From: Michal Nowak Date: Tue, 2 Aug 2022 13:07:49 +0000 (+0200) Subject: Replace string comparisons with integer comparisons X-Git-Tag: v9.19.8~57^2~7 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=7640fc5b392084815dc79a4030eb4f8c967c10ec;p=thirdparty%2Fbind9.git Replace string comparisons with integer comparisons checkbashisms reports Bash-style ("==") string comparisons inside test/[ command: possible bashism in bin/tests/system/checkconf/tests.sh line 105 (should be 'b = a'): if [ $? == 0 ]; then echo_i "failed"; ret=1; fi possible bashism in bin/tests/system/keyfromlabel/tests.sh line 62 (should be 'b = a'): test $ret == 0 || continue possible bashism in bin/tests/system/keyfromlabel/tests.sh line 79 (should be 'b = a'): test $ret == 0 || continue --- diff --git a/bin/tests/system/checkconf/tests.sh b/bin/tests/system/checkconf/tests.sh index 2e2f273fd71..ba17f2fd51d 100644 --- a/bin/tests/system/checkconf/tests.sh +++ b/bin/tests/system/checkconf/tests.sh @@ -22,7 +22,7 @@ n=`expr $n + 1` echo_i "checking that named-checkconf handles a known good config ($n)" ret=0 $CHECKCONF good.conf > checkconf.out$n 2>&1 || ret=1 -if [ $ret != 0 ]; then echo_i "failed"; fi +if [ $ret -ne 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` @@ -33,7 +33,7 @@ awk 'BEGIN { ok = 0; } /cut here/ { ok = 1; getline } ok == 1 { print }' good.co $CHECKCONF -p good.conf.raw > checkconf.out$n || ret=1 grep -v '^good.conf.raw:' < checkconf.out$n > good.conf.out 2>&1 || ret=1 cmp good.conf.raw good.conf.out || ret=1 -if [ $ret != 0 ]; then echo_i "failed"; fi +if [ $ret -ne 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` @@ -45,7 +45,7 @@ grep 'secret "????????????????"' good.conf.raw > /dev/null 2>&1 && ret=1 $CHECKCONF -p -x good.conf.raw > checkconf.out$n || ret=1 grep -v '^good.conf.raw:' < checkconf.out$n > good.conf.out 2>&1 || ret=1 grep 'secret "????????????????"' good.conf.out > /dev/null 2>&1 || ret=1 -if [ $ret != 0 ]; then echo_i "failed"; fi +if [ $ret -ne 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` for bad in bad-*.conf @@ -54,7 +54,7 @@ do echo_i "checking that named-checkconf detects error in $bad ($n)" ret=0 $CHECKCONF $bad > checkconf.out$n 2>&1 - if [ $? != 1 ]; then ret=1; fi + if [ $? -ne 1 ]; then ret=1; fi grep "^$bad:[0-9]*: " < checkconf.out$n > /dev/null || ret=1 case $bad in bad-update-policy[123].conf) @@ -70,7 +70,7 @@ do grep "$pat" < checkconf.out$n > /dev/null || ret=1 ;; esac - if [ $ret != 0 ]; then echo_i "failed"; fi + if [ $ret -ne 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` done @@ -87,7 +87,7 @@ do esac fi $CHECKCONF $good > checkconf.out$n 2>&1 - if [ $? != 0 ]; then echo_i "failed"; ret=1; fi + if [ $? -ne 0 ]; then echo_i "failed"; ret=1; fi status=`expr $status + $ret` done @@ -100,11 +100,11 @@ do if [ $? -eq 0 ]; then echo_i "checking that named-checkconf detects no error in $lmdb ($n)" $CHECKCONF $lmdb > checkconf.out$n 2>&1 - if [ $? != 0 ]; then echo_i "failed"; ret=1; fi + if [ $? -ne 0 ]; then echo_i "failed"; ret=1; fi else echo_i "checking that named-checkconf detects error in $lmdb ($n)" $CHECKCONF $lmdb > checkconf.out$n 2>&1 - if [ $? == 0 ]; then echo_i "failed"; ret=1; fi + if [ $? -eq 0 ]; then echo_i "failed"; ret=1; fi fi status=`expr $status + $ret` done @@ -114,7 +114,7 @@ echo_i "checking that ancient options report a fatal error ($n)" ret=0 $CHECKCONF ancient.conf > ancient.out 2>&1 && ret=1 grep "no longer exists" ancient.out > /dev/null || ret=1 -if [ $ret != 0 ]; then echo_i "failed"; fi +if [ $ret -ne 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` @@ -122,14 +122,14 @@ echo_i "checking that named-checkconf -z catches missing hint file ($n)" ret=0 $CHECKCONF -z hint-nofile.conf > hint-nofile.out 2>&1 && ret=1 grep "could not configure root hints from 'nonexistent.db': file not found" hint-nofile.out > /dev/null || ret=1 -if [ $ret != 0 ]; then echo_i "failed"; fi +if [ $ret -ne 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` echo_i "checking that named-checkconf catches range errors ($n)" ret=0 $CHECKCONF range.conf > checkconf.out$n 2>&1 && ret=1 -if [ $ret != 0 ]; then echo_i "failed"; fi +if [ $ret -ne 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` @@ -138,7 +138,7 @@ ret=0 $CHECKCONF notify.conf > checkconf.out$n 2>&1 warnings=`grep "'notify' is disabled" < checkconf.out$n | wc -l` [ $warnings -eq 3 ] || ret=1 -if [ $ret != 0 ]; then echo_i "failed"; fi +if [ $ret -ne 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` @@ -150,7 +150,7 @@ grep 'auto-dnssec may only be ' < checkconf.out$n.2 > /dev/null || ret=1 # dnssec.2: should have no warnings $CHECKCONF dnssec.2 > checkconf.out$n.3 2>&1 grep '.*' < checkconf.out$n.3 > /dev/null && ret=1 -if [ $ret != 0 ]; then echo_i "failed"; fi +if [ $ret -ne 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` @@ -160,12 +160,12 @@ $CHECKCONF deprecated.conf > checkconf.out$n.1 2>&1 grep "option 'managed-keys' is deprecated" < checkconf.out$n.1 > /dev/null || ret=1 grep "option 'trusted-keys' is deprecated" < checkconf.out$n.1 > /dev/null || ret=1 grep "option 'max-zone-ttl' is deprecated" < checkconf.out$n.1 > /dev/null || ret=1 -if [ $ret != 0 ]; then echo_i "failed"; fi +if [ $ret -ne 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` # set -i to ignore deprecate warnings $CHECKCONF -i deprecated.conf > checkconf.out$n.2 2>&1 grep '.*' < checkconf.out$n.2 > /dev/null && ret=1 -if [ $ret != 0 ]; then echo_i "failed"; fi +if [ $ret -ne 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` @@ -173,12 +173,12 @@ echo_i "checking named-checkconf servestale warnings ($n)" ret=0 $CHECKCONF servestale.stale-refresh-time.0.conf > checkconf.out$n.1 2>&1 grep "'stale-refresh-time' should either be 0 or otherwise 30 seconds or higher" < checkconf.out$n.1 > /dev/null && ret=1 -if [ $ret != 0 ]; then echo_i "failed"; fi +if [ $ret -ne 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` ret=0 $CHECKCONF servestale.stale-refresh-time.29.conf > checkconf.out$n.1 2>&1 grep "'stale-refresh-time' should either be 0 or otherwise 30 seconds or higher" < checkconf.out$n.1 > /dev/null || ret=1 -if [ $ret != 0 ]; then echo_i "failed"; fi +if [ $ret -ne 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` @@ -218,7 +218,7 @@ EOF $CHECKCONF badzero.conf > checkconf.out$n.4 2>&1 [ $? -eq 1 ] || { echo_i "zone $field failed" ; ret=1; } done -if [ $ret != 0 ]; then echo_i "failed"; fi +if [ $ret -ne 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` @@ -233,7 +233,7 @@ l=`grep "dnssec-loadkeys-interval.*requires inline" < checkconf.out$n.2 | wc -l` $CHECKCONF bad-dnssec.conf > checkconf.out$n.3 2>&1 l=`grep "update-check-ksk.