Commit graph

36 commits

Author SHA1 Message Date
Evan Hunt
7b2880d191 further tidying of primary/secondary terminology in system tests
this changes most visble uses of master/slave terminology in tests.sh
and most uses of 'type master' or 'type slave' in named.conf files.
files in the checkconf test were not updated in order to confirm that
the old syntax still works. rpzrecurse was also left mostly unchanged
to avoid interference with DNSRPS.

(cherry picked from commit e43b3c1fa1)
2021-01-12 15:21:14 +01:00
Evan Hunt
df698d73f4 update all copyright headers to eliminate the typo 2020-09-14 16:50:58 -07:00
Evan Hunt
54a682ea50 use DS style trust anchors in all system tests
this adds functions in conf.sh.common to create DS-style trust anchor
files. those functions are then used to create nearly all of the trust
anchors in the system tests.

there are a few exceptions:
 - some tests in dnssec and mkeys rely on detection of unsupported
   algorithms, which only works with key-style trust anchors, so those
   are used for those tests in particular.
 - the mirror test had a problem with the use of a CSK without a
   SEP bit, which still needs addressing

in the future, some of these tests should be changed back to using
traditional trust anchors, so that both types will be exercised going
forward.
2019-11-15 15:47:57 -08:00
Ondřej Surý
94354d4655 Remove 2>&1 from the dnssec-signzone invocation in tests 2019-07-31 10:05:52 +02:00
Evan Hunt
0ef5b8edb7 rename keyfile_to_*_keys system test shell functions
- keyfile_to_trusted_keys -> keyfile_to_static_keys
- keyfile_to_managed_keys -> keyfile_to_initial_keys
2019-06-05 07:49:57 -07:00
Evan Hunt
885a3d208e remove "dnssec-enable" from all system tests 2019-03-14 23:30:13 -07:00
Michał Kępień
120af964ce Replace duplicated code snippet with calls to helper functions
Reduce code duplication by replacing a code snippet repeated throughout
system tests using "trusted-keys" and/or "managed-keys" configuration
sections with calls to keyfile_to_{managed,trusted}_keys() helper
functions.
2018-06-13 07:57:40 +02:00
Ondřej Surý
2b8fab6828 Remove genrandom command and all usage of specific random files throughout the system test suite 2018-05-16 09:54:35 +02:00
Ondřej Surý
55a10b7acd Remove $Id markers, Principal Author and Reviewed tags from the full source tree 2018-05-11 13:17:46 +02:00
Ondřej Surý
843d389661 Update license headers to not include years in copyright in all applicable files 2018-02-23 10:12:02 +01:00
Evan Hunt
0c559199bf final cleanup
- add CHANGES note
- update copyrights and license headers
- add -j to the make commands in .gitlab-ci.yml to take
  advantage of parallelization in the gitlab CI process
2018-02-22 22:58:15 -08:00
Evan Hunt
c032c54dda parallelize most system tests 2018-02-22 15:29:02 -08:00
Mark Andrews
32d09cd7e0 4840. [test] Add tests to cover fallback to using ZSK on inactive
KSK. [RT #46787]
2017-12-06 20:26:43 +11:00
Tinderbox User
a855b8d231 update copyright notice / whitespace 2017-12-03 23:45:35 +00:00
Mark Andrews
196e01da5f 4837. [bug] dns_update_signatures{inc} (add_sigs) was not
properly determining if there were active KSK and
                        ZSK keys for a algorithm when update-check-ksk is
                        true (default) leaving records unsigned. [RT #46743]
2017-12-04 10:03:51 +11:00
Evan Hunt
6ce8a05f6c [master] update copyrights that had been missed recently 2017-04-23 17:06:00 -07:00
Mukund Sivaraman
dd7d1df874 Increase minimum RSA keygen size to 1024 bits (#36895) 2017-04-21 12:00:40 +05:30
Mark Andrews
0c27b3fe77 4401. [misc] Change LICENSE to MPL 2.0. 2016-06-27 14:56:38 +10:00
Tinderbox User
aa7b16ec2a update copyright notice 2014-01-21 23:46:16 +00:00
Evan Hunt
d58e33bfab [master] testcrypto.sh in system tests
3714.	[test]		System tests that need to test for cryptography
			support before running can now use a common
			"testcrypto.sh" script to do so. [RT #35213]
2014-01-20 16:08:09 -08:00
Curtis Blackburn
8009525601 3682. [bug] Correct the behavior of rndc retransfer to allow
inline-signing slave zones to retain NSEC3 parameters instead of
			reverting to NSEC [RT #34745]
2013-12-04 12:26:20 -06:00
Mark Andrews
0c91911b4d 3642. [func] Allow externally generated DNSKEY to be imported
into the DNSKEY management framework.  A new tool
                        dnssec-importkey is used to this. [RT #34698]
2013-09-04 13:53:02 +10:00
Tinderbox User
377b774598 update copyright notice 2013-08-15 23:46:17 +00:00
Mark Andrews
d1e22676de 3635. [bug] Signatures were not being removed from a zone with
only KSK keys for a algorithm. [RT #24439]
2013-08-15 13:37:07 +10:00
Mark Andrews
bf8267aa45 reverse bad copyright update 2012-06-29 11:39:47 +10:00
Tinderbox User
247bf37860 update copyright notice 2012-06-29 01:22:18 +00:00
Automatic Updater
3484552b1b update copyright notice 2012-02-23 07:09:29 +00:00
Mark Andrews
1864400107 3289. [bug] 'rndc retransfer' failed for inline zones. [RT #28036] 2012-02-23 06:53:15 +00:00
Automatic Updater
edb4393ef5 update copyright notice 2012-01-10 23:46:58 +00:00
Evan Hunt
9a02019889 3264. [bug] Automatic regeneration of signatures in an
inline-signing zone could stall when the server
			was restarted. [RT #27344]

3263.	[bug]		"rndc sync" did not affect the unsigned side of an
			inline-signing zone. [RT #27337]
2012-01-10 18:13:37 +00:00
Evan Hunt
f30785f506 3252. [bug] When master zones using inline-signing were
updated while the server was offline, the source
			zone could fall out of sync with the signed
			copy. They can now resynchronize. [RT #26676]
2011-12-22 07:32:41 +00:00
Mark Andrews
24ef32426d 3181. [func] Inline-signing is now supported for master zones.
[RT #26224]
2011-10-26 20:56:45 +00:00
Automatic Updater
329eb05c12 update copyright notice 2011-10-25 23:46:58 +00:00
Mark Andrews
b1c6de5456 3177. [func] 'rndc keydone', remove the indicator record that
named has finished signing the zone with the
                        corresponding key.  [RT #26206]
2011-10-25 01:54:22 +00:00
Automatic Updater
4e68c7c87c update copyright notice 2011-08-30 23:46:53 +00:00
Mark Andrews
9198ab377b 3147. [func] Initial inline signing support. [RT #23657] 2011-08-30 05:16:15 +00:00