Changeset ce12806 in mod_gnutls for test


Ignore:
Timestamp:
May 31, 2016, 2:09:04 PM (5 years ago)
Author:
Daniel Kahn Gillmor <dkg@…>
Branches:
debian/master, debian/stretch-backports, jessie-backports, upstream
Children:
855b295, d8afa3e
Parents:
63468af (diff), 086cea9 (diff)
Note: this is a merge changeset, the changes displayed below correspond to the merge itself.
Use the (diff) links above to see all the changes relative to each parent.
Message:

Imported Upstream version 0.7.5

Location:
test
Files:
1 added
1 deleted
3 edited

Legend:

Unmodified
Added
Removed
  • test/Makefile.am

    r63468af rce12806  
    3333TESTS = $(dist_check_SCRIPTS)
    3434
     35check_PROGRAMS = pgpcrc
     36pgpcrc_SOURCES = pgpcrc.c
     37
    3538# Identities in the miniature CA, server, and client environment for
    3639# the test suite
     
    4245# Append strings after ":=" to each identity to generate a list of
    4346# necessary files
    44 pgp_tokens = $(pgp_identities:=/secring.gpg) $(pgp_identities:=/cert.pgp) \
     47pgp_tokens = $(pgp_identities:=/cert.pgp) \
    4548        $(pgp_identities:=/secret.pgp)
    4649x509_keys = $(x509_identities:=/secret.key)
     
    9396# one day, so regenerating them is both fast and frequently
    9497# necessary.
    95 MOSTLYCLEANFILES += */*.pgp */*.gpg */*.gpg~ */gpg.conf authority/lock
     98MOSTLYCLEANFILES += */*.pgp */*.pgp.raw */*.gpg */*.gpg~ */gpg.conf \
     99        authority/lock */*.kbx */*.kbx~ */S.gpg-agent */private-keys-v1.d/*
    96100# GnuPG random pool, no need to regenerate on every build
    97101CLEANFILES += authority/random_seed
     
    142146
    143147mostlyclean-local: clean-softhsm2-db
     148        -rmdir $(pgp_identities:=/private-keys-v1.d) || true
     149if USE_MSVA
     150        -rmdir $(msva_home)/private-keys-v1.d || true
     151endif
    144152
    145153clean-local:
     
    151159
    152160# Apache configuration and data files
    153 apache_data = base_apache.conf cgi_module.conf data/* mime.types proxy_mods.conf
    154 
    155 EXTRA_DIST = $(apache_data) $(cert_templates) *.uid.in common.bash \
    156         proxy_backend.bash runtests server-crl.template softhsm.bash
     161apache_data = base_apache.conf cgi_module.conf data/dump.cgi data/secret.txt data/test.txt mime.types proxy_mods.conf
     162
     163EXTRA_DIST = $(apache_data) $(cert_templates) $(shared_identities:=.uid.in) \
     164        common.bash proxy_backend.bash runtests server-crl.template \
     165        softhsm.bash
    157166
    158167# Lockfile for the main Apache process
  • test/base_apache.conf

    r63468af rce12806  
    1616
    1717DocumentRoot ${srcdir}/data
    18 LoadModule gnutls_module ../src/.libs/libmod_gnutls.so
     18LoadModule gnutls_module ../src/.libs/mod_gnutls.so
  • test/test_ca.mk

