ComputerSurge/bind9
3
0
Fork 0
Code Pull Requests 1 Activity

inline: use $DEFAULT_ALGORITHM

Browse Source 
(cherry picked from commit e3acddefd1)
This commit is contained in:
Mark Andrews
2022-07-08 13:49:52 +10:00
parent 73f2c501a5
commit db5eb04f4a
5 changed files with 270 additions and 269 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
bin/tests/system/inline/ns1/sign.sh
View File

@@ -16,8 +16,8 @@
zone=.
rm -f K.+*+*.key
rm -f K.+*+*.private
keyname=`$KEYGEN -q -a RSASHA1 -b 1024 -n zone $zone`
keyname=`$KEYGEN -q -a RSASHA1 -b 1024 -n zone -f KSK $zone`
keyname=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -n zone $zone)
keyname=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -n zone -f KSK $zone)
$SIGNER -S -x -T 1200 -o ${zone} root.db > signer.out
[ $? = 0 ] || cat signer.out

78
bin/tests/system/inline/ns3/sign.sh
View File

@@ -21,36 +21,36 @@ mv ${unsupportedkey}.tmp ${unsupportedkey}.key
zone=bits
rm -f K${zone}.+*+*.key
rm -f K${zone}.+*+*.private
keyname=`$KEYGEN -q -a RSASHA1 -b 1024 -n zone $zone`
keyname=`$KEYGEN -q -a RSASHA1 -b 1024 -n zone -f KSK $zone`
keyname=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -n zone $zone)
keyname=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -n zone -f KSK $zone)
$DSFROMKEY -T 1200 $keyname >> ../ns1/root.db
zone=noixfr
rm -f K${zone}.+*+*.key
rm -f K${zone}.+*+*.private
keyname=`$KEYGEN -q -a RSASHA1 -b 1024 -n zone $zone`
keyname=`$KEYGEN -q -a RSASHA1 -b 1024 -n zone -f KSK $zone`
keyname=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -n zone $zone)
keyname=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -n zone -f KSK $zone)
$DSFROMKEY -T 1200 $keyname >> ../ns1/root.db
zone=primary
rm -f K${zone}.+*+*.key
rm -f K${zone}.+*+*.private
keyname=`$KEYGEN -q -a RSASHA1 -b 1024 -n zone $zone`
keyname=`$KEYGEN -q -a RSASHA1 -b 1024 -n zone -f KSK $zone`
keyname=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -n zone $zone)
keyname=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -n zone -f KSK $zone)
$DSFROMKEY -T 1200 $keyname >> ../ns1/root.db
zone=dynamic
rm -f K${zone}.+*+*.key
rm -f K${zone}.+*+*.private
keyname=`$KEYGEN -q -a RSASHA1 -b 1024 -n zone $zone`
keyname=`$KEYGEN -q -a RSASHA1 -b 1024 -n zone -f KSK $zone`
keyname=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -n zone $zone)
keyname=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -n zone -f KSK $zone)
$DSFROMKEY -T 1200 $keyname >> ../ns1/root.db
zone=updated
rm -f K${zone}.+*+*.key
rm -f K${zone}.+*+*.private
keyname=`$KEYGEN -q -a RSASHA1 -b 1024 -n zone $zone`
keyname=`$KEYGEN -q -a RSASHA1 -b 1024 -n zone -f KSK $zone`
keyname=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -n zone $zone)
keyname=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -n zone -f KSK $zone)
$DSFROMKEY -T 1200 $keyname >> ../ns1/root.db
$SIGNER -S -O raw -L 2000042407 -o ${zone} ${zone}.db > /dev/null
cp primary2.db.in updated.db
@@ -59,92 +59,92 @@ cp primary2.db.in updated.db
zone=expired
rm -f K${zone}.+*+*.key
rm -f K${zone}.+*+*.private
keyname=`$KEYGEN -q -a RSASHA1 -b 1024 -n zone $zone`
keyname=`$KEYGEN -q -a RSASHA1 -b 1024 -n zone -f KSK $zone`
keyname=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -n zone $zone)
keyname=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -n zone -f KSK $zone)
$DSFROMKEY -T 1200 $keyname >> ../ns1/root.db
$SIGNER -PS -s 20100101000000 -e 20110101000000 -O raw -L 2000042407 -o ${zone} ${zone}.db > /dev/null
zone=retransfer
rm -f K${zone}.+*+*.key
rm -f K${zone}.+*+*.private
keyname=`$KEYGEN -q -a RSASHA1 -b 1024 -n zone $zone`
keyname=`$KEYGEN -q -a RSASHA1 -b 1024 -n zone -f KSK $zone`
keyname=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -n zone $zone)
keyname=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -n zone -f KSK $zone)
$DSFROMKEY -T 1200 $keyname >> ../ns1/root.db
zone=nsec3
rm -f K${zone}.+*+*.key
rm -f K${zone}.+*+*.private
keyname=`$KEYGEN -q -a NSEC3RSASHA1 -b 1024 -n zone -f KSK $zone`
keyname=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -n zone -f KSK $zone)
