]> git.ipfire.org Git - thirdparty/bind9.git/commitdiff
projects / thirdparty / bind9.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 4f2a15b)
Fix nsec3 system test issues
authorMatthijs Mekking <matthijs@isc.org>
Fri, 19 Aug 2022 12:42:47 +0000 (14:42 +0200)
committerMatthijs Mekking <matthijs@isc.org>
Mon, 22 Aug 2022 14:36:17 +0000 (16:36 +0200)
The wait_for_zone_is_signed function was never called, which could lead
to test failures due to timing issues (where a zone was not fully signed
yet, but the test was trying to verify the zone).

Also add two missing set_nsec3param calls to ensure the ITERATIONS
value is set for these test cases.

bin/tests/system/nsec3/tests.sh patch | blob | blame | history

diff --git a/bin/tests/system/nsec3/tests.sh b/bin/tests/system/nsec3/tests.sh
index f5865d5ab176ce866ffd7c598d8d81e88d31a357..1d9adbc3a229bf6729b483a568fc9254b51b7db6 100644 (file)
--- a/bin/tests/system/nsec3/tests.sh
+++ b/bin/tests/system/nsec3/tests.sh
@@ -112,7 +112,7 @@ _wait_for_nsec() {
 wait_for_zone_is_signed() {
        n=$((n+1))
        ret=0
-       echo_i "wait for ${ZONE} to be signed ($n)"
+       echo_i "wait for ${ZONE} to be signed with $1 ($n)"
 
        if [ "$1" = "nsec3" ]; then
                retry_quiet 10 _wait_for_nsec3param || log_error "wait for ${ZONE} to be signed failed"
@@ -146,6 +146,8 @@ _check_nsec_nxdomain() {
 }
 
 check_nsec() {
+       wait_for_zone_is_signed "nsec"
+
        n=$((n+1))
        echo_i "check DNSKEY rrset is signed correctly for zone ${ZONE} ($n)"
        ret=0
@@ -194,6 +196,8 @@ _check_nsec3_nxdomain() {
 }
 
 check_nsec3() {
+       wait_for_zone_is_signed "nsec3"
+
        n=$((n+1))
        echo_i "check that NSEC3PARAM 1 0 ${ITERATIONS} is published zone ${ZONE} ($n)"
        ret=0
@@ -363,6 +367,7 @@ then
 
        # Zone: nsec3-to-rsasha1.kasp.
        set_zone_policy "nsec3-to-rsasha1.kasp" "rsasha1" 2 3600
+       set_nsec3param "1" "0" "0"
        set_server "ns3" "10.53.0.3"
        set_key_default_values "KEY1"
        set_key_states  "KEY1" "hidden" "unretentive" "unretentive" "unretentive" "hidden"
@@ -374,6 +379,7 @@ then
 
        # Zone: nsec3-to-rsasha1-ds.kasp.
        set_zone_policy "nsec3-to-rsasha1-ds.kasp" "rsasha1" 2 3600
+       set_nsec3param "1" "0" "0"
        set_server "ns3" "10.53.0.3"
        set_key_default_values "KEY1"
        set_key_states "KEY1" "hidden" "omnipresent" "omnipresent" "omnipresent" "omnipresent"
Mirror of https://gitlab.isc.org/isc-projects/bind9.git