From e2fc8e037ea6bb5de92b25ec9c12a624737ac5ca Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Mon, 8 Apr 2024 18:41:29 +0200 Subject: Merging upstream version 1:9.18.24. Signed-off-by: Daniel Baumann --- bin/tests/system/dsdigest/ns1/sign.sh | 6 +++--- bin/tests/system/dsdigest/ns2/named.conf.in | 2 +- bin/tests/system/dsdigest/ns2/sign.sh | 13 ++++++------- bin/tests/system/dsdigest/ns3/named.conf.in | 2 +- bin/tests/system/dsdigest/ns4/named.conf.in | 2 +- bin/tests/system/dsdigest/tests.sh | 22 +++++++++++----------- 6 files changed, 23 insertions(+), 24 deletions(-) (limited to 'bin/tests/system/dsdigest') diff --git a/bin/tests/system/dsdigest/ns1/sign.sh b/bin/tests/system/dsdigest/ns1/sign.sh index d7efd9a..a4abccc 100644 --- a/bin/tests/system/dsdigest/ns1/sign.sh +++ b/bin/tests/system/dsdigest/ns1/sign.sh @@ -25,12 +25,12 @@ cp ../ns2/dsset-bad. . key1=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -n zone $zone) key2=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -n zone -f KSK $zone) -cat $infile $key1.key $key2.key > $zonefile +cat $infile $key1.key $key2.key >$zonefile -$SIGNER -P -g -o $zone $zonefile > /dev/null +$SIGNER -P -g -o $zone $zonefile >/dev/null # Configure the resolving server with a static key. -keyfile_to_static_ds $key2 > trusted.conf +keyfile_to_static_ds $key2 >trusted.conf cp trusted.conf ../ns2/trusted.conf cp trusted.conf ../ns3/trusted.conf cp trusted.conf ../ns4/trusted.conf diff --git a/bin/tests/system/dsdigest/ns2/named.conf.in b/bin/tests/system/dsdigest/ns2/named.conf.in index d3fd750..b20a027 100644 --- a/bin/tests/system/dsdigest/ns2/named.conf.in +++ b/bin/tests/system/dsdigest/ns2/named.conf.in @@ -30,7 +30,7 @@ options { zone "." { type hint; - file "../../common/root.hint"; + file "../../_common/root.hint"; }; zone "good" { diff --git a/bin/tests/system/dsdigest/ns2/sign.sh b/bin/tests/system/dsdigest/ns2/sign.sh index 5bb4fce..37456fe 100644 --- a/bin/tests/system/dsdigest/ns2/sign.sh +++ b/bin/tests/system/dsdigest/ns2/sign.sh @@ -28,16 +28,15 @@ keyname22=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -n zone -f KSK $zone2) cat $infile1 $keyname11.key $keyname12.key >$zonefile1 cat $infile2 $keyname21.key $keyname22.key >$zonefile2 -$SIGNER -P -g -o $zone1 $zonefile1 > /dev/null -$SIGNER -P -g -o $zone2 $zonefile2 > /dev/null +$SIGNER -P -g -o $zone1 $zonefile1 >/dev/null +$SIGNER -P -g -o $zone2 $zonefile2 >/dev/null DSFILENAME1=dsset-${zone1}. DSFILENAME2=dsset-${zone2}. -$DSFROMKEY -a SHA-256 $keyname12 > $DSFILENAME1 -$DSFROMKEY -a SHA-256 $keyname22 > $DSFILENAME2 +$DSFROMKEY -a SHA-256 $keyname12 >$DSFILENAME1 +$DSFROMKEY -a SHA-256 $keyname22 >$DSFILENAME2 algo=SHA-384 -$DSFROMKEY -a $algo $keyname12 >> $DSFILENAME1 -$DSFROMKEY -a $algo $keyname22 > $DSFILENAME2 - +$DSFROMKEY -a $algo $keyname12 >>$DSFILENAME1 +$DSFROMKEY -a $algo $keyname22 >$DSFILENAME2 diff --git a/bin/tests/system/dsdigest/ns3/named.conf.in b/bin/tests/system/dsdigest/ns3/named.conf.in index a2b105c..bd4eb83 100644 --- a/bin/tests/system/dsdigest/ns3/named.conf.in +++ b/bin/tests/system/dsdigest/ns3/named.conf.in @@ -33,7 +33,7 @@ options { zone "." { type hint; - file "../../common/root.hint"; + file "../../_common/root.hint"; }; include "trusted.conf"; diff --git a/bin/tests/system/dsdigest/ns4/named.conf.in b/bin/tests/system/dsdigest/ns4/named.conf.in index e43763b..74e8960 100644 --- a/bin/tests/system/dsdigest/ns4/named.conf.in +++ b/bin/tests/system/dsdigest/ns4/named.conf.in @@ -31,7 +31,7 @@ options { zone "." { type hint; - file "../../common/root.hint"; + file "../../_common/root.hint"; }; include "trusted.conf"; diff --git a/bin/tests/system/dsdigest/tests.sh b/bin/tests/system/dsdigest/tests.sh index 3650f4a..9d9b966 100644 --- a/bin/tests/system/dsdigest/tests.sh +++ b/bin/tests/system/dsdigest/tests.sh @@ -25,9 +25,9 @@ DIGOPTS="+tcp +noadd +nosea +nostat +nocmd +dnssec -p ${PORT}" echo_i "checking that validation with enabled digest types works" ret=0 -$DIG $DIGOPTS a.good. @10.53.0.3 a > dig.out.good || ret=1 -grep "status: NOERROR" dig.out.good > /dev/null || ret=1 -grep "flags:[^;]* ad[ ;]" dig.out.good > /dev/null || ret=1 +$DIG $DIGOPTS a.good. @10.53.0.3 a >dig.out.good || ret=1 +grep "status: NOERROR" dig.out.good >/dev/null || ret=1 +grep "flags:[^;]* ad[ ;]" dig.out.good >/dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) @@ -35,19 +35,19 @@ status=$((status + ret)) echo_i "checking that validation with no supported digest types and must-be-secure results in SERVFAIL" ret=0 -$DIG $DIGOPTS a.bad. @10.53.0.3 a > dig.out.bad || ret=1 -grep "SERVFAIL" dig.out.bad > /dev/null || ret=1 +$DIG $DIGOPTS a.bad. @10.53.0.3 a >dig.out.bad || ret=1 +grep "SERVFAIL" dig.out.bad >/dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) echo_i "checking that validation with no supported digest algorithms results in insecure" ret=0 -$DIG $DIGOPTS bad. @10.53.0.4 ds > dig.out.ds || ret=1 -grep "NOERROR" dig.out.ds > /dev/null || ret=1 -grep "flags:[^;]* ad[ ;]" dig.out.ds > /dev/null || ret=1 -$DIG $DIGOPTS a.bad. @10.53.0.4 a > dig.out.insecure || ret=1 -grep "NOERROR" dig.out.insecure > /dev/null || ret=1 -grep "flags:[^;]* ad[ ;]" dig.out.insecure > /dev/null && ret=1 +$DIG $DIGOPTS bad. @10.53.0.4 ds >dig.out.ds || ret=1 +grep "NOERROR" dig.out.ds >/dev/null || ret=1 +grep "flags:[^;]* ad[ ;]" dig.out.ds >/dev/null || ret=1 +$DIG $DIGOPTS a.bad. @10.53.0.4 a >dig.out.insecure || ret=1 +grep "NOERROR" dig.out.insecure >/dev/null || ret=1 +grep "flags:[^;]* ad[ ;]" dig.out.insecure >/dev/null && ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status + ret)) echo_i "exit status: $status" -- cgit v1.2.3