build: fix test failure due to failure to distinguish between subject…

… and issuer
scylladb · Jan 30, 2025 · d488230 · d488230
1 parent 3f90db4
commit d488230
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 24 deletions.
diff --git a/tests/unit/CMakeLists.txt b/tests/unit/CMakeLists.txt
@@ -541,12 +541,10 @@ function(seastar_add_certgen name)
   set(CERT_PRIVKEY ${CERT_NAME}.key)
   set(CERT_REQ ${CERT_NAME}.csr)
   set(CERT_CERT ${CERT_NAME}.crt)
-  set(CERT_CHAIN ${CERT_NAME}_chain.crt)
   set(CERT_CERT_DER ${CERT_NAME}.crt.der)
 
   set(CERT_CAPRIVKEY ca${CERT_NAME}.key)
   set(CERT_CAROOT ca${CERT_NAME}.pem)
-  set(CERT_CAROOT_DER ca${CERT_NAME}.der)
 
   configure_file("${CMAKE_CURRENT_SOURCE_DIR}/cert.cfg.in"
     "${CMAKE_CURRENT_BINARY_DIR}/${CERT_NAME}.cfg"
@@ -584,24 +582,14 @@ function(seastar_add_certgen name)
     WORKING_DIRECTORY ${CMAKE_CURRENT_BINARY_DIR}
   )
 
-  add_custom_command(OUTPUT "${CMAKE_CURRENT_BINARY_DIR}/${CERT_CAROOT_DER}"
-    COMMAND ${OPENSSL} x509 -in ${CERT_CAROOT} -out ${CERT_CAROOT_DER} -outform der
-    DEPENDS "${CMAKE_CURRENT_BINARY_DIR}/${CERT_CAROOT}"
-    WORKING_DIRECTORY ${CMAKE_CURRENT_BINARY_DIR}
-  )
   add_custom_command(OUTPUT "${CMAKE_CURRENT_BINARY_DIR}/${CERT_CERT_DER}"
     COMMAND ${OPENSSL} x509 -in ${CERT_CERT} -out ${CERT_CERT_DER} -outform der
     DEPENDS "${CMAKE_CURRENT_BINARY_DIR}/${CERT_CERT}"
     WORKING_DIRECTORY ${CMAKE_CURRENT_BINARY_DIR}
   )
-  add_custom_command(OUTPUT "${CMAKE_CURRENT_BINARY_DIR}/${CERT_CHAIN}"
-    COMMAND ${CMAKE_COMMAND} -E cat "${CMAKE_CURRENT_BINARY_DIR}/${CERT_CERT}" "${CMAKE_CURRENT_BINARY_DIR}/${CERT_CAROOT}" > "${CMAKE_CURRENT_BINARY_DIR}/${CERT_CHAIN}"
-    DEPENDS "${CMAKE_CURRENT_BINARY_DIR}/${CERT_CERT}" "${CMAKE_CURRENT_BINARY_DIR}/${CERT_CAROOT}"
-    WORKING_DIRECTORY ${CMAKE_CURRENT_BINARY_DIR}
-  )
 
   add_custom_target(${name}
-    DEPENDS "${CMAKE_CURRENT_BINARY_DIR}/${CERT_CAROOT_DER}" "${CMAKE_CURRENT_BINARY_DIR}/${CERT_CERT_DER}" "${CMAKE_CURRENT_BINARY_DIR}/${CERT_CHAIN}"
+    DEPENDS "${CMAKE_CURRENT_BINARY_DIR}/${CERT_CERT_DER}"
   )
 endfunction()
 

diff --git a/tests/unit/tls_test.cc b/tests/unit/tls_test.cc
@@ -1438,7 +1438,7 @@ SEASTAR_THREAD_TEST_CASE(test_alt_names) {
 SEASTAR_THREAD_TEST_CASE(test_peer_certificate_chain_handling) {
     tls::credentials_builder b;
 
-    b.set_x509_key_file(certfile("test_chain.crt"), certfile("test.key"), tls::x509_crt_format::PEM).get();
+    b.set_x509_key_file(certfile("test.crt"), certfile("test.key"), tls::x509_crt_format::PEM).get();
     b.set_x509_trust_file(certfile("catest.pem"), tls::x509_crt_format::PEM).get();
     b.set_client_auth(tls::client_auth::REQUIRE);
 
@@ -1488,17 +1488,10 @@ SEASTAR_THREAD_TEST_CASE(test_peer_certificate_chain_handling) {
             return contents;
         };
 
-        auto leaf_der = read_file(certfile("test.crt.der"));
-        auto root_der = read_file(certfile("catest.der"));
-
-        auto ensure_certificate_chain = [&leaf_der, &root_der](auto const& crts) {
-            BOOST_REQUIRE(crts.size() == 2);
-            BOOST_REQUIRE(crts[0] == leaf_der);
-            BOOST_REQUIRE(crts[1] == root_der);
-        };
+        auto ders = {read_file(certfile("test.crt.der"))};
 
-        ensure_certificate_chain(scrts);
-        ensure_certificate_chain(ccrts);
+        BOOST_REQUIRE(std::ranges::equal(scrts, ders));
+        BOOST_REQUIRE(std::ranges::equal(ccrts, ders));
     }
 }