mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-08-22 01:59:26 +00:00
Code Issues Releases Wiki Activity

rename keyfile_to_*_keys system test shell functions

Browse Source 
- keyfile_to_trusted_keys -> keyfile_to_static_keys
- keyfile_to_managed_keys -> keyfile_to_initial_keys
This commit is contained in:
Evan Hunt 2019-06-04 18:36:59 -07:00
parent 821f041d8c
commit 0ef5b8edb7
28 changed files with 59 additions and 59 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
bin/tests/system/autosign/ns1/keygen.sh
View File

@ -33,12 +33,12 @@ rm $zsknopriv.private
ksksby=`$KEYGEN -3 -a RSASHA1 -q -P now -A now+15s -fk $zone`
kskrev=`$KEYGEN -3 -a RSASHA1 -q -R now+15s -fk $zone`
keyfile_to_trusted_keys $ksksby > trusted.conf
keyfile_to_static_keys $ksksby > trusted.conf
cp trusted.conf ../ns2/trusted.conf
cp trusted.conf ../ns3/trusted.conf
cp trusted.conf ../ns4/trusted.conf
keyfile_to_trusted_keys $kskrev > trusted.conf
keyfile_to_static_keys $kskrev > trusted.conf
cp trusted.conf ../ns5/trusted.conf
echo $zskact > ../active.key

2
bin/tests/system/autosign/ns2/keygen.sh
View File

@ -37,7 +37,7 @@ zonefile="${zone}.db"
infile="${zonefile}.in"
ksk=`$KEYGEN -a RSASHA1 -3 -q -fk $zone`
$KEYGEN -a RSASHA1 -3 -q $zone > /dev/null
keyfile_to_trusted_keys $ksk > private.conf
keyfile_to_static_keys $ksk > private.conf
cp private.conf ../ns4/private.conf
$SIGNER -S -3 beef -A -o $zone -f $zonefile $infile > /dev/null 2>&1

12
bin/tests/system/conf.sh.common
View File

@ -225,17 +225,17 @@ keyfile_to_keys_section() {
echo "};"
}
# keyfile_to_trusted_keys: convert key data contained in the keyfile(s)
# keyfile_to_static_keys: convert key data contained in the keyfile(s)
# provided to a *static* "dnssec-keys" section suitable for including in a
# resolver's configuration file
keyfile_to_trusted_keys() {
keyfile_to_static_keys() {
keyfile_to_keys_section "dnssec-keys" "static-key" $*
}
# keyfile_to_managed_keys: convert key data contained in the keyfile(s)
# provided to a "dnssec-keys" section suitable for including in a
# resolver's configuration file
keyfile_to_managed_keys() {
# keyfile_to_initial_keys: convert key data contained in the keyfile(s)
# provided to an *initialzing* "dnssec-keys" section suitable for including
# in a resolver's configuration file
keyfile_to_initial_keys() {
keyfile_to_keys_section "dnssec-keys" "initial-key" $*
}

2
bin/tests/system/dlv/ns1/sign.sh
View File

@ -32,7 +32,7 @@ $SIGNER -g -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signe
echo_i "signed $zone"
keyfile_to_trusted_keys $keyname2 > trusted.conf
keyfile_to_static_keys $keyname2 > trusted.conf
cp trusted.conf ../ns5
cp trusted.conf ../ns7
cp trusted.conf ../ns8

6
bin/tests/system/dlv/ns3/sign.sh
View File

@ -378,18 +378,18 @@ do
case $zone in
"dlv.utld")
$SIGNER -O full -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err
keyfile_to_trusted_keys $keyname2 > ../ns5/trusted-dlv.conf
keyfile_to_static_keys $keyname2 > ../ns5/trusted-dlv.conf
;;
"disabled-algorithm-dlv.utld")
$SIGNER -O full -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err
keyfile_to_trusted_keys $keyname2 > ../ns8/trusted-dlv-disabled.conf
keyfile_to_static_keys $keyname2 > ../ns8/trusted-dlv-disabled.conf
;;
"unsupported-algorithm-dlv.utld")
cp ${keyname2}.key ${keyname2}.tmp
$SIGNER -O full -o $zone -f ${outfile}.tmp $zonefile > /dev/null 2> signer.err || cat signer.err
awk '$4 == "DNSKEY" { $7 = 255 } $4 == "RRSIG" { $6 = 255 } { print }' ${outfile}.tmp > $outfile
awk '$3 == "DNSKEY" { $6 = 255 } { print }' ${keyname2}.tmp > ${keyname2}.key
keyfile_to_trusted_keys $keyname2 > ../ns7/trusted-dlv-unsupported.conf
keyfile_to_static_keys $keyname2 > ../ns7/trusted-dlv-unsupported.conf
;;
esac

8
bin/tests/system/dnssec/ns1/sign.sh
View File

@ -37,8 +37,8 @@ cat "$infile" "$keyname.key" > "$zonefile"
"$SIGNER" -P -g -o "$zone" "$zonefile" > /dev/null 2>&1
# Configure the resolving server with a trusted key.
keyfile_to_trusted_keys "$keyname" > trusted.conf
# Configure the resolving server with a staitc key.
keyfile_to_static_keys "$keyname" > trusted.conf
cp trusted.conf ../ns2/trusted.conf
cp trusted.conf ../ns3/trusted.conf
cp trusted.conf ../ns4/trusted.conf
@ -46,8 +46,8 @@ cp trusted.conf ../ns6/trusted.conf
cp trusted.conf ../ns7/trusted.conf
cp trusted.conf ../ns9/trusted.conf
# ...or with a managed key.
keyfile_to_managed_keys "$keyname" > managed.conf
# ...or with an initializing key.
keyfile_to_initial_keys "$keyname" > managed.conf
cp managed.conf ../ns4/managed.conf
#

4
bin/tests/system/dnssec/ns3/sign.sh
View File

@ -66,10 +66,10 @@ do
case $tld in
"managed")
keyfile_to_managed_keys $keyname1 $keyname2 $keyname3 $keyname4 $keyname5 > ../ns8/managed.conf
keyfile_to_initial_keys $keyname1 $keyname2 $keyname3 $keyname4 $keyname5 > ../ns8/managed.conf
;;
"trusted")
keyfile_to_trusted_keys $keyname1 $keyname2 $keyname3 $keyname4 $keyname5 > ../ns8/trusted.conf
keyfile_to_static_keys $keyname1 $keyname2 $keyname3 $keyname4 $keyname5 > ../ns8/trusted.conf
;;
esac
done

4
bin/tests/system/dnssec/ns5/sign.sh
View File

@ -23,7 +23,7 @@ zonefile=root.db.signed
keyname=$("$KEYGEN" -q -a "$DEFAULT_ALGORITHM" -b "$DEFAULT_BITS" -f KSK "$zone")
# copy the KSK out first, then revoke it
keyfile_to_managed_keys "$keyname" > revoked.conf
keyfile_to_initial_keys "$keyname" > revoked.conf
"$SETTIME" -R now "${keyname}.key" > /dev/null
@ -34,4 +34,4 @@ keyfile_to_managed_keys "$keyname" > revoked.conf
keyname=$("$KEYGEN" -q -a "$DEFAULT_ALGORITHM" -b "$DEFAULT_BITS" -n zone ".")
keyfile_to_trusted_keys "$keyname" > trusted.conf
keyfile_to_static_keys "$keyname" > trusted.conf

4
bin/tests/system/dsdigest/ns1/sign.sh
View File

@ -28,8 +28,8 @@ cat $infile $key1.key $key2.key > $zonefile
$SIGNER -P -g -o $zone $zonefile > /dev/null
# Configure the resolving server with a trusted key.
keyfile_to_trusted_keys $key2 > trusted.conf
# Configure the resolving server with a static key.
keyfile_to_static_keys $key2 > trusted.conf
cp trusted.conf ../ns2/trusted.conf
cp trusted.conf ../ns3/trusted.conf
cp trusted.conf ../ns4/trusted.conf

