Changeset e5546be in mod_gnutls


Ignore:
Timestamp:
Jul 1, 2019, 4:16:01 PM (15 months ago)
Author:
Fiona Klute <fiona.klute@…>
Branches:
master, proxy-ticket
Children:
c825c3a
Parents:
f205c5f
Message:

Test suite: Move directory for client identity into authority directory

Eventually I want all identity directories be subdirectories of their
CAs, so we can build longer certificate chains from a directory
hierarchy. The client/ directory just happens to be the first to move.

Thanks to Krista Karppinen for discussing glob patterns with me!

Location:
test
Files:
7 edited
2 moved

Legend:

Unmodified
Added
Removed
  • test/Makefile.am

    rf205c5f re5546be  
    5656# Identities in the miniature CA, server, and client environment for
    5757# the test suite
    58 shared_identities = authority client
     58shared_identities = authority authority/client
    5959pgp_identities = $(shared_identities)
    6060x509_only_identities = server rogueca imposter rogueclient
     
    9797MOSTLYCLEANFILES = cache/* logs/* outputs/* server/crl.pem
    9898
    99 cert_templates = authority/template.in client/template.in \
     99cert_templates = authority/template.in authority/client/template.in \
    100100        imposter/template.in ocsp-responder/template rogueca/template \
    101101        rogueclient/template.in server/template.in
    102 generated_templates = authority/template client/template \
     102generated_templates = authority/template authority/client/template \
    103103        imposter/template rogueclient/template server/template
    104104
     
    113113# (e.g. host names) without wasting time on new keys (which would
    114114# happen after "clean").
    115 MOSTLYCLEANFILES += */x509.pem $(generated_templates) */uid
     115MOSTLYCLEANFILES += $(x509_certs) $(generated_templates) $(identities:=/uid)
    116116
    117117
     
    120120# one day, so regenerating them is both fast and frequently
    121121# necessary.
    122 MOSTLYCLEANFILES += */*.pgp */*.pgp.raw */*.gpg */*.gpg~ */gpg.conf \
    123         authority/lock */*.kbx */*.kbx~ */S.gpg-agent */private-keys-v1.d/* \
    124         authority/tofu.db
     122pgp_patterns = /*.pgp /*.pgp.raw /*.gpg /*.gpg~ /gpg.conf \
     123        /*.kbx /*.kbx~ /S.gpg-agent /private-keys-v1.d/*
     124MOSTLYCLEANFILES += $(foreach pat,$(pgp_patterns),$(pgp_identities:=$(pat))) \
     125        authority/lock authority/tofu.db
    125126# GnuPG random pool, no need to regenerate on every build
    126127CLEANFILES += authority/random_seed
     
    145146if USE_MSVA
    146147msva_home = msva.gnupghome
    147 check_DATA += $(msva_home)/trustdb.gpg client/uid
    148 MOSTLYCLEANFILES += $(msva_home)/trustdb.gpg
    149 $(msva_home)/trustdb.gpg: authority/minimal.pgp client/cert.pgp
     148check_DATA += $(msva_home)/trustdb.gpg authority/client/uid
     149MOSTLYCLEANFILES += $(foreach pat,$(pgp_patterns),$(msva_home)$(pat))
     150$(msva_home)/trustdb.gpg: authority/minimal.pgp authority/client/cert.pgp
    150151        mkdir -p -m 0700 $(dir $@)
    151152        GNUPGHOME=$(dir $@) gpg --import < $<
    152153        printf "%s:6:\n" "$$(GNUPGHOME=authority/ gpg --with-colons --list-secret-keys --fingerprint | grep ^fpr: | cut -f 10 -d :)" | GNUPGHOME=$(dir $@) gpg --import-ownertrust
    153         GNUPGHOME=$(dir $@) gpg --import < client/cert.pgp
     154        GNUPGHOME=$(dir $@) gpg --import < authority/client/cert.pgp
    154155        printf "keyserver does-not-exist.example\n" > $(msva_home)/gpg.conf
    155156endif
     
    160161MOSTLYCLEANFILES += authority/ocsp_index.txt authority/ocsp_index.txt.attr
    161162authority/ocsp_index.txt: $(x509_tokens) gen_ocsp_index authority/ocsp_index.txt.attr
    162         ./gen_ocsp_index server/x509.pem client/x509.pem > $@
     163        ./gen_ocsp_index server/x509.pem authority/client/x509.pem > $@
    163164
    164165authority/ocsp_index.txt.attr: authority/secret.key
  • test/runtests

    rf205c5f re5546be  
    139139    export MONKEYSPHERE_VALIDATION_AGENT_SOCKET="http://127.0.0.1:$MSVA_PORT"
    140140
    141     msva_test_cmd="msva-query-agent https \"$(cat client/uid)\" x509pem client < client/x509.pem"
     141    msva_test_cmd="msva-query-agent https \"$(cat authority/client/uid)\" x509pem client < authority/client/x509.pem"
    142142    # check if MSVA is up, fail if not
    143143    if wait_ready "${msva_test_cmd}"; then
  • test/tests/10_basic_client_verification/gnutls-cli.args

    rf205c5f re5546be  
    1 --x509certfile=client/x509.pem
    2 --x509keyfile=client/secret.key
     1--x509certfile=authority/client/x509.pem
     2--x509keyfile=authority/client/secret.key
    33--x509cafile=authority/x509.pem
    44--priority=NORMAL
  • test/tests/12_cgi_variables/gnutls-cli.args

    rf205c5f re5546be  
    1 --x509certfile=client/x509.pem
    2 --x509keyfile=client/secret.key
     1--x509certfile=authority/client/x509.pem
     2--x509keyfile=authority/client/secret.key
    33--x509cafile=authority/x509.pem
    44--priority=NORMAL:-KX-ALL:+DHE-RSA
  • test/tests/15_basic_msva/gnutls-cli.args

    rf205c5f re5546be  
    1 --x509certfile=client/x509.pem
    2 --x509keyfile=client/secret.key
     1--x509certfile=authority/client/x509.pem
     2--x509keyfile=authority/client/secret.key
    33--x509cafile=authority/x509.pem
    44--priority=NORMAL
  • test/tests/17_cgi_vars_large_cert/gnutls-cli.args

    rf205c5f re5546be  
    1 --x509certfile=client/x509.pem
    2 --x509keyfile=client/secret.key
     1--x509certfile=authority/client/x509.pem
     2--x509keyfile=authority/client/secret.key
    33--x509cafile=authority/x509.pem
    44--priority=NORMAL:-KX-ALL:+DHE-RSA
  • test/tests/20_TLS_reverse_proxy_client_auth/apache.conf

    rf205c5f re5546be  
    1212
    1313 GnuTLSProxyEngine              On
    14  GnuTLSProxyKeyFile             client/secret.key
    15  GnuTLSProxyCertificateFile     client/x509.pem
     14 GnuTLSProxyKeyFile             authority/client/secret.key
     15 GnuTLSProxyCertificateFile     authority/client/x509.pem
    1616 GnuTLSProxyCAFile              authority/x509.pem
    1717 GnuTLSProxyPriorities          NORMAL
Note: See TracChangeset for help on using the changeset viewer.