From da2c1b74ada4f0899ff10d8f78b22beb4c4ce693 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Micha=C5=82=20K=C4=99pie=C5=84?= Date: Fri, 26 Apr 2019 20:38:02 +0200 Subject: [PATCH] Simplify trailing period handling in system tests Windows systems do not allow a trailing period in file names while Unix systems do. When BIND system tests are run, the $TP environment variable is set to an empty string on Windows systems and to "." on Unix systems. This environment variable is then used by system test scripts for handling this discrepancy properly. In multiple system test scripts, a variable holding a zone name is set to a string with a trailing period while the names of the zone's corresponding dlvset-* and/or dsset-* files are determined using numerous sed invocations like the following one: dlvsets="$dlvsets dlvset-`echo $zone |sed -e "s/.$//g"`$TP" In order to improve code readability, use zone names without trailing periods and replace sed invocations with variable substitutions. To retain local consistency, also remove the trailing period from certain other zone names used in system tests that are not subsequently processed using sed. --- bin/tests/system/dlv/ns3/sign.sh | 120 +++++++++++++------------- bin/tests/system/dnssec/ns2/sign.sh | 4 +- bin/tests/system/dnssec/ns3/sign.sh | 14 +-- bin/tests/system/dsdigest/ns2/sign.sh | 8 +- bin/tests/system/rpz/setup.sh | 4 +- bin/tests/system/wildcard/ns1/sign.sh | 16 ++-- 6 files changed, 83 insertions(+), 83 deletions(-) diff --git a/bin/tests/system/dlv/ns3/sign.sh b/bin/tests/system/dlv/ns3/sign.sh index cc9979eba2..cd39b600e2 100755 --- a/bin/tests/system/dlv/ns3/sign.sh +++ b/bin/tests/system/dlv/ns3/sign.sh @@ -16,29 +16,29 @@ SYSTEMTESTTOP=../.. echo_i "dlv/ns3/sign.sh" -dlvzone="dlv.utld." +dlvzone="dlv.utld" dlvsets= dssets= -disableddlvzone="disabled-algorithm-dlv.utld." +disableddlvzone="disabled-algorithm-dlv.utld" disableddlvsets= disableddssets= -unsupporteddlvzone="unsupported-algorithm-dlv.utld." +unsupporteddlvzone="unsupported-algorithm-dlv.utld" unsupporteddlvsets= unsupporteddssets= # Signed zone below unsigned TLD with DLV entry. -zone=child1.utld. +zone=child1.utld infile=child.db.in zonefile=child1.utld.db outfile=child1.signed -dlvsets="$dlvsets dlvset-`echo $zone |sed -e "s/.$//g"`$TP" +dlvsets="$dlvsets dlvset-${zone}${TP}" keyname1=`$KEYGEN -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null` keyname2=`$KEYGEN -f KSK -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null` -dsfilename=../ns6/dsset-grand.`echo $zone |sed -e "s/\.$//g"`$TP +dsfilename=../ns6/dsset-grand.${zone}${TP} cat $infile $keyname1.key $keyname2.key $dsfilename >$zonefile $SIGNER -O full -l $dlvzone -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err @@ -47,16 +47,16 @@ echo_i "signed $zone" # Signed zone below unsigned TLD with DLV entry in DLV zone that is signed # with a disabled algorithm. -zone=child3.utld. +zone=child3.utld infile=child.db.in zonefile=child3.utld.db outfile=child3.signed -disableddlvsets="$disableddlvsets dlvset-`echo $zone |sed -e "s/.