From adbca54079a7ebac26dec72b24fb25d229f5160a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Micha=C5=82=20K=C4=99pie=C5=84?= <michal@isc.org>
Date: Wed, 28 Nov 2018 13:26:29 +0100
Subject: [PATCH] Check that DNAME is not treated as a delegation when signing

---
 bin/tests/system/autosign/ns3/secure.example.db.in |  2 ++
 bin/tests/system/autosign/tests.sh                 | 10 ++++++++++
 2 files changed, 12 insertions(+)

diff --git a/bin/tests/system/autosign/ns3/secure.example.db.in b/bin/tests/system/autosign/ns3/secure.example.db.in
index 3f10748395..a3abaefac9 100644
--- a/bin/tests/system/autosign/ns3/secure.example.db.in
+++ b/bin/tests/system/autosign/ns3/secure.example.db.in
@@ -31,3 +31,5 @@ ns.private		A	10.53.0.2
 insecure		NS	ns.insecure
 ns.insecure		A	10.53.0.2
 
+dname-and-txt		DNAME	@
+			TXT	"DNAME and TXT"
diff --git a/bin/tests/system/autosign/tests.sh b/bin/tests/system/autosign/tests.sh
index fbe70e592d..a01a3eaac2 100755
--- a/bin/tests/system/autosign/tests.sh
+++ b/bin/tests/system/autosign/tests.sh
@@ -1457,5 +1457,15 @@ n=`expr $n + 1`
 if [ $ret != 0 ]; then echo_i "failed"; fi
 status=`expr $status + $ret`
 
+echo_i "checking that DNAME is not treated as a delegation when signing ($n)"
+ret=0
+$DIG $DIGOPTS dname-and-txt.secure.example. DNAME @10.53.0.3 > dig.out.ns3.1.test$n || ret=1
+grep "dname-and-txt.secure.example.*RRSIG.*DNAME" dig.out.ns3.1.test$n > /dev/null 2>&1 || ret=1
+$DIG $DIGOPTS dname-and-txt.secure.example. TXT @10.53.0.3 > dig.out.ns3.2.test$n || ret=1
+grep "dname-and-txt.secure.example.*RRSIG.*TXT" dig.out.ns3.2.test$n > /dev/null 2>&1 || ret=1
+n=`expr $n + 1`
+if [ $ret != 0 ]; then echo_i "failed"; fi
+status=`expr $status + $ret`
+
 echo_i "exit status: $status"
 [ $status -eq 0 ] || exit 1