You are viewing a plain text version of this content. The canonical link for it is here.
Posted to test-dev@httpd.apache.org by Stas Bekman <st...@stason.org> on 2003/08/12 21:20:32 UTC

[patch] Re: httpd-test: failing to generate certificates for testing

Stas Bekman wrote:
> Joe Orton wrote:
> 
>> On Tue, Jul 29, 2003 at 05:12:24PM +0200, Stas Bekman wrote:
>> ...
>>
>>> Certificate is to be certified until Jul 28 15:07:29 2004 GMT (365 days)
>>> failed to update database
>>> TXT_DB error number 2

After debugging this problem, I've figured that the failure is due to the fact 
that it tries to reuse the same index.txt files for many certificates. The 
following patch fixes that, by creating a separate foo-index.txt for each 
module. Please test that I didn't break anything, it fixes the problem for me.

Index: Apache-Test/lib/Apache/TestSSLCA.pm
===================================================================
RCS file: 
/home/cvs/httpd-test/perl-framework/Apache-Test/lib/Apache/TestSSLCA.pm,v
retrieving revision 1.13
diff -u -r1.13 TestSSLCA.pm
--- Apache-Test/lib/Apache/TestSSLCA.pm	9 Feb 2003 23:06:07 -0000	1.13
+++ Apache-Test/lib/Apache/TestSSLCA.pm	12 Aug 2003 19:22:42 -0000
@@ -172,7 +172,9 @@
      return $file if -e $file;

      my $dn = dn($name);
-    my $db = SSLCA_DB;
+    my $db = sslca_db($name);
+
+    writefile($db, '', 1);

      writefile($file, <<EOF);
  [ req ]
@@ -245,7 +247,6 @@
  my $digest_auth_hash    = '$1$OXLyS...$Owx8s2/m9/gfkcRVXzgoE/';

  sub new_ca {
-    writefile(SSLCA_DB, '', 1);
      writefile('serial', "01\n", 1);

      writefile('ssl.htpasswd',
@@ -306,6 +307,11 @@
                        "-out export/$name.p12", $passin, $passout;
  }

+sub sslca_db {
+    my $name = shift;
+    return "$name-" . SSLCA_DB;
+}
+
  sub revoke_cert {
      my $name = shift;

@@ -314,11 +320,12 @@
      #revokes in the SSLCA_DB database
      openssl ca => "-revoke certs/$name.crt", @args;

-    unless (-e SSLCA_DB) {
+    my $db = sslca_db($name);
+    unless (-e $db) {
          #hack required for win32
-        my $new = join '.', SSLCA_DB, 'new';
+        my $new = join '.', $db, 'new';
          if (-e $new) {
-            cp $new, SSLCA_DB;
+            cp $new, $db;
          }
      }

Index: Apache-Test/Changes
===================================================================
RCS file: /home/cvs/httpd-test/perl-framework/Apache-Test/Changes,v
retrieving revision 1.38
diff -u -r1.38 Changes
--- Apache-Test/Changes	11 Aug 2003 20:07:07 -0000	1.38
+++ Apache-Test/Changes	12 Aug 2003 19:22:42 -0000
@@ -8,6 +8,10 @@

  =item 1.04-dev -

+fix Apache::TestSSLCA to generate a separate index.txt file for each
+new certificate it generates, on certain platforms openssl fails to
+re-use the same file. [Stas]
+
  remove the unused example section from t/conf/extra.conf.in, it made
  an assumption that mod_auth is available [Stas]


__________________________________________________________________
Stas Bekman            JAm_pH ------> Just Another mod_perl Hacker
http://stason.org/     mod_perl Guide ---> http://perl.apache.org
mailto:stas@stason.org http://use.perl.org http://apacheweek.com
http://modperlbook.org http://apache.org   http://ticketmaster.com