*requires inline" < checkconf.out$n.3 | wc -l` [ $l -eq 1 ] || ret=1 -if [ $ret != 0 ]; then echo_i "failed"; fi +if [ $ret -ne 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` @@ -247,7 +247,7 @@ l=`grep "missing 'file' entry" < checkconf.out$n.2 | wc -l` $CHECKCONF inline-bad.conf > checkconf.out$n.3 2>&1 l=`grep "missing 'file' entry" < checkconf.out$n.3 | wc -l` [ $l -eq 1 ] || ret=1 -if [ $ret != 0 ]; then echo_i "failed"; fi +if [ $ret -ne 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` @@ -255,7 +255,7 @@ echo_i "checking named-checkconf DLZ warnings ($n)" ret=0 $CHECKCONF dlz-bad.conf > checkconf.out$n 2>&1 grep "'dlz' and 'database'" < checkconf.out$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo_i "failed"; fi +if [ $ret -ne 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` @@ -275,7 +275,7 @@ $CHECKCONF warn-keydir.conf > checkconf.out$n.3 2>&1 l=`grep "key-directory" < checkconf.out$n.3 | wc -l` [ $l -eq 0 ] || ret=1 rm -rf test.keydir -if [ $ret != 0 ]; then echo_i "failed"; fi +if [ $ret -ne 0 ]; then echo_i "failed"; fi n=`expr $n + 1` echo_i "checking that named-checkconf -z catches conflicting ttl with max-ttl ($n)" @@ -284,56 +284,56 @@ $CHECKCONF -z max-ttl.conf > check.out 2>&1 grep 'TTL 900 exceeds configured max-zone-ttl 600' check.out > /dev/null 2>&1 || ret=1 grep 'TTL 900 exceeds configured max-zone-ttl 600' check.out > /dev/null 2>&1 || ret=1 grep 'TTL 900 exceeds configured max-zone-ttl 600' check.out > /dev/null 2>&1 || ret=1 -if [ $ret != 0 ]; then echo_i "failed"; ret=1; fi +if [ $ret -ne 0 ]; then echo_i "failed"; ret=1; fi status=`expr $status + $ret` n=`expr $n + 1` echo_i "checking that named-checkconf -z catches invalid max-ttl ($n)" ret=0 $CHECKCONF -z max-ttl-bad.conf > checkconf.out$n 2>&1 && ret=1 -if [ $ret != 0 ]; then echo_i "failed"; ret=1; fi +if [ $ret -ne 0 ]; then echo_i "failed"; ret=1; fi status=`expr $status + $ret` n=`expr $n + 1` echo_i "checking that named-checkconf -z skips zone check with alternate databases ($n)" ret=0 $CHECKCONF -z altdb.conf > checkconf.out$n 2>&1 || ret=1 -if [ $ret != 0 ]; then echo_i "failed"; ret=1; fi +if [ $ret -ne 0 ]; then echo_i "failed"; ret=1; fi status=`expr $status + $ret` n=`expr $n + 1` echo_i "checking that named-checkconf -z skips zone check with DLZ ($n)" ret=0 $CHECKCONF -z altdlz.conf > checkconf.out$n 2>&1 || ret=1 -if [ $ret != 0 ]; then echo_i "failed"; ret=1; fi +if [ $ret -ne 0 ]; then echo_i "failed"; ret=1; fi status=`expr $status + $ret` n=`expr $n + 1` echo_i "checking that named-checkconf -z fails on view with ANY class ($n)" ret=0 $CHECKCONF -z view-class-any1.conf > checkconf.out$n 2>&1 && ret=1 -if [ $ret != 0 ]; then echo_i "failed"; ret=1; fi +if [ $ret -ne 0 ]; then echo_i "failed"; ret=1; fi status=`expr $status + $ret` n=`expr $n + 1` echo_i "checking that named-checkconf -z fails on view with CLASS255 class ($n)" ret=0 $CHECKCONF -z view-class-any2.conf > checkconf.out$n 2>&1 && ret=1 -if [ $ret != 0 ]; then echo_i "failed"; ret=1; fi +if [ $ret -ne 0 ]; then echo_i "failed"; ret=1; fi status=`expr $status + $ret` n=`expr $n + 1` echo_i "checking that named-checkconf -z passes on view with IN class ($n)" ret=0 $CHECKCONF -z view-class-in1.conf > checkconf.out$n 2>&1 || ret=1 -if [ $ret != 0 ]; then echo_i "failed"; ret=1; fi +if [ $ret -ne 0 ]; then echo_i "failed"; ret=1; fi status=`expr $status + $ret` n=`expr $n + 1` echo_i "checking that named-checkconf -z passes on view with CLASS1 class ($n)" ret=0 $CHECKCONF -z view-class-in2.conf > checkconf.out$n 2>&1 || ret=1 -if [ $ret != 0 ]; then echo_i "failed"; ret=1; fi +if [ $ret -ne 0 ]; then echo_i "failed"; ret=1; fi status=`expr $status + $ret` n=`expr $n + 1` @@ -342,7 +342,7 @@ ret=0 $CHECKCONF -z check-names-fail.conf > checkconf.out$n 2>&1 && ret=1 grep "near '_underscore': bad name (check-names)" < checkconf.out$n > /dev/null || ret=1 grep "zone check-names/IN: loaded serial" < checkconf.out$n > /dev/null && ret=1 -if [ $ret != 0 ]; then echo_i "failed"; ret=1; fi +if [ $ret -ne 0 ]; then echo_i "failed"; ret=1; fi status=`expr $status + $ret` n=`expr $n + 1` @@ -351,7 +351,7 @@ ret=0 $CHECKCONF -z check-mx-fail.conf > checkconf.out$n 2>&1 && ret=1 grep "near '10.0.0.1': MX is an address" < checkconf.out$n > /dev/null || ret=1 grep "zone check-mx/IN: loaded serial" < checkconf.out$n > /dev/null && ret=1 -if [ $ret != 0 ]; then echo_i "failed"; ret=1; fi +if [ $ret -ne 0 ]; then echo_i "failed"; ret=1; fi status=`expr $status + $ret` n=`expr $n + 1` @@ -360,7 +360,7 @@ ret=0 $CHECKCONF -z check-dup-records-fail.conf > checkconf.out$n 2>&1 && ret=1 grep "has semantically identical records" < checkconf.out$n > /dev/null || ret=1 grep "zone check-dup-records/IN: loaded serial" < checkconf.out$n > /dev/null && ret=1 -if [ $ret != 0 ]; then echo_i "failed"; ret=1; fi +if [ $ret -ne 0 ]; then echo_i "failed"; ret=1; fi status=`expr $status + $ret` n=`expr $n + 1` @@ -369,7 +369,7 @@ ret=0 $CHECKCONF -z check-mx-fail.conf > checkconf.out$n 2>&1 && ret=1 grep "failed: MX is an address" < checkconf.out$n > /dev/null || ret=1 grep "zone check-mx/IN: loaded serial" < checkconf.out$n > /dev/null && ret=1 -if [ $ret != 0 ]; then echo_i "failed"; ret=1; fi +if [ $ret -ne 0 ]; then echo_i "failed"; ret=1; fi status=`expr $status + $ret` n=`expr $n + 1` @@ -378,7 +378,7 @@ ret=0 $CHECKCONF -z check-mx-cname-fail.conf > checkconf.out$n 2>&1 && ret=1 grep "MX.* is a CNAME (illegal)" < checkconf.out$n > /dev/null || ret=1 grep "zone check-mx-cname/IN: loaded serial" < checkconf.out$n > /dev/null && ret=1 -if [ $ret != 0 ]; then echo_i "failed"; ret=1; fi +if [ $ret -ne 0 ]; then echo_i "failed"; ret=1; fi status=`expr $status + $ret` n=`expr $n + 1` @@ -387,7 +387,7 @@ ret=0 $CHECKCONF -z check-srv-cname-fail.conf > checkconf.out$n 2>&1 && ret=1 grep "SRV.* is a CNAME (illegal)" < checkconf.out$n > /dev/null || ret=1 grep "zone check-mx-cname/IN: loaded serial" < checkconf.out$n > /dev/null && ret=1 -if [ $ret != 0 ]; then echo_i "failed"; ret=1; fi +if [ $ret -ne 0 ]; then echo_i "failed"; ret=1; fi status=`expr $status + $ret` n=`expr $n + 1` @@ -395,7 +395,7 @@ echo_i "check that named-checkconf -p properly print a port range ($n)" ret=0 $CHECKCONF -p portrange-good.conf > checkconf.out$n 2>&1 || ret=1 grep "range 8610 8614;" < checkconf.out$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo_i "failed"; ret=1; fi +if [ $ret -ne 0 ]; then echo_i "failed"; ret=1; fi status=`expr $status + $ret` n=`expr $n + 1` @@ -403,14 +403,14 @@ echo_i "check that named-checkconf -z handles in-view ($n)" ret=0 $CHECKCONF -z in-view-good.conf > checkconf.out$n 2>&1 || ret=1 grep "zone shared.example/IN: loaded serial" < checkconf.out$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo_i "failed"; ret=1; fi +if [ $ret -ne 0 ]; then echo_i "failed"; ret=1; fi status=`expr $status + $ret` n=`expr $n + 1` echo_i "check that named-checkconf -z returns error when a later view is okay ($n)" ret=0 $CHECKCONF -z check-missing-zone.conf > checkconf.out$n 2>&1 && ret=1 -if [ $ret != 0 ]; then echo_i "failed"; ret=1; fi +if [ $ret -ne 0 ]; then echo_i "failed"; ret=1; fi status=`expr $status + $ret` n=`expr $n + 1` @@ -418,7 +418,7 @@ echo_i "check that named-checkconf prints max-cache-size correctly ret=0 $CHECKCONF -p max-cache-size-good.conf > checkconf.out$n 2>&1 || ret=1 grep "max-cache-size 60%;" < checkconf.out$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo_i "failed"; ret=1; fi +if [ $ret -ne 0 ]; then echo_i "failed"; ret=1; fi status=`expr $status + $ret` n=`expr $n + 1` @@ -430,7 +430,7 @@ grep -v "is not recommended" | grep -v "no longer exists" | grep -v "is obsolete" > checkconf.out$n || ret=1 diff good.zonelist checkconf.out$n > diff.out$n || ret=1 -if [ $ret != 0 ]; then echo_i "failed"; ret=1; fi +if [ $ret -ne 0 ]; then echo_i "failed"; ret=1; fi status=`expr $status + $ret` n=`expr $n + 1` @@ -439,7 +439,7 @@ ret=0 $CHECKCONF check-root-ksk-2010.conf > checkconf.out$n 2>/dev/null || ret=1 [ -s checkconf.out$n ] || ret=1 grep "key without the updated" < checkconf.out$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo_i "failed"; ret=1; fi +if [ $ret -ne 0 ]; then echo_i "failed"; ret=1; fi status=`expr $status + $ret` n=`expr $n + 1` @@ -447,7 +447,7 @@ echo_i "check that the 2010 ICANN ROOT KSK with the 2017 ICANN ROOT KSK does not ret=0 $CHECKCONF check-root-ksk-both.conf > checkconf.out$n 2>/dev/null || ret=1 [ -s checkconf.out$n ] && ret=1 -if [ $ret != 0 ]; then echo_i "failed"; ret=1; fi +if [ $ret -ne 0 ]; then echo_i "failed"; ret=1; fi status=`expr $status + $ret` n=`expr $n + 1` @@ -455,7 +455,7 @@ echo_i "check that the 2017 ICANN ROOT KSK alone does not generate a warning ($n ret=0 $CHECKCONF check-root-ksk-2017.conf > checkconf.out$n 2>/dev/null || ret=1 [ -s checkconf.out$n ] && ret=1 -if [ $ret != 0 ]; then echo_i "failed"; ret=1; fi +if [ $ret -ne 0 ]; then echo_i "failed"; ret=1; fi status=`expr $status + $ret` n=`expr $n + 1` @@ -463,7 +463,7 @@ echo_i "check that a static root key generates a warning ($n)" ret=0 $CHECKCONF check-root-static-key.conf > checkconf.out$n 2>/dev/null || ret=1 grep "static entry for the root zone WILL FAIL" checkconf.out$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo_i "failed"; ret=1; fi +if [ $ret -ne 0 ]; then echo_i "failed"; ret=1; fi status=`expr $status + $ret` n=`expr $n + 1` @@ -471,7 +471,7 @@ echo_i "check that a static root DS trust anchor generates a warning ($n)" ret=0 $CHECKCONF check-root-static-ds.conf > checkconf.out$n 2>/dev/null || ret=1 grep "static entry for the root zone WILL FAIL" checkconf.out$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo_i "failed"; ret=1; fi +if [ $ret -ne 0 ]; then echo_i "failed"; ret=1; fi status=`expr $status + $ret` n=`expr $n + 1` @@ -479,7 +479,7 @@ echo_i "check that a trusted-keys entry for root