On 25.11.2014 10:43, Petr Spacek wrote:
> On 7.11.2014 14:41, Martin Kosek wrote:
>> FreeIPA team will soon grow with a new member focusing on upstream QE tests.
>> would like to collect ideas what are the biggest gaps in the current upstream
>> test suite from your POV.
>> Existing requests are tracked here:
>> First idea that I head proposed are Upgrade tests. These are often done
>> manually. I think that upgrade test from currently supported FreeIPA/Fedora
>> version would go a long way (like 3.3.5 on F20 upgraded built RPMs and
>> unit tests).
>> Second, it would be nice to try testing FreeIPA server in a container. Not
>> only it would verify our container efforts, but it may also allow easy
>> multi-master tests on one Jenkins VM or local host instead of expensive VM
>> Any other areas worth focusing on (besides of course testing newly developed
> At least simple automated MitM attack against TLS.
> First thing which comes to mind is CLI<->server interaction and also
> certmonger<->server interaction.
> TLS is hard to get right and if I recall it correctly we already had a problem
> with certificate validation...
"The Nogotofail tool requires Python 2.7 and pyOpenSSL>=0.13. It features an
on-path network Man-in-the-Middle (MiTM), designed to work on Linux machines,
as well and optional clients for the devices being tested."
Freeipa-devel mailing list