Commit a96da828 authored by Ivana Krumlova's avatar Ivana Krumlova Committed by Petr Špaček

tools: scripts for sorting new (imported) tests

parent 9271a8d0
#!/bin/bash
# Sorts .rpl tests into several categories.
# Takes a diretory with the tests as an argument and moves the test to its subdirectories.
source=$1
# Test with the same name is already imported in deckard/sets/resolver
echo Already imported:
mkdir -p $source/imported
for test in `comm -12 <(ls -F ../sets/resolver/*.rpl | xargs -n 1 basename) <(ls -F $source/*.rpl | xargs -n 1 basename)`
do
echo -e '\t' $test
mv $source/$test $source/imported
done
# Parse failed
echo Parse failed:
mkdir -p $source/parsefail
for test in $source/*.rpl
do
if ! python3 parse.py $test >/dev/null 2>/dev/null
then
echo -e '\t' $test
mv $test $source/parsefail
fi
done
# Invalid DSA signatures (common in old testbound tests)
echo Invalid DSA signatures:
mkdir -p $source/invaliddsa
for test in $source/*.rpl
do
if ! python3 invalid_dsa.py $test >/dev/null 2>/dev/null
then
echo -e '\t' $test
mv $test $source/invaliddsa
fi
done
# Working on kresd in deckard
echo Working:
mkdir -p $source/working
for test in $source/*.rpl
do
path=$(readlink -m $test)
if TESTS=$path ./../kresd_run.sh >/dev/null 2>/dev/null
then
echo -e '\t' $test
mv $test $source/working
fi
done
# Others
echo Others:
mkdir -p $source/others
for test in $source/*.rpl
do
echo -e '\t' $test
mv $test $source/others
done
\ No newline at end of file
"""Returns 1 if there is a DNSSEC DSA signature which is not 41 bytes long.\
0 otherwise.
"""
import os
import sys
import base64
import argparse
# sys.path.insert(0, '..')
import pydnstest
import pydnstest.scenario
import pydnstest.augwrap
def parse(test):
""" Parse the test"""
_, config = pydnstest.scenario.parse_file(os.path.realpath(test))
aug = pydnstest.augwrap.AugeasWrapper(
confpath=os.path.realpath(test),
lens='Deckard', loadpath="../pydnstest")
node = aug.tree
return config, node
def get_dsakeys(config, node):
""" Make list of all DSA keys in the test"""
dsakeys = []
for conf in config:
if conf[0] == "trust-anchor":
conf[1] = conf[1][1:-1]
trust_anchor = conf[1].split()
for i, word in enumerate(trust_anchor):
if word == "DS":
algorithm = trust_anchor[i + 2]
if algorithm == "3" or algorithm == "DSA":
dsakeys.append(trust_anchor[i + 1])
for entry in node.match("/scenario/range/entry"):
records = list(entry.match("/section/answer/record"))
records.extend(list(entry.match("/section/authority/record")))
records.extend(list(entry.match("/section/additional/record")))
for record in records:
if record["/type"].value == "DS":
if record["/data"].value[1] in ["3", "DSA"]:
dsakeys.append(record["/data"].value[2])
return dsakeys
def check_rrsig(node, dsakeys):
""" Find records with wrong lenght of rrsig"""
for key in dsakeys:
for entry in node.match("/scenario/range/entry"):
records = list(entry.match("/section/answer/record"))
records.extend(list(entry.match("/section/authority/record")))
records.extend(list(entry.match("/section/additional/record")))
for record in records:
if record["/type"].value == "RRSIG":
rrsig_data = record["/data"].value.split()
if rrsig_data[6] == key:
if len(base64.b64decode(rrsig_data[8])) != 41:
return True
return False
def main():
"""Returns 1 if there is a DNSSEC DSA signature which is not 41 bytes long. \
0 otherwise."""
argparser = argparse.ArgumentParser()
argparser.add_argument("file")
args = argparser.parse_args()
config, node = parse(args.file)
dsakeys = get_dsakeys(config, node)
bad_rrsig = check_rrsig(node, dsakeys)
if bad_rrsig:
print(1)
sys.exit(1)
else:
print(0)
sys.exit(0)
main()
"""Returns 0 if the test is parsed, 1 if not."""
import sys
import os
import argparse
# sys.path.insert(0, '..')
import pydnstest
import pydnstest.scenario
def main():
"""Returns 0 if the test is parsed, 1 if not."""
argparser = argparse.ArgumentParser()
argparser.add_argument("file")
args = argparser.parse_args()
if pydnstest.scenario.parse_file(os.path.realpath(args.file)):
sys.exit(0)
else:
sys.exit(1)
main()
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment