1#!/bin/sh 2 3# Copyright (C) Internet Systems Consortium, Inc. ("ISC") 4# 5# SPDX-License-Identifier: MPL-2.0 6# 7# This Source Code Form is subject to the terms of the Mozilla Public 8# License, v. 2.0. If a copy of the MPL was not distributed with this 9# file, you can obtain one at https://mozilla.org/MPL/2.0/. 10# 11# See the COPYRIGHT file distributed with this work for additional 12# information regarding copyright ownership. 13 14# shellcheck source=conf.sh 15SYSTEMTESTTOP=.. 16. "$SYSTEMTESTTOP/conf.sh" 17 18set -e 19 20status=0 21n=0 22 23sendcmd() { 24 "$PERL" "$SYSTEMTESTTOP/send.pl" "${1}" "$EXTRAPORT1" 25} 26 27dig_with_opts() { 28 "$DIG" -p "$PORT" "$@" 29} 30 31mdig_with_opts() { 32 "$MDIG" -p "$PORT" "$@" 33} 34 35# Check if response in file $1 has the correct TTL range. 36# The response record must have RRtype $2 and class IN (CLASS1). 37# Maximum TTL is given by $3. This works in most cases where TTL is 38# the second word on the line. TTL position can be adjusted with 39# setting the position $4, but that requires updating this function. 40check_ttl_range() { 41 file=$1 42 pos=$4 43 44 case "$pos" in 45 "3") 46 awk -v rrtype="$2" -v ttl="$3" '($4 == "IN" || $4 == "CLASS1" ) && $5 == rrtype { if ($3 <= ttl) { ok=1 } } END { exit(ok?0:1) }' < $file 47 ;; 48 *) 49 awk -v rrtype="$2" -v ttl="$3" '($3 == "IN" || $3 == "CLASS1" ) && $4 == rrtype { if ($2 <= ttl) { ok=1 } } END { exit(ok?0:1) }' < $file 50 ;; 51 esac 52 53 result=$? 54 [ $result -eq 0 ] || echo_i "ttl check failed" 55 return $result 56} 57 58# using delv insecure mode as not testing dnssec here 59delv_with_opts() { 60 "$DELV" +noroot -p "$PORT" "$@" 61} 62 63KEYID="$(cat ns2/keyid)" 64KEYDATA="$(< ns2/keydata sed -e 's/+/[+]/g')" 65NOSPLIT="$(< ns2/keydata sed -e 's/+/[+]/g' -e 's/ //g')" 66 67HAS_PYYAML=0 68if [ -n "$PYTHON" ] ; then 69 $PYTHON -c "import yaml" 2> /dev/null && HAS_PYYAML=1 70fi 71 72# 73# test whether ans7/ans.pl will be able to send a UPDATE response. 74# if it can't, we will log that below. 75# 76if "$PERL" -e 'use Net::DNS; use Net::DNS::Packet; my $p = new Net::DNS::Packet; $p->header->opcode(5);' > /dev/null 2>&1 77then 78 checkupdate=1 79else 80 checkupdate=0 81fi 82 83if [ -x "$NSLOOKUP" -a $checkupdate -eq 1 ] ; then 84 85 n=$((n+1)) 86 echo_i "check nslookup handles UPDATE response ($n)" 87 ret=0 88 "$NSLOOKUP" -q=CNAME "-port=$PORT" foo.bar 10.53.0.7 > nslookup.out.test$n 2>&1 && ret=1 89 grep "Opcode mismatch" nslookup.out.test$n > /dev/null || ret=1 90 if [ $ret -ne 0 ]; then echo_i "failed"; fi 91 status=$((status+ret)) 92 93fi 94 95if [ -x "$HOST" -a $checkupdate -eq 1 ] ; then 96 97 n=$((n+1)) 98 echo_i "check host handles UPDATE response ($n)" 99 ret=0 100 "$HOST" -t CNAME -p $PORT foo.bar 10.53.0.7 > host.out.test$n 2>&1 && ret=1 101 grep "Opcode mismatch" host.out.test$n > /dev/null || ret=1 102 if [ $ret -ne 0 ]; then echo_i "failed"; fi 103 status=$((status+ret)) 104 105fi 106 107if [ -x "$NSUPDATE" -a $checkupdate -eq 1 ] ; then 108 109 n=$((n+1)) 110 echo_i "check nsupdate handles UPDATE response to QUERY ($n)" 111 ret=0 112 res=0 113 $NSUPDATE << EOF > nsupdate.out.test$n 2>&1 || res=$? 114server 10.53.0.7 ${PORT} 115add x.example.com 300 in a 1.2.3.4 116send 117EOF 118 test $res -eq 1 || ret=1 119 grep "invalid OPCODE in response to SOA query" nsupdate.out.test$n > /dev/null || ret=1 120 if [ $ret -ne 0 ]; then echo_i "failed"; fi 121 status=$((status+ret)) 122 123fi 124 125if [ -x "$DIG" ] ; then 126 127 if [ $checkupdate -eq 1 ] ; then 128 129 n=$((n+1)) 130 echo_i "check dig handles UPDATE response ($n)" 131 ret=0 132 dig_with_opts @10.53.0.7 cname foo.bar > dig.out.test$n 2>&1 && ret=1 133 grep "Opcode mismatch" dig.out.test$n > /dev/null || ret=1 134 if [ $ret -ne 0 ]; then echo_i "failed"; fi 135 status=$((status+ret)) 136 else 137 echo_i "Skipped UPDATE handling test" 138 fi 139 140 n=$((n+1)) 141 echo_i "checking dig short form works ($n)" 142 ret=0 143 dig_with_opts @10.53.0.3 +short a a.example > dig.out.test$n || ret=1 144 test "$(wc -l < dig.out.test$n)" -eq 1 || ret=1 145 if [ $ret -ne 0 ]; then echo_i "failed"; fi 146 status=$((status+ret)) 147 148 n=$((n+1)) 149 echo_i "checking dig split width works ($n)" 150 ret=0 151 dig_with_opts @10.53.0.3 +split=4 -t sshfp foo.example > dig.out.test$n || ret=1 152 grep " 9ABC DEF6 7890 " < dig.out.test$n > /dev/null || ret=1 153 check_ttl_range dig.out.test$n "SSHFP" 300 || ret=1 154 if [ $ret -ne 0 ]; then echo_i "failed"; fi 155 status=$((status+ret)) 156 157 n=$((n+1)) 158 echo_i "checking dig +unknownformat works ($n)" 159 ret=0 160 dig_with_opts @10.53.0.3 +unknownformat a a.example > dig.out.test$n || ret=1 161 grep "CLASS1[ ][ ]*TYPE1[ ][ ]*\\\\# 4 0A000001" < dig.out.test$n > /dev/null || ret=1 162 check_ttl_range dig.out.test$n "TYPE1" 300 || ret=1 163 if [ $ret -ne 0 ]; then echo_i "failed"; fi 164 status=$((status+ret)) 165 166 n=$((n+1)) 167 echo_i "checking dig with reverse lookup works ($n)" 168 ret=0 169 dig_with_opts @10.53.0.3 -x 127.0.0.1 > dig.out.test$n 2>&1 || ret=1 170 # doesn't matter if has answer 171 grep -i "127\\.in-addr\\.arpa\\." < dig.out.test$n > /dev/null || ret=1 172 check_ttl_range dig.out.test$n "SOA" 86400 || ret=1 173 if [ $ret -ne 0 ]; then echo_i "failed"; fi 174 status=$((status+ret)) 175 176 n=$((n+1)) 177 echo_i "checking dig over TCP works ($n)" 178 ret=0 179 dig_with_opts +tcp @10.53.0.3 a a.example > dig.out.test$n || ret=1 180 grep "10\\.0\\.0\\.1$" < dig.out.test$n > /dev/null || ret=1 181 check_ttl_range dig.out.test$n "A" 300 || ret=1 182 if [ $ret -ne 0 ]; then echo_i "failed"; fi 183 status=$((status+ret)) 184 185 n=$((n+1)) 186 echo_i "checking dig +multi +norrcomments works for DNSKEY (when default is rrcomments)($n)" 187 ret=0 188 dig_with_opts +tcp @10.53.0.3 +multi +norrcomments -t DNSKEY example > dig.out.test$n || ret=1 189 grep "; ZSK; alg = $DEFAULT_ALGORITHM ; key id = $KEYID" dig.out.test$n > /dev/null && ret=1 190 check_ttl_range dig.out.test$n "DNSKEY" 300 || ret=1 191 if [ $ret -ne 0 ]; then echo_i "failed"; fi 192 status=$((status+ret)) 193 194 n=$((n+1)) 195 echo_i "checking dig +multi +norrcomments works for SOA (when default is rrcomments)($n)" 196 ret=0 197 dig_with_opts +tcp @10.53.0.3 +multi +norrcomments -t SOA example > dig.out.test$n || ret=1 198 grep "; serial" dig.out.test$n > /dev/null && ret=1 199 check_ttl_range dig.out.test$n "SOA" 300 || ret=1 200 if [ $ret -ne 0 ]; then echo_i "failed"; fi 201 status=$((status+ret)) 202 203 n=$((n+1)) 204 echo_i "checking dig +rrcomments works for DNSKEY($n)" 205 ret=0 206 dig_with_opts +tcp @10.53.0.3 +rrcomments DNSKEY example > dig.out.test$n || ret=1 207 grep "; ZSK; alg = $DEFAULT_ALGORITHM ; key id = $KEYID" < dig.out.test$n > /dev/null || ret=1 208 check_ttl_range dig.out.test$n "DNSKEY" 300 || ret=1 209 if [ $ret -ne 0 ]; then echo_i "failed"; fi 210 status=$((status+ret)) 211 212 n=$((n+1)) 213 echo_i "checking dig +short +rrcomments works for DNSKEY ($n)" 214 ret=0 215 dig_with_opts +tcp @10.53.0.3 +short +rrcomments DNSKEY example > dig.out.test$n || ret=1 216 grep "; ZSK; alg = $DEFAULT_ALGORITHM ; key id = $KEYID" < dig.out.test$n > /dev/null || ret=1 217 if [ $ret -ne 0 ]; then echo_i "failed"; fi 218 status=$((status+ret)) 219 220 n=$((n+1)) 221 echo_i "checking dig +short +nosplit works($n)" 222 ret=0 223 dig_with_opts +tcp @10.53.0.3 +short +nosplit DNSKEY example > dig.out.test$n || ret=1 224 grep "$NOSPLIT" < dig.out.test$n > /dev/null || ret=1 225 if [ $ret -ne 0 ]; then echo_i "failed"; fi 226 status=$((status+ret)) 227 228 n=$((n+1)) 229 echo_i "checking dig +short +rrcomments works($n)" 230 ret=0 231 dig_with_opts +tcp @10.53.0.3 +short +rrcomments DNSKEY example > dig.out.test$n || ret=1 232 grep -q "$KEYDATA ; ZSK; alg = $DEFAULT_ALGORITHM ; key id = $KEYID\$" < dig.out.test$n || ret=1 233 if [ $ret -ne 0 ]; then echo_i "failed"; fi 234 status=$((status+ret)) 235 236 n=$((n+1)) 237 echo_i "checking dig multi flag is local($n)" 238 ret=0 239 dig_with_opts +tcp @10.53.0.3 -t DNSKEY example +nomulti example +nomulti > dig.out.nn.