# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
# PERFORMANCE OF THIS SOFTWARE.
-# $Id: tests.sh,v 1.17 2011/10/13 03:55:01 marka Exp $
+# $Id: tests.sh,v 1.18 2011/10/25 03:57:08 marka Exp $
SYSTEMTESTTOP=..
. $SYSTEMTESTTOP/conf.sh
echo "$pzoneout" | grep 'ZSKs: 1 active, 0 stand-by, 0 revoked' > /dev/null || ret=1
echo "$czoneout" | grep 'KSKs: 1 active, 1 stand-by, 1 revoked' > /dev/null || ret=1
echo "$czoneout" | grep 'ZSKs: 1 active, 2 stand-by, 0 revoked' > /dev/null || ret=1
-if [ $ret != 0 ]; then echo "I:failed"; fi
+if [ $ret != 0 ]; then
+ echo "I: parent $pzoneout"
+ echo "I: child $czoneout"
+ echo "I:failed";
+fi
status=`expr $status + $ret`
echo "I:rechecking dnssec-signzone output with -x"
ret=0
# use an alternate output file so -x doesn't interfere with later checks
-pzoneout=`$SIGNER -Sxg -r $RANDFILE -o $pzone -f {$pfile}2.signed $pfile 2>&1`
+pzoneout=`$SIGNER -Sxg -r $RANDFILE -o $pzone -f ${pfile}2.signed $pfile 2>&1`
czoneout=`$SIGNER -Sxg -e now+1d -X now+2d -r $RANDFILE -o $czone -f ${cfile}2.signed $cfile 2>&1`
echo "$pzoneout" | grep 'KSKs: 1 active, 0 stand-by, 0 revoked' > /dev/null || ret=1
echo "$pzoneout" | grep 'ZSKs: 1 active, 0 present, 0 revoked' > /dev/null || ret=1
echo "I:checking parent zone DNSKEY set"
ret=0
-grep "key id = $pzid" $pfile.signed > /dev/null || ret=1
-grep "key id = $pkid" $pfile.signed > /dev/null || ret=1
+grep "key id = $pzid" $pfile.signed > /dev/null || {
+ ret=1
+ echo "I: missing expected parent ZSK id = $pzid"
+}
+grep "key id = $pkid" $pfile.signed > /dev/null || {
+ ret=1
+ echo "I: missing expected parent KSK id = $pkid"
+}
if [ $ret != 0 ]; then echo "I:failed"; fi
status=`expr $status + $ret`
echo "I:checking child zone DNSKEY set"
ret=0
-grep "key id = $ckactive" $cfile.signed > /dev/null || ret=1
-grep "key id = $ckpublished" $cfile.signed > /dev/null || ret=1
-grep "key id = $ckrevoked" $cfile.signed > /dev/null || ret=1
-grep "key id = $czactive" $cfile.signed > /dev/null || ret=1
-grep "key id = $czpublished" $cfile.signed > /dev/null || ret=1
-grep "key id = $czinactive" $cfile.signed > /dev/null || ret=1
+grep "key id = $ckactive" $cfile.signed > /dev/null || {
+ ret=1
+ echo "I: missing expected child KSK id = $ckactive"
+}
+grep "key id = $ckpublished" $cfile.signed > /dev/null || {
+ ret=1
+ echo "I: missing expected child prepublished KSK id = $ckpublished"
+}
+grep "key id = $ckrevoked" $cfile.signed > /dev/null || {
+ ret=1
+ echo "I: missing expected child revoked KSK id = $ckrevoked"
+}
+grep "key id = $czactive" $cfile.signed > /dev/null || {
+ ret=1
+ echo "I: missing expected child ZSK id = $czactive"
+}
+grep "key id = $czpublished" $cfile.signed > /dev/null || {
+ ret=1
+ echo "I: missing expected child prepublished ZSK id = $czpublished"
+}
+grep "key id = $czinactive" $cfile.signed > /dev/null || {
+ ret=1
+ echo "I: missing expected child inactive ZSK id = $czinactive"
+}
# should not be there, hence the &&
-grep "key id = $ckprerevoke" $cfile.signed > /dev/null && ret=1
-grep "key id = $czgenerated" $cfile.signed > /dev/null && ret=1
-grep "key id = $czpredecessor" $cfile.signed && echo pred is there
-grep "key id = $czsuccessor" $cfile.signed && echo succ is there
+grep "key id = $ckprerevoke" $cfile.signed > /dev/null && {
+ ret=1
+ echo "I: found unexpect child pre-revoke ZSK id = $ckprerevoke"
+}
+grep "key id = $czgenerated" $cfile.signed > /dev/null && {
+ ret=1
+ echo "I: found unexpected child generated ZSK id = $czgenerated"
+}
+grep "key id = $czpredecessor" $cfile.signed > /dev/null && {
+ echo "I: found unexpected ZSK predecessor id = $czpredecessor (ignored)"
+}
+grep "key id = $czsuccessor" $cfile.signed > /dev/null && {
+ echo "I: found unexpected ZSK successor id = $czsuccessor (ignored)"
+}
#grep "key id = $czpredecessor" $cfile.signed > /dev/null && ret=1
#grep "key id = $czsuccessor" $cfile.signed > /dev/null && ret=1
if [ $ret != 0 ]; then echo "I:failed"; fi
projects / thirdparty / bind9.git / commitdiff
