upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-03-10 18:28:43 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
bind9/bin/tests/system/mkeys
History
Michal Nowak e7d973bd00 Add ns2/managed1.conf to mkeys extra_artifacts 
The ns2/managed1.conf file is created by the setup.sh script. Then, in
the tests.sh script it is moved to ns2/managed.conf. The latter file
name is in mkeys extra_artifacts, but the former one is not. This is a
problem when pytest is started with the --setup-only option as it only
runs the setup.sh script (e.g., in the cross-version-config-tests CI
job) and thus failing the "Unexpected files found" assertion.
2024-12-05 10:07:33 +00:00
..
ns1 Use trust anchors with 'dnssec-validation yes' in system tests 2024-02-02 19:54:09 +00:00
ns2 Remove the lock-file configuration and -X argument to named 2023-10-26 22:42:37 +02:00
ns3 Remove the lock-file configuration and -X argument to named 2023-10-26 22:42:37 +02:00
ns4 Reformat shell scripts with shfmt 2023-10-26 10:23:50 +02:00
ns5 Remove the lock-file configuration and -X argument to named 2023-10-26 22:42:37 +02:00
ns6 Remove the lock-file configuration and -X argument to named 2023-10-26 22:42:37 +02:00
ns7 Rename system test directory with common files to _common 2023-09-19 13:29:27 +02:00
README Update the copyright information in all files in the repository 2022-01-11 09:05:02 +01:00
setup.sh Move test algorithm configuration to isctest 2024-07-31 10:50:09 +02:00
tests.sh Support ISO timestamps with timezone information 2024-10-01 15:09:43 +00:00
tests_sh_mkeys.py Add ns2/managed1.conf to mkeys extra_artifacts 2024-12-05 10:07:33 +00:00

README 

Copyright (C) Internet Systems Consortium, Inc. ("ISC")

SPDX-License-Identifier: MPL-2.0

This Source Code Form is subject to the terms of the Mozilla Public
License, v. 2.0.  If a copy of the MPL was not distributed with this
file, you can obtain one at https://mozilla.org/MPL/2.0/.

See the COPYRIGHT file distributed with this work for additional
information regarding copyright ownership.

This is for testing RFC 5011 Automated Updates of DNSSEC Trust Anchors.

ns1 is the root server that offers new KSKs and hosts one record for
testing. The TTL for the zone's records is 2 seconds.

ns2 is a validator that uses managed keys.  "-T mkeytimers=2/20/40"
is used so it will attempt do automated updates frequently. "-T tat=1"
is used so it will send TAT queries once per second.

ns3 is a validator with a broken initializing key in trust-anchors.

ns4 is a validator with a deliberately broken managed-keys.bind and
managed-keys.jnl, causing RFC 5011 initialization to fail.

ns5 is a validator which is prevented from getting a response from the
root server, causing key refresh queries to fail.

ns6 is a validator which has unsupported algorithms, one at start up,
one because of an algorithm rollover.

ns7 is a validator with multiple views configured.  It is used for
testing per-view rndc commands and checking interactions between options
related to and potentially affecting RFC 5011 processing.