#!/bin/sh
#
-# Copyright (C) 2004, 2007 Internet Systems Consortium, Inc. ("ISC")
+# Copyright (C) 2004, 2007, 2009, 2010 Internet Systems Consortium, Inc. ("ISC")
# Copyright (C) 2000, 2001 Internet Software Consortium.
#
# Permission to use, copy, modify, and/or distribute this software for any
# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
# PERFORMANCE OF THIS SOFTWARE.
-# $Id: tests.sh,v 1.9 2007/06/19 23:47:05 tbox Exp $
+# $Id: tests.sh,v 1.11.142.2 2010/05/19 09:32:36 tbox Exp $
SYSTEMTESTTOP=..
. $SYSTEMTESTTOP/conf.sh
status=0
+echo "I:checking non-cachable NXDOMAIN response handling"
+ret=0
+$DIG +tcp nxdomain.example.net @10.53.0.1 a -p 5300 > dig.out || ret=1
+grep "status: NXDOMAIN" dig.out > /dev/null || ret=1
+if [ $ret != 0 ]; then echo "I:failed"; fi
+status=`expr $status + $ret`
+
+echo "I:checking non-cachable NODATA response handling"
+ret=0
+$DIG +tcp nodata.example.net @10.53.0.1 a -p 5300 > dig.out || ret=1
+grep "status: NOERROR" dig.out > /dev/null || ret=1
+
+if [ $ret != 0 ]; then echo "I:failed"; fi
+status=`expr $status + $ret`
echo "I:checking handling of bogus referrals"
# If the server has the "INSIST(!external)" bug, this query will kill it.
$DIG +tcp www.example.com. a @10.53.0.1 -p 5300 >/dev/null || status=1
echo "I:check that server is still running"
$DIG +tcp www.example.com. a @10.53.0.1 -p 5300 >/dev/null || status=1
+echo "I:checking answer IPv4 address filtering (deny)"
+ret=0
+$DIG +tcp www.example.net @10.53.0.1 a -p 5300 > dig.out || ret=1
+grep "status: SERVFAIL" dig.out > /dev/null || ret=1
+if [ $ret != 0 ]; then echo "I:failed"; fi
+status=`expr $status + $ret`
+
+echo "I:checking answer IPv6 address filtering (deny)"
+ret=0
+$DIG +tcp www.example.net @10.53.0.1 aaaa -p 5300 > dig.out || ret=1
+grep "status: SERVFAIL" dig.out > /dev/null || ret=1
+if [ $ret != 0 ]; then echo "I:failed"; fi
+status=`expr $status + $ret`
+
+echo "I:checking answer IPv4 address filtering (accept)"
+ret=0
+$DIG +tcp www.example.org @10.53.0.1 a -p 5300 > dig.out || ret=1
+grep "status: NOERROR" dig.out > /dev/null || ret=1
+if [ $ret != 0 ]; then echo "I:failed"; fi
+status=`expr $status + $ret`
+
+echo "I:checking answer IPv6 address filtering (accept)"
+ret=0
+$DIG +tcp www.example.org @10.53.0.1 aaaa -p 5300 > dig.out || ret=1
+grep "status: NOERROR" dig.out > /dev/null || ret=1
+if [ $ret != 0 ]; then echo "I:failed"; fi
+status=`expr $status + $ret`
+
+echo "I:checking CNAME target filtering (deny)"
+ret=0
+$DIG +tcp badcname.example.net @10.53.0.1 a -p 5300 > dig.out || ret=1
+grep "status: SERVFAIL" dig.out > /dev/null || ret=1
+if [ $ret != 0 ]; then echo "I:failed"; fi
+status=`expr $status + $ret`
+
+echo "I:checking CNAME target filtering (accept)"
+ret=0
+$DIG +tcp goodcname.example.net @10.53.0.1 a -p 5300 > dig.out || ret=1
+grep "status: NOERROR" dig.out > /dev/null || ret=1
+if [ $ret != 0 ]; then echo "I:failed"; fi
+status=`expr $status + $ret`
+
+echo "I:checking CNAME target filtering (accept due to subdomain)"
+ret=0
+$DIG +tcp cname.sub.example.org @10.53.0.1 a -p 5300 > dig.out || ret=1
+grep "status: NOERROR" dig.out > /dev/null || ret=1
+if [ $ret != 0 ]; then echo "I:failed"; fi
+status=`expr $status + $ret`
+
+echo "I:checking DNAME target filtering (deny)"
+ret=0
+$DIG +tcp foo.baddname.example.net @10.53.0.1 a -p 5300 > dig.out || ret=1
+grep "status: SERVFAIL" dig.out > /dev/null || ret=1
+if [ $ret != 0 ]; then echo "I:failed"; fi
+status=`expr $status + $ret`
+
+echo "I:checking DNAME target filtering (accept)"
+ret=0
+$DIG +tcp foo.gooddname.example.net @10.53.0.1 a -p 5300 > dig.out || ret=1
+grep "status: NOERROR" dig.out > /dev/null || ret=1
+if [ $ret != 0 ]; then echo "I:failed"; fi
+status=`expr $status + $ret`
+
+echo "I:checking DNAME target filtering (accept due to subdomain)"
+ret=0
+$DIG +tcp www.dname.sub.example.org @10.53.0.1 a -p 5300 > dig.out || ret=1
+grep "status: NOERROR" dig.out > /dev/null || ret=1
+if [ $ret != 0 ]; then echo "I:failed"; fi
+status=`expr $status + $ret`
+
+
echo "I:exit status: $status"
exit $status
git.samba.org / tridge / bind9.git / blobdiff