Commit 1f1ecdec authored by Ondřej Surý's avatar Ondřej Surý

Fix the ecdsa system test to allow parallel run

The ecdsa test was not adapted to dynamic ports, so we had to run it in
sequence.  This commit adds support for dynamic ports, and also makes
all the scripts shellcheck clean.
parent bde35220
......@@ -37,7 +37,7 @@ export LANG=C
# SEQUENTIAL_UNIX in conf.sh.in; those that only run on windows should
# be added to SEQUENTIAL_WINDOWS in conf.sh.win32.
#
SEQUENTIAL_COMMON="ecdsa eddsa tkey"
SEQUENTIAL_COMMON="eddsa tkey"
#
# These tests can use ports assigned by the caller (other than 5300
......@@ -58,7 +58,7 @@ PARALLEL_COMMON="dnssec rpzrecurse serve-stale \
checkconf checknames checkzone \
cookie database digdelv dlz dlzexternal \
dns64 dscp dsdigest dyndb \
ednscompliance emptyzones \
ecdsa ednscompliance emptyzones \
fetchlimit filter-aaaa formerr forward \
geoip2 glue idna include-multiplecfg \
inline integrity ixfr \
......
/ns1/named.conf
/ns2/named.conf
......@@ -9,11 +9,17 @@
# See the COPYRIGHT file distributed with this work for additional
# information regarding copyright ownership.
rm -f */K* */dsset-* */*.signed */trusted.conf
rm -f ns1/root.db
rm -f ns1/signer.err
rm -f dig.out*
rm -f */named.run
rm -f */named.memstats
rm -f ns*/named.lock
set -e
rm -f ./dig.out*
rm -f ns*/*.signed
rm -f ns*/K*
rm -f ns*/dsset-*
rm -f ns*/managed-keys.bind*
rm -f ns*/named.conf
rm -f ns*/named.lock
rm -f ns*/named.memstats
rm -f ns*/named.run
rm -f ns*/root.db
rm -f ns*/signer.err
rm -f ns*/trusted.conf
......@@ -17,7 +17,7 @@ options {
query-source address 10.53.0.1;
notify-source 10.53.0.1;
transfer-source 10.53.0.1;
port 5300;
port @PORT@;
pid-file "named.pid";
listen-on { 10.53.0.1; };
listen-on-v6 { none; };
......
......@@ -9,21 +9,22 @@
# See the COPYRIGHT file distributed with this work for additional
# information regarding copyright ownership.
SYSTEMTESTTOP=../..
. $SYSTEMTESTTOP/conf.sh
set -e
. "$SYSTEMTESTTOP/conf.sh"
zone=.
infile=root.db.in
zonefile=root.db
key1=`$KEYGEN -q -a ECDSAP256SHA256 -n zone $zone`
key2=`$KEYGEN -q -a ECDSAP384SHA384 -n zone -f KSK $zone`
$DSFROMKEY -a sha-384 $key2.key > dsset-384
key1=$($KEYGEN -q -a ECDSAP256SHA256 -n zone "$zone")
key2=$($KEYGEN -q -a ECDSAP384SHA384 -n zone -f KSK "$zone")
$DSFROMKEY -a sha-384 "$key2.key" > dsset-384
cat $infile $key1.key $key2.key > $zonefile
cat "$infile" "$key1.key" "$key2.key" > $zonefile
$SIGNER -P -g -o $zone $zonefile > /dev/null 2> signer.err || cat signer.err
$SIGNER -P -g -o "$zone" "$zonefile" > /dev/null 2> signer.err || cat signer.err
# Configure the resolving server with a static key.
keyfile_to_static_ds $key1 > trusted.conf
keyfile_to_static_ds "$key1" > trusted.conf
cp trusted.conf ../ns2/trusted.conf
......@@ -17,7 +17,7 @@ options {
query-source address 10.53.0.2;
notify-source 10.53.0.2;
transfer-source 10.53.0.2;
port 5300;
port @PORT@;
pid-file "named.pid";
listen-on { 10.53.0.2; };
listen-on-v6 { none; };
......
......@@ -9,7 +9,11 @@
# See the COPYRIGHT file distributed with this work for additional
# information regarding copyright ownership.
SYSTEMTESTTOP=..
. $SYSTEMTESTTOP/conf.sh
set -e
. "$SYSTEMTESTTOP/conf.sh"
copy_setports ns1/named.conf.in ns1/named.conf
copy_setports ns2/named.conf.in ns2/named.conf
cd ns1 && $SHELL sign.sh
......@@ -9,26 +9,28 @@
# See the COPYRIGHT file distributed with this work for additional
# information regarding copyright ownership.
SYSTEMTESTTOP=..
. $SYSTEMTESTTOP/conf.sh
set -e
. "$SYSTEMTESTTOP/conf.sh"
status=0
n=0
n=1
rm -f dig.out.*
dig_with_opts() {
"$DIG" +tcp +noau +noadd +nosea +nostat +nocmd +dnssec -p "$PORT" "$@"
}
DIGOPTS="+tcp +noau +noadd +nosea +nostat +nocmd +dnssec -p 5300"
# Check the example. domain
echo "I:checking that positive validation works ($n)"
ret=0
$DIG $DIGOPTS . @10.53.0.1 soa > dig.out.ns1.test$n || ret=1
$DIG $DIGOPTS . @10.53.0.2 soa > dig.out.ns2.test$n || ret=1
dig_with_opts . @10.53.0.1 soa > dig.out.ns1.test$n || ret=1
dig_with_opts . @10.53.0.2 soa > dig.out.ns2.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns1.test$n dig.out.ns2.test$n || ret=1
grep "flags:.*ad.*QUERY" dig.out.ns2.test$n > /dev/null || ret=1
n=`expr $n + 1`
n=$((n+1))
if [ $ret != 0 ]; then echo "I:failed"; fi
status=`expr $status + $ret`
status=$((status+ret))
echo "I:exit status: $status"
[ $status -eq 0 ] || exit 1
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment