Refactor masterformat to be shellcheck clean and don't use RSAMD5 algorithm in the tests

2026-05-28 04:34:54 -04:00 · 2018-12-05 11:22:17 +01:00 · 2018-12-05 11:22:17 +01:00 · b13c7ca402
commit b13c7ca402
parent cbcf6dacb6
6 changed files with 185 additions and 155 deletions
--- a/bin/tests/system/masterformat/clean.sh
+++ b/bin/tests/system/masterformat/clean.sh
@ -9,26 +9,25 @@
 # See the COPYRIGHT file distributed with this work for additional
 # information regarding copyright ownership.

-rm -f named-compilezone
-rm -f ns1/example.db.raw*
-rm -f ns1/example.db.compat
-rm -f ns1/example.db.serial.raw
-rm -f ns1/large.db ns1/large.db.raw
-rm -f ns1/example.db.map ns1/signed.db.map
-rm -f ns1/session.key
-rm -f dig.out.*
-rm -f dig.out
-rm -f */named.memstats
-rm -f */named.conf
-rm -f */named.run
-rm -f ns2/example.db
-rm -f ns2/transfer.db.*
-rm -f ns2/formerly-text.db
-rm -f ns2/db-*
-rm -f ns2/large.bk
-rm -f ns3/example.db.map ns3/dynamic.db.map
-rm -f baseline.txt text.1 text.2 raw.1 raw.2 map.1 map.2 map.5 text.5 badmap
-rm -f ns1/Ksigned.* ns1/dsset-signed. ns1/signed.db.signed
-rm -f rndc.out
-rm -f ns*/named.lock
-rm -f ns*/managed-keys.bind*
+rm -f ./ns1/example.db.raw*
+rm -f ./ns1/example.db.compat
+rm -f ./ns1/example.db.serial.raw
+rm -f ./ns1/large.db ./ns1/large.db.raw
+rm -f ./ns1/example.db.map ./ns1/signed.db.map
+rm -f ./ns1/session.key
+rm -f ./dig.out.*
+rm -f ./dig.out
+rm -f ./*/named.memstats
+rm -f ./*/named.conf
+rm -f ./*/named.run
+rm -f ./ns2/example.db
+rm -f ./ns2/transfer.db.*
+rm -f ./ns2/formerly-text.db
+rm -f ./ns2/db-*
+rm -f ./ns2/large.bk
+rm -f ./ns3/example.db.map ./ns3/dynamic.db.map
+rm -f ./baseline.txt ./text.1 ./text.2 ./raw.1 ./raw.2 ./map.1 ./map.2 ./map.5 ./text.5 ./badmap
+rm -f ./ns1/Ksigned.* ./ns1/dsset-signed. ./ns1/signed.db.signed
+rm -f ./rndc.out
+rm -f ./ns*/named.lock
+rm -f ./ns*/managed-keys.bind*
--- a/bin/tests/system/masterformat/ns1/compile.sh
+++ b/bin/tests/system/masterformat/ns1/compile.sh
@ -1,3 +1,5 @@
+#!/bin/sh
+#
 # Copyright (C) Internet Systems Consortium, Inc. ("ISC")
 #
 # This Source Code Form is subject to the terms of the Mozilla Public
@ -7,26 +9,26 @@
 # See the COPYRIGHT file distributed with this work for additional
 # information regarding copyright ownership.

-SYSTEMTESTTOP=../..
-. $SYSTEMTESTTOP/conf.sh
+# shellcheck source=conf.sh
+. "$SYSTEMTESTTOP/conf.sh"

-../named-compilezone -D -F raw -o example.db.raw example \
+$CHECKZONE -D -F raw -o example.db.raw example \
        example.db > /dev/null 2>&1
-../named-compilezone -D -F map -o ../ns3/example.db.map example \
+$CHECKZONE -D -F map -o ../ns3/example.db.map example \
        example.db > /dev/null 2>&1
-../named-compilezone -D -F map -o ../ns3/dynamic.db.map dynamic \
+$CHECKZONE -D -F map -o ../ns3/dynamic.db.map dynamic \
        example.db > /dev/null 2>&1
-../named-compilezone -D -F raw=1 -o example.db.raw1 example-explicit \
+$CHECKZONE -D -F raw=1 -o example.db.raw1 example-explicit \
        example.db > /dev/null 2>&1
-../named-compilezone -D -F raw=0 -o example.db.compat example-compat \
+$CHECKZONE -D -F raw=0 -o example.db.compat example-compat \
        example.db > /dev/null 2>&1
-../named-compilezone -D -F raw -L 3333 -o example.db.serial.raw example \
+$CHECKZONE -D -F raw -L 3333 -o example.db.serial.raw example \
        example.db > /dev/null 2>&1
-../named-compilezone -D -F raw -o large.db.raw large large.db > /dev/null 2>&1
-../named-compilezone -D -F map -o example.db.map example-map \
+$CHECKZONE -D -F raw -o large.db.raw large large.db > /dev/null 2>&1
+$CHECKZONE -D -F map -o example.db.map example-map \
        example.db > /dev/null 2>&1

-$KEYGEN -q -a rsasha256 signed > /dev/null 2>&1
-$KEYGEN -q -a rsasha256 -fk signed > /dev/null 2>&1
+$KEYGEN -q -a "$DEFAULT_ALGORITHM" -b "$DEFAULT_BITS" -f KSK signed > /dev/null 2>&1
+$KEYGEN -q -a "$DEFAULT_ALGORITHM" -b "$DEFAULT_BITS" signed > /dev/null 2>&1
 $SIGNER -S -f signed.db.signed -o signed signed.db > /dev/null 2>&1
-../named-compilezone -D -F map -o signed.db.map signed signed.db.signed > /dev/null 2>&1
+$CHECKZONE -D -F map -o signed.db.map signed signed.db.signed > /dev/null 2>&1
--- a/bin/tests/system/masterformat/ns1/example.db
+++ b/bin/tests/system/masterformat/ns1/example.db
@ -29,20 +29,18 @@ txt			TXT	"this is text"
 ;;
 ;; we are not testing DNSSEC behavior, so we don't care about the semantics
 ;; of the following records.
-dnskey			300	DNSKEY	256 3 1 (
-					AQPTpWyReB/e9Ii6mVGnakS8hX2zkh/iUYAg
-					+Ge4noWROpTWOIBvm76zeJPWs4Zfqa1IsswD
-					Ix5Mqeg0zwclz59uecKsKyx5w9IhtZ8plc4R
-					b9VIE5x7KNHAYTvTO5d4S8M=
+dnskey			300	DNSKEY	256 3 13 (
+					TEcpWeW1mJp+OujqyInMbjGRODJIYen/4kMR
+					wO6zW3RzrvmNIMgFag6G uXofiSwJ6YDeQ0O
+					3uhPJsJ7ivpbh+w==
 					)
 ds			300	DS	30795 1 1 (
 					310D27F4D82C1FC2400704EA9939FE6E1CEA
 					A3B9 )
-cdnskey			300	CDNSKEY	256 3 1 (
-					AQPTpWyReB/e9Ii6mVGnakS8hX2zkh/iUYAg
-					+Ge4noWROpTWOIBvm76zeJPWs4Zfqa1IsswD
-					Ix5Mqeg0zwclz59uecKsKyx5w9IhtZ8plc4R
-					b9VIE5x7KNHAYTvTO5d4S8M=
+cdnskey			300	CDNSKEY	256 3 13 (
+					TEcpWeW1mJp+OujqyInMbjGRODJIYen/4kMR
+					wO6zW3RzrvmNIMgFag6G uXofiSwJ6YDeQ0O
+					3uhPJsJ7ivpbh+w==
 					)
 cds			300	CDS	30795 1 1 (
 					310D27F4D82C1FC2400704EA9939FE6E1CEA
--- a/bin/tests/system/masterformat/ns2/formerly-text.db.in
+++ b/bin/tests/system/masterformat/ns2/formerly-text.db.in
@ -24,11 +24,11 @@ aaaa			AAAA	2001:db8::53
 cname			CNAME	cname-target
 dname			DNAME	dname-target
 $TTL 300	; 5 minutes
-dnskey			DNSKEY	256 3 1 (
-				AQPTpWyReB/e9Ii6mVGnakS8hX2zkh/iUYAg+Ge4noWR
-				OpTWOIBvm76zeJPWs4Zfqa1IsswDIx5Mqeg0zwclz59u
-				ecKsKyx5w9IhtZ8plc4Rb9VIE5x7KNHAYTvTO5d4S8M=
-				) ; ZSK; alg = RSAMD5; key id = 30795
+dnskey			DNSKEY	256 3 13 (
+				TEcpWeW1mJp+OujqyInMbjGRODJIYen/4kMR
+				wO6zW3RzrvmNIMgFag6G uXofiSwJ6YDeQ0O
+				3uhPJsJ7ivpbh+w==
+				)
 ds			DS	30795 1 1 (
 				310D27F4D82C1FC2400704EA9939FE6E1CEAA3B9 )
 $TTL 86400	; 1 day
--- a/bin/tests/system/masterformat/setup.sh
+++ b/bin/tests/system/masterformat/setup.sh
@ -1,3 +1,5 @@
+#!/bin/sh
+#
 # Copyright (C) Internet Systems Consortium, Inc. ("ISC")
 #
 # This Source Code Form is subject to the terms of the Mozilla Public
@ -7,16 +9,13 @@
 # See the COPYRIGHT file distributed with this work for additional
 # information regarding copyright ownership.

-SYSTEMTESTTOP=..
-. $SYSTEMTESTTOP/conf.sh
+# shellcheck source=conf.sh
+. "$SYSTEMTESTTOP/conf.sh"

 copy_setports ns1/named.conf.in ns1/named.conf
 copy_setports ns2/named.conf.in ns2/named.conf
 copy_setports ns3/named.conf.in ns3/named.conf

-rm -f named-compilezone
-ln -s $CHECKZONE named-compilezone
-
 rm -f ns1/example.db.raw
 cp ns1/example.db ns2/
 cp ns2/formerly-text.db.in ns2/formerly-text.db
--- a/bin/tests/system/masterformat/tests.sh
+++ b/bin/tests/system/masterformat/tests.sh
@ -9,28 +9,33 @@
 # See the COPYRIGHT file distributed with this work for additional
 # information regarding copyright ownership.

-SYSTEMTESTTOP=..
-. $SYSTEMTESTTOP/conf.sh
+# shellcheck source=conf.sh
+. "$SYSTEMTESTTOP/conf.sh"
+
+status=0
+n=1

 ismap () {
+    # shellcheck disable=SC2016
    $PERL -e 'binmode STDIN;
 	     read(STDIN, $input, 8);
             ($style, $version) = unpack("NN", $input);
-             exit 1 if ($style != 3 || $version > 1);' < $1
+             exit 1 if ($style != 3 || $version > 1);' < "$1"
    return $?
 }

 israw () {
+    # shellcheck disable=SC2016
    $PERL -e 'binmode STDIN;
             read(STDIN, $input, 8);
             ($style, $version) = unpack("NN", $input);
-             exit 1 if ($style != 2 || $version > 1);' < $1
+             exit 1 if ($style != 2 || $version > 1);' < "$1"
    return $?
 }

 isfull () {
    # there should be no whitespace at the beginning of a line
-    if grep '^[ 	][ 	]*' $1 > /dev/null 2>&1; then
+    if grep '^[ 	][ 	]*' "$1" > /dev/null 2>&1; then
 	return 1
    else
 	return 0
@ -38,15 +43,17 @@ isfull () {
 }

 rawversion () {
+    # shellcheck disable=SC2016
    $PERL -e 'binmode STDIN;
             read(STDIN, $input, 8);
             if (length($input) < 8) { print "not raw\n"; exit 0; };
             ($style, $version) = unpack("NN", $input);
             print ($style == 2 || $style == 3 ? "$version\n" :
-		"not raw or map\n");' < $1
+		"not raw or map\n");' < "$1"
 }

 sourceserial () {
+    # shellcheck disable=SC2016
    $PERL -e 'binmode STDIN;
             read(STDIN, $input, 20);
             if (length($input) < 20) { print "UNSET\n"; exit; };
@ -57,68 +64,77 @@ sourceserial () {
                     print $sourceserial . "\n";
             } else {
                     print "UNSET\n";
-             }' < $1
+             }' < "$1"
 }

 stomp () {
-        $PERL -e 'open(my $file, "+<", $ARGV[0]);
-                 binmode $file;
-                 seek($file, $ARGV[1], 0);
-                 for (my $i = 0; $i < $ARGV[2]; $i++) {
-                         print $file pack('C', $ARGV[3]);
-                 }
-                 close($file);' $1 $2 $3 $4
+    # shellcheck disable=SC2016
+    $PERL -e 'open(my $file, "+<", $ARGV[0]);
+              binmode $file;
+              seek($file, $ARGV[1], 0);
+              for (my $i = 0; $i < $ARGV[2]; $i++) {
+                      print $file pack("C", $ARGV[3]);
+              }
+              close($file);' "$@"
 }

 restart () {
    sleep 1
-    $PERL "$SYSTEMTESTTOP/start.pl" --noclean --restart --port ${PORT} masterformat ns3
+    $PERL "$SYSTEMTESTTOP/start.pl" --noclean --restart --port "${PORT}" masterformat ns3
 }

-DIGOPTS="+tcp +noauth +noadd +nosea +nostat +noquest +nocomm +nocmd -p ${PORT}"
-RNDCCMD="$RNDC -c $SYSTEMTESTTOP/common/rndc.conf -p ${CONTROLPORT} -s"
+dig_with_opts() {
+    "$DIG" +tcp +noauth +noadd +nosea +nostat +noquest +nocomm +nocmd -p "${PORT}" "$@"
+}
+
+rndccmd() {
+    "$RNDC" -c "$SYSTEMTESTTOP/common/rndc.conf" -p "${CONTROLPORT}" -s "$@"
+}

 status=0

-echo_i "checking that master files in raw format loaded"
+echo_i "checking that master files in raw format loaded ($n)"
 ret=0
 set -- 1 2 3
 for zone in example example-explicit example-compat; do
-    for server in $*; do
+    for server in "$@"; do
 	for name in ns mx a aaaa cname dname txt rrsig nsec \
-		    dnskey ds cdnskey cds; do
-		$DIG $DIGOPTS $name.$zone. $name @10.53.0.$server
-		echo
-	done > dig.out.$zone.$server
+		       dnskey ds cdnskey cds; do
+	    dig_with_opts "$name.$zone." "$name" "@10.53.0.$server"
+	    echo
+	done > "dig.out.$zone.$server.test$n"
    done
-    digcomp dig.out.$zone.1 dig.out.$zone.2 || ret=1
-    if [ $zone = "example" ]; then
+    digcomp "dig.out.$zone.1.test$n" "dig.out.$zone.2.test$n" || ret=1
+    if [ "$zone" = "example" ]; then
        set -- 1 2
-        digcomp dig.out.$zone.1 dig.out.$zone.3 || ret=1
+        digcomp "dig.out.$zone.1.test$n" "dig.out.$zone.3.test$n" || ret=1
    fi
 done
+n=$((n+1))
 [ $ret -eq 0 ] || echo_i "failed"
-status=`expr $status + $ret`
+status=$((status+ret))

