nsec3: skip tests that depend on RSASHA1 in FIPS mode

2022-08-25 11:05:40 +10:00
parent 2e997e2248
commit 1362360e8f
7 changed files with 337 additions and 290 deletions
--- a/bin/tests/system/nsec3/tests.sh
+++ b/bin/tests/system/nsec3/tests.sh
@@ -391,7 +391,14 @@ check_nsec
 # Reconfig named.
 ret=0
 echo_i "reconfig dnssec-policy to trigger nsec3 rollovers"
-copy_setports ns3/named2.conf.in ns3/named.conf
+if $FEATURETEST --have-fips-mode
+then
+    copy_setports ns3/named2-fips.conf.in ns3/named.conf
+else
+    copy_setports ns3/named2-fips.conf.in ns3/named-fips.conf
+    # includes named-fips.conf
+    cp ns3/named2.conf.in ns3/named.conf
+fi
 rndc_reconfig ns3 10.53.0.3

 # Zone: nsec-to-nsec3.kasp. (reconfigured)