back port algorithm detection support from master

bin/tests/system/inline/checkdsa.sh.in

@@ -12,9 +12,11 @@
 # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
 # PERFORMANCE OF THIS SOFTWARE.
 
-if test "@CHECK_DSA@" -eq 1
-then
-	exit 0
-else
+if [ "@CHECK_DSA@" -eq 0 ]; then
 	exit 1
 fi
+if [ ! -r /dev/random -o ! -r /dev/urandom ]; then
+	exit 1
+fi
+
+exit 0

bin/tests/system/inline/clean.sh

@@ -75,7 +75,7 @@ rm -f ns5/bits.bk.jnl
 rm -f ns5/bits.bk.signed
 rm -f ns5/bits.bk.signed.jnl
 rm -f */*.jbk
-rm -f dig.out.ns*.test*
+rm -f dig.out.ns*
 rm -f signing.out*
 rm -f freeze.test*
 rm -f thaw.test*
@@ -84,3 +84,4 @@ rm -f ns3/test-?.bk
 rm -f ns3/test-?.bk.signed
 rm -f ns3/test-?.bk.signed.jnl
 rm -f import.key Kimport*
+rm -f checkgost checkdsa checkecdsa

bin/tests/system/inline/ns3/sign.sh

@@ -102,40 +102,44 @@ zone=externalkey
 rm -f K${zone}.+*+*.key
 rm -f K${zone}.+*+*.private
 
-for alg in ECDSAP256SHA256 NSEC3RSASHA1 DSA ECCGOST
+for alg in ECCGOST ECDSAP256SHA256 NSEC3RSASHA1 DSA
 do
+    case $alg in
+        DSA)
+            sh ../checkdsa.sh 2> /dev/null || continue
+            checkfile=../checkdsa
+            touch $checkfile ;;
+        ECCGOST) 
+            fail=0
+            $KEYGEN -q -r $RANDFILE -a eccgost test > /dev/null 2>&1 || fail=1
+            rm -f Ktest*
+            [ $fail != 0 ] && continue
+            checkfile=../checkgost
+            touch $checkfile ;;
+        ECDSAP256SHA256)
+            fail=0
+            $KEYGEN -q -r $RANDFILE -a ecdsap256sha256 test > /dev/null 2>&1 || fail=1
+            rm -f Ktest*
+            [ $fail != 0 ] && continue
+            sh ../checkdsa.sh 2> /dev/null || continue
+            checkfile=../checkecdsa
+            touch $checkfile ;;
+        *) ;;
+    esac
 
-if test $alg = DSA
-then
-	sh ../checkdsa.sh 2> /dev/null || continue
-fi
-if test $alg = ECCGOST
-then
-	sh ../../gost/prereq.sh 2> /dev/null || continue
-fi
-if test $alg = ECDSAP256SHA256
-then
-	sh ../../ecdsa/prereq.sh 2> /dev/null || continue
-	sh ../checkdsa.sh 2> /dev/null || continue
-fi
+    k1=`$KEYGEN -q -r $RANDFILE -a $alg -b 1024 -n zone -f KSK $zone`
+    k2=`$KEYGEN -q -r $RANDFILE -a $alg -b 1024 -n zone $zone`
+    k3=`$KEYGEN -q -r $RANDFILE -a $alg -b 1024 -n zone $zone`
+    k4=`$KEYGEN -q -r $RANDFILE -a $alg -b 1024 -n zone -f KSK $zone`
+    $DSFROMKEY -T 1200 $k4 >> ../ns1/root.db
 
-test $alg = DSA -a ! -r /dev/random -a ! -r /dev/urandom && continue
-
-k1=`$KEYGEN -q -r $RANDFILE -a $alg -b 1024 -n zone -f KSK $zone`
-k2=`$KEYGEN -q -r $RANDFILE -a $alg -b 1024 -n zone $zone`
-k3=`$KEYGEN -q -r $RANDFILE -a $alg -b 1024 -n zone $zone`
-k4=`$KEYGEN -q -r $RANDFILE -a $alg -b 1024 -n zone $zone`
-keyname=`$KEYGEN -q -r $RANDFILE -a $alg -b 1024 -n zone $zone`
-keyname=`$KEYGEN -q -r $RANDFILE -a $alg -b 1024 -n zone -f KSK $zone`
-$DSFROMKEY -T 1200 $keyname >> ../ns1/root.db
-rm -f ${k3}.* ${k4}.*
-
-#
-# Convert k1 and k2 in to External Keys.
-rm -f $k1.private 
-mv $k1.key a-file
-$IMPORTKEY -P now -D now+3600 -f a-file $zone > /dev/null 2>&1
-rm -f $k2.private 
-mv $k2.key a-file
-$IMPORTKEY -f a-file $zone > /dev/null 2>&1
+    # Convert k1 and k2 in to External Keys.
+    rm -f $k1.private 
+    mv $k1.key a-file
+    $IMPORTKEY -P now -D now+3600 -f a-file $zone > /dev/null 2>&1 ||
+        ( echo "importkey failed: $alg"; rm -f $checkfile )
+    rm -f $k2.private 
+    mv $k2.key a-file
+    $IMPORTKEY -f a-file $zone > /dev/null 2>&1 ||
+        ( echo "importkey failed: $alg"; rm -f $checkfile )
 done

bin/tests/system/inline/tests.sh

@@ -846,7 +846,7 @@ $DIG $DIGOPTS @10.53.0.2 -p 5300 test-$zone SOA > dig.out.ns2.$zone.test$n
 grep "status: NOERROR," dig.out.ns2.$zone.test$n  > /dev/null || { ret=1; cat dig.out.ns2.$zone.test$n; }
 $RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 addzone test-$zone \
 	'{ type slave; masters { 10.53.0.2; }; file "'test-$zone.bk'"; inline-signing yes; auto-dnssec maintain; allow-transfer { any; }; };'
-$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 delzone test-$zone
+$RNDC -c ../common/rndc.conf -s 10.53.0.3 -p 9953 delzone test-$zone > /dev/null 2>&1
 done
 
 n=`expr $n + 1`
@@ -855,22 +855,9 @@ ret=0
 $DIG $DIGOPTS @10.53.0.3 -p 5300 dnskey externalkey > dig.out.ns3.test$n
 for alg in 3 7 12 13
 do
-   if test $alg = 3
-   then
-	sh checkdsa.sh 2>/dev/null || continue;
-   fi
-   if test $alg = 12 
-   then
-	sh ../gost/prereq.sh 2>/dev/null || continue;
-   fi
-   if test $alg = 13 
-   then
-	sh ../ecdsa/prereq.sh 2>/dev/null || continue;
-	# dsa and ecdsa both require a source of randomness when
-	# generating signatures
-	sh checkdsa.sh 2>/dev/null || continue;
-   fi
-   test $alg = 3 -a ! -r /dev/random -a ! -r /dev/urandom && continue
+   [ $alg = 3 -a ! -f checkdsa ] && continue;
+   [ $alg = 12 -a ! -f checkgost ] && continue;
+   [ $alg = 13 -a ! -f checkecdsa ] && continue;
 
    case $alg in
    3) echo "I: checking DSA";;

configure

@@ -803,6 +803,7 @@ THREADOPTSRCS
 THREADOPTOBJS
 ISC_PLATFORM_USETHREADS
 ALWAYS_DEFINES
+CHECK_DSA
 DNS_CRYPTO_LIBS
 DNS_GSSAPI_LIBS
 DST_GSSAPI_INC
@@ -14347,6 +14348,21 @@ $as_echo "using \"$use_randomdev\"" >&6; }
 		;;
 esac
 
+#
+# Only check dsa signature generation on these platforms when performing
+# system tests.
+#
+CHECK_DSA=0
+if grep "#define PATH_RANDOMDEV " confdefs.h > /dev/null
+then
+        case "$host" in
+        *darwin*|*freebsd*)
+                CHECK_DSA=1
+                ;;
+        esac
+fi
+
+
 #
 # Do we have arc4random() ?
 #

configure.in

@@ -1245,6 +1245,21 @@ case "$use_randomdev" in
 		;;
 esac
 
+#
+# Only check dsa signature generation on these platforms when performing
+# system tests.
+#
+CHECK_DSA=0
+if grep "#define PATH_RANDOMDEV " confdefs.h > /dev/null
+then
+        case "$host" in
+        *darwin*|*freebsd*)
+                CHECK_DSA=1
+                ;;
+        esac
+fi
+AC_SUBST(CHECK_DSA)
+
 #
 # Do we have arc4random() ?
 #