-echo_i "checking raw format versions"
+echo_i "checking raw format versions ($n)"
 ret=0
 israw ns1/example.db.raw || ret=1
 israw ns1/example.db.raw1 || ret=1
 israw ns1/example.db.compat || ret=1
 ismap ns1/example.db.map || ret=1
-[ "`rawversion ns1/example.db.raw`" = 1 ] || ret=1
-[ "`rawversion ns1/example.db.raw1`" = 1 ] || ret=1
-[ "`rawversion ns1/example.db.compat`" = 0 ] || ret=1
-[ "`rawversion ns1/example.db.map`" = 1 ] || ret=1
+[ "$(rawversion ns1/example.db.raw)" -eq 1 ] || ret=1
+[ "$(rawversion ns1/example.db.raw1)" -eq 1 ] || ret=1
+[ "$(rawversion ns1/example.db.compat)" -eq 0 ] || ret=1
+[ "$(rawversion ns1/example.db.map)" -eq 1 ] || ret=1
+n=$((n+1))
 [ $ret -eq 0 ] || echo_i "failed"
-status=`expr $status + $ret`
+status=$((status+ret))

-echo_i "checking source serial numbers"
+echo_i "checking source serial numbers ($n)"
 ret=0
-[ "`sourceserial ns1/example.db.raw`" = "UNSET" ] || ret=1
-[ "`sourceserial ns1/example.db.serial.raw`" = "3333" ] || ret=1
+[ "$(sourceserial ns1/example.db.raw)" = "UNSET" ] || ret=1
+[ "$(sourceserial ns1/example.db.serial.raw)" = "3333" ] || ret=1
+n=$((n+1))
 [ $ret -eq 0 ] || echo_i "failed"
-status=`expr $status + $ret`
+status=$((status+ret))

 echo_i "waiting for transfers to complete"
 for i in 0 1 2 3 4 5 6 7 8 9
@ -127,70 +143,79 @@ do
 	sleep 1
 done

-echo_i "checking that slave was saved in raw format by default"
+echo_i "checking that slave was saved in raw format by default ($n)"
 ret=0
 israw ns2/transfer.db.raw || ret=1
+n=$((n+1))
 [ $ret -eq 0 ] || echo_i "failed"
-status=`expr $status + $ret`
+status=$((status+ret))

-echo_i "checking that slave was saved in text format when configured"
+echo_i "checking that slave was saved in text format when configured ($n)"
 ret=0
 israw ns2/transfer.db.txt && ret=1
 isfull ns2/transfer.db.txt && ret=1
+n=$((n+1))
 [ $ret -eq 0 ] || echo_i "failed"
-status=`expr $status + $ret`
+status=$((status+ret))

-echo_i "checking that slave was saved in 'full' style when configured"
+echo_i "checking that slave was saved in 'full' style when configured ($n)"
 ret=0
 isfull ns2/transfer.db.full > /dev/null 2>&1 || ret=1
+n=$((n+1))
 [ $ret -eq 0 ] || echo_i "failed"
-status=`expr $status + $ret`
+status=$((status+ret))

-echo_i "checking that slave formerly in text format is now raw"
+echo_i "checking that slave formerly in text format is now raw ($n)"
 for i in 0 1 2 3 4 5 6 7 8 9
 do
    ret=0
    israw ns2/formerly-text.db > /dev/null 2>&1 || ret=1
-    [ "`rawversion ns2/formerly-text.db`" = 1 ] || ret=1
+    [ "$(rawversion ns2/formerly-text.db)" -eq 1 ] || ret=1
    [ $ret -eq 0 ] && break
    sleep 1
 done
+n=$((n+1))
 [ $ret -eq 0 ] || echo_i "failed"
-status=`expr $status + $ret`
+status=$((status+ret))

-echo_i "checking that large rdatasets loaded"
+echo_i "checking that large rdatasets loaded ($n)"
 for i in 0 1 2 3 4 5 6 7 8 9
 do
 ret=0
 for a in a b c
 do
-	$DIG +tcp txt ${a}.large @10.53.0.2 -p ${PORT} > dig.out
-	grep "status: NOERROR" dig.out > /dev/null || ret=1
+	$DIG +tcp txt "${a}.large" @10.53.0.2 -p "${PORT}" > "dig.out.ns2.test$n"
+	grep "status: NOERROR" "dig.out.ns2.test$n" > /dev/null || ret=1
 done
 [ $ret -eq 0 ] && break
 sleep 1
 done
+n=$((n+1))
+[ $ret -eq 0 ] || echo_i "failed"
+status=$((status+ret))

-echo_i "checking format transitions: text->raw->map->text"
+echo_i "checking format transitions: text->raw->map->text ($n)"
 ret=0
-./named-compilezone -D -f text -F text -o baseline.txt example.nil ns1/example.db > /dev/null
-./named-compilezone -D -f text -F raw -o raw.1 example.nil baseline.txt > /dev/null
-./named-compilezone -D -f raw -F map -o map.1 example.nil raw.1 > /dev/null
-./named-compilezone -D -f map -F text -o text.1 example.nil map.1 > /dev/null
+$CHECKZONE -D -f text -F text -o baseline.txt example.nil ns1/example.db > /dev/null
+$CHECKZONE -D -f text -F raw -o raw.1 example.nil baseline.txt > /dev/null
+$CHECKZONE -D -f raw -F map -o map.1 example.nil raw.1 > /dev/null
+$CHECKZONE -D -f map -F text -o text.1 example.nil map.1 > /dev/null
 cmp -s baseline.txt text.1 || ret=0
+n=$((n+1))
 [ $ret -eq 0 ] || echo_i "failed"
-status=`expr $status + $ret`
+status=$((status+ret))

-echo_i "checking format transitions: text->map->raw->text"
+echo_i "checking format transitions: text->map->raw->text ($n)"
 ret=0
-./named-compilezone -D -f text -F map -o map.2 example.nil baseline.txt > /dev/null
-./named-compilezone -D -f map -F raw -o raw.2 example.nil map.2 > /dev/null
-./named-compilezone -D -f raw -F text -o text.2 example.nil raw.2 > /dev/null
+$CHECKZONE -D -f text -F map -o map.2 example.nil baseline.txt > /dev/null
+$CHECKZONE -D -f map -F raw -o raw.2 example.nil map.2 > /dev/null
+$CHECKZONE -D -f raw -F text -o text.2 example.nil raw.2 > /dev/null
 cmp -s baseline.txt text.2 || ret=0
+n=$((n+1))
 [ $ret -eq 0 ] || echo_i "failed"
-status=`expr $status + $ret`
+status=$((status+ret))