$//g"`$TP" +disableddlvsets="$disableddlvsets dlvset-${zone}${TP}" keyname1=`$KEYGEN -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null` keyname2=`$KEYGEN -f KSK -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null` -dsfilename=../ns6/dsset-grand.`echo $zone |sed -e "s/\.$//g"`$TP +dsfilename=../ns6/dsset-grand.${zone}${TP} cat $infile $keyname1.key $keyname2.key $dsfilename >$zonefile $SIGNER -O full -l $disableddlvzone -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err @@ -66,11 +66,11 @@ echo_i "signed $zone" # Signed zone below unsigned TLD with DLV entry. This one is slightly # different because its children (the grandchildren) don't have a DS record in # this zone. The grandchild zones are served by ns6. -zone=child4.utld. +zone=child4.utld infile=child.db.in zonefile=child4.utld.db outfile=child4.signed -dlvsets="$dlvsets dlvset-`echo $zone |sed -e "s/.$//g"`$TP" +dlvsets="$dlvsets dlvset-${zone}${TP}" keyname1=`$KEYGEN -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null` keyname2=`$KEYGEN -f KSK -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null` @@ -83,23 +83,23 @@ echo_i "signed $zone" # Signed zone below unsigned TLD with DLV entry in DLV zone that is signed # with an unsupported algorithm. -zone=child5.utld. +zone=child5.utld infile=child.db.in zonefile=child5.utld.db outfile=child5.signed -unsupporteddlvsets="$unsupporteddlvsets dlvset-`echo $zone |sed -e "s/.$//g"`$TP" +unsupporteddlvsets="$unsupporteddlvsets dlvset-${zone}${TP}" keyname1=`$KEYGEN -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null` keyname2=`$KEYGEN -f KSK -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null` -dsfilename=../ns6/dsset-grand.`echo $zone |sed -e "s/\.$//g"`$TP +dsfilename=../ns6/dsset-grand.${zone}${TP} cat $infile $keyname1.key $keyname2.key $dsfilename >$zonefile $SIGNER -O full -l $unsupporteddlvzone -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err echo_i "signed $zone" # Signed zone below unsigned TLD without DLV entry. -zone=child7.utld. +zone=child7.utld infile=child.db.in zonefile=child7.utld.db outfile=child7.signed @@ -107,7 +107,7 @@ outfile=child7.signed keyname1=`$KEYGEN -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null` keyname2=`$KEYGEN -f KSK -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null` -dsfilename=../ns6/dsset-grand.`echo $zone |sed -e "s/\.$//g"`$TP +dsfilename=../ns6/dsset-grand.${zone}${TP} cat $infile $keyname1.key $keyname2.key $dsfilename >$zonefile $SIGNER -O full -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err @@ -116,7 +116,7 @@ echo_i "signed $zone" # Signed zone below unsigned TLD without DLV entry and no DS records for the # grandchildren. -zone=child8.utld. +zone=child8.utld infile=child.db.in zonefile=child8.utld.db outfile=child8.signed @@ -130,11 +130,11 @@ $SIGNER -O full -l $dlvzone -o $zone -f $outfile $zonefile > /dev/null 2> signer echo_i "signed $zone" # Signed zone below unsigned TLD with DLV entry. -zone=child9.utld. +zone=child9.utld infile=child.db.in zonefile=child9.utld.db outfile=child9.signed -dlvsets="$dlvsets dlvset-`echo $zone |sed -e "s/.$//g"`$TP" +dlvsets="$dlvsets dlvset-${zone}${TP}" keyname1=`$KEYGEN -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null` keyname2=`$KEYGEN -f KSK -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null` @@ -146,11 +146,11 @@ echo_i "signed $zone" # Unsigned zone below an unsigned TLD with DLV entry. We still need to sign # the zone to generate the DLV set. -zone=child10.utld. +zone=child10.utld infile=child.db.in zonefile=child10.utld.db outfile=child10.signed -dlvsets="$dlvsets dlvset-`echo $zone |sed -e "s/.$//g"`$TP" +dlvsets="$dlvsets dlvset-${zone}${TP}" keyname1=`$KEYGEN -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null` keyname2=`$KEYGEN -f KSK -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null` @@ -163,11 +163,11 @@ echo_i "signed $zone" # Zone signed with a disabled algorithm (an algorithm that is disabled in # one of the test resolvers) with DLV entry. -zone=disabled-algorithm.utld. +zone=disabled-algorithm.utld infile=child.db.in zonefile=disabled-algorithm.utld.db outfile=disabled-algorithm.utld.signed -dlvsets="$dlvsets dlvset-`echo $zone |sed -e "s/.$//g"`$TP" +dlvsets="$dlvsets dlvset-${zone}${TP}" keyname1=`$KEYGEN -a $DISABLED_ALGORITHM -b $DISABLED_BITS -n zone $zone 2> /dev/null` keyname2=`$KEYGEN -f KSK -a $DISABLED_ALGORITHM -b $DISABLED_BITS -n zone $zone 2> /dev/null` @@ -179,11 +179,11 @@ echo_i "signed $zone" # Zone signed with an unsupported algorithm with DLV entry. -zone=unsupported-algorithm.utld. +zone=unsupported-algorithm.utld infile=child.db.in zonefile=unsupported-algorithm.utld.db outfile=unsupported-algorithm.utld.signed -dlvsets="$dlvsets dlvset-`echo $zone |sed -e "s/.$//g"`$TP" +dlvsets="$dlvsets dlvset-${zone}${TP}" keyname1=`$KEYGEN -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null` keyname2=`$KEYGEN -f KSK -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null` @@ -195,23 +195,23 @@ awk '$4 == "DNSKEY" { $7 = 255 } $4 == "RRSIG" { $6 = 255 } { print }' ${outfile cp ${keyname2}.key ${keyname2}.tmp awk '$3 == "DNSKEY" { $6 = 255 } { print }' ${keyname2}.tmp > ${keyname2}.key -cp dlvset-${zone} dlvset-${zone}tmp -awk '$3 == "DLV" { $5 = 255 } { print }' dlvset-${zone}tmp > dlvset-${zone} +cp dlvset-${zone}${TP} dlvset-${zone}tmp +awk '$3 == "DLV" { $5 = 255 } { print }' dlvset-${zone}tmp > dlvset-${zone}${TP} echo_i "signed $zone" # Signed zone below signed TLD with DLV entry and DS set. -zone=child1.druz. +zone=child1.druz infile=child.db.in zonefile=child1.druz.db outfile=child1.druz.signed -dlvsets="$dlvsets dlvset-`echo $zone |sed -e "s/.$//g"`$TP" -dssets="$dssets dsset-`echo $zone |sed -e "s/.$//g"`$TP" +dlvsets="$dlvsets dlvset-${zone}${TP}" +dssets="$dssets dsset-${zone}${TP}" keyname1=`$KEYGEN -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null` keyname2=`$KEYGEN -f KSK -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null` -dsfilename=../ns6/dsset-grand.`echo $zone |sed -e "s/\.$//g"`$TP +dsfilename=../ns6/dsset-grand.${zone}${TP} cat $infile $keyname1.key $keyname2.key $dsfilename >$zonefile $SIGNER -O full -l $dlvzone -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err @@ -220,17 +220,17 @@ echo_i "signed $zone" # Signed zone below signed TLD with DLV entry and DS set. The DLV zone is # signed with a disabled algorithm. -zone=child3.druz. +zone=child3.druz infile=child.db.in zonefile=child3.druz.db outfile=child3.druz.signed -disableddlvsets="$disableddlvsets dlvset-`echo $zone |sed -e "s/.$//g"`$TP" -disableddssets="$disableddssets dsset-`echo $zone |sed -e "s/.$//g"`$TP" +disableddlvsets="$disableddlvsets dlvset-${zone}${TP}" +disableddssets="$disableddssets dsset-${zone}${TP}" keyname1=`$KEYGEN -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null` keyname2=`$KEYGEN -f KSK -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null` -dsfilename=../ns6/dsset-grand.`echo $zone |sed -e "s/\.$//g"`$TP +dsfilename=../ns6/dsset-grand.${zone}${TP} cat $infile $keyname1.key $keyname2.key $dsfilename >$zonefile $SIGNER -O full -l $disableddlvzone -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err @@ -239,12 +239,12 @@ echo_i "signed $zone" # Signed zone below signed TLD with DLV entry and DS set, but missing # DS records for the grandchildren. -zone=child4.druz. +zone=child4.druz infile=child.db.in zonefile=child4.druz.db outfile=child4.druz.signed -dlvsets="$dlvsets dlvset-`echo $zone |sed -e "s/.$//g"`$TP" -dssets="$dssets dsset-`echo $zone |sed -e "s/.$//g"`$TP" +dlvsets="$dlvsets dlvset-${zone}${TP}" +dssets="$dssets dsset-${zone}${TP}" keyname1=`$KEYGEN -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null` keyname2=`$KEYGEN -f KSK -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null` @@ -257,17 +257,17 @@ echo_i "signed $zone" # Signed zone below signed TLD with DLV entry and DS set. The DLV zone is # signed with an unsupported algorithm algorithm. -zone=child5.druz. +zone=child5.druz infile=child.db.in zonefile=child5.druz.db outfile=child5.druz.signed -unsupporteddlvsets="$unsupporteddlvsets dlvset-`echo $zone |sed -e "s/.$//g"`$TP" -unsupporteddssets="$unsupportedssets dsset-`echo $zone |sed -e "s/.$//g"`$TP" +unsupporteddlvsets="$unsupporteddlvsets dlvset-${zone}${TP}" +unsupporteddssets="$unsupportedssets dsset-${zone}${TP}" keyname1=`$KEYGEN -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null` keyname2=`$KEYGEN -f KSK -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null` -dsfilename=../ns6/dsset-grand.`echo $zone |sed -e "s/\.$//g"`$TP +dsfilename=../ns6/dsset-grand.${zone}${TP} cat $infile $keyname1.key $keyname2.key $dsfilename >$zonefile $SIGNER -O full -l $unsupporteddlvzone -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err @@ -275,16 +275,16 @@ echo_i "signed $zone" # Signed zone below signed TLD without DLV entry, but with normal DS set. -zone=child7.druz. +zone=child7.druz infile=child.db.in zonefile=child7.druz.db outfile=child7.druz.signed -dssets="$dssets dsset-`echo $zone |sed -e "s/.$//g"`$TP" +dssets="$dssets dsset-${zone}${TP}" keyname1=`$KEYGEN -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null` keyname2=`$KEYGEN -f KSK -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null` -dsfilename=../ns6/dsset-grand.`echo $zone |sed -e "s/\.$//g"`$TP +dsfilename=../ns6/dsset-grand.