diff --git a/bin/tests/system/conf.sh.common b/bin/tests/system/conf.sh.common index 5d541dddaa..4805ce71e0 100644 --- a/bin/tests/system/conf.sh.common +++ b/bin/tests/system/conf.sh.common @@ -37,7 +37,7 @@ export LANG=C # SEQUENTIAL_UNIX in conf.sh.in; those that only run on windows should # be added to SEQUENTIAL_WINDOWS in conf.sh.win32. # -SEQUENTIAL_COMMON="ecdsa eddsa tkey" +SEQUENTIAL_COMMON="eddsa tkey" # # These tests can use ports assigned by the caller (other than 5300 @@ -58,7 +58,7 @@ PARALLEL_COMMON="dnssec rpzrecurse serve-stale \ checkconf checknames checkzone \ cookie database digdelv dlz dlzexternal \ dns64 dscp dsdigest dyndb \ - ednscompliance emptyzones \ + ecdsa ednscompliance emptyzones \ fetchlimit filter-aaaa formerr forward \ geoip2 glue idna include-multiplecfg \ inline integrity ixfr \ diff --git a/bin/tests/system/ecdsa/.gitignore b/bin/tests/system/ecdsa/.gitignore new file mode 100644 index 0000000000..e096e33d39 --- /dev/null +++ b/bin/tests/system/ecdsa/.gitignore @@ -0,0 +1,2 @@ +/ns1/named.conf +/ns2/named.conf diff --git a/bin/tests/system/ecdsa/clean.sh b/bin/tests/system/ecdsa/clean.sh index 6cfeec2466..f230cb01bf 100644 --- a/bin/tests/system/ecdsa/clean.sh +++ b/bin/tests/system/ecdsa/clean.sh @@ -9,11 +9,17 @@ # See the COPYRIGHT file distributed with this work for additional # information regarding copyright ownership. -rm -f */K* */dsset-* */*.signed */trusted.conf -rm -f ns1/root.db -rm -f ns1/signer.err -rm -f dig.out* -rm -f */named.run -rm -f */named.memstats -rm -f ns*/named.lock +set -e + +rm -f ./dig.out* +rm -f ns*/*.signed +rm -f ns*/K* +rm -f ns*/dsset-* rm -f ns*/managed-keys.bind* +rm -f ns*/named.conf +rm -f ns*/named.lock +rm -f ns*/named.memstats +rm -f ns*/named.run +rm -f ns*/root.db +rm -f ns*/signer.err +rm -f ns*/trusted.conf diff --git a/bin/tests/system/ecdsa/ns1/named.conf b/bin/tests/system/ecdsa/ns1/named.conf.in similarity index 98% rename from bin/tests/system/ecdsa/ns1/named.conf rename to bin/tests/system/ecdsa/ns1/named.conf.in index 50eb048408..88a2547935 100644 --- a/bin/tests/system/ecdsa/ns1/named.conf +++ b/bin/tests/system/ecdsa/ns1/named.conf.in @@ -17,7 +17,7 @@ options { query-source address 10.53.0.1; notify-source 10.53.0.1; transfer-source 10.53.0.1; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.1; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/ecdsa/ns1/sign.sh b/bin/tests/system/ecdsa/ns1/sign.sh index 673aac8ac0..9fc7ddb93f 100644 --- a/bin/tests/system/ecdsa/ns1/sign.sh +++ b/bin/tests/system/ecdsa/ns1/sign.sh @@ -9,21 +9,22 @@ # See the COPYRIGHT file distributed with this work for additional # information regarding copyright ownership. -SYSTEMTESTTOP=../.. -. $SYSTEMTESTTOP/conf.sh +set -e + +. "$SYSTEMTESTTOP/conf.sh" zone=. infile=root.db.in zonefile=root.db -key1=`$KEYGEN -q -a ECDSAP256SHA256 -n zone $zone` -key2=`$KEYGEN -q -a ECDSAP384SHA384 -n zone -f KSK $zone` -$DSFROMKEY -a sha-384 $key2.key > dsset-384 +key1=$($KEYGEN -q -a ECDSAP256SHA256 -n zone "$zone") +key2=$($KEYGEN -q -a ECDSAP384SHA384 -n zone -f KSK "$zone") +$DSFROMKEY -a sha-384 "$key2.key" > dsset-384 -cat $infile $key1.key $key2.key > $zonefile +cat "$infile" "$key1.key" "$key2.key" > $zonefile -$SIGNER -P -g -o $zone $zonefile > /dev/null 2> signer.err || cat signer.err +$SIGNER -P -g -o "$zone" "$zonefile" > /dev/null 2> signer.err || cat signer.err # Configure the resolving server with a static key. -keyfile_to_static_ds $key1 > trusted.conf +keyfile_to_static_ds "$key1" > trusted.conf cp trusted.conf ../ns2/trusted.conf diff --git a/bin/tests/system/ecdsa/ns2/named.conf b/bin/tests/system/ecdsa/ns2/named.conf.in similarity index 98% rename from bin/tests/system/ecdsa/ns2/named.conf rename to bin/tests/system/ecdsa/ns2/named.conf.in index 420073fc05..198cdbbcec 100644 --- a/bin/tests/system/ecdsa/ns2/named.conf +++ b/bin/tests/system/ecdsa/ns2/named.conf.in @@ -17,7 +17,7 @@ options { query-source address 10.53.0.2; notify-source 10.53.0.2; transfer-source 10.53.0.2; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.2; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/ecdsa/setup.sh b/bin/tests/system/ecdsa/setup.sh index f5482e6c38..69c4995f41 100644 --- a/bin/tests/system/ecdsa/setup.sh +++ b/bin/tests/system/ecdsa/setup.sh @@ -9,7 +9,11 @@ # See the COPYRIGHT file distributed with this work for additional # information regarding copyright ownership. -SYSTEMTESTTOP=.. -. $SYSTEMTESTTOP/conf.sh +set -e + +. "$SYSTEMTESTTOP/conf.sh" + +copy_setports ns1/named.conf.in ns1/named.conf +copy_setports ns2/named.conf.in ns2/named.conf cd ns1 && $SHELL sign.sh diff --git a/bin/tests/system/ecdsa/tests.sh b/bin/tests/system/ecdsa/tests.sh index 7cddfd6ce5..8fc2b21b19 100644 --- a/bin/tests/system/ecdsa/tests.sh +++ b/bin/tests/system/ecdsa/tests.sh @@ -9,26 +9,28 @@ # See the COPYRIGHT file distributed with this work for additional # information regarding copyright ownership. -SYSTEMTESTTOP=.. -. $SYSTEMTESTTOP/conf.sh +set -e + +. "$SYSTEMTESTTOP/conf.sh" status=0 -n=0 +n=1 -rm -f dig.out.* +dig_with_opts() { + "$DIG" +tcp +noau +noadd +nosea +nostat +nocmd +dnssec -p "$PORT" "$@" +} -DIGOPTS="+tcp +noau +noadd +nosea +nostat +nocmd +dnssec -p 5300" # Check the example. domain echo "I:checking that positive validation works ($n)" ret=0 -$DIG $DIGOPTS . @10.53.0.1 soa > dig.out.ns1.test$n || ret=1 -$DIG $DIGOPTS . @10.53.0.2 soa > dig.out.ns2.test$n || ret=1 +dig_with_opts . @10.53.0.1 soa > dig.out.ns1.test$n || ret=1 +dig_with_opts . @10.53.0.2 soa > dig.out.ns2.test$n || ret=1 $PERL ../digcomp.pl dig.out.ns1.test$n dig.out.ns2.test$n || ret=1 grep "flags:.*ad.*QUERY" dig.out.ns2.test$n > /dev/null || ret=1 -n=`expr $n + 1` +n=$((n+1)) if [ $ret != 0 ]; then echo "I:failed"; fi -status=`expr $status + $ret` +status=$((status+ret)) echo "I:exit status: $status" [ $status -eq 0 ] || exit 1