slave.disable_notify = True for zone in zones: master.dnssec(zone).enable = True master.dnssec(zone).nsec3 = random.choice([True, False]) master.dnssec(zone).nsec3_iters = 2 master.dnssec(zone).nsec3_salt_len = random.choice([0, 1, 9, 64, 128, 255]) master.dnssec(zone).nsec3_opt_out = (random.random() < 0.5) t.start() master.zones_wait(zones) slave.ctl("zone-refresh") slave.zones_wait(zones) # initial convenience check t.xfr_diff(master, slave, zones) # update master master.flush() t.sleep(2) for zone in zones1: master.random_ddns(zone) up = master0.update(zone0) up.add("dk.", "86400", "SOA", "a.nic.dk. mail.dk. 1666666666 600 300 1814400 7200") up.delete("nextlevelinlife.dk.", "NS") up.delete("nextlevelinlife.dk.", "DS") up.add("nextlevelinlife.dk.", "86400", "NS", "test.com.") up.send("NOERROR") t.sleep(1)
slave = t.server("bind") zones = t.zone_rnd(5, records=50) + t.zone("wild.") + \ t.zone("cname-loop.") + t.zone("records.") t.link(zones, master, slave, ixfr=True) t.start() # Wait for AXFR to slave server. serials_init = master.zones_wait(zones) slave.zones_wait(zones) serials_prev = serials_init for i in range(4): # Update zone files on master. for zone in zones: master.update_zonefile(zone, random=True) master.reload() t.sleep(5) # Wait for IXFR to slave. serials = master.zones_wait(zones, serials_prev) slave.zones_wait(zones, serials_prev) serials_prev = serials # Compare IXFR between servers. t.xfr_diff(master, slave, zones, serials_init) t.end()
from dnstest.utils import * from dnstest.test import Test t = Test() master = t.server("knot") slave = t.server("bind") zone = t.zone_rnd(1, dnssec=False) t.link(zone, master, slave) t.start() # Wait for listening server with unsigned zone. old_serial = master.zone_wait(zone) slave.zone_wait(zone) t.xfr_diff(master, slave, zone) # Check NSEC absence. master.check_nsec(zone, nonsec=True) master.stop() # Enable autosigning. master.dnssec_enable = True master.gen_key(zone, ksk=True, alg="NSEC3RSASHA1") master.gen_key(zone, alg="NSEC3RSASHA1") master.gen_key(zone, ksk=True, alg="RSASHA256") master.gen_key(zone, alg="RSASHA256") master.gen_confile() master.start()
#!/usr/bin/env python3 '''Test for IXFR from Knot to Bind with TTL changed by RR addition''' from dnstest.test import Test t = Test() master = t.server("knot") slave = t.server("bind") zones = t.zone("example.com.") t.link(zones, master, slave, ixfr=True) t.start() serials_init = slave.zones_wait(zones) up = master.update(zones) up.add("example.com.", 500, "MX", "20 dns1") up.send("NOERROR") slave.zones_wait(zones, serials_init) t.xfr_diff(master, slave, zones, serials_init) t.end()
#!/usr/bin/env python3 '''Test for AXFR from Knot to Bind''' from dnstest.test import Test t = Test() master = t.server("knot") slave = t.server("bind") zones = t.zone_rnd(10) + t.zone(".") + t.zone("wild.") + \ t.zone("cname-loop.") + t.zone("records.") t.link(zones, master, slave) t.start() master.zones_wait(zones) slave.zones_wait(zones) t.xfr_diff(master, slave, zones) t.end()
for dname in SERIALS: sequence = SERIALS[dname] for index, serial in enumerate(sequence): fn = "%szone" % dname if index == 0 else "%szone.%d" % (dname, index) with open(os.path.join(t.zones_dir, fn), "w") as f: f.write(TEMPL % (dname, serial, index)) t.link(zones, master, ixfr=True) t.link(zones, refer, ixfr=True) t.start() master.zones_wait(zones) refer.zones_wait(zones) t.xfr_diff(master, refer, zones) for i in range(1, 5): # Update zone files. for zone in zones: master.update_zonefile(zone, version=i, storage=t.zones_dir) refer.update_zonefile(zone, version=i, storage=t.zones_dir) master.reload() refer.reload() previous = dict() for zone in zones: master.zone_wait(zone, SERIALS[zone.name][i], equal=True,
t.link(zones, master, slave) t.link(zones, reference) t.start() # Wait for servers. master.zones_wait(zones) slave.zones_wait(zones) reference.zones_wait(zones) # Dump zones on slave. slave.flush(wait=True) # Compare master with reference server t.xfr_diff(reference, master, zones) # Compare slave with reference server t.xfr_diff(reference, slave, zones) # Stop master. master.stop() # Reload dumped zone files. slave.stop() slave.start() # Compare reloaded slave with reference server slave.zones_wait(zones) t.xfr_diff(reference, slave, zones)
