diff options
Diffstat (limited to 'trust/test-extract.in')
| -rw-r--r-- | trust/test-extract.in | 189 |
1 files changed, 0 insertions, 189 deletions
diff --git a/trust/test-extract.in b/trust/test-extract.in deleted file mode 100644 index 59f6cd6..0000000 --- a/trust/test-extract.in +++ /dev/null @@ -1,189 +0,0 @@ -#!/bin/sh - -set -euf - -# ----------------------------------------------------------------------------- -# Basic fundamentals - -prefix=@prefix@ -exec_prefix=@exec_prefix@ -datarootdir=@datarootdir@ -datadir=@datadir@ -sysconfdir=@sysconfdir@ -libdir=@libdir@ -privatedir=@privatedir@ -with_trust_paths=@with_trust_paths@ -script=$(basename $0) - -# ----------------------------------------------------------------------------- -# Testing - -warning() -{ - echo "$script: $@" >&2 -} - -assert_fail() -{ - warning $@ - exit 1 -} - -assert_contains() -{ - if ! grep -qF $2 $1; then - assert_fail "$1 does not contain $2" - fi -} - -assert_not_contains() -{ - if grep -qF $2 $1; then - assert_fail "$1 contains $2" - fi -} - -teardown() -{ - for x in $TD; do - if [ -d $x ]; then - rmdir $x - elif [ -f $x ]; then - rm $x - fi - done - TD="" -} - -teardown_dirty() -{ - echo "not ok $TEST_NUMBER $TEST_NAME" - teardown -} - -openssl_quiet() -( - command='/Generating a|-----|^[.+]+$|writing new private key/d' - exec 3>&1 - openssl $@ 2>&1 >&3 3>&- | sed -r "$command" 3>&- -) - -skip() -{ - TEST_SKIP=yes - echo "ok $TEST_NUMBER # skip $TEST_NAME: $@" -} - -setup() -{ - # Parse the trust paths - oldifs="$IFS" - IFS=: - set $with_trust_paths - IFS="$oldifs" - - if [ ! -d $1 ]; then - skip "$1 is not a directory" - return - fi - - SOURCE_1=$1 - if [ $# -lt 2 ]; then - warning "certain tests neutered if only 1 trust path: $with_trust_paths" - SOURCE_2=$1 - else - SOURCE_2=$2 - fi - - # Make a temporary directory - dir=$(mktemp -d) - cd $dir - CLEANUP="$dir $TD" - - # Generate a unique identifier - CERT_1_CN=test_$(dd if=/dev/urandom count=40 bs=1 status=none | base64 | tr -d '+/=') - CERT_2_CN=test_$(dd if=/dev/urandom count=40 bs=1 status=none | base64 | tr -d '+/=') - CERT_3_CN=test_$(dd if=/dev/urandom count=40 bs=1 status=none | base64 | tr -d '+/=') - - # Generate relevant certificates - openssl_quiet req -x509 -newkey rsa:512 -keyout /dev/null -days 3 -nodes \ - -out cert_1.pem -subj /CN=$CERT_1_CN - openssl_quiet req -x509 -newkey rsa:512 -keyout /dev/null -days 3 -nodes \ - -out cert_2.pem -subj /CN=$CERT_2_CN - openssl_quiet req -x509 -newkey rsa:512 -keyout /dev/null -days 3 -nodes \ - -out cert_3.pem -subj /CN=$CERT_3_CN - - TD="cert_1.pem cert_2.pem cert_3.pem $TD" - - mkdir -p $SOURCE_1/anchors - cp cert_1.pem $SOURCE_1/anchors/ - - mkdir -p $SOURCE_2/anchors - cp cert_2.pem $SOURCE_2/anchors/ - cp cert_3.pem $SOURCE_2/anchors/ - - TD="$SOURCE_1/anchors/cert_1.pem $SOURCE_2/anchors/cert_2.pem $SOURCE_2/anchors/cert_3.pem $TD" -} - -run() -{ - TOTAL=0 - for TEST_NAME in $@; do - TOTAL=$(expr $TOTAL + 1) - done - - echo "1..$TOTAL" - - TEST_NUMBER=0 - for TEST_NAME in $@; do - TEST_NUMBER=$(expr $TEST_NUMBER + 1) - ( - trap teardown_dirty EXIT - trap "teardown_dirty; exit 127" INT TERM - TD="" - - TEST_SKIP=no - setup - - if [ $TEST_SKIP != "yes" ]; then - $TEST_NAME - fi - if [ $TEST_SKIP != "yes" ]; then - echo "ok $TEST_NUMBER $TEST_NAME" - fi - - trap - EXIT - teardown - ) - done -} - -# ----------------------------------------------------------------------------- -# Main tests - -test_extract() -{ - trust extract --filter=ca-anchors --format=pem-bundle \ - --purpose=server-auth --comment \ - extract-test.pem - - assert_contains extract-test.pem $CERT_1_CN - assert_contains extract-test.pem $CERT_2_CN - assert_contains extract-test.pem $CERT_3_CN -} - -test_blacklist() -{ - mkdir -p $SOURCE_1/blacklist - cp cert_3.pem $SOURCE_1/blacklist - TD="$SOURCE_1/blacklist/cert_3.pem $TD" - - trust extract --filter=ca-anchors --format=pem-bundle \ - --purpose=server-auth --comment \ - blacklist-test.pem - - assert_contains blacklist-test.pem $CERT_1_CN - assert_not_contains blacklist-test.pem $CERT_3_CN -} - -run test_extract test_blacklist |