diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2015-08-12 22:49:15 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2015-08-19 22:16:17 +0200 |
commit | 051b240d5db661d44e425e5fea835a9bd7d3ddaa (patch) | |
tree | 4bd15895c7f7cad3dcd3e355ad44738c85dc1e21 | |
parent | 3db978b095fc7ad1cc00c1558ad563ff4da09886 (diff) | |
download | gnutls-051b240d5db661d44e425e5fea835a9bd7d3ddaa.tar.gz |
tests: check whether the CRL generation code works as expected
-rw-r--r-- | tests/cert-tests/Makefile.am | 3 | ||||
-rwxr-xr-x | tests/cert-tests/crl | 55 |
2 files changed, 57 insertions, 1 deletions
diff --git a/tests/cert-tests/Makefile.am b/tests/cert-tests/Makefile.am index 0a941ba4a6..58207be2e4 100644 --- a/tests/cert-tests/Makefile.am +++ b/tests/cert-tests/Makefile.am @@ -29,7 +29,8 @@ EXTRA_DIST = ca-no-pathlen.pem no-ca-or-pathlen.pem aki-cert.pem \ template-nc.tmpl template-nc.pem xmpp-othername.pem \ suppressions.valgrind csr-invalid.der invalid-sig2.pem invalid-sig3.pem -dist_check_SCRIPTS = pathlen aki template-test pem-decoding dane crq invalid-sig +dist_check_SCRIPTS = pathlen aki template-test pem-decoding dane crq invalid-sig \ + crl TESTS = pathlen aki pem-decoding invalid-sig diff --git a/tests/cert-tests/crl b/tests/cert-tests/crl new file mode 100755 index 0000000000..9afd62b2fb --- /dev/null +++ b/tests/cert-tests/crl @@ -0,0 +1,55 @@ +#!/bin/sh + +# Copyright (C) 2015 Nikos Mavrogiannopoulos +# +# This file is part of GnuTLS. +# +# GnuTLS is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by the +# Free Software Foundation; either version 3 of the License, or (at +# your option) any later version. +# +# GnuTLS is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with GnuTLS; if not, write to the Free Software Foundation, +# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + +#set -e + +srcdir="${srcdir:-.}" +CERTTOOL="${CERTTOOL:-../../src/certtool${EXEEXT}}" +DIFF="${DIFF:-diff}" +if ! test -z "${VALGRIND}"; then + VALGRIND="${LIBTOOL:-libtool} --mode=execute ${VALGRIND} --error-exitcode=15" +fi +OUTFILE=out-crl.tmp +TMPFILE=tmp.tmpl + +echo "crl_next_update = 43" >$TMPFILE +echo "crl_number = 7" >>$TMPFILE + +${VALGRIND} "${CERTTOOL}" --generate-crl --load-ca-privkey "${srcdir}/template-test.key" --load-ca-certificate \ + "${srcdir}/template-test.pem" --load-certificate "${srcdir}/ca-certs.pem" --template \ + "${TMPFILE}" >${OUTFILE} 2>&1 +rc=$? + +# We're done. +if test "${rc}" != "0"; then + echo "CRL generation failed" + exit ${rc} +fi + +grep "Revoked certificates (152)" "${OUTFILE}" >/dev/null 2>&1 +if test "$?" != "0"; then + echo "CRL generation didn't succeed as expected" + exit 1 +fi + +rm -f "${OUTFILE}" +rm -f "${TMPFILE}" + +exit 0 |