- 29 Jul, 2020 1 commit
-
-
Michal Nowak authored
The $SYSTEMTESTTOP shell variable if often set to .. in various shell scripts inside bin/tests/system/, but most of the time it is only used one line later, while sourcing conf.sh. This hardly improves code readability. $SYSTEMTESTTOP is also used for the purpose of referencing scripts/files living in bin/tests/system/, but given that the variable is always set to a short, relative path, we can drop it and replace all of its occurrences with the relative path without adversely affecting code readability.
-
- 21 Apr, 2020 1 commit
-
-
Ondřej Surý authored
The rewrite of BIND 9 build system is a large work and cannot be reasonable split into separate merge requests. Addition of the automake has a positive effect on the readability and maintainability of the build system as it is more declarative, it allows conditional and we are able to drop all of the custom make code that BIND 9 developed over the years to overcome the deficiencies of autoconf + custom Makefile.in files. This squashed commit contains following changes: - conversion (or rather fresh rewrite) of all Makefile.in files to Makefile.am by using automake - the libtool is now properly integrated with automake (the way we used it was rather hackish as the only official way how to use libtool is via automake - the dynamic module loading was rewritten from a custom patchwork to libtool's libltdl (which includes the patchwork to support module loading on different systems internally) - conversion of the unit test executor from kyua to automake parallel driver - conversion of the system test executor from custom make/shell to automake parallel driver - The GSSAPI has been refactored, the custom SPNEGO on the basis that all major KRB5/GSSAPI (mit-krb5, heimdal and Windows) implementations support SPNEGO mechanism. - The various defunct tests from bin/tests have been removed: bin/tests/optional and bin/tests/pkcs11 - The text files generated from the MD files have been removed, the MarkDown has been designed to be readable by both humans and computers - The xsl header is now generated by a simple sed command instead of perl helper - The <irs/platform.h> header has been removed - cleanups of configure.ac script to make it more simpler, addition of multiple macros (there's still work to be done though) - the tarball can now be prepared with `make dist` - the system tests are partially able to run in oot build Here's a list of unfinished work that needs to be completed in subsequent merge requests: - `make distcheck` doesn't yet work (because of system tests oot run is not yet finished) - documentation is not yet built, there's a different merge request with docbook to sphinx-build rst conversion that needs to be rebased and adapted on top of the automake - msvc build is non functional yet and we need to decide whether we will just cross-compile bind9 using mingw-w64 or fix the msvc build - contributed dlz modules are not included neither in the autoconf nor automake
-
- 15 Nov, 2019 1 commit
-
-
Evan Hunt authored
this adds functions in conf.sh.common to create DS-style trust anchor files. those functions are then used to create nearly all of the trust anchors in the system tests. there are a few exceptions: - some tests in dnssec and mkeys rely on detection of unsupported algorithms, which only works with key-style trust anchors, so those are used for those tests in particular. - the mirror test had a problem with the use of a CSK without a SEP bit, which still needs addressing in the future, some of these tests should be changed back to using traditional trust anchors, so that both types will be exercised going forward.
-
- 05 Jun, 2019 1 commit
-
-
Evan Hunt authored
- keyfile_to_trusted_keys -> keyfile_to_static_keys - keyfile_to_managed_keys -> keyfile_to_initial_keys
-
- 13 Jun, 2018 1 commit
-
-
Michał Kępień authored
Reduce code duplication by replacing a code snippet repeated throughout system tests using "trusted-keys" and/or "managed-keys" configuration sections with calls to keyfile_to_{managed,trusted}_keys() helper functions.
