From f76fee63ed9cb3a30d3c0c092d860b1cb93a481b Mon Sep 17 00:00:00 2001 From: Gerard Smyth <gerard.smyth@gmail.com> Date: Thu, 08 May 2014 13:09:30 -0400 Subject: [PATCH] Updated the SyndicationServlet to provide an additional option to return details of the tags in the repository instead of the commits. This uses a new 'ot' request parameter to indicate the object type of the content to return, which can be ither TAG or COMMIT. If this is not provided, then COMMIT is assumed to maintain backwards compatability. If tags are returned, then the paging parameters, 'l' and 'pg' are still supported, but searching options are currently ignored. --- src/test/java/com/gitblit/tests/X509UtilsTest.java | 66 ++++++++++++++++---------------- 1 files changed, 33 insertions(+), 33 deletions(-) diff --git a/src/test/java/com/gitblit/tests/X509UtilsTest.java b/src/test/java/com/gitblit/tests/X509UtilsTest.java index 5d17e18..740f908 100644 --- a/src/test/java/com/gitblit/tests/X509UtilsTest.java +++ b/src/test/java/com/gitblit/tests/X509UtilsTest.java @@ -26,7 +26,6 @@ import org.eclipse.jgit.util.FileUtils; import org.junit.After; -import org.junit.Assert; import org.junit.Before; import org.junit.Test; @@ -39,18 +38,19 @@ /** * Unit tests for X509 certificate generation. - * + * * @author James Moger - * + * */ -public class X509UtilsTest extends Assert { - +public class X509UtilsTest extends GitblitUnitTest { + // passwords are case-sensitive and may be length-limited // based on the JCE policy files String caPassword = "aBcDeFg"; File folder = new File(System.getProperty("user.dir"), "x509test"); - + X509Log log = new X509Log() { + @Override public void log(String message) { System.out.println(message); } @@ -62,69 +62,69 @@ X509Metadata goMetadata = new X509Metadata("localhost", caPassword); X509Utils.prepareX509Infrastructure(goMetadata, folder, log); } - + @After public void cleanUp() throws Exception { if (folder.exists()) { FileUtils.delete(folder, FileUtils.RECURSIVE); } } - + @Test - public void testNewCA() throws Exception { + public void testNewCA() throws Exception { File storeFile = new File(folder, X509Utils.CA_KEY_STORE); X509Utils.getPrivateKey(X509Utils.CA_ALIAS, storeFile, caPassword); X509Certificate cert = X509Utils.getCertificate(X509Utils.CA_ALIAS, storeFile, caPassword); assertEquals("O=Gitblit,OU=Gitblit,CN=Gitblit Certificate Authority", cert.getIssuerDN().getName()); - } + } @Test - public void testCertificateUserMapping() throws Exception { + public void testCertificateUserMapping() throws Exception { File storeFile = new File(folder, X509Utils.CA_KEY_STORE); PrivateKey caPrivateKey = X509Utils.getPrivateKey(X509Utils.CA_ALIAS, storeFile, caPassword); X509Certificate caCert = X509Utils.getCertificate(X509Utils.CA_ALIAS, storeFile, caPassword); - + X509Metadata userMetadata = new X509Metadata("james", "james"); userMetadata.serverHostname = "www.myserver.com"; userMetadata.userDisplayname = "James Moger"; userMetadata.passwordHint = "your name"; userMetadata.oids.put("C", "US"); - + X509Certificate cert1 = X509Utils.newClientCertificate(userMetadata, caPrivateKey, caCert, storeFile.getParentFile()); UserModel userModel1 = HttpUtils.getUserModelFromCertificate(cert1); assertEquals(userMetadata.commonName, userModel1.username); assertEquals(userMetadata.emailAddress, userModel1.emailAddress); assertEquals("C=US,O=Gitblit,OU=Gitblit,CN=james", cert1.getSubjectDN().getName()); - - + + X509Certificate cert2 = X509Utils.newClientCertificate(userMetadata, caPrivateKey, caCert, storeFile.getParentFile()); UserModel