Prevent a race in the "inline" system test

A short time window exists between logging the addition of an NSEC3PARAM record to a zone and committing it to the current version of the zone database. If a query arrives during such a time window, an unsigned response will be returned. One of the checks in the "inline" system test requires NSEC3 records to be present in an answer - that check would fail in the case described above. Use rndc instead of log watching for checking whether zone signing and NSEC3 chain modifications are complete in order to prevent intermittent "inline" system test failures.
2026-04-26 00:30:05 -04:00 · 2018-08-24 09:37:37 +02:00 · 2018-08-24 09:37:37 +02:00 · e36c869e85
commit e36c869e85
parent 1c82dde85c
1 changed files with 7 additions and 4 deletions
--- a/bin/tests/system/inline/tests.sh
+++ b/bin/tests/system/inline/tests.sh
@ -774,12 +774,15 @@ $RNDCCMD 10.53.0.2 reconfig || ret=1
 # Request ns3 to retransfer the "retransfer3" zone.
 $RNDCCMD 10.53.0.3 retransfer retransfer3 || ret=1
 # Wait until ns3 finishes building the NSEC3 chain for "retransfer3".  There is
-# no need to immediately set ret=1 if the expected message does not appear in
-# the log within the time limit because the query we will send shortly will
-# detect problems anyway.
+# no need to immediately set ret=1 if building the NSEC3 chain is not finished
+# within the time limit because the query we will send shortly will detect any
+# problems anyway.
 for i in 0 1 2 3 4 5 6 7 8 9
 do
-	grep "add.*retransfer3.*NSEC3PARAM 1 0 0 -" ns3/named.run > /dev/null && break
+	$RNDCCMD 10.53.0.3 signing -list retransfer3 > signing.out.test$n.$i 2>&1
+	keys_done=`grep "Done signing" signing.out.test$n.$i | wc -l`
+	nsec3_pending=`grep "NSEC3 chain" signing.out.test$n.$i | wc -l`
+	test $keys_done -eq 2 -a $nsec3_pending -eq 0 && break
 	sleep 1
 done
 # Check whether "retransfer3" uses NSEC3 as requested.