Use separate CRL file for each test

To avoid conflicts when running in parallel

diff --git a/src/tests/modules/crl/accept.unlang b/src/tests/modules/crl/accept.unlang
index cd496660a016c1ff5f491323ae2e3057bb900c10..493ab27dac9e1ea22cc76ff18ff900c900bd2efd 100644 (file)
--- a/src/tests/modules/crl/accept.unlang
+++ b/src/tests/modules/crl/accept.unlang
@@ -11,6 +11,8 @@ prepare_cnf
 
 create_client_cert
 
+build_crl
+
 read_cert_serial
 
 session-state.TLS-Certificate.Serial = %bin(serial)

diff --git a/src/tests/modules/crl/module.conf b/src/tests/modules/crl/module.conf
index c8a23cb09269d2d8dfb2d3773f27845d899120fc..7b7f15e039caa26b00da6533c8e7250e48599ac9 100644 (file)
--- a/src/tests/modules/crl/module.conf
+++ b/src/tests/modules/crl/module.conf
@@ -1,7 +1,7 @@
 crl {
        source {
                dynamic {
-                       http = %exec_bin('/bin/cat', 'raddb/certs/rsa/ca.crl')
+                       http = %exec_bin('/bin/cat', "$ENV{MODULE_TEST_DIR}/ca%{clientno}.crl")
                }
        }
        ca_file = raddb/certs/rsa/ca.pem

diff --git a/src/tests/modules/crl/policy.conf b/src/tests/modules/crl/policy.conf
index 3184d67698b78c227ace9e8dffc0349f29968c69..1e8a8f04fb6431a7aab2ec8c8de91c0a3948fc86 100644 (file)
--- a/src/tests/modules/crl/policy.conf
+++ b/src/tests/modules/crl/policy.conf
@@ -29,8 +29,14 @@ create_client_cert {
 #
 revoke_client_cert {
        %exec('/usr/bin/openssl', 'ca', '-config', "$ENV{MODULE_TEST_DIR}/ca%{clientno}.cnf", '-batch', '-revoke', "$ENV{MODULE_TEST_DIR}/client%{clientno}.crt", '-keyfile', "$ENV{top_srcdir}raddb/certs/rsa/ca.key", '-cert', "$ENV{top_srcdir}raddb/certs/rsa/ca.pem", '-passin', 'pass:whatever')
-       %exec('/usr/bin/openssl', 'ca', '-gencrl', '-keyfile', "$ENV{top_srcdir}raddb/certs/rsa/ca.key", '-cert', "$ENV{top_srcdir}raddb/certs/rsa/ca.pem", '-config', "$ENV{MODULE_TEST_DIR}/ca%{clientno}.cnf", '-out', "$ENV{top_srcdir}raddb/certs/rsa/ca-crl.pem", '-key', 'whatever')
-       %exec('/usr/bin/openssl', 'crl', '-in', "$ENV{top_srcdir}raddb/certs/rsa/ca-crl.pem", '-outform', 'DER', '-out', "$ENV{top_srcdir}raddb/certs/rsa/ca.crl")
+}
+
+#
+#  Build the CRL
+#
+build_crl {
+       %exec('/usr/bin/openssl', 'ca', '-gencrl', '-keyfile', "$ENV{top_srcdir}raddb/certs/rsa/ca.key", '-cert', "$ENV{top_srcdir}raddb/certs/rsa/ca.pem", '-config', "$ENV{MODULE_TEST_DIR}/ca%{clientno}.cnf", '-out', "$ENV{MODULE_TEST_DIR}/ca-crl%{clientno}.pem", '-key', 'whatever')
+       %exec('/usr/bin/openssl', 'crl', '-in', "$ENV{MODULE_TEST_DIR}/ca-crl%{clientno}.pem", '-outform', 'DER', '-out', "$ENV{MODULE_TEST_DIR}/ca%{clientno}.crl")
 }
 
 #

diff --git a/src/tests/modules/crl/reject.unlang b/src/tests/modules/crl/reject.unlang
index 54d7b7014b667182a9f15ac1cec9721ea0b56ef7..1c2fe7b9e30463e999d4d14cf150c307d9eac2dc 100644 (file)
--- a/src/tests/modules/crl/reject.unlang
+++ b/src/tests/modules/crl/reject.unlang
@@ -13,6 +13,8 @@ create_client_cert
 
 revoke_client_cert
 
+build_crl
+
 read_cert_serial
 
 session-state.TLS-Certificate.Serial = %bin(serial)

diff --git a/src/tests/modules/crl/reload.unlang b/src/tests/modules/crl/reload.unlang
index 709cd23121b281b1dc8550d1394ec92cd47c17ac..0336ca88156099b442801161678c5a6649103855 100644 (file)
--- a/src/tests/modules/crl/reload.unlang
+++ b/src/tests/modules/crl/reload.unlang
@@ -11,6 +11,8 @@ prepare_cnf
 
 create_client_cert
 
+build_crl
+
 read_cert_serial
 
 session-state.TLS-Certificate.Serial = %bin(serial)
@@ -35,6 +37,8 @@ if (!ok) {
 #
 revoke_client_cert
 
+build_crl
+
 crl {
        reject = 1
 }