Commit e76bdf85 authored by Libor Peltan's avatar Libor Peltan Committed by Daniel Salzman

tests: improved check of NSEC3 update covers adding delegation

parent 2de4e993
......@@ -25,9 +25,8 @@ for zone in zones:
master.dnssec(zone).nsec3_opt_out = (random.random() < 0.5)
t.start()
t.sleep(4)
master.zones_wait(zones)
slave.ctl("zone-refresh")
slave.zones_wait(zones)
# initial convenience check
......@@ -44,14 +43,48 @@ after_update = master.zones_wait(zones)
# sync slave with current master's state
slave.ctl("zone-refresh")
t.sleep(5)
slave.zones_wait(zones, after_update, equal=True, greater=False)
# flush so that we can do zone_verify
slave.flush()
# re-sign master and check that the re-sign made nothing
master.ctl("zone-sign")
master.zones_wait(zones, after_update, equal=False, greater=True)
after_update15 = master.zones_wait(zones, after_update, equal=False, greater=True)
t.xfr_diff(master, slave, zones, no_rrsig_rdata=True)
for zone in zones:
slave.zone_verify(zone)
# sync slave with current master's state
slave.ctl("zone-refresh")
slave.zones_wait(zones, after_update15, equal=True, greater=False)
# update master by adding delegation with nontrivial NONAUTH nodes
for zone in zones:
up = master.update(zone)
if random.random() < 0.5:
up.add("deleg390280", 3600, "NS", "a.ns.deleg390280")
up.add("a.ns.deleg390280", 3600, "A", "1.2.54.30")
else:
up.add("deleg390281", 3600, "NS", "ns.deleg390280")
up.add("ns.deleg390281", 3600, "A", "1.2.54.31")
up.send("NOERROR")
after_update2 = master.zones_wait(zones, after_update15, equal=False, greater=True)
# sync slave with current master's state
slave.ctl("zone-refresh")
slave.zones_wait(zones, after_update2, equal=True, greater=False)
# flush so that we can do zone_verify
slave.flush()
# re-sign master and check that the re-sign made nothing
master.ctl("zone-sign")
after_update25 = master.zones_wait(zones, after_update2, equal=False, greater=True)
t.xfr_diff(master, slave, zones, no_rrsig_rdata=True)
for zone in zones:
slave.zone_verify(zone)
t.end()
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment