fixup! Add Sharness support files

bin/tests/system/.gitignore

@@ -1,3 +1,4 @@
+/*/test-results/
 dig.out*
 rndc.out*
 nsupdate.out*

bin/tests/system/Makefile.in

@@ -15,7 +15,7 @@ VERSION=@BIND9_VERSION@
 
 @BIND9_MAKE_INCLUDES@
 
-SUBDIRS =	dlzexternal dyndb pipelined rndc rpz rsabigexponent tkey
+SUBDIRS =	sharness dlzexternal dyndb pipelined rndc rpz rsabigexponent tkey
 
 CINCLUDES =	${ISC_INCLUDES} ${DNS_INCLUDES}
 

bin/tests/system/chain/.gitignore

@@ -0,0 +1,13 @@
+/trash*directory.*.sh/
+/dig.out.*
+/ns*/named*.pid
+/ns*/named.conf
+/ns*/named.memstats
+/ns*/named.recursing
+/ns*/named.lock
+/ns*/named.run
+/ans*/ans.run
+/ns2/K*
+/ns2/dsset-*
+/ns2/example.db.signed
+/ns*/managed-keys.bind*

bin/tests/system/chain/setup.sh

@@ -9,8 +9,8 @@
 # See the COPYRIGHT file distributed with this work for additional
 # information regarding copyright ownership.
 
-SYSTEMTESTTOP=..
-. $SYSTEMTESTTOP/conf.sh
+# shellcheck source=../conf.sh
+. "$SYSTEMTESTTOP/conf.sh"
 
 $SHELL clean.sh
 
@@ -19,5 +19,5 @@ copy_setports ns2/named.conf.in ns2/named.conf
 copy_setports ns5/named.conf.in ns5/named.conf
 copy_setports ns7/named.conf.in ns7/named.conf
 
-cd ns2
-$SHELL sign.sh
+# shellcheck source=ns2/sign.sh
+( cd ns2 && $SHELL sign.sh )

bin/tests/system/chain/tests.sh

@@ -1,3 +1,5 @@
+#!/bin/sh
+#
 # Copyright (C) Internet Systems Consortium, Inc. ("ISC")
 #
 # This Source Code Form is subject to the terms of the Mozilla Public
@@ -7,290 +9,251 @@
 # See the COPYRIGHT file distributed with this work for additional
 # information regarding copyright ownership.
 
-SYSTEMTESTTOP=..
-. $SYSTEMTESTTOP/conf.sh
+# shellcheck source=../conf.sh
+. "$SYSTEMTESTTOP/conf.sh"
 
-DIGOPTS="-p ${PORT}"
-RNDCCMD="$RNDC -c $SYSTEMTESTTOP/common/rndc.conf -p ${CONTROLPORT} -s"
-SEND="$PERL $SYSTEMTESTTOP/send.pl 10.53.0.4 ${EXTRAPORT1}"
-status=0
-n=0
+test_description="CHAIN tests."
 
-n=`expr $n + 1`
-echo_i "checking short DNAME from authoritative ($n)"
-ret=0
-$DIG $DIGOPTS a.short-dname.example @10.53.0.2 a > dig.out.ns2.short || ret=1
-grep "status: NOERROR" dig.out.ns2.short > /dev/null || ret=1
-if [ $ret != 0 ]; then echo_i "failed"; fi
-status=`expr $status + $ret`
+# shellcheck source=../sharness/lib/sharness/sharness.sh
+. "$SYSTEMTESTTOP/sharness/lib/sharness/sharness.sh"
 
-n=`expr $n + 1`
-echo_i "checking short DNAME from recursive ($n)"
-ret=0
-$RNDCCMD 10.53.0.7 null --- start test$n --- 2>&1 | sed 's/^/ns7 /' | cat_i
-$DIG $DIGOPTS a.short-dname.example @10.53.0.7 a > dig.out.ns4.short || ret=1
-grep "status: NOERROR" dig.out.ns4.short > /dev/null || ret=1
-if [ $ret != 0 ]; then echo_i "failed"; fi
-status=`expr $status + $ret`
+if test -n "$PYTHON" && "$PYTHON" -c 'import dns' 2>/dev/null
+then
+    test_set_prereq DNSPYTHON
+fi
 
-n=`expr $n + 1`
-echo_i "checking long DNAME from authoritative ($n)"
-ret=0
-$DIG $DIGOPTS a.long-dname.example @10.53.0.2 a > dig.out.ns2.long || ret=1
-grep "status: NOERROR" dig.out.ns2.long > /dev/null || ret=1
-if [ $ret != 0 ]; then echo_i "failed"; fi
-status=`expr $status + $ret`
+if test -n "$PERL" && "$PERL" -e 'use Net::DNS;' 2>/dev/null
+then
+    if "$PERL" -e 'use Net::DNS; die if ($Net::DNS::VERSION >= 0.69 && $Net::DNS::VERSION <= 0.74' 2>/dev/null
+    then
+	test_set_prereq NETDNS
+    fi
+    if "$PERL" -e 'use Net::DNS::Nameserver'
+    then
+	test_set_prereq NETDNSNAMESERVER
+    fi
+fi
 
-n=`expr $n + 1`
-echo_i "checking long DNAME from recursive ($n)"
-ret=0
-$RNDCCMD 10.53.0.7 null --- start test$n --- 2>&1 | sed 's/^/ns7 /' | cat_i
-$DIG $DIGOPTS a.long-dname.example @10.53.0.7 a > dig.out.ns4.long || ret=1
-grep "status: NOERROR" dig.out.ns4.long > /dev/null || ret=1
-if [ $ret != 0 ]; then echo_i "failed"; fi
-status=`expr $status + $ret`
+dig_with_opts() {
+    "$DIG" -p "$PORT" "$@"
+}
 
-n=`expr $n + 1`
-echo_i "checking (too) long DNAME from authoritative ($n)"
-ret=0
-$DIG $DIGOPTS 01234567890123456789012345678901234567890123456789.longlonglonglonglonglonglonglonglonglonglonglonglonglonglong.longlonglonglonglonglonglonglonglonglonglonglonglonglonglong.longlonglonglonglonglonglonglonglonglonglonglonglonglonglong.long-dname.example @10.53.0.2 a > dig.out.ns2.toolong || ret=1
-grep "status: YXDOMAIN" dig.out.ns2.toolong > /dev/null || ret=1
-if [ $ret != 0 ]; then echo_i "failed"; fi
-status=`expr $status + $ret`
+rndccmd() {
+    "$RNDC" -c "$SYSTEMTESTTOP/common/rndc.conf" -p "${CONTROLPORT}" -s "$@"
+}
 
-n=`expr $n + 1`
-echo_i "checking (too) long DNAME from recursive with cached DNAME ($n)"
-ret=0
-$RNDCCMD 10.53.0.7 null --- start test$n --- 2>&1 | sed 's/^/ns7 /' | cat_i
-$DIG $DIGOPTS 01234567890123456789012345678901234567890123456789.longlonglonglonglonglonglonglonglonglonglonglonglonglonglong.longlonglonglonglonglonglonglonglonglonglonglonglonglonglong.longlonglonglonglonglonglonglonglonglonglonglonglonglonglong.long-dname.example @10.53.0.7 a > dig.out.ns4.cachedtoolong || ret=1
-grep "status: YXDOMAIN" dig.out.ns4.cachedtoolong > /dev/null || ret=1
-grep '^long-dname\.example\..*DNAME.*long' dig.out.ns4.cachedtoolong > /dev/null || ret=1
-if [ $ret != 0 ]; then echo_i "failed"; fi
-status=`expr $status + $ret`
+sendcmd() {
+    "$PERL" "$SYSTEMTESTTOP/send.pl" 10.53.0.4 "${EXTRAPORT1}"
+}
 
-n=`expr $n + 1`
-echo_i "checking (too) long DNAME from recursive without cached DNAME ($n)"
-ret=0
-$RNDCCMD 10.53.0.7 null --- start test$n --- 2>&1 | sed 's/^/ns7 /' | cat_i
-$DIG $DIGOPTS 01234567890123456789012345678901234567890123456789.longlonglonglonglonglonglonglonglonglonglonglonglonglonglong.longlonglonglonglonglonglonglonglonglonglonglonglonglonglong.longlonglonglonglonglonglonglonglonglonglonglonglonglong.toolong-dname.example @10.53.0.7 a > dig.out.ns4.uncachedtoolong || ret=1
-grep "status: YXDOMAIN" dig.out.ns4.uncachedtoolong > /dev/null || ret=1
-grep '^toolong-dname\.example\..*DNAME.*long' dig.out.ns4.uncachedtoolong > /dev/null || ret=1
-if [ $ret != 0 ]; then echo_i "failed"; fi
-status=`expr $status + $ret`
+grep_dig() {
+    __file=$1
+    __rcode=$2
+    __answers=$3
+    if [ -n "$__rcode" ]; then
+	grep -q -F "status: $__rcode" "$__file" || return 1
+    fi
+    if [ -n "$__answers" ]; then
+	grep -q -F "ANSWER: $__answers" "$__file" || return 1
+    fi
+    return 0
+}
 
-n=`expr $n + 1`
-echo_i "checking CNAME to DNAME from authoritative ($n)"
-ret=0
-$DIG $DIGOPTS cname.example @10.53.0.2 a > dig.out.ns2.cname
-grep "status: NOERROR" dig.out.ns2.cname > /dev/null || ret=1
-if [ $ret != 0 ]; then echo_i "failed"; fi
-status=`expr $status + $ret`
+test_expect_success "checking short DNAME from authoritative " "
+  dig_with_opts a.short-dname.example @10.53.0.2 a > dig.out &&
+  grep_dig dig.out NOERROR
+"
 
-n=`expr $n + 1`
-echo_i "checking CNAME to DNAME from recursive"
-ret=0
-$RNDCCMD 10.53.0.7 null --- start test$n --- 2>&1 | sed 's/^/ns7 /' | cat_i
-$DIG $DIGOPTS cname.example @10.53.0.7 a > dig.out.ns4.cname
-grep "status: NOERROR" dig.out.ns4.cname > /dev/null || ret=1
-grep '^cname.example.' dig.out.ns4.cname > /dev/null || ret=1
-grep '^cnamedname.example.' dig.out.ns4.cname > /dev/null || ret=1
-grep '^a.cnamedname.example.' dig.out.ns4.cname > /dev/null || ret=1
-grep '^a.target.example.' dig.out.ns4.cname > /dev/null || ret=1
-if [ $ret != 0 ]; then echo_i "failed"; fi
-status=`expr $status + $ret`
+test_expect_success "checking short DNAME from recursive " "
+  dig_with_opts a.short-dname.example @10.53.0.7 a > dig.out &&
+  grep_dig dig.out NOERROR
+"
 
-n=`expr $n + 1`
-echo_i "checking DNAME is returned with synthesized CNAME before DNAME ($n)"
-ret=0
-$RNDCCMD 10.53.0.7 null --- start test$n --- 2>&1 | sed 's/^/ns7 /' | cat_i
-$DIG $DIGOPTS @10.53.0.7 name.synth-then-dname.example.broken A > dig.out.test$n
-grep "status: NXDOMAIN" dig.out.test$n > /dev/null || ret=1
-grep '^name.synth-then-dname\.example\.broken\..*CNAME.*name.$' dig.out.test$n > /dev/null || ret=1
-grep '^synth-then-dname\.example\.broken\..*DNAME.*\.$' dig.out.test$n > /dev/null || ret=1
-if [ $ret != 0 ]; then echo_i "failed"; fi
-status=`expr $status + $ret`
+test_expect_success "checking long DNAME from authoritative " "
+  dig_with_opts a.long-dname.example @10.53.0.2 a > dig.out &&
+  grep_dig dig.out NOERROR
+"
 
-n=`expr $n + 1`
-echo_i "checking DNAME is returned with CNAME to synthesized CNAME before DNAME ($n)"
-ret=0
-$RNDCCMD 10.53.0.7 null --- start test$n --- 2>&1 | sed 's/^/ns7 /' | cat_i
-$DIG $DIGOPTS @10.53.0.7 cname-to-synth2-then-dname.example.broken A > dig.out.test$n
-grep "status: NXDOMAIN" dig.out.test$n > /dev/null || ret=1
-grep '^cname-to-synth2-then-dname\.example\.broken\..*CNAME.*name\.synth2-then-dname\.example\.broken.$' dig.out.test$n > /dev/null || ret=1
-grep '^name\.synth2-then-dname\.example\.broken\..*CNAME.*name.$' dig.out.test$n > /dev/null || ret=1
-grep '^synth2-then-dname\.example\.broken\..*DNAME.*\.$' dig.out.test$n > /dev/null || ret=1
-if [ $ret != 0 ]; then echo_i "failed"; fi
-status=`expr $status + $ret`
+test_expect_success "checking long DNAME from recursive " "
+  dig_with_opts a.long-dname.example @10.53.0.7 a > dig.out &&
+  grep_dig dig.out NOERROR
+"
 
-n=`expr $n + 1`
-echo_i "checking CNAME loops are detected ($n)"
-ret=0
-$RNDCCMD 10.53.0.7 null --- start test$n --- 2>&1 | sed 's/^/ns7 /' | cat_i
-$DIG $DIGOPTS @10.53.0.7 loop.example > dig.out.test$n
-grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1
-grep "ANSWER: 17" dig.out.test$n > /dev/null || ret=1
-if [ $ret != 0 ]; then echo_i "failed"; fi
-status=`expr $status + $ret`
+test_expect_success "checking (too) long DNAME from authoritative " "
+  dig_with_opts 01234567890123456789012345678901234567890123456789.longlonglonglonglonglonglonglonglonglonglonglonglonglonglong.longlonglonglonglonglonglonglonglonglonglonglonglonglonglong.longlonglonglonglonglonglonglonglonglonglonglonglonglonglong.long-dname.example @10.53.0.2 a > dig.out &&
+  grep_dig dig.out YXDOMAIN
+"
 
-n=`expr $n + 1`
-echo_i "checking CNAME to external delegated zones is handled ($n)"
-ret=0
-$RNDCCMD 10.53.0.7 null --- start test$n --- 2>&1 | sed 's/^/ns7 /' | cat_i
-$DIG $DIGOPTS @10.53.0.7 a.example > dig.out.test$n
-grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1
-grep "ANSWER: 2" dig.out.test$n > /dev/null || ret=1
-if [ $ret != 0 ]; then echo_i "failed"; fi
-status=`expr $status + $ret`
+test_expect_success "checking (too) long DNAME from recursive with cached DNAME" "
+  dig_with_opts 01234567890123456789012345678901234567890123456789.longlonglonglonglonglonglonglonglonglonglonglonglonglonglong.longlonglonglonglonglonglonglonglonglonglonglonglonglonglong.longlonglonglonglonglonglonglonglonglonglonglonglonglonglong.long-dname.example @10.53.0.7 a > dig.out &&
+  grep_dig dig.out YXDOMAIN &&
+  grep -q '^long-dname\.example\..*DNAME.*long' dig.out
+"
 
-n=`expr $n + 1`
-echo_i "checking CNAME to internal delegated zones is handled ($n)"
-ret=0
-$RNDCCMD 10.53.0.7 null --- start test$n --- 2>&1 | sed 's/^/ns7 /' | cat_i
-$DIG $DIGOPTS @10.53.0.7 b.example > dig.out.test$n
-grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1
-grep "ANSWER: 2" dig.out.test$n > /dev/null || ret=1
-if [ $ret != 0 ]; then echo_i "failed"; fi
-status=`expr $status + $ret`
+test_expect_success "checking (too) long DNAME from recursive without cached DNAME" "
+  dig_with_opts 01234567890123456789012345678901234567890123456789.longlonglonglonglonglonglonglonglonglonglonglonglonglonglong.longlonglonglonglonglonglonglonglonglonglonglonglonglonglong.longlonglonglonglonglonglonglonglonglonglonglonglonglong.toolong-dname.example @10.53.0.7 a > dig.out &&
+  grep_dig dig.out YXDOMAIN
+  grep -q '^toolong-dname\.example\..*DNAME.*long' dig.out
+"
 
-n=`expr $n + 1`
-echo_i "checking CNAME to signed external delgation is handled ($n)"
-ret=0
-$RNDCCMD 10.53.0.7 null --- start test$n --- 2>&1 | sed 's/^/ns7 /' | cat_i
-$DIG $DIGOPTS @10.53.0.7 c.example > dig.out.$n
-grep "status: NOERROR" dig.out.$n > /dev/null || ret=1
-if [ $ret != 0 ]; then echo_i " failed"; fi
-status=`expr $status + $ret`
+test_expect_success "checking CNAME to DNAME from authoritative" "
+  dig_with_opts cname.example @10.53.0.2 a > dig.out &&
+  grep_dig dig.out NOERROR
+"
 
-n=`expr $n + 1`
-echo_i "checking CNAME to signed internal delgation is handled ($n)"
-ret=0
-$RNDCCMD 10.53.0.7 null --- start test$n --- 2>&1 | sed 's/^/ns7 /' | cat_i
-$DIG $DIGOPTS @10.53.0.7 d.example > dig.out.$n
-grep "status: NOERROR" dig.out.$n > /dev/null || ret=1
-if [ $ret != 0 ]; then echo_i " failed"; fi
-status=`expr $status + $ret`
+test_expect_success "checking CNAME to DNAME from recursive" "
+  dig_with_opts cname.example @10.53.0.7 a > dig.out &&
+  grep_dig dig.out NOERROR &&
+  grep -q '^cname.example.' dig.out &&
+  grep -q '^cnamedname.example.' dig.out &&
+  grep -q '^a.cnamedname.example.' dig.out &&
+  grep -q '^a.target.example.' dig.out
+"
 
