From 195fe35b457f9364b2ada5f709e6ea6f1bfcfdc9 Mon Sep 17 00:00:00 2001 From: Christoph Galuschka Date: Dec 13 2011 17:25:43 +0000 Subject: minor modification to git-readme, new test for openssl --- diff --git a/doc/first_steps_with_git b/doc/first_steps_with_git index 58554e8..82e9760 100644 --- a/doc/first_steps_with_git +++ b/doc/first_steps_with_git @@ -70,4 +70,7 @@ With time your gitorious clone and your local copy will drift from the t_functio "git fetch upstream" will fetch the current master from gitorious. "git merge upstream/master" will now merge your local copy with the previously fetched master. This effectively writes all master changes to your local copy. +If - for any reason - you are unable to sync your repos correctly, you can always delete your clone at gitorious and +create a new one. + Happy git'ing and testing! diff --git a/tests/p_openssl/0_install_openssl.sh b/tests/p_openssl/0_install_openssl.sh new file mode 100755 index 0000000..0fd46e4 --- /dev/null +++ b/tests/p_openssl/0_install_openssl.sh @@ -0,0 +1,6 @@ +#!/bin/sh +# Author: Christoph Galuschka + +t_Log "Running $0 - attempting to install openssl." +t_InstallPackage openssl + diff --git a/tests/p_openssl/10-openssl-cert-test.sh b/tests/p_openssl/10-openssl-cert-test.sh new file mode 100755 index 0000000..0c5a558 --- /dev/null +++ b/tests/p_openssl/10-openssl-cert-test.sh @@ -0,0 +1,105 @@ +#!/bin/sh +# Author: Christoph Galuschka + +t_Log "Running $0 - openssl create self signed certificate, build symlink and verify certificate test." + +ret_val=0 + +# create working-dir +TESTDIR='/var/tmp/openssl-test' + +mkdir -p $TESTDIR + +#create private key +if (t_GetPkgRel basesystem | grep -q el6) + then + openssl genpkey -algorithm rsa -out $TESTDIR/server.key.secure -pkeyopt rsa_keygen_bits:2048 > /dev/null 2>&1 +else + openssl genrsa -passout pass:centos -des3 -rand file1:file2:file3:file4:file5 -out $TESTDIR/server.key.secure 2048 > /dev/null 2>&1 +fi +if [ $? == 1 ] + then t_Log "Creation of private key failed." + ret_val=1 + exit +fi + +#create default answer file +cat > $TESTDIR/openssl_answers< /dev/null 2>&1 +else + openssl rsa -passin pass:centos -in $TESTDIR/server.key.secure -out $TESTDIR/server.key > /dev/null 2>&1 +fi +if [ $? == 1 ] + then t_Log "Creation of server key failed." + ret_val=1 + exit +fi + +openssl req -batch -config $TESTDIR/openssl_answers -new -key $TESTDIR/server.key -out $TESTDIR/server.csr > /dev/null 2>&1 +if [ $? == 1 ] + then t_Log "Creation of CSR failed." + ret_val=1 + exit +fi + +openssl x509 -req -days 3600 -in $TESTDIR/server.csr -signkey $TESTDIR/server.key -out $TESTDIR/server.crt > /dev/null 2>&1 +if [ $? == 1 ] + then t_Log "Creation of CRT failed." + ret_val=1 + exit +fi + +# get openssl-Path +sslvar=$(openssl version -d) +regex='OPENSSLDIR\:\ \"(.*)\"' +if [[ $sslvar =~ $regex ]] + then + sslpath=${BASH_REMATCH[1]} +else + t_Log "Could not find openssl config directory" + ret_val=1 + exit +fi + +# prepare verification of certificate +cp $TESTDIR/server.crt $sslpath/certs/ +HASH=$(openssl x509 -noout -hash -in $sslpath/certs/server.crt) +if [ $? == 1 ] + then t_Log "Creation of Certificate HASH failed." + ret_val=1 + exit +fi + +#Link Hash to Cert +ln -s $sslpath/certs/server.crt $sslpath/certs/${HASH}.0 + +#do verification +openssl verify /var/tmp/openssl-test/server.crt |grep -c -q OK +if [ $? == 1 ] + then t_Log "Self signed Cert verification failed." + ret_val=1 + exit +fi +t_CheckExitStatus $ret_val + +#reversing changes +/bin/rm -rf $TESTDIR $sslpath/certs/server.crt $sslpath/certs/${HASH}*