Home | History | Annotate | Line # | Download | only in ns3 
      1 #!/bin/sh -e
      2 
      3 # Copyright (C) Internet Systems Consortium, Inc. ("ISC")
      4 #
      5 # SPDX-License-Identifier: MPL-2.0
      6 #
      7 # This Source Code Form is subject to the terms of the Mozilla Public
      8 # License, v. 2.0.  If a copy of the MPL was not distributed with this
      9 # file, you can obtain one at https://mozilla.org/MPL/2.0/.
     10 #
     11 # See the COPYRIGHT file distributed with this work for additional
     12 # information regarding copyright ownership.
     13 
     14 . ../../conf.sh
     15 
     16 # Fake an unsupported key
     17 unsupportedkey=$("$KEYGEN" -q -a "$DEFAULT_ALGORITHM" -b "$DEFAULT_BITS" -n zone unsupported)
     18 awk '$3 == "DNSKEY" { $6 = 255 } { print }' ${unsupportedkey}.key >${unsupportedkey}.tmp
     19 mv ${unsupportedkey}.tmp ${unsupportedkey}.key
     20 
     21 zone=bits
     22 rm -f K${zone}.+*+*.key
     23 rm -f K${zone}.+*+*.private
     24 keyname=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -n zone $zone)
     25 keyname=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -n zone -f KSK $zone)
     26 $DSFROMKEY -T 1200 $keyname >>../ns1/root.db
     27 
     28 zone=noixfr
     29 rm -f K${zone}.+*+*.key
     30 rm -f K${zone}.+*+*.private
     31 keyname=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -n zone $zone)
     32 keyname=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -n zone -f KSK $zone)
     33 $DSFROMKEY -T 1200 $keyname >>../ns1/root.db
     34 
     35 zone=primary
     36 rm -f K${zone}.+*+*.key
     37 rm -f K${zone}.+*+*.private
     38 keyname=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -n zone $zone)
     39 keyname=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -n zone -f KSK $zone)
     40 $DSFROMKEY -T 1200 $keyname >>../ns1/root.db
     41 
     42 zone=dynamic
     43 rm -f K${zone}.+*+*.key
     44 rm -f K${zone}.+*+*.private
     45 keyname=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -n zone $zone)
     46 keyname=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -n zone -f KSK $zone)
     47 $DSFROMKEY -T 1200 $keyname >>../ns1/root.db
     48 
     49 zone=updated
     50 rm -f K${zone}.+*+*.key
     51 rm -f K${zone}.+*+*.private
     52 zsk=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -L 3600 -n zone $zone)
     53 ksk=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -L 3600 -n zone -f KSK $zone)
     54 $SETTIME -s -g OMNIPRESENT -k RUMOURED now -z RUMOURED now "$zsk" >settime.out.updated.1 2>&1
     55 $SETTIME -s -g OMNIPRESENT -k RUMOURED now -r RUMOURED now -d HIDDEN now "$ksk" >settime.out.updated.2 2>&1
     56 $DSFROMKEY -T 1200 $ksk >>../ns1/root.db
     57 $SIGNER -S -x -O raw -L 2000042407 -o ${zone} ${zone}.db >/dev/null
     58 cp primary2.db.in updated.db
     59 
     60 # signatures are expired and should be regenerated on startup
     61 zone=expired
     62 rm -f K${zone}.+*+*.key
     63 rm -f K${zone}.+*+*.private
     64 keyname=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -n zone $zone)
     65 keyname=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -n zone -f KSK $zone)
     66 $DSFROMKEY -T 1200 $keyname >>../ns1/root.db
     67 $SIGNER -PS -s 20100101000000 -e 20110101000000 -O raw -L 2000042407 -o ${zone} ${zone}.db >/dev/null
     68 
     69 zone=retransfer
     70 rm -f K${zone}.+*+*.key
     71 rm -f K${zone}.+*+*.private
     72 keyname=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -n zone $zone)
     73 keyname=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -n zone -f KSK $zone)
     74 $DSFROMKEY -T 1200 $keyname >>../ns1/root.db
     75 
     76 zone=nsec3
     77 rm -f K${zone}.+*+*.key
     78 rm -f K${zone}.+*+*.private
     79 keyname=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -n zone -f KSK $zone)
     80 $DSFROMKEY -T 1200 $keyname >>../ns1/root.db
     81 
     82 zone=delayedkeys
     83 rm -f K${zone}.+*+*.key
     84 rm -f K${zone}.+*+*.private
     85 keyname=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -n zone $zone)
     86 keyname=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -n zone -f KSK $zone)
     87 # Keys for the "delayedkeys" zone should not be initially accessible.
     88 mv K${zone}.+*+*.* ../
     89 
     90 zone=removedkeys-primary
     91 rm -f K${zone}.+*+*.key
     92 rm -f K${zone}.+*+*.private
     93 keyname=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -n zone $zone)
     94 keyname=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -n zone -f KSK $zone)
     95 
     96 zone=removedkeys-secondary
     97 rm -f K${zone}.+*+*.key
     98 rm -f K${zone}.+*+*.private
     99 keyname=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -n zone $zone)
    100 keyname=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -n zone -f KSK $zone)
    101 
    102 for s in a c d h k l m q z; do
    103   zone=test-$s
    104   keyname=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -n zone $zone)
    105 done
    106 
    107 for s in b f i o p t v; do
    108   zone=test-$s
    109   keyname=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -n zone $zone)
    110   keyname=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -n zone -f KSK $zone)
    111 done
    112 
    113 zone=externalkey
    114 zonefile=${zone}.db
    115 rm -f K${zone}.+*+*.key
    116 rm -f K${zone}.+*+*.private
    117 
    118 for alg in ${DEFAULT_ALGORITHM} ${ALTERNATIVE_ALGORITHM}; do
    119   k1=$($KEYGEN -q -a $alg -n zone -f KSK $zone)
    120   k2=$($KEYGEN -q -a $alg -n zone $zone)
    121   k3=$($KEYGEN -q -a $alg -n zone $zone)
    122   k4=$($KEYGEN -q -a $alg -n zone -f KSK $zone)
    123   $DSFROMKEY -T 1200 $k4 >>../ns1/root.db
    124 
    125   cat $k1.key $k2.key >>$zonefile
    126 
    127   rm -f $k1.key
    128   rm -f $k1.private
    129   rm -f $k2.key
    130   rm -f $k2.private
    131 done
    132