On 01/28/2014 03:35 PM, Petr Viktorin wrote:
On 01/23/2014 01:54 PM, Petr Viktorin wrote:
[...]
Patch 454 changes the cert generation script for CA-less tests to use
sequential serial numbers rather than random ones, to prevent collisions.
This one is still useful though.
Ping, could someone review this?
--
PetrĀ³
From 6c6673501fcc0823f7e75875833a70635db44168 Mon Sep 17 00:00:00 2001
From: Petr Viktorin <pvikt...@redhat.com>
Date: Thu, 23 Jan 2014 13:08:04 +0100
Subject: [PATCH] CA-less tests: Use sequential certificate serial numbers
When serial numbers were generated with $RANDOM, there
could be collisions.
Use sequential numbers instead.
---
ipatests/test_integration/scripts/caless-create-pki | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/ipatests/test_integration/scripts/caless-create-pki b/ipatests/test_integration/scripts/caless-create-pki
index a0b6f13c0cdef2631640862ca85df3cc4394f7cf..f428ebae16e05644a875a35faf192f75eb149740 100644
--- a/ipatests/test_integration/scripts/caless-create-pki
+++ b/ipatests/test_integration/scripts/caless-create-pki
@@ -5,6 +5,8 @@ profile_server=(-t ,, -v 12)
crl_path=${crl_path-$(readlink -f $dbdir)}
+serial_number=0
+
gen_cert() {
local profile="$1" nick="$2" subject="$3" ca options pwfile noise csr crt
shift 3
@@ -46,7 +48,8 @@ file://$crl_path/$ca.crl
n
n
EOF
- certutil -C -d "$dbdir" -f "$pwfile" -m "$RANDOM" -i "$csr" -o "$crt" "${options[@]}" "$@"
+ serial_number=$(($serial_number+1))
+ certutil -C -d "$dbdir" -f "$pwfile" -m "$serial_number" -i "$csr" -o "$crt" "${options[@]}" "$@"
certutil -A -d "$dbdir" -n "$nick" -f "$pwfile" -i "$crt" "${options[@]}"
rm -f "$pwfile" "$noise" "$csr" "$crt"
--
1.8.4.2
_______________________________________________
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