-n=`expr $n + 1`
-echo_i "checking CNAME chains in various orders ($n)"
-ret=0
-$RNDCCMD 10.53.0.7 null --- start test$n - step 1 --- 2>&1 | sed 's/^/ns7 /' | cat_i
-echo "cname,cname,cname|1,2,3,4,s1,s2,s3,s4" | $SEND
-$DIG $DIGOPTS @10.53.0.7 test.domain.nil > dig.out.1.$n 2>&1
-grep 'status: NOERROR' dig.out.1.$n > /dev/null 2>&1 || ret=1
-grep 'ANSWER: 2' dig.out.1.$n > /dev/null 2>&1 || ret=1
-$RNDCCMD 10.53.0.7 null --- start test$n - step 2 --- 2>&1 | sed 's/^/ns7 /' | cat_i
-$RNDCCMD 10.53.0.7 flush 2>&1 | sed 's/^/ns7 /' | cat_i
-echo "cname,cname,cname|1,1,2,2,3,4,s4,s3,s1" | $SEND
-$DIG $DIGOPTS @10.53.0.7 test.domain.nil > dig.out.2.$n 2>&1
-grep 'status: NOERROR' dig.out.2.$n > /dev/null 2>&1 || ret=1
-grep 'ANSWER: 2' dig.out.2.$n > /dev/null 2>&1 || ret=1
-$RNDCCMD 10.53.0.7 null --- start test$n - step 3 --- 2>&1 | sed 's/^/ns7 /' | cat_i
-$RNDCCMD 10.53.0.7 flush 2>&1 | sed 's/^/ns7 /' | cat_i
-echo "cname,cname,cname|2,1,3,4,s3,s1,s2,s4" | $SEND
-$DIG $DIGOPTS @10.53.0.7 test.domain.nil > dig.out.3.$n 2>&1
-grep 'status: NOERROR' dig.out.3.$n > /dev/null 2>&1 || ret=1
-grep 'ANSWER: 2' dig.out.3.$n > /dev/null 2>&1 || ret=1
-$RNDCCMD 10.53.0.7 null --- start test$n - step 4 --- 2>&1 | sed 's/^/ns7 /' | cat_i
-$RNDCCMD 10.53.0.7 flush 2>&1 | sed 's/^/ns7 /' | cat_i
-echo "cname,cname,cname|4,3,2,1,s4,s3,s2,s1" | $SEND
-$DIG $DIGOPTS @10.53.0.7 test.domain.nil > dig.out.4.$n 2>&1
-grep 'status: NOERROR' dig.out.4.$n > /dev/null 2>&1 || ret=1
-grep 'ANSWER: 2' dig.out.4.$n > /dev/null 2>&1 || ret=1
-echo "cname,cname,cname|4,3,2,1,s4,s3,s2,s1" | $SEND
-$RNDCCMD 10.53.0.7 null --- start test$n - step 5 --- 2>&1 | sed 's/^/ns7 /' | cat_i
-$RNDCCMD 10.53.0.7 flush 2>&1 | sed 's/^/ns7 /' | cat_i
-$DIG $DIGOPTS @10.53.0.7 test.domain.nil > dig.out.5.$n 2>&1
-grep 'status: NOERROR' dig.out.5.$n > /dev/null 2>&1 || ret=1
-grep 'ANSWER: 2' dig.out.5.$n > /dev/null 2>&1 || ret=1
-$RNDCCMD 10.53.0.7 null --- start test$n - step 6 --- 2>&1 | sed 's/^/ns7 /' | cat_i
-$RNDCCMD 10.53.0.7 flush 2>&1 | sed 's/^/ns7 /' | cat_i
-echo "cname,cname,cname|4,3,3,3,s1,s1,1,3,4" | $SEND
-$DIG $DIGOPTS @10.53.0.7 test.domain.nil > dig.out.6.$n 2>&1
-grep 'status: NOERROR' dig.out.6.$n > /dev/null 2>&1 || ret=1
-grep 'ANSWER: 2' dig.out.6.$n > /dev/null 2>&1 || ret=1
-if [ $ret != 0 ]; then echo_i "failed"; fi
-status=`expr $status + $ret`
+test_expect_success "checking DNAME is returned with synthesized CNAME before DNAME" "
+  dig_with_opts @10.53.0.7 name.synth-then-dname.example.broken A > dig.out &&
+  grep_dig dig.out NXDOMAIN &&
+  grep -q '^name.synth-then-dname\.example\.broken\..*CNAME.*name.$' dig.out &&
+  grep -q '^synth-then-dname\.example\.broken\..*DNAME.*\.$' dig.out
+"
 
-n=`expr $n + 1`
-echo_i "checking that only the initial CNAME is cached ($n)"
-ret=0
-$RNDCCMD 10.53.0.7 flush 2>&1 | sed 's/^/ns7 /' | cat_i
-echo "cname,cname,cname|1,2,3,4,s1,s2,s3,s4" | $SEND
-$RNDCCMD 10.53.0.7 null --- start test$n --- 2>&1 | sed 's/^/ns7 /' | cat_i
-$DIG $DIGOPTS @10.53.0.7 test.domain.nil > dig.out.1.$n 2>&1
-sleep 1
-$DIG $DIGOPTS +noall +answer @10.53.0.7 cname1.domain.nil > dig.out.2.$n 2>&1
-ttl=`awk '{print $2}' dig.out.2.$n`
-[ "$ttl" -eq 86400 ] || ret=1
-if [ $ret != 0 ]; then echo_i "failed"; fi
-status=`expr $status + $ret`
+test_expect_success "checking DNAME is returned with CNAME to synthesized CNAME before DNAME" "
+  dig_with_opts @10.53.0.7 cname-to-synth2-then-dname.example.broken A > dig.out &&
+  grep_dig dig.out NXDOMAIN &&
+  grep -q '^cname-to-synth2-then-dname\.example\.broken\..*CNAME.*name\.synth2-then-dname\.example\.broken.$' dig.out &&
+  grep -q '^name\.synth2-then-dname\.example\.broken\..*CNAME.*name.$' dig.out &&
+  grep -q '^synth2-then-dname\.example\.broken\..*DNAME.*\.$' dig.out
+"
 
-n=`expr $n + 1`
-echo_i "checking DNAME chains in various orders ($n)"
-ret=0
-$RNDCCMD 10.53.0.7 null --- start test$n - step 1 --- 2>&1 | sed 's/^/ns7 /' | cat_i
-$RNDCCMD 10.53.0.7 flush 2>&1 | sed 's/^/ns7 /' | cat_i
-echo "dname,dname|5,4,3,2,1,s5,s4,s3,s2,s1" | $SEND
-$DIG $DIGOPTS @10.53.0.7 test.domain.nil > dig.out.1.$n 2>&1
-grep 'status: NOERROR' dig.out.1.$n > /dev/null 2>&1 || ret=1
-grep 'ANSWER: 3' dig.out.1.$n > /dev/null 2>&1 || ret=1
-$RNDCCMD 10.53.0.7 null --- start test$n - step 2 --- 2>&1 | sed 's/^/ns7 /' | cat_i
-$RNDCCMD 10.53.0.7 flush 2>&1 | sed 's/^/ns7 /' | cat_i
-echo "dname,dname|5,4,3,2,1,s5,s4,s3,s2,s1" | $SEND
-$DIG $DIGOPTS @10.53.0.7 test.domain.nil > dig.out.2.$n 2>&1
-grep 'status: NOERROR' dig.out.2.$n > /dev/null 2>&1 || ret=1
-grep 'ANSWER: 3' dig.out.2.$n > /dev/null 2>&1 || ret=1
-$RNDCCMD 10.53.0.7 null --- start test$n - step 3 --- 2>&1 | sed 's/^/ns7 /' | cat_i
-$RNDCCMD 10.53.0.7 flush 2>&1 | sed 's/^/ns7 /' | cat_i
-echo "dname,dname|2,3,s1,s2,s3,s4,1" | $SEND
-$DIG $DIGOPTS @10.53.0.7 test.domain.nil > dig.out.3.$n 2>&1
-grep 'status: NOERROR' dig.out.3.$n > /dev/null 2>&1 || ret=1
-grep 'ANSWER: 3' dig.out.3.$n > /dev/null 2>&1 || ret=1
-$RNDCCMD 10.53.0.7 flush 2>&1 | sed 's/^/ns7 /' | cat_i
-if [ $ret != 0 ]; then echo_i "failed"; fi
-status=`expr $status + $ret`
+test_expect_success "checking CNAME loops are detected" "
+  dig_with_opts @10.53.0.7 loop.example > dig.out &&
+  grep_dig dig.out NOERROR 17
+"
 
-n=`expr $n + 1`
-echo_i "checking external CNAME/DNAME chains in various orders ($n)"
-ret=0
-$RNDCCMD 10.53.0.7 null --- start test$n - step 1 --- 2>&1 | sed 's/^/ns7 /' | cat_i
-echo "xname,dname|1,2,3,4,s1,s2,s3,s4" | $SEND
-$DIG $DIGOPTS @10.53.0.7 test.domain.nil > dig.out.1.$n 2>&1
-grep 'status: NOERROR' dig.out.1.$n > /dev/null 2>&1 || ret=1
-grep 'ANSWER: 2' dig.out.1.$n > /dev/null 2>&1 || ret=1
-$RNDCCMD 10.53.0.7 null --- start test$n - step 2 --- 2>&1 | sed 's/^/ns7 /' | cat_i
-$RNDCCMD 10.53.0.7 flush 2>&1 | sed 's/^/ns7 /' | cat_i
-echo "xname,dname|s2,2,s1,1,4,s4,3" | $SEND
-$DIG $DIGOPTS @10.53.0.7 test.domain.nil > dig.out.2.$n 2>&1
-grep 'status: NOERROR' dig.out.2.$n > /dev/null 2>&1 || ret=1
-grep 'ANSWER: 2' dig.out.2.$n > /dev/null 2>&1 || ret=1
-$RNDCCMD 10.53.0.7 null --- start test$n - step 3 --- 2>&1 | sed 's/^/ns7 /' | cat_i
-$RNDCCMD 10.53.0.7 flush 2>&1 | sed 's/^/ns7 /' | cat_i
-echo "xname,dname|s2,2,2,2" | $SEND
-$DIG $DIGOPTS @10.53.0.7 test.domain.nil > dig.out.3.$n 2>&1
-grep 'status: SERVFAIL' dig.out.3.$n > /dev/null 2>&1 || ret=1
-$RNDCCMD 10.53.0.7 flush 2>&1 | sed 's/^/ns7 /' | cat_i
-if [ $ret != 0 ]; then echo_i "failed"; fi
-status=`expr $status + $ret`
+test_expect_success "checking CNAME to external delegated zones is handled" "
+  dig_with_opts @10.53.0.7 a.example > dig.out &&
+  grep_dig dig.out NOERROR 2
+"
 
-n=`expr $n + 1`
-echo_i "checking explicit DNAME query ($n)"
-ret=0
-$RNDCCMD 10.53.0.7 null --- start test$n --- 2>&1 | sed 's/^/ns7 /' | cat_i
-$DIG $DIGOPTS @10.53.0.7 dname short-dname.example > dig.out.7.$n 2>&1
-grep 'status: NOERROR' dig.out.7.$n > /dev/null 2>&1 || ret=1
-if [ $ret != 0 ]; then echo_i "failed"; fi
-status=`expr $status + $ret`
+test_expect_success "checking CNAME to internal delegated zones is handled" "
+  dig_with_opts @10.53.0.7 b.example > dig.out &&
+  grep_dig dig.out NOERROR 2
+"
 
