diff --git a/bin/tests/system/conf.sh.common b/bin/tests/system/conf.sh.common index 4805ce71e0..407f1b9800 100644 --- a/bin/tests/system/conf.sh.common +++ b/bin/tests/system/conf.sh.common @@ -37,7 +37,7 @@ export LANG=C # SEQUENTIAL_UNIX in conf.sh.in; those that only run on windows should # be added to SEQUENTIAL_WINDOWS in conf.sh.win32. # -SEQUENTIAL_COMMON="eddsa tkey" +SEQUENTIAL_COMMON="tkey" # # These tests can use ports assigned by the caller (other than 5300 @@ -58,7 +58,7 @@ PARALLEL_COMMON="dnssec rpzrecurse serve-stale \ checkconf checknames checkzone \ cookie database digdelv dlz dlzexternal \ dns64 dscp dsdigest dyndb \ - ecdsa ednscompliance emptyzones \ + ecdsa eddsa ednscompliance emptyzones \ fetchlimit filter-aaaa formerr forward \ geoip2 glue idna include-multiplecfg \ inline integrity ixfr \ diff --git a/bin/tests/system/eddsa/clean.sh b/bin/tests/system/eddsa/clean.sh index 8e2e225e19..f230cb01bf 100644 --- a/bin/tests/system/eddsa/clean.sh +++ b/bin/tests/system/eddsa/clean.sh @@ -9,11 +9,17 @@ # See the COPYRIGHT file distributed with this work for additional # information regarding copyright ownership. -rm -f */K* */dsset-* */*.signed */trusted.conf -rm -f ns1/root.db -rm -f ns*/signer.err -rm -f dig.out* -rm -f */named.run -rm -f */named.memstats -rm -f ns*/named.lock +set -e + +rm -f ./dig.out* +rm -f ns*/*.signed +rm -f ns*/K* +rm -f ns*/dsset-* rm -f ns*/managed-keys.bind* +rm -f ns*/named.conf +rm -f ns*/named.lock +rm -f ns*/named.memstats +rm -f ns*/named.run +rm -f ns*/root.db +rm -f ns*/signer.err +rm -f ns*/trusted.conf diff --git a/bin/tests/system/eddsa/ns1/named.conf b/bin/tests/system/eddsa/ns1/named.conf.in similarity index 98% rename from bin/tests/system/eddsa/ns1/named.conf rename to bin/tests/system/eddsa/ns1/named.conf.in index 50eb048408..88a2547935 100644 --- a/bin/tests/system/eddsa/ns1/named.conf +++ b/bin/tests/system/eddsa/ns1/named.conf.in @@ -17,7 +17,7 @@ options { query-source address 10.53.0.1; notify-source 10.53.0.1; transfer-source 10.53.0.1; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.1; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/eddsa/ns1/sign.sh b/bin/tests/system/eddsa/ns1/sign.sh index 761ee13428..f1a462a263 100644 --- a/bin/tests/system/eddsa/ns1/sign.sh +++ b/bin/tests/system/eddsa/ns1/sign.sh @@ -9,24 +9,25 @@ # See the COPYRIGHT file distributed with this work for additional # information regarding copyright ownership. -SYSTEMTESTTOP=../.. -. $SYSTEMTESTTOP/conf.sh +set -e + +. "$SYSTEMTESTTOP/conf.sh" zone=. infile=root.db.in zonefile=root.db -key1=`$KEYGEN -q -a ED25519 -n zone $zone` -key2=`$KEYGEN -q -a ED25519 -n zone -f KSK $zone` -#key2=`$KEYGEN -q -a ED448 -n zone -f KSK $zone` -$DSFROMKEY -a sha-256 $key2.key > dsset-256 +key1=$($KEYGEN -q -a ED25519 -n zone "$zone") +key2=$($KEYGEN -q -a ED25519 -n zone -f KSK "$zone") +#key2=$($KEYGEN -q -a ED448 -n zone -f KSK "$zone") +$DSFROMKEY -a sha-256 "$key2.key" > dsset-256 -cat $infile $key1.key $key2.key > $zonefile +cat "$infile" "$key1.key" "$key2.key" > "$zonefile" -$SIGNER -P -g -o $zone $zonefile > /dev/null 2> signer.err || cat signer.err +$SIGNER -P -g -o "$zone" "$zonefile" > /dev/null 2> signer.err || cat signer.err # Configure the resolving server with a static key. -keyfile_to_static_ds $key1 > trusted.conf +keyfile_to_static_ds "$key1" > trusted.conf cp trusted.conf ../ns2/trusted.conf cd ../ns2 && $SHELL sign.sh diff --git a/bin/tests/system/eddsa/ns2/named.conf b/bin/tests/system/eddsa/ns2/named.conf.in similarity index 98% rename from bin/tests/system/eddsa/ns2/named.conf rename to bin/tests/system/eddsa/ns2/named.conf.in index 420073fc05..198cdbbcec 100644 --- a/bin/tests/system/eddsa/ns2/named.conf +++ b/bin/tests/system/eddsa/ns2/named.conf.in @@ -17,7 +17,7 @@ options { query-source address 10.53.0.2; notify-source 10.53.0.2; transfer-source 10.53.0.2; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.2; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/eddsa/ns2/sign.sh b/bin/tests/system/eddsa/ns2/sign.sh index 7aeceecd2a..ddd7a92746 100644 --- a/bin/tests/system/eddsa/ns2/sign.sh +++ b/bin/tests/system/eddsa/ns2/sign.sh @@ -9,8 +9,9 @@ # See the COPYRIGHT file distributed with this work for additional # information regarding copyright ownership. -SYSTEMTESTTOP=../.. -. $SYSTEMTESTTOP/conf.sh +set -e + +. "$SYSTEMTESTTOP/conf.sh" zone=example.com. zonefile=example.com.db @@ -22,7 +23,7 @@ for i in Xexample.com.+015+03613.key Xexample.com.+015+03613.private \ Xexample.com.+016+09713.key Xexample.com.+016+09713.private \ Xexample.com.+016+38353.key Xexample.com.+016+38353.private do - cp $i `echo $i | sed s/X/K/` + cp "$i" "$(echo $i | sed s/X/K/)" done -$SIGNER -P -z -s $starttime -e $endtime -o $zone $zonefile > /dev/null 2> signer.err || cat signer.err +$SIGNER -P -z -s "$starttime" -e "$endtime" -o "$zone" "$zonefile" > /dev/null 2> signer.err || cat signer.err diff --git a/bin/tests/system/eddsa/prereq.sh b/bin/tests/system/eddsa/prereq.sh index 648f97dcf9..e86ce7eb39 100644 --- a/bin/tests/system/eddsa/prereq.sh +++ b/bin/tests/system/eddsa/prereq.sh @@ -9,7 +9,10 @@ # See the COPYRIGHT file distributed with this work for additional # information regarding copyright ownership. -SYSTEMTESTTOP=.. -. $SYSTEMTESTTOP/conf.sh +set -e -exec $SHELL ../testcrypto.sh eddsa +. "$SYSTEMTESTTOP/conf.sh" + +if ! $SHELL ../testcrypto.sh eddsa; then + exit 1 +fi diff --git a/bin/tests/system/eddsa/setup.sh b/bin/tests/system/eddsa/setup.sh index f5482e6c38..69c4995f41 100644 --- a/bin/tests/system/eddsa/setup.sh +++ b/bin/tests/system/eddsa/setup.sh @@ -9,7 +9,11 @@ # See the COPYRIGHT file distributed with this work for additional # information regarding copyright ownership. -SYSTEMTESTTOP=.. -. $SYSTEMTESTTOP/conf.sh +set -e + +. "$SYSTEMTESTTOP/conf.sh" + +copy_setports ns1/named.conf.in ns1/named.conf +copy_setports ns2/named.conf.in ns2/named.conf cd ns1 && $SHELL sign.sh diff --git a/bin/tests/system/eddsa/tests.sh b/bin/tests/system/eddsa/tests.sh index 4f6269e34b..2dcc138c2f 100644 --- a/bin/tests/system/eddsa/tests.sh +++ b/bin/tests/system/eddsa/tests.sh @@ -9,27 +9,28 @@ # See the COPYRIGHT file distributed with this work for additional # information regarding copyright ownership. -SYSTEMTESTTOP=.. -. $SYSTEMTESTTOP/conf.sh +set -e + +. "$SYSTEMTESTTOP/conf.sh" status=0 n=1 -rm -f dig.out.* - -DIGOPTS="+tcp +noau +noadd +nosea +nostat +nocmd +dnssec -p 5300" +dig_with_opts() { + "$DIG" +tcp +noau +noadd +nosea +nostat +nocmd +dnssec -p "$PORT" "$@" +} # Check the example. domain echo "I:checking that positive validation works ($n)" ret=0 -$DIG $DIGOPTS . @10.53.0.1 soa > dig.out.ns1.test$n || ret=1 -$DIG $DIGOPTS . @10.53.0.2 soa > dig.out.ns2.test$n || ret=1 +dig_with_opts . @10.53.0.1 soa > dig.out.ns1.test$n || ret=1 +dig_with_opts . @10.53.0.2 soa > dig.out.ns2.test$n || ret=1 $PERL ../digcomp.pl dig.out.ns1.test$n dig.out.ns2.test$n || ret=1 grep "flags:.*ad.*QUERY" dig.out.ns2.test$n > /dev/null || ret=1 -n=`expr $n + 1` +n=$((n+1)) if [ $ret != 0 ]; then echo "I:failed"; fi -status=`expr $status + $ret` +status=$((status+ret)) # Check test vectors (RFC 8080 + errata) @@ -39,9 +40,9 @@ grep 'oL9krJun7xfBOIWcGHi7mag5/hdZrKWw15jP' ns2/example.com.db.signed > /dev/nul grep 'VrbpMngwcrqNAg==' ns2/example.com.db.signed > /dev/null || ret=1 grep 'zXQ0bkYgQTEFyfLyi9QoiY6D8ZdYo4wyUhVi' ns2/example.com.db.signed > /dev/null || ret=1 grep 'R0O7KuI5k2pcBg==' ns2/example.com.db.signed > /dev/null || ret=1 -n=`expr $n + 1` +n=$((n+1)) if [ $ret != 0 ]; then echo "I:failed"; fi -status=`expr $status + $ret` +status=$((status+ret)) echo "I:checking that Ed448 test vectors match ($n)" ret=0 @@ -57,9 +58,9 @@ grep '4m0AsQ4f7qI1gVnML8vWWiyW2KXhT9kuAICU' ns2/example.com.db.signed > /dev/nul grep 'Sxv5OWbf81Rq7Yu60npabODB0QFPb/rkW3kU' ns2/example.com.db.signed > /dev/null || ret=1 grep 'ZmQ0YQUA' ns2/example.com.db.signed > /dev/null || ret=1 -n=`expr $n + 1` +n=$((n+1)) if [ $ret != 0 ]; then echo "I:failed"; fi -status=`expr $status + $ret` +status=$((status+ret)) echo "I:exit status: $status" [ $status -eq 0 ] || exit 1