diff options
author | Jiri Vanek <[email protected]> | 2012-05-30 12:31:19 +0200 |
---|---|---|
committer | Jiri Vanek <[email protected]> | 2012-05-30 12:31:19 +0200 |
commit | 6ca14c7a025933935d80e55635587be6f6d4fc00 (patch) | |
tree | de5ab489cdbbd8ce8732786d387cf81185ba4828 | |
parent | 4799d06d31c948378700559beff543a9eb9c2924 (diff) |
handling of multiple testing certificates in bulk
-rw-r--r-- | ChangeLog | 26 | ||||
-rw-r--r-- | Makefile.am | 87 | ||||
-rw-r--r-- | tests/jnlp_tests/README | 5 |
3 files changed, 90 insertions, 28 deletions
@@ -1,3 +1,29 @@ +2012-05-30 Jiri Vanek <[email protected]> + + Enabled multiple certificates and extracted variables + * Makefile.am: EXPORTED_TEST_CERT by EXPORTED_TEST_CERT_PREFIX and + EXPORTED_TEST_CERT_SUFIX for further composition + SIGNED_REPRODUCERS new variable for iterating through signed reproducers + SIMPLE_REPRODUCERS new variable for iterating through simple reproducers + ALL_REPRODUCER new variable for iterating through all reproducers + (junit-jnlp-dist-signed.txt) replaced by + (stamps/junit-jnlp-dist-signed.stamp) which generates + junit-jnlp-dist-signedX.txt for each directory with signed reproducers + (stamps/netx-dist-tests-prepare-reproducers.stamp) + (stamps/change-dots-to-paths.stamp) + (stamps/netx-dist-tests-compile-testcases.stamp) + (run-netx-dist-codecoverage): extracted variables + (clean-netx-dist-tests): iterates through all the list and removes them + (stamps/netx-dist-tests-sign-some-reproducers.stamp): now iterate through + SIGNED_REPRODUCERS and creates special certificate for each member. Each + jar from this directory is then signed by corresponding certificate + (netx-dist-tests-remove-cert-from-public): iterates through all certificates + (stamps/netx-dist-tests-import-cert-to-public): exports each certificate + created during tests preparations + ($(EXPORTED_TEST_CERT)) replaced by stamps/exported-test-certs.stamp which + create for each of SIGNED_REPRODUCERS individual certificate + (tests/jnlp_tests/README): mentioned possibility of multiple certificate + 2012-05-29 Jiri Vanek <[email protected]> * netx/net/sourceforge/jnlp/runtime/JNLPClassLoader.java: (getPermissions): diff --git a/Makefile.am b/Makefile.am index a77e860..641f4a3 100644 --- a/Makefile.am +++ b/Makefile.am @@ -24,7 +24,8 @@ JNLP_TESTS_SERVER_DEPLOYDIR=$(TESTS_DIR)/jnlp_test_server JNLP_TESTS_DIR=$(TESTS_DIR)/jnlp_tests PRIVATE_KEYSTORE_NAME=teststore.ks PRIVATE_KEYSTORE_PASS=123456789 -EXPORTED_TEST_CERT=icedteatests.crt +EXPORTED_TEST_CERT_PREFIX=icedteatests +EXPORTED_TEST_CERT_SUFIX=crt TEST_CERT_ALIAS=icedteaweb PUBLIC_KEYSTORE=${HOME}/.icedtea/security/trusted.certs PUBLIC_KEYSTORE_PASS=changeit @@ -35,6 +36,10 @@ REPRODUCERS_CLASS_NAMES = $(abs_top_builddir)/reproducers_class_names REPRODUCERS_CLASS_WHITELIST = $(abs_top_srcdir)/netx-dist-tests-whitelist EMMA_JAVA_ARGS=-Xmx2G META_MANIFEST = META-INF/MANIFEST.MF +SIGNED_REPRODUCERS=signed +SIMPLE_REPRODUCERS=simple +ALL_REPRODUCERS=$(SIMPLE_REPRODUCERS) $(SIGNED_REPRODUCERS) + # linking variables PLUGIN_LINK_NAME=libjavaplugin.so @@ -487,7 +492,7 @@ $(JUNIT_RUNNER_JAR): junit-runner-source-files.txt stamps/netx-dist-tests-compil @junit-runner-source-files.txt && \ $(BOOT_DIR)/bin/jar cf $@ -C $(JUNIT_RUNNER_DIR) . -stamps/junit-jnlp-dist-dirs: junit-jnlp-dist-simple.txt junit-jnlp-dist-signed.txt +stamps/junit-jnlp-dist-dirs: junit-jnlp-dist-simple.txt stamps/junit-jnlp-dist-signed.stamp mkdir -p $(JNLP_TESTS_SERVER_DEPLOYDIR) mkdir -p $(JNLP_TESTS_DIR) touch $@ @@ -496,12 +501,18 @@ junit-jnlp-dist-simple.txt: cd $(JNLP_TESTS_SRCDIR)/simple/ ; \ find . -maxdepth 1 -mindepth 1 | sed "s/.\/*//" > $(abs_top_builddir)/$@ -junit-jnlp-dist-signed.txt: - cd $(JNLP_TESTS_SRCDIR)/signed/ ; \ - find . -maxdepth 1 -mindepth 1 | sed "s/.\/*//" > $(abs_top_builddir)/$@ +stamps/junit-jnlp-dist-signed.stamp: + types=($(SIGNED_REPRODUCERS)) ; \ + for which in "$${types[@]}" ; do \ + pushd $(JNLP_TESTS_SRCDIR)/$$which/ ; \ + find . -maxdepth 1 -mindepth 1 | sed "s/.\/*//" > $(abs_top_builddir)/junit-jnlp-dist-$$which.txt ; \ + popd ; \ + done ; \ + mkdir -p stamps && \ + touch $@ stamps/netx-dist-tests-prepare-reproducers.stamp: stamps/junit-jnlp-dist-dirs - types=(simple signed); \ + types=($(ALL_REPRODUCERS)); \ for which in "$${types[@]}" ; do \ . $(abs_top_srcdir)/NEW_LINE_IFS ; \ simpleReproducers=(`cat $(abs_top_builddir)/junit-jnlp-dist-$$which.txt `); \ @@ -535,19 +546,23 @@ stamps/netx-dist-tests-prepare-reproducers.stamp: stamps/junit-jnlp-dist-dirs stamps/netx-dist-tests-sign-some-reproducers.stamp: stamps/netx-dist-tests-prepare-reproducers.stamp keystore=$(abs_top_builddir)/$(PRIVATE_KEYSTORE_NAME); \ - $(BOOT_DIR)/bin/keytool -genkey -alias $(TEST_CERT_ALIAS) -keystore $$keystore -keypass $(PRIVATE_KEYSTORE_PASS) -storepass $(PRIVATE_KEYSTORE_PASS) -dname "cn=$(TEST_CERT_ALIAS), ou=$(TEST_CERT_ALIAS), o=$(TEST_CERT_ALIAS), c=$(TEST_CERT_ALIAS)" ; \ - . $(abs_top_srcdir)/NEW_LINE_IFS ; \ - signedReproducers=(`cat $(abs_top_builddir)/junit-jnlp-dist-signed.txt `); \ - IFS="$$IFS_BACKUP" ; \ - for dir in "$${signedReproducers[@]}" ; do \ - $(BOOT_DIR)/bin/jarsigner -keystore $$keystore -storepass $(PRIVATE_KEYSTORE_PASS) -keypass $(PRIVATE_KEYSTORE_PASS) "$(JNLP_TESTS_SERVER_DEPLOYDIR)/$$dir.jar" $(TEST_CERT_ALIAS) ; \ - done ; \ - mkdir -p stamps && \ - touch $@ + types=($(SIGNED_REPRODUCERS)) ; \ + for which in "$${types[@]}" ; do \ + tcaw=$(TEST_CERT_ALIAS)_$$which ; \ + $(BOOT_DIR)/bin/keytool -genkey -alias $$tcaw -keystore $$keystore -keypass $(PRIVATE_KEYSTORE_PASS) -storepass $(PRIVATE_KEYSTORE_PASS) -dname "cn=$$tcaw, ou=$$tcaw, o=$$tcaw, c=$$tcaw" ; \ + . $(abs_top_srcdir)/NEW_LINE_IFS ; \ + signedReproducers=(`cat $(abs_top_builddir)/junit-jnlp-dist-$$which.txt `); \ + IFS="$$IFS_BACKUP" ; \ + for dir in "$${signedReproducers[@]}" ; do \ + $(BOOT_DIR)/bin/jarsigner -keystore $$keystore -storepass $(PRIVATE_KEYSTORE_PASS) -keypass $(PRIVATE_KEYSTORE_PASS) "$(JNLP_TESTS_SERVER_DEPLOYDIR)/$$dir.jar" $$tcaw ; \ + done ; \ + done ; \ + mkdir -p stamps && \ + touch $@ stamps/change-dots-to-paths.stamp: stamps/netx-dist-tests-sign-some-reproducers.stamp pushd $(JNLP_TESTS_SERVER_DEPLOYDIR); \ - types=(simple signed); \ + types=($(ALL_REPRODUCERS)); \ for which in "$${types[@]}" ; do \ . $(abs_top_srcdir)/NEW_LINE_IFS ; \ simpleReproducers=(`cat $(abs_top_builddir)/junit-jnlp-dist-$$which.txt `); \ @@ -578,16 +593,27 @@ stamps/change-dots-to-paths.stamp: stamps/netx-dist-tests-sign-some-reproducers. touch $@ #this always tries to remove previous testcert -$(EXPORTED_TEST_CERT): stamps/change-dots-to-paths.stamp netx-dist-tests-remove-cert-from-public - keytool -export -alias $(TEST_CERT_ALIAS) -file $(EXPORTED_TEST_CERT) -storepass $(PRIVATE_KEYSTORE_PASS) -keystore $(PRIVATE_KEYSTORE_NAME) +stamps/exported-test-certs.stamp: stamps/change-dots-to-paths.stamp netx-dist-tests-remove-cert-from-public + types=($(SIGNED_REPRODUCERS)) ; \ + for which in "$${types[@]}" ; do \ + keytool -export -alias $(TEST_CERT_ALIAS)_$$which -file $(EXPORTED_TEST_CERT_PREFIX)_$$which.$(EXPORTED_TEST_CERT_SUFIX) -storepass $(PRIVATE_KEYSTORE_PASS) -keystore $(PRIVATE_KEYSTORE_NAME) ; \ + done ; + mkdir -p stamps && \ + touch $@ -stamps/netx-dist-tests-import-cert-to-public: $(EXPORTED_TEST_CERT) - yes | $(BOOT_DIR)/bin/keytool -import -alias $(TEST_CERT_ALIAS) -keystore $(PUBLIC_KEYSTORE) -storepass $(PUBLIC_KEYSTORE_PASS) -file $(EXPORTED_TEST_CERT); \ - mkdir -p stamps && \ - touch $@ +stamps/netx-dist-tests-import-cert-to-public: stamps/exported-test-certs.stamp + types=($(SIGNED_REPRODUCERS)) ; \ + for which in "$${types[@]}" ; do \ + yes | $(BOOT_DIR)/bin/keytool -import -alias $(TEST_CERT_ALIAS)_$$which -keystore $(PUBLIC_KEYSTORE) -storepass $(PUBLIC_KEYSTORE_PASS) -file $(EXPORTED_TEST_CERT_PREFIX)_$$which.$(EXPORTED_TEST_CERT_SUFIX) ;\ + done ; + mkdir -p stamps && \ + touch $@ netx-dist-tests-remove-cert-from-public: - -$(BOOT_DIR)/bin/keytool -delete -alias $(TEST_CERT_ALIAS) -keystore $(PUBLIC_KEYSTORE) -storepass $(PUBLIC_KEYSTORE_PASS) + -types=($(SIGNED_REPRODUCERS)) ; \ + for which in "$${types[@]}" ; do \ + $(BOOT_DIR)/bin/keytool -delete -alias $(TEST_CERT_ALIAS)_$$which -keystore $(PUBLIC_KEYSTORE) -storepass $(PUBLIC_KEYSTORE_PASS) ; \ + done ; -rm -rf stamps/netx-dist-tests-import-cert-to-public netx-dist-tests-source-files.txt: @@ -605,7 +631,7 @@ stamps/netx-dist-tests-compile.stamp: stamps/netx.stamp \ stamps/netx-dist-tests-compile-testcases.stamp: stamps/netx.stamp stamps/junit-jnlp-dist-dirs \ netx-dist-tests-source-files.txt stamps/netx-dist-tests-compile.stamp - types=(simple signed); \ + types=($(ALL_REPRODUCERS)); \ for which in "$${types[@]}" ; do \ . $(abs_top_srcdir)/NEW_LINE_IFS ; \ simpleReproducers=(`cat $(abs_top_builddir)/junit-jnlp-dist-$$which.txt `); \ @@ -876,7 +902,7 @@ if WITH_EMMA chmod 777 $(DESTDIR)$(bindir)/$(javaws) ; \ testcases_srcs=( ) ; \ k=0 ; \ - types=(simple signed); \ + types=($(ALL_REPRODUCERS)); \ for which in "$${types[@]}" ; do \ . $(abs_top_srcdir)/NEW_LINE_IFS ; \ simpleReproducers=(`cat $(abs_top_builddir)/junit-jnlp-dist-$$which.txt `); \ @@ -940,7 +966,7 @@ run-test-code-coverage: run-unit-test-code-coverage run-reproducers-test-code-co if WITH_EMMA cd $(TESTS_DIR) ; \ k=0 ; \ - types=(simple signed); \ + types=($(ALL_REPRODUCERS)); \ for which in "$${types[@]}" ; do \ . $(abs_top_srcdir)/NEW_LINE_IFS ; \ simpleReproducers=(`cat $(abs_top_builddir)/junit-jnlp-dist-$$which.txt `); \ @@ -1004,10 +1030,15 @@ clean-netx-dist-tests: clean_tests_reports netx-dist-tests-remove-cert-from-publ rm -f stamps/netx-dist-tests-sign-some-reproducers.stamp rm -f stamps/change-dots-to-paths.stamp rm -f junit-jnlp-dist-simple.txt - rm -f junit-jnlp-dist-signed.txt + types=($(SIGNED_REPRODUCERS)) ; \ + for which in "$${types[@]}" ; do \ + rm -f junit-jnlp-dist-$$which.txt ; \ + rm -f $(EXPORTED_TEST_CERT_PREFIX)_$$which.$(EXPORTED_TEST_CERT_SUFIX) ; \ + done ; + rm -f stamps/exported-test-certs.stamp + rm -f stamps/junit-jnlp-dist-signed.stamp rm -f $(REPRODUCERS_CLASS_NAMES) rm -f $(abs_top_builddir)/$(PRIVATE_KEYSTORE_NAME) - rm -f $(EXPORTED_TEST_CERT) rm -f stamps/run-netx-dist-tests.stamp clean-unit-test-code-coverage: diff --git a/tests/jnlp_tests/README b/tests/jnlp_tests/README index f226b64..eff2b34 100644 --- a/tests/jnlp_tests/README +++ b/tests/jnlp_tests/README @@ -8,3 +8,8 @@ Files in advanced directory have to care about themselves, but even those can ha parts inside simple directory, so some parts of them are processed automatically. There are three reproducers – simpletest1, simpletest2 and deadlocktest, which tests test’s suite itself and serve as examples of behaviour. + +Directory "signed" is listed in Makefile.am. You can specify as much to-be-signed +directories as you want. And jars in each of those signed directories will be +signed by their's own unique key (number of signed directories == number of certificates). +Do not forget to add each this directory into list n Makefile.am |