On 25.11.2014 10:43, Petr Spacek wrote:
> On 7.11.2014 14:41, Martin Kosek wrote:
>> FreeIPA team will soon grow with a new member focusing on upstream QE tests. 
>> I
>> would like to collect ideas what are the biggest gaps in the current upstream
>> test suite from your POV.
>> Existing requests are tracked here:
>> https://fedorahosted.org/freeipa/query?status=assigned&status=new&status=reopened&component=Tests&col=id&col=summary&col=component&col=status&col=owner&col=type&col=priority&col=milestone&group=milestone&order=priority
>> First idea that I head proposed are Upgrade tests. These are often done
>> manually. I think that upgrade test from currently supported FreeIPA/Fedora
>> version would go a long way (like 3.3.5 on F20 upgraded built RPMs and 
>> running
>> unit tests).
>> Second, it would be nice to try testing FreeIPA server in a container. Not
>> only it would verify our container efforts, but it may also allow easy
>> multi-master tests on one Jenkins VM or local host instead of expensive VM
>> orchestration.
>> Any other areas worth focusing on (besides of course testing newly developed
>> features)?
> At least simple automated MitM attack against TLS.
> First thing which comes to mind is CLI<->server interaction and also
> certmonger<->server interaction.
> TLS is hard to get right and if I recall it correctly we already had a problem
> with certificate validation...

Related link:

"The Nogotofail tool requires Python 2.7 and pyOpenSSL>=0.13. It features an
on-path network Man-in-the-Middle (MiTM), designed to work on Linux machines,
as well and optional clients for the devices being tested."

Petr^2 Spacek

Freeipa-devel mailing list

Reply via email to