-
- 16 May, 2018 1 commit
-
-
Ondřej Surý authored
-
- 23 Feb, 2018 1 commit
-
-
Ondřej Surý authored
-
- 01 Sep, 2017 1 commit
-
-
Tinderbox User authored
-
- 31 Aug, 2017 1 commit
-
-
Evan Hunt authored
4594. [func] dnssec-keygen no longer uses RSASHA1 by default; the signing algorithm must be specified on the command line with the "-a" option. Signing scripts that rely on the existing default behavior will break; use "dnssec-keygen -a RSASHA1" to repair them. (The goal of this change is to make it easier to find scripts using RSASHA1 so they can be changed in the event of that algorithm being deprecated in the future.) [RT #44755]
-
- 19 Oct, 2016 1 commit
-
-
Witold Krecicki authored
-
- 27 Jun, 2016 1 commit
-
-
Mark Andrews authored
-
- 04 Jun, 2014 1 commit
-
-
Mukund Sivaraman authored
-
- 07 May, 2014 1 commit
-
-
Evan Hunt authored
3839. [test] Use only posix-compatible shell in system tests. [RT #35625]
-
- 21 Jan, 2014 2 commits
-
-
Tinderbox User authored
-
Evan Hunt authored
3714. [test] System tests that need to test for cryptography support before running can now use a common "testcrypto.sh" script to do so. [RT #35213]
-
- 29 Jun, 2012 3 commits
-
-
Tinderbox User authored
-
Mark Andrews authored
-
Tinderbox User authored
-
- 20 Oct, 2011 2 commits
-
-
Automatic Updater authored
-
Mark Andrews authored
[RT #24711]
-
- 18 Jan, 2010 2 commits
-
-
Automatic Updater authored
-
Evan Hunt authored
"dnssec" regression tests. [RT #20865]
-
- 19 Dec, 2009 1 commit
-
-
Evan Hunt authored
transitions work correctly. (they worked before, but weren't supposed to; when that bug was fixed, the test broke.)
-
- 30 Nov, 2009 2 commits
-
-
Automatic Updater authored
-
Evan Hunt authored
-
- 28 Oct, 2009 1 commit
-
-
Mark Andrews authored
suppressed (dnssec-keygen -q). Automatically suppress the progress messages when stdin is not a tty. [RT #20474]
-
- 27 Oct, 2009 1 commit
-
-
Mark Andrews authored
test. [RT #20453]
-
- 19 Jul, 2009 1 commit
-
-
Evan Hunt authored
dnssec-* tools. Major changes: - all dnssec-* tools now take a -K option to specify a directory in which key files will be stored - DNSSEC can now store metadata indicating when they are scheduled to be published, acttivated, revoked or removed; these values can be set by dnssec-keygen or overwritten by the new dnssec-settime command - dnssec-signzone -S (for "smart") option reads key metadata and uses it to determine automatically which keys to publish to the zone, use for signing, revoke, or remove from the zone [RT #19816]
-
- 04 Jun, 2009 2 commits
-
-
Automatic Updater authored
-
Mark Andrews authored
dnssec-signzone. These can be disabled with -P. The post sign verification test ensures that for each algorithm in use there is at least one non revoked self signed KSK key. That all revoked KSK keys are self signed. That all records in the zone are signed by the algorithm. [RT #19653]
-
- 25 Sep, 2008 1 commit
-
-
Automatic Updater authored
-
- 24 Sep, 2008 1 commit
-
-
Mark Andrews authored
-
- 19 Jun, 2007 1 commit
-
-
Automatic Updater authored
-
- 18 Jun, 2007 1 commit
-
-
Automatic Updater authored
-
- 04 Jan, 2006 1 commit
-
-
Mark Andrews authored
-
- 03 Jan, 2006 1 commit
-
-
Mark Andrews authored
To generate a RSAMD5 key you must explictly request RSAMD5. [RT #13780]
-
- 10 Mar, 2004 1 commit
-
-
Mark Andrews authored
enable-dnssec -> dnssec-enable
-
- 05 Mar, 2004 1 commit
-
-
Mark Andrews authored
-
- 14 Jan, 2004 1 commit
-
-
Mark Andrews authored
child zones for which we don't have a supported algorithm. Such child zones are treated as unsigned. 1557. [func] Implement missing DNSSEC tests for * NOQNAME proof with wildcard answers. * NOWILDARD proof with NXDOMAIN. Cache and return NOQNAME with wildcard answers.
-
- 26 Oct, 2003 1 commit
-
-
Mark Andrews authored
-