status=0
n=0
-echo "I:checking normally loaded zone ($n)"
+echo_i "checking normally loaded zone ($n)"
ret=0
$DIG $DIGOPTS @10.53.0.2 a.normal.example a > dig.out.ns2.$n || ret=1
grep 'status: NOERROR' dig.out.ns2.$n > /dev/null || ret=1
grep '^a.normal.example' dig.out.ns2.$n > /dev/null || ret=1
n=`expr $n + 1`
-if [ $ret != 0 ]; then echo "I:failed"; fi
+if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
if [ -x "$PYTHON" ]; then
-echo "I:adding and deleting 20000 new zones ($n)"
+echo_i "adding and deleting 20000 new zones ($n)"
ret=0
time (
- echo "I:adding"
+ echo_i "adding"
$PYTHON << EOF
import sys
sys.path.insert(0, '../../../../bin/python')
EOF
)
time (
- echo "I:deleting"
+ echo_i "deleting"
$PYTHON << EOF
import sys
sys.path.insert(0, '../../../../bin/python')
EOF
)
n=`expr $n + 1`
- if [ $ret != 0 ]; then echo "I:failed"; fi
+ if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
fi
-echo "I:exit status: $status"
+echo_i "exit status: $status"
exit $status
# Check the example. domain
$DIG $DIGOPTS example. @10.53.0.1 soa > dig.out.ns1.test || ret=1
-echo "I:checking that first zone transfer worked"
+echo_i "checking that first zone transfer worked"
ret=0
try=0
while test $try -lt 120
break;
fi
done
-echo "I:try $try"
-if [ $ret != 0 ]; then echo "I:failed"; fi
+echo_i "try $try"
+if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
-echo "I:checking that second zone transfer worked"
+echo_i "checking that second zone transfer worked"
ret=0
try=0
while test $try -lt 120
break;
fi
done
-echo "I:try $try"
-if [ $ret != 0 ]; then echo "I:failed"; fi
+echo_i "try $try"
+if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
-echo "I:exit status: $status"
+echo_i "exit status: $status"
[ $status -eq 0 ] || exit 1
then
:
else
- echo "I:This test requires the Net::DNS library." >&2
+ echo_i "This test requires the Net::DNS library." >&2
exit 1
fi
DIGOPTS="+tcp +noau +noadd +nosea +nostat +nocmd +dnssec -p 5300"
# Check the example. domain
-
-echo "I:checking that positive validation works ($n)"
+echo_i "checking that positive validation works ($n)"
ret=0
$DIG $DIGOPTS . @10.53.0.1 soa > dig.out.ns1.test$n || ret=1
$DIG $DIGOPTS . @10.53.0.2 soa > dig.out.ns2.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns1.test$n dig.out.ns2.test$n || ret=1
grep "flags:.*ad.*QUERY" dig.out.ns2.test$n > /dev/null || ret=1
-n=`expr $n + 1`
-if [ $ret != 0 ]; then echo "I:failed"; fi
-status=`expr $status + $ret`
+n=$((n+1))
+if [ $ret != 0 ]; then echo_i "failed"; fi
+status=$((status+ret))
-echo "I:exit status: $status"
+echo_i "exit status: $status"
[ $status -eq 0 ] || exit 1
# Check the example. domain
-echo "I:checking that positive validation works ($n)"
+echo_i "checking that positive validation works ($n)"
ret=0
$DIG $DIGOPTS . @10.53.0.1 soa > dig.out.ns1.test$n || ret=1
$DIG $DIGOPTS . @10.53.0.2 soa > dig.out.ns2.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns1.test$n dig.out.ns2.test$n || ret=1
grep "flags:.*ad.*QUERY" dig.out.ns2.test$n > /dev/null || ret=1
-n=`expr $n + 1`
-if [ $ret != 0 ]; then echo "I:failed"; fi
-status=`expr $status + $ret`
+n=$((n+1))
+if [ $ret != 0 ]; then echo_i "failed"; fi
+status=$((status+ret))
# Check test vectors (RFC 8080 + errata)
-echo "I:checking that Ed25519 test vectors match ($n)"
+echo_i "checking that Ed25519 test vectors match ($n)"
ret=0
grep 'oL9krJun7xfBOIWcGHi7mag5/hdZrKWw15jP' ns2/example.com.db.signed > /dev/null || ret=1
grep 'VrbpMngwcrqNAg==' ns2/example.com.db.signed > /dev/null || ret=1
