Merge branch 'michal/simplify-trailing-period-handling-in-system-tests-v9_11' into 'v9_11'

[v9_11] Simplify trailing period handling in system tests See merge request !1878

Merge branch 'michal/simplify-trailing-period-handling-in-system-tests-v9_11' into 'v9_11'
[v9_11] Simplify trailing period handling in system tests See merge request !1878
16bb74b1 · Michał Kępień · 343fa390 · 72c7bc03 · 16bb74b1 · 16bb74b1
Commit 16bb74b1 authored Apr 26, 2019 by Michał Kępień
6 changed files
--- a/bin/tests/system/dlv/ns3/sign.sh
+++ b/bin/tests/system/dlv/ns3/sign.sh
@@ -16,25 +16,25 @@ SYSTEMTESTTOP=../..

 echo_i "dlv/ns3/sign.sh"

-dlvzone="dlv.utld."
+dlvzone="dlv.utld"
 dlvsets=
 dssets=

-unsupporteddlvzone="unsupported-algorithm-dlv.utld."
+unsupporteddlvzone="unsupported-algorithm-dlv.utld"
 unsupporteddlvsets=
 unsupporteddssets=

 # Signed zone below unsigned TLD with DLV entry.
-zone=child1.utld.
+zone=child1.utld
 infile=child.db.in
 zonefile=child1.utld.db
 outfile=child1.signed
-dlvsets="$dlvsets dlvset-`echo $zone |sed -e "s/.$//g"`$TP"
+dlvsets="$dlvsets dlvset-${zone}${TP}"

 keyname1=`$KEYGEN -r $RANDFILE -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null`
 keyname2=`$KEYGEN -f KSK -r $RANDFILE -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null`

-dsfilename=../ns6/dsset-grand.`echo $zone |sed -e "s/\.$//g"`$TP
+dsfilename=../ns6/dsset-grand.${zone}${TP}
 cat $infile $keyname1.key $keyname2.key $dsfilename >$zonefile

 $SIGNER -O full -r $RANDFILE -l $dlvzone -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err
@@ -43,7 +43,7 @@ echo_i "signed $zone"

 # Signed zone below unsigned TLD with DLV entry in DLV zone that is signed
 # with a disabled algorithm.
-zone=child3.utld.
+zone=child3.utld
 infile=child.db.in
 zonefile=child3.utld.db
 outfile=child3.signed
@@ -51,7 +51,7 @@ outfile=child3.signed
 keyname1=`$KEYGEN -r $RANDFILE -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null`
 keyname2=`$KEYGEN -f KSK -r $RANDFILE -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null`

-dsfilename=../ns6/dsset-grand.`echo $zone |sed -e "s/\.$//g"`$TP
+dsfilename=../ns6/dsset-grand.${zone}${TP}
 cat $infile $keyname1.key $keyname2.key $dsfilename >$zonefile

 $SIGNER -O full -r $RANDFILE -l $dlvzone -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err
@@ -61,11 +61,11 @@ echo_i "signed $zone"
 # Signed zone below unsigned TLD with DLV entry.  This one is slightly
 # different because its children (the grandchildren) don't have a DS record in
 # this zone.  The grandchild zones are served by ns6.
-zone=child4.utld.
+zone=child4.utld
 infile=child.db.in
 zonefile=child4.utld.db
 outfile=child4.signed
-dlvsets="$dlvsets dlvset-`echo $zone |sed -e "s/.$//g"`$TP"
+dlvsets="$dlvsets dlvset-${zone}${TP}"

 keyname1=`$KEYGEN -r $RANDFILE -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null`
 keyname2=`$KEYGEN -f KSK -r $RANDFILE -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null`
@@ -78,23 +78,23 @@ echo_i "signed $zone"

 # Signed zone below unsigned TLD with DLV entry in DLV zone that is signed
 # with an unsupported algorithm.
-zone=child5.utld.
+zone=child5.utld
 infile=child.db.in
 zonefile=child5.utld.db
 outfile=child5.signed
-unsupporteddlvsets="$unsupporteddlvsets dlvset-`echo $zone |sed -e "s/.$//g"`$TP"
+unsupporteddlvsets="$unsupporteddlvsets dlvset-${zone}${TP}"

 keyname1=`$KEYGEN -r $RANDFILE -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null`
 keyname2=`$KEYGEN -f KSK -r $RANDFILE -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null`

-dsfilename=../ns6/dsset-grand.`echo $zone |sed -e "s/\.$//g"`$TP
+dsfilename=../ns6/dsset-grand.${zone}${TP}
 cat $infile $keyname1.key $keyname2.key $dsfilename >$zonefile

 $SIGNER -O full -r $RANDFILE -l $dlvzone -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err
 echo_i "signed $zone"

 # Signed zone below unsigned TLD without DLV entry.
-zone=child7.utld.
+zone=child7.utld
 infile=child.db.in
 zonefile=child7.utld.db
 outfile=child7.signed
@@ -102,7 +102,7 @@ outfile=child7.signed
 keyname1=`$KEYGEN -r $RANDFILE -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null`
 keyname2=`$KEYGEN -f KSK -r $RANDFILE -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null`

-dsfilename=../ns6/dsset-grand.`echo $zone |sed -e "s/\.$//g"`$TP
+dsfilename=../ns6/dsset-grand.${zone}${TP}
 cat $infile $keyname1.key $keyname2.key $dsfilename >$zonefile

 $SIGNER -O full -r $RANDFILE -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err
@@ -111,7 +111,7 @@ echo_i "signed $zone"

 # Signed zone below unsigned TLD without DLV entry and no DS records for the
 # grandchildren.
-zone=child8.utld.
+zone=child8.utld
 infile=child.db.in
 zonefile=child8.utld.db
 outfile=child8.signed
@@ -125,11 +125,11 @@ $SIGNER -O full -r $RANDFILE -l $dlvzone -o $zone -f $outfile $zonefile > /dev/n
 echo_i "signed $zone"

 # Signed zone below unsigned TLD with DLV entry.
-zone=child9.utld.
+zone=child9.utld
 infile=child.db.in
 zonefile=child9.utld.db
 outfile=child9.signed
-dlvsets="$dlvsets dlvset-`echo $zone |sed -e "s/.$//g"`$TP"
+dlvsets="$dlvsets dlvset-${zone}${TP}"

 keyname1=`$KEYGEN -r $RANDFILE -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null`
 keyname2=`$KEYGEN -f KSK -r $RANDFILE -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null`
@@ -141,11 +141,11 @@ echo_i "signed $zone"

 # Unsigned zone below an unsigned TLD with DLV entry.  We still need to sign
 # the zone to generate the DLV set.
-zone=child10.utld.
+zone=child10.utld
 infile=child.db.in
 zonefile=child10.utld.db
 outfile=child10.signed
-dlvsets="$dlvsets dlvset-`echo $zone |sed -e "s/.$//g"`$TP"
+dlvsets="$dlvsets dlvset-${zone}${TP}"

 keyname1=`$KEYGEN -r $RANDFILE -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null`
 keyname2=`$KEYGEN -f KSK -r $RANDFILE -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null`
@@ -157,11 +157,11 @@ echo_i "signed $zone"


 # Zone signed with an unsupported algorithm with DLV entry.
-zone=unsupported-algorithm.utld.
+zone=unsupported-algorithm.utld
 infile=child.db.in
 zonefile=unsupported-algorithm.utld.db
 outfile=unsupported-algorithm.utld.signed
-dlvsets="$dlvsets dlvset-`echo $zone |sed -e "s/.$//g"`$TP"
+dlvsets="$dlvsets dlvset-${zone}${TP}"

