Remove certificate re-creation rules, they tend to break

The Makefile had some voodoo to re-create the various certificates used for testing if needed.. Unfortunately they tend to break. Also these rules will only be needed in 2037. If we're still using SSL and Wocky at that point, then figuring out how to update the certificates to be valid a little bit longer shouldn't be that much work :)
author: Sjoerd Simons <sjoerd.simons@collabora.co.uk> 2010-05-26 17:17:47 +0100
committer: Sjoerd Simons <sjoerd.simons@collabora.co.uk> 2010-05-26 17:17:47 +0100
commit: 51ee0b1e860c99ae8dbaa58909d247ab54d834c1 (patch)
tree: fe2a5c59781c2fa3b241225c0ecd28b0acfd69e9 /tests/Makefile.am
parent: a9a52910d54c5d5f84bf9707eba7ab58192c2a07 (diff)
download: wocky-51ee0b1e860c99ae8dbaa58909d247ab54d834c1.tar.gz
1 files changed, 1 insertions, 105 deletions
diff --git a/tests/Makefile.am b/tests/Makefile.am
index 3eb9a63..9a1eede 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -1,13 +1,8 @@
 ############################################################################
 # x509 certificates:
-CERTTOOL := $(shell which certtool)
-TARDIS   := $(shell which datefudge)
-GENKEY   := $(CERTTOOL) --generate-privkey --outfile
 TEST_DIR := @abs_top_srcdir@/tests
 SUMMARY  := $(TEST_DIR)/summarise-tests.py
 CERT_DIR := $(TEST_DIR)/certs
-CA_CERT2 := $(CERT_DIR)/ca-1-cert.pem
-CA_CERT3 := $(CERT_DIR)/ca-2-cert.pem
 CA_KEY   := $(CERT_DIR)/ca-0-key.pem
 CA_CERT  := $(CERT_DIR)/ca-0-cert.pem
 SS_KEY   := $(CERT_DIR)/ss-key.pem
@@ -22,13 +17,8 @@ TLS_KEY  := $(CERT_DIR)/tls-key.pem
 TLS_CERT := $(CERT_DIR)/tls-cert.pem
 CA_DIR   := $(CERT_DIR)/cas
 CRL_DIR  := $(CERT_DIR)/crl
-CAS      := $(CA_CERT) $(CA_CERT2) $(CA_CERT3)
-CRL      := $(CERT_DIR)/ca-0-crl.pem
 UNKNOWN_KEY  := $(CERT_DIR)/unknown-key.pem
 UNKNOWN_CERT := $(CERT_DIR)/unknown-cert.pem
-PRES     := new exp ca-0 ca-1 ca-2 rev ss tls unknown
-CERTS    := $(TLS_CERT) $(NEW_CERT) $(EXP_CERT) $(SS_CERT) $(REV_CERT) \
-            $(UNKNOWN_CERT)
 LIBWOCKY := $(top_builddir)/wocky/libwocky.la
 TLSDEFS  := -DTLS_CA_KEY_FILE='"$(CA_KEY)"'      \
             -DTLS_CA_CRT_FILE='"$(CA_CERT)"'     \
@@ -46,13 +36,6 @@ TLSDEFS  := -DTLS_CA_KEY_FILE='"$(CA_KEY)"'      \
             -DTLS_SERVER_CRT_FILE='"$(TLS_CERT)"'\
             -DTLS_CRL_DIR='"$(CRL_DIR)"'         \
             -DTLS_CA_DIR='"$(CA_DIR)"'
-DAY      := 86400
-YEAR     := 365 * $(DAY)
-TIMEWARP := 28 * $(YEAR)
-FUTURE   := $(shell date +'%Y-%m-%d %H:%M' -d @$$(($$(date +%s) + $(TIMEWARP))))
-PAST     := $(shell date +'%Y-%m-%d %H:%M' -d @$$(($$(date +%s) - $(DAY) * 7)))
-FILTER_BITS := grep -v '^[	 ]\+\([a-f0-9]\{2\}:\)\+[a-f0-9]\{2\}$$'
-check_bin = $(or $(shell test -x "$(1)" && echo Y), $(error Need $(2) to $(3)))
 ############################################################################
 TEST_PROGS = wocky-xmpp-reader-test \
   wocky-xmpp-readwrite-test \
@@ -245,14 +228,8 @@ check_c_sources = \
   $(wocky_ping_test_SOURCES)
 
 
-.PRECIOUS: %.pem
-
 all: $(TEST_PROGS)
 
-certs: $(CERTS)
-certs: $(CRL_DIR)/ca-0-crl.pem 
-certs: $(foreach x,0 1 2,$(CA_DIR)/ca-$(x)-cert.pem)
-
 test-report: test-report.xml
 	gtester-report $(top_builddir)/tests/$@.xml > \
 	  $(top_builddir)/tests/$@.html
@@ -275,93 +252,12 @@ test-%: wocky-%-test
 		echo "No python available, not summarizing test results" ; \
 	fi
 
-.PHONY: test test-report certs
+.PHONY: test test-report
 
 include $(top_srcdir)/tools/check-coding-style.mk
 check-local: test check-coding-style
 
