n=`expr $n + 1`
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
-# Check jitter distribution.
-echo_i "checking expired signatures were jittered correctly ($n)"
-ret=0
-$DIG $DIGOPTS axfr oldsigs.example @10.53.0.3 > dig.out.ns3.test$n || ret=1
-checkjitter dig.out.ns3.test$n || ret=1
-n=`expr $n + 1`
-if [ $ret != 0 ]; then echo_i "failed"; fi
-status=`expr $status + $ret`
+
+# XXX temporarily disable jitter test below until we have a better and more
+# portable method for evaluating the evenness of the distribution.
+if false; then
+
+ # Check jitter distribution.
+ echo_i "checking expired signatures were jittered correctly ($n)"
+ ret=0
+ $DIG $DIGOPTS axfr oldsigs.example @10.53.0.3 > dig.out.ns3.test$n || ret=1
+ checkjitter dig.out.ns3.test$n || ret=1
+ n=`expr $n + 1`
+ if [ $ret != 0 ]; then echo_i "failed"; fi
+ status=`expr $status + $ret`
+
+# XXX temporarily disabled
+else
+ echowarn "I:autosign:jitter tests disabled"
+fi
echo_i "checking NSEC->NSEC3 conversion succeeded ($n)"
ret=0
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
-echo_i "checking jitter in a newly signed NSEC3 zone ($n)"
-ret=0
-# Use DNS UPDATE to add an NSEC3PARAM record into the zone.
-$NSUPDATE > nsupdate.out.test$n 2>&1 <<END || ret=1
-server 10.53.0.3 ${PORT}
-zone jitter.nsec3.example.
-update add jitter.nsec3.example. 3600 NSEC3PARAM 1 0 10 BEEF
-send
+# XXX temporarily disable jitter test below until we have a better and more
+# portable method for evaluating the evenness of the distribution.
+if false; then
+
+ echo_i "checking jitter in a newly signed NSEC3 zone ($n)"
+ ret=0
+ # Use DNS UPDATE to add an NSEC3PARAM record into the zone.
+ $NSUPDATE > nsupdate.out.test$n 2>&1 <<-END || ret=1
+ server 10.53.0.3 ${PORT}
+ zone jitter.nsec3.example.
+ update add jitter.nsec3.example. 3600 NSEC3PARAM 1 0 10 BEEF
+ send
END
-[ $ret != 0 ] && echo_i "error: dynamic update add NSEC3PARAM failed"
-# Create DNSSEC keys in the zone directory.
-$KEYGEN -a rsasha1 -3 -q -K ns3 jitter.nsec3.example > /dev/null
-# Trigger zone signing.
-$RNDCCMD 10.53.0.3 sign jitter.nsec3.example. 2>&1 | sed 's/^/ns3 /' | cat_i
-# Wait until zone has been signed.
-for i in 0 1 2 3 4 5 6 7 8 9; do
- failed=0
- $DIG $DIGOPTS axfr jitter.nsec3.example @10.53.0.3 > dig.out.ns3.test$n || failed=1
- grep "NSEC3PARAM" dig.out.ns3.test$n > /dev/null || failed=1
- [ $failed -eq 0 ] && break
- echo_i "waiting ... ($i)"
- sleep 2
-done
-[ $failed != 0 ] && echo_i "error: no NSEC3PARAM found in AXFR" && ret=1
-# Check jitter distribution.
-checkjitter dig.out.ns3.test$n || ret=1
-n=`expr $n + 1`
-if [ $ret != 0 ]; then echo_i "failed"; fi
-status=`expr $status + $ret`
+ [ $ret != 0 ] && echo_i "error: dynamic update add NSEC3PARAM failed"
+ # Create DNSSEC keys in the zone directory.
+ $KEYGEN -a rsasha1 -3 -q -K ns3 jitter.nsec3.example > /dev/null
+ # Trigger zone signing.
+ $RNDCCMD 10.53.0.3 sign jitter.nsec3.example. 2>&1 | sed 's/^/ns3 /' | cat_i
+ # Wait until zone has been signed.
+ for i in 0 1 2 3 4 5 6 7 8 9; do
+ failed=0
+ $DIG $DIGOPTS axfr jitter.nsec3.example @10.53.0.3 > dig.out.ns3.test$n || failed=1
+ grep "NSEC3PARAM" dig.out.ns3.test$n > /dev/null || failed=1
+ [ $failed -eq 0 ] && break
+ echo_i "waiting ... ($i)"
+ sleep 2
+ done
+ [ $failed != 0 ] && echo_i "error: no NSEC3PARAM found in AXFR" && ret=1
+ # Check jitter distribution.
+ checkjitter dig.out.ns3.test$n || ret=1
+ n=`expr $n + 1`
+ if [ $ret != 0 ]; then echo_i "failed"; fi
+ status=`expr $status + $ret`
+
+# XXX temporarily disabled
+else
+ echowarn "I:autosign:jitter tests disabled"
+fi
echo_i "checking that serial number and RRSIGs are both updated (rt21045) ($n)"
ret=0
projects / thirdparty / bind9.git / commitdiff
