1#!/bin/sh 2# 3# Copyright (C) Internet Systems Consortium, Inc. ("ISC") 4# 5# This Source Code Form is subject to the terms of the Mozilla Public 6# License, v. 2.0. If a copy of the MPL was not distributed with this 7# file, You can obtain one at http://mozilla.org/MPL/2.0/. 8# 9# See the COPYRIGHT file distributed with this work for additional 10# information regarding copyright ownership. 11 12# shellcheck source=conf.sh 13SYSTEMTESTTOP=.. 14. "$SYSTEMTESTTOP/conf.sh" 15 16set -e 17 18status=0 19n=0 20 21sendcmd() { 22 "$PERL" "$SYSTEMTESTTOP/send.pl" "${1}" "$EXTRAPORT1" 23} 24 25dig_with_opts() { 26 "$DIG" -p "$PORT" "$@" 27} 28 29mdig_with_opts() { 30 "$MDIG" -p "$PORT" "$@" 31} 32 33# Check if response in file $1 has the correct TTL range. 34# The response record must have RRtype $2 and class IN (CLASS1). 35# Maximum TTL is given by $3. This works in most cases where TTL is 36# the second word on the line. TTL position can be adjusted with 37# setting the position $4, but that requires updating this function. 38check_ttl_range() { 39 file=$1 40 pos=$4 41 42 case "$pos" in 43 "3") 44 awk -v rrtype="$2" -v ttl="$3" '($4 == "IN" || $4 == "CLASS1" ) && $5 == rrtype { if ($3 <= ttl) { ok=1 } } END { exit(ok?0:1) }' < $file 45 ;; 46 *) 47 awk -v rrtype="$2" -v ttl="$3" '($3 == "IN" || $3 == "CLASS1" ) && $4 == rrtype { if ($2 <= ttl) { ok=1 } } END { exit(ok?0:1) }' < $file 48 ;; 49 esac 50 51 result=$? 52 [ $result -eq 0 ] || echo_i "ttl check failed" 53 return $result 54} 55 56# using delv insecure mode as not testing dnssec here 57delv_with_opts() { 58 "$DELV" +noroot +nodlv -p "$PORT" "$@" 59} 60 61KEYID="$(cat ns2/keyid)" 62KEYDATA="$(< ns2/keydata sed -e 's/+/[+]/g')" 63NOSPLIT="$(< ns2/keydata sed -e 's/+/[+]/g' -e 's/ //g')" 64 65if [ -x "$DIG" ] ; then 66 n=$((n+1)) 67 echo_i "checking dig short form works ($n)" 68 ret=0 69 dig_with_opts @10.53.0.3 +short a a.example > dig.out.test$n || ret=1 70 test "$(wc -l < dig.out.test$n)" -eq 1 || ret=1 71 if [ $ret -ne 0 ]; then echo_i "failed"; fi 72 status=$((status+ret)) 73 74 n=$((n+1)) 75 echo_i "checking dig split width works ($n)" 76 ret=0 77 dig_with_opts @10.53.0.3 +split=4 -t sshfp foo.example > dig.out.test$n || ret=1 78 grep " 9ABC DEF6 7890 " < dig.out.test$n > /dev/null || ret=1 79 check_ttl_range dig.out.test$n "SSHFP" 300 || ret=1 80 if [ $ret -ne 0 ]; then echo_i "failed"; fi 81 status=$((status+ret)) 82 83 n=$((n+1)) 84 echo_i "checking dig +unknownformat works ($n)" 85 ret=0 86 dig_with_opts @10.53.0.3 +unknownformat a a.example > dig.out.test$n || ret=1 87 grep "CLASS1[ ][ ]*TYPE1[ ][ ]*\\\\# 4 0A000001" < dig.out.test$n > /dev/null || ret=1 88 check_ttl_range dig.out.test$n "TYPE1" 300 || ret=1 89 if [ $ret -ne 0 ]; then echo_i "failed"; fi 90 status=$((status+ret)) 91 92 n=$((n+1)) 93 echo_i "checking dig with reverse lookup works ($n)" 94 ret=0 95 dig_with_opts @10.53.0.3 -x 127.0.0.1 > dig.out.test$n 2>&1 || ret=1 96 # doesn't matter if has answer 97 grep -i "127\\.in-addr\\.arpa\\." < dig.out.test$n > /dev/null || ret=1 98 check_ttl_range dig.out.test$n "SOA" 86400 || ret=1 99 if [ $ret -ne 0 ]; then echo_i "failed"; fi 100 status=$((status+ret)) 101 102 n=$((n+1)) 103 echo_i "checking dig over TCP works ($n)" 104 ret=0 105 dig_with_opts +tcp @10.53.0.3 a a.example > dig.out.test$n || ret=1 106 grep "10\\.0\\.0\\.1$" < dig.out.test$n > /dev/null || ret=1 107 check_ttl_range dig.out.test$n "A" 300 || ret=1 108 if [ $ret -ne 0 ]; then echo_i "failed"; fi 109 status=$((status+ret)) 110 111 n=$((n+1)) 112 echo_i "checking dig +multi +norrcomments works for DNSKEY (when default is rrcomments)($n)" 113 ret=0 114 dig_with_opts +tcp @10.53.0.3 +multi +norrcomments -t DNSKEY dnskey.example > dig.out.test$n || ret=1 115 grep "; ZSK; alg = $DEFAULT_ALGORITHM ; key id = $KEYID" dig.out.test$n > /dev/null && ret=1 116 check_ttl_range dig.out.test$n "DNSKEY" 300 || ret=1 117 if [ $ret -ne 0 ]; then echo_i "failed"; fi 118 status=$((status+ret)) 119 120 n=$((n+1)) 121 echo_i "checking dig +multi +norrcomments works for SOA (when default is rrcomments)($n)" 122 ret=0 123 dig_with_opts +tcp @10.53.0.3 +multi +norrcomments -t SOA example > dig.out.test$n || ret=1 124 grep "; serial" dig.out.test$n > /dev/null && ret=1 125 check_ttl_range dig.out.test$n "SOA" 300 || ret=1 126 if [ $ret -ne 0 ]; then echo_i "failed"; fi 127 status=$((status+ret)) 128 129 n=$((n+1)) 130 echo_i "checking dig +rrcomments works for DNSKEY($n)" 131 ret=0 132 dig_with_opts +tcp @10.53.0.3 +rrcomments DNSKEY dnskey.example > dig.out.test$n || ret=1 133 grep "; ZSK; alg = $DEFAULT_ALGORITHM ; key id = $KEYID" < dig.out.test$n > /dev/null || ret=1 134 check_ttl_range dig.out.test$n "DNSKEY" 300 || ret=1 135 if [ $ret -ne 0 ]; then echo_i "failed"; fi 136 status=$((status+ret)) 137 138 n=$((n+1)) 139 echo_i "checking dig +short +rrcomments works for DNSKEY ($n)" 140 ret=0 141 dig_with_opts +tcp @10.53.0.3 +short +rrcomments DNSKEY dnskey.example > dig.out.test$n || ret=1 142 grep "; ZSK; alg = $DEFAULT_ALGORITHM ; key id = $KEYID" < dig.out.test$n > /dev/null || ret=1 143 if [ $ret -ne 0 ]; then echo_i "failed"; fi 144 status=$((status+ret)) 145 146 n=$((n+1)) 147 echo_i "checking dig +short +nosplit works($n)" 148 ret=0 149 dig_with_opts +tcp @10.53.0.3 +short +nosplit DNSKEY dnskey.example > dig.out.test$n || ret=1 150 grep "$NOSPLIT" < dig.out.test$n > /dev/null || ret=1 151 if [ $ret -ne 0 ]; then echo_i "failed"; fi 152 status=$((status+ret)) 153 154 n=$((n+1)) 155 echo_i "checking dig +short +rrcomments works($n)" 156 ret=0 157 dig_with_opts +tcp @10.53.0.3 +short +rrcomments DNSKEY dnskey.example > dig.out.test$n || ret=1 158 grep -q "$KEYDATA ; ZSK; alg = $DEFAULT_ALGORITHM ; key id = $KEYID\$" < dig.out.test$n || ret=1 159 if [ $ret -ne 0 ]; then echo_i "failed"; fi 160 status=$((status+ret)) 161 162 n=$((n+1)) 163 echo_i "checking dig multi flag is local($n)" 164 ret=0 165 dig_with_opts +tcp @10.53.0.3 -t DNSKEY dnskey.example +nomulti dnskey.example +nomulti > dig.out.nn.$n || ret=1 166 dig_with_opts +tcp @10.53.0.3 -t DNSKEY dnskey.example +multi dnskey.example +nomulti > dig.out.mn.$n || ret=1 167 dig_with_opts +tcp @10.53.0.3 -t DNSKEY dnskey.example +nomulti dnskey.example +multi > dig.out.nm.$n || ret=1 168 dig_with_opts +tcp @10.53.0.3 -t DNSKEY dnskey.example +multi dnskey.example +multi > dig.out.mm.$n || ret=1 169 lcnn=$(wc -l < dig.out.nn.$n) 170 lcmn=$(wc -l < dig.out.mn.$n) 171 lcnm=$(wc -l < dig.out.nm.$n) 172 lcmm=$(wc -l < dig.out.mm.$n) 173 test "$lcmm" -ge "$lcnm" || ret=1 174 test "$lcmm" -ge "$lcmn" || ret=1 175 test "$lcnm" -ge "$lcnn" || ret=1 176 test "$lcmn" -ge "$lcnn" || ret=1 177 check_ttl_range dig.out.nn.$n "DNSKEY" 300 || ret=1 178 check_ttl_range dig.out.mn.$n "DNSKEY" 300 || ret=1 179 check_ttl_range dig.out.nm.$n "DNSKEY" 300 || ret=1 180 check_ttl_range dig.out.mm.$n "DNSKEY" 300 || ret=1 181 if [ $ret -ne 0 ]; then echo_i "failed"; fi 182 status=$((status+ret)) 183 184 n=$((n+1)) 185 echo_i "checking dig +noheader-only works ($n)" 186 ret=0 187 dig_with_opts +tcp @10.53.0.3 +noheader-only A example > dig.out.test$n || ret=1 188 grep "Got answer:" < dig.out.test$n > /dev/null || ret=1 189 check_ttl_range dig.out.test$n "SOA" 300 || ret=1 190 if [ $ret -ne 0 ]; then echo_i "failed"; fi 191 status=$((status+ret)) 192 193 n=$((n+1)) 194 echo_i "checking dig +short +rrcomments works($n)" 195 ret=0 196 dig_with_opts +tcp @10.53.0.3 +short +rrcomments DNSKEY dnskey.example > dig.out.test$n || ret=1 197 grep -q "$KEYDATA ; ZSK; alg = $DEFAULT_ALGORITHM ; key id = $KEYID\$" < dig.out.test$n || ret=1 198 if [ $ret -ne 0 ]; then echo_i "failed"; fi 199 status=$((status+ret)) 200 201 n=$((n+1)) 202 echo_i "checking dig +header-only works ($n)" 203 ret=0 204 dig_with_opts +tcp @10.53.0.3 +header-only example > dig.out.test$n || ret=1 205 grep "^;; flags: qr rd; QUERY: 0, ANSWER: 0," < dig.out.test$n > /dev/null || ret=1 206 grep "^;; QUESTION SECTION:" < dig.out.test$n > /dev/null && ret=1 207 if [ $ret -ne 0 ]; then echo_i "failed"; fi 208 status=$((status+ret)) 209 210 n=$((n+1)) 211 echo_i "checking dig +raflag works ($n)" 212 ret=0 213 dig_with_opts +tcp @10.53.0.3 +raflag +qr example > dig.out.test$n || ret=1 214 grep "^;; flags: rd ra ad; QUERY: 1, ANSWER: 0," < dig.out.test$n > /dev/null || ret=1 215 grep "^;; flags: qr rd ra; QUERY: 1, ANSWER: 0," < dig.out.test$n > /dev/null || ret=1 216 check_ttl_range dig.out.test$n "SOA" 300 || ret=1 217 if [ $ret -ne 0 ]; then echo_i "failed"; fi 218 status=$((status+ret)) 219 220 n=$((n+1)) 221 echo_i "checking dig +tcflag works ($n)" 222 ret=0 223 dig_with_opts +tcp @10.53.0.3 +tcflag +qr example > dig.out.test$n || ret=1 224 grep "^;; flags: tc rd ad; QUERY: 1, ANSWER: 0" < dig.out.test$n > /dev/null || ret=1 225 grep "^;; flags: qr rd ra; QUERY: 1, ANSWER: 0," < dig.out.test$n > /dev/null || ret=1 226 check_ttl_range dig.out.test$n "SOA" 300 || ret=1 227 if [ $ret -ne 0 ]; then echo_i "failed"; fi 228 status=$((status+ret)) 229 230 n=$((n+1)) 231 echo_i "checking dig +header-only works (with class and type set) ($n)" 232 ret=0 233 dig_with_opts +tcp @10.53.0.3 +header-only -c IN -t A example > dig.out.test$n || ret=1 234 grep "^;; flags: qr rd; QUERY: 0, ANSWER: 0," < dig.out.test$n > /dev/null || ret=1 235 grep "^;; QUESTION SECTION:" < dig.out.test$n > /dev/null && ret=1 236 if [ $ret -ne 0 ]; then echo_i "failed"; fi 237 status=$((status+ret)) 238 239 n=$((n+1)) 240 echo_i "checking dig +zflag works, and that BIND properly ignores it ($n)" 241 ret=0 242 dig_with_opts +tcp @10.53.0.3 +zflag +qr A example > dig.out.test$n || ret=1 243 sed -n '/Sending:/,/Got answer:/p' dig.out.test$n | grep "^;; flags: rd ad; MBZ: 0x4;" > /dev/null || ret=1 244 sed -n '/Got answer:/,/AUTHORITY SECTION:/p' dig.out.test$n | grep "^;; flags: qr rd ra; QUERY: 1" > /dev/null || ret=1 245 check_ttl_range dig.out.test$n "SOA" 300 || ret=1 246 if [ $ret -ne 0 ]; then echo_i "failed"; fi 247 status=$((status+ret)) 248 249 n=$((n+1)) 250 echo_i "checking dig +qr +ednsopt=08 does not cause an INSIST failure ($n)" 251 ret=0 252 dig_with_opts @10.53.0.3 +ednsopt=08 +qr a a.example > dig.out.test$n || ret=1 253 grep "INSIST" < dig.out.test$n > /dev/null && ret=1 254 grep "FORMERR" < dig.out.test$n > /dev/null || ret=1 255 if [ $ret -ne 0 ]; then echo_i "failed"; fi 256 status=$((status+ret)) 257 258 n=$((n+1)) 259 echo_i "checking dig +ttlunits works ($n)" 260 ret=0 261 dig_with_opts +tcp @10.53.0.2 +ttlunits A weeks.example > dig.out.test$n || ret=1 262 grep "^weeks.example. 