-echo_i "checking map format loading with journal file rollforward"
+echo_i "checking map format loading with journal file rollforward ($n)"
 ret=0
 $NSUPDATE <<END > /dev/null || status=1
 server 10.53.0.3 ${PORT}
@ -199,26 +224,27 @@ update add newtext.dynamic IN TXT "added text"
 update delete aaaa.dynamic
 send
 END
-$DIG $DIGOPTS @10.53.0.3 newtext.dynamic txt > dig.out.dynamic.3.1
-grep "added text" dig.out.dynamic.3.1 > /dev/null 2>&1 || ret=1
-$DIG $DIGOPTS +comm @10.53.0.3 added.dynamic txt > dig.out.dynamic.3.2
-grep "NXDOMAIN"  dig.out.dynamic.3.2 > /dev/null 2>&1 || ret=1
+dig_with_opts @10.53.0.3 newtext.dynamic txt > "dig.out.dynamic1.ns3.test$n"
+grep "added text" "dig.out.dynamic1.ns3.test$n" > /dev/null 2>&1 || ret=1
+dig_with_opts +comm @10.53.0.3 added.dynamic txt > "dig.out.dynamic2.ns3.test$n"
+grep "NXDOMAIN" "dig.out.dynamic2.ns3.test$n" > /dev/null 2>&1 || ret=1
 # using "rndc halt" ensures that we don't dump the zone file
-$RNDCCMD 10.53.0.3 halt 2>&1 | sed 's/^/ns3 /' | cat_i
+rndccmd 10.53.0.3 halt 2>&1 | sed 's/^/ns3 /' | cat_i
 restart
 for i in 0 1 2 3 4 5 6 7 8 9; do
    lret=0
-    $DIG $DIGOPTS @10.53.0.3 newtext.dynamic txt > dig.out.dynamic.3.3
-    grep "added text" dig.out.dynamic.3.3 > /dev/null 2>&1 || lret=1
+    dig_with_opts @10.53.0.3 newtext.dynamic txt > "dig.out.dynamic3.ns3.test$n"
+    grep "added text" "dig.out.dynamic3.ns3.test$n" > /dev/null 2>&1 || lret=1
    [ $lret -eq 0 ] && break;
 done
 [ $lret -eq 1 ] && ret=1
-$DIG $DIGOPTS +comm @10.53.0.3 added.dynamic txt > dig.out.dynamic.3.4
-grep "NXDOMAIN"  dig.out.dynamic.3.4 > /dev/null 2>&1 || ret=1
+dig_with_opts +comm @10.53.0.3 added.dynamic txt > "dig.out.dynamic4.ns3.test$n"
+grep "NXDOMAIN" "dig.out.dynamic4.ns3.test$n" > /dev/null 2>&1 || ret=1
+n=$((n+1))
 [ $ret -eq 0 ] || echo_i "failed"
-status=`expr $status + $ret`
+status=$((status+ret))

-echo_i "checking map format file dumps correctly"
+echo_i "checking map format file dumps correctly ($n)"
 ret=0
 $NSUPDATE <<END > /dev/null || status=1
 server 10.53.0.3 ${PORT}
@ -226,73 +252,79 @@ ttl 600
 update add moretext.dynamic IN TXT "more text"
 send
 END
-$DIG $DIGOPTS @10.53.0.3 moretext.dynamic txt > dig.out.dynamic.3.5
-grep "more text" dig.out.dynamic.3.5 > /dev/null 2>&1 || ret=1
+dig_with_opts @10.53.0.3 moretext.dynamic txt > "dig.out.dynamic1.ns3.test$n"
+grep "more text" "dig.out.dynamic1.ns3.test$n" > /dev/null 2>&1 || ret=1
 # using "rndc stop" will cause the zone file to flush before shutdown
-$RNDCCMD 10.53.0.3 stop 2>&1 | sed 's/^/ns3 /' | cat_i
+rndccmd 10.53.0.3 stop 2>&1 | sed 's/^/ns3 /' | cat_i
 rm ns3/*.jnl
 restart
+#shellcheck disable=SC2034
 for i in 0 1 2 3 4 5 6 7 8 9; do
    lret=0
-    $DIG $DIGOPTS +comm @10.53.0.3 moretext.dynamic txt > dig.out.dynamic.3.6
-    grep "more text" dig.out.dynamic.3.6 > /dev/null 2>&1 || lret=1
+    dig_with_opts +comm @10.53.0.3 moretext.dynamic txt > "dig.out.dynamic2.ns3.test$n"
+    grep "more text" "dig.out.dynamic2.ns3.test$n" > /dev/null 2>&1 || lret=1
    [ $lret -eq 0 ] && break;
 done
 [ $lret -eq 1 ] && ret=1
+n=$((n+1))
 [ $ret -eq 0 ] || echo_i "failed"
-status=`expr $status + $ret`
+status=$((status+ret))

