From 1f4f072346e388d7b6b6cf79b111952069c4e95c Mon Sep 17 00:00:00 2001 From: Stef Walter Date: Tue, 14 Jan 2014 10:00:36 +0100 Subject: Build in srcdir != builddir fashion by default Naturally this doesn't apply to tarballs --- build/Makefile.am | 9 --------- build/certs/Makefile | 51 +++++++++++++++++++++++++++++++++++++++++++++++++ build/certs/Makefile.am | 51 ------------------------------------------------- 3 files changed, 51 insertions(+), 60 deletions(-) delete mode 100644 build/Makefile.am create mode 100644 build/certs/Makefile delete mode 100644 build/certs/Makefile.am (limited to 'build') diff --git a/build/Makefile.am b/build/Makefile.am deleted file mode 100644 index 11337b1..0000000 --- a/build/Makefile.am +++ /dev/null @@ -1,9 +0,0 @@ - -SUBDIRS = certs - -EXTRA_DIST = \ - Makefile.tests - -memcheck: - -leakcheck: diff --git a/build/certs/Makefile b/build/certs/Makefile new file mode 100644 index 0000000..4e61b14 --- /dev/null +++ b/build/certs/Makefile @@ -0,0 +1,51 @@ + +# Note that nothing here is distributed. It just lives in the git repository +# We copy everything into its final location, and those test files are +# distributed in the tarballs + +TRUST = ../../trust/tests + +prepare-certs: + cp -v cacert3.der $(TRUST)/input/anchors + cp -v cacert3.der $(TRUST)/files + cp -v cacert3.der $(TRUST)/files + openssl x509 -in cacert3.der -inform DER -out $(TRUST)/files/cacert3.pem + openssl x509 -in cacert3.der -inform DER -out $(TRUST)/files/cacert3.pem + cat $(TRUST)/files/cacert3.pem $(TRUST)/files/cacert3.pem > $(TRUST)/files/cacert3-twice.pem + openssl x509 -in cacert3.der -inform DER -out $(TRUST)/files/cacert3-trusted.pem \ + -addtrust serverAuth -addreject emailProtection \ + -setalias "Custom Label" + cp $(TRUST)/files/cacert3-trusted.pem $(TRUST)/files/cacert3-trusted-server-alias.pem + openssl x509 -in cacert3.der -inform DER -out $(TRUST)/files/cacert3-trusted-alias.pem \ + -setalias "Custom Label" + openssl x509 -in cacert3.der -inform DER -out $(TRUST)/files/cacert3-distrust-all.pem \ + -addreject serverAuth -addreject clientAuth -addreject codeSigning \ + -addreject emailProtection -addreject ipsecEndSystem -addreject ipsecTunnel \ + -addreject ipsecUser -addreject timeStamping + openssl x509 -in verisign-v1.der -inform DER -out $(TRUST)/files/verisign-v1.pem \ + -setalias "Custom Label" + cat $(TRUST)/files/cacert3-trusted-server-alias.pem \ + $(TRUST)/files/verisign-v1.pem > $(TRUST)/files/multiple.pem + cp -v cacert-ca.der $(TRUST)/input + cp -v cacert-ca.der $(TRUST)/files + openssl x509 -in redhat-newca.der -inform DER -out $(TRUST)/files/distrusted.pem \ + -addreject clientAuth -setalias "Red Hat Is the CA" + cp -v $(TRUST)/files/distrusted.pem $(TRUST)/input + cp -v self-server.der $(TRUST)/input/blacklist + cp -v self-signed-with-eku.der $(TRUST)/files + cp -v self-signed-with-ku.der $(TRUST)/files + cp -v testing-ca.der $(TRUST)/input/anchors + cp -v testing-server.der $(TRUST)/files + +# Rebuild the self-signed certificates. This is almost never necessary and +# will require other changes in the code, mostly here as documentation +build-self-signed: + openssl req -new -x509 -outform DER -out self-signed-with-eku.der \ + -newkey rsa -keyout /dev/null -nodes -subj /CN=self-signed-with-eku.example.com \ + -config with-eku.conf -set_serial 888 -extensions v3_ca + openssl req -new -x509 -outform DER -out self-signed-with-ku.der \ + -newkey rsa -keyout /dev/null -nodes -subj /CN=self-signed-with-ku.example.com \ + -config with-ku.conf -set_serial 888 -extensions v3_ca + openssl req -new -x509 -outform DER -out distant-end-date.der \ + -newkey rsa:512 -keyout /dev/null -nodes -subj /CN=far-in-the-future.example.com \ + -config with-ku.conf -set_serial 999 -extensions v3_ca -days 20000 diff --git a/build/certs/Makefile.am b/build/certs/Makefile.am deleted file mode 100644 index 031cba0..0000000 --- a/build/certs/Makefile.am +++ /dev/null @@ -1,51 +0,0 @@ - -# Note that nothing here is distributed. It just lives in the git repository -# We copy everything into its final location, and those test files are -# distributed in the tarballs - -TRUST = $(top_srcdir)/trust/tests - -prepare-certs: - cp -v cacert3.der $(TRUST)/input/anchors - cp -v cacert3.der $(TRUST)/files - cp -v cacert3.der $(TRUST)/files - openssl x509 -in cacert3.der -inform DER -out $(TRUST)/files/cacert3.pem - openssl x509 -in cacert3.der -inform DER -out $(TRUST)/files/cacert3.pem - cat $(TRUST)/files/cacert3.pem $(TRUST)/files/cacert3.pem > $(TRUST)/files/cacert3-twice.pem - openssl x509 -in cacert3.der -inform DER -out $(TRUST)/files/cacert3-trusted.pem \ - -addtrust serverAuth -addreject emailProtection \ - -setalias "Custom Label" - cp $(TRUST)/files/cacert3-trusted.pem $(TRUST)/files/cacert3-trusted-server-alias.pem - openssl x509 -in cacert3.der -inform DER -out $(TRUST)/files/cacert3-trusted-alias.pem \ - -setalias "Custom Label" - openssl x509 -in cacert3.der -inform DER -out $(TRUST)/files/cacert3-distrust-all.pem \ - -addreject serverAuth -addreject clientAuth -addreject codeSigning \ - -addreject emailProtection -addreject ipsecEndSystem -addreject ipsecTunnel \ - -addreject ipsecUser -addreject timeStamping - openssl x509 -in verisign-v1.der -inform DER -out $(TRUST)/files/verisign-v1.pem \ - -setalias "Custom Label" - cat $(TRUST)/files/cacert3-trusted-server-alias.pem \ - $(TRUST)/files/verisign-v1.pem > $(TRUST)/files/multiple.pem - cp -v cacert-ca.der $(TRUST)/input - cp -v cacert-ca.der $(TRUST)/files - openssl x509 -in redhat-newca.der -inform DER -out $(TRUST)/files/distrusted.pem \ - -addreject clientAuth -setalias "Red Hat Is the CA" - cp -v $(TRUST)/files/distrusted.pem $(TRUST)/input - cp -v self-server.der $(TRUST)/input/blacklist - cp -v self-signed-with-eku.der $(TRUST)/files - cp -v self-signed-with-ku.der $(TRUST)/files - cp -v testing-ca.der $(TRUST)/input/anchors - cp -v testing-server.der $(TRUST)/files - -# Rebuild the self-signed certificates. This is almost never necessary and -# will require other changes in the code, mostly here as documentation -build-self-signed: - openssl req -new -x509 -outform DER -out self-signed-with-eku.der \ - -newkey rsa -keyout /dev/null -nodes -subj /CN=self-signed-with-eku.example.com \ - -config with-eku.conf -set_serial 888 -extensions v3_ca - openssl req -new -x509 -outform DER -out self-signed-with-ku.der \ - -newkey rsa -keyout /dev/null -nodes -subj /CN=self-signed-with-ku.example.com \ - -config with-ku.conf -set_serial 888 -extensions v3_ca - openssl req -new -x509 -outform DER -out distant-end-date.der \ - -newkey rsa:512 -keyout /dev/null -nodes -subj /CN=far-in-the-future.example.com \ - -config with-ku.conf -set_serial 999 -extensions v3_ca -days 20000 -- cgit v1.1