From: Ondřej Surý Date: Wed, 18 Mar 2020 14:30:56 +0000 (+0100) Subject: Fix the eddsa system test to allow parallel run X-Git-Tag: v9.17.1~33^2~1 X-Git-Url: http://git.ipfire.org/gitweb/index.cgi?a=commitdiff_plain;h=4124a899728baee3c1f9d5d8a2b79e6782f588ef;p=thirdparty%2Fbind9.git Fix the eddsa system test to allow parallel run The eddsa test was not adapted to dynamic ports, so we had to run it in sequence. This commit adds support for dynamic ports, and also makes all the scripts shellcheck clean. --- diff --git a/bin/tests/system/conf.sh.common b/bin/tests/system/conf.sh.common index 4805ce71e09..407f1b98006 100644 --- a/bin/tests/system/conf.sh.common +++ b/bin/tests/system/conf.sh.common @@ -37,7 +37,7 @@ export LANG=C # SEQUENTIAL_UNIX in conf.sh.in; those that only run on windows should # be added to SEQUENTIAL_WINDOWS in conf.sh.win32. # -SEQUENTIAL_COMMON="eddsa tkey" +SEQUENTIAL_COMMON="tkey" # # These tests can use ports assigned by the caller (other than 5300 @@ -58,7 +58,7 @@ PARALLEL_COMMON="dnssec rpzrecurse serve-stale \ checkconf checknames checkzone \ cookie database digdelv dlz dlzexternal \ dns64 dscp dsdigest dyndb \ - ecdsa ednscompliance emptyzones \ + ecdsa eddsa ednscompliance emptyzones \ fetchlimit filter-aaaa formerr forward \ geoip2 glue idna include-multiplecfg \ inline integrity ixfr \ diff --git a/bin/tests/system/eddsa/clean.sh b/bin/tests/system/eddsa/clean.sh index 8e2e225e19c..f230cb01bfe 100644 --- a/bin/tests/system/eddsa/clean.sh +++ b/bin/tests/system/eddsa/clean.sh @@ -9,11 +9,17 @@ # See the COPYRIGHT file distributed with this work for additional # information regarding copyright ownership. -rm -f */K* */dsset-* */*.signed */trusted.conf -rm -f ns1/root.db -rm -f ns*/signer.err -rm -f dig.out* -rm -f */named.run -rm -f */named.memstats -rm -f ns*/named.lock +set -e + +rm -f ./dig.out* +rm -f ns*/*.signed +rm -f ns*/K* +rm -f ns*/dsset-* rm -f ns*/managed-keys.bind* +rm -f ns*/named.conf +rm -f ns*/named.lock +rm -f ns*/named.memstats +rm -f ns*/named.run +rm -f ns*/root.db +rm -f ns*/signer.err +rm -f ns*/trusted.conf diff --git a/bin/tests/system/eddsa/ns1/named.conf b/bin/tests/system/eddsa/ns1/named.conf.in similarity index 98% rename from bin/tests/system/eddsa/ns1/named.conf rename to bin/tests/system/eddsa/ns1/named.conf.in index 50eb0484085..88a25479357 100644 --- a/bin/tests/system/eddsa/ns1/named.conf +++ b/bin/tests/system/eddsa/ns1/named.conf.in @@ -17,7 +17,7 @@ options { query-source address 10.53.0.1; notify-source 10.53.0.1; transfer-source 10.53.0.1; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.1; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/eddsa/ns1/sign.sh b/bin/tests/system/eddsa/ns1/sign.sh index 761ee134289..f1a462a263a 100644 --- a/bin/tests/system/eddsa/ns1/sign.sh +++ b/bin/tests/system/eddsa/ns1/sign.sh @@ -9,24 +9,25 @@ # See the COPYRIGHT file distributed with this work for additional # information regarding copyright ownership. -SYSTEMTESTTOP=../.. -. $SYSTEMTESTTOP/conf.sh +set -e + +. "$SYSTEMTESTTOP/conf.sh" zone=. infile=root.db.in zonefile=root.db -key1=`$KEYGEN -q -a ED25519 -n zone $zone` -key2=`$KEYGEN -q -a ED25519 -n zone -f KSK $zone` -#key2=`$KEYGEN -q -a ED448 -n zone -f KSK $zone` -$DSFROMKEY -a sha-256 $key2.key > dsset-256 +key1=$($KEYGEN -q -a ED25519 -n zone "$zone") +key2=$($KEYGEN -q -a ED25519 -n zone -f KSK "$zone") +#key2=$($KEYGEN -q -a ED448 -n zone -f KSK "$zone") +$DSFROMKEY -a sha-256 "$key2.key" > dsset-256 -cat $infile $key1.key $key2.key > $zonefile +cat "$infile" "$key1.key" "$key2.key" > "$zonefile" -$SIGNER -P -g -o $zone $zonefile > /dev/null 2> signer.err || cat signer.err +$SIGNER -P -g -o "$zone" "$zonefile" > /dev/null 2> signer.err || cat signer.err # Configure the resolving server with a static key. -keyfile_to_static_ds $key1 > trusted.conf +keyfile_to_static_ds "$key1" > trusted.conf cp trusted.conf ../ns2/trusted.conf cd ../ns2 && $SHELL sign.sh diff --git a/bin/tests/system/eddsa/ns2/named.conf b/bin/tests/system/eddsa/ns2/named.conf.in similarity index 98% rename from bin/tests/system/eddsa/ns2/named.conf rename to bin/tests/system/eddsa/ns2/named.conf.in index 420073fc056..198cdbbcec5 100644 --- a/bin/tests/system/eddsa/ns2/named.conf +++ b/bin/tests/system/eddsa/ns2/named.conf.in @@ -17,7 +17,7 @@ options { query-source address 10.53.0.2; notify-source 10.53.0.2; transfer-source 10.53.0.2; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.2; }; listen-on-v6 { none; }; diff --git a/bin/tests/system/eddsa/ns2/sign.sh b/bin/tests/system/eddsa/ns2/sign.sh index 7aeceecd2a1..ddd7a927463 100644 --- a/bin/tests/system/eddsa/ns2/sign.sh +++ b/bin/tests/system/eddsa/ns2/sign.sh @@ -9,8 +9,9 @@ # See the COPYRIGHT file distributed with this work for additional # information regarding copyright ownership. -SYSTEMTESTTOP=../.. -. $SYSTEMTESTTOP/conf.sh +set -e + +. "$SYSTEMTESTTOP/conf.sh" zone=example.com. zonefile=example.com.db @@ -22,7 +23,7 @@ for i in Xexample.com.+015+03613.key Xexample.com.+015+03613.private \ Xexample.com.+016+09713.key Xexample.com.+016+09713.private \ Xexample.com.+016+38353.key Xexample.com.+016+38353.private do - cp $i `echo $i | sed s/X/K/` + cp "$i" "$(echo $i | sed s/X/K/)" done -$SIGNER -P -z -s $starttime -e $endtime -o $zone $zonefile > /dev/null 2> signer.err || cat signer.err +$SIGNER -P -z -s "$starttime" -e "$endtime" -o "$zone" "$zonefile" > /dev/null 2> signer.err || cat signer.err diff --git a/bin/tests/system/eddsa/prereq.sh b/bin/tests/system/eddsa/prereq.sh index 648f97dcf93..e86ce7eb397 100644 --- a/bin/tests/system/eddsa/prereq.sh +++ b/bin/tests/system/eddsa/prereq.sh @@ -9,7 +9,10 @@ # See the COPYRIGHT file distributed with this work for additional # information regarding copyright