raboof/pekko
1
0
Fork 0
Code Issues Pull requests Projects Releases 6 Packages Wiki Activity Actions 11

Issue 203: Update the truststore/keystore for stream-tests (#301)

Browse source 
* Update the stream-tests truststore/keystore to refer to pekko-remote

The same truststore/keyspace as the one generate with the Makefile at remote/src/test/resources is used here"

* Revert "Update the stream-tests truststore/keystore to refer to pekko-remote"

This reverts commit 7bab689bb6257e80d2bd8cdff2b8a715bb08c619.

* Issue 203: Update keystore/truststore for stream-tests:

Note that no SAN extension file is used in this case. Therefore the verify hostname code looks at the CN= instead of the subjectAltName field.
I've added a Makefile here to make it easier to regenerate this in future: just delete the trust/keystores and run 'make'

* 203: Add comment explaining new Makefile
This commit is contained in:
Sam Byng 2023-04-28 18:29:38 +01:00 committed by GitHub
parent dcacb0ff03
commit 46b02c6640
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
5 changed files with 21 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

19
stream-tests/src/test/resources/Makefile Normal file
View file

@ -0,0 +1,19 @@
# Documents how truststore and keystore were created
# A similar Makefile is found in remote/src/test/resources/, however here the cert is created without specifying a Subject Alternate Name
all: truststore keystore
truststore: domain.crt
keytool -importcert -file domain.crt -keystore truststore -deststorepass changeme
keystore: domain.crt domain.key
openssl pkcs12 -export -inkey domain.key -passin pass:changeme -in domain.crt -out keystore -passout pass:changeme
domain.crt: domain.csr domain.key
openssl x509 -req -in domain.csr -sha256 -out domain.crt -signkey domain.key
domain.csr:
openssl req -new -newkey rsa:2048 -keyout domain.key -subj "/C=US/ST=Delaware/O=Apache/CN=pekko-remote" -out domain.csr -passout pass:changeme
.PHONY: clean
clean:
rm domain.key domain.crt domain.csr keystore truststore

BIN
stream-tests/src/test/resources/keystore
View file

Binary file not shown.

BIN
stream-tests/src/test/resources/truststore
View file

Binary file not shown.

2
stream-tests/src/test/scala/org/apache/pekko/stream/io/DeprecatedTlsSpec.scala
View file

@ -526,7 +526,7 @@ class DeprecatedTlsSpec extends StreamSpec(DeprecatedTlsSpec.configOverrides) wi
Source.single(SendBytes(ByteString.empty)).via(flow).runWith(Sink.ignore) Source.single(SendBytes(ByteString.empty)).via(flow).runWith(Sink.ignore)
} }
Await.result(run("akka-remote"), 3.seconds) // CN=akka-remote Await.result(run("pekko-remote"), 3.seconds) // CN=pekko-remote
val cause = intercept[Exception] { val cause = intercept[Exception] {
Await.result(run("unknown.example.org"), 3.seconds) Await.result(run("unknown.example.org"), 3.seconds)
} }

2
stream-tests/src/test/scala/org/apache/pekko/stream/io/TlsSpec.scala
View file

@ -574,7 +574,7 @@ class TlsSpec extends StreamSpec(TlsSpec.configOverrides) with WithLogCapturing
Source.single(SendBytes(ByteString.empty)).via(flow).runWith(Sink.ignore) Source.single(SendBytes(ByteString.empty)).via(flow).runWith(Sink.ignore)
} }
Await.result(run("akka-remote"), 3.seconds) // CN=akka-remote Await.result(run("pekko-remote"), 3.seconds) // CN=pekko-remote
val cause = intercept[Exception] { val cause = intercept[Exception] {
Await.result(run("unknown.example.org"), 3.seconds) Await.result(run("unknown.example.org"), 3.seconds)
} }