summaryrefslogtreecommitdiffstats
path: root/bin/tests/system/keymgr
diff options
context:
space:
mode:
Diffstat (limited to 'bin/tests/system/keymgr')
-rw-r--r--bin/tests/system/keymgr/19-old-keys/extra.sh16
-rw-r--r--bin/tests/system/keymgr/setup.sh184
-rw-r--r--bin/tests/system/keymgr/tests.sh207
3 files changed, 203 insertions, 204 deletions
diff --git a/bin/tests/system/keymgr/19-old-keys/extra.sh b/bin/tests/system/keymgr/19-old-keys/extra.sh
index 502d951..1533658 100644
--- a/bin/tests/system/keymgr/19-old-keys/extra.sh
+++ b/bin/tests/system/keymgr/19-old-keys/extra.sh
@@ -11,13 +11,13 @@
# See the COPYRIGHT file distributed with this work for additional
# information regarding copyright ownership.
-now=`$PERL -e 'print time()."\n";'`
+now=$($PERL -e 'print time()."\n";')
for keyfile in K*.key; do
- inactive=`$SETTIME -upI $keyfile | awk '{print $2}'`
- if [ "$inactive" = UNSET ]; then
- continue
- elif [ "$inactive" -lt "$now" ]; then
- echo_d "inactive date is in the past"
- ret=1
- fi
+ inactive=$($SETTIME -upI $keyfile | awk '{print $2}')
+ if [ "$inactive" = UNSET ]; then
+ continue
+ elif [ "$inactive" -lt "$now" ]; then
+ echo_d "inactive date is in the past"
+ ret=1
+ fi
done
diff --git a/bin/tests/system/keymgr/setup.sh b/bin/tests/system/keymgr/setup.sh
index d7cef0c..97a6abe 100644
--- a/bin/tests/system/keymgr/setup.sh
+++ b/bin/tests/system/keymgr/setup.sh
@@ -19,173 +19,173 @@ KEYGEN="$KEYGEN -q"
# Test 1: KSK goes inactive before successor is active
dir=01-ksk-inactive
echo_i "set up $dir"
-ksk1=`$KEYGEN -K $dir -a ${DEFAULT_ALGORITHM} -3fk example.com`
-$SETTIME -K $dir -I +9mo -D +1y $ksk1 > /dev/null 2>&1
-ksk2=`$KEYGEN -K $dir -S $ksk1`
-$SETTIME -K $dir -I +7mo $ksk1 > /dev/null 2>&1
-zsk1=`$KEYGEN -K $dir -a ${DEFAULT_ALGORITHM} -3 example.com`
+ksk1=$($KEYGEN -K $dir -a ${DEFAULT_ALGORITHM} -3fk example.com)
+$SETTIME -K $dir -I +9mo -D +1y $ksk1 >/dev/null 2>&1
+ksk2=$($KEYGEN -K $dir -S $ksk1)
+$SETTIME -K $dir -I +7mo $ksk1 >/dev/null 2>&1
+zsk1=$($KEYGEN -K $dir -a ${DEFAULT_ALGORITHM} -3 example.com)
# Test 2: ZSK goes inactive before successor is active
dir=02-zsk-inactive
echo_i "set up $dir"
-zsk1=`$KEYGEN -K $dir -a ${DEFAULT_ALGORITHM} -3 example.com`
-$SETTIME -K $dir -I +9mo -D +1y $zsk1 > /dev/null 2>&1
-zsk2=`$KEYGEN -K $dir -S $zsk1`
-$SETTIME -K $dir -I +7mo $zsk1 > /dev/null 2>&1
-ksk1=`$KEYGEN -K $dir -a ${DEFAULT_ALGORITHM} -3fk example.com`
+zsk1=$($KEYGEN -K $dir -a ${DEFAULT_ALGORITHM} -3 example.com)
+$SETTIME -K $dir -I +9mo -D +1y $zsk1 >/dev/null 2>&1
+zsk2=$($KEYGEN -K $dir -S $zsk1)
