Skip to content

Commit e308c36

Browse files
committed
tests/NIT/nit.sh: move check for usability of certutil or openssl into prepare_NIT_certs() where we would inevitably use them [#1711]
Signed-off-by: Jim Klimov <jimklimov+nut@gmail.com>
1 parent a160493 commit e308c36

1 file changed

Lines changed: 29 additions & 26 deletions

File tree

tests/NIT/nit.sh

Lines changed: 29 additions & 26 deletions
Original file line numberDiff line numberDiff line change
@@ -536,32 +536,6 @@ case "${WITH_SSL_CLIENT}${WITH_SSL_SERVER}" in
536536
;;
537537
esac
538538

539-
case "${WITH_SSL_CLIENT}${WITH_SSL_SERVER}" in
540-
*NSS*)
541-
(command -v certutil) || {
542-
if [ x"${WITH_SSL_TESTS}" = xrequired-conditional ] ; then
543-
die "Aborting because SSL tests are required, but needed third-party tooling was not found to produce the crypto credential stores for NSS"
544-
fi
545-
log_warn "NUT can use NSS, but needed third-party tooling was not found to produce the crypto credential stores"
546-
if [ x"${WITH_SSL_CLIENT}" = xNSS ] ; then WITH_SSL_CLIENT="none" ; fi
547-
if [ x"${WITH_SSL_SERVER}" = xNSS ] ; then WITH_SSL_SERVER="none" ; fi
548-
}
549-
;;
550-
esac
551-
552-
case "${WITH_SSL_CLIENT}${WITH_SSL_SERVER}" in
553-
*OpenSSL*)
554-
(command -v openssl) || {
555-
if [ x"${WITH_SSL_TESTS}" = xrequired-conditional ] ; then
556-
die "Aborting because SSL tests are required, but needed third-party tooling was not found to produce the crypto credential stores for OpenSSL"
557-
fi
558-
log_warn "NUT can use OpenSSL, but needed third-party tooling was not found to produce the crypto credential stores"
559-
if [ x"${WITH_SSL_CLIENT}" = xOpenSSL ] ; then WITH_SSL_CLIENT="none" ; fi
560-
if [ x"${WITH_SSL_SERVER}" = xOpenSSL ] ; then WITH_SSL_SERVER="none" ; fi
561-
}
562-
;;
563-
esac
564-
565539
TESTCERT_ROOTCA_NAME="NUT Mock Root CA"
566540
TESTCERT_ROOTCA_PASS="VeryS@cur@1337"
567541
TESTCERT_CLIENT_NAME="NIT upsmon"
@@ -1219,6 +1193,7 @@ if [ x"${DO_USE_NIT_TESTCERT_CACHE-}" = xyes ] ; then
12191193
fi
12201194

12211195
check_NIT_certs && return
1196+
12221197
log_warn "FAILED check_NIT_certs with cached data, will generate anew. Removing:"
12231198
find "${TESTCERT_PATH_BASE}" "${CI_CACHE_NIT_HASHDIR}" -ls || true
12241199
rm -rf "${TESTCERT_PATH_BASE}" "${CI_CACHE_NIT_HASHDIR}" || true
@@ -1230,6 +1205,34 @@ if [ x"${DO_USE_NIT_TESTCERT_CACHE-}" = xyes ] ; then
12301205
fi
12311206
fi
12321207

1208+
# NOTE: We only check for command-line tooling if we need to generate
1209+
# certs *now* (we can use cached/tarballed ones without that).
1210+
case "${WITH_SSL_CLIENT}${WITH_SSL_SERVER}" in
1211+
*NSS*)
1212+
(command -v certutil) || {
1213+
if [ x"${WITH_SSL_TESTS}" = xrequired-conditional ] ; then
1214+
die "Aborting because SSL tests are required, but needed third-party tooling was not found to produce the crypto credential stores for NSS"
1215+
fi
1216+
log_warn "NUT can use NSS, but needed third-party tooling was not found to produce the crypto credential stores"
1217+
if [ x"${WITH_SSL_CLIENT}" = xNSS ] ; then WITH_SSL_CLIENT="none" ; fi
1218+
if [ x"${WITH_SSL_SERVER}" = xNSS ] ; then WITH_SSL_SERVER="none" ; fi
1219+
}
1220+
;;
1221+
esac
1222+
1223+
case "${WITH_SSL_CLIENT}${WITH_SSL_SERVER}" in
1224+
*OpenSSL*)
1225+
(command -v openssl) || {
1226+
if [ x"${WITH_SSL_TESTS}" = xrequired-conditional ] ; then
1227+
die "Aborting because SSL tests are required, but needed third-party tooling was not found to produce the crypto credential stores for OpenSSL"
1228+
fi
1229+
log_warn "NUT can use OpenSSL, but needed third-party tooling was not found to produce the crypto credential stores"
1230+
if [ x"${WITH_SSL_CLIENT}" = xOpenSSL ] ; then WITH_SSL_CLIENT="none" ; fi
1231+
if [ x"${WITH_SSL_SERVER}" = xOpenSSL ] ; then WITH_SSL_SERVER="none" ; fi
1232+
}
1233+
;;
1234+
esac
1235+
12331236
# Follow docs/security.txt points about setting up the crypto material
12341237
# stores and their contents (mock a self-signed CA here where appropriate)
12351238
# For a good summary of OpenSSL options and decent example config see e.g.

0 commit comments

Comments
 (0)