Commit ccfe778c authored by Evan Hunt's avatar Evan Hunt

migrate tests from bin/tests/dnssec-signzone to bin/tests/system/dnssec

- added tests to the dnssec system test that duplicate the ones
  from bin/tests/dnssec-signzone
- changed cleanall.sh so it doesn't automatically remove all
  key files, because there are now some of those that are part of the
  distribution
parent 344ab0eb
#!/bin/sh
#
# Copyright (C) Internet Systems Consortium, Inc. ("ISC")
#
# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
#
# See the COPYRIGHT file distributed with this work for additional
# information regarding copyright ownership.
# $Id: run-test.sh,v 1.3 2009/06/04 02:56:47 tbox Exp $
sign="../../dnssec/dnssec-signzone -f signed.zone -o example.com."
signit() {
rm -f signed.zone
grep '^;' $zone
$sign $zone
}
expect_success() {
if ! test -f signed.zone ; then
echo "Error: expected success, but sign failed for $zone."
else
echo "Success: Sign succeeded for $zone."
fi
}
expect_failure() {
if test -f signed.zone ; then
echo "Error: expected failure, but sign succeeded for $zone."
else
echo "Success: Sign failed (expected) for $zone"
fi
}
zone="test1.zone" ; signit ; expect_success
zone="test2.zone" ; signit ; expect_failure
zone="test3.zone" ; signit ; expect_failure
zone="test4.zone" ; signit ; expect_success
zone="test5.zone" ; signit ; expect_failure
zone="test6.zone" ; signit ; expect_failure
zone="test7.zone" ; signit ; expect_failure
zone="test8.zone" ; signit ; expect_failure
......@@ -18,7 +18,7 @@ SYSTEMTESTTOP=.
find . -type f \( \
-name 'K*' -o -name '*~' -o -name 'core' -o -name '*.core' \
-name '*~' -o -name 'core' -o -name '*.core' \
-o -name '*.log' -o -name '*.pid' -o -name '*.keyset' \
-o -name named.run -o -name ans.run \
-o -name '*-valgrind-*.log' \) -print | xargs rm -f
......
......@@ -92,4 +92,7 @@ rm -f signer/example.db.after signer/example.db.before
rm -f signer/example.db.changed
rm -f signer/nsec3param.out
rm -f signer/signer.out.*
rm -f signer/general/signed.zone
rm -f signer/general/signer.out.*
rm -f signer/general/dsset*
rm -f signing.out*
;
; This is a zone which has three DNSKEY records, two (KSK + ZSK) of
; which have existing private key files available. The third is a
; which have existing private key files available. The third is a
; pre-published ZSK.
;
$TTL 3600
......
;
; This is a zone which has two DNSKEY records, none of which have
; This is a zone which has two DNSKEY records, none of which have
; existing private key files available. The resulting zone should fail
; the consistancy tests.
;
......
......@@ -1269,6 +1269,103 @@ n=`expr $n + 1`
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
echo_i "basic dnssec-signzone checks:"
echo_i " two DNSKEYs ($n)"
ret=0
(
cd signer/general
rm -f signed.zone
$SIGNER -f signed.zone -o example.com. test1.zone > signer.out.$n 2>&1
test -f signed.zone
) || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
echo_i " one non-KSK DNSKEY ($n)"
ret=0
(
cd signer/general
rm -f signed.zone
$SIGNER -f signed.zone -o example.com. test2.zone > signer.out.$n 2>&1
test -f signed.zone
) && ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
echo_i " one KSK DNSKEY ($n)"
ret=0
(
cd signer/general
rm -f signed.zone
$SIGNER -f signed.zone -o example.com. test3.zone > signer.out.$n 2>&1
test -f signed.zone
) && ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
echo_i " three DNSKEY ($n)"
ret=0
(
cd signer/general
rm -f signed.zone
$SIGNER -f signed.zone -o example.com. test4.zone > signer.out.$n 2>&1
test -f signed.zone
) || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
echo_i " three DNSKEY, one private key missing ($n)"
ret=0
(
cd signer/general
rm -f signed.zone
$SIGNER -f signed.zone -o example.com. test5.zone > signer.out.$n 2>&1
test -f signed.zone
) || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
echo_i " four DNSKEY ($n)"
ret=0
(
cd signer/general
rm -f signed.zone
$SIGNER -f signed.zone -o example.com. test6.zone > signer.out.$n 2>&1
test -f signed.zone
) || ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
echo_i " two DNSKEY, both private keys missing ($n)"
ret=0
(
cd signer/general
rm -f signed.zone
$SIGNER -f signed.zone -o example.com. test7.zone > signer.out.$n 2>&1
test -f signed.zone
) && ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
echo_i " two DNSKEY, one private key missing ($n)"
ret=0
(
cd signer/general
rm -f signed.zone
$SIGNER -f signed.zone -o example.com. test8.zone > signer.out.$n 2>&1
test -f signed.zone
) && ret=1
n=`expr $n + 1`
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
echo_i "checking that we can sign a zone with out-of-zone records ($n)"
ret=0
zone=example
......
......@@ -405,21 +405,6 @@
./bin/tests/db/win32/t_db.vcxproj.in X 2013,2015,2016,2017,2018
./bin/tests/db/win32/t_db.vcxproj.user X 2013,2018
./bin/tests/db_test.c C 1999,2000,2001,2004,2005,2007,2008,2009,2011,2012,2013,2015,2016,2017,2018
./bin/tests/dnssec-signzone/Kexample.com.+005+07065.key X 2009,2018
./bin/tests/dnssec-signzone/Kexample.com.+005+07065.private X 2009,2018
./bin/tests/dnssec-signzone/Kexample.com.+005+23362.key X 2009,2018
./bin/tests/dnssec-signzone/Kexample.com.+005+23362.private X 2009,2018
./bin/tests/dnssec-signzone/bogus-ksk.key X 2009,2018
./bin/tests/dnssec-signzone/bogus-zsk.key X 2009,2018
./bin/tests/dnssec-signzone/run-test.sh SH 2009,2012,2016,2018
./bin/tests/dnssec-signzone/test1.zone X 2009,2018
./bin/tests/dnssec-signzone/test2.zone X 2009,2018
./bin/tests/dnssec-signzone/test3.zone X 2009,2018
./bin/tests/dnssec-signzone/test4.zone X 2009,2018
./bin/tests/dnssec-signzone/test5.zone X 2009,2018
./bin/tests/dnssec-signzone/test6.zone X 2009,2018
./bin/tests/dnssec-signzone/test7.zone X 2009,2018
./bin/tests/dnssec-signzone/test8.zone X 2009,2018
./bin/tests/dst/.gitignore X 2012,2013,2018
./bin/tests/dst/Kdh.+002+18602.key.in X 2001,2013,2018
./bin/tests/dst/Kdh.+002+18602.private.in X 2001,2013,2018
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment