Fix unbound-control stdin commands for multi-process Unbounds (#1069)

- Fix unbound-control commands that read stdin in multi-process operation (local_zones_remove, local_zones, local_datas_remove, local_datas, view_local_datas_remove, view_local_datas). They will be properly distributed to all processes. dump_cache and load_cache are no longer supported in multi-process operation. - Remove testdata/remote-threaded.tdir. testdata/09-unbound-control.tdir now checks both single and multi process/thread operation. --------- Co-authored-by: Wouter Wijngaards <wcawijngaards@users.noreply.github.com>
2024-09-21 06:37:08 +00:00 · 2024-05-17 10:25:24 +02:00 · 2024-05-17 10:25:24 +02:00 · 7f184c8ca8
commit 7f184c8ca8
parent da2b307aa3
27 changed files with 370 additions and 753 deletions
--- a/daemon/remote.c
+++ b/daemon/remote.c
@ -110,6 +110,10 @@
 /** what to put on statistics lines between var and value, ": " or "=" */
 #define SQ "="

+/** Acceptable lengths of str lines */
+#define MAX_CMD_STRLINE 1024
+#define MAX_STDIN_STRLINE 2048
+
 static int
 remote_setup_ctx(struct daemon_remote* rc, struct config_file* cfg)
 {
@ -636,6 +640,25 @@ static void send_ok(RES* ssl)
 	(void)ssl_printf(ssl, "ok\n");
 }

+/** tell other processes to execute the command */
+static void
+distribute_cmd(struct daemon_remote* rc, RES* ssl, char* cmd)
+{
+	int i;
+	if(!cmd || !ssl)
+		return;
+	/* skip i=0 which is me */
+	for(i=1; i<rc->worker->daemon->num; i++) {
+		worker_send_cmd(rc->worker->daemon->workers[i],
+			worker_cmd_remote);
+		if(!tube_write_msg(rc->worker->daemon->workers[i]->cmd,
+			(uint8_t*)cmd, strlen(cmd)+1, 0)) {
+			(void)ssl_printf(ssl, "error could not distribute cmd\n");
+			return;
+		}
+	}
+}
+
 /** do the stop command */
 static void
 do_stop(RES* ssl, struct worker* worker)
@ -1223,19 +1246,28 @@ do_zone_add(RES* ssl, struct local_zones* zones, char* arg)

 /** Do the local_zones command */
 static void
-do_zones_add(RES* ssl, struct local_zones* zones)
+do_zones_add(struct daemon_remote* rc, RES* ssl, struct worker* worker)
 {
-	char buf[2048];
+	char buf[MAX_CMD_STRLINE + MAX_STDIN_STRLINE] = "local_zone ";
 	int num = 0;
-	while(ssl_read_line(ssl, buf, sizeof(buf))) {
-		if(buf[0] == 0 || (buf[0] == 0x04 && buf[1] == 0))
+	size_t cmd_len = strlen(buf);
+	while(ssl_read_line(ssl, buf+cmd_len, MAX_STDIN_STRLINE)) {
+		if(buf[0+cmd_len] == 0 ||
+			(buf[0+cmd_len] == 0x04 && buf[1+cmd_len] == 0))
 			break; /* zero byte line or end of transmission */
-		if(!perform_zone_add(ssl, zones, buf)) {
-			if(!ssl_printf(ssl, "error for input line: %s\n", buf))
+#ifdef THREADS_DISABLED
+		/* distribute single item command */
+		if(rc) distribute_cmd(rc, ssl, buf);
+#else
+		(void)rc; /* unused */
+#endif
+		if(!perform_zone_add(ssl, worker->daemon->local_zones,
+			buf+cmd_len)) {
+			if(!ssl_printf(ssl, "error for input line: %s\n",
+				buf+cmd_len))
 				return;
 		}
-		else
-			num++;
+		else	num++;
 	}
 	(void)ssl_printf(ssl, "added %d zones\n", num);
 }
@ -1272,19 +1304,28 @@ do_zone_remove(RES* ssl, struct local_zones* zones, char* arg)

 /** Do the local_zones_remove command */
 static void
-do_zones_remove(RES* ssl, struct local_zones* zones)
+do_zones_remove(struct daemon_remote* rc, RES* ssl, struct worker* worker)
 {
-	char buf[2048];
+	char buf[MAX_CMD_STRLINE + MAX_STDIN_STRLINE] = "local_zone_remove ";
 	int num = 0;
-	while(ssl_read_line(ssl, buf, sizeof(buf))) {
-		if(buf[0] == 0 || (buf[0] == 0x04 && buf[1] == 0))
+	size_t cmd_len = strlen(buf);
+	while(ssl_read_line(ssl, buf+cmd_len, MAX_STDIN_STRLINE)) {
+		if(buf[0+cmd_len] == 0 ||
+			(buf[0+cmd_len] == 0x04 && buf[1+cmd_len] == 0))
 			break; /* zero byte line or end of transmission */
-		if(!perform_zone_remove(ssl, zones, buf)) {
-			if(!ssl_printf(ssl, "error for input line: %s\n", buf))
+#ifdef THREADS_DISABLED
+		/* distribute single item command */
+		if(rc) distribute_cmd(rc, ssl, buf);
+#else
+		(void)rc; /* unused */
+#endif
+		if(!perform_zone_remove(ssl, worker->daemon->local_zones,
+			buf+cmd_len)) {
+			if(!ssl_printf(ssl, "error for input line: %s\n",
+				buf+cmd_len))
 				return;
 		}
-		else
-			num++;
+		else	num++;
 	}
 	(void)ssl_printf(ssl, "removed %d zones\n", num);
 }
@ -1336,15 +1377,24 @@ do_data_add(RES* ssl, struct local_zones* zones, char* arg)

 /** Do the local_datas command */
 static void
-do_datas_add(RES* ssl, struct local_zones* zones)
+do_datas_add(struct daemon_remote* rc, RES* ssl, struct worker* worker)
 {
-	char buf[2048];
+	char buf[MAX_CMD_STRLINE + MAX_STDIN_STRLINE] = "local_data ";
 	int num = 0, line = 0;
-	while(ssl_read_line(ssl, buf, sizeof(buf))) {
-		if(buf[0] == 0 || (buf[0] == 0x04 && buf[1] == 0))
+	size_t cmd_len = strlen(buf);
+	while(ssl_read_line(ssl, buf+cmd_len, MAX_STDIN_STRLINE)) {
+		if(buf[0+cmd_len] == 0 ||
+			(buf[0+cmd_len] == 0x04 && buf[1+cmd_len] == 0))
 			break; /* zero byte line or end of transmission */
+#ifdef THREADS_DISABLED
+		/* distribute single item command */
+		if(rc) distribute_cmd(rc, ssl, buf);
+#else
+		(void)rc; /* unused */
+#endif
 		line++;
-		if(perform_data_add(ssl, zones, buf, line))
+		if(perform_data_add(ssl, worker->daemon->local_zones,
+			buf+cmd_len, line))
 			num++;
 	}
 	(void)ssl_printf(ssl, "added %d datas\n", num);
@ -1376,19 +1426,28 @@ do_data_remove(RES* ssl, struct local_zones* zones, char* arg)

 /** Do the local_datas_remove command */
 static void
-do_datas_remove(RES* ssl, struct local_zones* zones)
+do_datas_remove(struct daemon_remote* rc, RES* ssl, struct worker* worker)
 {
-	char buf[2048];
+	char buf[MAX_CMD_STRLINE + MAX_STDIN_STRLINE] = "local_data_remove ";
 	int num = 0;
-	while(ssl_read_line(ssl, buf, sizeof(buf))) {
-		if(buf[0] == 0 || (buf[0] == 0x04 && buf[1] == 0))
+	size_t cmd_len = strlen(buf);
+	while(ssl_read_line(ssl, buf+cmd_len, MAX_STDIN_STRLINE)) {
+		if(buf[0+cmd_len] == 0 ||
+			(buf[0+cmd_len] == 0x04 && buf[1+cmd_len] == 0))
 			break; /* zero byte line or end of transmission */
-		if(!perform_data_remove(ssl, zones, buf)) {
-			if(!ssl_printf(ssl, "error for input line: %s\n", buf))
+#ifdef THREADS_DISABLED
+		/* distribute single item command */
+		if(rc) distribute_cmd(rc, ssl, buf);
+#else
+		(void)rc; /* unused */
+#endif
+		if(!perform_data_remove(ssl, worker->daemon->local_zones,
+			buf+cmd_len)) {
+			if(!ssl_printf(ssl, "error for input line: %s\n",
+				buf+cmd_len))
 				return;
 		}
-		else
-			num++;
+		else	num++;
 	}
 	(void)ssl_printf(ssl, "removed %d datas\n", num);
 }
@ -1476,9 +1535,13 @@ do_view_data_add(RES* ssl, struct worker* worker, char* arg)

 /** Add new RR data from stdin to view */
 static void
-do_view_datas_add(RES* ssl, struct worker* worker, char* arg)
+do_view_datas_add(struct daemon_remote* rc, RES* ssl, struct worker* worker,
+	char* arg)
 {
 	struct view* v;
+	char buf[MAX_CMD_STRLINE + MAX_STDIN_STRLINE] = "view_local_data ";
+	size_t cmd_len;
+	int num = 0, line = 0;
 	v = views_find_view(worker->daemon->views,
 		arg, 1 /* get write lock*/);
 	if(!v) {
@ -1492,8 +1555,25 @@ do_view_datas_add(RES* ssl, struct worker* worker, char* arg)
 			return;
 		}
 	}
-	do_datas_add(ssl, v->local_zones);
+	/* put the view name in the command buf */
+	(void)snprintf(buf+strlen(buf), sizeof(buf)-strlen(buf), "%s ", arg);
+	cmd_len = strlen(buf);
+	while(ssl_read_line(ssl, buf+cmd_len, MAX_STDIN_STRLINE)) {
+		if(buf[0+cmd_len] == 0 ||
+			(buf[0+cmd_len] == 0x04 && buf[1+cmd_len] == 0))
+			break; /* zero byte line or end of transmission */
+#ifdef THREADS_DISABLED
+		/* distribute single item command */
+		if(rc) distribute_cmd(rc, ssl, buf);
+#else
+		(void)rc; /* unused */
+#endif
+		line++;
+		if(perform_data_add(ssl, v->local_zones, buf+cmd_len, line))
+			num++;
+	}
 	lock_rw_unlock(&v->lock);
+	(void)ssl_printf(ssl, "added %d datas\n", num);
 }

 /** Remove RR data from view */
@ -1521,9 +1601,13 @@ do_view_data_remove(RES* ssl, struct worker* worker, char* arg)

 /** Remove RR data from stdin from view */
 static void
-do_view_datas_remove(RES* ssl, struct worker* worker, char* arg)
+do_view_datas_remove(struct daemon_remote* rc, RES* ssl, struct worker* worker,
+	char* arg)
 {
 	struct view* v;
+	char buf[MAX_CMD_STRLINE + MAX_STDIN_STRLINE] = "view_local_data_remove ";
+	int num = 0;
+	size_t cmd_len;
 	v = views_find_view(worker->daemon->views,
 		arg, 1 /* get write lock*/);
 	if(!v) {
@ -1535,9 +1619,28 @@ do_view_datas_remove(RES* ssl, struct worker* worker, char* arg)
 		ssl_printf(ssl, "removed 0 datas\n");
 		return;
 	}
-
-	do_datas_remove(ssl, v->local_zones);
+	/* put the view name in the command buf */
+	(void)snprintf(buf+strlen(buf), sizeof(buf)-strlen(buf), "%s ", arg);
+	cmd_len = strlen(buf);
+	while(ssl_read_line(ssl, buf+cmd_len, MAX_STDIN_STRLINE)) {
+		if(buf[0+cmd_len] == 0 ||
+			(buf[0+cmd_len] == 0x04 && buf[1+cmd_len] == 0))
+			break; /* zero byte line or end of transmission */
+#ifdef THREADS_DISABLED
+		/* distribute single item command */
+		if(rc) distribute_cmd(rc, ssl, buf);
+#else
+		(void)rc; /* unused */
+#endif
+		if(!perform_data_remove(ssl, v->local_zones, buf+cmd_len)) {
+			if(!ssl_printf(ssl, "error for input line: %s\n",
+				buf+cmd_len))
+				return;
+		}
+		else	num++;
+	}
 	lock_rw_unlock(&v->lock);
+	(void)ssl_printf(ssl, "removed %d datas\n", num);
 }

 /** cache lookup of nameservers */
@ -2131,7 +2234,7 @@ parse_delegpt(RES* ssl, char* args, uint8_t* nm)
 	return dp;
 }

-/** do the status command */
+/** do the forward command */
 static void
 do_forward(RES* ssl, struct worker* worker, char* args)
 {
@ -3090,25 +3193,6 @@ do_rpz_disable(RES* ssl, struct worker* worker, char* arg)
    do_rpz_enable_disable(ssl, worker, arg, 0);
 }

-/** tell other processes to execute the command */
-static void
-distribute_cmd(struct daemon_remote* rc, RES* ssl, char* cmd)
-{
-	int i;
-	if(!cmd || !ssl)
-		return;
-	/* skip i=0 which is me */
-	for(i=1; i<rc->worker->daemon->num; i++) {
-		worker_send_cmd(rc->worker->daemon->workers[i],
-			worker_cmd_remote);
-		if(!tube_write_msg(rc->worker->daemon->workers[i]->cmd,
-			(uint8_t*)cmd, strlen(cmd)+1, 0)) {
-			ssl_printf(ssl, "error could not distribute cmd\n");
-			return;
-		}
-	}
-}
-
 /** check for name with end-of-string, space or tab after it */
 static int
 cmdcmp(char* p, const char* cmd, size_t len)
@ -3142,9 +3226,23 @@ execute_cmd(struct daemon_remote* rc, RES* ssl, char* cmd,
 		do_status(ssl, worker);
 		return;
 	} else if(cmdcmp(p, "dump_cache", 10)) {
+#ifdef THREADS_DISABLED
+		if(worker->daemon->num > 1) {
+			(void)ssl_printf(ssl, "dump_cache/load_cache is not "
+				"supported in multi-process operation\n");
+			return;
+		}
+#endif
 		(void)dump_cache(ssl, worker);
 		return;
 	} else if(cmdcmp(p, "load_cache", 10)) {
+#ifdef THREADS_DISABLED
+		if(worker->daemon->num > 1) {
+			/* The warning can't be printed when stdin is sending
+			 * data; just return */
+			return;
+		}
+#endif
 		if(load_cache(ssl, worker)) send_ok(ssl);
 		return;
 	} else if(cmdcmp(p, "list_forwards", 13)) {
@ -3206,6 +3304,27 @@ execute_cmd(struct daemon_remote* rc, RES* ssl, char* cmd,
 	} else if(cmdcmp(p, "lookup", 6)) {
 		do_lookup(ssl, worker, skipwhite(p+6));
 		return;
+	/* The following are commands that read stdin.
+	 * Each line needs to be distributed if THREADS_DISABLED.
+	 */
+	} else if(cmdcmp(p, "local_zones_remove", 18)) {
+		do_zones_remove(rc, ssl, worker);
+		return;
+	} else if(cmdcmp(p, "local_zones", 11)) {
+		do_zones_add(rc, ssl, worker);
+		return;
+	} else if(cmdcmp(p, "local_datas_remove", 18)) {
+		do_datas_remove(rc, ssl, worker);
+		return;
+	} else if(cmdcmp(p, "local_datas", 11)) {
+		do_datas_add(rc, ssl, worker);
+		return;
+	} else if(cmdcmp(p, "view_local_datas_remove", 23)){
+		do_view_datas_remove(rc, ssl, worker, skipwhite(p+23));
+		return;
+	} else if(cmdcmp(p, "view_local_datas", 16)) {
+		do_view_datas_add(rc, ssl, worker, skipwhite(p+16));
+		return;
 	}

