1#!/bin/sh 2 3# Copyright (C) Internet Systems Consortium, Inc. ("ISC") 4# 5# SPDX-License-Identifier: MPL-2.0 6# 7# This Source Code Form is subject to the terms of the Mozilla Public 8# License, v. 2.0. If a copy of the MPL was not distributed with this 9# file, you can obtain one at https://mozilla.org/MPL/2.0/. 10# 11# See the COPYRIGHT file distributed with this work for additional 12# information regarding copyright ownership. 13 14set -e 15 16. ../conf.sh 17 18DIGOPTS="-p ${PORT}" 19 20status=0 21n=1 22 23echo_i "check that 'check-integrity yes; check-mx-cname fail;' works ($n)" 24ret=0 25$DIG $DIGOPTS @10.53.0.1 mx mx-cname-fail >dig.out.test$n || ret=1 26grep "status: SERVFAIL," dig.out.test$n >/dev/null || ret=1 27grep "zone mx-cname-fail/IN: mx-cname-fail/MX 'cname.mx-cname-fail' is a CNAME (illegal)" ns1/named.run >/dev/null || ret=1 28n=$((n + 1)) 29if [ $ret != 0 ]; then echo_i "failed"; fi 30status=$((status + ret)) 31 32echo_i "check that 'check-integrity yes; check-mx-cname warn;' works ($n)" 33ret=0 34$DIG $DIGOPTS @10.53.0.1 mx mx-cname-warn >dig.out.test$n || ret=1 35grep "status: NOERROR," dig.out.test$n >/dev/null || ret=1 36grep "zone mx-cname-warn/IN: mx-cname-warn/MX 'cname.mx-cname-warn' is a CNAME (illegal)" ns1/named.run >/dev/null || ret=1 37n=$((n + 1)) 38if [ $ret != 0 ]; then echo_i "failed"; fi 39status=$((status + ret)) 40 41echo_i "check that 'check-integrity yes; check-mx-cname ignore;' works ($n)" 42ret=0 43$DIG $DIGOPTS @10.53.0.1 mx mx-cname-ignore >dig.out.test$n || ret=1 44grep "status: NOERROR," dig.out.test$n >/dev/null || ret=1 45grep "zone mx-cname-ignore/IN: mx-cname-ignore/MX 'cname.mx-cname-ignore' is a CNAME (illegal)" ns1/named.run >/dev/null && ret=1 46n=$((n + 1)) 47if [ $ret != 0 ]; then echo_i "failed"; fi 48status=$((status + ret)) 49 50echo_i "check that 'check-integrity no; check-mx-cname fail;' works ($n)" 51ret=0 52$DIG $DIGOPTS @10.53.0.1 mx no-mx-cname-fail >dig.out.test$n || ret=1 53grep "status: NOERROR," dig.out.test$n >/dev/null || ret=1 54grep "zone no-mx-cname-fail/IN: no-mx-cname-fail/MX 'cname.no-mx-cname-fail' is a CNAME (illegal)" ns1/named.run >/dev/null && ret=1 55n=$((n + 1)) 56if [ $ret != 0 ]; then echo_i "failed"; fi 57status=$((status + ret)) 58 59echo_i "check that 'check-integrity no; check-mx-cname warn;' works ($n)" 60ret=0 61$DIG $DIGOPTS @10.53.0.1 mx no-mx-cname-warn >dig.out.test$n || ret=1 62grep "status: NOERROR," dig.out.test$n >/dev/null || ret=1 63grep "zone no-mx-cname-warn/IN: no-mx-cname-warn/MX 'cname.no-mx-cname-warn' is a CNAME (illegal)" ns1/named.run >/dev/null && ret=1 64n=$((n + 1)) 65if [ $ret != 0 ]; then echo_i "failed"; fi 66status=$((status + ret)) 67 68echo_i "check that 'check-integrity no; check-mx-cname ignore;' works ($n)" 69ret=0 70$DIG $DIGOPTS @10.53.0.1 mx no-mx-cname-ignore >dig.out.test$n || ret=1 71grep "status: NOERROR," dig.out.test$n >/dev/null || ret=1 72grep "zone no-mx-cname-ignore/IN: no-mx-cname-ignore/MX 'cname.no-mx-cname-ignore' is a CNAME (illegal)" ns1/named.run >/dev/null && ret=1 73n=$((n + 1)) 74if [ $ret != 0 ]; then echo_i "failed"; fi 75status=$((status + ret)) 76 77echo_i "check that 'check-integrity yes; check-srv-cname fail;' works ($n)" 78ret=0 79$DIG $DIGOPTS @10.53.0.1 srv srv-cname-fail >dig.out.test$n || ret=1 80grep "status: SERVFAIL," dig.out.test$n >/dev/null || ret=1 81grep "zone srv-cname-fail/IN: srv-cname-fail/SRV 'cname.srv-cname-fail' is a CNAME (illegal)" ns1/named.run >/dev/null || ret=1 82n=$((n + 1)) 83if [ $ret != 0 ]; then echo_i "failed"; fi 84status=$((status + ret)) 85 86echo_i "check that 'check-integrity yes; check-srv-cname warn;' works ($n)" 87ret=0 88$DIG $DIGOPTS @10.53.0.1 srv srv-cname-warn >dig.out.test$n || ret=1 89grep "status: NOERROR," dig.out.test$n >/dev/null || ret=1 90grep "zone srv-cname-warn/IN: srv-cname-warn/SRV 'cname.srv-cname-warn' is a CNAME (illegal)" ns1/named.run >/dev/null || ret=1 91n=$((n + 1)) 92if [ $ret != 0 ]; then echo_i "failed"; fi 93status=$((status + ret)) 94 95echo_i "check that 'check-integrity yes; check-srv-cname ignore;' works ($n)" 96ret=0 97$DIG $DIGOPTS @10.53.0.1 srv srv-cname-ignore >dig.out.test$n || ret=1 98grep "status: NOERROR," dig.out.test$n >/dev/null || ret=1 99grep "zone srv-cname-ignore/IN: srv-cname-ignore/SRV 'cname.srv-cname-ignore' is a CNAME (illegal)" ns1/named.run >/dev/null && ret=1 100n=$((n + 1)) 101if [ $ret != 0 ]; then echo_i "failed"; fi 102status=$((status + ret)) 103 104echo_i "check that 'check-integrity no; check-srv-cname fail;' works ($n)" 105ret=0 106$DIG $DIGOPTS @10.53.0.1 srv no-srv-cname-fail >dig.out.test$n || ret=1 107grep "status: NOERROR," dig.out.test$n >/dev/null || ret=1 108grep "zone no-srv-cname-fail/IN: no-srv-cname-fail/SRV 'cname.no-srv-cname-fail' is a CNAME (illegal)" ns1/named.run >/dev/null && ret=1 109n=$((n + 1)) 110if [ $ret != 0 ]; then echo_i "failed"; fi 111status=$((status + ret)) 112 113echo_i "check that 'check-integrity no; check-srv-cname warn;' works ($n)" 114ret=0 115$DIG $DIGOPTS @10.53.0.1 srv no-srv-cname-warn >dig.out.test$n || ret=1 116grep "status: NOERROR," dig.out.test$n >/dev/null || ret=1 117grep "zone no-srv-cname-warn/IN: no-srv-cname-warn/SRV 'cname.no-srv-cname-warn' is a CNAME (illegal)" ns1/named.run >/dev/null && ret=1 118n=$((n + 1)) 119if [ $ret != 0 ]; then echo_i "failed"; fi 120status=$((status + ret)) 121 122echo_i "check that 'check-integrity no; check-srv-cname ignore;' works ($n)" 123ret=0 124$DIG $DIGOPTS @10.53.0.1 srv no-srv-cname-ignore >dig.out.test$n || ret=1 125grep "status: NOERROR," dig.out.test$n >/dev/null || ret=1 126grep "zone no-srv-cname-ignore/IN: no-srv-cname-ignore/SRV 'cname.no-srv-cname-ignore' is a CNAME (illegal)" ns1/named.run >/dev/null && ret=1 127n=$((n + 1)) 128if [ $ret != 0 ]; then echo_i "failed"; fi 129status=$((status + ret)) 130 131echo_i "exit status: $status" 132test $status -eq 0 || exit 1 133