Fix the eddsa system test to allow parallel run
The eddsa test was not adapted to dynamic ports, so we had to run it in sequence. This commit adds support for dynamic ports, and also makes all the scripts shellcheck clean.
This commit is contained in:
Ondřej Surý
@@ -37,7 +37,7 @@ export LANG=C
|
||||
# SEQUENTIAL_UNIX in conf.sh.in; those that only run on windows should
|
||||
# be added to SEQUENTIAL_WINDOWS in conf.sh.win32.
|
||||
#
|
||||
SEQUENTIAL_COMMON="eddsa tkey"
|
||||
SEQUENTIAL_COMMON="tkey"
|
||||
|
||||
#
|
||||
# These tests can use ports assigned by the caller (other than 5300
|
||||
@@ -58,7 +58,7 @@ PARALLEL_COMMON="dnssec rpzrecurse serve-stale \
|
||||
checkconf checknames checkzone \
|
||||
cookie database digdelv dlz dlzexternal \
|
||||
dns64 dscp dsdigest dyndb \
|
||||
ecdsa ednscompliance emptyzones \
|
||||
ecdsa eddsa ednscompliance emptyzones \
|
||||
fetchlimit filter-aaaa formerr forward \
|
||||
geoip2 glue idna include-multiplecfg \
|
||||
inline integrity ixfr \
|
||||
|
||||
@@ -9,11 +9,17 @@
|
||||
# See the COPYRIGHT file distributed with this work for additional
|
||||
# information regarding copyright ownership.
|
||||
|
||||
rm -f */K* */dsset-* */*.signed */trusted.conf
|
||||
rm -f ns1/root.db
|
||||
rm -f ns*/signer.err
|
||||
rm -f dig.out*
|
||||
rm -f */named.run
|
||||
rm -f */named.memstats
|
||||
rm -f ns*/named.lock
|
||||
set -e
|
||||
|
||||
rm -f ./dig.out*
|
||||
rm -f ns*/*.signed
|
||||
rm -f ns*/K*
|
||||
rm -f ns*/dsset-*
|
||||
rm -f ns*/managed-keys.bind*
|
||||
rm -f ns*/named.conf
|
||||
rm -f ns*/named.lock
|
||||
rm -f ns*/named.memstats
|
||||
rm -f ns*/named.run
|
||||
rm -f ns*/root.db
|
||||
rm -f ns*/signer.err
|
||||
rm -f ns*/trusted.conf
|
||||
|
||||
@@ -17,7 +17,7 @@ options {
|
||||
query-source address 10.53.0.1;
|
||||
notify-source 10.53.0.1;
|
||||
transfer-source 10.53.0.1;
|
||||
port 5300;
|
||||
port @PORT@;
|
||||
pid-file "named.pid";
|
||||
listen-on { 10.53.0.1; };
|
||||
listen-on-v6 { none; };
|
||||
@@ -9,24 +9,25 @@
|
||||
# See the COPYRIGHT file distributed with this work for additional
|
||||
# information regarding copyright ownership.
|
||||
|
||||
SYSTEMTESTTOP=../..
|
||||
. $SYSTEMTESTTOP/conf.sh
|
||||
set -e
|
||||
|
||||
. "$SYSTEMTESTTOP/conf.sh"
|
||||
|
||||
zone=.
