diff options
author | Ed Tanous <ed@tanous.net> | 2024-03-28 08:03:05 +0300 |
---|---|---|
committer | Ed Tanous <ed@tanous.net> | 2024-06-10 18:18:59 +0300 |
commit | 099225cc9300c8e06b742a48318df75b0366561f (patch) | |
tree | 59725b175cf3b47f2cc94d0abaf8db02d303e952 /test/include | |
parent | 2ecde74fa187366dc4ed628e61a88015cdbeb769 (diff) | |
download | bmcweb-099225cc9300c8e06b742a48318df75b0366561f.tar.xz |
Make cert generate for readonly directories
When run from a development PC, we shouldn't REQUIRE that the cert
directory exists or is writable.
This commit reworks the SSL cert generation to generate a string with
the certification info, instead of writing it to disk and reading it
back. This allows bmcweb to start up in read-only environments, or
environments where there isn't access to the key information.
Tested: Launching the application on a dev desktop without an ssl
directory present no longer crashes.
Change-Id: I0d44eb1ce8d298986c5560803ca2d72958d3707c
Signed-off-by: Ed Tanous <ed@tanous.net>
Diffstat (limited to 'test/include')
-rw-r--r-- | test/include/ssl_key_handler_test.cpp | 26 |
1 files changed, 26 insertions, 0 deletions
diff --git a/test/include/ssl_key_handler_test.cpp b/test/include/ssl_key_handler_test.cpp new file mode 100644 index 0000000000..f60252ff6e --- /dev/null +++ b/test/include/ssl_key_handler_test.cpp @@ -0,0 +1,26 @@ +#include "file_test_utilities.hpp" +#include "ssl_key_handler.hpp" + +#include <gmock/gmock.h> +#include <gtest/gtest.h> + +namespace ensuressl +{ + +TEST(SSLKeyHandler, GenerateVerifyRoundTrip) +{ + /* Verifies that we can generate a certificate, then read back in the + * certificate that was read */ + TemporaryFileHandle myFile(""); + std::string cert = generateSslCertificate("TestCommonName"); + + EXPECT_FALSE(cert.empty()); + + writeCertificateToFile(myFile.stringPath, cert); + + std::string cert2 = verifyOpensslKeyCert(myFile.stringPath); + EXPECT_FALSE(cert2.empty()); + EXPECT_EQ(cert, cert2); +} + +} // namespace ensuressl |