$DSFROMKEY -T 1200 $keyname >> ../ns1/root.db
zone=retransfer3
rm -f K${zone}.+*+*.key
rm -f K${zone}.+*+*.private
keyname=`$KEYGEN -q -a NSEC3RSASHA1 -b 1024 -n zone $zone`
keyname=`$KEYGEN -q -a NSEC3RSASHA1 -b 1024 -n zone -f KSK $zone`
keyname=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -n zone $zone)
keyname=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -n zone -f KSK $zone)
$DSFROMKEY -T 1200 $keyname >> ../ns1/root.db
zone=inactiveksk
rm -f K${zone}.+*+*.key
rm -f K${zone}.+*+*.private
keyname=`$KEYGEN -q -a NSEC3RSASHA1 -b 1024 -n zone $zone`
keyname=`$KEYGEN -q -a NSEC3RSASHA1 -b 1024 -n zone -P now -A now+3600 -f KSK $zone`
keyname=`$KEYGEN -q -a RSASHA256 -b 1024 -n zone $zone`
keyname=`$KEYGEN -q -a RSASHA256 -b 1024 -n zone -f KSK $zone`
keyname=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -n zone $zone)
keyname=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -n zone -P now -A now+3600 -f KSK $zone)
keyname=$($KEYGEN -q -a ${ALTERNATIVE_ALGORITHM} -n zone $zone)
keyname=$($KEYGEN -q -a ${ALTERNATIVE_ALGORITHM} -n zone -f KSK $zone)
$DSFROMKEY -T 1200 $keyname >> ../ns1/root.db
zone=inactivezsk
rm -f K${zone}.+*+*.key
rm -f K${zone}.+*+*.private
keyname=`$KEYGEN -q -a NSEC3RSASHA1 -b 1024 -n zone -P now -A now+3600 $zone`
keyname=`$KEYGEN -q -a NSEC3RSASHA1 -b 1024 -n zone -f KSK $zone`
keyname=`$KEYGEN -q -a RSASHA256 -b 1024 -n zone $zone`
keyname=`$KEYGEN -q -a RSASHA256 -b 1024 -n zone -f KSK $zone`
keyname=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -n zone -P now -A now+3600 $zone)
keyname=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -n zone -f KSK $zone)
keyname=$($KEYGEN -q -a ${ALTERNATIVE_ALGORITHM} -n zone $zone)
keyname=$($KEYGEN -q -a ${ALTERNATIVE_ALGORITHM} -n zone -f KSK $zone)
$DSFROMKEY -T 1200 $keyname >> ../ns1/root.db
zone=delayedkeys
rm -f K${zone}.+*+*.key
rm -f K${zone}.+*+*.private
keyname=`$KEYGEN -q -a RSASHA1 -b 1024 -n zone $zone`
keyname=`$KEYGEN -q -a RSASHA1 -b 1024 -n zone -f KSK $zone`
keyname=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -n zone $zone)
keyname=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -n zone -f KSK $zone)
# Keys for the "delayedkeys" zone should not be initially accessible.
mv K${zone}.+*+*.* ../
zone=removedkeys-primary
rm -f K${zone}.+*+*.key
rm -f K${zone}.+*+*.private
keyname=`$KEYGEN -q -a RSASHA1 -b 1024 -n zone $zone`
keyname=`$KEYGEN -q -a RSASHA1 -b 1024 -n zone -f KSK $zone`
keyname=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -n zone $zone)
keyname=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -n zone -f KSK $zone)
zone=removedkeys-secondary
rm -f K${zone}.+*+*.key
rm -f K${zone}.+*+*.private
keyname=`$KEYGEN -q -a RSASHA1 -b 1024 -n zone $zone`
keyname=`$KEYGEN -q -a RSASHA1 -b 1024 -n zone -f KSK $zone`
keyname=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -n zone $zone)
keyname=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -n zone -f KSK $zone)
for s in a c d h k l m q z
do
zone=test-$s
keyname=`$KEYGEN -q -a RSASHA1 -b 1024 -n zone $zone`
keyname=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -n zone $zone)
done
for s in b f i o p t v
do
zone=test-$s
keyname=`$KEYGEN -q -a RSASHA1 -b 1024 -n zone $zone`
keyname=`$KEYGEN -q -a RSASHA1 -b 1024 -n zone -f KSK $zone`
keyname=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -n zone $zone)
keyname=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -n zone -f KSK $zone)
done
zone=externalkey
rm -f K${zone}.+*+*.key
rm -f K${zone}.+*+*.private
for alg in ECDSAP256SHA256 NSEC3RSASHA1
for alg in ${DEFAULT_ALGORITHM} ${ALTERNATIVE_ALGORITHM}
do
k1=`$KEYGEN -q -a $alg -b 1024 -n zone -f KSK $zone`
k2=`$KEYGEN -q -a $alg -b 1024 -n zone $zone`
k3=`$KEYGEN -q -a $alg -b 1024 -n zone $zone`
k4=`$KEYGEN -q -a $alg -b 1024 -n zone -f KSK $zone`
k1=$($KEYGEN -q -a $alg -n zone -f KSK $zone)
k2=$($KEYGEN -q -a $alg -n zone $zone)
k3=$($KEYGEN -q -a $alg -n zone $zone)
k4=$($KEYGEN -q -a $alg -n zone -f KSK $zone)
$DSFROMKEY -T 1200 $k4 >> ../ns1/root.db
# Convert k1 and k2 in to External Keys.

6
bin/tests/system/inline/ns7/sign.sh
View File

@@ -19,6 +19,6 @@
zone=nsec3-loop
rm -f K${zone}.+*+*.key
rm -f K${zone}.+*+*.private
keyname=`$KEYGEN -q -a NSEC3RSASHA1 -b 1024 -n zone $zone`
keyname=`$KEYGEN -q -a NSEC3RSASHA1 -b 1024 -n zone $zone`
keyname=`$KEYGEN -q -a NSEC3RSASHA1 -b 1024 -n zone -f KSK $zone`
keyname=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -n zone $zone)
keyname=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -n zone $zone)
keyname=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -n zone -f KSK $zone)

8
bin/tests/system/inline/ns8/sign.sh
View File

@@ -20,8 +20,8 @@ for zone in example01.com example02.com example03.com example04.com \
do
rm -f K${zone}.+*+*.key
rm -f K${zone}.+*+*.private
keyname=`$KEYGEN -q -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone`
keyname=`$KEYGEN -q -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone -f KSK $zone`
keyname=$($KEYGEN -q -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone)
keyname=$($KEYGEN -q -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone -f KSK $zone)
cp example.com.db.in ${zone}.db
$SIGNER -S -T 3600 -O raw -L 2000042407 -o ${zone} ${zone}.db > /dev/null 2>&1
done
@@ -29,7 +29,7 @@ done
for zone in example unsigned-serial-test; do
rm -f K${zone}.+*+*.key
rm -f K${zone}.+*+*.private
keyname=`$KEYGEN -q -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone`
keyname=`$KEYGEN -q -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone -f KSK $zone`
keyname=$($KEYGEN -q -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone)
keyname=$($KEYGEN -q -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone -f KSK $zone)
cp example.db.in ${zone}.db
done

443
bin/tests/system/inline/tests.sh
View File

File diff suppressed because it is too large Load Diff