+$SETTIME -K $dir -I +7mo $zsk1 >/dev/null 2>&1
+ksk1=$($KEYGEN -K $dir -a ${DEFAULT_ALGORITHM} -3fk example.com)
# Test 3: KSK is unpublished before its successor is published
dir=03-ksk-unpublished
echo_i "set up $dir"
-ksk1=`$KEYGEN -K $dir -a ${DEFAULT_ALGORITHM} -3fk example.com`
-$SETTIME -K $dir -I +9mo -D +1y $ksk1 > /dev/null 2>&1
-ksk2=`$KEYGEN -K $dir -S $ksk1`
-$SETTIME -K $dir -D +6mo $ksk1 > /dev/null 2>&1
-zsk1=`$KEYGEN -K $dir -a ${DEFAULT_ALGORITHM} -3 example.com`
+ksk1=$($KEYGEN -K $dir -a ${DEFAULT_ALGORITHM} -3fk example.com)
+$SETTIME -K $dir -I +9mo -D +1y $ksk1 >/dev/null 2>&1
+ksk2=$($KEYGEN -K $dir -S $ksk1)
+$SETTIME -K $dir -D +6mo $ksk1 >/dev/null 2>&1
+zsk1=$($KEYGEN -K $dir -a ${DEFAULT_ALGORITHM} -3 example.com)
# Test 4: ZSK is unpublished before its successor is published
dir=04-zsk-unpublished
echo_i "set up $dir"
-zsk1=`$KEYGEN -K $dir -a ${DEFAULT_ALGORITHM} -3 example.com`
-$SETTIME -K $dir -I +9mo -D +1y $zsk1 > /dev/null 2>&1
-zsk2=`$KEYGEN -K $dir -S $zsk1`
-$SETTIME -K $dir -D +6mo $zsk1 > /dev/null 2>&1
-ksk1=`$KEYGEN -K $dir -a ${DEFAULT_ALGORITHM} -3fk example.com`
+zsk1=$($KEYGEN -K $dir -a ${DEFAULT_ALGORITHM} -3 example.com)
+$SETTIME -K $dir -I +9mo -D +1y $zsk1 >/dev/null 2>&1
+zsk2=$($KEYGEN -K $dir -S $zsk1)
+$SETTIME -K $dir -D +6mo $zsk1 >/dev/null 2>&1
+ksk1=$($KEYGEN -K $dir -a ${DEFAULT_ALGORITHM} -3fk example.com)
# Test 5: KSK deleted and successor published before KSK is deactivated
# and successor activated.
dir=05-ksk-unpub-active
echo_i "set up $dir"
-ksk1=`$KEYGEN -K $dir -a ${DEFAULT_ALGORITHM} -3fk example.com`
-$SETTIME -K $dir -I +9mo -D +8mo $ksk1 > /dev/null 2>&1
-ksk2=`$KEYGEN -K $dir -S $ksk1`
-zsk1=`$KEYGEN -K $dir -a ${DEFAULT_ALGORITHM} -3 example.com`
+ksk1=$($KEYGEN -K $dir -a ${DEFAULT_ALGORITHM} -3fk example.com)
+$SETTIME -K $dir -I +9mo -D +8mo $ksk1 >/dev/null 2>&1
+ksk2=$($KEYGEN -K $dir -S $ksk1)
+zsk1=$($KEYGEN -K $dir -a ${DEFAULT_ALGORITHM} -3 example.com)
# Test 6: ZSK deleted and successor published before ZSK is deactivated
# and successor activated.
dir=06-zsk-unpub-active
echo_i "set up $dir"
-zsk1=`$KEYGEN -K $dir -a ${DEFAULT_ALGORITHM} -3 example.com`
-$SETTIME -K $dir -I +9mo -D +8mo $zsk1 > /dev/null 2>&1
-zsk2=`$KEYGEN -K $dir -S $zsk1`
-ksk1=`$KEYGEN -K $dir -a ${DEFAULT_ALGORITHM} -3fk example.com`
+zsk1=$($KEYGEN -K $dir -a ${DEFAULT_ALGORITHM} -3 example.com)
+$SETTIME -K $dir -I +9mo -D +8mo $zsk1 >/dev/null 2>&1
+zsk2=$($KEYGEN -K $dir -S $zsk1)
+ksk1=$($KEYGEN -K $dir -a ${DEFAULT_ALGORITHM} -3fk example.com)
