diff --git a/bin/tests/system/conf.sh.common b/bin/tests/system/conf.sh.common index 407f1b9800..f34f86e728 100644 --- a/bin/tests/system/conf.sh.common +++ b/bin/tests/system/conf.sh.common @@ -37,7 +37,7 @@ export LANG=C # SEQUENTIAL_UNIX in conf.sh.in; those that only run on windows should # be added to SEQUENTIAL_WINDOWS in conf.sh.win32. # -SEQUENTIAL_COMMON="tkey" +SEQUENTIAL_COMMON="" # # These tests can use ports assigned by the caller (other than 5300 @@ -70,7 +70,7 @@ PARALLEL_COMMON="dnssec rpzrecurse serve-stale \ rrchecker rrl rrsetorder rsabigexponent runtime \ sfcache smartsign sortlist \ spf staticstub statistics statschannel stub synthfromdnssec \ - tcp tools tsig tsiggss ttl \ + tcp tkey tools tsig tsiggss ttl \ unknown upforwd verify views wildcard \ xfer xferquota zero zonechecks" diff --git a/bin/tests/system/tkey/clean.sh b/bin/tests/system/tkey/clean.sh index cf1557927e..56a8846a43 100644 --- a/bin/tests/system/tkey/clean.sh +++ b/bin/tests/system/tkey/clean.sh @@ -9,10 +9,15 @@ # See the COPYRIGHT file distributed with this work for additional # information regarding copyright ownership. -rm -f dig.out.* rndc.out.* ns1/named.conf -rm -f K* ns1/K* -rm -f */named.memstats -rm -f */named.run -rm -f ns1/_default.tsigkeys -rm -f ns*/named.lock +set -e + +rm -f ./K* +rm -f ./dig.out.* +rm -f ./rndc.out.* +rm -f ns*/K* +rm -f ns*/_default.tsigkeys rm -f ns*/managed-keys.bind* +rm -f ns*/named.conf +rm -f ns*/named.lock +rm -f ns*/named.memstats +rm -f ns*/named.run diff --git a/bin/tests/system/tkey/keycreate.c b/bin/tests/system/tkey/keycreate.c index cf15fd3544..cdd0f7a7a5 100644 --- a/bin/tests/system/tkey/keycreate.c +++ b/bin/tests/system/tkey/keycreate.c @@ -52,9 +52,11 @@ #define RUNCHECK(x) RUNTIME_CHECK((x) == ISC_R_SUCCESS) -#define PORT 5300 #define TIMEOUT 30 +static char *ip_address = NULL; +static int port = 0; + static dst_key_t *ourkey; static isc_mem_t *mctx; static dns_tsigkey_t *tsigkey, *initialkey; @@ -141,10 +143,10 @@ sendquery(isc_task_t *task, isc_event_t *event) { isc_event_free(&event); result = ISC_R_FAILURE; - if (inet_pton(AF_INET, "10.53.0.1", &inaddr) != 1) { + if (inet_pton(AF_INET, ip_address, &inaddr) != 1) { CHECK("inet_pton", result); } - isc_sockaddr_fromin(&address, &inaddr, PORT); + isc_sockaddr_fromin(&address, &inaddr, port); dns_fixedname_init(&keyname); isc_buffer_constinit(&namestr, "tkeytest.", 9); @@ -210,18 +212,16 @@ main(int argc, char *argv[]) { RUNCHECK(isc_app_start()); - if (argc < 2) { + if (argc < 4) { fprintf(stderr, "I:no DH key provided\n"); exit(-1); } - if (strcmp(argv[1], "-r") == 0) { - fprintf(stderr, "I:the -r option has been deprecated\n"); - exit(-1); - } - ourkeyname = argv[1]; + ip_address = argv[1]; + port = atoi(argv[2]); + ourkeyname = argv[3]; - if (argc >= 3) { - ownername_str = argv[2]; + if (argc >= 5) { + ownername_str = argv[4]; } dns_result_register(); diff --git a/bin/tests/system/tkey/keydelete.c b/bin/tests/system/tkey/keydelete.c index 52f9c31ec8..d2b850d64c 100644 --- a/bin/tests/system/tkey/keydelete.c +++ b/bin/tests/system/tkey/keydelete.c @@ -51,9 +51,10 @@ #define RUNCHECK(x) RUNTIME_CHECK((x) == ISC_R_SUCCESS) -#define PORT 5300 #define TIMEOUT 30 +static char *ip_address; +static int port; static isc_mem_t *mctx; static dns_tsigkey_t *tsigkey; static dns_tsig_keyring_t *ring; @@ -114,10 +115,10 @@ sendquery(isc_task_t *task, isc_event_t *event) { isc_event_free(&event); result = ISC_R_FAILURE; - if (inet_pton(AF_INET, "10.53.0.1", &inaddr) != 1) { + if (inet_pton(AF_INET, ip_address, &inaddr) != 1) { CHECK("inet_pton", result); } - isc_sockaddr_fromin(&address, &inaddr, PORT); + isc_sockaddr_fromin(&address, &inaddr, port); query = NULL; result = dns_message_create(mctx, DNS_MESSAGE_INTENTRENDER, &query); @@ -155,7 +156,7 @@ main(int argc, char **argv) { RUNCHECK(isc_app_start()); - if (argc < 2) { + if (argc < 4) { fprintf(stderr, "I:no key to delete\n"); exit(-1); } @@ -163,7 +164,9 @@ main(int argc, char **argv) { fprintf(stderr, "I:The -r options has been deprecated\n"); exit(-1); } - keyname = argv[1]; + ip_address = argv[1]; + port = atoi(argv[2]); + keyname = argv[3]; dns_result_register(); diff --git a/bin/tests/system/tkey/ns1/named.conf.in b/bin/tests/system/tkey/ns1/named.conf.in index 01331beafc..4496d32372 100644 --- a/bin/tests/system/tkey/ns1/named.conf.in +++ b/bin/tests/system/tkey/ns1/named.conf.in @@ -15,7 +15,7 @@ options { query-source address 10.53.0.1; notify-source 10.53.0.1; transfer-source 10.53.0.1; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.1; }; listen-on-v6 { none; }; @@ -32,7 +32,7 @@ key rndc_key { }; controls { - inet 10.53.0.1 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.1 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; key "tkeytest." { diff --git a/bin/tests/system/tkey/ns1/setup.sh b/bin/tests/system/tkey/ns1/setup.sh index a5343396b9..a8f43ca300 100644 --- a/bin/tests/system/tkey/ns1/setup.sh +++ b/bin/tests/system/tkey/ns1/setup.sh @@ -9,10 +9,10 @@ # See the COPYRIGHT file distributed with this work for additional # information regarding copyright ownership. -SYSTEMTESTTOP=../.. -. $SYSTEMTESTTOP/conf.sh +set -e -keyname=`$KEYGEN -T KEY -a DH -b 768 -n host server` -keyid=$(keyfile_to_key_id $keyname) -rm -f named.conf -sed -e "s;KEYID;$keyid;" < named.conf.in > named.conf +. "$SYSTEMTESTTOP/conf.sh" + +keyname=$($KEYGEN -T KEY -a DH -b 768 -n host server) +keyid=$(keyfile_to_key_id "$keyname") +sed -i -e "s;KEYID;$keyid;" named.conf diff --git a/bin/tests/system/tkey/setup.sh b/bin/tests/system/tkey/setup.sh index 6e143976a2..014c1eb18f 100644 --- a/bin/tests/system/tkey/setup.sh +++ b/bin/tests/system/tkey/setup.sh @@ -9,7 +9,10 @@ # See the COPYRIGHT file distributed with this work for additional # information regarding copyright ownership. -SYSTEMTESTTOP=.. -. $SYSTEMTESTTOP/conf.sh +set -e + +. "$SYSTEMTESTTOP/conf.sh" + +copy_setports ns1/named.conf.in ns1/named.conf cd ns1 && $SHELL setup.sh diff --git a/bin/tests/system/tkey/tests.sh b/bin/tests/system/tkey/tests.sh index a293d32b2b..f7d816e372 100644 --- a/bin/tests/system/tkey/tests.sh +++ b/bin/tests/system/tkey/tests.sh @@ -9,137 +9,153 @@ # See the COPYRIGHT file distributed with this work for additional # information regarding copyright ownership. -SYSTEMTESTTOP=.. -. $SYSTEMTESTTOP/conf.sh +set -e -DIGOPTS="@10.53.0.1 -p 5300" +. "$SYSTEMTESTTOP/conf.sh" + +dig_with_opts() { + "$DIG" @10.53.0.1 -p "$PORT" "$@" +} status=0 +n=1 -echo "I:generating new DH key" +echo "I:generating