Make the SSL tests run #1110

Merged
merged 1 commit into from Feb 1, 2014

Conversation

Projects
None yet
2 participants
@kinnison
Contributor

kinnison commented Jan 31, 2014

This patch adds an SSL key set for use during tests and causes the SSL tests to
be run if the server was built with OPENSSL support. In addition we fix the
TLS port to be bound to 127.0.0.1 which fixes 073's behaviour in SSL mode on an
IPv6 enabled host.

Signed-Off-By: Daniel Silverstone dsilvers@digital-scurf.org

@kinnison

This comment has been minimized.

Show comment
Hide comment
@kinnison

kinnison Jan 31, 2014

Contributor

Overall, this makes the SSL tests pass on Wheezy in full which is worth enabling so everyone checks :-)

Contributor

kinnison commented Jan 31, 2014

Overall, this makes the SSL tests pass on Wheezy in full which is worth enabling so everyone checks :-)

@skinkie

This comment has been minimized.

Show comment
Hide comment
@skinkie

skinkie Jan 31, 2014

Member

I really really do not want generated keys in our repo. Could you change it so automake generates one for us?

Member

skinkie commented Jan 31, 2014

I really really do not want generated keys in our repo. Could you change it so automake generates one for us?

@kinnison

This comment has been minimized.

Show comment
Hide comment
@kinnison

kinnison Jan 31, 2014

Contributor

I considered generating the key but it involves very unpleasant config files for the openssl application if you want to automate the generation. Is your objection based on something more than how unpleasant it is to have binary lumps in the repo?

Contributor

kinnison commented Jan 31, 2014

I considered generating the key but it involves very unpleasant config files for the openssl application if you want to automate the generation. Is your objection based on something more than how unpleasant it is to have binary lumps in the repo?

@skinkie

This comment has been minimized.

Show comment
Hide comment
@skinkie

skinkie Jan 31, 2014

Member

As mentioned before I want to prevent studity where someone actually feels stupid enough to copy the test keys from the test suite and put it in a production ssl site. Doesn't our contrib dir already have a script that creates self signed certs?

Member

skinkie commented Jan 31, 2014

As mentioned before I want to prevent studity where someone actually feels stupid enough to copy the test keys from the test suite and put it in a production ssl site. Doesn't our contrib dir already have a script that creates self signed certs?

@kinnison

This comment has been minimized.

Show comment
Hide comment
@kinnison

kinnison Jan 31, 2014

Contributor

Aah yes, preventing stupidity is good. Unfortunately that script isn't non-interactive :-(

Contributor

kinnison commented Jan 31, 2014

Aah yes, preventing stupidity is good. Unfortunately that script isn't non-interactive :-(

@kinnison

This comment has been minimized.

Show comment
Hide comment
@kinnison

kinnison Feb 1, 2014

Contributor

I've managed to write something, I'll be pushing a fresh branch soonish

Contributor

kinnison commented Feb 1, 2014

I've managed to write something, I'll be pushing a fresh branch soonish

@kinnison

This comment has been minimized.

Show comment
Hide comment
@kinnison

kinnison Feb 1, 2014

Contributor

Re-pushed -- opinions please :-)

Contributor

kinnison commented Feb 1, 2014

Re-pushed -- opinions please :-)

@kinnison

This comment has been minimized.

Show comment
Hide comment
@kinnison

kinnison Feb 1, 2014

Contributor

Re-pushed for openssl.cnf

Contributor

kinnison commented Feb 1, 2014

Re-pushed for openssl.cnf

Make the SSL tests run
This patch adds support for generating a SnakeOil SSL key during the QA suite
if the system has openssl.  It can take a little while on lower-powered systems
but on anything modern it should barely be noticable.

This means we can cause the SSL tests to be run if the server was built with
OPENSSL support.  In addition we fix the TLS port to be bound to 127.0.0.1
which fixes 073's behaviour in SSL mode on an IPv6 enabled host.

Signed-Off-By: Daniel Silverstone <dsilvers@digital-scurf.org>

skinkie added a commit that referenced this pull request Feb 1, 2014

Merge pull request #1110 from kinnison/kinnison/allow-ssl-tests
Make the SSL tests run. Thanks a lot @kinnison for polishing this up.
Run with: make test-ssl

@skinkie skinkie merged commit 3d41459 into cherokee:master Feb 1, 2014

@kinnison kinnison deleted the kinnison:kinnison/allow-ssl-tests branch Feb 1, 2014

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment