Changeset 33af2b7 in mod_gnutls


Ignore:
Timestamp:
May 11, 2015, 6:28:20 PM (8 years ago)
Author:
Thomas Klute <thomas2.klute@…>
Branches:
asyncio, debian/master, debian/stretch-backports, jessie-backports, main, master, proxy-ticket, upstream
Children:
31caead
Parents:
e24eed68
git-author:
Thomas Klute <thomas2.klute@…> (05/11/15 18:12:28)
git-committer:
Thomas Klute <thomas2.klute@…> (05/11/15 18:28:20)
Message:

Test suite: Add tests to "dist" target and support VPATH builds

Supporting VPATH builds requires using $srcdir to find non-generated
data rather than fixed relative paths. If test are not called through
the make system, local defaults must be used. Not changing directories
during tests any more makes this easier.

A few files (e.g. templates, generated CRL) have been moved around to
better match the new structure.

Files:
1 added
89 edited
6 moved

Legend:

Unmodified
Added
Removed

  • configure.ac

    re24eed68 r33af2b7  
    8383AC_SUBST(MODULE_LIBS)
    8484
    85 AC_CONFIG_FILES([Makefile src/Makefile test/Makefile include/mod_gnutls.h])
     85AC_CONFIG_FILES([Makefile src/Makefile test/Makefile test/tests/Makefile include/mod_gnutls.h])
    8686AC_OUTPUT
    8787

  • test/.gitignore

    re24eed68 r33af2b7  
    1414authority.template
    1515msva.gnupghome
    16 crl.pem
    1716*.log
    1817*.trs
    1918*.lock
    20 tests/24_pkcs11_cert/softhsm.conf

  • test/Makefile.am

    re24eed68 r33af2b7  
    1 check_SCRIPTS = test-00_basic.bash \
     1SUBDIRS = tests
     2
     3dist_check_SCRIPTS = test-00_basic.bash \
    24        test-01_serverwide_priorities.bash \
    35        test-02_cache_in_vhost.bash \
     
    1517        test-14_basic_openpgp.bash
    1618if USE_MSVA
    17 check_SCRIPTS += test-15_basic_msva.bash
     19dist_check_SCRIPTS += test-15_basic_msva.bash
    1820endif
    19 check_SCRIPTS += test-16_view-status.bash \
     21dist_check_SCRIPTS += test-16_view-status.bash \
    2022        test-17_cgi_vars_large_cert.bash \
    2123        test-18_client_verification_wrong_cert.bash \
     
    2729        test-24_pkcs11_cert.bash
    2830
    29 TESTS = $(check_SCRIPTS)
     31TESTS = $(dist_check_SCRIPTS)
    3032
    3133# Test cases trying to create keys and certificates in parallel causes
     
    3941# running at any time, so test cases actually have to wait for each
    4042# other - just not in any particular order.
    41 check_DATA = setup.done
     43check_DATA = setup.done server/crl.pem
    4244
    43 MOSTLYCLEANFILES = cache/* logs/* outputs/*
     45MOSTLYCLEANFILES = cache/* logs/* outputs/* server/crl.pem
    4446
    4547clean-local:
    46         $(MAKE) -f TestMakefile $(AM_MAKEFLAGS) clean
     48        $(MAKE) -f $(srcdir)/TestMakefile $(AM_MAKEFLAGS) clean
    4749
    4850# SoftHSM files
     
    5456# conditions between multiple calls to TestMakefile for key and
    5557# certificate generation. It is ignored for setup.done itself.
    56 server/softhsm.db setup.done: setup.done
    57         $(MAKE) -f TestMakefile $(AM_MAKEFLAGS) $@
     58server/crl.pem server/softhsm.db setup.done: setup.done
     59        srcdir=$(srcdir) $(MAKE) -f $(srcdir)/TestMakefile $(AM_MAKEFLAGS) $@
     60
     61cert_templates = authority.template.in client.template.in \
     62        imposter.template.in rogueca.template server.template.in
     63apache_data = base_apache.conf data/* mime.types
     64
     65EXTRA_DIST = $(apache_data) $(cert_templates) *.uid.in proxy_backend.bash \
     66        runtests server-crl.template server-softhsm.conf softhsm.bash \
     67        TestMakefile

  • test/TestMakefile

    re24eed68 r33af2b7  
    55# run these tests to ensure that mod_gnutls can handle a range of
    66# simple configuration choices.
     7
     8export srcdir ?= .
    79
    810export TEST_HOST ?= localhost
     
    1820
    1921all: setup.done
    20         TEST_LOCK=$(TEST_LOCK) ./runtests
     22        TEST_LOCK=$(TEST_LOCK) $(srcdir)/runtests
    2123
    2224t-%: setup.done
    23         TEST_LOCK=$(TEST_LOCK) ./runtests $@
     25        TEST_LOCK=$(TEST_LOCK) $(srcdir)/runtests $@
    2426
    2527
     
    3234all_tokens := $(foreach id,$(identities),$(foreach token,$(tokens),$(id)/$(token)))
    3335
    34 %.template: %.template.in
     36%.template: $(srcdir)/%.template.in
    3537        sed s/__HOSTNAME__/$(TEST_HOST)/ < $< > $@
    3638
    37 server.uid: server.uid.in
     39%.uid: $(srcdir)/%.uid.in
    3840        sed s/__HOSTNAME__/$(TEST_HOST)/ < $< > $@
    3941
     
    6769authority/x509.pem: authority.template authority/secret.key
    6870        certtool --generate-self-signed --load-privkey authority/secret.key --template authority.template > $@
    69 rogueca/x509.pem: rogueca.template rogueca/secret.key
    70         certtool --generate-self-signed --load-privkey rogueca/secret.key --template rogueca.template > $@
     71rogueca/x509.pem: $(srcdir)/rogueca.template rogueca/secret.key
     72        certtool --generate-self-signed --load-privkey rogueca/secret.key --template $(srcdir)/rogueca.template > $@
    7173
    7274%/cert-request: %.template %/secret.key
     
    7779
    7880%/softhsm.db: %/x509.pem %/secret.key
    79         SOFTHSM_CONF="$(*)-softhsm.conf" ./softhsm.bash init $(dir $@)secret.key $(dir $@)x509.pem
     81        SOFTHSM_CONF="$(srcdir)/$(*)-softhsm.conf" $(srcdir)/softhsm.bash init $(dir $@)secret.key $(dir $@)x509.pem
     82
     83# Generate CRL revoking a certain certificate. Currently used to
     84# revoke the server certificate and check if setting the CRL as
     85# GnuTLSProxyCRLFile causes the connection to the back end server to
     86# fail.
     87%/crl.pem: %/x509.pem ${srcdir}/%-crl.template
     88        certtool --generate-crl \
     89                --load-ca-privkey authority/secret.key \
     90                --load-ca-certificate authority/x509.pem \
     91                --load-certificate $< \
     92                --template "${srcdir}/$(*)-crl.template" \
     93                > $@
    8094
    8195msva.gnupghome/trustdb.gpg: authority/minimal.pgp client/cert.pgp
     
    87101
    88102
    89 setup.done: $(all_tokens) msva.gnupghome/trustdb.gpg
     103setup.done: $(all_tokens) msva.gnupghome/trustdb.gpg client.uid
    90104        mkdir -p logs cache outputs
    91105        touch setup.done
     
    94108clean:
    95109        rm -rf server client authority logs cache outputs setup.done \
    96         server.template msva.gnupghome \
     110        server.template imposter.template msva.gnupghome \
    97111        */*.pgp */*.gpg */*.gpg~ */*.pem */*.key authority.template \
    98         client.template server.uid *.lock tests/*/*.pem
     112        client.template client.uid server.uid *.lock tests/*/*.pem
    99113        rmdir imposter rogueca || true
    100114

  • test/base_apache.conf

    re24eed68 r33af2b7  
    1 ServerRoot ${PWD}/../..
     1ServerRoot ${PWD}
    22
    33LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined
     
    1212LoadModule authz_core_module /usr/lib/apache2/modules/mod_authz_core.so
    1313LoadModule mime_module /usr/lib/apache2/modules/mod_mime.so
     14TypesConfig ${srcdir}/mime.types
    1415
    1516Listen ${TEST_IP}:${TEST_PORT}
    1617
    17 DocumentRoot data
     18DocumentRoot ${srcdir}/data
    1819LoadModule gnutls_module ../src/.libs/libmod_gnutls.so

  • test/proxy_backend.bash

    re24eed68 r33af2b7  
    1212    export BACKEND_PORT="9934"
    1313fi
    14 if [ -z "${BACKEND_LOCK}" ] && [ -n "${testdir}" ]; then
    15     BACKEND_LOCK="$(realpath ${testdir}/../../backend.lock)"
    16 fi
     14: ${BACKEND_LOCK:="backend.lock"}
     15: ${srcdir:="."}
    1716
    1817function backend_apache
     
    3231        export TEST_IP="${BACKEND_IP}"
    3332        export TEST_PORT="${BACKEND_PORT}"
     33        export srcdir="$(realpath ${srcdir})"
    3434        case $action in
    3535            start)
    36                 cd "${dir}"
    3736                ${flock_cmd} \
    38                     /usr/sbin/apache2 -f "$(pwd)/${conf}" -k start || return 1
     37                    /usr/sbin/apache2 -f "$(realpath ${testdir}/${conf})" -k start || return 1
    3938                ;;
    4039            stop)
    41                 cd "${dir}"
    42                 /usr/sbin/apache2 -f "$(pwd)/${conf}" -k stop || return 1
     40                /usr/sbin/apache2 -f "$(realpath ${testdir}/${conf})" -k stop || return 1
    4341                ;;
    4442        esac

  • test/runtests

    re24eed68 r33af2b7  
    2121
    2222if [ 0 != "$BADVARS" ]; then
    23     exit 1
    24 fi
    25 
    26 if [ . != "$(dirname "$0")" ]; then
    27     printf "You should only run this mod-gnutls test suite from the test/ directory of the mod_gnutls source.\n" >&2
    2823    exit 1
    2924fi
     
    8580function apache_down_err() {
    8681    printf "FAILURE: %s\n" "$TEST_NAME"
    87     /usr/sbin/apache2 -f "$(pwd)/apache.conf" -k stop || true
     82    /usr/sbin/apache2 -f "${t}/apache.conf" -k stop || true
    8883    if [ -e output ]; then
    8984        printf "\ngnutls-cli outputs:\n"
     
    9691
    9792    printf "\nApache error logs:\n"
    98     tail "../../logs/${TEST_NAME}.error.log"
     93    tail "logs/${TEST_NAME}.error.log"
    9994
    10095    if [ -n "${USE_MSVA}" ]; then
     
    10499
    105100if [ -z "$tests" ] ; then
    106     tests=./tests/*
     101    tests=${srcdir}/tests/*
    107102else
    108     tests=./tests/"$(printf "%02d" "$tests")"_*
     103    tests=${srcdir}/tests/"$(printf "%02d" "$tests")"_*
    109104fi
    110105
    111106if [ -n "${USE_MSVA}" ]; then
    112     GNUPGHOME=$(pwd)/msva.gnupghome MSVA_KEYSERVER_POLICY=never monkeysphere-validation-agent &
     107    GNUPGHOME=msva.gnupghome MSVA_KEYSERVER_POLICY=never monkeysphere-validation-agent &
    113108    trap stop_msva EXIT
    114109
     
    125120        sleep "$TEST_GAP"
    126121    fi
     122    t="$(realpath ${t})"
     123    export srcdir="$(realpath ${srcdir})"
    127124    export TEST_NAME="$(basename "$t")"
    128     output="../../outputs/${TEST_NAME}.output"
     125    output="outputs/${TEST_NAME}.output"
    129126    rm -f "$output"
    130     cd "$t"
    131     if [ -e fail.* ]; then
     127
     128    if [ -e ${t}/fail.* ]; then
    132129        EXPECTED_FAILURE="$(printf " (expected: %s)" fail.*)"
    133130    else
     
    139136        MONKEYSPHERE_VALIDATION_AGENT_SOCKET="http://127.0.0.1:$MSVA_PORT" \
    140137            ${flock_cmd} \
    141             /usr/sbin/apache2 -f "$(pwd)/apache.conf" -k start \
    142             || [ -e fail.server ]
     138            /usr/sbin/apache2 -f "${t}/apache.conf" -k start \
     139            || [ -e "${t}/fail.server" ]
    143140    else
    144141        ${flock_cmd} \
    145             /usr/sbin/apache2 -f "$(pwd)/apache.conf" -k start \
    146             || [ -e fail.server ]
     142            /usr/sbin/apache2 -f "${t}/apache.conf" -k start \
     143            || [ -e "${t}/fail.server" ]
    147144    fi
    148145
     
    156153    # case to proceed instead of waiting for it to return. The sleep
    157154    # process is stopped after gnutls-cli terminates.
    158     if (sed "s/__HOSTNAME__/${TEST_HOST}/" <./input && \
     155    if (sed "s/__HOSTNAME__/${TEST_HOST}/" <${t}/input && \
    159156        run_with_pidfile "${sleep_pidfile}" sleep "${TEST_QUERY_DELAY}" &) | \
    160         gnutls-cli -p "${TEST_PORT}" $(cat ./gnutls-cli.args) "${TEST_HOST}" \
     157        gnutls-cli -p "${TEST_PORT}" $(cat ${t}/gnutls-cli.args) "${TEST_HOST}" \
    161158        >"$output";
    162159    then
    163         if [ -e fail* ]; then
     160        if [ -e ${t}/fail* ]; then
    164161            printf "%s should have failed but succeeded\n" "$(basename "$t")" >&2
    165162            exit 1
    166163        fi
    167164    else
    168         if [ ! -e fail* ]; then
     165        if [ ! -e ${t}/fail* ]; then
    169166            printf "%s should have succeeded but failed\n" "$(basename "$t")" >&2
    170167            exit 1
     
    175172    unset sleep_pidfile
    176173
    177     if [ -e output ] ; then
    178         diff_output_filter_headers "output" "$output" "-q"
     174    if [ -e ${t}/output ] ; then
     175        diff_output_filter_headers "${t}/output" "$output" "-q"
    179176    fi
    180     /usr/sbin/apache2 -f "$(pwd)/apache.conf" -k stop || [ -e fail.server ]
     177    /usr/sbin/apache2 -f "${t}/apache.conf" -k stop || [ -e ${t}/fail.server ]
    181178    if [ -n "${USE_MSVA}" ]; then
    182179        trap stop_msva EXIT
     
    185182    fi
    186183    printf "SUCCESS: %s\n" "$TEST_NAME"
    187     cd ../..
    188184done
    189185

  • test/softhsm.bash

    re24eed68 r33af2b7  
    9595softhsm_lib="${softhsm_prefix}/lib/softhsm/libsofthsm.so"
    9696
    97 # provided SOFTHSM_CONF always takes precedence, otherwise try to
    98 # guess based on testdir
     97# fail if SOFTHSM_CONF is not set
    9998if [ -z "${SOFTHSM_CONF}" ]; then
    100     if [ -n "${testdir}" ]; then
    101         export SOFTHSM_CONF="$(realpath ${testdir}/softhsm.conf)"
    102     else
    103         echo "ERROR: Neither SOFTHSM_CONF nor testdir set!" 2>&1
    104         exit 1
    105     fi
     99    echo "ERROR: SOFTHSM_CONF not set!" 1>&2
     100    exit 1
    106101else
    107102    export SOFTHSM_CONF
     
    116111cert_label="certificate"
    117112
    118 # The Apache/SoftHSM configuration mixes up directories, so generate
    119 # softhsm.conf with an absolute path to the token database if a
    120 # template is present. Generating it on every run avoids problems if
    121 # the source tree was moved.
    122 if [ -e "${SOFTHSM_CONF}.in" ]; then
    123     cat "${SOFTHSM_CONF}.in" | sed "s,__DIR__,$(realpath $(dirname ${SOFTHSM_CONF}))," \
    124         >"${SOFTHSM_CONF}"
    125 fi
    126 
    127113if [ "${init}" = "true" ]; then
    128114    prepare_token "${token_label}" "${2}" "${3}"

  • test/test-00_basic.bash

    re24eed68 r33af2b7  
    11#!/bin/bash
    2 make -f TestMakefile t-0
     2make -f $(dirname ${0})/TestMakefile t-0

  • test/test-01_serverwide_priorities.bash

    re24eed68 r33af2b7  
    11#!/bin/bash
    2 make -f TestMakefile t-1
     2make -f $(dirname ${0})/TestMakefile t-1

  • test/test-02_cache_in_vhost.bash

    re24eed68 r33af2b7  
    11#!/bin/bash
    2 make -f TestMakefile t-2
     2make -f $(dirname ${0})/TestMakefile t-2

  • test/test-03_cachetimeout_in_vhost.bash

    re24eed68 r33af2b7  
    11#!/bin/bash
    2 make -f TestMakefile t-3
     2make -f $(dirname ${0})/TestMakefile t-3

  • test/test-04_basic_nosni.bash

    re24eed68 r33af2b7  
    11#!/bin/bash
    2 make -f TestMakefile t-4
     2make -f $(dirname ${0})/TestMakefile t-4

  • test/test-05_mismatched-priorities.bash

    re24eed68 r33af2b7  
    11#!/bin/bash
    2 make -f TestMakefile t-5
     2make -f $(dirname ${0})/TestMakefile t-5

  • test/test-06_verify_sni_a.bash

    re24eed68 r33af2b7  
    11#!/bin/bash
    2 make -f TestMakefile t-6
     2make -f $(dirname ${0})/TestMakefile t-6

  • test/test-07_verify_sni_b.bash

    re24eed68 r33af2b7  
    11#!/bin/bash
    2 make -f TestMakefile t-7
     2make -f $(dirname ${0})/TestMakefile t-7

  • test/test-08_verify_no_sni_fallback_to_first_vhost.bash

    re24eed68 r33af2b7  
    11#!/bin/bash
    2 make -f TestMakefile t-8
     2make -f $(dirname ${0})/TestMakefile t-8

  • test/test-09_verify_no_sni_fails_with_wrong_order.bash

    re24eed68 r33af2b7  
    11#!/bin/bash
    2 make -f TestMakefile t-9
     2make -f $(dirname ${0})/TestMakefile t-9

  • test/test-10_basic_client_verification.bash

    re24eed68 r33af2b7  
    11#!/bin/bash
    2 make -f TestMakefile t-10
     2make -f $(dirname ${0})/TestMakefile t-10

  • test/test-11_basic_client_verification_fail.bash

    re24eed68 r33af2b7  
    11#!/bin/bash
    2 make -f TestMakefile t-11
     2make -f $(dirname ${0})/TestMakefile t-11

  • test/test-12_cgi_variables.bash

    re24eed68 r33af2b7  
    11#!/bin/bash
    2 make -f TestMakefile t-12
     2make -f $(dirname ${0})/TestMakefile t-12

  • test/test-13_cgi_variables_no_client_cert.bash

    re24eed68 r33af2b7  
    11#!/bin/bash
    2 make -f TestMakefile t-13
     2make -f $(dirname ${0})/TestMakefile t-13

  • test/test-14_basic_openpgp.bash

    re24eed68 r33af2b7  
    11#!/bin/bash
    2 make -f TestMakefile t-14
     2make -f $(dirname ${0})/TestMakefile t-14

  • test/test-15_basic_msva.bash

    re24eed68 r33af2b7  
    11#!/bin/bash
    2 USE_MSVA="yes" make -f TestMakefile t-15
     2USE_MSVA="yes" make -f $(dirname ${0})/TestMakefile t-15

  • test/test-16_view-status.bash

    re24eed68 r33af2b7  
    11#!/bin/bash
    2 make -f TestMakefile t-16
     2make -f $(dirname ${0})/TestMakefile t-16

  • test/test-17_cgi_vars_large_cert.bash

    re24eed68 r33af2b7  
    11#!/bin/bash
    2 make -f TestMakefile t-17
     2make -f $(dirname ${0})/TestMakefile t-17

  • test/test-18_client_verification_wrong_cert.bash

    re24eed68 r33af2b7  
    11#!/bin/bash
    2 make -f TestMakefile t-18
     2make -f $(dirname ${0})/TestMakefile t-18

  • test/test-19_TLS_reverse_proxy.bash

    re24eed68 r33af2b7  
    22
    33set -e
     4: ${srcdir:="."}
    45
    5 testdir="./tests/19_TLS_reverse_proxy"
    6 . ./proxy_backend.bash
     6testdir="${srcdir}/tests/19_TLS_reverse_proxy"
     7. $(dirname ${0})/proxy_backend.bash
    78
    89function stop_backend
     
    1314trap stop_backend EXIT
    1415
    15 make -f TestMakefile t-19
     16make -f $(dirname ${0})/TestMakefile t-19
    1617
    1718backend_apache "${testdir}" "backend.conf" stop

  • test/test-20_TLS_reverse_proxy_client_auth.bash

    re24eed68 r33af2b7  
    22
    33set -e
     4: ${srcdir:="."}
    45
    5 testdir="./tests/20_TLS_reverse_proxy_client_auth"
    6 . ./proxy_backend.bash
     6testdir="${srcdir}/tests/20_TLS_reverse_proxy_client_auth"
     7. $(dirname ${0})/proxy_backend.bash
    78
    89function stop_backend
     
    1314trap stop_backend EXIT
    1415
    15 make -f TestMakefile t-20
     16make -f $(dirname ${0})/TestMakefile t-20
    1617
    1718backend_apache "${testdir}" "backend.conf" stop

  • test/test-21_TLS_reverse_proxy_wrong_cert.bash

    re24eed68 r33af2b7  
    22
    33set -e
     4: ${srcdir:="."}
    45
    5 testdir="./tests/21_TLS_reverse_proxy_wrong_cert"
    6 . ./proxy_backend.bash
     6testdir="${srcdir}/tests/21_TLS_reverse_proxy_wrong_cert"
     7. $(dirname ${0})/proxy_backend.bash
    78
    89function stop_backend
     
    1314trap stop_backend EXIT
    1415
    15 make -f TestMakefile t-21
     16make -f $(dirname ${0})/TestMakefile t-21
    1617
    1718backend_apache "${testdir}" "backend.conf" stop

  • test/test-22_TLS_reverse_proxy_crl_revoke.bash

    re24eed68 r33af2b7  
    22
    33set -e
     4: ${srcdir:="."}
    45
    5 testdir="./tests/22_TLS_reverse_proxy_crl_revoke"
    6 . ./proxy_backend.bash
    7 
    8 # Generate CRL revoking the server certificate. Using it as
    9 # GnuTLSProxyCRLFile should cause the connection to the back end
    10 # server to fail.
    11 certtool --generate-crl \
    12     --load-ca-privkey authority/secret.key \
    13     --load-ca-certificate authority/x509.pem \
    14     --load-certificate server/x509.pem \
    15     --template "${testdir}/crl.template" \
    16     >"${testdir}/crl.pem"
     6testdir="${srcdir}/tests/22_TLS_reverse_proxy_crl_revoke"
     7. $(dirname ${0})/proxy_backend.bash
    178
    189function stop_backend
     
    2314trap stop_backend EXIT
    2415
    25 make -f TestMakefile t-22
     16make -f $(dirname ${0})/TestMakefile t-22
    2617
    2718backend_apache "${testdir}" "backend.conf" stop

  • test/test-23_TLS_reverse_proxy_mismatched_priorities.bash

    re24eed68 r33af2b7  
    22
    33set -e
     4: ${srcdir:="."}
    45
    5 testdir="./tests/23_TLS_reverse_proxy_mismatched_priorities"
    6 . ./proxy_backend.bash
     6testdir="${srcdir}/tests/23_TLS_reverse_proxy_mismatched_priorities"
     7. $(dirname ${0})/proxy_backend.bash
    78
    89# This test checks if server and proxy priorities are applied
     
    1819trap stop_backend EXIT
    1920
    20 make -f TestMakefile t-23
     21make -f $(dirname ${0})/TestMakefile t-23
    2122
    2223backend_apache "${testdir}" "backend.conf" stop

  • test/test-24_pkcs11_cert.bash

    re24eed68 r33af2b7  
    11#!/bin/bash
    22
    3 testdir="./tests/24_pkcs11_cert"
    4 . ./softhsm.bash
     3testdir="$(dirname ${0})/tests/24_pkcs11_cert"
     4
     5# The Apache/SoftHSM configuration mixes up directories, so generate a
     6# config file with an absolute path to the token database from a
     7# template. Generating it on every run avoids problems if the source
     8# tree was moved.
     9tmp_softhsm_conf="$(mktemp mod_gnutls_test-XXXXXX.conf)"
     10function cleanup_tmpconf
     11{
     12    rm "${tmp_softhsm_conf}"
     13}
     14trap cleanup_tmpconf EXIT
     15
     16sed "s,__DIR__,$(realpath $(pwd))," \
     17    "${testdir}/softhsm.conf.in" \
     18    >"${tmp_softhsm_conf}"
     19export SOFTHSM_CONF="${tmp_softhsm_conf}"
     20echo "Generated temporary SoftHSM config ${tmp_softhsm_conf}:"
     21cat "${tmp_softhsm_conf}"
     22
     23. $(dirname ${0})/softhsm.bash
    524
    625set -e
    726
    8 make -f TestMakefile t-24
     27make -f $(dirname ${0})/TestMakefile t-24
     28
     29cleanup_tmpconf
     30trap - EXIT

  • test/tests/00_basic/apache.conf

    re24eed68 r33af2b7  
    1 Include ${PWD}/../../base_apache.conf
     1Include ${srcdir}/base_apache.conf
    22
    33GnuTLSCache dbm cache/gnutls_cache

  • test/tests/00_basic/gnutls-cli.args

    re24eed68 r33af2b7  
    1 --x509cafile=../../authority/x509.pem
     1--x509cafile=authority/x509.pem
    22--priority=NORMAL

  • test/tests/01_serverwide_priorities/apache.conf

    re24eed68 r33af2b7  
    1 Include ${PWD}/../../base_apache.conf
     1Include ${srcdir}/base_apache.conf
    22
    33GnuTLSCache dbm cache/gnutls_cache

  • test/tests/01_serverwide_priorities/gnutls-cli.args

    re24eed68 r33af2b7  
    1 --x509cafile=../../authority/x509.pem
     1--x509cafile=authority/x509.pem
    22--priority=NORMAL

  • test/tests/02_cache_in_vhost/apache.conf

    re24eed68 r33af2b7  
    1 Include ${PWD}/../../base_apache.conf
     1Include ${srcdir}/base_apache.conf
    22
    33<VirtualHost ${TEST_IP}:${TEST_PORT}>

  • test/tests/02_cache_in_vhost/gnutls-cli.args

    re24eed68 r33af2b7  
    1 --x509cafile=../../authority/x509.pem
     1--x509cafile=authority/x509.pem
    22--priority=NORMAL

  • test/tests/03_cachetimeout_in_vhost/apache.conf

    re24eed68 r33af2b7  
    1 Include ${PWD}/../../base_apache.conf
     1Include ${srcdir}/base_apache.conf
    22
    33<VirtualHost ${TEST_IP}:${TEST_PORT}>

  • test/tests/03_cachetimeout_in_vhost/gnutls-cli.args

    re24eed68 r33af2b7  
    1 --x509cafile=../../authority/x509.pem
     1--x509cafile=authority/x509.pem
    22--priority=NORMAL

  • test/tests/04_basic_nosni/apache.conf

    re24eed68 r33af2b7  
    1 Include ${PWD}/../../base_apache.conf
     1Include ${srcdir}/base_apache.conf
    22
    33GnuTLSCache dbm cache/gnutls_cache

  • test/tests/04_basic_nosni/gnutls-cli.args

    re24eed68 r33af2b7  
    1 --x509cafile=../../authority/x509.pem
     1--x509cafile=authority/x509.pem
    22--priority=NORMAL
    33--disable-extensions

  • test/tests/05_mismatched-priorities/apache.conf

    re24eed68 r33af2b7  
    1 Include ${PWD}/../../base_apache.conf
     1Include ${srcdir}/base_apache.conf
    22
    33GnuTLSCache dbm cache/gnutls_cache

  • test/tests/05_mismatched-priorities/gnutls-cli.args

    re24eed68 r33af2b7  
    1 --x509cafile=../../authority/x509.pem
     1--x509cafile=authority/x509.pem
    22--priority=NORMAL:-VERS-TLS-ALL:+VERS-SSL3.0

  • test/tests/06_verify_sni_a/apache.conf

    re24eed68 r33af2b7  
    1 Include ${PWD}/../../base_apache.conf
     1Include ${srcdir}/base_apache.conf
    22
    33GnuTLSCache dbm cache/gnutls_cache

  • test/tests/06_verify_sni_a/gnutls-cli.args

    re24eed68 r33af2b7  
    1 --x509cafile=../../authority/x509.pem
     1--x509cafile=authority/x509.pem
    22--priority=NORMAL

  • test/tests/07_verify_sni_b/apache.conf

    re24eed68 r33af2b7  
    1 Include ${PWD}/../../base_apache.conf
     1Include ${srcdir}/base_apache.conf
    22
    33GnuTLSCache dbm cache/gnutls_cache

  • test/tests/07_verify_sni_b/gnutls-cli.args

    re24eed68 r33af2b7  
    1 --x509cafile=../../authority/x509.pem
     1--x509cafile=authority/x509.pem
    22--priority=NORMAL

  • test/tests/08_verify_no_sni_fallback_to_first_vhost/apache.conf

    re24eed68 r33af2b7  
    1 Include ${PWD}/../../base_apache.conf
     1Include ${srcdir}/base_apache.conf
    22
    33GnuTLSCache dbm cache/gnutls_cache

  • test/tests/08_verify_no_sni_fallback_to_first_vhost/gnutls-cli.args

    re24eed68 r33af2b7  
    11--disable-extensions
    2 --x509cafile=../../authority/x509.pem
     2--x509cafile=authority/x509.pem
    33--priority=NORMAL

  • test/tests/09_verify_no_sni_fails_with_wrong_order/apache.conf

    re24eed68 r33af2b7  
    1 Include ${PWD}/../../base_apache.conf
     1Include ${srcdir}/base_apache.conf
    22
    33GnuTLSCache dbm cache/gnutls_cache

  • test/tests/09_verify_no_sni_fails_with_wrong_order/gnutls-cli.args

    re24eed68 r33af2b7  
    11--disable-extensions
    2 --x509cafile=../../authority/x509.pem
     2--x509cafile=authority/x509.pem
    33--priority=NORMAL

  • test/tests/10_basic_client_verification/apache.conf

    re24eed68 r33af2b7  
    1 Include ${PWD}/../../base_apache.conf
     1Include ${srcdir}/base_apache.conf
    22
    33GnuTLSCache dbm cache/gnutls_cache

  • test/tests/10_basic_client_verification/gnutls-cli.args

    re24eed68 r33af2b7  
    1 --x509certfile=../../client/x509.pem
    2 --x509keyfile=../../client/secret.key
    3 --x509cafile=../../authority/x509.pem
     1--x509certfile=client/x509.pem
     2--x509keyfile=client/secret.key
     3--x509cafile=authority/x509.pem
    44--priority=NORMAL

  • test/tests/11_basic_client_verification_fail/apache.conf

    re24eed68 r33af2b7  
    1 Include ${PWD}/../../base_apache.conf
     1Include ${srcdir}/base_apache.conf
    22
    33GnuTLSCache dbm cache/gnutls_cache

  • test/tests/11_basic_client_verification_fail/gnutls-cli.args

    re24eed68 r33af2b7  
    1 --x509cafile=../../authority/x509.pem
     1--x509cafile=authority/x509.pem
    22--priority=NORMAL

  • test/tests/12_cgi_variables/apache.conf

    re24eed68 r33af2b7  
    1 Include ${PWD}/../../base_apache.conf
     1Include ${srcdir}/base_apache.conf
    22
    33LoadModule cgi_module /usr/lib/apache2/modules/mod_cgi.so
     
    77GnuTLSCache dbm cache/gnutls_cache
    88
    9 <Directory ${PWD}/../../data>
     9<Directory ${srcdir}/data>
    1010 Options +ExecCGI
    1111</Directory>

  • test/tests/12_cgi_variables/gnutls-cli.args

    re24eed68 r33af2b7  
    1 --x509certfile=../../client/x509.pem
    2 --x509keyfile=../../client/secret.key
    3 --x509cafile=../../authority/x509.pem
     1--x509certfile=client/x509.pem
     2--x509keyfile=client/secret.key
     3--x509cafile=authority/x509.pem
    44--priority=NORMAL:-KX-ALL:+DHE-RSA

  • test/tests/13_cgi_variables_no_client_cert/apache.conf

    re24eed68 r33af2b7  
    1 Include ${PWD}/../../base_apache.conf
     1Include ${srcdir}/base_apache.conf
    22
    33LoadModule cgi_module /usr/lib/apache2/modules/mod_cgi.so
     
    77GnuTLSCache dbm cache/gnutls_cache
    88
    9 <Directory ${PWD}/../../data>
     9<Directory ${srcdir}/data>
    1010 Options +ExecCGI
    1111</Directory>

  • test/tests/13_cgi_variables_no_client_cert/gnutls-cli.args

    re24eed68 r33af2b7  
    1 --x509cafile=../../authority/x509.pem
     1--x509cafile=authority/x509.pem
    22--priority=NORMAL

  • test/tests/14_basic_openpgp/apache.conf

    re24eed68 r33af2b7  
    1 Include ${PWD}/../../base_apache.conf
     1Include ${srcdir}/base_apache.conf
    22
    33GnuTLSCache dbm cache/gnutls_cache

  • test/tests/14_basic_openpgp/gnutls-cli.args

    re24eed68 r33af2b7  
    1 --pgpkeyring=../../authority/cert.pgp
     1--pgpkeyring=authority/cert.pgp
    22--priority=NORMAL:-CTYPE-X509:+CTYPE-OPENPGP:+CTYPE-X509

  • test/tests/15_basic_msva/apache.conf

    re24eed68 r33af2b7  
    1 Include ${PWD}/../../base_apache.conf
     1Include ${srcdir}/base_apache.conf
    22
    33GnuTLSCache dbm cache/gnutls_cache

  • test/tests/15_basic_msva/gnutls-cli.args

    re24eed68 r33af2b7  
    1 --x509certfile=../../client/x509.pem
    2 --x509keyfile=../../client/secret.key
    3 --x509cafile=../../authority/x509.pem
     1--x509certfile=client/x509.pem
     2--x509keyfile=client/secret.key
     3--x509cafile=authority/x509.pem
    44--priority=NORMAL

  • test/tests/16_view-status/apache.conf

    re24eed68 r33af2b7  
    1 Include ${PWD}/../../base_apache.conf
     1Include ${srcdir}/base_apache.conf
    22
    33LoadModule status_module /usr/lib/apache2/modules/mod_status.so

  • test/tests/16_view-status/gnutls-cli.args

    re24eed68 r33af2b7  
    1 --x509cafile=../../authority/x509.pem
     1--x509cafile=authority/x509.pem
    22--priority=NONE:+VERS-TLS1.0:+AES-128-CBC:+SHA1:+RSA:+COMP-NULL

  • test/tests/17_cgi_vars_large_cert/apache.conf

    re24eed68 r33af2b7  
    1 Include ${PWD}/../../base_apache.conf
     1Include ${srcdir}/base_apache.conf
    22
    33LoadModule cgi_module /usr/lib/apache2/modules/mod_cgi.so
     
    77GnuTLSCache dbm cache/gnutls_cache
    88
    9 <Directory ${PWD}/../../data>
     9<Directory ${srcdir}/data>
    1010 Options +ExecCGI
    1111</Directory>

  • test/tests/17_cgi_vars_large_cert/gnutls-cli.args

    re24eed68 r33af2b7  
    1 --x509certfile=../../client/x509.pem
    2 --x509keyfile=../../client/secret.key
    3 --x509cafile=../../authority/x509.pem
     1--x509certfile=client/x509.pem
     2--x509keyfile=client/secret.key
     3--x509cafile=authority/x509.pem
    44--priority=NORMAL:-KX-ALL:+DHE-RSA

  • test/tests/18_client_verification_wrong_cert/apache.conf

    re24eed68 r33af2b7  
    1 Include ${PWD}/../../base_apache.conf
     1Include ${srcdir}/base_apache.conf
    22
    33GnuTLSCache dbm cache/gnutls_cache

  • test/tests/18_client_verification_wrong_cert/gnutls-cli.args

    re24eed68 r33af2b7  
    1 --x509certfile=../../rogueca/x509.pem
    2 --x509keyfile=../../rogueca/secret.key
    3 --x509cafile=../../authority/x509.pem
     1--x509certfile=rogueca/x509.pem
     2--x509keyfile=rogueca/secret.key
     3--x509cafile=authority/x509.pem
    44--priority=NORMAL

  • test/tests/19_TLS_reverse_proxy/apache.conf

    re24eed68 r33af2b7  
    1 Include ${PWD}/../../base_apache.conf
     1Include ${srcdir}/base_apache.conf
    22
    33GnuTLSCache dbm cache/gnutls_cache

  • test/tests/19_TLS_reverse_proxy/backend.conf

    re24eed68 r33af2b7  
    1 Include ${PWD}/../../base_apache.conf
     1Include ${srcdir}/base_apache.conf
    22
    33CustomLog logs/${TEST_NAME}.backend.access.log combined

  • test/tests/19_TLS_reverse_proxy/gnutls-cli.args

    re24eed68 r33af2b7  
    1 --x509cafile=../../authority/x509.pem
     1--x509cafile=authority/x509.pem
    22--priority=NORMAL

  • test/tests/20_TLS_reverse_proxy_client_auth/apache.conf

    re24eed68 r33af2b7  
    1 Include ${PWD}/../../base_apache.conf
     1Include ${srcdir}/base_apache.conf
    22
    33GnuTLSCache dbm cache/gnutls_cache

  • test/tests/20_TLS_reverse_proxy_client_auth/backend.conf

    re24eed68 r33af2b7  
    1 Include ${PWD}/../../base_apache.conf
     1Include ${srcdir}/base_apache.conf
    22
    33CustomLog logs/${TEST_NAME}.backend.access.log combined

  • test/tests/20_TLS_reverse_proxy_client_auth/gnutls-cli.args

    re24eed68 r33af2b7  
    1 --x509cafile=../../authority/x509.pem
     1--x509cafile=authority/x509.pem
    22--priority=NORMAL

  • test/tests/21_TLS_reverse_proxy_wrong_cert/apache.conf

    re24eed68 r33af2b7  
    1 Include ${PWD}/../../base_apache.conf
     1Include ${srcdir}/base_apache.conf
    22
    33GnuTLSCache dbm cache/gnutls_cache

  • test/tests/21_TLS_reverse_proxy_wrong_cert/backend.conf

    re24eed68 r33af2b7  
    1 Include ${PWD}/../../base_apache.conf
     1Include ${srcdir}/base_apache.conf
    22
    33CustomLog logs/${TEST_NAME}.backend.access.log combined

  • test/tests/21_TLS_reverse_proxy_wrong_cert/gnutls-cli.args

    re24eed68 r33af2b7  
    1 --x509cafile=../../authority/x509.pem
     1--x509cafile=authority/x509.pem
    22--priority=NORMAL

  • test/tests/22_TLS_reverse_proxy_crl_revoke/apache.conf

    re24eed68 r33af2b7  
    1 Include ${PWD}/../../base_apache.conf
     1Include ${srcdir}/base_apache.conf
    22
    33GnuTLSCache dbm cache/gnutls_cache
     
    1515 SSLProxyEngine On
    1616 GnuTLSProxyCAFile      authority/x509.pem
    17  GnuTLSProxyCRLFile     ${PWD}/crl.pem
     17 GnuTLSProxyCRLFile     server/crl.pem
    1818 GnuTLSProxyPriorities  NORMAL
    1919 ProxyPass /proxy/ https://${BACKEND_HOST}:${BACKEND_PORT}/

  • test/tests/22_TLS_reverse_proxy_crl_revoke/backend.conf

    re24eed68 r33af2b7  
    1 Include ${PWD}/../../base_apache.conf
     1Include ${srcdir}/base_apache.conf
    22
    33CustomLog logs/${TEST_NAME}.backend.access.log combined

  • test/tests/22_TLS_reverse_proxy_crl_revoke/gnutls-cli.args

    re24eed68 r33af2b7  
    1 --x509cafile=../../authority/x509.pem
     1--x509cafile=authority/x509.pem
    22--priority=NORMAL

  • test/tests/23_TLS_reverse_proxy_mismatched_priorities/apache.conf

    re24eed68 r33af2b7  
    1 Include ${PWD}/../../base_apache.conf
     1Include ${srcdir}/base_apache.conf
    22
    33GnuTLSCache dbm cache/gnutls_cache

  • test/tests/23_TLS_reverse_proxy_mismatched_priorities/backend.conf

    re24eed68 r33af2b7  
    1 Include ${PWD}/../../base_apache.conf
     1Include ${srcdir}/base_apache.conf
    22
    33CustomLog logs/${TEST_NAME}.backend.access.log combined

  • test/tests/23_TLS_reverse_proxy_mismatched_priorities/gnutls-cli.args

    re24eed68 r33af2b7  
    1 --x509cafile=../../authority/x509.pem
     1--x509cafile=authority/x509.pem
    22--priority=NORMAL

  • test/tests/24_pkcs11_cert/apache.conf

    re24eed68 r33af2b7  
    1 Include ${PWD}/../../base_apache.conf
     1Include ${srcdir}/base_apache.conf
    22
    33GnuTLSCache dbm cache/gnutls_cache

  • test/tests/24_pkcs11_cert/gnutls-cli.args

    re24eed68 r33af2b7  
    1 --x509cafile=../../authority/x509.pem
     1--x509cafile=authority/x509.pem
    22--priority=NORMAL

  • test/tests/24_pkcs11_cert/softhsm.conf.in

    re24eed68 r33af2b7  
    1 0:__DIR__/../../server/softhsm.db
     10:__DIR__/server/softhsm.db
Note: See TracChangeset for help on using the changeset viewer.