1. 09 Dec, 2019 12 commits
    • Matthijs Mekking's avatar
      Merge branch '1466-kasp-test-keyid-0' into 'master' · 6ff780db
      Matthijs Mekking authored
      Fix get key id from key_idpad
      
      Closes #1466
      
      See merge request !2731
      6ff780db
    • Matthijs Mekking's avatar
      Fix get key id from key_idpad · 2e7cb497
      Matthijs Mekking authored
      The kasp system test has a call to sed to retrieve the key identifier
      without leading zeros.  The sed call could not handle key id 0.
      Update the kasp test to also correctly deal with this case.
      2e7cb497
    • Matthijs Mekking's avatar
      Merge branch '1457-intermittent-failure-autosign' into 'master' · 910a7a56
      Matthijs Mekking authored
      Resolve "Intermittent failure in the autosign system test"
      
      Closes #1457
      
      See merge request !2729
      910a7a56
    • Matthijs Mekking's avatar
      bd403590
    • Matthijs Mekking's avatar
      Fix race in autosign test · 2e4273b5
      Matthijs Mekking authored
      The autosign test has a test case where a DNSSEC maintaiend zone
      has a set of DNSSEC keys without any timing metadata set.  It
      tests if named picks up the key for publication and signing if a
      delayed dnssec-settime/loadkeys event has occured.
      
      The test failed intermittently despite the fact it sleeps for 5
      seconds but the triggered key reconfigure action should happen after
      3 seconds.
      
      However, the test output showed that the test query came in before
      the key reconfigure action was complete (see excerpts below).
      
      The loadkeys command is received:
      
      15:38:36 received control channel command 'loadkeys delay.example.'
      
      The reconfiguring zone keys action is triggered after 3 seconds:
      
      15:38:39 zone delay.example/IN: reconfiguring zone keys
      15:38:39 DNSKEY delay.example/NSEC3RSASHA1/7484 (ZSK) is now published
      15:38:39 DNSKEY delay.example/NSEC3RSASHA1/7455 (KSK) is now published
      15:38:39 writing to journal
      
      Two seconds later the test query comes in:
      
      15:38:41 client @0x7f1b8c0562b0 10.53.0.1#44177: query
      15:38:41 client @0x7f1b8c0562b0 10.53.0.1#44177: endrequest
      
      And 6 more seconds later the reconfigure keys action is complete:
      
      15:38:47 zone delay.example/IN: next key event: 05-Dec-2019 15:48:39
      
      This commit fixes the test by checking the "next key event" log has
      been seen before executing the test query, making sure that the
      reconfigure keys action has been complete.
      
      This commit however does not fix, nor explain why it took such a long
      time (8 seconds) to reconfigure the keys.
      2e4273b5
    • Matthijs Mekking's avatar
      Move wait_for_log to conf.sh.common · cfaa631f
      Matthijs Mekking authored
      cfaa631f
    • Matthijs Mekking's avatar
      Save settime output · 6b4a17ef
      Matthijs Mekking authored
      6b4a17ef
    • Matthijs Mekking's avatar
      Merge branch 'misc-fixes-kasp' into 'master' · edd6a084
      Matthijs Mekking authored
      Miscellaneous fixes kasp
      
      See merge request !2711
      edd6a084
    • Matthijs Mekking's avatar
      Change some dnssec-policy defaults · 4b66c0eb
      Matthijs Mekking authored
      Suggested by Tony Finch, these seem to be more reasonable defaults.
      4b66c0eb
    • Matthijs Mekking's avatar
      Default key size 2048 · 0f9d45a5
      Matthijs Mekking authored
      The default size for RSA keys is 2048 bits, for both ZSKs and KSKs.
      0f9d45a5
    • Matthijs Mekking's avatar
      Update docs with durations, built-in dnssec-policy · a339a6df
      Matthijs Mekking authored
      Clarify in the ARM that TTL-style options can also now take ISO
      8601 durations.
      
      Mention the built-in dnssec policies "default" and "none".  Mention
      that "none" is the default.
      
      Add a file documenting the default dnssec-policy configuration options.
      
      Fix dnssec-policy syntax in ARM (dnssec-policy.grammar.xml).
      a339a6df
    • Ondřej Surý's avatar
      Merge branch 'ondrej/remove-too-generic-node_count-macro-from-dns_acl' into 'master' · 6f096f52
      Ondřej Surý authored
      Change the (acl)->node_count macro to dns_acl_node_count(acl) macro to clean the global namespace
      
      See merge request !2725
      6f096f52
  2. 06 Dec, 2019 17 commits
    • Ondřej Surý's avatar
    • Mark Andrews's avatar
      Merge branch '1401-intermittent-failures-in-the-catz-system-test' into 'master' · fe31fedc
      Mark Andrews authored
      Debug "Intermittent failures in the catz system test"
      
      See merge request !2715
      fe31fedc
    • Mark Andrews's avatar
      Increase wait_for_message attempts to 20. · 4dd9ec89
      Mark Andrews authored
      4dd9ec89
    • Mark Andrews's avatar
      save wait_for_message contents · 1334daae
      Mark Andrews authored
      1334daae
    • Michał Kępień's avatar
      Merge branch '1452-system-test-framework-cleanup-tweaks' into 'master' · dd6f9391
      Michał Kępień authored
      System test framework: cleanup tweaks
      
