Skip to content

Fix key ID extraction in the "dnssec" system test

Simply looking for the key ID surrounded by spaces in the tested dnssec-signzone output file is not a precise enough method of checking for signatures prepared using a given key ID: it can be tripped up by cross-algorithm key ID collisions and certain low key IDs (e.g. 60, the TTL specified in bin/tests/system/dnssec/signer/example.db.in), which triggers false positives for the "dnssec" system test. Make key ID extraction precise by using an awk script which operates on specific fields.

Merge request reports