diff options
author | Sjoerd Simons <sjoerd.simons@collabora.co.uk> | 2010-05-26 17:17:47 +0100 |
---|---|---|
committer | Sjoerd Simons <sjoerd.simons@collabora.co.uk> | 2010-05-26 17:17:47 +0100 |
commit | 51ee0b1e860c99ae8dbaa58909d247ab54d834c1 (patch) | |
tree | fe2a5c59781c2fa3b241225c0ecd28b0acfd69e9 /tests/Makefile.am | |
parent | a9a52910d54c5d5f84bf9707eba7ab58192c2a07 (diff) | |
download | wocky-51ee0b1e860c99ae8dbaa58909d247ab54d834c1.tar.gz |
Remove certificate re-creation rules, they tend to break
The Makefile had some voodoo to re-create the various certificates used for
testing if needed.. Unfortunately they tend to break. Also these rules will
only be needed in 2037. If we're still using SSL and Wocky at that point, then
figuring out how to update the certificates to be valid a little bit longer
shouldn't be that much work :)
Diffstat (limited to 'tests/Makefile.am')
-rw-r--r-- | tests/Makefile.am | 106 |
1 files changed, 1 insertions, 105 deletions
diff --git a/tests/Makefile.am b/tests/Makefile.am index 3eb9a63..9a1eede 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -1,13 +1,8 @@ ############################################################################ # x509 certificates: -CERTTOOL := $(shell which certtool) -TARDIS := $(shell which datefudge) -GENKEY := $(CERTTOOL) --generate-privkey --outfile TEST_DIR := @abs_top_srcdir@/tests SUMMARY := $(TEST_DIR)/summarise-tests.py CERT_DIR := $(TEST_DIR)/certs -CA_CERT2 := $(CERT_DIR)/ca-1-cert.pem -CA_CERT3 := $(CERT_DIR)/ca-2-cert.pem CA_KEY := $(CERT_DIR)/ca-0-key.pem CA_CERT := $(CERT_DIR)/ca-0-cert.pem SS_KEY := $(CERT_DIR)/ss-key.pem @@ -22,13 +17,8 @@ TLS_KEY := $(CERT_DIR)/tls-key.pem TLS_CERT := $(CERT_DIR)/tls-cert.pem CA_DIR := $(CERT_DIR)/cas CRL_DIR := $(CERT_DIR)/crl -CAS := $(CA_CERT) $(CA_CERT2) $(CA_CERT3) -CRL := $(CERT_DIR)/ca-0-crl.pem UNKNOWN_KEY := $(CERT_DIR)/unknown-key.pem UNKNOWN_CERT := $(CERT_DIR)/unknown-cert.pem -PRES := new exp ca-0 ca-1 ca-2 rev ss tls unknown -CERTS := $(TLS_CERT) $(NEW_CERT) $(EXP_CERT) $(SS_CERT) $(REV_CERT) \ - $(UNKNOWN_CERT) LIBWOCKY := $(top_builddir)/wocky/libwocky.la TLSDEFS := -DTLS_CA_KEY_FILE='"$(CA_KEY)"' \ -DTLS_CA_CRT_FILE='"$(CA_CERT)"' \ @@ -46,13 +36,6 @@ TLSDEFS := -DTLS_CA_KEY_FILE='"$(CA_KEY)"' \ -DTLS_SERVER_CRT_FILE='"$(TLS_CERT)"'\ -DTLS_CRL_DIR='"$(CRL_DIR)"' \ -DTLS_CA_DIR='"$(CA_DIR)"' -DAY := 86400 -YEAR := 365 * $(DAY) -TIMEWARP := 28 * $(YEAR) -FUTURE := $(shell date +'%Y-%m-%d %H:%M' -d @$$(($$(date +%s) + $(TIMEWARP)))) -PAST := $(shell date +'%Y-%m-%d %H:%M' -d @$$(($$(date +%s) - $(DAY) * 7))) -FILTER_BITS := grep -v '^[ ]\+\([a-f0-9]\{2\}:\)\+[a-f0-9]\{2\}$$' -check_bin = $(or $(shell test -x "$(1)" && echo Y), $(error Need $(2) to $(3))) ############################################################################ TEST_PROGS = wocky-xmpp-reader-test \ wocky-xmpp-readwrite-test \ @@ -245,14 +228,8 @@ check_c_sources = \ $(wocky_ping_test_SOURCES) -.PRECIOUS: %.pem - all: $(TEST_PROGS) -certs: $(CERTS) -certs: $(CRL_DIR)/ca-0-crl.pem -certs: $(foreach x,0 1 2,$(CA_DIR)/ca-$(x)-cert.pem) - test-report: test-report.xml gtester-report $(top_builddir)/tests/$@.xml > \ $(top_builddir)/tests/$@.html @@ -275,93 +252,12 @@ test-%: wocky-%-test echo "No python available, not summarizing test results" ; \ fi -.PHONY: test test-report certs +.PHONY: test test-report include $(top_srcdir)/tools/check-coding-style.mk check-local: test check-coding-style ############################################################################ -# x509 certificates: -certtool: - @echo $(or $(shell test -x "$(CERTTOOL)" && echo $@ OK), \ - $(warning Need $@ to rebuild test certs)) - @touch $@ - -tardis: - @echo $(or $(shell test -x "$(TARDIS)" && echo $@ OK), \ - $(warning Need datefudge to rebuild expired/inactive test certs)) - @touch $@ - -%-key.pem: - @echo $(call check_bin,$(CERTTOOL),certtool,rebuild $@) - $(GENKEY) $@ - -%/ss-cert.pem: %/ss-key.pem %/ss-cert.cfg - $(CERTTOOL) --generate-self-signed \ - --load-privkey $< \ - --template $(basename $@).cfg \ - --outfile $@ 2>&1 | $(FILTER_BITS) - -%/unknown-ca-cert.pem: %/unknown-ca-key.pem %/unknown-ca-cert.cfg - $(CERTTOOL) --generate-self-signed \ - --load-privkey $< \ - --template $(basename $@).cfg \ - --outfile $@ 2>&1 | $(FILTER_BITS) - -certs/ca-%-cert.pem $(CERT_DIR)/ca-%-cert.pem: $(CERT_DIR)/ca-%-key.pem $(CERT_DIR)/ca-%-cert.cfg - $(CERTTOOL) --generate-self-signed \ - --load-privkey $< \ - --template $(basename $@).cfg \ - --outfile $@ 2>&1 | $(FILTER_BITS) - -%/rev-cert.pem: export CERTCMD = $(CERTTOOL) -%/tls-cert.pem: export CERTCMD = $(CERTTOOL) -%/new-cert.pem: export CERTCMD = $(TARDIS) "$(FUTURE)" $(CERTTOOL) -%/exp-cert.pem: export CERTCMD = $(TARDIS) "$(PAST)" $(CERTTOOL) - -$(NEW_CERT) $(EXP_CERT) certs/exp-cert.pem certs/new-cert.pem: NEED_TIME = 1 - -%/unknown-cert.pem: export CERTCMD = $(CERTTOOL) -%/unknown-cert.pem: export CA_CERT = $*/unknown-ca-cert.pem -%/unknown-cert.pem: export CA_KEY = $*/unknown-ca-key.pem - -%/unknown-cert.pem: %/unknown-key.pem %/unknown-cert.cfg %/unknown-ca-cert.pem - $(CERTTOOL) --generate-certificate \ - --load-ca-certificate $*/unknown-ca-cert.pem \ - --load-ca-privkey $*/unknown-ca-key.pem \ - --load-privkey $*/unknown-key.pem \ - --template $*/unknown-cert.cfg \ - --outfile $@ 2>&1 | $(FILTER_BITS) - -%-cert.pem: %-key.pem %-cert.cfg $(CA_CERT) - @echo "CERTIFICATE $@ ($(CERTCMD)): $^" - @echo $(call check_bin,$(CERTTOOL),certtool,rebuild $@) - @echo $(if $(NEED_TIME),$(call check_bin,$(TARDIS),datefudge,rebuild $@)) - $(CERTCMD) --generate-certificate \ - --load-ca-certificate $(CA_CERT) \ - --load-ca-privkey $(CA_KEY) \ - --load-privkey $< \ - --template $*-cert.cfg \ - --outfile $@ 2>&1 | $(FILTER_BITS) - -$(CRL): $(REV_CERT) $(CA_CERT) $(CA_KEY) - $(CERTTOOL) --generate-crl \ - --template $(basename $@).cfg \ - --load-ca-privkey $(CA_KEY) \ - --load-ca-certificate $(CA_CERT) \ - --load-certificate $(REV_CERT) \ - --outfile $@ 2>&1 | $(FILTER_BITS) - -$(CA_DIR) $(CRL_DIR): - @mkdir -p $@ - -$(CA_DIR)/%.pem: $(CERT_DIR)/%.pem - @cp -av $< $@ - -$(CRL_DIR)/%.pem: $(CERT_DIR)/%.pem - @cp -av $< $@ - -############################################################################ SUPPRESSIONS = \ threadlocal.supp \ |