summaryrefslogtreecommitdiffstats
path: root/bin/tests/system/coverage
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-05-05 18:37:14 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-05-05 18:37:14 +0000
commitea648e70a989cca190cd7403fe892fd2dcc290b4 (patch)
treee2b6b1c647da68b0d4d66082835e256eb30970e8 /bin/tests/system/coverage
parentInitial commit. (diff)
downloadbind9-ea648e70a989cca190cd7403fe892fd2dcc290b4.tar.xz
bind9-ea648e70a989cca190cd7403fe892fd2dcc290b4.zip
Adding upstream version 1:9.11.5.P4+dfsg.upstream/1%9.11.5.P4+dfsgupstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'bin/tests/system/coverage')
-rw-r--r--bin/tests/system/coverage/01-ksk-inactive/README10
-rw-r--r--bin/tests/system/coverage/01-ksk-inactive/expect6
-rw-r--r--bin/tests/system/coverage/02-zsk-inactive/README10
-rw-r--r--bin/tests/system/coverage/02-zsk-inactive/expect6
-rw-r--r--bin/tests/system/coverage/03-ksk-unpublished/README10
-rw-r--r--bin/tests/system/coverage/03-ksk-unpublished/expect8
-rw-r--r--bin/tests/system/coverage/04-zsk-unpublished/README10
-rw-r--r--bin/tests/system/coverage/04-zsk-unpublished/expect8
-rw-r--r--bin/tests/system/coverage/05-ksk-unpub-active/README12
-rw-r--r--bin/tests/system/coverage/05-ksk-unpub-active/expect8
-rw-r--r--bin/tests/system/coverage/06-zsk-unpub-active/README12
-rw-r--r--bin/tests/system/coverage/06-zsk-unpub-active/expect8
-rw-r--r--bin/tests/system/coverage/07-ksk-ttl/README4
-rw-r--r--bin/tests/system/coverage/07-ksk-ttl/expect9
-rw-r--r--bin/tests/system/coverage/08-zsk-ttl/README4
-rw-r--r--bin/tests/system/coverage/08-zsk-ttl/expect9
-rw-r--r--bin/tests/system/coverage/09-check-zsk/README6
-rw-r--r--bin/tests/system/coverage/09-check-zsk/expect6
-rw-r--r--bin/tests/system/coverage/10-check-ksk/README7
-rw-r--r--bin/tests/system/coverage/10-check-ksk/expect6
-rw-r--r--bin/tests/system/coverage/11-cutoff/README10
-rw-r--r--bin/tests/system/coverage/11-cutoff/expect6
-rw-r--r--bin/tests/system/coverage/clean.sh16
-rw-r--r--bin/tests/system/coverage/prereq.sh15
-rw-r--r--bin/tests/system/coverage/setup.sh131
-rw-r--r--bin/tests/system/coverage/tests.sh79
26 files changed, 416 insertions, 0 deletions
diff --git a/bin/tests/system/coverage/01-ksk-inactive/README b/bin/tests/system/coverage/01-ksk-inactive/README
new file mode 100644
index 0000000..8102593
--- /dev/null
+++ b/bin/tests/system/coverage/01-ksk-inactive/README
@@ -0,0 +1,10 @@
+This set includes one KSK rollover. The KSK is deactivated prior to
+its replacement being activated. Tool output should resemble:
+
+Checking KSK events for zone example.com, algorithm 7:
+ERROR: After 2012-31-Jul (20:59:14):
+ Inactive: example.com/007/45435 (KSK)
+No KSK's are active
+
+Checking ZSK events for zone example.com, algorithm 7:
+OK
diff --git a/bin/tests/system/coverage/01-ksk-inactive/expect b/bin/tests/system/coverage/01-ksk-inactive/expect
new file mode 100644
index 0000000..3d342b1
--- /dev/null
+++ b/bin/tests/system/coverage/01-ksk-inactive/expect
@@ -0,0 +1,6 @@
+args="-d 1h -m 2h"
+warn=0
+error=1
+ok=1
+retcode=1
+match="No KSK's are active"
diff --git a/bin/tests/system/coverage/02-zsk-inactive/README b/bin/tests/system/coverage/02-zsk-inactive/README
new file mode 100644
index 0000000..5d3fed1
--- /dev/null