 #ifdef THREADS_DISABLED
@ -3220,20 +3339,12 @@ execute_cmd(struct daemon_remote* rc, RES* ssl, char* cmd,
 		do_verbosity(ssl, skipwhite(p+9));
 	} else if(cmdcmp(p, "local_zone_remove", 17)) {
 		do_zone_remove(ssl, worker->daemon->local_zones, skipwhite(p+17));
-	} else if(cmdcmp(p, "local_zones_remove", 18)) {
-		do_zones_remove(ssl, worker->daemon->local_zones);
 	} else if(cmdcmp(p, "local_zone", 10)) {
 		do_zone_add(ssl, worker->daemon->local_zones, skipwhite(p+10));
-	} else if(cmdcmp(p, "local_zones", 11)) {
-		do_zones_add(ssl, worker->daemon->local_zones);
 	} else if(cmdcmp(p, "local_data_remove", 17)) {
 		do_data_remove(ssl, worker->daemon->local_zones, skipwhite(p+17));
-	} else if(cmdcmp(p, "local_datas_remove", 18)) {
-		do_datas_remove(ssl, worker->daemon->local_zones);
 	} else if(cmdcmp(p, "local_data", 10)) {
 		do_data_add(ssl, worker->daemon->local_zones, skipwhite(p+10));
-	} else if(cmdcmp(p, "local_datas", 11)) {
-		do_datas_add(ssl, worker->daemon->local_zones);
 	} else if(cmdcmp(p, "forward_add", 11)) {
 		do_forward_add(ssl, worker, skipwhite(p+11));
 	} else if(cmdcmp(p, "forward_remove", 14)) {
@ -3250,12 +3361,8 @@ execute_cmd(struct daemon_remote* rc, RES* ssl, char* cmd,
 		do_view_zone_add(ssl, worker, skipwhite(p+15));
 	} else if(cmdcmp(p, "view_local_data_remove", 22)) {
 		do_view_data_remove(ssl, worker, skipwhite(p+22));
-	} else if(cmdcmp(p, "view_local_datas_remove", 23)){
-		do_view_datas_remove(ssl, worker, skipwhite(p+23));
 	} else if(cmdcmp(p, "view_local_data", 15)) {
 		do_view_data_add(ssl, worker, skipwhite(p+15));
-	} else if(cmdcmp(p, "view_local_datas", 16)) {
-		do_view_datas_add(ssl, worker, skipwhite(p+16));
 	} else if(cmdcmp(p, "flush_zone", 10)) {
 		do_flush_zone(ssl, worker, skipwhite(p+10));
 	} else if(cmdcmp(p, "flush_type", 10)) {
@ -3309,7 +3416,7 @@ handle_req(struct daemon_remote* rc, struct rc_state* s, RES* res)
 	int r;
 	char pre[10];
 	char magic[7];
-	char buf[1024];
+	char buf[MAX_CMD_STRLINE];
 #ifdef USE_WINSOCK
 	/* makes it possible to set the socket blocking again. */
 	/* basically removes it from winsock_event ... */
--- a/doc/unbound-control.8.in
+++ b/doc/unbound-control.8.in
@ -121,14 +121,18 @@ Remove local data RRs read from stdin of unbound\-control. Input is one name per
 line. For bulk removals.
 .TP
 .B dump_cache
-The contents of the cache is printed in a text format to stdout. You can
-redirect it to a file to store the cache in a file.
+The content of the cache is printed in a text format to stdout.
+You can redirect it to a file to store the cache in a file.
+Not supported in remote Unbounds in multi-process operation.
 .TP
 .B load_cache
-The contents of the cache is loaded from stdin.  Uses the same format as
-dump_cache uses.  Loading the cache with old, or wrong data can result
-in old or wrong data returned to clients.  Loading data into the cache
-in this way is supported in order to aid with debugging.
+The content of the cache is loaded from stdin.
+Uses the same format as dump_cache uses.
+Loading the cache with old, or wrong data can result in old or wrong data
+returned to clients.
+Loading data into the cache in this way is supported in order to aid with
+debugging.
+Not supported in remote Unbounds in multi-process operation.
 .TP
 .B lookup \fIname
 Print to stdout the name servers that would be used to look up the
--- a/smallapp/unbound-control.c
+++ b/smallapp/unbound-control.c
@ -122,11 +122,17 @@ usage(void)
 	printf("  local_data <RR data...>	add local data, for example\n");
 	printf("				local_data www.example.com A 192.0.2.1\n");
 	printf("  local_data_remove <name>	remove local RR data from name\n");
-	printf("  local_zones, local_zones_remove, local_datas, local_datas_remove\n");
-	printf("  				same, but read list from stdin\n");
+	printf("  local_zones,\n");
+	printf("  local_zones_remove,\n");
+	printf("  local_datas,\n");
+	printf("  local_datas_remove		same, but read list from stdin\n");
 	printf("  				(one entry per line).\n");
 	printf("  dump_cache			print cache to stdout\n");
+	printf("				(not supported in remote unbounds in\n");
+	printf("				multi-process operation)\n");
 	printf("  load_cache			load cache from stdin\n");
+	printf("				(not supported in remote unbounds in\n");
+	printf("				multi-process operation)\n");
 	printf("  lookup <name>			print nameservers for name\n");
 	printf("  flush [+c] <name>			flushes common types for name from cache\n");
 	printf("  				types:  A, AAAA, MX, PTR, NS,\n");
--- a/testdata/09-unbound-control.tdir/09-unbound-control.conf
+++ b/testdata/09-unbound-control.tdir/09-unbound-control.conf
@ -1,8 +1,7 @@
 server:
-	verbosity: 2
-	num-threads: 1
-	interface: 127.0.0.1
-	port: @PORT@
+	verbosity: 5
+	num-threads: 1  # This is dynamically handled by the test when needed
+	interface: 127.0.0.1@@PORT@
 	use-syslog: no
 	directory: ""
 	pidfile: "unbound.pid"
@ -10,9 +9,13 @@ server:
 	username: ""
 	do-not-query-localhost: no
 	access-control: 127.0.0.1 allow_snoop
+	access-control-view: 127.0.0.1 testview
 	msg-cache-size: 4m
 	rrset-cache-size: 4m
 	minimal-responses: yes
+view:
+	name: testview
+	view-first: yes  # Allow falling back to global local data
 remote-control:
 	control-enable: yes
 	control-interface: 127.0.0.1
--- a/testdata/09-unbound-control.tdir/09-unbound-control.pre
+++ b/testdata/09-unbound-control.tdir/09-unbound-control.pre
@ -30,4 +30,3 @@ echo "UNBOUND_PID=$UNBOUND_PID" >> .tpkg.var.test
 cat .tpkg.var.test
 wait_ldns_testns_up fwd.log
 wait_unbound_up unbound.log
-
--- a/testdata/09-unbound-control.tdir/09-unbound-control.test
+++ b/testdata/09-unbound-control.tdir/09-unbound-control.test
@ -73,6 +73,29 @@ control_command () {
 	$PRE/unbound-control $@ > outfile
 }

+# Reload the server for a clean state
+clean_reload () {
+	echo "> Reloading the server for a clean state"
+	cp main.conf ub.conf
+	control_command -c ub.conf reload
+	expect_exit_value 0
+}
+
+# Reload the server for a clean state and populate the cache
+clean_reload_and_fill_cache () {
+	clean_reload
+	echo "> Populating the cache"
+	query www.example.com
+	expect_answer "10.20.30.40"
+	if test "$have_threads" = "no"; then
+		# Try to get the answer in all processes' cache.
+		for (( try=0 ; try < num_threads * 2 * 2 ; try++ )) ; do
+			query www.example.com
+			expect_answer "10.20.30.40"
+		done
+	fi
+}
+
 # Dump the cache contents
 # $@: optional options to unbound-control
 cache_dump () {
@ -111,8 +134,28 @@ fail_in_cache_dump () {
 	fi
 }

-# start the test
+# Check if multi-threading or multi-process environment
+have_threads="no"
+if grep "define HAVE_PTHREAD 1" $PRE/config.h; then have_threads="yes"; fi
+if grep "define HAVE_SOLARIS_THREADS 1" $PRE/config.h; then have_threads="yes"; fi
+if grep "define HAVE_WINDOWS_THREADS 1" $PRE/config.h; then have_threads="yes"; fi
+
+# start the test; keep the original conf file around
+cp ub.conf orig.conf
+
+
+# START - thread configuration
+# Do both single thread/process and multi thread/process runs.
+# The number of threads can only go up from the initial configuration between
+# reloads so starting with 1.
+for num_threads in 1 4; do
+
+cp orig.conf ub.conf
+echo "> setting num-threads: $num_threads"
+echo "server: num-threads: $num_threads" >> ub.conf
 cp ub.conf main.conf
+clean_reload
+

 teststep "exit value is 1 on usage"
 control_command -h
@ -163,6 +206,9 @@ cat conf.spoofed_credentials >> bad.conf
 control_command -c bad.conf verbosity 2
 expect_exit_value 1

+teststep "clean reload"
+clean_reload
+
 teststep "create a new local zone"
 control_command -c ub.conf local_zone example.net static
 expect_exit_value 0
@ -194,6 +240,76 @@ expect_exit_value 0
 query www.example.net.
 expect_answer "SERVFAIL"

+teststep "load local-zones from file"
+control_command -c ub.conf local_zones < local_zones
+expect_exit_value 0
+query localzonefromfile
+expect_answer "REFUSED"
+if test "$have_threads" = "no"; then
+	# Try to see if a process other than the first one
+	# has updated data from stdin.
+	for (( try=0 ; try < num_threads * 2 ; try++ )) ; do
+		query localzonefromfile
+		expect_answer "REFUSED"
+	done
+fi
+
+teststep "load local-data from file"
+control_command -c ub.conf local_datas < local_data
+expect_exit_value 0
+query -t txt localdatafromfile
+expect_answer "local data from file OK"
+if test "$have_threads" = "no"; then
+	# Try to see if a process other than the first one
+	# has updated data from stdin.
+	for (( try=0 ; try < num_threads * 2 ; try++ )) ; do
+		query -t txt localdatafromfile
+		expect_answer "local data from file OK"
+	done
+fi
+
+teststep "load view-local-data from file"
+control_command -c ub.conf view_local_datas testview < view_local_data
+expect_exit_value 0
+control_command -c ub.conf view_list_local_zones testview
+query -t txt viewlocaldatafromfile
+expect_answer "view local data from file OK"
+if test "$have_threads" = "no"; then
+	# Try to see if a process other than the first one
+	# has updated data from stdin.
+	for (( try=0 ; try < num_threads * 2 ; try++ )) ; do
+		query -t txt viewlocaldatafromfile
+		expect_answer "view local data from file OK"
+	done
+fi
+
+teststep "remove local-zone, local-data and view-local-data from file"
+control_command -c ub.conf local_zones_remove < local_zones_remove
+expect_exit_value 0
+control_command -c ub.conf local_datas_remove < local_data_remove
+expect_exit_value 0
+control_command -c ub.conf view_local_datas_remove testview < view_local_data_remove
+expect_exit_value 0
+control_command -c ub.conf list_local_zones
+fail_answer "localzonefromfile"
+fail_answer "local data from file OK"
+expect_answer "otherlocalzone"
+control_command -c ub.conf view_list_local_data testview
+fail_answer "viewlocaldatafromfile"
+
+teststep "flushing"
+control_command -c ub.conf flush www.example.net
+expect_exit_value 0
+control_command -c ub.conf flush_type www.example.net TXT
+expect_exit_value 0
+control_command -c ub.conf flush_zone example.net
+expect_exit_value 0
+
+# START - single thread/process tests only
+if test $num_threads -le 1; then
+
+clean_reload_and_fill_cache
+
 teststep "dump the cache"
 query www.example.com.
 cache_dump -c ub.conf
@ -208,123 +324,79 @@ expect_exit_value 0
 teststep "load the cache dump"
 cache_load -c ub.conf
 expect_exit_value 0
-query www.example.com.
+query www.example.com. +nordflag
 expect_answer "10.20.30.40"

-teststep "load local-zones from file"
-control_command -c ub.conf local_zones < local_zones
-expect_exit_value 0
-query localzonefromfile
-expect_answer "REFUSED"
+else
+	echo ""
+	echo "> skip test parts that need single thread/process"
+fi
+# END - single thread/process tests only

-teststep "load local-data from file"
-control_command -c ub.conf local_datas < local_data
-expect_exit_value 0
-query -t txt localdatafromfile
-expect_answer "local data from file OK"
+clean_reload_and_fill_cache

-teststep "remove local-zone and local-data from file"
-control_command -c ub.conf local_zones_remove < local_zones_remove
-expect_exit_value 0
-control_command -c ub.conf local_datas_remove < local_data_remove
-expect_exit_value 0
-control_command -c ub.conf list_local_zones
-fail_answer "localzonefromfile"
-fail_answer "local data from file OK"
-expect_answer "otherlocalzone"
-
-teststep "flushing"
-control_command -c ub.conf flush www.example.net
-expect_exit_value 0
-control_command -c ub.conf flush_type www.example.net TXT
-expect_exit_value 0
-control_command -c ub.conf flush_zone example.net
-expect_exit_value 0
-
-teststep "reload the server for a clean state and populate the cache"
-cp main.conf ub.conf
+teststep "reload and check cache - should be empty"
 control_command -c ub.conf reload
 expect_exit_value 0
-query www.example.com
-expect_answer "10.20.30.40"
+query www.example.com +nordflag
+fail_answer "10.20.30.40"

-teststep "reload and check cache dump - should be empty"
-control_command -c ub.conf reload
-expect_exit_value 0
-cache_dump -c ub.conf
-expect_exit_value 0
-fail_in_cache_dump "www.example.com.*10.20.30.40"
-fail_in_cache_dump "msg www.example.com. IN A"
+clean_reload_and_fill_cache

-query www.example.com
-expect_answer "10.20.30.40"
-
-teststep "reload_keep_cache and check cache dump - should not be empty"
+teststep "reload_keep_cache and check cache - should not be empty"
 control_command -c ub.conf reload_keep_cache
 expect_exit_value 0
-cache_dump -c ub.conf
-expect_exit_value 0
-cat cache.dump
-expect_in_cache_dump "www.example.com.*10.20.30.40"
-expect_in_cache_dump "msg www.example.com. IN A"
 query www.example.com +nordflag
 expect_answer "10.20.30.40"

+clean_reload_and_fill_cache
+
 teststep "change msg-cache-size and reload_keep_cache - should be empty"
 echo "server: msg-cache-size: 2m" >> ub.conf
 control_command -c ub.conf reload_keep_cache
 expect_exit_value 0
-cache_dump -c ub.conf
-expect_exit_value 0
-fail_in_cache_dump "www.example.com.*10.20.30.40"
-fail_in_cache_dump "msg www.example.com. IN A"
-query www.example.com
-expect_answer "10.20.30.40"
+query www.example.com +nordflag
+fail_answer "10.20.30.40"
+
+clean_reload_and_fill_cache

 teststep "change rrset-cache-size and reload_keep_cache - should be empty"
 echo "server: rrset-cache-size: 2m" >> ub.conf
 control_command -c ub.conf reload_keep_cache
 expect_exit_value 0
-cache_dump -c ub.conf
-expect_exit_value 0
-fail_in_cache_dump "www.example.com.*10.20.30.40"
-fail_in_cache_dump "msg www.example.com. IN A"
-query www.example.com
-expect_answer "10.20.30.40"
+query www.example.com +nordflag
+fail_answer "10.20.30.40"

-# See if this part of the test can be enabled, it needs threads for combined
-# output.
-have_threads="no"
-if grep "define HAVE_PTHREAD 1" $PRE/config.h; then have_threads="yes"; fi
-if grep "define HAVE_SOLARIS_THREADS 1" $PRE/config.h; then have_threads="yes"; fi
-if grep "define HAVE_WINDOWS_THREADS 1" $PRE/config.h; then have_threads="yes"; fi
+# START - have_threads tests
+# This part of the test needs threads for combined output.
 if test "$have_threads" = "yes"; then

+clean_reload_and_fill_cache
+
 teststep "change num-threads and reload_keep_cache - should be empty"
 echo "server: num-threads: 2" >> ub.conf
 control_command -c ub.conf reload_keep_cache
 expect_exit_value 0
-cache_dump -c ub.conf
-expect_exit_value 0
-fail_in_cache_dump "www.example.com.*10.20.30.40"
-fail_in_cache_dump "msg www.example.com. IN A"
-query www.example.com
-expect_answer "10.20.30.40"
+query www.example.com +nordflag
+fail_answer "10.20.30.40"
+
+clean_reload_and_fill_cache

 teststep "change minimal-responses and reload_keep_cache - should not be empty"
 echo "server: minimal-responses: no" >> ub.conf
 control_command -c ub.conf reload_keep_cache
 expect_exit_value 0
-cache_dump -c ub.conf
-expect_exit_value 0
-expect_in_cache_dump "www.example.com.*10.20.30.40"
-expect_in_cache_dump "msg www.example.com. IN A"
+query www.example.com +nordflag
+expect_answer "10.20.30.40"

 else
 	echo ""
 	echo "> skip test parts that need threads, have_threads=no"
-# end of check for have_threads
 fi
+# END - have_threads tests
+
+done
+# END - thread configuration

 teststep "now stop the server"
 control_command -c ub.conf stop
--- a/testdata/09-unbound-control.tdir/09-unbound-control.testns
+++ b/testdata/09-unbound-control.tdir/09-unbound-control.testns
@ -19,4 +19,3 @@ ADJUST copy_id
 SECTION QUESTION
 www.example.net.	IN	A
 ENTRY_END
-
--- a/testdata/09-unbound-control.tdir/local_data
+++ b/testdata/09-unbound-control.tdir/local_data
@ -1 +1,4 @@
 localdatafromfile 3600 TXT "local data from file OK"
+localdatafromfile1 3600 A 1.1.1.1
+localdatafromfile2 3600 A 2.2.2.2
+localdatafromfile3 3600 A 3.3.3.3
--- a/testdata/09-unbound-control.tdir/local_data_remove
+++ b/testdata/09-unbound-control.tdir/local_data_remove
@ -1 +1,4 @@
 localdatafromfile
+localdatafromfile1
+localdatafromfile2
+localdatafromfile3
--- a/testdata/09-unbound-control.tdir/local_zones
+++ b/testdata/09-unbound-control.tdir/local_zones
@ -1,2 +1,5 @@
 localzonefromfile refuse
 otherlocalzone	static
+localzonefromfile1 static
+localzonefromfile2 static
+localzonefromfile3 static
--- a/testdata/09-unbound-control.tdir/local_zones_remove
+++ b/testdata/09-unbound-control.tdir/local_zones_remove
@ -1 +1,4 @@
 localzonefromfile
+localzonefromfile1
+localzonefromfile2
+localzonefromfile3
--- a/testdata/09-unbound-control.tdir/view_local_data
+++ b/testdata/09-unbound-control.tdir/view_local_data
@ -0,0 +1,4 @@
+viewlocaldatafromfile 3600 TXT "view local data from file OK"
+viewlocaldatafromfile1 3600 A 1.1.1.1
+viewlocaldatafromfile2 3600 A 2.2.2.2
+viewlocaldatafromfile3 3600 A 3.3.3.3
--- a/testdata/09-unbound-control.tdir/view_local_data_remove
+++ b/testdata/09-unbound-control.tdir/view_local_data_remove
@ -0,0 +1,4 @@
+viewlocaldatafromfile
+viewlocaldatafromfile1
+viewlocaldatafromfile2
+viewlocaldatafromfile3
--- a/testdata/remote-threaded.tdir/bad_control.key
+++ b/testdata/remote-threaded.tdir/bad_control.key
@ -1,15 +0,0 @@
-----BEGIN RSA PRIVATE KEY-----
-MIICXAIBAAKBgQDti51Z6qASvAjPFFhLLlq8BwtsnmfqMPMn57dKAghb4OifeL4G
-SLOE02/hKDkdkOvaUG2UqDNh2OoPTuJk4A+mG2LJoziFhHKlIebo9v2YiFWOBVtO
-DWc3tXPT1IlSEN0xnAGelMmeLcPeCPe+A5IDlIHzF/+YiDgS38S9dL17owIDAQAB
-AoGAG3w/DatfMCu/nS5OdQx9BSqPgNbnUSqux9xA0fhgPTlN0T3oRtPcqa7JUDUW
-PryI/a62ry+zGkw98N2AxolCZg3N7Z3vuRx2FMcKKNwpTzDmcZW7TmMk5FPof6gE
-PnYl/ff0w+kxqA+L2EexH3Xi6ApLSZcjyzKWj+dL2AuT9gkCQQD3dPitwITxgCAD
-IaHw23e3FRkM/hw1Gp8bt6nbuxitVxxpO96q1EQ+fCy/mf0bMEJDp3xzMEIfP3r4
-GmNbaxa1AkEA9b8LeBLbQ2cm2+UMeUgygBsRirdUQ786auqH38Jbvi/j6S9sDl2x
-q1vRtikEBZJWfkhsOzrzwFDKe1bI/EEn9wJAAzOwRA9JqRZPU7sLrWIpmmTbfh+L
-neRKSsGFoSI6n4ORCouLxgoZF/XjXldPvxpQwS9ZnOPy9xSLMsqknno0QQJAeDtA
-IT8Yh6GwIWWu9KeeDY8wxe1sDLlCm4yjbZZpzGMh3rSU6XJtuqjxsW3fydoO9zn3
-ugLdvvnIFxAexUwbgQJBANyM13xcObfUJOj9rjlGCh0CDh/04ONl8SH8HBnM8guA
-RJI5S6vBHweVRopEZcF1sQm6wMf3ej/sGkyyNvJxRkY=
-----END RSA PRIVATE KEY-----
--- a/testdata/remote-threaded.tdir/bad_control.pem
+++ b/testdata/remote-threaded.tdir/bad_control.pem
@ -1,11 +0,0 @@
-----BEGIN CERTIFICATE-----
-MIIBozCCAQwCCQDd5/rocjG5vDANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwd1
-bmJvdW5kMB4XDTA4MDkyNjEyMjQ0NFoXDTI4MDYxMzEyMjQ0NFowGjEYMBYGA1UE
-AxMPdW5ib3VuZC1jb250cm9sMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDt
-i51Z6qASvAjPFFhLLlq8BwtsnmfqMPMn57dKAghb4OifeL4GSLOE02/hKDkdkOva
-UG2UqDNh2OoPTuJk4A+mG2LJoziFhHKlIebo9v2YiFWOBVtODWc3tXPT1IlSEN0x
-nAGelMmeLcPeCPe+A5IDlIHzF/+YiDgS38S9dL17owIDAQABMA0GCSqGSIb3DQEB
-BQUAA4GBAHpvcKqY48X9WsqogV16L+zT7iXhZ4tySA9EBk1a+0gud/iDPKSBi7mK
-4rzphVfb4S207dVmTG+1WNpa6l3pTGML6XLElxqIu/kr7w4cF0rKvZxWPsBRqYjH
-5HrK8CrQ0+YvUHXiu7IaACLGvKXY4Tqa3HQyvEtzLWJ4HhOrGx8F
-----END CERTIFICATE-----
--- a/testdata/remote-threaded.tdir/bad_server.key
+++ b/testdata/remote-threaded.tdir/bad_server.key
@ -1,15 +0,0 @@
-----BEGIN RSA PRIVATE KEY-----
-MIICWwIBAAKBgQC9hurNHBtB7QFEuPJOnCylUWUF2/US3v9yQQQXnstuXMQXRaq1
-1uviLmwaGurV9tngX59HITsBT74NQrtFKfEDLViLrm2arAM9Ozsn4tnv30HXPRDj
-UOc1M05Q7UzjaSrOv+TkPEqyhtUyaP1DYo0bcmbxtSkYc2ZEWCwhPklUwQIDAQAB
-AoGATjzZxN4ramWaNnJapJTX4U7eczK/0pB3xwSL2exVcjOdRzYdKH+WVIJxYb1m
-3/jNLFCNAeH356yxeevoPr73nG75YJ9I1ZWQWTnS3SDK6JD1+3pmAD0bQWFoitpf
-FoSH9H4X5gFB5vCZ99YVoYH1UXWPcgvUHwxz0voImt6lCKECQQD4YQ4A3M0+Ki8v
-Hl+5FKULnS0UtBkweCvkF/X1zZRjjYr6hLnqldFkkgTBKWe17pUXX0nwRMbP1YZX
-i+vDq5JNAkEAw1eYsmC0nVAMawo57N6LYavGv/n5u1cvpTpKDtn4cXH0Uqq13Kyu
-2FUTzan2NhCEK78UzbWaeewBJmxYda1+RQJAdShKk6uTAEyjnwUjv8h2JWlJN2fQ
-LeWxRlDrCruiz+aW9J4gl/99GoQpy/c83TshhjnDRZsbcDNWv/rXBZ/rTQJAFQva
-CtX6f7yBKgM3DHtJvyM3zbVMH9Ab9QxbsE/xwZ9KeKGl6Hm+eNZpxM3cFiUfaGs0
-/ZjkZOB1m0MvILaplQJAXC3PJ/E+87banGZRJl5qtS6/HoX5lH9TPkL8Essy7ANO
-2BT2OTQawD1A+VKIrQHXs085Of8tQUfrfHHt7s3Kqg==
-----END RSA PRIVATE KEY-----
--- a/testdata/remote-threaded.tdir/bad_server.pem
+++ b/testdata/remote-threaded.tdir/bad_server.pem
@ -1,11 +0,0 @@
-----BEGIN CERTIFICATE-----
-MIIBmzCCAQQCCQCDugnhq8B6LzANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwd1
-bmJvdW5kMB4XDTA4MDkyNjEyMjQ0M1oXDTI4MDYxMzEyMjQ0M1owEjEQMA4GA1UE
-AxMHdW5ib3VuZDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAvYbqzRwbQe0B
-RLjyTpwspVFlBdv1Et7/ckEEF57LblzEF0Wqtdbr4i5sGhrq1fbZ4F+fRyE7AU++
-DUK7RSnxAy1Yi65tmqwDPTs7J+LZ799B1z0Q41DnNTNOUO1M42kqzr/k5DxKsobV
-Mmj9Q2KNG3Jm8bUpGHNmRFgsIT5JVMECAwEAATANBgkqhkiG9w0BAQUFAAOBgQCy
-zGMW35/9xXoEWsuLFWUOaEKVq5DXuXtXbcMpDW6k2ELoraa305vh7Zwhj5JSqfcm
-O0xyqIzXvz/cYdyOTgEkdMDZ/EvQsxKTwvj6eA4614yB1r3Ju5eZd4Gpo6BHhSpu
-oqsrr0duJ+JOANTyaBplIxM1sjHbR4FGtmrFknBYBQ==
-----END CERTIFICATE-----
--- a/testdata/remote-threaded.tdir/remote-threaded.conf
+++ b/testdata/remote-threaded.tdir/remote-threaded.conf
@ -1,25 +0,0 @@
-server:
-	verbosity: 2
-	num-threads: 4
-	outgoing-range: 16
-	interface: 127.0.0.1
-	port: @PORT@
-	use-syslog: no
-	directory: ""
-	pidfile: "unbound.pid"
-	chroot: ""
-	username: ""
-	do-not-query-localhost: no
-remote-control:
-	control-enable: yes
-	control-interface: 127.0.0.1
-	# control-interface: ::1
-	control-port: @CONTROL_PORT@
-	server-key-file: "unbound_server.key"
-	server-cert-file: "unbound_server.pem"
-	control-key-file: "unbound_control.key"
-	control-cert-file: "unbound_control.pem"
-forward-zone:
-	name: "."
-	forward-addr: "127.0.0.1@@TOPORT@"
-
--- a/testdata/remote-threaded.tdir/remote-threaded.dsc
+++ b/testdata/remote-threaded.tdir/remote-threaded.dsc
@ -1,16 +0,0 @@
-BaseName: remote-threaded
-Version: 1.0
