migrate tests from bin/tests/dnssec-signzone to bin/tests/system/dnssec

- added tests to the dnssec system test that duplicate the ones
  from bin/tests/dnssec-signzone
- changed cleanall.sh so it doesn't automatically remove all
  key files, because there are now some of those that are part of the
  distribution

(cherry picked from commit ccfe778c01)

bin/tests/dnssec-signzone/run-test.sh

@@ -1,46 +0,0 @@
-#!/bin/sh
-#
-# Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-#
-# This Source Code Form is subject to the terms of the Mozilla Public
-# License, v. 2.0. If a copy of the MPL was not distributed with this
-# file, You can obtain one at http://mozilla.org/MPL/2.0/.
-#
-# See the COPYRIGHT file distributed with this work for additional
-# information regarding copyright ownership.
-
-# $Id: run-test.sh,v 1.3 2009/06/04 02:56:47 tbox Exp $
-
-
-sign="../../dnssec/dnssec-signzone -f signed.zone -o example.com."
-
-signit() {
-	rm -f signed.zone
-	grep '^;' $zone
-	$sign $zone
-}
-
-expect_success() {
-	if ! test -f signed.zone ; then
-		echo "Error: expected success, but sign failed for $zone."
-	else
-		echo "Success:  Sign succeeded for $zone."
-	fi
-}
-
-expect_failure() {
-	if test -f signed.zone ; then
-		echo "Error: expected failure, but sign succeeded for $zone."
-	else
-		echo "Success:  Sign failed (expected) for $zone"
-	fi
-}
-
-zone="test1.zone" ; signit ; expect_success
-zone="test2.zone" ; signit ; expect_failure
-zone="test3.zone" ; signit ; expect_failure
-zone="test4.zone" ; signit ; expect_success
-zone="test5.zone" ; signit ; expect_failure
-zone="test6.zone" ; signit ; expect_failure
-zone="test7.zone" ; signit ; expect_failure
-zone="test8.zone" ; signit ; expect_failure

bin/tests/system/cleanall.sh

@@ -18,7 +18,7 @@ SYSTEMTESTTOP=.
 
 
 find . -type f \( \
-    -name 'K*' -o -name '*~' -o -name 'core' -o -name '*.core' \
+    -name '*~' -o -name 'core' -o -name '*.core' \
     -o -name '*.log' -o -name '*.pid' -o -name '*.keyset' \
     -o -name named.run -o -name ans.run \
     -o -name '*-valgrind-*.log' \) -print | xargs rm -f

bin/tests/system/dnssec/clean.sh

@@ -92,4 +92,7 @@ rm -f signer/example.db.after signer/example.db.before
 rm -f signer/example.db.changed
 rm -f signer/nsec3param.out
 rm -f signer/signer.out.*
+rm -f signer/general/signed.zone
+rm -f signer/general/signer.out.*
+rm -f signer/general/dsset*
 rm -f signing.out*

bin/tests/system/dnssec/signer/general/test4.zone

@@ -1,6 +1,6 @@
 ;
 ;	This is a zone which has three DNSKEY records, two (KSK + ZSK) of
-; which have existing private key files available.  The third is a 
+; which have existing private key files available.  The third is a
 ; pre-published ZSK.
 ;
 $TTL 3600

bin/tests/system/dnssec/signer/general/test7.zone

@@ -1,5 +1,5 @@
 ;
-;	This is a zone which has two DNSKEY records, none of which have 
+;	This is a zone which has two DNSKEY records, none of which have
 ; existing private key files available.  The resulting zone should fail
 ; the consistancy tests.
 ;

bin/tests/system/dnssec/tests.sh

@@ -1269,6 +1269,103 @@ n=`expr $n + 1`
 if [ $ret != 0 ]; then echo_i "failed"; fi
 status=`expr $status + $ret`
 