grep 'zXQ0bkYgQTEFyfLyi9QoiY6D8ZdYo4wyUhVi' ns2/example.com.db.signed > /dev/null || ret=1
grep 'R0O7KuI5k2pcBg==' ns2/example.com.db.signed > /dev/null || ret=1
-n=`expr $n + 1`
-if [ $ret != 0 ]; then echo "I:failed"; fi
-status=`expr $status + $ret`
+n=$((n+1))
+if [ $ret != 0 ]; then echo_i "failed"; fi
+status=$((status+ret))
-echo "I:checking that Ed448 test vectors match ($n)"
+echo_i "checking that Ed448 test vectors match ($n)"
ret=0
grep '3cPAHkmlnxcDHMyg7vFC34l0blBhuG1qpwLm' ns2/example.com.db.signed > /dev/null || ret=1
grep 'jInI8w1CMB29FkEAIJUA0amxWndkmnBZ6SKi' ns2/example.com.db.signed > /dev/null || ret=1
grep 'Sxv5OWbf81Rq7Yu60npabODB0QFPb/rkW3kU' ns2/example.com.db.signed > /dev/null || ret=1
grep 'ZmQ0YQUA' ns2/example.com.db.signed > /dev/null || ret=1
-n=`expr $n + 1`
-if [ $ret != 0 ]; then echo "I:failed"; fi
-status=`expr $status + $ret`
+n=$((n+1))
+if [ $ret != 0 ]; then echo_i "failed"; fi
+status=$((status+ret))
-echo "I:exit status: $status"
+echo_i "exit status: $status"
[ $status -eq 0 ] || exit 1
then
:
else
- echo "I:This test requires the Net::DNS library." >&2
+ echo_i "This test requires the Net::DNS library." >&2
exit 1
fi
. $SYSTEMTESTTOP/conf.sh
$FEATURETEST --enable-filter-aaaa || {
- echo "I:This test requires --enable-filter-aaaa at compile time." >&2
+ echo_i "This test requires --enable-filter-aaaa at compile time." >&2
exit 255
}
exit 0
# Check the example. domain
-echo "I:checking that positive validation works ($n)"
+echo_i "checking that positive validation works ($n)"
ret=0
$DIG $DIGOPTS . @10.53.0.1 soa > dig.out.ns1.test$n || ret=1
$DIG $DIGOPTS . @10.53.0.2 soa > dig.out.ns2.test$n || ret=1
$PERL ../digcomp.pl dig.out.ns1.test$n dig.out.ns2.test$n || ret=1
grep "flags:.*ad.*QUERY" dig.out.ns2.test$n > /dev/null || ret=1
n=`expr $n + 1`
-if [ $ret != 0 ]; then echo "I:failed"; fi
+if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
-echo "I:exit status: $status"
+echo_i "exit status: $status"
[ $status -eq 0 ] || exit 1
rm -f $k1.private
mv $k1.key a-file
$IMPORTKEY -P now -D now+3600 -f a-file $zone > /dev/null 2>&1 ||
- ( echo "importkey failed: $alg"; rm -f $checkfile )
+ ( echo_i "importkey failed: $alg"; rm -f $checkfile )
rm -f $k2.private
mv $k2.key a-file
$IMPORTKEY -f a-file $zone > /dev/null 2>&1 ||
- ( echo "importkey failed: $alg"; rm -f $checkfile )
+ ( echo_i "importkey failed: $alg"; rm -f $checkfile )
done
common_options="-D lwresd-lwresd1 -X lwresd.lock -m record,size,mctx -T clienttest -d 99 -g -U 4 -i lwresd.pid -P 9210 -p 5300"
status=0
-echo "I:waiting for nameserver to load"
+echo_i "waiting for nameserver to load"
for i in 0 1 2 3 4 5 6 7 8 9
do
ret=0
test $ret = 0 && break
sleep 1
done
-if [ $ret != 0 ]; then echo "I:failed"; fi
+if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
-echo "I:using resolv.conf"
+echo_i "using resolv.conf"
ret=0
for i in 0 1 2 3 4 5 6 7 8 9
do
done
$LWTEST || ret=1
if [ $ret != 0 ]; then
- echo "I:failed"
+ echo_i "failed"
fi
status=`expr $status + $ret`
$PERL $SYSTEMTESTTOP/start.pl --restart lwresd lwresd1 -- "-c lwresd.conf $common_options"
-echo "I:using lwresd.conf"
+echo_i "using lwresd.conf"
ret=0
for i in 0 1 2 3 4 5 6 7 8 9
do
done
$LWTEST || ret=1
if [ $ret != 0 ]; then
- echo "I:failed"
+ echo_i "failed"
fi
status=`expr $status + $ret`
$PERL $SYSTEMTESTTOP/start.pl --restart lwresd lwresd1 -- "-c nosearch.conf $common_options"
-echo "I:using nosearch.conf"
+echo_i "using nosearch.conf"
ret=0
for i in 0 1 2 3 4 5 6 7 8 9
do
done
$LWTEST -nosearch || ret=1
if [ $ret != 0 ]; then
- echo "I:failed"
+ echo_i "failed"
fi
status=`expr $status + $ret`
-echo "I:exit status: $status"
+echo_i "exit status: $status"
[ $status -eq 0 ] || exit 1
mkeys_refresh_on 2 || ret=1
mkeys_status_on 2 > rndc.out.1.$n 2>&1 || ret=1
# four keys listed
-count=`grep -c "keyid: " rndc.out.1.$n`
-[ "$count" -eq 4 ] || { echo "keyid: count ($count) != 4"; ret=1; }
+count=$(grep -c "keyid: " rndc.out.1.$n) || true
+[ "$count" -eq 4 ] || { echo_i "keyid: count ($count) != 4"; ret=1; }
# one revoked
-count=`grep -c "trust revoked" rndc.out.1.$n`
-[ "$count" -eq 1 ] || { echo "trust revoked count ($count) != 1"; ret=1; }
+count=$(grep -c "trust revoked" rndc.out.1.$n) || true
+[ "$count" -eq 1 ] || { echo_i "trust revoked count ($count) != 1"; ret=1; }
# two pending
-count=`grep -c "trust pending" rndc.out.1.$n`
-[ "$count" -eq 2 ] || { echo "trust pending count ($count) != 2"; ret=1; }
+count=$(grep -c "trust pending" rndc.out.1.$n) || true
+[ "$count" -eq 2 ] || { echo_i "trust pending count ($count) != 2"; ret=1; }
$SETTIME -R now -K ns1 "$standby3" > /dev/null
mkeys_loadkeys_on 1 || ret=1
mkeys_refresh_on 2 || ret=1
mkeys_status_on 2 > rndc.out.2.$n 2>&1 || ret=1
# now three keys listed
-count=`grep -c "keyid: " rndc.out.2.$n`
-[ "$count" -eq 3 ] || { echo "keyid: count ($count) != 3"; ret=1; }
+count=$(grep -c "keyid: " rndc.out.2.$n) || true
+[ "$count" -eq 3 ] || { echo_i "keyid: count ($count) != 3"; ret=1; }
# one revoked
-count=`grep -c "trust revoked" rndc.out.2.$n`
-[ "$count" -eq 1 ] || { echo "trust revoked count ($count) != 1"; ret=1; }
+count=$(grep -c "trust revoked" rndc.out.2.$n) || true
+[ "$count" -eq 1 ] || { echo_i "trust revoked count ($count) != 1"; ret=1; }
# one pending
-count=`grep -c "trust pending" rndc.out.2.$n`
-[ "$count" -eq 1 ] || { echo "trust pending count ($count) != 1"; ret=1; }
+count=$(grep -c "trust pending" rndc.out.2.$n) || true
+[ "$count" -eq 1 ] || { echo_i "trust pending count ($count) != 1"; ret=1; }
$SETTIME -D now -K ns1 "$standby3" > /dev/null
mkeys_loadkeys_on 1 || ret=1
if [ $ret != 0 ]; then echo_i "failed"; fi
mkeys_refresh_on 2 || ret=1
mkeys_status_on 2 > rndc.out.$n 2>&1 || ret=1
# one key listed
-count=`grep -c "keyid: " rndc.out.$n`
-[ "$count" -eq 1 ] || { echo "'keyid:' count ($count) != 1"; ret=1; }
+count=$(grep -c "keyid: " rndc.out.$n) || true
+[ "$count" -eq 1 ] || { echo_i "'keyid:' count ($count) != 1"; ret=1; }
# it's the original key id
-count=`grep -c "keyid: $originalid" rndc.out.$n`
-[ "$count" -eq 1 ] || { echo "'keyid: $originalid' count ($count) != 1"; ret=1; }
+count=$(grep -c "keyid: $originalid" rndc.out.$n) || true
+[ "$count" -eq 1 ] || { echo_i "'keyid: $originalid' count ($count) != 1"; ret=1; }
# not revoked
-count=`grep -c "REVOKE" rndc.out.$n`
-[ "$count" -eq 0 ] || { echo "'REVOKE' count ($count) != 0"; ret=1; }
+count=$(grep -c "REVOKE" rndc.out.$n) || true
+[ "$count" -eq 0 ] || { echo_i "'REVOKE' count ($count) != 0"; ret=1; }
# trust is still current
-count=`grep -c "trust" rndc.out.$n`
-[ "$count" -eq 1 ] || { echo "'trust' count != 1"; ret=1; }
-count=`grep -c "trusted since" rndc.out.$n`
-[ "$count" -eq 1 ] || { echo "'trusted since' count != 1"; ret=1; }
+count=$(grep -c "trust" rndc.out.$n) || true
+[ "$count" -eq 1 ] || { echo_i "'trust' count != 1"; ret=1; }
+count=$(grep -c "trusted since" rndc.out.$n) || true
+[ "$count" -eq 1 ] || { echo_i "'trusted since' count != 1"; ret=1; }
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
SYSTEMTESTTOP=..
. $SYSTEMTESTTOP/conf.sh
-echo "I:(Native PKCS#11)" >&2
+echo_i "(Native PKCS#11)" >&2
ecxfail=0
$SHELL ../testcrypto.sh -q eddsa || ecxfail=1
for alg in $algs; do
zonefile=ns1/$alg.example.db
- echo "I:testing PKCS#11 key generation ($alg)"
+ echo_i "testing PKCS#11 key generation ($alg)"
count=`$PK11LIST | grep robie-$alg-ksk | wc -l`
- if [ $count != 2 ]; then echo "I:failed"; status=1; fi
+ if [ $count != 2 ]; then echo_i "failed"; status=1; fi
- echo "I:testing offline signing with PKCS#11 keys ($alg)"
+ echo_i "testing offline signing with PKCS#11 keys ($alg)"
count=`grep RRSIG $zonefile.signed | wc -l`
- if [ $count != 12 ]; then echo "I:failed"; status=1; fi
+ if [ $count != 12 ]; then echo_i "failed"; status=1; fi
- echo "I:testing inline signing with PKCS#11 keys ($alg)"
+ echo_i "testing inline signing with PKCS#11 keys ($alg)"
$DIG $DIGOPTS ns.$alg.example. @10.53.0.1 a > dig.out.$alg.0 || ret=1
- if [ $ret != 0 ]; then echo "I:failed"; fi
+ if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
count0=`grep RRSIG dig.out.$alg.0 | wc -l`
send
END
- echo "I:waiting 20 seconds for key changes to take effect"
+ echo_i "waiting 20 seconds for key changes to take effect"
sleep 20
$DIG $DIGOPTS ns.$alg.example. @10.53.0.1 a > dig.out.$alg || ret=1
- if [ $ret != 0 ]; then echo "I:failed"; fi
+ if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
count=`grep RRSIG dig.out.$alg | wc -l`
- if [ $count -le $count0 ]; then echo "I:failed"; status=1; fi
+ if [ $count -le $count0 ]; then echo_i "failed"; status=1; fi
- echo "I:testing PKCS#11 key destroy ($alg)"
+ echo_i "testing PKCS#11 key destroy ($alg)"
ret=0
$PK11DEL -l robie-$alg-ksk -w0 > /dev/null 2>&1 || ret=1
$PK11DEL -l robie-$alg-zsk1 -w0 > /dev/null 2>&1 || ret=1
ecx) id=06 ;;
esac
$PK11DEL -i $id -w0 > /dev/null 2>&1 || ret=1
- if [ $ret != 0 ]; then echo "I:failed"; fi
+ if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
count=`$PK11LIST | grep robie-$alg | wc -l`
- if [ $count != 0 ]; then echo "I:failed"; fi
+ if [ $count != 0 ]; then echo_i "failed"; fi
status=`expr $status + $count`
done
SYSTEMTESTTOP=..
. $SYSTEMTESTTOP/conf.sh
-echo "I:(PKCS#11 via OpenSSL)" >&2
+echo_i "(PKCS#11 via OpenSSL)" >&2
exec $SHELL ../testcrypto.sh rsa
alg=rsa
zonefile=ns1/rsa.example.db
-echo "I:testing PKCS#11 key generation (rsa)"
+echo_i "testing PKCS#11 key generation (rsa)"
count=`$PK11LIST | grep robie-rsa-ksk | wc -l`
-if [ $count != 2 ]; then echo "I:failed"; status=1; fi
+if [ $count != 2 ]; then echo_i "failed"; status=1; fi
-echo "I:testing offline signing with PKCS#11 keys (rsa)"
+echo_i "testing offline signing with PKCS#11 keys (rsa)"
count=`grep RRSIG $zonefile.signed | wc -l`
-if [ $count != 12 ]; then echo "I:failed"; status=1; fi
+if [ $count != 12 ]; then echo_i "failed"; status=1; fi
-echo "I:testing inline signing with PKCS#11 keys (rsa)"
+echo_i "testing inline signing with PKCS#11 keys (rsa)"
$NSUPDATE > /dev/null <<END || status=1
server 10.53.0.1 5300
send
END
-echo "I:waiting 20 seconds for key changes to take effect"
+echo_i "waiting 20 seconds for key changes to take effect"
sleep 20
$DIG $DIGOPTS ns.rsa.example. @10.53.0.1 a > dig.out || ret=1
-if [ $ret != 0 ]; then echo "I:failed"; fi
+if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
count=`grep RRSIG dig.out | wc -l`
-if [ $count != 4 ]; then echo "I:failed"; status=1; fi
+if [ $count != 4 ]; then echo_i "failed"; status=1; fi
-echo "I:testing PKCS#11 key destroy (rsa)"
+echo_i "testing PKCS#11 key destroy (rsa)"
ret=0
$PK11DEL -l robie-rsa-ksk -w0 > /dev/null 2>&1 || ret=1
$PK11DEL -l robie-rsa-zsk1 -w0 > /dev/null 2>&1 || ret=1
$PK11DEL -i $id -w0 > /dev/null 2>&1 || ret=1
-if [ $ret != 0 ]; then echo "I:failed"; fi
+if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
count=`$PK11LIST | grep robie-rsa | wc -l`
-if [ $count != 0 ]; then echo "I:failed"; fi
+if [ $count != 0 ]; then echo_i "failed"; fi
status=`expr $status + $count`
-echo "I:exit status: $status"
+echo_i "exit status: $status"
[ $status -eq 0 ] || exit 1
SYSTEMTESTTOP=..
. $SYSTEMTESTTOP/conf.sh
-echo .
DIGOPTS="-p ${PORT}"
RESOLVOPTS="-p ${PORT}"
$FEATURETEST --rpz-nsip || ret=1
if [ $ret != 0 ]; then
- echo "I:This test requires NSIP AND NSDNAME support in RPZ." >&2
+ echo_i "This test requires NSIP AND NSDNAME support in RPZ." >&2
exit 1
fi
then
:
else
- echo "I:This test requires the Net::DNS library." >&2
+ echo_i "This test requires the Net::DNS library." >&2
exit 1
fi
then
rm -f Kfoo*
else
- echo "I:This test requires that --with-openssl was used." >&2
+ echo_i "This test requires that --with-openssl was used." >&2
exit 255
fi
then
:
else
- echo "I:This test requires the Net::DNS library." >&2
+ echo_i "This test requires the Net::DNS library." >&2
exit 1
fi
$PERL update.pl -s 10.53.0.2 -p 5300 zone00000$i.example. &
done
-echo "I:waiting for background processes to finish"
+echo_i "waiting for background processes to finish"
wait
-echo "I:killing reload loop"
+echo_i "killing reload loop"
kill `cat reload.pid`
-echo "I:exit status: $status"
+echo_i "exit status: $status"
[ $status -eq 0 ] || exit 1
rm -f Kfoo*
else
if test $quiet -eq 0; then
- echo "I:This test requires support for $msg1" >&2
- echo "I:configure with $msg2" >&2
+ echo_i "This test requires support for $msg1" >&2
+ echo_i "configure with $msg2" >&2
fi
exit 255
fi
DIGOPTS="@10.53.0.1 -p 5300"
status=0
+n=1
-echo "I:generating new DH key"
+echo_i "generating new DH key ($n)"
ret=0
dhkeyname=`$KEYGEN -T KEY -a DH -b 768 -n host -r $RANDFILE client` || ret=1
if [ $ret != 0 ]; then
- echo "I:failed"
- status=`expr $status + $ret`
- echo "I:exit status: $status"
+ echo_i "failed"
+ status=$((status+ret))
+ echo_i "exit status: $status"
exit $status
fi
status=`expr $status + $ret`
+n=$((n+1))
for owner in . foo.example.
do
- echo "I:creating new key using owner name \"$owner\""
+ echo_i "creating new key using owner name \"$owner\" ($n)"
ret=0
keyname=`$KEYCREATE $dhkeyname $owner` || ret=1
if [ $ret != 0 ]; then
- echo "I:failed"
- status=`expr $status + $ret`
- echo "I:exit status: $status"
+ echo_i "failed"
+ status=$((status+ret))
+ echo_i "exit status: $status"
exit $status
fi
status=`expr $status + $ret`
+ n=$((n+1))
- echo "I:checking the new key"
+ echo_i "checking the new key ($n)"
ret=0
$DIG $DIGOPTS . ns -k $keyname > dig.out.1 || ret=1
grep "status: NOERROR" dig.out.1 > /dev/null || ret=1
grep "TSIG.*hmac-md5.*NOERROR" dig.out.1 > /dev/null || ret=1
grep "Some TSIG could not be validated" dig.out.1 > /dev/null && ret=1
if [ $ret != 0 ]; then
- echo "I:failed"
+ echo_i "failed"
fi
status=`expr $status + $ret`
+ n=$((n+1))
- echo "I:deleting new key"
+ echo_i "deleting new key ($n)"
ret=0
$KEYDELETE $keyname || ret=1
if [ $ret != 0 ]; then
- echo "I:failed"
+ echo_i "failed"
fi
status=`expr $status + $ret`
+ n=$((n+1))
- echo "I:checking that new key has been deleted"
+ echo_i "checking that new key has been deleted ($n)"
ret=0
$DIG $DIGOPTS . ns -k $keyname > dig.out.2 || ret=1
grep "status: NOERROR" dig.out.2 > /dev/null && ret=1
grep "TSIG.*hmac-md5.*NOERROR" dig.out.2 > /dev/null && ret=1
grep "Some TSIG could not be validated" dig.out.2 > /dev/null || ret=1
if [ $ret != 0 ]; then
- echo "I:failed"
+ echo_i "failed"
fi
status=`expr $status + $ret`
+ n=$((n+1))
done
-echo "I:creating new key using owner name bar.example."
+echo_i "creating new key using owner name bar.example. ($n)"
ret=0
keyname=`$KEYCREATE $dhkeyname bar.example.` || ret=1
if [ $ret != 0 ]; then
- echo "I:failed"
- status=`expr $status + $ret`
- echo "I:exit status: $status"
+ echo_i "failed"
+ status=$((status+ret))
+ echo_i "exit status: $status"
exit $status
fi
status=`expr $status + $ret`
+n=$((n+1))
-echo "I:checking the key with 'rndc tsig-list'"
+echo_i "checking the key with 'rndc tsig-list' ($n)"
ret=0
$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 tsig-list > rndc.out.1
grep "key \"bar.example.server" rndc.out.1 > /dev/null || ret=1
if [ $ret != 0 ]; then
- echo "I:failed"
+ echo_i "failed"
fi
status=`expr $status + $ret`
+n=$((n+1))
-echo "I:using key in a request"
+echo_i "using key in a request ($n)"
ret=0
$DIG $DIGOPTS -k $keyname txt.example txt > dig.out.3 || ret=1
grep "status: NOERROR" dig.out.3 > /dev/null || ret=1
if [ $ret != 0 ]; then
- echo "I:failed"
+ echo_i "failed"
fi
status=`expr $status + $ret`
+n=$((n+1))
-echo "I:deleting the key with 'rndc tsig-delete'"
+echo_i "deleting the key with 'rndc tsig-delete' ($n)"
ret=0
$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 tsig-delete bar.example.server > /dev/null || ret=1
$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 tsig-list > rndc.out.2
$DIG $DIGOPTS -k $keyname txt.example txt > dig.out.4 || ret=1
grep "TSIG could not be validated" dig.out.4 > /dev/null || ret=1
if [ $ret != 0 ]; then
- echo "I:failed"
+ echo_i "failed"
fi
status=`expr $status + $ret`
+n=$((n+1))
-echo "I:recreating the bar.example. key"
+echo_i "recreating the bar.example. key ($n)"
ret=0
keyname=`$KEYCREATE $dhkeyname bar.example.` || ret=1
if [ $ret != 0 ]; then
- echo "I:failed"
- status=`expr $status + $ret`
- echo "I:exit status: $status"
+ echo_i "failed"
+ status=$((status+ret))
+ echo_i "exit status: $status"
exit $status
fi
status=`expr $status + $ret`
+n=$((n+1))
-echo "I:checking the new key with 'rndc tsig-list'"
+echo_i "checking the new key with 'rndc tsig-list' ($n)"
ret=0
$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 tsig-list > rndc.out.3
grep "key \"bar.example.server" rndc.out.3 > /dev/null || ret=1
if [ $ret != 0 ]; then
- echo "I:failed"
+ echo_i "failed"
fi
status=`expr $status + $ret`
+n=$((n+1))
-echo "I:using the new key in a request"
+echo_i "using the new key in a request ($n)"
ret=0
$DIG $DIGOPTS -k $keyname txt.example txt > dig.out.5 || ret=1
grep "status: NOERROR" dig.out.5 > /dev/null || ret=1
if [ $ret != 0 ]; then
- echo "I:failed"
+ echo_i "failed"
fi
status=`expr $status + $ret`
+n=$((n+1))
-echo "I:exit status: $status"
+echo_i "exit status: $status"
[ $status -eq 0 ] || exit 1
set -e
if test -z "$PERL"; then
- echo "I:This test requires Perl." >&2
+ echo_i "This test requires Perl." >&2
exit 1
fi
echo_i "failed"; status=1
fi
-echo "I:check that multiple dnssec-keygen calls don't emit dns_dnssec_findmatchingkeys warning"
+echo_i "check that multiple dnssec-keygen calls don't emit dns_dnssec_findmatchingkeys warning"
ret=0
$KEYGEN -r $RANDFILE -a hmac-sha256 -b 128 -n host example.net > keygen.out1 2>&1 || ret=1
grep dns_dnssec_findmatchingkeys keygen.out1 > /dev/null && ret=1
$KEYGEN -r $RANDFILE -a hmac-sha256 -b 128 -n host example.net > keygen.out2 2>&1 || ret=1
grep dns_dnssec_findmatchingkeys keygen.out2 > /dev/null && ret=1
if [ $ret -eq 1 ] ; then
- echo "I: failed"; status=1
+ echo_i " failed"; status=1
fi
echo_i "check that a 'BADTIME' response with 'QR=0' is handled as a request"
send
answer
EOF
- echo "I:testing update for $host $type $cmd"
+ echo_i "testing update for $host $type $cmd"
$NSUPDATE -g -d ns1/update.txt > nsupdate.out${num} 2>&1 || {
- echo "I:update failed for $host $type $cmd"
+ echo_i "update failed for $host $type $cmd"
sed "s/^/I:/" nsupdate.out${num}
return 1
}
tkeyout=`awk '/recvmsg reply from GSS-TSIG query/,/Sending update to/' nsupdate.out${num}`
pattern="recvmsg reply from GSS-TSIG query .* opcode: QUERY, status: NOERROR, id: .* flags: qr; QUESTION: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1 ;; QUESTION SECTION: ;.* ANY TKEY ;; ANSWER SECTION: .* 0 ANY TKEY gss-tsig\. .* ;; TSIG PSEUDOSECTION: .* 0 ANY TSIG gss-tsig\. .* NOERROR 0"
echo $tkeyout | grep "$pattern" > /dev/null || {
- echo "I:bad tkey response (not tsig signed)"
+ echo_i "bad tkey response (not tsig signed)"
return 1
}
# Weak verification that TKEY response is signed.
grep -q "flags: qr; QUESTION: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1" nsupdate.out${num} || {
- echo "I:bad tkey response (not tsig signed)"
+ echo_i "bad tkey response (not tsig signed)"
return 1
}
out=`$DIG $DIGOPTS -t $type -q $host | egrep "^${host}"`
lines=`echo "$out" | grep "$digout" | wc -l`
[ $lines -eq 1 ] || {
- echo "I:dig output incorrect for $host $type $cmd: $out"
+ echo_i "dig output incorrect for $host $type $cmd: $out"
return 1
}
return 0
KRB5CCNAME="FILE:"`pwd`/ns1/administrator.ccache
export KRB5CCNAME
-echo "I:testing updates to testdc1 as administrator ($n)"
+echo_i "testing updates to testdc1 as administrator ($n)"
ret=0
test_update $n testdc1.example.nil. A "86400 A 10.53.0.10" "10.53.0.10" || ret=1
n=$((n+1))
if [ "$ret" -ne 0 ]; then echo_i "failed"; fi
status=$((status+ret))
-echo "I:testing updates to testdc2 as administrator ($n)"
+echo_i "testing updates to testdc2 as administrator ($n)"
ret=0
test_update $n testdc2.example.nil. A "86400 A 10.53.0.11" "10.53.0.11" || ret=1
n=$((n+1))
if [ "$ret" -ne 0 ]; then echo_i "failed"; fi
status=$((status+ret))
-echo "I:testing updates to denied as administrator ($n)"
+echo_i "testing updates to denied as administrator ($n)"
ret=0
test_update $n denied.example.nil. TXT "86400 TXT helloworld" "helloworld" > /dev/null && ret=1
n=$((n+1))
KRB5CCNAME="FILE:"`pwd`/ns1/testdenied.ccache
export KRB5CCNAME
-echo "I:testing updates to denied (A) as a user ($n)"
+echo_i "testing updates to denied (A) as a user ($n)"
ret=0
test_update $n testdenied.example.nil. A "86400 A 10.53.0.12" "10.53.0.12" > /dev/null && ret=1
n=$((n+1))
if [ "$ret" -ne 0 ]; then echo_i "failed"; fi
status=$((status+ret))
-echo "I:testing updates to denied (TXT) as a user ($n)"
+echo_i "testing updates to denied (TXT) as a user ($n)"
ret=0
test_update $n testdenied.example.nil. TXT "86400 TXT helloworld" "helloworld" || ret=1
n=$((n+1))
if [ "$ret" -ne 0 ]; then echo_i "failed"; fi
status=$((status+ret))
-echo "I:testing external update policy (CNAME) ($n)"
+echo_i "testing external update policy (CNAME) ($n)"
ret=0
test_update $n testcname.example.nil. CNAME "86400 CNAME testdenied.example.nil" "testdenied" > /dev/null && ret=1
n=$((n+1))
if [ "$ret" -ne 0 ]; then echo_i "failed"; fi
status=$((status+ret))
-echo "I:testing external update policy (CNAME) with auth sock ($n)"
+echo_i "testing external update policy (CNAME) with auth sock ($n)"
ret=0
$PERL ./authsock.pl --type=CNAME --path=ns1/auth.sock --pidfile=authsock.pid --timeout=120 > /dev/null 2>&1 &
sleep 1
if [ "$ret" -ne 0 ]; then echo_i "failed"; fi
status=$((status+ret))
-echo "I:testing external update policy (A) ($n)"
+echo_i "testing external update policy (A) ($n)"
ret=0
test_update $n testcname.example.nil. A "86400 A 10.53.0.13" "10.53.0.13" > /dev/null && ret=1
n=$((n+1))
if [ "$ret" -ne 0 ]; then echo_i "failed"; fi
status=$((status+ret))
-echo "I:testing external policy with SIG(0) key ($n)"
+echo_i "testing external policy with SIG(0) key ($n)"
ret=0
$NSUPDATE -R $RANDFILE -k ns1/Kkey.example.nil.*.private <<END > /dev/null 2>&1 || ret=1
server 10.53.0.1 ${PORT}
END
output=`$DIG $DIGOPTS +short cname fred.example.nil.`
[ -n "$output" ] || ret=1
-[ $ret -eq 0 ] || echo "I:failed"
+[ $ret -eq 0 ] || echo_i "failed"
n=$((n+1))
if [ "$ret" -ne 0 ]; then echo_i "failed"; fi
status=$((status+ret))
-echo "I:ensure too long realm name is fatal in non-interactive mode ($n)"
+echo_i "ensure too long realm name is fatal in non-interactive mode ($n)"
ret=0
$NSUPDATE <<END > nsupdate.out${n} 2>&1 && ret=1
realm namenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamename
if [ "$ret" -ne 0 ]; then echo_i "failed"; fi
status=$((status+ret))
-echo "I:ensure too long realm name is not fatal in interactive mode ($n)"
+echo_i "ensure too long realm name is not fatal in interactive mode ($n)"
ret=0
$NSUPDATE -i <<END > nsupdate.out${n} 2>&1 || ret=1
realm namenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamenamename
END
grep "realm is too long" nsupdate.out${n} > /dev/null || ret=1
-[ $ret = 0 ] || { echo I:failed; status=1; }
+[ $ret = 0 ] || { echo_i "failed"; status=1; }
n=$((n+1))
if [ "$ret" -ne 0 ]; then echo_i "failed"; fi
status=$((status+ret))
-[ $status -eq 0 ] && echo "I:tsiggss tests all OK"
+[ $status -eq 0 ] && echo_i "tsiggss tests all OK"
kill `cat authsock.pid`
-echo "I:exit status: $status"
+echo_i "exit status: $status"
[ $status -eq 0 ] || exit 1
echo 10.0.0.1 | $DIFF - dig.out || ret=1
if [ $ret != 0 ]
then
- echo "#$i failed"
+ echo_i "#$i failed"
fi
status=`expr $status + $ret`
done
echo '"hello"' | $DIFF - dig.out || ret=1
if [ $ret != 0 ]
then
- echo "#$i failed"
+ echo_i "#$i failed"
fi
status=`expr $status + $ret`
done
echo '\# 1 00' | $DIFF - dig.out || ret=1
if [ $ret != 0 ]
then
- echo "#$i failed"
+ echo_i "#$i failed"
fi
status=`expr $status + $ret`
done
echo '\# 4 0A000001' | $DIFF - dig.out || ret=1
if [ $ret != 0 ]
then
- echo "#$i failed"
+ echo_i "#$i failed"
fi
status=`expr $status + $ret`
done
echo '"hello"' | $DIFF - dig.out || ret=1
if [ $ret != 0 ]
then
- echo "#$i failed"
+ echo_i "#$i failed"
fi
status=`expr $status + $ret`
done
echo '\# 1 00' | $DIFF - dig.out || ret=1
if [ $ret != 0 ]
then
- echo "#$i failed"
+ echo_i "#$i failed"
fi
status=`expr $status + $ret`
done
grep "SERVFAIL" dig.out > /dev/null || ret=1
if [ $ret != 0 ]
then
- echo "#$i failed"
+ echo_i "#$i failed"
fi
status=`expr $status + $ret`
done
one=`$DIG $SHORTOPTS -b 10.53.0.2 @10.53.0.2 b.clone a`
two=`$DIG $SHORTOPTS -b 10.53.0.4 @10.53.0.2 b.clone a`
if [ "$one" != "$two" ]; then
- echo "'$one' does not match '$two'"
+ echo_i "'$one' does not match '$two'"
ret=1
fi
if [ $ret != 0 ]; then echo_i "failed"; fi
two=`$DIG $SHORTOPTS -b 10.53.0.4 @10.53.0.2 child.clone txt`
three=`$DIG $SHORTOPTS @10.53.0.3 child.clone txt`
four=`$DIG $SHORTOPTS @10.53.0.5 child.clone txt`
-echo "$three" | grep NS3 > /dev/null || { ret=1; echo "expected response from NS3 got '$three'"; }
-echo "$four" | grep NS5 > /dev/null || { ret=1; echo "expected response from NS5 got '$four'"; }
+echo "$three" | grep NS3 > /dev/null || { ret=1; echo_i "expected response from NS3 got '$three'"; }
+echo "$four" | grep NS5 > /dev/null || { ret=1; echo_i "expected response from NS5 got '$four'"; }
if [ "$one" = "$two" ]; then
- echo "'$one' matches '$two'"
+ echo_i "'$one' matches '$two'"
ret=1
fi
if [ "$one" != "$three" ]; then
- echo "'$one' does not match '$three'"
+ echo_i "'$one' does not match '$three'"
ret=1
fi
if [ "$two" != "$four" ]; then
- echo "'$two' does not match '$four'"
+ echo_i "'$two' does not match '$four'"
ret=1
fi
if [ $ret != 0 ]; then echo_i "failed"; fi
then
:
else
- echo "I:This test requires the Net::DNS library." >&2
+ echo_i "This test requires the Net::DNS library." >&2
exit 1
fi
projects / thirdparty / bind9.git / commitdiff
