report initial RRSIG expiry field values

(cherry picked from commit 8e5abc6cdff27c2719e37965ed088a8be6f0e666)

diff --git a/bin/tests/system/autosign/tests.sh b/bin/tests/system/autosign/tests.sh
index c77b2c210ad275b8b904fd4bd173b6d9506a81e6..32920748a591e8109bd4471f14bf689e131d51e1 100755 (executable)
--- a/bin/tests/system/autosign/tests.sh
+++ b/bin/tests/system/autosign/tests.sh
@@ -78,7 +78,7 @@ do
        done
        for z in bar. example. inacksk2.example. inacksk3.example \
                 inaczsk2.example. inaczsk3.example
-       do 
+       do
                $DIG $DIGOPTS $z @10.53.0.3 nsec > dig.out.ns3.test$n || ret=1
                grep "NS SOA" dig.out.ns3.test$n > /dev/null || ret=1
        done
@@ -91,6 +91,23 @@ n=`expr $n + 1`
 if [ $ret != 0 ]; then echo_i "done"; fi
 status=`expr $status + $ret`
 
+echo_i "Initial counts of RRSIG expiry fields values for auto signed zones"
+for z in .
+do
+       echo_i zone $z
+       $DIG $DIGOPTS $z @10.53.0.1 axfr | awk '$4 == "RRSIG" {print $9}' | sort | uniq -c | cat_i
+done
+for z in bar. example. private.secure.example.
+do
+       echo_i zone $z
+       $DIG $DIGOPTS $z @10.53.0.2 axfr | awk '$4 == "RRSIG" {print $9}' | sort | uniq -c | cat_i
+done
+for z in inacksk2.example. inacksk3.example inaczsk2.example. inaczsk3.example
+do
+       echo_i zone $z
+       $DIG $DIGOPTS $z @10.53.0.3 axfr | awk '$4 == "RRSIG" {print $9}' | sort | uniq -c | cat_i
+done
+
 #
 # Check that DNSKEY is initially signed with a KSK and not a ZSK.
 #
@@ -1152,7 +1169,7 @@ if [ $ret != 0 ]; then echo_i "failed"; fi
 status=`expr $status + $ret`
 
 # this confirms that key events are never scheduled more than
-# 'dnssec-loadkeys-interval' minutes in the future, and that the 
+# 'dnssec-loadkeys-interval' minutes in the future, and that the
 # event scheduled is within 10 seconds of expected interval.
 check_interval () {
         awk '/next key event/ {print $2 ":" $9}' $1/named.run |