From: Ondřej Surý <ondrej@sury.org>
Date: Thu, 7 Nov 2019 20:42:45 +0000 (+0100)
Subject: Revert "temporarily disable jitter tests in the 'autosign' system test"
X-Git-Tag: v9.15.6~20^2
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=02050bc5066522eba31a736a793abea994f94591;p=thirdparty%2Fbind9.git

Revert "temporarily disable jitter tests in the 'autosign' system test"

This reverts commit e17b7ee05aebeedbbbf8fc581eb9ae472a63e88a.
---

diff --git a/bin/tests/system/autosign/tests.sh b/bin/tests/system/autosign/tests.sh
index 21be51e37ed..f9fa91be8e3 100755
--- a/bin/tests/system/autosign/tests.sh
+++ b/bin/tests/system/autosign/tests.sh
@@ -400,24 +400,14 @@ done
 n=`expr $n + 1`
 if [ $ret != 0 ]; then echo_i "failed"; fi
 status=`expr $status + $ret`
-
-# XXX temporarily disable jitter test below until we have a better and more
-# portable method for evaluating the evenness of the distribution.
-if false; then
-
-    # Check jitter distribution.
-    echo_i "checking expired signatures were jittered correctly ($n)"
-    ret=0
-    $DIG $DIGOPTS axfr oldsigs.example @10.53.0.3 > dig.out.ns3.test$n || ret=1
-    checkjitter dig.out.ns3.test$n || ret=1
-    n=`expr $n + 1`
-    if [ $ret != 0 ]; then echo_i "failed"; fi
-    status=`expr $status + $ret`
-
-# XXX temporarily disabled
-else
-    echowarn "I:autosign:jitter tests disabled"
-fi
+# Check jitter distribution.
+echo_i "checking expired signatures were jittered correctly ($n)"
+ret=0
+$DIG $DIGOPTS axfr oldsigs.example @10.53.0.3 > dig.out.ns3.test$n || ret=1
+checkjitter dig.out.ns3.test$n || ret=1
+n=`expr $n + 1`
+if [ $ret != 0 ]; then echo_i "failed"; fi
+status=`expr $status + $ret`
 
 echo_i "checking NSEC->NSEC3 conversion succeeded ($n)"
 ret=0
@@ -1021,44 +1011,35 @@ n=`expr $n + 1`
 if [ $ret != 0 ]; then echo_i "failed"; fi
 status=`expr $status + $ret`
 
-# XXX temporarily disable jitter test below until we have a better and more
-# portable method for evaluating the evenness of the distribution.
-if false; then
-
-    echo_i "checking jitter in a newly signed NSEC3 zone ($n)"
-    ret=0
-    # Use DNS UPDATE to add an NSEC3PARAM record into the zone.
-    $NSUPDATE > nsupdate.out.test$n 2>&1 <<-END || ret=1
-    server 10.53.0.3 ${PORT}
-    zone jitter.nsec3.example.
-    update add jitter.nsec3.example. 3600 NSEC3PARAM 1 0 10 BEEF
-    send
+echo_i "checking jitter in a newly signed NSEC3 zone ($n)"
+ret=0
+# Use DNS UPDATE to add an NSEC3PARAM record into the zone.
+$NSUPDATE > nsupdate.out.test$n 2>&1 <<END || ret=1
+server 10.53.0.3 ${PORT}
+zone jitter.nsec3.example.
+update add jitter.nsec3.example. 3600 NSEC3PARAM 1 0 10 BEEF
+send
 END
-    [ $ret != 0 ] && echo_i "error: dynamic update add NSEC3PARAM failed"
-    # Create DNSSEC keys in the zone directory.
-    $KEYGEN -a rsasha1 -3 -q -K ns3 jitter.nsec3.example > /dev/null
-    # Trigger zone signing.
-    $RNDCCMD 10.53.0.3 sign jitter.nsec3.example. 2>&1 | sed 's/^/ns3 /' | cat_i
-    # Wait until zone has been signed.
-    for i in 0 1 2 3 4 5 6 7 8 9; do
-            failed=0
-            $DIG $DIGOPTS axfr jitter.nsec3.example @10.53.0.3 > dig.out.ns3.test$n || failed=1
-            grep "NSEC3PARAM" dig.out.ns3.test$n > /dev/null || failed=1
-            [ $failed -eq 0 ] && break
-            echo_i "waiting ... ($i)"
-            sleep 2
-    done
-    [ $failed != 0 ] && echo_i "error: no NSEC3PARAM found in AXFR" && ret=1
-    # Check jitter distribution.
-    checkjitter dig.out.ns3.test$n || ret=1
-    n=`expr $n + 1`
-    if [ $ret != 0 ]; then echo_i "failed"; fi
-    status=`expr $status + $ret`
-
-# XXX temporarily disabled
-else
-    echowarn "I:autosign:jitter tests disabled"
-fi
+[ $ret != 0 ] && echo_i "error: dynamic update add NSEC3PARAM failed"
+# Create DNSSEC keys in the zone directory.
+$KEYGEN -a rsasha1 -3 -q -K ns3 jitter.nsec3.example > /dev/null
+# Trigger zone signing.
+$RNDCCMD 10.53.0.3 sign jitter.nsec3.example. 2>&1 | sed 's/^/ns3 /' | cat_i
+# Wait until zone has been signed.
+for i in 0 1 2 3 4 5 6 7 8 9; do
+	failed=0
+	$DIG $DIGOPTS axfr jitter.nsec3.example @10.53.0.3 > dig.out.ns3.test$n || failed=1
+	grep "NSEC3PARAM" dig.out.ns3.test$n > /dev/null || failed=1
+	[ $failed -eq 0 ] && break
+	echo_i "waiting ... ($i)"
+	sleep 2
+done
+[ $failed != 0 ] && echo_i "error: no NSEC3PARAM found in AXFR" && ret=1
+# Check jitter distribution.
+checkjitter dig.out.ns3.test$n || ret=1
+n=`expr $n + 1`
+if [ $ret != 0 ]; then echo_i "failed"; fi
+status=`expr $status + $ret`
 
 echo_i "checking that serial number and RRSIGs are both updated (rt21045) ($n)"
 ret=0