      Closes #1452
      
      See merge request !2717
      dd6f9391
    • Michał Kępień's avatar
      Merge branch '1452-detect-missing-system-test-results' into 'master' · 34fb70b1
      Michał Kępień authored
      Detect missing system test results
      
      See merge request !2708
      34fb70b1
    • Michał Kępień's avatar
      Automatically run clean.sh from run.sh · d8905b7a
      Michał Kępień authored
      The first step in all existing setup.sh scripts is to call clean.sh.  To
      reduce code duplication and ensure all system tests added in the future
      behave consistently with existing ones, invoke clean.sh from run.sh
      before calling setup.sh.
      d8905b7a
    • Michał Kępień's avatar
      Detect missing system test results · 3c3085be
      Michał Kępień authored
      At the end of each system test suite run, the system test framework
      collects all existing test.output files from system test subdirectories
      and produces bin/tests/system/systests.output from those files.
      However, it does not check whether a test.output file was found for
      every executed test.  Thus, if the test.output file is accidentally
      deleted by the system test itself (e.g. due to an overly broad file
      removal wildcard present in clean.sh), its output will not be included
      in bin/tests/system/systests.output.  Since the result of each system
      test suite run is determined by bin/tests/system/testsummary.sh, which
      only operates on the contents of bin/tests/system/systests.output, this
      can lead to test failures being ignored.  Fix by ensuring the number of
      test results found in bin/tests/system/systests.output is equal to the
      number of tests run and triggering a system test suite failure in case
      of a discrepancy between these two values.
      3c3085be
    • Michał Kępień's avatar
      Remove bin/tests/system/clean.sh · bf3eeac0
      Michał Kępień authored
      Since the role of the bin/tests/system/clean.sh script has now been
      reduced to calling a given system test's clean.sh script, remove the
      former altogether and replace its only use with a direct invocation of
      the latter.
      bf3eeac0
    • Michał Kępień's avatar
      Remove the -r switch from system test scripts · b4d37878
      Michał Kępień authored
      Since files containing system test output are no longer stored in test
      subdirectories, bin/tests/system/clean.sh no longer needs to take care
      of removing the test.output file for a given test as testsummary.sh
      already takes care of that and even if a test suite terminates
      abnormally and another one is started, tee invoked without the -a
      command line switch overwrites the destination file if it exists, so
      leftover test.output.* files from previous test suite runs are not a
      concern.  Remove the -r command line switch and the code associated with
      it from the relevant scripts.
      b4d37878
    • Michał Kępień's avatar
      Store system test output in bin/tests/system/ · b0916bba
      Michał Kępień authored
      Some clean.sh scripts contain overly broad file deletion wildcards which
      cause the test.output file (used by the system test framework for
      collecting output) in a given system test's directory to be erroneously
      removed immediately after the test is started (due to setup.sh scripts
      calling clean.sh at the beginning).  This prevents the test's output
      from being placed in bin/tests/system/systests.output at the end of a
      test suite run and thus can lead to test failures being ignored.  Fix by
      storing each test's output in a test.output.<test-name> file in
      bin/tests/system/, which prevents clean.sh scripts from removing it (as
      they should only ever affect files contained in a given system test's
      directory).
      b0916bba
    • Matthijs Mekking's avatar
      Merge branch '1460-duration-ttlval-print-bug' into 'master' · 26ee43da
      Matthijs Mekking authored
      Resolve "checkconf test failure on Solaris"
      
      Closes #1460
      
      See merge request !2718
      26ee43da
    • Ondřej Surý's avatar
      Add semantic patch to find void f() { ... return ((void)g())); ... } · 9dfa3305
      Ondřej Surý authored
      When a function returns void, it can be used as an argument to return in
      function returning also void, e.g.:
      
      void in(void) {
        return;
      }
      
      void out(void) {
        return (in());
      }
      
      while this is legal, it should be rewritten as:
      
      void out(void) {
        in();
        return;
      }
      
      The semantic patch just find the occurrences, and they need to be fixed
      by hand.
      9dfa3305
    • Matthijs Mekking's avatar
      Fix duration printing on Solaris · 60fa5fc7
      Matthijs Mekking authored
      60fa5fc7
    • Matthijs Mekking's avatar
      Replace two leftover ttlval with duration · 8fd8404e
      Matthijs Mekking authored
      Since the introduction of durations, all ttlval configuration types
      are replaced with durations.  Duration is an ISO 8601 duration, a
      TTL-style value, or a number.  These two references were missed and
      are now also replaced.
      8fd8404e
    • Matthijs Mekking's avatar
      Merge branch 'trust-anchors-minor-fixes' into 'master' · 4597ebc9
      Matthijs Mekking authored
      Minor fixes in trust anchor code
      
      See merge request !2676
      4597ebc9
    • Matthijs Mekking's avatar
      Minor fixes in trust anchor code · eddac857
      Matthijs Mekking authored
      This commit makes some minor changes to the trust anchor code:
      
      1. Replace the undescriptive n1, n2 and n3 identifiers with slightly
         better rdata1, rdata2, and rdata3.
      2. Fix an occurrence where in the error log message a static number
         32 was printed, rather than the rdata3 length.
      3. Add a default case to the switch statement checking DS digest
         algorithms to catch unknown algorithms.
      eddac857
  3. 05 Dec, 2019 11 commits