#!/usr/share/ucs-test/runner bash
## desc: "Checks dnsupdate operations with dns-$hostname"
## exposure: safe
## bugs:
## - 34868
## packages:
##  - univention-samba4
## roles:
## - domaincontroller_master
## - domaincontroller_backup
## - domaincontroller_slave
## tags:
##  - basic

. "$TESTLIBPATH/random.sh" || exit 137

RETVAL=100

eval "$(ucr shell)"

kinit -t /var/lib/samba/private/dns.keytab  dns-$hostname

test_nqdn=$(random_hostname)

cat << %EOF | nsupdate -v -g
server $hostname.$domainname
zone $domainname.
; debug yes
prereq nxrrset $test_nqdn.$domainname. CNAME
update delete $test_nqdn.$domainname. AAAA
update delete $test_nqdn.$domainname. A
update add $test_nqdn.$domainname. 1200 AAAA 2011:6f8:13dc:2:19b7:d592:9dd:1041
update add $test_nqdn.$domainname. 1200 AAAA fd11:6f8:13dc:2:19b7:d592:9dd:1041
update add $test_nqdn.$domainname. 1200 A 10.199.92.161
; show
send
quit
%EOF


test_output=$(ldbsearch -H /var/lib/samba/private/sam.ldb DC="$test_nqdn" | ldapsearch-wrapper | s4search-decode)

for ipv4addr in 10.199.92.161; do
	if ! egrep -q "^# *\<ipv4\> *: $ipv4addr" <<<"$test_output"; then
		fail_fast 110 "new IPv4 address not registered: $ipv4addr"
	fi
done

for ipv6addr in 2011:06f8:13dc:0002:19b7:d592:09dd:1041 fd11:06f8:13dc:0002:19b7:d592:09dd:1041; do
	if ! egrep -q "^# *\<ipv6\> *: $ipv6addr" <<<"$test_output"; then
		fail_fast 110 "new IPv6 address not registered: $ipv6addr"
	fi
done

cat << %EOF | nsupdate -v -g
server $hostname.$domainname
zone $domainname.
; debug yes
prereq nxrrset $test_nqdn.$domainname. CNAME
update delete $test_nqdn.$domainname. AAAA
update delete $test_nqdn.$domainname. A
update add $test_nqdn.$domainname. 1200 AAAA 2011:6f8:13dc:2:19b7:d592:9dd:1042
update add $test_nqdn.$domainname. 1200 AAAA fd11:6f8:13dc:2:19b7:d592:9dd:1042
update add $test_nqdn.$domainname. 1200 A 10.199.92.162
; show
send
quit
%EOF

test_output=$(ldbsearch -H /var/lib/samba/private/sam.ldb DC="$test_nqdn" | ldapsearch-wrapper | s4search-decode)

for ipv4addr in 10.199.92.162; do
	if ! egrep -q "^# *\<ipv4\> *: $ipv4addr" <<<"$test_output"; then
		fail_fast 110 "new IPv4 address not registered: $ipv4addr"
	fi
done

for ipv6addr in 2011:06f8:13dc:0002:19b7:d592:09dd:1042 fd11:06f8:13dc:0002:19b7:d592:09dd:1042; do
	if ! egrep -q "^# *\<ipv6\> *: $ipv6addr" <<<"$test_output"; then
		fail_fast 110 "new IPv6 address not registered: $ipv6addr"
	fi
done

for ipv4addr in 10.199.92.161; do
	if egrep -q "^# *\<ipv4\> *: $ipv4addr" <<<"$test_output"; then
		fail_fast 110 "old IPv4 address still present: $ipv4addr"
	fi
done

for ipv6addr in 2011:06f8:13dc:0002:19b7:d592:09dd:1041 fd11:06f8:13dc:0002:19b7:d592:09dd:1041; do
	if egrep -q "^# *\<ipv6\> *: $ipv6addr" <<<"$test_output"; then
		fail_fast 110 "old IPv6 address still present: $ipv6addr"
	fi
done

ldbdel -k yes -H ldap://$hostname.$domainname \
	"DC=$test_nqdn,DC=$domainname,CN=MicrosoftDNS,CN=System,$samba4_ldap_base" || \
		fail_fast 110 "Deleting of DNS record object failed."
