metadata: use $DEFAULT_ALGORITHM

(cherry picked from commit 3f1dc83bfb)

bin/tests/system/metadata/setup.sh

@@ -20,42 +20,42 @@ czone=child.parent.nil
 echo_i "generating keys"
 
 # active zsk
-zsk=`$KEYGEN -q -a rsasha1 $czone`
+zsk=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} $czone)
 echo $zsk > zsk.key
 
 # not yet published or active
-pending=`$KEYGEN -q -a rsasha1 -P none -A none $czone`
+pending=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -P none -A none $czone)
 echo $pending > pending.key
 
 # published but not active
-standby=`$KEYGEN -q -a rsasha1 -A none $czone`
+standby=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -A none $czone)
 echo $standby > standby.key
 
 # inactive
-inact=`$KEYGEN -q -a rsasha1 -P now-24h -A now-24h -I now $czone`
+inact=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -P now-24h -A now-24h -I now $czone)
 echo $inact > inact.key
 
 # active ksk
-ksk=`$KEYGEN -q -a rsasha1 -fk $czone`
+ksk=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -fk $czone)
 echo $ksk > ksk.key
 
 # published but not YET active; will be active in 15 seconds
-rolling=`$KEYGEN -q -a rsasha1 -fk $czone`
+rolling=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -fk $czone)
 $SETTIME -A now+15s $rolling > /dev/null
 echo $rolling > rolling.key
 
 # revoked
-revoke1=`$KEYGEN -q -a rsasha1 -fk $czone`
+revoke1=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -fk $czone)
 echo $revoke1 > prerev.key
-revoke2=`$REVOKE $revoke1`
+revoke2=$($REVOKE $revoke1)
 echo $revoke2 | sed -e 's#\./##' -e "s/\.key.*$//" > postrev.key
 
-pzsk=`$KEYGEN -q -a rsasha1 $pzone`
+pzsk=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} $pzone)
 echo $pzsk > parent.zsk.key
 
-pksk=`$KEYGEN -q -a rsasha1 -fk $pzone`
+pksk=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -fk $pzone)
 echo $pksk > parent.ksk.key
 
-oldstyle=`$KEYGEN -Cq -a rsasha1 $pzone`
+oldstyle=$($KEYGEN -Cq -a ${DEFAULT_ALGORITHM} $pzone)
 echo $oldstyle > oldstyle.key
 

bin/tests/system/metadata/tests.sh

@@ -20,7 +20,7 @@ status=0
 n=1
 
 echo_i "setting key timers"
-$SETTIME -A now+15s `cat rolling.key` > /dev/null
+$SETTIME -A now+15s $(cat rolling.key) > /dev/null
 
 inact=$(keyfile_to_key_id "$(cat inact.key)")
 ksk=$(keyfile_to_key_id "$(cat ksk.key)")
@@ -56,62 +56,62 @@ echo_i "checking that KSK signed DNSKEY only ($n)"
 ret=0
 grep "DNSKEY $ksk"'$' sigs > /dev/null || ret=1
 grep "SOA $ksk"'$' sigs > /dev/null && ret=1
-n=`expr $n + 1`
+n=$((n + 1))
 if [ $ret != 0 ]; then echo_i "failed"; fi
-status=`expr $status + $ret`
+status=$((status + ret))
 
 echo_i "checking that ZSK signed ($n)"
 ret=0
 grep "SOA $zsk"'$' sigs > /dev/null || ret=1
-n=`expr $n + 1`
+n=$((n + 1))
 if [ $ret != 0 ]; then echo_i "failed"; fi
-status=`expr $status + $ret`
+status=$((status + ret))
 
 echo_i "checking that standby ZSK did not sign ($n)"
 ret=0
 grep " $standby"'$' sigs > /dev/null && ret=1
-n=`expr $n + 1`
+n=$((n + 1))
 if [ $ret != 0 ]; then echo_i "failed"; fi
-status=`expr $status + $ret`
+status=$((status + ret))
 
 echo_i "checking that inactive key did not sign ($n)"
 ret=0
 grep " $inact"'$' sigs > /dev/null && ret=1
-n=`expr $n + 1`
+n=$((n + 1))
 if [ $ret != 0 ]; then echo_i "failed"; fi
-status=`expr $status + $ret`
+status=$((status + ret))
 
 echo_i "checking that pending key was not published ($n)"
 ret=0
 grep " $pending"'$' keys > /dev/null && ret=1
-n=`expr $n + 1`
+n=$((n + 1))
 if [ $ret != 0 ]; then echo_i "failed"; fi
-status=`expr $status + $ret`
+status=$((status + ret))
 
