git » kxd » commit 0459082

tests: Use shorter organizationalUnitName

author Alberto Bertogli
2015-10-18 11:24:53 UTC
committer Alberto Bertogli
2015-10-18 15:19:10 UTC
parent 6fe4cfb88f17d98c5a8b2f9db44242b0c968c80e
tests: Use shorter organizationalUnitName

The organizationalUnitName is currently created based on usernames and
hostnames, but those can get too long for openssl, causing unnecessary tests
errors, and breaking hermicity.

This patch fixes this by making organizationalUnitName use shorter names,
which are just as useful as the variable ones in practice.

Note we still need them to be different for server, client and CA, otherwise
openssl complains in some cases.
tests/run_tests +3 -4 
diff --git a/tests/run_tests b/tests/run_tests
index e5257c1..16407a9 100755
--- a/tests/run_tests
+++ b/tests/run_tests
@@ -94,10 +94,10 @@ class Config(object):
             print "openssl call failed, output: %r" % err.output
             raise
 
+        ouname = "kxd-tests-%s" % self.name
         req_args = ["openssl", "req", "-new", "-batch",
                     "-subj", ("/commonName=*" +
-                              "/organizationalUnitName=kxd-tests-%s:%s@%s" % (
-                                  self.name, LOGNAME, platform.node())),
+                              "/organizationalUnitName=%s" % ouname),
                     "-key", "%s/key.pem" % self.path]
         if self_sign:
             req_args.extend(["-x509", "-out", "%s/cert.pem" % self.path])
@@ -137,8 +137,7 @@ class CA(object):
                     ["openssl", "req", "-new", "-x509", "-batch",
                      "-config", OPENSSL_CONF,
                      "-subj", ("/commonName=*" +
-                               "/organizationalUnitName=kxd-tests-ca:%s@%s" % (
-                                   LOGNAME, platform.node())),
+                               "/organizationalUnitName=kxd-tests-ca"),
                      "-extensions", "v3_ca", "-nodes",
                      "-keyout", "cakey.pem",
                      "-out", "cacert.pem"],