Changeset 10d9053 in mod_gnutls for test/test-27_OCSP_server.bash


Ignore:
Timestamp:
Jan 8, 2017, 9:00:28 AM (2 years ago)
Author:
Thomas Klute <thomas2.klute@…>
Branches:
debian/master, debian/stretch-backports, master, upstream
Children:
0202d6b
Parents:
0a12ff8
git-author:
Thomas Klute <thomas2.klute@…> (01/08/17 08:18:56)
git-committer:
Thomas Klute <thomas2.klute@…> (01/08/17 09:00:28)
Message:

Test suite, gen_ocsp_index.c: Handle serial as fixed order byte array

The previous approach assumed that the serial fits within a long long
unsigned type, because the test suite controls the serial. However,
this breaks on big endian architectures because the order in the
certificate is fixed and returned by gnutls_x509_crt_get_serial in
that way.

The fix is to print the serial byte for byte. Additionally OpenSSL
apparently requires upper case characters in the DB hex encoded
serial, which didn't show up previously due to the small serials. Use
a larger one for the server certificate to detect similar problems in
the future.

Cat the OCSP database into the test log for easier debugging on build
systems without direct file system access (e.g. Debian buildd).

File:
1 edited

Legend:

Unmodified
Added
Removed
  • test/test-27_OCSP_server.bash

    r0a12ff8 r10d9053  
    77# trigger OCSP server test in the runtests script
    88export CHECK_OCSP_SERVER="true"
     9echo "OCSP index for the test CA:"
     10cat authority/ocsp_index.txt
    911
    1012${srcdir}/runtests t-27
Note: See TracChangeset for help on using the changeset viewer.