 echo_i "checking that standby KSK did not sign but is delegated ($n)"
 ret=0
 grep " $rolling"'$' sigs > /dev/null && ret=1
 grep " $rolling"'$' keys > /dev/null || ret=1
 egrep "DS[ 	]*$rolling[ 	]" ${pfile}.signed > /dev/null || ret=1
-n=`expr $n + 1`
+n=$((n + 1))
 if [ $ret != 0 ]; then echo_i "failed"; fi
-status=`expr $status + $ret`
+status=$((status + ret))
 
 echo_i "checking that key was revoked ($n)"
 ret=0
 grep " $prerev"'$' keys > /dev/null && ret=1
 grep " $postrev"'$' keys > /dev/null || ret=1
-n=`expr $n + 1`
+n=$((n + 1))
 if [ $ret != 0 ]; then echo_i "failed"; fi
-status=`expr $status + $ret`
+status=$((status + ret))
 
 echo_i "checking that revoked key self-signed ($n)"
 ret=0
 grep "DNSKEY $postrev"'$' sigs > /dev/null || ret=1
 grep "SOA $postrev"'$' sigs > /dev/null && ret=1
-n=`expr $n + 1`
+n=$((n + 1))
 if [ $ret != 0 ]; then echo_i "failed"; fi
-status=`expr $status + $ret`
+status=$((status + ret))
 
 echo_i "waiting 20 seconds for key changes to occur"
 sleep 20
@@ -122,92 +122,92 @@ $SIGNER  -Sg -o $czone -f ${cfile}.new ${cfile}.signed > /dev/null
 echo_i "checking that standby KSK is now active ($n)"
 ret=0
 grep "DNSKEY $rolling"'$' sigs > /dev/null && ret=1
-n=`expr $n + 1`
+n=$((n + 1))
 if [ $ret != 0 ]; then echo_i "failed"; fi
-status=`expr $status + $ret`
+status=$((status + ret))
 
 echo_i "checking update of an old-style key ($n)"
 ret=0
 # printing metadata should not work with an old-style key
-$SETTIME -pall `cat oldstyle.key` > /dev/null 2>&1 && ret=1
-$SETTIME -f `cat oldstyle.key` > /dev/null 2>&1 || ret=1
+$SETTIME -pall $(cat oldstyle.key) > /dev/null 2>&1 && ret=1
+$SETTIME -f $(cat oldstyle.key) > /dev/null 2>&1 || ret=1
 # but now it should
-$SETTIME -pall `cat oldstyle.key` > /dev/null 2>&1 || ret=1
-n=`expr $n + 1`
+$SETTIME -pall $(cat oldstyle.key) > /dev/null 2>&1 || ret=1
+n=$((n + 1))
 if [ $ret != 0 ]; then echo_i "failed"; fi
-status=`expr $status + $ret`
+status=$((status + ret))
 
 echo_i "checking warning about permissions change on key with dnssec-settime ($n)"
-uname=`uname -o 2> /dev/null`
+uname=$(uname -o 2> /dev/null)
 if [ Cygwin = "$uname"  ]; then
 	echo_i "Cygwin detected, skipping"
 else
 	ret=0
 	# settime should print a warning about changing the permissions
-	chmod 644 `cat oldstyle.key`.private
-	$SETTIME -P none `cat oldstyle.key` > settime1.test$n 2>&1 || ret=1
+	chmod 644 $(cat oldstyle.key).private
+	$SETTIME -P none $(cat oldstyle.key) > settime1.test$n 2>&1 || ret=1
 	grep "warning: Permissions on the file.*have changed" settime1.test$n > /dev/null 2>&1 || ret=1
-	$SETTIME -P none `cat oldstyle.key` > settime2.test$n 2>&1 || ret=1
+	$SETTIME -P none $(cat oldstyle.key) > settime2.test$n 2>&1 || ret=1
 	grep "warning: Permissions on the file.*have changed" settime2.test$n > /dev/null 2>&1 && ret=1
-	n=`expr $n + 1`
+	n=$((n + 1))
 	if [ $ret != 0 ]; then echo_i "failed"; fi
-	status=`expr $status + $ret`
+	status=$((status + ret))
 fi
 