+echo_i "basic dnssec-signzone checks:"
+echo_i " two DNSKEYs ($n)"
+ret=0
+(
+cd signer/general
+rm -f signed.zone
+$SIGNER -f signed.zone -o example.com. test1.zone > signer.out.$n 2>&1
+test -f signed.zone
+) || ret=1
+n=`expr $n + 1`
+if [ $ret != 0 ]; then echo_i "failed"; fi
+status=`expr $status + $ret`
+
+echo_i " one non-KSK DNSKEY ($n)"
+ret=0
+(
+cd signer/general
+rm -f signed.zone
+$SIGNER -f signed.zone -o example.com. test2.zone > signer.out.$n 2>&1
+test -f signed.zone
+) && ret=1
+n=`expr $n + 1`
+if [ $ret != 0 ]; then echo_i "failed"; fi
+status=`expr $status + $ret`
+
+echo_i " one KSK DNSKEY ($n)"
+ret=0
+(
+cd signer/general
+rm -f signed.zone
+$SIGNER -f signed.zone -o example.com. test3.zone > signer.out.$n 2>&1
+test -f signed.zone
+) && ret=1
+n=`expr $n + 1`
+if [ $ret != 0 ]; then echo_i "failed"; fi
+status=`expr $status + $ret`
+
+echo_i " three DNSKEY ($n)"
+ret=0
+(
+cd signer/general
+rm -f signed.zone
+$SIGNER -f signed.zone -o example.com. test4.zone > signer.out.$n 2>&1
+test -f signed.zone
+) || ret=1
+n=`expr $n + 1`
+if [ $ret != 0 ]; then echo_i "failed"; fi
+status=`expr $status + $ret`
+
+echo_i " three DNSKEY, one private key missing ($n)"
+ret=0
+(
+cd signer/general
+rm -f signed.zone
+$SIGNER -f signed.zone -o example.com. test5.zone > signer.out.$n 2>&1
+test -f signed.zone
+) || ret=1
+n=`expr $n + 1`
+if [ $ret != 0 ]; then echo_i "failed"; fi
+status=`expr $status + $ret`
+
+echo_i " four DNSKEY ($n)"
+ret=0
+(
+cd signer/general
+rm -f signed.zone
+$SIGNER -f signed.zone -o example.com. test6.zone > signer.out.$n 2>&1
+test -f signed.zone
+) || ret=1
+n=`expr $n + 1`
+if [ $ret != 0 ]; then echo_i "failed"; fi
+status=`expr $status + $ret`
+
+echo_i " two DNSKEY, both private keys missing ($n)"
+ret=0
+(
+cd signer/general
+rm -f signed.zone
+$SIGNER -f signed.zone -o example.com. test7.zone > signer.out.$n 2>&1
+test -f signed.zone
+) && ret=1
+n=`expr $n + 1`
+if [ $ret != 0 ]; then echo_i "failed"; fi
+status=`expr $status + $ret`
+
+echo_i " two DNSKEY, one private key missing ($n)"
+ret=0
+(
+cd signer/general
+rm -f signed.zone
+$SIGNER -f signed.zone -o example.com. test8.zone > signer.out.$n 2>&1
+test -f signed.zone
+) && ret=1
+n=`expr $n + 1`
+if [ $ret != 0 ]; then echo_i "failed"; fi
+status=`expr $status + $ret`
+
 echo_i "checking that we can sign a zone with out-of-zone records ($n)"
 ret=0
 zone=example

util/copyrights

@@ -403,21 +403,6 @@
 ./bin/tests/db/win32/t_db.vcxproj.in		X	2013,2015,2016,2017,2018
 ./bin/tests/db/win32/t_db.vcxproj.user		X	2013,2018
 ./bin/tests/db_test.c				C	1999,2000,2001,2004,2005,2007,2008,2009,2011,2012,2013,2015,2016,2017,2018
-./bin/tests/dnssec-signzone/Kexample.com.+005+07065.key	X	2009,2018
-./bin/tests/dnssec-signzone/Kexample.com.+005+07065.private	X	2009,2018
-./bin/tests/dnssec-signzone/Kexample.com.+005+23362.key	X	2009,2018
-./bin/tests/dnssec-signzone/Kexample.com.+005+23362.private	X	2009,2018
-./bin/tests/dnssec-signzone/bogus-ksk.key	X	2009,2018
-./bin/tests/dnssec-signzone/bogus-zsk.key	X	2009,2018
-./bin/tests/dnssec-signzone/run-test.sh		SH	2009,2012,2016,2018
-./bin/tests/dnssec-signzone/test1.zone		X	2009,2018
-./bin/tests/dnssec-signzone/test2.zone		X	2009,2018
-./bin/tests/dnssec-signzone/test3.zone		X	2009,2018
-./bin/tests/dnssec-signzone/test4.zone		X	2009,2018
-./bin/tests/dnssec-signzone/test5.zone		X	2009,2018
-./bin/tests/dnssec-signzone/test6.zone		X	2009,2018
-./bin/tests/dnssec-signzone/test7.zone		X	2009,2018
-./bin/tests/dnssec-signzone/test8.zone		X	2009,2018
 ./bin/tests/dst/.gitignore			X	2012,2013,2018
 ./bin/tests/dst/Kdh.+002+18602.key.in		X	2001,2013,2018
 ./bin/tests/dst/Kdh.+002+18602.private.in	X	2001,2013,2018