-n=`expr $n + 1`
-echo_i "checking DNAME via ANY query ($n)"
-ret=0
-$RNDCCMD 10.53.0.7 null --- start test$n --- 2>&1 | sed 's/^/ns7 /' | cat_i
-$RNDCCMD 10.53.0.7 flush 2>&1 | sed 's/^/ns7 /' | cat_i
-$DIG $DIGOPTS @10.53.0.7 any short-dname.example > dig.out.7.$n 2>&1
-grep 'status: NOERROR' dig.out.7.$n > /dev/null 2>&1 || ret=1
-if [ $ret != 0 ]; then echo_i "failed"; fi
-status=`expr $status + $ret`
+test_expect_success "checking CNAME to signed external delgation is handled" "
+  dig_with_opts @10.53.0.7 c.example > dig.out &&
+  grep_dig dig.out NOERROR
+"
 
-echo_i "exit status: $status"
-[ $status -eq 0 ] || exit 1
+test_expect_success "checking CNAME to signed internal delgation is handled" "
+  dig_with_opts @10.53.0.7 d.example > dig.out &&
+  grep_dig dig.out NOERROR
+"
+
+test_expect_success "checking CNAME chains in various orders (1)" "
+  echo 'cname,cname,cname|1,2,3,4,s1,s2,s3,s4' | sendcmd
+  dig_with_opts @10.53.0.7 test.domain.nil > dig.out &&
+  grep_dig dig.out NOERROR 2
+"
+
+test_expect_success "checking CNAME chains in various orders (2)" "
+  rndccmd 10.53.0.7 flush 2>&1 | sed 's/^/ns7 /'
+  echo 'cname,cname,cname|1,1,2,2,3,4,s4,s3,s1' | sendcmd
+  dig_with_opts @10.53.0.7 test.domain.nil > dig.out &&
+  grep_dig dig.out NOERROR 2
+"
+
+test_expect_success "checking CNAME chains in various orders (3)" "
+  rndccmd 10.53.0.7 flush 2>&1 | sed 's/^/ns7 /'
+  echo 'cname,cname,cname|2,1,3,4,s3,s1,s2,s4' | sendcmd
+  dig_with_opts @10.53.0.7 test.domain.nil > dig.out &&
+  grep_dig dig.out NOERROR 2
+"
+
+test_expect_success "checking CNAME chains in various orders (4)" "
+  rndccmd 10.53.0.7 flush 2>&1 | sed 's/^/ns7 /'
+  echo 'cname,cname,cname|4,3,2,1,s4,s3,s2,s1' | sendcmd
+  dig_with_opts @10.53.0.7 test.domain.nil > dig.out &&
+  grep_dig dig.out NOERROR 2
+"
+
+test_expect_success "checking CNAME chains in various orders (5)" "
+  rndccmd 10.53.0.7 flush 2>&1 | sed 's/^/ns7 /'
+  echo 'cname,cname,cname|4,3,2,1,s4,s3,s2,s1' | sendcmd
+  dig_with_opts @10.53.0.7 test.domain.nil > dig.out &&
+  grep_dig dig.out NOERROR 2
+"
+
+test_expect_success "checking CNAME chains in various orders (6)" "
+  rndccmd 10.53.0.7 flush 2>&1 | sed 's/^/ns7 /'
+  echo 'cname,cname,cname|4,3,3,3,s1,s1,1,3,4' | sendcmd
+  dig_with_opts @10.53.0.7 test.domain.nil > dig.out &&
+  grep_dig dig.out NOERROR 2
+"
+
+test_expect_success "checking that only the initial CNAME is cached" "
+  rndccmd 10.53.0.7 flush 2>&1 | sed 's/^/ns7 /'
+  echo 'cname,cname,cname|1,2,3,4,s1,s2,s3,s4' | sendcmd
+  dig_with_opts @10.53.0.7 test.domain.nil &&
+  sleep 1 &&
+  dig_with_opts +noall +answer @10.53.0.7 cname1.domain.nil > dig.out &&
+  awk '{ print \$2 }' dig.out > actual &&
+  echo 86400 > expected
+  test_cmp actual expected
+"
+
+test_expect_success "checking DNAME chains in various orders (1)" "
+  rndccmd 10.53.0.7 flush 2>&1 | sed 's/^/ns7 /'
+  echo 'dname,dname|5,4,3,2,1,s5,s4,s3,s2,s1' | sendcmd
+  dig_with_opts @10.53.0.7 test.domain.nil > dig.out &&
+  grep_dig dig.out NOERROR 3
+"
+
+test_expect_success "checking DNAME chains in various orders (2)" "
+  rndccmd 10.53.0.7 flush 2>&1 | sed 's/^/ns7 /'
+  echo 'dname,dname|5,4,3,2,1,s5,s4,s3,s2,s1' | sendcmd
+  dig_with_opts @10.53.0.7 test.domain.nil > dig.out &&
+  grep_dig dig.out NOERROR 3
+"
+
+test_expect_success "checking DNAME chains in various orders (3)" "
+  rndccmd 10.53.0.7 flush 2>&1 | sed 's/^/ns7 /'
+  echo 'dname,dname|2,3,s1,s2,s3,s4,1' | sendcmd
+  dig_with_opts @10.53.0.7 test.domain.nil > dig.out &&
+  grep_dig dig.out NOERROR 3
+"
+
+test_expect_success "checking external CNAME/DNAME chains in various orders (1)" "
+  rndccmd 10.53.0.7 flush 2>&1 | sed 's/^/ns7 /'
+  echo 'xname,dname|1,2,3,4,s1,s2,s3,s4' | sendcmd
+  dig_with_opts @10.53.0.7 test.domain.nil > dig.out &&
+  grep_dig dig.out NOERROR 2
+"
+
+test_expect_success "checking external CNAME/DNAME chains in various orders (2)" "
+  rndccmd 10.53.0.7 flush 2>&1 | sed 's/^/ns7 /'
+  echo 'xname,dname|s2,2,s1,1,4,s4,3' | sendcmd
+  dig_with_opts @10.53.0.7 test.domain.nil > dig.out &&
+  grep_dig dig.out NOERROR 2
+"
+
+test_expect_success "checking external CNAME/DNAME chains in various orders (3)" "
+  rndccmd 10.53.0.7 flush 2>&1 | sed 's/^/ns7 /'
+  echo 'xname,dname|s2,2,2,2' | sendcmd
+  dig_with_opts @10.53.0.7 test.domain.nil > dig.out &&
+  grep_dig dig.out SERVFAIL
+"
+
+test_expect_success "checking explicit DNAME query" "
+  rndccmd 10.53.0.7 flush 2>&1 | sed 's/^/ns7 /'
+  dig_with_opts @10.53.0.7 dname short-dname.example > dig.out
+  grep_dig dig.out NOERROR
+"
+
+test_expect_success "checking DNAME via ANY query" "
+  rndccmd 10.53.0.7 flush 2>&1 | sed 's/^/ns7 /'
+  dig_with_opts @10.53.0.7 any short-dname.example > dig.out &&
+  grep_dig dig.out NOERROR
+"
+
+test_done

