summaryrefslogtreecommitdiffstats
path: root/bin/tests/system/keymgr/tests.sh
blob: 88b43d90fb4b00b4157eed27831106b621db56df (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
#!/bin/sh
#
# Copyright (C) Internet Systems Consortium, Inc. ("ISC")
#
# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
#
# See the COPYRIGHT file distributed with this work for additional
# information regarding copyright ownership.

SYSTEMTESTTOP=..
. $SYSTEMTESTTOP/conf.sh

status=0
n=1

matchall () {
    file=$1
    echo "$2" | while read matchline; do
        grep "$matchline" $file > /dev/null 2>&1 || {
            echo "FAIL"
            return
        }
    done
}

echo_i "checking for DNSSEC key coverage issues"
ret=0
for dir in [0-9][0-9]-*; do
        ret=0
        echo_i "$dir ($n)"
        kargs= cargs= kmatch= cmatch= kret= cret=0 warn= error= ok=
        . $dir/expect

        # use policy.conf if available
        policy=""
        [ -e "$dir/policy.conf" ] && policy="-c $dir/policy.conf"
        # run keymgr to update keys
	if [ "$CYGWIN" ]; then
            $KEYMGR $policy -K $dir -g `cygpath -w $KEYGEN` -r $RANDFILE \
		-s `cygpath -w $SETTIME` $kargs > keymgr.$n 2>&1
	else
	    $KEYMGR $policy -K $dir -g $KEYGEN -r $RANDFILE \
		-s $SETTIME $kargs > keymgr.$n 2>&1
	fi
        # check that return code matches expectations
        found=$?
        if [ $found -ne $kret ]; then
            echo "keymgr retcode was $found expected $kret"
            ret=1
        fi

        found=`matchall keymgr.$n "$kmatch"`
        if [ "$found" = "FAIL" ]; then
            echo "no match on '$kmatch'"
            ret=1
        fi

        # now check coverage
        $COVERAGE -K $dir $cargs > coverage.$n 2>&1
        # check that return code matches expectations
        found=$?
        if [ $found -ne $cret ]; then
            echo "coverage retcode was $found expected $cret"
            ret=1
        fi

        # check for correct number of errors
        found=`grep ERROR coverage.$n | wc -l`
        if [ $found -ne $error ]; then
            echo "error count was $found expected $error"
            ret=1
        fi

        # check for correct number of warnings
        found=`grep WARNING coverage.$n | wc -l`
        if [ $found -ne $warn ]; then
            echo "warning count was $found expected $warn"
            ret=1
        fi

        # check for correct number of OKs
        found=`grep "No errors found" coverage.$n | wc -l`
        if [ $found -ne $ok ]; then
            echo "good count was $found expected $ok"
            ret=1
        fi

        found=`matchall coverage.$n "$cmatch"`
        if [ "$found" = "FAIL" ]; then
            echo "no match on '$cmatch'"
            ret=1
        fi

        n=`expr $n + 1`
        if [ $ret != 0 ]; then echo_i "failed"; fi
        status=`expr $status + $ret`
done

echo_i "checking policy.conf parser ($n)"
ret=0
${PYTHON} testpolicy.py policy.sample > policy.out
$DOS2UNIX policy.out > /dev/null
cmp -s policy.good policy.out || ret=1
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
n=`expr $n + 1`

echo_i "exit status: $status"
[ $status -eq 0 ] || exit 1