From 05a1a0e7b510caa45bd13ce18acf77b2e5f19113 Mon Sep 17 00:00:00 2001 From: Tom Krizek Date: Wed, 26 Oct 2022 16:20:57 +0200 Subject: [PATCH] Randomize algorithm selection for mkeys test Use the ALGORITHM_SET option to use randomly selected default algorithm in this test. Make sure the test works by using variables instead of hard-coding values. (cherry picked from commit f65f276f986fe1e0498698f7058722a0b7a9aec1) --- bin/tests/system/mkeys/setup.sh | 7 +++++++ bin/tests/system/mkeys/tests.sh | 3 ++- 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/bin/tests/system/mkeys/setup.sh b/bin/tests/system/mkeys/setup.sh index 1cba2b5c19..3d4337071b 100644 --- a/bin/tests/system/mkeys/setup.sh +++ b/bin/tests/system/mkeys/setup.sh @@ -11,8 +11,15 @@ # See the COPYRIGHT file distributed with this work for additional # information regarding copyright ownership. +export ALGORITHM_SET="ecc_default" . ../conf.sh +# Ensure the selected algorithm set is okay. +if [ "$ALGORITHM_SET" = "error" ]; then + echofail "Algorithm selection failed." >&2 + exit 1 +fi + copy_setports ns1/named1.conf.in ns1/named.conf copy_setports ns2/named.conf.in ns2/named.conf copy_setports ns3/named.conf.in ns3/named.conf diff --git a/bin/tests/system/mkeys/tests.sh b/bin/tests/system/mkeys/tests.sh index 1fdc9eee49..30740226c2 100644 --- a/bin/tests/system/mkeys/tests.sh +++ b/bin/tests/system/mkeys/tests.sh @@ -13,6 +13,7 @@ set -e +export ALGORITHM_SET="ecc_default" #shellcheck source=conf.sh . ../conf.sh @@ -690,7 +691,7 @@ ret=0 # compare against the known key. tathex=$(grep "query '_ta-[0-9a-f][0-9a-f]*/NULL/IN' approved" ns1/named.run | awk '{print $6; exit 0}' | sed -e 's/(_ta-\([0-9a-f][0-9a-f]*\)):/\1/') || true tatkey=$($PERL -e 'printf("%d\n", hex(@ARGV[0]));' "$tathex") -realkey=$(rndccmd 10.53.0.2 secroots - | sed -n 's#.*SHA256/\([0-9][0-9]*\) ; .*managed.*#\1#p') +realkey=$(rndccmd 10.53.0.2 secroots - | sed -n "s#.*${DEFAULT_ALGORITHM}/\([0-9][0-9]*\) ; .*managed.*#\1#p") [ "$tatkey" -eq "$realkey" ] || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status+ret))