From cfbb46201f55dfe6787c75dcc17b99bf33f1f907 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Sur=C3=BD?= Date: Wed, 18 Mar 2020 15:33:52 +0100 Subject: [PATCH] Fix the tkey system test to allow parallel run The tkey test was not adapted to dynamic ports, so we had to run it in sequence. This commit adds support for dynamic ports, and also makes all the scripts shellcheck clean. --- bin/tests/system/conf.sh.common | 4 +- bin/tests/system/tkey/clean.sh | 17 ++-- bin/tests/system/tkey/keycreate.c | 22 ++-- bin/tests/system/tkey/keydelete.c | 13 ++- bin/tests/system/tkey/ns1/named.conf.in | 4 +- bin/tests/system/tkey/ns1/setup.sh | 12 +-- bin/tests/system/tkey/setup.sh | 7 +- bin/tests/system/tkey/tests.sh | 130 +++++++++++++----------- 8 files changed, 118 insertions(+), 91 deletions(-) diff --git a/bin/tests/system/conf.sh.common b/bin/tests/system/conf.sh.common index 407f1b9800..f34f86e728 100644 --- a/bin/tests/system/conf.sh.common +++ b/bin/tests/system/conf.sh.common @@ -37,7 +37,7 @@ export LANG=C # SEQUENTIAL_UNIX in conf.sh.in; those that only run on windows should # be added to SEQUENTIAL_WINDOWS in conf.sh.win32. # -SEQUENTIAL_COMMON="tkey" +SEQUENTIAL_COMMON="" # # These tests can use ports assigned by the caller (other than 5300 @@ -70,7 +70,7 @@ PARALLEL_COMMON="dnssec rpzrecurse serve-stale \ rrchecker rrl rrsetorder rsabigexponent runtime \ sfcache smartsign sortlist \ spf staticstub statistics statschannel stub synthfromdnssec \ - tcp tools tsig tsiggss ttl \ + tcp tkey tools tsig tsiggss ttl \ unknown upforwd verify views wildcard \ xfer xferquota zero zonechecks" diff --git a/bin/tests/system/tkey/clean.sh b/bin/tests/system/tkey/clean.sh index cf1557927e..56a8846a43 100644 --- a/bin/tests/system/tkey/clean.sh +++ b/bin/tests/system/tkey/clean.sh @@ -9,10 +9,15 @@ # See the COPYRIGHT file distributed with this work for additional # information regarding copyright ownership. -rm -f dig.out.* rndc.out.* ns1/named.conf -rm -f K* ns1/K* -rm -f */named.memstats -rm -f */named.run -rm -f ns1/_default.tsigkeys -rm -f ns*/named.lock +set -e + +rm -f ./K* +rm -f ./dig.out.* +rm -f ./rndc.out.* +rm -f ns*/K* +rm -f ns*/_default.tsigkeys rm -f ns*/managed-keys.bind* +rm -f ns*/named.conf +rm -f ns*/named.lock +rm -f ns*/named.memstats +rm -f ns*/named.run diff --git a/bin/tests/system/tkey/keycreate.c b/bin/tests/system/tkey/keycreate.c index cf15fd3544..cdd0f7a7a5 100644 --- a/bin/tests/system/tkey/keycreate.c +++ b/bin/tests/system/tkey/keycreate.c @@ -52,9 +52,11 @@ #define RUNCHECK(x) RUNTIME_CHECK((x) == ISC_R_SUCCESS) -#define PORT 5300 #define TIMEOUT 30 +static char *ip_address = NULL; +static int port = 0; + static dst_key_t *ourkey; static isc_mem_t *mctx; static dns_tsigkey_t *tsigkey, *initialkey; @@ -141,10 +143,10 @@ sendquery(isc_task_t *task, isc_event_t *event) { isc_event_free(&event); result = ISC_R_FAILURE; - if (inet_pton(AF_INET, "10.53.0.1", &inaddr) != 1) { + if (inet_pton(AF_INET, ip_address, &inaddr) != 1) { CHECK("inet_pton", result); } - isc_sockaddr_fromin(&address, &inaddr, PORT); + isc_sockaddr_fromin(&address, &inaddr, port); dns_fixedname_init(&keyname); isc_buffer_constinit(&namestr, "tkeytest.", 9); @@ -210,18 +212,16 @@ main(int argc, char *argv[]) { RUNCHECK(isc_app_start()); - if (argc < 2) { + if (argc < 4) { fprintf(stderr, "I:no DH key provided\n"); exit(-1); } - if (strcmp(argv[1], "-r") == 0) { - fprintf(stderr, "I:the -r option has been deprecated\n"); - exit(-1); - } - ourkeyname = argv[1]; + ip_address = argv[1]; + port = atoi(argv[2]); + ourkeyname = argv[3]; - if (argc >= 3) { - ownername_str = argv[2]; + if (argc >= 5) { + ownername_str = argv[4]; } dns_result_register(); diff --git a/bin/tests/system/tkey/keydelete.c b/bin/tests/system/tkey/keydelete.c index 52f9c31ec8..d2b850d64c 100644 --- a/bin/tests/system/tkey/keydelete.c +++ b/bin/tests/system/tkey/keydelete.c @@ -51,9 +51,10 @@ #define RUNCHECK(x) RUNTIME_CHECK((x) == ISC_R_SUCCESS) -#define PORT 5300 #define TIMEOUT 30 +static char *ip_address; +static int port; static isc_mem_t *mctx; static dns_tsigkey_t *tsigkey; static dns_tsig_keyring_t *ring; @@ -114,10 +115,10 @@ sendquery(isc_task_t *task, isc_event_t *event) { isc_event_free(&event); result = ISC_R_FAILURE; - if (inet_pton(AF_INET, "10.53.0.1", &inaddr) != 1) { + if (inet_pton(AF_INET, ip_address, &inaddr) != 1) { CHECK("inet_pton", result); } - isc_sockaddr_fromin(&address, &inaddr, PORT); + isc_sockaddr_fromin(&address, &inaddr, port); query = NULL; result = dns_message_create(mctx, DNS_MESSAGE_INTENTRENDER, &query); @@ -155,7 +156,7 @@ main(int argc, char **argv) { RUNCHECK(isc_app_start()); - if (argc < 2) { + if (argc < 4) { fprintf(stderr, "I:no key to delete\n"); exit(-1); } @@ -163,7 +164,9 @@ main(int argc, char **argv) { fprintf(stderr, "I:The -r options has been deprecated\n"); exit(-1); } - keyname = argv[1]; + ip_address = argv[1]; + port = atoi(argv[2]); + keyname = argv[3]; dns_result_register(); diff --git a/bin/tests/system/tkey/ns1/named.conf.in b/bin/tests/system/tkey/ns1/named.conf.in index 01331beafc..4496d32372 100644 --- a/bin/tests/system/tkey/ns1/named.conf.in +++ b/bin/tests/system/tkey/ns1/named.conf.in @@ -15,7 +15,7 @@ options { query-source address 10.53.0.1; notify-source 10.53.0.1; transfer-source 10.53.0.1; - port 5300; + port @PORT@; pid-file "named.pid"; listen-on { 10.53.0.1; }; listen-on-v6 { none; }; @@ -32,7 +32,7 @@ key rndc_key { }; controls { - inet 10.53.0.1 port 9953 allow { any; } keys { rndc_key; }; + inet 10.53.0.1 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; }; key "tkeytest." { diff --git a/bin/tests/system/tkey/ns1/setup.sh b/bin/tests/system/tkey/ns1/setup.sh index a5343396b9..a8f43ca300 100644 --- a/bin/tests/system/tkey/ns1/setup.sh +++ b/bin/tests/system/tkey/ns1/setup.sh @@ -9,10 +9,10 @@ # See the COPYRIGHT file distributed with this work for additional # information regarding copyright ownership. -SYSTEMTESTTOP=../.. -. $SYSTEMTESTTOP/conf.sh +set -e -keyname=`$KEYGEN -T KEY -a DH -b 768 -n host server` -keyid=$(keyfile_to_key_id $keyname) -rm -f named.conf -sed -e "s;KEYID;$keyid;" < named.conf.in > named.conf +. "$SYSTEMTESTTOP/conf.sh" + +keyname=$($KEYGEN -T KEY -a DH -b 768 -n host server) +keyid=$(keyfile_to_key_id "$keyname") +sed -i -e "s;KEYID;$keyid;" named.conf diff --git a/bin/tests/system/tkey/setup.sh b/bin/tests/system/tkey/setup.sh index 6e143976a2..014c1eb18f 100644 --- a/bin/tests/system/tkey/setup.sh +++ b/bin/tests/system/tkey/setup.sh @@ -9,7 +9,10 @@ # See the COPYRIGHT file distributed with this work for additional # information regarding copyright ownership. -SYSTEMTESTTOP=.. -. $SYSTEMTESTTOP/conf.sh +set -e + +. "$SYSTEMTESTTOP/conf.sh" + +copy_setports ns1/named.conf.in ns1/named.conf cd ns1 && $SHELL setup.sh diff --git a/bin/tests/system/tkey/tests.sh b/bin/tests/system/tkey/tests.sh index a293d32b2b..f7d816e372 100644 --- a/bin/tests/system/tkey/tests.sh +++ b/bin/tests/system/tkey/tests.sh @@ -9,137 +9,153 @@ # See the COPYRIGHT file distributed with this work for additional # information regarding copyright ownership. -SYSTEMTESTTOP=.. -. $SYSTEMTESTTOP/conf.sh +set -e -DIGOPTS="@10.53.0.1 -p 5300" +. "$SYSTEMTESTTOP/conf.sh" + +dig_with_opts() { + "$DIG" @10.53.0.1 -p "$PORT" "$@" +} status=0 +n=1 -echo "I:generating new DH key" +echo "I:generating new DH key ($n)" ret=0 -dhkeyname=`$KEYGEN -T KEY -a DH -b 768 -n host client` || ret=1 +dhkeyname=$($KEYGEN -T KEY -a DH -b 768 -n host client) || ret=1 if [ $ret != 0 ]; then echo "I:failed" - status=`expr $status + $ret` + status=$((status+ret)) echo "I:exit status: $status" exit $status fi -status=`expr $status + $ret` +status=$((status+ret)) +n=$((n+1)) for owner in . foo.example. do - echo "I:creating new key using owner name \"$owner\"" + echo "I:creating new key using owner name \"$owner\" ($n)" ret=0 - keyname=`$KEYCREATE $dhkeyname $owner` || ret=1 + keyname=$($KEYCREATE 10.53.0.1 "$PORT" "$dhkeyname" $owner) || ret=1 if [ $ret != 0 ]; then echo "I:failed" - status=`expr $status + $ret` + status=$((status+ret)) echo "I:exit status: $status" exit $status fi - status=`expr $status + $ret` + status=$((status+ret)) + n=$((n+1)) - echo "I:checking the new key" + echo "I:checking the new key ($n)" ret=0 - $DIG $DIGOPTS txt txt.example -k $keyname > dig.out.1 || ret=1 - grep "status: NOERROR" dig.out.1 > /dev/null || ret=1 - grep "TSIG.*hmac-md5.*NOERROR" dig.out.1 > /dev/null || ret=1 - grep "Some TSIG could not be validated" dig.out.1 > /dev/null && ret=1 + dig_with_opts txt txt.example -k "$keyname" > dig.out.test$n || ret=1 + grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 + grep "TSIG.*hmac-md5.*NOERROR" dig.out.test$n > /dev/null || ret=1 + grep "Some TSIG could not be validated" dig.out.test$n > /dev/null && ret=1 if [ $ret != 0 ]; then echo "I:failed" fi - status=`expr $status + $ret` + status=$((status+ret)) + n=$((n+1)) - echo "I:deleting new key" + echo "I:deleting new key ($n)" ret=0 - $KEYDELETE $keyname || ret=1 + $KEYDELETE 10.53.0.1 "$PORT" "$keyname" || ret=1 if [ $ret != 0 ]; then echo "I:failed" fi - status=`expr $status + $ret` + status=$((status+ret)) + n=$((n+1)) - echo "I:checking that new key has been deleted" + echo "I:checking that new key has been deleted ($n)" ret=0 - $DIG $DIGOPTS txt txt.example -k $keyname > dig.out.2 || ret=1 - grep "status: NOERROR" dig.out.2 > /dev/null && ret=1 - grep "TSIG.*hmac-md5.*NOERROR" dig.out.2 > /dev/null && ret=1 - grep "Some TSIG could not be validated" dig.out.2 > /dev/null || ret=1 + dig_with_opts txt txt.example -k "$keyname" > dig.out.test$n || ret=1 + grep "status: NOERROR" dig.out.test$n > /dev/null && ret=1 + grep "TSIG.*hmac-md5.*NOERROR" dig.out.test$n > /dev/null && ret=1 + grep "Some TSIG could not be validated" dig.out.test$n > /dev/null || ret=1 if [ $ret != 0 ]; then echo "I:failed" fi - status=`expr $status + $ret` + status=$((status+ret)) + n=$((n+1)) done -echo "I:creating new key using owner name bar.example." +echo "I:creating new key using owner name bar.example. ($n)" ret=0 -keyname=`$KEYCREATE $dhkeyname bar.example.