 keyname1=`$KEYGEN -r $RANDFILE -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null`
 keyname2=`$KEYGEN -f KSK -r $RANDFILE -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null`
@@ -173,23 +173,23 @@ awk '$4 == "DNSKEY" { $7 = 255 } $4 == "RRSIG" { $6 = 255 } { print }' ${outfile

 cp ${keyname2}.key ${keyname2}.tmp
 awk '$3 == "DNSKEY" { $6 = 255 } { print }' ${keyname2}.tmp > ${keyname2}.key
-cp dlvset-${zone} dlvset-${zone}tmp
-awk '$3 == "DLV" { $5 = 255 } { print }' dlvset-${zone}tmp > dlvset-${zone}
+cp dlvset-${zone}${TP} dlvset-${zone}tmp
+awk '$3 == "DLV" { $5 = 255 } { print }' dlvset-${zone}tmp > dlvset-${zone}${TP}

 echo_i "signed $zone"

 # Signed zone below signed TLD with DLV entry and DS set.
-zone=child1.druz.
+zone=child1.druz
 infile=child.db.in
 zonefile=child1.druz.db
 outfile=child1.druz.signed
-dlvsets="$dlvsets dlvset-`echo $zone |sed -e "s/.$//g"`$TP"
-dssets="$dssets dsset-`echo $zone |sed -e "s/.$//g"`$TP"
+dlvsets="$dlvsets dlvset-${zone}${TP}"
+dssets="$dssets dsset-${zone}${TP}"

 keyname1=`$KEYGEN -r $RANDFILE -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null`
 keyname2=`$KEYGEN -f KSK -r $RANDFILE -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null`

-dsfilename=../ns6/dsset-grand.`echo $zone |sed -e "s/\.$//g"`$TP
+dsfilename=../ns6/dsset-grand.${zone}${TP}
 cat $infile $keyname1.key $keyname2.key $dsfilename >$zonefile

 $SIGNER -O full -r $RANDFILE -l $dlvzone -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err
@@ -198,7 +198,7 @@ echo_i "signed $zone"

 # Signed zone below signed TLD with DLV entry and DS set.  The DLV zone is
 # signed with a disabled algorithm.
-zone=child3.druz.
+zone=child3.druz
 infile=child.db.in
 zonefile=child3.druz.db
 outfile=child3.druz.signed
@@ -206,7 +206,7 @@ outfile=child3.druz.signed
 keyname1=`$KEYGEN -r $RANDFILE -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null`
 keyname2=`$KEYGEN -f KSK -r $RANDFILE -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null`

-dsfilename=../ns6/dsset-grand.`echo $zone |sed -e "s/\.$//g"`$TP
+dsfilename=../ns6/dsset-grand.${zone}${TP}
 cat $infile $keyname1.key $keyname2.key $dsfilename >$zonefile

 $SIGNER -O full -r $RANDFILE -l $dlvzone -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err
@@ -215,12 +215,12 @@ echo_i "signed $zone"

 # Signed zone below signed TLD with DLV entry and DS set, but missing
 # DS records for the grandchildren.
-zone=child4.druz.
+zone=child4.druz
 infile=child.db.in
 zonefile=child4.druz.db
 outfile=child4.druz.signed
-dlvsets="$dlvsets dlvset-`echo $zone |sed -e "s/.$//g"`$TP"
-dssets="$dssets dsset-`echo $zone |sed -e "s/.$//g"`$TP"
+dlvsets="$dlvsets dlvset-${zone}${TP}"
+dssets="$dssets dsset-${zone}${TP}"

 keyname1=`$KEYGEN -r $RANDFILE -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null`
 keyname2=`$KEYGEN -f KSK -r $RANDFILE -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null`
@@ -233,17 +233,17 @@ echo_i "signed $zone"

