From dce66f763537450fa78045c679c53fd0ba5cbc5d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Micha=C5=82=20K=C4=99pie=C5=84?= Date: Wed, 13 Jun 2018 07:47:12 +0200 Subject: [PATCH] Replace duplicated code snippet with calls to helper functions Reduce code duplication by replacing a code snippet repeated throughout system tests using "trusted-keys" and/or "managed-keys" configuration sections with calls to keyfile_to_{managed,trusted}_keys() helper functions. (cherry picked from commit 120af964ce6e7ce4ddeeb399aad70f7d08e6b96f) --- bin/tests/system/autosign/ns1/keygen.sh | 20 ++----------- bin/tests/system/autosign/ns2/keygen.sh | 10 +------ bin/tests/system/dlv/ns1/sign.sh | 11 +------ bin/tests/system/dlv/ns3/sign.sh | 11 +------ bin/tests/system/dnssec/ns1/sign.sh | 25 ++++------------ bin/tests/system/dnssec/ns5/sign.sh | 10 +------ bin/tests/system/dsdigest/ns1/sign.sh | 11 +------ bin/tests/system/ecdsa/ns1/sign.sh | 11 +------ bin/tests/system/eddsa/ns1/sign.sh | 11 +------ bin/tests/system/inline/ns1/sign.sh | 11 +------ bin/tests/system/legacy/ns7/sign.sh | 10 +------ bin/tests/system/mkeys/ns1/sign.sh | 22 ++------------ bin/tests/system/mkeys/tests.sh | 12 +------- bin/tests/system/pending/ns1/sign.sh | 11 +------ bin/tests/system/resolver/ns6/keygen.sh | 12 ++------ bin/tests/system/rootkeysentinel/ns1/sign.sh | 11 +------ bin/tests/system/rsabigexponent/ns1/sign.sh | 11 +------ bin/tests/system/sfcache/ns1/sign.sh | 22 ++------------ bin/tests/system/staticstub/ns3/sign.sh | 22 ++------------ bin/tests/system/synthfromdnssec/ns1/sign.sh | 10 +------ bin/tests/system/wildcard/ns1/sign.sh | 30 ++------------------ 21 files changed, 34 insertions(+), 270 deletions(-) diff --git a/bin/tests/system/autosign/ns1/keygen.sh b/bin/tests/system/autosign/ns1/keygen.sh index 5331298069..423de1fd00 100644 --- a/bin/tests/system/autosign/ns1/keygen.sh +++ b/bin/tests/system/autosign/ns1/keygen.sh @@ -33,28 +33,12 @@ rm $zsknopriv.private ksksby=`$KEYGEN -3 -a RSASHA1 -q -r $RANDFILE -P now -A now+15s -fk $zone` kskrev=`$KEYGEN -3 -a RSASHA1 -q -r $RANDFILE -R now+15s -fk $zone` -cat $ksksby.key | grep -v '^; ' | $PERL -n -e ' -local ($dn, $class, $type, $flags, $proto, $alg, @rest) = split; -local $key = join("", @rest); -print < trusted.conf +keyfile_to_trusted_keys $ksksby > trusted.conf cp trusted.conf ../ns2/trusted.conf cp trusted.conf ../ns3/trusted.conf cp trusted.conf ../ns4/trusted.conf -cat $kskrev.key | grep -v '^; ' | $PERL -n -e ' -local ($dn, $class, $type, $flags, $proto, $alg, @rest) = split; -local $key = join("", @rest); -print < trusted.conf +keyfile_to_trusted_keys $kskrev > trusted.conf cp trusted.conf ../ns5/trusted.conf echo $zskact > ../active.key diff --git a/bin/tests/system/autosign/ns2/keygen.sh b/bin/tests/system/autosign/ns2/keygen.sh index e253512944..175d8f6fa2 100644 --- a/bin/tests/system/autosign/ns2/keygen.sh +++ b/bin/tests/system/autosign/ns2/keygen.sh @@ -36,15 +36,7 @@ zonefile="${zone}.db" infile="${zonefile}.in" ksk=`$KEYGEN -a RSASHA1 -3 -q -r $RANDFILE -fk $zone` $KEYGEN -a RSASHA1 -3 -q -r $RANDFILE $zone > /dev/null -cat $ksk.key | grep -v '^; ' | $PERL -n -e ' -local ($dn, $class, $type, $flags, $proto, $alg, @rest) = split; -local $key = join("", @rest); -print < private.conf +keyfile_to_trusted_keys $ksk > private.conf cp private.conf ../ns4/private.conf $SIGNER -S -3 beef -A -o $zone -f $zonefile $infile > /dev/null 2>&1 diff --git a/bin/tests/system/dlv/ns1/sign.sh b/bin/tests/system/dlv/ns1/sign.sh index ddd41a1437..b8151620cc 100755 --- a/bin/tests/system/dlv/ns1/sign.sh +++ b/bin/tests/system/dlv/ns1/sign.sh @@ -32,14 +32,5 @@ $SIGNER -r $RANDFILE -g -o $zone -f $outfile $zonefile > /dev/null 2> signer.err echo_i "signed $zone" -grep -v '^;' $keyname2.key | $PERL -n -e ' -local ($dn, $class, $type, $flags, $proto, $alg, @rest) = split; -local $key = join("", @rest); -print < trusted.conf +keyfile_to_trusted_keys $keyname2 > trusted.conf cp trusted.conf ../ns5 - diff --git a/bin/tests/system/dlv/ns3/sign.sh b/bin/tests/system/dlv/ns3/sign.sh index cb991323b6..bcc9922e26 100755 --- a/bin/tests/system/dlv/ns3/sign.sh +++ b/bin/tests/system/dlv/ns3/sign.sh @@ -280,16 +280,7 @@ cat $infile $dlvsets $keyname1.key $keyname2.key >$zonefile $SIGNER -r $RANDFILE -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err echo_i "signed $zone" - -grep -v '^;' $keyname2.key | $PERL -n -e ' -local ($dn, $class, $type, $flags, $proto, $alg, @rest) = split; -local $key = join("", @rest); -print < trusted-dlv.conf +keyfile_to_trusted_keys $keyname2 > trusted-dlv.conf cp trusted-dlv.conf ../ns5 cp $dssets ../ns2 diff --git a/bin/tests/system/dnssec/ns1/sign.sh b/bin/tests/system/dnssec/ns1/sign.sh index 09837184de..e0667b3740 100644 --- a/bin/tests/system/dnssec/ns1/sign.sh +++ b/bin/tests/system/dnssec/ns1/sign.sh @@ -34,32 +34,17 @@ cat $infile $keyname.key > $zonefile $SIGNER -P -g -r $RANDFILE -o $zone $zonefile > /dev/null # Configure the resolving server with a trusted key. -cat $keyname.key | grep -v '^; ' | $PERL -n -e ' -local ($dn, $class, $type, $flags, $proto, $alg, @rest) = split; -local $key = join("", @rest); -print < trusted.conf - -# ...or with a managed key. -cat $keyname.key | grep -v '^; ' | $PERL -n -e ' -local ($dn, $class, $type, $flags, $proto, $alg, @rest) = split; -local $key = join("", @rest); -print < managed.conf +keyfile_to_trusted_keys $keyname > trusted.conf cp trusted.conf ../ns2/trusted.conf cp trusted.conf ../ns3/trusted.conf cp trusted.conf ../ns4/trusted.conf cp trusted.conf ../ns6/trusted.conf cp trusted.conf ../ns7/trusted.conf + +# ...or with a managed key. +keyfile_to_managed_keys $keyname > managed.conf cp managed.conf ../ns4/managed.conf + # # Save keyid for managed key id test. # diff --git a/bin/tests/system/dnssec/ns5/sign.sh b/bin/tests/system/dnssec/ns5/sign.sh index 5c9493dceb..cc1e57d96f 100644 --- a/bin/tests/system/dnssec/ns5/sign.sh +++ b/bin/tests/system/dnssec/ns5/sign.sh @@ -19,15 +19,7 @@ zonefile=root.db.signed keyname=`$KEYGEN -r $RANDFILE -a RSASHA1 -qfk $zone` # copy the KSK out first, then revoke it -cat $keyname.key | grep -v '^; ' | $PERL -n -e ' -local ($dn, $class, $type, $flags, $proto, $alg, @rest) = split; -local $key = join("", @rest); -print < revoked.conf +keyfile_to_managed_keys $keyname > revoked.conf $SETTIME -R now ${keyname}.key > /dev/null diff --git a/bin/tests/system/dsdigest/ns1/sign.sh b/bin/tests/system/dsdigest/ns1/sign.sh index 0d4589043f..81156c4210 100644 --- a/bin/tests/system/dsdigest/ns1/sign.sh +++ b/bin/tests/system/dsdigest/ns1/sign.sh @@ -29,16 +29,7 @@ cat $infile $key1.key $key2.key > $zonefile $SIGNER -P -g -r $RANDFILE -o $zone $zonefile > /dev/null # Configure the resolving server with a trusted key. - -cat $key2.key | grep -v '^; ' | $PERL -n -e ' -local ($dn, $class, $type, $flags, $proto, $alg, @rest) = split; -local $key = join("", @rest); -print < trusted.conf +keyfile_to_trusted_keys $key2 > trusted.conf cp trusted.conf ../ns2/trusted.conf cp trusted.conf ../ns3/trusted.conf cp trusted.conf ../ns4/trusted.conf diff --git a/bin/tests/system/ecdsa/ns1/sign.sh b/bin/tests/system/ecdsa/ns1/sign.sh index 39eb336630..176efccc13 100644 --- a/bin/tests/system/ecdsa/ns1/sign.sh +++ b/bin/tests/system/ecdsa/ns1/sign.sh @@ -25,14 +25,5 @@ cat $infile $key1.key $key2.key > $zonefile $SIGNER -P -g -r $RANDFILE -o $zone $zonefile > /dev/null 2> signer.err || cat signer.err # Configure the resolving server with a trusted key. - -cat $key1.key | grep -v '^; ' | $PERL -n -e ' -local ($dn, $class, $type, $flags, $proto, $alg, @rest) = split; -local $key = join("", @rest); -print < trusted.conf +keyfile_to_trusted_keys $key1 > trusted.conf cp trusted.conf ../ns2/trusted.conf diff --git a/bin/tests/system/eddsa/ns1/sign.sh b/bin/tests/system/eddsa/ns1/sign.sh index 15814be7ef..ee0b3094ec 100644 --- a/bin/tests/system/eddsa/ns1/sign.sh +++ b/bin/tests/system/eddsa/ns1/sign.sh @@ -26,16 +26,7 @@ cat $infile $key1.key $key2.key > $zonefile $SIGNER -P -g -r $RANDFILE -o $zone $zonefile > /dev/null 2> signer.err || cat signer.err # Configure the resolving server with a trusted key. - -cat $key1.key | grep -v '^; ' | $PERL -n -e ' -local ($dn, $class, $type, $flags, $proto, $alg, @rest) = split; -local $key = join("", @rest); -print < trusted.conf +keyfile_to_trusted_keys $key1 > trusted.conf cp trusted.conf ../ns2/trusted.conf cd ../ns2 && $SHELL sign.sh diff --git a/bin/tests/system/inline/ns1/sign.sh b/bin/tests/system/inline/ns1/sign.sh index 7626a6771e..e4e46462fd 100644 --- a/bin/tests/system/inline/ns1/sign.sh +++ b/bin/tests/system/inline/ns1/sign.sh @@ -20,14 +20,5 @@ keyname=`$KEYGEN -q -r $RANDFILE -a RSASHA1 -b 1024 -n zone -f KSK $zone` $SIGNER -S -x -T 1200 -o ${zone} root.db > signer.out 2>&1 [ $? = 0 ] || cat signer.out -cat ${keyname}.key | grep -v '^; ' | $PERL -n -e ' -local ($dn, $class, $type, $flags, $proto, $alg, @rest) = split; -local $key = join("", @rest); -print < trusted.conf - +keyfile_to_trusted_keys $keyname > trusted.conf cp trusted.conf ../ns6/trusted.conf diff --git a/bin/tests/system/legacy/ns7/sign.sh b/bin/tests/system/legacy/ns7/sign.sh index d1613a236e..344a869a52 100755 --- a/bin/tests/system/legacy/ns7/sign.sh +++ b/bin/tests/system/legacy/ns7/sign.sh @@ -28,13 +28,5 @@ cat $infile $keyname1.key $keyname2.key >$zonefile $SIGNER -r $RANDFILE -g -o $zone -f $outfile -e +30y $zonefile > /dev/null 2> signer.err || cat signer.err -grep -v '^;' $keyname2.key | $PERL -n -e ' -local ($dn, $class, $type, $flags, $proto, $alg, @rest) = split; -local $key = join("", @rest); -print < trusted.conf +keyfile_to_trusted_keys $keyname2 > trusted.conf cp trusted.conf ../ns1 diff --git a/bin/tests/system/mkeys/ns1/sign.sh b/bin/tests/system/mkeys/ns1/sign.sh index 9812a8238b..502b5becc7 100644 --- a/bin/tests/system/mkeys/ns1/sign.sh +++ b/bin/tests/system/mkeys/ns1/sign.sh @@ -21,29 +21,13 @@ zskkeyname=`$KEYGEN -a rsasha256 -q -r $RANDFILE $zone` $SIGNER -Sg -r $RANDFILE -o $zone $zonefile > /dev/null 2>/dev/null # Configure the resolving server with a managed trusted key. -cat $keyname.key | grep -v '^; ' | $PERL -n -e ' -local ($dn, $class, $type, $flags, $proto, $alg, @rest) = split; -local $key = join("", @rest); -print < managed.conf +keyfile_to_managed_keys $keyname > managed.conf cp managed.conf ../ns2/managed.conf cp managed.conf ../ns4/managed.conf cp managed.conf ../ns5/managed.conf -# Configure a trusted key statement (used by delve) -cat $keyname.key | grep -v '^; ' | $PERL -n -e ' -local ($dn, $class, $type, $flags, $proto, $alg, @rest) = split; -local $key = join("", @rest); -print < trusted.conf +# Configure a trusted key statement (used by delv) +keyfile_to_trusted_keys $keyname > trusted.conf # # Save keyname and keyid for managed key id test. diff --git a/bin/tests/system/mkeys/tests.sh b/bin/tests/system/mkeys/tests.sh index 760bda63b2..a2b6c76960 100644 --- a/bin/tests/system/mkeys/tests.sh +++ b/bin/tests/system/mkeys/tests.sh @@ -298,17 +298,7 @@ status=`expr $status + $ret` echo_i "reinitialize trust anchors, add second key to bind.keys" $PERL $SYSTEMTESTTOP/stop.pl --use-rndc --port ${CONTROLPORT} . ns2 rm -f ns2/managed-keys.bind* -cat ns1/$standby1.key | grep -v '^; ' | $PERL -n -e ' -local ($dn, $class, $type, $flags, $proto, $alg, @rest) = split; -local $key = join("", @rest); -local $originalkey = `grep initial-key ns2/managed1.conf`; -print < ns2/managed.conf +keyfile_to_managed_keys ns1/`cat ns1/managed.key` ns1/$standby1 > ns2/managed.conf nextpart ns2/named.run > /dev/null $PERL $SYSTEMTESTTOP/start.pl --noclean --restart --port ${PORT} . ns2 diff --git a/bin/tests/system/pending/ns1/sign.sh b/bin/tests/system/pending/ns1/sign.sh index 324dc12932..8a69e1a7be 100644 --- a/bin/tests/system/pending/ns1/sign.sh +++ b/bin/tests/system/pending/ns1/sign.sh @@ -28,16 +28,7 @@ cat $infile $keyname1.key $keyname2.key > $zonefile $SIGNER -g -r $RANDFILE -o $zone $zonefile > /dev/null 2>&1 # Configure the resolving server with a trusted key. - -cat $keyname2.key | grep -v '^; ' | $PERL -n -e ' -local ($dn, $class, $type, $flags, $proto, $alg, @rest) = split; -local $key = join("", @rest); -print < trusted.conf +keyfile_to_trusted_keys $keyname2 > trusted.conf cp trusted.conf ../ns2/trusted.conf cp trusted.conf ../ns3/trusted.conf cp trusted.conf ../ns4/trusted.conf diff --git a/bin/tests/system/resolver/ns6/keygen.sh