diff options
Diffstat (limited to 'bin/tests/system/dnssec/ns2')
| -rw-r--r-- | bin/tests/system/dnssec/ns2/child.nsec3.example.db | 25 | ||||
| -rw-r--r-- | bin/tests/system/dnssec/ns2/child.optout.example.db | 25 | ||||
| -rw-r--r-- | bin/tests/system/dnssec/ns2/dlv.db.in | 26 | ||||
| -rw-r--r-- | bin/tests/system/dnssec/ns2/dst.example.db.in | 26 | ||||
| -rw-r--r-- | bin/tests/system/dnssec/ns2/example.db.in | 97 | ||||
| -rw-r--r-- | bin/tests/system/dnssec/ns2/insecure.secure.example.db | 32 | ||||
| -rw-r--r-- | bin/tests/system/dnssec/ns2/named.conf | 83 | ||||
| -rw-r--r-- | bin/tests/system/dnssec/ns2/private.secure.example.db.in | 34 | ||||
| -rw-r--r-- | bin/tests/system/dnssec/ns2/rfc2335.example.db | 103 | ||||
| -rw-r--r-- | bin/tests/system/dnssec/ns2/sign.sh | 68 |
10 files changed, 519 insertions, 0 deletions
diff --git a/bin/tests/system/dnssec/ns2/child.nsec3.example.db b/bin/tests/system/dnssec/ns2/child.nsec3.example.db new file mode 100644 index 0000000..c432b06 --- /dev/null +++ b/bin/tests/system/dnssec/ns2/child.nsec3.example.db @@ -0,0 +1,25 @@ +; Copyright (C) 2006, 2008 Internet Systems Consortium, Inc. ("ISC") +; +; Permission to use, copy, modify, and/or distribute this software for any +; purpose with or without fee is hereby granted, provided that the above +; copyright notice and this permission notice appear in all copies. +; +; THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH +; REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY +; AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, +; INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM +; LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +; OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR +; PERFORMANCE OF THIS SOFTWARE. + +; $Id: child.nsec3.example.db,v 1.3 2008/09/25 04:02:38 tbox Exp $ + +$TTL 300 ; 5 minutes +@ IN SOA mname1. . ( + 2006081400 ; serial + 20 ; refresh (20 seconds) + 20 ; retry (20 seconds) + 1814400 ; expire (3 weeks) + 3600 ; minimum (1 hour) + ) +@ IN NS ns2.example. diff --git a/bin/tests/system/dnssec/ns2/child.optout.example.db b/bin/tests/system/dnssec/ns2/child.optout.example.db new file mode 100644 index 0000000..feb73a4 --- /dev/null +++ b/bin/tests/system/dnssec/ns2/child.optout.example.db @@ -0,0 +1,25 @@ +; Copyright (C) 2006, 2008 Internet Systems Consortium, Inc. ("ISC") +; +; Permission to use, copy, modify, and/or distribute this software for any +; purpose with or without fee is hereby granted, provided that the above +; copyright notice and this permission notice appear in all copies. +; +; THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH +; REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY +; AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, +; INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM +; LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +; OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR +; PERFORMANCE OF THIS SOFTWARE. + +; $Id: child.optout.example.db,v 1.3 2008/09/25 04:02:38 tbox Exp $ + +$TTL 300 ; 5 minutes +@ IN SOA mname1. . ( + 2006081400 ; serial + 20 ; refresh (20 seconds) + 20 ; retry (20 seconds) + 1814400 ; expire (3 weeks) + 3600 ; minimum (1 hour) + ) +@ IN NS ns2.example. diff --git a/bin/tests/system/dnssec/ns2/dlv.db.in b/bin/tests/system/dnssec/ns2/dlv.db.in new file mode 100644 index 0000000..fa09f21 --- /dev/null +++ b/bin/tests/system/dnssec/ns2/dlv.db.in @@ -0,0 +1,26 @@ +; Copyright (C) 2004, 2007 Internet Systems Consortium, Inc. ("ISC") +; +; Permission to use, copy, modify, and/or distribute this software for any +; purpose with or without fee is hereby granted, provided that the above +; copyright notice and this permission notice appear in all copies. +; +; THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH +; REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY +; AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, +; INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM +; LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +; OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR +; PERFORMANCE OF THIS SOFTWARE. + +; $Id: dlv.db.in,v 1.5 2007/06/19 23:47:02 tbox Exp $ + +$TTL 300 ; 5 minutes +@ IN SOA mname1. . ( + 2000042407 ; serial + 20 ; refresh (20 seconds) + 20 ; retry (20 seconds) + 1814400 ; expire (3 weeks) + 3600 ; minimum (1 hour) + ) + NS ns2 +ns2 A 10.53.0.2 diff --git a/bin/tests/system/dnssec/ns2/dst.example.db.in b/bin/tests/system/dnssec/ns2/dst.example.db.in new file mode 100644 index 0000000..5819636 --- /dev/null +++ b/bin/tests/system/dnssec/ns2/dst.example.db.in @@ -0,0 +1,26 @@ +; Copyright (C) 2004, 2007 Internet Systems Consortium, Inc. ("ISC") +; +; Permission to use, copy, modify, and/or distribute this software for any +; purpose with or without fee is hereby granted, provided that the above +; copyright notice and this permission notice appear in all copies. +; +; THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH +; REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY +; AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, +; INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM +; LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +; OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR +; PERFORMANCE OF THIS SOFTWARE. + +; $Id: dst.example.db.in,v 1.4 2007/06/19 23:47:02 tbox Exp $ + +$TTL 300 ; 5 minutes +@ IN SOA mname1. . ( + 2000042407 ; serial + 20 ; refresh (20 seconds) + 20 ; retry (20 seconds) + 1814400 ; expire (3 weeks) + 3600 ; minimum (1 hour) + ) + NS ns2.example. +a A 10.0.0.1 diff --git a/bin/tests/system/dnssec/ns2/example.db.in b/bin/tests/system/dnssec/ns2/example.db.in new file mode 100644 index 0000000..c2b5e98 --- /dev/null +++ b/bin/tests/system/dnssec/ns2/example.db.in @@ -0,0 +1,97 @@ +; Copyright (C) 2004, 2007, 2008 Internet Systems Consortium, Inc. ("ISC") +; Copyright (C) 2000-2002 Internet Software Consortium. +; +; Permission to use, copy, modify, and/or distribute this software for any +; purpose with or without fee is hereby granted, provided that the above +; copyright notice and this permission notice appear in all copies. +; +; THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH +; REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY +; AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, +; INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM +; LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +; OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR +; PERFORMANCE OF THIS SOFTWARE. + +; $Id: example.db.in,v 1.19 2008/09/25 04:02:38 tbox Exp $ + +$TTL 300 ; 5 minutes +@ IN SOA mname1. . ( + 2000042407 ; serial + 20 ; refresh (20 seconds) + 20 ; retry (20 seconds) + 1814400 ; expire (3 weeks) + 3600 ; minimum (1 hour) + ) + NS ns2 + NS ns3 +ns2 A 10.53.0.2 +ns3 A 10.53.0.3 + +a A 10.0.0.1 +b A 10.0.0.2 +d A 10.0.0.4 + +; Used for testing ANY queries +foo TXT "testing" +foo A 10.0.1.0 + +; Used for testing CNAME queries +cname1 CNAME cname1-target +cname1-target TXT "testing cname" + +cname2 CNAME cname2-target +cname2-target TXT "testing cname" + +; Used for testing DNAME queries +dname1 DNAME dname1-target +foo.dname1-target TXT "testing dname" + +dname2 DNAME dname2-target +foo.dname2-target TXT "testing dname" + +; A secure subdomain +secure NS ns.secure +ns.secure A 10.53.0.3 + +; An insecure subdomain +insecure NS ns.insecure +ns.insecure A 10.53.0.3 + +; A secure subdomain we're going to inject bogus data into +bogus NS ns.bogus +ns.bogus A 10.53.0.3 + +; A dynamic secure subdomain +dynamic NS dynamic +dynamic A 10.53.0.3 + +; A insecure subdomain +mustbesecure NS ns.mustbesecure +ns.mustbesecure A 10.53.0.3 + +; A rfc2535 signed zone w/ CNAME +rfc2535 NS ns.rfc2535 +ns.rfc2535 A 10.53.0.3 + +z A 10.0.0.26 + +keyless NS ns.keyless +ns.keyless A 10.53.0.3 + +nsec3 NS ns.nsec3 +ns.nsec3 A 10.53.0.3 + +optout NS ns.optout +ns.optout A 10.53.0.3 + +nsec3-unknown NS ns.nsec3-unknown +ns.nsec3-unknown A 10.53.0.3 + +optout-unknown NS ns.optout-unknown +ns.optout-unknown A 10.53.0.3 + +multiple NS ns.multiple +ns.multiple A 10.53.0.3 + +*.wild A 10.0.0.27 diff --git a/bin/tests/system/dnssec/ns2/insecure.secure.example.db b/bin/tests/system/dnssec/ns2/insecure.secure.example.db new file mode 100644 index 0000000..f16a2cf --- /dev/null +++ b/bin/tests/system/dnssec/ns2/insecure.secure.example.db @@ -0,0 +1,32 @@ +; Copyright (C) 2004, 2007 Internet Systems Consortium, Inc. ("ISC") +; Copyright (C) 2000, 2001 Internet Software Consortium. +; +; Permission to use, copy, modify, and/or distribute this software for any +; purpose with or without fee is hereby granted, provided that the above +; copyright notice and this permission notice appear in all copies. +; +; THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH +; REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY +; AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, +; INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM +; LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +; OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR +; PERFORMANCE OF THIS SOFTWARE. + +; $Id: insecure.secure.example.db,v 1.9 2007/06/19 23:47:02 tbox Exp $ + +$TTL 300 ; 5 minutes +@ IN SOA mname1. . ( + 2000042407 ; serial + 20 ; refresh (20 seconds) + 20 ; retry (20 seconds) + 1814400 ; expire (3 weeks) + 3600 ; minimum (1 hour) + ) + NS ns +ns A 10.53.0.3 + +a A 10.0.0.1 +b A 10.0.0.2 +d A 10.0.0.4 +z A 10.0.0.26 diff --git a/bin/tests/system/dnssec/ns2/named.conf b/bin/tests/system/dnssec/ns2/named.conf new file mode 100644 index 0000000..3160413 --- /dev/null +++ b/bin/tests/system/dnssec/ns2/named.conf @@ -0,0 +1,83 @@ +/* + * Copyright (C) 2004, 2006-2008 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2000-2002 Internet Software Consortium. + * + * Permission to use, copy, modify, and/or distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH + * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, + * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM + * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE + * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR + * PERFORMANCE OF THIS SOFTWARE. + */ + +/* $Id: named.conf,v 1.30 2008/09/25 04:02:38 tbox Exp $ */ + +// NS2 + +controls { /* empty */ }; + +options { + query-source address 10.53.0.2; + notify-source 10.53.0.2; + transfer-source 10.53.0.2; + port 5300; + pid-file "named.pid"; + listen-on { 10.53.0.2; }; + listen-on-v6 { none; }; + recursion no; + notify yes; + dnssec-enable yes; + dnssec-validation yes; +}; + +zone "." { + type hint; + file "../../common/root.hint"; +}; + +zone "dlv" { + type master; + file "dlv.db.signed"; +}; + +zone "example" { + type master; + file "example.db.signed"; + allow-update { any; }; +}; + +zone "private.secure.example" { + type master; + file "private.secure.example.db.signed"; + allow-update { any; }; +}; + +zone "insecure.secure.example" { + type master; + file "insecure.secure.example.db"; + allow-update { any; }; +}; + +zone "rfc2335.example" { + type master; + file "rfc2335.example.db"; +}; + +zone "child.nsec3.example" { + type master; + file "child.nsec3.example.db"; + allow-update { none; }; +}; + +zone "child.optout.example" { + type master; + file "child.optout.example.db"; + allow-update { none; }; +}; + +include "trusted.conf"; diff --git a/bin/tests/system/dnssec/ns2/private.secure.example.db.in b/bin/tests/system/dnssec/ns2/private.secure.example.db.in new file mode 100644 index 0000000..2bf2787 --- /dev/null +++ b/bin/tests/system/dnssec/ns2/private.secure.example.db.in @@ -0,0 +1,34 @@ +; Copyright (C) 2004, 2007 Internet Systems Consortium, Inc. ("ISC") +; Copyright (C) 2000, 2001 Internet Software Consortium. +; +; Permission to use, copy, modify, and/or distribute this software for any +; purpose with or without fee is hereby granted, provided that the above +; copyright notice and this permission notice appear in all copies. +; +; THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH +; REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY +; AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, +; INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM +; LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +; OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR +; PERFORMANCE OF THIS SOFTWARE. + +; $Id: private.secure.example.db.in,v 1.10 2007/06/19 23:47:02 tbox Exp $ + +$TTL 300 ; 5 minutes +@ IN SOA mname1. . ( + 2000042407 ; serial + 20 ; refresh (20 seconds) + 20 ; retry (20 seconds) + 1814400 ; expire (3 weeks) + 