ag/cpython-source-deps
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Import OpenSSL 1.1.0i

Browse Source
This commit is contained in:
Steve Dower
2018-08-14 08:22:53 -07:00
parent 807cee26df
commit 6960e8d7c7
282 changed files with 5215 additions and 2261 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
test/certs/setup.sh
View File

@@ -241,15 +241,30 @@ NC="$NC excluded;DNS:bad.ok.good.com"
NC=$NC ./mkcert.sh genca "Test NC sub CA" ncca3-key ncca3-cert \
ncca1-key ncca1-cert
# all subjectAltNames allowed by CA1.
# all subjectAltNames allowed by CA1. Some CNs are not!
./mkcert.sh req alt1-key "O = Good NC Test Certificate 1" \
"1.CN=www.good.org" "2.CN=Joe Bloggs" "3.CN=any.good.com" | \
"1.CN=www.example.net" "2.CN=Joe Bloggs" | \
./mkcert.sh geneealt alt1-key alt1-cert ncca1-key ncca1-cert \
"DNS.1 = www.good.org" "DNS.2 = any.good.com" \
"email.1 = good@good.org" "email.2 = any@good.com" \
"IP = 127.0.0.1" "IP = 192.168.0.1"
# all DNS-like CNs allowed by CA1, no DNS SANs.
./mkcert.sh req goodcn1-key "O = Good NC Test Certificate 1" \
"1.CN=www.good.org" "2.CN=any.good.com" \
"3.CN=not..dns" "4.CN=not@dns" "5.CN=not-.dns" "6.CN=not.dns." | \
./mkcert.sh geneealt goodcn1-key goodcn1-cert ncca1-key ncca1-cert \
"IP = 127.0.0.1" "IP = 192.168.0.1"
# Some DNS-like CNs not permitted by CA1, no DNS SANs.
./mkcert.sh req badcn1-key "O = Good NC Test Certificate 1" \
"1.CN=www.good.org" "3.CN=bad.net" | \
./mkcert.sh geneealt badcn1-key badcn1-cert ncca1-key ncca1-cert \
"IP = 127.0.0.1" "IP = 192.168.0.1"
# no subjectAltNames excluded by CA2.
./mkcert.sh req alt2-key "O = Good NC Test Certificate 2" | \
@@ -293,19 +308,17 @@ NC=$NC ./mkcert.sh genca "Test NC sub CA" ncca3-key ncca3-cert \
"email.1 = good@good.org" "email.2 = any@good.com" \
"IP = 127.0.0.2"
# all subject alt names OK but subject CN not allowed by CA1.
# No DNS-ID SANs and subject CN not allowed by CA1.
./mkcert.sh req badalt6-key "O = Bad NC Test Certificate 6" \
"1.CN=other.good.org" "2.CN=Joe Bloggs" "3.CN=any.good.com" | \
./mkcert.sh geneealt badalt6-key badalt6-cert ncca1-key ncca1-cert \
"DNS.1 = www.good.org" "DNS.2 = any.good.com" \
"email.1 = good@good.org" "email.2 = any@good.com" \
"IP = 127.0.0.1" "IP = 192.168.0.1"
# all subject alt names OK but subject CN not allowed by CA1, BMPSTRING
# No DNS-ID SANS and subject CN not allowed by CA1, BMPSTRING
REQMASK=MASK:0x800 ./mkcert.sh req badalt7-key "O = Bad NC Test Certificate 7" \
"1.CN=other.good.org" "2.CN=Joe Bloggs" "3.CN=any.good.com" | \
./mkcert.sh geneealt badalt7-key badalt7-cert ncca1-key ncca1-cert \
"DNS.1 = www.good.org" "DNS.2 = any.good.com" \
"email.1 = good@good.org" "email.2 = any@good.com" \
"IP = 127.0.0.1" "IP = 192.168.0.1"