From f5bf8c1d30fb57bcfa90b25a5a4187095ff49a80 Mon Sep 17 00:00:00 2001
From: Matthijs Mekking <matthijs@isc.org>
Date: Thu, 20 Jul 2023 15:34:53 +0200
Subject: [PATCH] Update autosign system test

When checking for the number of logs related to DNSKEY key maintenance
events, don't include CDNSKEY is published lines.

Also consider RSASHA1: If not supported, the key maintenance for
the nsec-only zone are not logged.
---
 bin/tests/system/autosign/tests.sh | 15 +++++++++++----
 1 file changed, 11 insertions(+), 4 deletions(-)

diff --git a/bin/tests/system/autosign/tests.sh b/bin/tests/system/autosign/tests.sh
index 6d3bc27356..604943cf40 100755
--- a/bin/tests/system/autosign/tests.sh
+++ b/bin/tests/system/autosign/tests.sh
@@ -1248,7 +1248,7 @@ status=$((status + ret))
 
 echo_i "checking key maintenance events were logged correctly ($n)"
 ret=0
-pub=$(grep "DNSKEY .* is now published" ns2/named.run | wc -l)
+pub=$(grep "DNSKEY .* is now published" ns2/named.run | grep -v "CDNSKEY" | wc -l)
 [ "$pub" -eq 10 ] || ret=1
 act=$(grep "DNSKEY .* is now active" ns2/named.run | wc -l)
 [ "$act" -eq 10 ] || ret=1
@@ -1258,10 +1258,17 @@ inac=$(grep "DNSKEY .* is now inactive" ns2/named.run | wc -l)
 [ "$inac" -eq 0 ] || ret=1
 del=$(grep "DNSKEY .* is now deleted" ns2/named.run | wc -l)
 [ "$del" -eq 0 ] || ret=1
-pub=$(grep "DNSKEY .* is now published" ns3/named.run | wc -l)
-[ "$pub" -eq 55 ] || ret=1
+pub=$(grep "DNSKEY .* is now published" ns3/named.run | grep -v "CDNSKEY" | wc -l)
 act=$(grep "DNSKEY .* is now active" ns3/named.run | wc -l)
-[ "$act" -eq 53 ] || ret=1
+if $SHELL ../testcrypto.sh -q RSASHA1
+then
+	# Include two log lines for nsec-only zone.
+	[ "$pub" -eq 53 ] || ret=1
+	[ "$act" -eq 53 ] || ret=1
+else
+	[ "$pub" -eq 51 ] || ret=1
+	[ "$act" -eq 51 ] || ret=1
+fi
 rev=$(grep "DNSKEY .* is now revoked" ns3/named.run | wc -l)
 [ "$rev" -eq 0 ] || ret=1
 inac=$(grep "DNSKEY .* is now inactive" ns3/named.run | wc -l)