diff --git a/bin/tests/system/dlv/ns3/sign.sh b/bin/tests/system/dlv/ns3/sign.sh index cc9979eba2..cd39b600e2 100755 --- a/bin/tests/system/dlv/ns3/sign.sh +++ b/bin/tests/system/dlv/ns3/sign.sh @@ -16,29 +16,29 @@ SYSTEMTESTTOP=../.. echo_i "dlv/ns3/sign.sh" -dlvzone="dlv.utld." +dlvzone="dlv.utld" dlvsets= dssets= -disableddlvzone="disabled-algorithm-dlv.utld." +disableddlvzone="disabled-algorithm-dlv.utld" disableddlvsets= disableddssets= -unsupporteddlvzone="unsupported-algorithm-dlv.utld." +unsupporteddlvzone="unsupported-algorithm-dlv.utld" unsupporteddlvsets= unsupporteddssets= # Signed zone below unsigned TLD with DLV entry. -zone=child1.utld. +zone=child1.utld infile=child.db.in zonefile=child1.utld.db outfile=child1.signed -dlvsets="$dlvsets dlvset-`echo $zone |sed -e "s/.$//g"`$TP" +dlvsets="$dlvsets dlvset-${zone}${TP}" keyname1=`$KEYGEN -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null` keyname2=`$KEYGEN -f KSK -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null` -dsfilename=../ns6/dsset-grand.`echo $zone |sed -e "s/\.$//g"`$TP +dsfilename=../ns6/dsset-grand.${zone}${TP} cat $infile $keyname1.key $keyname2.key $dsfilename >$zonefile $SIGNER -O full -l $dlvzone -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err @@ -47,16 +47,16 @@ echo_i "signed $zone" # Signed zone below unsigned TLD with DLV entry in DLV zone that is signed # with a disabled algorithm. -zone=child3.utld. +zone=child3.utld infile=child.db.in zonefile=child3.utld.db outfile=child3.signed -disableddlvsets="$disableddlvsets dlvset-`echo $zone |sed -e "s/.$//g"`$TP" +disableddlvsets="$disableddlvsets dlvset-${zone}${TP}" keyname1=`$KEYGEN -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null` keyname2=`$KEYGEN -f KSK -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null` -dsfilename=../ns6/dsset-grand.`echo $zone |sed -e "s/\.$//g"`$TP +dsfilename=../ns6/dsset-grand.${zone}${TP} cat $infile $keyname1.key $keyname2.key $dsfilename >$zonefile $SIGNER -O full -l $disableddlvzone -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err @@ -66,11 +66,11 @@ echo_i "signed $zone" # Signed zone below unsigned TLD with DLV entry. This one is slightly # different because its children (the grandchildren) don't have a DS record in # this zone. The grandchild zones are served by ns6. -zone=child4.utld. +zone=child4.utld infile=child.db.in zonefile=child4.utld.db outfile=child4.signed -dlvsets="$dlvsets dlvset-`echo $zone |sed -e "s/.$//g"`$TP" +dlvsets="$dlvsets dlvset-${zone}${TP}" keyname1=`$KEYGEN -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null` keyname2=`$KEYGEN -f KSK -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null` @@ -83,23 +83,23 @@ echo_i "signed $zone" # Signed zone below unsigned TLD with DLV entry in DLV zone that is signed # with an unsupported algorithm. -zone=child5.utld. +zone=child5.utld infile=child.db.in zonefile=child5.utld.db outfile=child5.signed -unsupporteddlvsets="$unsupporteddlvsets dlvset-`echo $zone |sed -e "s/.$//g"`$TP" +unsupporteddlvsets="$unsupporteddlvsets dlvset-${zone}${TP}" keyname1=`$KEYGEN -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null` keyname2=`$KEYGEN -f KSK -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null` -dsfilename=../ns6/dsset-grand.`echo $zone |sed -e "s/\.$//g"`$TP +dsfilename=../ns6/dsset-grand.