t.link(zones, master, slave) t.link(zones, reference) t.start() # Wait for servers. master.zones_wait(zones) slave.zones_wait(zones) reference.zones_wait(zones) # Dump zones on slave. slave.flush() # Compare master with reference server t.xfr_diff(reference, master, zones) # Compare slave with reference server t.xfr_diff(reference, slave, zones) # Stop master. master.stop() # Reload dumped zone files. slave.stop() slave.start() # Compare reloaded slave with reference server slave.zones_wait(zones) t.xfr_diff(reference, slave, zones)
os.rmdir(slave2keydir) shutil.copytree(slave1.keydir, slave2keydir) # hide zonefile, in order to let servers start slowly ZFILE=master.zones[zone[0].name].zfile.path ZFILE_ = ZFILE + "_" os.rename(ZFILE, ZFILE_) t.start() # now un-hide zonefile, invoke load and NOTIFY, and let both slaves sign in same second! os.rename(ZFILE_, ZFILE) master.ctl("zone-reload") serial_orig = slave1.zone_wait(zone) t.sleep(1) t.xfr_diff(slave1, slave2, zone) # now stop and start slave1 and check if it doesn't re-sign the zone slave1.stop() t.sleep(3) slave1.start() serial = slave1.zone_wait(zone) if serial != serial_orig: set_err("zone was re-signed") t.end()
master.dnssec(zone).enable = True t.start() ser1 = master.zones_wait(zones, serials_zfile=True, greater=True, equal=False) slave.zones_wait(zones, ser1, greater=False, equal=True) for zone in zones: slave.zone_backup(zone, flush=True) master.flush() t.sleep(3) for zone in zones: master.update_zonefile(zone, random=True) master.ctl("zone-reload %s" % zone.name) ser2 = master.zones_wait(zones, serials_zfile=True, greater=True, equal=False) slave.zones_wait(zones, ser2, greater=False, equal=True) master.stop() t.sleep(3) master.start() master.zones_wait(zones, ser2, greater=False, equal=True) t.xfr_diff(master, slave, zones) # AXFR diff t.xfr_diff(master, slave, zones, ser1) # IXFR diff t.end()
#!/usr/bin/env python3 '''Test for loading of NSEC records with upper-case letters in rdata.''' from dnstest.test import Test t = Test() knot = t.server("knot") bind = t.server("bind") zone = t.zone("rdatacase.", "rdatacase.zone.signed", storage=".") t.link(zone, knot) t.link(zone, bind) t.start() knot.zones_wait(zone) bind.zones_wait(zone) t.xfr_diff(knot, bind, zone) t.end()
#!/usr/bin/env python3 '''Test for loading of NSEC records with upper-case letters in rdata.''' from dnstest.test import Test t = Test() knot = t.server("knot") bind = t.server("bind") zone = t.zone("rdatacase.", "rdatacase.zone.signed", storage=".") t.link(zone, knot) t.link(zone, bind) t.start() knot.zones_wait(zone) bind.zones_wait(zone) t.xfr_diff(knot, bind, zone) t.end()
master1.dnssec(zone[0]).enable = True master1.zonefile_sync = -1 t.start() serial_m1_0 = master1.zone_wait(zone) serial_m2_0 = master2.zone_wait(zone) master1.ctl("zone-backup +backupdir %s +journal" % backup_dir, wait=True) # Restore zone file only without journal -> different zone contents master2.ctl("zone-restore +backupdir %s" % backup_dir, wait=True) serial_m2_1 = master2.zone_wait(zone) compare(serial_m2_1, serial_m2_0, "zones differ") zfiles_diff = filecmp.cmp(master1.zones[zone[0].name].zfile.path, \ master2.zones[zone[0].name].zfile.path, shallow=True) isset(zfiles_diff, "zone files differ") # Restore zone file and journal -> same zone contents master2.ctl("zone-restore +backupdir %s +journal" % backup_dir, wait=True) serial_m2_2 = master2.zone_wait(zone) compare(serial_m2_2, serial_m1_0, "zones differ") zfiles_diff = filecmp.cmp(master1.zones[zone[0].name].zfile.path, \ master2.zones[zone[0].name].zfile.path, shallow=True) isset(zfiles_diff, "zone files differ") t.xfr_diff(master1, master2, zone) t.stop()
#!/usr/bin/env python3 '''Test for IXFR query over UDP''' from dnstest.test import Test t = Test() knot = t.server("knot") bind = t.server("bind") zone = t.zone("example.com.") t.link(zone, knot) t.link(zone, bind) t.start() # Wait for zone and get serial. serial = bind.zones_wait(zone) knot.zone_wait(zone) # Query IXFR over UDP and compare responses. t.xfr_diff(knot, bind, zone, serial, udp=True) t.end()