    r63468af rce12806  
    1616        mkdir -p $(dir $@)
    1717        chmod 0700 $(dir $@)
    18         certtool --generate-privkey > $@
     18        certtool --outfile $@ --generate-privkey
    1919
    20 %/secring.gpg: %.uid %/secret.key
    21         rm -f $(dir $@)pubring.gpg $(dir $@)secring.gpg $(dir $@)trustdb.gpg
    22         PEM2OPENPGP_EXPIRATION=86400 PEM2OPENPGP_USAGE_FLAGS=authenticate,certify,sign pem2openpgp "$$(cat $<)" < $(dir $@)secret.key | GNUPGHOME=$(dir $@) gpg --import
     20%/secret.pgp.raw: %.uid %/secret.key
     21        PEM2OPENPGP_EXPIRATION=86400 PEM2OPENPGP_USAGE_FLAGS=authenticate,certify,sign pem2openpgp "$$(cat $<)" < $(dir $@)secret.key > $@
     22
     23%/secret.pgp: %/secret.pgp.raw pgpcrc
     24        (printf -- '-----BEGIN PGP PRIVATE KEY BLOCK-----\nVersion: test\n\n' && \
     25        base64 < $< && \
     26        printf -- '=' && \
     27        ./pgpcrc < $< | base64 && \
     28        printf -- '-----END PGP PRIVATE KEY BLOCK-----\n' ) > $@
     29
     30%/gpg.conf: %/secret.pgp
     31        rm -f $(dir $@)pubring.gpg $(dir $@)secring.gpg $(dir $@)trustdb.gpg $(dir $@)pubring.kbx $(dir $@)private-keys-v1.d/*.key
     32        GNUPGHOME=$(dir $@) gpg --import $<
    2333        printf "%s:6:\n" "$$(GNUPGHOME=$(dir $@) gpg --with-colons --list-secret-keys --fingerprint | grep ^fpr: | cut -f 10 -d :)" | GNUPGHOME=$(dir $@) gpg --import-ownertrust
    24 
    25 %/gpg.conf: %/secring.gpg
    2634        printf "default-key %s\n" "$$(GNUPGHOME=$(dir $@) gpg --with-colons --list-secret-keys --fingerprint | grep ^fpr: | cut -f 10 -d :)" > $@
    2735
    28 %/secret.pgp: %/secring.gpg
    29         GNUPGHOME=$(dir $@) gpg --armor --batch --no-tty --yes --export-secret-key "$$(GNUPGHOME=$(dir $@) gpg --with-colons --list-secret-keys --fingerprint | grep ^fpr: | cut -f 10 -d :)" > $@
    30 
    31 %/minimal.pgp: %/secring.gpg
    32         GNUPGHOME=$(dir $@) gpg --armor --export "$$(GNUPGHOME=$(dir $@) gpg --with-colons --list-secret-keys --fingerprint | grep ^fpr: | cut -f 10 -d :)" > $@
     36%/minimal.pgp: %/gpg.conf
     37        if test -r $@; then rm $@; fi
     38        GNUPGHOME=$(dir $@) gpg --output $@ --armor --export "$$(GNUPGHOME=$(dir $@) gpg --with-colons --list-secret-keys --fingerprint | grep ^fpr: | cut -f 10 -d :)"
    3339
    3440# Import and signing modify the shared keyring, which leads to race
    3541# conditions with parallel make. Locking avoids this problem.
    3642%/cert.pgp: %/minimal.pgp authority/gpg.conf
     43        if test -r $@; then rm $@; fi
    3744        GNUPGHOME=authority $(GPG_FLOCK) gpg --import $<
    3845        GNUPGHOME=authority $(GPG_FLOCK) gpg --batch --sign-key --no-tty --yes "$$(GNUPGHOME=$(dir $@) gpg --with-colons --list-secret-keys --fingerprint | grep ^fpr: | cut -f 10 -d :)"
    39         GNUPGHOME=authority gpg --armor --export "$$(GNUPGHOME=$(dir $@) gpg --with-colons --list-secret-keys --fingerprint | grep ^fpr: | cut -f 10 -d :)" > $@
     46        GNUPGHOME=authority gpg --output $@ --armor --export "$$(GNUPGHOME=$(dir $@) gpg --with-colons --list-secret-keys --fingerprint | grep ^fpr: | cut -f 10 -d :)"
    4047
    4148# special cases for the authorities' root certs:
    4249authority/x509.pem: authority.template authority/secret.key
    43         certtool --generate-self-signed --load-privkey authority/secret.key --template authority.template > $@
     50        certtool --outfile $@ --generate-self-signed --load-privkey authority/secret.key --template authority.template
    4451rogueca/x509.pem: $(srcdir)/rogueca.template rogueca/secret.key
    45         certtool --generate-self-signed --load-privkey rogueca/secret.key --template $(srcdir)/rogueca.template > $@
     52        certtool --outfile $@ --generate-self-signed --load-privkey rogueca/secret.key --template $(srcdir)/rogueca.template
    4653
    4754%/cert-request: %.template %/secret.key
    48         certtool --generate-request --load-privkey $(dir $@)secret.key --template $< > $@
     55        certtool --outfile $@ --generate-request --load-privkey $(dir $@)secret.key --template $<
    4956
    5057# normal case: certificates signed by test CA
    5158%/x509.pem: %.template %/cert-request authority/secret.key authority/x509.pem
    52         certtool --generate-certificate --load-ca-certificate authority/x509.pem --load-ca-privkey authority/secret.key --load-request $(dir $@)cert-request --template $< > $@
     59        certtool --outfile $@ --generate-certificate --load-ca-certificate authority/x509.pem --load-ca-privkey authority/secret.key --load-request $(dir $@)cert-request --template $<
    5360
    5461# error case: certificates signed by rogue CA
    5562rogue%/x509.pem: rogue%.template rogue%/cert-request rogueca/x509.pem
    56         certtool --generate-certificate --load-ca-certificate rogueca/x509.pem --load-ca-privkey rogueca/secret.key --load-request $(dir $@)cert-request --template $< > $@
     63        certtool --outfile $@ --generate-certificate --load-ca-certificate rogueca/x509.pem --load-ca-privkey rogueca/secret.key --load-request $(dir $@)cert-request --template $<
    5764
    5865%/softhsm.conf: %/secret.key
     
    8087%/crl.pem: %/x509.pem ${srcdir}/%-crl.template
    8188        certtool --generate-crl \
     89                --outfile $@ \
    8290                --load-ca-privkey authority/secret.key \
    8391                --load-ca-certificate authority/x509.pem \
    8492                --load-certificate $< \
    85                 --template "${srcdir}/$(*)-crl.template" \
    86                 > $@
     93                --template "${srcdir}/$(*)-crl.template"
Note: See TracChangeset for help on using the changeset viewer.