Merging upstream version 1:9.18.24.

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
author: Daniel Baumann <daniel.baumann@progress-linux.org> 2024-04-08 16:41:28 +0000
committer: Daniel Baumann <daniel.baumann@progress-linux.org> 2024-04-08 16:41:28 +0000
commit: 14509ce60103dab695cef4d4f31321bab27ab967 (patch)
tree: 5959cfb9832b3af242a1ca45d4a1227acae67d87 /bin/tests/system/metadata
parent: Adding debian version 1:9.18.19-1~deb12u1. (diff)
download: bind9-14509ce60103dab695cef4d4f31321bab27ab967.tar.xz
bind9-14509ce60103dab695cef4d4f31321bab27ab967.zip
2 files changed, 52 insertions, 53 deletions
diff --git a/bin/tests/system/metadata/setup.sh b/bin/tests/system/metadata/setup.sh
index 2d4e7cb..3998a09 100644
--- a/bin/tests/system/metadata/setup.sh
+++ b/bin/tests/system/metadata/setup.sh
@@ -20,41 +20,40 @@ echo_i "generating keys"
 
 # active zsk
 zsk=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} $czone)
-echo $zsk > zsk.key
+echo $zsk >zsk.key
 
 # not yet published or active
 pending=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -P none -A none $czone)
-echo $pending > pending.key
+echo $pending >pending.key
 
 # published but not active
 standby=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -A none $czone)
-echo $standby > standby.key
+echo $standby >standby.key
 
 # inactive
 inact=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -P now-24h -A now-24h -I now $czone)
-echo $inact > inact.key
+echo $inact >inact.key
 
 # active ksk
 ksk=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -fk $czone)
-echo $ksk > ksk.key
+echo $ksk >ksk.key
 
 # published but not YET active; will be active in 15 seconds
 rolling=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -fk $czone)
-$SETTIME -A now+15s $rolling > /dev/null
-echo $rolling > rolling.key
+$SETTIME -A now+15s $rolling >/dev/null
+echo $rolling >rolling.key
 
 # revoked
 revoke1=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -fk $czone)
-echo $revoke1 > prerev.key
+echo $revoke1 >prerev.key
 revoke2=$($REVOKE $revoke1)
-echo $revoke2 | sed -e 's#\./##' -e "s/\.key.*$//" > postrev.key
+echo $revoke2 | sed -e 's#\./##' -e "s/\.key.*$//" >postrev.key
 
 pzsk=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} $pzone)
-echo $pzsk > parent.zsk.key
+echo $pzsk >parent.zsk.key
 
 pksk=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -fk $pzone)
-echo $pksk > parent.ksk.key
+echo $pksk >parent.ksk.key
 
 oldstyle=$($KEYGEN -Cq -a ${DEFAULT_ALGORITHM} $pzone)
-echo $oldstyle > oldstyle.key
-
+echo $oldstyle >oldstyle.key
diff --git a/bin/tests/system/metadata/tests.sh b/bin/tests/system/metadata/tests.sh
index 3a91bb7..e945f88 100644
--- a/bin/tests/system/metadata/tests.sh
+++ b/bin/tests/system/metadata/tests.sh
@@ -21,7 +21,7 @@ status=0
 n=1
 
 echo_i "setting key timers"
-$SETTIME -A now+15s $(cat rolling.key) > /dev/null
+$SETTIME -A now+15s $(cat rolling.key) >/dev/null
 
 inact=$(keyfile_to_key_id "$(cat inact.key)")
 ksk=$(keyfile_to_key_id "$(cat ksk.key)")
@@ -33,8 +33,8 @@ standby=$(keyfile_to_key_id "$(cat standby.key)")
 zsk=$(keyfile_to_key_id "$(cat zsk.key)")
 
 echo_i "signing zones"
-$SIGNER -Sg -o $czone $cfile > /dev/null
-$SIGNER -Sg -o $pzone $pfile > /dev/null
+$SIGNER -Sg -o $czone $cfile >/dev/null
+$SIGNER -Sg -o $pzone $pfile >/dev/null
 
 awk '$2 ~ /RRSIG/ {
         type = $3;
@@ -43,7 +43,7 @@ awk '$2 ~ /RRSIG/ {
 	if ($4 ~ /'${czone}'/) {
 		print type, id
 	}
-}' < ${cfile}.signed > sigs
+}' <${cfile}.signed >sigs
 
 awk '$2 ~ /DNSKEY/ {
 	flags = $3;
@@ -51,65 +51,65 @@ awk '$2 ~ /DNSKEY/ {
 		getline;
 	id = $NF;
 	print flags, id;
-}' < ${cfile}.signed > keys
+}' <${cfile}.signed >keys
 
 echo_i "checking that KSK signed DNSKEY only ($n)"
 ret=0
-grep "DNSKEY $ksk"'$' sigs > /dev/null || ret=1
-grep "SOA $ksk"'$' sigs > /dev/null && ret=1
+grep "DNSKEY $ksk"'$' sigs >/dev/null || ret=1
+grep "SOA $ksk"'$' sigs >/dev/null && ret=1
 n=$((n + 1))
 if [ $ret != 0 ]; then echo_i "failed"; fi
 status=$((status + ret))
 
 echo_i "checking that ZSK signed ($n)"
 ret=0
-grep "SOA $zsk"'$' sigs > /dev/null || ret=1
+grep "SOA $zsk"'$' sigs >/dev/null || ret=1
 n=$((n + 1))
 if [ $ret != 0 ]; then echo_i "failed"; fi
 status=$((status + ret))
 
 echo_i "checking that standby ZSK did not sign ($n)"
 ret=0
-grep " $standby"'$' sigs > /dev/null && ret=1
+grep " $standby"'$' sigs >/dev/null && ret=1
 n=$((n + 1))
 if [ $ret != 0 ]; then echo_i "failed"; fi
 status=$((status + ret))
 
 echo_i "checking that inactive key did not sign ($n)"
 ret=0
-grep " $inact"'$' sigs > /dev/null && ret=1
+grep " $inact"'$' sigs >/dev/null && ret=1
 n=$((n + 1))
 if [ $ret != 0 ]; then echo_i "failed"; fi
 status=$((status + ret))
 
 echo_i "checking that pending key was not published ($n)"
 ret=0
-grep " $pending"'$' keys > /dev/null && ret=1
+grep " $pending"'$' keys >/dev/null && ret=1
 n=$((n + 1))
 if [ $ret != 0 ]; then echo_i "failed"; fi
 status=$((status + ret))
 
 echo_i "checking that standby KSK did not sign but is delegated ($n)"
 ret=0
-grep " $rolling"'$' sigs > /dev/null && ret=1
-grep " $rolling"'$' keys > /dev/null || ret=1
-grep -E "DS[ 	]*$rolling[ 	]" ${pfile}.signed > /dev/null || ret=1
+grep " $rolling"'$' sigs >/dev/null && ret=1
+grep " $rolling"'$' keys >/dev/null || ret=1
+grep -E "DS[ 	]*$rolling[ 	]" ${pfile}.signed >/dev/null || ret=1
 n=$((n + 1))
 if [ $ret != 0 ]; then echo_i "failed"; fi
 status=$((status + ret))
 
 echo_i "checking that key was revoked ($n)"
 ret=0
-grep " $prerev"'$' keys > /dev/null && ret=1
-grep " $postrev"'$' keys > /dev/null || ret=1
+grep " $prerev"'$' keys >/dev/null && ret=1
+grep " $postrev"'$' keys >/dev/null || ret=1
 n=$((n + 1))
 if [ $ret != 0 ]; then echo_i "failed"; fi
 status=$((status + ret))
 
 echo_i "checking that revoked key self-signed ($n)"
 ret=0
-grep "DNSKEY $postrev"'$' sigs > /dev/null || ret=1
-grep "SOA $postrev"'$' sigs > /dev/null && ret=1
+grep "DNSKEY $postrev"'$' sigs >/dev/null || ret=1
+grep "SOA $postrev"'$' sigs >/dev/null && ret=1
 n=$((n + 1))
 if [ $ret != 0 ]; then echo_i "failed"; fi
 status=$((status + ret))
@@ -118,11 +118,11 @@ echo_i "waiting 20 seconds for key changes to occur"
 sleep 20
 
 echo_i "re-signing zone"
-$SIGNER  -Sg -o $czone -f ${cfile}.new ${cfile}.signed > /dev/null
+$SIGNER -Sg -o $czone -f ${cfile}.new ${cfile}.signed >/dev/null
 
 echo_i "checking that standby KSK is now active ($n)"
 ret=0
-grep "DNSKEY $rolling"'$' sigs > /dev/null && ret=1
+grep "DNSKEY $rolling"'$' sigs >/dev/null && ret=1
 n=$((n + 1))
 if [ $ret != 0 ]; then echo_i "failed"; fi
 status=$((status + ret))
@@ -130,10 +130,10 @@ status=$((status + ret))
 echo_i "checking update of an old-style key ($n)"
 ret=0
 # printing metadata should not work with an old-style key
-$SETTIME -pall $(cat oldstyle.key) > /dev/null 2>&1 && ret=1
-$SETTIME -f $(cat oldstyle.key) > /dev/null 2>&1 || ret=1
+$SETTIME -pall $(cat oldstyle.key) >/dev/null 2>&1 && ret=1
+$SETTIME -f $(cat oldstyle.key) >/dev/null 2>&1 || ret=1
 # but now it should
-$SETTIME -pall $(cat oldstyle.key) > /dev/null 2>&1 || ret=1
+$SETTIME -pall $(cat oldstyle.key) >/dev/null 2>&1 || ret=1
 n=$((n + 1))
 if [ $ret != 0 ]; then echo_i "failed"; fi
 status=$((status + ret))
@@ -142,10 +142,10 @@ echo_i "checking warning about permissions change on key with dnssec-settime ($n
 ret=0
 # settime should print a warning about changing the permissions
 chmod 644 $(cat oldstyle.key).private
-$SETTIME -P none $(cat oldstyle.key) > settime1.test$n 2>&1 || ret=1
-grep "warning: Permissions on the file.*have changed" settime1.test$n > /dev/null 2>&1 || ret=1
-$SETTIME -P none $(cat oldstyle.key) > settime2.test$n 2>&1 || ret=1
-grep "warning: Permissions on the file.*have changed" settime2.test$n > /dev/null 2>&1 && ret=1
+$SETTIME -P none $(cat oldstyle.key) >settime1.test$n 2>&1 || ret=1
+grep "warning: Permissions on the file.*have changed" settime1.test$n >/dev/null 2>&1 || ret=1
+$SETTIME -P none $(cat oldstyle.key) >settime2.test$n 2>&1 || ret=1
+grep "warning: Permissions on the file.*have changed" settime2.test$n >/dev/null 2>&1 && ret=1
 n=$((n + 1))
 if [ $ret != 0 ]; then echo_i "failed"; fi
 status=$((status + ret))
@@ -153,17 +153,17 @@ status=$((status + ret))
 echo_i "checking warning about delete date < inactive date with dnssec-settime ($n)"
 ret=0
 # settime should print a warning about delete < inactive
-$SETTIME -I now+15s -D now $(cat oldstyle.key) > tmp.out 2>&1 || ret=1
-grep "warning" tmp.out > /dev/null 2>&1 || ret=1
+$SETTIME -I now+15s -D now $(cat oldstyle.key) >tmp.out 2>&1 || ret=1
+grep "warning" tmp.out >/dev/null 2>&1 || ret=1
 n=$((n + 1))
 if [ $ret != 0 ]; then echo_i "failed"; fi
 status=$((status + ret))
 
 echo_i "checking no warning about delete date < inactive date with dnssec-settime when delete date is unset ($n)"
 ret=0
-$SETTIME -D none $(cat oldstyle.key) > tmp.out 2>&1 || ret=1
-$SETTIME -p all $(cat oldstyle.key) > tmp.out 2>&1 || ret=1
-grep "warning" tmp.out > /dev/null 2>&1 && ret=1
+$SETTIME -D none $(cat oldstyle.key) >tmp.out 2>&1 || ret=1
+$SETTIME -p all $(cat oldstyle.key) >tmp.out 2>&1 || ret=1
+grep "warning" tmp.out >/dev/null 2>&1 && ret=1
 n=$((n + 1))
 if [ $ret != 0 ]; then echo_i "failed"; fi
 status=$((status + ret))
@@ -171,8 +171,8 @@ status=$((status + ret))
 echo_i "checking warning about delete date < inactive date with dnssec-keygen ($n)"
 ret=0
 # keygen should print a warning about delete < inactive
-$KEYGEN -q -a ${DEFAULT_ALGORITHM} -I now+15s -D now $czone > tmp.out 2>&1 || ret=1
-grep "warning" tmp.out > /dev/null 2>&1 || ret=1
+$KEYGEN -q -a ${DEFAULT_ALGORITHM} -I now+15s -D now $czone >tmp.out 2>&1 || ret=1
+grep "warning" tmp.out >/dev/null 2>&1 || ret=1
 n=$((n + 1))
 if [ $ret != 0 ]; then echo_i "failed"; fi
 status=$((status + ret))
@@ -198,9 +198,9 @@ echo_i "checking calculation of dates for a successor key ($n)"
 ret=0
 oldkey=$($KEYGEN -a ${DEFAULT_ALGORITHM} -q $czone)
 newkey=$($KEYGEN -a ${DEFAULT_ALGORITHM} -q $czone)
-$SETTIME -A -2d -I +2d $oldkey > settime1.test$n 2>&1 || ret=1
-$SETTIME -i 1d -S $oldkey $newkey > settime2.test$n 2>&1 || ret=1
-$SETTIME -pA $newkey | grep "1970" > /dev/null && ret=1
+$SETTIME -A -2d -I +2d $oldkey >settime1.test$n 2>&1 || ret=1
+$SETTIME -i 1d -S $oldkey $newkey >settime2.test$n 2>&1 || ret=1
+$SETTIME -pA $newkey | grep "1970" >/dev/null && ret=1
 n=$((n + 1))
 if [ $ret != 0 ]; then echo_i "failed"; fi
 status=$((status + ret))
@@ -209,14 +209,14 @@ key=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} $czone)
 
 echo_i "checking -p output time is accepted ($n)"
 t=$($SETTIME -pA $key | sed 's/.*: //')
-$SETTIME -Psync "$t" $key > settime2.test$n 2>&1 || ret=1
+$SETTIME -Psync "$t" $key >settime2.test$n 2>&1 || ret=1
 n=$((n + 1))
 if [ $ret != 0 ]; then echo_i "failed"; fi
 status=$((status + ret))
 
 echo_i "checking -up output time is accepted ($n)"
 t=$($SETTIME -upA $key | sed 's/.*: //')
-$SETTIME -Dsync "$t" $key > settime2.test$n 2>&1 || ret=1
+$SETTIME -Dsync "$t" $key >settime2.test$n 2>&1 || ret=1
 n=$((n + 1))
 if [ $ret != 0 ]; then echo_i "failed"; fi
 status=$((status + ret))
@@ -224,7 +224,7 @@ status=$((status + ret))
 echo_i "checking -p unset time is accepted ($n)"
 # The Delete timing metadata is unset.
 t=$($SETTIME -pD $key | sed 's/.*: //')
-$SETTIME -Psync "$t" $key > settime2.test$n 2>&1 || ret=1
+$SETTIME -Psync "$t" $key >settime2.test$n 2>&1 || ret=1
 n=$((n + 1))
 if [ $ret != 0 ]; then echo_i "failed"; fi
 status=$((status + ret))
author	Daniel Baumann <daniel.baumann@progress-linux.org>	2024-04-08 16:41:28 +0000
committer	Daniel Baumann <daniel.baumann@progress-linux.org>	2024-04-08 16:41:28 +0000
commit	14509ce60103dab695cef4d4f31321bab27ab967 (patch)
tree	5959cfb9832b3af242a1ca45d4a1227acae67d87 /bin/tests/system/metadata
parent	Adding debian version 1:9.18.19-1~deb12u1. (diff)
download	bind9-14509ce60103dab695cef4d4f31321bab27ab967.tar.xz bind9-14509ce60103dab695cef4d4f31321bab27ab967.zip