From: Remi Gacogne <remi.gacogne@powerdns.com>
Date: Fri, 10 Feb 2023 10:43:07 +0000 (+0100)
Subject: dnsdist: Move the certs handling to a Makefile in the regression tests
X-Git-Tag: dnsdist-1.8.0-rc1~30^2~1
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=995a5b9b9d472d4005dd422c5deb4872dda79ab3;p=thirdparty%2Fpdns.git

dnsdist: Move the certs handling to a Makefile in the regression tests

This makes my life easier during testing, and feels cleaner.
---

diff --git a/regression-tests.dnsdist/.gitignore b/regression-tests.dnsdist/.gitignore
index aaff017f1f..bde839b044 100644
--- a/regression-tests.dnsdist/.gitignore
+++ b/regression-tests.dnsdist/.gitignore
@@ -17,3 +17,5 @@
 /server.ocsp
 /server.p12
 /configs
+/dnsdist.log
+/dnsdist_test.conf
diff --git a/regression-tests.dnsdist/Makefile b/regression-tests.dnsdist/Makefile
new file mode 100644
index 0000000000..3bb54e9190
--- /dev/null
+++ b/regression-tests.dnsdist/Makefile
@@ -0,0 +1,15 @@
+clean-certs:
+	rm -f ca.key ca.pem ca.srl server.csr server.key server.pem server.chain server.ocsp
+clean-config:
+	rm -rf configs/*
+certs:
+	# Generate a new CA
+	openssl req -new -x509 -days 1 -extensions v3_ca -keyout ca.key -out ca.pem -nodes -config configCA.conf
+	# Generate a new server certificate request
+	openssl req -new -newkey rsa:2048 -nodes -keyout server.key -out server.csr -config configServer.conf
+	# Sign the server cert
+	openssl x509 -req -days 1 -CA ca.pem -CAkey ca.key -CAcreateserial -in server.csr -out server.pem -extfile configServer.conf -extensions v3_req
+	# Generate a chain
+	cat server.pem ca.pem > server.chain
+	# Generate a password-protected PKCS12 file
+	openssl pkcs12 -export -passout pass:passw0rd -clcerts -in server.pem -CAfile ca.pem -inkey server.key -out server.p12
diff --git a/regression-tests.dnsdist/runtests b/regression-tests.dnsdist/runtests
index 3bbcae05ef..36e0d50dcd 100755
--- a/regression-tests.dnsdist/runtests
+++ b/regression-tests.dnsdist/runtests
@@ -39,19 +39,9 @@ if [ "${PDNS_DEBUG}" = "YES" ]; then
   set -x
 fi
 
-rm -f ca.key ca.pem ca.srl server.csr server.key server.pem server.chain server.ocsp
-rm -rf configs/*
-
-# Generate a new CA
-openssl req -new -x509 -days 1 -extensions v3_ca -keyout ca.key -out ca.pem -nodes -config configCA.conf
-# Generate a new server certificate request
-openssl req -new -newkey rsa:2048 -nodes -keyout server.key -out server.csr -config configServer.conf
-# Sign the server cert
-openssl x509 -req -days 1 -CA ca.pem -CAkey ca.key -CAcreateserial -in server.csr -out server.pem -extfile configServer.conf -extensions v3_req
-# Generate a chain
-cat server.pem ca.pem > server.chain
-# Generate a password-protected PKCS12 file
-openssl pkcs12 -export -passout pass:passw0rd -clcerts -in server.pem -CAfile ca.pem -inkey server.key -out server.p12
+make clean-certs
+make clean-configs
+make certs
 
 out=$(mktemp)
 set -o pipefail
@@ -68,4 +58,4 @@ if ! nosetests --with-xunit $@ 2>&1 | tee "${out}" ; then
 fi
 rm -f "${out}"
 
-rm -f ca.key ca.pem ca.srl server.csr server.key server.pem server.chain server.ocsp
+make clean-certs