new DH key ($n)" ret=0 -dhkeyname=`$KEYGEN -T KEY -a DH -b 768 -n host client` || ret=1 +dhkeyname=$($KEYGEN -T KEY -a DH -b 768 -n host client) || ret=1 if [ $ret != 0 ]; then echo "I:failed" - status=`expr $status + $ret` + status=$((status+ret)) echo "I:exit status: $status" exit $status fi -status=`expr $status + $ret` +status=$((status+ret)) +n=$((n+1)) for owner in . foo.example. do - echo "I:creating new key using owner name \"$owner\"" + echo "I:creating new key using owner name \"$owner\" ($n)" ret=0 - keyname=`$KEYCREATE $dhkeyname $owner` || ret=1 + keyname=$($KEYCREATE 10.53.0.1 "$PORT" "$dhkeyname" $owner) || ret=1 if [ $ret != 0 ]; then echo "I:failed" - status=`expr $status + $ret` + status=$((status+ret)) echo "I:exit status: $status" exit $status fi - status=`expr $status + $ret` + status=$((status+ret)) + n=$((n+1)) - echo "I:checking the new key" + echo "I:checking the new key ($n)" ret=0 - $DIG $DIGOPTS txt txt.example -k $keyname > dig.out.1 || ret=1 - grep "status: NOERROR" dig.out.1 > /dev/null || ret=1 - grep "TSIG.*hmac-md5.*NOERROR" dig.out.1 > /dev/null || ret=1 - grep "Some TSIG could not be validated" dig.out.1 > /dev/null && ret=1 + dig_with_opts txt txt.example -k "$keyname" > dig.out.test$n || ret=1 + grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 + grep "TSIG.*hmac-md5.*NOERROR" dig.out.test$n > /dev/null || ret=1 + grep "Some TSIG could not be validated" dig.out.test$n > /dev/null && ret=1 if [ $ret != 0 ]; then echo "I:failed" fi - status=`expr $status + $ret` + status=$((status+ret)) + n=$((n+1)) - echo "I:deleting new key" + echo "I:deleting new key ($n)" ret=0 - $KEYDELETE $keyname || ret=1 + $KEYDELETE 10.53.0.1 "$PORT" "$keyname" || ret=1 if [ $ret != 0 ]; then echo "I:failed" fi - status=`expr $status + $ret` + status=$((status+ret)) + n=$((n+1)) - echo "I:checking that new key has been deleted" + echo "I:checking that new key has been deleted ($n)" ret=0 - $DIG $DIGOPTS txt txt.example -k $keyname > dig.out.2 || ret=1 - grep "status: NOERROR" dig.out.2 > /dev/null && ret=1 - grep "TSIG.*hmac-md5.*NOERROR" dig.out.2 > /dev/null && ret=1 - grep "Some TSIG could not be validated" dig.out.2 > /dev/null || ret=1 + dig_with_opts txt txt.example -k "$keyname" > dig.out.test$n || ret=1 + grep "status: NOERROR" dig.out.test$n > /dev/null && ret=1 + grep "TSIG.*hmac-md5.*NOERROR" dig.out.test$n > /dev/null && ret=1 + grep "Some TSIG could not be validated" dig.out.test$n > /dev/null || ret=1 if [ $ret != 0 ]; then echo "I:failed" fi - status=`expr $status + $ret` + status=$((status+ret)) + n=$((n+1)) done -echo "I:creating new key using owner name bar.example." +echo "I:creating new key using owner name bar.example. ($n)" ret=0 -keyname=`$KEYCREATE $dhkeyname bar.example.` || ret=1 +keyname=$($KEYCREATE 10.53.0.1 "$PORT" "$dhkeyname" bar.example.) || ret=1 if [ $ret != 0 ]; then echo "I:failed" - status=`expr $status + $ret` + status=$((status+ret)) echo "I:exit status: $status" exit $status fi -status=`expr $status + $ret` +status=$((status+ret)) +n=$((n+1)) -echo "I:checking the key with 'rndc tsig-list'" +echo "I:checking the key with 'rndc tsig-list' ($n)" ret=0 -$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 tsig-list > rndc.out.1 -grep "key \"bar.example.server" rndc.out.1 > /dev/null || ret=1 +$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p "$CONTROLPORT" tsig-list > rndc.out.test$n +grep "key \"bar.example.server" rndc.out.test$n > /dev/null || ret=1 if [ $ret != 0 ]; then echo "I:failed" fi -status=`expr $status + $ret` +status=$((status+ret)) +n=$((n+1)) -echo "I:using key in a request" +echo "I:using key in a request ($n)" ret=0 -$DIG $DIGOPTS -k $keyname txt.example txt > dig.out.3 || ret=1 -grep "status: NOERROR" dig.out.3 > /dev/null || ret=1 +dig_with_opts -k "$keyname" txt.example txt > dig.out.test$n || ret=1 +grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 if [ $ret != 0 ]; then echo "I:failed" fi -status=`expr $status + $ret` +status=$((status+ret)) +n=$((n+1)) -echo "I:deleting the key with 'rndc tsig-delete'" +echo "I:deleting the key with 'rndc tsig-delete' ($n)" ret=0 -$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 tsig-delete bar.example.server > /dev/null || ret=1 -$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 tsig-list > rndc.out.2 -grep "key \"bar.example.server" rndc.out.2 > /dev/null && ret=1 -$DIG $DIGOPTS -k $keyname txt.example txt > dig.out.4 || ret=1 -grep "TSIG could not be validated" dig.out.4 > /dev/null || ret=1 +$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p "$CONTROLPORT" tsig-delete bar.example.server > /dev/null || ret=1 +$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p "$CONTROLPORT" tsig-list > rndc.out.test$n +grep "key \"bar.example.server" rndc.out.test$n > /dev/null && ret=1 +dig_with_opts -k "$keyname" txt.example txt > dig.out.test$n || ret=1 +grep "TSIG could not be validated" dig.out.test$n > /dev/null || ret=1 if [ $ret != 0 ]; then echo "I:failed" fi -status=`expr $status + $ret` +status=$((status+ret)) +n=$((n+1)) -echo "I:recreating the bar.example. key" +echo "I:recreating the bar.example. key ($n)" ret=0 -keyname=`$KEYCREATE $dhkeyname bar.example.` || ret=1 +keyname=$($KEYCREATE 10.53.0.1 "$PORT" "$dhkeyname" bar.example.) || ret=1 if [ $ret != 0 ]; then echo "I:failed" - status=`expr $status + $ret` + status=$((status+ret)) echo "I:exit status: $status" exit $status fi -status=`expr $status + $ret` +status=$((status+ret)) +n=$((n+1)) -echo "I:checking the new key with 'rndc tsig-list'" +echo "I:checking the new key with 'rndc tsig-list' ($n)" ret=0 -$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 tsig-list > rndc.out.3 -grep "key \"bar.example.server" rndc.out.3 > /dev/null || ret=1 +$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p "$CONTROLPORT" tsig-list > rndc.out.test$n +grep "key \"bar.example.server" rndc.out.test$n > /dev/null || ret=1 if [ $ret != 0 ]; then echo "I:failed" fi -status=`expr $status + $ret` +status=$((status+ret)) +n=$((n+1)) -echo "I:using the new key in a request" +echo "I:using the new key in a request ($n)" ret=0 -$DIG $DIGOPTS -k $keyname txt.example txt > dig.out.5 || ret=1 -grep "status: NOERROR" dig.out.5 > /dev/null || ret=1 +dig_with_opts -k "$keyname" txt.example txt > dig.out.test$n || ret=1 +grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 if [ $ret != 0 ]; then echo "I:failed" fi -status=`expr $status + $ret` +status=$((status+ret)) +n=$((n+1)) echo "I:exit status: $status" [ $status -eq 0 ] || exit 1