3w" < dig.out.test$n > /dev/null || ret=1 263 dig_with_opts +tcp @10.53.0.2 +ttlunits A days.example > dig.out.test$n || ret=1 264 grep "^days.example. 3d" < dig.out.test$n > /dev/null || ret=1 265 dig_with_opts +tcp @10.53.0.2 +ttlunits A hours.example > dig.out.test$n || ret=1 266 grep "^hours.example. 3h" < dig.out.test$n > /dev/null || ret=1 267 dig_with_opts +tcp @10.53.0.2 +ttlunits A minutes.example > dig.out.test$n || ret=1 268 grep "^minutes.example. 45m" < dig.out.test$n > /dev/null || ret=1 269 dig_with_opts +tcp @10.53.0.2 +ttlunits A seconds.example > dig.out.test$n || ret=1 270 grep "^seconds.example. 45s" < dig.out.test$n > /dev/null || ret=1 271 if [ $ret -ne 0 ]; then echo_i "failed"; fi 272 status=$((status+ret)) 273 274 n=$((n+1)) 275 echo_i "checking dig respects precedence of options with +ttlunits ($n)" 276 ret=0 277 dig_with_opts +tcp @10.53.0.2 +ttlunits +nottlid A weeks.example > dig.out.test$n || ret=1 278 grep "^weeks.example. IN" < dig.out.test$n > /dev/null || ret=1 279 dig_with_opts +tcp @10.53.0.2 +nottlid +ttlunits A weeks.example > dig.out.test$n || ret=1 280 grep "^weeks.example. 3w" < dig.out.test$n > /dev/null || ret=1 281 dig_with_opts +tcp @10.53.0.2 +nottlid +nottlunits A weeks.example > dig.out.test$n || ret=1 282 grep "^weeks.example. 1814400" < dig.out.test$n > /dev/null || ret=1 283 if [ $ret -ne 0 ]; then echo_i "failed"; fi 284 status=$((status+ret)) 285 286 n=$((n+1)) 287 echo_i "checking dig preserves origin on TCP retries ($n)" 288 ret=0 289 # Ask ans4 to still accept TCP connections, but not respond to queries 290 echo "//" | sendcmd 10.53.0.4 291 dig_with_opts -d +tcp @10.53.0.4 +retry=1 +time=1 +domain=bar foo > dig.out.test$n 2>&1 && ret=1 292 test "$(grep -c "trying origin bar" dig.out.test$n)" -eq 2 || ret=1 293 grep "using root origin" < dig.out.test$n > /dev/null && ret=1 294 if [ $ret -ne 0 ]; then echo_i "failed"; fi 295 status=$((status+ret)) 296 297 n=$((n+1)) 298 echo_i "checking dig -6 -4 ($n)" 299 ret=0 300 dig_with_opts +tcp @10.53.0.2 -4 -6 A a.example > dig.out.test$n 2>&1 && ret=1 301 grep "only one of -4 and -6 allowed" < dig.out.test$n > /dev/null || ret=1 302 if [ $ret -ne 0 ]; then echo_i "failed"; fi 303 status=$((status+ret)) 304 305 n=$((n+1)) 306 echo_i "checking dig @IPv6addr -4 A a.example ($n)" 307 if testsock6 fd92:7065:b8e:ffff::2 2>/dev/null 308 then 309 ret=0 310 dig_with_opts +tcp @fd92:7065:b8e:ffff::2 -4 A a.example > dig.out.test$n 2>&1 && ret=1 311 grep "address family not supported" < dig.out.test$n > /dev/null || ret=1 312 if [ $ret -ne 0 ]; then echo_i "failed"; fi 313 status=$((status+ret)) 314 else 315 echo_i "IPv6 unavailable; skipping" 316 fi 317 318 n=$((n+1)) 319 echo_i "checking dig @IPv4addr -6 +mapped A a.example ($n)" 320 if testsock6 fd92:7065:b8e:ffff::2 2>/dev/null && [ "$(uname -s)" != "OpenBSD" ] 321 then 322 ret=0 323 ret=0 324 dig_with_opts +tcp @10.53.0.2 -6 +mapped A a.example > dig.out.test$n 2>&1 || ret=1 325 grep "SERVER: ::ffff:10.53.0.2#$PORT" < dig.out.test$n > /dev/null || ret=1 326 if [ $ret -ne 0 ]; then echo_i "failed"; fi 327 status=$((status+ret)) 328 else 329 echo_i "IPv6 or IPv4-to-IPv6 mapping unavailable; skipping" 330 fi 331 332 n=$((n+1)) 333 echo_i "checking dig +tcp @IPv4addr -6 +nomapped A a.example ($n)" 334 if testsock6 fd92:7065:b8e:ffff::2 2>/dev/null 335 then 336 ret=0 337 ret=0 338 dig_with_opts +tcp @10.53.0.2 -6 +nomapped A a.example > dig.out.test$n 2>&1 || ret=1 339 grep "SERVER: ::ffff:10.53.0.2#$PORT" < dig.out.test$n > /dev/null && ret=1 340 if [ $ret -ne 0 ]; then echo_i "failed"; fi 341 status=$((status+ret)) 342 else 343 echo_i "IPv6 unavailable; skipping" 344 fi 345 n=$((n+1)) 346 347 echo_i "checking dig +notcp @IPv4addr -6 +nomapped A a.example ($n)" 348 if testsock6 fd92:7065:b8e:ffff::2 2>/dev/null 349 then 350 ret=0 351 ret=0 352 dig_with_opts +notcp @10.53.0.2 -6 +nomapped A a.example > dig.out.test$n 2>&1 || ret=1 353 grep "SERVER: ::ffff:10.53.0.2#$PORT" < dig.out.test$n > /dev/null && ret=1 354 if [ $ret -ne 0 ]; then echo_i "failed"; fi 355 status=$((status+ret)) 356 else 357 echo_i "IPv6 unavailable; skipping" 358 fi 359 360 n=$((n+1)) 361 echo_i "checking dig +subnet ($n)" 362 ret=0 363 dig_with_opts +tcp @10.53.0.2 +subnet=127.0.0.1 A a.example > dig.out.test$n 2>&1 || ret=1 364 grep "CLIENT-SUBNET: 127.0.0.1/32/0" < dig.out.test$n > /dev/null || ret=1 365 check_ttl_range dig.out.test$n "A" 300 || ret=1 366 if [ $ret -ne 0 ]; then echo_i "failed"; fi 367 status=$((status+ret)) 368 369 n=$((n+1)) 370 echo_i "checking dig +subnet +subnet ($n)" 371 ret=0 372 dig_with_opts +tcp @10.53.0.2 +subnet=127.0.0.0 +subnet=127.0.0.1 A a.example > dig.out.test$n 2>&1 || ret=1 373 grep "CLIENT-SUBNET: 127.0.0.1/32/0" < dig.out.test$n > /dev/null || ret=1 374 check_ttl_range dig.out.test$n "A" 300 || ret=1 375 if [ $ret -ne 0 ]; then echo_i "failed"; fi 376 status=$((status+ret)) 377 378 n=$((n+1)) 379 echo_i "checking dig +subnet with various prefix lengths ($n)" 380 ret=0 381 for i in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24; do 382 dig_with_opts +tcp @10.53.0.2 +subnet=255.255.255.255/$i A a.example > dig.out.