pkgsrc-WIP-changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Pkgsrc changes: * Adapt patches
Module Name: pkgsrc-wip
Committed By: Havard Eidnes <he%NetBSD.org@localhost>
Pushed By: he
Date: Wed Jun 24 08:29:53 2020 +0200
Changeset: c6abbe3873012eb42a444db8cd3f7a181b26691c
Modified Files:
bind916/Makefile
bind916/distinfo
bind916/patches/patch-bin_named_Makefile.in
bind916/patches/patch-bin_tests_system_kasp_tests.sh
Log Message:
Pkgsrc changes:
* Adapt patches
Upstream changes:
--- 9.16.4 released ---
5438. [bug] Fix a race in TCP accepting code. [GL #1930]
5437. [bug] Fix a data race in lib/dns/resolver.c:log_formerr().
[GL #1808]
5436. [security] It was possible to trigger an INSIST when determining
whether a record would fit into a TCP message buffer.
(CVE-2020-8618) [GL #1850]
5435. [tests] Add RFC 4592 responses examples to the wildcard system
test. [GL #1718]
5434. [security] It was possible to trigger an INSIST in
lib/dns/rbtdb.c:new_reference() with a particular zone
content and query patterns. (CVE-2020-8619) [GL #1111]
[GL #1718]
5431. [func] Reject DS records at the zone apex when loading
master files. Log but otherwise ignore attempts to
add DS records at the zone apex via UPDATE. [GL #1798]
5430. [doc] Update docs - with netmgr, a separate listening socket
is created for each IPv6 interface (just as with IPv4).
[GL #1782]
5428. [bug] Clean up GSSAPI resources in nsupdate only after taskmgr
has been destroyed. Thanks to Petr Menšík. [GL !3316]
5426. [bug] Don't abort() when setting SO_INCOMING_CPU on the socket
fails. [GL #1911]
5425. [func] The default value of "max-stale-ttl" has been changed
from 1 week to 12 hours. [GL #1877]
5424. [bug] With KASP, when creating a successor key, the "goal"
state of the current active key (predecessor) was not
changed and thus never removed from the zone. [GL #1846]
5423. [bug] Fix a bug in keymgr_key_has_successor(): it incorrectly
returned true if any other key in the keyring had a
successor. [GL #1845]
5422. [bug] When using dnssec-policy, print correct key timing
metadata. [GL #1843]
5421. [bug] Fix a race that could cause named to crash when looking
up the nodename of an RBT node if the tree was modified.
[GL #1857]
5420. [bug] Add missing isc_{mutex,conditional}_destroy() calls
that caused a memory leak on FreeBSD. [GL #1893]
5418. [bug] delv failed to parse deprecated trusted-keys-style
trust anchors. [GL #1860]
5416. [bug] Fix a lock order inversion in lib/isc/unix/socket.c.
[GL #1859]
5415. [test] Address race in dnssec system test that led to
test failures. [GL #1852]
5414. [test] Adjust time allowed for journal truncation to occur
in nsupdate system test to avoid test failure.
[GL #1855]
5413. [test] Address race in autosign system test that led to
test failures. [GL #1852]
5412. [bug] 'provide-ixfr no;' failed to return up-to-date responses
when the serial was greater than or equal to the
current serial. [GL #1714]
5411. [cleanup] TCP accept code has been refactored to use a single
accept() and pass the accepted socket to child threads
for processing. [GL !3320]
5409. [performance] When looking up NSEC3 data in a zone database, skip the
check for empty non-terminal nodes; the NSEC3 tree does
not have any. [GL #1834]
5408. [protocol] Print Extended DNS Errors if present in OPT record.
[GL #1835]
5407. [func] Zone timers are now exported via statistics channel.
Thanks to Paul Frieden, Verizon Media. [GL #1232]
5405. [bug] 'named-checkconf -p' could include spurious text in
server-addresses statements due to an uninitialized DSCP
value. [GL #1812]
To see a diff of this commit:
https://wip.pkgsrc.org/cgi-bin/gitweb.cgi?p=pkgsrc-wip.git;a=commitdiff;h=c6abbe3873012eb42a444db8cd3f7a181b26691c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
diffstat:
bind916/Makefile | 4 +-
bind916/distinfo | 12 +-
bind916/patches/patch-bin_named_Makefile.in | 8 +-
.../patches/patch-bin_tests_system_kasp_tests.sh | 166 +++++++++++++++------
4 files changed, 129 insertions(+), 61 deletions(-)
diffs:
diff --git a/bind916/Makefile b/bind916/Makefile
index 8fccaa301a..ee233a1e2c 100644
--- a/bind916/Makefile
+++ b/bind916/Makefile
@@ -15,7 +15,7 @@ CONFLICTS+= host-[0-9]*
MAKE_JOBS_SAFE= no
-BIND_VERSION= 9.16.3
+BIND_VERSION= 9.16.4
# For libatomic and 64-bit operations
#USE_PKGSRC_GCC= yes
@@ -88,5 +88,5 @@ post-install:
.include "../../security/openssl/buildlink3.mk"
.include "../../devel/zlib/buildlink3.mk"
.include "../../devel/libuv/buildlink3.mk"
-.include "../../wip/libatomic/buildlink3.mk"
+.include "../../devel/libatomic/buildlink3.mk"
.include "../../mk/bsd.pkg.mk"
diff --git a/bind916/distinfo b/bind916/distinfo
index b29f77d3dc..1cdfb2ed87 100644
--- a/bind916/distinfo
+++ b/bind916/distinfo
@@ -1,17 +1,17 @@
$NetBSD: distinfo,v 1.14 2020/02/20 16:37:06 taca Exp $
-SHA1 (bind-9.16.3.tar.xz) = 0329886be14da8654458057061d5bbfcd87bdf20
-RMD160 (bind-9.16.3.tar.xz) = 93ddd1184d87d51b1ae195be495c57762b0a71dc
-SHA512 (bind-9.16.3.tar.xz) = aded208ab8b10cac275512eb4cb19f4eabd654ef3c14ab0c635f7d09194df4f6dfa84d0b5d69ce93854ceb26a93e21d7122b01ce4f3996da807249ca41d877df
-Size (bind-9.16.3.tar.xz) = 4573044 bytes
-SHA1 (patch-bin_named_Makefile.in) = f4ca372f7398e3b6866be8c8b0df4f5888a13d0f
+SHA1 (bind-9.16.4.tar.xz) = e6cb05910a6bb9dbc36b3b6d88de7b28fa78c299
+RMD160 (bind-9.16.4.tar.xz) = 6debe010ff34a7e9f137fb089753d6d0ecc9d52c
+SHA512 (bind-9.16.4.tar.xz) = b1cf0607b0d7569ea594e02848eed601b8faf31c527fc17d379cfff3cd45c0c8b849364af0312e9b65bc14875aad87de379281603c150a07bf021ec740e92860
+Size (bind-9.16.4.tar.xz) = 3465172 bytes
+SHA1 (patch-bin_named_Makefile.in) = 8ef44cfa5b7c66562d9e26b0d3052ccd53388b6f
SHA1 (patch-bin_named_main.c) = c62eb07ae859d022a77d2b3cbaa48df73e4fa8d4
SHA1 (patch-bin_named_pfilter.c) = b54f872c883c8fbc2d9c04df65c185dc057cc36b
SHA1 (patch-bin_named_pfilter.h) = c14617cb266a4b5d33ba6e5db98562e806792833
SHA1 (patch-bin_named_server.c) = 57f43d4556588447f44980c5acd36cb00cc528cc
SHA1 (patch-bin_nsupdate_nsupdate.c) = f71213385ec7c78243c1f93a6940caa111cb5072
SHA1 (patch-bin_pkcs11_pkcs11-keygen.c) = d953bf48aadcdf7e95975d335167cc50f54ef91e
-SHA1 (patch-bin_tests_system_kasp_tests.sh) = da6dcc4049ab7899a9b8793edde93cf549f9506a
+SHA1 (patch-bin_tests_system_kasp_tests.sh) = 644857a9cdbdb4baba3de004f58945f9542aad55
SHA1 (patch-bin_tests_system_metadata_tests.sh) = d01a492d0b7738760bdbff714248e279a78fef28
SHA1 (patch-bin_tests_system_rpz_tests.sh) = 1bc5e0d5c0cc50608e6314c2d2664bd1dc3f6e34
SHA1 (patch-bin_tools_arpaname.c) = b17050df38ca9734f40351a37a6faf581481e2da
diff --git a/bind916/patches/patch-bin_named_Makefile.in b/bind916/patches/patch-bin_named_Makefile.in
index bf3f3c3de9..8af3afb080 100644
--- a/bind916/patches/patch-bin_named_Makefile.in
+++ b/bind916/patches/patch-bin_named_Makefile.in
@@ -4,7 +4,7 @@ $NetBSD: patch-bin_named_Makefile.in,v 1.2 2019/07/18 03:02:02 taca Exp $
--- bin/named/Makefile.in.orig 2019-07-09 18:15:48.000000000 +0000
+++ bin/named/Makefile.in
-@@ -89,6 +89,7 @@ SUBDIRS = unix
+@@ -93,6 +93,7 @@ SUBDIRS = unix
TARGETS = named@EXEEXT@
@@ -12,7 +12,7 @@ $NetBSD: patch-bin_named_Makefile.in,v 1.2 2019/07/18 03:02:02 taca Exp $
GEOIP2LINKOBJS = geoip.@O@
OBJS = builtin.@O@ config.@O@ control.@O@ \
-@@ -97,12 +98,13 @@ OBJS = builtin.@O@ config.@O@ control.@
+@@ -101,12 +102,13 @@ OBJS = builtin.@O@ config.@O@ control.@
log.@O@ logconf.@O@ main.@O@ \
server.@O@ statschannel.@O@ \
tkeyconf.@O@ tsigconf.@O@ zoneconf.@O@ \
@@ -27,12 +27,12 @@ $NetBSD: patch-bin_named_Makefile.in,v 1.2 2019/07/18 03:02:02 taca Exp $
GEOIP2LINKSRCS = geoip.c
SRCS = builtin.c config.c control.c \
-@@ -111,7 +113,7 @@ SRCS = builtin.c config.c control.c \
+@@ -115,7 +117,7 @@ SRCS = builtin.c config.c control.c \
log.c logconf.c main.c \
server.c statschannel.c \
tkeyconf.c tsigconf.c zoneconf.c \
- ${DLZDRIVER_SRCS} ${DBDRIVER_SRCS}
+ ${BLACKLISTLINKSRCS} ${DLZDRIVER_SRCS} ${DBDRIVER_SRCS}
- MANPAGES = named.8 named.conf.5
+ @BIND9_MAKE_RULES@
diff --git a/bind916/patches/patch-bin_tests_system_kasp_tests.sh b/bind916/patches/patch-bin_tests_system_kasp_tests.sh
index f5eab84f4c..c5e999650c 100644
--- a/bind916/patches/patch-bin_tests_system_kasp_tests.sh
+++ b/bind916/patches/patch-bin_tests_system_kasp_tests.sh
@@ -4,7 +4,7 @@ Portability in shell script, don't use == with test.
--- bin/tests/system/kasp/tests.sh.orig 2020-05-06 09:59:35.000000000 +0000
+++ bin/tests/system/kasp/tests.sh
-@@ -281,7 +281,7 @@ check_key() {
+@@ -320,7 +320,7 @@ check_key() {
# Check file existence.
[ -s "$KEY_FILE" ] || ret=1
[ -s "$PRIVATE_FILE" ] || ret=1
@@ -13,7 +13,16 @@ Portability in shell script, don't use == with test.
[ -s "$STATE_FILE" ] || ret=1
fi
[ "$ret" -eq 0 ] || log_error "${BASE_FILE} files missing"
-@@ -296,9 +296,9 @@ check_key() {
+@@ -331,7 +331,7 @@ check_key() {
+ KEY_CREATED=$(awk '{print $3}' < "${ZONE}.${KEY_ID}.${_alg_num}.created")
+
+ grep "Created: ${KEY_CREATED}" "$PRIVATE_FILE" > /dev/null || log_error "mismatch created in $PRIVATE_FILE"
+- if [ "$_legacy" == "no" ]; then
++ if [ "$_legacy" = "no" ]; then
+ grep "Generated: ${KEY_CREATED}" "$STATE_FILE" > /dev/null || log_error "mismatch generated in $STATE_FILE"
+ fi
+
+@@ -344,9 +344,9 @@ check_key() {
grep "Private-key-format: v1.3" "$PRIVATE_FILE" > /dev/null || log_error "mismatch private key format in $PRIVATE_FILE"
grep "Algorithm: ${_alg_num} (${_alg_string})" "$PRIVATE_FILE" > /dev/null || log_error "mismatch algorithm in $PRIVATE_FILE"
# Now check the key state file.
@@ -25,95 +34,103 @@ Portability in shell script, don't use == with test.
grep "Lifetime: " "$STATE_FILE" > /dev/null && log_error "unexpected lifetime in $STATE_FILE"
else
grep "Lifetime: ${_lifetime}" "$STATE_FILE" > /dev/null || log_error "mismatch lifetime in $STATE_FILE"
-@@ -352,13 +352,13 @@ check_key() {
+@@ -438,13 +438,13 @@ check_timingmetadata() {
if [ "$_published" = "none" ]; then
- grep "; Publish:" "$KEY_FILE" > /dev/null && log_error "unexpected publish comment in $KEY_FILE"
- grep "Publish:" "$PRIVATE_FILE" > /dev/null && log_error "unexpected publish in $PRIVATE_FILE"
+ grep "; Publish:" "${_key_file}" > /dev/null && log_error "unexpected publish comment in ${_key_file}"
+ grep "Publish:" "${_private_file}" > /dev/null && log_error "unexpected publish in ${_private_file}"
+- if [ "$_legacy" == "no" ]; then
++ if [ "$_legacy" = "no" ]; then
+ grep "Published: " "${_state_file}" > /dev/null && log_error "unexpected publish in ${_state_file}"
+ fi
+ else
+ grep "; Publish: $_published" "${_key_file}" > /dev/null || log_error "mismatch publish comment in ${_key_file} (expected ${_published})"
+ grep "Publish: $_published" "${_private_file}" > /dev/null || log_error "mismatch publish in ${_private_file} (expected ${_published})"
+- if [ "$_legacy" == "no" ]; then
++ if [ "$_legacy" = "no" ]; then
+ grep "Published: $_published" "${_state_file}" > /dev/null || log_error "mismatch publish in ${_state_file} (expected ${_published})"
+ fi
+ fi
+@@ -452,13 +452,13 @@ check_timingmetadata() {
+ if [ "$_syncpublish" = "none" ]; then
+ grep "; SyncPublish:" "${_key_file}" > /dev/null && log_error "unexpected syncpublish comment in ${_key_file}"
+ grep "SyncPublish:" "${_private_file}" > /dev/null && log_error "unexpected syncpublish in ${_private_file}"
- if [ "$_legacy" == "no" ]; then
+ if [ "$_legacy" = "no" ]; then
- grep "Published: " "$STATE_FILE" > /dev/null && log_error "unexpected publish in $STATE_FILE"
+ grep "PublishCDS: " "${_state_file}" > /dev/null && log_error "unexpected syncpublish in ${_state_file}"
fi
else
- grep "; Publish:" "$KEY_FILE" > /dev/null || log_error "mismatch publish comment in $KEY_FILE"
- grep "Publish:" "$PRIVATE_FILE" > /dev/null || log_error "mismatch publish in $PRIVATE_FILE"
+ grep "; SyncPublish: $_syncpublish" "${_key_file}" > /dev/null || log_error "mismatch syncpublish comment in ${_key_file} (expected ${_syncpublish})"
+ grep "SyncPublish: $_syncpublish" "${_private_file}" > /dev/null || log_error "mismatch syncpublish in ${_private_file} (expected ${_syncpublish})"
- if [ "$_legacy" == "no" ]; then
+ if [ "$_legacy" = "no" ]; then
- grep "Published:" "$STATE_FILE" > /dev/null || log_error "mismatch publish in $STATE_FILE"
+ grep "PublishCDS: $_syncpublish" "${_state_file}" > /dev/null || log_error "mismatch syncpublish in ${_state_file} (expected ${_syncpublish})"
fi
fi
-@@ -366,13 +366,13 @@ check_key() {
+@@ -466,13 +466,13 @@ check_timingmetadata() {
if [ "$_active" = "none" ]; then
- grep "; Activate:" "$KEY_FILE" > /dev/null && log_error "unexpected active comment in $KEY_FILE"
- grep "Activate:" "$PRIVATE_FILE" > /dev/null && log_error "unexpected active in $PRIVATE_FILE"
+ grep "; Activate:" "${_key_file}" > /dev/null && log_error "unexpected active comment in ${_key_file}"
+ grep "Activate:" "${_private_file}" > /dev/null && log_error "unexpected active in ${_private_file}"
- if [ "$_legacy" == "no" ]; then
+ if [ "$_legacy" = "no" ]; then
- grep "Active: " "$STATE_FILE" > /dev/null && log_error "unexpected active in $STATE_FILE"
+ grep "Active: " "${_state_file}" > /dev/null && log_error "unexpected active in ${_state_file}"
fi
else
- grep "; Activate:" "$KEY_FILE" > /dev/null || log_error "mismatch active comment in $KEY_FILE"
- grep "Activate:" "$PRIVATE_FILE" > /dev/null || log_error "mismatch active in $PRIVATE_FILE"
+ grep "; Activate: $_active" "${_key_file}" > /dev/null || log_error "mismatch active comment in ${_key_file} (expected ${_active})"
+ grep "Activate: $_active" "${_private_file}" > /dev/null || log_error "mismatch active in ${_private_file} (expected ${_active})"
- if [ "$_legacy" == "no" ]; then
+ if [ "$_legacy" = "no" ]; then
- grep "Active: " "$STATE_FILE" > /dev/null || log_error "mismatch active in $STATE_FILE"
+ grep "Active: $_active" "${_state_file}" > /dev/null || log_error "mismatch active in ${_state_file} (expected ${_active})"
fi
fi
-@@ -380,13 +380,13 @@ check_key() {
+@@ -480,13 +480,13 @@ check_timingmetadata() {
if [ "$_retired" = "none" ]; then
- grep "; Inactive:" "$KEY_FILE" > /dev/null && log_error "unexpected retired comment in $KEY_FILE"
- grep "Inactive:" "$PRIVATE_FILE" > /dev/null && log_error "unexpected retired in $PRIVATE_FILE"
+ grep "; Inactive:" "${_key_file}" > /dev/null && log_error "unexpected retired comment in ${_key_file}"
+ grep "Inactive:" "${_private_file}" > /dev/null && log_error "unexpected retired in ${_private_file}"
- if [ "$_legacy" == "no" ]; then
+ if [ "$_legacy" = "no" ]; then
- grep "Retired: " "$STATE_FILE" > /dev/null && log_error "unexpected retired in $STATE_FILE"
+ grep "Retired: " "${_state_file}" > /dev/null && log_error "unexpected retired in ${_state_file}"
fi
else
- grep "; Inactive:" "$KEY_FILE" > /dev/null || log_error "mismatch retired comment in $KEY_FILE"
- grep "Inactive:" "$PRIVATE_FILE" > /dev/null || log_error "mismatch retired in $PRIVATE_FILE"
+ grep "; Inactive: $_retired" "${_key_file}" > /dev/null || log_error "mismatch retired comment in ${_key_file} (expected ${_retired})"
+ grep "Inactive: $_retired" "${_private_file}" > /dev/null || log_error "mismatch retired in ${_private_file} (expected ${_retired})"
- if [ "$_legacy" == "no" ]; then
+ if [ "$_legacy" = "no" ]; then
- grep "Retired: " "$STATE_FILE" > /dev/null || log_error "mismatch retired in $STATE_FILE"
+ grep "Retired: $_retired" "${_state_file}" > /dev/null || log_error "mismatch retired in ${_state_file} (expected ${_retired})"
fi
fi
-@@ -394,13 +394,13 @@ check_key() {
+@@ -494,13 +494,13 @@ check_timingmetadata() {
if [ "$_revoked" = "none" ]; then
- grep "; Revoke:" "$KEY_FILE" > /dev/null && log_error "unexpected revoked comment in $KEY_FILE"
- grep "Revoke:" "$PRIVATE_FILE" > /dev/null && log_error "unexpected revoked in $PRIVATE_FILE"
+ grep "; Revoke:" "${_key_file}" > /dev/null && log_error "unexpected revoked comment in ${_key_file}"
+ grep "Revoke:" "${_private_file}" > /dev/null && log_error "unexpected revoked in ${_private_file}"
- if [ "$_legacy" == "no" ]; then
+ if [ "$_legacy" = "no" ]; then
- grep "Revoked: " "$STATE_FILE" > /dev/null && log_error "unexpected revoked in $STATE_FILE"
+ grep "Revoked: " "${_state_file}" > /dev/null && log_error "unexpected revoked in ${_state_file}"
fi
else
- grep "; Revoke:" "$KEY_FILE" > /dev/null || log_error "mismatch revoked comment in $KEY_FILE"
- grep "Revoke:" "$PRIVATE_FILE" > /dev/null || log_error "mismatch revoked in $PRIVATE_FILE"
+ grep "; Revoke: $_revoked" "${_key_file}" > /dev/null || log_error "mismatch revoked comment in ${_key_file} (expected ${_revoked})"
+ grep "Revoke: $_revoked" "${_private_file}" > /dev/null || log_error "mismatch revoked in ${_private_file} (expected ${_revoked})"
- if [ "$_legacy" == "no" ]; then
+ if [ "$_legacy" = "no" ]; then
- grep "Revoked: " "$STATE_FILE" > /dev/null || log_error "mismatch revoked in $STATE_FILE"
+ grep "Revoked: $_revoked" "${_state_file}" > /dev/null || log_error "mismatch revoked in ${_state_file} (expected ${_revoked})"
fi
fi
-@@ -408,20 +408,20 @@ check_key() {
+@@ -508,13 +508,13 @@ check_timingmetadata() {
if [ "$_removed" = "none" ]; then
- grep "; Delete:" "$KEY_FILE" > /dev/null && log_error "unexpected removed comment in $KEY_FILE"
- grep "Delete:" "$PRIVATE_FILE" > /dev/null && log_error "unexpected removed in $PRIVATE_FILE"
+ grep "; Delete:" "${_key_file}" > /dev/null && log_error "unexpected removed comment in ${_key_file}"
+ grep "Delete:" "${_private_file}" > /dev/null && log_error "unexpected removed in ${_private_file}"
- if [ "$_legacy" == "no" ]; then
+ if [ "$_legacy" = "no" ]; then
- grep "Removed: " "$STATE_FILE" > /dev/null && log_error "unexpected removed in $STATE_FILE"
+ grep "Removed: " "${_state_file}" > /dev/null && log_error "unexpected removed in ${_state_file}"
fi
else
- grep "; Delete:" "$KEY_FILE" > /dev/null || log_error "mismatch removed comment in $KEY_FILE"
- grep "Delete:" "$PRIVATE_FILE" > /dev/null || log_error "mismatch removed in $PRIVATE_FILE"
+ grep "; Delete: $_removed" "${_key_file}" > /dev/null || log_error "mismatch removed comment in ${_key_file} (expected ${_removed})"
+ grep "Delete: $_removed" "${_private_file}" > /dev/null || log_error "mismatch removed in ${_private_file} (expected ${_removed})"
- if [ "$_legacy" == "no" ]; then
+ if [ "$_legacy" = "no" ]; then
- grep "Removed: " "$STATE_FILE" > /dev/null || log_error "mismatch removed in $STATE_FILE"
+ grep "Removed: $_removed" "${_state_file}" > /dev/null || log_error "mismatch removed in ${_state_file} (expected ${_removed})"
fi
fi
-
- grep "; Created:" "$KEY_FILE" > /dev/null || log_error "mismatch created comment in $KEY_FILE"
- grep "Created:" "$PRIVATE_FILE" > /dev/null || log_error "mismatch created in $PRIVATE_FILE"
-- if [ "$_legacy" == "no" ]; then
-+ if [ "$_legacy" = "no" ]; then
- grep "Generated: " "$STATE_FILE" > /dev/null || log_error "mismatch generated in $STATE_FILE"
- fi
- }
-@@ -470,7 +470,7 @@ key_unused() {
+@@ -586,7 +586,7 @@ key_unused() {
grep "Revoke:" "$PRIVATE_FILE" > /dev/null && log_error "unexpected revoked in $PRIVATE_FILE"
grep "Delete:" "$PRIVATE_FILE" > /dev/null && log_error "unexpected removed in $PRIVATE_FILE"
@@ -122,7 +139,58 @@ Portability in shell script, don't use == with test.
grep "Published: " "$STATE_FILE" > /dev/null && log_error "unexpected publish in $STATE_FILE"
grep "Active: " "$STATE_FILE" > /dev/null && log_error "unexpected active in $STATE_FILE"
grep "Retired: " "$STATE_FILE" > /dev/null && log_error "unexpected retired in $STATE_FILE"
-@@ -3134,8 +3134,8 @@ dnssec_verify
+@@ -1286,7 +1286,7 @@ set_keytimes_algorithm_policy() {
+ set_keytime "KEY1" "PUBLISHED" "${created}"
+ set_keytime "KEY1" "ACTIVE" "${created}"
+ # Key was pregenerated.
+- if [ "$1" == "pregenerated" ]; then
++ if [ "$1" = "pregenerated" ]; then
+ keyfile=$(key_get KEY1 BASEFILE)
+ grep "; Publish:" "${keyfile}.key" > published.test${n}.key1
+ published=$(awk '{print $3}' < published.test${n}.key1)
+@@ -1313,7 +1313,7 @@ set_keytimes_algorithm_policy() {
+ set_keytime "KEY2" "PUBLISHED" "${created}"
+ set_keytime "KEY2" "ACTIVE" "${created}"
+ # Key was pregenerated.
+- if [ "$1" == "pregenerated" ]; then
++ if [ "$1" = "pregenerated" ]; then
+ keyfile=$(key_get KEY2 BASEFILE)
+ grep "; Publish:" "${keyfile}.key" > published.test${n}.key2
+ published=$(awk '{print $3}' < published.test${n}.key2)
+@@ -1336,7 +1336,7 @@ set_keytimes_algorithm_policy() {
+ set_keytime "KEY3" "PUBLISHED" "${published}"
+ set_keytime "KEY3" "ACTIVE" "${published}"
+ # Key was pregenerated.
+- if [ "$1" == "pregenerated" ]; then
++ if [ "$1" = "pregenerated" ]; then
+ keyfile=$(key_get KEY3 BASEFILE)
+ grep "; Publish:" "${keyfile}.key" > published.test${n}.key3
+ published=$(awk '{print $3}' < published.test${n}.key3)
+@@ -2469,12 +2469,12 @@ rollover_predecessor_keytimes() {
+ set_addkeytime "KEY1" "PUBLISHED" "${_created}" "${_addtime}"
+ set_addkeytime "KEY1" "SYNCPUBLISH" "${_created}" "${_addtime}"
+ set_addkeytime "KEY1" "ACTIVE" "${_created}" "${_addtime}"
+- [ "$Lksk" == 0 ] || set_retired_removed "KEY1" "${Lksk}" "${IretKSK}"
++ [ "$Lksk" = 0 ] || set_retired_removed "KEY1" "${Lksk}" "${IretKSK}"
+
+ _created=$(key_get KEY2 CREATED)
+ set_addkeytime "KEY2" "PUBLISHED" "${_created}" "${_addtime}"
+ set_addkeytime "KEY2" "ACTIVE" "${_created}" "${_addtime}"
+- [ "$Lzsk" == 0 ] || set_retired_removed "KEY2" "${Lzsk}" "${IretZSK}"
++ [ "$Lzsk" = 0 ] || set_retired_removed "KEY2" "${Lzsk}" "${IretZSK}"
+ }
+
+ # Key properties.
+@@ -2922,7 +2922,7 @@ csk_rollover_predecessor_keytimes() {
+ set_addkeytime "KEY1" "PUBLISHED" "${_created}" "${_addksktime}"
+ set_addkeytime "KEY1" "SYNCPUBLISH" "${_created}" "${_addzsktime}"
+ set_addkeytime "KEY1" "ACTIVE" "${_created}" "${_addzsktime}"
+- [ "$Lcsk" == 0 ] || set_retired_removed "KEY1" "${Lcsk}" "${IretCSK}"
++ [ "$Lcsk" = 0 ] || set_retired_removed "KEY1" "${Lcsk}" "${IretCSK}"
+ }
+
+ #
+@@ -3824,8 +3824,8 @@ dnssec_verify
n=$((n+1))
echo_i "check that of zone ${ZONE} migration to dnssec-policy uses the same keys ($n)"
ret=0
@@ -133,7 +201,7 @@ Portability in shell script, don't use == with test.
status=$((status+ret))
# Test migration to dnssec-policy, existing keys do not match key algorithm.
-@@ -3191,8 +3191,8 @@ dnssec_verify
+@@ -3939,8 +3939,8 @@ dnssec_verify
n=$((n+1))
echo_i "check that of zone ${ZONE} migration to dnssec-policy keeps existing keys ($n)"
ret=0
@@ -144,7 +212,7 @@ Portability in shell script, don't use == with test.
status=$((status+ret))
# Test migration to dnssec-policy, existing keys do not match key length.
-@@ -3249,8 +3249,8 @@ dnssec_verify
+@@ -4055,8 +4055,8 @@ dnssec_verify
n=$((n+1))
echo_i "check that of zone ${ZONE} migration to dnssec-policy keeps existing keys ($n)"
ret=0
Home |
Main Index |
Thread Index |
Old Index