$n || ret=1 240 dig_with_opts +tcp @10.53.0.3 -t DNSKEY example +multi example +nomulti > dig.out.mn.$n || ret=1 241 dig_with_opts +tcp @10.53.0.3 -t DNSKEY example +nomulti example +multi > dig.out.nm.$n || ret=1 242 dig_with_opts +tcp @10.53.0.3 -t DNSKEY example +multi example +multi > dig.out.mm.$n || ret=1 243 lcnn=$(wc -l < dig.out.nn.$n) 244 lcmn=$(wc -l < dig.out.mn.$n) 245 lcnm=$(wc -l < dig.out.nm.$n) 246 lcmm=$(wc -l < dig.out.mm.$n) 247 test "$lcmm" -ge "$lcnm" || ret=1 248 test "$lcmm" -ge "$lcmn" || ret=1 249 test "$lcnm" -ge "$lcnn" || ret=1 250 test "$lcmn" -ge "$lcnn" || ret=1 251 check_ttl_range dig.out.nn.$n "DNSKEY" 300 || ret=1 252 check_ttl_range dig.out.mn.$n "DNSKEY" 300 || ret=1 253 check_ttl_range dig.out.nm.$n "DNSKEY" 300 || ret=1 254 check_ttl_range dig.out.mm.$n "DNSKEY" 300 || ret=1 255 if [ $ret -ne 0 ]; then echo_i "failed"; fi 256 status=$((status+ret)) 257 258 n=$((n+1)) 259 echo_i "checking dig +noheader-only works ($n)" 260 ret=0 261 dig_with_opts +tcp @10.53.0.3 +noheader-only A example > dig.out.test$n || ret=1 262 grep "Got answer:" < dig.out.test$n > /dev/null || ret=1 263 check_ttl_range dig.out.test$n "SOA" 300 || ret=1 264 if [ $ret -ne 0 ]; then echo_i "failed"; fi 265 status=$((status+ret)) 266 267 n=$((n+1)) 268 echo_i "checking dig +short +rrcomments works($n)" 269 ret=0 270 dig_with_opts +tcp @10.53.0.3 +short +rrcomments DNSKEY example > dig.out.test$n || ret=1 271 grep -q "$KEYDATA ; ZSK; alg = $DEFAULT_ALGORITHM ; key id = $KEYID\$" < dig.out.test$n || ret=1 272 if [ $ret -ne 0 ]; then echo_i "failed"; fi 273 status=$((status+ret)) 274 275 n=$((n+1)) 276 echo_i "checking dig +header-only works ($n)" 277 ret=0 278 dig_with_opts +tcp @10.53.0.3 +header-only example > dig.out.test$n || ret=1 279 grep "^;; flags: qr rd; QUERY: 0, ANSWER: 0," < dig.out.test$n > /dev/null || ret=1 280 grep "^;; QUESTION SECTION:" < dig.out.test$n > /dev/null && ret=1 281 if [ $ret -ne 0 ]; then echo_i "failed"; fi 282 status=$((status+ret)) 283 284 n=$((n+1)) 285 echo_i "checking dig +raflag works ($n)" 286 ret=0 287 dig_with_opts +tcp @10.53.0.3 +raflag +qr example > dig.out.test$n || ret=1 288 grep "^;; flags: rd ra ad; QUERY: 1, ANSWER: 0," < dig.out.test$n > /dev/null || ret=1 289 grep "^;; flags: qr rd ra; QUERY: 1, ANSWER: 0," < dig.out.test$n > /dev/null || ret=1 290 check_ttl_range dig.out.test$n "SOA" 300 || ret=1 291 if [ $ret -ne 0 ]; then echo_i "failed"; fi 292 status=$((status+ret)) 293 294 n=$((n+1)) 295 echo_i "checking dig +tcflag works ($n)" 296 ret=0 297 dig_with_opts +tcp @10.53.0.3 +tcflag +qr example > dig.out.test$n || ret=1 298 grep "^;; flags: tc rd ad; QUERY: 1, ANSWER: 0" < dig.out.test$n > /dev/null || ret=1 299 grep "^;; flags: qr rd ra; QUERY: 1, ANSWER: 0," < dig.out.test$n > /dev/null || ret=1 300 check_ttl_range dig.out.test$n "SOA" 300 || ret=1 301 if [ $ret -ne 0 ]; then echo_i "failed"; fi 302 status=$((status+ret)) 303 304 n=$((n+1)) 305 echo_i "checking dig +header-only works (with class and type set) ($n)" 306 ret=0 307 dig_with_opts +tcp @10.53.0.3 +header-only -c IN -t A example > dig.out.test$n || ret=1 308 grep "^;; flags: qr rd; QUERY: 0, ANSWER: 0," < dig.out.test$n > /dev/null || ret=1 309 grep "^;; QUESTION SECTION:" < dig.out.test$n > /dev/null && ret=1 310 if [ $ret -ne 0 ]; then echo_i "failed"; fi 311 status=$((status+ret)) 312 313 n=$((n+1)) 314 echo_i "checking dig +zflag works, and that BIND properly ignores it ($n)" 315 ret=0 316 dig_with_opts +tcp @10.53.0.3 +zflag +qr A example > dig.out.test$n || ret=1 317 sed -n '/Sending:/,/Got answer:/p' dig.out.test$n | grep "^;; flags: rd ad; MBZ: 0x4;" > /dev/null || ret=1 318 sed -n '/Got answer:/,/AUTHORITY SECTION:/p' dig.out.test$n | grep "^;; flags: qr rd ra; QUERY: 1" > /dev/null || ret=1 319 check_ttl_range dig.out.test$n "SOA" 300 || ret=1 320 if [ $ret -ne 0 ]; then echo_i "failed"; fi 321 status=$((status+ret)) 322 323 n=$((n+1)) 324 echo_i "checking dig +qr +ednsopt=08 does not cause an INSIST failure ($n)" 325 ret=0 326 dig_with_opts @10.53.0.3 +ednsopt=08 +qr a a.example > dig.out.test$n || ret=1 327 grep "INSIST" < dig.out.test$n > /dev/null && ret=1 328 grep "FORMERR" < dig.out.test$n > /dev/null || ret=1 329 if [ $ret -ne 0 ]; then echo_i "failed"; fi 330 status=$((status+ret)) 331 332 n=$((n+1)) 333 echo_i "checking dig +ttlunits works ($n)" 334 ret=0 335 dig_with_opts +tcp @10.53.0.2 +ttlunits A weeks.example > dig.out.test$n || ret=1 336 grep "^weeks.example. 3w" < dig.out.test$n > /dev/null || ret=1 337 dig_with_opts +tcp @10.53.0.2 +ttlunits A days.example > dig.out.test$n || ret=1 338 grep "^days.example. 3d" < dig.out.test$n > /dev/null || ret=1 339 dig_with_opts +tcp @10.53.0.2 +ttlunits A hours.example > dig.out.test$n || ret=1 340 grep "^hours.example. 3h" < dig.out.test$n > /dev/null || ret=1 341 dig_with_opts +tcp @10.53.0.2 +ttlunits A minutes.example > dig.out.test$n || ret=1 342 grep "^minutes.example. 45m" < dig.out.test$n > /dev/null || ret=1 343 dig_with_opts +tcp @10.53.0.2 +ttlunits A seconds.example > dig.out.test$n || ret=1 344 grep "^seconds.example. 45s" < dig.out.test$n > /dev/null || ret=1 345 if [ $ret -ne 0 ]; then echo_i "failed"; fi 346 status=$((status+ret)) 347 348 n=$((n+1)) 349 echo_i "checking dig respects precedence of options with +ttlunits ($n)" 350 ret=0 351 dig_with_opts +tcp @10.53.0.2 +ttlunits +nottlid A weeks.example > dig.out.test$n || ret=1 352 grep "^weeks.example. IN" < dig.out.test$n > /dev/null || ret=1 353 dig_with_opts +tcp @10.53.0.2 +nottlid +ttlunits A weeks.example > dig.out.test$n || ret=1 354 grep "^weeks.example. 3w" < dig.out.test$n > /dev/null || ret=1 355 dig_with_opts +tcp @10.53.0.2 +nottlid +nottlunits A weeks.example > dig.out.test$n || ret=1 356 grep "^weeks.example. 1814400" < dig.out.test$n > /dev/null || ret=1 357 if [ $ret -ne 0 ]; then echo_i "failed"; fi 358 status=$((status+ret)) 359 360 n=$((n+1)) 361 echo_i "checking dig preserves origin on TCP retries ($n)" 362 ret=0 363 # Ask ans4 to still accept TCP connections, but not respond to queries 364 echo "//" | sendcmd 10.53.0.4 365 dig_with_opts -d +tcp @10.53.0.4 +retry=1 +time=1 +domain=bar foo > dig.out.test$n 2>&1 && ret=1 366 test "$(grep -c "trying origin bar" dig.out.test$n)" -eq 2 || ret=1 367 grep "using root origin" < dig.out.test$n > /dev/null && ret=1 368 if [ $ret -ne 0 ]; then echo_i "failed"; fi 369 status=$((status+ret)) 370 371 n=$((n+1)) 372 echo_i "checking dig -6 -4 ($n)" 373 ret=0 374 dig_with_opts +tcp @10.53.0.2 -4 -6 A a.example > dig.out.test$n 2>&1 && ret=1 375 grep "only one of -4 and -6 allowed" < dig.out.test$n > /dev/null || ret=1 376 if [ $ret -ne 0 ]; then echo_i "failed"; fi 377 status=$((status+ret)) 378 379 n=$((n+1)) 380 echo_i "checking dig @IPv6addr -4 A a.example ($n)" 381 if testsock6 fd92:7065:b8e:ffff::2 2>/dev/null 382 then 383 ret=0 384 dig_with_opts +tcp @fd92:7065:b8e:ffff::2 -4 A a.example > dig.out.test$n 2>&1 && ret=1 385 grep "address family not supported" < dig.out.test$n > /dev/null || ret=1 386 if [ $ret -ne 0 ]; then echo_i "failed"; fi 387 status=$((status+ret)) 388 else 389 echo_i "IPv6 unavailable; skipping" 390 fi 391 392 n=$((n+1)) 393 echo_i "checking dig @IPv4addr -6 +mapped A a.example ($n)" 394 if testsock6 fd92:7065:b8e:ffff::2 2>/dev/null && [ "$(uname -s)" != "OpenBSD" ] 395 then 396 ret=0 397 dig_with_opts +tcp @10.53.0.2 -6 +mapped A a.example > dig.out.test$n 2>&1 || ret=1 398 grep "SERVER: ::ffff:10.53.0.2#$PORT" < dig.out.test$n > /dev/null || ret=1 399 if [ $ret -ne 0 ]; then echo_i "failed"; fi 400 status=$((status+ret)) 401 else 402 echo_i "IPv6 or IPv4-to-IPv6 mapping unavailable; skipping" 403 fi 404 405 n=$((n+1)) 406 echo_i "checking dig +tcp @IPv4addr -6 +nomapped A a.example ($n)" 407 if testsock6 fd92:7065:b8e:ffff::2 2>/dev/null 408 then 409 ret=0 410 dig_with_opts +tcp @10.53.0.2 -6 +nomapped A a.example > dig.out.test$n 2>&1 || ret=1 411 grep "SERVER: ::ffff:10.53.0.2#$PORT" < dig.out.test$n > /dev/null && ret=1 412 if [ $ret -ne 0 ]; then echo_i "failed"; fi 413 status=$((status+ret)) 414 else 415 echo_i "IPv6 unavailable; skipping" 416 fi 417 n=$((n+1)) 418 419 echo_i "checking dig +notcp @IPv4addr -6 +nomapped A a.example ($n)" 420 if testsock6 fd92:7065:b8e:ffff::2 2>/dev/null 421 then 422 ret=0 423 dig_with_opts +notcp @10.53.0.2 -6 +nomapped A a.example > dig.out.test$n 2>&1 || ret=1 424 grep "SERVER: ::ffff:10.53.0.2#$PORT" < dig.out.test$n > /dev/null && ret=1 425 if [ $ret -ne 0 ]; then echo_i "failed"; fi 426 status=$((status+ret)) 427 else 428 echo_i "IPv6 unavailable; skipping" 429 fi 430 431 n=$((n+1)) 432 echo_i "checking dig +subnet ($n)" 433 ret=0 434 dig_with_opts +tcp @10.53.0.2 +subnet=127.0.0.1 A a.example > dig.out.test$n 2>&1 || ret=1 435 grep "CLIENT-SUBNET: 127.0.0.1/32/0" < dig.out.test$n > /dev/null || ret=1 436 check_ttl_range dig.out.test$n "A" 300 || ret=1 437 if [ $ret -ne 0 ]; then echo_i "failed"; fi 438 status=$((status+ret)) 439 440 n=$((n+1)) 441 echo_i "checking dig +subnet +subnet ($n)" 442 ret=0 443 dig_with_opts +tcp @10.53.0.2 +subnet=127.0.0.0 +subnet=127.0.0.1 A a.example > dig.out.test$n 2>&1 || ret=1 444 grep "CLIENT-SUBNET: 127.0.0.1/32/0" < dig.out.test$n > /dev/null || ret=1 445 check_ttl_range dig.out.test$n "A" 300 || ret=1 446 if [ $ret -ne 0 ]; then echo_i "failed"; fi 447 status=$((status+ret)) 448 449 n=$((n+1)) 450 echo_i "checking dig +subnet with various prefix lengths ($n)" 451 ret=0 452 for i in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24; do 453 dig_with_opts +tcp @10.53.0.2 +subnet=255.255.255.255/$i A a.example > dig.out.$i.test$n 2>&1 || ret=1 454 case $i in 455 1|9|17) octet=128 ;; 456 2|10|18) octet=192 ;; 457 3|11|19) octet=224 ;; 458 4|12|20) octet=240 ;; 459 5|13|21) octet=248 ;; 460 6|14|22) octet=252 ;; 461 7|15|23) octet=254 ;; 462 8|16|24) octet=255 ;; 463 esac 464 case $i in 465 1|2|3|4|5|6|7|8) addr="${octet}.0.0.0";; 466 9|10|11|12|13|14|15|16) addr="255.${octet}.0.0";; 467 17|18|19|20|21|22|23|24) addr="255.255.${octet}.0" ;; 468 esac 469 grep "FORMERR" < dig.out.$i.test$n > /dev/null && ret=1 470 grep "CLIENT-SUBNET: $addr/$i/0" < dig.out.$i.test$n > /dev/null || ret=1 471 check_ttl_range dig.out.$i.test$n "A" 300 || ret=1 472 done 473 if [ $ret -ne 0 ]; then echo_i "failed"; fi 474 status=$((status+ret)) 475 476 n=$((n+1)) 477 echo_i "checking dig +subnet=0/0 ($n)" 478 ret=0 479 dig_with_opts +tcp @10.53.0.2 +subnet=0/0 A a.example > dig.out.test$n 2>&1 || ret=1 480 grep "status: NOERROR" < dig.out.test$n > /dev/null || ret=1 481 grep "CLIENT-SUBNET: 0.0.0.0/0/0" < dig.out.test$n > /dev/null || ret=1 482 grep "10.0.0.1" < dig.out.test$n > /dev/null || ret=1 483 check_ttl_range dig.out.test$n "A" 300 || ret=1 484 if [ $ret -ne 0 ]; then echo_i "failed"; fi 485 status=$((status+ret)) 486 487 n=$((n+1)) 488 echo_i "checking dig +subnet=0 ($n)" 489 ret=0 490 dig_with_opts +tcp @10.53.0.2 +subnet=0 A a.example > dig.out.test$n 2>&1 || ret=1 491 grep "status: NOERROR" < dig.out.test$n > /dev/null || ret=1 492 grep "CLIENT-SUBNET: 0.0.0.0/0/0" < dig.out.test$n > /dev/null || ret=1 493 grep "10.0.0.1" < dig.out.test$n > /dev/null || ret=1 494 check_ttl_range dig.out.test$n "A" 300 || ret=1 495 if [ $ret -ne 0 ]; then echo_i "failed"; fi 496 status=$((status+ret)) 497 498 n=$((n+1)) 499 echo_i "checking dig +subnet=::/0 ($n)" 500 ret=0 501 dig_with_opts +tcp @10.53.0.2 +subnet=::/0 A a.example > dig.out.test$n 2>&1 || ret=1 502 grep "status: NOERROR" < dig.out.test$n > /dev/null || ret=1 503 grep "CLIENT-SUBNET: ::/0/0" < dig.out.test$n > /dev/null || ret=1 504 grep "10.0.0.1" < dig.out.test$n > /dev/null || ret=1 505 check_ttl_range dig.out.test$n "A" 300 || ret=1 506 if [ $ret -ne 0 ]; then echo_i "failed"; fi 507 status=$((status+ret)) 508 509 n=$((n+1)) 510 echo_i "checking dig +ednsopt=8:00000000 (family=0, source=0, scope=0) ($n)" 511 ret=0 512 dig_with_opts +tcp @10.53.0.2 +ednsopt=8:00000000 A a.example > dig.out.test$n 2>&1 || ret=1 513 grep "status: NOERROR" < dig.out.test$n > /dev/null || ret=1 514 grep "CLIENT-SUBNET: 0/0/0" < dig.out.test$n > /dev/null || ret=1 515 grep "10.0.0.1" < dig.out.test$n > /dev/null || ret=1 516 check_ttl_range dig.out.test$n "A" 300 || ret=1 517 if [ $ret -ne 0 ]; then echo_i "failed"; fi 518 status=$((status+ret)) 519 520 n=$((n+1)) 521 echo_i "checking dig +ednsopt=8:00030000 (family=3, source=0, scope=0) ($n)" 522 ret=0 523 dig_with_opts +qr +tcp @10.53.0.2 +ednsopt=8:00030000 A a.example > dig.out.test$n 2>&1 || ret=1 524 grep "status: FORMERR" < dig.out.test$n > /dev/null || ret=1 525 grep "CLIENT-SUBNET: 00 03 00 00" < dig.out.test$n > /dev/null || ret=1 526 test "$(grep -c "CLIENT-SUBNET: 00 03 00 00" dig.out.test$n)" -eq 1 || ret=1 527 if [ $ret -ne 0 ]; then echo_i "failed"; fi 528 status=$((status+ret)) 529 530 n=$((n+1)) 531 echo_i "checking dig +subnet with prefix lengths between byte boundaries ($n)" 532 ret=0 533 for p in 9 10 11 12 13 14 15; do 534 dig_with_opts +tcp @10.53.0.2 +subnet=10.53/$p A a.example > dig.out.test.$p.$n 2>&1 || ret=1 535 grep "FORMERR" < dig.out.test.$p.$n > /dev/null && ret=1 536 grep "CLIENT-SUBNET.*/$p/0" < dig.out.test.$p.$n > /dev/null || ret=1 537 check_ttl_range dig.out.test.$p.$n "A" 300 || ret=1 538 done 539 if [ $ret -ne 0 ]; then echo_i "failed"; fi 540 status=$((status+ret)) 541 542 n=$((n+1)) 543 echo_i "checking dig +sp works as an abbreviated form of split ($n)" 544 ret=0 545 dig_with_opts @10.53.0.3 +sp=4 -t sshfp foo.example > dig.out.test$n || ret=1 546 grep " 9ABC DEF6 7890 " < dig.out.test$n > /dev/null || ret=1 547 check_ttl_range dig.out.test$n "SSHFP" 300 || ret=1 548 if [ $ret -ne 0 ]; then echo_i "failed"; fi 549 status=$((status+ret)) 550 551 n=$((n+1)) 552 echo_i "checking dig -c works ($n)" 553 ret=0 554 dig_with_opts @10.53.0.3 -c CHAOS -t txt version.bind > dig.out.test$n || ret=1 555 grep "version.bind. 0 CH TXT" < dig.out.test$n > /dev/null || ret=1 556 if [ $ret -ne 0 ]; then echo_i "failed"; fi 557 status=$((status+ret)) 558 559 n=$((n+1)) 560 echo_i "checking dig +dscp ($n)" 561 ret=0 562 dig_with_opts @10.53.0.3 +dscp=32 a a.example > /dev/null 2>&1 || ret=1 563 dig_with_opts @10.53.0.3 +dscp=-1 a a.example > /dev/null 2>&1 && ret=1 564 dig_with_opts @10.53.0.3 +dscp=64 a a.example > /dev/null 2>&1 && ret=1 565 #TODO add a check to make sure dig is actually setting the dscp on the query 566 #we might have to add better logging to named for this 567 if [ $ret -ne 0 ]; then echo_i "failed"; fi 568 status=$((status+ret)) 569 570 n=$((n+1)) 571 echo_i "checking dig +ednsopt with option number ($n)" 572 ret=0 573 dig_with_opts @10.53.0.3 +ednsopt=3 a.example > dig.out.test$n 2>&1 || ret=1 574 grep 'NSID: .* ("ns3")' dig.out.test$n > /dev/null || ret=1 575 check_ttl_range dig.out.test$n "A" 300 || ret=1 576 if [ $ret -ne 0 ]; then echo_i "failed"; fi 577 status=$((status+ret)) 578 579 n=$((n+1)) 580 echo_i "checking dig +ednsopt with option name ($n)" 581 ret=0 582 dig_with_opts @10.53.0.3 +ednsopt=nsid a.example > dig.out.test$n 2>&1 || ret=1 583 grep 'NSID: .* ("ns3")' dig.out.test$n > /dev/null || ret=1 584 check_ttl_range dig.out.test$n "A" 300 || ret=1 585 if [ $ret -ne 0 ]; then echo_i "failed"; fi 586 status=$((status+ret)) 587 588 n=$((n+1)) 589 echo_i "checking ednsopt LLQ prints as expected ($n)" 590 ret=0 591 dig_with_opts @10.53.0.3 +ednsopt=llq:0001000200001234567812345678fefefefe +qr a.example > dig.out.test$n 2>&1 || ret=1 592 pat='LLQ: Version: 1, Opcode: 2, Error: 0, Identifier: 1311768465173141112, Lifetime: 4278124286$' 593 tr -d '\r' < dig.out.test$n | grep "$pat" > /dev/null || ret=1 594 if [ $ret -ne 0 ]; then echo_i "failed"; fi 595 status=$((status+ret)) 596 597 n=$((n+1)) 598 echo_i "checking that dig warns about .local queries ($n)" 599 ret=0 600 dig_with_opts @10.53.0.3 local soa > dig.out.test$n 2>&1 || ret=1 601 grep ";; WARNING: .local is reserved for Multicast DNS" dig.out.test$n > /dev/null || ret=1 602 if [ $ret -ne 0 ]; then echo_i "failed"; fi 603 status=$((status+ret)) 604 605 n=$((n+1)) 606 echo_i "check that dig processes +ednsopt=key-tag and FORMERR is returned ($n)" 607 ret=0 608 dig_with_opts @10.53.0.3 +ednsopt=key-tag a.example +qr > dig.out.test$n 2>&1 || ret=1 609 grep "; KEY-TAG: *$" dig.out.test$n > /dev/null || ret=1 610 grep "status: FORMERR" dig.out.test$n > /dev/null || ret=1 611 if [ $ret -ne 0 ]; then echo_i "failed"; fi 612 status=$((status+ret)) 613 614 n=$((n+1)) 615 echo_i "check that dig processes +ednsopt=key-tag:<value-list> ($n)" 616 ret=0 617 dig_with_opts @10.53.0.3 +ednsopt=key-tag:00010002 a.example +qr > dig.out.test$n 2>&1 || ret=1 618 grep "; KEY-TAG: 1, 2$" dig.out.test$n > /dev/null || ret=1 619 grep "status: FORMERR" dig.out.test$n > /dev/null && ret=1 620 check_ttl_range dig.out.test$n "A" 300 || ret=1 621 if [ $ret -ne 0 ]; then echo_i "failed"; fi 622 status=$((status+ret)) 623 624 n=$((n+1)) 625 echo_i "check that dig processes +ednsopt=key-tag:<malformed-value-list> and FORMERR is returned ($n)" 626 ret=0 627 dig_with_opts @10.53.0.3 +ednsopt=key-tag:0001000201 a.example +qr > dig.out.test$n 2>&1 || ret=1 628 grep "; KEY-TAG: 00 01 00 02 01" dig.out.test$n > /dev/null || ret=1 629 grep "status: FORMERR" dig.out.test$n > /dev/null || ret=1 630 if [ $ret -ne 0 ]; then echo_i "failed"; fi 631 status=$((status+ret)) 632 633 n=$((n+1)) 634 echo_i "check that dig processes +ednsopt=client-tag:value ($n)" 635 ret=0 636 dig_with_opts @10.53.0.3 +ednsopt=client-tag:0001 a.example +qr > dig.out.test$n 2>&1 || ret=1 637 grep "; CLIENT-TAG: 1$" dig.out.test$n > /dev/null || ret=1 638 grep "status: FORMERR" dig.out.test$n > /dev/null && ret=1 639 if [ $ret -ne 0 ]; then echo_i "failed"; fi 640 status=$((status+ret)) 641 642 n=$((n+1)) 643 echo_i "check that FORMERR is returned for a too short client-tag ($n)" 644 ret=0 645 dig_with_opts @10.53.0.3 +ednsopt=client-tag:01 a.example +qr > dig.out.test$n 2>&1 || ret=1 646 grep "; CLIENT-TAG" dig.out.test$n > /dev/null || ret=1 647 grep "status: FORMERR" dig.out.test$n > /dev/null || ret=1 648 if [ $ret -ne 0 ]; then echo_i "failed"; fi 649 status=$((status+ret)) 650 651 n=$((n+1)) 652 echo_i "check that FORMERR is returned for a too long client-tag ($n)" 653 ret=0 654 dig_with_opts @10.53.0.3 +ednsopt=client-tag:000001 a.example +qr > dig.out.test$n 2>&1 || ret=1 655 grep "; CLIENT-TAG" dig.out.test$n > /dev/null || ret=1 656 grep "status: FORMERR" dig.out.test$n > /dev/null || ret=1 657 if [ $ret -ne 0 ]; then echo_i "failed"; fi 658 status=$((status+ret)) 659 660 n=$((n+1)) 661 echo_i "check that dig processes +ednsopt=server-tag:value ($n)" 662 ret=0 663 dig_with_opts @10.53.0.3 +ednsopt=server-tag:0001 a.example +qr > dig.out.test$n 2>&1 || ret=1 664 grep "; SERVER-TAG: 1$" dig.out.test$n > /dev/null || ret=1 665 grep "status: FORMERR" dig.out.test$n > /dev/null && ret=1 666 if [ $ret -ne 0 ]; then echo_i "failed"; fi 667 status=$((status+ret)) 668 669 n=$((n+1)) 670 echo_i "check that FORMERR is returned for a too short server-tag ($n)" 671 ret=0 672 dig_with_opts @10.53.0.3 +ednsopt=server-tag:01 a.example +qr > dig.out.test$n 2>&1 || ret=1 673 grep "; SERVER-TAG" dig.out.test$n > /dev/null || ret=1 674 grep "status: FORMERR" dig.out.test$n > /dev/null || ret=1 675 if [ $ret -ne 0 ]; then echo_i "failed"; fi 676 status=$((status+ret)) 677 678 n=$((n+1)) 679 echo_i "check that FORMERR is returned for a too long server-tag ($n)" 680 ret=0 681 dig_with_opts @10.53.0.3 +ednsopt=server-tag:000001 a.example +qr > dig.out.test$n 2>&1 || ret=1 682 grep "; SERVER-TAG" dig.out.test$n > /dev/null || ret=1 683 grep "status: FORMERR" dig.out.test$n > /dev/null || ret=1 684 if [ $ret -ne 0 ]; then echo_i "failed"; fi 685 status=$((status+ret)) 686 687 n=$((n+1)) 688 echo_i "check that Extended DNS Error 0 is printed correctly ($n)" 689 # First defined EDE code, additional text "foo". 690 dig_with_opts @10.53.0.3 +ednsopt=ede:0000666f6f a.example +qr > dig.out.test$n 2>&1 || ret=1 691 pat='^; EDE: 0 (Other): (foo)$' 692 tr -d '\r' < dig.out.test$n | grep "$pat" > /dev/null || ret=1 693 if [ $ret -ne 0 ]; then echo_i "failed"; fi 694 status=$((status+ret)) 695 696 n=$((n+1)) 697 echo_i "check that Extended DNS Error 24 is printed correctly ($n)" 698 # Last defined EDE code, no additional text. 699 dig_with_opts @10.53.0.3 +ednsopt=ede:0018 a.example +qr > dig.out.test$n 2>&1 || ret=1 700 pat='^; EDE: 24 (Invalid Data)$' 701 tr -d '\r' < dig.out.test$n | grep "$pat" > /dev/null || ret=1 702 if [ $ret -ne 0 ]; then echo_i "failed"; fi 703 status=$((status+ret)) 704 705 n=$((n+1)) 706 echo_i "check that Extended DNS Error 25 is printed correctly ($n)" 707 # First undefined EDE code, additional text "foo". 708 dig_with_opts @10.53.0.3 +ednsopt=ede:0019666f6f a.example +qr > dig.out.test$n 2>&1 || ret=1 709 pat='^; EDE: 25: (foo)$' 710 tr -d '\r' < dig.out.test$n | grep "$pat" > /dev/null || ret=1 711 if [ $ret -ne 0 ]; then echo_i "failed"; fi 712 status=$((status+ret)) 713 714 n=$((n+1)) 715 echo_i "check that invalid Extended DNS Error (length 0) is printed ($n)" 716 # EDE payload is too short 717 dig_with_opts @10.53.0.3 +ednsopt=ede a.example +qr > dig.out.test$n 2>&1 || ret=1 718 pat='^; EDE:$' 719 tr -d '\r' < dig.out.test$n | grep "$pat" > /dev/null || ret=1 720 if [ $ret -ne 0 ]; then echo_i "failed"; fi 721 status=$((status+ret)) 722 723 n=$((n+1)) 724 echo_i "check that invalid Extended DNS Error (length 1) is printed ($n)" 725 # EDE payload is too short 726 dig_with_opts @10.53.0.3 +ednsopt=ede:00 a.example +qr > dig.out.test$n 2>&1 || ret=1 727 pat='^; EDE: 00 (".")$' 728 tr -d '\r' < dig.out.test$n | grep "$pat" > /dev/null || ret=1 729 if [ $ret -ne 0 ]; then echo_i "failed"; fi 730 status=$((status+ret)) 731 732 if [ $HAS_PYYAML -ne 0 ] ; then 733 n=$((n+1)) 734 echo_i "check that +yaml Extended DNS Error 0 is printed correctly ($n)" 735 # First defined EDE code, additional text "foo". 736 dig_with_opts @10.53.0.3 +yaml +ednsopt=ede:0000666f6f a.example +qr > dig.out.test$n 2>&1 || ret=1 737 $PYTHON yamlget.py dig.out.test$n 0 message query_message_data OPT_PSEUDOSECTION EDNS EDE INFO-CODE > yamlget.out.test$n 2>&1 || ret=1 738 read -r value < yamlget.out.test$n 739 [ "$value" = "0 (Other)" ] || ret=1 740 $PYTHON yamlget.py dig.out.test$n 0 message query_message_data OPT_PSEUDOSECTION EDNS EDE EXTRA-TEXT > yamlget.out.test$n 2>&1 || ret=1 741 read -r value < yamlget.out.test$n 742 [ "$value" = "foo" ] || ret=1 743 if [ $ret -ne 0 ]; then echo_i "failed"; fi 744 status=$((status+ret)) 745 746 n=$((n+1)) 747 echo_i "check that +yaml Extended DNS Error 24 is printed correctly ($n)" 748 # Last defined EDE code, no additional text. 749 dig_with_opts @10.53.0.3 +yaml +ednsopt=ede:0018 a.example +qr > dig.out.test$n 2>&1 || ret=1 750 $PYTHON yamlget.py dig.out.test$n 0 message query_message_data OPT_PSEUDOSECTION EDNS EDE INFO-CODE > yamlget.out.test$n 2>&1 || ret=1 751 read -r value < yamlget.out.test$n 752 [ "$value" = "24 (Invalid Data)" ] || ret=1 753 $PYTHON yamlget.py dig.out.test$n 0 message query_message_data OPT_PSEUDOSECTION EDNS EDE EXTRA-TEXT > yamlget.out.test$n 2>&1 && ret=1 754 if [ $ret -ne 0 ]; then echo_i "failed"; fi 755 status=$((status+ret)) 756 757 n=$((n+1)) 758 echo_i "check that +yaml Extended DNS Error 25 is printed correctly ($n)" 759 # First undefined EDE code, additional text "foo". 760 dig_with_opts @10.53.0.3 +yaml +ednsopt=ede:0019666f6f a.example +qr > dig.out.test$n 2>&1 || ret=1 761 $PYTHON yamlget.py dig.out.test$n 0 message query_message_data OPT_PSEUDOSECTION EDNS EDE INFO-CODE > yamlget.out.test$n 2>&1 || ret=1 762 read -r value < yamlget.out.test$n 763 [ "$value" = "25" ] || ret=1 764 $PYTHON yamlget.py dig.out.test$n 0 message query_message_data OPT_PSEUDOSECTION EDNS EDE EXTRA-TEXT > yamlget.out.test$n 2>&1 || ret=1 765 read -r value < yamlget.out.test$n 766 [ "$value" = "foo" ] || ret=1 767 if [ $ret -ne 0 ]; then echo_i "failed"; fi 768 status=$((status+ret)) 769 770 n=$((n+1)) 771 echo_i "check that invalid Extended DNS Error (length 0) is printed ($n)" 772 # EDE payload is too short 773 dig_with_opts @10.53.0.3 +yaml +ednsopt=ede a.example +qr > dig.out.test$n 2>&1 || ret=1 774 $PYTHON yamlget.py dig.out.test$n 0 message query_message_data OPT_PSEUDOSECTION EDNS EDE > yamlget.out.test$n 2>&1 || ret=1 775 read -r value < yamlget.out.test$n 776 [ "$value" = "None" ] || ret=1 777 if [ $ret -ne 0 ]; then echo_i "failed"; fi 778 status=$((status+ret)) 779 780 n=$((n+1)) 781 echo_i "check that invalid +yaml Extended DNS Error (length 1) is printed ($n)" 782 # EDE payload is too short 783 dig_with_opts @10.53.0.3 +yaml +ednsopt=ede:00 a.example +qr > dig.out.test$n 2>&1 || ret=1 784 $PYTHON yamlget.py dig.out.test$n 0 message query_message_data OPT_PSEUDOSECTION EDNS EDE > yamlget.out.test$n 2>&1 || ret=1 785 read -r value < yamlget.out.test$n 786 [ "$value" = '00 (".")' ] || ret=1 787 if [ $ret -ne 0 ]; then echo_i "failed"; fi 788 status=$((status+ret)) 789 fi 790 791 n=$((n+1)) 792 echo_i "check that dig handles malformed option '+ednsopt=:' gracefully ($n)" 793 ret=0 794 dig_with_opts @10.53.0.3 +ednsopt=: a.example > dig.out.test$n 2>&1 && ret=1 795 grep "ednsopt no code point specified" dig.out.test$n > /dev/null || ret=1 796 if [ $ret -ne 0 ]; then echo_i "failed"; fi 797 status=$((status+ret)) 798 799 n=$((n+1)) 800 echo_i "check that dig gracefully handles bad escape in domain name ($n)" 801 ret=0 802 digstatus=0 803 dig_with_opts @10.53.0.3 '\0.' > dig.out.test$n 2>&1 || digstatus=$? 804 echo digstatus=$digstatus >> dig.out.test$n 805 test $digstatus -eq 10 || ret=1 806 grep REQUIRE dig.out.test$n > /dev/null && ret=1 807 grep "is not a legal name (bad escape)" dig.out.test$n > /dev/null || ret=1 808 if [ $ret -ne 0 ]; then echo_i "failed"; fi 809 status=$((status+ret)) 810 811 n=$((n+1)) 812 echo_i "check that dig -q -m works ($n)" 813 ret=0 814 dig_with_opts @10.53.0.3 -q -m > dig.out.test$n 2>&1 815 pat='^;-m\..*IN.*A$' 816 tr -d '\r' < dig.out.test$n | grep "$pat" > /dev/null || ret=1 817 grep "Dump of all outstanding memory allocations" dig.out.test$n > /dev/null && ret=1 818 if [ $ret -ne 0 ]; then echo_i "failed"; fi 819 status=$((status+ret)) 820 821 n=$((n+1)) 822 echo_i "checking exit code for a retry upon TCP EOF (immediate -> immediate) ($n)" 823 ret=0 824 echo "no_response no_response" | sendcmd 10.53.0.5 825 dig_with_opts @10.53.0.5 example AXFR +tries=2 > dig.out.test$n 2>&1 && ret=1 826 # Sanity check: ensure ans5 behaves as expected. 827 [ `grep "communications error.*end of file" dig.out.test$n | wc -l` -eq 2 ] || ret=1 828 if [ $ret -ne 0 ]; then echo_i "failed"; fi 829 status=$((status+ret)) 830 831 n=$((n+1)) 832 echo_i "checking exit code for a retry upon TCP EOF (partial AXFR -> partial AXFR) ($n)" 833 ret=0 834 echo "partial_axfr partial_axfr" | sendcmd 10.53.0.5 835 dig_with_opts @10.53.0.5 example AXFR +tries=2 > dig.out.test$n 2>&1 && ret=1 836 # Sanity check: ensure ans5 behaves as expected. 837 [ `grep "communications error.*end of file" dig.out.test$n | wc -l` -eq 2 ] || ret=1 838 if [ $ret -ne 0 ]; then echo_i "failed"; fi 839 status=$((status+ret)) 840 841 n=$((n+1)) 842 echo_i "checking exit code for a retry upon TCP EOF (immediate -> partial AXFR) ($n)" 843 ret=0 844 echo "no_response partial_axfr" | sendcmd 10.53.0.5 845 dig_with_opts @10.53.0.5 example AXFR +tries=2 > dig.out.test$n 2>&1 && ret=1 846 # Sanity check: ensure ans5 behaves as expected. 847 [ `grep "communications error.*end of file" dig.out.test$n | wc -l` -eq 2 ] || ret=1 848 if [ $ret -ne 0 ]; then echo_i "failed"; fi 849 status=$((status+ret)) 850 851 n=$((n+1)) 852 echo_i "checking exit code for a retry upon TCP EOF (partial AXFR -> immediate) ($n)" 853 ret=0 854 echo "partial_axfr no_response" | sendcmd 10.53.0.5 855 dig_with_opts @10.53.0.5 example AXFR +tries=2 > dig.out.test$n 2>&1 && ret=1 856 # Sanity check: ensure ans5 behaves as expected. 857 [ `grep "communications error.*end of file" dig.out.test$n | wc -l` -eq 2 ] || ret=1 858 if [ $ret -ne 0 ]; then echo_i "failed"; fi 859 status=$((status+ret)) 860 861 n=$((n+1)) 862 echo_i "checking exit code for a retry upon TCP EOF (immediate -> complete AXFR) ($n)" 863 ret=0 864 echo "no_response complete_axfr" | sendcmd 10.53.0.5 865 dig_with_opts @10.53.0.5 example AXFR +tries=2 > dig.out.test$n 2>&1 || ret=1 866 # Sanity check: ensure ans5 behaves as expected. 867 [ `grep "communications error.*end of file" dig.out.test$n | wc -l` -eq 1 ] || ret=1 868 if [ $ret -ne 0 ]; then echo_i "failed"; fi 869 status=$((status+ret)) 870 871 n=$((n+1)) 872 echo_i "checking exit code for a retry upon TCP EOF (partial AXFR -> complete AXFR) ($n)" 873 ret=0 874 echo "partial_axfr complete_axfr" | sendcmd 10.53.0.5 875 dig_with_opts @10.53.0.5 example AXFR +tries=2 > dig.out.test$n 2>&1 || ret=1 876 # Sanity check: ensure ans5 behaves as expected. 877 [ `grep "communications error.*end of file" dig.out.test$n | wc -l` -eq 1 ] || ret=1 878 if [ $ret -ne 0 ]; then echo_i "failed"; fi 879 status=$((status+ret)) 880 881 n=$((n+1)) 882 echo_i "checking +tries=1 won't retry twice upon TCP EOF ($n)" 883 ret=0 884 echo "no_response no_response" | sendcmd 10.53.0.5 885 dig_with_opts @10.53.0.5 example AXFR +tries=1 > dig.out.test$n 2>&1 && ret=1 886 # Sanity check: ensure ans5 behaves as expected. 887 [ `grep "communications error.*end of file" dig.out.test$n | wc -l` -eq 1 ] || ret=1 888 if [ $ret -ne 0 ]; then echo_i "failed"; fi 889 status=$((status+ret)) 890 891 n=$((n+1)) 892 echo_i "checking +retry=0 won't retry twice upon TCP EOF ($n)" 893 ret=0 894 dig_with_opts @10.53.0.5 example AXFR +retry=0 > dig.out.test$n 2>&1 && ret=1 895 # Sanity check: ensure ans5 behaves as expected. 896 [ `grep "communications error.*end of file" dig.out.test$n | wc -l` -eq 1 ] || ret=1 897 if [ $ret -ne 0 ]; then echo_i "failed"; fi 898 status=$((status+ret)) 899 900 n=$((n+1)) 901 echo_i "check that dig +expandaaaa works ($n)" 902 ret=0 903 dig_with_opts @10.53.0.3 +expandaaaa AAAA ns2.example > dig.out.test$n 2>&1 || ret=1 904 grep "ns2.example.*fd92:7065:0b8e:ffff:0000:0000:0000:0002" dig.out.test$n > /dev/null || ret=1 905 if [ $ret -ne 0 ]; then echo_i "failed"; fi 906 status=$((status+ret)) 907 908 n=$((n+1)) 909 echo_i "check that dig +noexpandaaaa works ($n)" 910 ret=0 911 dig_with_opts @10.53.0.3 +noexpandaaaa AAAA ns2.example > dig.out.test$n 2>&1 || ret=1 912 grep "ns2.example.*fd92:7065:b8e:ffff::2" dig.out.test$n > /dev/null || ret=1 913 if [ $ret -ne 0 ]; then echo_i "failed"; fi 914 status=$((status+ret)) 915 916 n=$((n+1)) 917 echo_i "check that dig default for +[no]expandaaa (+noexpandaaaa) works ($n)" 918 ret=0 919 dig_with_opts @10.53.0.3 AAAA ns2.example > dig.out.test$n 2>&1 || ret=1 920 grep "ns2.example.*fd92:7065:b8e:ffff::2" dig.out.test$n > /dev/null || ret=1 921 if [ $ret -ne 0 ]; then echo_i "failed"; fi 922 status=$((status+ret)) 923 924 n=$((n+1)) 925 926 echo_i "check that dig +short +expandaaaa works ($n)" 927 ret=0 928 dig_with_opts @10.53.0.3 +short +expandaaaa AAAA ns2.example > dig.out.test$n 2>&1 || ret=1 929 pat='^fd92:7065:0b8e:ffff:0000:0000:0000:0002$' 930 tr -d '\r' < dig.out.test$n | grep "$pat" > /dev/null || ret=1 931 if [ $ret -ne 0 ]; then echo_i "failed"; fi 932 status=$((status+ret)) 933 934 if [ $HAS_PYYAML -ne 0 ] ; then 935 n=$((n+1)) 936 echo_i "check dig +yaml output ($n)" 937 ret=0 938 dig_with_opts +qr +yaml @10.53.0.3 any ns2.example > dig.out.test$n 2>&1 || ret=1 939 value=$($PYTHON yamlget.py dig.out.test$n 0 message query_message_data status || ret=1) 940 [ "$value" = "NOERROR" ] || ret=1 941 value=$($PYTHON yamlget.py dig.out.test$n 1 message response_message_data status || ret=1) 942 [ "$value" = "NOERROR" ] || ret=1 943 value=$($PYTHON yamlget.py dig.out.test$n 1 message response_message_data QUESTION_SECTION 0 || ret=1) 944 [ "$value" = "ns2.example. IN ANY" ] || ret=1 945 if [ $ret -ne 0 ]; then echo_i "failed"; fi 946 status=$((status+ret)) 947 948 n=$((n+1)) 949 echo_i "check dig +yaml output of an IPv6 address ending in zeroes ($n)" 950 ret=0 951 dig_with_opts +qr +yaml @10.53.0.3 aaaa d.example > dig.out.test$n 2>&1 || ret=1 952 $PYTHON yamlget.py dig.out.test$n 1 message response_message_data ANSWER_SECTION 0 > yamlget.out.test$n 2>&1 || ret=1 953 read -r value < yamlget.out.test$n 954 [ "$value" = "d.example. 300 IN AAAA fd92:7065:b8e:ffff::0" ] || ret=1 955 if [ $ret -ne 0 ]; then echo_i "failed"; fi 956 status=$((status+ret)) 957 fi 958 959 n=$((n+1)) 960 echo_i "check that dig +unexpected works ($n)" 961 ret=0 962 dig_with_opts @10.53.0.6 +unexpected a a.example > dig.out.test$n || ret=1 963 grep 'reply from unexpected source' dig.out.test$n > /dev/null || ret=1 964 grep 'status: NOERROR' dig.out.test$n > /dev/null || ret=1 965 if [ $ret -ne 0 ]; then echo_i "failed"; fi 966 status=$((status+ret)) 967 968 n=$((n+1)) 969 echo_i "check that dig +nounexpected works ($n)" 970 ret=0 971 dig_with_opts @10.53.0.6 +nounexpected +tries=1 +time=2 a a.example > dig.out.test$n && ret=1 972 grep 'reply from unexpected source' dig.out.test$n > /dev/null || ret=1 973 grep "status: NOERROR" < dig.out.test$n > /dev/null && ret=1 974 if [ $ret -ne 0 ]; then echo_i "failed"; fi 975 status=$((status+ret)) 976 977 n=$((n+1)) 978 echo_i "check that dig default for +[no]unexpected (+nounexpected) works ($n)" 979 ret=0 980 dig_with_opts @10.53.0.6 +tries=1 +time=2 a a.example > dig.out.test$n && ret=1 981 grep 'reply from unexpected source' dig.out.test$n > /dev/null || ret=1 982 grep "status: NOERROR" < dig.out.test$n > /dev/null && ret=1 983 if [ $ret -ne 0 ]; then echo_i "failed"; fi 984 status=$((status+ret)) 985 986 n=$((n+1)) 987 echo_i "check that dig +bufsize=0 disables EDNS ($n)" 988 ret=0 989 dig_with_opts @10.53.0.3 a.example +bufsize=0 +qr > dig.out.test$n 2>&1 || ret=1 990 grep "EDNS:" dig.out.test$n > /dev/null && ret=1 991 if [ $ret -ne 0 ]; then echo_i "failed"; fi 992 status=$((status+ret)) 993 994 n=$((n+1)) 995 echo_i "check that dig +bufsize=0 +edns sends EDNS with bufsize of 0 ($n)" 996 ret=0 997 dig_with_opts @10.53.0.3 a.example +bufsize=0 +edns +qr > dig.out.test$n 2>&1 || ret=1 998 pat='EDNS:.* udp: 0$' 999 tr -d '\r' < dig.out.test$n | grep -E "$pat" > /dev/null || ret=1 1000 if [ $ret -ne 0 ]; then echo_i "failed"; fi 1001 status=$((status+ret)) 1002 1003 n=$((n+1)) 1004 echo_i "check that dig +bufsize restores default bufsize ($n)" 1005 ret=0 1006 dig_with_opts @10.53.0.3 a.example +bufsize=0 +bufsize +qr > dig.out.test$n 2>&1 || ret=1 1007 lines1232=`grep "EDNS:.* udp: 1232" dig.out.test$n | wc -l` 1008 lines4096=`grep "EDNS:.* udp: 4096" dig.out.test$n | wc -l` 1009 test $lines1232 -eq 1 || ret=1 1010 test $lines4096 -eq 1 || ret=1 1011 if [ $ret -ne 0 ]; then echo_i "failed"; fi 1012 status=$((status+ret)) 1013 1014 n=$((n+1)) 1015 echo_i "check that dig without -u displays 'Query time' in millseconds ($n)" 1016 ret=0 1017 dig_with_opts @10.53.0.3 a.example > dig.out.test$n 2>&1 || ret=1 1018 grep ';; Query time: [0-9][0-9]* msec' dig.out.test$n >/dev/null || ret=1 1019 if [ $ret -ne 0 ]; then echo_i "failed"; fi 1020 status=$((status+ret)) 1021 1022 n=$((n+1)) 1023 echo_i "check that dig -u displays 'Query time' in microseconds ($n)" 1024 ret=0 1025 dig_with_opts -u @10.53.0.3 a.example > dig.out.test$n 2>&1 || ret=1 1026 grep ';; Query time: [0-9][0-9]* usec' dig.out.test$n >/dev/null || ret=1 1027 if [ $ret -ne 0 ]; then echo_i "failed"; fi 1028 status=$((status+ret)) 1029 1030 n=$((n+1)) 1031 echo_i "check that dig +yaml without -u displays timestamps in milliseconds ($n)" 1032 ret=0 1033 dig_with_opts +yaml @10.53.0.3 a.example > dig.out.test$n 2>&1 || ret=1 1034 grep 'query_time: !!timestamp ....-..-..T..:..:..\....Z' dig.out.test$n >/dev/null || ret=1 1035 grep 'response_time: !!timestamp ....-..-..T..:..:..\....Z' dig.out.test$n >/dev/null || ret=1 1036 if [ $ret -ne 0 ]; then echo_i "failed"; fi 1037 status=$((status+ret)) 1038 1039 n=$((n+1)) 1040 echo_i "check that dig -u +yaml displays timestamps in microseconds ($n)" 1041 ret=0 1042 dig_with_opts -u +yaml @10.53.0.3 a.example > dig.out.test$n 2>&1 || ret=1 1043 grep 'query_time: !!timestamp ....-..-..T..:..:..\.......Z' dig.out.test$n >/dev/null || ret=1 1044 grep 'response_time: !!timestamp ....-..-..T..:..:..\.......Z' dig.out.test$n >/dev/null || ret=1 1045 if [ $ret -ne 0 ]; then echo_i "failed"; fi 1046 status=$((status+ret)) 1047 1048else 1049 echo_i "$DIG is needed, so skipping these dig tests" 1050fi 1051 1052if [ -x "$MDIG" ] ; then 1053 n=$((n+1)) 1054 echo_i "check that mdig handles malformed option '+ednsopt=:' gracefully ($n)" 1055 ret=0 1056 mdig_with_opts @10.53.0.3 +ednsopt=: a.example > dig.out.test$n 2>&1 && ret=1 1057 grep "ednsopt no code point specified" dig.out.test$n > /dev/null || ret=1 1058 if [ $ret -ne 0 ]; then echo_i "failed"; fi 1059 status=$((status+ret)) 1060 1061 n=$((n+1)) 1062 echo_i "checking mdig +multi +norrcomments works for DNSKEY (when default is rrcomments)($n)" 1063 ret=0 1064 mdig_with_opts +tcp @10.53.0.3 +multi +norrcomments -t DNSKEY example > dig.out.test$n || ret=1 1065 grep "; ZSK; alg = $DEFAULT_ALGORITHM ; key id = $KEYID" dig.out.test$n && ret=1 1066 if [ $ret -ne 0 ]; then echo_i "failed"; fi 1067 status=$((status+ret)) 1068 1069 n=$((n+1)) 1070 echo_i "checking mdig +multi +norrcomments works for SOA (when default is rrcomments)($n)" 1071 ret=0 1072 mdig_with_opts +tcp @10.53.0.3 +multi +norrcomments -t SOA example > dig.out.test$n || ret=1 1073 grep "; serial" < dig.out.test$n > /dev/null && ret=1 1074 if [ $ret -ne 0 ]; then echo_i "failed"; fi 1075 status=$((status+ret)) 1076 1077 if [ $HAS_PYYAML -ne 0 ] ; then 1078 n=$((n+1)) 1079 echo_i "check mdig +yaml output ($n)" 1080 ret=0 1081 mdig_with_opts +yaml @10.53.0.3 -t any ns2.example > dig.out.test$n || ret=1 1082 value=$($PYTHON yamlget.py dig.out.test$n 0 message response_message_data status || ret=1) 1083 [ "$value" = "NOERROR" ] || ret=1 1084 value=$($PYTHON yamlget.py dig.out.test$n 0 message response_message_data QUESTION_SECTION 0 || ret=1) 1085 [ "$value" = "ns2.example. IN ANY" ] || ret=1 1086 if [ $ret -ne 0 ]; then echo_i "failed"; fi 1087 status=$((status+ret)) 1088 fi 1089else 1090 echo_i "$MDIG is needed, so skipping these mdig tests" 1091fi 1092 1093if [ -x "$DELV" ] ; then 1094 n=$((n+1)) 1095 echo_i "checking delv short form works ($n)" 1096 ret=0 1097 delv_with_opts @10.53.0.3 +short a a.example > delv.out.test$n || ret=1 1098 test "$(wc -l < delv.out.test$n)" -eq 1 || ret=1 1099 if [ $ret -ne 0 ]; then echo_i "failed"; fi 1100 status=$((status+ret)) 1101 1102 n=$((n+1)) 1103 echo_i "checking delv split width works ($n)" 1104 ret=0 1105 delv_with_opts @10.53.0.3 +split=4 -t sshfp foo.example > delv.out.test$n || ret=1 1106 grep " 9ABC DEF6 7890 " < delv.out.test$n > /dev/null || ret=1 1107 check_ttl_range delv.out.test$n "SSHFP" 300 || ret=1 1108 if [ $ret -ne 0 ]; then echo_i "failed"; fi 1109 status=$((status+ret)) 1110 1111 n=$((n+1)) 1112 echo_i "checking delv +unknownformat works ($n)" 1113 ret=0 1114 delv_with_opts @10.53.0.3 +unknownformat a a.example > delv.out.test$n || ret=1 1115 grep "CLASS1[ ][ ]*TYPE1[ ][ ]*\\\\# 4 0A000001" < delv.out.test$n > /dev/null || ret=1 1116 check_ttl_range delv.out.test$n "TYPE1" 300 || ret=1 1117 if [ $ret -ne 0 ]; then echo_i "failed"; fi 1118 status=$((status+ret)) 1119 1120 n=$((n+1)) 1121 echo_i "checking delv -4 -6 ($n)" 1122 ret=0 1123 delv_with_opts @10.53.0.3 -4 -6 A a.example > delv.out.test$n 2>&1 && ret=1 1124 grep "only one of -4 and -6 allowed" < delv.out.test$n > /dev/null || ret=1 1125 if [ $ret -ne 0 ]; then echo_i "failed"; fi 1126 status=$((status+ret)) 1127 1128 n=$((n+1)) 1129 echo_i "checking delv with IPv6 on IPv4 does not work ($n)" 1130 if testsock6 fd92:7065:b8e:ffff::3 2>/dev/null 1131 then 1132 ret=0 1133 # following should fail because @IPv4 overrides earlier @IPv6 above 1134 # and -6 forces IPv6 so this should fail, with a message 1135 # "Use of IPv4 disabled by -6" 1136 delv_with_opts @fd92:7065:b8e:ffff::3 @10.53.0.3 -6 -t txt foo.example > delv.out.test$n 2>&1 && ret=1 1137 # it should have no results but error output 1138 grep "testing" < delv.out.test$n > /dev/null && ret=1 1139 grep "Use of IPv4 disabled by -6" delv.out.test$n > /dev/null || ret=1 1140 if [ $ret -ne 0 ]; then echo_i "failed"; fi 1141 status=$((status+ret)) 1142 else 1143 echo_i "IPv6 unavailable; skipping" 1144 fi 1145 1146 n=$((n+1)) 1147 echo_i "checking delv with IPv4 on IPv6 does not work ($n)" 1148 if testsock6 fd92:7065:b8e:ffff::3 2>/dev/null 1149 then 1150 ret=0 1151 # following should fail because @IPv6 overrides earlier @IPv4 above 1152 # and -4 forces IPv4 so this should fail, with a message 1153 # "Use of IPv6 disabled by -4" 1154 delv_with_opts @10.53.0.3 @fd92:7065:b8e:ffff::3 -4 -t txt foo.example > delv.out.test$n 2>&1 && ret=1 1155 # it should have no results but error output 1156 grep "testing" delv.out.test$n > /dev/null && ret=1 1157 grep "Use of IPv6 disabled by -4" delv.out.test$n > /dev/null || ret=1 1158 if [ $ret -ne 0 ]; then echo_i "failed"; fi 1159 status=$((status+ret)) 1160 else 1161 echo_i "IPv6 unavailable; skipping" 1162 fi 1163 1164 n=$((n+1)) 1165 echo_i "checking delv with reverse lookup works ($n)" 1166 ret=0 1167 delv_with_opts @10.53.0.3 -x 127.0.0.1 > delv.out.test$n 2>&1 || ret=1 1168 # doesn't matter if has answer 1169 grep -i "127\\.in-addr\\.arpa\\." < delv.out.test$n > /dev/null || ret=1 1170 check_ttl_range delv.out.test$n '\\-ANY' 10800 3 || ret=1 1171 if [ $ret -ne 0 ]; then echo_i "failed"; fi 1172 status=$((status+ret)) 1173 1174 n=$((n+1)) 1175 echo_i "checking delv over TCP works ($n)" 1176 ret=0 1177 delv_with_opts +tcp @10.53.0.3 a a.example > delv.out.test$n || ret=1 1178 grep "10\\.0\\.0\\.1$" < delv.out.test$n > /dev/null || ret=1 1179 check_ttl_range delv.out.test$n "A" 300 || ret=1 1180 if [ $ret -ne 0 ]; then echo_i "failed"; fi 1181 status=$((status+ret)) 