$i.test$n 2>&1 || ret=1 383 case $i in 384 1|9|17) octet=128 ;; 385 2|10|18) octet=192 ;; 386 3|11|19) octet=224 ;; 387 4|12|20) octet=240 ;; 388 5|13|21) octet=248 ;; 389 6|14|22) octet=252 ;; 390 7|15|23) octet=254 ;; 391 8|16|24) octet=255 ;; 392 esac 393 case $i in 394 1|2|3|4|5|6|7|8) addr="${octet}.0.0.0";; 395 9|10|11|12|13|14|15|16) addr="255.${octet}.0.0";; 396 17|18|19|20|21|22|23|24) addr="255.255.${octet}.0" ;; 397 esac 398 grep "FORMERR" < dig.out.$i.test$n > /dev/null && ret=1 399 grep "CLIENT-SUBNET: $addr/$i/0" < dig.out.$i.test$n > /dev/null || ret=1 400 check_ttl_range dig.out.$i.test$n "A" 300 || ret=1 401 done 402 if [ $ret -ne 0 ]; then echo_i "failed"; fi 403 status=$((status+ret)) 404 405 n=$((n+1)) 406 echo_i "checking dig +subnet=0/0 ($n)" 407 ret=0 408 dig_with_opts +tcp @10.53.0.2 +subnet=0/0 A a.example > dig.out.test$n 2>&1 || ret=1 409 grep "status: NOERROR" < dig.out.test$n > /dev/null || ret=1 410 grep "CLIENT-SUBNET: 0.0.0.0/0/0" < dig.out.test$n > /dev/null || ret=1 411 grep "10.0.0.1" < dig.out.test$n > /dev/null || ret=1 412 check_ttl_range dig.out.test$n "A" 300 || ret=1 413 if [ $ret -ne 0 ]; then echo_i "failed"; fi 414 status=$((status+ret)) 415 416 n=$((n+1)) 417 echo_i "checking dig +subnet=0 ($n)" 418 ret=0 419 dig_with_opts +tcp @10.53.0.2 +subnet=0 A a.example > dig.out.test$n 2>&1 || ret=1 420 grep "status: NOERROR" < dig.out.test$n > /dev/null || ret=1 421 grep "CLIENT-SUBNET: 0.0.0.0/0/0" < dig.out.test$n > /dev/null || ret=1 422 grep "10.0.0.1" < dig.out.test$n > /dev/null || ret=1 423 check_ttl_range dig.out.test$n "A" 300 || ret=1 424 if [ $ret -ne 0 ]; then echo_i "failed"; fi 425 status=$((status+ret)) 426 427 n=$((n+1)) 428 echo_i "checking dig +subnet=::/0 ($n)" 429 ret=0 430 dig_with_opts +tcp @10.53.0.2 +subnet=::/0 A a.example > dig.out.test$n 2>&1 || ret=1 431 grep "status: NOERROR" < dig.out.test$n > /dev/null || ret=1 432 grep "CLIENT-SUBNET: ::/0/0" < dig.out.test$n > /dev/null || ret=1 433 grep "10.0.0.1" < dig.out.test$n > /dev/null || ret=1 434 check_ttl_range dig.out.test$n "A" 300 || ret=1 435 if [ $ret -ne 0 ]; then echo_i "failed"; fi 436 status=$((status+ret)) 437 438 n=$((n+1)) 439 echo_i "checking dig +ednsopt=8:00000000 (family=0, source=0, scope=0) ($n)" 440 ret=0 441 dig_with_opts +tcp @10.53.0.2 +ednsopt=8:00000000 A a.example > dig.out.test$n 2>&1 || ret=1 442 grep "status: NOERROR" < dig.out.test$n > /dev/null || ret=1 443 grep "CLIENT-SUBNET: 0/0/0" < dig.out.test$n > /dev/null || ret=1 444 grep "10.0.0.1" < dig.out.test$n > /dev/null || ret=1 445 check_ttl_range dig.out.test$n "A" 300 || ret=1 446 if [ $ret -ne 0 ]; then echo_i "failed"; fi 447 status=$((status+ret)) 448 449 n=$((n+1)) 450 echo_i "checking dig +ednsopt=8:00030000 (family=3, source=0, scope=0) ($n)" 451 ret=0 452 dig_with_opts +qr +tcp @10.53.0.2 +ednsopt=8:00030000 A a.example > dig.out.test$n 2>&1 || ret=1 453 grep "status: FORMERR" < dig.out.test$n > /dev/null || ret=1 454 grep "CLIENT-SUBNET: 00 03 00 00" < dig.out.test$n > /dev/null || ret=1 455 test "$(grep -c "CLIENT-SUBNET: 00 03 00 00" dig.out.test$n)" -eq 1 || ret=1 456 if [ $ret -ne 0 ]; then echo_i "failed"; fi 457 status=$((status+ret)) 458 459 n=$((n+1)) 460 echo_i "checking dig +subnet with prefix lengths between byte boundaries ($n)" 461 ret=0 462 for p in 9 10 11 12 13 14 15; do 463 dig_with_opts +tcp @10.53.0.2 +subnet=10.53/$p A a.example > dig.out.test.$p.$n 2>&1 || ret=1 464 grep "FORMERR" < dig.out.test.$p.$n > /dev/null && ret=1 465 grep "CLIENT-SUBNET.*/$p/0" < dig.out.test.$p.$n > /dev/null || ret=1 466 check_ttl_range dig.out.test.$p.$n "A" 300 || ret=1 467 done 468 if [ $ret -ne 0 ]; then echo_i "failed"; fi 469 status=$((status+ret)) 470 471 n=$((n+1)) 472 echo_i "checking dig +sp works as an abbreviated form of split ($n)" 473 ret=0 474 dig_with_opts @10.53.0.3 +sp=4 -t sshfp foo.example > dig.out.test$n || ret=1 475 grep " 9ABC DEF6 7890 " < dig.out.test$n > /dev/null || ret=1 476 check_ttl_range dig.out.test$n "SSHFP" 300 || ret=1 477 if [ $ret -ne 0 ]; then echo_i "failed"; fi 478 status=$((status+ret)) 479 480 n=$((n+1)) 481 echo_i "checking dig -c works ($n)" 482 ret=0 483 dig_with_opts @10.53.0.3 -c CHAOS -t txt version.bind > dig.out.test$n || ret=1 484 grep "version.bind. 0 CH TXT" < dig.out.test$n > /dev/null || ret=1 485 if [ $ret -ne 0 ]; then echo_i "failed"; fi 486 status=$((status+ret)) 487 488 n=$((n+1)) 489 echo_i "checking dig +dscp ($n)" 490 ret=0 491 dig_with_opts @10.53.0.3 +dscp=32 a a.example > /dev/null 2>&1 || ret=1 492 dig_with_opts @10.53.0.3 +dscp=-1 a a.example > /dev/null 2>&1 && ret=1 493 dig_with_opts @10.53.0.3 +dscp=64 a a.example > /dev/null 2>&1 && ret=1 494 #TODO add a check to make sure dig is actually setting the dscp on the query 495 #we might have to add better logging to named for this 496 if [ $ret -ne 0 ]; then echo_i "failed"; fi 497 status=$((status+ret)) 498 499 n=$((n+1)) 500 echo_i "checking dig +ednsopt with option number ($n)" 501 ret=0 502 dig_with_opts @10.53.0.3 +ednsopt=3 a.example > dig.out.test$n 2>&1 || ret=1 503 grep 'NSID: .* ("ns3")' dig.out.test$n > /dev/null || ret=1 504 check_ttl_range dig.out.test$n "A" 300 || ret=1 505 if [ $ret -ne 0 ]; then echo_i "failed"; fi 506 status=$((status+ret)) 507 508 n=$((n+1)) 509 echo_i "checking dig +ednsopt with option name ($n)" 510 ret=0 511 dig_with_opts @10.53.0.3 +ednsopt=nsid a.example > dig.out.test$n 2>&1 || ret=1 512 grep 'NSID: .* ("ns3")' dig.out.test$n > /dev/null || ret=1 513 check_ttl_range dig.out.test$n "A" 300 || ret=1 514 if [ $ret -ne 0 ]; then echo_i "failed"; fi 515 status=$((status+ret)) 516 517 n=$((n+1)) 518 echo_i "checking ednsopt LLQ prints as expected ($n)" 519 ret=0 520 dig_with_opts @10.53.0.3 +ednsopt=llq:0001000200001234567812345678fefefefe +qr a.example > dig.out.test$n 2>&1 || ret=1 521 grep 'LLQ: Version: 1, Opcode: 2, Error: 0, Identifier: 1311768465173141112, Lifetime: 4278124286$' dig.out.test$n > /dev/null || ret=1 522 if [ $ret -ne 0 ]; then echo_i "failed"; fi 523 status=$((status+ret)) 524 525 n=$((n+1)) 526 echo_i "checking that dig warns about .local queries ($n)" 527 ret=0 528 dig_with_opts @10.53.0.3 local soa > dig.out.test$n 2>&1 || ret=1 529 grep ";; WARNING: .local is reserved for Multicast DNS" dig.out.test$n > /dev/null || ret=1 530 if [ $ret -ne 0 ]; then echo_i "failed"; fi 531 status=$((status+ret)) 532 533 n=$((n+1)) 534 echo_i "check that dig processes +ednsopt=key-tag and FORMERR is returned ($n)" 535 dig_with_opts @10.53.0.3 +ednsopt=key-tag a.example +qr > dig.out.test$n 2>&1 || ret=1 536 grep "; KEY-TAG$" dig.out.test$n > /dev/null || ret=1 537 grep "status: FORMERR" dig.out.test$n > /dev/null || ret=1 538 if [ $ret -ne 0 ]; then echo_i "failed"; fi 539 status=$((status+ret)) 540 541 n=$((n+1)) 542 echo_i "check that dig processes +ednsopt=key-tag:<value-list> ($n)" 543 dig_with_opts @10.53.0.3 +ednsopt=key-tag:00010002 a.example +qr > dig.out.test$n 2>&1 || ret=1 544 grep "; KEY-TAG: 1, 2$" dig.out.test$n > /dev/null || ret=1 545 grep "status: FORMERR" dig.out.test$n > /dev/null && ret=1 546 check_ttl_range dig.out.test$n "A" 300 || ret=1 547 if [ $ret -ne 0 ]; then echo_i "failed"; fi 548 status=$((status+ret)) 549 550 n=$((n+1)) 551 echo_i "check that dig processes +ednsopt=key-tag:<malformed-value-list> and FORMERR is returned ($n)" 552 ret=0 553 dig_with_opts @10.53.0.3 +ednsopt=key-tag:0001000201 a.example +qr > dig.out.test$n 2>&1 || ret=1 554 grep "; KEY-TAG: 00 01 00 02 01" dig.out.test$n > /dev/null || ret=1 555 grep "status: FORMERR" dig.out.test$n > /dev/null || ret=1 556 if [ $ret -ne 0 ]; then echo_i "failed"; fi 557 status=$((status+ret)) 558 559 n=$((n+1)) 560 echo_i "check that dig processes +ednsopt=client-tag:value ($n)" 561 dig_with_opts @10.53.0.3 +ednsopt=client-tag:0001 a.example +qr > dig.out.test$n 2>&1 || ret=1 562 grep "; CLIENT-TAG: 1$" dig.out.test$n > /dev/null || ret=1 563 grep "status: FORMERR" dig.out.test$n > /dev/null && ret=1 564 if [ $ret -ne 0 ]; then echo_i "failed"; fi 565 status=$((status+ret)) 566 567 n=$((n+1)) 568 echo_i "check that FORMERR is returned for a too short client-tag ($n)" 569 dig_with_opts @10.53.0.3 +ednsopt=client-tag:01 a.example +qr > dig.out.test$n 2>&1 || ret=1 570 grep "; CLIENT-TAG" dig.out.test$n > /dev/null || ret=1 571 grep "status: FORMERR" dig.out.test$n > /dev/null || ret=1 572 if [ $ret -ne 0 ]; then echo_i "failed"; fi 573 status=$((status+ret)) 574 575 n=$((n+1)) 576 echo_i "check that FORMERR is returned for a too long client-tag ($n)" 577 dig_with_opts @10.53.0.3 +ednsopt=client-tag:000001 a.example +qr > dig.out.test$n 2>&1 || ret=1 578 grep "; CLIENT-TAG" dig.out.test$n > /dev/null || ret=1 579 grep "status: FORMERR" dig.out.test$n > /dev/null || ret=1 580 if [ $ret -ne 0 ]; then echo_i "failed"; fi 581 status=$((status+ret)) 582 583 n=$((n+1)) 584 echo_i "check that dig processes +ednsopt=server-tag:value ($n)" 585 dig_with_opts @10.53.0.3 +ednsopt=server-tag:0001 a.example +qr > dig.out.test$n 2>&1 || ret=1 586 grep "; SERVER-TAG: 1$" dig.out.test$n > /dev/null || ret=1 587 grep "status: FORMERR" dig.out.test$n > /dev/null && ret=1 588 if [ $ret -ne 0 ]; then echo_i "failed"; fi 589 status=$((status+ret)) 590 591 n=$((n+1)) 592 echo_i "check that FORMERR is returned for a too short server-tag ($n)" 593 dig_with_opts @10.53.0.3 +ednsopt=server-tag:01 a.example +qr > dig.out.test$n 2>&1 || ret=1 594 grep "; SERVER-TAG" dig.out.test$n > /dev/null || ret=1 595 grep "status: FORMERR" dig.out.test$n > /dev/null || ret=1 596 if [ $ret -ne 0 ]; then echo_i "failed"; fi 597 status=$((status+ret)) 598 599 n=$((n+1)) 600 echo_i "check that FORMERR is returned for a too long server-tag ($n)" 601 dig_with_opts @10.53.0.3 +ednsopt=server-tag:000001 a.example +qr > dig.out.test$n 2>&1 || ret=1 602 grep "; SERVER-TAG" dig.out.test$n > /dev/null || ret=1 603 grep "status: FORMERR" dig.out.test$n > /dev/null || ret=1 604 if [ $ret -ne 0 ]; then echo_i "failed"; fi 605 status=$((status+ret)) 606 607 n=$((n+1)) 608 echo_i "check that dig handles malformed option '+ednsopt=:' gracefully ($n)" 609 ret=0 610 dig_with_opts @10.53.0.3 +ednsopt=: a.example > dig.out.test$n 2>&1 && ret=1 611 grep "ednsopt no code point specified" dig.out.test$n > /dev/null || ret=1 612 if [ $ret -ne 0 ]; then echo_i "failed"; fi 613 status=$((status+ret)) 614 615 n=$((n+1)) 616 echo_i "check that dig gracefully handles bad escape in domain name ($n)" 617 ret=0 618 digstatus=0 619 dig_with_opts @10.53.0.3 '\0.' > dig.out.test$n 2>&1 || digstatus=$? 620 echo digstatus=$digstatus >> dig.out.test$n 621 test $digstatus -eq 10 || ret=1 622 grep REQUIRE dig.out.test$n > /dev/null && ret=1 623 grep "is not a legal name (bad escape)" dig.out.test$n > /dev/null || ret=1 624 if [ $ret -ne 0 ]; then echo_i "failed"; fi 625 status=$((status+ret)) 626 627 n=$((n+1)) 628 echo_i "check that dig -q -m works ($n)" 629 ret=0 630 dig_with_opts @10.53.0.3 -q -m > dig.out.test$n 2>&1 631 grep '^;-m\..*IN.*A$' dig.out.test$n > /dev/null || ret=1 632 grep "Dump of all outstanding memory allocations" dig.out.test$n > /dev/null && ret=1 633 if [ $ret -ne 0 ]; then echo_i "failed"; fi 634 status=$((status+ret)) 635 636 n=$((n+1)) 637 echo_i "checking exit code for a retry upon TCP EOF (immediate -> immediate) ($n)" 638 ret=0 639 echo "no_response no_response" | sendcmd 10.53.0.5 640 dig_with_opts @10.53.0.5 example AXFR +tries=1 > dig.out.test$n 2>&1 && ret=1 641 # Sanity check: ensure ans5 behaves as expected. 642 [ `grep "communications error.*end of file" dig.out.test$n | wc -l` -eq 2 ] || ret=1 643 if [ $ret -ne 0 ]; then echo_i "failed"; fi 644 status=$((status+ret)) 645 646 n=$((n+1)) 647 echo_i "checking exit code for a retry upon TCP EOF (partial AXFR -> partial AXFR) ($n)" 648 ret=0 649 echo "partial_axfr partial_axfr" | sendcmd 10.53.0.5 650 dig_with_opts @10.53.0.5 example AXFR +tries=1 > dig.out.test$n 2>&1 && ret=1 651 # Sanity check: ensure ans5 behaves as expected. 652 [ `grep "communications error.*end of file" dig.out.test$n | wc -l` -eq 2 ] || ret=1 653 if [ $ret -ne 0 ]; then echo_i "failed"; fi 654 status=$((status+ret)) 655 656 n=$((n+1)) 657 echo_i "checking exit code for a retry upon TCP EOF (immediate -> partial AXFR) ($n)" 658 ret=0 659 echo "no_response partial_axfr" | sendcmd 10.53.0.5 660 dig_with_opts @10.53.0.5 example AXFR +tries=1 > dig.out.test$n 2>&1 && ret=1 661 # Sanity check: ensure ans5 behaves as expected. 662 [ `grep "communications error.*end of file" dig.out.test$n | wc -l` -eq 2 ] || ret=1 663 if [ $ret -ne 0 ]; then echo_i "failed"; fi 664 status=$((status+ret)) 665 666 n=$((n+1)) 667 echo_i "checking exit code for a retry upon TCP EOF (partial AXFR -> immediate) ($n)" 668 ret=0 669 echo "partial_axfr no_response" | sendcmd 10.53.0.5 670 dig_with_opts @10.53.0.5 example AXFR +tries=1 > dig.out.test$n 2>&1 && ret=1 671 # Sanity check: ensure ans5 behaves as expected. 672 [ `grep "communications error.*end of file" dig.out.test$n | wc -l` -eq 2 ] || ret=1 673 if [ $ret -ne 0 ]; then echo_i "failed"; fi 674 status=$((status+ret)) 675 676 n=$((n+1)) 677 echo_i "checking exit code for a retry upon TCP EOF (immediate -> complete AXFR) ($n)" 678 ret=0 679 echo "no_response complete_axfr" | sendcmd 10.53.0.5 680 dig_with_opts @10.53.0.5 example AXFR +tries=1 > dig.out.test$n 2>&1 || ret=1 681 # Sanity check: ensure ans5 behaves as expected. 682 [ `grep "communications error.*end of file" dig.out.test$n | wc -l` -eq 1 ] || ret=1 683 if [ $ret -ne 0 ]; then echo_i "failed"; fi 684 status=$((status+ret)) 685 686 n=$((n+1)) 687 echo_i "checking exit code for a retry upon TCP EOF (partial AXFR -> complete AXFR) ($n)" 688 ret=0 689 echo "partial_axfr complete_axfr" | sendcmd 10.53.0.5 690 dig_with_opts @10.53.0.5 example AXFR +tries=1 > dig.out.test$n 2>&1 || ret=1 691 # Sanity check: ensure ans5 behaves as expected. 692 [ `grep "communications error.