ownership. -SYSTEMTESTTOP=.. -. $SYSTEMTESTTOP/conf.sh +set -e -exec $SHELL ../testcrypto.sh eddsa +. "$SYSTEMTESTTOP/conf.sh" + +if ! $SHELL ../testcrypto.sh eddsa; then + exit 1 +fi diff --git a/bin/tests/system/eddsa/setup.sh b/bin/tests/system/eddsa/setup.sh index f5482e6c38c..69c4995f41b 100644 --- a/bin/tests/system/eddsa/setup.sh +++ b/bin/tests/system/eddsa/setup.sh @@ -9,7 +9,11 @@ # See the COPYRIGHT file distributed with this work for additional # information regarding copyright ownership. -SYSTEMTESTTOP=.. -. $SYSTEMTESTTOP/conf.sh +set -e + +. "$SYSTEMTESTTOP/conf.sh" + +copy_setports ns1/named.conf.in ns1/named.conf +copy_setports ns2/named.conf.in ns2/named.conf cd ns1 && $SHELL sign.sh diff --git a/bin/tests/system/eddsa/tests.sh b/bin/tests/system/eddsa/tests.sh index 4f6269e34be..2dcc138c2fd 100644 --- a/bin/tests/system/eddsa/tests.sh +++ b/bin/tests/system/eddsa/tests.sh @@ -9,27 +9,28 @@ # See the COPYRIGHT file distributed with this work for additional # information regarding copyright ownership. -SYSTEMTESTTOP=.. -. $SYSTEMTESTTOP/conf.sh +set -e + +. "$SYSTEMTESTTOP/conf.sh" status=0 n=1 -rm -f dig.out.* - -DIGOPTS="+tcp +noau +noadd +nosea +nostat +nocmd +dnssec -p 5300" +dig_with_opts() { + "$DIG" +tcp +noau +noadd +nosea +nostat +nocmd +dnssec -p "$PORT" "$@" +} # Check the example. domain echo "I:checking that positive validation works ($n)" ret=0 -$DIG $DIGOPTS . @10.53.0.1 soa > dig.out.ns1.test$n || ret=1 -$DIG $DIGOPTS . @10.53.0.2 soa > dig.out.ns2.test$n || ret=1 +dig_with_opts . @10.53.0.1 soa > dig.out.ns1.test$n || ret=1 +dig_with_opts . @10.53.0.2 soa > dig.out.ns2.test$n || ret=1 $PERL ../digcomp.pl dig.out.ns1.test$n dig.out.ns2.test$n || ret=1 grep "flags:.*ad.*QUERY" dig.out.ns2.test$n > /dev/null || ret=1 -n=`expr $n + 1` +n=$((n+1)) if [ $ret != 0 ]; then echo "I:failed"; fi -status=`expr $status + $ret` +status=$((status+ret)) # Check test vectors (RFC 8080 + errata) @@ -39,9 +40,9 @@ grep 'oL9krJun7xfBOIWcGHi7mag5/hdZrKWw15jP' ns2/example.com.db.signed > /dev/nul grep 'VrbpMngwcrqNAg==' ns2/example.com.db.signed > /dev/null || ret=1 grep 'zXQ0bkYgQTEFyfLyi9QoiY6D8ZdYo4wyUhVi' ns2/example.com.db.signed > /dev/null || ret=1 grep 'R0O7KuI5k2pcBg==' ns2/example.com.db.signed > /dev/null || ret=1 -n=`expr $n + 1` +n=$((n+1)) if [ $ret != 0 ]; then echo "I:failed"; fi -status=`expr $status + $ret` +status=$((status+ret)) echo "I:checking that Ed448 test vectors match ($n)" ret=0 @@ -57,9 +58,9 @@ grep '4m0AsQ4f7qI1gVnML8vWWiyW2KXhT9kuAICU' ns2/example.com.db.signed > /dev/nul grep 'Sxv5OWbf81Rq7Yu60npabODB0QFPb/rkW3kU' ns2/example.com.db.signed > /dev/null || ret=1 grep 'ZmQ0YQUA' ns2/example.com.db.signed > /dev/null || ret=1 -n=`expr $n + 1` +n=$((n+1)) if [ $ret != 0 ]; then echo "I:failed"; fi -status=`expr $status + $ret` +status=$((status+ret)) echo "I:exit status: $status" [ $status -eq 0 ] || exit 1