+++ b/bin/tests/system/coverage/02-zsk-inactive/README
@@ -0,0 +1,10 @@
+This set includes one ZSK rollover. The first ZSK is deactivated
+prior to its replacement being activated. Tool output should resemble:
+
+Checking KSK events for zone example.com, algorithm 7:
+OK
+
+Checking ZSK events for zone example.com, algorithm 7:
+ERROR: After 2012-05-Dec (20:39:32):
+ Inactive: example.com/005/08376 (ZSK)
+No ZSK's are active
diff --git a/bin/tests/system/coverage/02-zsk-inactive/expect b/bin/tests/system/coverage/02-zsk-inactive/expect
new file mode 100644
index 0000000..a905b58
--- /dev/null
+++ b/bin/tests/system/coverage/02-zsk-inactive/expect
@@ -0,0 +1,6 @@
+args="-d 1h -m 2h"
+warn=0
+error=1
+ok=1
+retcode=1
+match="No ZSK's are active"
diff --git a/bin/tests/system/coverage/03-ksk-unpublished/README b/bin/tests/system/coverage/03-ksk-unpublished/README
new file mode 100644
index 0000000..7d8a301
--- /dev/null
+++ b/bin/tests/system/coverage/03-ksk-unpublished/README
@@ -0,0 +1,10 @@
+This set contains one KSK rollover. The KSK is unpublished before its
+successor is published. Tool output should resemble:
+
+Checking KSK events for zone example.com, algorithm 7:
+ERROR: After 2012-06-Oct (21:07:57):
+ Delete: example.com/007/23040 (KSK)
+No KSK's are published
+
+Checking ZSK events for zone example.com, algorithm 7:
+OK
diff --git a/bin/tests/system/coverage/03-ksk-unpublished/expect b/bin/tests/system/coverage/03-ksk-unpublished/expect
new file mode 100644
index 0000000..07bbff1
--- /dev/null
+++ b/bin/tests/system/coverage/03-ksk-unpublished/expect
@@ -0,0 +1,8 @@
+args="-d 1h -m 2h"
+warn=1
+error=1
+ok=1
+retcode=1
+match="WARNING: Key .* (KSK) is scheduled for
+deletion before inactivation
+No KSK's are published"
diff --git a/bin/tests/system/coverage/04-zsk-unpublished/README b/bin/tests/system/coverage/04-zsk-unpublished/README
new file mode 100644
index 0000000..5077abf
--- /dev/null
+++ b/bin/tests/system/coverage/04-zsk-unpublished/README
@@ -0,0 +1,10 @@
+This set contains one ZSK rollover. The ZSK is unpublished before its
+successor is published. Tool output should resemble:
+
+Checking KSK events for zone example.com, algorithm 7:
+OK
+
+Checking ZSK events for zone example.com, algorithm 7:
+ERROR: After 2012-06-Oct (21:13:45):
+ Delete: example.com/007/25967 (ZSK)
+No ZSK's are published
diff --git a/bin/tests/system/coverage/04-zsk-unpublished/expect b/bin/tests/system/coverage/04-zsk-unpublished/expect
new file mode 100644
index 0000000..450ec24
--- /dev/null
+++ b/bin/tests/system/coverage/04-zsk-unpublished/expect
@@ -0,0 +1,8 @@
+args="-d 1h -m 2h"
+warn=1
+error=1
+ok=1
+retcode=1
+match="WARNING: Key .* (ZSK) is scheduled for
+deletion before inactivation
+No ZSK's are published"
diff --git a/bin/tests/system/coverage/05-ksk-unpub-active/README b/bin/tests/system/coverage/05-ksk-unpub-active/README
new file mode 100644
index 0000000..119c1b2
--- /dev/null
+++ b/bin/tests/system/coverage/05-ksk-unpub-active/README
@@ -0,0 +1,12 @@
+This set includes one KSK rollover. The first KSK is deleted
+and its successor published prior to the first KSK being deactivated
+and its successor activated. Tool output should resemble:
+
+Checking KSK events for zone example.com, algorithm 7:
+ERROR: After 2012-05-Dec (21:22:19):