|
||||
infile=root.db.in
|
||||
zonefile=root.db
|
||||
|
||||
key1=`$KEYGEN -q -a ED25519 -n zone $zone`
|
||||
key2=`$KEYGEN -q -a ED25519 -n zone -f KSK $zone`
|
||||
#key2=`$KEYGEN -q -a ED448 -n zone -f KSK $zone`
|
||||
$DSFROMKEY -a sha-256 $key2.key > dsset-256
|
||||
key1=$($KEYGEN -q -a ED25519 -n zone "$zone")
|
||||
key2=$($KEYGEN -q -a ED25519 -n zone -f KSK "$zone")
|
||||
#key2=$($KEYGEN -q -a ED448 -n zone -f KSK "$zone")
|
||||
$DSFROMKEY -a sha-256 "$key2.key" > dsset-256
|
||||
|
||||
cat $infile $key1.key $key2.key > $zonefile
|
||||
cat "$infile" "$key1.key" "$key2.key" > "$zonefile"
|
||||
|
||||
$SIGNER -P -g -o $zone $zonefile > /dev/null 2> signer.err || cat signer.err
|
||||
$SIGNER -P -g -o "$zone" "$zonefile" > /dev/null 2> signer.err || cat signer.err
|
||||
|
||||
# Configure the resolving server with a static key.
|
||||
keyfile_to_static_ds $key1 > trusted.conf
|
||||
keyfile_to_static_ds "$key1" > trusted.conf
|
||||
cp trusted.conf ../ns2/trusted.conf
|
||||
|
||||
cd ../ns2 && $SHELL sign.sh
|
||||
|
||||
@@ -17,7 +17,7 @@ options {
|
||||
query-source address 10.53.0.2;
|
||||
notify-source 10.53.0.2;
|
||||
transfer-source 10.53.0.2;
|
||||
port 5300;
|
||||
port @PORT@;
|
||||
pid-file "named.pid";
|
||||
listen-on { 10.53.0.2; };
|
||||
listen-on-v6 { none; };
|
||||
@@ -9,8 +9,9 @@
|
||||
# See the COPYRIGHT file distributed with this work for additional
|
||||
# information regarding copyright ownership.
|
||||
|
||||
SYSTEMTESTTOP=../..
|
||||
. $SYSTEMTESTTOP/conf.sh
|
||||
set -e
|
||||
|
||||
. "$SYSTEMTESTTOP/conf.sh"
|
||||
|
||||
zone=example.com.
|
||||
zonefile=example.com.db
|
||||
@@ -22,7 +23,7 @@ for i in Xexample.com.+015+03613.key Xexample.com.+015+03613.private \
|
||||
Xexample.com.+016+09713.key Xexample.com.+016+09713.private \
|
||||
Xexample.com.+016+38353.key Xexample.com.+016+38353.private
|
||||
do
|
||||
cp $i `echo $i | sed s/X/K/`
|
||||
cp "$i" "$(echo $i | sed s/X/K/)"
|
||||
done
|
||||
|
||||
$SIGNER -P -z -s $starttime -e $endtime -o $zone $zonefile > /dev/null 2> signer.err || cat signer.err
|
||||
$SIGNER -P -z -s "$starttime" -e "$endtime" -o "$zone" "$zonefile" > /dev/null 2> signer.err || cat signer.err
|
||||
|
||||
@@ -9,7 +9,10 @@
|
||||
# See the COPYRIGHT file distributed with this work for additional
|
||||
# information regarding copyright ownership.
|
||||
|
||||
SYSTEMTESTTOP=..
|
||||
. $SYSTEMTESTTOP/conf.sh
|
||||
set -e
|
||||
|
||||
exec $SHELL ../testcrypto.sh eddsa
|
||||
. "$SYSTEMTESTTOP/conf.sh"
|
||||
|
||||
if ! $SHELL ../testcrypto.sh eddsa; then
|
||||
exit 1
|
||||
fi
|
||||
|
||||
@@ -9,7 +9,11 @@
|
||||
# See the COPYRIGHT file distributed with this work for additional
|
||||
# information regarding copyright ownership.
|
||||
|
||||
SYSTEMTESTTOP=..
