system/metadata/tests.sh

75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Hunt#!/bin/sh
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Hunt#
f3df966b81ba3d3db8412d8787af60ca05d3fce5Tinderbox User# Copyright (C) 2009, 2011-2014, 2016, 2017  Internet Systems Consortium, Inc. ("ISC")
bf8267aa453e5d2a735ed732a043b77a0b355b20Mark Andrews#
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews# This Source Code Form is subject to the terms of the Mozilla Public
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews# License, v. 2.0. If a copy of the MPL was not distributed with this
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews# file, You can obtain one at http://mozilla.org/MPL/2.0/.
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Hunt
b47c020d5c635b662ac57e5485d266fd62c796c0Evan Hunt# $Id: tests.sh,v 1.9 2011/07/08 01:43:26 each Exp $
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Hunt
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan HuntSYSTEMTESTTOP=..
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Hunt. $SYSTEMTESTTOP/conf.sh
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Hunt
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Huntpzone=parent.nil pfile=parent.db
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Huntczone=child.parent.nil cfile=child.db
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Huntstatus=0
079c9e6939ef8972bf0d13441738e6ef64505647Mark Andrewsn=1
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Hunt
095810f8cb710e0211c7db084191c2cad8e3c4c9Evan Huntecho "I:setting key timers"
095810f8cb710e0211c7db084191c2cad8e3c4c9Evan Hunt$SETTIME -A now+15s `cat rolling.key` > /dev/null
095810f8cb710e0211c7db084191c2cad8e3c4c9Evan Hunt
b47c020d5c635b662ac57e5485d266fd62c796c0Evan Huntinact=`sed 's/^K'${czone}'.+005+0*\([0-9]\)/\1/' < inact.key`
b47c020d5c635b662ac57e5485d266fd62c796c0Evan Huntksk=`sed 's/^K'${czone}'.+005+0*\([0-9]\)/\1/' < ksk.key`
b47c020d5c635b662ac57e5485d266fd62c796c0Evan Huntpending=`sed 's/^K'${czone}'.+005+0*\([0-9]\)/\1/' < pending.key`
b47c020d5c635b662ac57e5485d266fd62c796c0Evan Huntpostrev=`sed 's/^K'${czone}'.+005+0*\([0-9]\)/\1/' < postrev.key`
b47c020d5c635b662ac57e5485d266fd62c796c0Evan Huntprerev=`sed 's/^K'${czone}'.+005+0*\([0-9]\)/\1/' < prerev.key`
b47c020d5c635b662ac57e5485d266fd62c796c0Evan Huntrolling=`sed 's/^K'${czone}'.+005+0*\([0-9]\)/\1/' < rolling.key`
b47c020d5c635b662ac57e5485d266fd62c796c0Evan Huntstandby=`sed 's/^K'${czone}'.+005+0*\([0-9]\)/\1/' < standby.key`
b47c020d5c635b662ac57e5485d266fd62c796c0Evan Huntzsk=`sed 's/^K'${czone}'.+005+0*\([0-9]\)/\1/' < zsk.key`
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Hunt
cc51cd2d2076e33117c60c9effcb8caccde4983bWitold Krecicki$GENRANDOM 400 $RANDFILE
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Hunt
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Huntecho "I:signing zones"
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Hunt$SIGNER -Sg -o $czone $cfile > /dev/null 2>&1
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Hunt$SIGNER -Sg -o $pzone $pfile > /dev/null 2>&1
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Hunt
6a4d6e3379f891a532d16c1c1d822676de26905cEvan Huntawk '$2 ~ /RRSIG/ {
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Hunt        type = $3;
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Hunt        getline;
9a859983d7059a6eb9c877c1d2ac6a3a5b7170f7Evan Hunt    id = $3;
9a859983d7059a6eb9c877c1d2ac6a3a5b7170f7Evan Hunt    if ($4 ~ /'${czone}'/) {
6a4d6e3379f891a532d16c1c1d822676de26905cEvan Hunt        print type, id
6a4d6e3379f891a532d16c1c1d822676de26905cEvan Hunt    }
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Hunt}' < ${cfile}.signed > sigs
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Hunt
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Huntawk '$2 ~ /DNSKEY/ {
6a4d6e3379f891a532d16c1c1d822676de26905cEvan Hunt    flags = $3;
6a4d6e3379f891a532d16c1c1d822676de26905cEvan Hunt    while ($0 !~ /key id =/)
6a4d6e3379f891a532d16c1c1d822676de26905cEvan Hunt        getline;
9a859983d7059a6eb9c877c1d2ac6a3a5b7170f7Evan Hunt    id = $NF;
6a4d6e3379f891a532d16c1c1d822676de26905cEvan Hunt    print flags, id;
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Hunt}' < ${cfile}.signed > keys
6a4d6e3379f891a532d16c1c1d822676de26905cEvan Hunt
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Huntecho "I:checking that KSK signed DNSKEY only ($n)"
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Huntret=0
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Huntgrep "DNSKEY $ksk"'$' sigs > /dev/null || ret=1
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Huntgrep "SOA $ksk"'$' sigs > /dev/null && ret=1
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Huntn=`expr $n + 1`
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Huntif [ $ret != 0 ]; then echo "I:failed"; fi
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Huntstatus=`expr $status + $ret`
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Hunt
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Huntecho "I:checking that ZSK signed ($n)"
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Huntret=0
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Huntgrep "SOA $zsk"'$' sigs > /dev/null || ret=1
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Huntn=`expr $n + 1`
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Huntif [ $ret != 0 ]; then echo "I:failed"; fi
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Huntstatus=`expr $status + $ret`
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Hunt
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Huntecho "I:checking that standby ZSK did not sign ($n)"
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Huntret=0
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Huntgrep " $standby"'$' sigs > /dev/null && ret=1
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Huntn=`expr $n + 1`
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Huntif [ $ret != 0 ]; then echo "I:failed"; fi
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Huntstatus=`expr $status + $ret`
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Hunt
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Huntecho "I:checking that inactive key did not sign ($n)"
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Huntret=0
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Huntgrep " $inact"'$' sigs > /dev/null && ret=1
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Huntn=`expr $n + 1`
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Huntif [ $ret != 0 ]; then echo "I:failed"; fi
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Huntstatus=`expr $status + $ret`
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Hunt
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Huntecho "I:checking that pending key was not published ($n)"
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Huntret=0
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Huntgrep " $pending"'$' keys > /dev/null && ret=1
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Huntn=`expr $n + 1`
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Huntif [ $ret != 0 ]; then echo "I:failed"; fi
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Huntstatus=`expr $status + $ret`
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Hunt
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Huntecho "I:checking that standby KSK did not sign but is delegated ($n)"
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Huntret=0
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Huntgrep " $rolling"'$' sigs > /dev/null && ret=1
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Huntgrep " $rolling"'$' keys > /dev/null || ret=1
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Huntegrep "DS[  ]*$rolling[     ]" ${pfile}.signed > /dev/null || ret=1
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Huntn=`expr $n + 1`
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Huntif [ $ret != 0 ]; then echo "I:failed"; fi
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Huntstatus=`expr $status + $ret`
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Hunt
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Huntecho "I:checking that key was revoked ($n)"
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Huntret=0
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Huntgrep " $prerev"'$' keys > /dev/null && ret=1
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Huntgrep " $postrev"'$' keys > /dev/null || ret=1
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Huntn=`expr $n + 1`
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Huntif [ $ret != 0 ]; then echo "I:failed"; fi
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Huntstatus=`expr $status + $ret`
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Hunt
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Huntecho "I:checking that revoked key self-signed ($n)"
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Huntret=0
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Huntgrep "DNSKEY $postrev"'$' sigs > /dev/null || ret=1
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Huntgrep "SOA $postrev"'$' sigs > /dev/null && ret=1
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Huntn=`expr $n + 1`
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Huntif [ $ret != 0 ]; then echo "I:failed"; fi
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Huntstatus=`expr $status + $ret`
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Hunt
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Huntecho "I:waiting 20 seconds for key changes to occur"
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Huntsleep 20
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Hunt
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Huntecho "I:re-signing zone"
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Hunt$SIGNER  -Sg -o $czone -f ${cfile}.new ${cfile}.signed > /dev/null 2>&1
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Hunt
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Huntecho "I:checking that standby KSK is now active ($n)"
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Huntret=0
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Huntgrep "DNSKEY $rolling"'$' sigs > /dev/null && ret=1
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Huntn=`expr $n + 1`
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Huntif [ $ret != 0 ]; then echo "I:failed"; fi
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Huntstatus=`expr $status + $ret`
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Hunt
c514f38c801755da4dbe405139d8512873b332b0ckbecho "I:checking update of an old-style key ($n)"
10a759cee69dcc3ce3a4d65e6e263c66e7f60ee8Evan Huntret=0
10a759cee69dcc3ce3a4d65e6e263c66e7f60ee8Evan Hunt# printing metadata should not work with an old-style key
10a759cee69dcc3ce3a4d65e6e263c66e7f60ee8Evan Hunt$SETTIME -pall `cat oldstyle.key` > /dev/null 2>&1 && ret=1
10a759cee69dcc3ce3a4d65e6e263c66e7f60ee8Evan Hunt$SETTIME -f `cat oldstyle.key` > /dev/null 2>&1 || ret=1
10a759cee69dcc3ce3a4d65e6e263c66e7f60ee8Evan Hunt# but now it should
10a759cee69dcc3ce3a4d65e6e263c66e7f60ee8Evan Hunt$SETTIME -pall `cat oldstyle.key` > /dev/null 2>&1 || ret=1
10a759cee69dcc3ce3a4d65e6e263c66e7f60ee8Evan Huntn=`expr $n + 1`
10a759cee69dcc3ce3a4d65e6e263c66e7f60ee8Evan Huntif [ $ret != 0 ]; then echo "I:failed"; fi
10a759cee69dcc3ce3a4d65e6e263c66e7f60ee8Evan Huntstatus=`expr $status + $ret`
10a759cee69dcc3ce3a4d65e6e263c66e7f60ee8Evan Hunt
c514f38c801755da4dbe405139d8512873b332b0ckbecho "I:checking warning about permissions change on key with dnssec-settime ($n)"
079c9e6939ef8972bf0d13441738e6ef64505647Mark Andrewsuname=`uname -o 2> /dev/null`
079c9e6939ef8972bf0d13441738e6ef64505647Mark Andrewsif [ Cygwin == "$uname"  ]; then
cc51cd2d2076e33117c60c9effcb8caccde4983bWitold Krecicki    echo "I: Cygwin detected, skipping"
cc51cd2d2076e33117c60c9effcb8caccde4983bWitold Krecickielse
cc51cd2d2076e33117c60c9effcb8caccde4983bWitold Krecicki    ret=0
cc51cd2d2076e33117c60c9effcb8caccde4983bWitold Krecicki    # settime should print a warning about changing the permissions
cc51cd2d2076e33117c60c9effcb8caccde4983bWitold Krecicki    chmod 644 `cat oldstyle.key`.private
079c9e6939ef8972bf0d13441738e6ef64505647Mark Andrews    $SETTIME -P none `cat oldstyle.key` > settime1.test$n 2>&1 || ret=1
079c9e6939ef8972bf0d13441738e6ef64505647Mark Andrews    grep "warning: Permissions on the file.*have changed" settime1.test$n > /dev/null 2>&1 || ret=1
079c9e6939ef8972bf0d13441738e6ef64505647Mark Andrews    $SETTIME -P none `cat oldstyle.key` > settime2.test$n 2>&1 || ret=1
079c9e6939ef8972bf0d13441738e6ef64505647Mark Andrews    grep "warning: Permissions on the file.*have changed" settime2.test$n > /dev/null 2>&1 && ret=1
cc51cd2d2076e33117c60c9effcb8caccde4983bWitold Krecicki    n=`expr $n + 1`
cc51cd2d2076e33117c60c9effcb8caccde4983bWitold Krecicki    if [ $ret != 0 ]; then echo "I:failed"; fi
cc51cd2d2076e33117c60c9effcb8caccde4983bWitold Krecicki    status=`expr $status + $ret`
cc51cd2d2076e33117c60c9effcb8caccde4983bWitold Krecickifi
c514f38c801755da4dbe405139d8512873b332b0ckb
c8803902d6e740d1ed85e099835813466fa51391Curtis Blackburnecho "I:checking warning about delete date < inactive date with dnssec-settime ($n)"
c8803902d6e740d1ed85e099835813466fa51391Curtis Blackburnret=0
c8803902d6e740d1ed85e099835813466fa51391Curtis Blackburn# settime should print a warning about delete < inactive
c8803902d6e740d1ed85e099835813466fa51391Curtis Blackburn$SETTIME -I now+15s -D now `cat oldstyle.key` > tmp.out 2>&1 || ret=1
c8803902d6e740d1ed85e099835813466fa51391Curtis Blackburngrep "warning" tmp.out > /dev/null 2>&1 || ret=1
c8803902d6e740d1ed85e099835813466fa51391Curtis Blackburnn=`expr $n + 1`
c8803902d6e740d1ed85e099835813466fa51391Curtis Blackburnif [ $ret != 0 ]; then echo "I:failed"; fi
c8803902d6e740d1ed85e099835813466fa51391Curtis Blackburnstatus=`expr $status + $ret`
c8803902d6e740d1ed85e099835813466fa51391Curtis Blackburn
0aadc6dd7b719539445e7a0a058b15dd9d982a9bMichał Kępieńecho "I:checking no warning about delete date < inactive date with dnssec-settime when delete date is unset ($n)"
0aadc6dd7b719539445e7a0a058b15dd9d982a9bMichał Kępieńret=0
0aadc6dd7b719539445e7a0a058b15dd9d982a9bMichał Kępień$SETTIME -D none `cat oldstyle.key` > tmp.out 2>&1 || ret=1
0aadc6dd7b719539445e7a0a058b15dd9d982a9bMichał Kępień$SETTIME -p all `cat oldstyle.key` > tmp.out 2>&1 || ret=1
0aadc6dd7b719539445e7a0a058b15dd9d982a9bMichał Kępieńgrep "warning" tmp.out > /dev/null 2>&1 && ret=1
0aadc6dd7b719539445e7a0a058b15dd9d982a9bMichał Kępieńn=`expr $n + 1`
0aadc6dd7b719539445e7a0a058b15dd9d982a9bMichał Kępieńif [ $ret != 0 ]; then echo "I:failed"; fi
0aadc6dd7b719539445e7a0a058b15dd9d982a9bMichał Kępieństatus=`expr $status + $ret`
0aadc6dd7b719539445e7a0a058b15dd9d982a9bMichał Kępień
c8803902d6e740d1ed85e099835813466fa51391Curtis Blackburnecho "I:checking warning about delete date < inactive date with dnssec-keygen ($n)"
c8803902d6e740d1ed85e099835813466fa51391Curtis Blackburnret=0
c8803902d6e740d1ed85e099835813466fa51391Curtis Blackburn# keygen should print a warning about delete < inactive
c8803902d6e740d1ed85e099835813466fa51391Curtis Blackburn$KEYGEN -q -r $RANDFILE -I now+15s -D now $czone > tmp.out 2>&1 || ret=1
c8803902d6e740d1ed85e099835813466fa51391Curtis Blackburngrep "warning" tmp.out > /dev/null 2>&1 || ret=1
c8803902d6e740d1ed85e099835813466fa51391Curtis Blackburnn=`expr $n + 1`
c8803902d6e740d1ed85e099835813466fa51391Curtis Blackburnif [ $ret != 0 ]; then echo "I:failed"; fi
c8803902d6e740d1ed85e099835813466fa51391Curtis Blackburnstatus=`expr $status + $ret`
c8803902d6e740d1ed85e099835813466fa51391Curtis Blackburn
a165a17a81ff3285f4f4d79785fafb465e626183Evan Huntecho "I:checking correct behavior setting activation without publication date ($n)"
a165a17a81ff3285f4f4d79785fafb465e626183Evan Huntret=0
a165a17a81ff3285f4f4d79785fafb465e626183Evan Huntkey=`$KEYGEN -q -r $RANDFILE -A +1w $czone`
a165a17a81ff3285f4f4d79785fafb465e626183Evan Huntpub=`$SETTIME -upP $key | awk '{print $2}'`
a165a17a81ff3285f4f4d79785fafb465e626183Evan Huntact=`$SETTIME -upA $key | awk '{print $2}'`
a165a17a81ff3285f4f4d79785fafb465e626183Evan Hunt[ $pub -eq $act ] || ret=1
a165a17a81ff3285f4f4d79785fafb465e626183Evan Huntkey=`$KEYGEN -q -r $RANDFILE -A +1w -i 1d $czone`
a165a17a81ff3285f4f4d79785fafb465e626183Evan Huntpub=`$SETTIME -upP $key | awk '{print $2}'`
a165a17a81ff3285f4f4d79785fafb465e626183Evan Huntact=`$SETTIME -upA $key | awk '{print $2}'`
a165a17a81ff3285f4f4d79785fafb465e626183Evan Hunt[ $pub -lt $act ] || ret=1
a165a17a81ff3285f4f4d79785fafb465e626183Evan Huntkey=`$KEYGEN -q -r $RANDFILE -A +1w -P never $czone`
a165a17a81ff3285f4f4d79785fafb465e626183Evan Huntpub=`$SETTIME -upP $key | awk '{print $2}'`
a165a17a81ff3285f4f4d79785fafb465e626183Evan Hunt[ $pub = "UNSET" ] || ret=1
a165a17a81ff3285f4f4d79785fafb465e626183Evan Huntn=`expr $n + 1`
a165a17a81ff3285f4f4d79785fafb465e626183Evan Huntif [ $ret != 0 ]; then echo "I:failed"; fi
a165a17a81ff3285f4f4d79785fafb465e626183Evan Huntstatus=`expr $status + $ret`
a165a17a81ff3285f4f4d79785fafb465e626183Evan Hunt
f20ff8b74d21fa3e3f071544f6fd060d015cf27eMichał Kępieńecho "I:checking calculation of dates for a successor key ($n)"
f20ff8b74d21fa3e3f071544f6fd060d015cf27eMichał Kępieńret=0
f20ff8b74d21fa3e3f071544f6fd060d015cf27eMichał Kępieńoldkey=`$KEYGEN -q -r $RANDFILE $czone`
f20ff8b74d21fa3e3f071544f6fd060d015cf27eMichał Kępieńnewkey=`$KEYGEN -q -r $RANDFILE $czone`
f20ff8b74d21fa3e3f071544f6fd060d015cf27eMichał Kępień$SETTIME -A -2d -I +2d $oldkey > settime1.test$n 2>&1 || ret=1
f20ff8b74d21fa3e3f071544f6fd060d015cf27eMichał Kępień$SETTIME -i 1d -S $oldkey $newkey > settime2.test$n 2>&1 || ret=1
f20ff8b74d21fa3e3f071544f6fd060d015cf27eMichał Kępień$SETTIME -pA $newkey | grep "1970" > /dev/null && ret=1
f20ff8b74d21fa3e3f071544f6fd060d015cf27eMichał Kępieńn=`expr $n + 1`
f20ff8b74d21fa3e3f071544f6fd060d015cf27eMichał Kępieńif [ $ret != 0 ]; then echo "I:failed"; fi
f20ff8b74d21fa3e3f071544f6fd060d015cf27eMichał Kępieństatus=`expr $status + $ret`
f20ff8b74d21fa3e3f071544f6fd060d015cf27eMichał Kępień
75b8de87879ad017c9cd2ffc328e5d2391d16e99Evan Huntecho "I:exit status: $status"
3635d8f9104e70e141a8f191a0e6c1502ceed2f3Mark Andrews[ $status -eq 0 ] || exit 1