# Test 7: KSK rolled with insufficient delay after prepublication.
dir=07-ksk-ttl
echo_i "set up $dir"
-ksk1=`$KEYGEN -K $dir -a ${DEFAULT_ALGORITHM} -3fk example.com`
-$SETTIME -K $dir -I +9mo -D +1y $ksk1 > /dev/null 2>&1
-ksk2=`$KEYGEN -K $dir -S $ksk1`
-$SETTIME -K $dir -P +269d $ksk2 > /dev/null 2>&1
-zsk1=`$KEYGEN -K $dir -a ${DEFAULT_ALGORITHM} -3 example.com`
+ksk1=$($KEYGEN -K $dir -a ${DEFAULT_ALGORITHM} -3fk example.com)
+$SETTIME -K $dir -I +9mo -D +1y $ksk1 >/dev/null 2>&1
+ksk2=$($KEYGEN -K $dir -S $ksk1)
+$SETTIME -K $dir -P +269d $ksk2 >/dev/null 2>&1
+zsk1=$($KEYGEN -K $dir -a ${DEFAULT_ALGORITHM} -3 example.com)
# Test 8: ZSK rolled with insufficient delay after prepublication.
dir=08-zsk-ttl
echo_i "set up $dir"
-zsk1=`$KEYGEN -K $dir -a ${DEFAULT_ALGORITHM} -3 example.com`
-$SETTIME -K $dir -I +9mo -D +1y $zsk1 > /dev/null 2>&1
-zsk2=`$KEYGEN -K $dir -S $zsk1`
+zsk1=$($KEYGEN -K $dir -a ${DEFAULT_ALGORITHM} -3 example.com)
+$SETTIME -K $dir -I +9mo -D +1y $zsk1 >/dev/null 2>&1
+zsk2=$($KEYGEN -K $dir -S $zsk1)
# allow only 1 day between publication and activation
-$SETTIME -K $dir -P +269d $zsk2 > /dev/null 2>&1
-ksk1=`$KEYGEN -K $dir -a ${DEFAULT_ALGORITHM} -3fk example.com`
+$SETTIME -K $dir -P +269d $zsk2 >/dev/null 2>&1
+ksk1=$($KEYGEN -K $dir -a ${DEFAULT_ALGORITHM} -3fk example.com)
# Test 9: No special preparation needed
# Test 10: Valid key set, but rollover period has changed
dir=10-change-roll
echo_i "set up $dir"
-ksk1=`$KEYGEN -K $dir -a ${DEFAULT_ALGORITHM} -3fk example.com`
-zsk1=`$KEYGEN -K $dir -a ${DEFAULT_ALGORITHM} -3 example.com`
-$SETTIME -K $dir -I +3mo -D +4mo $zsk1 > /dev/null 2>&1
-zsk2=`$KEYGEN -K $dir -S $zsk1`
+ksk1=$($KEYGEN -K $dir -a ${DEFAULT_ALGORITHM} -3fk example.com)
+zsk1=$($KEYGEN -K $dir -a ${DEFAULT_ALGORITHM} -3 example.com)
+$SETTIME -K $dir -I +3mo -D +4mo $zsk1 >/dev/null 2>&1
+zsk2=$($KEYGEN -K $dir -S $zsk1)
# Test 11: Many keys all simultaneously scheduled to be active in the future
dir=11-many-simul
echo_i "set up $dir"
-k1=`$KEYGEN -K $dir -a ${DEFAULT_ALGORITHM} -q3fk -P now+1mo -A now+1mo example.com`
-z1=`$KEYGEN -K $dir -a ${DEFAULT_ALGORITHM} -q3 -P now+1mo -A now+1mo example.com`
-z2=`$KEYGEN -K $dir -a ${DEFAULT_ALGORITHM} -q3 -P now+1mo -A now+1mo example.com`
-z3=`$KEYGEN -K $dir -a ${DEFAULT_ALGORITHM} -q3 -P now+1mo -A now+1mo example.com`
-z4=`$KEYGEN -K $dir -a ${DEFAULT_ALGORITHM} -q3 -P now+1mo -A now+1mo example.com`
+k1=$($KEYGEN -K $dir -a ${DEFAULT_ALGORITHM} -q3fk -P now+1mo -A now+1mo example.com)
+z1=$($KEYGEN -K $dir -a ${DEFAULT_ALGORITHM} -q3 -P now+1mo -A now+1mo example.com)
+z2=$($KEYGEN -K $dir -a ${DEFAULT_ALGORITHM} -q3 -P now+1mo -A now+1mo example.com)
+z3=$($KEYGEN -K $dir -a ${DEFAULT_ALGORITHM} -q3 -P now+1mo -A now+1mo example.com)
+z4=$($KEYGEN -K $dir -a ${DEFAULT_ALGORITHM} -q3 -P now+1mo -A now+1mo example.com)
# Test 12: Many keys all simultaneously scheduled to be active in the past
dir=12-many-active
echo_i "set up $dir"
-k1=`$KEYGEN -K $dir -a ${DEFAULT_ALGORITHM} -q3fk example.com`
-z1=`$KEYGEN -K $dir -a ${DEFAULT_ALGORITHM} -q3 example.com`
-z2=`$KEYGEN -K $dir -a ${DEFAULT_ALGORITHM} -q3 example.com`
-z3=`$KEYGEN -K $dir -a ${DEFAULT_ALGORITHM} -q3 example.com`
-z4=`$KEYGEN -K $dir -a ${DEFAULT_ALGORITHM} -q3 example.com`
+k1=$($KEYGEN -K $dir -a ${DEFAULT_ALGORITHM} -q3fk example.com)
+z1=$($KEYGEN -K $dir -a ${DEFAULT_ALGORITHM} -q3 example.com)
+z2=$($KEYGEN -K $dir -a ${DEFAULT_ALGORITHM} -q3 example.com)
+z3=$($KEYGEN -K $dir -a ${DEFAULT_ALGORITHM} -q3 example.com)
+z4=$($KEYGEN -K $dir -a ${DEFAULT_ALGORITHM} -q3 example.com)
# Test 13: Multiple simultaneous keys with no configured roll period
dir=13-noroll
echo_i "set up $dir"
-k1=`$KEYGEN -K $dir -a ${DEFAULT_ALGORITHM} -q3fk example.com`
-k2=`$KEYGEN -K $dir -a ${DEFAULT_ALGORITHM} -q3fk example.com`
-k3=`$KEYGEN -K $dir -a ${DEFAULT_ALGORITHM} -q3fk example.com`
-z1=`$KEYGEN -K $dir -a ${DEFAULT_ALGORITHM} -q3 example.com`
+k1=$($KEYGEN -K $dir -a ${DEFAULT_ALGORITHM} -q3fk example.com)
+k2=$($KEYGEN -K $dir -a ${DEFAULT_ALGORITHM} -q3fk example.com)
+k3=$($KEYGEN -K $dir -a ${DEFAULT_ALGORITHM} -q3fk example.com)
+z1=$($KEYGEN -K $dir -a ${DEFAULT_ALGORITHM} -q3 example.com)
# Test 14: Keys exist but have the wrong algorithm
dir=14-wrongalg
echo_i "set up $dir"
-k1=`$KEYGEN -K $dir -a ${ALTERNATIVE_ALGORITHM} -qfk example.com`
-z1=`$KEYGEN -K $dir -a ${ALTERNATIVE_ALGORITHM} -q example.com`
-$SETTIME -K $dir -I now+6mo -D now+8mo $z1 > /dev/null
-z2=`$KEYGEN -K $dir -q -S ${z1}.key`
-$SETTIME -K $dir -I now+1y -D now+14mo $z2 > /dev/null