*end of file" dig.out.test$n | wc -l` -eq 1 ] || ret=1 693 if [ $ret -ne 0 ]; then echo_i "failed"; fi 694 status=$((status+ret)) 695else 696 echo_i "$DIG is needed, so skipping these dig tests" 697fi 698 699if [ -x "$MDIG" ] ; then 700 n=$((n+1)) 701 echo_i "check that mdig handles malformed option '+ednsopt=:' gracefully ($n)" 702 ret=0 703 mdig_with_opts @10.53.0.3 +ednsopt=: a.example > dig.out.test$n 2>&1 && ret=1 704 grep "ednsopt no code point specified" dig.out.test$n > /dev/null || ret=1 705 if [ $ret -ne 0 ]; then echo_i "failed"; fi 706 status=$((status+ret)) 707 708 n=$((n+1)) 709 echo_i "checking mdig +multi +norrcomments works for DNSKEY (when default is rrcomments)($n)" 710 ret=0 711 mdig_with_opts +tcp @10.53.0.3 +multi +norrcomments -t DNSKEY dnskey.example > dig.out.test$n || ret=1 712 grep "; ZSK; alg = $DEFAULT_ALGORITHM ; key id = $KEYID" dig.out.test$n && ret=1 713 if [ $ret -ne 0 ]; then echo_i "failed"; fi 714 status=$((status+ret)) 715 716 n=$((n+1)) 717 echo_i "checking mdig +multi +norrcomments works for SOA (when default is rrcomments)($n)" 718 ret=0 719 mdig_with_opts +tcp @10.53.0.3 +multi +norrcomments -t SOA example > dig.out.test$n || ret=1 720 grep "; serial" < dig.out.test$n > /dev/null && ret=1 721 if [ $ret -ne 0 ]; then echo_i "failed"; fi 722 status=$((status+ret)) 723else 724 echo_i "$MDIG is needed, so skipping these mdig tests" 725fi 726 727if [ -x "$DELV" ] ; then 728 n=$((n+1)) 729 echo_i "checking delv short form works ($n)" 730 ret=0 731 delv_with_opts @10.53.0.3 +short a a.example > delv.out.test$n || ret=1 732 test "$(wc -l < delv.out.test$n)" -eq 1 || ret=1 733 if [ $ret -ne 0 ]; then echo_i "failed"; fi 734 status=$((status+ret)) 735 736 n=$((n+1)) 737 echo_i "checking delv split width works ($n)" 738 ret=0 739 delv_with_opts @10.53.0.3 +split=4 -t sshfp foo.example > delv.out.test$n || ret=1 740 grep " 9ABC DEF6 7890 " < delv.out.test$n > /dev/null || ret=1 741 check_ttl_range delv.out.test$n "SSHFP" 300 || ret=1 742 if [ $ret -ne 0 ]; then echo_i "failed"; fi 743 status=$((status+ret)) 744 745 n=$((n+1)) 746 echo_i "checking delv +unknownformat works ($n)" 747 ret=0 748 delv_with_opts @10.53.0.3 +unknownformat a a.example > delv.out.test$n || ret=1 749 grep "CLASS1[ ][ ]*TYPE1[ ][ ]*\\\\# 4 0A000001" < delv.out.test$n > /dev/null || ret=1 750 check_ttl_range delv.out.test$n "TYPE1" 300 || ret=1 751 if [ $ret -ne 0 ]; then echo_i "failed"; fi 752 status=$((status+ret)) 753 754 n=$((n+1)) 755 echo_i "checking delv -4 -6 ($n)" 756 ret=0 757 delv_with_opts @10.53.0.3 -4 -6 A a.example > delv.out.test$n 2>&1 && ret=1 758 grep "only one of -4 and -6 allowed" < delv.out.test$n > /dev/null || ret=1 759 if [ $ret -ne 0 ]; then echo_i "failed"; fi 760 status=$((status+ret)) 761 762 n=$((n+1)) 763 echo_i "checking delv with IPv6 on IPv4 does not work ($n)" 764 if testsock6 fd92:7065:b8e:ffff::3 2>/dev/null 765 then 766 ret=0 767 # following should fail because @IPv4 overrides earlier @IPv6 above 768 # and -6 forces IPv6 so this should fail, with a message 769 # "Use of IPv4 disabled by -6" 770 delv_with_opts @fd92:7065:b8e:ffff::3 @10.53.0.3 -6 -t txt foo.example > delv.out.test$n 2>&1 && ret=1 771 # it should have no results but error output 772 grep "testing" < delv.out.test$n > /dev/null && ret=1 773 grep "Use of IPv4 disabled by -6" delv.out.test$n > /dev/null || ret=1 774 if [ $ret -ne 0 ]; then echo_i "failed"; fi 775 status=$((status+ret)) 776 else 777 echo_i "IPv6 unavailable; skipping" 778 fi 779 780 n=$((n+1)) 781 echo_i "checking delv with IPv4 on IPv6 does not work ($n)" 782 if testsock6 fd92:7065:b8e:ffff::3 2>/dev/null 783 then 784 ret=0 785 # following should fail because @IPv6 overrides earlier @IPv4 above 786 # and -4 forces IPv4 so this should fail, with a message 787 # "Use of IPv6 disabled by -4" 788 delv_with_opts @10.53.0.3 @fd92:7065:b8e:ffff::3 -4 -t txt foo.example > delv.out.test$n 2>&1 && ret=1 789 # it should have no results but error output 790 grep "testing" delv.out.test$n > /dev/null && ret=1 791 grep "Use of IPv6 disabled by -4" delv.out.test$n > /dev/null || ret=1 792 if [ $ret -ne 0 ]; then echo_i "failed"; fi 793 status=$((status+ret)) 794 else 795 echo_i "IPv6 unavailable; skipping" 796 fi 797 798 n=$((n+1)) 799 echo_i "checking delv with reverse lookup works ($n)" 800 ret=0 801 delv_with_opts @10.53.0.3 -x 127.0.0.1 > delv.out.test$n 2>&1 || ret=1 802 # doesn't matter if has answer 803 grep -i "127\\.in-addr\\.arpa\\." < delv.out.test$n > /dev/null || ret=1 804 check_ttl_range delv.out.test$n '\\-ANY' 10800 3 || ret=1 805 if [ $ret -ne 0 ]; then echo_i "failed"; fi 806 status=$((status+ret)) 807 808 n=$((n+1)) 809 echo_i "checking delv over TCP works ($n)" 810 ret=0 811 delv_with_opts +tcp @10.53.0.3 a a.example > delv.out.test$n || ret=1 812 grep "10\\.0\\.0\\.1$" < delv.out.test$n > /dev/null || ret=1 813 check_ttl_range delv.out.test$n "A" 300 || ret=1 814 if [ $ret -ne 0 ]; then echo_i "failed"; fi 815 status=$((status+ret)) 816 817 n=$((n+1)) 818 echo_i "checking delv +multi +norrcomments works for DNSKEY (when default is rrcomments)($n)" 819 ret=0 820 delv_with_opts +tcp @10.53.0.3 +multi +norrcomments DNSKEY dnskey.example > delv.out.test$n || ret=1 821 grep "; ZSK; alg = $DEFAULT_ALGORITHM ; key id = $KEYID" < delv.out.test$n > /dev/null && ret=1 822 check_ttl_range delv.out.test$n "DNSKEY" 300 || ret=1 823 if [ $ret -ne 0 ]; then echo_i "failed"; fi 824 status=$((status+ret)) 825 826 n=$((n+1)) 827 echo_i "checking delv +multi +norrcomments works for SOA (when default is rrcomments)($n)" 828 ret=0 829 delv_with_opts +tcp @10.53.0.3 +multi +norrcomments SOA example > delv.out.test$n || ret=1 830 grep "; ZSK; alg = $DEFAULT_ALGORITHM ; key id = $KEYID" < delv.out.test$n > /dev/null && ret=1 831 check_ttl_range delv.out.test$n "SOA" 300 || ret=1 832 if [ $ret -ne 0 ]; then echo_i "failed"; fi 833 status=$((status+ret)) 834 835 n=$((n+1)) 836 echo_i "checking delv +rrcomments works for DNSKEY($n)" 837 ret=0 838 delv_with_opts +tcp @10.53.0.3 +rrcomments DNSKEY dnskey.example > delv.out.test$n || ret=1 839 grep "; ZSK; alg = $DEFAULT_ALGORITHM ; key id = $KEYID" < delv.out.test$n > /dev/null || ret=1 840 check_ttl_range delv.out.test$n "DNSKEY" 300 || ret=1 841 if [ $ret -ne 0 ]; then echo_i "failed"; fi 842 status=$((status+ret)) 843 844 n=$((n+1)) 845 echo_i "checking delv +short +rrcomments works for DNSKEY ($n)" 846 ret=0 847 delv_with_opts +tcp @10.53.0.3 +short +rrcomments DNSKEY dnskey.example > delv.out.test$n || ret=1 848 grep "; ZSK; alg = $DEFAULT_ALGORITHM ; key id = $KEYID" < delv.out.test$n > /dev/null || ret=1 849 if [ $ret -ne 0 ]; then echo_i "failed"; fi 850 status=$((status+ret)) 851 852 n=$((n+1)) 853 echo_i "checking delv +short +rrcomments works ($n)" 854 ret=0 855 delv_with_opts +tcp @10.53.0.3 +short +rrcomments DNSKEY dnskey.example > delv.out.test$n || ret=1 856 grep -q "$KEYDATA ; ZSK; alg = $DEFAULT_ALGORITHM ; key id = $KEYID" < delv.out.test$n || ret=1 857 if [ $ret -ne 0 ]; then echo_i "failed"; fi 858 status=$((status+ret)) 859 860 n=$((n+1)) 861 echo_i "checking delv +short +nosplit works ($n)" 862 ret=0 863 delv_with_opts +tcp @10.53.0.3 +short +nosplit DNSKEY dnskey.example > delv.out.test$n || ret=1 864 grep -q "$NOSPLIT" < delv.out.test$n || ret=1 865 test "$(wc -l < delv.out.test$n)" -eq 1 || ret=1 866 test "$(awk '{print NF}' < delv.out.test$n)" -eq 14 || ret=1 867 if [ $ret -ne 0 ]; then echo_i "failed"; fi 868 status=$((status+ret)) 869 870 n=$((n+1)) 871 echo_i "checking delv +short +nosplit +norrcomments works ($n)" 872 ret=0 873 delv_with_opts +tcp @10.53.0.3 +short +nosplit +norrcomments DNSKEY dnskey.example > delv.out.test$n || ret=1 874 grep -q "$NOSPLIT\$" < delv.out.test$n || ret=1 875 test "$(wc -l < delv.out.test$n)" -eq 1 || ret=1 876 test "$(awk '{print NF}' < delv.out.test$n)" -eq 4 || ret=1 877 if [ $ret -ne 0 ]; then echo_i "failed"; fi 878 status=$((status+ret)) 879 880 n=$((n+1)) 881 echo_i "checking delv +sp works as an abbriviated form of split ($n)" 882 ret=0 883 delv_with_opts @10.53.0.3 +sp=4 -t sshfp foo.example > delv.out.test$n || ret=1 884 grep " 9ABC DEF6 7890 " < delv.out.test$n > /dev/null || ret=1 885 check_ttl_range delv.out.test$n "SSHFP" 300 || ret=1 886 if [ $ret -ne 0 ]; then echo_i "failed"; fi 887 status=$((status+ret)) 888 889 n=$((n+1)) 890 echo_i "checking delv +sh works as an abbriviated form of short ($n)" 891 ret=0 892 delv_with_opts @10.53.0.3 +sh a a.example > delv.out.test$n || ret=1 893 test "$(wc -l < delv.out.test$n)" -eq 1 || ret=1 894 if [ $ret -ne 0 ]; then echo_i "failed"; fi 895 status=$((status+ret)) 896 897 n=$((n+1)) 898 echo_i "checking delv -c IN works ($n)" 899 ret=0 900 delv_with_opts @10.53.0.3 -c IN -t a a.example > delv.out.test$n || ret=1 901 grep "a.example." < delv.out.test$n > /dev/null || ret=1 902 check_ttl_range delv.out.test$n "A" 300 || ret=1 903 if [ $ret -ne 0 ]; then echo_i "failed"; fi 904 status=$((status+ret)) 905 906 n=$((n+1)) 907 echo_i "checking delv -c CH is ignored, and treated like IN ($n)" 908 ret=0 909 delv_with_opts @10.53.0.3 -c CH -t a a.example > delv.out.test$n || ret=1 910 grep "a.example." < delv.out.test$n > /dev/null || ret=1 911 check_ttl_range delv.out.test$n "A" 300 || ret=1 912 if [ $ret -ne 0 ]; then echo_i "failed"; fi 913 status=$((status+ret)) 914 915 n=$((n+1)) 916 echo_i "checking delv H is ignored, and treated like IN ($n)" 917 ret=0 918 delv_with_opts @10.53.0.3 -c CH -t a a.example > delv.out.test$n || ret=1 919 grep "a.example." < delv.out.test$n > /dev/null || ret=1 920 check_ttl_range delv.out.test$n "A" 300 || ret=1 921 if [ $ret -ne 0 ]; then echo_i "failed"; fi 922 status=$((status+ret)) 923 924 n=$((n+1)) 925 echo_i "check that delv -q -m works ($n)" 926 ret=0 927 delv_with_opts @10.53.0.3 -q -m > delv.out.test$n 2>&1 || ret=1 928 grep '^; -m\..*[0-9]*.*IN.*ANY.*;' delv.out.test$n > /dev/null || ret=1 929 grep "^add " delv.out.test$n > /dev/null && ret=1 930 grep "^del " delv.out.test$n > /dev/null && ret=1 931 check_ttl_range delv.out.test$n '\\-ANY' 300 3 || ret=1 932 if [ $ret -ne 0 ]; then echo_i "failed"; fi 933 status=$((status+ret)) 934 935 n=$((n+1)) 936 echo_i "check that delv -t ANY works ($n)" 937 ret=0 938 delv_with_opts @10.53.0.3 -t ANY example > delv.out.test$n 2>&1 || ret=1 939 grep "^example." < delv.out.test$n > /dev/null || ret=1 940 check_ttl_range delv.out.test$n NS 300 || ret=1 941 check_ttl_range delv.out.test$n SOA 300 || ret=1 942 if [ $ret -ne 0 ]; then echo_i "failed"; fi 943 status=$((status+ret)) 944else 945 echo_i "$DELV is needed, so skipping these delv tests" 946fi 947 948echo_i "exit status: $status" 949[ $status -eq 0 ] || exit 1 950