upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-06-08 17:52:10 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

mkeys: use $DEFAULT_ALGORITHM

Browse source
This commit is contained in:
Mark Andrews 2022-07-08 12:24:34 +10:00
parent ff95bafa39
commit 78fa082999
3 changed files with 10 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
bin/tests/system/mkeys/ns1/sign.sh
View file

@ -16,8 +16,8 @@
zone=.
zonefile=root.db
keyname=`$KEYGEN -a rsasha256 -qfk $zone`
zskkeyname=`$KEYGEN -a rsasha256 -q $zone`
keyname=$($KEYGEN -a ${DEFAULT_ALGORITHM} -qfk $zone)
zskkeyname=$($KEYGEN -a ${DEFAULT_ALGORITHM} -q $zone)
$SIGNER -Sg -o $zone $zonefile > /dev/null 2>/dev/null

6
bin/tests/system/mkeys/ns6/setup.sh
View file

@ -16,8 +16,8 @@
zone=.
zonefile=root.db
# an RSA key
rsakey=`$KEYGEN -a rsasha256 -qfk rsasha256.`
# a key for a trust island
islandkey=$($KEYGEN -a ${DEFAULT_ALGORITHM} -qfk island.)
# a key with unsupported algorithm
unsupportedkey=Kunknown.+255+00000
@ -30,4 +30,4 @@ cp "../ns1/${rootkey}.key" .
# Configure the resolving server with an initializing key.
# (We use key-format trust anchors here because otherwise the
# unsupported algorithm test won't work.)
keyfile_to_initial_keys $unsupportedkey $rsakey $rootkey > managed.conf
keyfile_to_initial_keys $unsupportedkey $islandkey $rootkey > managed.conf

10
bin/tests/system/mkeys/tests.sh
View file

@ -133,7 +133,7 @@ status=$((status+ret))
n=$((n+1))
echo_i "check new trust anchor can be added ($n)"
ret=0
standby1=$($KEYGEN -a rsasha256 -qfk -K ns1 .)
standby1=$($KEYGEN -a ${DEFAULT_ALGORITHM} -qfk -K ns1 .)
mkeys_loadkeys_on 1 || ret=1
mkeys_refresh_on 2 || ret=1
mkeys_status_on 2 > rndc.out.$n 2>&1 || ret=1
@ -342,7 +342,7 @@ status=$((status+ret))
n=$((n+1))
echo_i "revoke original key, add new standby ($n)"
ret=0
standby2=$($KEYGEN -a rsasha256 -qfk -K ns1 .)
standby2=$($KEYGEN -a ${DEFAULT_ALGORITHM} -qfk -K ns1 .)
$SETTIME -R now -K ns1 "$original" > /dev/null
mkeys_loadkeys_on 1 || ret=1
mkeys_refresh_on 2 || ret=1
@ -374,7 +374,7 @@ status=$((status+ret))
n=$((n+1))
echo_i "revoke standby before it is trusted ($n)"
ret=0
standby3=$($KEYGEN -a rsasha256 -qfk -K ns1 .)
standby3=$($KEYGEN -a ${DEFAULT_ALGORITHM} -qfk -K ns1 .)
mkeys_loadkeys_on 1 || ret=1
mkeys_refresh_on 2 || ret=1
mkeys_status_on 2 > rndc.out.1.$n 2>&1 || ret=1
@ -777,7 +777,7 @@ n=$((n+1))
echo_i "ignoring unsupported algorithm in managed-keys ($n)"
ret=0
mkeys_status_on 6 > rndc.out.$n 2>&1 || ret=1
# there should still be only two keys listed (for . and rsasha256.)
# there should still be only two keys listed (for . and island.)
count=$(grep -c "keyid: " rndc.out.$n) || true
[ "$count" -eq 2 ] || ret=1
# two lines indicating trust status
@ -804,7 +804,7 @@ ret=0
mkeys_reload_on 1 || ret=1
mkeys_refresh_on 6 || ret=1
mkeys_status_on 6 > rndc.out.$n 2>&1 || ret=1
# there should still be only two keys listed (for . and rsasha256.)
# there should still be only two keys listed (for . and island.)
count=$(grep -c "keyid: " rndc.out.$n) || true
[ "$count" -eq 2 ] || ret=1
# two lines indicating trust status