Re: [PATCH 2/4] Avoid re-generating certs every time

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 06.08.2013 13:35, Daniel P. Berrange wrote:
> From: "Daniel P. Berrange" <berrange@xxxxxxxxxx>
> 
> Currently every test case in the TLS test suite generates the
> certs fresh. This is a waste of time, since its parameters
> don't change across test cases. Create certs once in main
> method.
> 
> Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx>
> ---
>  tests/virnettlscontexttest.c | 670 +++++++++++++++++++++++--------------------
>  tests/virnettlshelpers.c     |   9 +-
>  tests/virnettlshelpers.h     |   4 +-
>  tests/virnettlssessiontest.c | 152 +++++-----
>  4 files changed, 445 insertions(+), 390 deletions(-)
> 
> diff --git a/tests/virnettlscontexttest.c b/tests/virnettlscontexttest.c
> index 0a0d31a..a02e724 100644
> --- a/tests/virnettlscontexttest.c
> +++ b/tests/virnettlscontexttest.c

> @@ -124,38 +118,54 @@ mymain(void)
>          data.careq = _caReq;                                            \
>          data.certreq = _certReq;                                        \
>          data.expectFail = _expectFail;                                  \
> -        if (virtTestRun("TLS Context", 1, testTLSContextInit, &data) < 0) \
> +        if (virtTestRun("TLS Context " #_caReq  " + " #_certReq, 1,     \
> +                        testTLSContextInit, &data) < 0)                 \
>              ret = -1;                                                   \
>      } while (0)
>  
> +# define TLS_CERT_REQ(varname, cavarname,                               \
> +                      co, cn, an1, an2, ia1, ia2, bce, bcc, bci,        \
> +                      kue, kuc, kuv, kpe, kpc, kpo1, kpo2, so, eo)      \
> +    static struct testTLSCertReq varname = {                            \
> +        NULL, #varname ".pem",                                          \
> +        co, cn, an1, an2, ia1, ia2, bce, bcc, bci,                      \
> +        kue, kuc, kuv, kpe, kpc, kpo1, kpo2, so, eo                     \
> +    };                                                                  \
> +    testTLSGenerateCert(&varname, cavarname.crt)
> +    

Trailing whitespace

> +# define TLS_ROOT_REQ(varname,                                          \
> +                      co, cn, an1, an2, ia1, ia2, bce, bcc, bci,        \
> +                      kue, kuc, kuv, kpe, kpc, kpo1, kpo2, so, eo)      \
> +    static struct testTLSCertReq varname = {                            \
> +        NULL, #varname ".pem",                                          \
> +        co, cn, an1, an2, ia1, ia2, bce, bcc, bci,                      \
> +        kue, kuc, kuv, kpe, kpc, kpo1, kpo2, so, eo                     \
> +    };                                                                  \
> +    testTLSGenerateCert(&varname, NULL)
> +
> +

> diff --git a/tests/virnettlssessiontest.c b/tests/virnettlssessiontest.c
> index 9c5b3ca..6c71ac9 100644
> --- a/tests/virnettlssessiontest.c
> +++ b/tests/virnettlssessiontest.c

> @@ -292,68 +273,87 @@ mymain(void)
>          data.expectClientFail = _expectClientFail;                      \
>          data.hostname = _hostname;                                      \
>          data.wildcards = _wildcards;                                    \
> -        if (virtTestRun("TLS Session", 1, testTLSSessionInit, &data) < 0) \
> +        if (virtTestRun("TLS Session " #_serverReq " + " #_clientReq,   \
> +                        1, testTLSSessionInit, &data) < 0)              \
>              ret = -1;                                                   \
>      } while (0)
>  
> +# define TLS_CERT_REQ(varname, cavarname,                               \
> +                      co, cn, an1, an2, ia1, ia2, bce, bcc, bci,        \
> +                      kue, kuc, kuv, kpe, kpc, kpo1, kpo2, so, eo)      \
> +    static struct testTLSCertReq varname = {                            \
> +        NULL, #varname ".pem",                                          \
> +        co, cn, an1, an2, ia1, ia2, bce, bcc, bci,                      \
> +        kue, kuc, kuv, kpe, kpc, kpo1, kpo2, so, so                     \
> +    };                                                                  \
> +    testTLSGenerateCert(&varname, cavarname.crt)
> +    

Trailing whitespace

> +# define TLS_ROOT_REQ(varname,                                          \
> +                      co, cn, an1, an2, ia1, ia2, bce, bcc, bci,        \
> +                      kue, kuc, kuv, kpe, kpc, kpo1, kpo2, so, eo)      \
> +    static struct testTLSCertReq varname = {                            \
> +        NULL, #varname ".pem",                                          \
> +        co, cn, an1, an2, ia1, ia2, bce, bcc, bci,                      \
> +        kue, kuc, kuv, kpe, kpc, kpo1, kpo2, so, so                     \
> +    };                                                                  \
> +    testTLSGenerateCert(&varname, NULL)
> +
>      /* A perfect CA, perfect client & perfect server */
>  
>      /* Basic:CA:critical */
> -    static struct testTLSCertReq cacertreq = {
> -        NULL, NULL, "cacert.pem", "UK",
> -        "libvirt CA", NULL, NULL, NULL, NULL,
> -        true, true, true,
> -        true, true, GNUTLS_KEY_KEY_CERT_SIGN,
> -        false, false, NULL, NULL,
> -        0, 0,
> -    };
> -    static struct testTLSCertReq cacert1req = {
> -        NULL, NULL, "cacert1.pem", "UK",
> -        "libvirt CA 1", NULL, NULL, NULL, NULL,
> -        true, true, true,
> -        false, false, 0,
> -        false, false, NULL, NULL,
> -        0, 0,
> -    };
> -    static struct testTLSCertReq servercertreq = {
> -        NULL, NULL, "servercert.pem", "UK",
> -        "libvirt.org", NULL, NULL, NULL, NULL,
> -        true, true, false,
> -        true, true, GNUTLS_KEY_DIGITAL_SIGNATURE | GNUTLS_KEY_KEY_ENCIPHERMENT,
> -        true, true, GNUTLS_KP_TLS_WWW_SERVER, NULL,
> -        0, 0,
> -    };
> -    static struct testTLSCertReq clientcertreq = {
> -        NULL, NULL, "clientcert.pem", "UK",
> -        "libvirt", NULL, NULL, NULL, NULL,
> -        true, true, false,
> -        true, true, GNUTLS_KEY_DIGITAL_SIGNATURE | GNUTLS_KEY_KEY_ENCIPHERMENT,
> -        true, true, GNUTLS_KP_TLS_WWW_CLIENT, NULL,
> -        0, 0,
> -    };
> +    TLS_ROOT_REQ(cacertreq, 

Trailing whitespace

> +                  "UK", "libvirt CA", NULL, NULL, NULL, NULL,
> +                  true, true, true,
> +                  true, true, GNUTLS_KEY_KEY_CERT_SIGN,
> +                  false, false, NULL, NULL,
> +                  0, 0);

Michal

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list




[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]