Fix the tkey system test to allow parallel run

The tkey test was not adapted to dynamic ports, so we had to run it in
sequence.  This commit adds support for dynamic ports, and also makes
all the scripts shellcheck clean.

bin/tests/system/conf.sh.common

@@ -37,7 +37,7 @@ export LANG=C
 # SEQUENTIAL_UNIX in conf.sh.in; those that only run on windows should
 # be added to SEQUENTIAL_WINDOWS in conf.sh.win32.
 #
-SEQUENTIAL_COMMON="tkey"
+SEQUENTIAL_COMMON=""
 
 #
 # These tests can use ports assigned by the caller (other than 5300
@@ -70,7 +70,7 @@ PARALLEL_COMMON="dnssec rpzrecurse serve-stale \
 	rrchecker rrl rrsetorder rsabigexponent runtime \
 	sfcache smartsign sortlist \
 	spf staticstub statistics statschannel stub synthfromdnssec \
-	tcp tools tsig tsiggss ttl \
+	tcp tkey tools tsig tsiggss ttl \
 	unknown upforwd verify views wildcard \
 	xfer xferquota zero zonechecks"
 

bin/tests/system/tkey/clean.sh

@@ -9,10 +9,15 @@
 # See the COPYRIGHT file distributed with this work for additional
 # information regarding copyright ownership.
 
-rm -f dig.out.* rndc.out.* ns1/named.conf
+set -e
-rm -f K* ns1/K*
+
-rm -f */named.memstats
+rm -f ./K*
-rm -f */named.run
+rm -f ./dig.out.*
-rm -f ns1/_default.tsigkeys
+rm -f ./rndc.out.*
-rm -f ns*/named.lock
+rm -f ns*/K*
+rm -f ns*/_default.tsigkeys
 rm -f ns*/managed-keys.bind*
+rm -f ns*/named.conf
+rm -f ns*/named.lock
+rm -f ns*/named.memstats
+rm -f ns*/named.run

bin/tests/system/tkey/keycreate.c

@@ -52,9 +52,11 @@
 
 #define RUNCHECK(x) RUNTIME_CHECK((x) == ISC_R_SUCCESS)
 
-#define PORT	5300
 #define TIMEOUT 30
 
+static char *ip_address = NULL;
+static int port = 0;
+
 static dst_key_t *ourkey;
 static isc_mem_t *mctx;
 static dns_tsigkey_t *tsigkey, *initialkey;
@@ -141,10 +143,10 @@ sendquery(isc_task_t *task, isc_event_t *event) {
 	isc_event_free(&event);
 
 	result = ISC_R_FAILURE;
-	if (inet_pton(AF_INET, "10.53.0.1", &inaddr) != 1) {
+	if (inet_pton(AF_INET, ip_address, &inaddr) != 1) {
 		CHECK("inet_pton", result);
 	}
-	isc_sockaddr_fromin(&address, &inaddr, PORT);
+	isc_sockaddr_fromin(&address, &inaddr, port);
 
 	dns_fixedname_init(&keyname);
 	isc_buffer_constinit(&namestr, "tkeytest.", 9);
@@ -210,18 +212,16 @@ main(int argc, char *argv[]) {
 
 	RUNCHECK(isc_app_start());
 
-	if (argc < 2) {
+	if (argc < 4) {
 		fprintf(stderr, "I:no DH key provided\n");
 		exit(-1);
 	}
-	if (strcmp(argv[1], "-r") == 0) {
+	ip_address = argv[1];
-		fprintf(stderr, "I:the -r option has been deprecated\n");
+	port = atoi(argv[2]);
-		exit(-1);
+	ourkeyname = argv[3];
-	}
-	ourkeyname = argv[1];
 
-	if (argc >= 3) {
+	if (argc >= 5) {
-		ownername_str = argv[2];
+		ownername_str = argv[4];
 	}
 
 	dns_result_register();

bin/tests/system/tkey/keydelete.c

@@ -51,9 +51,10 @@
 
 #define RUNCHECK(x) RUNTIME_CHECK((x) == ISC_R_SUCCESS)
 
-#define PORT	5300
 #define TIMEOUT 30
 
+static char *ip_address;
+static int port;
 static isc_mem_t *mctx;
 static dns_tsigkey_t *tsigkey;
 static dns_tsig_keyring_t *ring;
@@ -114,10 +115,10 @@ sendquery(isc_task_t *task, isc_event_t *event) {
 	isc_event_free(&event);
 
 	result = ISC_R_FAILURE;
-	if (inet_pton(AF_INET, "10.53.0.1", &inaddr) != 1) {
+	if (inet_pton(AF_INET, ip_address, &inaddr) != 1) {
 		CHECK("inet_pton", result);
 	}
-	isc_sockaddr_fromin(&address, &inaddr, PORT);
+	isc_sockaddr_fromin(&address, &inaddr, port);
 
 	query = NULL;
 	result = dns_message_create(mctx, DNS_MESSAGE_INTENTRENDER, &query);
@@ -155,7 +156,7 @@ main(int argc, char **argv) {
 
 	RUNCHECK(isc_app_start());
 
-	if (argc < 2) {
+	if (argc < 4) {
 		fprintf(stderr, "I:no key to delete\n");
 		exit(-1);
 	}
@@ -163,7 +164,9 @@ main(int argc, char **argv) {
 		fprintf(stderr, "I:The -r options has been deprecated\n");
 		exit(-1);
 	}
-	keyname = argv[1];
+	ip_address = argv[1];
+	port = atoi(argv[2]);
+	keyname = argv[3];
 
 	dns_result_register();
 

bin/tests/system/tkey/ns1/named.conf.in

@@ -15,7 +15,7 @@ options {
 	query-source address 10.53.0.1;
 	notify-source 10.53.0.1;
 	transfer-source 10.53.0.1;
-	port 5300;
+	port @PORT@;
 	pid-file "named.pid";
 	listen-on { 10.53.0.1; };
 	listen-on-v6 { none; };
@@ -32,7 +32,7 @@ key rndc_key {
 };
 
 controls {
-	inet 10.53.0.1 port 9953 allow { any; } keys { rndc_key; };
+	inet 10.53.0.1 port @CONTROLPORT@ allow { any; } keys { rndc_key; };
 };
 
 key "tkeytest." {

bin/tests/system/tkey/ns1/setup.sh

@@ -9,10 +9,10 @@
 # See the COPYRIGHT file distributed with this work for additional
 # information regarding copyright ownership.
 
-SYSTEMTESTTOP=../..
+set -e
-. $SYSTEMTESTTOP/conf.sh
 
-keyname=`$KEYGEN -T KEY -a DH -b 768 -n host server`
+. "$SYSTEMTESTTOP/conf.sh"
-keyid=$(keyfile_to_key_id $keyname)
+
-rm -f named.conf
+keyname=$($KEYGEN -T KEY -a DH -b 768 -n host server)
-sed -e "s;KEYID;$keyid;" < named.conf.in > named.conf
+keyid=$(keyfile_to_key_id "$keyname")
+sed -i -e "s;KEYID;$keyid;" named.conf

bin/tests/system/tkey/setup.sh

@@ -9,7 +9,10 @@
 # See the COPYRIGHT file distributed with this work for additional
 # information regarding copyright ownership.
 
-SYSTEMTESTTOP=..
+set -e
-. $SYSTEMTESTTOP/conf.sh
+
+. "$SYSTEMTESTTOP/conf.sh"
+
+copy_setports ns1/named.conf.in ns1/named.conf
 
 cd ns1 && $SHELL setup.sh

bin/tests/system/tkey/tests.sh

@@ -9,137 +9,153 @@
 # See the COPYRIGHT file distributed with this work for additional
 # information regarding copyright ownership.
 
-SYSTEMTESTTOP=..
+set -e
-. $SYSTEMTESTTOP/conf.sh
 
-DIGOPTS="@10.53.0.1 -p 5300"
+. "$SYSTEMTESTTOP/conf.sh"
+
+dig_with_opts() {
+	"$DIG" @10.53.0.1 -p "$PORT" "$@"
+}
 
 status=0
+n=1
 
-echo "I:generating new DH key"
+echo "I:generating new DH key ($n)"
 ret=0
-dhkeyname=`$KEYGEN -T KEY -a DH -b 768 -n host client` || ret=1
+dhkeyname=$($KEYGEN -T KEY -a DH -b 768 -n host client) || ret=1
 if [ $ret != 0 ]; then
 	echo "I:failed"
-	status=`expr $status + $ret`
+	status=$((status+ret))
 	echo "I:exit status: $status"
 	exit $status
 fi
-status=`expr $status + $ret`
+status=$((status+ret))
+n=$((n+1))
 
 for owner in . foo.example.
 do
-	echo "I:creating new key using owner name \"$owner\""
+	echo "I:creating new key using owner name \"$owner\" ($n)"
 	ret=0
-	keyname=`$KEYCREATE $dhkeyname $owner` || ret=1
+	keyname=$($KEYCREATE 10.53.0.1 "$PORT" "$dhkeyname" $owner) || ret=1
 	if [ $ret != 0 ]; then
 		echo "I:failed"
-		status=`expr $status + $ret`
+		status=$((status+ret))
 		echo "I:exit status: $status"
 		exit $status
 	fi
-	status=`expr $status + $ret`
+	status=$((status+ret))
+	n=$((n+1))
 
-	echo "I:checking the new key"
+	echo "I:checking the new key ($n)"
 	ret=0
-	$DIG $DIGOPTS txt txt.example -k $keyname > dig.out.1 || ret=1
+	dig_with_opts txt txt.example -k "$keyname" > dig.out.test$n || ret=1
-	grep "status: NOERROR" dig.out.1 > /dev/null || ret=1
+	grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1
-	grep "TSIG.*hmac-md5.*NOERROR" dig.out.1 > /dev/null || ret=1
+	grep "TSIG.*hmac-md5.*NOERROR" dig.out.test$n > /dev/null || ret=1
-	grep "Some TSIG could not be validated" dig.out.1 > /dev/null && ret=1
+	grep "Some TSIG could not be validated" dig.out.test$n > /dev/null && ret=1
 	if [ $ret != 0 ]; then
 		echo "I:failed"
 	fi
-	status=`expr $status + $ret`
+	status=$((status+ret))
+	n=$((n+1))
 
-	echo "I:deleting new key"
+	echo "I:deleting new key ($n)"
 	ret=0
-	$KEYDELETE $keyname || ret=1
+	$KEYDELETE 10.53.0.1 "$PORT" "$keyname" || ret=1
 	if [ $ret != 0 ]; then
 		echo "I:failed"
 	fi
-	status=`expr $status + $ret`
+	status=$((status+ret))
+	n=$((n+1))
 
-	echo "I:checking that new key has been deleted"
+	echo "I:checking that new key has been deleted ($n)"
 	ret=0
-	$DIG $DIGOPTS txt txt.example -k $keyname > dig.out.2 || ret=1
+	dig_with_opts txt txt.example -k "$keyname" > dig.out.test$n || ret=1
-	grep "status: NOERROR" dig.out.2 > /dev/null && ret=1
+	grep "status: NOERROR" dig.out.test$n > /dev/null && ret=1
-	grep "TSIG.*hmac-md5.*NOERROR" dig.out.2 > /dev/null && ret=1
+	grep "TSIG.*hmac-md5.*NOERROR" dig.out.test$n > /dev/null && ret=1
-	grep "Some TSIG could not be validated" dig.out.2 > /dev/null || ret=1
+	grep "Some TSIG could not be validated" dig.out.test$n > /dev/null || ret=1
 	if [ $ret != 0 ]; then
 		echo "I:failed"
 	fi
-	status=`expr $status + $ret`
+	status=$((status+ret))
+	n=$((n+1))
 done
 
-echo "I:creating new key using owner name bar.example."
+echo "I:creating new key using owner name bar.example. ($n)"
 ret=0
-keyname=`$KEYCREATE $dhkeyname bar.example.` || ret=1
+keyname=$($KEYCREATE 10.53.0.1 "$PORT" "$dhkeyname" bar.example.) || ret=1
 if [ $ret != 0 ]; then
         echo "I:failed"
-	status=`expr $status + $ret`
+	status=$((status+ret))
         echo "I:exit status: $status"
         exit $status
 fi
-status=`expr $status + $ret`
+status=$((status+ret))
+n=$((n+1))
 
-echo "I:checking the key with 'rndc tsig-list'"
+echo "I:checking the key with 'rndc tsig-list' ($n)"
 ret=0
-$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 tsig-list > rndc.out.1
+$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p "$CONTROLPORT" tsig-list > rndc.out.test$n
-grep "key \"bar.example.server" rndc.out.1 > /dev/null || ret=1
+grep "key \"bar.example.server" rndc.out.test$n > /dev/null || ret=1
 if [ $ret != 0 ]; then
         echo "I:failed"
 fi
-status=`expr $status + $ret`
+status=$((status+ret))
+n=$((n+1))
 
-echo "I:using key in a request"
+echo "I:using key in a request ($n)"
 ret=0
-$DIG $DIGOPTS -k $keyname txt.example txt > dig.out.3 || ret=1
+dig_with_opts -k "$keyname" txt.example txt > dig.out.test$n || ret=1
-grep "status: NOERROR" dig.out.3 > /dev/null || ret=1
+grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1
 if [ $ret != 0 ]; then
         echo "I:failed"
 fi
-status=`expr $status + $ret`
+status=$((status+ret))
+n=$((n+1))
 
-echo "I:deleting the key with 'rndc tsig-delete'"
+echo "I:deleting the key with 'rndc tsig-delete' ($n)"
 ret=0
-$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 tsig-delete bar.example.server > /dev/null || ret=1
+$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p "$CONTROLPORT" tsig-delete bar.example.server > /dev/null || ret=1
-$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 tsig-list > rndc.out.2
+$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p "$CONTROLPORT" tsig-list > rndc.out.test$n
-grep "key \"bar.example.server" rndc.out.2 > /dev/null && ret=1
+grep "key \"bar.example.server" rndc.out.test$n > /dev/null && ret=1
-$DIG $DIGOPTS -k $keyname txt.example txt > dig.out.4 || ret=1
+dig_with_opts -k "$keyname" txt.example txt > dig.out.test$n || ret=1
-grep "TSIG could not be validated" dig.out.4 > /dev/null || ret=1
+grep "TSIG could not be validated" dig.out.test$n > /dev/null || ret=1
 if [ $ret != 0 ]; then
         echo "I:failed"
 fi
-status=`expr $status + $ret`
+status=$((status+ret))
+n=$((n+1))
 
-echo "I:recreating the bar.example. key"
+echo "I:recreating the bar.example. key ($n)"
 ret=0
-keyname=`$KEYCREATE $dhkeyname bar.example.` || ret=1
+keyname=$($KEYCREATE 10.53.0.1 "$PORT" "$dhkeyname" bar.example.) || ret=1
 if [ $ret != 0 ]; then
         echo "I:failed"
-	status=`expr $status + $ret`
+	status=$((status+ret))
         echo "I:exit status: $status"
         exit $status
 fi
-status=`expr $status + $ret`
+status=$((status+ret))
+n=$((n+1))
 
-echo "I:checking the new key with 'rndc tsig-list'"
+echo "I:checking the new key with 'rndc tsig-list' ($n)"
 ret=0
-$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p 9953 tsig-list > rndc.out.3
+$RNDC -c ../common/rndc.conf -s 10.53.0.1 -p "$CONTROLPORT" tsig-list > rndc.out.test$n
-grep "key \"bar.example.server" rndc.out.3 > /dev/null || ret=1
+grep "key \"bar.example.server" rndc.out.test$n > /dev/null || ret=1
 if [ $ret != 0 ]; then
         echo "I:failed"
 fi
-status=`expr $status + $ret`
+status=$((status+ret))
+n=$((n+1))
 
-echo "I:using the new key in a request"
+echo "I:using the new key in a request ($n)"
 ret=0
-$DIG $DIGOPTS -k $keyname txt.example txt > dig.out.5 || ret=1
+dig_with_opts -k "$keyname" txt.example txt > dig.out.test$n || ret=1
-grep "status: NOERROR" dig.out.5 > /dev/null || ret=1
+grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1
 if [ $ret != 0 ]; then
         echo "I:failed"
 fi
-status=`expr $status + $ret`
+status=$((status+ret))
+n=$((n+1))
 
 echo "I:exit status: $status"
 [ $status -eq 0 ] || exit 1