${zone}${TP} cat $infile $keyname1.key $keyname2.key $dsfilename >$zonefile $SIGNER -O full -l $unsupporteddlvzone -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err echo_i "signed $zone" # Signed zone below unsigned TLD without DLV entry. -zone=child7.utld. +zone=child7.utld infile=child.db.in zonefile=child7.utld.db outfile=child7.signed @@ -107,7 +107,7 @@ outfile=child7.signed keyname1=`$KEYGEN -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null` keyname2=`$KEYGEN -f KSK -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null` -dsfilename=../ns6/dsset-grand.`echo $zone |sed -e "s/\.$//g"`$TP +dsfilename=../ns6/dsset-grand.${zone}${TP} cat $infile $keyname1.key $keyname2.key $dsfilename >$zonefile $SIGNER -O full -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err @@ -116,7 +116,7 @@ echo_i "signed $zone" # Signed zone below unsigned TLD without DLV entry and no DS records for the # grandchildren. -zone=child8.utld. +zone=child8.utld infile=child.db.in zonefile=child8.utld.db outfile=child8.signed @@ -130,11 +130,11 @@ $SIGNER -O full -l $dlvzone -o $zone -f $outfile $zonefile > /dev/null 2> signer echo_i "signed $zone" # Signed zone below unsigned TLD with DLV entry. -zone=child9.utld. +zone=child9.utld infile=child.db.in zonefile=child9.utld.db outfile=child9.signed -dlvsets="$dlvsets dlvset-`echo $zone |sed -e "s/.$//g"`$TP" +dlvsets="$dlvsets dlvset-${zone}${TP}" keyname1=`$KEYGEN -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null` keyname2=`$KEYGEN -f KSK -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null` @@ -146,11 +146,11 @@ echo_i "signed $zone" # Unsigned zone below an unsigned TLD with DLV entry. We still need to sign # the zone to generate the DLV set. -zone=child10.utld. +zone=child10.utld infile=child.db.in zonefile=child10.utld.db outfile=child10.signed -dlvsets="$dlvsets dlvset-`echo $zone |sed -e "s/.$//g"`$TP" +dlvsets="$dlvsets dlvset-${zone}${TP}" keyname1=`$KEYGEN -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null` keyname2=`$KEYGEN -f KSK -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null` @@ -163,11 +163,11 @@ echo_i "signed $zone" # Zone signed with a disabled algorithm (an algorithm that is disabled in # one of the test resolvers) with DLV entry. -zone=disabled-algorithm.utld. +zone=disabled-algorithm.utld infile=child.db.in zonefile=disabled-algorithm.utld.db outfile=disabled-algorithm.utld.signed -dlvsets="$dlvsets dlvset-`echo $zone |sed -e "s/.$//g"`$TP" +dlvsets="$dlvsets dlvset-${zone}${TP}" keyname1=`$KEYGEN -a $DISABLED_ALGORITHM -b $DISABLED_BITS -n zone $zone 2> /dev/null` keyname2=`$KEYGEN -f KSK -a $DISABLED_ALGORITHM -b $DISABLED_BITS -n zone $zone 2> /dev/null` @@ -179,11 +179,11 @@ echo_i "signed $zone" # Zone signed with an unsupported algorithm with DLV entry. -zone=unsupported-algorithm.utld. +zone=unsupported-algorithm.utld infile=child.db.in zonefile=unsupported-algorithm.utld.db outfile=unsupported-algorithm.utld.signed -dlvsets="$dlvsets dlvset-`echo $zone |sed -e "s/.$//g"`$TP" +dlvsets="$dlvsets dlvset-${zone}${TP}" keyname1=`$KEYGEN -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null` keyname2=`$KEYGEN -f KSK -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null` @@ -195,23 +195,23 @@ awk '$4 == "DNSKEY" { $7 = 255 } $4 == "RRSIG" { $6 = 255 } { print }' ${outfile cp ${keyname2}.key ${keyname2}.tmp awk '$3 == "DNSKEY" { $6 = 255 } { print }' ${keyname2}.tmp > ${keyname2}.key -cp dlvset-${zone} dlvset-${zone}tmp -awk '$3 == "DLV" { $5 = 255 } { print }' dlvset-${zone}tmp > dlvset-${zone} +cp dlvset-${zone}${TP} dlvset-${zone}tmp +awk '$3 == "DLV" { $5 = 255 } { print }' dlvset-${zone}tmp > dlvset-${zone}${TP} echo_i "signed $zone" # Signed zone below signed TLD with DLV entry and DS set. -zone=child1.druz. +zone=child1.druz infile=child.db.in zonefile=child1.druz.db outfile=child1.druz.signed -dlvsets="$dlvsets dlvset-`echo $zone |sed -e "s/.$//g"`$TP" -dssets="$dssets dsset-`echo $zone |sed -e "s/.$//g"`$TP" +dlvsets="$dlvsets dlvset-${zone}${TP}" +dssets="$dssets dsset-${zone}${TP}" keyname1=`$KEYGEN -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null` keyname2=`$KEYGEN -f KSK -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null` -dsfilename=../ns6/dsset-grand.`echo $zone |sed -e "s/\.$//g"`$TP +dsfilename=../ns6/dsset-grand.${zone}${TP} cat $infile $keyname1.key $keyname2.key $dsfilename >$zonefile $SIGNER -O full -l $dlvzone -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err @@ -220,17 +220,17 @@ echo_i "signed $zone" # Signed zone below signed TLD with DLV entry and DS set. The DLV zone is # signed with a disabled algorithm. -zone=child3.druz. +zone=child3.druz infile=child.db.in zonefile=child3.druz.db outfile=child3.druz.signed -disableddlvsets="$disableddlvsets dlvset-`echo $zone |sed -e "s/.$//g"`$TP" -disableddssets="$disableddssets dsset-`echo $zone |sed -e "s/.$//g"`$TP" +disableddlvsets="$disableddlvsets dlvset-${zone}${TP}" +disableddssets="$disableddssets dsset-${zone}${TP}" keyname1=`$KEYGEN -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null` keyname2=`$KEYGEN -f KSK -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null` -dsfilename=../ns6/dsset-grand.`echo $zone |sed -e "s/\.$//g"`$TP +dsfilename=../ns6/dsset-grand.${zone}${TP} cat $infile $keyname1.key $keyname2.key $dsfilename >$zonefile $SIGNER -O full -l $disableddlvzone -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err @@ -239,12 +239,12 @@ echo_i "signed $zone" # Signed zone below signed TLD with DLV entry and DS set, but missing # DS records for the grandchildren. -zone=child4.druz. +zone=child4.druz infile=child.db.in zonefile=child4.druz.db outfile=child4.druz.signed -dlvsets="$dlvsets dlvset-`echo $zone |sed -e "s/.$//g"`$TP" -dssets="$dssets dsset-`echo $zone |sed -e "s/.$//g"`$TP" +dlvsets="$dlvsets dlvset-${zone}${TP}" +dssets="$dssets dsset-${zone}${TP}" keyname1=`$KEYGEN -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null` keyname2=`$KEYGEN -f KSK -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null` @@ -257,17 +257,17 @@ echo_i "signed $zone" # Signed zone below signed TLD with DLV entry and DS set. The DLV zone is # signed with an unsupported algorithm algorithm. -zone=child5.druz. +zone=child5.druz infile=child.db.in zonefile=child5.druz.db outfile=child5.druz.signed -unsupporteddlvsets="$unsupporteddlvsets dlvset-`echo $zone |sed -e "s/.$//g"`$TP" -unsupporteddssets="$unsupportedssets dsset-`echo $zone |sed -e "s/.$//g"`$TP" +unsupporteddlvsets="$unsupporteddlvsets dlvset-${zone}${TP}" +unsupporteddssets="$unsupportedssets dsset-${zone}${TP}" keyname1=`$KEYGEN -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null` keyname2=`$KEYGEN -f KSK -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null` -dsfilename=../ns6/dsset-grand.`echo $zone |sed -e "s/\.$//g"`$TP +dsfilename=../ns6/dsset-grand.${zone}${TP} cat $infile $keyname1.key $keyname2.key $dsfilename >$zonefile $SIGNER -O full -l $unsupporteddlvzone -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err @@ -275,16 +275,16 @@ echo_i "signed $zone" # Signed zone below signed TLD without DLV entry, but with normal DS set. -zone=child7.druz. +zone=child7.druz infile=child.db.in zonefile=child7.druz.db outfile=child7.druz.signed -dssets="$dssets dsset-`echo $zone |sed -e "s/.$//g"`$TP" +dssets="$dssets dsset-${zone}${TP}" keyname1=`$KEYGEN -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null` keyname2=`$KEYGEN -f KSK -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null` -dsfilename=../ns6/dsset-grand.`echo $zone |sed -e "s/\.$//g"`$TP +dsfilename=../ns6/dsset-grand.${zone}${TP} cat $infile $keyname1.key $keyname2.key $dsfilename >$zonefile $SIGNER -O full -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err @@ -293,7 +293,7 @@ echo_i "signed $zone" # Signed zone below signed TLD without DLV entry and no DS set. Also DS # records for the grandchildren are not included in the zone. -zone=child8.druz. +zone=child8.druz infile=child.db.in zonefile=child8.druz.db outfile=child8.druz.signed @@ -309,11 +309,11 @@ echo_i "signed $zone" # Signed zone below signed TLD with DLV entry but no DS set. Also DS # records for the grandchildren are not included in the zone. -zone=child9.druz. +zone=child9.druz infile=child.db.in zonefile=child9.druz.db outfile=child9.druz.signed -dlvsets="$dlvsets dlvset-`echo $zone |sed -e "s/.$//g"`$TP" +dlvsets="$dlvsets dlvset-${zone}${TP}" keyname1=`$KEYGEN -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null` keyname2=`$KEYGEN -f KSK -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null` @@ -326,12 +326,12 @@ echo_i "signed $zone" # Unsigned zone below signed TLD with DLV entry and DS set. We still need to # sign the zone to generate the DS sets. -zone=child10.druz. +zone=child10.druz infile=child.db.in zonefile=child10.druz.db outfile=child10.druz.signed -dlvsets="$dlvsets dlvset-`echo $zone |sed -e "s/.$//g"`$TP" -dssets="$dssets dsset-`echo $zone |sed -e "s/.$//g"`$TP" +dlvsets="$dlvsets dlvset-${zone}${TP}" +dssets="$dssets dsset-${zone}${TP}" keyname1=`$KEYGEN -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null` keyname2=`$KEYGEN -f KSK -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null` @@ -347,23 +347,23 @@ cp $unsupporteddssets ../ns2 # DLV zones infile=dlv.db.in -for zone in dlv.utld. disabled-algorithm-dlv.utld. unsupported-algorithm-dlv.utld. +for zone in dlv.utld disabled-algorithm-dlv.utld unsupported-algorithm-dlv.utld do - zonefile="${zone}db" - outfile="${zone}signed" + zonefile="${zone}.db" + outfile="${zone}.signed" case $zone in - "dlv.utld.") + "dlv.utld") algorithm=$DEFAULT_ALGORITHM bits=$DEFAULT_BITS dlvfiles=$dlvsets ;; - "disabled-algorithm-dlv.utld.") + "disabled-algorithm-dlv.utld") algorithm=$DISABLED_ALGORITHM bits=$DISABLED_BITS dlvfiles=$disableddlvsets ;; - "unsupported-algorithm-dlv.utld.") + "unsupported-algorithm-dlv.utld") algorithm=$DEFAULT_ALGORITHM bits=$DEFAULT_BITS dlvfiles=$unsupporteddlvsets @@ -376,15 +376,15 @@ do cat $infile $dlvfiles $keyname1.key $keyname2.key >$zonefile case $zone in - "dlv.utld.") + "dlv.utld") $SIGNER -O full -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err keyfile_to_trusted_keys $keyname2 > ../ns5/trusted-dlv.conf ;; - "disabled-algorithm-dlv.utld.") + "disabled-algorithm-dlv.utld") $SIGNER -O full -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err keyfile_to_trusted_keys $keyname2 > ../ns8/trusted-dlv-disabled.conf ;; - "unsupported-algorithm-dlv.utld.") + "unsupported-algorithm-dlv.utld") cp ${keyname2}.key ${keyname2}.tmp $SIGNER -O full -o $zone -f ${outfile}.tmp $zonefile > /dev/null 2> signer.err || cat signer.err awk '$4 == "DNSKEY" { $7 = 255 } $4 == "RRSIG" { $6 = 255 } { print }' ${outfile}.tmp > $outfile diff --git a/bin/tests/system/dnssec/ns2/sign.sh b/bin/tests/system/dnssec/ns2/sign.sh index eb2721598f..0a9af5fc9a 100644 --- a/bin/tests/system/dnssec/ns2/sign.sh +++ b/bin/tests/system/dnssec/ns2/sign.sh @@ -138,7 +138,7 @@ cat "$infile" "$keyname1.key" "$keyname2.key" > "$zonefile" # Sign the privately secure file -privzone=private.secure.example. +privzone=private.secure.example privinfile=private.secure.example.db.in privzonefile=private.secure.example.db @@ -153,7 +153,7 @@ cat "$privinfile" "$privkeyname.key" > "$privzonefile" dlvzone=dlv. dlvinfile=dlv.db.in dlvzonefile=dlv.db -dlvsetfile="dlvset-$(echo "$privzone" |sed -e "s/\\.$//g")$TP" +dlvsetfile="dlvset-${privzone}${TP}" dlvkeyname=$("$KEYGEN" -q -a "${DEFAULT_ALGORITHM}" -b "${DEFAULT_BITS}" -n zone "$dlvzone") diff --git a/bin/tests/system/dnssec/ns3/sign.sh b/bin/tests/system/dnssec/ns3/sign.sh index a9a063e0ef..e6e45d6c6c 100644 --- a/bin/tests/system/dnssec/ns3/sign.sh +++ b/bin/tests/system/dnssec/ns3/sign.sh @@ -261,7 +261,7 @@ cat "$infile" "$keyname.key" > "$zonefile" # A zone that is signed with an unknown DNSKEY algorithm. # Algorithm 7 is replaced by 100 in the zone and dsset. # -zone=dnskey-unknown.example. +zone=dnskey-unknown.example infile=dnskey-unknown.example.db.in zonefile=dnskey-unknown.example.db @@ -273,14 +273,14 @@ cat "$infile" "$keyname.key" > "$zonefile" awk '$4 == "DNSKEY" { $7 = 100 } $4 == "RRSIG" { $6 = 100 } { print }' ${zonefile}.tmp > ${zonefile}.signed -DSFILE="dsset-$(echo ${zone} |sed -e "s/\\.$//g")$TP" +DSFILE="dsset-${zone}${TP}" $DSFROMKEY -A -f ${zonefile}.signed "$zone" > "$DSFILE" # # A zone that is signed with an unsupported DNSKEY algorithm (3). # Algorithm 7 is replaced by 255 in the zone and dsset. # -zone=dnskey-unsupported.example. +zone=dnskey-unsupported.example infile=dnskey-unsupported.example.db.in zonefile=dnskey-unsupported.example.db @@ -292,14 +292,14 @@ cat "$infile" "$keyname.key" > "$zonefile" awk '$4 == "DNSKEY" { $7 = 255 } $4 == "RRSIG" { $6 = 255 } { print }' ${zonefile}.tmp > ${zonefile}.signed -DSFILE="dsset-$(echo ${zone} |sed -e "s/\\.$//g")$TP" +DSFILE="dsset-${zone}${TP}" $DSFROMKEY -A -f ${zonefile}.signed "$zone" > "$DSFILE" # # A zone with a published unsupported DNSKEY algorithm (Reserved). # Different from above because this key is not intended for signing. # -zone=dnskey-unsupported-2.example. +zone=dnskey-unsupported-2.example infile=dnskey-unsupported-2.example.db.in zonefile=dnskey-unsupported-2.example.db @@ -314,7 +314,7 @@ cat "$infile" "$ksk.key" "$zsk.key" unsupported-algorithm.key > "$zonefile" # A zone with a unknown DNSKEY algorithm + unknown NSEC3 hash algorithm (-U). # Algorithm 7 is replaced by 100 in the zone and dsset. # -zone=dnskey-nsec3-unknown.example. +zone=dnskey-nsec3-unknown.example infile=dnskey-nsec3-unknown.example.db.in zonefile=dnskey-nsec3-unknown.example.db @@ -326,7 +326,7 @@ cat "$infile" "$keyname.key" > "$zonefile" awk '$4 == "DNSKEY" { $7 = 100; print } $4 == "RRSIG" { $6 = 100; print } { print }' ${zonefile}.tmp > ${zonefile}.signed -DSFILE="dsset-$(echo ${zone} |sed -e "s/\\.