|
||||
. $SYSTEMTESTTOP/conf.sh
|
||||
set -e
|
||||
|
||||
. "$SYSTEMTESTTOP/conf.sh"
|
||||
|
||||
copy_setports ns1/named.conf.in ns1/named.conf
|
||||
copy_setports ns2/named.conf.in ns2/named.conf
|
||||
|
||||
cd ns1 && $SHELL sign.sh
|
||||
|
||||
@@ -9,27 +9,28 @@
|
||||
# See the COPYRIGHT file distributed with this work for additional
|
||||
# information regarding copyright ownership.
|
||||
|
||||
SYSTEMTESTTOP=..
|
||||
. $SYSTEMTESTTOP/conf.sh
|
||||
set -e
|
||||
|
||||
. "$SYSTEMTESTTOP/conf.sh"
|
||||
|
||||
status=0
|
||||
n=1
|
||||
|
||||
rm -f dig.out.*
|
||||
|
||||
DIGOPTS="+tcp +noau +noadd +nosea +nostat +nocmd +dnssec -p 5300"
|
||||
dig_with_opts() {
|
||||
"$DIG" +tcp +noau +noadd +nosea +nostat +nocmd +dnssec -p "$PORT" "$@"
|
||||
}
|
||||
|
||||
# Check the example. domain
|
||||
|
||||
echo "I:checking that positive validation works ($n)"
|
||||
ret=0
|
||||
$DIG $DIGOPTS . @10.53.0.1 soa > dig.out.ns1.test$n || ret=1
|
||||
$DIG $DIGOPTS . @10.53.0.2 soa > dig.out.ns2.test$n || ret=1
|
||||
dig_with_opts . @10.53.0.1 soa > dig.out.ns1.test$n || ret=1
|
||||
dig_with_opts . @10.53.0.2 soa > dig.out.ns2.test$n || ret=1
|
||||
$PERL ../digcomp.pl dig.out.ns1.test$n dig.out.ns2.test$n || ret=1
|
||||
grep "flags:.*ad.*QUERY" dig.out.ns2.test$n > /dev/null || ret=1
|
||||
n=`expr $n + 1`
|
||||
n=$((n+1))
|
||||
if [ $ret != 0 ]; then echo "I:failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
status=$((status+ret))
|
||||
|
||||
# Check test vectors (RFC 8080 + errata)
|
||||
|
||||
@@ -39,9 +40,9 @@ grep 'oL9krJun7xfBOIWcGHi7mag5/hdZrKWw15jP' ns2/example.com.db.signed > /dev/nul
|
||||
grep 'VrbpMngwcrqNAg==' ns2/example.com.db.signed > /dev/null || ret=1
|
||||
grep 'zXQ0bkYgQTEFyfLyi9QoiY6D8ZdYo4wyUhVi' ns2/example.com.db.signed > /dev/null || ret=1
|
||||
grep 'R0O7KuI5k2pcBg==' ns2/example.com.db.signed > /dev/null || ret=1
|
||||
n=`expr $n + 1`
|
||||
n=$((n+1))
|
||||
if [ $ret != 0 ]; then echo "I:failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
status=$((status+ret))
|
||||
|
||||
echo "I:checking that Ed448 test vectors match ($n)"
|
||||
ret=0
|
||||
@@ -57,9 +58,9 @@ grep '4m0AsQ4f7qI1gVnML8vWWiyW2KXhT9kuAICU' ns2/example.com.db.signed > /dev/nul
|
||||
grep 'Sxv5OWbf81Rq7Yu60npabODB0QFPb/rkW3kU' ns2/example.com.db.signed > /dev/null || ret=1
|
||||
grep 'ZmQ0YQUA' ns2/example.com.db.signed > /dev/null || ret=1
|
||||
|
||||
n=`expr $n + 1`
|
||||
n=$((n+1))
|
||||
if [ $ret != 0 ]; then echo "I:failed"; fi
|
||||
status=`expr $status + $ret`
|
||||
status=$((status+ret))
|
||||
|
||||
echo "I:exit status: $status"
|
||||
[ $status -eq 0 ] || exit 1
|
||||
|
||||
Reference in New Issue
Block a user