generates a warning ($n)" ret=0 $CHECKCONF check-root-trusted-key.conf > checkconf.out$n 2>/dev/null || ret=1 grep "trusted-keys entry for the root zone WILL FAIL" checkconf.out$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo_i "failed"; ret=1; fi +if [ $ret -ne 0 ]; then echo_i "failed"; ret=1; fi status=`expr $status + $ret` n=`expr $n + 1` @@ -487,7 +487,7 @@ echo_i "check that using trust-anchors and managed-keys generates an error ($n)" ret=0 $CHECKCONF check-mixed-keys.conf > checkconf.out$n 2>/dev/null && ret=1 grep "use of managed-keys is not allowed" checkconf.out$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo_i "failed"; ret=1; fi +if [ $ret -ne 0 ]; then echo_i "failed"; ret=1; fi status=`expr $status + $ret` n=`expr $n + 1` @@ -502,7 +502,7 @@ grep "dnssec-secure-to-insecure: cannot be configured if dnssec-policy is also s grep "dnssec-update-mode: cannot be configured if dnssec-policy is also set" < checkconf.out$n > /dev/null || ret=1 grep "sig-validity-interval: cannot be configured if dnssec-policy is also set" < checkconf.out$n > /dev/null || ret=1 grep "update-check-ksk: cannot be configured if dnssec-policy is also set" < checkconf.out$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo_i "failed"; fi +if [ $ret -ne 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` @@ -511,8 +511,8 @@ ret=0 $CHECKCONF kasp-bad-nsec3-iter.conf > checkconf.out$n 2>&1 && ret=1 grep "dnssec-policy: nsec3 iterations value 151 out of range" < checkconf.out$n > /dev/null || ret=1 lines=$(wc -l < "checkconf.out$n") -if [ $lines != 3 ]; then ret=1; fi -if [ $ret != 0 ]; then echo_i "failed"; fi +if [ $lines -ne 3 ]; then ret=1; fi +if [ $ret -ne 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` @@ -520,7 +520,7 @@ echo_i "checking named-checkconf kasp nsec3 algorithm errors ($n)" ret=0 $CHECKCONF kasp-bad-nsec3-alg.conf > checkconf.out$n 2>&1 && ret=1 grep "dnssec-policy: cannot use nsec3 with algorithm 'RSASHA1'" < checkconf.out$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo_i "failed"; fi +if [ $ret -ne 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` @@ -528,7 +528,7 @@ echo_i "checking named-checkconf kasp key errors ($n)" ret=0 $CHECKCONF kasp-bad-keylen.conf > checkconf.out$n 2>&1 && ret=1 grep "dnssec-policy: key with algorithm rsasha1 has invalid key length 511" < checkconf.out$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo_i "failed"; fi +if [ $ret -ne 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` @@ -538,8 +538,8 @@ $CHECKCONF kasp-bad-signatures-refresh.conf > checkconf.out$n 2>&1 && ret=1 grep "dnssec-policy: policy 'bad-sigrefresh' signatures-refresh must be at most 90% of the signatures-validity" < checkconf.out$n > /dev/null || ret=1 grep "dnssec-policy: policy 'bad-sigrefresh-dnskey' signatures-refresh must be at most 90% of the signatures-validity-dnskey" < checkconf.out$n > /dev/null || ret=1 lines=$(wc -l < "checkconf.out$n") -if [ $lines != 2 ]; then ret=1; fi -if [ $ret != 0 ]; then echo_i "failed"; fi +if [ $lines -ne 2 ]; then ret=1; fi +if [ $ret -ne 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` @@ -547,8 +547,8 @@ echo_i "checking named-checkconf kasp key lifetime errors ($n)" ret=0 $CHECKCONF kasp-bad-lifetime.conf > checkconf.out$n 2>&1 && ret=1 lines=$(grep "dnssec-policy: key lifetime is shorter than the time it takes to do a rollover" < checkconf.out$n | wc -l) || ret=1 -if [ $lines != 3 ]; then ret=1; fi -if [ $ret != 0 ]; then echo_i "failed"; fi +if [ $lines -ne 3 ]; then ret=1; fi +if [ $ret -ne 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` @@ -556,7 +556,7 @@ echo_i "checking named-checkconf kasp predefined key length ($n)" ret=0 $CHECKCONF kasp-ignore-keylen.conf > checkconf.out$n 2>&1 || ret=1 grep "dnssec-policy: key algorithm ecdsa256 has predefined length; ignoring length value 2048" < checkconf.out$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo_i "failed"; fi +if [ $ret -ne 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` @@ -569,15 +569,15 @@ grep "dnssec-policy: algorithm 13 has multiple keys with KSK role" < checkconf.o grep "dnssec-policy: algorithm 13 has multiple keys with ZSK role" < checkconf.out$n > /dev/null || ret=1 grep "dnssec-policy: key lifetime is shorter than 30 days" < checkconf.out$n > /dev/null || ret=1 lines=$(wc -l < "checkconf.out$n") -if [ $lines != 5 ]; then ret=1; fi -if [ $ret != 0 ]; then echo_i "failed"; fi +if [ $lines -ne 5 ]; then ret=1; fi +if [ $ret -ne 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` echo_i "check that a good 'kasp' configuration is accepted ($n)" ret=0 $CHECKCONF good-kasp.conf > checkconf.out$n 2>/dev/null || ret=1 -if [ $ret != 0 ]; then echo_i "failed"; fi +if [ $ret -ne 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` @@ -587,7 +587,7 @@ awk 'BEGIN { ok = 0; } /cut here/ { ok = 1; getline } ok == 1 { print }' good-ka [ -s good-kasp.conf.in ] || ret=1 $CHECKCONF -p good-kasp.conf.in | grep -v '^good-kasp.conf.in:' > good-kasp.conf.out 2>&1 || ret=1 cmp good-kasp.conf.in good-kasp.conf.out || ret=1 -if [ $ret != 0 ]; then echo_i "failed"; fi +if [ $ret -ne 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` n=`expr $n + 1` @@ -595,7 +595,7 @@ echo_i "check that max-ixfr-ratio 100% generates a warning ($n)" ret=0 $CHECKCONF warn-maxratio1.conf > checkconf.out$n 2>/dev/null || ret=1 grep "exceeds 100%" < checkconf.out$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo_i "failed"; ret=1; fi +if [ $ret -ne 0 ]; then echo_i "failed"; ret=1; fi status=`expr $status + $ret` n=`expr $n + 1` @@ -607,7 +607,7 @@ $CHECKCONF warn-notify-source.conf > checkconf.out$n 2>/dev/null || ret=1 grep "not recommended" < checkconf.out$n > /dev/null || ret=1 $CHECKCONF warn-parental-source.conf > checkconf.out$n 2>/dev/null || ret=1 grep "not recommended" < checkconf.out$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo_i "failed"; ret=1; fi +if [ $ret -ne 0 ]; then echo_i "failed"; ret=1; fi status=`expr $status + $ret` rmdir keys diff --git a/bin/tests/system/keyfromlabel/tests.sh b/bin/tests/system/keyfromlabel/tests.sh index 4f6940af7b6..c13e6992bdf 100644 --- a/bin/tests/system/keyfromlabel/tests.sh +++ b/bin/tests/system/keyfromlabel/tests.sh @@ -59,7 +59,7 @@ do status=$((status+ret)) # Skip dnssec-keyfromlabel if key generation failed. - test $ret == 0 || continue + test $ret -eq 0 || continue echo_i "Get ZSK $alg $zone $type:$bits" ret=0 @@ -76,7 +76,7 @@ do status=$((status+ret)) # Skip signing if dnssec-keyfromlabel failed. - test $ret == 0 || continue + test $ret -eq 0 || continue echo_i "Sign zone with $ksk $zsk" ret=0