aboutsummaryrefslogtreecommitdiffstats
path: root/tests/tls-verify-peer
diff options
context:
space:
mode:
authorGuilhem Moulin <guilhem@fripost.org>2020-12-10 14:34:48 +0100
committerGuilhem Moulin <guilhem@fripost.org>2020-12-11 11:20:41 +0100
commit26e5c04abfb81bdcbd4d89d9f9329b8433920b26 (patch)
treee73554f83d12471c55834be114bcd186885c2043 /tests/tls-verify-peer
parent17b263c49df682fc45f0e50cceb01db4366ad9a7 (diff)
test suite: always generate new certificates on `make test`.
In addition, sign test certificates with the same root CA. Hence running `make test` now requires OpenSSL 1.1.1 or later.
Diffstat (limited to 'tests/tls-verify-peer')
-rw-r--r--tests/tls-verify-peer/t10
1 files changed, 5 insertions, 5 deletions
diff --git a/tests/tls-verify-peer/t b/tests/tls-verify-peer/t
index 35c7c8d..9b676a6 100644
--- a/tests/tls-verify-peer/t
+++ b/tests/tls-verify-peer/t
@@ -28,9 +28,9 @@ verified_peer() {
}
# backup config
-install -m0600 "$XDG_CONFIG_HOME/interimap/config" "$XDG_CONFIG_HOME/interimap/config~"
+install -m0600 -- "$XDG_CONFIG_HOME/interimap/config" "$XDG_CONFIG_HOME/interimap/config~"
with_remote_config() {
- install -m0600 "$XDG_CONFIG_HOME/interimap/config~" "$XDG_CONFIG_HOME/interimap/config"
+ install -m0600 -- "$XDG_CONFIG_HOME/interimap/config~" "$XDG_CONFIG_HOME/interimap/config"
cat >>"$XDG_CONFIG_HOME/interimap/config"
}
@@ -53,12 +53,12 @@ capath=$(mktemp --tmpdir="$TMPDIR" --directory capath.XXXXXX)
step_start "SSL_CAfile"
if [ -f "/etc/ssl/certs/ca-certificates.crt" ]; then
- # our self-signed test cert should not be in there
+ # our fake root CA should not be in there
with_remote_config <<<"SSL_CAfile = /etc/ssl/certs/ca-certificates.crt"
unverified_peer
fi
-doveconf -c "$HOME_remote/.dovecot/config" -hx ssl_cert >"$capath/ca-certificates.crt"
+cp -T -- ~/.dovecot/conf.d/ca.crt "$capath/ca-certificates.crt"
with_remote_config <<<"SSL_CAfile = $capath/ca-certificates.crt"
verified_peer
step_done
@@ -66,7 +66,7 @@ step_done
step_start "SSL_CApath"
if [ -d "/etc/ssl/certs" ]; then
- # our self-signed test cert should not be in there
+ # our fake root CA should not be in there
with_remote_config <<<"SSL_CApath = /etc/ssl/certs"
unverified_peer
fi