b/bin/tests/system/resolver/ns6/keygen.sh index 6cf7b8cee1..268392fa03 100644 --- a/bin/tests/system/resolver/ns6/keygen.sh +++ b/bin/tests/system/resolver/ns6/keygen.sh @@ -30,13 +30,5 @@ zsk=`$KEYGEN -q -a rsasha256 -r $RANDFILE $zone` cat $ksk.key $zsk.key dsset-ds.example.net$TP >> $zonefile $SIGNER -P -r $RANDFILE -o $zone $zonefile > /dev/null 2>&1 -# Configure a trusted key statement (used by delve) -cat $ksk.key | grep -v '^; ' | $PERL -n -e ' -local ($dn, $class, $type, $flags, $proto, $alg, @rest) = split; -local $key = join("", @rest); -print < ../ns5/trusted.conf +# Configure a trusted key statement (used by delv) +keyfile_to_trusted_keys $ksk > ../ns5/trusted.conf diff --git a/bin/tests/system/rootkeysentinel/ns1/sign.sh b/bin/tests/system/rootkeysentinel/ns1/sign.sh index 9f91928694..369f75e00b 100644 --- a/bin/tests/system/rootkeysentinel/ns1/sign.sh +++ b/bin/tests/system/rootkeysentinel/ns1/sign.sh @@ -28,16 +28,7 @@ cat $infile $keyname.key > $zonefile $SIGNER -P -g -r $RANDFILE -o $zone $zonefile > /dev/null # Configure the resolving server with a trusted key. -cat $keyname.key | grep -v '^; ' | $PERL -n -e ' -local ($dn, $class, $type, $flags, $proto, $alg, @rest) = split; -local $key = join("", @rest); -print < trusted.conf - +keyfile_to_trusted_keys $keyname > trusted.conf cp trusted.conf ../ns2/trusted.conf cp trusted.conf ../ns3/trusted.conf cp trusted.conf ../ns4/trusted.conf diff --git a/bin/tests/system/rsabigexponent/ns1/sign.sh b/bin/tests/system/rsabigexponent/ns1/sign.sh index 0561519764..8570855d3c 100755 --- a/bin/tests/system/rsabigexponent/ns1/sign.sh +++ b/bin/tests/system/rsabigexponent/ns1/sign.sh @@ -25,16 +25,7 @@ cat $infile $keyname.key > $zonefile $SIGNER -P -g -r $RANDFILE -o $zone $zonefile > /dev/null # Configure the resolving server with a trusted key. -cat $keyname.key | grep -v '^; ' | $PERL -n -e ' -local ($dn, $class, $type, $flags, $proto, $alg, @rest) = split; -local $key = join("", @rest); -print < trusted.conf - +keyfile_to_trusted_keys $keyname > trusted.conf cp trusted.conf ../ns2/trusted.conf cp trusted.conf ../ns3/trusted.conf diff --git a/bin/tests/system/sfcache/ns1/sign.sh b/bin/tests/system/sfcache/ns1/sign.sh index 270d2a8b1e..ad62c4cb89 100644 --- a/bin/tests/system/sfcache/ns1/sign.sh +++ b/bin/tests/system/sfcache/ns1/sign.sh @@ -27,24 +27,8 @@ cat $infile $keyname.key > $zonefile $SIGNER -P -g -r $RANDFILE -o $zone $zonefile > /dev/null # Configure the resolving server with a trusted key. -cat $keyname.key | grep -v '^; ' | $PERL -n -e ' -local ($dn, $class, $type, $flags, $proto, $alg, @rest) = split; -local $key = join("", @rest); -print < trusted.conf +keyfile_to_trusted_keys $keyname > trusted.conf +cp trusted.conf ../ns2/trusted.conf # ...or with a managed key. -cat $keyname.key | grep -v '^; ' | $PERL -n -e ' -local ($dn, $class, $type, $flags, $proto, $alg, @rest) = split; -local $key = join("", @rest); -print < managed.conf -cp trusted.conf ../ns2/trusted.conf +keyfile_to_managed_keys $keyname > managed.conf diff --git a/bin/tests/system/staticstub/ns3/sign.sh