 # Signed zone below signed TLD with DLV entry and DS set.  The DLV zone is
 # signed with an unsupported algorithm algorithm.
-zone=child5.druz.
+zone=child5.druz
 infile=child.db.in
 zonefile=child5.druz.db
 outfile=child5.druz.signed
-unsupporteddlvsets="$unsupporteddlvsets dlvset-`echo $zone |sed -e "s/.$//g"`$TP"
-unsupporteddssets="$unsupportedssets dsset-`echo $zone |sed -e "s/.$//g"`$TP"
+unsupporteddlvsets="$unsupporteddlvsets dlvset-${zone}${TP}"
+unsupporteddssets="$unsupportedssets dsset-${zone}${TP}"

 keyname1=`$KEYGEN -r $RANDFILE -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null`
 keyname2=`$KEYGEN -f KSK -r $RANDFILE -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null`

-dsfilename=../ns6/dsset-grand.`echo $zone |sed -e "s/\.$//g"`$TP
+dsfilename=../ns6/dsset-grand.${zone}${TP}
 cat $infile $keyname1.key $keyname2.key $dsfilename >$zonefile

 $SIGNER -O full -r $RANDFILE -l $dlvzone -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err
@@ -251,16 +251,16 @@ echo_i "signed $zone"


 # Signed zone below signed TLD without DLV entry, but with normal DS set.
-zone=child7.druz.
+zone=child7.druz
 infile=child.db.in
 zonefile=child7.druz.db
 outfile=child7.druz.signed
-dssets="$dssets dsset-`echo $zone |sed -e "s/.$//g"`$TP"
+dssets="$dssets dsset-${zone}${TP}"

 keyname1=`$KEYGEN -r $RANDFILE -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null`
 keyname2=`$KEYGEN -f KSK -r $RANDFILE -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null`

-dsfilename=../ns6/dsset-grand.`echo $zone |sed -e "s/\.$//g"`$TP
+dsfilename=../ns6/dsset-grand.${zone}${TP}
 cat $infile $keyname1.key $keyname2.key $dsfilename >$zonefile

 $SIGNER -O full -r $RANDFILE -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err
@@ -269,7 +269,7 @@ echo_i "signed $zone"

 # Signed zone below signed TLD without DLV entry and no DS set.  Also DS
 # records for the grandchildren are not included in the zone.
-zone=child8.druz.
+zone=child8.druz
 infile=child.db.in
 zonefile=child8.druz.db
 outfile=child8.druz.signed
@@ -285,11 +285,11 @@ echo_i "signed $zone"

 # Signed zone below signed TLD with DLV entry but no DS set.  Also DS
 # records for the grandchildren are not included in the zone.
-zone=child9.druz.
+zone=child9.druz
 infile=child.db.in
 zonefile=child9.druz.db
 outfile=child9.druz.signed
-dlvsets="$dlvsets dlvset-`echo $zone |sed -e "s/.$//g"`$TP"
+dlvsets="$dlvsets dlvset-${zone}${TP}"

 keyname1=`$KEYGEN -r $RANDFILE -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null`
 keyname2=`$KEYGEN -f KSK -r $RANDFILE -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null`
@@ -302,12 +302,12 @@ echo_i "signed $zone"

 # Unsigned zone below signed TLD with DLV entry and DS set.  We still need to
 # sign the zone to generate the DS sets.
-zone=child10.druz.
+zone=child10.druz
 infile=child.db.in
 zonefile=child10.druz.db
 outfile=child10.druz.signed
-dlvsets="$dlvsets dlvset-`echo $zone |sed -e "s/.$//g"`$TP"
-dssets="$dssets dsset-`echo $zone |sed -e "s/.$//g"`$TP"
+dlvsets="$dlvsets dlvset-${zone}${TP}"
+dssets="$dssets dsset-${zone}${TP}"

 keyname1=`$KEYGEN -r $RANDFILE -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null`
 keyname2=`$KEYGEN -f KSK -r $RANDFILE -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null`
@@ -323,18 +323,18 @@ cp $unsupporteddssets ../ns2
 # DLV zones
 infile=dlv.db.in