3600 ; minimum (1 hour) + ) + NS ns +ns A 10.53.0.2 + +a A 10.0.0.1 +b A 10.0.0.2 +d A 10.0.0.4 +z A 10.0.0.26 +private2secure-nxdomain CNAME r.example. +*.wild CNAME s.example. diff --git a/bin/tests/system/dnssec/ns2/rfc2335.example.db b/bin/tests/system/dnssec/ns2/rfc2335.example.db new file mode 100644 index 0000000..b8b477e --- /dev/null +++ b/bin/tests/system/dnssec/ns2/rfc2335.example.db @@ -0,0 +1,103 @@ +; File written on Fri Apr 30 12:19:15 2004 +; dnssec_signzone version 9.2.4rc3 +rfc2335.example. 300 IN SOA mname1. . ( + 2000042407 ; serial + 20 ; refresh (20 seconds) + 20 ; retry (20 seconds) + 1814400 ; expire (3 weeks) + 3600 ; minimum (1 hour) + ) + 300 SIG SOA 1 2 300 20040530021915 ( + 20040430021915 47799 rfc2335.example. + nGPJKIzF7X/hMJbZURRz59UeEi/6HRxCn9Er + GqSnpw0Ea9Yx5Axu6sLKnF7jXlkZ6NHMCIpJ + +Lv+FDHXTs/dQg== ) + 300 NS ns.rfc2335.example. + 300 SIG NS 1 2 300 20040530021915 ( + 20040430021915 47799 rfc2335.example. + Q234AL9dJYMvxdWG33lpww6AJ3GplKp+ace7 + MUaj0oqDdkx4DtJF2XaP2xcqq7kTOObdQ8ES + vVxNThqOx7LFzg== ) + 300 KEY 256 3 1 ( + AQPZhzXIabI8y5ihWUw7F0WxN2MabnYWkOcV + Fn11NgaGSdjBSYPRMMwMCasD5N2KYPRUP83W + y8mj+ofcoW1FurcZ + ) ; key id = 47799 + 300 NXT a.rfc2335.example. NS SOA SIG KEY NXT + 300 SIG NXT 1 2 300 20040530021915 ( + 20040430021915 47799 rfc2335.example. + Y587mqNy6pBEfbsU6+weM2XRSqLwLwRT9Sl7 + oNuOK9kV3TR4R2M54m2S0MgJCXbRAwU+fF8Q + UbZkSTVe2N8Nyg== ) +a.rfc2335.example. 300 IN A 10.0.0.1 + 300 SIG A 1 3 300 20040530021915 ( + 20040430021915 47799 rfc2335.example. + FnfWrcw5ire8ut25504zti5l///BdDMUAkJZ + UCLFiTW4lBGMcq1pqz64zltDZXCgJ3xUeQ2i + nRt19/ZxO6Z1KA== ) + 300 NXT b.rfc2335.example. A SIG NXT + 300 SIG NXT 1 3 300 20040530021915 ( + 20040430021915 47799 rfc2335.example. + R6SpC3ndMVg4u/eZaaUsXSuMHV/hZXeaM/Op + bJLAe3KxMiOHfb6XgLy7wflAiC1xt6A9bWpy + kTc5T5gfic33kA== ) +b.rfc2335.example. 300 IN A 10.0.0.2 + 300 SIG A 1 3 300 20040530021915 ( + 20040430021915 47799 rfc2335.example. + zjRsYXMGyhDI6ipDtu8YXC9XPN+3hGamzzxL + 8uPE/LPo+x19MNdbzEgWzlajAf1/mkSGr2jN + BDMVBA5NMKpwAA== ) + 300 NXT d.rfc2335.example. A SIG NXT + 300 SIG NXT 1 3 300 20040530021915 ( + 20040430021915 47799 rfc2335.example. + aV87iZCYsC5Tqop827Zzb18TNqopGt0QynkR + gIF/lIHqZasNFRfaS1/nTnXdDKD8JS5IqxKb + oTJr5zswDAtCEw== ) +d.rfc2335.example. 300 IN A 10.0.0.4 + 300 SIG A 1 3 300 20040530021915 ( + 20040430021915 47799 rfc2335.example. + NsKyvhUYZxTbOTBX4YwxTxevI5iGBpULKwmt + +D4l00ME4XRygOVmiqVDTT9dF1EgjDxOdfMT + hSjtCh5M1b2f6g== ) + 300 NXT ns.rfc2335.example. A SIG NXT + 300 SIG NXT 1 3 300 20040530021915 ( + 20040430021915 47799 rfc2335.example. + OGqlvSDZIZdHYigh4UAFzXfPze7vcQfgj7sN + +cAeoh4BL1gpa00DqANCxowNCYluDk3ZCDwt + UHZEJa8ZjNvv4g== ) +ns.rfc2335.example. 300 IN A 10.53.0.3 + 300 SIG A 1 3 300 20040530021915 ( + 20040430021915 47799 rfc2335.example. + T6ZGeUWflLTku8jO23x/TeAPeUl8t0I18FCh + qHUZaHomLQasQ2jlZQn6cLpFd2uFJkBNxZ0G + I39aG7G1bObXdA== ) + 300 NXT x.rfc2335.example. A SIG NXT + 300 SIG NXT 1 3 300 20040530021915 ( + 20040430021915 47799 rfc2335.example. + l46mrf3/Ii5iRm3AiDjYeMg4ZXBgitHxXA2y + e/NhKpkxRRpCs7UQ94wT/RiSCjjK49E5FBe6 + 5bRxtWq0GI7zlg== ) +x.rfc2335.example. 