trafficserver-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From jackso...@apache.org
Subject [1/3] trafficserver git commit: Remove server.key and server.crt since tsqa has a pair. Address comments by jacksontj.
Date Tue, 30 Jun 2015 01:36:06 GMT
Repository: trafficserver
Updated Branches:
  refs/heads/master 1a160e13e -> 551e9a0e6


Remove server.key and server.crt since tsqa has a pair.
Address comments by jacksontj.


Project: http://git-wip-us.apache.org/repos/asf/trafficserver/repo
Commit: http://git-wip-us.apache.org/repos/asf/trafficserver/commit/9f9e611c
Tree: http://git-wip-us.apache.org/repos/asf/trafficserver/tree/9f9e611c
Diff: http://git-wip-us.apache.org/repos/asf/trafficserver/diff/9f9e611c

Branch: refs/heads/master
Commit: 9f9e611c8eaa750cb3c52194d29aaafdc3474cb0
Parents: 56da67c
Author: Bin Zeng <bzeng@linkedin.com>
Authored: Fri Apr 24 11:54:26 2015 -0700
Committer: Thomas Jackson <jacksontj@apache.org>
Committed: Mon Jun 29 18:07:25 2015 -0700

----------------------------------------------------------------------
 ci/new_tsqa/files/rsa_keys/server.crt           | 16 --------------
 ci/new_tsqa/files/rsa_keys/server.key           | 15 -------------
 .../tests/test_tls_ticket_key_rotation.py       | 23 +++++++++-----------
 3 files changed, 10 insertions(+), 44 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/trafficserver/blob/9f9e611c/ci/new_tsqa/files/rsa_keys/server.crt
----------------------------------------------------------------------
diff --git a/ci/new_tsqa/files/rsa_keys/server.crt b/ci/new_tsqa/files/rsa_keys/server.crt
deleted file mode 100644
index db84788..0000000
--- a/ci/new_tsqa/files/rsa_keys/server.crt
+++ /dev/null
@@ -1,16 +0,0 @@
------BEGIN CERTIFICATE-----
-MIICfzCCAegCCQD5X+YRIXU9pTANBgkqhkiG9w0BAQUFADCBgzELMAkGA1UEBhMC
-VVMxCzAJBgNVBAgMAkNBMQswCQYDVQQHDAJNVjEQMA4GA1UECgwHSGFja2luZzER
-MA8GA1UECwwIU2VjdXJpdHkxEjAQBgNVBAMMCTEyNy4wLjAuMTEhMB8GCSqGSIb3
-DQEJARYSYnplbmdAbGlua2VkaW4uY29tMB4XDTE0MDcyOTE2NDgxOVoXDTI0MDcy
-NjE2NDgxOVowgYMxCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJDQTELMAkGA1UEBwwC
-TVYxEDAOBgNVBAoMB0hhY2tpbmcxETAPBgNVBAsMCFNlY3VyaXR5MRIwEAYDVQQD
-DAkxMjcuMC4wLjExITAfBgkqhkiG9w0BCQEWEmJ6ZW5nQGxpbmtlZGluLmNvbTCB
-nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAsHvcPHDgPj5kHTRFi9vXsKXmxwl7
-qzrQIh3r0psocbL02YY0n0aQzAoToGiDjXNu7+Ldg52UHj85WQXmkJlw+kau4i/7
-+FPnY/XeW0CNp7emW9XeZlGtu3XTHxGviS2XCsOWhKZkdL6b3cbxt3EzeFveSC2z
-/inYSnFDTfx+sE0CAwEAATANBgkqhkiG9w0BAQUFAAOBgQBFFugtKZHQSSr++bcm
-IYNZu2XVWJIzZAvvUyLwzNiTyo1sWF6E7IqtBJMjfhAGp8iKgTewaJJIPFqYZScV
-X03VMRUPN0YOVGVbzrZs+mgo8IgvXb/gzpgisbLMNbOyffh6rFOc44TYJKb1ogxw
-E67cvhwsvvLIvlcaI77B3vO6iQ==
------END CERTIFICATE-----

http://git-wip-us.apache.org/repos/asf/trafficserver/blob/9f9e611c/ci/new_tsqa/files/rsa_keys/server.key
----------------------------------------------------------------------
diff --git a/ci/new_tsqa/files/rsa_keys/server.key b/ci/new_tsqa/files/rsa_keys/server.key
deleted file mode 100644
index a6805d5..0000000
--- a/ci/new_tsqa/files/rsa_keys/server.key
+++ /dev/null
@@ -1,15 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIICXAIBAAKBgQCwe9w8cOA+PmQdNEWL29ewpebHCXurOtAiHevSmyhxsvTZhjSf
-RpDMChOgaIONc27v4t2DnZQePzlZBeaQmXD6Rq7iL/v4U+dj9d5bQI2nt6Zb1d5m
-Ua27ddMfEa+JLZcKw5aEpmR0vpvdxvG3cTN4W95ILbP+KdhKcUNN/H6wTQIDAQAB
-AoGARM+2enaEaKCJBn4IE9UfD0hQaBDBgG0JFBRYi6Blr5dYMqxKPkQUVwoixuuZ
-R4DXo37wYc4CH50FLjnHwV+ilb0mvqRYPTwVOlUIRpvN9CHS8RZmccmUwxtTG128
-81hFAz0VJBQ0+SHvha8XGCBfbQAEjHxIYORrHOKs/4KO+MECQQDebyVdBRTmvAF/
-2zt5jvWkSvUX49n0SLsok2pH2nConvKwQ2J0I6wXw4sNSnbsDik6pJjDFx/rLZpz
-OfcRLUvRAkEAyx2bZE1r5M3y7HGM6rmRv5zP86wFsoPryxFVi4t9ZHSynkarSNWA
-4YGT44MsctYrij4eSqztBiIGBbtVnwsHvQJAQEJRw/a03BeSQ1Kdcvem5Ui2V6l+
-jMD6OLWlrY5gn4YTzHIbHjwz+kWGhVdu1bEdnhBxBWNH2FQ7W3ByfObeEQJBAK9p
-VEedLS6eRcq4jbAwrpRCQrz3tLvkfgATakNnJdVZiuBxu37dE76sfyGeqQZLu7JZ
-zyNCkDgZrgXJMTp29ikCQDdSanJybsmPxcjcjH/VmO058Hpt7+vRIsUljdKmdC0k
-Duzl8xSbIcKScQcrsPwpOr1SsiR6XFMqJxCiHLx/vMU=
------END RSA PRIVATE KEY-----

http://git-wip-us.apache.org/repos/asf/trafficserver/blob/9f9e611c/ci/new_tsqa/tests/test_tls_ticket_key_rotation.py
----------------------------------------------------------------------
diff --git a/ci/new_tsqa/tests/test_tls_ticket_key_rotation.py b/ci/new_tsqa/tests/test_tls_ticket_key_rotation.py
index d617384..3b9bc77 100644
--- a/ci/new_tsqa/tests/test_tls_ticket_key_rotation.py
+++ b/ci/new_tsqa/tests/test_tls_ticket_key_rotation.py
@@ -60,9 +60,9 @@ class TestTLSTicketKeyRotation(helpers.EnvironmentCase):
 
         # configure SSL multicert
 
-        cls.configs['ssl_multicert.config'].add_line('dest_ip=* ssl_cert_name={0} ssl_key_name={1}
ticket_key_name={2}'.format(helpers.tests_file_path('rsa_keys/server.crt'), helpers.tests_file_path('rsa_keys/server.key'),
helpers.tests_file_path('rsa_keys/ssl_ticket.key')))
+        cls.configs['ssl_multicert.config'].add_line('dest_ip=* ssl_cert_name={0} ssl_key_name={1}
ticket_key_name={2}'.format(helpers.tests_file_path('rsa_keys/ca.crt'), helpers.tests_file_path('rsa_keys/ca.key'),
helpers.tests_file_path('rsa_keys/ssl_ticket.key')))
 
-    def _get_cert(self, addr):
+    def start_connection(self, addr):
         '''
         Return the certificate for addr.
         '''
@@ -71,14 +71,13 @@ class TestTLSTicketKeyRotation(helpers.EnvironmentCase):
         sock = SSL.Connection(ctx, socket.socket(socket.AF_INET, socket.SOCK_STREAM))
         sock.connect(addr)
         sock.do_handshake()
-        return sock.get_peer_certificate()
 
     def test_tls_ticket_resumption(self):
         '''
         Make sure the new ticket key is loaded
         '''
         addr = ('127.0.0.1', self.ssl_port)
-        self._get_cert(addr)
+        self.start_connection(addr)
 
         # openssl s_client -connect 127.0.0.1:443 -tls1 < /dev/null
         sess = os.path.join(self.environment.layout.logdir, 'sess')
@@ -92,7 +91,7 @@ class TestTLSTicketKeyRotation(helpers.EnvironmentCase):
             if text.startswith("TLS session ticket:"):
                 ticket_exists = True
                 break
-        self.assertTrue(ticket_exists)
+        self.assertTrue(ticket_exists, "Sesssion tickets are not received")
 
         # check whether the session has been reused
         reused = False
@@ -103,7 +102,7 @@ class TestTLSTicketKeyRotation(helpers.EnvironmentCase):
             if text.startswith("Reused, TLSv1/SSLv3,"):
                 reused = True
                 break
-        self.assertTrue(reused)
+        self.assertTrue(reused, "TLS session was not reused!")
 
         # negative test case. The session is not reused.
         reused = False
@@ -114,14 +113,14 @@ class TestTLSTicketKeyRotation(helpers.EnvironmentCase):
             if text.startswith("Reused, TLSv1/SSLv3,"):
                 reused = True
                 break
-        self.assertFalse(reused)
+        self.assertFalse(reused, "TLS session has been reused!")
 
     def test_tls_ticket_rotation(self):
         '''
         Make sure the new ticket key is loaded
         '''
         addr = ('127.0.0.1', self.ssl_port)
-        self._get_cert(addr)
+        self.start_connection(addr)
 
         '''
         openssl s_client -connect server_ip:ssl_port -tls1 < /dev/null
@@ -149,10 +148,9 @@ class TestTLSTicketKeyRotation(helpers.EnvironmentCase):
                 break
             except Exception:
                 ++count
-                # If we have waited more than 30 seconds and the command still failed, quit
here.
+                # If we have tried 30 times and the command still failed, quit here.
                 if count > 30:
-                    self.assertTrue(False)
-                time.sleep(1)
+                    self.assertTrue(False, "Failed to get the number of renewed keys!")
 
         signal_cmd = os.path.join(self.environment.layout.bindir, 'traffic_line') + ' -x'
         tsqa.utils.run_sync_command(signal_cmd, stdout=subprocess.PIPE, shell=True)
@@ -168,8 +166,7 @@ class TestTLSTicketKeyRotation(helpers.EnvironmentCase):
             except Exception:
                 ++count
                 if count > 30:
-                    self.assertTrue(False)
-                time.sleep(1)
+                    self.assertTrue(False, "Failed to get the number of renewed keys!")
 
         # the number of ticket keys renewed has been increased.
         self.assertNotEqual(old_renewed, cur_renewed)


Mime
View raw message