` || ret=1 +keyname=$($KEYCREATE 10.53.0.1 "$PORT" "$dhkeyname" bar.example.) || ret=1 if [ $ret != 0 ]; then echo "I:failed" - status=`expr $status + $ret` + status=$((status+ret)) echo "I:exit status: $status" exit $status fi -status=`expr $status + $ret` +status=$((status+ret)) +n=$((n+1)) -echo "I:checking the key with 'rndc tsig-list'" +echo "I:checking the key with 'rndc tsig-list' ($n)" ret=0 -$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 tsig-list > rndc.out.1 -grep "key \"bar.example.server" rndc.out.1 > /dev/null || ret=1 +$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p "$CONTROLPORT" tsig-list > rndc.out.test$n +grep "key \"bar.example.server" rndc.out.test$n > /dev/null || ret=1 if [ $ret != 0 ]; then echo "I:failed" fi -status=`expr $status + $ret` +status=$((status+ret)) +n=$((n+1)) -echo "I:using key in a request" +echo "I:using key in a request ($n)" ret=0 -$DIG $DIGOPTS -k $keyname txt.example txt > dig.out.3 || ret=1 -grep "status: NOERROR" dig.out.3 > /dev/null || ret=1 +dig_with_opts -k "$keyname" txt.example txt > dig.out.test$n || ret=1 +grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 if [ $ret != 0 ]; then echo "I:failed" fi -status=`expr $status + $ret` +status=$((status+ret)) +n=$((n+1)) -echo "I:deleting the key with 'rndc tsig-delete'" +echo "I:deleting the key with 'rndc tsig-delete' ($n)" ret=0 -$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 tsig-delete bar.example.server > /dev/null || ret=1 -$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 tsig-list > rndc.out.2 -grep "key \"bar.example.server" rndc.out.2 > /dev/null && ret=1 -$DIG $DIGOPTS -k $keyname txt.example txt > dig.out.4 || ret=1 -grep "TSIG could not be validated" dig.out.4 > /dev/null || ret=1 +$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p "$CONTROLPORT" tsig-delete bar.example.server > /dev/null || ret=1 +$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p "$CONTROLPORT" tsig-list > rndc.out.test$n +grep "key \"bar.example.server" rndc.out.test$n > /dev/null && ret=1 +dig_with_opts -k "$keyname" txt.example txt > dig.out.test$n || ret=1 +grep "TSIG could not be validated" dig.out.test$n > /dev/null || ret=1 if [ $ret != 0 ]; then echo "I:failed" fi -status=`expr $status + $ret` +status=$((status+ret)) +n=$((n+1)) -echo "I:recreating the bar.example. key" +echo "I:recreating the bar.example. key ($n)" ret=0 -keyname=`$KEYCREATE $dhkeyname bar.example.` || ret=1 +keyname=$($KEYCREATE 10.53.0.1 "$PORT" "$dhkeyname" bar.example.) || ret=1 if [ $ret != 0 ]; then echo "I:failed" - status=`expr $status + $ret` + status=$((status+ret)) echo "I:exit status: $status" exit $status fi -status=`expr $status + $ret` +status=$((status+ret)) +n=$((n+1)) -echo "I:checking the new key with 'rndc tsig-list'" +echo "I:checking the new key with 'rndc tsig-list' ($n)" ret=0 -$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 tsig-list > rndc.out.3 -grep "key \"bar.example.server" rndc.out.3 > /dev/null || ret=1 +$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p "$CONTROLPORT" tsig-list > rndc.out.test$n +grep "key \"bar.example.server" rndc.out.test$n > /dev/null || ret=1 if [ $ret != 0 ]; then echo "I:failed" fi -status=`expr $status + $ret` +status=$((status+ret)) +n=$((n+1)) -echo "I:using the new key in a request" +echo "I:using the new key in a request ($n)" ret=0 -$DIG $DIGOPTS -k $keyname txt.example txt > dig.out.5 || ret=1 -grep "status: NOERROR" dig.out.5 > /dev/null || ret=1 +dig_with_opts -k "$keyname" txt.example txt > dig.out.test$n || ret=1 +grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 if [ $ret != 0 ]; then echo "I:failed" fi -status=`expr $status + $ret` +status=$((status+ret)) +n=$((n+1)) echo "I:exit status: $status" [ $status -eq 0 ] || exit 1