-Description: remote control test with thread communication
-CreationDate: Wed Dec  3 15:00:38 CET 2008
-Maintainer: dr. W.C.A. Wijngaards
-Category: 
-Component:
-CmdDepends: 
-Depends: 
-Help:
-Pre: remote-threaded.pre
-Post: remote-threaded.post
-Test: remote-threaded.test
-AuxFiles: 
-Passed:
-Failure:
--- a/testdata/remote-threaded.tdir/remote-threaded.post
+++ b/testdata/remote-threaded.tdir/remote-threaded.post
@ -1,13 +0,0 @@
-# #-- remote-threaded.post --#
-# source the master var file when it's there
-[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
-# source the test var file when it's there
-[ -f .tpkg.var.test ] && source .tpkg.var.test
-#
-# do your teardown here
-. ../common.sh
-kill_pid $FWD_PID
-# unbound stopped by test (if successful)
-kill $UNBOUND_PID >/dev/null 2>&1
-kill $UNBOUND_PID >/dev/null 2>&1
-exit 0
--- a/testdata/remote-threaded.tdir/remote-threaded.pre
+++ b/testdata/remote-threaded.tdir/remote-threaded.pre
@ -1,33 +0,0 @@
-# #-- remote-threaded.pre--#
-# source the master var file when it's there
-[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
-# use .tpkg.var.test for in test variable passing
-[ -f .tpkg.var.test ] && source .tpkg.var.test
-
-. ../common.sh
-get_random_port 3
-UNBOUND_PORT=$RND_PORT
-FWD_PORT=$(($RND_PORT + 1))
-CONTROL_PORT=$(($RND_PORT + 2))
-echo "UNBOUND_PORT=$UNBOUND_PORT" >> .tpkg.var.test
-echo "FWD_PORT=$FWD_PORT" >> .tpkg.var.test
-echo "CONTROL_PORT=$CONTROL_PORT" >> .tpkg.var.test
-
-# start forwarder
-get_ldns_testns
-$LDNS_TESTNS -p $FWD_PORT remote-threaded.testns >fwd.log 2>&1 &
-FWD_PID=$!
-echo "FWD_PID=$FWD_PID" >> .tpkg.var.test
-
-# make config file
-sed -e 's/@PORT\@/'$UNBOUND_PORT'/' -e 's/@TOPORT\@/'$FWD_PORT'/' -e 's/@CONTROL_PORT\@/'$CONTROL_PORT'/' < remote-threaded.conf > ub.conf
-# start unbound in the background
-PRE="../.."
-$PRE/unbound -d -c ub.conf >unbound.log 2>&1 &
-UNBOUND_PID=$!
-echo "UNBOUND_PID=$UNBOUND_PID" >> .tpkg.var.test
-
-cat .tpkg.var.test
-wait_ldns_testns_up fwd.log
-wait_unbound_up unbound.log
-
--- a/testdata/remote-threaded.tdir/remote-threaded.test
+++ b/testdata/remote-threaded.tdir/remote-threaded.test
@ -1,310 +0,0 @@
-# #-- remote-threaded.test --#
-# source the master var file when it's there
-[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master
-# use .tpkg.var.test for in test variable passing
-[ -f .tpkg.var.test ] && source .tpkg.var.test
-
-PRE="../.."
-
-# exit value is 1 on usage
-$PRE/unbound-control -h
-if test $? -ne 1; then
-	echo "wrong exit value for usage."
-	exit 1
-else
-	echo "exit value for usage: OK"
-fi
-
-# use lock-verify if possible
-
-# test if the server is up.
-echo "> dig www.example.com."
-dig @127.0.0.1 -p $UNBOUND_PORT www.example.com. | tee outfile
-echo "> check answer"
-if grep "10.20.30.40" outfile; then
-	echo "OK"
-else
-	echo "> cat logfiles"
-	cat fwd.log
-	cat unbound.log
-	echo "Not OK"
-	exit 1
-fi
-
-# exit value is 1 when a bad command is given.
-echo "$PRE/unbound-control -c ub.conf blablargh"
-$PRE/unbound-control -c ub.conf blablargh
-if test $? -ne 1; then
-	echo "wrong exit value on error."
-	echo "> cat logfiles"
-	cat fwd.log
-	cat unbound.log
-	exit 1
-else
-	echo "correct exit value on error"
-fi
-
-# reload the server. test if the server came up by putting a new
-# local-data element in the server.
-echo "server: local-data: 'afterreload. IN A 5.6.7.8'" >> ub.conf
-echo "$PRE/unbound-control -c ub.conf reload"
-$PRE/unbound-control -c ub.conf reload
-if test $? -ne 0; then
-	echo "wrong exit value after success"
-	exit 1
-fi
-
-echo "> dig afterreload."
-dig @127.0.0.1 -p $UNBOUND_PORT afterreload. | tee outfile
-echo "> check answer"
-if grep "5.6.7.8" outfile; then
-	echo "OK"
-else
-	echo "> cat logfiles"
-	cat fwd.log
-	cat unbound.log
-	echo "Not OK"
-	exit 1
-fi
-
-# must have had queries now.  1 since reload.
-echo "$PRE/unbound-control -c ub.conf stats"
-$PRE/unbound-control -c ub.conf stats > tmp.$$
-if test $? -ne 0; then
-	echo "wrong exit value after success"
-	cat fwd.log
-	cat unbound.log
-	exit 1
-fi
-if grep "^total.num.queries=[1-9][0-9]*$" tmp.$$; then
-	echo "OK"
-else
-	echo "bad stats"
-	cat tmp.$$
-	exit 1
-fi
-
-# verbosity
-echo "$PRE/unbound-control -c ub.conf verbosity 4"
-$PRE/unbound-control -c ub.conf verbosity 4
-if test $? -ne 0; then
-	echo "wrong exit value after success"
-	exit 1
-fi
-
-# check syntax error in parse
-echo "$PRE/unbound-control -c ub.conf verbosity jkdf"
-$PRE/unbound-control -c ub.conf verbosity jkdf
-if test $? -ne 1; then
-	echo "wrong exit value after failure"
-	exit 1
-fi
-
-# check bad credentials
-cp ub.conf bad.conf
-echo "remote-control:" >> bad.conf
-echo "	server-key-file: bad_server.key" >> bad.conf
-echo "	server-cert-file: bad_server.pem" >> bad.conf
-echo "	control-key-file: bad_control.key" >> bad.conf
-echo "	control-cert-file: bad_control.pem" >> bad.conf
-echo "$PRE/unbound-control -c bad.conf verbosity 2"
-$PRE/unbound-control -c bad.conf verbosity 2
-if test $? -ne 1; then
-	echo "wrong exit value after failure"
-	exit 1
-fi
-
-# create a new local zone
-echo "> test of local zone"
-echo "$PRE/unbound-control -c ub.conf local_zone example.net static"
-$PRE/unbound-control -c ub.conf local_zone example.net static
-if test $? -ne 0; then
-	echo "wrong exit value after success"
-	exit 1
-fi
-echo "$PRE/unbound-control -c ub.conf local_data www.example.net A 192.0.2.1"
-$PRE/unbound-control -c ub.conf local_data www.example.net A 192.0.2.1
-if test $? -ne 0; then
-	echo "wrong exit value after success"
-	exit 1
-fi
-
-# check that www.example.net exists
-echo "> dig www.example.net."
-dig @127.0.0.1 -p $UNBOUND_PORT www.example.net. | tee outfile
-echo "> check answer"
-if grep "192.0.2.1" outfile; then
-	echo "OK"
-else
-	echo "> cat logfiles"
-	cat fwd.log
-	cat unbound.log
-	echo "Not OK"
-	exit 1
-fi
-
-# check that mail.example.net has nxdomain
-echo "> dig mail.example.net."
-dig @127.0.0.1 -p $UNBOUND_PORT mail.example.net. | tee outfile
-echo "> check answer"
-if grep "NXDOMAIN" outfile; then
-	echo "OK"
-else
-	echo "> cat logfiles"
-	cat fwd.log
-	cat unbound.log
-	echo "Not OK"
-	exit 1
-fi
-
-# remove www.example.net - check it gets nxdomain
