tests / bind

Clone
Source Code
GIT

Files

  1.   c068eec327c6b232d6c5bc836176fb0006d78adc
  2.   Regression
  3.   CVE-2015-5722
  4.   runtest.sh
Blob Blame History Raw 
#!/bin/bash
# vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
#   runtest.sh of /CoreOS/bind/Regression/CVE-2015-5722
#   Description: malformed DNSSEC key failed assertion denial of service
#   Author: Petr Sklenar <psklenar@redhat.com>
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
#   Copyright (c) 2015 Red Hat, Inc.
#
#   This program is free software: you can redistribute it and/or
#   modify it under the terms of the GNU General Public License as
#   published by the Free Software Foundation, either version 2 of
#   the License, or (at your option) any later version.
#
#   This program is distributed in the hope that it will be
#   useful, but WITHOUT ANY WARRANTY; without even the implied
#   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
#   PURPOSE.  See the GNU General Public License for more details.
#
#   You should have received a copy of the GNU General Public License
#   along with this program. If not, see http://www.gnu.org/licenses/.
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

# Include Beaker environment
. /usr/bin/rhts-environment.sh || exit 1
. /usr/share/beakerlib/beakerlib.sh || exit 1

PACKAGE="bind"

rlJournalStart
    rlPhaseStartSetup
        rlRun 'rpm -q bind || rpm -q bind97' 0 "Checking for presence of bind or bind97 RPM"
    rlPhaseEnd

    rlPhaseStartTest
        # TODO: For RHEL-5 the test can still be done if the key file is added to named.conf
        if rlIsRHEL '>5'; then
            rlRun "rlServiceStop named"
            rlRun "rlFileBackup /etc/named.root.key"
            rlRun "cat named.root.key > /etc/named.root.key"
            rlServiceStart named
            # FIXME: Quick and ugly.
            rlRun "grep -E ' (named|named-sdb)\[' /var/log/messages | tail -25 | grep 'public key is invalid'" 0 "Reproducer A"
            rlRun "rlFileRestore"
        fi

        rlRun "rlServiceStart named"
        rlRun "gcc -g -O2 -Wall -I/usr/include/bind9 CVE-2015-5722.c -lisc -ldns"
        ./a.out &> log-QA-CVE-2015-5722
        rlRun "grep 'public key is invalid\$' log-QA-CVE-2015-5722" 0 "Reproducer B"
    rlPhaseEnd

    rlPhaseStartCleanup
        rlRun "rlServiceRestore named"
        rm -f log-QA-CVE-2015-5722 a.out
    rlPhaseEnd
rlJournalPrintText
rlJournalEnd
Powered by Pagure 5.13.3
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.