-z3=`$KEYGEN -K $dir -q -S ${z2}.key`
-$SETTIME -K $dir -I now+18mo -D now+20mo $z3 > /dev/null
-z4=`$KEYGEN -K $dir -q -S ${z3}.key`
+k1=$($KEYGEN -K $dir -a ${ALTERNATIVE_ALGORITHM} -qfk example.com)
+z1=$($KEYGEN -K $dir -a ${ALTERNATIVE_ALGORITHM} -q example.com)
+$SETTIME -K $dir -I now+6mo -D now+8mo $z1 >/dev/null
+z2=$($KEYGEN -K $dir -q -S ${z1}.key)
+$SETTIME -K $dir -I now+1y -D now+14mo $z2 >/dev/null
+z3=$($KEYGEN -K $dir -q -S ${z2}.key)
+$SETTIME -K $dir -I now+18mo -D now+20mo $z3 >/dev/null
+z4=$($KEYGEN -K $dir -q -S ${z3}.key)
# Test 15: No zones specified; just search the directory for keys
dir=15-unspec
echo_i "set up $dir"
-k1=`$KEYGEN -K $dir -a ${DEFAULT_ALGORITHM} -q3fk example.com`
-z1=`$KEYGEN -K $dir -a ${DEFAULT_ALGORITHM} -q3 example.com`
-$SETTIME -K $dir -I now+6mo -D now+8mo $z1 > /dev/null
-z2=`$KEYGEN -K $dir -q -S ${z1}.key`
-$SETTIME -K $dir -I now+1y -D now+14mo $z2 > /dev/null
-z3=`$KEYGEN -K $dir -q -S ${z2}.key`
-$SETTIME -K $dir -I now+18mo -D now+20mo $z3 > /dev/null
-z4=`$KEYGEN -K $dir -q -S ${z3}.key`
+k1=$($KEYGEN -K $dir -a ${DEFAULT_ALGORITHM} -q3fk example.com)
+z1=$($KEYGEN -K $dir -a ${DEFAULT_ALGORITHM} -q3 example.com)
+$SETTIME -K $dir -I now+6mo -D now+8mo $z1 >/dev/null
+z2=$($KEYGEN -K $dir -q -S ${z1}.key)
+$SETTIME -K $dir -I now+1y -D now+14mo $z2 >/dev/null
+z3=$($KEYGEN -K $dir -q -S ${z2}.key)
+$SETTIME -K $dir -I now+18mo -D now+20mo $z3 >/dev/null
+z4=$($KEYGEN -K $dir -q -S ${z3}.key)
# Test 16: No zones specified; search the directory for keys;
# keys have the wrong algorithm for their policies
dir=16-wrongalg-unspec
echo_i "set up $dir"
-k1=`$KEYGEN -K $dir -a ${ALTERNATIVE_ALGORITHM} -qfk example.com`
-z1=`$KEYGEN -K $dir -a ${ALTERNATIVE_ALGORITHM} -q example.com`
-$SETTIME -K $dir -I now+6mo -D now+8mo $z1 > /dev/null
-z2=`$KEYGEN -K $dir -q -S ${z1}.key`
-$SETTIME -K $dir -I now+1y -D now+14mo $z2 > /dev/null
-z3=`$KEYGEN -K $dir -q -S ${z2}.key`
-$SETTIME -K $dir -I now+18mo -D now+20mo $z3 > /dev/null
-z4=`$KEYGEN -K $dir -q -S ${z3}.key`
+k1=$($KEYGEN -K $dir -a ${ALTERNATIVE_ALGORITHM} -qfk example.com)
+z1=$($KEYGEN -K $dir -a ${ALTERNATIVE_ALGORITHM} -q example.com)
+$SETTIME -K $dir -I now+6mo -D now+8mo $z1 >/dev/null
+z2=$($KEYGEN -K $dir -q -S ${z1}.key)
+$SETTIME -K $dir -I now+1y -D now+14mo $z2 >/dev/null
+z3=$($KEYGEN -K $dir -q -S ${z2}.key)
+$SETTIME -K $dir -I now+18mo -D now+20mo $z3 >/dev/null
+z4=$($KEYGEN -K $dir -q -S ${z3}.key)
# Test 17: Keys are simultaneously active but we run with no force
# flag (this should fail)
dir=17-noforce
echo_i "set up $dir"
-k1=`$KEYGEN -K $dir -a ${DEFAULT_ALGORITHM} -q3fk example.com`
-z1=`$KEYGEN -K $dir -a ${DEFAULT_ALGORITHM} -q3 example.com`
-z2=`$KEYGEN -K $dir -a ${DEFAULT_ALGORITHM} -q3 example.com`
-z3=`$KEYGEN -K $dir -a ${DEFAULT_ALGORITHM} -q3 example.com`
-z4=`$KEYGEN -K $dir -a ${DEFAULT_ALGORITHM} -q3 example.com`
+k1=$($KEYGEN -K $dir -a ${DEFAULT_ALGORITHM} -q3fk example.com)
+z1=$($KEYGEN -K $dir -a ${DEFAULT_ALGORITHM} -q3 example.com)
+z2=$($KEYGEN -K $dir -a ${DEFAULT_ALGORITHM} -q3 example.com)
+z3=$($KEYGEN -K $dir -a ${DEFAULT_ALGORITHM} -q3 example.com)
+z4=$($KEYGEN -K $dir -a ${DEFAULT_ALGORITHM} -q3 example.com)
# Test 18: Prepublication interval is set to a nonstandard value
dir=18-nonstd-prepub
echo_i "set up $dir"
-ksk1=`$KEYGEN -K $dir -a ${DEFAULT_ALGORITHM} -3fk example.com`
-zsk1=`$KEYGEN -K $dir -a ${DEFAULT_ALGORITHM} -3 example.com`
-$SETTIME -K $dir -I now+2mo -D now+3mo $zsk1 > /dev/null
+ksk1=$($KEYGEN -K $dir -a ${DEFAULT_ALGORITHM} -3fk example.com)
+zsk1=$($KEYGEN -K $dir -a ${DEFAULT_ALGORITHM} -3 example.com)
+$SETTIME -K $dir -I now+2mo -D now+3mo $zsk1 >/dev/null
# Test 19: Key has been published/active a long time
dir=19-old-keys
echo_i "set up $dir"
-ksk1=`$KEYGEN -K $dir -a ${DEFAULT_ALGORITHM} -3fk example.com`
-zsk1=`$KEYGEN -K $dir -a ${DEFAULT_ALGORITHM} -3 example.com`
-$SETTIME -K $dir -P now-2y -A now-2y $ksk1 > /dev/null
-$SETTIME -K $dir -P now-2y -A now-2y $zsk1 > /dev/null
+ksk1=$($KEYGEN -K $dir -a ${DEFAULT_ALGORITHM} -3fk example.com)
+zsk1=$($KEYGEN -K $dir -a ${DEFAULT_ALGORITHM} -3 example.com)
+$SETTIME -K $dir -P now-2y -A now-2y $ksk1 >/dev/null
+$SETTIME -K $dir -P now-2y -A now-2y $zsk1 >/dev/null
copy_setports policy.conf.in policy.conf
copy_setports 18-nonstd-prepub/policy.conf.in 18-nonstd-prepub/policy.conf
diff --git a/bin/tests/system/keymgr/tests.sh b/bin/tests/system/keymgr/tests.sh
index 667277f..5beb83c 100644
--- a/bin/tests/system/keymgr/tests.sh
+++ b/bin/tests/system/keymgr/tests.sh
@@ -17,130 +17,129 @@ SYSTEMTESTTOP=..
status=0
n=1
-matchall () {
- match_result=ok
- file=$1
- while IFS="," read expect matchline; do
- [ -z "$matchline" ] && continue
- matches=`grep "$matchline" $file | wc -l`
- [ "$matches" -ne "$expect" ] && {
- echo "'$matchline': expected $expect found $matches"
- return 1
- }
- done << EOF
+matchall() {
+ match_result=ok
+ file=$1
+ while IFS="," read expect matchline; do
+ [ -z "$matchline" ] && continue
+ matches=$(grep "$matchline" $file | wc -l)
+ [ "$matches" -ne "$expect" ] && {
+ echo "'$matchline': expected $expect found $matches"
+ return 1
+ }
+ done <<EOF
$2
EOF
- return 0
+ return 0
}
echo_i "checking for DNSSEC key coverage issues"
ret=0
for dir in [0-9][0-9]-*; do
- ret=0
- echo_i "$dir ($n)"
- kargs= cargs= kmatch= cmatch= kret= cret=0 warn= error= ok=
- . $dir/expect
-
- # use policy.conf if available
- policy=""
- if [ -e "$dir/policy.conf" ]; then
- policy="-c $dir/policy.conf"
- if grep -e "-c policy.conf" $dir/expect > /dev/null
- then
- echo_i "fix $dir/expect: multiple policy files"
- ret=1
- fi
- else
- policy="-c policy.conf"
- fi
-
- # run keymgr to update keys
- if [ "$CYGWIN" ]; then
- $KEYMGR $policy -K $dir -g `cygpath -w $KEYGEN` \
- -s `cygpath -w $SETTIME` $kargs > keymgr.$n 2>&1
- else
- $KEYMGR $policy -K $dir -g $KEYGEN \
- -s $SETTIME $kargs > keymgr.$n 2>&1
- fi
- # check that return code matches expectations
- found=$?
- if [ $found -ne $kret ]; then
- echo "keymgr retcode was $found expected $kret"
- ret=1
- fi
-
- # check for matches in keymgr output
- matchall keymgr.$n "$kmatch" || ret=1
-
- # now check coverage
- $COVERAGE -K $dir $cargs > coverage.$n 2>&1
- # check that return code matches expectations
- found=$?
- if [ $found -ne $cret ]; then
- echo "coverage retcode was $found expected $cret"
- ret=1
- fi
-
- # check for correct number of errors
- found=`grep ERROR coverage.$n | wc -l`
- if [ $found -ne $error ]; then
- echo "error count was $found expected $error"
- ret=1
- fi
-
- # check for correct number of warnings
- found=`grep WARNING coverage.$n | wc -l`
- if [ $found -ne $warn ]; then
- echo "warning count was $found expected $warn"
- ret=1
- fi
-
- # check for correct number of OKs
- found=`grep "No errors found" coverage.$n | wc -l`
- if [ $found -ne $ok ]; then
- echo "good count was $found expected $ok"
- ret=1
- fi
-
- # check for matches in coverage output
- matchall coverage.$n "$cmatch" || ret=1
-
- if [ -f $dir/extra.sh ]; then
- cd $dir
- . ./extra.sh
- cd ..
- fi
-
- n=`expr $n + 1`
- if [ $ret != 0 ]; then echo_i "failed"; fi
- status=`expr $status + $ret`
+ ret=0
+ echo_i "$dir ($n)"
+ kargs= cargs= kmatch= cmatch= kret= cret=0 warn= error= ok=
+ . $dir/expect
+
+ # use policy.conf if available
+ policy=""
+ if [ -e "$dir/policy.conf" ]; then
+ policy="-c $dir/policy.conf"
+ if grep -e "-c policy.conf" $dir/expect >/dev/null; then
+ echo_i "fix $dir/expect: multiple policy files"
+ ret=1
+ fi
+ else
+ policy="-c policy.conf"
+ fi
+
+ # run keymgr to update keys
+ if [ "$CYGWIN" ]; then
+ $KEYMGR $policy -K $dir -g $(cygpath -w $KEYGEN) \
+ -s $(cygpath -w $SETTIME) $kargs >keymgr.$n 2>&1
+ else
+ $KEYMGR $policy -K $dir -g $KEYGEN \
+ -s $SETTIME $kargs >keymgr.$n 2>&1
+ fi
+ # check that return code matches expectations
+ found=$?
+ if [ $found -ne $kret ]; then
+ echo "keymgr retcode was $found expected $kret"
+ ret=1
+ fi
+
+ # check for matches in keymgr output
+ matchall keymgr.$n "$kmatch" || ret=1
+
+ # now check coverage
+ $COVERAGE -K $dir $cargs >coverage.$n 2>&1
+ # check that return code matches expectations
+ found=$?