 ############################################################################
-# x509 certificates:
-certtool:
-	@echo $(or $(shell test -x "$(CERTTOOL)" && echo $@ OK), \
-	           $(warning Need $@ to rebuild test certs))
-	@touch $@
-
-tardis:
-	@echo $(or $(shell test -x "$(TARDIS)" && echo $@ OK),   \
-	           $(warning Need datefudge to rebuild expired/inactive test certs))
-	@touch $@
-
-%-key.pem:
-	@echo $(call check_bin,$(CERTTOOL),certtool,rebuild $@)
-	$(GENKEY) $@
-
-%/ss-cert.pem: %/ss-key.pem %/ss-cert.cfg
-	$(CERTTOOL) --generate-self-signed            \
-	            --load-privkey $<                 \
-	            --template     $(basename $@).cfg \
-	            --outfile      $@ 2>&1 | $(FILTER_BITS)
-
-%/unknown-ca-cert.pem: %/unknown-ca-key.pem %/unknown-ca-cert.cfg
-	$(CERTTOOL) --generate-self-signed            \
-	            --load-privkey $<                 \
-	            --template     $(basename $@).cfg \
-	            --outfile      $@ 2>&1 | $(FILTER_BITS)
-
-certs/ca-%-cert.pem $(CERT_DIR)/ca-%-cert.pem: $(CERT_DIR)/ca-%-key.pem $(CERT_DIR)/ca-%-cert.cfg
-	$(CERTTOOL) --generate-self-signed            \
-	            --load-privkey $<                 \
-	            --template     $(basename $@).cfg \
-	            --outfile      $@ 2>&1 | $(FILTER_BITS)
-
-%/rev-cert.pem: export CERTCMD = $(CERTTOOL)
-%/tls-cert.pem: export CERTCMD = $(CERTTOOL)
-%/new-cert.pem: export CERTCMD = $(TARDIS) "$(FUTURE)" $(CERTTOOL)
-%/exp-cert.pem: export CERTCMD = $(TARDIS) "$(PAST)"   $(CERTTOOL)
-
-$(NEW_CERT) $(EXP_CERT) certs/exp-cert.pem certs/new-cert.pem: NEED_TIME = 1
-
-%/unknown-cert.pem: export CERTCMD = $(CERTTOOL)
-%/unknown-cert.pem: export CA_CERT = $*/unknown-ca-cert.pem
-%/unknown-cert.pem: export CA_KEY  = $*/unknown-ca-key.pem
-
-%/unknown-cert.pem: %/unknown-key.pem %/unknown-cert.cfg %/unknown-ca-cert.pem
-	$(CERTTOOL) --generate-certificate                       \
-                --load-ca-certificate $*/unknown-ca-cert.pem \
-	            --load-ca-privkey     $*/unknown-ca-key.pem  \
-	            --load-privkey        $*/unknown-key.pem     \
-	            --template            $*/unknown-cert.cfg    \
-	            --outfile             $@ 2>&1 | $(FILTER_BITS)
-
-%-cert.pem: %-key.pem %-cert.cfg $(CA_CERT)
-	@echo "CERTIFICATE $@ ($(CERTCMD)): $^"
-	@echo $(call check_bin,$(CERTTOOL),certtool,rebuild $@)
-	@echo $(if $(NEED_TIME),$(call check_bin,$(TARDIS),datefudge,rebuild $@))
-	$(CERTCMD)  --generate-certificate                   \
-                --load-ca-certificate $(CA_CERT)         \
-	            --load-ca-privkey     $(CA_KEY)	         \
-	            --load-privkey        $<                 \
-	            --template            $*-cert.cfg        \
-	            --outfile             $@ 2>&1 | $(FILTER_BITS)
-
-$(CRL): $(REV_CERT) $(CA_CERT) $(CA_KEY)
-	$(CERTTOOL) --generate-crl        \
-	            --template $(basename $@).cfg     \
-	            --load-ca-privkey     $(CA_KEY)   \
-	            --load-ca-certificate $(CA_CERT)  \
-	            --load-certificate    $(REV_CERT) \
-                --outfile             $@ 2>&1 | $(FILTER_BITS)
-
-$(CA_DIR) $(CRL_DIR):
-	@mkdir -p $@
-
-$(CA_DIR)/%.pem: $(CERT_DIR)/%.pem
-	@cp -av $< $@
-
-$(CRL_DIR)/%.pem: $(CERT_DIR)/%.pem
-	@cp -av $< $@
-
-############################################################################
 
 SUPPRESSIONS = \
 	threadlocal.supp \
author	Sjoerd Simons <sjoerd.simons@collabora.co.uk>	2010-05-26 17:17:47 +0100
committer	Sjoerd Simons <sjoerd.simons@collabora.co.uk>	2010-05-26 17:17:47 +0100
commit	51ee0b1e860c99ae8dbaa58909d247ab54d834c1 (patch)
tree	fe2a5c59781c2fa3b241225c0ecd28b0acfd69e9 /tests/Makefile.am
parent	a9a52910d54c5d5f84bf9707eba7ab58192c2a07 (diff)
download	wocky-51ee0b1e860c99ae8dbaa58909d247ab54d834c1.tar.gz