ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity

use DS style trust anchors in all system tests

Browse Source 
this adds functions in conf.sh.common to create DS-style trust anchor
files. those functions are then used to create nearly all of the trust
anchors in the system tests.

there are a few exceptions:
 - some tests in dnssec and mkeys rely on detection of unsupported
   algorithms, which only works with key-style trust anchors, so those
   are used for those tests in particular.
 - the mirror test had a problem with the use of a CSK without a
   SEP bit, which still needs addressing

in the future, some of these tests should be changed back to using
traditional trust anchors, so that both types will be exercised going
forward.
This commit is contained in:
Evan Hunt
2019-09-18 19:41:40 -07:00
parent 342cc9b168
commit 54a682ea50
23 changed files with 74 additions and 36 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
bin/tests/system/mkeys/tests.sh
View File

@@ -301,7 +301,7 @@ status=`expr $status + $ret`
echo_i "reinitialize trust anchors, add second key to bind.keys"
$PERL $SYSTEMTESTTOP/stop.pl --use-rndc --port ${CONTROLPORT} mkeys ns2
rm -f ns2/managed-keys.bind*
keyfile_to_initial_keys ns1/$original ns1/$standby1 > ns2/managed.conf
keyfile_to_initial_ds ns1/$original ns1/$standby1 > ns2/managed.conf
nextpart ns2/named.run > /dev/null
$PERL $SYSTEMTESTTOP/start.pl --noclean --restart --port ${PORT} mkeys ns2