-echo "$PRE/unbound-control -c ub.conf local_data_remove www.example.net"
-$PRE/unbound-control -c ub.conf local_data_remove www.example.net
-if test $? -ne 0; then
-	echo "wrong exit value after success"
-	exit 1
-fi
-echo "> dig www.example.net."
-dig @127.0.0.1 -p $UNBOUND_PORT www.example.net. | tee outfile
-echo "> check answer"
-if grep "NXDOMAIN" outfile; then
-	echo "OK"
-else
-	echo "> cat logfiles"
-	cat fwd.log
-	cat unbound.log
-	echo "Not OK"
-	exit 1
-fi
-
-# remove example.net - check its gone.
-echo "$PRE/unbound-control -c ub.conf local_zone_remove example.net"
-$PRE/unbound-control -c ub.conf local_zone_remove example.net
-if test $? -ne 0; then
-	echo "wrong exit value after success"
-	exit 1
-fi
-echo "> dig www.example.net."
-dig @127.0.0.1 -p $UNBOUND_PORT www.example.net. | tee outfile
-echo "> check answer"
-if grep "SERVFAIL" outfile; then
-	echo "OK"
-else
-	echo "> cat logfiles"
-	cat fwd.log
-	cat unbound.log
-	echo "Not OK"
-	exit 1
-fi
-
-# dump the cache
-echo "> test cache dump"
-# fillup cache
-echo "dig www.example.com"
-dig @127.0.0.1 -p $UNBOUND_PORT www.example.com.
-echo "$PRE/unbound-control -c ub.conf dump_cache"
-$PRE/unbound-control -c ub.conf dump_cache > tmp.$$
-if test $? -ne 0; then
-	echo "wrong exit value after success"
-	exit 1
-fi
-cat tmp.$$
-# we do not look at content. Only thread 0 content.
-# because it may not be there when it is compiled with processes only.
-if grep MSG_CACHE tmp.$$; then
-	echo "OK this is a cache dump"
-else
-	echo "Not OK cache dump"
-	exit 1
-fi
-
-# test lookup
-echo "$PRE/unbound-control -c ub.conf lookup www.example.com"
-$PRE/unbound-control -c ub.conf lookup www.example.com
-if test $? -ne 0; then
-	echo "wrong exit value after success"
-	exit 1
-fi
-# answer to lookup is meaningless because of use a forwarder, oh well.
-
-# load the cache dump.
-echo "$PRE/unbound-control -c ub.conf load_cache < tmp.$$"
-$PRE/unbound-control -c ub.conf load_cache < tmp.$$
-if test $? -ne 0; then
-	echo "wrong exit value after success"
-	exit 1
-fi
-# do not check if cache dump contents are present ; other threads
-# may not have gotten it when it is compiled with processes only.
-
-# flushing
-echo "$PRE/unbound-control -c ub.conf flush www.example.net"
-$PRE/unbound-control -c ub.conf flush www.example.net
-if test $? -ne 0; then
-	echo "wrong exit value after success"
-	exit 1
-fi
-
-echo "$PRE/unbound-control -c ub.conf flush_type www.example.net TXT"
-$PRE/unbound-control -c ub.conf flush_type www.example.net TXT
-if test $? -ne 0; then
-	echo "wrong exit value after success"
-	exit 1
-fi
-
-echo "$PRE/unbound-control -c ub.conf flush_zone example.net"
-$PRE/unbound-control -c ub.conf flush_zone example.net
-if test $? -ne 0; then
-	echo "wrong exit value after success"
-	exit 1
-fi
-
-# now stop the server
-echo "$PRE/unbound-control -c ub.conf stop"
-$PRE/unbound-control -c ub.conf stop
-if test $? -ne 0; then
-	echo "wrong exit value after success"
-	exit 1
-fi
-# see if the server has really exited.
-TRY_MAX=20
-for (( try=0 ; try <= $TRY_MAX ; try++ )) ; do
-	if kill -0 $UNBOUND_PID 2>&1 | tee tmp.$$; then
-		echo "not stopped yet, waiting"
-		sleep 1
-	else
-		echo "stopped OK; break"
-		break;
-	fi
-	if grep "No such process" tmp.$$; then
-		echo "stopped OK; break"
-		break;
-	fi
-done
-if kill -0 $UNBOUND_PID; then
-	echo "still up!"
-	echo "> cat logfiles"
-	cat fwd.log
-	cat unbound.log
-	echo "not stopped, failure"
-	exit 1
-else
-	echo "stopped OK"
-
-        if test -f ublocktrace.0; then
-		if $PRE/lock-verify ublocktrace.*; then
-			echo "lock-verify test worked."
-		else
-			echo "lock-verify test failed."
-			cat fwd.log
-			cat unbound.log
-			exit 1
-		fi
-	fi
-fi
-
-echo "> cat logfiles"
-cat fwd.log
-cat unbound.log
-echo "> OK"
-exit 0
--- a/testdata/remote-threaded.tdir/remote-threaded.testns
+++ b/testdata/remote-threaded.tdir/remote-threaded.testns
@ -1,22 +0,0 @@
-; nameserver test file
-$ORIGIN example.com.
-$TTL 3600
-
-ENTRY_BEGIN
-MATCH opcode qtype qname
-REPLY QR AA NOERROR
-ADJUST copy_id
-SECTION QUESTION
-www	IN	A
-SECTION ANSWER
-www	IN	A	10.20.30.40
-ENTRY_END
-
-ENTRY_BEGIN
-MATCH opcode qtype qname
-REPLY QR AA SERVFAIL
-ADJUST copy_id
-SECTION QUESTION
-www.example.net.	IN	A
-ENTRY_END
-
--- a/testdata/remote-threaded.tdir/unbound_control.key
+++ b/testdata/remote-threaded.tdir/unbound_control.key
@ -1,39 +0,0 @@
-----BEGIN RSA PRIVATE KEY-----
-MIIG4gIBAAKCAYEAstEp+Pyh8XGrtZ77A4FhYjvbeB3dMa7Q2rGWxobzlA9przhA
-1aChAvUtCOAuM+rB6NTNB8YWfZJbQHawyMNpmC77cg6vXLYCGUQHZyAqidN049RJ
-F5T7j4N8Vniv17LiRdr0S6swy4PRvEnIPPV43EQHZqC5jVvHsKkhIfmBF/Dj5TXR
-ypeawWV/m5jeU6/4HRYMfytBZdO1mPXuWLh0lgbQ4SCbgrOUVD3rniMk1yZIbQOm
-vlDHYqekjDb/vOW2KxUQLG04aZMJ1mWfdbwG0CKQkSjISEDZ1l76vhM6mTM0fwXb
-IvyFZ9yPPCle1mF5aSlxS2cmGuGVSRQaw8XF9fe3a9ACJJTr33HdSpyaZkKRAUzL
-cKqLCl323daKv3NwwAT03Tj4iQM416ASMoiyfFa/2GWTKQVjddu8Crar7tGaf5xr
-lig4DBmrBvdYA3njy72/RD71hLwmlRoCGU7dRuDr9O6KASUm1Ri91ONZ/qdjMvov
-15l2vj4GV+KXR00dAgMBAAECggGAHepIL1N0dEQkCdpy+/8lH54L9WhpnOo2HqAf
-LU9eaKK7d4jdr9+TkD8cLaPzltPrZNxVALvu/0sA4SP6J1wpyj/x6P7z73qzly5+
-Xo5PD4fEwmi9YaiW/UduAblnEZrnp/AddptJKoL/D5T4XtpiQddPtael4zQ7kB57
-YIexRSQTvEDovA/o3/nvA0TrzOxfgd4ycQP3iOWGN/TMzyLsvjydrUwbOB567iz9
-whL3Etdgvnwh5Sz2blbFfH+nAR8ctvFFz+osPvuIVR21VMEI6wm7kTpSNnQ6sh/c
-lrLb/bTADn4g7z/LpIZJ+MrLvyEcoqValrLYeFBhM9CV8woPxvkO2P3pU47HVGax
-tC7GV6a/kt5RoKFd/TNdiA3OC7NGZtaeXv9VkPf4fVwBtSO9d5ZZXTGEynDD/rUQ
-U4KFJe6OD23APjse08HiiKqTPhsOneOONU67iqoaTdIkT2R4EdlkVEDpXVtWb+G9
-Q+IqYzVljlzuyHrhWXLJw/FMa2aBAoHBAOnZbi4gGpH+P6886WDWVgIlTccuXoyc
-Mg9QQYk9UDeXxL0AizR5bZy49Sduegz9vkHpAiZARQsUnizHjZ8YlRcrmn4t6tx3
-ahTIKAjdprnxJfYINM580j8CGbXvX5LhIlm3O267D0Op+co3+7Ujy+cjsIuFQrP+
-1MqMgXSeBjzC1APivmps7HeFE+4w0k2PfN5wSMDNCzLo99PZuUG5XZ93OVOS5dpN
-b+WskdcD8NOoJy/X/5A08veEI/jYO/DyqQKBwQDDwUQCOWf41ecvJLtBHKmEnHDz
-ftzHino9DRKG8a9XaN4rmetnoWEaM2vHGX3pf3mwH+dAe8vJdAQueDhBKYeEpm6C
-TYNOpou1+Zs5s99BilCTNYo8fkMOAyqwRwmz9zgHS6QxXuPwsghKefLJGt6o6RFF
-tfWVTfLlYJ+I3GQe3ySsk3wjVz4oUTKiyiq5+KzD+HhEkS7u+RQ7Z0ZI2xd2cF8Y
-aN2hjKDpcOiFf3CDoqka5D1qMNLgIHO52AHww1UCgcA1h7o7AMpURRka6hyaODY0
-A4oMYEbwdQjYjIyT998W+rzkbu1us6UtzQEBZ760npkgyU/epbOoV63lnkCC/MOU
-LD0PST+L/CHiY/cWIHb79YG1EifUZKpUFg0Aoq0EGFkepF0MefGCkbRGYA5UZr9U
-R80wAu9D+L+JJiS0J0BSRF74DL196zUuHt5zFeXuLzxsRtPAnq9DliS08BACRYZy