bin/tests/system/conf.sh.common

@@ -9,6 +9,8 @@
 # See the COPYRIGHT file distributed with this work for additional
 # information regarding copyright ownership.
 
+: "${SHARNESS_TEST_SRCDIR:=$TOP/bin/tests/system/sharness/lib/sharness}"
+
 if test -n "$PERL"
 then
 	if $PERL -e "use IO::Socket::INET6;" 2> /dev/null

bin/tests/system/glue/.gitignore

@@ -0,0 +1,6 @@
+/trash*directory.*.sh/
+/*/named.conf
+/*/named.memstats
+/*/named.run
+/*/named.lock
+/*/managed-keys.bind*

bin/tests/system/glue/clean.sh

@@ -9,13 +9,12 @@
 # See the COPYRIGHT file distributed with this work for additional
 # information regarding copyright ownership.
 
-#
-# Clean up after glue tests.
-#
+REALPWD=$(realpath "$PWD")
 
-rm -f dig.out
-rm -f */named.conf
-rm -f */named.memstats
-rm -f */named.run
-rm -f ns*/named.lock
-rm -f ns*/managed-keys.bind*
+if [ -r "$REALPWD/.gitignore" ]; then
+    while read -r FILE; do
+	REALFILE=$(realpath -m "$REALPWD/$FILE")
+	# shellcheck disable=SC2086
+	rm -rf $REALFILE
+    done < "$REALPWD/.gitignore"
+fi

bin/tests/system/glue/setup.sh

@@ -9,7 +9,8 @@
 # See the COPYRIGHT file distributed with this work for additional
 # information regarding copyright ownership.
 
-SYSTEMTESTTOP=..
+SYSTEMTESTTOP="$(cd -P -- "$(dirname -- "$0")/.." && pwd -P)"
+# shellcheck source=../conf.sh
 . $SYSTEMTESTTOP/conf.sh
 
 $SHELL clean.sh

bin/tests/system/glue/tests.sh

@@ -9,24 +9,30 @@
 # See the COPYRIGHT file distributed with this work for additional
 # information regarding copyright ownership.
 
-SYSTEMTESTTOP=..
-. $SYSTEMTESTTOP/conf.sh
+# shellcheck source=../conf.sh
+. "$SYSTEMTESTTOP/conf.sh"
+
+test_description="GLUE tests."
+
+# shellcheck source=../sharness/lib/sharness/sharness.sh
+. "$SYSTEMTESTTOP/sharness/lib/sharness/sharness.sh"
 
 #
 # Do glue tests.
 #
 
-DIGOPTS="+norec -p ${PORT}"
+dig_with_opts() {
+    "$DIG" +norec -p "${PORT}" "$@"
+}
 
-status=0
+test_expect_success "testing that a ccTLD referral gets a full glue set from the root zone" "
+  dig_with_opts @10.53.0.1 foo.bar.fi. A >dig.out &&
+  digcomp --lc '$SHARNESS_TEST_DIRECTORY'/fi.good dig.out
+"
 
-echo_i "testing that a ccTLD referral gets a full glue set from the root zone"
-$DIG $DIGOPTS @10.53.0.1 foo.bar.fi. A >dig.out || status=1
-digcomp --lc fi.good dig.out || status=1
+test_expect_success "testing that we don't find out-of-zone glue" "
+  dig_with_opts @10.53.0.1 example.net. a > dig.out &&
+  digcomp '$SHARNESS_TEST_DIRECTORY'/noglue.good dig.out
+"
 
-echo_i "testing that we don't find out-of-zone glue"
-$DIG $DIGOPTS @10.53.0.1 example.net. a > dig.out || status=1
-digcomp noglue.good dig.out || status=1
-
-echo_i "exit status: $status"
-[ $status -eq 0 ] || exit 1
+test_done

bin/tests/system/run.sh

@@ -14,7 +14,8 @@
 #
 
 SYSTEMTESTTOP="$(cd -P -- "$(dirname -- "$0")" && pwd -P)"
-. $SYSTEMTESTTOP/conf.sh
+# shellcheck source=conf.sh
+. "$SYSTEMTESTTOP/conf.sh"
 
 export SYSTEMTESTTOP
 
@@ -110,6 +111,26 @@ export CONTROLPORT
 export LOWPORT
 export HIGHPORT
 
+SHARNESS=f
+if grep test_done "$systest/tests.sh" >/dev/null; then
+    SHARNESS=t
+fi
+
+if test "$SHARNESS" = "t"; then
+    unset echofail
+    unset echowarn
+    unset echopass
+    unset echoinfo
+    unset echostart
+    unset echoend
+    echofail() { :; }
+    echowarn() { :; }
+    echopass() { :; }
+    echoinfo() { :; }
+    echostart() { :; }
+    echoend() { :; }
+fi
+
 echostart "S:$systest:`date`"
 echoinfo  "T:$systest:1:A"
 echoinfo  "A:$systest:System test $systest"

bin/tests/system/sharness/.gitignore

@@ -0,0 +1,3 @@
+lib/sharness/
+test-results/
+trash directory.*.sh/

bin/tests/system/sharness/Makefile

@@ -0,0 +1,67 @@
+# Run sharness tests
+#
+# Copyright (c) 2014 Christian Couder
+# MIT Licensed; see the LICENSE file in this repository.
+#
+# NOTE: run with TEST_VERBOSE=1 for verbose sharness tests.
+
+T = $(sort $(wildcard t[0-9][0-9][0-9][0-9]-*.sh))
+LIBDIR = lib
+SHARNESSDIR = sharness
+AGGREGATE = $(LIBDIR)/$(SHARNESSDIR)/aggregate-results.sh
+export SHARNESS_TEST_SRCDIR=$(LIBDIR)/$(SHARNESSDIR)
+
+# Add below the binaries that this project generates or needs.
+# For example:
+# BINS = bin/ipfs
+BINS =
+
+all: deps
+
+clean: clean-test-results
+	@echo "*** $@ ***"
+	# Clean binaries below.
+	# For example:
+	# -rm -rf bin/ipfs
+
+clean-test-results:
+	@echo "*** $@ ***"
+	-rm -rf test-results
+
+$(T): clean-test-results deps
+	@echo "*** $@ ***"
+	./$@
+
+aggregate: clean-test-results $(T)
+	@echo "*** $@ ***"
+	ls test-results/t*-*.sh.*.counts | $(AGGREGATE)
+
+# Add below some needed dependencies.
+# For example:
+# deps: sharness $(BINS) curl
+deps: sharness $(BINS)
+
+sharness:
+	@echo "*** checking $@ ***"
+	lib/install-sharness.sh
+
+# Add below other targets like:
+# - the targets needed to build binaries,
+# - targets using special compile flags,
+# - targets to check or install dependencies.
+#
+# For example:
+#
+# GOFLAGS =
+#
+# bin/%: FORCE
+# 	cd .. && make GOFLAGS=$(GOFLAGS) $@
+#
+# race:
+# 	make GOFLAGS=-race all
+#
+# curl:
+#	@which curl >/dev/null || (echo "Please install curl!" && false)
+
+.PHONY: all clean clean-test-results $(T) aggregate deps sharness FORCE
+

bin/tests/system/sharness/lib/install-sharness.sh

@@ -0,0 +1,60 @@
+#!/bin/sh
+# install-sharness.sh
+#
+# Copyright (c) 2014 Juan Batiz-Benet
+# Copyright (c) 2015 Christian Couder
+# MIT Licensed; see the LICENSE file in this repository.
+#
+# This script checks that Sharness is installed in:
+#
+# $(pwd)/$clonedir/$sharnessdir/
+#
+# where $clonedir and $sharnessdir are configured below.
+#
+# If Sharness is not installed, this script will clone it
+# from $urlprefix (defined below).
+#
+# If Sharness is not uptodate with $version (defined below),
+# this script will fetch and will update the installed
+# version to $version.
+#
+
+# settings
+version=28c7490f5cdf1e95a8ebebf8b06ed5588db13875
+urlprefix=https://github.com/chriscool/sharness.git
+clonedir=lib
+sharnessdir=sharness
+
+if test -f "$clonedir/$sharnessdir/SHARNESS_VERSION_$version"
+then
+    # There is the right version file. Great, we are done!
+    exit 0
+fi
+
+die() {
+    echo >&2 "$@"
+    exit 1
+}
+
+checkout_version() {
+    git checkout "$version" || die "Could not checkout '$version'"
+    rm -f SHARNESS_VERSION_* || die "Could not remove 'SHARNESS_VERSION_*'"
+    touch "SHARNESS_VERSION_$version" || die "Could not create 'SHARNESS_VERSION_$version'"
+    echo "Sharness version $version is checked out!"
+}
+
+if test -d "$clonedir/$sharnessdir/.git"
+then
+    # We need to update sharness!
+    cd "$clonedir/$sharnessdir" || die "Could not cd into '$clonedir/$sharnessdir' directory"
+    git fetch || die "Could not fetch to update sharness"
+else
+    # We need to clone sharness!
+    mkdir -p "$clonedir" || die "Could not create '$clonedir' directory"
+    cd "$clonedir" || die "Could not cd into '$clonedir' directory"
+
+    git clone "$urlprefix" || die "Could not clone '$urlprefix'"
+    cd "$sharnessdir" || die "Could not cd into '$sharnessdir' directory"
+fi
+
+checkout_version

util/copyrights

@@ -1018,6 +1018,8 @@
 ./bin/tests/system/sfcache/ns5/sign.sh		SH	2018,2019
 ./bin/tests/system/sfcache/setup.sh		SH	2014,2016,2017,2018,2019
 ./bin/tests/system/sfcache/tests.sh		SH	2014,2016,2017,2018,2019
+./bin/tests/system/sharness/Makefile		X	2019
+./bin/tests/system/sharness/lib/install-sharness.sh	X	2019
 ./bin/tests/system/smartsign/clean.sh		SH	2010,2012,2014,2016,2018,2019
 ./bin/tests/system/smartsign/setup.sh		SH	2010,2012,2014,2016,2017,2018,2019
 ./bin/tests/system/smartsign/tests.sh		SH	2010,2011,2012,2014,2016,2017,2018,2019