diff options
| author | Stef Walter <stefw@gnome.org> | 2013-02-06 09:03:15 +0100 |
|---|---|---|
| committer | Guillaume Desmottes <guillaume.desmottes@collabora.co.uk> | 2013-02-06 09:58:36 +0100 |
| commit | 5185e5a24bd99ec07ad3a76f8584b2593237f6cd (patch) | |
| tree | 9dcded031faf748bfb47fcbb710772f0413361e6 | |
| parent | 8fd28512046a9505e31705c9440623a63d719ab4 (diff) | |
| download | empathy-5185e5a24bd99ec07ad3a76f8584b2593237f6cd.tar.gz | |
tests: Fix empathy-tls-test
* Create new certificates
* Add a make target for rebuilding the certificates in the future
https://bugzilla.gnome.org/show_bug.cgi?id=693190
| -rw-r--r-- | tests/certificates/Makefile.am | 24 | ||||
| -rw-r--r-- | tests/certificates/cert-openssl.conf | 16 | ||||
| -rw-r--r-- | tests/certificates/certificate-authority.cer | bin | 0 -> 466 bytes | |||
| -rw-r--r-- | tests/certificates/collabora-ca.cer | bin | 1536 -> 0 bytes | |||
| -rw-r--r-- | tests/certificates/dhansak-collabora.cer | bin | 1200 -> 0 bytes | |||
| -rw-r--r-- | tests/certificates/server-cert.cer | bin | 0 -> 448 bytes | |||
| -rw-r--r-- | tests/empathy-tls-test.c | 54 |
7 files changed, 65 insertions, 29 deletions
diff --git a/tests/certificates/Makefile.am b/tests/certificates/Makefile.am index 08fefe9f1..65e71b9bb 100644 --- a/tests/certificates/Makefile.am +++ b/tests/certificates/Makefile.am @@ -1,3 +1,23 @@ EXTRA_DIST = \ - collabora-ca.cer \ - dhansak-collabora.cer + certificate-authority.cer \ + server-cert.cer + +# Not part of the build, but so we can easily repeat the process +# of generating the testing certificates +rebuild-certs: + openssl req -new -x509 -out certificate-authority.pem \ + -newkey rsa -keyout certificate-authority.key -nodes \ + -subj /CN=test-ca.empathy.gnome.org -days 2000 \ + -config cert-openssl.conf -set_serial 1 -extensions test_ca + openssl x509 -in certificate-authority.pem -outform DER \ + -out certificate-authority.cer + openssl req -new -outform PEM -out server-cert.req \ + -newkey rsa -keyout /dev/null -nodes \ + -subj /CN=test-server.empathy.gnome.org \ + -config cert-openssl.conf -extensions test_server + openssl x509 -req -in server-cert.req -days 2000 \ + -CA certificate-authority.pem -CAkey certificate-authority.key \ + -set_serial 888 -out server-cert.cer -outform DER + rm certificate-authority.key + rm certificate-authority.pem + rm server-cert.req
\ No newline at end of file diff --git a/tests/certificates/cert-openssl.conf b/tests/certificates/cert-openssl.conf new file mode 100644 index 000000000..18bd0d79f --- /dev/null +++ b/tests/certificates/cert-openssl.conf @@ -0,0 +1,16 @@ +[ req ] +default_bits = 1024 +distinguished_name = req_distinguished_name +x509_extensions = v3_ca +dirstring_type = nobmp + +[ req_distinguished_name ] +commonName = Common Name +commonName_max = 64 + +[ test_ca ] +basicConstraints=CA:TRUE + +[ test_server ] +basicConstraints=CA:FALSE +extendedKeyUsage=serverAuth
\ No newline at end of file diff --git a/tests/certificates/certificate-authority.cer b/tests/certificates/certificate-authority.cer Binary files differnew file mode 100644 index 000000000..3cb8c7334 --- /dev/null +++ b/tests/certificates/certificate-authority.cer diff --git a/tests/certificates/collabora-ca.cer b/tests/certificates/collabora-ca.cer Binary files differdeleted file mode 100644 index 2842c696f..000000000 --- a/tests/certificates/collabora-ca.cer +++ /dev/null diff --git a/tests/certificates/dhansak-collabora.cer b/tests/certificates/dhansak-collabora.cer Binary files differdeleted file mode 100644 index c411e7d69..000000000 --- a/tests/certificates/dhansak-collabora.cer +++ /dev/null diff --git a/tests/certificates/server-cert.cer b/tests/certificates/server-cert.cer Binary files differnew file mode 100644 index 000000000..a54ac8882 --- /dev/null +++ b/tests/certificates/server-cert.cer diff --git a/tests/empathy-tls-test.c b/tests/empathy-tls-test.c index c663aad2d..2004383d6 100644 --- a/tests/empathy-tls-test.c +++ b/tests/empathy-tls-test.c @@ -411,7 +411,7 @@ test_certificate_mock_basics (Test *test, GError *error = NULL; test->mock = mock_tls_certificate_new_and_register (test->dbus, - "dhansak-collabora.cer", NULL); + "server-cert.cer", NULL); ensure_certificate_proxy (test); @@ -431,7 +431,7 @@ test_certificate_verify_success_with_pkcs11_lookup (Test *test, GError *error = NULL; EmpathyTLSVerifier *verifier; const gchar *reference_identities[] = { - "www.collabora.co.uk", + "test-server.empathy.gnome.org", NULL }; @@ -442,14 +442,14 @@ test_certificate_verify_success_with_pkcs11_lookup (Test *test, */ test->mock = mock_tls_certificate_new_and_register (test->dbus, - "dhansak-collabora.cer", NULL); + "server-cert.cer", NULL); /* We add the collabora directory with the collabora root */ - add_certificate_to_mock (test, "collabora-ca.cer", NULL); + add_certificate_to_mock (test, "certificate-authority.cer", NULL); ensure_certificate_proxy (test); - verifier = empathy_tls_verifier_new (test->cert, "www.collabora.co.uk", + verifier = empathy_tls_verifier_new (test->cert, "test-server.empathy.gnome.org", reference_identities); empathy_tls_verifier_verify_async (verifier, fetch_callback_result, test); g_main_loop_run (test->loop); @@ -472,7 +472,7 @@ test_certificate_verify_success_with_full_chain (Test *test, GError *error = NULL; EmpathyTLSVerifier *verifier; const gchar *reference_identities[] = { - "www.collabora.co.uk", + "test-server.empathy.gnome.org", NULL }; @@ -482,14 +482,14 @@ test_certificate_verify_success_with_full_chain (Test *test, */ test->mock = mock_tls_certificate_new_and_register (test->dbus, - "dhansak-collabora.cer", "collabora-ca.cer", NULL); + "server-cert.cer", "certificate-authority.cer", NULL); /* We add the collabora directory with the collabora root */ - add_certificate_to_mock (test, "collabora-ca.cer", NULL); + add_certificate_to_mock (test, "certificate-authority.cer", NULL); ensure_certificate_proxy (test); - verifier = empathy_tls_verifier_new (test->cert, "www.collabora.co.uk", + verifier = empathy_tls_verifier_new (test->cert, "test-server.empathy.gnome.org", reference_identities); empathy_tls_verifier_verify_async (verifier, fetch_callback_result, test); g_main_loop_run (test->loop); @@ -511,18 +511,18 @@ test_certificate_verify_root_not_found (Test *test, GError *error = NULL; EmpathyTLSVerifier *verifier; const gchar *reference_identities[] = { - "www.collabora.co.uk", + "test-server.empathy.gnome.org", NULL }; test->mock = mock_tls_certificate_new_and_register (test->dbus, - "dhansak-collabora.cer", NULL); + "server-cert.cer", NULL); /* Note that we're not adding any place to find root certs */ ensure_certificate_proxy (test); - verifier = empathy_tls_verifier_new (test->cert, "www.collabora.co.uk", + verifier = empathy_tls_verifier_new (test->cert, "test-server.empathy.gnome.org", reference_identities); empathy_tls_verifier_verify_async (verifier, fetch_callback_result, test); g_main_loop_run (test->loop); @@ -546,18 +546,18 @@ test_certificate_verify_root_not_anchored (Test *test, GError *error = NULL; EmpathyTLSVerifier *verifier; const gchar *reference_identities[] = { - "www.collabora.co.uk", + "test-server.empathy.gnome.org", NULL }; test->mock = mock_tls_certificate_new_and_register (test->dbus, - "dhansak-collabora.cer", "collabora-ca.cer", NULL); + "server-cert.cer", "certificate-authority.cer", NULL); /* Note that we're not adding any place to find root certs */ ensure_certificate_proxy (test); - verifier = empathy_tls_verifier_new (test->cert, "www.collabora.co.uk", + verifier = empathy_tls_verifier_new (test->cert, "test-server.empathy.gnome.org", reference_identities); empathy_tls_verifier_verify_async (verifier, fetch_callback_result, test); g_main_loop_run (test->loop); @@ -586,10 +586,10 @@ test_certificate_verify_identities_invalid (Test *test, }; test->mock = mock_tls_certificate_new_and_register (test->dbus, - "dhansak-collabora.cer", "collabora-ca.cer", NULL); + "server-cert.cer", "certificate-authority.cer", NULL); /* We add the collabora directory with the collabora root */ - add_certificate_to_mock (test, "collabora-ca.cer", NULL); + add_certificate_to_mock (test, "certificate-authority.cer", NULL); ensure_certificate_proxy (test); @@ -622,15 +622,15 @@ test_certificate_verify_uses_reference_identities (Test *test, }; test->mock = mock_tls_certificate_new_and_register (test->dbus, - "dhansak-collabora.cer", "collabora-ca.cer", NULL); + "server-cert.cer", "certificate-authority.cer", NULL); /* We add the collabora directory with the collabora root */ - add_certificate_to_mock (test, "collabora-ca.cer", NULL); + add_certificate_to_mock (test, "certificate-authority.cer", NULL); ensure_certificate_proxy (test); /* Should be using the reference_identities and not host name for checks */ - verifier = empathy_tls_verifier_new (test->cert, "www.collabora.co.uk", + verifier = empathy_tls_verifier_new (test->cert, "test-server.empathy.gnome.org", reference_identities); empathy_tls_verifier_verify_async (verifier, fetch_callback_result, test); g_main_loop_run (test->loop); @@ -654,7 +654,7 @@ test_certificate_verify_success_with_pinned (Test *test, GError *error = NULL; EmpathyTLSVerifier *verifier; const gchar *reference_identities[] = { - "www.collabora.co.uk", + "test-server.empathy.gnome.org", NULL }; @@ -664,14 +664,14 @@ test_certificate_verify_success_with_pinned (Test *test, */ test->mock = mock_tls_certificate_new_and_register (test->dbus, - "dhansak-collabora.cer", NULL); + "server-cert.cer", NULL); /* We add the collabora directory with the collabora root */ - add_certificate_to_mock (test, "dhansak-collabora.cer", "www.collabora.co.uk"); + add_certificate_to_mock (test, "server-cert.cer", "test-server.empathy.gnome.org"); ensure_certificate_proxy (test); - verifier = empathy_tls_verifier_new (test->cert, "www.collabora.co.uk", + verifier = empathy_tls_verifier_new (test->cert, "test-server.empathy.gnome.org", reference_identities); empathy_tls_verifier_verify_async (verifier, fetch_callback_result, test); g_main_loop_run (test->loop); @@ -693,18 +693,18 @@ test_certificate_verify_pinned_wrong_host (Test *test, GError *error = NULL; EmpathyTLSVerifier *verifier; const gchar *reference_identities[] = { - "www.collabora.co.uk", + "test-server.empathy.gnome.org", NULL }; test->mock = mock_tls_certificate_new_and_register (test->dbus, - "dhansak-collabora.cer", NULL); + "server-cert.cer", NULL); /* Note that we're not adding any place to find root certs */ ensure_certificate_proxy (test); - verifier = empathy_tls_verifier_new (test->cert, "another.collabora.co.uk", + verifier = empathy_tls_verifier_new (test->cert, "another.gnome.org", reference_identities); empathy_tls_verifier_verify_async (verifier, fetch_callback_result, test); g_main_loop_run (test->loop); |