-for zone in dlv.utld. unsupported-algorithm-dlv.utld.
+for zone in dlv.utld unsupported-algorithm-dlv.utld
 do
-	zonefile="${zone}db"
-	outfile="${zone}signed"
+	zonefile="${zone}.db"
+	outfile="${zone}.signed"

 	case $zone in
-	"dlv.utld.")
+	"dlv.utld")
 		algorithm=$DEFAULT_ALGORITHM
 		bits=$DEFAULT_BITS
 		dlvfiles=$dlvsets
 		;;
-	"unsupported-algorithm-dlv.utld.")
+	"unsupported-algorithm-dlv.utld")
 		algorithm=$DEFAULT_ALGORITHM
 		bits=$DEFAULT_BITS
 		dlvfiles=$unsupporteddlvsets
@@ -347,11 +347,11 @@ do
 	cat $infile $dlvfiles $keyname1.key $keyname2.key >$zonefile

 	case $zone in
-	"dlv.utld.")
+	"dlv.utld")
 		$SIGNER -O full -r $RANDFILE -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err
 	        keyfile_to_trusted_keys $keyname2 > ../ns5/trusted-dlv.conf
 		;;
-	"unsupported-algorithm-dlv.utld.")
+	"unsupported-algorithm-dlv.utld")
 		cp ${keyname2}.key ${keyname2}.tmp
 		$SIGNER -O full -r $RANDFILE -o $zone -f ${outfile}.tmp $zonefile > /dev/null 2> signer.err || cat signer.err
 		awk '$4 == "DNSKEY" { $7 = 255 } $4 == "RRSIG" { $6 = 255 } { print }' ${outfile}.tmp > $outfile

--- a/bin/tests/system/dnssec/ns2/sign.sh
+++ b/bin/tests/system/dnssec/ns2/sign.sh
@@ -134,7 +134,7 @@ $SIGNER -P -g -r $RANDFILE -o $zone -k $keyname1 $zonefile $keyname2 > /dev/null

 # Sign the privately secure file

-privzone=private.secure.example.
+privzone=private.secure.example
 privinfile=private.secure.example.db.in
 privzonefile=private.secure.example.db

@@ -150,7 +150,7 @@ $SIGNER -P -g -r $RANDFILE -o $privzone -l dlv $privzonefile > /dev/null
 dlvzone=dlv.
 dlvinfile=dlv.db.in
 dlvzonefile=dlv.db
-dlvsetfile=dlvset-`echo $privzone |sed -e "s/\.$//g"`$TP
+dlvsetfile=dlvset-${privzone}${TP}

 dlvkeyname=`$KEYGEN -q -r $RANDFILE -a RSAMD5 -b 768 -n zone $dlvzone`


--- a/bin/tests/system/dnssec/ns3/sign.sh
+++ b/bin/tests/system/dnssec/ns3/sign.sh
@@ -238,7 +238,7 @@ $SIGNER -P -3 - -U -A -r $RANDFILE -o $zone $zonefile > /dev/null 2>&1
 # A zone that is signed with an unknown DNSKEY algorithm.
 # Algorithm 7 is replaced by 100 in the zone and dsset.
 #
-zone=dnskey-unknown.example.
+zone=dnskey-unknown.example
 infile=dnskey-unknown.example.db.in
 zonefile=dnskey-unknown.example.db

@@ -250,14 +250,14 @@ $SIGNER -P -3 - -r $RANDFILE -o $zone -O full -f ${zonefile}.tmp $zonefile > /de

 awk '$4 == "DNSKEY" { $7 = 100 } $4 == "RRSIG" { $6 = 100 } { print }' ${zonefile}.tmp > ${zonefile}.signed

-DSFILE=dsset-`echo ${zone} |sed -e "s/\.$//g"`$TP
+DSFILE=dsset-${zone}${TP}
 $DSFROMKEY -A -f ${zonefile}.signed $zone > $DSFILE

 #
 # A zone that is signed with an unsupported DNSKEY algorithm (3).
 # Algorithm 7 is replaced by 255 in the zone and dsset.
 #
-zone=dnskey-unsupported.example.
+zone=dnskey-unsupported.example
 infile=dnskey-unsupported.example.db.in
 zonefile=dnskey-unsupported.example.db

@@ -269,14 +269,14 @@ $SIGNER -P -3 - -r $RANDFILE -o $zone -O full -f ${zonefile}.tmp $zonefile > /de

 awk '$4 == "DNSKEY" { $7 = 255 } $4 == "RRSIG" { $6 = 255 } { print }' ${zonefile}.tmp > ${zonefile}.signed

-DSFILE="dsset-$(echo ${zone} |sed -e "s/\\.$//g")$TP"
+DSFILE="dsset-${zone}${TP}"
 $DSFROMKEY -A -f ${zonefile}.signed $zone > $DSFILE

 #
 # A zone with a published unsupported DNSKEY algorithm (Reserved).
 # Different from above because this key is not intended for signing.
 #
-zone=dnskey-unsupported-2.example.
+zone=dnskey-unsupported-2.example
 infile=dnskey-unsupported-2.example.db.in
 zonefile=dnskey-unsupported-2.example.db

@@ -291,7 +291,7 @@ $SIGNER -P -3 - -r $RANDFILE -o $zone -f ${zonefile}.signed $zonefile > /dev/nul
 # A zone with a unknown DNSKEY algorithm + unknown NSEC3 hash algorithm (-U).
 # Algorithm 7 is replaced by 100 in the zone and dsset.
 #
-zone=dnskey-nsec3-unknown.example.
+zone=dnskey-nsec3-unknown.example
 infile=dnskey-nsec3-unknown.example.db.in
 zonefile=dnskey-nsec3-unknown.example.db

@@ -303,7 +303,7 @@ $SIGNER -P -3 - -r $RANDFILE -o $zone -U -O full -f ${zonefile}.tmp $zonefile >

 awk '$4 == "DNSKEY" { $7 = 100; print } $4 == "RRSIG" { $6 = 100; print } { print }' ${zonefile}.tmp > ${zonefile}.signed

-DSFILE=dsset-`echo ${zone} |sed -e "s/\.$//g"`$TP
+DSFILE=dsset-${zone}${TP}
 $DSFROMKEY -A -f ${zonefile}.signed $zone > $DSFILE

 #

--- a/bin/tests/system/dsdigest/ns2/sign.sh
+++ b/bin/tests/system/dsdigest/ns2/sign.sh
@@ -12,10 +12,10 @@
 SYSTEMTESTTOP=../..
 . $SYSTEMTESTTOP/conf.sh

-zone1=good.
+zone1=good
 infile1=good.db.in
 zonefile1=good.db
-zone2=bad.
+zone2=bad
 infile2=bad.db.in
 zonefile2=bad.db

@@ -30,8 +30,8 @@ cat $infile2 $keyname21.key $keyname22.key >$zonefile2
 $SIGNER -P -g -r $RANDFILE -o $zone1 $zonefile1 > /dev/null
 $SIGNER -P -g -r $RANDFILE -o $zone2 $zonefile2 > /dev/null

-DSFILENAME1=dsset-`echo $zone1 |sed -e "s/\.$//g"`$TP
-DSFILENAME2=dsset-`echo $zone2 |sed -e "s/\.$//g"`$TP
+DSFILENAME1=dsset-${zone1}${TP}
+DSFILENAME2=dsset-${zone2}${TP}
 $DSFROMKEY -a SHA-256 $keyname12 > $DSFILENAME1
 $DSFROMKEY -a SHA-256 $keyname22 > $DSFILENAME2


--- a/bin/tests/system/rpz/setup.sh
+++ b/bin/tests/system/rpz/setup.sh
@@ -47,13 +47,13 @@ signzone () {
    cat $1/$3 $1/$KEYNAME.key > $1/tmp
    $SIGNER -Pp -K $1 -o $2 -f $1/$4 $1/tmp >/dev/null
    sed -n -e 's/\(.*\) IN DNSKEY \([0-9]\{1,\} [0-9]\{1,\} [0-9]\{1,\}\) \(.*\)/trusted-keys {"\1" \2 "\3";};/p' $1/$KEYNAME.key >>trusted.conf
-    DSFILENAME=dsset-`echo $2 |sed -e "s/\.$//g"`$TP
+    DSFILENAME=dsset-${2}${TP}
    rm $DSFILENAME $1/tmp
 }

 # sign the root and a zone in ns2
 test -r $RANDFILE || $GENRANDOM $RANDOMSIZE $RANDFILE
-signzone ns2 tld2s. base-tld2s.db tld2s.db
+signzone ns2 tld2s base-tld2s.db tld2s.db

 # Performance and a few other checks.
 cat <<EOF >ns5/rpz-switch

--- a/bin/tests/system/wildcard/ns1/sign.sh
+++ b/bin/tests/system/wildcard/ns1/sign.sh
@@ -16,11 +16,11 @@ SYSTESTDIR=wildcard

 dssets=

-zone=dlv.
+zone=dlv
 infile=dlv.db.in
 zonefile=dlv.db
 outfile=dlv.db.signed
-dssets="$dssets dsset-`echo $zone |sed -e "s/.$//g"`$TP"
+dssets="$dssets dsset-${zone}${TP}"

 keyname1=`$KEYGEN -r $RANDFILE -a RSASHA1 -b 1024 -n zone $zone 2> /dev/null` 
 keyname2=`$KEYGEN -f KSK -r $RANDFILE -a RSASHA1 -b 1024 -n zone $zone 2> /dev/null`
@@ -30,11 +30,11 @@ cat $infile $keyname1.key $keyname2.key > $zonefile
 $SIGNER -r $RANDFILE -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err
 echo_i "signed $zone"

-zone=nsec.
+zone=nsec
 infile=nsec.db.in
 zonefile=nsec.db
 outfile=nsec.db.signed
-dssets="$dssets dsset-`echo $zone |sed -e "s/.$//g"`$TP"
+dssets="$dssets dsset-${zone}${TP}"

 keyname1=`$KEYGEN -r $RANDFILE -a RSASHA1 -b 1024 -n zone $zone 2> /dev/null` 
 keyname2=`$KEYGEN -f KSK -r $RANDFILE -a RSASHA1 -b 1024 -n zone $zone 2> /dev/null`
@@ -44,7 +44,7 @@ cat $infile $keyname1.key $keyname2.key > $zonefile
 $SIGNER -r $RANDFILE -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err
 echo_i "signed $zone"

-zone=private.nsec.
+zone=private.nsec
 infile=private.nsec.db.in
 zonefile=private.nsec.db
 outfile=private.nsec.db.signed
@@ -59,11 +59,11 @@ echo_i "signed $zone"

 keyfile_to_trusted_keys $keyname2 > private.nsec.conf

-zone=nsec3.
+zone=nsec3
 infile=nsec3.db.in
 zonefile=nsec3.db
 outfile=nsec3.db.signed
-dssets="$dssets dsset-`echo $zone |sed -e "s/.$//g"`$TP"
+dssets="$dssets dsset-${zone}${TP}"

 keyname1=`$KEYGEN -r $RANDFILE -a NSEC3RSASHA1 -b 1024 -n zone $zone 2> /dev/null` 
 keyname2=`$KEYGEN -f KSK -r $RANDFILE -a NSEC3RSASHA1 -b 1024 -n zone $zone 2> /dev/null`
@@ -73,7 +73,7 @@ cat $infile $keyname1.key $keyname2.key > $zonefile
 $SIGNER -r $RANDFILE -3 - -H 10 -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err
 echo_i "signed $zone"

-zone=private.nsec3.
+zone=private.nsec3
 infile=private.nsec3.db.in
 zonefile=private.nsec3.db
 outfile=private.nsec3.db.signed