From: Evan Hunt Date: Sat, 15 Dec 2018 00:58:54 +0000 (-0800) Subject: silence a spurious dnssec-keygen warning in the dnssec system test X-Git-Tag: v9.12.4rc1~33^2 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=47d168807890ef1934c3b17fcd7872709b05785c;p=thirdparty%2Fbind9.git silence a spurious dnssec-keygen warning in the dnssec system test the occluded-key test creates both a KEY and a DNSKEY. the second call to dnssec-keygen calls dns_dnssec_findmatchingkeys(), which causes a spurious warning to be printed when it sees the type KEY record. this should be fixed in dnssec.c, but the meantime this change silences the warning by reversing the order in which the keys are created. (cherry picked from commit 6661db95641f3944378e4d1a52fea116725fdcd1) --- diff --git a/bin/tests/system/dnssec/ns3/sign.sh b/bin/tests/system/dnssec/ns3/sign.sh index ac3317c9610..3cc4decf7fb 100644 --- a/bin/tests/system/dnssec/ns3/sign.sh +++ b/bin/tests/system/dnssec/ns3/sign.sh @@ -598,8 +598,8 @@ infile=occluded.example.db.in zonefile=occluded.example.db kskname=`"$KEYGEN" -q -r $RANDFILE -a RSASHA256 -fk "$zone"` zskname=`"$KEYGEN" -q -r $RANDFILE -a RSASHA256 "$zone"` -keyname=`"$KEYGEN" -q -r $RANDFILE -a RSASHA1 -n ENTITY -T KEY "delegation.$zone"` dnskeyname=`"$KEYGEN" -q -r $RANDFILE -a RSASHA256 -fk "delegation.$zone"` +keyname=`"$KEYGEN" -q -r $RANDFILE -a RSASHA1 -n ENTITY -T KEY "delegation.$zone"` $DSFROMKEY "$dnskeyname.key" > "dsset-delegation.${zone}$TP" cat "$infile" "${kskname}.key" "${zskname}.key" "${keyname}.key" \ "${dnskeyname}.key" "dsset-delegation.${zone}$TP" >"$zonefile"