+ if [ $found -ne $cret ]; then
+ echo "coverage retcode was $found expected $cret"
+ ret=1
+ fi
+
+ # check for correct number of errors
+ found=$(grep ERROR coverage.$n | wc -l)
+ if [ $found -ne $error ]; then
+ echo "error count was $found expected $error"
+ ret=1
+ fi
+
+ # check for correct number of warnings
+ found=$(grep WARNING coverage.$n | wc -l)
+ if [ $found -ne $warn ]; then
+ echo "warning count was $found expected $warn"
+ ret=1
+ fi
+
+ # check for correct number of OKs
+ found=$(grep "No errors found" coverage.$n | wc -l)
+ if [ $found -ne $ok ]; then
+ echo "good count was $found expected $ok"
+ ret=1
+ fi
+
+ # check for matches in coverage output
+ matchall coverage.$n "$cmatch" || ret=1
+
+ if [ -f $dir/extra.sh ]; then
+ cd $dir
+ . ./extra.sh
+ cd ..
+ fi
+
+ n=$(expr $n + 1)
+ if [ $ret != 0 ]; then echo_i "failed"; fi
+ status=$(expr $status + $ret)
done
echo_i "checking domains ending in . ($n)"
ret=0
-$KEYMGR -g $KEYGEN -s $SETTIME . > keymgr.1.$n 2>&1
-nkeys=`grep dnssec-keygen keymgr.1.$n | wc -l`
+$KEYMGR -g $KEYGEN -s $SETTIME . >keymgr.1.$n 2>&1
+nkeys=$(grep dnssec-keygen keymgr.1.$n | wc -l)
[ "$nkeys" -eq 2 ] || ret=1
-$KEYMGR -g $KEYGEN -s $SETTIME . > keymgr.2.$n 2>&1
-nkeys=`grep dnssec-keygen keymgr.2.$n | wc -l`
+$KEYMGR -g $KEYGEN -s $SETTIME . >keymgr.2.$n 2>&1
+nkeys=$(grep dnssec-keygen keymgr.2.$n | wc -l)
[ "$nkeys" -eq 0 ] || ret=1
-$KEYMGR -g $KEYGEN -s $SETTIME example.com. > keymgr.3.$n 2>&1
-nkeys=`grep dnssec-keygen keymgr.3.$n | wc -l`
+$KEYMGR -g $KEYGEN -s $SETTIME example.com. >keymgr.3.$n 2>&1
+nkeys=$(grep dnssec-keygen keymgr.3.$n | wc -l)
[ "$nkeys" -eq 2 ] || ret=1
-$KEYMGR -g $KEYGEN -s $SETTIME example.com. > keymgr.4.$n 2>&1
-nkeys=`grep dnssec-keygen keymgr.4.$n | wc -l`
+$KEYMGR -g $KEYGEN -s $SETTIME example.com. >keymgr.4.$n 2>&1
+nkeys=$(grep dnssec-keygen keymgr.4.$n | wc -l)
[ "$nkeys" -eq 0 ] || ret=1
-status=`expr $status + $ret`
-n=`expr $n + 1`
+status=$(expr $status + $ret)
+n=$(expr $n + 1)
echo_i "checking policy.conf parser ($n)"
ret=0
-PYTHONPATH="../../../python:$PYTHONPATH" ${PYTHON} testpolicy.py policy.sample > policy.out
-$DOS2UNIX policy.out > /dev/null 2>&1
+PYTHONPATH="../../../python:$PYTHONPATH" ${PYTHON} testpolicy.py policy.sample >policy.out
+$DOS2UNIX policy.out >/dev/null 2>&1
cmp -s policy.good policy.out || ret=1
if [ $ret != 0 ]; then echo_i "failed"; fi
-status=`expr $status + $ret`
-n=`expr $n + 1`
+status=$(expr $status + $ret)
+n=$(expr $n + 1)
echo_i "exit status: $status"
[ $status -eq 0 ] || exit 1
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-31 20:58:07 +0000