Changeset c0bb823 in mod_gnutls for test/test_ca.mk


Ignore:
Timestamp:
Jan 30, 2016, 4:45:41 PM (4 years ago)
Author:
Thomas Klute <thomas2.klute@…>
Branches:
debian/master, debian/stretch-backports, jessie-backports, master, proxy-ticket, upstream
Children:
dc55c77
Parents:
4d2d182
Message:

Test suite: Create rogue client certificate for client auth test

Test case 18 (verification of a client certificate not issued by the
accepted CA) used the Rogue CA certificate as a client
certificate. However, recent gnutls-cli (from GnuTLS git at the time
of this commit) detects the constraint violation and rejects the
certificate, so the test fails before mod_gnutls can check the
certificate. Create a rougue client certificate with correct
constraints to make the test work as expected.

File:
1 edited

Legend:

Unmodified
Added
Removed

  • test/test_ca.mk

    r4d2d182 rc0bb823  
    4848        certtool --generate-request --load-privkey $(dir $@)secret.key --template $< > $@
    4949
     50# normal case: certificates signed by test CA
    5051%/x509.pem: %.template %/cert-request authority/secret.key authority/x509.pem
    5152        certtool --generate-certificate --load-ca-certificate authority/x509.pem --load-ca-privkey authority/secret.key --load-request $(dir $@)cert-request --template $< > $@
     53
     54# error case: certificates signed by rogue CA
     55rogue%/x509.pem: rogue%.template rogue%/cert-request rogueca/x509.pem
     56        certtool --generate-certificate --load-ca-certificate rogueca/x509.pem --load-ca-privkey rogueca/secret.key --load-request $(dir $@)cert-request --template $< > $@
    5257
    5358%/softhsm.db: %/x509.pem %/secret.key
Note: See TracChangeset for help on using the changeset viewer.