slave.disable_notify = True
for zone in zones:
master.dnssec(zone).enable = True
master.dnssec(zone).nsec3 = random.choice([True, False])
master.dnssec(zone).nsec3_iters = 2
master.dnssec(zone).nsec3_salt_len = random.choice([0, 1, 9, 64, 128, 255])
master.dnssec(zone).nsec3_opt_out = (random.random() < 0.5)
t.start()
master.zones_wait(zones)
slave.ctl("zone-refresh")
slave.zones_wait(zones)
# initial convenience check
t.xfr_diff(master, slave, zones)
# update master
master.flush()
t.sleep(2)
for zone in zones1:
master.random_ddns(zone)
up = master0.update(zone0)
up.add("dk.", "86400", "SOA", "a.nic.dk. mail.dk. 1666666666 600 300 1814400 7200")
up.delete("nextlevelinlife.dk.", "NS")
up.delete("nextlevelinlife.dk.", "DS")
up.add("nextlevelinlife.dk.", "86400", "NS", "test.com.")
up.send("NOERROR")
t.sleep(1)
slave = t.server("bind")
zones = t.zone_rnd(5, records=50) + t.zone("wild.") + \
t.zone("cname-loop.") + t.zone("records.")
t.link(zones, master, slave, ixfr=True)
t.start()
# Wait for AXFR to slave server.
serials_init = master.zones_wait(zones)
slave.zones_wait(zones)
serials_prev = serials_init
for i in range(4):
# Update zone files on master.
for zone in zones:
master.update_zonefile(zone, random=True)
master.reload()
t.sleep(5)
# Wait for IXFR to slave.
serials = master.zones_wait(zones, serials_prev)
slave.zones_wait(zones, serials_prev)
serials_prev = serials
# Compare IXFR between servers.
t.xfr_diff(master, slave, zones, serials_init)
t.end()
from dnstest.utils import *
from dnstest.test import Test
t = Test()
master = t.server("knot")
slave = t.server("bind")
zone = t.zone_rnd(1, dnssec=False)
t.link(zone, master, slave)
t.start()
# Wait for listening server with unsigned zone.
old_serial = master.zone_wait(zone)
slave.zone_wait(zone)
t.xfr_diff(master, slave, zone)
# Check NSEC absence.
master.check_nsec(zone, nonsec=True)
master.stop()
# Enable autosigning.
master.dnssec_enable = True
master.gen_key(zone, ksk=True, alg="NSEC3RSASHA1")
master.gen_key(zone, alg="NSEC3RSASHA1")
master.gen_key(zone, ksk=True, alg="RSASHA256")
master.gen_key(zone, alg="RSASHA256")
master.gen_confile()
master.start()
#!/usr/bin/env python3
'''Test for IXFR from Knot to Bind with TTL changed by RR addition'''
from dnstest.test import Test
t = Test()
master = t.server("knot")
slave = t.server("bind")
zones = t.zone("example.com.")
t.link(zones, master, slave, ixfr=True)
t.start()
serials_init = slave.zones_wait(zones)
up = master.update(zones)
up.add("example.com.", 500, "MX", "20 dns1")
up.send("NOERROR")
slave.zones_wait(zones, serials_init)
t.xfr_diff(master, slave, zones, serials_init)
t.end()
#!/usr/bin/env python3
'''Test for AXFR from Knot to Bind'''
from dnstest.test import Test
t = Test()
master = t.server("knot")
slave = t.server("bind")
zones = t.zone_rnd(10) + t.zone(".") + t.zone("wild.") + \
t.zone("cname-loop.") + t.zone("records.")
t.link(zones, master, slave)
t.start()
master.zones_wait(zones)
slave.zones_wait(zones)
t.xfr_diff(master, slave, zones)
t.end()
for dname in SERIALS:
sequence = SERIALS[dname]
for index, serial in enumerate(sequence):
fn = "%szone" % dname if index == 0 else "%szone.%d" % (dname, index)
with open(os.path.join(t.zones_dir, fn), "w") as f:
f.write(TEMPL % (dname, serial, index))
t.link(zones, master, ixfr=True)
t.link(zones, refer, ixfr=True)
t.start()
master.zones_wait(zones)
refer.zones_wait(zones)
t.xfr_diff(master, refer, zones)
for i in range(1, 5):
# Update zone files.
for zone in zones:
master.update_zonefile(zone, version=i, storage=t.zones_dir)
refer.update_zonefile(zone, version=i, storage=t.zones_dir)
master.reload()
refer.reload()
previous = dict()
for zone in zones:
master.zone_wait(zone,
SERIALS[zone.name][i],
equal=True,
t.link(zones, master, slave) t.link(zones, reference) t.start() # Wait for servers. master.zones_wait(zones) slave.zones_wait(zones) reference.zones_wait(zones) # Dump zones on slave. slave.flush(wait=True) # Compare master with reference server t.xfr_diff(reference, master, zones) # Compare slave with reference server t.xfr_diff(reference, slave, zones) # Stop master. master.stop() # Reload dumped zone files. slave.stop() slave.start() # Compare reloaded slave with reference server slave.zones_wait(zones) t.xfr_diff(reference, slave, zones)
t.link(zones, master, slave) t.link(zones, reference) t.start() # Wait for servers. master.zones_wait(zones) slave.zones_wait(zones) reference.zones_wait(zones) # Dump zones on slave. slave.flush() # Compare master with reference server t.xfr_diff(reference, master, zones) # Compare slave with reference server t.xfr_diff(reference, slave, zones) # Stop master. master.stop() # Reload dumped zone files. slave.stop() slave.start() # Compare reloaded slave with reference server slave.zones_wait(zones) t.xfr_diff(reference, slave, zones)
os.rmdir(slave2keydir)
shutil.copytree(slave1.keydir, slave2keydir)
# hide zonefile, in order to let servers start slowly
ZFILE=master.zones[zone[0].name].zfile.path
ZFILE_ = ZFILE + "_"
os.rename(ZFILE, ZFILE_)
t.start()
# now un-hide zonefile, invoke load and NOTIFY, and let both slaves sign in same second!
os.rename(ZFILE_, ZFILE)
master.ctl("zone-reload")
serial_orig = slave1.zone_wait(zone)
t.sleep(1)
t.xfr_diff(slave1, slave2, zone)
# now stop and start slave1 and check if it doesn't re-sign the zone
slave1.stop()
t.sleep(3)
slave1.start()
serial = slave1.zone_wait(zone)
if serial != serial_orig:
set_err("zone was re-signed")
t.end()
master.dnssec(zone).enable = True
t.start()
ser1 = master.zones_wait(zones, serials_zfile=True, greater=True, equal=False)
slave.zones_wait(zones, ser1, greater=False, equal=True)
for zone in zones:
slave.zone_backup(zone, flush=True)
master.flush()
t.sleep(3)
for zone in zones:
master.update_zonefile(zone, random=True)
master.ctl("zone-reload %s" % zone.name)
ser2 = master.zones_wait(zones, serials_zfile=True, greater=True, equal=False)
slave.zones_wait(zones, ser2, greater=False, equal=True)
master.stop()
t.sleep(3)
master.start()
master.zones_wait(zones, ser2, greater=False, equal=True)
t.xfr_diff(master, slave, zones) # AXFR diff
t.xfr_diff(master, slave, zones, ser1) # IXFR diff
t.end()
#!/usr/bin/env python3
'''Test for loading of NSEC records with upper-case letters in rdata.'''
from dnstest.test import Test
t = Test()
knot = t.server("knot")
bind = t.server("bind")
zone = t.zone("rdatacase.", "rdatacase.zone.signed", storage=".")
t.link(zone, knot)
t.link(zone, bind)
t.start()
knot.zones_wait(zone)
bind.zones_wait(zone)
t.xfr_diff(knot, bind, zone)
t.end()
#!/usr/bin/env python3
'''Test for loading of NSEC records with upper-case letters in rdata.'''
from dnstest.test import Test
t = Test()
knot = t.server("knot")
bind = t.server("bind")
zone = t.zone("rdatacase.", "rdatacase.zone.signed", storage=".")
t.link(zone, knot)
t.link(zone, bind)
t.start()
knot.zones_wait(zone)
bind.zones_wait(zone)
t.xfr_diff(knot, bind, zone)
t.end()
master1.dnssec(zone[0]).enable = True
master1.zonefile_sync = -1
t.start()
serial_m1_0 = master1.zone_wait(zone)
serial_m2_0 = master2.zone_wait(zone)
master1.ctl("zone-backup +backupdir %s +journal" % backup_dir, wait=True)
# Restore zone file only without journal -> different zone contents
master2.ctl("zone-restore +backupdir %s" % backup_dir, wait=True)
serial_m2_1 = master2.zone_wait(zone)
compare(serial_m2_1, serial_m2_0, "zones differ")
zfiles_diff = filecmp.cmp(master1.zones[zone[0].name].zfile.path, \
master2.zones[zone[0].name].zfile.path, shallow=True)
isset(zfiles_diff, "zone files differ")
# Restore zone file and journal -> same zone contents
master2.ctl("zone-restore +backupdir %s +journal" % backup_dir, wait=True)
serial_m2_2 = master2.zone_wait(zone)
compare(serial_m2_2, serial_m1_0, "zones differ")
zfiles_diff = filecmp.cmp(master1.zones[zone[0].name].zfile.path, \
master2.zones[zone[0].name].zfile.path, shallow=True)
isset(zfiles_diff, "zone files differ")
t.xfr_diff(master1, master2, zone)
t.stop()
#!/usr/bin/env python3
'''Test for IXFR query over UDP'''
from dnstest.test import Test
t = Test()
knot = t.server("knot")
bind = t.server("bind")
zone = t.zone("example.com.")
t.link(zone, knot)
t.link(zone, bind)
t.start()
# Wait for zone and get serial.
serial = bind.zones_wait(zone)
knot.zone_wait(zone)
# Query IXFR over UDP and compare responses.
t.xfr_diff(knot, bind, zone, serial, udp=True)
t.end()