$//g")$TP" +DSFILE="dsset-${zone}${TP}" $DSFROMKEY -A -f ${zonefile}.signed "$zone" > "$DSFILE" # diff --git a/bin/tests/system/dsdigest/ns2/sign.sh b/bin/tests/system/dsdigest/ns2/sign.sh index 0f16ea822e..814a8c7143 100644 --- a/bin/tests/system/dsdigest/ns2/sign.sh +++ b/bin/tests/system/dsdigest/ns2/sign.sh @@ -12,10 +12,10 @@ SYSTEMTESTTOP=../.. . $SYSTEMTESTTOP/conf.sh -zone1=good. +zone1=good infile1=good.db.in zonefile1=good.db -zone2=bad. +zone2=bad infile2=bad.db.in zonefile2=bad.db @@ -30,8 +30,8 @@ cat $infile2 $keyname21.key $keyname22.key >$zonefile2 $SIGNER -P -g -o $zone1 $zonefile1 > /dev/null $SIGNER -P -g -o $zone2 $zonefile2 > /dev/null -DSFILENAME1=dsset-`echo $zone1 |sed -e "s/\.$//g"`$TP -DSFILENAME2=dsset-`echo $zone2 |sed -e "s/\.$//g"`$TP +DSFILENAME1=dsset-${zone1}${TP} +DSFILENAME2=dsset-${zone2}${TP} $DSFROMKEY -a SHA-256 $keyname12 > $DSFILENAME1 $DSFROMKEY -a SHA-256 $keyname22 > $DSFILENAME2 diff --git a/bin/tests/system/rpz/setup.sh b/bin/tests/system/rpz/setup.sh index 4dd89d38c7..7598d021d0 100644 --- a/bin/tests/system/rpz/setup.sh +++ b/bin/tests/system/rpz/setup.sh @@ -82,10 +82,10 @@ signzone () { cat $1/$3 $1/$KEYNAME.key > $1/tmp $SIGNER -P -K $1 -o $2 -f $1/$4 $1/tmp >/dev/null sed -n -e 's/\(.*\) IN DNSKEY \([0-9]\{1,\} [0-9]\{1,\} [0-9]\{1,\}\) \(.*\)/trusted-keys {"\1" \2 "\3";};/p' $1/$KEYNAME.key >>trusted.conf - DSFILENAME=dsset-`echo $2 |sed -e "s/\.$//g"`$TP + DSFILENAME=dsset-${2}${TP} rm $DSFILENAME $1/tmp } -signzone ns2 tld2s. base-tld2s.db tld2s.db +signzone ns2 tld2s base-tld2s.db tld2s.db # Performance and a few other checks. cat <ns5/rpz-switch diff --git a/bin/tests/system/wildcard/ns1/sign.sh b/bin/tests/system/wildcard/ns1/sign.sh index 463139decc..3148dbb402 100755 --- a/bin/tests/system/wildcard/ns1/sign.sh +++ b/bin/tests/system/wildcard/ns1/sign.sh @@ -16,11 +16,11 @@ SYSTESTDIR=wildcard dssets= -zone=dlv. +zone=dlv infile=dlv.db.in zonefile=dlv.db outfile=dlv.db.signed -dssets="$dssets dsset-`echo $zone |sed -e "s/.$//g"`$TP" +dssets="$dssets dsset-${zone}${TP}" keyname1=`$KEYGEN -a RSASHA1 -b 1024 -n zone $zone 2> /dev/null` keyname2=`$KEYGEN -f KSK -a RSASHA1 -b 1024 -n zone $zone 2> /dev/null` @@ -30,11 +30,11 @@ cat $infile $keyname1.key $keyname2.key > $zonefile $SIGNER -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err echo_i "signed $zone" -zone=nsec. +zone=nsec infile=nsec.db.in zonefile=nsec.db outfile=nsec.db.signed -dssets="$dssets dsset-`echo $zone |sed -e "s/.$//g"`$TP" +dssets="$dssets dsset-${zone}${TP}" keyname1=`$KEYGEN -a RSASHA1 -b 1024 -n zone $zone 2> /dev/null` keyname2=`$KEYGEN -f KSK -a RSASHA1 -b 1024 -n zone $zone 2> /dev/null` @@ -44,7 +44,7 @@ cat $infile $keyname1.key $keyname2.key > $zonefile $SIGNER -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err echo_i "signed $zone" -zone=private.nsec. +zone=private.nsec infile=private.nsec.db.in zonefile=private.nsec.db outfile=private.nsec.db.signed @@ -59,11 +59,11 @@ echo_i "signed $zone" keyfile_to_trusted_keys $keyname2 > private.nsec.conf -zone=nsec3. +zone=nsec3 infile=nsec3.db.in zonefile=nsec3.db outfile=nsec3.db.signed -dssets="$dssets dsset-`echo $zone |sed -e "s/.$//g"`$TP" +dssets="$dssets dsset-${zone}${TP}" keyname1=`$KEYGEN -a NSEC3RSASHA1 -b 1024 -n zone $zone 2> /dev/null` keyname2=`$KEYGEN -f KSK -a NSEC3RSASHA1 -b 1024 -n zone $zone 2> /dev/null` @@ -73,7 +73,7 @@ cat $infile $keyname1.key $keyname2.key > $zonefile $SIGNER -3 - -H 10 -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err echo_i "signed $zone" -zone=private.nsec3. +zone=private.nsec3 infile=private.nsec3.db.in zonefile=private.nsec3.db outfile=private.nsec3.db.signed