-7H3I7cWD9Vn5/0jbKWHFcaaWwyETR6uekTcSzZzbCRECgcBeoE3/xUA9SSk34Mmj
-7/cB4522Ft0imA3+9RK/qJTZ7Bd5fC4PKjOGNtUiqW/0L2rjeIiQ40bfWvWqgPKw
-jSK1PL6uvkl6+4cNsFsYyZpiVDoe7wKju2UuoNlB3RUTqa2r2STFuNj2wRjA57I1
-BIgdnox65jqQsd14g/yaa+75/WP9CE45xzKEyrtvdcqxm0Pod3OrsYK+gikFjiar
-kT0GQ8u0QPzh2tjt/2ZnIfOBrl+QYERP0MofDZDjhUdq2wECgcB0Lu841+yP5cdR
-qbJhXO4zJNh7oWNcJlOuQp3ZMNFrA1oHpe9pmLukiROOy01k9WxIMQDzU5GSqRv3
-VLkYOIcbhJ3kClKAcM3j95SkKbU2H5/RENb3Ck52xtl4pNU1x/3PnVFZfDVuuHO9
-MZ9YBcIeK98MyP2jr5JtFKnOyPE7xKq0IHIhXadpbc2wjje5FtZ1cUtMyEECCXNa
-C1TpXebHGyXGpY9WdWXhjdE/1jPvfS+uO5WyuDpYPr339gsdq1g=
-----END RSA PRIVATE KEY-----
--- a/testdata/remote-threaded.tdir/unbound_control.pem
+++ b/testdata/remote-threaded.tdir/unbound_control.pem
@ -1,22 +0,0 @@
-----BEGIN CERTIFICATE-----
-MIIDszCCAhsCFGD5193whHQ2bVdzbaQfdf1gc4SkMA0GCSqGSIb3DQEBCwUAMBIx
-EDAOBgNVBAMMB3VuYm91bmQwHhcNMjAwNzA4MTMzMjMwWhcNNDAwMzI1MTMzMjMw
-WjAaMRgwFgYDVQQDDA91bmJvdW5kLWNvbnRyb2wwggGiMA0GCSqGSIb3DQEBAQUA
-A4IBjwAwggGKAoIBgQCy0Sn4/KHxcau1nvsDgWFiO9t4Hd0xrtDasZbGhvOUD2mv
-OEDVoKEC9S0I4C4z6sHo1M0HxhZ9kltAdrDIw2mYLvtyDq9ctgIZRAdnICqJ03Tj
-1EkXlPuPg3xWeK/XsuJF2vRLqzDLg9G8Scg89XjcRAdmoLmNW8ewqSEh+YEX8OPl
-NdHKl5rBZX+bmN5Tr/gdFgx/K0Fl07WY9e5YuHSWBtDhIJuCs5RUPeueIyTXJkht
-A6a+UMdip6SMNv+85bYrFRAsbThpkwnWZZ91vAbQIpCRKMhIQNnWXvq+EzqZMzR/
-Bdsi/IVn3I88KV7WYXlpKXFLZyYa4ZVJFBrDxcX197dr0AIklOvfcd1KnJpmQpEB
-TMtwqosKXfbd1oq/c3DABPTdOPiJAzjXoBIyiLJ8Vr/YZZMpBWN127wKtqvu0Zp/
-nGuWKDgMGasG91gDeePLvb9EPvWEvCaVGgIZTt1G4Ov07ooBJSbVGL3U41n+p2My
-+i/XmXa+PgZX4pdHTR0CAwEAATANBgkqhkiG9w0BAQsFAAOCAYEAd++Wen6l8Ifj
-4h3p/y16PhSsWJWuJ4wdNYy3/GM84S26wGjzlEEwiW76HpH6VJzPOiBAeWnFKE83
-hFyetEIxgJeIPbcs9ZP/Uoh8GZH9tRISBSN9Hgk2Slr9llo4t1H0g/XTgA5HqMQU
-9YydlBh43G7Vw3FVwh09OM6poNOGQKNc/tq2/QdKeUMtyBbLWpRmjH5XcCT35fbn
-ZiVOUldqSHD4kKrFO4nJYXZyipRbcXybsLiX9GP0GLemc3IgIvOXyJ2RPp06o/SJ
-pzlMlkcAfLJaSuEW57xRakhuNK7m051TKKzJzIEX+NFYOVdafFHS8VwGrYsdrFvD
-72tMfu+Fu55y3awdWWGc6YlaGogZiuMnJkvQphwgn+5qE/7CGEckoKEsH601rqIZ
-muaIc85+nEcHJeijd/ZlBN9zeltjFoMuqTUENgmv8+tUAdVm/UMY9Vjme6b43ydP
-uv6DS02+k9z8toxXworLiPr94BGaiGV1NxgwZKLZigYJt/Fi2Qte
-----END CERTIFICATE-----
--- a/testdata/remote-threaded.tdir/unbound_server.key
+++ b/testdata/remote-threaded.tdir/unbound_server.key
@ -1,39 +0,0 @@
-----BEGIN RSA PRIVATE KEY-----
-MIIG5AIBAAKCAYEAvjSVSN2QMXudpzukdLCqgg/IOhCX8KYkD0FFFfWcQjgKq5wI
-0x41iG32a6wbGanre4IX7VxaSPu9kkHfnGgynCk5nwDRedE/FLFhAU78PoT0+Nqq
-GRS7XVQ24vLmIz9Hqc2Ozx1um1BXBTmIT0UfN2e22I0LWQ6a3seZlEDRj45gnk7Z
-uh9MDgotaBdm+v1JAbupSf6Zis4VEH3JNdvVGE3O1DHEIeuuz/3BDhpf6WBDH+8K
-WaBe1ca4TZHr9ThL2gEMEfAQl0wXDwRWRoi3NjNMH+mw0L1rjwThI5GXqNIee7o5
-FzUReSXZuTdFMyGe3Owcx+XoYnwi6cplSNoGsDBu4B9bKKglR9YleJVw4L4Xi8xP
-q6O9UPj4+nypHk/DOoC7DIM3ufN0yxPBsFo5TVowxfhdjZXJbbftd2TZv7AH8+XL
-A5UoZgRzXgzECelXSCTBFlMTnT48LfA9pMLydyjAz2UdPHs5Iv+TK5nnI+aJoeaP
-7kFZSngxdy1+A/bNAgMBAAECggGBALpTOIqQwVg4CFBylL/a8K1IWJTI/I65sklf
-XxYL7G7SB2HlEJ//z+E+F0+S4Vlao1vyLQ5QkgE82pAUB8FoMWvY1qF0Y8A5wtm6
-iZSGk4OLK488ZbT8Ii9i+AGKgPe2XbVxsJwj8N4k7Zooqec9hz73Up8ATEWJkRz7
-2u7oMGG4z91E0PULA64dOi3l/vOQe5w/Aa+CwVbAWtI05o7kMvQEBMDJn6C7CByo
-MB5op9wueJMnz7PM7hns+U7Dy6oE4ljuolJUy51bDzFWwoM54cRoQqLFNHd8JVQj
-WxldCkbfF43iyprlsEcUrTyUjtdA+ZeiG39vg/mtdmgNpGmdupHJZQvSuG8IcVlz
-O+eMSeQS1QXPD6Ik8UK4SU0h+zOl8xIWtRrsxQuh4fnTN40udm/YUWl/6gOebsBI
-IrVLlKGqJSfB3tMjpCRqdTzJ0dA9keVpkqm2ugZkxEf1+/efq/rFIQ2pUBLCqNTN
-qpNqruK8y8FphP30I2uI4Ej2UIB8AQKBwQDd2Yptj2FyDyaXCycsyde0wYkNyzGU
-dRnzdibfHnMZwjgTjwAwgIUBVIS8H0/z7ZJQKN7osJfddMrtjJtYYUk9g/dCpHXs
-bNh2QSoWah3FdzNGuWd0iRf9+LFxhjAAMo/FS8zFJAJKrFsBdCGTfFUMdsLC0bjr
-YjiWBuvV72uKf8XIZX5KIZruKdWBBcWukcb21R1UDyFYyXRBsly5XHaIYKZql3km
-7pV7MKWO0IYgHbHIqGUqPQlzZ/lkunS1jKECgcEA23wHffD6Ou9/x3okPx2AWpTr
-gh8rgqbyo6hQkBW5Y90Wz824cqaYebZDaBR/xlVx/YwjKkohv8Bde2lpH/ZxRZ1Z
-5Sk2s6GJ/vU0L9RsJZgCgj4L6Coal1NMxuZtCXAlnOpiCdxSZgfqbshbTVz30KsG
-ZJG361Cua1ScdAHxlZBxT52/1Sm0zRC2hnxL7h4qo7Idmtzs40LAJvYOKekR0pPN
-oWeJfra7vgx/jVNvMFWoOoSLpidVO4g+ot4ery6tAoHAdW3rCic1C2zdnmH28Iw+
-s50l8Lk3mz+I5wgJd1zkzCO0DxZIoWPGA3g7cmCYr6N3KRsZMs4W9NAXgjpFGDkW
-zYsG3K21BdpvkdjYcFjnPVjlOXB2RIc0vehf9Jl02wXoeCSxVUDEPcaRvWk9RJYx
-ZpGOchUU7vNkxHURbIJ4yCzuAi9G8/Jp0dsu+kaV5tufF5SjG5WOrzKjaQsCbdN1
-oqaWMCHRrTvov/Z2C+xwsptFOdN5CSyZzg6hQiI4GMlBAoHAXyb6KINcOEi0YMp3
-BFXJ23tMTnEs78tozcKeipigcsbaqORK3omS+NEnj+uzKUzJyl4CsMbKstK2tFYS
-mSTCHqgE3PBtIpsZtEqhgUraR8IK9GPpzZDTTl9ynZgwFTNlWw3RyuyVXF56J+T8
-kCGJ3hEHCHqT/ZRQyX85BKIDFhA0z4tYKxWVqIFiYBNq56R0X9tMMmMs36mEnF93
-7Ht6mowxTZQRa7nU0qOgeKh/P7ki4Zus3y+WJ+T9IqahLtlRAoHBAIhqMrcxSAB8
-RpB9jukJlAnidw2jCMPgrFE8tP0khhVvGrXMldxAUsMKntDIo8dGCnG1KTcWDI0O
-jepvSPHSsxVLFugL79h0eVIS5z4huW48i9xgU8VlHdgAcgEPIAOFcOw2BCu/s0Vp
-O+MM/EyUOdo3NsibB3qc/GJI6iNBYS7AljYEVo6rXo5V/MZvZUF4vClen6Obzsre
-MTTb+4sJjfqleWuvr1XNMeu2mBfXBQkWGZP1byBK0MvD/aQ2PWq92A==
-----END RSA PRIVATE KEY-----
--- a/testdata/remote-threaded.tdir/unbound_server.pem
+++ b/testdata/remote-threaded.tdir/unbound_server.pem
@ -1,22 +0,0 @@
-----BEGIN CERTIFICATE-----
-MIIDqzCCAhMCFBHWXeQ6ZIa9QcQbXLFfC6tj+KA+MA0GCSqGSIb3DQEBCwUAMBIx
-EDAOBgNVBAMMB3VuYm91bmQwHhcNMjAwNzA4MTMzMjI5WhcNNDAwMzI1MTMzMjI5
-WjASMRAwDgYDVQQDDAd1bmJvdW5kMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIB
-igKCAYEAvjSVSN2QMXudpzukdLCqgg/IOhCX8KYkD0FFFfWcQjgKq5wI0x41iG32
-a6wbGanre4IX7VxaSPu9kkHfnGgynCk5nwDRedE/FLFhAU78PoT0+NqqGRS7XVQ2
-4vLmIz9Hqc2Ozx1um1BXBTmIT0UfN2e22I0LWQ6a3seZlEDRj45gnk7Zuh9MDgot
-aBdm+v1JAbupSf6Zis4VEH3JNdvVGE3O1DHEIeuuz/3BDhpf6WBDH+8KWaBe1ca4
-TZHr9ThL2gEMEfAQl0wXDwRWRoi3NjNMH+mw0L1rjwThI5GXqNIee7o5FzUReSXZ
-uTdFMyGe3Owcx+XoYnwi6cplSNoGsDBu4B9bKKglR9YleJVw4L4Xi8xPq6O9UPj4
-+nypHk/DOoC7DIM3ufN0yxPBsFo5TVowxfhdjZXJbbftd2TZv7AH8+XLA5UoZgRz
-XgzECelXSCTBFlMTnT48LfA9pMLydyjAz2UdPHs5Iv+TK5nnI+aJoeaP7kFZSngx
-dy1+A/bNAgMBAAEwDQYJKoZIhvcNAQELBQADggGBABunf93MKaCUHiZgnoOTinsW
-84/EgInrgtKzAyH+BhnKkJOhhR0kkIAx5d9BpDlaSiRTACFon9moWCgDIIsK/Ar7
-JE0Kln9cV//wiiNoFU0O4mnzyGUIMvlaEX6QHMJJQYvL05+w/3AAcf5XmMJtR5ca
-fJ8FqvGC34b2WxX9lTQoyT52sRt+1KnQikiMEnEyAdKktMG+MwKsFDdOwDXyZhZg
-XZhRrfX3/NVJolqB6EahjWIGXDeKuSSKZVtCyib6LskyeMzN5lcRfvubKDdlqFVF
-qlD7rHBsKhQUWK/IO64mGf7y/de+CgHtED5vDvr/p2uj/9sABATfbrOQR3W/Of25
-sLBj4OEfrJ7lX8hQgFaxkMI3x6VFT3W8dTCp7xnQgb6bgROWB5fNEZ9jk/gjSRmD
-yIU+r0UbKe5kBk/CmZVFXL2TyJ92V5NYEQh8V4DGy19qZ6u/XKYyNJL4ocs35GGe
-CA8SBuyrmdhx38h1RHErR2Skzadi1S7MwGf1y431fQ==
-----END CERTIFICATE-----