 echo_i "checking warning about delete date < inactive date with dnssec-settime ($n)"
 ret=0
 # settime should print a warning about delete < inactive
-$SETTIME -I now+15s -D now `cat oldstyle.key` > tmp.out 2>&1 || ret=1
+$SETTIME -I now+15s -D now $(cat oldstyle.key) > tmp.out 2>&1 || ret=1
 grep "warning" tmp.out > /dev/null 2>&1 || ret=1
-n=`expr $n + 1`
+n=$((n + 1))
 if [ $ret != 0 ]; then echo_i "failed"; fi
-status=`expr $status + $ret`
+status=$((status + ret))
 
 echo_i "checking no warning about delete date < inactive date with dnssec-settime when delete date is unset ($n)"
 ret=0
-$SETTIME -D none `cat oldstyle.key` > tmp.out 2>&1 || ret=1
-$SETTIME -p all `cat oldstyle.key` > tmp.out 2>&1 || ret=1
+$SETTIME -D none $(cat oldstyle.key) > tmp.out 2>&1 || ret=1
+$SETTIME -p all $(cat oldstyle.key) > tmp.out 2>&1 || ret=1
 grep "warning" tmp.out > /dev/null 2>&1 && ret=1
-n=`expr $n + 1`
+n=$((n + 1))
 if [ $ret != 0 ]; then echo_i "failed"; fi
-status=`expr $status + $ret`
+status=$((status + ret))
 
 echo_i "checking warning about delete date < inactive date with dnssec-keygen ($n)"
 ret=0
 # keygen should print a warning about delete < inactive
-$KEYGEN -q -a rsasha1 -I now+15s -D now $czone > tmp.out 2>&1 || ret=1
+$KEYGEN -q -a ${DEFAULT_ALGORITHM} -I now+15s -D now $czone > tmp.out 2>&1 || ret=1
 grep "warning" tmp.out > /dev/null 2>&1 || ret=1
-n=`expr $n + 1`
+n=$((n + 1))
 if [ $ret != 0 ]; then echo_i "failed"; fi
-status=`expr $status + $ret`
+status=$((status + ret))
 
 echo_i "checking correct behavior setting activation without publication date ($n)"
 ret=0
-key=`$KEYGEN -q -a rsasha1 -A +1w $czone`
-pub=`$SETTIME -upP $key | awk '{print $2}'`
-act=`$SETTIME -upA $key | awk '{print $2}'`
+key=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -A +1w $czone)
+pub=$($SETTIME -upP $key | awk '{print $2}')
+act=$($SETTIME -upA $key | awk '{print $2}')
 [ $pub -eq $act ] || ret=1
-key=`$KEYGEN -q -a rsasha1 -A +1w -i 1d $czone`
-pub=`$SETTIME -upP $key | awk '{print $2}'`
-act=`$SETTIME -upA $key | awk '{print $2}'`
+key=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -A +1w -i 1d $czone)
+pub=$($SETTIME -upP $key | awk '{print $2}')
+act=$($SETTIME -upA $key | awk '{print $2}')
 [ $pub -lt $act ] || ret=1
-key=`$KEYGEN -q -a rsasha1 -A +1w -P never $czone`
-pub=`$SETTIME -upP $key | awk '{print $2}'`
+key=$($KEYGEN -q -a ${DEFAULT_ALGORITHM} -A +1w -P never $czone)
+pub=$($SETTIME -upP $key | awk '{print $2}')
 [ $pub = "UNSET" ] || ret=1
-n=`expr $n + 1`
+n=$((n + 1))
 if [ $ret != 0 ]; then echo_i "failed"; fi
-status=`expr $status + $ret`
+status=$((status + ret))
 
 echo_i "checking calculation of dates for a successor key ($n)"
 ret=0
-oldkey=`$KEYGEN -a RSASHA1 -q $czone`
-newkey=`$KEYGEN -a RSASHA1 -q $czone`
+oldkey=$($KEYGEN -a ${DEFAULT_ALGORITHM} -q $czone)
+newkey=$($KEYGEN -a ${DEFAULT_ALGORITHM} -q $czone)
 $SETTIME -A -2d -I +2d $oldkey > settime1.test$n 2>&1 || ret=1
 $SETTIME -i 1d -S $oldkey $newkey > settime2.test$n 2>&1 || ret=1
 $SETTIME -pA $newkey | grep "1970" > /dev/null && ret=1
-n=`expr $n + 1`
+n=$((n + 1))
 if [ $ret != 0 ]; then echo_i "failed"; fi
-status=`expr $status + $ret`
+status=$((status + ret))
 
 echo_i "exit status: $status"
 [ $status -eq 0 ] || exit 1