On 09/08/12 17:07, Shawn Walker wrote:
On 09/08/12 16:58, Danek Duvall wrote:
Shawn Walker wrote:
https://cr.opensolaris.org/action/browse/pkg/swalker/depot-ssl/webrev/
t_https.py:
[snip]
Removed.
- line 491: doesn't this get overwritten for each c in certs?
Yeah, I lifted this from another test. I think the assumption is that
the last cert you specify is the the last in the chain so is the one
that is needed for CA certification.
Without this, the test fails, so I kinda shrugged and went on.
I'm not sure why you copy and pasted instead of using seed_ta_dir that's
in pkg5unittest.py. The only difference I see is that the environment
variable ssl_ca_cert is set, which could be done after the call to the
parent's seed_ta_dir.
I notice that we've got seed_ta_dir scattered around the test suite, so
I'll file a bug to remove/adjust those.
Personally, I think the whole cert/key stuff needs another rewhack.
It's convenient, but very messy, and slight customisations require
copy/paste which sucks.
I'm open to suggestions which don't require us to generate the
certs/keys on the fly which would be slower (I think), and would make
debugging signing and https tests more difficult when the bug is in the
certificate verification code.
Brock
Thanks,
-Shawn
_______________________________________________
pkg-discuss mailing list
[email protected]
http://mail.opensolaris.org/mailman/listinfo/pkg-discuss
_______________________________________________
pkg-discuss mailing list
[email protected]
http://mail.opensolaris.org/mailman/listinfo/pkg-discuss
