diff --git a/bin/tests/system/dnssec/tests.sh b/bin/tests/system/dnssec/tests.sh index 4a04e98a7d..479e40452b 100644 --- a/bin/tests/system/dnssec/tests.sh +++ b/bin/tests/system/dnssec/tests.sh @@ -1103,10 +1103,15 @@ status=$((status+ret)) # Should work with FIPS mode as we are only validating echo_i "checking positive validation RSASHA1 NSEC ($n)" ret=0 -dig_with_opts +noauth a.rsasha1.example. @10.53.0.3 a > dig.out.ns3.test$n || ret=1 -dig_with_opts +noauth a.rsasha1.example. @10.53.0.4 a > dig.out.ns4.test$n || ret=1 -digcomp dig.out.ns3.test$n dig.out.ns4.test$n || ret=1 -grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1 +if $FEATURETEST --rsasha1 +then + dig_with_opts +noauth a.rsasha1.example. @10.53.0.3 a > dig.out.ns3.test$n || ret=1 + dig_with_opts +noauth a.rsasha1.example. @10.53.0.4 a > dig.out.ns4.test$n || ret=1 + digcomp dig.out.ns3.test$n dig.out.ns4.test$n || ret=1 + grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1 +else + echo_i "skip: RSASHA1 not supported by OS" +fi n=$((n+1)) test "$ret" -eq 0 || echo_i "failed" status=$((status+ret)) @@ -1114,10 +1119,15 @@ status=$((status+ret)) # Should work with FIPS mode as we are only validating echo_i "checking positive validation RSASHA1 (1024 bits) NSEC ($n)" ret=0 -dig_with_opts +noauth a.rsasha1-1024.example. @10.53.0.3 a > dig.out.ns3.test$n || ret=1 -dig_with_opts +noauth a.rsasha1-1024.example. @10.53.0.4 a > dig.out.ns4.test$n || ret=1 -digcomp dig.out.ns3.test$n dig.out.ns4.test$n || ret=1 -grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1 +if $FEATURETEST --rsasha1 +then + dig_with_opts +noauth a.rsasha1-1024.example. @10.53.0.3 a > dig.out.ns3.test$n || ret=1 + dig_with_opts +noauth a.rsasha1-1024.example. @10.53.0.4 a > dig.out.ns4.test$n || ret=1 + digcomp dig.out.ns3.test$n dig.out.ns4.test$n || ret=1 + grep "flags:.*ad.*QUERY" dig.out.ns4.test$n > /dev/null || ret=1 +else + echo_i "skip: RSASHA1 not supported by OS" +fi n=$((n+1)) test "$ret" -eq 0 || echo_i "failed" status=$((status+ret))