1182 1183 n=$((n+1)) 1184 echo_i "checking delv +multi +norrcomments works for DNSKEY (when default is rrcomments)($n)" 1185 ret=0 1186 delv_with_opts +tcp @10.53.0.3 +multi +norrcomments DNSKEY example > delv.out.test$n || ret=1 1187 grep "; ZSK; alg = $DEFAULT_ALGORITHM ; key id = $KEYID" < delv.out.test$n > /dev/null && ret=1 1188 check_ttl_range delv.out.test$n "DNSKEY" 300 || ret=1 1189 if [ $ret -ne 0 ]; then echo_i "failed"; fi 1190 status=$((status+ret)) 1191 1192 n=$((n+1)) 1193 echo_i "checking delv +multi +norrcomments works for SOA (when default is rrcomments)($n)" 1194 ret=0 1195 delv_with_opts +tcp @10.53.0.3 +multi +norrcomments SOA example > delv.out.test$n || ret=1 1196 grep "; ZSK; alg = $DEFAULT_ALGORITHM ; key id = $KEYID" < delv.out.test$n > /dev/null && ret=1 1197 check_ttl_range delv.out.test$n "SOA" 300 || ret=1 1198 if [ $ret -ne 0 ]; then echo_i "failed"; fi 1199 status=$((status+ret)) 1200 1201 n=$((n+1)) 1202 echo_i "checking delv +rrcomments works for DNSKEY($n)" 1203 ret=0 1204 delv_with_opts +tcp @10.53.0.3 +rrcomments DNSKEY example > delv.out.test$n || ret=1 1205 grep "; ZSK; alg = $DEFAULT_ALGORITHM ; key id = $KEYID" < delv.out.test$n > /dev/null || ret=1 1206 check_ttl_range delv.out.test$n "DNSKEY" 300 || ret=1 1207 if [ $ret -ne 0 ]; then echo_i "failed"; fi 1208 status=$((status+ret)) 1209 1210 n=$((n+1)) 1211 echo_i "checking delv +short +rrcomments works for DNSKEY ($n)" 1212 ret=0 1213 delv_with_opts +tcp @10.53.0.3 +short +rrcomments DNSKEY example > delv.out.test$n || ret=1 1214 grep "; ZSK; alg = $DEFAULT_ALGORITHM ; key id = $KEYID" < delv.out.test$n > /dev/null || ret=1 1215 if [ $ret -ne 0 ]; then echo_i "failed"; fi 1216 status=$((status+ret)) 1217 1218 n=$((n+1)) 1219 echo_i "checking delv +short +rrcomments works ($n)" 1220 ret=0 1221 delv_with_opts +tcp @10.53.0.3 +short +rrcomments DNSKEY example > delv.out.test$n || ret=1 1222 grep -q "$KEYDATA ; ZSK; alg = $DEFAULT_ALGORITHM ; key id = $KEYID" < delv.out.test$n || ret=1 1223 if [ $ret -ne 0 ]; then echo_i "failed"; fi 1224 status=$((status+ret)) 1225 1226 n=$((n+1)) 1227 echo_i "checking delv +short +nosplit works ($n)" 1228 ret=0 1229 delv_with_opts +tcp @10.53.0.3 +short +nosplit DNSKEY example > delv.out.test$n || ret=1 1230 grep -q "$NOSPLIT" < delv.out.test$n || ret=1 1231 test "$(wc -l < delv.out.test$n)" -eq 1 || ret=1 1232 test "$(awk '{print NF}' < delv.out.test$n)" -eq 14 || ret=1 1233 if [ $ret -ne 0 ]; then echo_i "failed"; fi 1234 status=$((status+ret)) 1235 1236 n=$((n+1)) 1237 echo_i "checking delv +short +nosplit +norrcomments works ($n)" 1238 ret=0 1239 delv_with_opts +tcp @10.53.0.3 +short +nosplit +norrcomments DNSKEY example > delv.out.test$n || ret=1 1240 grep -q "$NOSPLIT\$" < delv.out.test$n || ret=1 1241 test "$(wc -l < delv.out.test$n)" -eq 1 || ret=1 1242 test "$(awk '{print NF}' < delv.out.test$n)" -eq 4 || ret=1 1243 if [ $ret -ne 0 ]; then echo_i "failed"; fi 1244 status=$((status+ret)) 1245 1246 n=$((n+1)) 1247 echo_i "checking delv +sp works as an abbriviated form of split ($n)" 1248 ret=0 1249 delv_with_opts @10.53.0.3 +sp=4 -t sshfp foo.example > delv.out.test$n || ret=1 1250 grep " 9ABC DEF6 7890 " < delv.out.test$n > /dev/null || ret=1 1251 check_ttl_range delv.out.test$n "SSHFP" 300 || ret=1 1252 if [ $ret -ne 0 ]; then echo_i "failed"; fi 1253 status=$((status+ret)) 1254 1255 n=$((n+1)) 1256 echo_i "checking delv +sh works as an abbriviated form of short ($n)" 1257 ret=0 1258 delv_with_opts @10.53.0.3 +sh a a.example > delv.out.test$n || ret=1 1259 test "$(wc -l < delv.out.test$n)" -eq 1 || ret=1 1260 if [ $ret -ne 0 ]; then echo_i "failed"; fi 1261 status=$((status+ret)) 1262 1263 n=$((n+1)) 1264 echo_i "checking delv -c IN works ($n)" 1265 ret=0 1266 delv_with_opts @10.53.0.3 -c IN -t a a.example > delv.out.test$n || ret=1 1267 grep "a.example." < delv.out.test$n > /dev/null || ret=1 1268 check_ttl_range delv.out.test$n "A" 300 || ret=1 1269 if [ $ret -ne 0 ]; then echo_i "failed"; fi 1270 status=$((status+ret)) 1271 1272 n=$((n+1)) 1273 echo_i "checking delv -c CH is ignored, and treated like IN ($n)" 1274 ret=0 1275 delv_with_opts @10.53.0.3 -c CH -t a a.example > delv.out.test$n || ret=1 1276 grep "a.example." < delv.out.test$n > /dev/null || ret=1 1277 check_ttl_range delv.out.test$n "A" 300 || ret=1 1278 if [ $ret -ne 0 ]; then echo_i "failed"; fi 1279 status=$((status+ret)) 1280 1281 n=$((n+1)) 1282 echo_i "checking delv H is ignored, and treated like IN ($n)" 1283 ret=0 1284 delv_with_opts @10.53.0.3 -c CH -t a a.example > delv.out.test$n || ret=1 1285 grep "a.example." < delv.out.test$n > /dev/null || ret=1 1286 check_ttl_range delv.out.test$n "A" 300 || ret=1 1287 if [ $ret -ne 0 ]; then echo_i "failed"; fi 1288 status=$((status+ret)) 1289 1290 n=$((n+1)) 1291 echo_i "check that delv -q -m works ($n)" 1292 ret=0 1293 delv_with_opts @10.53.0.3 -q -m > delv.out.test$n 2>&1 || ret=1 1294 grep '^; -m\..*[0-9]*.*IN.*ANY.*;' delv.out.test$n > /dev/null || ret=1 1295 grep "^add " delv.out.test$n > /dev/null && ret=1 1296 grep "^del " delv.out.test$n > /dev/null && ret=1 1297 check_ttl_range delv.out.test$n '\\-ANY' 300 3 || ret=1 1298 if [ $ret -ne 0 ]; then echo_i "failed"; fi 1299 status=$((status+ret)) 1300 1301 n=$((n+1)) 1302 echo_i "check that delv -t ANY works ($n)" 1303 ret=0 1304 delv_with_opts @10.53.0.3 -t ANY example > delv.out.test$n 2>&1 || ret=1 1305 grep "^example." < delv.out.test$n > /dev/null || ret=1 1306 check_ttl_range delv.out.test$n NS 300 || ret=1 1307 check_ttl_range delv.out.test$n SOA 300 || ret=1 1308 if [ $ret -ne 0 ]; then echo_i "failed"; fi 1309 status=$((status+ret)) 1310 1311 n=$((n+1)) 1312 echo_i "check that delv loads key-style trust anchors ($n)" 1313 ret=0 1314 delv_with_opts -a ns3/anchor.dnskey +root=example @10.53.0.3 -t DNSKEY example > delv.out.test$n 2>&1 || ret=1 1315 grep "fully validated" delv.out.test$n > /dev/null || ret=1 1316 if [ $ret -ne 0 ]; then echo_i "failed"; fi 1317 status=$((status+ret)) 1318 1319 n=$((n+1)) 1320 echo_i "check that delv loads DS-style trust anchors ($n)" 1321 ret=0 1322 delv_with_opts -a ns3/anchor.ds +root=example @10.53.0.3 -t DNSKEY example > delv.out.test$n 2>&1 || ret=1 1323 grep "fully validated" delv.out.test$n > /dev/null || ret=1 1324 if [ $ret -ne 0 ]; then echo_i "failed"; fi 1325 status=$((status+ret)) 1326 1327 if [ $HAS_PYYAML -ne 0 ] ; then 1328 n=$((n+1)) 1329 echo_i "check delv +yaml output ($n)" 1330 ret=0 1331 delv_with_opts +yaml @10.53.0.3 any ns2.example > delv.out.test$n || ret=1 1332 value=$($PYTHON yamlget.py delv.out.test$n status || ret=1) 1333 [ "$value" = "success" ] || ret=1 1334 value=$($PYTHON yamlget.py delv.out.test$n query_name || ret=1) 1335 [ "$value" = "ns2.example" ] || ret=1 1336 value=$($PYTHON yamlget.py delv.out.test$n records 0 answer_not_validated 0 || ret=1) 1337 count=$(echo $value | wc -w ) 1338 [ ${count:-0} -eq 5 ] || ret=1 1339 if [ $ret -ne 0 ]; then echo_i "failed"; fi 1340 status=$((status+ret)) 1341 fi 1342else 1343 echo_i "$DELV is needed, so skipping these delv tests" 1344fi 1345 1346echo_i "exit status: $status" 1347[ $status -eq 0 ] || exit 1 1348