userModel2 = HttpUtils.getUserModelFromCertificate(cert2); assertEquals(userMetadata.commonName, userModel2.username); assertEquals(userMetadata.emailAddress, userModel2.emailAddress); assertEquals("C=US,O=Gitblit,OU=Gitblit,CN=james", cert2.getSubjectDN().getName()); - + assertNotSame("Serial numbers are the same!", cert1.getSerialNumber().longValue(), cert2.getSerialNumber().longValue()); } - + @Test public void testUserBundle() throws Exception { File storeFile = new File(folder, X509Utils.CA_KEY_STORE); - + X509Metadata userMetadata = new X509Metadata("james", "james"); - userMetadata.serverHostname = "www.myserver.com"; + userMetadata.serverHostname = "www.myserver.com"; userMetadata.userDisplayname = "James Moger"; userMetadata.passwordHint = "your name"; File zip = X509Utils.newClientBundle(userMetadata, storeFile, caPassword, log); assertTrue(zip.exists()); - + List<String> expected = Arrays.asList( userMetadata.commonName + ".pem", userMetadata.commonName + ".p12", userMetadata.commonName + ".cer", "ca.cer", "README.TXT"); - + ZipInputStream zis = new ZipInputStream(new FileInputStream(zip)); ZipEntry entry = null; while ((entry = zis.getNextEntry()) != null) { @@ -132,49 +132,49 @@ } zis.close(); } - + @Test - public void testCertificateRevocation() throws Exception { + public void testCertificateRevocation() throws Exception { File storeFile = new File(folder, X509Utils.CA_KEY_STORE); PrivateKey caPrivateKey = X509Utils.getPrivateKey(X509Utils.CA_ALIAS, storeFile, caPassword); X509Certificate caCert = X509Utils.getCertificate(X509Utils.CA_ALIAS, storeFile, caPassword); - + X509Metadata userMetadata = new X509Metadata("james", "james"); userMetadata.serverHostname = "www.myserver.com"; userMetadata.userDisplayname = "James Moger"; userMetadata.passwordHint = "your name"; - + // generate a new client certificate X509Certificate cert1 = X509Utils.newClientCertificate(userMetadata, caPrivateKey, caCert, storeFile.getParentFile()); - + // confirm this certificate IS NOT revoked File caRevocationList = new File(folder, X509Utils.CA_REVOCATION_LIST); assertFalse(X509Utils.isRevoked(cert1, caRevocationList)); - + // revoke certificate and then confirm it IS revoked X509Utils.revoke(cert1, RevocationReason.ACompromise, caRevocationList, storeFile, caPassword, log); assertTrue(X509Utils.isRevoked(cert1, caRevocationList)); - + // generate a second certificate X509Certificate cert2 = X509Utils.newClientCertificate(userMetadata, caPrivateKey, caCert, storeFile.getParentFile()); - + // confirm second certificate IS NOT revoked assertTrue(X509Utils.isRevoked(cert1, caRevocationList)); assertFalse(X509Utils.isRevoked(cert2, caRevocationList)); - + // revoke second certificate and then confirm it IS revoked X509Utils.revoke(cert2, RevocationReason.ACompromise, caRevocationList, caPrivateKey, log); assertTrue(X509Utils.isRevoked(cert1, caRevocationList)); assertTrue(X509Utils.isRevoked(cert2, caRevocationList)); - + // generate a third certificate X509Certificate cert3 = X509Utils.newClientCertificate(userMetadata, caPrivateKey, caCert, storeFile.getParentFile()); - + // confirm third certificate IS NOT revoked assertTrue(X509Utils.isRevoked(cert1, caRevocationList)); assertTrue(X509Utils.isRevoked(cert2, caRevocationList)); assertFalse(X509Utils.isRevoked(cert3, caRevocationList)); - + // revoke third certificate and then confirm it IS revoked X509Utils.revoke(cert3, RevocationReason.ACompromise, caRevocationList, caPrivateKey, log); assertTrue(X509Utils.isRevoked(cert1, caRevocationList)); -- Gitblit v1.9.1