Commit Graph

55 Commits

Author SHA1 Message Date
Daniel P. Berrange
677258ab02 Fix import of private key with older gnutls
With older GNUTLS the gnutls_x509_privkey_import function is
unable to import our private key. Instead we must use the
alternative gnutls_x509_privkey_import_pkcs8() (as certtool
does).

* virnettlscontexttest.c: Fix import of private key with
  older gnutls. Also add missing newlines to key
2011-07-25 13:47:11 -06:00
Daniel P. Berrange
567b8d69b9 Fix TLS context tests with expired certs
commit 5283ea9b1d changed the
semantics of the 'expire_offset' field in the test case struct
so that instead of being an absolute timestamp, it was a delta
relative to the current time. This broke the test cases which
were testing expiry of certificates, by putting the expiry
time into the future, instead of in the past.

Fix this by changing the expiry values to be negative, so that
the delta goes into the past again.

* virnettlscontexttest.c: Fix expiry tests
2011-07-25 16:21:19 +01:00
Eric Blake
d1f144d6fe tests: detect gnutls errors
* tests/virnettlscontexttest.c (testTLSLoadKey): Report errors.
2011-07-25 13:51:50 +08:00
Eric Blake
5283ea9b1d tests: fix compilation failures
Even though gnutls is a hard-req for libvirt, and gnutls depends
on libtasn1, that does not mean that you have to have the libtasn1
development files installed.  Skip the test rather than failing
compilation in that case.

With newer gcc, the test consumed too much stack space.  Move
things to static storage to fix that.

* configure.ac (AC_CHECK_HEADERS): Check for libtasn1.h.
(HAVE_LIBTASN1): New automake conditional.
* tests/Makefile.am (virnettlsconvirnettlscontexttest_SOURCES)
(virnettlscontexttest_LDADD): Allow compilation without libtasn1.
* tests/virnettlscontexttest.c: Skip test if headers not present.
(struct testTLSCertReq): Alter time members.
(testTLSGenerateCert): Reflect the change.
(mymain): Reduce stack usage.
2011-07-25 13:48:26 +08:00
Daniel P. Berrange
bd789dff80 Add a test case for certificate validation
This test case checks certification validation rules for

 - Basic constraints
 - Key purpose
 - Key usage
 - Start/expiry times

It checks initial context creation sanity checks, and live
session validation
2011-07-22 15:18:32 +01:00