4
bin/tests/system/ecdsa/ns1/sign.sh
View File

@ -24,6 +24,6 @@ cat $infile $key1.key $key2.key > $zonefile
$SIGNER -P -g -o $zone $zonefile > /dev/null 2> signer.err || cat signer.err
# Configure the resolving server with a trusted key.
keyfile_to_trusted_keys $key1 > trusted.conf
# Configure the resolving server with a static key.
keyfile_to_static_keys $key1 > trusted.conf
cp trusted.conf ../ns2/trusted.conf

4
bin/tests/system/eddsa/ns1/sign.sh
View File

@ -25,8 +25,8 @@ cat $infile $key1.key $key2.key > $zonefile
$SIGNER -P -g -o $zone $zonefile > /dev/null 2> signer.err || cat signer.err
# Configure the resolving server with a trusted key.
keyfile_to_trusted_keys $key1 > trusted.conf
# Configure the resolving server with a static key.
keyfile_to_static_keys $key1 > trusted.conf
cp trusted.conf ../ns2/trusted.conf
cd ../ns2 && $SHELL sign.sh

2
bin/tests/system/filter-aaaa/ns1/sign.sh
View File

@ -26,7 +26,7 @@ $KEYGEN -f KSK -a $DEFAULT_ALGORITHM $zone 2>&1 > keygen.out | cat_i
keyname=`cat keygen.out`
rm -f keygen.out
keyfile_to_trusted_keys $keyname > trusted.conf
keyfile_to_static_keys $keyname > trusted.conf
cp trusted.conf ../ns2/trusted.conf
cp trusted.conf ../ns3/trusted.conf
cp trusted.conf ../ns5/trusted.conf

2
bin/tests/system/inline/ns1/sign.sh
View File

@ -20,5 +20,5 @@ keyname=`$KEYGEN -q -a RSASHA1 -b 1024 -n zone -f KSK $zone`
$SIGNER -S -x -T 1200 -o ${zone} root.db > signer.out 2>&1
[ $? = 0 ] || cat signer.out
keyfile_to_trusted_keys $keyname > trusted.conf
keyfile_to_static_keys $keyname > trusted.conf
cp trusted.conf ../ns6/trusted.conf

2
bin/tests/system/legacy/ns7/sign.sh
View File

@ -28,5 +28,5 @@ cat $infile $keyname1.key $keyname2.key >$zonefile
$SIGNER -g -o $zone -f $outfile -e +30y $zonefile > /dev/null 2> signer.err || cat signer.err
keyfile_to_trusted_keys $keyname2 > trusted.conf
keyfile_to_static_keys $keyname2 > trusted.conf
cp trusted.conf ../ns1

2
bin/tests/system/mirror/ns1/sign.sh
View File

@ -33,4 +33,4 @@ $SIGNER -P -g -o $zone $zonefile > /dev/null
# irrelevant here, so just reuse the root zone key generated above.
sed "s/^\./nonexistent./;" $keyname1.key > $keyname1.modified.key
keyfile_to_trusted_keys $keyname1 $keyname1.modified > trusted.conf
keyfile_to_static_keys $keyname1 $keyname1.modified > trusted.conf

2
bin/tests/system/mirror/ns2/sign.sh
View File

@ -75,4 +75,4 @@ for variant in addzone axfr ixfr load reconfig untrusted; do
fi
done
keyfile_to_trusted_keys $keys_to_trust > trusted-mirror.conf
keyfile_to_static_keys $keys_to_trust > trusted-mirror.conf

8
bin/tests/system/mkeys/ns1/sign.sh
View File

@ -20,14 +20,14 @@ zskkeyname=`$KEYGEN -a rsasha256 -q $zone`
$SIGNER -Sg -o $zone $zonefile > /dev/null 2>/dev/null
# Configure the resolving server with a managed trusted key.
keyfile_to_managed_keys $keyname > managed.conf
# Configure the resolving server with an initializing key.
keyfile_to_initial_keys $keyname > managed.conf
cp managed.conf ../ns2/managed.conf
cp managed.conf ../ns4/managed.conf
cp managed.conf ../ns5/managed.conf
# Configure a trusted key statement (used by delv).
keyfile_to_trusted_keys $keyname > trusted.conf
# Configure a static key to be used by delv.
keyfile_to_static_keys $keyname > trusted.conf
# Prepare an unsupported algorithm key.
unsupportedkey=Kunknown.+255+00000

4
bin/tests/system/mkeys/ns6/setup.sh
View File

@ -26,5 +26,5 @@ cp unsupported-managed.key "${unsupportedkey}.key"
rootkey=`cat ../ns1/managed.key`
cp "../ns1/${rootkey}.key" .
# Configure the resolving server with a managed trusted key.
keyfile_to_managed_keys $unsupportedkey $rsakey $rootkey > managed.conf
# Configure the resolving server with an initializing key.
keyfile_to_initial_keys $unsupportedkey $rsakey $rootkey > managed.conf

2
bin/tests/system/mkeys/tests.sh
View File

@ -301,7 +301,7 @@ status=`expr $status + $ret`
echo_i "reinitialize trust anchors, add second key to bind.keys"
$PERL $SYSTEMTESTTOP/stop.pl --use-rndc --port ${CONTROLPORT} mkeys ns2
rm -f ns2/managed-keys.bind*
keyfile_to_managed_keys ns1/$original ns1/$standby1 > ns2/managed.conf
keyfile_to_initial_keys ns1/$original ns1/$standby1 > ns2/managed.conf
nextpart ns2/named.run > /dev/null
$PERL $SYSTEMTESTTOP/start.pl --noclean --restart --port ${PORT} mkeys ns2

4
bin/tests/system/pending/ns1/sign.sh
View File

@ -27,8 +27,8 @@ cat $infile $keyname1.key $keyname2.key > $zonefile
$SIGNER -g -o $zone $zonefile > /dev/null 2>&1
# Configure the resolving server with a trusted key.
keyfile_to_trusted_keys $keyname2 > trusted.conf
# Configure the resolving server with a static key.
keyfile_to_static_keys $keyname2 > trusted.conf
cp trusted.conf ../ns2/trusted.conf
cp trusted.conf ../ns3/trusted.conf
cp trusted.conf ../ns4/trusted.conf

4
bin/tests/system/resolver/ns6/keygen.sh
View File

@ -30,5 +30,5 @@ zsk=`$KEYGEN -q -a rsasha256 $zone`
cat $ksk.key $zsk.key dsset-ds.example.net$TP >> $zonefile
$SIGNER -P -o $zone $zonefile > /dev/null 2>&1
# Configure a trusted key statement (used by delv)
keyfile_to_trusted_keys $ksk > ../ns5/trusted.conf
# Configure a static key to be used by delv
keyfile_to_static_keys $ksk > ../ns5/trusted.conf

4
bin/tests/system/rootkeysentinel/ns1/sign.sh
View File

@ -27,8 +27,8 @@ cat $infile $keyname.key > $zonefile
$SIGNER -P -g -o $zone $zonefile > /dev/null
# Configure the resolving server with a trusted key.
keyfile_to_trusted_keys $keyname > trusted.conf
# Configure the resolving server with a static key.
keyfile_to_static_keys $keyname > trusted.conf
cp trusted.conf ../ns2/trusted.conf
cp trusted.conf ../ns3/trusted.conf
cp trusted.conf ../ns4/trusted.conf

4
bin/tests/system/rsabigexponent/ns1/sign.sh
View File

@ -24,8 +24,8 @@ cat $infile $keyname.key > $zonefile
$SIGNER -P -g -o $zone $zonefile > /dev/null
# Configure the resolving server with a trusted key.
keyfile_to_trusted_keys $keyname > trusted.conf
# Configure the resolving server with a static key.
keyfile_to_static_keys $keyname > trusted.conf
cp trusted.conf ../ns2/trusted.conf
cp trusted.conf ../ns3/trusted.conf

8
bin/tests/system/sfcache/ns1/sign.sh
View File

@ -28,9 +28,9 @@ cat "$infile" "$keyname.key" > "$zonefile"
$SIGNER -P -g -o $zone $zonefile > /dev/null
# Configure the resolving server with a trusted key.
keyfile_to_trusted_keys "$keyname" > trusted.conf
# Configure the resolving server with a static key.
keyfile_to_static_keys "$keyname" > trusted.conf
cp trusted.conf ../ns2/trusted.conf
# ...or with a managed key.
keyfile_to_managed_keys "$keyname" > managed.conf
# ...or with an initializing key.
keyfile_to_initial_keys "$keyname" > managed.conf

2
bin/tests/system/sfcache/ns5/sign.sh
View File

@ -16,4 +16,4 @@ set -e
keyname=$("$KEYGEN" -q -a "$DEFAULT_ALGORITHM" -b "$DEFAULT_BITS" -n zone ".")
keyfile_to_trusted_keys "$keyname" > trusted.conf
keyfile_to_static_keys "$keyname" > trusted.conf

4
bin/tests/system/staticstub/ns3/sign.sh
View File

@ -27,7 +27,7 @@ cat $infile $keyname1.key $keyname2.key > $zonefile
$SIGNER -g -o $zone $zonefile > /dev/null 2>&1
# Configure the resolving server with a trusted key.
keyfile_to_trusted_keys $keyname2 > trusted.conf
keyfile_to_static_keys $keyname2 > trusted.conf
zone=undelegated
infile=undelegated.db.in
@ -38,5 +38,5 @@ cat $infile $keyname1.key $keyname2.key > $zonefile
$SIGNER -g -o $zone $zonefile > /dev/null 2>&1
keyfile_to_trusted_keys $keyname2 >> trusted.conf
keyfile_to_static_keys $keyname2 >> trusted.conf
cp trusted.conf ../ns2/trusted.conf

4
bin/tests/system/synthfromdnssec/ns1/sign.sh
View File

@ -39,5 +39,5 @@ cat "$infile" "$keyname.key" > "$zonefile"
$SIGNER -P -g -o $zone $zonefile > /dev/null 2>&1
# Configure the resolving server with a trusted key.
keyfile_to_trusted_keys "$keyname" > trusted.conf
# Configure the resolving server with a static key.
keyfile_to_static_keys "$keyname" > trusted.conf

6
bin/tests/system/wildcard/ns1/sign.sh
View File

@ -57,7 +57,7 @@ cat $infile $keyname1.key $keyname2.key > $zonefile
$SIGNER -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err
echo_i "signed $zone"
keyfile_to_trusted_keys $keyname2 > private.nsec.conf
keyfile_to_static_keys $keyname2 > private.nsec.conf
zone=nsec3
infile=nsec3.db.in
@ -86,7 +86,7 @@ cat $infile $keyname1.key $keyname2.key > $zonefile
$SIGNER -3 - -H 10 -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err
echo_i "signed $zone"
keyfile_to_trusted_keys $keyname2 > private.nsec3.conf
keyfile_to_static_keys $keyname2 > private.nsec3.conf
zone=.
infile=root.db.in
@ -101,4 +101,4 @@ cat $infile $keyname1.key $keyname2.key $dssets >$zonefile
$SIGNER -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err
echo_i "signed $zone"
keyfile_to_trusted_keys $keyname2 > trusted.conf
keyfile_to_static_keys $keyname2 > trusted.conf