Update autosign system test

When checking for the number of logs related to DNSKEY key maintenance
events, don't include CDNSKEY is published lines.

Also consider RSASHA1: If not supported, the key maintenance for
the nsec-only zone are not logged.

diff --git a/bin/tests/system/autosign/tests.sh b/bin/tests/system/autosign/tests.sh
index 6d3bc273569f1b6e26c91dcd969eef459fc9f0d0..604943cf402d8e71a369dbfade36b7c281e9305d 100755 (executable)
--- a/bin/tests/system/autosign/tests.sh
+++ b/bin/tests/system/autosign/tests.sh
@@ -1248,7 +1248,7 @@ status=$((status + ret))
 
 echo_i "checking key maintenance events were logged correctly ($n)"
 ret=0
-pub=$(grep "DNSKEY .* is now published" ns2/named.run | wc -l)
+pub=$(grep "DNSKEY .* is now published" ns2/named.run | grep -v "CDNSKEY" | wc -l)
 [ "$pub" -eq 10 ] || ret=1
 act=$(grep "DNSKEY .* is now active" ns2/named.run | wc -l)
 [ "$act" -eq 10 ] || ret=1
@@ -1258,10 +1258,17 @@ inac=$(grep "DNSKEY .* is now inactive" ns2/named.run | wc -l)
 [ "$inac" -eq 0 ] || ret=1
 del=$(grep "DNSKEY .* is now deleted" ns2/named.run | wc -l)
 [ "$del" -eq 0 ] || ret=1
-pub=$(grep "DNSKEY .* is now published" ns3/named.run | wc -l)
-[ "$pub" -eq 55 ] || ret=1
+pub=$(grep "DNSKEY .* is now published" ns3/named.run | grep -v "CDNSKEY" | wc -l)
 act=$(grep "DNSKEY .* is now active" ns3/named.run | wc -l)
-[ "$act" -eq 53 ] || ret=1
+if $SHELL ../testcrypto.sh -q RSASHA1
+then
+       # Include two log lines for nsec-only zone.
+       [ "$pub" -eq 53 ] || ret=1
+       [ "$act" -eq 53 ] || ret=1
+else
+       [ "$pub" -eq 51 ] || ret=1
+       [ "$act" -eq 51 ] || ret=1
+fi
 rev=$(grep "DNSKEY .* is now revoked" ns3/named.run | wc -l)
 [ "$rev" -eq 0 ] || ret=1
 inac=$(grep "DNSKEY .* is now inactive" ns3/named.run | wc -l)