From 0ac2a868bb46069155fee400b2969309c7221b51 Mon Sep 17 00:00:00 2001 From: Mark Andrews Date: Mon, 26 Nov 2018 16:33:49 +1100 Subject: [PATCH 1/3] add reproducer for [GL #585] --- bin/tests/system/coverage/12-ksk-deletion/expect | 6 ++++++ bin/tests/system/coverage/setup.sh | 5 +++++ bin/tests/system/coverage/tests.sh | 6 ++++++ util/copyrights | 1 + 4 files changed, 18 insertions(+) create mode 100644 bin/tests/system/coverage/12-ksk-deletion/expect diff --git a/bin/tests/system/coverage/12-ksk-deletion/expect b/bin/tests/system/coverage/12-ksk-deletion/expect new file mode 100644 index 0000000000..abc24dffe0 --- /dev/null +++ b/bin/tests/system/coverage/12-ksk-deletion/expect @@ -0,0 +1,6 @@ +args= +warn=1 +error=0 +ok=0 +retcode=0 +match=0 diff --git a/bin/tests/system/coverage/setup.sh b/bin/tests/system/coverage/setup.sh index bb6fa4bb1f..5dbc03a11e 100644 --- a/bin/tests/system/coverage/setup.sh +++ b/bin/tests/system/coverage/setup.sh @@ -127,3 +127,8 @@ $SETTIME -K $dir -I +18mo -D +2y $zsk1 > /dev/null 2>&1 zsk2=`$KEYGEN -K $dir -S $zsk1` $SETTIME -K $dir -I +16mo $zsk1 > /dev/null 2>&1 ksk1=`$KEYGEN -K $dir -a rsasha1 -3fk example.com` + +# Test 12: Too early KSK deletion +dir=12-ksk-deletion +ksk1=`$KEYGEN -K $dir -f KSK -a 8 -b 2048 -I +40d -D +40d example.com` +ksk2=`$KEYGEN -K $dir -S $ksk1.key example.com` diff --git a/bin/tests/system/coverage/tests.sh b/bin/tests/system/coverage/tests.sh index c5ba2117f4..f435eb8f0e 100644 --- a/bin/tests/system/coverage/tests.sh +++ b/bin/tests/system/coverage/tests.sh @@ -70,6 +70,12 @@ for dir in [0-9][0-9]-*; do ret=1 fi + found=`grep Traceback coverage.$n | wc -l` + if [ $found -ne 0 ]; then + echo "python exception detected" + ret=1 + fi + n=`expr $n + 1` if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` diff --git a/util/copyrights b/util/copyrights index 3d6841dfd0..0622c2c9de 100644 --- a/util/copyrights +++ b/util/copyrights @@ -473,6 +473,7 @@ ./bin/tests/system/coverage/10-check-ksk/expect X 2014,2018 ./bin/tests/system/coverage/11-cutoff/README X 2014,2018 ./bin/tests/system/coverage/11-cutoff/expect X 2014,2018 +./bin/tests/system/coverage/12-ksk-deletion/expect X 2018 ./bin/tests/system/coverage/clean.sh SH 2013,2014,2016,2018 ./bin/tests/system/coverage/setup.sh SH 2013,2014,2016,2017,2018 ./bin/tests/system/coverage/tests.sh SH 2013,2014,2016,2018 From 6499bdfd8b6d21e981c875f87bfc80c2d13325d7 Mon Sep 17 00:00:00 2001 From: Mark Andrews Date: Mon, 26 Nov 2018 17:24:03 +1100 Subject: [PATCH 2/3] use documented default key ttl --- bin/python/isc/dnskey.py.in | 4 ++++ bin/tests/system/coverage/12-ksk-deletion/expect | 8 ++++---- 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/bin/python/isc/dnskey.py.in b/bin/python/isc/dnskey.py.in index eaedb80d99..83017c457f 100644 --- a/bin/python/isc/dnskey.py.in +++ b/bin/python/isc/dnskey.py.in @@ -452,6 +452,10 @@ class dnskey: if timespan is None: timespan = self.ttl + if timespan is None: + output("WARNING: Key %s using default TTL." % repr(self)) + timespan = (60*60*24) + now = time.time() d = self.delete() i = self.inactive() diff --git a/bin/tests/system/coverage/12-ksk-deletion/expect b/bin/tests/system/coverage/12-ksk-deletion/expect index abc24dffe0..898c0bf0ba 100644 --- a/bin/tests/system/coverage/12-ksk-deletion/expect +++ b/bin/tests/system/coverage/12-ksk-deletion/expect @@ -1,6 +1,6 @@ args= -warn=1 -error=0 -ok=0 -retcode=0 +warn=4 +error=1 +ok=1 +retcode=1 match=0 From 02d20a2f5305d27db4697dec267168a85e72d709 Mon Sep 17 00:00:00 2001 From: Mark Andrews Date: Thu, 29 Nov 2018 07:46:50 +1100 Subject: [PATCH 3/3] add CHANGES note --- CHANGES | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/CHANGES b/CHANGES index 1a83a12ec6..e6dc8451d7 100644 --- a/CHANGES +++ b/CHANGES @@ -1,3 +1,7 @@ +5102. [bug] dnssec-coverage failed to use the default TTL when + checking KSK deletion times leading to a exception. + [GL #585] + 5101. [bug] Fix default installation path for Python modules and remove the dnspython dependency accidentally introduced by change 4970. [GL #730]