mirror of
https://gitlab.nic.cz/knot/knot-dns.git
synced 2026-02-03 18:49:28 -05:00
49 lines
1.1 KiB
Python
49 lines
1.1 KiB
Python
#!/usr/bin/env python3
|
|
|
|
'''Test for DNSSEC validation of Bind9 master by Knot slave'''
|
|
|
|
from dnstest.test import Test
|
|
from dnstest.utils import *
|
|
|
|
t = Test()
|
|
|
|
master = t.server("bind")
|
|
slave = t.server("knot")
|
|
zones_nsec = t.zone_rnd(3, records=40, dnssec=False)
|
|
zones_nsec3 = t.zone_rnd(3, records=40, dnssec=False)
|
|
zones = zones_nsec + zones_nsec3
|
|
|
|
t.link(zones, master, slave, ixfr=True, ddns=True)
|
|
|
|
for z in zones:
|
|
master.dnssec(z).enable = True
|
|
slave.dnssec(z).validate = True
|
|
|
|
for z in zones_nsec3:
|
|
master.dnssec(z).nsec3 = True
|
|
master.dnssec(z).nsec3_opt_out = True
|
|
slave.dnssec(z).nsec3 = True
|
|
|
|
t.start()
|
|
|
|
serials_init = master.zones_wait(zones)
|
|
slave.zones_wait(zones)
|
|
|
|
serials_prev = serials_init
|
|
for i in range(4):
|
|
for z in zones:
|
|
master.random_ddns(z, allow_empty=False, allow_ns=False)
|
|
|
|
serials = master.zones_wait(zones, serials_prev)
|
|
master.flush() # needed for the next master.random_ddns()
|
|
|
|
slave.zones_wait(zones, serials_prev)
|
|
serials_prev = serials
|
|
|
|
t.xfr_diff(master, slave, zones, serials_init)
|
|
|
|
slave.flush(wait=True)
|
|
for z in zones:
|
|
slave.zone_verify(z)
|
|
|
|
t.end()
|