+ Delete: example.com/007/06219 (KSK)
+ Publish: example.com/007/20559 (KSK)
+No KSK's are both active and published
+
+Checking ZSK events for zone example.com, algorithm 7:
+OK
diff --git a/bin/tests/system/coverage/05-ksk-unpub-active/expect b/bin/tests/system/coverage/05-ksk-unpub-active/expect
new file mode 100644
index 0000000..2edfa0e
--- /dev/null
+++ b/bin/tests/system/coverage/05-ksk-unpub-active/expect
@@ -0,0 +1,8 @@
+args="-d 1h -m 2h"
+warn=1
+error=1
+ok=1
+retcode=1
+match="WARNING: Key .* (KSK) is scheduled for
+deletion before inactivation
+No KSK's are both active and published"
diff --git a/bin/tests/system/coverage/06-zsk-unpub-active/README b/bin/tests/system/coverage/06-zsk-unpub-active/README
new file mode 100644
index 0000000..84833f8
--- /dev/null
+++ b/bin/tests/system/coverage/06-zsk-unpub-active/README
@@ -0,0 +1,12 @@
+This set includes one KSK rollover. The first KSK is deleted
+and its successor published prior to the first KSK being deactivated
+and its successor activated. Tool output should resemble:
+
+Checking KSK events for zone example.com, algorithm 7:
+OK
+
+Checking ZSK events for zone example.com, algorithm 7:
+ERROR: After 2012-05-Dec (20:44:18):
+ Delete: example.com/007/26369 (ZSK)
+ Publish: example.com/007/21029 (ZSK)
+No ZSK's are both active and published
diff --git a/bin/tests/system/coverage/06-zsk-unpub-active/expect b/bin/tests/system/coverage/06-zsk-unpub-active/expect
new file mode 100644
index 0000000..0ef5b15
--- /dev/null
+++ b/bin/tests/system/coverage/06-zsk-unpub-active/expect
@@ -0,0 +1,8 @@
+args="-d 1h -m 2h"
+warn=1
+error=1
+ok=1
+retcode=1
+match="WARNING: Key .* (ZSK) is scheduled for
+deletion before inactivation
+No ZSK's are both active and published"
diff --git a/bin/tests/system/coverage/07-ksk-ttl/README b/bin/tests/system/coverage/07-ksk-ttl/README
new file mode 100644
index 0000000..2659099
--- /dev/null
+++ b/bin/tests/system/coverage/07-ksk-ttl/README
@@ -0,0 +1,4 @@
+This set includes a KSK rollover, with insufficient delay between
+prepublication and rollover.
+
+Expected tool output TBD.
diff --git a/bin/tests/system/coverage/07-ksk-ttl/expect b/bin/tests/system/coverage/07-ksk-ttl/expect
new file mode 100644
index 0000000..eade21a
--- /dev/null
+++ b/bin/tests/system/coverage/07-ksk-ttl/expect
@@ -0,0 +1,9 @@
+args="-d 1w -m 2w"
+warn=1
+error=0
+ok=2
+retcode=0
+match="WARNING: Key .* (KSK) is activated too soon
+after publication
+Activation should be at least 7 days after
+publication."
diff --git a/bin/tests/system/coverage/08-zsk-ttl/README b/bin/tests/system/coverage/08-zsk-ttl/README
new file mode 100644
index 0000000..2659099
--- /dev/null
+++ b/bin/tests/system/coverage/08-zsk-ttl/README
@@ -0,0 +1,4 @@
+This set includes a KSK rollover, with insufficient delay between
+prepublication and rollover.
+
+Expected tool output TBD.
diff --git a/bin/tests/system/coverage/08-zsk-ttl/expect b/bin/tests/system/coverage/08-zsk-ttl/expect
new file mode 100644
index 0000000..150c9cd
--- /dev/null
+++ b/bin/tests/system/coverage/08-zsk-ttl/expect
@@ -0,0 +1,9 @@
+args="-d 1w -m 2w"
+warn=1
+error=0
+ok=2
+retcode=0
+match="WARNING: Key .* (ZSK) is activated too soon
+after publication
+Activation should be at least 7 days after
+publication."
diff --git a/bin/tests/system/coverage/09-check-zsk/README b/bin/tests/system/coverage/09-check-zsk/README
new file mode 100644
index 0000000..bc5edc8
--- /dev/null
+++ b/bin/tests/system/coverage/09-check-zsk/README
@@ -0,0 +1,6 @@
+This set includes one KSK rollover. The KSK is deactivated prior to
+its replacement being activated; however, as we are only checking ZSK's,
+we should not detect the error. Tool output should resemble:
+
+Checking ZSK events for zone example.com, algorithm 7:
+OK
diff --git a/bin/tests/system/coverage/09-check-zsk/expect b/bin/tests/system/coverage/09-check-zsk/expect
new file mode 100644
index 0000000..d56c4bf
--- /dev/null
+++ b/bin/tests/system/coverage/09-check-zsk/expect
@@ -0,0 +1,6 @@
+args="-z -d 1h -m 2h"
+warn=0
+error=0
+ok=1
+retcode=0
+match=""
diff --git a/bin/tests/system/coverage/10-check-ksk/README b/bin/tests/system/coverage/10-check-ksk/README
new file mode 100644
index 0000000..948364d
--- /dev/null
+++ b/bin/tests/system/coverage/10-check-ksk/README
@@ -0,0 +1,7 @@
+This set includes one ZSK rollover. The first ZSK is deactivated
+prior to its replacement being activated; however, as we are only
+checking KSKs, we should not detect the error. Tool output should
+resemble:
+
+Checking KSK events for zone example.com, algorithm 7:
+OK
diff --git a/bin/tests/system/coverage/10-check-ksk/expect b/bin/tests/system/coverage/10-check-ksk/expect
new file mode 100644
index 0000000..a03d2aa
--- /dev/null
+++ b/bin/tests/system/coverage/10-check-ksk/expect
@@ -0,0 +1,6 @@
+args="-k -d 1h -m 2h"
+warn=0
+error=0
+ok=1
+retcode=0
+match=""
diff --git a/bin/tests/system/coverage/11-cutoff/README b/bin/tests/system/coverage/11-cutoff/README
new file mode 100644
index 0000000..8102593
--- /dev/null
+++ b/bin/tests/system/coverage/11-cutoff/README
@@ -0,0 +1,10 @@
+This set includes one KSK rollover. The KSK is deactivated prior to
+its replacement being activated. Tool output should resemble:
+
+Checking KSK events for zone example.com, algorithm 7:
+ERROR: After 2012-31-Jul (20:59:14):
+ Inactive: example.com/007/45435 (KSK)
+No KSK's are active
+
+Checking ZSK events for zone example.com, algorithm 7:
+OK
diff --git a/bin/tests/system/coverage/11-cutoff/expect b/bin/tests/system/coverage/11-cutoff/expect
new file mode 100644
index 0000000..bdf29d0
--- /dev/null
+++ b/bin/tests/system/coverage/11-cutoff/expect
@@ -0,0 +1,6 @@
+args="-l 1y -d 1h -m 2h"
+warn=0
+error=0
+ok=2
+retcode=0
+match=""
diff --git a/bin/tests/system/coverage/clean.sh b/bin/tests/system/coverage/clean.sh
new file mode 100644
index 0000000..253e8aa
--- /dev/null
+++ b/bin/tests/system/coverage/clean.sh
@@ -0,0 +1,16 @@
+#!/bin/sh
+#
+# Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+#
+# See the COPYRIGHT file distributed with this work for additional
+# information regarding copyright ownership.
+
+rm -f named-compilezone
+rm -f */K*.key
+rm -f */K*.private
+rm -rf coverage.*
+rm -f ns*/named.lock
diff --git a/bin/tests/system/coverage/prereq.sh b/bin/tests/system/coverage/prereq.sh
new file mode 100644
index 0000000..a0d4e9c
--- /dev/null
+++ b/bin/tests/system/coverage/prereq.sh
@@ -0,0 +1,15 @@
+#!/bin/sh
+#
+# Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+#
+# See the COPYRIGHT file distributed with this work for additional
+# information regarding copyright ownership.
+
+SYSTEMTESTTOP=..
+. $SYSTEMTESTTOP/conf.sh
+
+exec $SHELL ../testcrypto.sh
diff --git a/bin/tests/system/coverage/setup.sh b/bin/tests/system/coverage/setup.sh
new file mode 100644
index 0000000..84ca137
--- /dev/null
+++ b/bin/tests/system/coverage/setup.sh
@@ -0,0 +1,131 @@
+#!/bin/sh
+#
+# Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+#
+# See the COPYRIGHT file distributed with this work for additional
+# information regarding copyright ownership.
+
+SYSTEMTESTTOP=..
+. $SYSTEMTESTTOP/conf.sh
+
+KEYGEN="$KEYGEN -qr $RANDFILE"
+
+$SHELL clean.sh
+
+ln -s $CHECKZONE named-compilezone
+
+# Test 1: KSK goes inactive before successor is active
+dir=01-ksk-inactive
+rm -f $dir/K*.key
+rm -f $dir/K*.private
+ksk1=`$KEYGEN -K $dir -3fk example.com`
+$SETTIME -K $dir -I +9mo -D +1y $ksk1 > /dev/null 2>&1
+ksk2=`$KEYGEN -K $dir -S $ksk1`
+$SETTIME -K $dir -I +7mo $ksk1 > /dev/null 2>&1
+zsk1=`$KEYGEN -K $dir -3 example.com`
+
+# Test 2: ZSK goes inactive before successor is active
+dir=02-zsk-inactive
+rm -f $dir/K*.key
+rm -f $dir/K*.private
+zsk1=`$KEYGEN -K $dir -3 example.com`
+$SETTIME -K $dir -I +9mo -D +1y $zsk1 > /dev/null 2>&1
+zsk2=`$KEYGEN -K $dir -S $zsk1`
+$SETTIME -K $dir -I +7mo $zsk1 > /dev/null 2>&1
+ksk1=`$KEYGEN -K $dir -3fk example.com`
+
+# Test 3: KSK is unpublished before its successor is published
+dir=03-ksk-unpublished
+rm -f $dir/K*.key
+rm -f $dir/K*.private
+ksk1=`$KEYGEN -K $dir -3fk example.com`
+$SETTIME -K $dir -I +9mo -D +1y $ksk1 > /dev/null 2>&1
+ksk2=`$KEYGEN -K $dir -S $ksk1`
+$SETTIME -K $dir -D +6mo $ksk1 > /dev/null 2>&1
+zsk1=`$KEYGEN -K $dir -3 example.com`
+
+# Test 4: ZSK is unpublished before its successor is published
+dir=04-zsk-unpublished
+rm -f $dir/K*.key
+rm -f $dir/K*.private
+zsk1=`$KEYGEN -K $dir -3 example.com`
+$SETTIME -K $dir -I +9mo -D +1y $zsk1 > /dev/null 2>&1
+zsk2=`$KEYGEN -K $dir -S $zsk1`
+$SETTIME -K $dir -D +6mo $zsk1 > /dev/null 2>&1
+ksk1=`$KEYGEN -K $dir -3fk example.com`
+
+# Test 5: KSK deleted and successor published before KSK is deactivated
+# and successor activated.
+dir=05-ksk-unpub-active
+rm -f $dir/K*.key
+rm -f $dir/K*.private
+ksk1=`$KEYGEN -K $dir -3fk example.com`
+$SETTIME -K $dir -I +9mo -D +8mo $ksk1 > /dev/null 2>&1
+ksk2=`$KEYGEN -K $dir -S $ksk1`
+zsk1=`$KEYGEN -K $dir -3 example.com`
+
+# Test 6: ZSK deleted and successor published before ZSK is deactivated
+# and successor activated.
+dir=06-zsk-unpub-active
+rm -f $dir/K*.key
+rm -f $dir/K*.private
+zsk1=`$KEYGEN -K $dir -3 example.com`
+$SETTIME -K $dir -I +9mo -D +8mo $zsk1 > /dev/null 2>&1
+zsk2=`$KEYGEN -K $dir -S $zsk1`
+ksk1=`$KEYGEN -K $dir -3fk example.com`
+
+# Test 7: KSK rolled with insufficient delay after prepublication.
+dir=07-ksk-ttl
+rm -f $dir/K*.key
+rm -f $dir/K*.private
+ksk1=`$KEYGEN -K $dir -3fk example.com`
+$SETTIME -K $dir -I +9mo -D +1y $ksk1 > /dev/null 2>&1
+ksk2=`$KEYGEN -K $dir -S $ksk1`
+# allow only 1 day between publication and activation
+$SETTIME -K $dir -P +269d $ksk2 > /dev/null 2>&1
+zsk1=`$KEYGEN -K $dir -3 example.com`
+
+# Test 8: ZSK rolled with insufficient delay after prepublication.
