Changeset 6dab61d in mod_gnutls


Ignore:
Timestamp:
Jul 15, 2019, 1:02:42 PM (5 months ago)
Author:
Fiona Klute <fiona.klute@…>
Branches:
master
Children:
fbef621
Parents:
b712429
Message:

Test suite: Move rogueclient ID into rogueca dir, share recipe with good certs

Location:
test
Files:
3 edited
1 moved

Legend:

Unmodified
Added
Removed
  • test/Makefile.am

    rb712429 r6dab61d  
    5858shared_identities = authority authority/client
    5959pgp_identities = $(shared_identities)
    60 x509_only_identities = authority/server authority/imposter rogueca rogueclient
     60x509_only_identities = authority/server authority/imposter rogueca \
     61        rogueca/rogueclient
    6162if ENABLE_OCSP_TEST
    6263x509_only_identities += authority/ocsp-responder
     
    99100cert_templates = authority/template.in authority/client/template.in \
    100101        authority/imposter/template.in authority/ocsp-responder/template \
    101         rogueca/template rogueclient/template.in authority/server/template.in
     102        authority/server/template.in \
     103        rogueca/template rogueca/rogueclient/template.in
    102104generated_templates = authority/template authority/client/template \
    103         authority/imposter/template rogueclient/template \
     105        authority/imposter/template rogueca/rogueclient/template \
    104106        authority/server/template
    105107
  • test/test_ca.mk

    rb712429 r6dab61d  
    5656        GNUPGHOME=authority/ $(GPG_FLOCK) gpg --output $@ --armor --export "$$(GNUPGHOME=$(dir $@) gpg --with-colons --list-secret-keys --fingerprint | grep ^fpr: | cut -f 10 -d :)"
    5757
    58 # special cases for the authorities' root certs:
     58# special rule for root CAs
    5959root_cert_rule = certtool --outfile $@ --generate-self-signed --load-privkey $(dir $@)secret.key --template $<
    6060authority/x509.pem rogueca/x509.pem: %/x509.pem: %/template %/secret.key
    6161        $(root_cert_rule)
    6262
    63 # normal case: certificates signed by test CA
     63# generic rule for building non-root certificates, with the CA in the
     64# parent directory
    6465cert_rule = certtool --outfile $@ --generate-certificate --load-ca-certificate $(dir $@)../x509.pem --load-ca-privkey $(dir $@)../secret.key --load-privkey $(dir $@)secret.key --template $<
    6566
     67# certificates signed by the test root CA
    6668%/x509.pem: %/template %/secret.key authority/secret.key authority/x509.pem
    6769        $(cert_rule)
    6870
    69 # error case: certificates signed by rogue CA
    70 rogue%/x509.pem: rogue%/template rogue%/secret.key rogueca/x509.pem
    71         certtool --outfile $@ --generate-certificate --load-ca-certificate rogueca/x509.pem --load-ca-privkey rogueca/secret.key --load-privkey $(dir $@)secret.key --template $<
     71# certificates signed by rogue CA (for error cases)
     72rogueca/%/x509.pem: rogueca/%/template rogueca/%/secret.key rogueca/x509.pem
     73        $(cert_rule)
    7274
    7375%/softhsm.conf: %/secret.key
  • test/tests/18_client_verification_wrong_cert/gnutls-cli.args

    rb712429 r6dab61d  
    1 --x509certfile=rogueclient/x509.pem
    2 --x509keyfile=rogueclient/secret.key
     1--x509certfile=rogueca/rogueclient/x509.pem
     2--x509keyfile=rogueca/rogueclient/secret.key
    33--x509cafile=authority/x509.pem
    44--priority=NORMAL
Note: See TracChangeset for help on using the changeset viewer.