ns3 ($n)" 2340ret=0 2341wait_for_soa @10.53.0.3 dom17.example. dig.out.test$n || ret=1 2342if [ $ret -ne 0 ]; then echo_i "failed"; fi 2343status=$((status + ret)) 2344 2345n=$((n + 1)) 2346echo_i "checking that dom18.example. is now served by primary ns3 ($n)" 2347ret=0 2348wait_for_soa @10.53.0.3 dom17.example. dig.out.test$n || ret=1 2349if [ $ret -ne 0 ]; then echo_i "failed"; fi 2350status=$((status + ret)) 2351 2352nextpart ns2/named.run >/dev/null 2353 2354n=$((n + 1)) 2355echo_i "adding domains dom17.example. and dom18.example. to catalog1 zone with ns3 as custom primary using different custom properties syntax ($n)" 2356ret=0 2357$NSUPDATE -d <<END >>nsupdate.out.test$n 2>&1 || ret=1 2358 server 10.53.0.1 ${PORT} 2359 update add dom17.zones.catalog1.example. 3600 IN PTR dom17.example. 2360 update add dom18.zones.catalog1.example. 3600 IN PTR dom18.example. 2361 update add primaries.dom17.zones.catalog1.example. 3600 IN A 10.53.0.3 2362 update add primaries.ext.dom18.zones.catalog1.example. 3600 IN A 10.53.0.3 2363 send 2364END 2365if [ $ret -ne 0 ]; then echo_i "failed"; fi 2366status=$((status + ret)) 2367 2368n=$((n + 1)) 2369echo_i "waiting for secondary to sync up ($n)" 2370ret=0 2371wait_for_message ns2/named.run "catz: invalid record in catalog zone - primaries.dom17.zones.catalog1.example IN A (failure) - ignoring" \ 2372 && wait_for_message ns2/named.run "catz: adding zone 'dom17.example' from catalog 'catalog1.example'" \ 2373 && wait_for_message ns2/named.run "catz: adding zone 'dom18.example' from catalog 'catalog1.example'" \ 2374 && wait_for_message ns2/named.run "transfer of 'dom17.example/IN/default' from 10.53.0.1#${PORT}: Transfer status: success" \ 2375 && wait_for_message ns2/named.run "transfer of 'dom18.example/IN/default' from 10.53.0.3#${PORT}: Transfer status: success" || ret=1 2376if [ $ret -ne 0 ]; then echo_i "failed"; fi 2377status=$((status + ret)) 2378 2379# The "primaries" custom property for dom17.example. was added using the legacy 2380# syntax into a version 2 catalog1 zone, so we expect that it was ignored, no 2381# override of the default setting happened, and dom17.example. was transferred 2382# from the ns1 primary (the default). 2383n=$((n + 1)) 2384echo_i "checking that dom17.example. is served by secondary and that it's the one from ns1 ($n)" 2385ret=0 2386wait_for_a @10.53.0.2 dom17.example. dig.out.test$n || ret=1 2387grep "192.0.2.1" dig.out.test$n >/dev/null || ret=1 2388if [ $ret -ne 0 ]; then echo_i "failed"; fi 2389status=$((status + ret)) 2390 2391# The "primaries" custom property for dom18.example. was added using a supported 2392# syntax into a version 2 catalog1 zone, so we expect that it was processed, 2393# will override the default setting, and dom18.example. was transferred 2394# from the ns3 primary. 2395n=$((n + 1)) 2396echo_i "checking that dom18.example. is served by secondary and that it's the one from ns3 ($n)" 2397ret=0 2398wait_for_a @10.53.0.2 dom18.example. dig.out.test$n || ret=1 2399grep "192.0.2.2" dig.out.test$n >/dev/null || ret=1 2400if [ $ret -ne 0 ]; then echo_i "failed"; fi 2401status=$((status + ret)) 2402 2403nextpart ns2/named.run >/dev/null 2404 2405n=$((n + 1)) 2406echo_i "deleting domain dom17.example. and dom18.example. from catalog1 ($n)" 2407ret=0 2408$NSUPDATE -d <<END >>nsupdate.out.test$n 2>&1 || ret=1 2409 server 10.53.0.1 ${PORT} 2410 update delete dom17.zones.catalog1.example. 3600 IN PTR dom17.example. 2411 update delete dom18.zones.catalog1.example. 3600 IN PTR dom18.example. 2412 update delete primaries.dom17.zones.catalog1.example. 3600 IN A 10.53.0.3 2413 update delete primaries.ext.dom18.zones.catalog1.example. 3600 IN A 10.53.0.3 2414 send 2415END 2416if [ $ret -ne 0 ]; then echo_i "failed"; fi 2417status=$((status + ret)) 2418 2419n=$((n + 1)) 2420echo_i "waiting for secondary to sync up ($n)" 2421ret=0 2422wait_for_message ns2/named.run "catz: deleting zone 'dom17.example' from catalog 'catalog1.example' - success" \ 2423 && wait_for_message ns2/named.run "catz: deleting zone 'dom18.example' from catalog 'catalog1.example' - success" \ 2424 && wait_for_message ns2/named.run "zone_shutdown: zone dom17.example/IN/default: shutting down" \ 2425 && wait_for_message ns2/named.run "zone_shutdown: zone dom18.example/IN/default: shutting down" || ret=1 2426if [ $ret -ne 0 ]; then echo_i "failed"; fi 2427status=$((status + ret)) 2428 2429n=$((n + 1)) 2430echo_i "checking that dom17.example. is not served by secondary ($n)" 2431ret=0 2432wait_for_no_soa @10.53.0.2 dom17.example. dig.out.test$n || ret=1 2433if [ $ret -ne 0 ]; then echo_i "failed"; fi 2434status=$((status + ret)) 2435 2436n=$((n + 1)) 2437echo_i "checking that dom18.example. is not served by secondary ($n)" 2438ret=0 2439wait_for_no_soa @10.53.0.2 dom18.example. dig.out.test$n || ret=1 2440if [ $ret -ne 0 ]; then echo_i "failed"; fi 2441status=$((status + ret)) 2442 2443nextpart ns2/named.run >/dev/null 2444 2445n=$((n + 1)) 2446echo_i "adding domains dom17.example. and dom18.example. to catalog2 zone with ns3 as custom primary using different custom properties syntax ($n)" 2447ret=0 2448$NSUPDATE -d <<END >>nsupdate.out.test$n 2>&1 || ret=1 2449 server 10.53.0.3 ${PORT} 2450 update add dom17.zones.catalog2.example. 3600 IN PTR dom17.example. 2451 update add dom18.zones.catalog2.example. 3600 IN PTR dom18.example. 2452 update add primaries.dom17.zones.catalog2.example. 3600 IN A 10.53.0.3 2453 update add primaries.ext.dom18.zones.catalog2.example. 3600 IN A 10.53.0.3 2454 send 2455END 2456if [ $ret -ne 0 ]; then echo_i "failed"; fi 2457status=$((status + ret)) 2458 2459n=$((n + 1)) 2460echo_i "waiting for secondary to sync up ($n)" 2461ret=0 2462wait_for_message ns2/named.run "catz: invalid record in catalog zone - primaries.ext.dom18.zones.catalog2.example IN A (failure) - ignoring" \ 2463 && wait_for_message ns2/named.run "catz: adding zone 'dom17.example' from catalog 'catalog2.example'" \ 2464 && wait_for_message ns2/named.run "catz: adding zone 'dom18.example' from catalog 'catalog2.example'" \ 2465 && wait_for_message ns2/named.run "transfer of 'dom17.example/IN/default' from 10.53.0.3#${PORT}: Transfer status: success" \ 2466 && wait_for_message ns2/named.run "transfer of 'dom18.example/IN/default' from 10.53.0.1#${EXTRAPORT1}: Transfer status: success" || ret=1 2467if [ $ret -ne 0 ]; then echo_i "failed"; fi 2468status=$((status + ret)) 2469 2470# The "primaries" custom property for dom17.example. was added using a supported 2471# syntax into a version 1 catalog1 zone, so we expect that it was processed, 2472# will override the default setting, and dom17.example. was transferred 2473# from the ns3 primary. 2474n=$((n + 1)) 2475echo_i "checking that dom17.example. is served by secondary and that it's the one from ns3 ($n)" 2476ret=0 2477wait_for_a @10.53.0.2 dom17.example. dig.out.test$n || ret=1 2478grep "192.0.2.2" dig.out.test$n >/dev/null || ret=1 2479if [ $ret -ne 0 ]; then echo_i "failed"; fi 2480status=$((status + ret)) 2481 2482# The "primaries" custom property for dom18.example. was added using the new 2483# syntax into a version 1 catalog1 zone, so we expect that it was ignored, no 2484# override of the default setting happened, and dom18.example. was transferred 2485# from the ns1 primary (the default). 2486n=$((n + 1)) 2487echo_i "checking that dom18.example. is served by secondary and that it's the one from ns1 ($n)" 2488ret=0 2489wait_for_a @10.53.0.2 dom18.example. dig.out.test$n || ret=1 2490grep "192.0.2.1" dig.out.test$n >/dev/null || ret=1 2491if [ $ret -ne 0 ]; then echo_i "failed"; fi 2492status=$((status + ret)) 2493 2494nextpart ns2/named.run >/dev/null 2495 2496n=$((n + 1)) 2497echo_i "deleting domain dom17.example. and dom18.example. from catalog2 ($n)" 2498ret=0 2499$NSUPDATE -d <<END >>nsupdate.out.test$n 2>&1 || ret=1 2500 server 10.53.0.3 ${PORT} 2501 update delete dom17.zones.catalog2.example. 3600 IN PTR dom17.example. 2502 update delete dom18.zones.catalog2.example. 3600 IN PTR dom18.example. 2503 update delete primaries.dom17.zones.catalog2.example. 3600 IN A 10.53.0.3 2504 update delete primaries.ext.dom18.zones.catalog2.example. 3600 IN A 10.53.0.3 2505 send 2506END 2507if [ $ret -ne 0 ]; then echo_i "failed"; fi 2508status=$((status + ret)) 2509 2510n=$((n + 1)) 2511echo_i "waiting for secondary to sync up ($n)" 2512ret=0 2513wait_for_message ns2/named.run "catz: deleting zone 'dom17.example' from catalog 'catalog2.example' - success" \ 2514 && wait_for_message ns2/named.run "catz: deleting zone 'dom18.example' from catalog 'catalog2.example' - success" \ 2515 && wait_for_message ns2/named.run "zone_shutdown: zone dom17.example/IN/default: shutting down" \ 2516 && wait_for_message ns2/named.run "zone_shutdown: zone dom18.example/IN/default: shutting down" || ret=1 2517if [ $ret -ne 0 ]; then echo_i "failed"; fi 2518status=$((status + ret)) 2519 2520n=$((n + 1)) 2521echo_i "checking that dom17.example. is not served by secondary ($n)" 2522ret=0 2523wait_for_no_soa @10.53.0.2 dom17.example. dig.out.test$n || ret=1 2524if [ $ret -ne 0 ]; then echo_i "failed"; fi 2525status=$((status + ret)) 2526 2527n=$((n + 1)) 2528echo_i "checking that dom18.example. is not served by secondary ($n)" 2529ret=0 2530wait_for_no_soa @10.53.0.2 dom18.example. dig.out.test$n || ret=1 2531if [ $ret -ne 0 ]; then echo_i "failed"; fi 2532status=$((status + ret)) 2533 2534########################################################################## 2535n=$((n + 1)) 2536echo_i "checking that reconfig can delete and restore catalog zone configuration ($n)" 2537ret=0 2538copy_setports ns2/named2.conf.in ns2/named.conf 2539rndccmd 10.53.0.2 reconfig || ret=1 2540copy_setports ns2/named1.conf.in ns2/named.conf 2541rndccmd 10.53.0.2 reconfig || ret=1 2542if [ $ret -ne 0 ]; then echo_i "failed"; fi 2543status=$((status + ret)) 2544 2545######################################################################### 2546 2547nextpart ns2/named.run >/dev/null 2548 2549n=$((n + 1)) 2550echo_i "Adding a dom19.example. to primary via RNDC ($n)" 2551ret=0 2552# enough initial content for IXFR response when TXT record is added below 2553echo "@ 3600 IN SOA . . 1 3600 3600 3600 3600" >ns1/dom19.example.db 2554echo "@ 3600 IN NS invalid." >>ns1/dom19.example.db 2555echo "foo 3600 IN TXT some content here" >>ns1/dom19.example.db 2556echo "bar 3600 IN TXT some content here" >>ns1/dom19.example.db 2557echo "xxx 3600 IN TXT some content here" >>ns1/dom19.example.db 2558echo "yyy 3600 IN TXT some content here" >>ns1/dom19.example.db 2559rndccmd 10.53.0.1 addzone dom19.example. in default '{ type primary; file "dom19.example.db"; allow-transfer { key tsig_key; }; allow-update { any; }; notify explicit; also-notify { 10.53.0.2; }; };' || ret=1 2560if [ $ret -ne 0 ]; then echo_i "failed"; fi 2561status=$((status + ret)) 2562 2563n=$((n + 1)) 2564echo_i "add an entry to the restored catalog zone ($n)" 2565ret=0 2566$NSUPDATE -d <<END >>nsupdate.out.test$n 2>&1 || ret=1 2567 server 10.53.0.1 ${PORT} 2568 update add 09da0a318e5333a9a7f6c14c385d69f6933e8b72.zones.catalog1.example. 3600 IN PTR dom19.example. 2569 update add label1.primaries.ext.09da0a318e5333a9a7f6c14c385d69f6933e8b72.zones.catalog1.example. 3600 IN A 10.53.0.1 2570 update add label1.primaries.ext.09da0a318e5333a9a7f6c14c385d69f6933e8b72.zones.catalog1.example. 3600 IN TXT "tsig_key" 2571 send 2572END 2573if [ $ret -ne 0 ]; then echo_i "failed"; fi 2574status=$((status + ret)) 2575 2576n=$((n + 1)) 2577echo_i "waiting for secondary to sync up ($n)" 2578ret=0 2579wait_for_message ns2/named.run "catz: adding zone 'dom19.example' from catalog 'catalog1.example'" \ 2580 && wait_for_message ns2/named.run "transfer of 'dom19.example/IN/default' from 10.53.0.1#${PORT}: Transfer status: success" || ret=1 2581if [ $ret -ne 0 ]; then echo_i "failed"; fi 2582status=$((status + ret)) 2583 2584########################################################################## 2585n=$((n + 1)) 2586echo_i "Adding a domain tls1.example. to primary via RNDC ($n)" 2587ret=0 2588# enough initial content for IXFR response when TXT record is added below 2589echo "@ 3600 IN SOA . . 1 3600 3600 3600 3600" >ns1/tls1.example.db 2590echo "@ 3600 IN NS invalid." >>ns1/tls1.example.db 2591echo "foo 3600 IN TXT some content here" >>ns1/tls1.example.db 2592echo "bar 3600 IN TXT some content here" >>ns1/tls1.example.db 2593echo "xxx 3600 IN TXT some content here" >>ns1/tls1.example.db 2594echo "yyy 3600 IN TXT some content here" >>ns1/tls1.example.db 2595rndccmd 10.53.0.1 addzone tls1.example. in default '{ type primary; file "tls1.example.db"; allow-transfer transport tls { key tsig_key; }; allow-update { any; }; notify explicit; also-notify { 10.53.0.4; }; };' || ret=1 2596if [ $ret -ne 0 ]; then echo_i "failed"; fi 2597status=$((status + ret)) 2598 2599n=$((n + 1)) 2600echo_i "checking that tls1.example. is now served by primary ($n)" 2601ret=0 2602wait_for_soa @10.53.0.1 tls1.example. dig.out.test$n || ret=1 2603if [ $ret -ne 0 ]; then echo_i "failed"; fi 2604status=$((status + ret)) 2605 2606nextpart ns4/named.run >/dev/null 2607 2608n=$((n + 1)) 2609echo_i "Adding domain tls1.example. to catalog-tls zone ($n)" 2610ret=0 2611$NSUPDATE -d <<END >>nsupdate.out.test$n 2>&1 || ret=1 2612 server 10.53.0.1 ${PORT} 2613 update add 1ba056ba375209a66a2c9a0617b1df714b998112.zones.catalog-tls.example. 3600 IN PTR tls1.example. 2614 send 2615END 2616if [ $ret -ne 0 ]; then echo_i "failed"; fi 2617status=$((status + ret)) 2618 2619n=$((n + 1)) 2620echo_i "waiting for secondary to sync up ($n)" 2621ret=0 2622wait_for_message ns4/named.run "catz: adding zone 'tls1.example' from catalog 'catalog-tls.example'" \ 2623 && wait_for_message ns4/named.run "transfer of 'tls1.example/IN' from 10.53.0.1#${TLSPORT}: Transfer status: success" || ret=1 2624if [ $ret -ne 0 ]; then echo_i "failed"; fi 2625status=$((status + ret)) 2626 2627n=$((n + 1)) 2628echo_i "checking that tls1.example. is served by secondary ($n)" 2629ret=0 2630wait_for_soa @10.53.0.4 tls1.example. dig.out.test$n || ret=1 2631if [ $ret -ne 0 ]; then echo_i "failed"; fi 2632status=$((status + ret)) 2633 2634########################################################################## 2635# GL #3777 2636nextpart ns4/named.run >/dev/null 2637 2638n=$((n + 1)) 2639echo_i "Adding domain self.example. to catalog-self zone without updating the serial ($n)" 2640ret=0 2641echo "self.zones.catalog-self.example. 3600 IN PTR self.example." >>ns4/catalog-self.example.db 2642rndccmd 10.53.0.4 reload || ret=1 2643 2644n=$((n + 1)) 2645echo_i "Issuing another rndc reload command after 1 second ($n)" 2646sleep 1 2647rndccmd 10.53.0.4 reload || ret=1 2648if [ $ret -ne 0 ]; then echo_i "failed"; fi 2649status=$((status + ret)) 2650 2651########################################################################## 2652echo_i "exit status: $status" 2653[ $status -eq 0 ] || exit 1 2654