On Tue, Dec 13, 2016 at 22:50:55 +0000, David Woodhouse wrote:
> Why *doesn't* the Debian package honour $SOFTHSM2_CONF though?
Ok, it does, it's actually because the environment variable isn't being
passed to ocserv (and probably because the permissions on /etc/softhsm2
are wrong in Debian). The following fully fixes this for me
>From e26a4e19f528439fe7f02890d5bfe695365c3e9b Mon Sep 17 00:00:00 2001
From: Mike Miller <mtmiller at debian.org>
Date: Tue, 13 Dec 2016 14:51:28 -0800
Subject: [PATCH] Ensure full test suite uses local softhsm2.conf
Add SOFTHSM2_CONF to the test environment so it is picked up by both
ocserv and openconnect when needed.
Signed-off-by: Mike Miller <mtmiller at debian.org>
---
tests/auth-pkcs11 | 2 +-
tests/common.sh | 1 +
2 files changed, 2 insertions(+), 1 deletion(-)
diff --git a/tests/auth-pkcs11 b/tests/auth-pkcs11
index adc40f5..ee6dc5a 100755
--- a/tests/auth-pkcs11
+++ b/tests/auth-pkcs11
@@ -36,7 +36,7 @@ for TOKEN in ${pkcs11_tokens}; do
for KEY in ${pkcs11_keys}; do
echo -n "Connecting to obtain cookie (token ${TOKEN} key ${KEY})... "
CERTURI="pkcs11:token=${TOKEN};${KEY};pin-value=1234"
- ( echo "test" | HOME=${srcdir} SOFTHSM2_CONF=softhsm2.conf LD_PRELOAD=libsocket_wrapper.so \
+ ( echo "test" | HOME=${srcdir} LD_PRELOAD=libsocket_wrapper.so \
$OPENCONNECT -q $ADDRESS:443 -u test -c \"${CERTURI}\" --key-password 1234 --servercert=d66b507ae074d03b02eafca40d35f87dd81049d3 --cookieonly --passwd-on-stdin ) ||
fail $PID "Could not connect with token ${TOKEN} key ${KEY##*/}!"
done
diff --git a/tests/common.sh b/tests/common.sh
index d89cf83..c88954c 100644
--- a/tests/common.sh
+++ b/tests/common.sh
@@ -30,6 +30,7 @@ SOCKDIR="./sockwrap.$$.tmp"
mkdir -p $SOCKDIR
export SOCKET_WRAPPER_DIR=$SOCKDIR
export SOCKET_WRAPPER_DEFAULT_IFACE=2
+export SOFTHSM2_CONF=softhsm2.conf
ADDRESS=127.0.0.$SOCKET_WRAPPER_DEFAULT_IFACE
OPENCONNECT="eval LD_PRELOAD=libsocket_wrapper.so ${top_builddir}/openconnect"
--
2.10.2
--
mike