${zone}${TP} cat $infile $keyname1.key $keyname2.key $dsfilename >$zonefile $SIGNER -O full -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err @@ -293,7 +293,7 @@ echo_i "signed $zone" # Signed zone below signed TLD without DLV entry and no DS set. Also DS # records for the grandchildren are not included in the zone. -zone=child8.druz. +zone=child8.druz infile=child.db.in zonefile=child8.druz.db outfile=child8.druz.signed @@ -309,11 +309,11 @@ echo_i "signed $zone" # Signed zone below signed TLD with DLV entry but no DS set. Also DS # records for the grandchildren are not included in the zone. -zone=child9.druz. +zone=child9.druz infile=child.db.in zonefile=child9.druz.db outfile=child9.druz.signed -dlvsets="$dlvsets dlvset-`echo $zone |sed -e "s/.$//g"`$TP" +dlvsets="$dlvsets dlvset-${zone}${TP}" keyname1=`$KEYGEN -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null` keyname2=`$KEYGEN -f KSK -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null` @@ -326,12 +326,12 @@ echo_i "signed $zone" # Unsigned zone below signed TLD with DLV entry and DS set. We still need to # sign the zone to generate the DS sets. -zone=child10.druz. +zone=child10.druz infile=child.db.in zonefile=child10.druz.db outfile=child10.druz.signed -dlvsets="$dlvsets dlvset-`echo $zone |sed -e "s/.$//g"`$TP" -dssets="$dssets dsset-`echo $zone |sed -e "s/.$//g"`$TP" +dlvsets="$dlvsets dlvset-${zone}${TP}" +dssets="$dssets dsset-${zone}${TP}" keyname1=`$KEYGEN -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null` keyname2=`$KEYGEN -f KSK -a $DEFAULT_ALGORITHM -b $DEFAULT_BITS -n zone $zone 2> /dev/null` @@ -347,23 +347,23 @@ cp $unsupporteddssets ../ns2 # DLV zones infile=dlv.db.in -for zone in dlv.utld. disabled-algorithm-dlv.utld. unsupported-algorithm-dlv.utld. +for zone in dlv.utld disabled-algorithm-dlv.utld unsupported-algorithm-dlv.utld do - zonefile="${zone}db" - outfile="${zone}signed" + zonefile="${zone}.db" + outfile="${zone}.signed" case $zone in - "dlv.utld.") + "dlv.utld") algorithm=$DEFAULT_ALGORITHM bits=$DEFAULT_BITS dlvfiles=$dlvsets ;; - "disabled-algorithm-dlv.utld.") + "disabled-algorithm-dlv.utld") algorithm=$DISABLED_ALGORITHM bits=$DISABLED_BITS dlvfiles=$disableddlvsets ;; - "unsupported-algorithm-dlv.utld.") + "unsupported-algorithm-dlv.utld") algorithm=$DEFAULT_ALGORITHM bits=$DEFAULT_BITS dlvfiles=$unsupporteddlvsets @@ -376,15 +376,15 @@ do cat $infile $dlvfiles $keyname1.key $keyname2.key >$zonefile case $zone in - "dlv.utld.") + "dlv.utld") $SIGNER -O full -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err keyfile_to_trusted_keys $keyname2 > ../ns5/trusted-dlv.conf ;; - "disabled-algorithm-dlv.utld.") + "disabled-algorithm-dlv.utld") $SIGNER -O full -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err keyfile_to_trusted_keys $keyname2 > ../ns8/trusted-dlv-disabled.conf ;; - "unsupported-algorithm-dlv.utld.") + "unsupported-algorithm-dlv.utld") cp ${keyname2}.key ${keyname2}.tmp $SIGNER -O full -o $zone -f ${outfile}.tmp $zonefile > /dev/null 2> signer.err || cat signer.err awk '$4 == "DNSKEY" { $7 = 255 } $4 == "RRSIG" { $6 = 255 } { print }' ${outfile}.tmp > $outfile diff --git a/bin/tests/system/dnssec/ns2/sign.sh b/bin/tests/system/dnssec/ns2/sign.sh index eb2721598f..0a9af5fc9a 100644 --- a/bin/tests/system/dnssec/ns2/sign.sh +++ b/bin/tests/system/dnssec/ns2/sign.sh @@ -138,7 +138,7 @@ cat "$infile" "$keyname1.key" "$keyname2.key" > "$zonefile" # Sign the privately secure file -privzone=private.secure.example. +privzone=private.secure.example privinfile=private.secure.example.db.in privzonefile=private.secure.example.db @@ -153,7 +153,7 @@ cat "$privinfile" "$privkeyname.key" > "$privzonefile" dlvzone=dlv. dlvinfile=dlv.db.in dlvzonefile=dlv.db -dlvsetfile="dlvset-$(echo "$privzone" |sed -e "s/\\.$//g")$TP" +dlvsetfile="dlvset-${privzone}${TP}" dlvkeyname=$("$KEYGEN" -q -a "${DEFAULT_ALGORITHM}" -b "${DEFAULT_BITS}" -n zone "$dlvzone") diff --git a/bin/tests/system/dnssec/ns3/sign.sh b/bin/tests/system/dnssec/ns3/sign.sh index a9a063e0ef..e6e45d6c6c 100644 --- a/bin/tests/system/dnssec/ns3/sign.sh +++ b/bin/tests/system/dnssec/ns3/sign.sh @@ -261,7 +261,7 @@ cat "$infile" "$keyname.key" > "$zonefile" # A zone that is signed with an unknown DNSKEY algorithm. # Algorithm 7 is replaced by 100 in the zone and dsset. # -zone=dnskey-unknown.example. +zone=dnskey-unknown.example infile=dnskey-unknown.example.db.in zonefile=dnskey-unknown.example.db @@ -273,14 +273,14 @@ cat "$infile" "$keyname.key" > "$zonefile" awk '$4 == "DNSKEY" { $7 = 100 } $4 == "RRSIG" { $6 = 100 } { print }' ${zonefile}.tmp > ${zonefile}.signed -DSFILE="dsset-$(echo ${zone} |sed -e "s/\\.$//g")$TP" +DSFILE="dsset-${zone}${TP}" $DSFROMKEY -A -f ${zonefile}.signed "$zone" > "$DSFILE" # # A zone that is signed with an unsupported DNSKEY algorithm (3). # Algorithm 7 is replaced by 255 in the zone and dsset. # -zone=dnskey-unsupported.example. +zone=dnskey-unsupported.example infile=dnskey-unsupported.example.db.in zonefile=dnskey-unsupported.example.db @@ -292,14 +292,14 @@ cat "$infile" "$keyname.key" > "$zonefile" awk '$4 == "DNSKEY" { $7 = 255 } $4 == "RRSIG" { $6 = 255 } { print }' ${zonefile}.tmp > ${zonefile}.signed -DSFILE="dsset-$(echo ${zone} |sed -e "s/\\.$//g")$TP" +DSFILE="dsset-${zone}${TP}" $DSFROMKEY -A -f ${zonefile}.signed "$zone" > "$DSFILE" # # A zone with a published unsupported DNSKEY algorithm (Reserved). # Different from above because this key is not intended for signing. # -zone=dnskey-unsupported-2.example. +zone=dnskey-unsupported-2.example infile=dnskey-unsupported-2.example.db.in zonefile=dnskey-unsupported-2.example.db @@ -314,7 +314,7 @@ cat "$infile" "$ksk.key" "$zsk.key" unsupported-algorithm.key > "$zonefile" # A zone with a unknown DNSKEY algorithm + unknown NSEC3 hash algorithm (-U). # Algorithm 7 is replaced by 100 in the zone and dsset. # -zone=dnskey-nsec3-unknown.example. +zone=dnskey-nsec3-unknown.example infile=dnskey-nsec3-unknown.example.db.in zonefile=dnskey-nsec3-unknown.example.db @@ -326,7 +326,7 @@ cat "$infile" "$keyname.key" > "$zonefile" awk '$4 == "DNSKEY" { $7 = 100; print } $4 == "RRSIG" { $6 = 100; print } { print }' ${zonefile}.tmp > ${zonefile}.signed -DSFILE="dsset-$(echo ${zone} |sed -e "s/\\.$//g")$TP" +DSFILE="dsset-${zone}${TP}" $DSFROMKEY -A -f ${zonefile}.signed "$zone" > "$DSFILE" # diff --git a/bin/tests/system/dsdigest/ns2/sign.sh b/bin/tests/system/dsdigest/ns2/sign.sh index 0f16ea822e..814a8c7143 100644 --- a/bin/tests/system/dsdigest/ns2/sign.sh +++ b/bin/tests/system/dsdigest/ns2/sign.sh @@ -12,10 +12,10 @@ SYSTEMTESTTOP=../.. . $SYSTEMTESTTOP/conf.sh -zone1=good. +zone1=good infile1=good.db.in zonefile1=good.db -zone2=bad. +zone2=bad infile2=bad.db.in zonefile2=bad.db @@ -30,8 +30,8 @@ cat $infile2 $keyname21.key $keyname22.key >$zonefile2 $SIGNER -P -g -o $zone1 $zonefile1 > /dev/null $SIGNER -P -g -o $zone2 $zonefile2 > /dev/null -DSFILENAME1=dsset-`echo $zone1 |sed -e "s/\.$//g"`$TP -DSFILENAME2=dsset-`echo $zone2 |sed -e "s/\.$//g"`$TP +DSFILENAME1=dsset-${zone1}${TP} +DSFILENAME2=dsset-${zone2}${TP} $DSFROMKEY -a SHA-256 $keyname12 > $DSFILENAME1 $DSFROMKEY -a SHA-256 $keyname22 > $DSFILENAME2 diff --git a/bin/tests/system/rpz/setup.sh b/bin/tests/system/rpz/setup.sh index 4dd89d38c7..7598d021d0 100644 --- a/bin/tests/system/rpz/setup.sh +++ b/bin/tests/system/rpz/setup.sh @@ -82,10 +82,10 @@ signzone () { cat $1/$3 $1/$KEYNAME.key > $1/tmp $SIGNER -P -K $1 -o $2 -f $1/$4 $1/tmp >/dev/null sed -n -e 's/\(.*\) IN DNSKEY \([0-9]\{1,\} [0-9]\{1,\} [0-9]\{1,\}\) \(.*\)/trusted-keys {"\1" \2 "\3";};/p' $1/$KEYNAME.key >>trusted.conf - DSFILENAME=dsset-`echo $2 |sed -e "s/\.$//g"`$TP + DSFILENAME=dsset-${2}${TP} rm $DSFILENAME $1/tmp } -signzone ns2 tld2s. base-tld2s.db tld2s.db +signzone ns2 tld2s base-tld2s.db tld2s.db # Performance and a few other checks. cat <ns5/rpz-switch diff --git a/bin/tests/system/wildcard/ns1/sign.sh b/bin/tests/system/wildcard/ns1/sign.sh index 463139decc..3148dbb402 100755 --- a/bin/tests/system/wildcard/ns1/sign.sh +++ b/bin/tests/system/wildcard/ns1/sign.sh @@ -16,11 +16,11 @@ SYSTESTDIR=wildcard dssets= -zone=dlv. +zone=dlv infile=dlv.db.in zonefile=dlv.db outfile=dlv.db.signed -dssets="$dssets dsset-`echo $zone |sed -e "s/.$//g"`$TP" +dssets="$dssets dsset-${zone}${TP}" keyname1=`$KEYGEN -a RSASHA1 -b 1024 -n zone $zone 2> /dev/null` keyname2=`$KEYGEN -f KSK -a RSASHA1 -b 1024 -n zone $zone 2> /dev/null` @@ -30,11 +30,11 @@ cat $infile $keyname1.key $keyname2.key > $zonefile $SIGNER -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err echo_i "signed $zone" -zone=nsec. +zone=nsec infile=nsec.db.in zonefile=nsec.db outfile=nsec.db.signed -dssets="$dssets dsset-`echo $zone |sed -e "s/.$//g"`$TP" +dssets="$dssets dsset-${zone}${TP}" keyname1=`$KEYGEN -a RSASHA1 -b 1024 -n zone $zone 2> /dev/null` keyname2=`$KEYGEN -f KSK -a RSASHA1 -b 1024 -n zone $zone 2> /dev/null` @@ -44,7 +44,7 @@ cat $infile $keyname1.key $keyname2.key > $zonefile $SIGNER -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err echo_i "signed $zone" -zone=private.nsec. +zone=private.nsec infile=private.nsec.db.in zonefile=private.nsec.db outfile=private.nsec.db.signed @@ -59,11 +59,11 @@ echo_i "signed $zone" keyfile_to_trusted_keys $keyname2 > private.nsec.conf -zone=nsec3. +zone=nsec3 infile=nsec3.db.in zonefile=nsec3.db outfile=nsec3.db.signed -dssets="$dssets dsset-`echo $zone |sed -e "s/.$//g"`$TP" +dssets="$dssets dsset-${zone}${TP}" keyname1=`$KEYGEN -a NSEC3RSASHA1 -b 1024 -n zone $zone 2> /dev/null` keyname2=`$KEYGEN -f KSK -a NSEC3RSASHA1 -b 1024 -n zone $zone 2> /dev/null` @@ -73,7 +73,7 @@ cat $infile $keyname1.key $keyname2.key > $zonefile $SIGNER -3 - -H 10 -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err echo_i "signed $zone" -zone=private.nsec3. +zone=private.nsec3 infile=private.nsec3.db.in zonefile=private.nsec3.db outfile=private.nsec3.db.signed