From d94247cb9f7746f75b176cbed0a32e9e902e7e7d Mon Sep 17 00:00:00 2001 From: Magnus Ahltorp Date: Fri, 20 Jan 2017 00:32:45 +0100 Subject: API keys are now provided in the config file. Also added CA cert verification for internal TLS connections. --- test/Makefile | 1 + test/catlfish-test.cfg | 28 ---------------------------- test/catlfish-test.cfg.in | 28 ++++++++++++++++++++++++++++ test/scripts/light-system-test-prepare.sh | 29 ++++++++++++++++++----------- 4 files changed, 47 insertions(+), 39 deletions(-) delete mode 100644 test/catlfish-test.cfg create mode 100644 test/catlfish-test.cfg.in (limited to 'test') diff --git a/test/Makefile b/test/Makefile index c92c30d..f311208 100644 --- a/test/Makefile +++ b/test/Makefile @@ -11,6 +11,7 @@ tests-wait: sleep 5 tests-makemk: + cat $(PREFIX)/test/catlfish-test.cfg.in | sed 's/@[A-Z0-9-]*@//' > $(PREFIX)/test/catlfish-test.cfg $(PREFIX)/tools/compileconfig.py --config=$(PREFIX)/test/catlfish-test.cfg --testshellvars=$(PREFIX)/test/test.shvars --machines 1 tests: diff --git a/test/catlfish-test.cfg b/test/catlfish-test.cfg deleted file mode 100644 index 39288c7..0000000 --- a/test/catlfish-test.cfg +++ /dev/null @@ -1,28 +0,0 @@ -baseurl: https://localhost:8080/ - -frontendnodes: - - name: frontend-1 - publicaddress: localhost:8080 - address: localhost:8082 - -storagenodes: - - name: storage-1 - address: localhost:8081 - -signingnodes: - - name: signing-1 - address: localhost:8088 - -mergenodes: - - name: merge-1 - address: localhost:8180 - - name: merge-2 - address: localhost:8181 - -primarymergenode: merge-1 - -backup-quorum-size: 1 - -storage-quorum-size: 1 - -mmd: 86400 diff --git a/test/catlfish-test.cfg.in b/test/catlfish-test.cfg.in new file mode 100644 index 0000000..39288c7 --- /dev/null +++ b/test/catlfish-test.cfg.in @@ -0,0 +1,28 @@ +baseurl: https://localhost:8080/ + +frontendnodes: + - name: frontend-1 + publicaddress: localhost:8080 + address: localhost:8082 + +storagenodes: + - name: storage-1 + address: localhost:8081 + +signingnodes: + - name: signing-1 + address: localhost:8088 + +mergenodes: + - name: merge-1 + address: localhost:8180 + - name: merge-2 + address: localhost:8181 + +primarymergenode: merge-1 + +backup-quorum-size: 1 + +storage-quorum-size: 1 + +mmd: 86400 diff --git a/test/scripts/light-system-test-prepare.sh b/test/scripts/light-system-test-prepare.sh index 6f6dd07..df45d25 100755 --- a/test/scripts/light-system-test-prepare.sh +++ b/test/scripts/light-system-test-prepare.sh @@ -38,6 +38,7 @@ createcert () { createca createcert +cafingerprint=$(openssl x509 -in httpsca/demoCA/cacert.pem -noout -sha256 -fingerprint | sed -e 's/.*=//' -e 's/://g') mkdir keys (cd keys ; ${top_srcdir}/tools/create-key.sh logkey) openssl pkcs8 -topk8 -nocrypt -in keys/logkey-private.pem -out keys/logkey-private.pkcs8 @@ -48,6 +49,23 @@ touch mergedb-secondary/logorder printf 0 > mergedb-secondary/verifiedsize mkdir known_roots cp ${top_srcdir}/tools/testcerts/roots/* known_roots +mkdir privatekeys +mkdir publickeys +echo "apikeys:" > api-keys.cfg +for node in ${NODES}; do \ + (cd privatekeys ; ${top_srcdir}/tools/create-key.sh ${node}) + apipk=$(grep -v '^-----' privatekeys/${node}.pem | tr '\n' ' ') + mkdir -p nodes/${node}/log + echo " - nodename: ${node}" >> api-keys.cfg + echo " publickey: ${apipk}" >> api-keys.cfg +done + +logpk=$(grep -v '^-----' keys/logkey.pem | tr '\n' ' ') +echo "logpublickey: ${logpk}" >> api-keys.cfg +echo "cafingerprint: ${cafingerprint}" >> api-keys.cfg + + +cat ${top_srcdir}/test/catlfish-test.cfg.in api-keys.cfg > ${top_srcdir}/test/catlfish-test.cfg for machine in ${MACHINES}; do \ ${top_srcdir}/tools/compileconfig.py --config ${top_srcdir}/test/catlfish-test.cfg --localconfig ${top_srcdir}/test/catlfish-test-local-${machine}.cfg mkdir -p machine/machine-${machine}/db @@ -55,16 +73,5 @@ for machine in ${MACHINES}; do \ done ${top_srcdir}/tools/compileconfig.py --config ${top_srcdir}/test/catlfish-test.cfg --localconfig ${top_srcdir}/test/catlfish-test-local-merge-2.cfg ${top_srcdir}/tools/compileconfig.py --config ${top_srcdir}/test/catlfish-test.cfg --localconfig ${top_srcdir}/test/catlfish-test-local-signing.cfg -mkdir privatekeys -mkdir publickeys -for node in ${NODES}; do \ - (cd privatekeys ; ${top_srcdir}/tools/create-key.sh ${node}) ; \ - mv privatekeys/${node}.pem publickeys/ ; \ - mkdir -p nodes/${node}/log -done -(cd privatekeys ; ${top_srcdir}/tools/create-key.sh merge-1) -mv privatekeys/merge-1.pem publickeys/ -(cd privatekeys ; ${top_srcdir}/tools/create-key.sh merge-2) -mv privatekeys/merge-2.pem publickeys/ test -x ${SOFTHSM} && ${SOFTHSM} --init-token --slot=0 --label=mylabel --so-pin=ffff --pin=ffff || true test -x ${SOFTHSM} && ${SOFTHSM} --import keys/logkey-private.pkcs8 --slot 0 --label mylabel --pin ffff --id 00 || true -- cgit v1.1