b/bin/tests/system/staticstub/ns3/sign.sh index 96cc585151..32af7d00ee 100755 --- a/bin/tests/system/staticstub/ns3/sign.sh +++ b/bin/tests/system/staticstub/ns3/sign.sh @@ -27,16 +27,7 @@ cat $infile $keyname1.key $keyname2.key > $zonefile $SIGNER -g -r $RANDFILE -o $zone $zonefile > /dev/null 2>&1 # Configure the resolving server with a trusted key. - -cat $keyname2.key | grep -v '^; ' | $PERL -n -e ' -local ($dn, $class, $type, $flags, $proto, $alg, @rest) = split; -local $key = join("", @rest); -print < trusted.conf +keyfile_to_trusted_keys $keyname2 > trusted.conf zone=undelegated infile=undelegated.db.in @@ -47,14 +38,5 @@ cat $infile $keyname1.key $keyname2.key > $zonefile $SIGNER -g -r $RANDFILE -o $zone $zonefile > /dev/null 2>&1 -cat $keyname2.key | grep -v '^; ' | $PERL -n -e ' -local ($dn, $class, $type, $flags, $proto, $alg, @rest) = split; -local $key = join("", @rest); -print <> trusted.conf - +keyfile_to_trusted_keys $keyname2 >> trusted.conf cp trusted.conf ../ns2/trusted.conf diff --git a/bin/tests/system/synthfromdnssec/ns1/sign.sh b/bin/tests/system/synthfromdnssec/ns1/sign.sh index f400552a0b..2b8480ff31 100644 --- a/bin/tests/system/synthfromdnssec/ns1/sign.sh +++ b/bin/tests/system/synthfromdnssec/ns1/sign.sh @@ -32,12 +32,4 @@ cat $infile $keyname.key > $zonefile $SIGNER -P -g -r $RANDFILE -o $zone $zonefile > /dev/null # Configure the resolving server with a trusted key. -cat $keyname.key | grep -v '^; ' | $PERL -n -e ' -local ($dn, $class, $type, $flags, $proto, $alg, @rest) = split; -local $key = join("", @rest); -print < trusted.conf +keyfile_to_trusted_keys $keyname > trusted.conf diff --git a/bin/tests/system/wildcard/ns1/sign.sh b/bin/tests/system/wildcard/ns1/sign.sh index 2c3ee9ab55..de94423050 100755 --- a/bin/tests/system/wildcard/ns1/sign.sh +++ b/bin/tests/system/wildcard/ns1/sign.sh @@ -57,15 +57,7 @@ cat $infile $keyname1.key $keyname2.key > $zonefile $SIGNER -r $RANDFILE -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err echo_i "signed $zone" -grep -v '^;' $keyname2.key | $PERL -n -e ' -local ($dn, $class, $type, $flags, $proto, $alg, @rest) = split; -local $key = join("", @rest); -print < private.nsec.conf +keyfile_to_trusted_keys $keyname2 > private.nsec.conf zone=nsec3. infile=nsec3.db.in @@ -94,15 +86,7 @@ cat $infile $keyname1.key $keyname2.key > $zonefile $SIGNER -r $RANDFILE -3 - -H 10 -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err echo_i "signed $zone" -grep -v '^;' $keyname2.key | $PERL -n -e ' -local ($dn, $class, $type, $flags, $proto, $alg, @rest) = split; -local $key = join("", @rest); -print < private.nsec3.conf +keyfile_to_trusted_keys $keyname2 > private.nsec3.conf zone=. infile=root.db.in @@ -117,12 +101,4 @@ cat $infile $keyname1.key $keyname2.key $dssets >$zonefile $SIGNER -r $RANDFILE -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err echo_i "signed $zone" -grep -v '^;' $keyname2.key | $PERL -n -e ' -local ($dn, $class, $type, $flags, $proto, $alg, @rest) = split; -local $key = join("", @rest); -print < trusted.conf +keyfile_to_trusted_keys $keyname2 > trusted.conf