mirror of
https://github.com/isc-projects/bind9.git
synced 2026-02-25 10:59:35 -05:00
0040947ae7
Add a regression test case for the scenario where a secure chain of
trust includes an inactive KSK, that is a KSK that is not signing the
DNSKEY RRset.
(cherry picked from commit
|
||
|---|---|---|
| .. | ||
| ans10 | ||
| ns1 | ||
| ns2 | ||
| ns3 | ||
| ns4 | ||
| ns5 | ||
| ns6 | ||
| ns7 | ||
| ns8 | ||
| ns9 | ||
| signer | ||
| clean.sh | ||
| dnssec_update_test.pl | ||
| ntadiff.pl | ||
| prereq.sh | ||
| README | ||
| setup.sh | ||
| tests.sh | ||
Copyright (C) Internet Systems Consortium, Inc. ("ISC")
SPDX-License-Identifier: MPL-2.0
This Source Code Form is subject to the terms of the Mozilla Public
License, v. 2.0. If a copy of the MPL was not distributed with this
file, you can obtain one at https://mozilla.org/MPL/2.0/.
See the COPYRIGHT file distributed with this work for additional
information regarding copyright ownership.
The test setup for the DNSSEC tests has a secure root.
ns1 is the root server.
ns2 and ns3 are authoritative servers for the various test domains.
ns4 is a caching-only server, configured with the correct trusted key
for the root.
ns5 is a caching-only server, configured with the an incorrect trusted
key for the root. It is used for testing failure cases.
ns6 is an caching and authoritative server used for testing unusual
server behaviors such as disabled DNSSEC algorithms.
ns7 is used for checking non-cacheable answers.
ns8 is a caching-only server, configured with unsupported and disabled
algorithms. It is used for testing failure cases.
ns9 is a forwarding-only server.