+dir=08-zsk-ttl
+rm -f $dir/K*.key
+rm -f $dir/K*.private
+zsk1=`$KEYGEN -K $dir -3 example.com`
+$SETTIME -K $dir -I +9mo -D +1y $zsk1 > /dev/null 2>&1
+zsk2=`$KEYGEN -K $dir -S $zsk1`
+# allow only 1 day between publication and activation
+$SETTIME -K $dir -P +269d $zsk2 > /dev/null 2>&1
+ksk1=`$KEYGEN -K $dir -3fk example.com`
+
+# Test 9: KSK goes inactive before successor is active, but checking ZSKs
+dir=09-check-zsk
+rm -f $dir/K*.key
+rm -f $dir/K*.private
+ksk1=`$KEYGEN -K $dir -3fk example.com`
+$SETTIME -K $dir -I +9mo -D +1y $ksk1 > /dev/null 2>&1
+ksk2=`$KEYGEN -K $dir -S $ksk1`
+$SETTIME -K $dir -I +7mo $ksk1 > /dev/null 2>&1
+zsk1=`$KEYGEN -K $dir -3 example.com`
+
+# Test 10: ZSK goes inactive before successor is active, but checking KSKs
+dir=10-check-ksk
+rm -f $dir/K*.key
+rm -f $dir/K*.private
+zsk1=`$KEYGEN -K $dir -3 example.com`
+$SETTIME -K $dir -I +9mo -D +1y $zsk1 > /dev/null 2>&1
+zsk2=`$KEYGEN -K $dir -S $zsk1`
+$SETTIME -K $dir -I +7mo $zsk1 > /dev/null 2>&1
+ksk1=`$KEYGEN -K $dir -3fk example.com`
+
+# Test 11: ZSK goes inactive before successor is active, but after cutoff
+dir=11-cutoff
+rm -f $dir/K*.key
+rm -f $dir/K*.private
+zsk1=`$KEYGEN -K $dir -3 example.com`
+$SETTIME -K $dir -I +18mo -D +2y $zsk1 > /dev/null 2>&1
+zsk2=`$KEYGEN -K $dir -S $zsk1`
+$SETTIME -K $dir -I +16mo $zsk1 > /dev/null 2>&1
+ksk1=`$KEYGEN -K $dir -3fk example.com`
diff --git a/bin/tests/system/coverage/tests.sh b/bin/tests/system/coverage/tests.sh
new file mode 100644
index 0000000..c5ba211
--- /dev/null
+++ b/bin/tests/system/coverage/tests.sh
@@ -0,0 +1,79 @@
+#!/bin/sh
+#
+# Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+#
+# See the COPYRIGHT file distributed with this work for additional
+# information regarding copyright ownership.
+
+SYSTEMTESTTOP=..
+. $SYSTEMTESTTOP/conf.sh
+
+COVERAGE="$COVERAGE -c ./named-compilezone"
+
+status=0
+n=1
+
+matchall () {
+ file=$1
+ echo "$2" | while read matchline; do
+ grep "$matchline" $file > /dev/null 2>&1 || {
+ echo "FAIL"
+ return
+ }
+ done
+}
+
+echo_i "checking for DNSSEC key coverage issues"
+ret=0
+for dir in [0-9][0-9]-*; do
+ ret=0
+ echo_i "$dir"
+ args= warn= error= ok= retcode= match=
+ . $dir/expect
+ $COVERAGE $args -K $dir example.com > coverage.$n 2>&1
+
+ # check that return code matches expectations
+ found=$?
+ if [ $found -ne $retcode ]; then
+ echo "retcode was $found expected $retcode"
+ ret=1
+ fi
+
+ # check for correct number of errors
+ found=`grep ERROR coverage.$n | wc -l`
+ if [ $found -ne $error ]; then
+ echo "error count was $found expected $error"
+ ret=1
+ fi
+
+ # check for correct number of warnings
+ found=`grep WARNING coverage.$n | wc -l`
+ if [ $found -ne $warn ]; then
+ echo "warning count was $found expected $warn"
+ ret=1
+ fi
+
+ # check for correct number of OKs
+ found=`grep "No errors found" coverage.$n | wc -l`
+ if [ $found -ne $ok ]; then
+ echo "good count was $found expected $ok"
+ ret=1
+ fi
+
+ found=`matchall coverage.$n "$match"`
+ if [ "$found" = "FAIL" ]; then
+ echo "no match on '$match'"
+ ret=1
+ fi
+
+ n=`expr $n + 1`
+ if [ $ret != 0 ]; then echo_i "failed"; fi
+ status=`expr $status + $ret`
+done
+
+echo_i "exit status: $status"
+[ $status -eq 0 ] || exit 1