 # stomp on the file header
-echo_i "checking corrupt map files fail to load (bad file header)"
+echo_i "checking corrupt map files fail to load (bad file header) ($n)"
 ret=0
-./named-compilezone -D -f text -F map -o map.5 example.nil baseline.txt > /dev/null
+$CHECKZONE -D -f text -F map -o map.5 example.nil baseline.txt > /dev/null
 cp map.5 badmap
 stomp badmap 0 32 99
-./named-compilezone -D -f map -F text -o text.5 example.nil badmap > /dev/null
+$CHECKZONE -D -f map -F text -o text.5 example.nil badmap > /dev/null
 [ $? = 1 ] || ret=1
+n=$((n+1))
 [ $ret -eq 0 ] || echo_i "failed"
-status=`expr $status + $ret`
+status=$((status+ret))
+
 # stomp on the file data so it hashes differently.
 # these are small and subtle changes, so that the resulting file
 # would appear to be a legitimate map file and would not trigger an
 # assertion failure if loaded into memory, but should still fail to
 # load because of a SHA1 hash mismatch.
-echo_i "checking corrupt map files fail to load (bad node header)"
+echo_i "checking corrupt map files fail to load (bad node header) ($n)"
 ret=0
 cp map.5 badmap
 stomp badmap 2754 2 99
-./named-compilezone -D -f map -F text -o text.5 example.nil badmap > /dev/null
+$CHECKZONE -D -f map -F text -o text.5 example.nil badmap > /dev/null
 [ $? = 1 ] || ret=1
+n=$((n+1))
 [ $ret -eq 0 ] || echo_i "failed"
-status=`expr $status + $ret`
+status=$((status+ret))

-echo_i "checking corrupt map files fail to load (bad node data)"
+echo_i "checking corrupt map files fail to load (bad node data) ($n)"
 ret=0
 cp map.5 badmap
 stomp badmap 2897 5 127
-./named-compilezone -D -f map -F text -o text.5 example.nil badmap > /dev/null
+$CHECKZONE -D -f map -F text -o text.5 example.nil badmap > /dev/null
 [ $? = 1 ] || ret=1
+n=$((n+1))
 [ $ret -eq 0 ] || echo_i "failed"
-status=`expr $status + $ret`
+status=$((status+ret))

-echo_i "checking map format zone is scheduled for resigning (compilezone)"
+echo_i "checking map format zone is scheduled for resigning (compilezone) ($n)"
 ret=0
-$RNDCCMD 10.53.0.1 zonestatus signed > rndc.out 2>&1 || ret=1
+rndccmd 10.53.0.1 zonestatus signed > rndc.out 2>&1 || ret=1
 grep 'next resign' rndc.out > /dev/null 2>&1 || ret=1
+n=$((n+1))
 [ $ret -eq 0 ] || echo_i "failed"
-status=`expr $status + $ret`
+status=$((status+ret))

-echo_i "checking map format zone is scheduled for resigning (signzone)"
+echo_i "checking map format zone is scheduled for resigning (signzone) ($n)"
 ret=0
-$RNDCCMD 10.53.0.1 freeze signed > rndc.out 2>&1 || ret=1
-cd ns1
-$SIGNER -S -O map -f signed.db.map -o signed signed.db > /dev/null 2>&1
-cd ..
-$RNDCCMD 10.53.0.1 reload signed > rndc.out 2>&1 || ret=1
-$RNDCCMD 10.53.0.1 zonestatus signed > rndc.out 2>&1 || ret=1
+rndccmd 10.53.0.1 freeze signed > rndc.out 2>&1 || ret=1
+(cd ns1 || exit 1; $SIGNER -S -O map -f signed.db.map -o signed signed.db > /dev/null 2>&1)
+rndccmd 10.53.0.1 reload signed > rndc.out 2>&1 || ret=1
+rndccmd 10.53.0.1 zonestatus signed > rndc.out 2>&1 || ret=1
 grep 'next resign' rndc.out > /dev/null 2>&1 || ret=1
+n=$((n+1))
 [ $ret -eq 0 ] || echo_i "failed"
-status=`expr $status + $ret`
+status=$((status+ret))

 echo_i "exit status: $status"
 [ $status -eq 0 ] || exit 1