300 IN CNAME a.rfc2335.example. + 300 SIG CNAME 1 3 300 20040530021915 ( + 20040430021915 47799 rfc2335.example. + L3IOluq+kboBd2gR2Mu54uJKCUzfmyHRiWKl + kfx+vuFr0I8mEHQRmJtouxNDrBzmzGp5vybK + SdabLWw0n6uQEA== ) + 300 NXT z.rfc2335.example. CNAME SIG NXT + 300 SIG NXT 1 3 300 20040530021915 ( + 20040430021915 47799 rfc2335.example. + CBKoJSkZzdpwiON7JS4yPFY5VVeBjfT19x/O + vx+5UK1JZUNKhTXWWgW1er+JlLzNf4Ot40+l + z9HUTyaeS0eWyw== ) +z.rfc2335.example. 300 IN A 10.0.0.26 + 300 SIG A 1 3 300 20040530021915 ( + 20040430021915 47799 rfc2335.example. + ccqjVHnehvVwlNNd4+7n/GzGlRjj+ul0gCT3 + X3950LTccxHsOFyjNNm8v/Ho/aurSYdqXEjY + jwmjC6elwkzB7A== ) + 300 NXT rfc2335.example. A SIG NXT + 300 SIG NXT 1 3 300 20040530021915 ( + 20040430021915 47799 rfc2335.example. + W42WoFyd9erysv8HjKo+CpHIH1x6+pAKwCDO + /hHnkEpQI3brewxl7cWOPYeA92Ns80Ody/ui + m2E28A5gnmWqPw== ) diff --git a/bin/tests/system/dnssec/ns2/sign.sh b/bin/tests/system/dnssec/ns2/sign.sh new file mode 100644 index 0000000..4389678 --- /dev/null +++ b/bin/tests/system/dnssec/ns2/sign.sh @@ -0,0 +1,68 @@ +#!/bin/sh +# +# Copyright (C) 2004, 2006-2008 Internet Systems Consortium, Inc. ("ISC") +# Copyright (C) 2000-2003 Internet Software Consortium. +# +# Permission to use, copy, modify, and/or distribute this software for any +# purpose with or without fee is hereby granted, provided that the above +# copyright notice and this permission notice appear in all copies. +# +# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH +# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY +# AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, +# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM +# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE +# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR +# PERFORMANCE OF THIS SOFTWARE. + +# $Id: sign.sh,v 1.30 2008/09/25 04:02:38 tbox Exp $ + +SYSTEMTESTTOP=../.. +. $SYSTEMTESTTOP/conf.sh + +RANDFILE=../random.data + +zone=example. +infile=example.db.in +zonefile=example.db + +# Have the child generate a zone key and pass it to us. + +( cd ../ns3 && sh sign.sh ) + +for subdomain in secure bogus dynamic keyless nsec3 optout nsec3-unknown optout-unknown multiple +do + cp ../ns3/keyset-$subdomain.example. . +done + +keyname1=`$KEYGEN -r $RANDFILE -a DSA -b 768 -n zone $zone` +keyname2=`$KEYGEN -r $RANDFILE -a DSA -b 768 -n zone $zone` + +cat $infile $keyname1.key $keyname2.key >$zonefile + +$SIGNER -g -r $RANDFILE -o $zone -k $keyname1 $zonefile $keyname2 > /dev/null + +# Sign the privately secure file + +privzone=private.secure.example. +privinfile=private.secure.example.db.in +privzonefile=private.secure.example.db + +privkeyname=`$KEYGEN -r $RANDFILE -a RSAMD5 -b 768 -n zone $privzone` + +cat $privinfile $privkeyname.key >$privzonefile + +$SIGNER -g -r $RANDFILE -o $privzone -l dlv $privzonefile > /dev/null + +# Sign the DLV secure zone. + + +dlvzone=dlv. +dlvinfile=dlv.db.in +dlvzonefile=dlv.db + +dlvkeyname=`$KEYGEN -r $RANDFILE -a RSAMD5 -b 768 -n zone $dlvzone` + +cat $dlvinfile $dlvkeyname.key dlvset-$privzone > $dlvzonefile + +$SIGNER -g -r $RANDFILE -o $dlvzone $dlvzonefile > /dev/null |